Category Archives: Infrastructure

Windows 10 KMS Client Setup Keys

Posted on by
8

Windows 10 build 10240 has been released to the Fast Ring. That’s what I’m running on my laptops now. There were heavy rumors yesterday that this is the to Release To Manufacturing (RTM) build and is the one to be publically available on July 29th. But there is no hard confirmation on this by Microsoft yet Build 10240 now available for Windows Insiders in Fast and Slow rings.

image

“Over the past few days we’ve been preparing our release pipelines and processes, and this build is one step closer to what customers will start to receive on 7/29 …

On Monday we announced that builds from here on will only be available through Windows Update, so to get this one you can either wait and it will be installed automatically.”

Here’s how you prepare to roll it out in your company.

In a previous blog post I wrote about the update you needed for your KMS server to be able to activate Windows 10 clients. Read about that in KB3058168: Update that enables Windows 8.1 and Windows 8 KMS hosts to activate Windows 10 You can get ready today, you have all you need.

Meanwhile Microsoft has also published the Windows 10 client KMS activation which keys can be found here Appendix A: KMS Client Setup Keys

image

Do note this is the key you use when you activate the Windows 10 Client against a KMS server. It is not the KMS license server key. That one you’ll need to obtain from your valid Microsoft licenses.

If you don’t have a KMS, the MAK key option will still be available.

Windows 10 looks set for a great start. DELL has been accepting preorders for a month now (Dell Brings Windows 10 to Life: Pre-order Today) which will be shipped to you on July 29th. Windows 7 owners could already reserve their upgrade via Windows update. The OEMs and the customers seem ready. I’ve heard of several large deployments in the works, often from organization still running Windows XP. We’re a Windows 8.1 shop but our new images are being build and will be deployed as the default image via MDT. We won’t let our investment in software assurance go to waste Winking smile

MS15-068: Vulnerability in Windows Hyper-V could allow remote code execution: July 14, 2015

Posted on by
Reply
Hi people, Hyper-V has been blessed with a very good security track record. The few security issues that did arise over the years have always been resolved quickly. Today it’s

time to act fast once again and make sure you have your security & patch process act together.

Note the following:

  • Microsoft has not identified any mitigating factors for this vulnerability.
  • Microsoft has not identified any workarounds for this vulnerability.

This security update resolves vulnerabilities in Windows that could allow remote code execution in a host context if a specially crafted application is run by an authenticated and privileged user on a guest virtual machine that is hosted by Hyper-V. An attacker must have valid logon credentials for a guest virtual machine to exploit this vulnerability.

To learn more about the vulnerability, see Microsoft Security Bulletin MS15-068

This one is critical. So do not delay long after your smoke testing of this patch.You have some time to act but don’t wait too long:

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Go and secure your environment wisely and effectively now.

Using VEEAM FastSCP for Microsoft Azure to help protect my blog

Posted on by
1

My buddies in IT know about some of my mantras. The fact that I like “* in depth”. Backup in depth for example. Which is just my variant on the 3-2-1 rule in backups. Things go wrong and relying on one way to recover is risky. “One is none, two is one” is just one of the mantras I live by in IT. Or at least try to, I’m not perfect.

So besides backups in Azure I also copy the backup files I make for my blog outside of the VM, out of Azure. That means the BackWPup files and the MySQL dumps I create regularly via a scheduled job.

That copy is not made manually but is automated with VEEAM FastSCP for Microsoft Azure. It’s easy, free and it works.  I’ve blogged about it before but that blog might have been lost in the huge onslaught of Microsoft Ignite 2015 announcements.

It’s all quite simple. First of all you need to create a data dump location for the backups we do on our blog server. That’s copied out by but VEEAM FastSCP for Microsoft Azure ensures I have an extra copy do those which doesn’t rely on Azure

image

 

Add your VM in Azure to VEEAM FastSCP for Microsoft Azure

image

It’s easy, specify the information you can find about your VM on the Azure management portal. Optionally you can skip the SSL requirement and certificate verifications. Do note you need to use the correct PowerShell port (end point) for that particular VM in your Azure subscription.

image

When successful you can browse the file system of your Azure VM.

image

Create one or more jobs (depending on what & how you’re organizing your backups)

image

Give the job a descriptive name

image

Select what folders on the Azure VM you want to backup by simply browsing to it.

image

Select the target folder on the system where VEEAM FastSCP for Microsoft Azure is running by, again, simply browsing to it.

image

Set a schedule according to your needs

image

If you need to run some PowerShell before or after a download here’s the place to do so.

image

Click finish and hit Start Job to lick it of and test it. Here’s the WordPress Blog backup download job running.

image

By using VEEAM FastSCP for You can download folders and files to your system at home, to a virtual machine, whether this is on premise or also in the cloud. Perhaps even in AWS (IAAS) if you’re really paranoid. By doing a simple restore of your blog and changing your DNS entry you can even get it up and running if Azure would ever be the target of a major outage causing attack. You could even keep blogging about it Smile.

So do yourself a favor. Check it out!

Hit me baby one more time or the Faster Fast Ring of Windows 10 Insider Builds

Posted on by
Reply

Hit me baby one more time!

This blog is brought to you by Francesco V. Buccoli, a brilliant ex Hyper-V MVP who went blue badge and became a PFE. Why? Because he called me a genius, that’s why!

image

Here we go again, things are heating up in the last straight track towards RTM of Windows 10. We’re now getting build 10162 right on the heals of build 10159 that basically overran people who were still downloading 10158.

No this is not some PM in Redmond hitting the publish button by mistake again a la “Oops, I did it again” but it’s with intent and purpose. Deliver an awesome client right from the start.

So far it’s all good. The quality of these lasted builds, even during the limited time we get to spend with them, is very good and show real improvements over the entire line. Windows 10 should be ready for rollout at RTM/GA if the quality is this good and only improves.

We lead, we weren’t born to follow.

Now, go download it already and I’ll quit the cheesy music references Winking smile