Windows 10 Roll-out: WSUS, Group Policy and Installation

As a software development company we need to be a little ahead of the curve when it comes to our adoption of new releases of Windows Server and Desktop environments as we need to ensure that our software will continue to function when our clients decide to upgrade to the latest technologies. However until recently due to our customers being large enterprises, which traditionally are slow to adopt new technology, we didn’t need to jump in immediately when a new OS was released. That has changed since we started to gain clients in emerging markets, Kenya and Nigeria specifically, who appear to be quicker to adopt the latest OS as they are experiencing rapid expansion and growth of their infrastructure.

So just over two months since the release of Windows 10 I undertook a pilot program to roll it out to a limited number of developers and create a small number of virtual machines for testing.

Edit: Since first writing this up the number of people that I have rolled Windows 10 out to now encompasses almost a third of the company.

But prior to the actual roll-out there are a couple of tasks that need to be done to ensure that the infrastructure for managing Windows 10 is in place namely WSUS (Windows Server Update Services) and Group Policy.

WSUS was pretty simple as the product list it uses is updated automatically with new entries so it is just a matter of ticking the boxes to receive updates for those products. Open up the WSUS console, click on Options and then Products and Classifications. Tick all the relevant boxes to receive the Windows 10 updates.


Installing the Group Policy Administrative Templates (admx files) was more involved but again was pretty straightforward. I downloaded the ADMX files Microsoft Administrative Templates for Windows 10 I also downloaded the ones for Windows 8.1 and Windows Server 2012 R2 as I’d realized that I’d somehow overlooked these previously.

Logged into one of the Domain Controllers and found the path to the SYSVOL folders location in the Central Store. Please note if you’re following these instructions and do not have a central store in your domain then the SYSVOL location will have different path.

Then opened the msi installer to start the installation of the Administrative Templates. At the Select Installation Folder window I changed the folder from the default to the folder of the SYSVOL folder in the central store that I found previously.


If you have a Central Store for ADMX files, the location should be the same or similar to the path below, just replace with your domain name (


Installed both sets of templates and then took a quick look at the Group Policy Settings reference spreadsheet to see what new settings have been added, the total number of settings is now over 3700!

The actual installs of Windows 10 have all gone very smoothly so far. As well as the relatively new developer PCs (1-2 years old) I have carried out Windows 10 upgrades on a variety of different older systems including a 5 year old desktop PC and a 4 year old laptop.

Sharepoint Online login failure. Issue Type: User not in directory

Sharepoint Online login failure

Weird glitch with Office 365 when a user who had returned from a two week long holiday tried to access a document in Sharepoint Online. The error message shows that the user is not in directory, which is incorrect. He couldn’t login to Microsoft Office 365 at all, however Outlook still worked and he could send and receive email.

Resetting his password fixed the problem.

But what was the underlying cause could not be discerned. It wasn’t that he was logged in using his MSDN Microsoft account which has the same email address and therefore the same username as his Office 365 organizational account. A Private Browser session was tried and that failed. Also attempting to login from a completely different Pc failed in the same way.

My best guess is that the Azure Active Directory object associated with his account had been locked due to an expired password or the object had become corrupted in some way. Resetting the password then updated the object’s attributes which allowed the account to become active again.

Microsoft’s Windows 10 hardware event in 9 minutes

Microsoft’s Windows 10 hardware event in 9 minutes.

The Verge have produced a video highlighting the best bits of Microsoft’s hardware presentation.

Unitrends DRaaS: Disaster Recovery as a Service

I use Unitrends Enterprise Backup as part of our disaster recovery system and I’m impressed with it.

Apparently Unitrends also provide a full DRaaS: Disaster Recovery as a Service and currently have a Limited time offer of free 500GB of Forever Cloud for all new customers!

Introducing the new Office 365 Admin Center Preview

The Office 365 Admin Center is being updated with the new visual style that Microsoft has adopted for the Microsoft Azure admin center.

We haven’t received the update yet on our subscription, but I like the look of it and so long as it is as easy for me to administer our company’s subscription I’ll be happy.

How to shrink a VMDK: Shrinking a virtual disk in VMware ESXi

First open up Disk Management in Computer Management in your guest Windows environment.

Right click the volume on the disk you want to shrink.

Windows will inform you the maximum amount it can shrink the disk by. Choose an amount that you wish to actually shrink it by and click Shrink.


Windows will start the shrinking process and it might take some time and appear to be hanging as Windows will actually be defragmenting the disk in order to consolidate the free space towards the end of the disk before resizing the volume.

Once it is done and you are satisfied that the volume on the disk is the size you want it then you need to shut down the VM.

SSH into the host and copy the VMDK file to make a backup of it, just the descriptor file not the flat file.

cp vmname.vmdk vmname-original.vmdk

Open up the VMDK file in a text editor and find the line that describes the size of the flat file. Similar to the following

# Extent description

RW 209715200 VMFS “vmname-flat.vmdk”

The number is the size of the virtual disk in terms of disk sectors, where each sector is 512 bytes. So a 100GB virtual disk is 209715200 sectors.

You will need to change this number to correspond to the new disk size where x = size in GB

vmdk_size = [x * (1024*1024*1024)] / 512

I have chosen to shrink my disk to 60gb, so my new Extent description now reads as follows:

# Extent description

RW 125829120 VMFS “vmname-flat.vmdk”

You now need to clone the drive to get it to the new size:

vmkfstools -i vmname.vmdk vmname-new.vmdk

The bit we are interested in is the newly created vmname-new-flat.vmdk file.

Rename the old flat file from vmname-flat.vmdk to vmname-flat-old.vmdk

and rename the vmname-new-flat.vmdk file to vmname-flat.vmdk

Start the VM up and it should show the new smaller disk. When you are satisfied that everything is working you can now delete the old unneeded files from your datastore.

How to download the Windows 10 ISO

It is July 29th 2015 and Windows 10 has been released. If you have reserved your copy it will probably have downloaded by now and is ready for you to install it.


  • If you reserved your copy and it hasn’t downloaded yet.
  • You didn’t reserve your copy and you’ve found that you can’t download and install it yet due to Microsoft’s staggered roll-out.
  • You wish to do a fresh install.
  • You have multiple machines to upgrade and you don’t want to download the installation files many times.

Then what are your options?

You can jump the queue and do an in place install or download an ISO file of Windows 10 via a handy little tool that Microsoft has published called the Media creation tool.

The Media creation tool is a small EXE file that you just need to download and run to start the process. It comes in 32-bit and 64-bit versions and both will allow you to create 32-bit and 64-bit ISO files.

When you run it you’ll be given the option to either perform an upgrade of the PC you run it on or to create installation media for another PC. Choose the latter option, click Next, then choose the language, Windows version, and whether you want 32- or 64-bit architecture, or both.

You will then get the option to either download and create a bootable USB medium or to download and create an ISO file. select the ISO file radio button, click Next yet again and choose a location to save it to.

The tool will download the files, verify them and then create the ISO file.

One of the most important reasons to upgrade to Windows 10: Security

The most secure Windows ever, Windows 10 has more built-in security protections to help safeguard you against viruses, phishing, and malware. New features are now delivered through always-enabled updates, helping you to stay current and your system to feel fresh, so you’re free to do.

Windows 10 is designed to be the most secure version of the operating system yet, but as is typical with software this complex there are likely to be new security flaws that have yet to be discovered that are unique to this version of Windows.

Introducing Windows 10

Official announcement from Microsoft that the release date for Windows 10 will be July 29th.

Learn about all the reasons you’ll love the new Windows 10 – available as a free upgrade on July 29th. It’s familiar, comes with exciting new innovations like Cortana and the brand new Microsoft Edge browser, plus apps, Xbox and more. Learn more and reserve your free upgrade at

I’m a Backup Academy Certified Professional now!

I’m a Backup Academy Certified Professional now! And you?