technical solutions and commentary

June 3, 2013

Windows 8.1 start menu layout group policy

Filed under: tech — Jason Hartley @ 11:12 am

During the day 1 keynote of Tech Ed North America, Ian McDonald introduced a new feature being introduced call “Start Screen Layout Policy”. This policy enables an IT administrator to customize the Start Screen with Application groups that contain Live Tiles – including Tile sizes, and live tile settings. When this setting is applied the users will changes to the start screen will not be saved. this will enable a consistent layout which will assist the service desk in walking an end user through the start screen and troubleshooting. This will also eliminate users from accidently moving or removing tiles from the start screen and not being able to locate an app they need.

An administrator can create multiple layouts for different end user types and apply the policies through GPO via traditional create a layout perform the following:

  • customize the start menu on a Windows 8.1 client device
  • Open a PowerShell (PS) command window on the client device
  • at the (PS) cmd type (replacing the path info with your environment variables): export-startlayout –path \\servername\folder\layoutname.xml –as XML
  • Open the Group Policy Editor, and Open the gpo to apply the settings through
  • navigate to: User configuration/Policies/Administrative Templates/start menu and taskbar
  • Enable the “start screen layout” policy setting
  • point to the Start Layout file (the xml file you exported earlier)
  • refresh the policy on a client devices to confirm the the desired change

May 10, 2013

SCOM 2012 Management Pack for Amazon Web Services (AWS) released

Filed under: tech — Jason Hartley @ 1:50 pm

Microsoft jointly released a SCOM Management Pack (MP) which enables Microsoft-based workloads at AWS to monitor their AWS resources directly in the Operations Manager console. Those who have existing Microsoft and/or Linux workloads can view and monitor on-premises and AWS resources in the SCOM management console. The MP can monitor EC2 instances (Windows and Linux), Elastic Block Store (EBS) volumes, Elastic Load Balancing, CloudFormation stacks, Auto Scaling groups, Elastic Beanstalk applications. Through  the MP can reach into AWS and capture AWS “CloudWatch” metrics to gain insight into the health of the managed AWS resource.

See the official Microsoft blog post and AWS resource page to download the Management pack.

April 22, 2013

Remote Desktop Sizing Guidelines

Filed under: tech — Jason Hartley @ 10:30 am

The following are notes I collected on sizing guidelines for REmote Desktop Services for session-host (terminal services) and virtualization-host (VDI). These notes are for a pure Microsoft environment based on Windows Server 2012.

Management Backend (up to 5000 users per server):

RD Broker VM  (2 RDS Broker x VMs for redundancy):

  • 1 Core (1 vCPU)
  • 4 GB RAM
  • Windows Server OSE x 64
  • SQL database of 60 MB (yes, MB) this can be hosted on an existing SQL Server

RD Gateway* – (up to 1000 users per server):

  • (2nD Gateway x VMs for redundancy):
  • 8 Cores (8 vCPU)
  • 8 GB RAM
  • Windows Server OSE x64
  • *Provides SSL for the RDP sessions for users connecting over the internet. Not required if you will not be permitting connections over the internet.

RD License VM:

  • 1 Core (1 vCPU)
  • Up to 4 GB RAM if on its own server
  • Windows Server OSE
  • ** This service can be placed on an server that is performing other services.

SCCM VM: (2 x SCCM Servers for Redundancy)

  • 4 Core (4 vCPU)
  • 32 GB RAM

SCCM will perform App-V and other services, to Session Hosts and VMS. Note that an App-V license in included for the Session Host in the RDS CAL. This is not the case for client VMs, MDOP will be required for these in order to use App-V on these VMs.

RDS Session-Host Recommendations:

  • Estimated: 150 Sessions per host
  • 10 Cores (vCPUS)
  • 24-32 GB RAM
  • Network: “Ideal” is 64/Kbps per session
  • Window Server OSE x64
  • RDS Session Host Servers can be VM’s – Per VM Server or Physical Host

RDS Virtual Host Recommendations:

  • estimated: 150 VMs per Physical Host
  • 4 x 12 Core CPU (48 Cores Total)
  • 192GB RAM  (1+ GB RAM per user)
  • Network: “Ideal” is 64/Kbps per session
  • Microsoft Hyper-V Server 2012 (note: this is not Windows Server w/Hyper-V)

Storage Considerations:

  • SSD storage for Gold Images.  20 GB Disk for Gold Image PER Image  – stored on shared network storage or SAN
  • 5 GB per user for User Disk (VHD) for Pooled VM (Diff Disk) – stored on local server or shared network storage
  • 10 GB per user for User Disk (VHD) for Personal VM (Diff Disk) – stored on shared network storage or SAN
  • 5 GB for user Profile Disk (VHD) (Profile) – stored on shared network storage or SAN (supports ~10,000 Write IOPS per sec)  for up to 5,000 users

The environment you are designing for will have individual requirements to meet workload capabilities. The notes above are for what I would call a medium level information worker organization. depending upon your unique needs, these guidelines may change drastically one direction or the other. An experienced consulting services organization should be engaged to help design your particular environment taking your requirements into consideration.

March 11, 2013

Renewing a developer license in Windows 8

Filed under: tech — Jason Hartley @ 7:01 pm

If you have installed some internal Windows 8 apps, you were required to get a developer license.  These licenses are short lived.  If you want to extend your license, you can use Visual Studio or you can use PowerShell.  To do it in PowerShell:

1. Launch PowerShell with Admin rights
2. Run: Show-WindowsDeveloperLicenseRegistration

This will prompt you for your Microsoft Account credentials and should renew your license.  Then your apps will start working again.

additional details on MSDN

Exchange Hosted Encryption & policy enforcement

Filed under: tech — Jason Hartley @ 3:43 pm

Exchange Hosted Encryption (EHE) is applied at the “gateway” and as a policy option that falls under Exchange Online Protection. messages and attachments will have a layered policy applied to them – transport, dlp, etc. – , ending with EHE. 

according to TechNet “Encryption is policy-rule based and messages are encrypted at the gateway based on FOPE policy rules that an administrator sets. The hosted secure email encryption service takes the original message and includes it as an encrypted attachment.”  Details and links to assist with the configuration of EHE is also available from

If you want to have a “button” in Outlook that a person use to manually choose to encrypt a message (even outside the policy), then another detailed technet article walks you through creating a Macro for Outlook that adds a FOPE encryption Button. check it out here

February 12, 2013

Office 2013, free “learning snacks”

Filed under: tech — Jason Hartley @ 10:45 am

With the release of Office 2013 the Office Team is delivering what I like to call “learning snacks”. The team is delivering 15-minute webinars every Tuesday on different Office 2013 topics. It’s a great way to discover a feature, learn how to efficiently use the new Office, and get other great tips.

I attended the webinar: “Word, Setting margins in Word”. I have used Word for years and didn’t think I would pick up anything that was new to me in only 15 minutes. I was wrong. I learned: 1) for a Printed document, 75-100 characters (including spaces) is ideal for readability. 2) For a Web document, 50-75 characters (including spaces) is ideal for readability. 3) USing a “section break” allows you to treat an area of a doc differently than the others, such as for formatting a table.

If you want to attend a webinar, or watch a recording go to: You can download a re-occurring appointment to remind you of the upcoming sessions, and see the full session schedule.

January 15, 2013

SharePoint deployment and USer-Centered Design

Filed under: tech — Jason Hartley @ 11:49 am

Out of the box, Sharepoint Server is extremely powerful. This power is a benefit and also a downfall of the product. It’s a benefit in that that capabilities allow for an almost endless combination of services and applications for an organization. It’s a downfall, in that if the development and deployment of the technology is not planned correctly the product is often blamed for the resulting bad user experience.

I have seen scenarios where an organizations have paid multiple-thousands to millions of dollars in their efforts to deploy a SharePoint environment, to have the user adoption fail. The result is most often that the end users and the development teams blame the product and end up pursuing a different product that is less powerful in hopes that it can be deployed successfully.

The first things that needs to be achieved for a successful deployment is a solid governance plan. there are numerous resources on TechNet that will help build this plan. Once the governance plan is built, it has to be executed successfully. The development team needs to make sure that corners are not cut, and improper exceptions allowed that will risk the governance plan. The up front work is a must to be successful.

the development and design process also needs to focus around the end users. If the end users find the site difficult to navigate, find the information they needs, or accomplish a task using services such as workflows, ECM, document management, and so forth – they will find getting their job done difficult and will be less productive or will not use SharePoint.

This is where frameworks come into play. recently, I have been researching the user-centered design approach and find that it is generally a great fit for developing a sharePoint environment. In its approach, key users are identified early on and work with developers in designing the layout, user interface, and define their needs. The idea is that the developers adopt to the needs of the end user, instead of the end users adopting to the features of the site. The user-centered design approach is ideal for use with the development and successful deployment of SharePoint in my opinion.   

What other design methods work well for a successful SharEPoint implementation in your experience?

November 21, 2012

Windows to Go overview

Filed under: tech — Jason Hartley @ 11:16 am

What is Windows To Go?
Windows To Go is a new feature for enterprise users of Windows® 8 that enables users to boot a full version of Windows from external USB drives on host PCs.  Additional details can be found in this Windows To Go Feature Overview.

Who should use Windows To Go
Windows To Go was designed for enterprise usage and targets scenarios such as continuance of operations; contractors; managed free seating; travelling workers; and work from home.  Windows To Go is only available to Software Assurance customers as an Enterprise feature.

How can Windows To Go be deployed in an organization?
Windows To Go can be deployed using standard Windows deployment tools.  Such tools include DISM and ImageX, but I have been told that the best guidance for the enterprise is provided in the Windows To Go Step by Step article.

The prerequisites for deploying Windows To Go are:

  • A Windows To Go recommended USB drive to provision; See the list of currently available USB drives at Hardware considerations for Windows To Go
  • A Windows 8 Enterprise image (see below)
  • A Windows 8 Enterprise host PC that can do the provisioning

You can use a Windows PowerShell script to target several drives and scale your deployment for a large number of Windows To Go drives. You can also use a USB duplicator to duplicate a Windows To Go drive after it has been provisioned if you are creating a large number of drives. See the Windows To Go Step by Step article on the TechNet wiki for a walkthrough of the drive creation process.

What are the licensing requirements for Windows To Go?
Windows To Go is an Enterprise Feature which requires either Windows Client OS with Software Assurance or a VDA Subscription. 

Windows To Go allows organization to support the use of privately owned PCs at the home or office with more secure access to their organizational resources. With Windows To Go use rights under Software Assurance, an employee will be able to use Windows To Go on any company PC licensed with Software Assurance as well as from their home PC. Additionally, through a new companion device license for Software Assurance, employees will be able to use Windows To Go on their personal computers at work.  For customers who do not have Windows Client OS with Software Assurance, a VDA Subscription is another way to license Windows To Go.

How Can I Get The Windows 8 Enterprise Image Needed to Build Windows To Go?
If your organization has a current Microsoft Enterprise Agreement with Software Assurance for Windows Client devices, then you can download a full copy from the Microsoft Volume Licensing website.  Otherwise, you may also download the Windows 8 Enterprise Evaluation for testing.

Additional Notes & Resources for Windows To Go

  • A detailed overview of Windows To Go features and processes is available on the Windows To Go: Feature Overview page.
  • Customers may procure USB Flash drives* directly from one of the vendors listed on this TechNet page, following the ordering instructions on the respective websites (additional Windows To Go drive vendors will be added to TechNet as they become available).
  • When provisioning Windows To Go:  Follow the required steps for downloading the Windows 8 Enterprise Evaluation ISO file (note that Once the Windows 8 Enterprise Evaluation is activated, you have 90 days to use the software). 
  • When provisioning Windows To Go, make sure you are running Windows 8 RTM Enterprise Edition or Windows 8 Enterprise Evaluation on the PC from which you are provisioning Windows To Go.
  • Detailed step-by-step instructions for creating Windows To Go drives are available on TechNet.

*Note:  Some of these USB Drives are available to order directly from Zones

Special Thanks to my colleague Paz Efrat for this summary

November 12, 2012

Side loading Windows 8 Apps

Filed under: tech — Jason Hartley @ 3:04 pm

With the release of Windows 8, businesses have the opportunity to enhance the user experience for their workers by build the new Windows “Modern-style” Apps. Since these new apps are typically installed through the Windows Store, any custom developed, line of business modern apps will likely be “side-loaded”. This means that they will not be deployed using the Windows Store, although it is actually an option.

In order to side-load a Modern App the computers will have to be:

  • Windows 8 RT
  • Windows 8 Pro
  • Windows 8 Enterprise
  • Windows Server 2012 – for modern-style LOB Apps running on RDS for example.

You will also need a App Side-loading Activation KEy for any Windows RT devices that you want to side-load Apps on. This is obtained through your Volume License Agreements, such as Select PLus and Enterprise. For the other devices – Windows Pro, Enterprise, Server – if these are domain-joined then you can enable an AD policy to permit App side-loading.

If you are a business and there is an App in the Windows Store that you would like to bulk purchase, I recommend you contact the publisher of the app. It’s possible they can provide you a discount and side-loadable version of the app. Or maybe they can’t based, but it’s worth checking into if it’s a large quantity of App licenses you require.

For details on how to establish Windows 8 modern-style App side-loading in your environment, see this Technet article:

November 5, 2012

Microsoft Assessment and Planning Toolkit 8 beta

Filed under: tech — Jason Hartley @ 4:15 pm

The beta version of MAP 8.0 is now downloadable from the TechNet site:

Key features are:

Windows Server 2012 readiness: asses your IT infrastructure for Windows Server 2012 deployment. Reports provide detailed and actionable recommendations for specific machines. get a inventory of servers, OS’, workloads, devices and server roles.

Windows 8 Readiness: asses your client environment for Windows 8 deployment. reports on your hardware against the recommended system requirements. provides detailed recommendations per machine, including OS’ and applications. Also included in the report is the scope and benefits of a Windows 8 upgrade.

Office 2013 and Office 365 readiness: provides and in-depth report of client computers and the assessment for an upgrade or migrations.

Windows Azure Virtual Machine readiness: assessment of Windows Server and Linux machines. determines feasibility of a migration to Windows Azure Virtual Machines. Reports on suggested changes to prep machines for migration.

Client Access License reporting: reports on software usage for key Microsoft products including Windows Server, SQL Server, System Center, Forefront Endpoint Protection (FEP), and Lync.

« Previous PageNext Page »