WServerNews: YWVD?

Editor’s Corner

In this week’s newsletter we ask Why Windows Virtual Desktop? We also look at MFA, Win7 EOL notifications, secure web browsers Euro-style, a Tip about VPN problems with Win10 v.1903, some Mailbag feedback from our readers, a Factoid about whether college education is irrelevant today, and lots more.

Enjoy this week’s issue of WServerNews and feel free to send us feedback on any of the topics we’ve covered — we love hearing from our readers 🙂

Cheers,
Mitch Tulloch, Senior Editor

 

Why Windows Virtual Desktop?

I’ve worked with and written about almost all of the various remote desktop-ing versions of Windows Server since the release of Windows NT 4.0 Terminal Server Edition way back in 1998. This includes Terminal Services in Windows Server 2003, then basically renaming it Remote Desktop Services (RDS) in Windows Server 2008, and then enhancing RDS in Windows Server 2012 and later to include both Remote Desktop Session Host (pretty nice but can be challenging to manage in farmed deployments) and Remote Desktop Virtualization Host (kinda yucky and hard to set up so never gained much traction). With each incarnation the platform has gotten more feature-rich and powerful but also more complex and challenging to use and deploy from an administrator’s point of view.

And then about two years ago Microsoft started pushing customers towards quickly and easily deploying their RDS infrastructure in the Microsoft Azure cloud:

Remote Desktop Services (RDS) Deployment (Azure Marketplace)

https://azuremarketplace.microsoft.com/fi/marketplace/apps/rds.remote-desktop-services-basic-deployment?tab=Overview

And now we have Windows Virtual Desktop (WVD) which supposedly can deliver a full Windows experience directly from the cloud:

Windows Virtual Desktop (Microsoft Azure)

https://azure.microsoft.com/en-ca/services/virtual-desktop/

The subtitle on the above page even says that WVD is “the best virtual desktop experience, delivered on Azure”.

WVD may be the best *virtual* desktop experience, but is it the best *desktop* experience for businesses? Can it replace the desktop PC in general? And is it even meant to? Will it soon replace all legacy RDS and VDI deployments used in businesses today?

These are interesting questions to consider!

We’ve written about WVD being around the corner quite a lot recently on TechGenix. The most recent article is this one where I talked with UK-based consultant James Rankin about the subject:

Windows Virtual Desktop: What we know — and rumors we are hearing (TechGenix)

https://techgenix.com/windows-virtual-desktop-perspective/

Well as of about a month ago WVD has now reached general availability (GA):

Windows Virtual Desktop is now generally available worldwide (Microsoft)

https://www.microsoft.com/en-us/microsoft-365/blog/2019/09/30/windows-virtual-desktop-generally-available-worldwide/

But does this mean it’s now fit-and-finished?

My guess is probably neither, given the way that Windows 10 is being refreshed with new bits and pieces constantly (and lots of bug fixes as well). I’m sure that most readers who work on the admin side of IT can recall those not-so-distant times from the past where the release of a new version of a Microsoft product like Windows or Windows Server meant we should hold off deploying it until Service Pack 1 was released for that product.

So despite all of the hoopla recently about being able to use Azure NetApp Files to create FSLogix profile containers as a user profile solution for WVD:

https://docs.microsoft.com/en-us/azure/virtual-desktop/create-fslogix-profile-container

and planned WVD support for MSIX AppAttach:

https://www.christiaanbrinkhoff.com/2019/05/03/windows-virtual-desktop-technical-walkthrough-including-other-unknown-secrets-you-did-not-know-about-the-new-microsoft-managed-azure-service/

and upcoming WVD support for A/V Redirection for Teams:

https://go.forrester.com/blogs/windows-virtual-desktop-validates-cloud-based-vdi/

which all sound terrific, the reality seems to me to be that WVD is still a work in progress so I think I’ll wait a while until I try setting up a testbed environment to give it a good tryout.

But I guess all this doesn’t really answer my question of Why Windows Virtual Desktop?

Maybe the raison d’etre behind WVD is simply to help Microsoft keep earning money from its business customers. And

What do you think? Email me at [email protected]

MFA isn’t a cure-all for everything

So it seems like having a cloud service protected by requiring multifactor authentication (MFA) to access it doesn’t mean that everything will always be hunky-dory with users accessing the site. Even a cloud titan like Microsoft can experience problems with how they’ve implemented MFA as this recent article by Mary Jo Foley indicates:

Multifactor authentication issue hitting North American Azure, Office 365 users (ZDNet)

https://www.zdnet.com/article/multifactor-authentication-issue-hitting-north-american-azure-office-365-users/

And for a take on where enterprise authentication may be headed in the future, see this interview I did recently with Kevin Freiburger, director of identity solutions at Valid, a global technology provider that provides identity solutions for business, government, and consumers:

Enterprise Authentication: Where we are now and where we are headed

https://techgenix.com/enterprise-authentication/

What do our readers think is going to be the next big thing when it comes to secure authentication for enterprise and cloud environments? Email me at [email protected] with your prognostications if you have any 😉

Another Win7 support notification coming

If you haven’t already updated your Windows 7 Professional computers with the KB4524752 patch you may want to know that applying this patch will cause the machine to display a notification reminding them of Win7’s impending end-of-support. You can find full details about this patch here:

Windows 7 SP1 support notification for Windows 7 Professional (Windows Support)

https://support.microsoft.com/en-us/help/4524752/windows-7-sp1-support-notification-for-windows-7-professional

Note that this patch seems to only apply to the Professional edition of Windows 7, not Home or Ultimate or Enterprise editions. I’m not sure however whether this may simply be an oversight in the documentation of this support page.

What’s the most secure web browser?

According to a security audit performed recently by the Bundesamt fur Sicherheit in der Informationstechnik (BSI) i.e. the German Federal Office for Information Security, the most secure web browser is Mozilla Firefox. This ZDNet article has the details plus links to the audit details (in German):

Germany’s cyber-security agency recommends Firefox as most secure browser (ZDNet)

https://www.zdnet.com/article/germanys-cyber-security-agency-recommends-firefox-as-most-secure-browser/

Firefox isn’t a bad choice for enterprises for another reason, namely because there are ADMX templates available from Mozilla that let you control and lock down Firefox using Group Policy:

Customizing Firefox Using Group Policy (Windows) (Mozilla Support)

https://support.mozilla.org/en-US/kb/customizing-firefox-using-group-policy-windows

How many of our readers have Firefox deployed in their environment? Do you use Group Policy to manage it on client machines? Email your thoughts to us at [email protected]

Got more thoughts about anything in this newsletter?

Email us at [email protected]!

Tell all your friends about WServerNews!

Please let all your friends and colleagues in the IT profession know about our newsletter. Tell them our latest issues can be found at wservernews.com while older issues dating back to 1997 can be found in our archive. And let them know also that they can receive WServerNews each week in their inbox by subscribing to it here. Thank you!

 

Got questions? Ask our readers!

WServerNews goes out each week to more than 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? Ask Our Readers by emailing your problems and/or questions to us at [email protected]

 

Subscribe to WServerNews!

Subscribe today to our WServerNews newsletter and join 200,000 other IT professionals around the world who receive our newsletter each week! Just go to this page and select WServerNews to receive our monthly newsletter in your inbox!

 

Tip of the Week

>> Got any IT pro tips you’d like to share with other readers of our newsletter? Email us at [email protected]

Fixing problems with VPN in Windows 10 v.1903

If you’re having problems with Microsoft VPN connect hanging on Windows 10 v.1903 when you try to launch it from the network icon in the System Tray to show a list of VPN connections and then try and establish a VPN connection by selecting one from the displayed connection list, you can try using this temporary workaround that one of our readers suggested:

  1. Open Windows Settings and go to Network & Internet and click VPN Menu.
  2. Select the VPN you want to connect to from the menu and click Connect to establish the VPN connection.
  3. Then disconnect from the VPN.
  4. Now you should be able to launch the connection using the network icon in the System Tray in the usual way.

Hopefully Microsoft will fix the problem in v.1909.

 

Admin Toolbox

>> Got any admin tools or software you’d like to recommend to our readers? Email us at [email protected]

Join the webinar to learn 10 most common mistakes of using Veeam Backup & Replication. We will cover design, specific deployment, regkey handling and simple tick in a box through the GUI.

http://www.wservernews.com/go/id7y5b30/

Block spying and tracking on Windows with this tool:

https://github.com/crazy-max/WindowsSpyBlocker

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings:

https://github.com/nsacyber/Windows-Secure-Host-Baseline

Lthnet MoveUser is a command line tool that can be used to change the owner of a profile from one user to another:

https://github.com/lithnet/moveuser

 

Mailbag

Some reader comments concerning stuff we covered in last week’s newsletter:

Maximum PC and LiPo

Hello Mitch, I still enjoy reading Maximum PC. It is effectively the only print magazine out there anymore. All my other subscriptions were cancelled as the magazines went under. I find that Maximum PC is most useful for keeping up with desktop hardware; mostly for my own home consumption. Their article on Libra was a good read in the issue you showed.

Of greater concern has been the proliferation of LiPo battery technology without people understanding how dangerous it actually is. Well before we started seeing these batteries show up in personal electronics, we were trying them out in the Radio Control aircraft community. Some people accidentally burned down their homes. People are used to alkaline batteries and NiCad rechargeable batteries. Both of those chemistries are relatively inert compared to Lithium Polymer batteries and the stored energy in the older technologies is much less. A sub-C size NiCad was a really quality design if it could hold 2,000 mAH while today’s LiPo will hold at least double that at 4,000 mAH to 5,000 mAH at roughly one third the weight. That is a lot of energy to be released and when it goes, it burns hot with a lot of smoke. The smoke given off is also produced in fairly large quantities. If you look at this video in which they are testing various options used in R/C to contain battery fires is it obvious why the FAA is starting to take notice and ban larger batteries from flights as well as ban some battery operated devices from checked luggage.

How to store LiPo battery safely – In depth LiPo fire tests (YouTube)

https://www.youtube.com/watch?v=CnNId0mDnBo

BAT SAFE:

https://www.bat-safe.com/

–Mark Van Noy

Crown Sterling’s claims are fraudulent

RSA 256 is WAAAAYYYY weaker than AES256. They are not comparable cryptosystems WRT key length. As a matter of fact, some 256bit keys for RSA were broken in 1999. The recommended bit length for RSA encryption is 2048, or 3072 if security is recommended beyond 2030, and lots are now using 4096. The recommended key length for EAS is still 256.

See this article:

https://en.wikipedia.org/wiki/Key_size

Regarding factoring 256bit RSA, see this blog post by Bruce Schneier:

https://www.schneier.com/blog/archives/2019/09/crown_sterling_.html

On the rest of their madness:

https://www.schneier.com/blog/archives/2019/09/the_doghouse_cr_1.html

Of course, reading the comments on each post is enlightening.

–Kurt Buff

Send your feedback to us at [email protected]

 

Factoid – Is college no longer necessary?

Last week’s factoid and question was this:

Fact: The inventor of the USB connector/port has regrets about making them so hard to plug in correctly:

Question: What do our readers do to solve this problem? Just fumble around?

This one generated lots of feedback from our readers. Here’s a sampling of some of the funniest ones:

To answer your question about plugging into usb ports: If I can’t actually look at the plugs and see which way is up then I try it one way and if it doesn’t work then I try it the other way. I’ve found that this method is consistent with every other time I face 50\50 odds in life… I get it wrong about 75% of the time. –Calvin

Manufacturers go to the trouble of moulding a USB logo on the side that should be up. After all these years do people not realise that! –J.A.

Simple, I just always make a point of first plugging it in upside down. Then, you just flip out over and you’re done(!) –D.B.

Originally my steps for plugging in a USB cable were: Try one direction, try other direction, curse loudly, repeat. But since then I am more proactive like you and now my steps are: Try labeled side up, try labeled side down, curse loudly, repeat. –Doug

Then there’s this fascinating response from a reader named Jim:

USB devices and cables (usually) have a split in the sheath over their connector. On almost every computer* or device that I’ve used, the correct orientation is for that split to be down when plugging in the USB device. Of course, this doesn’t apply when the port has been turned 90 degrees, so some other solution is needed.

* NOTE: This doesn’t apply to HP POS registers. For some unfathomable reason, HP decided the USB connectors would go the other way on their bases. I have no idea why they did this, other than to frustrate people who thought they had found a logical answer to which way is up!

Now I *think* what Jim is talking about may be this:

If you look closely at these connectors you can see a jagged line indicating where the metal is joined. Flip the connectors over and there’s no jagged line on the other site.

Unfortunately when I have the side with the jagged line up, the connector won’t plug into the horizontal USB ports on the front of an old-style PC like the HP Media Center gathering dust in our basement. And if the jagged side is facing me the connector also won’t plug into the vertical USB ports on the slim Lenovo PC sitting on my work desk. So this doesn’t really help me as it means to plug in my USB device I first have to find the connector side that has the tiny jagged line on it, which means holding the connector up to the light and putting on my reading glasses so I can see it clearly. Then I have to flip the connector over before I plug it into the port on the front of my PC. So IMO it’s faster and easier if I just write “UP” on the non-jagged side of a USB connector or flash drive so I can quickly see which side should be up when I plug it in.

Or maybe Jim is referring to some identifying feature on the plastic sheath portion of a USB connector. But I checked all of the USB devices and cables (other than flash drives) and I don’t see a “split” in any of them. But I do see the USB logo or symbol that looks something like a trident:

And the side of the connector plastic that has this logo visible on it does in fact identify the side of the connector that needs to be upwards (or facing me) when I plug the connector into a horizontal (or vertical) USB port. Unfortunately the logo can be difficult to see on some USB connectors as this photo of the cable from one of my USB external drives shows:

You can just barely see the logo on this connector, and that’s with it sitting under a bright light oriented for maximum shadow contrast.

I suppose if I was fluent in reading Braille then my fingertips might be able to feel the presence of the raised logo to enable me to correctly orient it for plugging into my computers without needing to use trial and error…sigh.

Anyways, enough of that. Let’s move on now to this week’s factoid:

Fact: A recent survey indicated that 50 percent of young people in America don’t think college is worth it.

Source: https://thehill.com/opinion/education/462500-is-college-no-longer-necessary

Question: Do you think a college education still has value for young people to pursue? I expect some of our readers thoughts on this matter may differ depending on which country they live in.

Let me know what you think: [email protected]

 

Conference calendar

>> Got an IT conference or event happening that you’d like to promote in our newsletter? Email us at [email protected]

Microsoft Ignite 2019

Nov 4-8, 2019 in Orlando, Florida

https://www.microsoft.com/en-us/ignite

Other Microsoft conferences

Microsoft Licensing Boot Camps

  • Dec 9-10 in Seattle, Washington

https://www.directionsonmicrosoft.com/training

 

Infosec conferences

Cyber Security Summit – Nov 7 in Boston, Massachusetts

https://cybersummitusa.com/boston19/

Cyber Security Summit – Nov 21 in Houston, Texas

https://cybersummitusa.com/houston19/

Cyber Security Summit – Dec 5 in Los Angeles, California

https://cybersummitusa.com/losangeles19/

 

Other conferences

VMworld – Nov 4-7 in Barcelona, Spain

https://www.vmworld.com/en/europe/index.html

Midwest Management Summit – Nov 11-13 in New Orleans, Louisiana

https://mmsmoa.com/registration/mms-jazz-edition.html

European SharePoint, Office 365 & Azure Conference – Dec 2-5 in Prague, Czech Republic

https://www.sharepointeurope.com/

SharePoint Fest – Dec 9-13 in Chicago, Illinois

https://www.sharepointfest.com/Chicago/

 

Podcast Corner

Something Cloudy (Microsoft Cloud IT Pro Podcast)

https://www.msclouditpropodcast.com/

Azure DevOps, Sentinel GA and Azure in a Backpack (Microsoft Cloud Show)

http://www.microsoftcloudshow.com/podcast

Secure Deployment with Mikael Nyström (RunAsRadio)

http://runasradio.com/

 

New on Techgenix.com

Enterprise authentication: Where we are now and where we are headed

Your home is only as secure as the lock on your front door. It’s the same for businesses, but enterprise authentication is undergoing changes

https://techgenix.com/enterprise-authentication/

COBIT 2019: An effective governance framework for IT pros

Every business with IT as part of its foundation needs a comprehensive governance strategy. This is where COBIT 2019 comes in.

https://techgenix.com/cobit-2019/

WAN optimization: Fast tips to get your network up to speed

A wide-area network gradually slows down over time for several reasons. These WAN optimization tips can help you regain some of that lost network speed.

https://techgenix.com/wan-optimization/

Review: Network security and patch management solution GFI LanGuard

GFI LanGuard performs vulnerability assessments of the devices on your network and then helps you fix any problems. Here’s our review.

https://techgenix.com/gfi-languard/

Using PowerShell to assess Active Directory health

When using PowerShell as a tool for monitoring Active Directory health, you are limited only by your imagination. Here’s some scripts to get you started.

https://techgenix.com/asses-active-directory-health/

 

Fun videos from Flixxy

The Computer Monster (IBM 1967)

From an IBM training film. Created by Jim Henson and Frank Oz. It was also shown on The Ed Sullivan Show in October 1967:

https://www.flixxy.com/ibm-computer-monster.htm

The Future Of Computing (1967)

This is how film makers in 1967 envisioned what the home computer of the future would be like in 1999 A.D:

https://www.flixxy.com/1967-future-computing.htm

The World’s First Portable Computer (1975) – IBM 5100

It’s small, lightweight (55 lbs) and reasonably priced (from $8975):

https://www.flixxy.com/worlds-first-portable-computer-ibm-5100.htm

The History of Ctrl + Alt + Del

Dave Bradley of IBM admits that he created the Ctrl-Alt-Del keyboard sequence, but gives credit to Bill Gates of Microsoft for making it famous…

https://www.flixxy.com/computer-history-ctrl-alt-del.htm

 

More articles of interest

Virtualization’s role in DevOps

Learn more about how virtualization’s role in DevOps technologies continues to persevere by providing strong isolation, flexible OS options and an assortment of sophisticated tooling.

https://searchservervirtualization.techtarget.com/tip/Server-virtualization-in-DevOps-continues-to-offer-advantages?Offer=Content_Partner_OTHR-_2019September27_TG_A1

How to fix 5 common printing problems with Windows 10

Printing problems in Windows 10 are fairly common and can be a nuisance for IT admins. Here are five issues you may run into and how to troubleshoot them.

https://searchenterprisedesktop.techtarget.com/tip/How-to-fix-5-common-printing-problems-in-Windows-10?Offer=Content_Partner_OTHR-_2019September27_TG_A2

iOS 13 is out — Here’s what the enterprise needs to know

What does Apple need to do put the final polish on User Enrollment? Where will it be useful? What do the new iPhones mean? All this, and other notes.

https://www.brianmadden.com/opinion/Heres-what-the-enterprise-needs-to-know-about-iOS-13?Offer=Content_Partner_OTHR-_2019September27_TG_A3

Pros vs. cons of virtual application streaming

There are multiple ways to deliver virtual applications, and app streaming is one of them. Find out what app streaming means in a virtual desktop infrastructure.

https://searchvirtualdesktop.techtarget.com/tip/Explore-pros-and-cons-of-virtual-application-streaming?Offer=Content_Partner_OTHR-_2019September27_TG_A4

 

Send us your feedback!

Got feedback about anything in this issue of WServerNews? Email us at [email protected]

 

Scroll to Top