olastrom.com

Windows 365 Switch – The best feature so far?

Post author By Ola Ström
Post date August 17, 2023
No Comments on Windows 365 Switch – The best feature so far?

Just after the summer, Microsoft announced that Windows 365 Switch was available for public preview. And to be honest, this is probably my favorite feature so far, and makes using the Cloud PC a lot easier!

Back at Microsoft Ignite in 2022, the product team announced three major features coming to Windows 365:

Windows 365 Boot
Windows 365 Switch
Windows 365 in offline mode

Back in May, Windows 365 Boot was available as public preview and since the beginning of August, Windows 365 Switch is also available to start testing!

Today, to use Windows 365 Switch, there are some pre-requisites:

Windows 11 Insider (Dev or Beta is supported) on you local PC and your Cloud PC
The Windows 365 app
Windows 365 licenses

You of course also need provisioning policies and so on to be able to provision your Cloud PC, if you want to learn how that is done you can check out this post.

Setting up Windows Insider

There are different ways to enable Windows Insider on you device depending on how your setup is. You can do it directly from the Settings app under Windows Update, but I will show you how to configure this through Microsoft Intune, since this is probably the more common scenario to onboard devices in to Windows Insider in a larger environment.

What you need to do is to create a update policy for the Windows Insider program releases in Microsoft Intune to enable this feature. You can of course also update your current policies to allow Insider builds.

Go to Microsoft Intune and navigate to the Device section and find Update rings for Windows 10 and later. Create a new profile by clicking “+ Create profile“.

Give your new profile a name and click next.

Configure the profile to match your needs when it comes to the generic settings, in this example I will leave it to default. The important setting is “Enabled pre-release builds“. Enable that and select either the Beta or Dev channel (both are supported for Windows 365 Switch).

Add a group of devices you want to include for the Windows Insider Dev channel. Make sure to include both the local PC and the Cloud PC in this group. Click Next.

Review your settings and create the policy by pressing Create.

Note: You can also update any of your existing policies to allow pre-release builds. What I’ve done in my lab environment is to allow this in my test ring in Windows Autopatch and move any machine I want to enable this on into the test-ring.

Opting in for Windows Insider builds

The updates are not automatically enforced on the client, it enables the user to opt in to the program, the user needs a Windows Insider Program account. You can read all about it here: Getting started with the Windows Insider Program (microsoft.com).

Easiest way to get started is to search the start menu for Windows Insider and open the “Windows Insider Programme settings”. This has to be done on both the local PC and the Cloud PC to opt in to Windows Insider.

First time user opens the settings blade, they will need to press the “Get started” button inorder to link an account to the Windows Insider program.

When the account has been linked, user will see what channel they have been added to. Since we are managing this setting from Intune, all the alternatives has been grayed out and the “Dev Channel” is selected, since that is the one we configured.

One you have opted in for Windows Insider builds, head over to Windows Update and run the update. You will see Windows Insider build as an update which will start to download.

IMPORTANT: Perform these steps on both your local PC and your Cloud PC.

The Windows 365 app

The next step is to make sure that we have the Windows 365 app installed on our local machine. This can be done either by deploying it from Microsoft Intune or downloading it from the store.

Easier way is to simply download it from the store.

Once you have installed the Windows 365 app, the wait begins. Things needs to be configured and happen in the background. This normally takes a few hours, so don’t give up if its not there right away!

Once Windows 365 Switch has been configured for you, you will get a new option on your Cloud PC called “Add to taks view”.

When you select this, you will see a ribbon on the Cloud PC you selected this on that it has been added to the task view.

Now when you open the Task View, from either the task bar or win + tab, you will see your Cloud PC as a desktop.

When you select the Cloud PC for the first time, the connection will be setup and you will have to wait while it’s connecting.

Once this initial connection has been done, you will be able to switch back and forth as this would have been just another desktop from within your Cloud PC.

Tags cloud pc, windows 365, windows 365 switch

Digital Transformation Intune Windows 365

Back from vacation – what did we miss?

Post author By Ola Ström
Post date August 15, 2023
No Comments on Back from vacation – what did we miss?

Like the swede I am, I’ve been off work for the last 4 weeks to get my summer vacation. I’ve actually done my best to try to stay away from IT stuff this summer, to disconnect and focus on other things (like golf and getting our house in order).

But the world of IT does not slow down just because of summer, so here is a summary of some of the highlights that I missed during my time off!

I got renewed as MVP

Okay, this I already knew before the summer. But I was awarded for my 2nd year as an MVP within Windows and Devices for IT. I’m truly honored to be awarded for yet another year and being part of such a cool community of awesome people!

Ola Ström | Most Valuable Professionals (microsoft.com)

I will be speaking at WPNinja Summit

I was picked to do two session at the WPNinja Summit in Baden, Switzerland, the 27th to 29th of September.

I will do one session about Windows 365 networks and one about how to do better deployments of Windows 365.

I’m really looking forward to this and I hope to see you all there!

Windows 365 Switch in public preview

At Microsoft Ignite 2022, Microsoft introduced three big new features coming to Windows 365. In May, Windows 365 Boot reached public preview as the first of the three. Now in August, the second and maybe my favorite, Windows 365 Switch reached public preview!

Windows 365 Switch lets you switch between your physical PC and your Cloud PC through the task viewer, just like the other desktops you can have. It’s a really cool feature and I will cover this in a blogpost the upcoming weeks!

You can read more about it in the official Microsoft blogpost found here: Windows 365 Switch now available in public preview – Microsoft Community Hub

Windows 365 Frontline released

This was actually announced before I left for summer vacation, but Windows 365 Frontline finally reached general availability!

For those of you not familiar with this concept, this is a different licensing modell designed for scenarios where the users are not using their device all the time, user who work in shift where you have users coming an going. The concept is that you buy one license, but you get three Cloud PCs but only one can be used at the time.

It sounds a little bit tricky, I know, but I covered this in an earlier blog post which you can have a look at.

Read more about it in the Microsoft blogpost: Windows 365 Frontline is now generally available | Windows IT Pro Blog (microsoft.com)

What’s new in Windows 365?

Windows 365 got some other great updates during the summer as well as Microsoft released a lot of new features in both July and August.

Some of the new features released was:

Move Cloud PC is now generally available
New setting to allow users to reprovision their own Cloud PC
Azure network connection (ANC) least privilege update
Provide feedback button for admins is now generally available
Windows 365 web client camera support (preview)
Group-based license support for Cloud PC resizing
Windows 365 app update notifications for users

You can read more in details here about the new features: What’s new in Windows 365 Enterprise | Microsoft Learn

Windows 11 23h2 release update

Microsoft released new information about the Windows 11 23h2 update coming later this year. It is currently scheduled to be released in Q4 and will be released as an enablement package. This means that there are no big changes coming to the code base of Windows 11, and you can keep doing you testing on Windows 11 22h2 if you are still transitioning over to Windows 11.

Microsoft also mentions a Windows 11 LTSC version in this update, which means that if you are waiting for that release, you can start preparing.

Windows client roadmap update: July 2023 – Microsoft Community Hub

What’s new in Intune?

As per usual, Microsoft Intune has gotten it’s weekly updates during the summer. I think the most impactful update was the fact that uninstalling applications as an end-user in Company Portal is FINNALLY available! I know this has been something a lot of IT Pros has been waiting for. There are also a lot of new stuff in the 2307 Service release.

Some highlights:

Uninstall Win32 and Microsoft store apps using the Windows Company Portal
Use the Turn off the Store application setting to disable end user access to Store apps, and allow managed Intune Store apps
New BitLocker profile for Intune’s endpoint security Disk encryption policy
Intune supports new Google Play Android Management API
Change to default settings when adding Windows PowerShell scripts
New settings available for the iOS/iPadOS web clip app type
Settings insight within Intune Security Baselines is generally available
Tamper protection support for Windows on Azure Virtual Desktop
Endpoint Privilege Management support to manage elevation rules for child processes

What’s new in Microsoft Intune | Microsoft Learn

Screen capture protection and watermark

During the summer Microsoft updated how you can enable screen captrue protection and watermarks for Windows 365 (and Azure Virtual Desktop).

Previously, you had to upload a custom ADMX template to enable these settings (or GPO), but they have now been made available in the built-in ADMX profile in Intune, making this setting much more accessible.

I will cover this more in a future blog post

Azure Virtual Desktop Watermarking Support – Microsoft Community Hub

Screen capture protection in Azure Virtual Desktop – Azure | Microsoft Learn

Microsoft Inspire 2023

During the summer, Microsoft also held their Inspire conference which is usually more targeted towards partners, but there was a lot of good stuff announced and shared during the conference.

Check out the main keynote here: Microsoft Inspire Keynote

Any also the rest of the sessions: Session catalog (microsoft.com)

Tags cloudpc, digital transformation, intune, windows 365

Windows 365

Boot directly to your Cloud PC

Post author By Ola Ström
Post date June 20, 2023
No Comments on Boot directly to your Cloud PC

Windows 365 Boot was first announced at Ignite in 2022, but no dates were announced at that point.

But now it has finally happened! Windows 365 Boot is in public preview and ready for you to test! There is, however, at the time being a need to use Windows 11 Insider Preview for this to work.

Windows 365 Boot is a concept which is exactly what it sounds like, the possibility to boot your physical PC straight into your Cloud PC. One could almost argue that this is a Windows take on a thin client concept but based on Windows 11 instead of some Linux distribution. We will see where this will take us in the future, but I can see a lot of cool scenarios for this combined with Windows 365 Frontline!

A while back, I wrote a post about creating a shared Windows 365 kiosk setup for Windows 10 or Windows 11, a poor man’s Windows 365 boot for impatient administrators. But now we have the real thing, so let’s set it up!

Setting up boot to cloud

The simplest way to setup Windows 365 Boot is to use the Microsoft provided guided scenario, which can be found here.

The guided scenario will help you create all policies and profiles you will need for this but do keep in mind that you still need to create your Windows 365 provisioning policy!

The first step in the guided scenario will give you an overview of what will be done and what it’s used for. If you have ever used guided scenarios before, this will be a familiar experience!

On the next step, we will add a prefix for our policies. This would typically be something you use in your naming convention. Please be aware that Microsoft only allows you to set the prefix of the names, not the whole policy name. If you want to change this to follow your naming convention, you will need to do that manually once everything has been created.

Next step is to set how updates should be handled. I’ve just added 0 on all values for days and gone with the default active hours, but this would typically reflect your normal patching/upgrade cadence.

On the next step, we can add some additional settings. I’ve just added a Wi-Fi profile, but you can add a VPN profile if needed as well. The last step on this tab is to select the language/region. I’ve selected to go with the operating system default that I have on the device I will deploy to.

On the last step before the automated creation starts, we will take care of assignments. You can either create a new group or use an existing group (please give us this feature in the other assignment flows Microsoft!). I’ve selected to create a new one called All W365 BtC Devices.

Once we have reviewed our settings, the deployment of policies, profiles and groups will start. You can follow and monitor the deployment (much like in Azure). For me, this was a fast process.

Getting the client ready!

As I mentioned, you need Windows 11 Insider Preview to be able to use Windows 365 Boot. You can either upgrade your machine manually or use Intune to upgrade your machine to the Insider Preview Dev channel.

You can modify the update policy created to allow the Insider Preview Dev channel for your Windows 365 Boot machine (please keep in mind that this is a preview) or you can create a new policy for this. What you are looking to enable is the following.

To upgrade your machine manually to Windows Insider Preview, go to Settings > Windows Update > Windows Insider Program and opt in for insider builds on the machine.

ATTENTION!!

Don’t forget to add your devices to the group you assigned your Windows 365 Boot policies to, otherwise nothing will happen!

What I’ve also found is that you need to reset your device for this to work to 100%. At least my clients, if not reset, are not able to connect to the Cloud PCs. So hot tip!

The experience

When our computer is running Windows 11 Insider Preview and has gotten all out new Intune policies and profile, the magic will happen!

When the computer boots, it will take you to the Windows 365 Boot sign in page instead of the regular Windows sign in. From here, you will sign straight into your Cloud PC instead of your local PC!

Tags cloud pc, windows 365

Tips & Tricks Windows 365

Session time limit for Windows 365 Frontline

Post author By Ola Ström
Post date May 24, 2023
No Comments on Session time limit for Windows 365 Frontline

Since we now have successfully set up and provisioned Windows 365 Frontline in our environment, we need to add some additional layers of configuration to make operations as smooth as possible, and especially to make sure that we use the licenses in the best way possible.

With Windows 365 Frontline, each license is reserved as long as the user has the session running. This means that users could potentially have active sessions but are idle which would result in them locking one license.

Since users might forget to end the session, you can configure a policy that will end idle sessions for the end-user.

Create the policy

To create the policy, head over to Intune (https://intune.microsoft.com) and navigate to Devices > Windows > Configuration profiles and select “+ Create profile“.

Select the profile type to be Settings catalog and press Create.

Give your profile a name that makes sense to you and your organisation, I will go with something that follow my name standard for my environment that indicates it’s for Windows 365 Frontline and what the profiles does. When you have given the profile a name, press Next.

Select “+ Add setting” to open the settings picker.

In the settings picker, search for session time limits and select the category for Session Time Limits.

In the settings name section, check the box for “End session when time limits are reached“ and “Set time limit for active but idle Remote Desktop Services sessions“, and your setting will appear in the policy. Once you have selected the setting name, close the fly-out settings picker.

Enable the settings and choose the time limit that matches your needs and corporate policies. In this example I’ve selected 1 hour, which is good value to start with. Once you have enabled these settings, press Next.

Unless you use Scope tags you can skip this section and move right to Assignments where we will deploy this towards all our Windows 365 Frontline devices. I’m doing this by assigning the policy to the built in All devices group and applying a filter I’ve created for Windows 365 Frontline.

The rule syntax you want to use when creating a filter for Windows 365 Frontline machines is at least this one, but it can of course have additional lines depending on your needs:

(device. Model -startsWith "Cloud PC Frontline")

Once you have made the assignments as needed, press Next and then Create.

Your policy will now assigned to all your Windows 365 Frontline Cloud PCs and you can track the progress in Intune by looking at the policy.

Tags cloud pc, intune, windows 365, windows 365 frontline

Windows 365

Windows 365 Frontline – Getting started!

Post author By Ola Ström
Post date May 17, 2023
No Comments on Windows 365 Frontline – Getting started!

Windows 365 Frontline is still in public preview, but you can sign-up for the preview on this link! Since it’s still in preview, there is currently no information on pricing.

When you have gotten yourself licenses it’s time to configure, and since this is Windows 365 you do everything from Microsoft Intune.

One thing that differs the Frontline version from the Enterprise version is how licenses are assigned. For Enterprise you assign a license to a user to provision a Cloud PC, but for Frontline this works differently. You never assign the license to a user, and we will cover what you do instead further down in the post. It’s really clever!

Setting up a frontline Cloud PC

What you will need for this, except for the obvious Microsoft Intune and all its pre-requisites, is of course the Windows 365 Frontline license. This license gives you the right to provision 3 Cloud PCs per license. What you would typically also add to this is a Microsoft 365 F3 or E3/E5 license (or equivalent licensing) to gain all the features needed for managing and working with the digital workplace.

You will also need a few groups (Azure AD groups or synced on-premises AD groups) with the users you are providing with a Cloud PC, this could e.g., be your IT Service Desk team.

Once we have that in place, we can start configuring!

Head over to https://intune.microsoft.com and navigate to Devices > Windows 365 and select the “Provisioning policies” tab.

Click on the “+ Create policy” button to create your new Windows 365 Frontline provisioning policy.

On the “General” step, give your profile a good name and make sure to select Frontline as license type. Then select the join type you would like to use, followed by the network settings. For this example, we will user Azure AD join and Microsoft Hosted network, and we will place the Cloud PCs in Sweden Central. When done, click Next.

In the next step, we will select which image we will use. In this case, we will use the default value and just click Next.

In the next step, we will apply a custom naming convention to differentiate these from our regular Cloud PCs, but this is mostly for my own convenience, and you can leave this to default. We will also add these computers to Windows Autopatch since I have that active in my environment. When done, click the Next button.

In the next step, this is where the magic happens. Since you never assign licenses directly to a user you will need to add which groups should get Cloud PCs based on this policy, but also which license these groups should use. You can add multiple groups and have different machine sizes assigned to the separate groups. In this example, since I only have one license type, we will assign the same license to the same groups.

You will also be able to see how many Cloud PCs you have left to assign.

Once you have set up your groups and assigned the licenses to them, click on the Next button to review your settings before creating the policy. If everything is in order, click Create.

Monitor Cloud PC provisioning

Once you have created the provisioning policy and populated the assigned groups, your Windows 365 Frontline Cloud PCs will start to provision, and you can as always track this in the “All Cloud PCs” tab. What I’ve found is that I need to clear any filters applied before I can see the Frontline machines, so if you don’t see them just clear the filter.

Once the Cloud PCs are provisioned, they will get name based on what we set in the naming template part of the provisioning policy and your Windows 365 Frontline Cloud PCs are ready to use!

Connecting to Cloud PC Frontline

As with all other Cloud PCs, there are a few different ways to connect to your Cloud PC Frontline, but the preferred way should always be using the Windows 365 app since this provides the best end-user experience.

Once you sign in the to the Windows 365 application, you will see all your Cloud PCs listed. You will see both your assigned Enterprise and Frontline Cloud PCs. This will look similar in the Windows 365 web portal as well.

As you can see in the picture, the Cloud PC Frontline machines are tagged with the word “Frontline” which provides me as an end-user a great way to differentiate the two different versions from each other. As you can also see, I can have several Cloud PC Frontlines assigned to me based on different profiles.

When you click connect, the initial connection will take a little longer and you will see this ribbon on the Cloud PC.

One the machine has booted; you will get a pop-up telling you to make sure to disconnect when you are done since the disconnection is what makes the license available for other users. The time-out time can also be set with policy on the Cloud PC using Intune.

Once I confirm the connection, my Cloud PC will boot up and my session will start.

From here, things are just as with my regular Cloud PC except that applications will be closed, and the Cloud PC will be turned off when I leave the session which results in that I will need to start my applications again. It is not that different from a physical PC which is turned off.

Remote user actions

In the Windows 365 app, as long as your Cloud PC Frontline is up and running, you can perform remote actions such as restart, troubleshoot or restore. But as soon as it’s powered down, you can only see system information and rename your Cloud PC.

Tags cloud pc, windows 365, windows 365 frontline

Windows 365

Windows 365 Frontline – Let’s talk about it

Post author By Ola Ström
Post date April 19, 2023
No Comments on Windows 365 Frontline – Let’s talk about it

Updated on 20th of April 2023 based on feedback around license assignments.

At Ignite 2022, Microsoft announced that they were working on something they called “Windows 365 for Shift Workers” and a couple of weeks ago this was released in public preview under the name “Windows 365 Frontline” on April 6, 2023.

But what is Windows 365 Frontline and how is that different from the regular Windows 365?

The biggest difference is the license model to be honest. There are technical differences as well for admins, but for the end-user the experience is the same to be honest. Users still get their personal machine, but when the user ends their session, the machine is shut down instead of kept in the state it was left.

But going back to the license, which I think is the most interesting part here. The current setup is that there is a 3:1 ratio on the license, 3 users can be assigned to one license, but you can only use one license/machine at the time. And this is where the confusion begins since it’s positioned to be for shift workers BUT there are no integrations towards any scheduling system for license handling at this point. But this is only the beginning of the frontline user story for Windows 365!

Let’s pretend you have a scenario where your users work shifts to cover the day. The number of shifts you have during the day doesn’t really matter in this sense. What is important is the number of concurrent users you have, you need to make sure that you can cover the number of users who are active at the same time, and the same license can be shared over different departments.

The licens is, like Windows 365 and Microsoft 365 licenses, assigned on a tenant level. Which means; if you have as many licenses as you will have concurrent users you are good to go. You never assign a specific “third” of a license to a user, you don’t even assign the license. You just say that “this group is eligible to use the frontline worker setup” in your provisioning policy, which is a lot different from the Enterprise setup.

This could however of course mean that you have “more” licenses than you need since it might not add up perfectly. But given that you have the license on a tenant level, this means you can share your licenses over several scenarios/teams. But as of right now, this is what it looks like and it’s still in preview.

One important thing with Windows 365 Frontline workers though, we still don’t know what the license cost for this will as of writing this. As GA is set to around June 2023 according to the Microsoft public roadmap, this will be clearer in the coming months.

The second thing around Windows 365 Frontline to remember is that this is not a “Windows 365 version of AVD Multisession”, this is pooled licenses where end-users get their own, personal Cloud PC, not a shared host like multisession. So, the end-users will get a full Cloud PC, it will just not be available for them 24/7 as with the Enterprise version.

In an upcoming blog post, we will dig deeper into how you configure this in your environment, and what the user experience is like!

In the meantime, you can read more about Windows 365 Frontline in the Microsoft release which you can find here.

Windows 365

Custom name for Cloud PC

Giving computers custom names is something which is somewhat of a hot potato. We have been doing it for years, and I’ve even blogged about it previously (olastrom.com – Naming conventions). It’s something which is important for some, but from an asset perspective it has kind of played out its role since it is not persistent.

However, one thing that has been a really important thing for some, has been the possibility to configure the naming convention for Windows 365 Cloud PCs which has not been possible. Until now!

With the update in the end of March 2023, this is now doable. It follows the same pattern as the naming convention for Windows Autopilot enrolled devices. You can set a prefix followed by variables. For Cloud PCs, these are a bit different, but follow the same idea.

As you can see by the picture, the name can be between 5 and 15 characters and can include some additional characters except for numbers and letters. The computer name MUST include at least 5 random characters using %RAND:y% where y is the number of random alphanumeric characters. I can however leave out the username and only use random characters.

Configure Cloud PC naming

To configure Cloud PC naming, you can either create a new provisioning policy or change an already existing one. In this example, I will change one of my existing policies. This new setting is by default off in all existing policies and you will need to actively set this for new policies.

Head into Microsoft Intune (intune.microsoft.com) and navigate to Devices > Windows 365 and select the Provisioning Policies tab.

Either select “+ Create policy” or modify an existing policy. I’ve chosen to update my existing policy for my Swedish users. When you get to the “Configuration” step in the policy, you can enable the Cloud PC naming by checking the check-box. It will then display the option to enter a custom name.

As you can see by my example, I’ve chosen to set the policy to give my Cloud PC a name which is CPC followed by five random alphanumeric characters followed by SWE. So, the name could end up being CPC-ABC12-SWE.

Conclusion

“With great power comes great responsibility”. Use naming wisely. To be honest, for Cloud PC naming makes slightly more sense since we don’t have serial numbers or such as an identified. However, naming will change once re-deployed since we have a random part of the name if is enforced. But with this function we can adapt it to fit with the rest of our naming conventions a bit more. You could even just set the same as for all other PCs (except you will get alphanumeric and not numeric random characters).

Tags cloud pc naming, cloudpc, w365, windows 365

Intune

Intune Suite – What’s in it for me?

Post author By Ola Ström
Post date March 28, 2023
No Comments on Intune Suite – What’s in it for me?

Microsoft finally released the long-awaited Intune Suite, or as it is called in Intune “add-ons”.

But what is the Intune Suite and why should I even care? That’s what I’m set out to cover in this blog post, and we will take a look at what there is right now and what’s to come.

One major change happened when this was introduced, and that is how Intune is licensed. Or at least it got some new names. Microsoft Intune Plan 1 is what previously was just called Intune and is included in the Microsoft 365 and EMS plans. This will give you the core Intune features as you have been using them today (with some exceptions).

Then we have Microsoft Intune Plan 2 which are some add-ons to plan 1 including Microsoft Intune Tunnel for Mobile Application Management, which will give you an option to use Intune Tunnel together with your MAM enabled applications. And then we also have Microsoft Intune management of specialty devices, which enables you to manage specialty devices in Intune such as AR/VR devices, conference room meeting devices and large smart screen devices.

For Plan 1, there is also a possibility to buy Remote Help, Endpoint Privilege Management, Advanced Endpoint Analtics and the other upcoming features as standalone services to your Plan 1.

Intune Suite – premium features for Intune

The Intune Suite is a packaged deal which includes all the bells and whistles. You get Plan 1 and Plan 2, but also all the nice extra add-ons. Today, this list is quite limited since it will only get you Plan 2, MS Intune Tunnel for MAM and Remote Help on-top of your Plan 1 licens (which you got from your M365 license anyway). BUT, and this is the selling point, you will get all the upcoming features once they are released.

The two already released premium features (if we disregard the Plan 2 features), are by them self really good products. I’ve previously covered the Remote Help app which since then has been refined even further.

Microsoft has further announced that they will release Endpoint Privilege Management (which is currently in public preview) and Advanced Endpoint Analytics as a start, but there are more things coming which will make this suite even better!

Why should I consider this?

Should you consider the Microsoft Intune suite? Well, that depends on your needs. For some, it certanly makes sense to consider it given that they are interested in a lot of the listed features. For others, maybe just one is interesting which then makes more sense to buy as add-ons on it’s on rather than buying the whole suite.

I think, as of right now, Remote Help and the upcoming Endpoint Privilege Management is what will be most useful for many companies as it solves two major headaches: A remote support tool integrated to Intune and a first party solution to manage local administrator. There are a lot of other good tools out there to manage both remote support and local administrator but having a first party tool comes with advantages such as good integrations to Intune for e.g. reporting.

I will in feature post dig in more to the features of the Intune Suite, but for now we have set the scene!

Tags intune, intune suite

Windows 365

Why would you use a Cloud PC?

Post author By Ola Ström
Post date March 21, 2023
No Comments on Why would you use a Cloud PC?

I’ve been reading a lot of posts lately about the “why” around Cloud PC, why and when you would use a Cloud PC and what the scenarios could be. This inspired me a bit!

The way we often see virtual computers is that “yeah they are great, but this is way too complex for us” or the more common one “we triend that 5 years ago, we won’t go down that route again”.

My idea for this post is to talk a little bit about why you should move to Windows 365 for the bulk of your users and use AVD for those niche implementations where Windows 365 can’t really fulfill your needs today.

Why would you work from a Cloud PC?

Image that you are like me, a consultant, who collaborates with several different customers who all have their own environment. Or maybe you have taken the decision to support Bring Your Own Device (BYOD), which would be a similar scenario for consultants.

When I talk to customers and other people about Windows 365, we often discuss two scenarios:

Consultants/part time workers,
Mergers and Acquisitions (M&A).

The first one is way more common to be honest since most organisations today have at least some consultants in their team.

If you look at a consultant, they usually work for some kind of company which provides them with a computer which they take with them everywhere they go (I know I do). Since they already have a computer, why give them yet another one to fill their backpack with? Why not use a Cloud PC which they can access from a device of their choice, which you can configure in such a way that information cannot leave the Cloud PC.

Using a Cloud PC, you can give a consultant or employee access to the internal network without them having to install anything on their, by your company, unmanaged device. The device they will work from will be fully managed and you can be sure that you have done everything in your power that you have secured your data.

Working from a Cloud PC isn’t that different from using a physical, since all we do today requires an internet connection anyway. Sure, you get reliant on always having an internet connection (until Windows 365 introduces the offline mode). But let’s face it, we are already reliant on that for collaborating in our daily work, I’m myself never offline unless basically traveling on an airplane.

Environmental impact

There is also another aspect of this, which we might not always talk about, but I find interesting. It’s the fact that getting new computers has a significant impact on the environment, and getting hold of hardware isn’t always that easy nowadays (long lead times).

Using Windows 365 has some environmental benefits compared to physical computers. Firstly, it reduces the amount of energy, water, and resources needed to produce and dispose of physical hardware. Secondly, it optimizes the use of computing resources and reduces energy consumption, which lowers the associated carbon emissions.

However, using virtual desktops needs a reliable internet connection and raises concerns about data privacy and security. Overall, while the environmental impact of using Windows 365 compared to physical computers is complex, cloud-based computing services can reduce the need for physical hardware and use computing resources more efficiently, thus benefiting the environment.

The fact that we can run Cloud PCs on any hardware, this also means that older hardware can be used longer (but be careful using Windows 10 after 14 of October 2025 since it will no longer get patched). There are many ways of making use of older hardware without needing to install Windows on them even. IgelOS is an awesome example of this, and there are many other products like them!

The takeaway

So, what do I think you should take away from this blog post?

Firstly, I think you should seriously consider STOP giving your consultants PCs and have them use Cloud PCs instead. This will save you time and money since you will not have to source computers for them, and it’s not too uncommon that we provide consultants with older hardware which might have reached the end of its lifecycle and might not be too reliant anymore.

There are great examples of this, such as the Swedish manufacturing company Alleima who in a Microsoft customer case describes how they look at this. There is also another Swedish example with the energy company Kraftringen who also went down the same path with using Windows 365 for temporary workers.

Secondly, let’s face it. The consultant already has one computer which they bring wherever they go. Why give them yet another computer they need to fit into their already filled up backpack? And when the assignment is over, you have the hassle of getting that computer back, especially if you have used resources which are not local to your area. Then it needs to be shipped or a visit to the office planned and coordinated.

Using a Cloud PC, you can have a consultant up and running within a few hours, without having to get any kind of hardware to them!

But as always, there are of course instances where a physical machine is required, but I would say that you could solve the consultant situation 80-90% of the time! 😊

Tags cloud pc, windows 365

Digital Transformation

Controlling your carbon footprint in Windows

Post author By Ola Ström
Post date March 17, 2023
No Comments on Controlling your carbon footprint in Windows

As many probably know, Microsoft released a bigger update to Windows 11 with the March Patch-Tuesday release. This patch was more than just patches, this included also some new features like the Windows 365 app which reached GA earlier this year, video recording in the Snipping tool and some pretty cool AI features from Bing.

But one of the better new features is, according to me, the new energy recommendations to help you decrease your carbon footprint. This new feature is just a set of recommended settings to set for your computer to be more energy efficiant.

The end-user could implement these settings themselves, but let’s face it, no one outside the IT department would look for that in the settings.

Since Windows does not enforce the policies to be changed, someone needs to make an active decision here.

This is what my device looked like when just jumping into the settings. What options you see might vary depending on what device you are using, and you can even get recommendations on a Cloud PC. In this example, I’m using a desktop PC. As you can see I have two settings which are not in line with Microsoft recommendations, and one which is managed by Intune. If I had a laptop, there would have been more options for me such as screen brightness and battery optimization.

Here I can select if I want to apply all or just a subset of actions. If I click on apply all, all settings will be updated to the recommended value.

I can also now see, if I step back in the settings menu, that I have enabled all available settings.

Conclusion

Even if this is a small update, I think it’s a good and important one to adopt. You can of course look into having these defined within your environment, which will mean that users cannot change these settings themself if they would like for some reason.

This is a balance between enforcement and spreading awareness amongst users. There might be reasons for users needing increased brightness on their screen as an example. But looking at this from a sustainability perspective, this is a great place to start working with your computers around this even more.

If you want to know more about the settings which is a part of this, have a look at this Microsoft support page: Learn more about energy recommendations – Microsoft Support

Tags Environmental footprint, windows, windows 11

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.