Advanced Windows 8

Report
Get These Slides:
www.iteachcenter.org
Advanced Windows 8
Brent Williams, PhD
[email protected]
www.iteachcenter.org
Objectives
•
•
•
•
•
•
•
•
Continue From Windows 8 Intro
Unique Features
Group Policy
Monitoring & Troubleshooting
“Modern Apps”
Share Your Ideas & Knowledge
Questions
Thoughts on Next Class
Windows Software Assurance
(Volume Licensing)
•
•
•
•
•
•
Must have to get Enterprise 8 / 8.1
Provides Unique Utilities
Latest Product Versions
Support Calls to MS
Deployment Planning
Training
Windows InTune
• Cloud Based Management
• Security & Compliance
Management
• Software and Patch Distribution
• Policy Management
• Windows, iOS, Android
• $6 per user per month
Intune vs. Software
Assurance
Deployment Toolkit 2012
• MDT (MDT 2013 for 8.1)
– Light Touch Install
– Install on One Server or WS
– Add Automated Installation Kit (free)
• MDT with System Center
– Zero Touch Install
• DeploymentWorkbench is main
tool
– www.microsft.com/mdt
Installing Windows 8 from
Flash
• Need an ISO of Windows 8
– Get www.isodisk.com
• Get & Install Flash Creation Tool
– www.Sourceforge.net/projects/unetb
ootin/
– http://pcsupport.about.com/od/windo
ws-8/a/install-windows-8-usb.htm
• You will need a Win 8 Key to
install!
Dual-Booting Windows 8
– Install to a separate hard drive
suggested
– Install to a VHD
– Can be separate partition
• Get EasyBCD to Edit Boot Menu
– www.Neosmart.net/easybcd
“Windows To Go”
USB Bootable
• Part of 8/8.1 Enterprise
• Fully Installed 8 Image on
CERTIFIED USB 3 Flash
• Boot from Flash and Go!
• Basics
– Build a PC with Windows 8
– Sysprep & Generate Wim file (Dism)
– Run Windows To Go on another PC
• With Flash Key Installed
“Storage Spaces”
• A way to aggregate disk drives
into one storage pool
• With redundancy if desired
• Configured with Control Panel
The Cloud
• Many Providers Competing
–
–
–
–
Skydrive
Dropbox
Google Drive
Many, many more
• May or may not have Metro Client
• Be Careful!
– Do Files Fully Sync Locally?
– If Not, How Long to Download?
SkyDrive
• Cloud Based Storage
– 7GB Free, More Cheap
• Metro – assumes mobile device so
does not cache local copy of all
• Metro SkyDrive Client can be “My
Computer”
• Desktop – Download and install
client. All can be cached locally if
you choose.
WiFi
• Manually disconnect and that net
is dropped from auto-reconnect
• Disconnect from one by
connecting to another, it moves
higher in list
Remove All Pre-Installed
Modern Apps
– Short Sequence of PowerShell
Commands
– http://www.thewindowsclub.com/eras
e-default-preinstalled-modern-appswindows-8
Add Restart / Shutdown
Tile
• Desktop, Right Click, New, Shortcut
• In Location Type (pick one)
– For Restart: Shutdown /r /t 0
– For Shutdown: Shutdown /s /t 0
• Finishing the dialog. Right-click,
Properties, Change Icon.
• Right click and copy icon to
– C:\users\{user}\appdata\local\microsoft\
windows\application shortcuts
Domain Join
• Set DNS if necessary
• System Control Panel
• Change Settings
– Enter domain name, etc.
• After Reboot
– READ Login Screen
– Administrator login must include
domain
• mydomain\administrator
RSAT
• Download:
www.microsoft.com/downloads
– Get the right version 8/8.1 32/64 bit
• Installs in about 10 minutes
• Auto-installs in Tile in Metro!
• Preferred way to manage domain
– Group Policy
– AD
Working Environment
•
•
•
•
Login as Administrator
Create OU Structure
Create a User, Login with User
Metro Store
– Domain account must be linked to
MS account
– Install WeatherChannel
• Create dummy MS account and Outlook
Email
Working Environment 2
• Metro Apps are in the User Profile,
AppData, LOCAL, Packages
• Updates may be needed for each
user that logs in
• Problems using Store? Updates
pending install
File/Folder
Sharing/Security
•
•
•
•
Simple & Advanced Sharing
No “Shared” icon
Permission Unchanged
“Edit” button added
Group Policies &
Preferences
Group Policy
Central Store
• Not Needed with Server 2012 (8)
or 2012R2 (8.1)
• Create Central Store
– At a Windows 8 (8.1) Workstation
• Copy c:\%WINDIR%\PolicyDefinitions to
Sysvol folder
– \sysvol\domain\Policies\...
• Manage Domain Policies
– Gpmc.msc
– Mmc
Group Policy
• Use a Windows 8 PC to Edit Group
Policy
– So you have the latest GPMC
• NEW POLICIES
– 169 New Policies
• Get the Spreadsheet!
• www.microsoft.com/downloads
• Search for Group Policy
• Grouppolicy.biz
GP Example 1
– Redirect Folders on Primary
Computer Only
– Limit computers where redirection works for
a user. Requires Server 2012 Schema
– Need computers distinguished name. Found
in AD Users and Computers, Computer, right
click properties
• The primary computer is the one directly
assigned to a user - such as their laptop,
or a desktop in their cubicle - and
therefore unlikely to change frequently.
GP Example 2
• Turn off access to store
– User or Machine
– System\Internet Communication
Management\Internet
Communication settings
GP Example 3
• Allow all trusted apps to install
– Must be on for side-loading apps
– Machine
– Windows Components\App Package
Deployment
GP Example 4
• Prevent user from uninstalling
applications from start
– User
– Start Menu and Taskbar
– About 20 from the bottom of a very
long list
• What’s the difference in ‘Start
Menu’ and ‘Start’?
GP Example 5
• Turn off picture password
– Machine
– System\Logon
Other New Group Policy
Examples
• Prevent user from uninstalling
applications from
• Prevent changing lock screen
image
• Turn off Windows Location
Provider
Other New Group Policy
Examples
• Do not sync
–
–
–
–
–
–
–
Do
Do
Do
Do
Do
Do
Do
not
not
not
not
not
not
not
sync
sync
sync
sync
sync
sync
sync
app settings
passwords
personalize
other Windows settings
desktop personalization
browser settings
on metered connections
Windows 8 Modern App
Deployment
• Store Applications install
• c:\users\<userName>\AppData\Local dire
ctories
• THIS IS NOT PART OF A ROAMING
PROFILE
• If it’s not from the store, it’s sideloading
• ISSUE: RUP and Delete Cached
Copy
• http://support.microsoft.com/kb/2795607
Windows 8 Modern App
Deployment with GP – P1
• User ONLY – not per machine.
• Login must tie to MS account for Store apps
• Use Configuration Manager 2012 SP1
– For in-house apps, you have two options for
making Modern applications work. If you have
an AD, you must make one group policy
change. Change the “Allow all trusted apps to
install” setting to enabled (Computer
Configuration > Administrative Templates >
Windows Components > App Package
Deployment). This will allow you to load apps.
– Then use SCCM to side-load apps
More App Excitement
• Apps need to be installed on each
device and logon session where
the will be used
• Apps will need to updated on each
device and user that logs on
• Microsoft Accounts can be linked
to a maximum of 5 devices.
Part 2
• Good Article:
http://superuser.com/questions/49
9340/install-a-windows-8-modernui-app-without-the-windows-store
• Required Reading:
http://www.zdnet.com/theenterprise-sideloading-story-onwindows-8-its-complicated7000006742/
Monitoring Windows 8
• Task Manager
– Excellent Redesign
– Manage Services HERE
• Performance Monitor
– Control Panel
• Performance and Tools
• Advanced Tools
• Resource Monitor
Troubleshooting
• System Restore
– System Control Panel
• System Protection, System Restore
• Refresh Your PC
– Reinstalls Windows – without disturbing
apps or user profile
– Deletes User Installed Apps!
• RESET Your PC
– Reinstalls Windows – removes all apps and
files
DART – Diagnostic and
Recovery Tools
• Assessment and Deployment Kit
Must be Installed
• Part of MS Desktop Optimization
Pack (MDOP)
• DART 8.0 SP1 Is Current Version
• Essentially MS Ultimate Boot Disk
Troubleshooting Tools
•
•
•
•
•
Falcon Four Ultimate Boot
Ultimate Boot CD
Recover My Files
EasyBCD
Microsoft Fix It
– www.microsoft.com/fixit
Safe Mode?
• No F8 Menu in Windows 8
• Need Command Prompt (Win PE)
– Set
• bcdedit /set {default} safeboot minimal
– Un-Do
• bcdedit /deletevalue {default} safeboot
• MSConfig useful for normal boot
– See Boot tab
Windows 8 / IE 10
•
•
•
•
•
Spell checker
HTML 5 support
CSS3 support
Pan and zoom on touch devices
Different “Versions” Modern vs
Desktop
• Modern allows pinning
Win 8 Return Start Button
and Default to Desktop
– http://www.forbes.com/sites/jasoneva
ngelho/2013/04/16/dont-wait-forwindows-8-1-get-its-two-bestfeatures-right-now/
Windows 8.1
•
•
•
•
•
Start Button (sort of)
Direct to Desktop
New & Improved Apps
3D Printer Support
Improved Search
• See http://technet.microsoft.com/enus/windows/dn140266.aspx
Group Policy Start
Deployment in 8.1
• Use Simple PowerShell script to
capture layout details to XML file.
• File can be used in Group Policy
to push Start
• See
http://gpyall.com/archives/controlthe-windows-8-1-start-screenlayout-with-group-policy/
Wrap-Up. Whew!
• Questions?
• Email: [email protected]
• Comment Form
• www.iteachcenter.org
– Evaluation at the top
Misc Notes
• Arrangement at
– C:\users\{username}\appdata\local\mi
crosoft\windows\appsfolder.itemdata
-ms
– Default is at:
c:\users\default\appdata\local\micros
oft\windows

similar documents