4 5 reboot, then log on as your azure ad account. type it as azuread\email give it a minute and the...
TRANSCRIPT
![Page 1: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/1.jpg)
Spark the future.
May 4 – 8, 2015Chicago, IL
![Page 2: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/2.jpg)
Minasi's Guide to Managing Windows 10: New Windows, New ToolsMark MinasiWriter, Speaker, [email protected] @mminasijoin my newsletter at www.minasi.com
BRK2302
![Page 3: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/3.jpg)
First of all, relax… there's new stuff, but the old stuff still works
Big new stuff is cloud integration, solutions for wider arrays of devices, solutions for organization data on personal devices, apps for the newer types of devices, as well as a "package manager"
But before we get into that, I'm pretty sure you all have the same question about Windows 10
Hello! Let's Talk About Win 10 Management…
![Page 4: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/4.jpg)
It is Windows 9, but in base 9 If it were Windows 9, it would fail in the German
market: "Windows? NEIN!" "Must … break … the curse … of … the … even-
numbered … Windows!" Making Gartner and other analysts wonder why
they skipped the nine may distract them from the fact that there still aren't folders or a hierarchy.
Too many installers reject Windows versions that start with "9," because of Win 95 and 98
Why Isn't it Windows 9?
4
![Page 5: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/5.jpg)
Windows doesn't grow arithmetically, it grows exponentially
The version doesn't increment by one every time
The value rises by 17% ever time, then rounds
Here's the proof:
I Believe I Have Figured It Out
5
![Page 6: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/6.jpg)
Anyone from Win 7 on can and will be encouraged to upgrade free (except Enterprise)
(Remember, 14 Jan 2020 and 10 Jan 2023 are far off)
No more flatten-and-reimage: it's upgrade & refresh
(Just like you do on your iPad) Windows 10 is the last Windows, as it's just
upgrades via Windows Update from here on in
Windows 10 is one OS for as many devices as they can get it on
Seriously, Though… Big Win 10 Things to Know:
![Page 7: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/7.jpg)
Windows Likes Azure: New Identity in Win 10
Ultra Modern Apps New Store and New App Delivery PowerShell 5.0 OneGet… More App Delivery Misc New Tools
Topics
![Page 8: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/8.jpg)
Azure and Windows 10
"Windows and the Cloud: Goin' Steady…"
![Page 9: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/9.jpg)
It's not a strong relationship yet, just a crush…
But it's worth looking at now, as it's going to be a big growth area
Win 10 boxes can join Azure AD instead of a domain
You can log onto your cloud-joined Azure AD system with an Azure AD account
There are some benefits now, we'll see more later IMHO
Windows 10 Likes Azure
![Page 10: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/10.jpg)
If you have Office 365, you already have an Azure AD domain ("Azure AD tenant" is the official phrase)… you've just never claimed it
It's free, limited to 500K directory objects Alternatively, "Basic" Azure AD costs
$1/user/month, "Premium" costs $4/user/month
"Azure AD?" Don't Have One."
![Page 11: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/11.jpg)
One other wrinkle is that you'll want to set up directory synchronization between your Azure AD domain and your Office 365 domain
Enable Azure Active Directory Device Registration
Azure AD (continued)
![Page 12: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/12.jpg)
Single sign-on and conditional access that isFrom Windows Phones, PCs, tablets (and Android as well in some scenarios), including devices that cannot be joined to on-premises AD
To on-premises apps, Azure apps, Office 365
Making a device "known" to Azure adds a factor of authentication, enabling things like simple PINs for sign on
"Why Exactly Am I Doing This?"
![Page 13: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/13.jpg)
"Conditional access" overlaps the whole device join concept
In short, it allows you to build or exploit the notion that if you've got an app on premises on in the cloud that you might want to include device info when logging on -- is the device from the intranet or some coffee ship? Is the device known or unknown? Based on that, we might accept simpler security (password) or require more (a code on a cell phone)
More on Conditional Access
![Page 14: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/14.jpg)
Normal Whoami
![Page 15: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/15.jpg)
Joining the Cloud
![Page 16: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/16.jpg)
Settings / System / About /
Joining the Cloud
![Page 17: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/17.jpg)
Reboot, then log on as your Azure AD account. Type it asAzureAD\email
Give it a minute and the "Cloud Experience Host" will pop up and offer to create a PIN
![Page 18: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/18.jpg)
Next restart, your logon screen will show a "Sign-in options link. Click it and your logon screen looks like this:
![Page 19: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/19.jpg)
And WHOAMI looks like this:
![Page 20: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/20.jpg)
And My New Whoami…
![Page 21: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/21.jpg)
The AzureAD\ prefix should go away soon A machine can only join one Azure AD
domain A machine cannot be a member of an on-
premises AD and an Azure AD Management tools:
No group policies or System Center control Alternately, Mobile Device Management / Mobile Application
Management (MDM/MAM) solutions from Microsoft and others: inTune Third party MDM (AirWatch, MobileIron, XenMobile, etc)
Details
![Page 22: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/22.jpg)
Management story is same as always, just like Windows XP, 7, or 8.1 -- group policies (for the right machines) and potentially Config Manager, Orchestrator and so on
What About On-Premises AD-Joined?
![Page 23: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/23.jpg)
Well, permit me to ask: Do you still have a laptop, or do you only use a tablet to get your work
done? How about your friends and family… any "no-computer" users out
there? How many of your organizations have migrated to Office 365 or are
migrating there (or to a similar SaaS email service)?
An IDG survey of about 2000 orgs in November 2014 revealed that 16% have no on-premises IT infrastructure, and 5% more expect that by 2016
Why Are They Doing This?
![Page 24: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/24.jpg)
Microsoft doesn't really rule in the tablet area
Or the phone area Fewer will buy laptops / desktops And they're not even Number One in clouds (However, I suspect they may achieve that
in the next two years)
That Leads to Another Problem
![Page 25: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/25.jpg)
Result:A solid Microsoft cloud-based infrastructure populated by non-MS devices but managed by MS clouds and tools makes for a nice business modelOh, and it ensures that MS-based devices may not be the majority, but they "fit" a bit more nicely. (Just my take!)
![Page 26: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/26.jpg)
A solid Microsoft cloud-based infrastructure populated by non-MS devices but managed by MS clouds and tools makes for a nice business model
Oh, and it ensures that MS-based devices may not be the majority, but they "fit" a bit more nicely.
Just my take…
Result
![Page 27: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/27.jpg)
Applications and the Store
"What, you're not all using Metro apps? Seriously?"
![Page 28: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/28.jpg)
They started talking about this in Win 8, but it's moving forward
The kernels are converging, as They really have figured out how to run what is basically honest-to-God
Windows on Snapdragon processors (good for Qualcomm!) RT's dead (bad for ARM, good for Intel!)
All of which means that it really may be possible to build apps that run on ever Microsoft OS
(If you haven't played with the Office beta yet, do!)
Universal Apps
![Page 29: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/29.jpg)
Just one store (xBox, Phone, Windows) Desktop apps go in there too Purchasing Store apps is more flexible The Store understands personal apps
versus corporate apps Managing Store app licenses is now do-able Deploying Store apps is more flexible and
simple
Windows Storelots of good news
![Page 30: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/30.jpg)
Store apps are visible to all, as now But you can create an alternative conduit,
the cloud-based Business Store Portal (BSP), which lets you Block Store apps you don't want your users getting Block entire areas, like Games Add in-house line of business (LOB) apps
You don't need System Center, inTune or even servers of your own in the basic scenario -- BSP is web-based
BusinessStore.Microsoft.com at the moment
Finding Apps
![Page 31: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/31.jpg)
If you use Config Manager or inTune, you can buy apps for your org via the BSP and download the "appx" files, providing a local distribution point for apps
You can still build a company store with Config Manager or Company Store (in Codeplex), or via an MDM/MAM third party tool
Your LOB apps can be uploaded to the cloud via the BSP for distribution
You can even…
Delivering Apps
![Page 32: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/32.jpg)
Inject them into images as we've done with Desktop apps
Familiar tools: dism, PowerShell (new noun: AppxVolume); MDT 2013 Update 1 Preview, Config Mgr via updates and then whatever ships in 2016 with Server vNext
They can be sysprepped When the user first starts up, the app looks for a
license and potentially whether that user is approved for the app
All centrally controlled Still have "deep links" as a deployment method
as well
Preinstall Apps in Images
![Page 33: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/33.jpg)
The BSP and Store recognize two identities for you Log on with Azure AD, you get the corporate options (and you don't
need a credit card)… leave the organization, you lose the apps Log on with your MSA (as in today), you pay with credit card and any
apps you buy travel with yout
Organizations can buy apps in bulk Orgs can use purchase order, credit cards,
whatever In this model, you actually get the Appx
packages to put in your store when you purchase them through the BSP, and can then preinstall them on images
Paying for Apps
![Page 34: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/34.jpg)
Many 8.1 users have disabled the Store altogether (it's simple and policy-driven)
With 10, Store apps get automatically updated
Handled by the Store service, WSService in Win 10, you can disable the store, only
offer apps in your company store, and WSService still runs, to the users get automatic updates
And of course, you can control update time with policies
Windows Store: App and Service
![Page 35: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/35.jpg)
What about Desktop apps? Back in the late 90s, RedHat Linux created
an "app packager" that became popular and was known overall as a "package manager"
There are others Basic idea is one-line installs, repairs etc Windows has had many -- MSI files, Npackd,
Ninite, NSIS and others Posh 5.0 and Win 10 introduce another…
OneGet
Oh, and Speaking of Deployment
![Page 36: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/36.jpg)
In the Windows world, we're used to install.exe
In contrast, the open source/Linux world tends to download the code and compile it
That's a pain, which led to package managers in the Linux world. They locate the code at a "software repository," download it, get it compiled and keep it updated
Yup, that's right… no Adobe or Java Updater!
Devs have package mgrs to keep libraries up to date
The Package Manager Story
![Page 37: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/37.jpg)
Now, in the Windows world, we don't compile our apps, but many apps can be silently installed
Windows developers got a package manager in 2010 called NuGet (they have different deployment needs)
Some folks started chocolatey.org and defined a package format that lets it deliver compiled stuff with setup/install EXEs… a Windows app package mgr
Access the packages via a "gallery"
Package Managers and Windows
![Page 38: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/38.jpg)
Microsoft's is building a single package manager interface for (ultimately) all package managers
It's called OneGet and PowerShell's the only way to get to it at the moment
Nouns: package, packageprovider, packagesource
It needs a plug-in for every provider, although eventually there will be a central repository
Chocolatey's in there from the beginning
OneGet: A Universal Package Manager
![Page 39: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/39.jpg)
Add a provider: Register-PackageSource -Name chocolatey -ProviderName
Chocolatey -Location http://chocolatey.org/api/v2/
(Note that 's already done for Chocolatey) See what it has: Find-Package -ProviderName Chocolatey Install a package: Install-Package VLC Chocolatey already has 2,684 apps packaged Take a look at this… it's going to be important
Playing With OneGet
![Page 40: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/40.jpg)
PowerShell 5.0 is baked into Windows 10 Zip file support ("archive" noun) ConvertFrom-String takes strings, parses
them and creates objects Event tracking support Encryption ("CMSMessage" noun) Get-item, New-Item, Remove-Item now
have a-symboliclink parameter
But the best part is, you can get it now on Win 8.1
Other PowerShell Goodies
40
![Page 41: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/41.jpg)
What PowerShell Tells Us About 10 (Sort Of) They ain't talking yet, but a look at new
PowerShell nouns are interesting: FileShare: new sharing client? Contains a lot of protocol details PnpDevice: why now controllable with PoSH?
Returns last error, error text, problems and problem text, ID info Can enable or disable devices, as in get-pnpdevice -friendlyname *shutdown* | disable-pnpdevice
AppXVolume: works with the folders that contain your Appx files
41
![Page 42: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/42.jpg)
CHKDSK got a big facelift in 8.1 But it had a few bugs, and 10 fixes them Also, the output from /F has changed and is
considerably more useful
And One More Tool…
![Page 43: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/43.jpg)
Thanks for attending, please do an evaluation
Join me and Mark Russinovich talking about Azure and disruption on Thursday at 3:15 in Arie Crown Theater
Also, I'm doing an ask-anything-you-want session about Windows 10 on Thursday at 10:45 in E350 with Jeremy Moskowitz and Sami Laiho
"Win 10 Management Scenarios" on Friday 9 AM in E352
Thank You! Follow me at @mminasi
![Page 44: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/44.jpg)
Visit Myignite at http://myignite.microsoft.com or download and use the Ignite Mobile App with the QR code above.
Please evaluate this sessionYour feedback is important to us!
![Page 45: 4 5 Reboot, then log on as your Azure AD account. Type it as AzureAD\email Give it a minute and the "Cloud Experience Host"](https://reader035.vdocument.in/reader035/viewer/2022062516/56649d2f5503460f94a07e3f/html5/thumbnails/45.jpg)
© 2015 Microsoft Corporation. All rights reserved.