Index

Note: Page numbers followed by ‘f’ and ‘t’ indicates figure and table respectively.

802.1x, 191t 5.1 sequencer, installation, 384 802.11a, 191, 191t virtualizing applications using, 383–386 802.11b, 191, 191t Assessment and Deployment Kit (ADK), 386 802.11g, 191, 191t audit events, 311t, 315, 316f 802.11n, 191, 191t Audit Filtering Platform Connection, 310 Audit Filtering Platform Packet Drop, 310 A auditing, 309–316 access-based enumeration, 245 implementation using , 310–312, 312f , 50–51 object access, 312–314, 313f, 314f Account Lockout Policy, 52, 54–56, 55f policy settings, 314–315, 315f account policies, 52–56 managing, 52f computer-level, 329 Password Settings Container, 53–55, 54f definition, 30 settings, 53 exceptions, 216–217 types, 52 factors, 31, 31f ACM. See Application Compatibility Manager (ACM) multi-factor authentication, 31 ACT. See Application Compatibility Toolkit (ACT) supporting, 30–42 accounts, 21 user-level, 329 active directory user object, 37 for VPN connections, 329–330 adaptive inter-frame spacing, 189 Authentication Header (AH), 213 ADK. See Assessment and Deployment Kit (ADK) authorization advanced audit policy settings, 314–315, 315f definition, 30 Advanced Configuration and Power Interface (ACPI), 101 supporting, 30–42 advanced sharing settings, 175–177, 175f, 177f automatic IP address assignment, 173–174, 174f ANDing, 162 Automatic Update Approval rules, 151–152, 151f android Azure RemoteApp, 371–372 Azure RemoteApp, 366 API. See application programming interface (API) configuration, 367–369 Application Compatibility Manager (ACM), 386, 389–390, 390f creation, 366–367, 367f Application Compatibility Toolkit (ACT), 386 deploying, 366–367, 367f creation inventory collection package, 387–388, 387f management, 370–371, 371f database, 386 programs, publishing, 368f identifying compatibility issues, 390–392, 391f subscribing, 369–370, 370f inventorying computers, 386–388 supporting iOS and android, 371–372 log processing service (LPS), 386 managing desktop application compatibilityCOPYRIGHTED using, 386–392 B MATERIAL runtime-analysis package creation, 388–389 backup, 400 viewing reports, 389–390, 390f Base64-encoded X.509, 38 application data, 66 basic disks, 224 application programming interface (API), 378 Billing Administrator, 5 Application (BITS) servers, 235 biometrics, 41 Application Virtualization (App-V), 379 BitLocker Drive Encryption, 273 application sequencing, 385–386 data recovery agent with, 280–284, 283f Management , 383 managing, 279–280 Publishing server, 383 MBAM, 284 Reporting database server, 383 drives, 273–278, 276f, 277f Reporting server, 383 removable media, 278–279

439

bindex.indd 439 9/15/2016 7:30:42 AM Index | 440

BitLocker To Go remote desktop settings, 322–326, 323f–326f managing, 279–280 system recovery, 400–406 removable media, 278–279 update settings, 422–425 BranchCache, 235 Virtual Private Network (VPN), 326–338 benefits, 235 windows devices, 433–437 content servers, 235 policies, 426–429 enabling on content servers, 238–239, 239f Connection Manager (CM), 330–333 operating modes, 236–237, 236f, 237f Connection Manager Administration Kit (CMAK), 330–333 BranchCache-enabled server, 235 installation, on Windows Server 2012 R2, 330 Bring Your Own Device (BYOD), 58, 140 VPN-only profile using, 331–333, 331f, 332f broadband connectivity, 197 Connection Point Services (CPS), 333 internet connection sharing, 200, 201f connection security rules, 210–211, 213–216, 214f, 215f supporting and configuring, 198–200 content server. See BranchCache-enabled server Power Options, 103, 103f C CPS. See Connection Point Services (CPS) credential caching, 50–51 Certificate Authority (CA), 20, 35 Credential Manager, 51–52, 51f certificate chain, 36, 36f criteria membership, 128 certificate compliance reports, 137 critical update, 422 certificate enrollment requests, 37 Cryptographic Message Syntax Standard (PKCS #7), 38 certificate store cumulative patch, 422 accessing, 37–38 viewing, 38f certificate tempate, 39–40 D Challenge Handshake (CHAP), 329 data recovery agent (DRA) checkpoints, 92, 92f with BitLocker Drive Encryption, 280–284, 283f claim, 263, 264, 265f with EFS, 270–271, 271f claims-based access control. See Dynamic Access data storage requirements Control (DAC) estimating, 72–73 classification rules, 267 temporary space, 72 classless interdomain routing (CIDR), 162–163 user system settings, 72 client Hyper-V, 81–83 USMT operations, 72 on , 380–382, 382f data storage support, 222–223 CM. See Connection Manager (CM) disk and drive types, 223–224 CMAK. See Connection Manager Administration Kit (CMAK) disk management, 224–228, 225f, 227f Compatibility Administrator, 389–390 mirrored volumes creating, 230–231, 230f Compatibility Monitor tool, 389 spanned volumes creating, 228–229, 228f computer accounts, 48 storage pools creating, 231–232, 232f computer groups, managing, 128–130 storage spaces creating, 232–235, 233f, 234f computer inventory report, 135, 136 striped volumes creating, 229–230, 229f computer-level authentication, 329 data synchronization, 344–348 computers and users, authenticating, 47–52 configuring offline files, 346, 346f confidentiality, 30 resolving sync conflicts, 347–348 configuration scheduling for offline files, 347 file history, 413–417 sync center, 344–345 Group Policy Objects for signed packages, 364–365 synchronizing your PC settings, 344, 345f homegroup settings, 292–295 deeplinking, 12–16 creating, 292–293, 292f, 293f default gateway, 164 joining, 293–294, 294f Deployment Image Servicing and Management (DISM), 18–19 removing computer from, 294 DER-encoded binary X.509, 38 shared files and folders in, 295 desktop application co-existence libraries, 289–292, 290f client Hyper-V on Windows 10, 380–382, 382f management, 290–291 RDS with Windows 10, 383 public folders management, 291–292 supporting, 378–386 printers, 295–302 troubleshooting program compatibility, 379–380, 379f, 380f installing, 296–299, 296f, 297f virtualizing applications using App-V, 383–386 print jobs management, 300–302, 301f, 302f desktop apps, 377–378 properties, 299–300, 299f desktop connections settings, 357 setting printer permissions, 300, 300f detected software reports, 136 remote authentication, 321–322, 322f device history reports, 137

bindex.indd 440 9/15/2016 7:30:42 AM Index | 441

Device Registration Service (DRS), 58 recovering, 418, 418f DFS Namespace, 240, 240f restoring previous versions of, 410–413, 411f–413f DFS replication, 245–246 servers, 235 differencing virtual disk, 90 system, 223 digital certificates fill and spill, 228 supporting, 35–37 fine-grained password policies, 53 viewing, 35 fixed-size virtual disks, 90 direct membership, 128 flow control, 189 , 15 folders disk quotas, 306–309 locations, 70–71, 71f on individual computers, 307 restoring previous versions, 410–413, 412f, 413f using group policy, 309 full mesh topology, 246 on Windows 10, 307–309, 308f fully qualified domain names (FQDNs), 166 distributed-cache mode, 236–237, 237f Distributed (DFS), 239–240 G namespaces managing, 240–245, 240f, 242f–244f Get Connected Wizard (GCW), 333 replication managing, 245–246 Global Administrator, 5 documents library, 290 Global Catalog, 45 domain-based accounts, 21 global unicast addresses, 164 domain-based namespaces, 241 group policy, enabling quotas using, 309 Domain Name System (DNS), 165–168, 166f Group Policy Management Console, 276 domain network, 176 Group Policy Objects (GPOs), 314, 326, 351, 390, 426, 427 domain profile, 208 to enable autoupdate for client computers, 428–429, 429f domain user account power management settings in, 104, 105f adding account to, 47 for signed packages, 364–365 creating, 45–47, 46f guest integration services, 87 driver rollback, 406 Dynamic Access Control (DAC), 263–264 H configuring file classification, 267–268, 268f hardlink folder, 72 configuring user and device claim types, 264–266, 265f, 266f hardware assets, 133–135, 134f dynamic disks, 224 hibernate mode, 100 Dynamic Host Configuration Protocol (DHCP), 173–174 homegroup, 292 Dynamic Memory, 84 creating, 56–57, 57f dynamic virtual disks, 90 definition, 56 joining, 57–58 E settings configuration, 292–295 Encapsulating Security Payload (ESP), 213, 328 creating, 292–293, 292f, 293f (EFS) joining, 293–294, 294f data recovery agent with, 270–271, 271f removing computer from, 294 file with, 268–270, 269f shared files and folders in, 295 enhanced metafile (EMF), 295 home network, 176 enrolling devices, 117–123 host, 81, 167 Enterprise Mobility Suite (EMS), 114 host-based firewalls, 206 enterprise mode, 192 hosted-cache mode, 236, 236f enterprise trust, 37 host ID, 161 ESP. See Encapsulating Security Payload (ESP) hotfix, 422 Extended (exFAT), 223, 223t hub/spoke topology, 246 Extensible Authentication Protocol (EAP), 192, 330 hybrid mode, 100 Hyper-V, 378 F checkpoints, 92 FAT, 223 Client, on Windows 10, 380–382, 382f FAT32, 223 configuring, 81–93 fetching, 246 feature, 82–83, 82f, 381–382, 381f file-based disk image, 16 Manager, 83, 83f files Manager console, 382, 382f history, 414 virtual disks, 90–91 configuration, 413–417 Virtual Machine Connection, 83 enabling, 414–416, 415f virtual machines, creating, 83–87 restore a file using, 416–417, 417f virtual machine storage, migrating, 93–94

bindex.indd 441 9/15/2016 7:30:42 AM 442 | Index

Hyper-V (Cont.) v5, 48–49, 49f virtual switches, 87–90, 382 Key Distribution Center (KDC), 48–49 hypervisor, 82 L I Layer 2 Tunneling Protocol over IPsec (L2TP/IPsec), 328 IKEv2. See Internet Key Exchange Version 2 (IKEv2) lease period, 174 images library, 290 capturing, 16–18 adding folder, 291 modifying using DISM, 18–19 configuration, 289–292, 290f sideloading into, 19–21 managing libraries, 290–291 inbound rules, 210 managing public folders, 291–292 infrastructure mode, 192 creation, 291 integrity, 30 documents, 290 intermediate certification authorities, 37 music, 290 Internet Connection Sharing (ICS), 200 pictures, 290 Internet Information Services (IIS) Manager, 362 videos, 290 Internet Key Exchange Version 2 (IKEv2), 328 license installation reports, 136 Internet Protocol (IP), 160 license purchase reports, 136 Internet Sharing, 197 link-local addresses, 164 inventory collection package, 386–388 Link Local Multicast Name Resolution (LLMNR), 169 ipconfig, 178 local account IP security (IPsec), 213 using computer management, 44–45, 45f IP settings, 160 using settings, 43–44, 44f advanced sharing settings and network locations, Local Group Policy Editor, 276 175–177, 175f, 177f Local Security Authority (LSA), 43 automatic IP address assignment, 173–174, 174f local user classless interdomain routing, 162–163 accounts, 21 default gateway, 164 profile, 67 Domain Name System, 165–168, 166f location-aware printing, 195–197 IPv4 location settings, 127, 127f exploring protocols, 160–161 Log processing service (LPS), 386 understanding, 161–162, 161f, 161t, 162t L2TP/IPsec. See Layer 2 Tunneling Protocol over IPsec (L2TP/IPsec) IPv6 addressing, 164 M exploring protocols, 160–161 MAC address, 189 understanding, 163 mandatory user profile, 67 Link Local Multicast Name Resolution, 169 MBAM. See Microsoft BitLocker Administration and Monitoring name resolution, 164–165 (MBAM) 2.5 Name Resolution Settings, 169–173, 170f–173f MDOP. See Microsoft Desktop Optimization Pack (MDOP) Peer Name Resolution Protocol, 169 , 21 stateful DHCP and stateless DHCP, 174–175 creation using Settings program, 22–24, 22f–24f Windows Internet Name Service, 168 integrating, 21–24 IPv4 Microsoft Azure, 366 addressing, 161–162, 161f, 161t, 162t Microsoft Azure Multi-Factor Authentication, 353 checksum offload, 189 Microsoft BitLocker Administration and Monitoring (MBAM) protocols, 160–161 2.5, 284 IPv6 Microsoft CHAP version 2 (MS-CHAP v2), 330 addressing, 163–164 Microsoft Compatibility Exchange, 386 protocols, 160–161 Microsoft Desktop Optimization Pack (MDOP), 379, 383 Microsoft Intune, 5–9, 146–147, 147f J Account Portal, 8, 8f jumbo frames, 189 Admin Console, 8, 9f, 122f administrative deployment, 120–123 K administrator roles, 114–115 Kerberos policy, 52 agent, 132f Alerts workspace, 137–138, 138f

bindex.indd 442 9/15/2016 7:30:42 AM Index | 443

automatic approval settings, 151–152, 151f inventory reports, 136 client software, 121f Mobile Device Management (MDM) Authority, Company Portal, configuring, 123–125, 123f, 124f 117–118, 118f, 119f Connector Site System Role, 140–141 Mobility and Multi-homing Protocol (MOBIKE), 328 dashboard, 136f MPPE protocol. See Microsoft Point to Point Encryption (MPPE) deadlines for update installations, 152, 153f protocol deploying desktop applications, 393–395, 394f MS-CHAP v2. See Microsoft CHAP version 2 (MS-CHAP v2) direct membership, 129–130 multi-factor authentication, 31 enrolling devices, 117–123 music library, 290 features, 5–6 Groups, 128–130 N license agreements, 115f name resolution location settings, 127 configuring IP settings, 164–165 managed devices, 125–126, 125f testing, troubleshooting IP network problems, 180 managing software with, 13f, 14f name server, 168 membership criteria, 129f NAT. See Network Address Translation (NAT) mobile devices, direct management, 118–120 NetBIOS name, 168 monitoring and alerts, 135–140 netstat, 181 policies, 130–131, 131f network adapters configure, 188–190, 189f, 190f recipients, 138–139, 139f Network Address Translation (NAT), 327 remote computers and, 131–135 Network Basic Input/Output System (NetBIOS), 168 report types, 136–137, 137f network connectivity, 159 selective wipe, 126–127 network ID, 161 sideloading and deeplinking apps, 12–16 Network List Service, 196 sign up, 6–9 Network Location Awareness, 196 software report, 133 network perimeter firewalls, 206 subscription page, 140f Network Policy Server (NPS), 321 subscriptions, 114 noncompliant apps reports, 136 tasks, 9 nonrepudiation, 30 technical support for, 139–140 NPS. See Network Policy Server (NPS) third-party updates, 152–154, 154f Nslookup.exe, 180 user accounts, provisioning, 115–116, 116f NTFS, 223, 223t user and computer groups, 128–130 combining, 261–263, 262f using reports and in-console monitoring, configuring, 259, 260f, 260t, 261 147–150, 148f, 150f NTLM authentication, 49 Microsoft Intune Service Administrator role, 115 Microsoft Intune Software Publisher, 153 Microsoft Intune Tenant Administrator role, 115 O Microsoft Passport, 42 Office 365, 2–5 Microsoft Point to Point Encryption (MPPE) protocol, 327 Admin centers, 7, 7f migration stores administrator roles, 5 calculating, 73 benefits, 3 compressing, 72 features, 2 securing, 73 installing and managing software by, 10–11 mirrored volumes, 224 managing, 4, 4f data storage support, 230–231, 230f Office 2016 installation from, 11–12, 11f mixed membership, 128 sign up for, 3–5 MOBIKE. See Mobility and Multi-homing Word Online, 2f Protocol (MOBIKE) Office 2016 mobile access, 344–348 applications, 10 configuring offline files, 346, 346f installation from Office 365, 11–12, 11f resolving sync conflicts, 347–348 options, 10–11 scheduling for offline files, 347 offload TCP segmentation, 189 synchronizing your PC settings, 344, 345f OneDrive, 246–247 using sync center, 344–345 accessing from browser, 247–248, 248f mobile device for business, 247 direct management, 118–120 creating file, 248, 249f

bindex.indd 443 9/15/2016 7:30:42 AM 444 | Index

OneDrive (Cont.) PPP. See Point to Point Protocol (PPP) document sharing, 249–250 PPTP. See Point to Point Tunneling Protocol (PPTP) Recycle Bin, 418, 418f print device, 295, 301 uploading files to, 249 printer, 295 for windows, 250–253, 251f, 252f additional print drivers, 298–299, 298f one-way sync, 345 configuration, 295–302 outbound rules, 210–213 installation, 296–299 out-of-band patches, 422 local printer, 296–297, 296f, 297f managing print jobs, 300–302 P network, 297–298 PAP. See Password Authentication Protocol (PAP) permissions, 300, 300f partitions, 224 print queue, viewing, 301, 301f password properties, 299–300, 299f changing, 32–33, 32f spool folder location, changing, 301–302, 302f policy, 52 print jobs, 295, 300–302 supporting, 31–32 print spooler, 300, 302 Password Administrator, 5 private profile, 208 Password Authentication Protocol (PAP), 329 Program Compatibility Troubleshooter, 379–380f Password Settings Container, 53–55, 54f provisioned apps, 20 Password Settings Object (PSO), 53 public folders, 291 Patch Tuesday, 422 public key infrastructure (PKI), 38, 328 pathping, 179 public network, 176 PBA. See Phone Book Administrator (PBA) public profile, 208 PBS. See Phone Book Service (PBS) Peer Name Resolution Protocol (PNRP), 169 Q Peer Name Resolution Protocol (PNRP) service, 169 QoS packet tagging, 189 peer-to-peer (P2P) network, 169 personal certificates, 36 R personal identification number (PIN) RADIUS. See Remote Authentication Dial-In User Service (RADIUS) creating, 33 RDC. See Remote Desktop Connection (RDC) supporting, 31–32 RD Connection Broker, 357 Personal Information Exchange (PKCS #12), 37 RD Gateway, 357 personal mode, 192 RD Licensing, 357 Phone Book Administrator (PBA), 333 RD Session Host, 357 Phone Book Service (PBS), 333 RD Virtualization Host, 357 picture library, 290 RD Web Access, 357 picture passwords receive buffers, 190 creating, 33–34, 34f receive side scaling, 189 supporting, 31–32 recipients, 138–139, 139f PIN. See personal identification number (PIN) recovering files from onedrive, 418, 418f ping, 178 recovery key, 278 PKI. See public key infrastructure (PKI) referral, 243 Points of Presence (POPs), 333 RemoteApp, 357 Point to Point Protocol (PPP) access, 372f authentication, 329 application, configuration, 361, 362f packets, 328 and Desktop Connections Feed, 363–364, 363f Point to Point Tunneling Protocol (PPTP), 327, 328 distribution, 361–362 POPs. See Points of Presence (POPs) exporting and importing, 364 powercfg.exe, 105–106 management, 360f power plans programs, 359, 360 advanced settings, 104, 104f settings, configuration, 357 Control Panel Power Options, 103, 103f website, access, 361f custom, 103–104 remote authentication, 321–322, 322f default settings, 102 Remote Authentication Dial-In User Service (RADIUS), 192, 321 definition, 102 remote computers, 131–135 working with, 101–104 Remote Desktop Connection (RDC), 323 power policies, 104–105 Remote Desktop Protocol (RDP), 322–323, 325, 357, 393 power settings, 99–100, 100f Remote Desktop RemoteApp Applications, 365 Power tile, 99, 99f (RDS), 322, 357, 383

bindex.indd 444 9/15/2016 7:30:42 AM Index | 445

creating collection, 358–360 speed and duplex, 188 installation, 358–361, 360f split tunnel, 337–338, 337f management, 359f spool folder, 301–302, 302f role, 357 SQL Azure Database, 366 remote desktop settings, 322–326, 323f–326f SSTP. See Secure Socket Tunneling Protocol (SSTP) Remote Desktop Web Access stand-alone DFS, 241 configuration, 361–362, 362f Standard User Analyzer (SUA), 392 installing SSL certificates for, 362–365 Startup RAM, 84 replication group, 245 stateful address configuration, 174–175 resolver, 168 stateless address configuration, 174–175 resource record (RR), 167 storage pools, 231–232, 232f restore point, 401 storage spaces, 232–235, 233f, 234f , 67–69, 68f, 69f striped volumes, 224 router, 206 data storage support, 229–230, 229f Routing and Remote Access Services (RRAS) server, 321, 328 SUA. See Standard User Analyzer (SUA) runtime-analysis package, 386, 388–389 subnetting, 162 supporting iOS Azure RemoteApp, 371–372 S Sync Center, 344–345 SATA. See Serial Advanced Technology Attachment (SATA) sync conflict, 347–348 SCCM. See System Center Configuration Manager (SCCM) sync share, 350–351 SCSI. See Small Computer System Interface (SCSI) command, 16 second-level domains, 167 System Center 2016 Configuration Manager, 140–141 sector-based disk image, 16 System Center Configuration Manager (SCCM) server, 389, 427 Secure Digital (SD) cards, 273 System Preparation Utility (sysprep.exe), 16–17 Secure Sockets Layer (SSL), 49–50 system recovery, 400–406 certificates for Remote Desktop Web, 362–365 driver rollbacks performing, 406 Secure Socket Tunneling Protocol (SSTP), 328 refreshing/resetting PC, 403–405, 404f Security Accounts Manager (SAM), 43 system recovery, configuration, 402–403, 403f security for removable media, 271–273, 272f Windows 10 File Recovery drive creation, 405 security identifier (SID), 48 point Security Token Service (STS), 263 creation, 401–402, 402f security update, 422 performing, 402–403, 403f selective wipe, 126–127, 127f Select RemoteApp Programs Wizard, 359 T sequencing, 383 TCP. See Transmission Control Protocol (TCP) Serial Advanced Technology Attachment (SATA), 222 telnet, 182 Server Name Indication (SNI) extensions, 50 Terminal Services, 322 Service Administrator, 5 terms and conditions reports, 136 service pack, 422 tethering. See Internet Sharing Service Set Identifier (SSID), 193 tethering access point, 197 session collection, 358 thin provisioning, 232, 233f share permissions third-party root certification authorities, 37 combining NTFS and, 261 TLS Handshake protocol, 50 configuring, 258, 259f, 259t TLS Record protocol, 50 on resource, 261–263, 262f token, 263 shims, 390 top-level domains, 167 sideloading, 12–16 tracert, 179 into image, 19–21 Transmission Control Protocol/Internet Protocol (TCP/IP), 160, 310 from Microsoft Intune, 14–15 checksum offload, 189 into online and offline images, 15–16 transmit buffers, 190 signal quality, 193 Transport Layer Security (TLS), 49–50 simple volume, 224 transport mode, 213 sleep mode, 100 troubleshooting IP network problems, 177–178 sleep settings, 99 configuration, 178 Small Computer System Interface (SCSI), 222 testing name resolution, 180 smart cards, 38–41 testing network connectivity, 178–180 software, installing and managing, 9–21 viewing port usage, 180–182, 181f, 182f spanned volumes, 224 trusted identity provider, 263 data storage support, 228–229, 228f trusted , 37

bindex.indd 445 9/15/2016 7:30:42 AM 446 | Index

Trusted Platform Module (TPM) chip, 39, 273 using App-V, 383–386 trusted publishers, 37 virtual machine (VM), 380 trusted root certification authorities, 37 creating and configuring, 83–87, 85f tunnel mode, 213 installation options, 86, 86f two-factor authentication, 31 storage, migrating, 93–94, 93f two-way sync, 345 virtual machine monitor (VMM), 82 Virtual Private Network (VPN), 326 U configuration, 326–338 UAC. See User Access Control (UAC) configuring split tunneling, 337–338, 337f UDP. See User Datagram Protocol (UDP) Connection Manager (CM), 330–333 UE-V. See User Experience Virtualization (UE-V) Connection Manager Administration Kit (CMAK), 330–333 unique local addresses, 164 connections, authentication, 329–330 Universal Naming Convention (UNC), 258 connection wizard, 333–335, 334f, 335f Universal Serial Bus (USB), 223 protocols selection, 327–329 updates, 421–422 Reconnect, 328, 329, 338 history, 425, 425f tunnel, 327f important, 422 using Windows 10 settings, 336, 336f optional, 422 virtual smart cards (VSCs) recommended, 422 definition, 39 reports, 136 supporting, 38–41 USB. See Universal Serial Bus (USB) virtual switches User Access Control (UAC), 392 configuring, 89f user account, 21, 48 creating, 88 provisioning, 115–116, 116f selecting, 88f (UAC), 392 types, 87–88 user data, 66 for VM, 89–90 User Datagram Protocol (UDP), 310 virtual TPM smart card environment checksum offload, 189 creating, 40 User Experience Virtualization (UE-V), 392–393 enroll for certificate, 40–41 Agent, 393 setting up, 39 Generator, 393 VM. See virtual machine (VM) user groups, 128–130 VPN. See Virtual Private Network (VPN) User-level authentication, 329 User Management Administrator, 5 W user profiles wake on magic packet, 190 configuring, 65–76 Web servers, 235 definition, 66 WFAS. See with Advanced Security (WFAS) deleting, 69–70 Wi-Fi Direct, 197 managing, 70f Wi-Fi Protected Access 2 (WPA2), 192 migrating, 71–72 Wi-Fi Protected Access (WPA), 192 in users folder, 66f Windows 10 user registry, 65 backup user state, 65–66 restore file from, 412–413, 413f User State Migration Tool (USMT), 71 schedule, 411–412, 411f, 412f command-line options, 75 Client Hyper-V on, 380–382, 382f custom config.xml file, 76 enabling disk quotas on, 307–309, 308f process, 74 File Recovery drive creation, 405 file recovery drive creation, 405 V file structure, 64–65, 65t vaults, 51 System Restore, 401 VDI. See Virtual Desktop Infrastructure (VDI) Windows apps, 12 . , 90 Windows Assessment and Deployment Kit (ADK), 386 .vhdx file format, 90 Windows Azure. See Microsoft Azure videos library, 290 Windows Biometric Framework (WBF), 41 Virtual Desktop Infrastructure (VDI), 357 Windows Deployment Services (WDS), 18 virtual disks, 90–91, 91f windows devices, 433–437 virtualizing applications, 383 Windows 7 File Recovery, 410

bindex.indd 446 9/15/2016 7:30:42 AM Index | 447

windows firewall, 205–207, 207f, 208f Windows Update, 422–424f Windows Firewall with Advanced Security (WFAS), 207–208, 209f Windows Update for Business, 426 Windows Hello windows update policies, 426–429 facial recognition, 41 Wired Equivalent Privacy (WEP), 192 Hello fingerprint reader, 42 wireless networks supporting, 41–42 connecting to, 192–194, 193f–195f Windows Imaging Format (WIM), 16 Wi-Fi technology standards, 190–191, 191t Windows Internet Name Service (WINS), 168 wireless security utilizing, 191–192 , 100–101, 101f wireless security, 191–192 Windows Server Update Services (WSUS), 422, 423, 426 Word Online, 2f Windows Store, 12 work folders, 349–353 deeplinking from Microsoft Intune, 15 connection, 351–353, 352f sideloading from Microsoft Intune, 14–15 creation, 349–351, 350f uploading to Microsoft Intune, 13 work network, 176 windows store apps, 430 Workplace Join, 58–59 , 106 Workspace To Go Creator (pwcreator.exe), 106 Windows To Go workspace drive WSUS. See Windows Server Update Services (WSUS) , 108–109 compatibility, 109t creating and deploying, 106–108 X hardware requirements for, 108, 108t X.509 version 3, 35 managing, 109 selecting, 107f

bindex.indd 447 9/15/2016 7:30:42 AM bindex.indd 448 9/15/2016 7:30:42 AM bindex.indd 449 9/15/2016 7:30:42 AM bindex.indd 450 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM 9/15/2016 7:30:42 AM