Wednesday, May 22, 2019

Microsoft Intune – How to remove Microsoft Store for Business app from Client Apps List

Starting the first steps with Microsoft Intune with some try and error on the mix, here’s something I’ve learned about client apps.

When you go to Client Apps, and if you’ve already synced your Microsoft Store for Business with Intune, you’ll see the apps you’ve approved on the store on that list.

But, a strange or…by design thing happens. Imagine you approve an app and the you revoke it. You’ll notice when you manage your Store for Business that the app isn’t there no more but…you still see it in Intune Client Apps list and the option to delete it is greyed out.

Now, to solve this, follow this steps:

  1. Login to the Microsoft Store for Business
  2. Select Manage and then Order History. Here you’ll see all the apps you previously approved.
  3. Now, select the app you want to remove from Intune Client Apps list
  4. On the next screen, in the Action column select Refund and agree with the action
  5. Go back to Intune and then Client Apps
  6. Select Microsoft Store for Business and Sync
  7. Go back to Client Apps list and…the app is gone!

Microsoft Windows 10 19H1 (1903) – Available through Microsoft Volume Licensing Service Center

It’s now available the new Windows 10 v1903 or 19H1 at Microsoft Volume Licensing Service Center website.
Here you can download all the new enterprise versions ISOS (x86; x64; ARM).

Window Central website has a full changelog for this version:
Windows Central - Windows 10 19H1: The complete changelog

Monday, May 20, 2019

EUA & Google vs. Huawei - Why can this be good for a former Windows Phone user

The world gets stone cold while Google announces that will cut off business with Huawei.
No more official Android updates, no more Google Services.

While this looks a huge issue for a lot of people that bought any Huawei device, it’s ironic to think a little bit what this means to a former Windows Phone user that was pushed to migrate to a different mobile operating system.

Speaking of personal experience, I did not want to move to Android or iOS but the complete lack of apps and the death of Windows Phone made me choose. I’ve chosen Android and a Xiaomi Mi 9 and because my goal was to keep Microsoft’s ecosystem, I just disabled everything Google service I could.

Like me, a lot of former WP users that needed to change mobile device wanted the same and Android was notoriously easy to modify and have Microsoft services all over the phone.

So…flagship devices with a “forked” Android with no Google services? Seems like a good deal to me!

Chinese devices are implemented all over the world, in places with a huge population density like India.
Is Google prepared to a huge decrease of internet traffic from this countries?

Let’s see what happens then….

Wednesday, May 15, 2019

How are GPOs processed

Here’s just a quick, and very high-level, review about how group policies processing works.

Computer Policies

1.Network Services Start

2.Client performs DNS request for LDAP SRV record of DC(s) in its site

3.Client binds to DC using normal DC Locator process

4.Client performs ICMP slow link detection to DC to determine link speed

5.Client uses LDAP to build GPO list at OU, domain and then site containers - determines whether it has permission to process GPO

6.The client then connects to SYSVOL using SMB’s, locates the required GPT folder , then commences download

7.The computer then applies the policy

8.CSE’s may be required to implement some settings

9.The startup scripts are then processed and executed

10.The logon Screen is then displayed



User Policies

1.The user presses Ctrl-Alt-Del to logon

2.Check RAS settings

3.After domain validation, the client loads the profile controlled by the Group Policy settings that are in effect

4.Check the loopback processing mode value

5.Client binds to DC using normal DC Locator process

6.Obtain a list of GPO’s that need to be applied to the user

7.Connects to SYSVOL using SMB’s

8.Check for any changes to the GPO’s and downloads the changed policies

9.Applies the GPOs in the correct order

10.CSE’s will be required to process the various configurations

11.Runs the logon script

12.User gets their desktop

Wednesday, May 8, 2019

Microsoft Edge’s IE Mode will give a better experience over the current Enterprise Mode

For me, one of the biggest announcements at Microsoft Build 2019 it’s Microsoft Edge’s IE Mode.
Looks like Microsoft is really committed with the new “Edgium” browser and trying to allow enterprises to stop installing 2 browsers (usually Edge/Internet Explorer and Google Chrome).

With the new Microsoft Edge, based in chromium, plus the new IE Mode Microsoft tries to eliminate the need for Google Chrome and also gives users a better experience when accessing internal websites that only work with Internet Explorer.
Instead of automatically opening an IE browser, the IE Mode allows a new instance of IE directly in a new Edge tab. This gives the users a very very nice and integrated experience.

Find everything announce for Microsoft Edge here:
Microsoft Edge – All the news from Build 2019

Thursday, May 2, 2019

Windows Admin Center (WAC) v1904 Now Available

The modern administration tool for Windows servers, desktops and cloud has a new version, following the Windows Server Semi-Annual Channel rhythm.

This new version has nice additions like new tools to manage Active Directory and DNS for example, which may allow in the near future to stop using mmc console.

Also nice is the ability to share device lists that also allows a user to backup previously added devices so you don’t need to add them all again.

Here are all things new and download link to Windows Admin Center v1904:
Windows Admin Center Blog - Windows Admin Center 1904 GA update is now available!