Client-2.4-3.3.docx

Full Transcript

**Purpose of Virtualization**

Virtualization is a technology that creates a software-based
representation of component, such as an application, network interface
card (NIC), or even an entire computer. On a computer system,
virtualization is the ability to install and run multiple operating
systems simultaneously on a single physical machine. These types of
systems are commonly referred to as VMs (virtual machines).

Sandbox virtualization

- The process of creating an isolated testing environment.
Virtualization lets you easily create a sandbox by isolating
components from the production network.

- Using a virtualized sandbox (sometimes known as a playground) gives
network administrators and developers a safe place to create new
software, test software development, install new software, or
upgrade existing software without risking the production network.

Application virtualization

- The process of installing and accessing applications virtually. This
can help reduce licensing costs, increase accessibility for local
and remote employees, and make it easier to install and maintain
applications.

Legacy software access

- Outdated software use. Some organizations require the use of
proprietary or legacy (outdated) software. Virtualization can
provide access to this software even if a user's local PC is running
an updated operating system.

Cross-platform virtualization

- The process allowing an operating system to access an application
designed to run on a different operating system.

Hardware optimization

- The process of making the most efficient use of physical hardware.
For example, instead of being idle, the processor is optimized to
process several tasks at a time.

Host machine

- Most commonly a physical server that has the hardware necessary to
create a viable, virtualized environment. The following hardware is
shared by the VM and managed by the hypervisor.

- Hard disk drive(s)

- Optical drive(s)

- RAM

- CPU(s)

- NIC(s)

- The number of VMs a host can handle depends on the physical
build of the host server.

Hypervisor

- A thin layer of software (think of it as a type of OS for the host
machine) that resides between the virtual operating system and the
hardware.

- A hypervisor allows virtual machines to interact with the hardware
without going through the host operating system.

Virtual machine

- A software implementation of a computer that executes programs like
a physical machine.

- The virtual machine appears to be a self-contained and autonomous
system. It can be on a host server (enterprise-level) or a PC (small
scale).

Virtual hard disk (VHD)

- A file created within the host operating system that simulates a
hard disk for the virtual machine.

vSwitch

- Software that facilitates the communication between virtual machines
by checking data packets before moving them to a destination.

- A vSwitch may be software installed on the virtual machine or it may
be part of the server firmware.

vRouter

- Software that performs the tasks of a physical router. Because
virtual routing frees the IP routing function from specific
hardware, you can move routing functions around a network.

Virtual firewall application (VFA)

- Software that functions as a network firewall device that provides
packet filtering and monitoring. The VFA can run as a traditional
software firewall on a virtual machine.

Hyper-V is Microsoft\'s hypervisor. It is a hardware virtualization
technology use to create and run a virtual machine (a software version
of a computer).

There are two types of hypervisors:

- Type 1 - Also called bare metal, it acts as an OS on a physical host
machine.

- Type 2 - Acts as a software application. It is run on any OS and can
run several operating systems on virtual machines. Capacity is
limited by available physical assets.

The number of VMs a host can accommodate depends on the components
installed on the host machine and what has already been allocated by the
Hyper-V manager. Keep in mind:

- Close to 80% of all VMs are over-provisioned. This means they have
more resources allocated to them than is needed.

- This decreases the efficacy of the physical host.

- When provisioning, consider:

- CPU and RAM allocations can be lowered or raised easily.

- Storage space can be easily increased but is almost impossible
to decrease without destroying the VM.

A hypervisor manages access to the following system resources.

- CPU

- Storage

- RAM

There are several hypervisor options:

- Hyper-V (Windows)

- VMWare workstation

- Virtual Box (Oracle)

Key points about digital licenses are:

- A digital license is a method of activation that doesn\'t require
you to enter a product key during the installation of Windows.

- The license is linked to a Microsoft account and, once used, is also
linked to the hardware.

- Skip the product key question and continue with the installation
when you install Windows.

- A major change to the hardware (such as a new motherboard) may
require the system to be reactivated.

- When you sign into the computer using a Microsoft account and
connect to the internet, the computer is activated.

Key points about product keys are:

- Activation using a product key is linked to the hardware in the
system.

- A major change to the hardware (such as a new motherboard) may
require the system to be reactivated.

- Product keys are in the form of xxxxx-xxxxx-xxxxx-xxxxx-xxxxx where
x is a value of the key.

A digital license is used when Windows is obtained in one of the
following ways:

- Upgrade to a newer version of Windows on an eligible device running
a genuine copy of a previous Windows version (Windows 7 or later
versions).

- Purchase a Windows Pro upgrade from the Microsoft Store app and
successfully activate Windows.

- Upgrade as a Windows Insider to the newest Windows Insider Preview
build, on an eligible device running an activated earlier version of
Windows and Windows Preview.

- Purchase a genuine Windows system from the Microsoft Store app.

A product key is used when Windows is obtained in one of the following
ways:

- Purchase a copy of Windows from an authorized retailer.

- Have a Volume Licensing Agreement for Windows or MSDN subscription.

- Purchase a new or refurbished device running Windows.

- Purchase Windows from the Microsoft Store online.

Windows purchased from a retailer cannot be activated using volume
licensing methods.

When working in a large environment where Windows activation takes place
on a regular bases, licensing and activation can be accomplished at a
local level using one of three methods:

- Key Management Services (KMS)

- Active Directory--based Activation (ADBA)

- Multiple Activation Key (MAK)

**Key Management Services (KMS)**

With KMS, the Windows clients in the network request and receive Windows
activation from a local KMS server. To implement a KMS server:

- Install the Volume Activation Services role on a new or existing
server.

- Configure KMS using the volume activation tools.

- Add the volume license purchased from Microsoft.

- Activate the licenses on the KMS server through the Microsoft site.

- Ensure that DNS is correctly configured to allow clients to locate
the KMS server.

Once KMS is configured, clients request and receive activation from the
KMS server. By default, activation is valid for 180 days, but
reactivation is requested every 7 days.

To use KMS, one of the following thresholds must be met. Otherwise, no
activation will take place:

- 25 or more client systems (physical or virtual) must actively
require activation.

- 5 or more servers (physical or virtual) must actively require
activation.

**Active Directory--based Activation (ADBA)**

When available, Active Directory--based Activation (ADBA) is the
preferred method of implementing volume activation services. When using
ADBA, Windows systems connected to the domain are activated
automatically during system startup.\
\
By default, a system remains activated for up to 180 days since the last
contact with the domain. As with KMS, an activated system periodically
attempts to reactivate before the 180 days has elapsed to ensure the
activation doesn't expire. By default, this occurs every 7 days.

Key aspects of using ADBA are:

- Any domain controller that is part of the forest can be used to
activate a client.

- There is no minimum threshold required.

- When a system activated using ADBA is removed from the domain, that
system is deactivated immediately.

- ADBA can activate only Windows Server 2012, Windows 8.1, and newer
operating systems.

- ADBA can be used in conjunction with KMS to provide activation
services for older operating systems.

- When KMS and ADBA are used on the same network, clients first try to
obtain activation through ADBA and then try KMS if they can\'t
activate with ADBA.

To implement ADBA:

- Install the Volume Activation Service role on the domain controller.

- Add the volume licenses.

- Activate the licenses through Microsoft.

**Multiple Activation Key (MAK)**

MAK licenses are enterprise licenses purchased by a company, but tracked
by Microsoft. Unlike KMS or Active Directory activation, MAK activates
systems on a one-time basis. It uses Microsoft\'s hosted activation
services, which require connection with a Microsoft activation server.
This is typically done by means of the internet. If a system using MAK
activation can't use the internet, the activation can be accomplished by
calling Microsoft. Once a computer is activated, no further
communication with Microsoft is required.

Each MAK has a predetermined number of allowed activations based on the
Volume Licensing agreement. MAK licenses can be included as part of an
organization's Windows operating system image.

**Activation Process for Product Keys**

The activation process is composed of the following steps:

1. During the installation of Windows, two identifiers are created that
uniquely identify the system:

- A unique product ID (PID) is created using the product key
entered during the installation process.

- Based on the system hardware, a unique hardware ID (HWID) is
created. Every hardware component in the system has a unique
serial number assigned to it. During installation, Windows runs
a mathematical formula against each device\'s serial number to
create a one-way hash for each component. Then, four to ten bits
(depending on the type of component) are extracted from each
device\'s hash to generate an eight-bit HWID that uniquely
identifies the system.

2. When the activation process is initiated:

- The system\'s PID.

- The system\'s HWID.

- The version number of the activation software running on the
system.

- A unique request ID number that is associated with the specific
system.

- Microsoft verifies that the license associated with the PID
allows the system to be activated.

- If activated, Microsoft associates the PID with the system\'s
HWID. This prevents the same product key from being reused to
activate Windows on a different system.

- A confirmation is sent back to the system in the form of a
digital certificate signed by Microsoft, indicating the system
has been successfully activated.

Thereafter, the system\'s HWID is recalculated every time the system is
booted. The recalculated HWID is compared against the HWID used to
originally activate the system. If the HWID hasn\'t changed
substantially, the system remains activated. However if the HWID has
changed substantially, the system deactivates and must be reactivated.
This ensures that the activated copy of Windows is still running on the
same physical hardware.

Any change to the system hardware will cause its HWID to change. For
example, if you were to remove the system\'s DVD drive and replace it
with a Blu-ray drive, the HWID will change. Fortunately, the hardware in
the system must change significantly before the system is deactivated.

Some system hardware is weighted more heavily when calculating the HWID.
For example, the network card is weighted heavier than any other
component. As long as the same NIC remains in the system, six other
hardware components can change before reactivation is required. However,
if you install a new NIC in the system, you can change only two other
hardware devices in the system without reactivating. If you change a
third device, reactivation is required.

**Licensing Management Utility**

**slmgr**

- **/ipk product\_key** installs a product key

- **/ato** activates Windows

- **/dli** displays summary license information

- **/dlv** displays detailed license information

- **/xpr** displays license expiration date

Configure the Start menu to provide users with the tools they need to do
their jobs. You cannot prevent users from changing a layout you
configure. Users can uninstall apps from the Start menu and choose which
apps to pin or unpin.\
\
To customize the Start menu, launch the Settings app and navigate
to **Personalization** \> **Start**. Here you can enable/disable the
following items:

- Show recently added apps.

- Show most used apps.

- Show recently added apps.

- Show recently opened items in Start, Jump Lists, and File Explorer.

You can also choose which folders appear on Start:

- File Explorer

- Settings

- Documents

- Downloads

- Music

- Pictures

- Videos

- Network

- Personal folder

You can also use Microsoft Intune, a cloud service, and Configuration
Manager, which is on-premises. Intune can be used to configure the Start
menu layout. You can configure the Start menu to allow or hide various
folders and options, like hiding Hibernate or the Power button, through
Group Policy.

Configure the taskbar to allow users quick access to the tools they need
without making the desktop environment cluttered.\
\
To do this, launch the Settings app and navigate
to **Personalization** \> **Taskbar**. Here are the options you have to
customize settings:

- Automatically hide the taskbar in desktop mode.

- Automatically hide the taskbar in tablet mode.

- Use Peek to preview the desktop when you move your mouse to the end
of the taskbar and click **Show desktop**.

- Show badges on taskbar buttons.

- Select the taskbar position on the screen.

- Select the icons that appear on the taskbar.

- Turn system icons on or off.

- Select taskbar options for multiple displays.

Configure the desktop environment (such as the background and lock
screen) according to the organization\'s policies.\
\
To do this, launch the Settings app and navigate to **Personalization**.
Select the option you want to customize. You can customize settings,
such as:

- Choose how it fits the display.

- Configure how the lock screen looks, such as the background
settings.

- Configure screen timeout.

- Themes. Configure multiple desktop elements at the same time.

- Colors.

- Fonts.

Configure notification settings. To do this, launch the Settings app and
navigate to **System** \> **Notifications**. Here you can customize
settings, such as:

- Add or remove quick action icons.

- Show notifications on the lock screen.

- Show reminders and incoming VoIP calls on the lock screen.

- Allow notifications to play sounds.

- Enable or disable notifications from apps and other senders. (You
can click on the sender to get additional information about
notifications.)

- Focus assist.

- Show the Windows welcome experience after updates and occasionally
during sign in to highlight what\'s new and suggested.

- Suggestions on how to finish setting up a device.

- Get tips and suggestions when using Windows.

**Configure Cortana**

Cortana is Microsoft's virtual assistant and has been created for
Windows and other platforms. Cortana lets you complete a wide range of
tasks using the keyboard or by speaking user-friendly commands into your
computer\'s microphone.

**Cortana**

**Apps**

There, you will see a list of configurable settings, such as:

- App permissions for Microphone and Background apps.

- Whether or not Cortana should run at login.

- Set default apps.

- Terminate the app.

- Reset/Repair app.

- Uninstall app.

**Microsoft Web Browser History**

A brief timeline of Microsoft web browser history:

- 1995 - Microsoft introduced Internet Explorer as their web browser.

- 2015 - After updating Internet Explorer many times since 1995,
Microsoft introduces a brand new web browser: Microsoft Edge.

- 2018 - Microsoft announces plans to completely rebuild Edge as a
Chromium-based browser.

- 2020 - Microsoft publicly releases the Chromium-based Edge browser.

- 2022 - Internet Explorer is officially retired and no longer
supported.

**IE Mode**

Many companies optimized their applications to work with Internet
Explorer because it was Microsoft\'s default browser for so many years.
To give companies time to transition to Edge after retiring Internet
Explorer, Microsoft added an Internet Explorer mode called IE mode as an
option in Edge. This allows websites and applications built on older
technology the ability to function within the Edge browser.

IE mode facts:

- To open a website in IE mode, click on the \"Reload in IE mode\"
button on the Edge toolbar. (See image below.)

- Users will be given an option to have the site open in IE mode
automatically each time it is reopened.

- Edge will prompt the user every 30 days to see if IE mode is still
needed for the website.

Edge Kiosk mode configures a computer to provide a service to an end
user without allowing access to any other applications, the desktop, or
any settings. Kiosk mode could be used for things like self-service for
customers, check-ins for appointments, or digital signs.\
\
You can find \"Set up a kiosk\" by opening **Windows
settings** \> **accounts** \> **Family & other users**.

Microsoft Edge Collections is a web clipping tool. This can be used to
collect websites, images, videos, or documents in one place for easy
access and organization.\
\
Edge offers four ways to save items in Collections:

- Use the Collections icon to the right of Edge\'s address bar. (It
looks like a square with a plus sign in the middle and an offset
second square behind the first square.) Click **+**.

- Click on Settings and more (\...) to the right of Edge\'s address
bar, then select **Collections**.

- Right-click on the desired web page and select **Add to
collections**.

- Use the keyboard shortcut: **Ctrl + Shift +Y**.

Edge Reading View removes extra clutter from a web page, such as ads,
sidebars, and comments. This leaves a clean web page for
distraction-free reading. Just click on the Reading View icon that looks
like an open book to the right of the Edge address bar to enable this
feature on a page. If the icon isn\'t to the right of the address bar,
that particular web page isn\'t compatible with this feature.

Microsoft Edge extensions (also called add-ons) are apps that are
created to modify or add to a user\'s browsing experience. Each
extension is usually created for a very specific purpose, such as an ad
blocker, grammar checker, accessibility extension, and many more.
Extensions can be added, turned off, or removed.\
\
To find and add an extension:

- Click on the extensions icon to the right of the Edge address bar.
It looks like a puzzle piece.

- Alternately, open Setting and more ( **\...** ), then
select **Open Microsoft Edge Add-ons**.

- Select the desired extension from the available list.

- Click **Get**.

- A pop-up box will appear with a list of the extension\'s required
permissions. Select **Add extension**.

- A confirmation will show that it was added to the browser.

To turn off an extension:

- Select the Extension icon to the right of the Edge address bar.

- Select **Manage extensions**.

- Click the toggle button for the specific extension.

To remove an extension:

- Select the Extension icon to the right of the Edge address bar.

- Select the specific extension.

- Click **Remove**.

- Confirm when prompted.