Today’s tip…

Unlike Windows Vista and Windows 7, Windows 8 has the ability to pre-provision the system volume during installation. To use BitLocker Pre-Provisioning, we have three options open to us, MDT 2012, SCCM 2012 SP1, or WinPE 4.0.

1. In MDT 2012, we use the Enable Offline Task Sequence which uses ztibde.wsf file to encrypt the drives.
2. In SCCM 2012 SP1, we use OSDOfflineBitLocker.exe which enables BitLocker.
3. In WinPE 4.0, we can use the command prompt to run “manage-bde –on <drive letter>”

NOTE: The WinPE option is a bit more complicated as you must add the file management and startup optional components to your WinPE image. Otherwise you will not have the manage-bde tool available.

Building a Windows PE Image with Optional Components

Requirements:

TPM should be enabled in the BIOS prior to installation

Steps to be done after Windows installation:

The BitLockered volume will be in a “Waiting for Activation” state, as it is using a clear protector. This can be done using either of the following options

• Use the manage-bde tool to preform a ‘Manage-bde –protectors –add C: -rp’
• Use the Control Panel applet to ‘Turn on BitLocker’

The advantage to this approach is that activating protection post installation only takes a few seconds instead of the user having to wait for BitLocker to encrypt the entire volume.

Today’s tip…

Windows 8 and Windows Server 2012 does not include .NET Framework 3.5 by default.  When you run an application that requires .NET Framework 3.5(for example MSSolve) Windows will automatically trigger to install the feature from Windows Update. 

The application must do one of the following for the trigger to occur:

• Attempting to install .NET 3.5 by running the released redistributables (including the web bootstrapper)
• Invoking the .NET 3.5 runtime

If the computer does not have access to the internet or is using WSUS you can point to a DVD or network location (Enterprises could have the files on a network share and use group policy/registry key to direct clients to it).  For additional information see the following:

• Installing the .NET Framework 3.5 on Windows 8 or 8.1
• Error codes when you try to install the .NET Framework 3.5 in Windows 8 or in Windows Server 2012

Note:  There is no .NET 3.5 redistributable download available for vendors to include in their applications.  Changes in architecture require the installation using one of the methods above

Today’s tip…

How do I get the Start screen to come up in a remote session?

If you’ve remoted into a Windows Server 2012 host or Windows 8 client using a legacy RDP client and wanted to get to the start menu, you may have already come across this annoying issue with the start menu.

If I hit the Windows key – often I get the local Start. If I put the mouse in the bottom left of my screen – is that the local Start or the one in the Remote Desktop window?

(The green one is my local Start screen – ack!)

Fortunately the RDP Connection Bar on the RDP client has been updated to accommodate Start, Charms, Switching Apps, Snap and App Commands.

Using these options, you can ensure the commands are being sent to the remote Host.

Smart Sizing!

How many times have you been annoyed with the annoying scroll bars when your RDP client gets moved to another monitor? Well – NO MORE!

The new RDP client has an option to use “Smart Sizing”.

So instead of scrollbars, you get scaled resolution:

Smart Sizing can be selected on the Control menu when the RDP window is not full screen.

The downside of both of these is there’s no new client available for Windows 7 (yet). You have to run Windows 8 or Server 2012 to get the new client.

Today’s tip…

IP-HTTPS is now the preferred IPv6 transition technology for DirectAccess.

Direct Access allows clients to connect with various IPv6 transition technologies including Teredo, 6to4, and IP-HTTPS. In Windows Server 2008 R2, IP-HTTPS was the least preferred connection method because of performance reasons. Due to performance enhancements to the Direct Access implementation of IP-HTTPS in Server 2012, IP-HTTPS is now as fast as other connection methods. The most notable change to IP-HTTPS in Server 2012 is enabling Null Encryption for the HTTPS connection. Because there is an IPSec connection tunneled in the HTTPS tunnel, the data is still encrypted. This change prevents costly double encryption that happened previously.

Today’s tip…

This is more of an Office tip but I wanted to include it. Like others my age, my eyes are at a point where looking at a screen that is mostly white causes everything to blend together. This is really a problem when I’m using the new Office since the default theme is ‘White’. So my white title bar blends with my white ribbon that blends with everything else that is white.

To deal with this, I set the Office Theme to ‘Dark Gray’. You can set this option in any of the Office apps….