Latest Event Updates

Resources on Windows 10 for IT professionals

Posted on Updated on

If you’re an IT professional that is seeking to learn more about Windows 10, how to deploy and manage Windows 10 in your environment, or just simply trying to “keep up” with all the advances of the product, then the following resources will be helpful to you.  This page may be updated periodically as I come across new resources available to help.
[Updated 9/29/16]

Windows 10 Full Device Wipe via PowerShell

Posted on Updated on

One of the new capabilities of Windows 10 is the ability to manage it like a mobile device using Configuration Service Providers.  One of those functions is the ability to perform a full wipe (restore to factory default) of the device using the RemoteWipe CSP.  While this capability can be accomplished using a MDM provider such as Microsoft Intune, you may at some point have the need to demonstrate it without a device being managed.

!!! WARNING !!! CAUTION !!! DISCLAIMER !!!
Using the script below will cause the Windows 10 system to immediately perform a reset of Windows to factory default.  No data and no applications are saved.  Use extreme caution when testing this script.  Setting it up for deployment with a tool (such as ConfigMgr) could come with extreme consequences if incidentally deployed.
!!! WARNING !!! CAUTION !!! DISCLAIMER !!!

Now that you’ve been fully warned, to demonstrate how to use the RemoteWipe and invoke the doWipeMethod, please reference the example script at https://msdn.microsoft.com/en-us/library/windows/desktop/dn948434.aspx.  Also, it could be good to add a user input for a “password” to continue and it can easily be added to front of the script.  For example:

$pass = Read-Host 'Enter the password to perform a full wipe of Windows 10 to factory defaults.'

if ($pass -eq '1-2-3-4-5') {
    write-host -ForegroundColor Green 'Password accepted ... That''s amazing. I''ve got the same combination on my luggage!!' }
else {
    write-host -ForegroundColor Red 'Wrong password, terminating script'
    exit
}

 

Testing Windows 10 Assigned Access

Posted on

Based upon the information in article Set up a kiosk on Windows 10, it is possible to quickly setup a Windows 10 UWP app to run with Assigned Access.  From that article, I’ve outlined (below) the quick-start steps for testing purposes.

  1. Login to Windows with an account that has local admin rights.
  2. Create a local user account (such as “kiosk”) with a password and do not grant the account local admin privileges.
  3. Sign out of Windows.
  4. Login to Windows with the kiosk user account so that it builds the profile.
  5. If the tablet has physical keyboard capabilities, then change that user to use Tablet Mode and log out.  Otherwise, skip this step.
  6. Login to Windows with the local admin account.
  7. Edit the registry to enable auto login of the kiosk account.
  8. Use the PowerShell script in this article to get the AUMID for the UWP app.
    • If you’re just looking for a quick example, use the MSN News app with ID – Microsoft.BingNews_8wekyb3d8bbwe!AppexNews
  9. Based upon the information in the previous step, run a PowerShell command in this article to set the kiosk user to have assigned access to your UWP app.
  10. Verify that the user was properly assigned to launch the application by:
    • Start > Settings > User accounts > Family and other users
    • Under the “Other Users” section, select “Set up assigned access”
    • Ensure the user shows the application (see attached image as an example)

Also, to sideload a UWP application, see this information: https://msdn.microsoft.com/en-us/windows/uwp/packaging/packaging-uwp-apps#sideload-your-app-package.

More information on best practices for developing UWP apps for Assigned Access: https://msdn.microsoft.com/en-us/library/windows/hardware/mt633799.aspx

Windows 10 End-User Training Videos

Posted on Updated on

I’m frequently asked if there is any public materials to help an organization do their own internal “training” for their end-users on how to use some new features and capabilities of Windows 10.  Below is a collection of helpful resources that are available as videos which can be delivered via different scenarios.

Additionally, the Windows 10 Readiness Kit [materials for print] helps you to inform, educate, and communicate with your employees about Windows 10.

Getting Started with Azure AD Join in Win10

Posted on

One of the many new capabilities of Windows 10 is the ability to join a device to Azure AD Premium (AADP).  There are many good posts, such as this one from Microsoft, that show how to join an existing Win10 system, but nothing that shows the out-of-box experience or some of the newer AADP for “AADJ”, which is what this post aims to highlight as a quick start guide.

First, configure your AADP tenant to allow connections.
AADJ00

Next, this is a possible out-of-box setup experience for a new Win10 device.

AADJ01

AADJ02

Note that the account below will be automatically added to the local admins group.
AADJ03

AADJ04

AADJ05

AADJ06

AADJ07

AADJ08

Once we’re within Windows, the system properties shows that we are joined to the AAD domain.

AADJ10

Additionally, the user in AADP shows that the system is AAD Joined.

AADJ09

 

Getting Started with Windows 10 Provisioning Packages

Posted on Updated on

This is a quick guide to help you get started with using a Windows 10 Provisioning Package to configure Windows 10 during deployment.  This example specifically focuses on (and was tested) for a bare-metal deployment using ConfigMgr 1511 and Windows 10 1511.

  1. Start WICD with ICD.exe from C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86\
  2. Create the desired customizations, such as:
    • Disabling automatic updates for the Windows Store
      AllowAppStoreAutoUpdate
    • Homepage for the Edge browser
      HomePages
    • Allow Cortana
      AllowCortana.png
    • Disallowing Windows tips
      AllowWindowsTips
    • Set a custom Start menu layout
      Note: to easily create the LayoutModification.xml file, simply adjust the start menu as you would like, then run PowerShell command “Export-StartLayout -Path C:\Temp\LayoutModification.xml”
      StartLayout.png
  3. Export the provisioning package
    • Description of the package
      ProvPkg1
    • Set the desired security
      ProvPkg2
    • File save location
      ProvPkg4
    • Build the package
      ProvPkg5
  4. Apply the provisioning package
    More info: https://msdn.microsoft.com/en-us/library/windows/hardware/mt147439.aspx
    ProvPkg_TS

Remove Universal Apps During ConfigMgr OSD

Posted on Updated on

As part of a systems management strategy for Windows 10, many organization may choose to uninstall Universal Apps. During OSD for ConfigMgr, this uninstall process use a simple PowerShell script (as shown below) to execute the commands for removing the targeted Universal Apps.  While this does command does “remove” the Apps as seen in the event logs (Apps and Services > Microsoft > Windows > AppXDeployment-Server) the Apps are regenerated upon the first logon of a user.

Get-AppXPackage -Name *bing* -AllUsers | Remove-AppXPackage

Furthermore, there is an option (UniversalAppUninstall) within a WICD Provisioning Package.  There are times when this option would be a better approach, but I have not been successful in having it function to uninstall Apps.  Unfortunately, information is scant on this topic.

A Solution

Stumbling around for other who may have found other means to address this situation,  Jörgen Nilsson (Microsoft MVP) has a PowerShell script which does completely remove those undesired Universal Apps.  The key difference is that his script uses the Remove-AppxProvisionedPackage cmdlet against the full package name.

The variable for AppList that I use this:

$AppsList = "Microsoft.BingFinance","Microsoft.BingNews","Microsoft.BingWeather","Microsoft.XboxApp","Microsoft.SkypeApp","Microsoft.MicrosoftSolitaireCollection","Microsoft.BingSports","Microsoft.ZuneMusic","Microsoft.ZuneVideo","Microsoft.Windows.Photos","Microsoft.People","Microsoft.MicrosoftOfficeHub","Microsoft.WindowsMaps","microsoft.windowscommunicationsapps","Microsoft.Getstarted","Microsoft.3DBuilder"

To execute the script as part of a Task Sequence in ConfigMgr, it’s as easy as having placing the script file in a classic Package, and having the step “Execute PowerShell Script” with the Bypass option set.

UninstUnivApps.JPG