Community

Default Start Menu Customisation via Intune

Aaron Parker's stealthpuppy - Tue, 12/18/2018 - 11:47

The promise of a modern management approach to deployment and management of Windows 10 is that you no longer create and manage a custom SOE image. User experience is still important though and a large part of that experience in an enterprise environment, is the default Start menu.

The default Start menu, especially on Windows 10 Pro, is far from enterprise ready right? Take a look at this mess:

Windows 10 Pro 1809 default Start menu

Over-the-air provisioning of PCs via Windows AutoPilot & Microsoft Intune (or insert your MDM solution here), limits the possibilities of customising the target PC before the user logs on. Users then have to live with the default Start menu or one that is defined by the administrator – neither is ideal.

UWP / Microsoft Store apps can be targeted for removal, but those apps won’t be removed until well after login. Compounding the issue of default apps pinned to the Start menu is that some of them aren’t actually installed, so removal won’t occur until the Store downloads and installs updates. That can sometimes be hours after the user has provisioned the PC.

Customise with PowerShell?

PowerShell scripts can be used to remove user and system provisioned Store apps (I have a couple of scripts in my Intune GitHub repository); however, PowerShell scripts in Intune can only be targeted to users and don’t fire until after the first logon. Additionally, I’ve had a crack at using PowerShell to pin and unpin tiles from the Start menu, but found that I can’t interact with the shell (or at least the pin / unpin has no effect) when the script is delivered via Intune.

Looking for Alternatives

With the availability of the Windows Autopilot Enrolment Status page in Windows 10 1803 and above, plus the recent addition of the feature to ‘Block device use until these required apps are installed‘, we might have an opportunity to deploy a customised default Start menu.

The Enrolment Status page tracks security policies and line-of-business (MSI) applications, so a custom default Start menu will have to be packaged into an MSI. Fingers and toes crossed then that this approach works.

Packaging a Start menu Customisation

To package a customised Start menu, we need to create the desired layout and export it with theExport-StartLayout command. Nothing new there – you’ve likely done that before. The next step is to create a custom Windows Installer package to deliver the layout file.

I’m using Advanced Installer to create my deployment package. For this particular project, the Freeware version of Advanced Installer provides all of the features you’ll need to deploy the custom layout file.

Create a Windows Installer Package

Advanced Installer makes short work of creating the package – create a new Simple Installer package and configure the product name, version and publisher. Note that if you want to update the package, save your project and update the version number each time you produce an updated installer.

Add the Start menu layout file to the project under Files and Folders. The project must define the correct target path and file name because it will be deployed into the default profile. Use this path:

Windows Volume\Users\Default\AppData\Local\Microsoft\Windows\Shell

And add the LayoutModification.xml file that you’ve exported with Export-StartLayout into this path. If your target path and file name aren’t correct, this won’t work so ensure your package looks the same as the screenshots here.

For this package, I’ve configured the following install parameters:

  • Package type – 64-bit package
  • Installation type – Per-machine only
  • Reboot behaviour – Suppress all reboots and Reboot prompts

Configure the default build to produce a Single MSI file and define the name. In the example below, I’ve used DefaultStartMenuLayout.msi.

Build your package and add the MSI into Microsoft Intune as a line-of-business application. Assign the new application as Required for All Devices, so that the Enrolment Status Page can track the installation before the user logs on.

Configure the Enrolment Status Page

To ensure that the package is delivered to the target PCs before the user logs on, we’ll leverage the Enrolment Status Page (ESP). The ESP is supported on Windows 10 1803 and above, so if you’ve gotten this far into the article and haven’t yet updated to 1803 or higher, you should stop reading and update those machines.

Configure the ESP and enable the ‘Block device use until these required apps are installed if they are assigned to the user/device’ feature. Here select at least the applications whose shortcuts you have configured in your Start layout customisation. This list must include the MSI package containing the customisation itself.

Here’s the applications that I’ve configured in my test environment:

Today the ESP tracks specific application deployments – Microsoft Store apps and single MSI files, while Office 365 ProPlus applications are tracked on Windows 10 1809 and above.

User Experience

Most of my testing is on Windows 10 1809 – with a PC enrolled into Azure AD and Microsoft Intune during the out of box experience, the Enrolment Status Page tracks the installation of policies and applications, including our Start menu customisation. 

After the enrollment and deployment is complete, the user sees a customised Start menu after first logon. There’s a few tiles that didn’t remain pinned from the default customisation, but this is much cleaner and enterprise ready than what we end up with out of the box.

Wrapping Up

Provisioning PCs via Windows AutoPilot and Microsoft Intune is a rapidly changing landscape. So what may not be possible today, is likely to be addressed quickly. In the meantime, there’s usually a custom approach to achieving the end-user experience that you need and this is a great example. 

This article by Aaron Parker, Default Start Menu Customisation via Intune appeared first on Aaron Parker.

Categories: Community, Virtualisation

Product Releases – Soft is OK but don’t be Squidgy

Rachel Berrys Virtually Visual blog - Mon, 12/17/2018 - 11:33
What is a soft product launch?

Wikipedia has a definition of a soft product launch – here; which says: “A soft launch is the release of a website, hotel, or other Product (business) or service to a limited audience. Soft-launching is a method for gathering data on a product’s usage and acceptance in the marketplace, before making it generally available as a hard launch or grand opening. Companies may choose a soft launch to test the viability of a product or to fine-tune a product before implementing a larger marketing effort.”

Note this says – “limited audience”, “gathering data”, “test the viability”, “fine-tune” etc…. later on elaborated on “a small release being made to a limited group of individuals for beta testing.

Often soft launches take the form of “unsupported features” or “early access programs”. In my experience though I have seen a lot of something which I’m going to call “squidgy launches”.

What is a “squidgy” launch?

A squidgy launch is something where the product is released to the whole audience and market but a lot of the information and marketing around it is held back for a grand announcement at a big corporate event or to tie in with a product or financial announcement. The product surreptitiously appears as a new version on an Akamai or similar download site, available for the mass user base to download. This is typically because there isn’t a high-profile announcement opportunity and/or the product can’t be delayed until there is one because of financial constraints (revenue recognition, customer commitment), other product dependencies (i.e. it _has_ to be released in this release to allow another product to release, there’s no other release vehicle before the big show or because of a commitment to certain customers or sales).

Soft launches can be really useful

As a Product Manager, soft launches can be incredibly useful in many ways:

  • Quality control
  • Testing the viability
  • Getting quality feedback from selected customers
But I’m not a fan of “Squidgy” launches

These are technically full product releases, of the technical bits, but missing a lot of the overall _product_ whether that’s doc, feedback mechanisms and marketing explaining the positioning of the feature/product.

There is now this thing called the INTERNET…. if you haven’t heard of it…. It’s a mechanism by which your customers and partners can communicate directly with each other, cutting you out of the conversation. It also gives all those folk interested in your product a mechanism to broadcast whatever message they think is suitable about your product and a way of filling any “voids”.

Typically, a product will have a large number of independent consultants, partners, bloggers, channel partners and analysts with a significant interest in your product, keen to blog, tweet and communicate about it as soon as possible. These folk often have a strong vested interest in filling any information voids left by a launch to establish themselves as the de-facto expert in the field on _your_ product, to answer their customer inquiries when those customers get wind of a new release and to pick up traffic from google searches to their own company and personal websites and blogs, from searches like “is new product version xxx compatible with product yyy”, “should I upgrade to product version ddd.fff”.

It’s not unusual for a product manager/solution architect to get an email enquiry about something not well-documented/obscure and subsequently see the reply repackaged by an internet expert on their own blog! The illusion is convincing but the only real expertise is a knowledge of who to ask alongside cut-n-paste.  This also means that potential traffic, leads and customer conversations are diverted away from your own website.

Additionally, once the sales, marketing departments have negotiated a “squidgy” launch it can have the effect of refocusing deadlines and efforts on the “real”, “hard” launch. So much of the material is not actually available even internally let alone publicly when the product actually becomes available.

Freelancers: Couriering laptops safely and why separating client hardware from your clean underwear supply is a good thing…

Rachel Berrys Virtually Visual blog - Mon, 12/17/2018 - 11:24

From an article I published on LinkedIn: https://www.linkedin.com/pulse/freelancers-couriering-laptops-safely-why-separating-client-berry/

Sending Laptops by courier. As a freelancer in the UK, I’m increasingly finding clients prefer to issue me with a laptop they have configured, dedicated to just their work, which means I’m always having to triple check if I have the right laptops with me and I’ve got to buy a new laptop bag as the current one has split as a result of optimistically cramming three in it when probably designed for one – oops!

BUT it also means I’m frequently sending/collecting laptops to/from base by motorcycle courier (some don’t trust postal couriers) or FedEx/DHL etc. This process puts some legal obligations on the sender, sometimes me and sometimes the company/organisation and there are a few things to be aware of.

Insurance

Usually for me the client pays and if they are underinsured it is their problem but occasionally it’s my responsibility. Things that I would be aware of and clear up with the client / contractor in writing include:

·       Insurance value; often this is the customs value of the hardware at present day value – this is what you will get if it falls of the back of a lorry; are you underinsured?

·       Insurance liability – unless you specifically arrange it most shipping contracts do not cover indirect loss e.g. if that laptop has your customer database on it and it falls into a competitor’s hands the courier is only on the hook for the hardware costs.

If the client expects you to ship and reclaim, it is probably wise to get written instruction from them on the exact details of the shipping conditions they desire.

Hazardous Labelling

Laptops usually contain Lithium Ion batteries. Although a rare occurrence, they do occasionally spontaneously combust and for the couriers’ staff protection – legally have to be labelled as hazardous and often declared as such in advance on the paperwork (I’ve had some clients not realise that technically a laptop is hazardous). Here’s a frightening CCTV recording from an office in Letchworth, UK where a laptop set fire to a plastics factory.

The best scenario is that you ship hardware around in its original box. Unfortunately, it’s fairly common for the original box to have long since gone to the big recycling centre in the Sky (probably Peterborough). To work around this, I have luckily found a local company who gets through a lot of laptops and when I need a box I just ask them – figuring the hazard labels for a similar laptop should suffice.

The main DHL “Guide to Shipping Dangerous Goods” web pages are a super source of information. The include a summary of shipper’s responsibilities with this key phrase:

·       The shipper is responsible for declaring, packaging and labelling Dangerous Goods. DHL Express will accept Dangerous Goods but with certain restrictions for the different products & services offered and only under certain conditions.

This is where it gets a bit grey for me and I could do with investigating further, often a client will submit the paperwork and my role is putting it in a box and handing it to a courier who turns up at the door. I generally don’t get instructions from the client so it’s a bit vague to me if I’m the shipper or the person filling in the courier forms.

Hazardous Labelling in the UK is changing Dec 2018

In 2017 the regulation on labelling Lithium Ion batteries changed. UK company, Hibiscus PLC have an excellent overview.

Many of the big couriers are very clued up (vs your dodgy bloke in a van like outfit) and luckily I generally only deal with them. DHL have a very good website covering shipping regulation including hazard labelling for Lithium Ion batteries, see here.

The DHL site notes this:

·       As of January 1, 2018 new rules have been introduced for packages containing lithium batteries that are packed and shipped as individual items (loose/bulk), in accordance with Section IA, IB and II of packing instruction 965 or 968.

·       The Class 9 Miscellaneous Dangerous Goods hazard label can still be used, as part of the transitional period, until the end of December 2018 for packages containing lithium batteries prepared in accordance with Section I, IA or IB of the lithium battery packing instructions.

Having investigated – those second hand laptop boxes often seem to have a Class 9 label so using the original box may not suffice. Another one I will have to think about. Thankfully most major couriers have a dangerous goods helpline (often called the Restricted Commodities Group).

There is plenty advice and opportunity to buy the correct hazard labels online. A google on “lithium ion battery warning label” should suffice. Typically laptops fall under the “contained within” regulation UN3481 (FedEx have some good info) .

Basically if in doubt – ask whoever is arranging the courier to specify the exact contents of the shipment and ask the Courier for appropriate labelling.

International Shipping

It gets even more complicated particularly if the insured value doesn’t match the tax man’s opinion and the laptop gets impounded, but a good courier can talk you through the options. Including anything else in the shipment can also cause impoundment, as a dear friend found when he decided to ship a spare pair of underpants and tube of toothpaste to save on hand-luggage… keep your hardware shipment processes separate from your knicker supply is all the advice I can offer! The rules on shipping Lithium batteries are even more stringent if air freight is involved.

VAT on components such as GPUs

Because of the fields I work in occasionally I handle/test GPUs mostly shipped from abroad. The VAT custom rules are pretty strict and if a card ends up in a retail use or as a sales demo enabler the higher rates are payable; if a card is shipped for R&D or marketing purposes e.g. to a blogger who isn’t going to buy just to write about a lower rate applies. This can cause all sorts of confusion and issues if a card ends up being repurposed and nobody is clear who is on the hook for the VAT. As a freelancer, check the paperwork and make sure the designated use is correct and VAT paid (preferably by someone else) and keep yourself away from tax evasion.

Other best practices when sending freelancers laptops

Some clients are quite good at sensible dos/don’t and you may want to consider

·       Stickers with your company logo identify the hardware and likely whose data is on it making your staff/contractors targets for opportunist overheard conversations or thefts. If a corporate laptop gets left on a train it is instantly identifiable to a dishonest person as to whose data is on it.

·       Labelling machines with their network names renders hiding them on untrusted networks a bit pointless

·       Some clients ship lockable laptop bags – some branded / some unbranded (see above on logo stickers), I’m particularly keen on the unbranded lockable rucksacks when travelling on the London tube/subway.

·       I’d estimate that 80% of my clients have moved to locked down encrypted hard disks, so even if the laptop goes walkies it’s not possible to extract data from the hard disk. If the laptop might have sensitive customer or client data on it is probably the best option. Usually on boot you’ll have to type in a password to access the encrypted disk and then the OS will boot and you use your normal windows password to access the OS.

·       There’s a Citrix employee blog with an anecdote of how he left a laptop on a tram in Amsterdam which then fell into competitive hands containing sensitive data, including confidential project details and sales databases. A good read on how human failure can be the weak point in security.

·       Freelancers probably should consider including a section in their contracts regarding laptop failure and return to base/for repair processes. Contractor laptops seem to be less reliable than most, or are the hardware equivalent of a 1987 Mini Metro (I guess like rental cars they’ve borne the brunt of travel and numerous drivers) and there are a lot of questions you need to know the second a client’s hardware fails – how do you carry on working, how do you get a replacement/repair, do you get paid if can’t work etc

 

 

Upgrading Ubuntu 16.04 to 18.04 & PHP 7.0 to 7.2 for WordPress

Helge Klein - Wed, 12/12/2018 - 00:28

This post describes how I upgraded our webserver running WordPress on Apache from Ubuntu 16.04.5 LTS to 18.04.1 LTS. Please see this article for more information on the server’s installation and configuration.

Backup

Before you begin, create a checkpoint (snapshot) in Hyper-V Manager. If anything goes wrong, a checkpoint makes it trivially easy to get back to the last working state.

Installing all Available Updates sudo apt-get update sudo apt-get dist-upgrade sudo apt-get autoremove

Reboot and check Apache’s error log:

sudo shutdown -r now tail /var/log/apache2/error.log Upgrading to Ubuntu 18.04.1 sudo do-release-upgrade

During the upgrade process:

  • When asked whether to install the updated version of /etc/sysctl.conf, select “yes”
  • When asked whether to install the updated version of /etc/apache2/apache2.conf, select “no”
  • When asked whether to install the updated version of /etc/logrotate.d/apache2, select “yes”
  • When asked whether to install the updated version of /etc/ssh/sshd_config, select “keep the local version”
  • When asked whether to install the updated version of security.conf, select “no”
18.04 Upgrade Package Changes Packages no Longer Supported
  • ntp
  • tcpd

You may want to uninstall these packages once the upgrade is finished by running the commands:

sudo apt-get remove ntp sudo apt-get remove tcpd sudo apt-get autoremove Removed Packages
  • curl
  • systemd-shim
  • libapache2-modsecurity
Upgrade PHP Package Name Changes

In the upgrade from Ubuntu 16.04 to 18.04 the PHP version is upgraded from 7.0 to 7.2, which is a good thing. What is not so great is that the names of all the PHP packages change from php7.0-* to php7.2-*. Due to that name change, Apache’s PHP configuration is broken after the upgrade and must be fixed manually.

Additionally, the upgrade routine is not clever enough to upgrade any manually installed PHP packages. The 7.0 versions of the following packages are uninstalled instead of replacing them with their 7.2 versions:

  • php7.0-curl
  • php7.0-gd
  • php7.0-json
  • php7.0-mbstring
  • php7.0-mcrypt
  • php7.0-mysql
  • php7.0-opcache
  • php7.0-tidy
  • php7.0-xml
  • php7.0-xmlrpc
  • php7.0-cli
  • php7.0-common
  • php7.0-readline
Migrating from PHP 7.0 to PHP 7.2 Apache Configuration

Enable the PHP 7.2 module:

sudo a2enmod php7.2 sudo service apache2 restart Installing Missing PHP 7.2 Modules sudo apt-get install php7.2-mysql php7.2-curl php7.2-gd php7.2-json php7.2-mbstring php7.2-opcache php7.2-tidy php7.2-xml php7.2-xmlrpc sudo apt-get autoremove sudo service apache2 restart

Note: mcrypt is not available any more with PHP 7.2.

PHP 7.2 Hardening and Optimization

Edit /etc/php/7.2/apache2/php.ini:

Add the following to disable_functions: exec,system,shell_exec,passthrough

Configure PHP’s opcache by setting:

opcache.enable=1 opcache.memory_consumption=256 opcache.interned_strings_buffer=10 opcache.max_accelerated_files=10000

Restart Apache:

sudo service apache2 restart Fixing PHP Errors PHP Warning “Illegal string offset”

Cause: a string variable is used like an array, e.g.:

$var[index] = "value";

Fix it by adding an array check:

// DATE PHP 7.2 compat: added check if $var actually is an array if (is_array ($var)) $var[index] = "value"; Removing Obsolete PHP Directories

Clean up remainders from earlier migrations:

sudo rm -r /etc/php5 sudo rm -r /etc/php/7.0 Adjusting the Logrotate Configuration

Edit /etc/logrotate.d/apache2 so that it says:

rotate 30 dateext Re-enabling the mod_pagespeed Repository

This was disabled during the upgrade.

sudo rm /etc/apt/sources.list.d/mod-pagespeed.list sudo mv /etc/apt/sources.list.d/mod-pagespeed.list.distUpgrade /etc/apt/sources.list.d/mod-pagespeed.list Checking for errors

Check Apache’s error log:

tail /var/log/apache2/error.log

The post Upgrading Ubuntu 16.04 to 18.04 & PHP 7.0 to 7.2 for WordPress appeared first on Helge Klein.

Microsoft Ends 2018 With Failed Windows Update

Theresa Miller - Tue, 12/11/2018 - 06:30

Many home users of Microsoft products almost take for granted their Windows Update will operate correctly.  For those of you keeping score, Microsoft pulled the Windows Update from October 2018 because it was unexpectedly deleting user files.  To finish the year with a bang, Microsoft pulled yet another failed Windows Update in December of 2018 to end […]

The post Microsoft Ends 2018 With Failed Windows Update appeared first on 24x7ITConnection.

PowerShell Script: Test Chrome, Firefox & IE Browser Performance

Helge Klein - Tue, 12/04/2018 - 17:58
Contents

There is more than one way to test the performance of web browsers like Chrome, Firefox, or IE, but regardless of how you do it, you need a consistent workload that makes the browsers comparable. Unless you are testing with synthetic benchmarks (which come with a plethora of problems of their own) you need a way to automate browsers opening tabs and loading URLs. This article presents a simple solution to do just that.

Purpose of This Browser Test Script

I have written about various aspects of browser performance and privacy before. For those earlier articles, I manually ran the browsers through a series of tests. This quickly proved to be tedious and error-prone. Obviously, automation is the name of the game.

For this year’s session Web App Performance in a Virtual World which I presented at Citrix Technology Exchange and at community meetups I went ahead and finally automated a large part of the test process, and it paid off immediately. I was able to test more configurations in less time with increased accuracy.

Testing is not enough, of course. You need to measure, too. For that, I have been using our uberAgent user experience and application performance monitoring product. uberAgent measures browser page load duration for all major browsers (which was important here) in addition to providing detailed application usage and performance insights for all installed and running applications – Win32, UWP, Java, App-V, etc.

Tweet source

What the Browser Test Script Does

It is really quite simple. I needed a script that would do the following – mind you, for any number of installed browsers and for a list of URLs supplied through a parameter file:

  • Start the browser
  • Open each URL in a new browser tab, waiting 30 s in between
  • Close the browser (gracefully)
  • Repeat the above three times per browser
Techniques Used in the Browser Test Script

I only rarely use PowerShell, my main development work is in C++. Nevertheless, you might find some of the following interesting.

Starting Applications With Their Name Only

Windows has a functionality for starting applications by name without requiring them to be part of the PATH environment variable. This is as useful as it is rarely known. I explained the mechanics in my article How the App Paths Registry Key Makes Windows Both Faster and Safer. The thing to note in this context is that App Paths entries can be leveraged from PowerShell with the Start-Process cmdlet. I used it in the script to start browsers by providing simple names like “chrome” or “firefox”.

Closing an Application’s Window Gracefully

When you start an application with the Start-Process cmdlet, it returns a process object. This object has an extremely useful method, CloseMainWindow(). It is equivalent to clicking on the “X” in the window’s upper right corner.

The Browser Test Script # # One time setup: # # - Open all sites on the list in all browsers # - Log on the test user UXMetricsGuyA (where applicable) # - Switch the browser window to full screen # - Config per site: # - Accept cookie popups # - Do not accept a site's notifications # - Enable "stay signed in" where applicable # - Config per browser: # - Configure browser startup to not open previous tabs # - Configure start page: "about:blank" # - Do not save passwords in the browser # - Disable browser dialogs: # - asking about not being the default # - asking if you want to close all tabs # # Before each test run: # # - Empty each browser's cache # - Do not delete cookies # - Close all browsers # - Restart the machine # - Log on as test user test01 # - Start a PowerShell console # - Wait five minutes # - Start this script # # # Global variables # # How long to wait between open site commands $waitBetweenSitesS = 30; # How long to wait after a browser's last site before closing its window $waitBeforeBrowserClose = 30; # How long to wait between browsers $waitBetweenBrowsers = 30; # Name of the file containing the sites to open $siteUrlFile = ".\URLs.txt"; # Number of iterations $iterations = 3; # Browsers to start $browsers = @("chrome", "firefox", "iexplore") # # Start of the script # # Read the sites file $sites = Get-Content $siteUrlFile; # Iterations for ($i = 1; $i -le $iterations; $i++) { Write-Host "Iteration: " $i # Browsers foreach ($browser in $browsers) { # Sites $siteCount = 0; foreach ($site in $sites) { $siteCount++; if ($siteCount -eq 1) { if ($browser -eq "chrome" -or $browser -eq "firefox") { # Start the browser with an empty tab because the first page load is currently not captured by uberAgent $process = Start-Process -PassThru $browser "about:blank" } else { # Start the browser with the first site $process = Start-Process -PassThru $browser $site } # Store the browser's main process (the first one started) $browserProcess = $process; # Wait for the window to open while ($process.MainWindowHandle -eq 0) { Start-Sleep 1 } if ($browser -eq "chrome" -or $browser -eq "firefox") { # Open the first site in a new tab Start-Process $browser $site } } elseif ($browser -eq "iexplore") { # Additional IE tabs need to be opened differently, or new windows will be created instead $navOpenInNewTab = 0x800; # Get running Internet Explorer instances $app = New-Object -ComObject shell.application; # Grab the last opened tab $ie = $app.Windows() | Select-Object -Last 1; # Open the site in a new tab $ie.navigate($site, $navOpenInNewTab); # Release the COM objects Remove-Variable ie; Remove-Variable app; } else { # Addition tabs in Chrome/Firefox Start-Process $browser $site } Start-Sleep $waitBetweenSitesS; } Start-Sleep $waitBeforeBrowserClose; # Close the browser $browserProcess.CloseMainWindow(); $browserProcess = $null; Start-Sleep $waitBetweenBrowsers; } } The Script’s URL Input File

The URL input file I used with the script in my 2018 tests looked like this:

https://mail.google.com/mail/u/0/#inbox https://docs.google.com/document/d/1hOc4bdEQ1-KJ5wOsiCt4kVQB-xaHuciQY6Y4X_I7dYA/edit https://www.google.com/maps/ https://twitter.com/ https://onedrive.live.com/edit.aspx?cid=740de493111072ca&page=view&resid=740DE493111072CA!108&parId=740DE493111072CA!106&app=PowerPoint https://outlook.live.com/mail/inbox https://www.dropbox.com/h https://www.nytimes.com/ https://www.nbcnews.com/ https://edition.cnn.com/

The post PowerShell Script: Test Chrome, Firefox & IE Browser Performance appeared first on Helge Klein.

Gartner I&O Conference 2018: What’s next for IT ops?

Theresa Miller - Tue, 12/04/2018 - 15:18

This week I’m attending the Gartner I&O Conference – or the Gartner IT Infrastructure, Operations & Cloud Strategies Conference 2018. It used to be called the Gartner Datacenter conference, but times have changed. Now the scope of what we must architect has expanded. Is a datacenter just what you manage on premises? Is it your public cloud […]

The post Gartner I&O Conference 2018: What’s next for IT ops? appeared first on 24x7ITConnection.

Download, Install, Import Visual C++ Redistributables with VcRedist

Aaron Parker's stealthpuppy - Wed, 11/28/2018 - 23:48

Note: for a more up to date version of the content in this article, VcRedist now has documentation available here: https://docs.stealthpuppy.com/vcredist

Last year I wrote a PowerShell script that can download, install or import the Visual C++ Redistributables into MDT or ConfigMgr. Long-term maintenance of the full feature set in a single script is a little unwieldy so I’ve re-written the script and created a PowerShell module – VcRedist.

Refactoring the script into a module has been a great little project for creating my first PowerShell function and publishing it to the PowerShell Gallery.

Why VcRedist?

At this point, I’m sure you’re saying to yourself – “Aaron, haven’t you just created Chocolatey?”. In a way yes, this module does exactly what you can do with Chocolatey – install the Visual C++ Redistributables directly to the local machine. Although you can download and install all of the supported (and unsupported) Redistributables, the primary aim of the module is to provide a fast way to download and import the Redistributables into the Microsoft Deployment Toolkit or System Center Configuration Manager for operating system deployments.

Module

The VcRedist module is published to the PowerShell Gallery, which means that it’s simple to install the module and starting importing with a few lines of PowerShell. For example, here’s how you could install the module, download all of the supported Redistributables and import them into an MDT deployment share:

Install-Module -Name VcRedist Import-Module VcRedist $VcList = Get-VcList | Get-VcRedist -Path "C:\Temp\VcRedist" Import-VcMdtApp -VcList $VcList -Path "C:\Temp\VcRedist" -MdtPath "\\server\share\Reference"

This results in each of the Visual C++ Redistributables imported as a separate application with all necessary properties including Version, silent command line, Uninstall Key and 32-bit or 64-bot operating system support.

Visual C++ Redistributables imported into an MDT share with VcRedist

The same approach can be used to import the Redistributables into a ConfigMgr site:

Install-Module VcRedist Import-Module VcRedist $VcList = Get-VcList | Get-VcRedist -Path "C:\Temp\VcRedist" Import-VcCmApp -VcList $VcList -Path "C:\Temp\VcRedist" -CMPath "\\server\share\VcRedist" -SMSSiteCode LAB

Just like MDT, each Redistributable is imported into ConfigMgr; however, Import-VcCmApp copies the Redistributables to a share for distribution and creates and application with a single deployment for each one.

Visual C++ Redistributables imported into ConfigMgr with VcRedist

Of course, the module can download and install the Redistributables to the local machine:

Install-Module VcRedist Import-Module VcRedist $VcList = Get-VcList | Get-VcRedist -Path "C:\Temp\VcRedist" $VcList | Install-VcRedist -Path C:\Temp\VcRedist

By default, this installs all of the supported Redistributables:

Visual C++ Redistributables installed locally with VcRedist

Note that the 2015 and 2017 Redistributables are the same version, so the end result will include only the 2017 versions.

Functions

This module includes the following functions:

Get-VcList

This function reads the Visual C++ Redistributables listed in an internal manifest or an external XML file into an array that can be passed to other VcRedist functions. Running Get-VcList will return the supported list of Visual C++ Redistributables. The function can read an external XML file that defines a custom list of Visual C++ Redistributables.

Export-VcXml

Run Export-VcXml to export the internal Visual C++ Redistributables manifest to an external XML file. Use -Path to define the path to the external XML file that the manifest will be saved to. By default Export-VcXml will export only the supported Visual C++ Redistributables.

Get-VcRedist

To download the Visual C++ Redistributables to a local folder, use Get-VcRedist. This will read the array of Visual C++ Redistributables returned from Get-VcList and download each one to a local folder specified in -Path. Visual C++ Redistributables can be filtered for release and processor architecture.

Install-VcRedist

To install the Visual C++ Redistributables on the local machine, use Install-VcRedist. This function again accepts the array of Visual C++ Redistributables passed from Get-VcList and installs the Visual C++ Redistributables downloaded to a local path with Get-VcRedist. Visual C++ Redistributables can be filtered for release and processor architecture.

Import-VcMdtApp

To install the Visual C++ Redistributables as a part of a reference image or for use with a deployment solution based on the Microsoft Deployment Toolkit, Import-VcMdtApp will import each of the Visual C++ Redistributables as a separate application that includes silent command lines, platform support and the UninstallKey for detecting whether the Visual C++ Redistributable is already installed. Visual C++ Redistributables can be filtered for release and processor architecture.

Each Redistributables will be imported into the deployment share with application properties for a successful deployment.

Import-VcCMApp

To install the Visual C++ Redistributables with System Center Configuration Manager, Import-VcCmApp will import each of the Visual C++ Redistributables as a separate application that includes the application and a single deployment type. Visual C++ Redistributables can be filtered for release and processor architecture.

Tested On

Tested on Windows 10 and Windows Server 2016 with PowerShell 5.1. Install-VcRedist and Import-VcMdtApp require Windows and the MDT Workbench. Get-VcList, Export-VcXml and Get-VcRedist do work on PowerShell Core; however, most testing is completed on Windows PowerShell.

To Do

Right now, I have a few tasks for updating the module, including:

  • Additional testing / Pester tests
  • Add -Bundle to Import-VcMdtApp to create an Application Bundle and simplify installing the Redistributables
  • Documentation updates

For full details and further updates, keep an eye on the repository and test out the module via the PowerShell Gallery.

Image credit:

Alexey Ruban

This article by Aaron Parker, Download, Install, Import Visual C++ Redistributables with VcRedist appeared first on Aaron Parker.

Categories: Community, Virtualisation

Amazon’s Showcase of Innovation at AWS re:Invent 2018

Theresa Miller - Tue, 11/27/2018 - 06:30

The time is upon us for one of the year’s most anticipated technology conferences. Amazon’s re:Invent 2018 has kicked off in Las Vegas and is full of new products and innovations, with more to be announced throughout the week. Now, let’s take a look at what kicks off re:Invent 2018 AWS RoboMaker Makes Robotics Accessible […]

The post Amazon’s Showcase of Innovation at AWS re:Invent 2018 appeared first on 24x7ITConnection.

Enabling HTTP/2 in Apache on Ubuntu 18.04

Helge Klein - Mon, 11/26/2018 - 02:14

A number of requirements must be met before HTTP/2 can be enabled for a website. This is a compilation of steps I went through to get HTTP/2 working on our Apache web server hosting WordPress sites.

HTTP/2 Requirements Requirement #1: HTTPS

HTTP/2 only works with HTTPS. If you have not switched your site to HTTPS, now is the time to do it. You might be interested in my article Switching a WordPress Site From HTTP to HTTPS.

Requirement #2: Apache 2.4.24

The first version of Apache to support HTTP/2 is 2.4.24. If you are on the LTS branch of Ubuntu, this means you need to upgrade to Ubuntu 18.04. I will describe the upgrade process from 16.04 to 18.04 in another blog post.

Requirement #3: PHP FPM

Short version: if you run PHP in Apache via mod_php, you need to switch to FPM. That is not a bad thing. FPM is newer and faster.

Long version: HTTP/2 is not compatible with Apache’s prefork multi-processing module. However, prefork basically seems to be obsolete so it does not hurt to switch to something more modern, i.e., the event MPM. That, in turn, requires a change in the PHP module from mod_php to php7.x-fpm.

Configuration Changes for HTTP/2 Switching Apache’s PHP Module from MPM Prefork to Event

Run the following commands:

sudo apt-get install php7.2-fpm sudo a2enmod proxy_fcgi sudo a2enconf php7.2-fpm sudo a2dismod php7.2 sudo a2dismod mpm_prefork sudo a2enmod mpm_event sudo service apache2 restart Caveat: W3 Total Cache Shows Apache Modules as Not Detected

W3 Total Cache seems to rely on the function apache_get_modules() to detect Apache modules, which does not work with FPM. According to this support article from Plesk, this issue can be ignored.

Installing and Enabling HTTP/2 in Apache

Enable the module mod_http2:

sudo a2enmod http2 sudo service apache2 restart

Enable the HTTP/2 protocol by adding the following to /etc/apache2/apache2.conf:

Protocols h2 http/1.1 How to Verify that HTTP/2 is Working

Cloudflare put together a comprehensive list of ways you can check a website for HTTP/2 support. The easiest to use are probably Chrome Dev Tools (network view, add the Protocol column) or the online test from KeyCDN.

The post Enabling HTTP/2 in Apache on Ubuntu 18.04 appeared first on Helge Klein.

How to Limit CPU & RAM via the Windows Boot Configuration

Helge Klein - Wed, 11/21/2018 - 00:40

Testing the effects of different CPU and memory configurations is easiest when you run the tests on a powerful machine and restrict it to the required number of CPU cores and amount of RAM. Microsoft’s documentation of the relevant command is missing an essential parameter. Here are the commands you need.

Limiting the CPU to N Cores

On an elevated command prompt run:

bcdedit /set {current} numproc NUMBER_OF_CORES

Note: strangely, the numproc parameter is missing from the Microsoft documentation of bcdedit. However, it still works fine on Windows 10 1803.

Limiting the RAM to N MB

On an elevated command prompt run:

bcdedit /set {current} removememory MB_TO_REMOVE_FROM_INSTALLED_RAM With: MB_TO_REMOVE_FROM_INSTALLED_RAM = INSTALLED_RAM - DESIRED_RAM

This is unnecessarily complicated. Instead of specifying the total RAM you want Windows to see, you specify how much of the installed RAM to remove (in MB).

Removing a Bcdedit Setting

To remove a setting, run the following on an elevated command prompt:

bcdedit /deletevalue {current} SETTING_NAME E.g.: bcdedit /deletevalue {current} numproc

The post How to Limit CPU & RAM via the Windows Boot Configuration appeared first on Helge Klein.

Troubleshooting Insights for Success Within your Epic Deployment

Theresa Miller - Thu, 11/15/2018 - 18:34

Healthcare organizations that deploy Epic to support the patients that they see every day have a responsibility to ensure that Epic is always online and performing well.  Take for example, a hospital that uses Epic for all its patient services to keep the patients healthy and to ensure their safety Epic needs to be online […]

The post Troubleshooting Insights for Success Within your Epic Deployment appeared first on 24x7ITConnection.

Using Procmon To Find Registry Settings

Theresa Miller - Thu, 11/15/2018 - 06:30

Process Monitor (a.k.a. Procmon) is a free Microsoft utility as a part of their Sysinternal Suite, created by the famous Mark Russinovich. The suite has a large amount of incredibly useful tools for Microsoft IT Pros and Developers, but can be overwhelming to start with and look at. Procmon is a great one to start with, […]

The post Using Procmon To Find Registry Settings appeared first on 24x7ITConnection.

Supercomputing 2018, a conference for enterprise architects?

Theresa Miller - Tue, 11/06/2018 - 08:01

I’m in Barcelona for VMworld as the 2018 tech conference winds down, but I’m eager to attend Supercomputing next week in Dallas.  This conference has been around since 1988, and about 11,000 people attend. It is billed as the international conference for HPC (High Performance Computing), networking, storage, and analysis. That sounds like what most […]

The post Supercomputing 2018, a conference for enterprise architects? appeared first on 24x7ITConnection.

Laudation to E2EVC – Experts to Experts Virtualization Conference

Helge Klein - Wed, 10/31/2018 - 22:19

On the eve of my departure for E2EVC Athens I feel it is time for a laudation. Let me explain why.

Athens will be my 22nd E2EVC out of 40 events total. In the past eight years, I attended every single E2EVC event in Europe and the US. There is a reason for that, of course. It is certainly not an overabundance of time on my part or even wanderlust. It is simply the fact that E2EVC’s creator, Alex Cooper, has done the most remarkable thing. He single-handedly established the Citrix community in Europe (and helped along the greater end-user community quite a bit). That is a – very – significant achievement.

He single-handedly established the Citrix community in Europe

How did Alex do that? I am not sure how it started (because I was not around at the time). But I know why E2EVC has been by far the best conference for the past eight years: content and community. You could also rephrase it as “knowledge and networking”.

Great speakers almost guarantee great content, which in turn attracts attendees. But that is not all; Alex added a few clever twists. One, the conference is (mostly) on a weekend. This ensures that only the really passionate folks attend. Two, Alex organizes a community night out with food and drinks (often paid for by a sponsor). This brings people together. Three, Alex makes it easy to get a session slot (unlike almost every other conference). Many CTPs and MVPs learned the ropes at E2EVC, including myself.

The result is truly remarkable. I would guess that about 50% of attendees are regulars like myself while the other 50% are newbies or people that “hop on and off the bus”.

Taking a look at the content lined up for the Athens conference, we have sessions about topics and technologies from a broad range of end-user computing, cloud, virtualization and networking topics like the following (a selection):

  • Windows 10 VDI
  • Citrix App Layering automation
  • Windows Server 2019 Software-Defined Datacenter
  • Citrix Cloud on Azure
  • EUC: past, present and future
  • Citrix NetScaler automation
  • Workspace solutions in Azure
  • Web app UX monitoring with uberAgent
  • Containerization with Docker
  • MSIX for Enterprises
  • State of MDM
  • AMD datacenter GPUs for virtualization
  • Microsoft RDMi
  • Graphics acceleration update
  • Amazon AppStream and Amazon WorkSpaces
  • Security for EUC Admins
  • VMware Horizon in AWS
  • RES 2 Ivanti Workspace Manager

In addition to those 45-minute sessions, there are a number of 4-hour masterclasses on topics like:

What else is there to say? That E2EVC moves between cities that are attractive, affordable and easy to reach? That Alex personally operates an airport shuttle for attendees?

I am going to close this article with a big thanks to Alex and his team. Without them, I would not have met so many amazing people, I would not have learned so much, and I would have had far less fun doing so. In short: I would not be where I am today.

The post Laudation to E2EVC – Experts to Experts Virtualization Conference appeared first on Helge Klein.

Splunking the Aspect Ratio Distribution of National Flags

Helge Klein - Tue, 10/30/2018 - 21:04

When I tried to align the Union Jack and the flag of Germany on a presentation slide I noticed that I couldn’t – their aspect ratios are different. A quick search led me to this list of aspect ratios of national flags on Wikipedia. Apparently, national flags are far from standardized. A broad range of aspect ratios is being used. I decided to start a little fun project finding out which aspect ratios are most common.

Wikipedia Table to CSV

Wikipedia’s list comes as an HTML table. I would need the data as CSV for any kind of further processing. As it turns out, there is a website for exactly that: Convert Wiki Tables to CSV. You feed it the URL of the Wikipedia page you are interested in and it converts any tables on said page to CSV.

Cleaning up the CSV

Ultimately I wanted to process the CSV data in Splunk because that is the analytics tool I know best. Before I imported the data into Splunk, however, I wanted to clean it up a little. For that, Excel seemed easiest. When you paste CSV into Excel it sadly is not smart enough to offer splitting it into multiple columns. But that is achieved easily enough with the Text to Columns function.

After I had split the comma-separated table fields into columns again, I noticed that the Ratio column had both the fraction and the decimal value, separated by a space, e.g., “2:3 (1.5)”. So I repeated the splitting procedure to move the decimal value into a new column I would then discard along with some other unnecessary columns. I was left with the two columns Country and Ratio.

Statistics

Once I had saved the resulting data to a new CSV file I turned to Splunk. The easiest way to import a CSV file is the Add Data wizard which guides you through the process. I had the wizard create a new index national_flags for the data I was importing so as to have a dedicated container that would later be easy to identify and ultimately delete.

Once imported, I whipped up a quick SPL search to calculate the percentage of the 10 most common aspect ratios. When you are not totally new to Splunk these kinds of things are almost laughably easy, yet you always have full control over every aspect of the process. Here is what I used:

index=national_flags | top 10 Ratio | stats sum(percent) as Percent by Ratio | sort -Percent Explanation of the Search
index=national_flags
Selects all data from the specified index
top 10 Ratio
Selects the 10 most common values of the field Ratio and adds a new field percent to every row
stats sum(percent) as Percent by Ratio
Groups percent (renamed to Percent) by Ratio. This is not strictly necessary but makes the visualization easier.
sort -Percent
Sort by the field Percent (descending)
Visualization

The only thing left to do was to click Visualization for Splunk to generate the following chart:

Popular Aspect Ratios

Out of the 257 national flags in Wikipedia’s list by far the two most popular aspect ratios are 2:3 (~42%) and 1:2 (~33%). The third most popular aspect ratio, 3:5, is already as low as ~8%.

Data Table

For those interested, below is a table of the aspect ratio distribution. I created it by running the following Splunk search, exporting the results to CSV and converting it to HTML here.

index=national_flags | top 200 Ratio Aspect Ratio Distribution Table Ratio count percent 2:3 107 41.634241 1:2 84 32.684825 3:5 21 8.171206 5:8 6 2.334630 3:4 5 1.945525 10:19 4 1.556420 8:11 3 1.167315 7:10 2 0.778210 5:7 2 0.778210 4:7 2 0.778210 1:1 2 0.778210 ~1.618 1 0.389105 7:11 1 0.389105 6:7 1 0.389105 4:5 1 0.389105 28:37 1 0.389105 22:41 1 0.389105 2.6625:4 1 0.389105 2.338:3.608 1 0.389105 19:36 1 0.389105 18:25 1 0.389105 189:335 1 0.389105 17:26 1 0.389105 16:25 1 0.389105 15:22 1 0.389105 13:15 1 0.389105 11:28 1 0.389105 11:20 1 0.389105 11:18 1 0.389105 0.82 1 0.389105

The post Splunking the Aspect Ratio Distribution of National Flags appeared first on Helge Klein.

Full Stack Monitoring of Microsoft 365 with eG Innovations announced at Ignite 2018

Theresa Miller - Thu, 10/25/2018 - 05:30

Amongst the many announcements at Microsoft Ignite 2018, one that caught my attention was a press release from eG Innovations. At Ignite 2018, eG Innovations has now introduced several new features to their enterprise monitoring solution for Microsoft 365 (M365). I was able to get a demo of the new capabilities, of which we will […]

The post Full Stack Monitoring of Microsoft 365 with eG Innovations announced at Ignite 2018 appeared first on 24x7ITConnection.

Creating an Application Crash Dump

Helge Klein - Wed, 10/24/2018 - 09:27
How to Create User Mode Crash Dump Files

If you experience application crashes you may be asked by support to create a crash dump file. Crash dumps are created automatically by Windows if the following registry key is present:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps

In order to help support troubleshoot your problem please do the following:

  1. Create the registry key LocalDumps if it is not present already.
  2. Reproduce the problem (i.e. make the application crash).
  3. Locate the crash dump file in %LOCALAPPDATA%\CrashDumps. Note that if the crashing application runs under the System account, that resolves to C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps.
  4. Send the crash dump file to support.

This works on all versions of Windows beginning with Vista and Server 2008 (including Windows 7, Windows 10, Server 2016, Server 2019, etc.).

More information: Collecting User-Mode Dumps in Dev Center

The post Creating an Application Crash Dump appeared first on Helge Klein.

Are Smart Phones Too Expensive?

Theresa Miller - Thu, 10/18/2018 - 05:30

Opinion Piece: Are smart phones too expensive? It’s a question that has many layers behind it – but for the top end smart phone costing US$1000 and up, I wanted to look at who was still handing over their own cash to get the latest and greatest. Having my own preconceived ideas, I decided to […]

The post Are Smart Phones Too Expensive? appeared first on 24x7ITConnection.

Pages

Subscribe to Spellings.net aggregator - Community