In this issue:
Ask Our Readers: How to lock down file associations (responses). Ask Our Readers: Problem with Azure Virtual Desktops when using automatic startup/shutdown (new question). Windows 11 ADMX templates now available. Installing Win11 on unsupported PCs. Upgrading to Win11 with Intune. But I want to stay on Win10! Will there be a LTSC release? More on deploying Win11. Updated support matrix for Windows+Office. Freebie from Banyan Security. The power of F4. Factoid: Please turn off the lights. Plus lots more — read it all, read it here on WServerNews!
Preparing a good meal can take a lot of work. But getting ready to deploy Windows 11 will probably take even more work! Photo by Bonnie Kittle on Unsplash
QUICK NOTE: Our next issue will be on Monday November 1st. In the meantime please tell all your colleagues and friends about WServerNews and its companion newsletter FitITproNews, and let them know that they can subscribe to these and other TechGenix newsletters for free here. Thanks!!
Ask Our Readers: How to lock down file associations (responses)
Our previous issue of WServerNews included the following question submitted to us by a reader named Marco:
Whenever I upgrade the version of the Win10 computers I manage, some of the file associations get screwed up e.g. Microsoft Edge takes over .pdf from Adobe Acrobat etc so in other words some file associations are not ‘sticky’ across updates. What’s the best way of preventing this from happening? Life was way easier when we had Win7.
Two of our readers responded to this question. Paul Newman says:
In an elevated cmd prompt…
dism /online /Export-DefaultAppAssociations:”%UserProfile%\Desktop\FileAssociations.xml”
update Windows…
dism /online /Import-DefaultAppAssociations:”%UserProfile%\Desktop\FileAssociations.xml”
This could be easily done by login script if you set a flag to know you already exported and want to import…
And reader Jeremy Moskowitz the founder of PolicyPak Software and website MDMandGPanswers.com and who is also a 17-Year Desktop Management and Enterprise Mobility MVP Awardee send us this helpful and detailed information:
Team:
To help understand the challenges and solutions around File Associations (and how they DID work with Windows 7 and why they NOW work differently with Windows 10, PLUS what’s still missing…) I have three multi-part blog on this which starts here..
And, a product-based solution to help with this:
https://www.policypak.com/policies/file-associations-manager/
Videos start at the top of the page and run down to show Group Policy machines, MDM machines and non-domain joined machines.
I hope this helps your readers out.
Our thanks to both of these readers for sharing their expertise with our community.
Ask Our Readers: Problem with Azure Virtual Desktops when using automatic startup/shutdown (new question)
Mark Van Noy who manages the Virtual Desktop Infrastructure at the University of Colorado Boulder and who has contributed many excellent articles on virtualization technologies to our TechGenix website including this recent one about application layering with virtual hard disks and PowerShell wrote to us recently saying that he has identified an odd behavior with Microsoft regarding automatic scheduling and Azure Virtual Desktops. He says that the TL;DR version is that automatic startup/shutdown of AVD to save money can unintentionally lock users out of a pool—yikes! I asked him to share this discovery in more detail with our readers, both to warn them so they won’t get billed excessively if they’re using or plan to use AVD but also to see whether any readers have previously noticed this behavior and have found a workaround. Here are Marks observations in detail:
We found with two of our Azure proof of concept pools of virtual computers that using the built in schedules to save money by deallocating VMs after business hours could lead to unexpected user lock outs. The built-in Azure start-up and deallocate schedules will force their actions to occur. If a user leaves themselves logged in then the deallocation will still take place. However, Azure will set the VM state in Azure Virtual Desktops to Disconnected. Clearly, if the computer is powered off and deallocated so that it is not being billed for, there is no way a user could have a disconnected session. If the user attempts to log in to AVD and the VM they were last using, that still shows Disconnected, is not powered on then the user will receive a no resources available error even if other virtual machines are available because Azure is trying to force them back to their Disconnected session. Simply turning the deallocated VM back on will clear the Disconnected state and allow normal connections again. An easy way to see this problem is to bring up a pool of just two VMs and set a regular schedule. For the power on schedule set one of the VMs to power on each morning. Set both VMs to deallocate each evening after business hours. Also set the pool to automatically power on another VM in the pool if all powered on VM’s are in use. Have two users log in to the pool and leave themselves logged in overnight. The next morning one of the users will no longer be able to login even if there is an available VM in the pool until the VM they were connected to is powered back on. We were also working with a traditional VDI model where only one user is allowed to login to a VM at a time and that VM is theirs, but we were using a Windows 10 Multi Session pool with a user limit of one so that VMs were not being directly assigned to users at login.
Have any other readers who use or have tried out AVD see this kind of behavior? Any suggestions on how to work around or resolve this problem? If so please email us, thanks!
Got questions? Ask our readers!
WServerNews goes out bimonthly to almost 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? You can Ask Our Readers for help by emailing us your problem or question. Do it today!
Editor’s Corner
This week Your Editor discusses preparing for Windows 11 deployment and talks about some other interesting stuff…
Windows 11 ADMX templates now available
If you’re deploying Windows 11 in an Active Directory environment you’ll need the updated ADMX templates for managing it with Group Policy. These templates are now available from the Microsoft Download Center:
https://www.microsoft.com/en-us/download/details.aspx?id=103507
I’m told that there are more than 400 new Group Policy settings in Windows 11. Have any of our newsletter readers found a site that calls out these new settings in a simple format and explains the most important ones in detail? Let us know.
Installing Win11 on unsupported PCs
As has been widely reported by the tech news media, Windows 11 setup warns that you aren’t “entitled” to updates on unsupported PCs (Ars Technica). Fortunately Microsoft has now provided us with an official way of bypassing the CPU and TPM 2.0 checks preventing Win11 installs on unsupported systems:
Ways to install Windows 11 (Microsoft Support)
We must confess that none of the PCs at our own workplace fully support deploying Windows 11 at this point since we performed our last PC refresh several years ago. How about you?
Upgrading to Win11 with Intune
Per Larsen a Senior Program Manager at Microsoft has tweeted that the Feature Update policy in Microsoft Intune now includes Windows 11 as a target version. Here’s his tweet with a helpful screenshot:
https://twitter.com/PerLarsen1975/status/1444941358326861828
But I want to stay on Win10!
Some admins worry however that the Win10 machines in their environment may get automatically upgraded to Win11 in the same way that Win10 versions get updated when new versions are released. This is not the case however as you can see from this post from Microsoft:
Prepare for Windows 11 (Microsoft Docs)
https://docs.microsoft.com/en-us/windows/whats-new/windows-11-prepare
And as @ariaupdated has tweeted, if you’re using Windows Update for Business (WUfB) to manage updates for your environment, deferrals alone won’t move you to Windows 11 as he explains here:
https://twitter.com/ariaupdated/status/1441056423564087297
And for those choosing to remain on Win10 the word is yes, there be a Win10 21H2 shortly.
Will there be a LTSC release?
A reader forwarded me a post from a discussion group where Michael Niehaus says that Microsoft has “committed to a new Windows 10 LTSC release, but been very silent on whether there will ever be a Windows 11 LTSC release.” For those of us who manage IT in enterprise environments this is an important issue, so if any readers hear anything more on this matter please email us!
More on deploying Win11
Check out the following posts on the Microsoft Tech Community for more useful info on deploying Windows 11:
Tools to support Windows 11 deployment (Windows IT Pro Blog)
Update to language imaging in Windows 11 (Windows IT Pro Blog)
Microsoft extends application compatibility promise to Windows 11 (Windows IT Pro Blog)
Also get your free copy of this Windows 11 Security Book from Microsoft in PDF format here:
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMyFE
Updated support matrix for Windows+Office
If you have Microsoft Office deployed in your Windows environment you can view the support matrix here:
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2OqRI
Note that the above support matrix has been updated to include Windows 11 but does not yet include Office 2021.
Freebie from Banyan Security
Earlier this year I interviewed Tarun Desikan the COO and co-founder of Banyan Security on our TechGenix website on how SSO/EDR/MDM solutions don’t always work well for employees who need to remotely access their corporate network over a VPN. You can read my interview in full here. Recently the company has announced the availability of Banyan Security Team Edition, a no-cost version of the company’s Banyan Security Zero Trust Remote Access platform. You can read their press release here.
Got comments about anything in this issue?
Email us! We love hearing from our readers!
Please tell others about WServerNews!
Enjoy this issue of WServerNews and feel free to send us feedback on any of the topics we’ve covered — we love hearing from our readers! And please tell others about WServerNews! It’s free and always will be free — and they can subscribe to it here. Thanks!!!
Tip of the Week
The power of F4
Did you know that pressing the F4 function key can work magic in Microsoft Office applications? This tip from Ewan a technology specialist in Microsoft UK’s “pre-sales” group tells you how:
591 – An Excel Smörgåsbord (tip o’ the week blog)
https://www.tipoweek.com/2021/08/06/591-an-excel-smrgsbord/
Admin Toolbox
>> Got any admin tools or software you’d like to recommend to our readers? Email us your recommendations!
Are you drowning in a flood of emails? Try email archiving from MailStore: increase your productivity, reduce IT costs, and don’t lose another important email again:
dtSearch®-Instantly Search Terabytes. Doc. filters for popular file types, emails, databases & web data; 25+ search options; Win/Lin/Mac C++/Java/.NET Core APIs; Azure/AWS FAQs. Enterprise/dev evals available.
Lthnet MoveUser is a command line tool that can be used to change the owner of a profile from one user to another:
https://github.com/lithnet/moveuser
RedSnarf is a pen-testing / red-teaming tool for Windows environments:
https://github.com/nccgroup/redsnarf
This guide shows you how to write cross-platform Node.js code:
https://github.com/ehmicky/cross-platform-node-guide
Factoid: Please turn off the lights
We received no responses to our previous factoid question so let’s move on to our next factoid:
Fact: LED bulbs don’t always live up to the hype about their life spans
Source: https://businesshala.com/why-led-bulbs-dont-always-live-up-to-the-hype-about-their-life-spans/
Question: What’s been your experience using LED bulbs? Are they really that much better in proportion to their cost than incandescent bulbs? Email us your thoughts and we’ll include them in our next issue!
Subscribe to WServerNews!
Subscribe today to our WServerNews newsletter and join 200,000 other IT professionals around the world who receive our newsletter! Just go to this page and select WServerNews to receive our monthly newsletter in your inbox!
Conference Calendar 2021/22
NOTE: Conference dates and locations (real/virtual) are subject to change
Black Hat Europe – Nov 8-11 (virtual)
https://www.blackhat.com/upcoming.html#europe
AWS re:Invent — Nov 29-Dec 3 in Las Vegas, USA
https://reinvent.awsevents.com/
RSA Conference — Feb 7-10, 2022 in San Francisco, USA
https://www.rsaconference.com/usa
Cisco Live Amsterdam — Feb 7-11, 2022
https://www.ciscolive.com/emear.html?zid=cl-global
Big Data & AI World — March 2-3, 2022 in London, UK
https://www.bigdataworld.com/welcome
Mobile World Congress — June 29-July 1, 2022 in Shanghai
Cisco Live Las Vegas – June 12-16, 2022
https://www.ciscolive.com/us.html?zid=cl-global
Def Con 30 — Aug 11-14, 2022 in Las Vegas, USA
Big Data Expo — Sept 14-15, 2022 in Utrecht, The Netherlands
https://www.bigdata-expo.nl/en
Podcast Corner
Azure Communication Services with Mary Anne Noskowski (RunAsRadio)
Inside A Non-Profit Internet Exchange (Heavy Networking)
https://packetpushers.net/series/weekly-show/
Designing Wi-Fi for Lecture Halls (Clear To Send)
Brits, Dutch and Aussies embrace Hounds Doctrine (Risky Business)
https://risky.biz/netcasts/risky-business/
Facebook: BGP?, Whats New in Microsoft 365 and the News (Microsoft Cloud Show)
http://www.microsoftcloudshow.com/podcast
New on Techgenix.com
Getting started with Winget, the new Windows Package Manager
Automating software deployment just got easier for Windows—almost as easy as it is for Linux. Meet winget, the Windows Package Manager.
https://techgenix.com/windows-package-manager-winget/
JetStress your Exchange storage — it can save you from disaster
Microsoft has a JetStress tool to help you validate Exchange storage and performance. Using this tool takes time, but it’s time well spent.
https://techgenix.com/jetstress-your-exchange-storage/
Best practices for running Hyper-V on Windows 10
Even with Windows 11 rolling out, many organizations will continue to run Hyper-V on Windows 10. Here is a checklist to ensure success.
https://techgenix.com/running-hyper-v-on-windows-10/
What IT can learn from the Facebook outage
The massive six-hour Facebook outage affected billions of users worldwide. What can those of us working in IT learn from this?
https://techgenix.com/it-can-learn-from-the-facebook-outage/
Stop Scams UK deploys new emergency fraud hotline
With financial fraud growing at an unprecedented rate, Stop Scams UK is making it easier for British residents to report when they have been victimized.
https://techgenix.com/stop-scams-uk-deploys-new-emergency-fraud-hotline/
Fun videos from Flixxy
Fastest Gun That Ever Lived
Amazing fast draw Bob Munden can draw and shoot in less than 2/100’s of a second.
https://www.flixxy.com/fastest-gun-that-ever-lived.htm
3-Story Bicycle – Made in Germany
Is it possible to ride a three-story bicycle?
https://www.flixxy.com/3-story-bicycle-made-in-germany.htm
4 Times Fooler? – Jandro Vanishes 2 Statues Of Liberty
Jandro tries to win the ‘Fool Us’ trophy for the 4th time by making two statues of liberty disappear – one more than Copperfield.
https://www.flixxy.com/4-times-fooler-jandro-vanishes-2-statues-of-liberty.htm
What A Wonderful World
Uplifting, dream-like and fun, Argentine film-maker Fernando Livschitz transforms footage of everyday scenes into charming and mind-boggling fantasy.
https://www.flixxy.com/what-a-wonderful-world.htm
Send us your feedback!
Got feedback about anything in this issue of WServerNews? Email us!
WServerNews – Product of the Week