Windows 10 for Enterprise Administrators
Modern Administrators' guide based on Redstone 3 version
Published on 8. July 2025
314 pages
978-1-78646-317-3 (ISBN)
Description
No detailed description available for "Windows 10 for Enterprise Administrators".
All prices
More details
Edition
Digital original
Language
English
Place of publication
Birmingham
United Kingdom
Target group
Professional and scholarly
US School Grade: College Graduate Student
Edition type
Digital original
File size
12,44 MB
ISBN-13
978-1-78646-317-3 (9781786463173)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Jeff Stokes | Manuel Singer | Richard Diver
Windows 10 for Enterprise Administrators
Modern Administrators' guide based on Redstone 3 version
Book
09/2017
Packt Publishing
€56.10
Shipment within 3-4 weeks
Person
Singer Manuel :
Manuel Singer works as a Senior Premier Field Engineer for Windows Client at Microsoft and is based in Germany. He has more than 10 years of experience in system management and deployment using Microsoft technologies. He specializes in client enterprise design, deployment, performance, reliability, and Microsoft devices. Manuel works with local and international top customers from the private and public sector to provide professional technical and technological support.Stokes Jeff :
Jeff Stokes is a Windows / Microsoft Engineer currently employed at Microsoft. He specializes in Operating System Health, Reliability, and Performance. He is skilled in Windows Deployment with MDT (Microsoft Deployment Toolkit) and has exceptional skills in VDI (Virtual Desktop) and performance analysis. He is an active writer and blogger and loves technology.Diver Richard :
Richard Diver is a senior technical business strategy manager for the Microsoft Security Solutions group, focused on developing security partners. Based in Chicago, Richard works with advanced security and compliance partners to help them build solutions across the entire Microsoft platform, including Microsoft Sentinel, Microsoft Defender, Microsoft 365 security solutions, and many more. Prior to Microsoft, Richard worked in multiple industries and for several Microsoft partners to architect and implement cloud security solutions for a wide variety of customers around the world. Any spare time he gets is usually spent with his family.
Manuel Singer works as a Senior Premier Field Engineer for Windows Client at Microsoft and is based in Germany. He has more than 10 years of experience in system management and deployment using Microsoft technologies. He specializes in client enterprise design, deployment, performance, reliability, and Microsoft devices. Manuel works with local and international top customers from the private and public sector to provide professional technical and technological support.Stokes Jeff :
Jeff Stokes is a Windows / Microsoft Engineer currently employed at Microsoft. He specializes in Operating System Health, Reliability, and Performance. He is skilled in Windows Deployment with MDT (Microsoft Deployment Toolkit) and has exceptional skills in VDI (Virtual Desktop) and performance analysis. He is an active writer and blogger and loves technology.Diver Richard :
Richard Diver is a senior technical business strategy manager for the Microsoft Security Solutions group, focused on developing security partners. Based in Chicago, Richard works with advanced security and compliance partners to help them build solutions across the entire Microsoft platform, including Microsoft Sentinel, Microsoft Defender, Microsoft 365 security solutions, and many more. Prior to Microsoft, Richard worked in multiple industries and for several Microsoft partners to architect and implement cloud security solutions for a wide variety of customers around the world. Any spare time he gets is usually spent with his family.
Content
- Cover
- Copyright
- Credits
- About the Authors
- About the Reviewer
- www.PacktPub.com
- Customer Feedback
- Table of Contents
- Preface
- Chapter 1: Installation and Upgrading
- Which branch to select?
- Current Branch, also known as Semi-Annual Channel (Targeted)
- Current Branch for Business, also known as Semi-Annual Channel
- Support timeline before 1709
- Support timeline since 1709
- The Long-Term Servicing Branch
- LTSB problem silicon support - potential risk with Zen, Cannonlake, and newer CPUs
- Limitations of LTSB
- Recommendations
- New deployment methods
- Why in-place upgrades?
- Limitations and blocker of the in-place upgrade
- Changing from BIOS/legacy mode to UEFI mode
- Changing from Windows 32-bit/x86 to 64-bit/x64
- Changing the base OS language
- Changing primary disk partitioning
- Using the Windows To Go or boot from VHD features
- Image creation process (sysprep after upgrade not supported)
- Certain third-party disk encryption products
- Changing too many apps (bulk application swap)
- Changing the environment
- Traditional wipe and load
- An alternative: provisioning
- Improvements in deployment since Windows 10 1511
- Windows 10 1607, also known as Anniversary Update
- Windows 10 1703/1709, also known as Fall Creators Update
- Tips and tricks for smooth in-place upgrade from 7, 8.1, or 10 to 10
- Integrating cumulative updates into install sources
- Updating graphics driver
- Looking at Setupact.log and Setupapi.dev.log
- Using Windows Upgrade Analytics aka Windows Upgrade Readiness
- Selecting the deployment tools
- Summary
- Chapter 2: Configuration and Customization
- Introducing Windows as a service
- Cortana
- Security mitigation
- Image customization
- Imaging process
- Customizing the image
- Upgrade expectations
- Internet Explorer 11 Enterprise Mode configuration
- Windows 10 Start and taskbar layout
- Audit mode
- Tips
- Virtual Desktop Infrastructure
- Layering technologies
- Security Compliance Manager
- AppLocker
- Microsoft Windows Store for Business, also known as Private Store
- Microsoft telemetry
- Windows Spotlight
- Mandatory user profiles
- Assigned Access, also known as kiosk mode
- Bring Your Own Device scenarios
- Windows libraries
- User Experience Virtualization
- Summary
- Chapter 3: User Account Administration
- Windows account types
- Account privileges
- Local Admin Password Solution
- Create policies to control local accounts
- Password policy
- Account lockout policy
- Manage user sign in options
- Mobile device management security settings
- User Account Control
- Windows Hello for Business
- Manage options for Windows Hello for Business
- Credential Guard
- Privileged Access Workstation
- Summary
- Chapter 4: Remote Administration Tools
- Remote Server Administration Tools
- Installing RSAT
- RSAT usage
- PowerShell
- PowerShell setup
- PowerShell usage
- PowerShell in the Enterprise
- Desired State Configuration
- Windows Sysinternals tools suite
- BgInfo
- Configuring BGInfo
- Deployment
- Introducing PsTools
- Installing PsTools
- Using PsTools
- Custom code repository
- Summary
- Chapter 5: Device Management
- Evolving business needs
- Mobile device management
- Changes to GPOs in Windows 10
- Enterprise/Education - only GPOs
- Known issues when upgrading the central policy store
- Known issues with Group Policy Preferences/GPMC
- Servicing and patching
- Why cumulative updates?
- Update delivery solutions
- Windows Update
- Windows Update for Business
- Windows Server Update Services
- SCCM and third-party solutions
- Windows 10 servicing
- Summary
- Chapter 6: Protecting Enterprise Data in BYOD Scenarios
- Bring Your Own Device
- What is BYOD?
- Choose Your Own Device
- Key considerations
- Device choice
- Ownership
- Management responsibility
- Comparing options
- Protection options
- Identity and access management
- Connect to work or school
- Microsoft Passport
- Windows Hello
- Credential Guard
- Device Configuration
- Application management
- Provisioning packages
- Windows Store for Business
- Mobile Application Management
- Information protection
- BitLocker and device pin
- Windows Information Protection
- Document classification and encryption
- Data loss prevention
- Alternative options
- Enable remote/virtual desktops - RDS/VDI
- Enable virtual private networks
- Publish applications via proxy
- End user behavior analytics
- OneDrive for Business
- Work Folders
- Work Folders compared to other sync technologies
- Summary
- Chapter 7: Windows 10 Security
- Today's security challenges
- Windows Hello/Windows Hello for Business
- Differences between Windows Hello and Windows Hello for Business
- Virtualization-based security
- Credential Guard
- Device Guard
- Windows Defender Application Guard for Microsoft Edge
- Windows Defender Exploit Guard
- Device Health Attestation
- Windows Defender Security Center
- New BitLocker options
- Local Administrator Password Solution
- AD preparation
- Now to the installation
- LAPS UI
- Group Policy client-side extension
- Group Policy configuration options
- Summary
- Chapter 8: Windows Defender Advanced Threat Protection
- Prerequisites
- Windows Defender
- Windows Defender Security Center
- Windows Defender ATP
- Plan - environment analysis
- Deploy - service activation
- Sign up and activate Windows Defender ATP
- Portal configuration
- Check service health
- Check sensor status
- Enable SIEM integration
- Onboard endpoints
- Configure sensor data
- Additional configuration
- Detect - using the ATP portal
- Alerts queue
- Machine list
- Preferences setup
- Endpoint management
- Protect Post-breach response
- Types of threats
- Ransomware
- Credential theft
- Exploits
- Backdoors
- General malware
- Potentially Unwanted Application
- Take responsive actions
- Taking responsive actions on a machine
- Collecting an investigation package
- Isolate a machine
- Take responsive actions on a file or process
- Request deep analysis
- Stop and quarantine file
- Block file
- Pivot into Office 365
- Summary
- Chapter 9: Advanced Configurations
- Virtual desktops
- VDI infrastructure best practices
- VDI configuration considerations
- The Windows ICD
- Windows 10 Kiosk Mode
- AutoPilot mode
- The Set up School PCs application
- Device lockdown
- Custom Logon
- Keyboard filter
- Shell Launcher
- Unbranded Boot
- Unified Write Filter
- Summary
- Chapter 10: RedStone 3 Changes
- OneDrive - file on demand
- Task Manager shows GPU usage graph
- No SMB1
- Ubuntu, openSUSE and SUSE LSE available as Linux subsystem
- New features of Microsoft Edge
- New Google Chrome to Microsoft Edge migration feature
- Hyper-V improvements
- Change of network profiles in GUI
- Improved storage sense feature
- Microsoft Fluent Design
- My people app
- Eye tracking
- Controlled folder access
- Summary
- Index
