This week in Microsoft devices and services

28 February 2021

Surface Pro 7 removable SSD

Microsoft Surface SSD spares available for the first time

Microsoft has announced the availability of SSD spares for commercial Surface Pro 7 customers, initially US only. For those not aware, the SSD on the previous Surface Pro is not replaceable (it is soldered to the motherboard). The Surface Pro 7 introduced removable SSDs which was also first released on the Surface Pro X and the Surface Laptop 3. To date, only the Surface Pro 7 has upgrade spares available, and while 3rd party SSDs can work, Microsoft does not recommend or support 3rd party options.

Lenovo refreshed devices with taller screens making a debut

Lenovo has refreshed its cost-conscious (L-series), flagship business (T-series), portable workstations (P-series) and ultraportable (X series) devices with options for Intel 11th generation and AMD Ryzen 5000 processors. For us, the most interesting update is the move to 16:10 aspect ratio screens from 16:9 screens. for the X-Series. This reflects a general trend moving to taller screens. 16:10 screens are about 10% taller than the same width 16:9 screen, and 3:2 screens (seen on Surface devices for example) which are about 19% taller. The extra height provides a big benefit to users of productivity apps.

February Technical Preview for Configuration Manager released

The February 2021 Technical Preview for Configuration Manager has been released. Improvements include collection relationships viewer, PowerBI report templates sharing, CMG BitLocker features, Query Previews, and TLS security features for WSUS.

Smartphone sales continue to decline

Global smartphone sales for Q4 2020 declined 5% with Apple regaining the top spot since 2016. Year on year growth declined by 12.5%. While not explicitly stated, the declines are no doubt related to both COVID impact and also smartphone saturation.

Deploy 3rd party Microsoft 365 apps from Microsoft 365 admin centre (not to be confused with Microsoft Endpoint Manager)

Microsoft has released the capability to manage and deploy 3rd party Microsoft 365 Apps in the Microsoft 365 admin center (i.e. 3rd party plugins for Outlook, PowerPoint, Teams, etc.). This effectively integrates the Microsoft AppSource marketplace into the Microsoft 365 admin centre. To our surprise, this feature deploys 3rd party apps to your existing Office Applications independently to other deployment techniques (i.e it does not depend on Intune enrollment or a Configuration Manager client). The supporting documentation does not describe how the update mechanism works so we have a question with Microsoft. Irrespective, we can only see this being of use to smaller organisations without enterprise deployment tools.

Book the diary for Microsoft Ignite sessions

The Microsoft Ignite conference is back next week from the 2nd to 4th of March. See this post for an overview of the sessions covering Windows and devices along with registration details.

2021-02-28T19:42:32+00:00Categories: Uncategorized|

This week in Microsoft devices and services

21 February 2021

Surface Hub 2. Source: Microsoft.

Windows 10, version 21H1, released for early adopters

The next version of Windows 10, version 21H1, has started release to earlier adopters via the Windows Insider program. The update will be delivered using the same technology for monthly updates, so long as upgrading from version 2004 of 20H2. There are limited new features from what we can see so far.

Next version of Windows 10 Long Term Servicing Channel (LTSC) arriving later this year

Microsoft has announced the next release of Windows 10 Long Term Servicing Channel (LTSC) will arrive in the second half of this year. LTSC is targeted at devices that need to have minimal change and do not benefit from regular feature updates; for example manufacturing floor devices, or process control network devices. A significant change in the Windows LSTC release is a reduction on the support lifecycle from 10 years to 5 years, except for IoT Enterprise which will retain 10 years of support.

The first Long Term Servicing Channel (LTSC) version of Office is coming in April

To align with the Windows 10 LTSC release, there is also the first LTSC version of Office on the way along with Office 2021 (not to be confused with Microsoft Apps, previously called Office ProPlus, the subscription-based version of Office). Office LTSC, as with Office 2021, uses non-subscription device-based licensing. A commercial preview is targeted for April. Before Office LTSC, the recommendation for Office installations on Windows LTSC devices was the non-subscription based Office Professional (or Office Professional Plus). It is unclear exactly what the difference between Office LTSC and Office 2021 will be.

Device-based subscription version of Microsoft Apps available at last!

Welcome news to those using subscription version of Office with shared user computer activation. Device-based subscription is now available! Importantly with no need for users to have an Azure AD identity.

Extend subscription version of Office licence revalidation period to 180 days

Microsoft has released an option to extend the licence revalidation period for Microsoft Apps (subscription version of Microsoft Office). To date, Microsoft Apps needed a connection to the Internet every 30 days to maintain full functionality. This can now be extended to 180 days if need be.

Intel’s new CEO starts day 1

Intel’s new CEO, Pat Gelsinger, officially started work on the 16th of February replacing Bob Swan. The new CEO leaves the role of CEO of VMWare, with previous roles at EMC as COO, and over 30 years at Intel where he started his career. Bloomberg reports that the Intel Board was keen “the board decided it wanted a person with more of a technology background rather than finance” (Mr Gelsinger was previously CTO of Intel, Mr Swan was previously the CFO of Intel). The change comes at a time where Intel has lost market leadership and suffered various processor development delays.

Business case ideas for the Surface Hub, sort of…

Microsoft has commissioned Forrester Consulting to conduct a Total Economic Impact study for Surface Hub. Surface Hub provides a merging of Microsoft Teams with interactive whiteboard type functionality. The study presents an astonishing ROI of over 300%. The ROI is driven by savings in “post meeting tasks”, “avoided printing costs”, and “avoided meeting space” with the major contributor coming from “sales improvements”. I’m not sure any of these calculations would meet the hurdle of a rigorous business case, but they may assist in providing some ideas.

2021-02-28T19:45:15+00:00Categories: Uncategorized|

This week in Microsoft devices and services

14 February 2021.

The Surface Duo will be released in the UK on the 18th of February. There is no pricing information available however it is perhaps noteworthy that price has been cut in the US from $1399 to $999.

For ARM devices uses, OneDrive is now available as a 64-bit install. To date, only 32-bit has been available limiting OneDrive to 4GB of memory.

The release of Microsoft Edge v88 is accompanied by new policy settings for Intune managed devices. The setting use an ADMX template that can be leveraged either via Active Directory GPO or via Intune only (in case you missed it, select ADMX templates now work with Intune since Windows 10 version 1709). In particular, there are configurability options for the new sleeping tabs feature in Edge. This includes the ability to block sleeping tabs for specific sites which may be very useful for avoiding re-authentication prompts for sites such as SharePoint.

For those deploying Office ProPlus there are new options via the Office Deployment Tool to manage detection of MSI versions of Project and Visio and convert to CTR installations (you cannot mix MSI and CTR Office products, so previously this required creative workarounds to detect and then install).

2021-02-22T10:20:04+00:00Categories: Uncategorized|

This week in Microsoft devices and services

7 February 2021

The April cumulative update for Windows 10 will replace the legacy version of the Edge browser with the new version of Edge. If you have machines that use Edge in Kiosk mode action will be required before applying the April update to avoid disruption. The legacy version of Edge officially ends sport on 9th of March.

Microsoft has announced its view that organisations need a new approach and a new category of technology solutions called employee experience platforms (EXP). Their proposed solution is called Microsoft Viva. Viva “brings together communications, knowledge, learning, resources, and insights into an integrated experience that empowers people and teams to be their best“.

If you have ever had the pain of trying to unpick which Azure Conditional Access Policy was recently changed and caused chaos, you will appreciate that Search, Sort, and Filter for Conditional Access is now in public preview.

Microsoft has released an enterprise focussed guide for the recommended configuration of Windows 10 devices that are 100% cloud managed with no on-premise workload dependencies. The guide provides a good end-to-end view of configuring a cloud-only approach.

Windows 10 version 2004, released in May 2020, has been declared ready for broad deployment in the past week. That is 7 months after the first release and highlights the period before Microsoft is comfortable in declaring broad deployment (note, that from an enterprise perspective, the period before broad deployment is designated as a pilot).

2021-02-07T17:51:24+00:00Categories: Uncategorized|

Our predictions for Microsoft devices and services in 2021

The following predictions are taken from our 2020 Year in Review report. Complimentary copies available here.

1. Windows 10 update process will continue to be faster and less disruptive

During 2020 Microsoft has focussed on improving update methods. This is evident through using Enablement Packages, simplifying LCU and SSU dependencies and testing Windows Experience Feature Pack. These improvements are fundamental to enabling Microsoft to deliver value while minimising disruption. As such, we expect the efforts to be successful and we expect updates processes will continue to improve during 2021.

2. The shift to remote working in 2020 will make companies prioritise their Zero Trust strategies

Microsoft already has low friction Zero Trust options to leverage such as Microsoft Defender for Endpoint, and Azure Active Directory capabilities such as Single Sign-On (SSO) and Conditional Access. As such, we see Microsoft providing attractive options to capitalise on the shift in working habits (this has already been witnessed with Microsoft removing SSO application integration limits with the free version of Azure Active Directory).

3. Microsoft will continue to lead PC vendors in device innovation

During 2020 Microsoft increased the target market of its Surface devices while also experimenting with a new device category though the Microsoft Duo. This level of innovation was not shown by other PC vendors with the exception perhaps of Lenovo. Record growth figures indicate that Microsoft is being rewarded for this innovation. For this reason, we expect further device innovation to continue in 2021, starting with a much expected release of the Surface Pro 7, and including a Windows 10X device.

4. Growth in laptop sales will continue to outpace growth in desktops sales

The trend toward laptops over desktops will continue during 2021 as organisations re-enforce their business resilience through remote working devices.

5. Foldables will provide genuine value

The growth in laptop sales will be driven by home working. Large screen devices that can be moved to different locations within a home will be more valuable than long battery life or lightweight devices. As such, we expect dual screen foldable devices to provide genuine value. 

6. ARM powered devices to remain a niche option

Windows 10 on ARM supporting 64 bit x86 applications provides potential for organisations with significant 64 bit x86 applications to consider ARM devices. With that said, 64 bit x86 support on ARM devices is provided via software emulation as such we do not expect performance equivalent to Intel powered devices. We expect ARM powered devices to remain a niche option when native ARM64 applications are available.

7. Intel’s processor leadership will continue to erode

In 2021 it is generally expected that Intel will need announce if they remain a processor manufacturer or outsource manufacturing entirely. This will be significant, as Intel’s strategy to date has identified their inhouse manufacturing as a competitive advantage. We expect strategy distractions will continue to erode Intel’s processor leadership.

8. Microsoft Endpoint Manager will continue to integrate with other Microsoft services

Microsoft Endpoint Manager cloud capabilities will continue to get more integration into other Microsoft cloud service. This will build on current integration such as for BitLocker management and Defender for Endpoint.

9. Device performance and update readiness analytics will provide significant benefits

Microsoft has significant insight opportunities by analysing event data from end devices. In particular, aggregating data across organisations and identifying trends. This provides fantastic value to customers and we expect this will continue to improve via Endpoint Analytics (device performance focus) and also Desktop Analytics (update readiness focussed). We would like to see analytics extend to correlating on-premise policy settings with device performance and upgrade readiness.

10. Capability to manage remote Windows devices will gain significant improvements

We expend the pandemic induced remote working trend to result in a permanent shift in working habits. This will place greater importance on managing devices remotely. Microsoft is already meeting this challenge by providing guidance and new capabilities. We expect this to continue in 2021 through improvements in Windows 10 update methods along with features such as remote control of endpoints (introduced in Technical Preview in June and improved in September but pending a Current Branch release). Improvements for remote management will almost certainly rely on Cloud Attach.

2021-01-21T11:35:49+00:00Categories: Uncategorized|

Windows and Office 365 news roundup 5th July 2020

A relatively quiet week for news from Microsoft, perhaps due to the 4th July holiday on Friday.

2020-07-05T17:14:27+00:00Categories: Uncategorized|

Windows and Office 365 news roundup 28th June 2020

Microsoft Defender Safe Documents in action

Another week of lots of announcement from Microsoft covering Windows, Security, Single Sign-On, Teams, and changes at Apple in processor architecture that will interest users of  Microsoft products with Macs.

Windows

  • If you are using Windows Autopilot to setup and configure Windows 10 devices, you can now provision Azure AD Hybrid join devices when away from the office. Previously this required connection to AD during setup, which isn’t possible until after setup; now the connection to AD can be skipped until after the user first signs in.
  • The June monthly feature release for Configuration Manager, Technical Preview 2006, is now available. There is a large list of features including the ability to list ConfigMgr apps in Microsoft Company Portal along with existing Intune apps. There are also lots of enhancements to Cloud Management Gateway (CMG).
  • Endpoint analytics is now available in public preview for Windows 10 and Windows Virtual Desktops. The feature enables insights to help understand your devices’ reboot and sign-in times, and includes pro-active options for remediation scripts.

Security

Single Sign-On

  • An important change for application compatibility with regards to Single Sign-on and related capabilities such as Conditional Access. ADAL authentication libraries are being replaced by MSAL libraries. What does this mean? If you have 3rd party apps that use SSO and relied on ADAL (these will be mobile apps or Win32 apps, not web apps) then they will need to make the transition to MSAL by June 2022 to continue getting technical support and security updates.

Applications

Hardware

2020-07-05T17:15:04+00:00Categories: Uncategorized|

Lessons learned upgrading Windows 10 to a new version; finding incompatible applications

This post is part of a series covering lessons learned when upgrading Windows 10 to a new version (Microsoft releases a new version twice a year). It is based on our own experiences upgrading over 25,000 machines.

Find incompatible apps using a phased deployment and pilot groups

While there are tools that help indicate application compatibility we have found they contain too many false positives (apps indicated as an issue, or potential issue that work just fine), too many false negatives (apps indicated as fine, that are not fine), and a general overwhelming amount of data (consider an organisation with 5,000+ users can easily have 5,000+ applications; this sounds improbable, but in organisation where application versions are fragmented it is possible to have 10+ versions of each application thus it quickly adds up).

In our experience, the actual applications with an issue after version upgrade is insignificantly small. Indeed, in deployments covering over 25,000 machines, we have found just 3 applications in total.

Given the above, we have found deploying an upgrade using a phased deployment and pilot groups to be the most time effective way to identify applications, while at the same time piloting the deployment approach. Yes, this is a reactive approach to identifying applications, but it is also relatively pragmatic.

An example phased approach:

  • First phase – Core apps: Deploy to owners of core applications in your Windows image; Antivirus, VPN, SAP, etc.
  • Second phase – Support teams: Deploy to site support and application support teams. This is key in gaining support visibility before extending to the next phases. As part of this second phase, support processes should be provided to on how to roll back an upgrade or restart a failed upgrade.
  • Third phase – All of IT: This phase allows any kinks in deployment to be identified before deploying to your Business Unit first adopters; this is important so that any issues are genuine application issues and not issues due to problems with the deployment process.
  • Forth phase – Business Unit first adopters: Deploy to owners of key business systems; Finance, Legal, HR, and whatever makes sense in your organisation. This is easy in organisations that have clear representatives for key groups along with a helpful attitude for supporting technology upgrades.
  • Fifth phase – Full rollout: By the time this phase starts any significant application issues will have been identified. Of course, there still may be application issues waiting to be found, but if the first four phases were completed correctly the only applications with issues can be managed re-actively without significant impact.

The above approach not only finds incompatible applications without any significant impact, but it also enables effective engagement with support teams and users which facilitates support for a full rollout.

2020-01-17T12:34:14+00:00Categories: Uncategorized|
Go to Top