Windows management topics Windows management topics Mon, 18 Oct 2021 10:09:02 GMT Windows10Management 2021-10-18T10:09:02Z Bitlocker Management not showing up on Company Domain Account <P>My issue:</P><P>When I log into my Windows 10 Pro laptop with a local administrator account (&lt;laptop_name&gt;\&lt;username&gt;), Bitlocker management is available and active. However, when I log into the same Windows 10 Pro laptop with my company's domain administrator account (&lt;company&gt;.com\&lt;username&gt;), the bitlocker management options are missing from the control panel settings. I want to be able to manage bitlocker while logged in with my company account.</P><P>&nbsp;</P><P>More information:</P><P>When initially enabling bitlocker, I still had this same issue: bitlocker management options were only available on my local windows account, and not my company windows account. So, from my local account, I turned on bitlocker, and, since I had previously logged into my company account, I selected the option to automatically back up my bitlocker keys to that company Azure Active Directory (AD) account. And I have confirmed that when I log into my AD account, I can see my laptop device listed there, and I can view my bitlocker keys for it. So, from my local account bitlocker was successfully enabled, my entire hard drive was encryped, and my bitlocker recovery keys are properly available on my company AD account.</P><P>&nbsp;</P><P>Now, when logged into my laptop with my LOCAL account, I can view my bitlocker settings, and it says encryption is enabled and everything is good.</P><P>&nbsp;</P><P>HOWEVER, when&nbsp;logged into my laptop with my COMPANY account, bitlocker settings are not available from the control panel. They just do not exist at all.</P><P>&nbsp;</P><P>1. Why are the bitlocker settings missing when I am logged into my laptop with my company account?</P><P>2. How can I enable bitlocker management when logged into my company account?</P><P>3. Since I enabled bitlocker from my local account, is it still encrypting all the data when logged in with my company account?</P><P>&nbsp;</P><P>Thank you.</P> Sun, 19 Sep 2021 19:18:33 GMT jingham 2021-09-19T19:18:33Z Use PowerShell to search for delegated (password reset) permissions in Active Directory! <P>&nbsp;</P> <P>Dear Microsoft Active Directory friends,</P> <P>&nbsp;</P> <P>This article is about searching delegated permissions (password reset) in Active Directory.</P> <P>&nbsp;</P> <P>The following situation: You "inherit" a new customer. Now you would like to know, did the "predecessor" work with delegated permissions? For example, a person/group in an organizational unit was authorized to reset the password for all users in this OU. Honestly, this is a difficult task to determine.</P> <P>&nbsp;</P> <P>Not only does Microsoft hide them in Users and Computers by default, but there is no built-in tool to get an overview of how permissions have been applied in AD.&nbsp;Now the PowerShell comes into play.</P> <P>&nbsp;</P> <P>I have run the script on a domain controller and the output appears in out-gridview format (if there is a match).&nbsp;Please do not forget to adjust the ldap path in the script.</P> <P>&nbsp;</P> <P>$filter = "(|(objectClass=domain)(objectClass=organizationalUnit)(objectClass=group)(sAMAccountType=805306368)(objectCategory=Computer))"</P> <P><STRONG>#("LDAP://DOMAINCONTROLLER/LDAP") Replace DOMAINCONTROLLER AND LDAP with your values</STRONG><BR />$bSearch = New-Object System.DirectoryServices.DirectoryEntry("LDAP://DC01/DC=zodiac,DC=local") <BR />$dSearch = New-Object System.DirectoryServices.DirectorySearcher($bSearch)<BR />$dSearch.SearchRoot = $bSearch<BR />$dSearch.PageSize = 1000<BR />$dSearch.Filter = $filter<BR />$dSearch.SearchScope = "Subtree"</P> <P>&nbsp;</P> <P>$extPerms = `<BR />'00299570-246d-11d0-a768-00aa006e0529', #reset password<BR />'0'</P> <P>$results = @()</P> <P>foreach ($objResult in $dSearch.FindAll())<BR />{<BR />$obj = $objResult.GetDirectoryEntry()</P> <P>Write-Host "Searching... " $obj.distinguishedName</P> <P>$permissions = $obj.PsBase.ObjectSecurity.GetAccessRules($true,$false,[Security.Principal.NTAccount])<BR /><BR />$results += $permissions | Where-Object { `<BR />$_.AccessControlType -eq 'Allow' -and ($_.ObjectType -in $extPerms) -and $_.IdentityReference -notin ('NT AUTHORITY\SELF', 'NT AUTHORITY\SYSTEM', 'S-1-5-32-548') `<BR />} | Select-Object `<BR />@{n='Object'; e={$obj.distinguishedName}}, <BR />@{n='Account'; e={$_.IdentityReference}},<BR />@{n='Permission'; e={$_.ActiveDirectoryRights}}</P> <P>}</P> <P>#The output directly in Out-GridView<BR />$results | Out-GridView</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_AD_Search.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_AD_Search.JPG" alt="_AD_Search.JPG" /></span></P> <P>&nbsp;</P> <P>You can also find the script here under the following link:</P> <P><A href="#" target="_blank"></A></P> <P>&nbsp;</P> <P>I hope this article was helpful for you? Thank you for taking the time to read this article.</P> <P>&nbsp;</P> <P>Best regards, Tom Wechsler</P> <P>&nbsp;</P> <P>P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! <A href="#" target="_blank"></A></P> Thu, 19 Aug 2021 11:16:05 GMT TomWechsler 2021-08-19T11:16:05Z Create a hardware inventory with the Microsoft Assessment Planning Toolkit (often underestimated)! <P>&nbsp;</P> <P>Dear Microsoft/Windows friends,</P> <P>&nbsp;</P> <P>In this article I want to show you a way how to create a hardware inventory with the Microsoft Assessment and Planning Toolkit (MAP)! Boah, boring! No, absolutely not. Here is the situation I encountered:<BR />A new customer needed to inventory all their systems (all members of an Active Directory). Sure, there are many great products that can do this (some are not free though). But would you have thought that the Microsoft Assessment and Planning Toolkit could do this as well? And the tool is free of charge! Rock n' Roll!</P> <P>&nbsp;</P> <P>The MAP tool uses WMI for Windows investigation and SSH for Linux. Since there were only Windows systems at the customer, I focus on WMI (I think you can adapt this to SSH very easily). Fortunately, Windows Server (2012 and later) already has WinRM turned on. This is not the case with the Windows client systems, so we first create a GPO before we start with the MAP tool. Navigate to a domain controller and please launch the Active Directory Users and Computers tool. Locate the organizational unit with the client systems.</P> <P>(Unfortunately I can only show you german screenshots here, Sorry)</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_OU_Clients.JPG" style="width: 754px;"><img src=";px=999" role="button" title="_OU_Clients.JPG" alt="_OU_Clients.JPG" /></span></P> <P>&nbsp;</P> <P>So we know where to link the group policy object. Then start the group policy management. Create a new GPO with the name for example "WinRM Settings". In this GPO I have made the following settings (in the open GPO navigate to the computerconfiguration =&gt; Windows-Components).</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_GPO1.JPG" style="width: 334px;"><img src=";px=999" role="button" title="_GPO1.JPG" alt="_GPO1.JPG" /></span></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_GPO2.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_GPO2.JPG" alt="_GPO2.JPG" /></span></P> <P>&nbsp;</P> <P>Let's move to the next settings:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_GPO3.JPG" style="width: 869px;"><img src=";px=999" role="button" title="_GPO3.JPG" alt="_GPO3.JPG" /></span></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_GPO4.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_GPO4.JPG" alt="_GPO4.JPG" /></span></P> <P>&nbsp;</P> <P>If your systems are in a workgroup you can use the following in PowerShell (with admin privileges): <STRONG>Set-WSManQuickConfig -Force</STRONG></P> <P>Now you just need to link the GPO to the correct organizational unit.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_Link_GPO.JPG" style="width: 327px;"><img src=";px=999" role="button" title="_Link_GPO.JPG" alt="_Link_GPO.JPG" /></span></P> <P>&nbsp;</P> <P>In order for the GPO to be processed by all systems, I recommend that you wait a day or two. This way <BR />there is a chance that all systems have processed the GPO. If your environment is not that big you can use gpupdate /force in a CMD (with admin rights).</P> <P>&nbsp;</P> <P>Now it's time to install the MAP Toolkit (I used a Windows client system which is a member of the domain). You can find the tool via the following link:</P> <P><A href="#" target="_blank"></A></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_MAP.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_MAP.JPG" alt="_MAP.JPG" /></span></P> <P>&nbsp;</P> <P>Navigate to the folder where you downloaded the tool. Double click on the .exe file and simply click through. When you start MAP for the first time, you must specify a name for the database that will be created.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DB.JPG" style="width: 594px;"><img src=";px=999" role="button" title="_DB.JPG" alt="_DB.JPG" /></span></P> <P>&nbsp;</P> <P>Now navigate to "Environment" on the left side and click on "collect inventory data".</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_ENV.JPG" style="width: 601px;"><img src=";px=999" role="button" title="_ENV.JPG" alt="_ENV.JPG" /></span></P> <P>&nbsp;</P> <P>It starts the wizard and in the following screeshots I show you what I configured. Of course you can adjust all settings for your needs. Very important are the credentials you can specify in the wizard. <BR />Make sure that you have enough rights so that the tool can actually collect the information. My point in this example is to give you an idea.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DIS1.JPG" style="width: 656px;"><img src=";px=999" role="button" title="_DIS1.JPG" alt="Choose what's best for you" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Choose what's best for you</span></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DIS2.JPG" style="width: 659px;"><img src=";px=999" role="button" title="_DIS2.JPG" alt="_DIS2.JPG" /></span></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DIS3.JPG" style="width: 658px;"><img src=";px=999" role="button" title="_DIS3.JPG" alt="_DIS3.JPG" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DIS4.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_DIS4.JPG" alt="_DIS4.JPG" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DIS5.JPG" style="width: 658px;"><img src=";px=999" role="button" title="_DIS5.JPG" alt="_DIS5.JPG" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DIS6.JPG" style="width: 656px;"><img src=";px=999" role="button" title="_DIS6.JPG" alt="_DIS6.JPG" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_DIS7.JPG" style="width: 648px;"><img src=";px=999" role="button" title="_DIS7.JPG" alt="_DIS7.JPG" /></span></P> <P>&nbsp;</P> <P>Now the assessment starts and afterwards we receive our report. Click "Inventory Result" when the scan is complete.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_RES.JPG" style="width: 648px;"><img src=";px=999" role="button" title="_RES.JPG" alt="_RES.JPG" /></span></P> <P>&nbsp;</P> <P>Navigate to the right side and click on "Generate...." and an Excel file will be created. Open this file and you will have a great inventory to work with.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_REP.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_REP.JPG" alt="_REP.JPG" /></span></P> <P>&nbsp;</P> <P>Here is a compact (not complete) excerpt from my inventory, which is available as an Excel file.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_EXC.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_EXC.JPG" alt="_EXC.JPG" /></span></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="_EXC1.JPG" style="width: 999px;"><img src=";px=999" role="button" title="_EXC1.JPG" alt="_EXC1.JPG" /></span></P> <P>&nbsp;</P> <P>Hope you are as happy with the result as I was? Thank you for taking the time to read this article.</P> <P>&nbsp;</P> <P>I hope this article was useful. Best regards, Tom Wechsler</P> Sun, 15 Aug 2021 12:35:34 GMT TomWechsler 2021-08-15T12:35:34Z PowerShell find disabled users with manager <P>Hello&nbsp;</P><P>I am trying to find all disabled users that have a value populated for the manager attribute. Below is my code</P><P>&nbsp;</P><P>(get-adforest).domains | ForEach-Object {get-aduser -ldapfilter "(&amp;(manager=*)(&amp;(Disabled=True)))" -Properties givenname,surname,userprincipalname,emailaddress -Server $_}</P><P>&nbsp;</P><P>Any help is appreciated&nbsp;</P> Tue, 10 Aug 2021 23:41:19 GMT Skipster311-1 2021-08-10T23:41:19Z Set Microsoft Edge as Default Browser from Endpoint Manager (Intune) <P>Hi All, I was hoping someone can point me in the right place. I used to use an ADMX policy that allowed us to enforce Edge (Chromium) as the default browser for all Windows Devices joined to Azure Active Directory. I cannot seem to locate the flag anymore. Is there a new place to enforce Edge as the default browser for Windows Devices?&nbsp;</P> Thu, 22 Jul 2021 19:01:16 GMT David_Swenson 2021-07-22T19:01:16Z Remote Desktop License Issue: your session will be disconnected in 60 minutes. <P>After I installed the RDP Licensing Roles and Features, activated the license, and did the configuration, I get this message. I have been trying to do the configuration and following the instructions that I can find on the internet, but it seems not to work for me. I also notice it doesn't recognize the User Cals I installed. Do anyone of you encountered this error? Thanks in advance.</P> Thu, 08 Jul 2021 20:06:25 GMT rachelle826 2021-07-08T20:06:25Z Updated printer driver on server does not update properly on all clients <P>Hey community</P><P>&nbsp;</P><P>We just did an update of the print driver on all our print servers. Most clients&nbsp; downloaded and installed the driver just fine. Some clients had a problem though. The printer queues were still mapped, users were able to print, but the properties dialog was not the one of the driver but most likely the standard MS dialog.</P><P>After removing all queues and deleting the driver package locally, the printers connected again and downloaded the driver without issues.</P><P>Any idea on where to look here?</P> Tue, 08 Jun 2021 06:42:08 GMT flospi 2021-06-08T06:42:08Z Updates on GPO Windows 10 taskbar <P>Hi,&nbsp;</P><P>in a not persistent VDI (with fslogix) we are pushing a GPO linking the XML for a custom taskbar configuration (<A href="#" target="_blank"></A>).</P><P>I'm using the " <SPAN class="hljs-tag">&lt;<SPAN class="hljs-name">CustomTaskbarLayoutCollection</SPAN> <SPAN class="hljs-attr">PinListPlacement</SPAN>=<SPAN class="hljs-string">"Replace"</SPAN>&gt;</SPAN>" tag in order to replace default pinned apps with our ones.</P><P>This also allows the users to remove some pushed pins and add their own.</P><P>The problem comes when I update the xml, let's say adding or modifying an app; the app is correctly added or modified but the unpinned apps are added back for the users who removed them.</P><P>There is some trick to persist the unpinned apps even on xml timestamp update?</P><P>&nbsp;</P><P>Thanks</P><P>Giuseppe</P> Mon, 31 May 2021 08:29:00 GMT 1ravasio 2021-05-31T08:29:00Z "View your network properties" direct shortcut? <P>Hello and greetings from Portugal!</P><P>&nbsp;</P><P>I'm trying to create a direct shortcut to "View your network properties" (Settings | Network &amp; Internet | Status | View your network properties).</P><P><BR />Does anyone knows if there any kind of URI address to achieve this?</P><P>&nbsp;</P><P>Best Regards,</P><P>Diogo Sousa</P> Tue, 04 May 2021 15:24:46 GMT Diogo Sousa 2021-05-04T15:24:46Z image with bootable iso If i had free storage could i recover windows 7 in recovery environment with windows 10 image? Can i create ISO installation file with all my accounts and settings of windows? Any software to do that? Will easeus disk clone tool do? To an ssd then i can boot from it Wed, 28 Apr 2021 16:35:25 GMT igemxrozb 2021-04-28T16:35:25Z How Many Event IDs there in windows or what is the Range? <P>How Many Event IDs there in windows or what is the Range? Can I get the full list with descriptions from anywhere?</P> Mon, 19 Apr 2021 17:38:00 GMT rimzan4u 2021-04-19T17:38:00Z windows hyper-v server 虚拟机无法联网 服务器型号 dell R720<BR />已经设置内部虚拟交换机,已经安教程设置vlan,已经vlan配置前缀为1,但是linux虚拟机无法联网 Sun, 18 Apr 2021 10:10:27 GMT cyber_han 2021-04-18T10:10:27Z Unknown icon in system tray <P>On my Windows 7 professional system. The highlighted icon in the attached image appears on every reboot. Clicking on it open Windows explorer. As far as I understand it looks like a 'generic volume' icon similar to one in device manager.&nbsp;</P><P>However, I don't understand why it's opening My Computer</P> Sun, 11 Apr 2021 10:49:16 GMT Animesh Joshi 2021-04-11T10:49:16Z delete duplicate pictures <P>I would like to accomplish a few things with this post;</P><P>A. help some company to reach the multi-millionares/billionare status</P><P>B. to resolve the overpopulation of data stored on mainframes and harddrives across the globe&nbsp;</P><P>C. save every Windows user countless hours of frustration while sorting through copies of their information</P><P>&nbsp;</P><P><FONT size="3"><STRONG>This is an official challenge to the Microsoft Developers</STRONG></FONT>.</P><P>&nbsp;</P><P>1. Make it an easy process for your users to store/migrate all of their photos and images in one location.</P><P>2. Simplify the process of finding and deleting the duplicate images on our device.</P><P>3. Give us the ability to see and delete all the copies of said files while knowing we are not deleting said file forever.</P><P>4. Answer/Respond in your forums to your customers that ask simple questions but never receive even a tip or shared link to resolve their issue or concern.</P><P>&nbsp;</P><P>&nbsp;</P><P>I have spent days compiling all of my documents and images from my phone, computer, and internet I am now swimming in duplicate files. After searching the internet for a good duplicate file cleaner only to be charged to use, I began contacting every branch of Microsoft I can reach only to be told that "<STRONG>Sorry to Inform you that Microsoft does not provide any tools to search for Duplicate files."</STRONG></P><P>&nbsp;</P><P>This is the year 2021 and we the consumers deserve better than to be presented with this as an actual response from any company's Technical Support that creates and manages such vast amounts of data.</P> Thu, 18 Feb 2021 20:47:23 GMT fourthdimensionalart 2021-02-18T20:47:23Z Win 10 - printers and scanners <P>Hi folks,</P><P>&nbsp;</P><P>i'm wondering how i can change the printers name, which is shown in this dialogue:</P><P>In our companys network there are several printers which are listed here, too.</P><P>But: The shown names are not ideal, because they are always like "HP XY123-DN series", no meaningful names like the printers location.&nbsp;</P><P>We manage our printers on an Windows Server 2019 print server.</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="PatrickF11_0-1613399878742.png" style="width: 400px;"><img src=";px=400" role="button" title="PatrickF11_0-1613399878742.png" alt="PatrickF11_0-1613399878742.png" /></span></P><P>&nbsp;</P><P>Any ideas are highly appreciated.</P> Mon, 15 Feb 2021 14:42:00 GMT PatrickF11 2021-02-15T14:42:00Z FUJITSU LH531 DUAL CORE LAPTOP WINDOWS 10 BIOS UPDATE <P>Dear Concern,</P><P>I Md Nasir Uddin Akan, i am using my Laptop Fujitsu LH531 Dual Core Processor.&nbsp; since 06 April 2012 till now and recently I have Change following my PC current Configurations&nbsp;</P><P>1. Install SSD 120GB&nbsp;</P><P>2. 2GB RAM&nbsp;</P><P>3. HDD 1TB&nbsp;</P><P>now I want to Update BIOS and boot my pc UEFI Boot Mode with Windows 10 but i cannot able remove bios password and Update accordingly. so please advise me how to get my required service.</P><P>&nbsp;</P><P>Best Regards</P><P>Md Nasir Uddin Akan</P><P>+8801711562509</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 02 Feb 2021 17:00:33 GMT akan78 2021-02-02T17:00:33Z Can't AAD join windows 10 "Administrator policy does not allow device join" error 801c03ed <P>Hi,</P><P>We can join the same win 10 devices to AAD with some of our IT users but for newer IT users it fails with the error in the subject. This is OOBE and adding existing win 10 laptop. The devices are fine and meet the requirements etc but there is a problem with the users. I don't know what policy is causing this?</P><P>&nbsp;</P><P>The enrollment device restrictions should not be stopping this as some of the users haven't enrolled anyone yet (so no problem with the device limit) and also the device type allowed them to enroll Windows 10.&nbsp;</P><P>&nbsp;</P><P>The users have also been added as device enrollment managers in endpoint manager.</P><P>&nbsp;</P><P>Thanks,</P><P>Nigel</P> Mon, 01 Feb 2021 12:42:48 GMT Nigel-A 2021-02-01T12:42:48Z Tablet Mode <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="屏幕截图 2021-01-26 145530.png" style="width: 691px;"><img src=";px=999" role="button" title="屏幕截图 2021-01-26 145530.png" alt="屏幕截图 2021-01-26 145530.png" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="屏幕截图 2021-01-26 145631.png" style="width: 407px;"><img src=";px=999" role="button" title="屏幕截图 2021-01-26 145631.png" alt="My windows version" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">My windows version</span></span></P><P>I am a win10 enterprise user. Sometimes I have to control my computer on my iPhone/iPad.So I have to open the tablet mode. But I <EM>can not</EM>&nbsp;find it in the notification center.<span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="屏幕截图 2021-01-26 145445.png" style="width: 637px;"><img src=";px=999" role="button" title="屏幕截图 2021-01-26 145445.png" alt="There is no &quot;TABLET MODE&quot;" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">There is no "TABLET MODE"</span></span></P><P>There is no tablet mode .............</P><P>If there is an issue, please fix it. If there is no issue, please tell me how to open it.&nbsp; And I don't want to&nbsp;<EM><SPAN class="skip"><A target="_blank">reinstall</A> <A target="_blank">the</A> <A target="_blank">system.</A></SPAN></EM></P><P>Thank you</P><P>&nbsp;</P><DIV class="sel-text-win">&nbsp;</DIV><DIV class="sel-text-win">&nbsp;</DIV><DIV class="sel-text-win">&nbsp;</DIV> Tue, 26 Jan 2021 07:30:13 GMT mikezhuang 2021-01-26T07:30:13Z Remove logoff option from Settings Pages <P>On kiosk-like machines for shared-user purposes, we have provided an automatically logged on user, that is highly specialized for the needed purposes.</P><P>&nbsp;</P><P>Among other things, we have removed the logoff option using GPO to ensure, that users are always using the kiosk-like PCs with the autologon-user:</P><P>User Configuration\Administrative Templates\System\CTRL-ALT-DEL options\Remove Logoff</P><P>Administrative Templates\Start Menu and Taskbar Remove\Logoff on the Start Menu</P><P>&nbsp;</P><P>However, because users need to be able to adjust the screen scaling, we have allowed access to that Settings Page.</P><P>But when they change the scaling options, the settings page recommends to log off and re-logon.</P><P>&nbsp;</P><P><STRONG>And here it provides a log off option.</STRONG></P><P>Example here from WinAero:</P><P><span class="lia-inline-image-display-wrapper lia-image-align-left" image-alt="Windows-10-Apply-Custom-Display-Scaling-Level" style="width: 400px;"><img src=";px=400" role="button" title="Windows-10-Apply-Custom-Display-Scaling-Level" alt="Windows-10-Apply-Custom-Display-Scaling-Level" /></span></P><P>&nbsp;</P><P>The users of course uses this option, as it is what Windows recommends them to do.</P><P>This leads them to the Windows logon prompt, where they by mistake log on using their personal account, instead of the autologon-user (for which they obviously don't know any credentials for).</P><P>Now, the PC is logged on using a personal account, which is being shared between the users of the PC.</P><P>&nbsp;</P><P>There does not seem to be any GPO or registry setting, that can remove the log off option from the Settings Pages.</P><P>Or am I mistaken?</P><P>&nbsp;</P><P><STRONG>If not, please provide a setting, that can remove the log off option from the Settings Pages.</STRONG></P> Mon, 25 Jan 2021 09:50:51 GMT martinj 2021-01-25T09:50:51Z Need to Change and Apply Ease of Access Aero-Snap settings with batch script without a restart <P>We need to change and APPLY the Aero-Snap setting from the Ease of Access control panel, without a restart or logoff/logon in a Windows 10 Enterprise x64 20H2 non-persistent VDI environment.&nbsp; We know that the Registry value (at least) HKCU\Control Panel\Desktop\WindowArrangementActive (0 or 1 value) controls the "Prevent windows from being automatically arranged when moved to the edge of the screen" setting.&nbsp; &nbsp;The problem is that while our User Profile management system saves and then restores this Registry value during a later LOGIN, there appears to be a timing issue that prevents it from being activated.&nbsp; As a stop gap measure, we would like to execute a BATCH script to change and APPLY the user's desired setting during their current Startup script's execution.&nbsp; Setting the Registry value is the EASY part.&nbsp; I need information on how to APPLY the setting "programmatically" in a .BAT file (I am NOT a C++, C# or Power Shell programmer).&nbsp; I would expect that if such a command exists (rundll32.exe ????), it may also APPLY many other settings in the Registry that were changed but not yet activated.&nbsp; In other words, we want a "program/command" that essentially hits the "Apply" button in the Control Panel.&nbsp; There may be other Registry keys/values involved in this that we could add to the mix of Save at logoff and Restore at login, but we need to APPLY them in the current login session.&nbsp; Restart or Logoff/Login is NOT an option obviously.&nbsp; There do not appear to be any Domain or Local GPO's affecting this operation.&nbsp; The setting always appears to ALLOW window arrangement&nbsp; when they are moved to the screen edge, which is undesirable by many users.&nbsp; Cycling explorer.exe does NOT activate the new setting (much to my surprise).&nbsp; We are also aware of the SnapAssist, SnapFill, and JointResize Registry values in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced key.&nbsp; My own IT department PC has had the Aero-Snap settings under Settings -&gt; System -&gt;Multitasking changed but those ...Explorer\Advanced values have NOT appeared in its Registry.</P><P>Your help with this matter is greatly appreciated!</P><P>&nbsp;</P><P>ChevITGuy</P> Wed, 20 Jan 2021 23:10:04 GMT ChevITGuy 2021-01-20T23:10:04Z Sudden DNS issues over VPN <P>We have had users connecting to us via OpenVPN for some time now. They have successfully used resources internal to our network as well as external, Internet based sources. However, one day a couple weeks ago that all stopped working for everyone. At first it was a few people, then a few more, then everyone stopped properly splitting DNS queries like they'd been using for so long. This presented itself as failures to connect to our Remote Desktop Services cluster which relies on round robin DNS to send them to random servers each time they request a connection. The way to resolve the problem was to add those servers to the local PC hosts file. The problem with that however is that the round robin function no longer works. Win10 just grabs the first server in the list.<BR /><BR />In doing research it would appear that the Name Resolution Policy Table can be changed to force what we want however I can't find powershell solution to the problem. Can anyone help with this?</P> Thu, 14 Jan 2021 15:00:01 GMT PaulH_11 2021-01-14T15:00:01Z Windows Hello For Business Functionality On Hybrid Joined Laptops Off Site? <P>I read that you are supposed to be able to do a forgotten PIN reset remotely even when not connected to the corporate network.</P><P><A href="#" target="_blank" rel="noopener"></A></P><P>&nbsp;</P><P>The demo video for "PIN reset above lock" shows the user having to first confirm their AD credentials before they can reset their WHFB PIN.&nbsp; How are the AD credentials validated if the user isn't connected to the corporate network?&nbsp; Is it able to check their current credentials with ADFS or PHS remotely?</P><P>&nbsp;</P><P>&nbsp;</P><P>Can someone explain how this PIN reset works with cached credentials?&nbsp; Does the user have to have existing cached credentials on the device?</P><P>What if the user hasn't signed into the laptop for an extended period of time and doesn't remember their previous AD password that's stored in their cached credentials?</P><P>Does using the method shown in the demo video somehow reset the cached credentials in the user profile?</P><P>&nbsp;</P><P>Can a user with no cached local credentials on the laptop use WHFB PIN login as a method to create a new Windows profile while away from the corporate network?</P><P>&nbsp;</P> Sat, 09 Jan 2021 00:58:33 GMT Kalimanne J 2021-01-09T00:58:33Z Microsoft Dockingstation USB-C Travel Hub loosing Ethernet connectivity on W10 1909 <P class="">Hi all</P><P>&nbsp;</P><P>For our customers we are constantly testing useful accessories. Recently we tested the Microsoft Dockingstation USB-C Travel Hub. It's a stylish and cool device, yet we have a major issue on several HP computers: anytime between 2 and 8 minutes after plugging it in into the Thunderbolt port, the Ethernet connection drops - the operating system does not even see the NIC anymore and the "Surface Ethernet Adapter" is show as disconnected in Device Manager (View &gt; Show hidden devices).</P><P class="">We were able to reproduce the problem with multiple HP devices having a Thunderbolt port. Other peripherals attached to the Travel Hub (like headphones on the USB-A port) continue to function.</P><P>&nbsp;</P><P>We tested with W10 1909 (Build 1198) 64-bit edition, and have manually updated the Surface Ethernet Adapter Driver to the newest version available from the<SPAN>&nbsp;</SPAN><A href="#" target="_blank" rel="noopener noreferrer">Update Catalog</A>&nbsp;( We were unable to find useful information in Event Viewer, or any other place.</P><P>&nbsp;</P><P>Does anyone in the tech community have some hints on further troubleshooting or ruling out a&nbsp;generic Windows issue with Thunderbolt?</P><P>&nbsp;</P><P>Thanks for reading!</P> Mon, 04 Jan 2021 09:00:32 GMT mw-smartit 2021-01-04T09:00:32Z Shift+Ctrl+Windows+B Block by Windows Enterprise OS <P>當使用 Teamviewer 軟體,遠端登入受控主機,而該主機的 OS 是 Windows Enterprise 時,</P><P>會無法接收到 Shift+Ctrl+Windows+B 的組合鍵,</P><P>但若遠端受控主機變更為 Windows professional 版本後,</P><P>就可以正常接收此組合鍵,</P><P>不知道是否有解決方法呢?</P> Thu, 31 Dec 2020 05:11:29 GMT Ben_0707 2020-12-31T05:11:29Z virtual disk <P>I’ve used remove disk instead of unmount disk, now window do not recognized the file system and cannot access it. The VHD is on an external device, there is some way to recover access or I have to reinstall the OS? Note: on a different PC the VHD works perfectly.</P> Tue, 29 Dec 2020 15:14:47 GMT efesto 2020-12-29T15:14:47Z Tuning offline files <P>Hi,&nbsp;</P><P>&nbsp;</P><P>I've been a IT admin for 10+ years so looking for some expert advice. I am not looking for "check for updates and reboot", so if you respond with those, I will ignore. This is a relatively new problem but I'm sure someone has a reg hack to resolve the server connection issues I am experiencing.</P><P>&nbsp;</P><P>Windows 10 ver 1909, server 2016, domain is functional 2012R2.&nbsp;</P><P>&nbsp;</P><P>I have an office of 50 people and 35 now work from home. These people login from home and access 2 mapped drives. 1 maps the common share which I have turned off offline files. The other is their home share and desktop. Their documents and home directories are redirected to a server share. I have offline files turned on on the server share, but the problem is that the detection frequency is off when they login. I have just gone over some of the group policy settings which show that by default, these synchronize at logon. Except that we log onto the VPN first after logging into Windows, which I believe is causing my groups issue. How do you set a sync timer to happen hourly? What about having a more accurate network detect which is why some users file keep going offline.&nbsp;</P><P>&nbsp;</P><P>It is a pain, but I have them open file explorer, choose home, then easy access, then work online. in Sync center, there doesn't seem to be much of any options other than removing the CSC Cache and letting it sync.&nbsp;</P><P>&nbsp;</P><P>Do you have a solution or at least an idea of what additions can be added within&nbsp;Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CscService?&nbsp;</P><P>&nbsp;</P><P>Attached is a screenshot of what I see when files are offline and have a grey X in the bottom left corner.&nbsp;</P><P>&nbsp;</P><P>I'd like to set a 1x per hour sync and a 30 min slow link detection which would bring the docs back online.&nbsp; I appreciate your time.&nbsp;</P><P>&nbsp;</P><P>Dan&nbsp;&nbsp;</P> Thu, 17 Dec 2020 23:56:35 GMT dmsith288 2020-12-17T23:56:35Z Enable Online search option for Ms Visio <P>In our organisation, we have disabled the Online Search option for the whole office365 suite using on-premise AD group policy. Now we have a requirement to put an exception for only one Office365 app i.e. Ms Visio. Please suggest if it is possible to enable the online search for Ms Visio or any other single office application.</P> Thu, 17 Dec 2020 12:26:28 GMT mayank_nautiyal 2020-12-17T12:26:28Z windows 10 1903 update istallation error <P>i m downloaded windows 10 1903 update but its not installing some errors are occuring</P><P>2018-06 Update for Windows 10 Version 1507 for x64-based Systems (KB4134662)</P><P>this driver not install and this error occur</P><P>There were problems installing some updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information, this may help:</P> Sun, 13 Dec 2020 12:06:48 GMT hard2792 2020-12-13T12:06:48Z windows hello face recognition + the front camera turning on randomly? <P>my surface computer's windows hello face recognition &amp; front camera used to light up together n randomly. i ran norton everytime but it never said there was virus for more than a half year. and i went to a physical microsoft shop to scan virus and got no malware result either. I still reset my computer and now there is no problem. should i worry that there was a computer virus on my computer all along?</P> Tue, 01 Dec 2020 17:59:44 GMT askqsurface 2020-12-01T17:59:44Z C drive in windows 10 shows full! <P>I have cleaned the hard drive, Temp files and hidden files, turned off the protection and I still show the hard drive is full.&nbsp; Does anyone have any other suggestions short of wiping and reimaging.</P> Thu, 05 Nov 2020 21:16:52 GMT Mark_Konschak 2020-11-05T21:16:52Z Windows 10 DO with no WSUS or Windows CM <P>Due to this being a tricky question regarding my scenario i have put it under windows 10 management because i am trying to manage windows 10 devices.</P><P>&nbsp;</P><P>Dear Forum,</P><P>&nbsp;</P><P>After the MS update that all WSUS connections should go via a HTTPS and use an ssl certificate this has disrupt my normal updating method using WSUS completely and being within a company that explaining why we should need an SSL certificate just to update our devices will be a hassle if the come with an easy explanation as "if I just let it go via https instead of WSUS I will not need to buy an SSL certificate"</P><P>&nbsp;</P><P>This has sparked my interest to start searching for alternatives for updating my devices, still in a controlled manner but without using WSUS or buying an SSL certificate. After reading this post:&nbsp;<A href="" target="_blank"></A>&nbsp; and additionally this post:&nbsp;<A href="" target="_blank"></A></P><P>&nbsp;</P><P>There was one user that wrote the following:&nbsp;</P><P><STRONG>"offopic:</STRONG><BR /><SPAN>WSUS is a (not officially) deprecated product in many ways.&nbsp;</SPAN><STRONG>I strongly recommend moving on to WuFB and Delivery Optmization."</STRONG></P><P>&nbsp;</P><P>After that i started to work on a Proof of Concept how i should deploy this within my environment.</P><P>Our environment consists of Windows Server 2008R2 standard servers that will be upgraded to Windows Server 2019 when the available resources become available but the majority of our devices run Windows 10 1809 and Later.</P><P>&nbsp;</P><P>The questions that i have are the following:</P><P>&nbsp;</P><P>1: Is it possible to have 1 Virtual Machine, one with windows 10 installed and the other one with windows server 2019 installed that will be updated to the latest versions and will hold all the updates on their hard drives and act as the Cache Servers?</P><P>&nbsp;</P><P>I know that WSUS has its benefits to control updates based on delivery groups but reading regarding WUfb and delivery optimization is also possible to achieve the same aspect(at least what I could understand)&nbsp; from creating security groups or OU's and create a GPO specific to that OU/Security group.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 30 Oct 2020 19:09:57 GMT cbraafhart 2020-10-30T19:09:57Z Ask the Experts LIVE: Securing Windows Devices with Microsoft Endpoint Manager <P style="margin-top: 20px;"><A title="Save the date for this event" href="#" target="_blank" rel="noopener"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="ATE-securing-windows-with-MEM.PNG" style="width: 999px;"><img src=";px=999" role="button" title="ATE-securing-windows-with-MEM.PNG" alt="ATE-securing-windows-with-MEM.PNG" /></span></A></P> <P style="margin-top: 20px;"><STRONG><A title="Save the date for this event" href="#" target="_blank" rel="noopener">Save the date</A></STRONG> and get answers to any questions you have around securing Windows devices with Microsoft Endpoint Manager in this special Ask the Experts event!</P> <P style="margin-top: 20px;">This event will take place on Teams Live Events. At (or just before) 9:00 a.m. Pacific Time on Tuesday, October 27, 2020, visit <A title="Join the event" href="#" target="_blank" rel="noopener"></A> to join the meeting. We'll have members of the engineering and product teams on camera and on chat to help answer your questions large and small, including:</P> <UL> <LI style="margin-bottom: 8px; margin-top: 20px;">Matt Shadbolt</LI> <LI style="margin-bottom: 8px;">Mike Danoski</LI> <LI style="margin-bottom: 8px;">Laura Arrizza</LI> <LI style="margin-bottom: 8px;">Tyler Castaldo</LI> <LI style="margin-bottom: 8px;">Aasawari Navathe</LI> <LI style="margin-bottom: 8px;">Lance Crandall</LI> <LI style="margin-bottom: 8px;">Dave Randall</LI> <LI style="margin-bottom: 8px;">Dilip Radhakrishnan</LI> <LI style="margin-bottom: 8px;">Mahyar Ghadiali</LI> <LI style="margin-bottom: 8px;">Sameer Yadav</LI> <LI style="margin-bottom: 8px;">Shiv Patel</LI> <LI style="margin-bottom: 8px;">Matt Call</LI> </UL> <P style="margin-top: 20px;">We hope you can join us for a great discussion!</P> <P style="margin-top: 20px;">&nbsp;</P> Tue, 20 Oct 2020 19:05:37 GMT Heather Poulsen 2020-10-20T19:05:37Z Turn On - System Protection via Group Policy <P>Hey everyone,</P><P>&nbsp;</P><P>Is there a way to Turn On system protection AND set it to run once a day via a group policy? I've searched and I've come empty about this so I wanted to reach out to the community and see if it's possible.</P><P>I know that I can Turn On System Protection using PowerShell, using the Enable-ComputerRestore, and I know I can use Checkpoint-Computer to create a checkpoint; however, I'm trying to do this for 500+ devices and I wanted to stay away from using a script and deploy it using SCCM.</P><P>&nbsp;</P><P>Thanks!</P> Wed, 07 Oct 2020 20:42:03 GMT Ed_Gonz 2020-10-07T20:42:03Z One PC, two accounts, one licence? <P>Hello there,<BR /><BR />I'd like to know if I need two separate Windows 10 licences if I want to use one PC but with two different A/D accounts. The background is that my company wants to give every employee one account with and one account without admin rights.<BR /><BR />Thank you for your help.</P> Tue, 29 Sep 2020 10:09:46 GMT X-CASE 2020-09-29T10:09:46Z Disk Image <P>Sorry, I am a newbie. I made a disk image on Drive D.&nbsp; Then I deleted the partition that contained Disk Image (Stupid, I know).&nbsp; Used ApowerRecover App to recover all info in partition. Saved the files to a folder on my onedrive.&nbsp; Can anyone tell me what to do next? I want to convert the saved files to an image file so I can restore my computer.</P> Mon, 21 Sep 2020 16:03:57 GMT MickCiesielski 2020-09-21T16:03:57Z Password is corrupted for manually entered Generic Credentials in Credential Manager <P>The following behavior appears to be a bug in Window Credential Manager but I cannot find reference to it within Microsoft Community.&nbsp; I have reproduced this behavior with Windows 10 build 1803 as well as Windows Server 2012 R2 build 9600.</P><P>&nbsp;</P><P>When a Generic Credential is created via the Control Panel\User Accounts\Credential Manager for which the password length is a multiple of 4, a portion of the 'Internet or network address' is appended to the saved password.</P><P>&nbsp;</P><P>Example, create a new Generic Credential with the following values:</P><P>&nbsp; &nbsp;Internet or network address:&nbsp; &nbsp; ABCDEFGHIJKL</P><P>&nbsp; &nbsp;User name:&nbsp; &nbsp;ABC</P><P>&nbsp; &nbsp;Password:&nbsp; &nbsp;01234567</P><P>&nbsp;</P><P>The stored password is:&nbsp; &nbsp;01234567ABCDEFGH</P><P>&nbsp;</P><P>If the password is 7 or 9 characters long, the correct value is stored.&nbsp; Also, if the entered Password is only 4 characters long, only 'ABCD' will be appended.</P><P>&nbsp;</P><P>We are using CredReadA to verify the stored credentials.&nbsp; We also tried creating these same credentials using CredWriteA and the issue does not appear.&nbsp; However, if the Password for this credential is then modified/re-entered in the Credential Manager GUI, the issue appears.</P><P>&nbsp;</P><P>If anyone can reproduce and/or suggest the origin of this issue, it would be much appreciated.</P><P>&nbsp;</P><P>Ché</P> Fri, 04 Sep 2020 11:12:48 GMT cheduro 2020-09-04T11:12:48Z Intune Printer Installation <P>Hello</P><P>&nbsp;</P><P>I am looking for a solution to allow a common user without administrator privileges to install a printer driver when trying to connect to a printer. (see first screenshot)</P><P>&nbsp;</P><P>Since I am using the security baselines my inital device configuration profile is not functional any more. (take a look to the second screenshot for the device configuration profile).</P><P>&nbsp;</P><P>Can someone help me out, how to adjust the baselines to make such an installation for the user possible?</P><P>&nbsp;</P><P>Thanks! :)</img></P> Tue, 25 Aug 2020 08:18:38 GMT thenikk 2020-08-25T08:18:38Z Winre wont show windows partition <P>Hi,</P><P>&nbsp;</P><P>I have some difficulties with windows recovery environnent. The laptop is a Lenovo T470 with nvme.</P><P>I can boot on the recovery partition without a problem but then, I cannot see the partition where Windows is installed. I can only see the mini windows partition.</P><P>Diskpart only show me disk 0 without any partition.</P><P>Do you think it's a problem with nvme driver not correctly loadedin the winre.wim ?</P><P>&nbsp;</P><P>Thanks,</P><P>Davy</P> Tue, 25 Aug 2020 07:18:13 GMT davymorel 2020-08-25T07:18:13Z Getting to the bottom of it: Remote Computer Management\Storage\Disk Management - SOLVED <P>I just wanted to share a solution to a challenging, poorly documented issue (as far as my research found).</P><P>&nbsp;</P><P>3 parts to allow managing a remote system with Computer Management\Storage\Disk Management:</P><OL><LI>On both systems (one you are trying to manage, and the one you are on), enable firewall rule group Remote Volume Access (I turned on rules only for Domain profile)</LI><LI>On both systems (again, one you are using and your target system) need to have Virtual Disk Service started (or at least set to Automatic Startup, I believe default is Manual)</LI><LI>On the system YOU (the manager) are on, you probably need to ensure that somehow, someway, the TARGET COMPUTER ACCOUNT (it's DOMAIN computer account) has, on YOUR SYSTEM, the User Logon Right Access this computer from the network. I achieved this by adding the target system to my local system's Remote Desktop Users group, because that and Administrators are the only two groups granted this URA by the "MSFT Windows 10 2020 - Computer" baseline GPO.</LI></OL><P>BOOM! Totally works to a remote system now. In my case, both systems are Windows 10 2004.</P><P>You probably wouldn't want to add "Domain Computers" permanently to all your IT Techs' PCs as Remote Desktop Users, but you could add them temporarily just when you need to remote disk manage something for a ticket, then remove it. Cheers!</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="ajm-b_1-1598018968406.png" style="width: 400px;"><img src=";px=400" role="button" title="ajm-b_1-1598018968406.png" alt="ajm-b_1-1598018968406.png" /></span></P><P>&nbsp;</P> Fri, 21 Aug 2020 14:13:10 GMT ajm-b 2020-08-21T14:13:10Z Hard Drive still has EFI system partition from old install <P>I installed windows 10 on an SSD and the hard drive still has an EPS on it. Can it safely be deleted?</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="1POfRMa" style="width: 999px;"><img src=";px=999" role="button" title="1POfRMa" alt="1POfRMa" /></span></P> Wed, 19 Aug 2020 19:34:56 GMT ianclark 2020-08-19T19:34:56Z WINDOWS UPDATE <P>Please assist to deactivate automatic windows update on my device as it consumes a lot of data when connected to wifi</P><P>&nbsp;</P><P>Details include:</P><P>Windows: 10 Home Single Language</P><P>Version: 1903</P><P>&nbsp;</P><P>Device name LAPTOP-T120MUUQ<BR />Processor Intel(R) CPU N 3060 @ 1.60GHZ 1.60GHZ</P> Thu, 06 Aug 2020 18:59:20 GMT Bhorlarjee15-93_ 2020-08-06T18:59:20Z VPN does not work with AD accounts <P>Hello,</P><P>&nbsp;</P><P>I have&nbsp; aproblem with the company's VPN, we use Sophos VPN, and in accounts that are in the domain, ie AD accounts, some computers connect to the VPN and stay connected for a few seconds, but after that they lose their connection, the system indicates that it still has access, but it cannot access any website or other elements of the network, but the same computer, if i change to a local user of the computer the VPN works normally, has anyone faced something similar?</P> Thu, 06 Aug 2020 15:50:06 GMT vinihcrosa 2020-08-06T15:50:06Z Windows 10 activity history and your privacy <P>Dear All</P><P>&nbsp;</P><P>Good Afternoon</P><P>I understand that Windows 10 have feature to record locally for Activity History.&nbsp;</P><P>I would like to know how can we centralized View the Windows 10 Activity History?&nbsp;</P><P>&nbsp;</P><P>regards</P><P>&nbsp;</P><P>Thant Zin&nbsp;</P> Tue, 28 Jul 2020 06:11:24 GMT thantzinpro 2020-07-28T06:11:24Z Novice question about managing UWP applicaitons <P>Hi Everyone&nbsp;</P><P>&nbsp;</P><P>Sorry if this sounds really really simple but could someone point me in the direction of any documentation on managing UWP Windows 10 applications at an organisational level. I'm especially interested in how to manage organisation-wide licences for paid applications.&nbsp;</P><P>&nbsp;</P><P>To give a little context, I'm not a Sys-admin, I'm AV and Service Desk Triage guy with some specialisation in Video Conferencing. At my employer we've had some issues getting the team who manage our Windows 10 build not fully understanding some of the central management functions. I'd like to be able to point them at a guide and say "can we do it like this" but I don't have sufficient understanding of how everything happens under the hood at an Org level to find exactly what I'm looking for.&nbsp;</P><P>&nbsp;</P><P>The two main things to make sure for me are as follows:&nbsp;</P><P>- Actually making sure all the UWP components we need are in the build (sometimes stuff seems to go missing or get cut out as a workaround for something or other), we're missing the Film &amp; TV app which we need for its built-in surround sound codecs.</P><P>- Manage updates for software via Windows Store so we don't have stuff lock up because we've not given users admin access (for me VLC and Skype are key examples)</P><P>- Ability to manage paid applications via Windows Store (this is least important)&nbsp;</P><P>&nbsp;</P><P>I appreciate that there are much better ways to manage this kind of thing (we use Jamf for Macs and I assume there is similar for Windows) but I'd just like to get what should be there already working and up to date.&nbsp;</P><P>&nbsp;</P><P>Thanks again for treading this, I'm aware I sound like a total noob asking for advice on stuff most people know off by heart but a little direction so I can find something to throw at the team that manage the Windows image to fix these issues would be super helpful.&nbsp;</P> Mon, 27 Jul 2020 12:49:18 GMT James_Corrall 2020-07-27T12:49:18Z Problem mit edge, Internetseite als Kachel im Startmenü <P>Im neuen edge fehlt die Möglichkeit von einer Internetseite eine Kachel im Startmenü zu erzeugen. Wer kennt bitte einen Weg.</P> Thu, 16 Jul 2020 22:37:06 GMT GuenniGuenni1948 2020-07-16T22:37:06Z Windows 10 LTSC Inbox Apps <P>Hi,</P><P>&nbsp;</P><P>I am deploying <STRONG>Windows 10 Enterprise LTSC</STRONG> for my users. I wish them to have sticky notes as well. I know that we can install it using the <STRONG>Windows 10 Enterprise LTSC Inbox Apps</STRONG> but not sure what to run in the Power Shell to get it working.</P><P>&nbsp;</P><P>I tried <FONT color="#0000FF">Add-Package -path "D:\x68fre\microsoft.Microsoft.MicrosoftStickyNotes_x.appsbundle"</FONT></P><P>&nbsp;</P><P>But I get an error after running the command. Does anyone know what is the right way to install. I do not wish to make any variable change, just install the package as it is.</P><P>&nbsp;</P> Wed, 15 Jul 2020 22:20:23 GMT rajeev_vlal 2020-07-15T22:20:23Z Chinese calendar in Taskbar <P>I do not have the Chinese language installed on my English Windows 10, but the calendar in the task bar shows Chinese. All the instructions I find on the web follow this procedure to fix it:</P><OL class="q-box"><LI><SPAN>Press </SPAN><SPAN>Windows “start” button</SPAN><SPAN>.</SPAN></LI><LI><SPAN>Select </SPAN><SPAN>Settings </SPAN><SPAN>.</SPAN></LI><LI><SPAN>Select </SPAN><SPAN>Time &amp; language</SPAN><SPAN>.</SPAN></LI><LI><SPAN>Under </SPAN><SPAN>Date &amp; time</SPAN><SPAN>, select </SPAN><SPAN>Additional date, time, &amp; regional settings</SPAN><SPAN>.</SPAN></LI><LI><SPAN>On the next window, select </SPAN><SPAN>Language</SPAN><SPAN>.</SPAN></LI><LI><SPAN>On the left side of the window, select </SPAN><SPAN>Change date, time, or number formats</SPAN><SPAN>.</SPAN></LI><LI><SPAN>Another window will pop up. Under </SPAN><SPAN>Formats </SPAN><SPAN>tab, click the drop-down arrow for </SPAN><SPAN>Format</SPAN><SPAN>.</SPAN></LI><LI><SPAN>Select the desired language.</SPAN></LI><LI><SPAN>Click </SPAN><SPAN>OK</SPAN><SPAN>.</SPAN></LI></OL><P>The problem is, when I select <SPAN>Additional date, time, &amp; regional settings </SPAN>in step 4, there IS NO <STRONG>Language</STRONG> on the next window, just what is shows in the attachment.</P><P>&nbsp; Any ideas how to fix this?</P><DIV class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV><P>&nbsp;</P> Sat, 04 Jul 2020 01:25:50 GMT James Heisig 2020-07-04T01:25:50Z Windows 10 update problems My dell laptop is suddenly going into lockup screen immediately after log in and then screen blackouts. This happens aftet last update. please help me as I am totally devastated. Tue, 30 Jun 2020 17:49:42 GMT Gayani81 2020-06-30T17:49:42Z stampanti <P>l'aggiornamento di windows 10 non mi fa usare la stampante, cosa devo fare</P> Thu, 25 Jun 2020 09:43:35 GMT giuseppe5 2020-06-25T09:43:35Z In microsoft excel, i am unable to use "Ideas"option. <P>I have installed office 365. I'm using Microsoft surface pro 7, It displays a message "Your office 365 admin has set conditional access policy that restricts you to access to Excel.</P> Mon, 22 Jun 2020 13:06:47 GMT Isac1450 2020-06-22T13:06:47Z remote access <DIV class="body"><P>hi</P><P>i want to set something like this..</P><P><A href="#" target="_blank"></A></P><P>can this be set in win 10?</P><P>if can be in windows server only, which version of server is best suited 2012/2016/2009?</P><P>is there any version to be chosen like standard enterprise etc for multi users to log &amp; use?</P><P>will use only for following software word excel &amp; some finance software?</P><P>is server system with core i3 4gb ram ddr4 sufficient ?</P></DIV> Sat, 20 Jun 2020 10:28:29 GMT Madroamer 2020-06-20T10:28:29Z Microsoft apis to fetch list of Windows update released for a given version <P>Hi Folks,<BR />I am developing a cloud like service, where I will be managing the list of updates released for each Windows version. For example, given a windows version Windows 10 version 1903, I will be listing the released updates for&nbsp; that version of windows. I can get the details from microsoft support site (for ex:&nbsp;<A href="#" target="_self">Windows 10 version 1903 Update history</A>&nbsp;) when I browse through browser. But I would like to know if there are any REST apis present to fetch such details (based on windows version) so that I could fetch them and refresh them programatically and periodically.</P><P>&nbsp;</P><P>Eagerly waiting for the inputs from you guys.</P><P>Thanks.</P> Tue, 09 Jun 2020 04:05:57 GMT GoodLearner 2020-06-09T04:05:57Z Voicemeeter output audio. Mixer audio problem with applications <P>Hello! Hoping this is the right channel.</P><P>I have already contacted the microsoft technicla support but without any positive results.</P><P>&nbsp;</P><P>I'm just using voicemeeter potato for audio managment but i have a problem.</P><P>That program creates 3 virtual audio devices (like speakers), but virtual, and they appears in the right corner on the audio mixer, but when i set all application, for example discord (that i set in the second virtual channel), it appears in ALL of these channels.</P><P>I've already contacted the voicemeeter and they told me that the presence of an application in a device is all part from windows mixer.</P><P>So how can i do to "put" discord only on a device, in the mixer?</P><P>&nbsp;</P><P>Thank you</P> Wed, 27 May 2020 11:28:02 GMT Romans96 2020-05-27T11:28:02Z Windows 10 asking for password every-restart <P>Hello Team,</P><P>&nbsp;</P><P>I have windows 10 enterprise in whenever I restart this laptop every time it ask for password&nbsp;</P><P>Like:- one-drive application, Microsoft teams password, and gmail password also got paused.</P><P>I dont know what happens to this.</P><P>Please advice.</P><P>&nbsp;</P> Mon, 18 May 2020 10:59:15 GMT deepak1545 2020-05-18T10:59:15Z Windows 10 Mail can receive but cannot send <P>I can receive but cannot send from Mail.&nbsp;&nbsp;</P> Fri, 08 May 2020 06:17:15 GMT ronbrown20gmailcom 2020-05-08T06:17:15Z Surface Go and Quick Assist <P>I would like to know if I can use Quick Assist to remotely assist a Surface user?</P> Wed, 22 Apr 2020 20:26:02 GMT Mr_Olds 2020-04-22T20:26:02Z OMA-URI Lockscreen <P>Recently our Organization started to migrate our client infrastructure to Microsoft Intune.</P><P>&nbsp;</P><P><FONT size="5"><STRONG>Windows 10 OMA-URI Lockscreen Timeout:</STRONG></FONT></P><P>To personalize a timer of inactivity to lock Windows 10 you will have to create a custom device configuration profile with an OMA-URI path. I will now explain you which settings you have to set to get it working:</P><P>&nbsp;</P><P><FONT size="5"><STRONG>How-to</STRONG></FONT></P><P>The OMA-URI Path is:</P><LI-SPOILER><P>./Device/Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit<SPAN>&nbsp;</SPAN></P></LI-SPOILER><P>To define a time of inactivity create the <STRONG>Data type&nbsp;</STRONG><EM><STRONG>Integer</STRONG>.&nbsp;</EM></P><P>Use your preferenced amount&nbsp;<STRONG>in seconds</STRONG>. (for exampe: 900 for 15 minutes.)</P><P><U>Take a look to the image attachment for exact configuration.</U></P><P>&nbsp;</P><P>Now assign this device configuration profile to your device group. Make sure you also sync it to the client from the web portal of Intune, but also on the client in the company portal.&nbsp;</P><P>&nbsp;</P><P><EM>Perfect, the assigned devices will now lock after a user inactivity time which you defined.</EM></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 10 Apr 2020 09:44:39 GMT thenikk 2020-04-10T09:44:39Z Tons of PRINTENUM reg keys <P>Hi,</P><P>&nbsp;</P><P>We have some heavily used lab computers that get about 30-60 logins per day.&nbsp; I'm not sure if this information is relevant, but due to the high number of logins we actually delete any profile older than 1 day. It seems as though there are a high number of reg keys under</P><P>&nbsp;</P><DIV>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\SWD\PRINTENUM.</DIV><DIV>&nbsp;</DIV><DIV>Many of which refer to SID's that no longer exist on the machine.</DIV><DIV>&nbsp;</DIV><DIV>I have googled this reg key but found very little information on it.</DIV><DIV>&nbsp;</DIV><DIV>Questions:</DIV><DIV>1. Are these reg keys ok to delete if the associated profile for the SID no longer exists?</DIV><DIV>2. Could the build up hundreds of these reg keys cause a computer to have slow startup or login issues? For example, the computer I'm looking at has ~280 PRINTENUM keys.&nbsp; Most of them reference the same two queues over and over and over.</DIV><DIV>&nbsp;</DIV><DIV>Thank you,</DIV><DIV>Rebecca</DIV> Thu, 26 Mar 2020 19:03:37 GMT null Schaffer 2020-03-26T19:03:37Z feature update to windows 10 version 1909 via Enablement Package <P>Hello,</P><P>&nbsp;</P><P>I would like to use a controlled manner to force the feature update to windows 10 version 1909 via enablement Package that we should store on our software distribution system and allow selected users to start feature update to version 1909 only , this when they think its the right moment for them to proceed with the update, even after the newest version 20H1 will be release and updated on your update website&nbsp;<A href="#" target="_blank"></A></P><P>Can we download the KB4517245 somewhere</P><P>Many thanks&nbsp;</P><P>Patrick</P> Tue, 17 Mar 2020 12:16:45 GMT LauwereysP 2020-03-17T12:16:45Z Windows Hello for Business prompt after Hybrid Azure AD Joining Win 10 Device | WHFB disabled <P>Hello,</P><P>&nbsp;</P><P>I'm looking for some clarification on the behaviour around Windows Hello for Business after Hybrid Azure AD joining Windows 10 devices.</P><P>&nbsp;</P><P>I recently enabled HAADJ in AAD Connect.&nbsp; As expected first of all, the devices acquire a userCertificate attribute as part of the WorkplaceJoin schedule task, sync to AzureAD as part on the next AADConnect sync cycle and show up in the Azure AD tenant as a HAAD device.</P><P>&nbsp;</P><P>The issue I encounter is with the Windows Hello for Business prompt.&nbsp; When a synced user logs in, they're prompted to setup a Windows Hello for Business PIN.&nbsp; You can skip the process and continue but every subsequent login ask you to set-up a PIN which you can sync.</P><P>&nbsp;</P><P>The devices are HAADJ but not enrolled into Intune for MDM.</P><P>&nbsp;</P><P>In the AzureAD Portal under&nbsp;<STRONG>Microsoft Intune\Device Enrollment\Windows Enrollment\Windows Hello for Business</STRONG>, it was set as&nbsp;<STRONG>Not Configured.&nbsp;&nbsp;</STRONG>I also changed this to&nbsp;<STRONG>Disabled</STRONG>, but the users still get the prompt.</P><P>&nbsp;</P><P>I only way forward I'm finding to deal with this is by setting the settings<SPAN>&nbsp;</SPAN><STRONG>“Use Windows Hello for Business”<SPAN>&nbsp;</SPAN></STRONG>under&nbsp;<STRONG>"User Configuration\Administrative Templates\Windows Components\Windows Hello for Business”</STRONG><SPAN>&nbsp;</SPAN>to Disabled.&nbsp; It was previously set to&nbsp;<STRONG>Not Configured.&nbsp;&nbsp;</STRONG>This stops the setup PIN prompt coming up after login, however, notifications still appear in the notification area after login saying that<SPAN>&nbsp;</SPAN><STRONG>The system is configured&nbsp;to use Windows Hello for Business,&nbsp; Click here to setup you PIN.</STRONG></P><P>&nbsp;</P><P>I do not get this behaviour in other environments where I have HAADJ configured, with seemingly the same settings.</P><P>&nbsp;</P><P>End goal is wanting to retain HAADJ but disable all the prompts for setting up Windows Hello for Business.&nbsp; Any ideas?</P> Thu, 12 Mar 2020 20:51:22 GMT Ben Owens 2020-03-12T20:51:22Z The system time is incorrect <P>The system time is incorrect - my timezone is UTC+8, but the time system shows is UTC-8. why?</P><P>When I try to change it, got below error- but I am the administrator of this PC...</P><P>very confusing...</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Patrick25_0-1583035202340.png" style="width: 400px;"><img src=";px=400" role="button" title="Patrick25_0-1583035202340.png" alt="Patrick25_0-1583035202340.png" /></span></P><P>&nbsp;</P> Sun, 01 Mar 2020 04:02:02 GMT Patrick25 2020-03-01T04:02:02Z Automatic Hybrid Azure AD Join Proxy PAC Ping Federate <P>What are the step by step required for this ?</P><P>What about dns resolution it is required that machine be able to resolve all microsoft names required here ?</P><P>What about when Ping Federate is used for Authentication ?</P><P>What about when Proxy is being used that too a cloud based one which requires authentication before internet access is allowed ?</P><P>How does that works ?</P><P>What about Proxy using PAC file it is natively understood especially in Automatic Azure AD / Hybrid Azure AD join scenarios</P> Wed, 19 Feb 2020 13:32:32 GMT Himanshu Singh 2020-02-19T13:32:32Z Windows Update: Deadline vs. Deferral <P>Hi,&nbsp;</P><P>for Windows Update I can configure via Intune two separate settings:</P><UL><LI>Feature update deferral period (days)</LI><LI>Deadline for feature updates</LI></UL><P>I'm not sure how these two settings work together: If I enter a value of 30 days deferral period and a 7 day deadline I would assume that the user will need to install it at least after 37 days.</P><P>But from the documentation it is not clear if those values add up - perhaps I'd need to set the deadline always on a higher number than the deferral period.&nbsp;</P><P>Can someone clarify this / has seen it in real world and knows what happens?</P> Thu, 13 Feb 2020 12:51:43 GMT Markus Ihloff 2020-02-13T12:51:43Z Build is getting failed with error code 2=“null” and 255=“null” in Windows 10 OS <P>Hi All,</P><P>&nbsp;</P><P><SPAN>We have recently migrated to Windows 10 from Windows 7.</SPAN></P><P>When we are building our code in Windows 10 OS, now we are getting the build error such as 255="null" and 2="null".</P><P>&nbsp;</P><P>We have no clue how to fix this build error.</P><P>&nbsp;</P><P>We are facing this build error after we migrated to Windows 10.</P><P>Our Code was successfully built when we used Windows 7 OS.</P><P>&nbsp;</P><P>Please see the build error in the below mentioned log.</P><P>Error:</P><P>&nbsp;</P><PRE>2020-02-12 18:19:46 t-58 WARNING: Error: 255="null" when executing [C:\Clones\Exp \TSP_VOB\Build\bin\bldcomp.bat, libVAL, OSE] 2020-01-09 08:50:55 t-52 WARNING: Error: 2="null" when executing [G:\TSP_VOB\Build\bin\bldcomp.bat, libVAL, OSE]</PRE><P>Here bldcomp.bat is the batch file which will invoke the make file the make file inturn will invoke the make.exe,libVAL is the component to be build and the OSE is the configuration for which the build is done.</P><P>&nbsp;</P><P>Here bldcomp.bat, libVAL and OSE is fed to the processbuilder java process as inputs, while the build is going on the build(processbuilder) is interrupted with the error code 2="null" and 255="null"</P><P>&nbsp;</P><P>Please see the environment details below.</P><P>&nbsp;</P><PRE>Rhapsody 8.0.5 Java Version 7 Visual studio 2005 gcc version 4.2.3 Windows Version : Windows 10 </PRE><P>Note :</P><P>1)The configuration can be of any specific target such as OSE(arm),WinXP(Desktop simulation),WinCE and Lint.</P><P>&nbsp;</P><P>2)The Component can be Utilities,SIM,OSAL,ARCOM,FD,VAL,TRF,SVAL and MSW</P><P>&nbsp;</P><P>3)The build error is appearing in any component and in any configuration randomly(meaning issue place is not definite).</P><P>&nbsp;</P><P>4)This build went through fine with out any issues on Windows 7 OS, now we are facing this build errors in Windows 10 OS.</P><P>&nbsp;</P><P>Please help us to fix this issue.</P><P>&nbsp;</P><P>Thanks in advance,</P><P>S.Parthasarathi</P> Thu, 13 Feb 2020 09:37:23 GMT PARTHASARATHI_S 2020-02-13T09:37:23Z Moving users home folder from C to D <P>A question's been boggling my mind for a while now,</P><P>How to properly move users home folder on computers that are members of active directory from drive C:\ to D:\</P><P>I should also mention that GPO home folder method didn't work.</P> Wed, 05 Feb 2020 16:44:59 GMT Arash_Venus 2020-02-05T16:44:59Z Set APN settings for multiple Windows 10 Devices <P>Hi,</P><P>&nbsp;</P><P>I'm trying to configure about 700 Windows 10 laptops with a build in Sim module, I want to configure the APN settings for all devices so I don't have to do them one by one.</P><P>&nbsp;</P><P>All the laptops get a Sim from the same provider. (KPN NL)</P><P>&nbsp;</P><P>Can anyone help me with configuring this and how to deploy this?</P> Wed, 15 Jan 2020 12:13:22 GMT Bohie 2020-01-15T12:13:22Z Group Policy Recommendations to enforce updates within 2 weeks of availability. <P>I manage about 60 Windows 10 Pro systems for a small business, and I'm looking to help to implement a slightly more "aggressive" system update policy that the defaults, to help ensure that my users are receiving and installing updates within 2 weeks of availability.&nbsp; I am requesting any recommendations for me to make sure I'm cleanly implementing the following scenario:</P><P>&nbsp;</P><P>I would like:</P><P>- Windows to search for updates daily (with the exception of maybe patch Tuesday).</P><P>- Windows to automatically download and install new updates, without prompting the user to do anything.</P><P>- I want the user to be prompted to restart/schedule the updates once they're available.&nbsp; I would like this notice to require user interaction and not be a temporary toast pop-up.</P><P>- <STRONG>But</STRONG> I want the user to be able to dismiss/snooze the updates for a period of up to 14 days.</P><P>- After the 14 days, I would like the system to force the update, <EM>even if the user is logged in</EM>, but inform the user with a notice about the pending system restart, which would require user interaction, so that they are aware of the restart.&nbsp; I would like them to be notified at least twice - the first one at least one hour before restart, and the second and last one 15 minutes before the forced restart.&nbsp;&nbsp;</P><P>- Optionally, I would like to prevent the user from choosing to restart or shutdown without initiating the installation of pending updates, once they've been informed that updates are ready to install.&nbsp;&nbsp;</P><P>&nbsp;</P><P>I feel that I have everything set up correctly, but wanted to see if there were some recommended group policies so that I can consolidate or clean up some of the ones I have configured for my users.</P><P>&nbsp;</P><P>Thank you!&nbsp;&nbsp;</P> Wed, 11 Dec 2019 15:09:07 GMT Troy Benedict 2019-12-11T15:09:07Z Remote Control w/o SCCM? <P>Hey all, does anyone have recommendations for a good Remote Control tool w/o the use of SCCM? We're using a commercial product now, but I'm just wondering what others are using. Thanks!</P> Wed, 11 Dec 2019 13:01:52 GMT Jlee_Prosci 2019-12-11T13:01:52Z New Windows 10 deployment process posters <P>Take a look at two new process posters that flowchart you through:</P> <P>&nbsp;</P> <UL> <LI><A href="#" target="_self">Deploying Windows 10 with Autopilot</A> <BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="windows10-autopilot-flowchart.png" style="width: 528px;"><img src=";px=999" role="button" title="windows10-autopilot-flowchart.png" alt="windows10-autopilot-flowchart.png" /></span></LI> </UL> <P>&nbsp;</P> <UL> <LI><A href="#" target="_self">Deploying Windows 10 with System Center Configuration Manager</A><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="windows10-deployment-config-manager.png" style="width: 816px;"><img src=";px=999" role="button" title="windows10-deployment-config-manager.png" alt="windows10-deployment-config-manager.png" /></span></LI> </UL> <P>&nbsp;</P> <P>See the end-to-end steps with decision points to help you understand these two complex processes and get you down the deployment road faster.</P> Fri, 06 Dec 2019 23:17:31 GMT Joe Davies 2019-12-06T23:17:31Z How to toggle Clipboard "Sync across devices" switch OFF with gpo/intune/registry <P>I'm trying to figure out how to toggle "Sync across devices" option Off in Settings &gt; System &gt; Clipboard. Been using Windows 10 1903 and 1909.&nbsp;</P><P>Settings like:&nbsp;</P><P><SPAN>Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System</SPAN></P><P><SPAN>AllowCrossDeviceClipboard = 0, don't work since it only greyed the option but doesn't switch the toggle to Off.</SPAN></P><P><SPAN>Also tried&nbsp;</SPAN></P><P><SPAN>HKEY_CURRENT_USER\Software\Microsoft\Clipboard</SPAN></P><P>CloudClipboardAutomaticUpload = 0, which doesn't have any impact.</P><P>&nbsp;</P><P>Thanks in advance!</P> Thu, 21 Nov 2019 12:01:42 GMT Mari-2019 2019-11-21T12:01:42Z Group Policy Settings Reference Spreadsheet Windows 1903 or 1909 <P>Hi,</P><P>Can anyone point me to the GPO reference sheet for 1903 or, better still, 1909 if that has been released?</P><P>&nbsp;</P><P>Thanks,</P><P>Nigel</P> Thu, 07 Nov 2019 08:57:33 GMT Nigel Archer 2019-11-07T08:57:33Z Expert Q&A Hours at Management Central <P style="box-sizing: border-box; color: #333333; font-family: &amp;quot; segoeui&amp;quot;,&amp;quot;lato&amp;quot;,&amp;quot;helvetica neue&amp;quot;,helvetica,arial,sans-serif; font-size: 16px; font-style: normal; font-variant: normal; font-weight: 300; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; -webkit-text-stroke-width: 0px; white-space: normal; word-spacing: 0px; margin: 0px;">Every day, all day in The Hub at Microsoft Ignite 2019, deployment and management experts are standing by to answer your questions. Look for neighborhood 29 (Windows 10 &amp; Office 365), then venture to the middle to find the Deployment Central and Management Central booths.</P> <P style="box-sizing: border-box; color: #333333; font-family: &amp;quot; segoeui&amp;quot;,&amp;quot;lato&amp;quot;,&amp;quot;helvetica neue&amp;quot;,helvetica,arial,sans-serif; font-size: 16px; font-style: normal; font-variant: normal; font-weight: 300; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; -webkit-text-stroke-width: 0px; white-space: normal; word-spacing: 0px; margin: 0px;">&nbsp;</P> <P style="box-sizing: border-box; color: #333333; font-family: &amp;quot; segoeui&amp;quot;,&amp;quot;lato&amp;quot;,&amp;quot;helvetica neue&amp;quot;,helvetica,arial,sans-serif; font-size: 16px; font-style: normal; font-variant: normal; font-weight: 300; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; -webkit-text-stroke-width: 0px; white-space: normal; word-spacing: 0px; margin: 0px;">Each day I'll post the daily schedule for Management Central. We've also got experts waiting to talk to you about all things Microsoft Endpoint Manager, Microsoft Intune, and Configuration Manager as well in the nearby booths!</P> <H2 id="toc-hId-1852498553" style="box-sizing: border-box; color: #333333; font-family: &amp;quot; segoe ui&amp;quot;,segoe,tahoma,geneva,sans-serif; font-size: 20px; font-style: normal; font-variant: normal; font-weight: 600; letter-spacing: normal; line-height: 1.2; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; -webkit-text-stroke-width: 0px; white-space: normal; word-spacing: 0px; margin: 36px 0px 20px 0px;">Thursday, November 7</H2> <TABLE> <TBODY> <TR> <TD width="210"> <P>9:30-11:00 AM</P> </TD> <TD width="414"> <P>Priya Ravichandran, Esther Salter, Chris Baldwin, Vivian Lu</P> <P>Expert Q&amp;A: Managing Android devices with Microsoft Intune</P> </TD> </TR> <TR> <TD width="210"> <P>11:00-12:00 PM</P> </TD> <TD width="414"> <P>Anna Novicheva, Jina Yoon, Andy Cerat, Neil Johnson</P> <P>Expert Q&amp;A: Managing macOS devices with Microsoft Intune</P> </TD> </TR> <TR> <TD width="210"> <P>12:00-1:00 PM</P> </TD> <TD width="414"> <P>Derek Snook, Ross Smith</P> <P>Expert Q&amp;A: Managing Outlook Mobile with Microsoft Intune</P> </TD> </TR> <TR> <TD width="210"> <P>1:00-2:00 PM</P> </TD> <TD width="414"> <P>Per Larsen, Shiv Patel</P> <P>Expert Q&amp;A: Windows Device Management with Microsoft Intune</P> </TD> </TR> <TR> <TD width="210"> <P>2:00-3:00 PM</P> </TD> <TD width="414"> <P>Rob York, Lance Crandall</P> <P>Expert Q&amp;A: Configuration Manager Cloud Attach</P> </TD> </TR> <TR> <TD width="210"> <P>3:00-3:45 PM</P> </TD> <TD width="414"> <P>Christopher Urban</P> <P>Expert Q&amp;A: Microsoft Intune for Education</P> </TD> </TR> <TR> <TD width="210"> <P>3:45-4:30 PM</P> </TD> <TD width="414"> <P>Matt Shadbolt</P> <P>Expert Q&amp;A: Microsoft Endpoint Manager as Part of a Zero-Trust Strategy</P> </TD> </TR> <TR> <TD width="210"> <P>4:30-5:15 PM</P> </TD> <TD width="414"> <P>Sameer Yadav, Jeff Liu, Andy Cerat</P> <P>Expert Q&amp;A: Conditional Access</P> </TD> </TR> </TBODY> </TABLE> <H2 id="toc-hId-1852498553" style="box-sizing: border-box; color: #333333; font-family: &amp;quot; segoe ui&amp;quot;,segoe,tahoma,geneva,sans-serif; font-size: 20px; font-style: normal; font-variant: normal; font-weight: 600; letter-spacing: normal; line-height: 1.2; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; -webkit-text-stroke-width: 0px; white-space: normal; word-spacing: 0px; margin: 36px 0px 20px 0px;">Tuesday, November 5</H2> <TABLE> <TBODY> <TR> <TD width="210"> <P>8:30-9:30 AM</P> </TD> <TD width="414"> <P>Andy Cerat, Jina Yoon, Anna Novicheva</P> <P>Expert Q&amp;A: iOS Management</P> </TD> </TR> <TR> <TD width="210"> <P>9:00-9:30 AM</P> </TD> <TD width="414"> <P>Mark Florida</P> <P>Expert Q&amp;A: Resource Access</P> </TD> </TR> <TR> <TD width="210"> <P>10:30-11:30 PM</P> </TD> <TD width="414"> <P>Jie Jessica Yang</P> <P>Expert Q&amp;A: Android Management</P> </TD> </TR> <TR> <TD width="210"> <P>11:30-12:30 PM</P> </TD> <TD width="414"> <P>Andy Cerat, Jason Githens, Mark Florida, Dilip Radhakrishnan</P> <P>Post-session Q&amp;A: BRK2082 What’s new in Microsoft Endpoint Manager</P> </TD> </TR> <TR> <TD width="210"> <P>12:30-1:30 PM</P> </TD> <TD width="414"> <P>Simon Binder</P> <P>Post-session Q&amp;A: THR3026 Admin experiences in Microsoft Endpoint Manager</P> </TD> </TR> <TR> <TD width="210"> <P>1:30-2:30 PM</P> </TD> <TD width="414"> <P>Ileana Wu</P> <P>Expert Q&amp;A: App Protection Policies</P> </TD> </TR> <TR> <TD width="210"> <P>2:30-3:30 PM</P> </TD> <TD width="414"> <P>Sonja Ridley, Sven Hallauer, Florent Reynal</P> <P>Post-session Q&amp;A: BRK2085 Microsoft Managed Desktop</P> </TD> </TR> <TR> <TD width="210"> <P>3:30-4:30 PM</P> </TD> <TD width="414"> <P>Kellie Eickmeyer, Ileana Wu</P> <P>Expert Q&amp;A: Managing Microsoft Edge</P> </TD> </TR> <TR> <TD width="210"> <P>4:30-5:15 PM</P> </TD> <TD width="414"> <P>Matt Shadbolt</P> <P>Post-session Q&amp;A: THR3045 GP and Microsoft Intune w/Windows Insiders</P> </TD> </TR> <TR> <TD width="210"> <P>5:15-6:00 PM</P> </TD> <TD width="414"> <P>Lisa Garland</P> <P>Post-session Q&amp;A: BRK3084 End Users Experiences</P> </TD> </TR> </TBODY> </TABLE> Thu, 07 Nov 2019 05:44:19 GMT Heather Poulsen 2019-11-07T05:44:19Z Windows 10 1903 ignores driver rollback <P>After update to Windows 1903, driver rollback don't prevent from driver auto updating(actually downgrading for me) and Windows updating again same driver after each rollback, and i had to disable driver update in "Local group policy"(but this solution not available for Windows Home Edition).</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="DriverRollbackIssuse.png" style="width: 828px;"><img src=";px=999" role="button" title="DriverRollbackIssuse.png" alt="DriverRollbackIssuse.png" /></span></P> Wed, 09 Oct 2019 14:24:45 GMT Behzad_A 2019-10-09T14:24:45Z Manage Bitlocker Passwor/PIN ? <P>Hi everyone,</P><P>I have problem when deploy Bitlocker :</P><P><U><STRONG>How can I manage bitlocker password&nbsp; with normal user , Adminisrator/IT allow them change password/PIN permission , but we might block them "Turn off Bitlocker" ?</STRONG></U></P><P>I used the policy :&nbsp;&nbsp;</P><PRE><SPAN>Disallow standard users from changing the PIN or password</SPAN></PRE><P>Result :</P><P>- Normal user can't changing Password/PIN . When them click "Change Password ", need to verified by admin&nbsp;</P><P>- Admin account can change Password .</P><P>Anyone can help me ?</P><P>Thank you very much !</P> Mon, 30 Sep 2019 10:49:03 GMT HanhTrinh 2019-09-30T10:49:03Z Bitlocker keys not visible in Active Directory <P>Hello,&nbsp;</P><P>&nbsp;</P><P>We are enabling Bitlocker in our environment. I had configured all policies related to Bitlocker inside AD. For example, i configured Bitlocker to not start until recovery key backed up to AD. This is the policy about i want to ask something.</P><P>&nbsp;</P><P>I want to ask something about this policy because i had an issue with this policy. It seems it not working well or i am missing some point in the configuration. Let me explain what i'm doing after this configuration:</P><P>- I start Bitlocker encryption, Bitlocker encrypt correctly the Hard Disk. When encrypt finish, I can see the tab on AD called "Bitlocker Recovery", but, at the time I open this tab to request the key stored i get an information message : "There is no elements on this view, To search a recovery key press right button on object domain ... etc ... ".&nbsp;</P><P>&nbsp;</P><P>My question is, i know that bitlocker can not start if key is not backed up on AD, so Bitlocker is correctly performed the encryption and the key is backed up on AD. For any reason i can not see the key, even domain admins can not see it.</P><P>&nbsp;</P><P>So, how can i see this keys in AD? I need something more, maybe a plugin? a feature?</P><P>&nbsp;</P><P>I'm running Windows 10 1809 Professional and Active Directory v 10.0.171321.</P><P>&nbsp;</P><P>Any help is really welcome. Thanks in advance.&nbsp;</P><P>Rgards.&nbsp;</P> Mon, 09 Sep 2019 10:47:46 GMT My_name_is_yahvÉ 2019-09-09T10:47:46Z Set up OneDrive alert <P>We are deploying Win10 1903 enterprise with OneDrive disabled. We are getting an Alert in Virus &amp; threat protection: Set up OneDrive for file recovery options in case of a ransomware attack (see below). How can we disable this alert?</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="clipboard_image_1.png" style="width: 400px;"><img src=";px=400" role="button" title="clipboard_image_1.png" alt="clipboard_image_1.png" /></span></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 02 Sep 2019 00:51:09 GMT Dan Snape 2019-09-02T00:51:09Z Content Advisor GPO Settings <P>How do you set Content Advisor settings in IE11 (URLs / etc) via GPO?&nbsp; When using User Prefs, the Content Advisor Settings and Enable buttons are greyed out.&nbsp; Admin Templates only have settings to be able to see or&nbsp; hide the Content Advisor portion of IE settings.</P><P>&nbsp;</P><P>I dont want to just show / hide the Content Advisor, I'd like to set some things up within it using is this done?</P> Thu, 22 Aug 2019 21:25:32 GMT BrianPitt 2019-08-22T21:25:32Z Can I get Version 1809 anywhere now that 1903 is out? <P>Have two users at two different locations having problems connecting to our file server.</P><P>&nbsp;</P><P>One user is getting the network drive mapped incorrectly, the other isn’t getting the drive mapped at all.</P><P>Current workaround - Created batch files on their desktops to delete any previous mapping and re-map the normal drive.</P><P>&nbsp;</P><P>PCs and users in same ADUC groups and OUs as others without the issues.&nbsp; Users running same logon script as user without the issues.</P><P>&nbsp;</P><P>One thing I noticed was that the two users with issues have Windows 10 Pro, Version 1803, OS build 17134.885.&nbsp; Those with Windows 10 Pro, Version 1809, OS build 17763.615 do not have this issue.&nbsp; I want to update these two clients to Version 1809 but cannot, everything tries to install 1903 (the latest).&nbsp; I don't want to have two clients with 1903 (yet) and perhaps have to start troubleshooting that, I would like to update these two clients to Version 1809 to see if it resolves the issues.&nbsp; Anyone know how?</P> Wed, 17 Jul 2019 13:17:11 GMT Susan Alexander 2019-07-17T13:17:11Z GPO configuration <P>Hello<BR />I'm a technophile, so I have several machines at home (all under windows pro (official) ).<BR />And I would like to configure the GPO as it is possible without windows server (the license being very expensive) and without sinology (since it locks this function to their most expensive nas and I already have one).</P><P>my request is unremarkable but I hope there is a way because it is quite annoying to reconfigure my 4 machines by hand every time I have to change a gpo.</P><P>&nbsp;</P><P>Thanks in advance</P> Fri, 12 Jul 2019 10:44:58 GMT Deleted 2019-07-12T10:44:58Z Allow commercial data pipeline <P><SPAN>There is a new group policy option in Windows 10 1903 to "Allow commercial data pipeline". Can anyone tell me what "commercial data pipeline" is and what does this do in practice? There is documentation for this policy <A href="#" target="_blank" rel="noopener">here</A> but it's not really making it easier to understand.</SPAN></P> Fri, 05 Jul 2019 10:15:41 GMT Mari-2019 2019-07-05T10:15:41Z Windows 10 1903 compatibility hold <P>Is there a way to see why Windows 1809 is not receiving 1903 feature update?&nbsp;</P><P>I can see in Update Compliance logs that the machine is not receiving the update because "DetailedStatus:&nbsp;<SPAN class="filter-hover">Compatibility hold"</SPAN></P><P><SPAN class="filter-hover">but how do I find out which one of the issues <A href="#" target="_self">here</A>&nbsp;is causing the hold?</SPAN></P><P><SPAN class="filter-hover">Is there some kind of log on the client machine or maybe in Logs?</SPAN></P> Thu, 13 Jun 2019 10:06:05 GMT Mari-2019 2019-06-13T10:06:05Z Hiding turn off bitlocker in BitLocker for Control Panel using CSP <P>Hi, guys</P><P>&nbsp;</P><P>Anyone who knows hide turn off bitlocker in control panel using csp? If I know that specific csp, let me make script to deploy user own computer specific functioning to hide, frankly I want to control user cannot disable bitlocker , but I don't know that way on azure active directory users.</P><P>&nbsp;</P><P>Environment</P><P>Client : Windows 10 1709 or 1803</P><P>Cloud : M365 with only azure active directory</P><P>&nbsp;</P><P>Thx.</P> Mon, 29 Apr 2019 01:20:23 GMT hongwoo_jin 2019-04-29T01:20:23Z WiFi Direct Network Profiles - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList <P>Does anyone know an easier way to manage WiFi Direct Network Profiles?</P><P>&nbsp;</P><P>I didn't manage to catch which application or service that added over 50 profiles on one of my devices.</P><P>&nbsp;</P><P>It could possibly have been the "Connect" app. Does anyone know what this app is named for the appx package?</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 24 Apr 2019 12:38:46 GMT Neo Beum 2019-04-24T12:38:46Z Paint it Black: GPO wallpaper is set but won't display <P>We have a corporate wallpaper GPO in place since the early Windows 7 era that copies a .bmp file to the user's %temp% and then uses %temp%\corp.bmp as the path. It works for everyone, 99 times out of a hundred. For the hundredth person, it works too, until it doesn't. Instead, they get a black background -- no corporate wallpaper, and as specified by the GPO they can't make any changes.</P><P>&nbsp;</P><P>The .bmp file is accessible and properly permissioned. If we delete it and run gpupdate /force the file is restored. If we overwrite the registry setting, say with c:\temp\corp.bmp, that doesn't work either, and in any case as soon as the policy executes our customization is overwritten.&nbsp;</P><P>&nbsp;</P><P>For one past user we went to the trouble of blocking the GPO. She got her background back. When we unblocked the GPO she went back to black.</P><P>&nbsp;</P><P>In the past five years this has only ever happened to remote users who launch a desktop VPN client and only get the policy when it refreshes periodically.&nbsp;</P><P>&nbsp;</P><P>A fix someone in the field discovered is that if you go to Ease of Use and disable and then re-enable the desktop background, the wallpaper will reappear. That has not worked for Mr. Hundredth.&nbsp;</P><P>&nbsp;</P><P>This seemed to be a common problem for early Win 7 systems (though we never saw it) and most of the solutions refer to a Win 7 hotfix or else just make sure the .bmp is accessible (see above). The problem guy was on Win10.1803 and the problem persists after we upgraded him to Win10.1809.</P><P>&nbsp;</P><P>Does anybody have advice for when the basics have been covered and it still don't work?</P><P>&nbsp;</P> Wed, 03 Apr 2019 21:25:59 GMT Kelp_Acres 2019-04-03T21:25:59Z GPO 802.1X Wireless user added known networks unable to remove <P>We have added a GPO for the&nbsp;802.1X Wireless with a certificate, but now users are unable to remove added known networks&nbsp;<BR /><BR />As shown in the picture you see 6 known Networks<BR />The first 3 are added by GPO<BR />and the other 3 by the user</P><P>When the user select Forget for it grays out and does not disapears, but stay in the list.<BR /><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="WIFI.PNG" style="width: 351px;"><img src="" width="351" height="321" role="button" title="WIFI.PNG" alt="WIFI.PNG" /></span>When we disable the GPO it is possible to remove<BR />Ive added the setting of the GPO<span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="gpoWIFI.PNG" style="width: 861px;"><img src=";px=999" role="button" title="gpoWIFI.PNG" alt="gpoWIFI.PNG" /></span></P><P><BR />when the GPO is disabled the added networks can be deleted</P> Thu, 31 Jan 2019 12:14:11 GMT Guido van Dijk 2019-01-31T12:14:11Z HP Inc. - HIDClass Update Fails <P>All other updates work fine. Only this one update fails.&nbsp;</P><P>&nbsp;</P><P class="contentCodeblock">There were problems installing some updates, but we'll try again later.</P><P class="contentCodeblock">HP Inc. - HIDClass&nbsp;- 10/30/2018 12:00:00 AM - - Error 0x800703e3</P><P>&nbsp;</P><P><A href="#" target="_blank"><IMG src="" border="0" /></A></P><P>&nbsp;</P><P>How to fix?</P><P>Also asked <A href="#" target="_blank">here</A></P><P>&nbsp;</P><P>On Windows 10 x64</P> Fri, 18 Jan 2019 01:09:02 GMT John_Weiss 2019-01-18T01:09:02Z Prevent auto-installation of Apps on Windows 10 computers and remove the apps <P>I am responsible for running some Win 10 computers in our group (there is no formal admin position), and on 22 Dec 2018, several people mentioned that new apps had been installed on their computers without their consent. An example includes a Xing app.</P><P>&nbsp;</P><P>Our users are local admins, but it seems that nobody installed these apps. I was asked to remove the apps and prevent this from happening again, but I cannot even uninstall the apps. We are not running a domain controller, all computers are independent (they can access a common share on a file server).</P><P>&nbsp;</P><P>How can I remove the apps and prevent this from happening again? I would prefer a solution that can be replicated to all my machines without too much manual intervention (e.g., some shell script or command).</P><P>&nbsp;</P><P>It would be OK for me to completely disable the store if that is needed, we do not use it.</P><P>&nbsp;</P><P>Thanks,</P><P>&nbsp;</P><P>Tim</P> Mon, 31 Dec 2018 17:41:11 GMT winspirit 2018-12-31T17:41:11Z Windows 10 LTSC Lockdown <P>I am the desktop deployment guy for a manufacturing company. We currently use windows 7 machines that are locked down to the point that the user can only run apps that are specified in the Start Menu.&nbsp;They are only presented with the taskbar and&nbsp;customized start menu.&nbsp;I have been asked to migrate this to Windows 10. Ideally this would be running on LTSC, as I want the 10 years of&nbsp; extended support without having to worry about upgrading them to a "supported" version every 18 months. I tried customizing the start layout as a multi-app kiosk, from <A title="Set up a multi-app kiosk" href="#" target="_blank"></A>&nbsp;&nbsp;but that doesn't appear to work. If there is any documentation that anyone has seen, it would be appreciated.</P> Fri, 28 Dec 2018 22:35:16 GMT Scott Reijersen-Thomas 2018-12-28T22:35:16Z Autopilot Win 10 device, Credential Manager shows Windows reference with name "Windows Identity" <P>We are using intune and Autopilot for all laptop devices. First we install some image on the laptop.&nbsp;Then you can start the laptop&nbsp;and see the autopilot wizard.&nbsp;After the user enters he's&nbsp; organisation emailadres and password, and finish the wizard, he can login on Windows 10. In Windows 10 Office 2016 (Outlook, Skype for business, Word, Excel etc..) is already installed.</P><P>&nbsp;</P><P>When I check the Credential Manager, I see&nbsp;a Windows Reference with the name "Windows Identity". Can someone tell me what this reference is needed for?</P><P>&nbsp;</P><P>I am not sure, but I think this is the cached credentials of the user which login on the device.</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="after login skype - kopie.png" style="width: 931px;"><img src=";px=999" role="button" title="after login skype - kopie.png" alt="after login skype - kopie.png" /></span></P><P>Extra info:</P><P>&nbsp;</P><P>We are using a RADIUS server, Active Directory onpremises and Azure AD. The device will receive a certificate automatically when he is using some wifi with internet connection (for example the hotspot of your phone). When the certificate is succesfully received in the personal certificate store, the user can connect to our internal RADIUS wifi by certificate (without credentials). The device can use the intune app&nbsp;"Company Portal" to check if it is compliance.</P> Thu, 20 Dec 2018 14:49:46 GMT Khalid Hajjouji 2018-12-20T14:49:46Z Windows 10 UE-V synced settings don't always apply, DesktopSettings never apply. <P>Hi,</P><P>&nbsp;</P><P>We are busy implementing UE-V, or User Experience Virtualisation.</P><P>During this implementation, which is now only on VDI-machines for the moment, we noticed some inconsistent behavior.&nbsp;</P><P>Although the settings get synced (we see the SettingsPackages folders being created and updated), when a users logs in to another machine they don't always apply. The DesktopSettings aren't getting applied at all, on any machine...</P><P>&nbsp;</P><P>When checking the EventViewer logs for UEV, I can see the messages: "Package has arrived on local device", so the synccontroller is downloading the synced settings...</P><P>ACL's on the SettingsPackages folder are also correctly set, so this is not an issue as well.</P><P>The scheduled tasks to trigger the auto registration of templates and to trigger the sync controller are also working correctly.</P><P>We checked the UEV status, and there is no reboot pending.</P><P>&nbsp;</P><P>We are testing this on VDI's (Windows 10 1803), but we don't apply the vdi recovery. We have set SyncController to none, since the vdi's are always connected. As storage location we use the Homedrive specified in the AD Object.&nbsp;</P><P>The settings for UEV are being set via GPO, using the ADMX files which ship with the Windows 10 1803 build.</P><P>Below there is a screenshot of the get-uevconfiguration result</P><P>&nbsp;</P><P>Since the documentation which can be found on technet and microsoft docs doesn't help me in resolving this issue, I hope to find some help via this way. It would be a great help for me.</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="UEVConfig.PNG" style="width: 857px;"><img src=";px=999" role="button" title="UEVConfig.PNG" alt="UEVConfig.PNG" /></span></P> Thu, 08 Nov 2018 05:49:44 GMT Matthias Vandenberghe 2018-11-08T05:49:44Z Windows 10 IOT with Java <P>Hello Everyone,</P><P>&nbsp;</P><P>Can we install Java in Windows 10 IOT.</P><P>I am using Dell Thin client Wyse 5060 with Windows 10 IOT but unable to install java.</P><P>Please help here.</P> Fri, 02 Nov 2018 07:02:46 GMT Anmol Neb 2018-11-02T07:02:46Z Windows 10 not obeying updates check frequency GPO? <P>I have recently added Automatic Updates detection frequency GPO to our AD with a value of 6. Because i wanted our systems to get updates faster and get updated faster. So every PC should be checking in to WSUS every 4-6 hours. Windows 7 do that. But Windows 10 1803 seems to still use some internal timer for this and only checking in after 8 or so hours. It still takes the value of WSUS URL, so GPO works, but this setting not.</P> Wed, 10 Oct 2018 19:49:07 GMT Oleg K 2018-10-10T19:49:07Z Group Policy Settings Reference Spreadsheet Windows 1809 <P>Hi,</P><P>Where can I download the "Group Policy Settings Reference Spreadsheet Windows 1809"?</P><P>Latest version I can find is:&nbsp;<A href="#" target="_blank">;</A></P><P>&nbsp;</P><P>thanks for the info!</P> Wed, 03 Oct 2018 13:17:41 GMT Matthias Vandenberghe 2018-10-03T13:17:41Z Autopilot - Can't delete devices <P>I have been working with Autopilot for a bit and just did a test where I imported a number of existing devices (around 170). Data was collected via the Powershell script invoked remotely. I was able to delete almost all the devices, but several (5) can't be deleted. I can see them in Intune under "Windows Autopilot Devices". I cannot delete these machines no matter what I try. They do not exist in AD, nor show as managed by Intune. But, they are assigned a deployment group in the store and I can't see a way to remove them from the store deployment group.</P><P>&nbsp;</P><P>Any ideas on how I might be able to remove these devices would be appreciated. Trying to delete all the devices so I can start over.</P><P>&nbsp;</P><P>Thanks.</P> Wed, 26 Sep 2018 20:47:25 GMT Deleted 2018-09-26T20:47:25Z Excel 365 file wont open when clicked <P>Excel 365 on Win7 machine wont open Excel files at drive locations. It will open if you are in Excel...but not if the Excel file on the drive. The msg is something like "the action cannot be taken for products that are not installed."&nbsp; Well it is installed....I tried the 'Open With' to set the file association but it had no affect.</P> Wed, 12 Sep 2018 23:03:59 GMT Dennis Mahalick 2018-09-12T23:03:59Z OEM licensing (Win 8.1 -> Win 10) <P>Hello,</P><P>&nbsp;</P><P>We changed the PCs at my company a few months before the release of Windows 10, so they have been supplied with Windows 8.1 Pro (Windows 8 sticker on the tower).</P><P>At the time, we downgraded them to Win 7 Pro, but now we are planning to transition to Windows 10 Pro (clean install on the same hardware).</P><P>I have made a few tests and when doing a clean install on these computers, Windows 10 activates just fine with the embedded OEM hardware key on each PC (no volume licences / KMS involved here).</P><P>So it's working but my concern is : "Is it legal ?" I don't want to be sued by Microsoft for activated products we are not supposed to own...</P> Sat, 01 Sep 2018 11:42:37 GMT John Arling 2018-09-01T11:42:37Z Get-WindowsAutoPilotInfo - A quicker way... <P>Hi All</P><P>&nbsp;</P><P>Just a Tip from me to make it easier&nbsp; (if you got other ways, let me know, would be interested)&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>Starting to deploy via Autopilot but first grabbing the information - so I am using a USB Drive with the following :&nbsp;</P><P>&nbsp;</P><P>Plug in the USB Drive..&nbsp;</P><P>&nbsp;</P><P>Right Click the file ..<STRONG>GetAutoPilot.cmd </STRONG>and<STRONG> (run as Administrator)</STRONG>&nbsp;&nbsp; (it seems everytime I plug in the USB I get D:</img> Drive but with the updated command below its automatic ) &nbsp;&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>Prepare Files&nbsp;</P><P>&nbsp;</P><P>1)&nbsp;GetAutoPilot.cmd</P><P>2) Download a copy of&nbsp;<STRONG>Get-WindowsAutoPilotInfo.ps1</STRONG></P><P>&nbsp;</P><P><STRONG>Contents of GetAutoPilot.cmd</STRONG></P><P>&nbsp;</P><P><SPAN>PowerShell -NoProfile -ExecutionPolicy Unrestricted -Command %~d0\Get-WindowsAutoPilotInfo.ps1 -ComputerName $env:computername -OutputFile %~d0\computers.csv -append</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P><STRONG>Get-WindowsAutoPilotInfo.ps1 - downloaded from powershellgallery &nbsp;</STRONG></P><P><STRONG><A href="#" target="_blank" rel="noopener"></A></STRONG></P><P>&nbsp;</P><P>What it does...&nbsp;</P><P>It quickly dumps the CSV file onto the USB Drive and now I have all the CSV Files that I need in one file ready to upload to intune.&nbsp;</P><P>&nbsp;</P><P>Then unplug and move onto the next device ...</P><P>&nbsp;</P><P>Easy ! &nbsp;</P><P>&nbsp;</P><P>Simon Allison &nbsp; &nbsp;</P><P>&nbsp;</P> Fri, 08 Nov 2019 10:08:49 GMT Simon Allison 2019-11-08T10:08:49Z Group Policy Reference sheet for Windows 10 and Windows Server 2016 <P>Hi,</P><P>&nbsp;</P><P>For quite a while, I use the "<SPAN><EM>Windows10andWindowsServer2016PolicySettings.xlsx</EM>"</SPAN> as reference to quickly find the new settings in the new versions. I noticed that for the 1803 release nothing was added.</P><P>Has any-one an updated version of the following sheet? Or are there no new settings for 1803?</P><P><A href="#" target="_blank"></A></P><P>&nbsp;</P><P>Thanks for the information and help.</P> Tue, 19 Jun 2018 09:19:21 GMT Matthias Vandenberghe 2018-06-19T09:19:21Z pre-assign a new Windows 10 device to a specific user in Windows autopilot <P>HI,</P><P>I read for a while: "<SPAN>Enhanced personalization for self-service deployment – Windows AutoPilot will offer the ability to pre-assign a new Windows 10 device to a specific user in your organization via cloud configuration. This will deliver a highly-personalized out-of-box experience, even before the user enters their corporate email address."</SPAN></P><P>&nbsp;</P><P><SPAN>Is this feature already available in Intune autopilot? because I could not find it.</SPAN></P><P>&nbsp;</P><P><SPAN>Best Regards,</SPAN></P><P>&nbsp;</P><P><SPAN>Christophe</SPAN></P> Mon, 04 Jun 2018 10:51:04 GMT Christophe Barneaud 2018-06-04T10:51:04Z Group Policy Management broken after applying 1803 templates <P>Just applied 1803 templates into my AD, and see what I´ve got... (open the attachement).</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 08 May 2018 09:53:33 GMT yannara _ 2018-05-08T09:53:33Z