IT

Default Printer At First Logon via Group Policy

Deploying a network printer via Group Policy is pretty easy. In Group Policy Management Editor, you go to User Configuration > Preferences > Control Panel Settings > Printers and right click to create a new Shared Printer. Configure the options which are pretty straight forward.

Something doesn’t go right though, if you use the option ‘set this printer as the default printer’. The printer won’t actually be set as default for the first login. As it’s set to Update though, this will get fixed next time Group Policy runs.

However, if you have the Action set to ‘Create’, it only gets one chance to set the default printer – at the time of creation. That fails, and it doesn’t get a chance to set the default printer again.

Why does it fail to set the default printer at first logon? You’ll see an event viewer application error like this:

The user ‘HP Printer’ preference item in the ‘Define Printers {XXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}’ Group Policy object did not apply because it failed with error code ‘0x80070709 The printer name is invalid.’ This error was suppressed.

There’s a clear Microsoft Support Article that explains why – in summary, Windows isn’t ready yet to change something on the printer between the time it creates the printer, and then tries to make it default as they’re two separate actions.

However, we can work around this by deploying a registry entry that sets the default printer. This 11 year old article is still correct in that it shows the registry value to change:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows

REG_SZ - Device
Value - \\adamfowlerit\printer,winspool,Ne04:e

Setting this via registry as an ‘Apply once and do not reapply’ with any other logic matching your printer deployment policy, should end up with the printer as a default on first logon.

This is a problem that’s been around for many years, but the first time I’ve hit it!

Removing Unwanted SMTP Records From Exchange Hybrid

I’m still new to Exchange Online and Office 365 mailbox management, but got stuck on this scenario for a bit.

After testing an E-mail Address Policy, I wanted to remove what the policy had done. I’d already discovered that taking an address off a policy itself doesn’t remove it from the accounts, and run this simple script to remove the unwanted SMTP record off each account. However, accounts that had been migrated to Office 365 didn’t change and still had the unwanted SMTP record.

I checked on Exchange Online itself, and the address I’d added hadn’t flowed through. I believe this was because it was using a domain that Office 365 didn’t know about – but that also meant that I had no records to change at that end. I could however go into the mailbox itself via the Exchange console and remove the unwanted record.

It turns out, that I had to use the ‘Get-RemoteMailbox’ and ‘Set-RemoteMailbox’ command in place of the ‘Get-Mailbox’ command. Although I was working with Exchange PowerShell on-premises, the mailbox type is “RemoteUserMailbox’. ‘Get-Mailbox’ against any migrated item will not find those objects that live in the cloud.

 

If you want to see which Exchange objects have a particular SMTP record in Exchange 2010, regardless of what mailbox type they are or where it lives, there’s an easy way.

Make sure the ‘Recipient Configuration’ tree option in the Exchange Console is selected, and filter with E-Mail Addresses > Contains > your unwanted SMTP record:

This will make sure all object types (including groups, contacts etc) don’t have the unwanted SMTP record.

Office 365 Extra Features Overview

In September 2017, I presented at the user group I co-own with Brett Moffett on the topic of Office 365 Extra Feature Overview. I wanted to show some of the key parts of Office 365 beyond Exchange, SharePoint and Skype for Business. Here’s a recording of that presentation:

 

Forms is still my favorite ‘quick win’ feature, which I previously covered along with a sample form and results.

If you’re ever in Adelaide and want to come along to our monthly catchups, here’s our Meetup page: https://www.meetup.com/preview/Adelaide-Microsoft-ITPro-Community

 

 

Lenovo ThinkPad X1 Yoga Gen2 Review

In 2016, the first Lenovo Thinkpad X1 Yoga (which I reviewed) was released in the ThinkPad lineup. It was my pick of laptops, being a solid all-rounder.

It’s 2017 now, and the second generation of this laptop has been out for a few months now. You can buy it straight from Lenovo or other suppliers… but is it still as good, and what’s changed in this latest generation?

Let’s start with the tech specs:

Processor
  • 7th Gen Intel® Core™ i5-7200U Processor (3M Cache, 2.5GHz, max. 3.1GHz)
  • 7th Gen Intel Core i5-7300U Processor (3M Cache, 2.6GHz, max. 3.5GHz), vPro
  • 7th Gen Intel Core i7-7500U Processor (4M Cache, 2.7GHz, max. 3.5GHz)
  • 7th Gen Intel Core i7-7600U Processor (4M Cache, 2.8GHz, max. 3.9GHz), vPro
Operating System
  • Windows 10 Home 64-bit
  • Windows 10 Pro 64-bit – Lenovo recommends Windows 10 Pro.
Display
  • 14″ FHD (1920×1080), glossy, 270 nits, 700:1 contrast ratio, narrow bezel FHD panel (on models with no WWAN only), IPS
  • 14” WQHD (2560×1440), glossy, 270 nits, 700:1 contrast ratio, IPS
Multi-Touch
  • Capacitive touch panel, supports 10-finger gesture
Hinge / mode
  • Yoga hinge, 360 degree / Laptop, tent, stand and tablet
Pen
  • ThinkPad Pen Pro
Graphics
  • Intel HD Graphics 620 in processor only, supports external digital monitor via HDMI or USB Type-C; supports 3 x independent displays; max. resolution: 4096×2304@60Hz (USB Type-C), 4096×2160@24Hz (HDMI)
Adaptor (optional)
  • HDMI to VGA adaptor
  • USB-C to VGA adaptor
  • USB-C to DisplayPort adaptor
Memory
  • 8GB / 16GB, LPDDR3 1866MHz, soldered to systemboard
Webcam
  • HD 720p resolution, fixed focus
  • IR camera and HD 720p camera (option is available on models with narrow bezel FHD panel only)
Storage
  • M.2 SSD / SATA 6.0Gb/s: 128GB
  • M.2 SSD / PCIe NVMe: 256GB OPAL2 / 512GB OPAL2 / 1TB OPAL2
Optical drive
  • None
Dimensions (W x D x H)
  • FHD/WQHD: 333 x 229 x 17.05 mm
Weight
  • FHD/WQHD: 1.42 kg
Case colour
  • Black
  • Silver
Case material
  • Carbon-Fibre Hybrid
Battery
  • 4-cell integrated battery (56Wh)
Battery life
  • FHD: up to 15 hours
  • WQHD: up to 14 hours
AC adaptor
  • 45W Type-C
  • 65W USB Type-C (support Rapid Charge)
Keyboard
  • 6-row, multimedia Fn keys, spill-resistant, wave keyboard, backlit
UltraNav
  • TrackPoint® pointing device and multi-touch with 3+2 buttons click pad
Fingerprint reader
  • Touch style fingerprint reader on keyboard bezel
Audio support
  • HD Audio, Dolby® Audio Premium / stereo speakers, 2W x 2 / dual array microphone, combo audio/microphone jack
Ethernet
  • Gigabit Ethernet via Ethernet (RJ-45) adaptor
Wireless LAN
  • Intel Dual Band Wireless-AC 8265, 2×2, Wi-Fi + Bluetooth® 4.1, M.2 Card
  • Intel Tri-Band Wireless-AC 18265, 2×2, WiGig™ + Wi-Fi + Bluetooth® 4.1, M.2 Card (available only on models configured with vPro processor)
Wireless WAN
  • Sierra EM 7430 (optional)
SIM card slot
  • Micro-SIM card slot (models with 4G card only)
NFC
  • None
Ports
  • 2 x Intel Thunderbolt 3
  • 3 x USB 3.0 (1 x AlwaysOn)
  • HDMI
  • microSD
  • microSIM (models with 4G card only)

Processor wise, we’ve jumped a generation too, now on the 7th Gen Intel series of CPUs. Pretty standard there. The 8th Gen has already started releasing Q4 2017, but that’s early days with both series being released in the same year, and companies like Lenovo need time to incorporate these into their products.

The display options are good too, the two resolutions I’m happy to pick from. OLED is supposed to be available, but I have personally not seen one in real life, nor can I find any information in Lenovo’s tech specs on it, so you’ll have to read some other reviews to get a take on that. From everything I’ve read though, it’s highly praised. Hopefully I’ll get to see one soon!

Touchscreen, 360 degree hinges and the stylus are standard again, which makes this device particularly versatile. It’s still my preferred style of hybrid laptop/tablet as no functionality is lost in laptop mode, and you don’t need to undock/dock and worry about where half the device gets stored.

Graphics is still on board, which these days is more than enough unless you’re doing high end graphic design or gaming. Having a full HDMI port is nice too, instead of finding adapters or the right cable when outputting video – full size HDMI is today’s standard.

RAM wise, 8GB and 16GB options are all you need, again unless you’re doing some real high end work, or trying to run several virtual machines at once. Storage is the same as last year, no complaints there.

The size of the newer Yoga is identical to last year’s, apart from this new one being thicker. THICKER? Yep, a little, 0.25mm. It’s also heavier by 6 grams. I don’t think you’re going to notice either of these changes though, here’s then Gen 1 and Gen 2 stacked together:

X1 Yoga Gen 2 on top of a X1 Yoga Gen 1

You might be wondering why the newer one is slightly thicker and heavier, and I believe this is because of the keyboard.

It’s called a ‘Wave Keyboard’ and it rises and falls with the opening and closing of the screen. The idea of this is to protect the keys from damage when in tablet mode:

I like it, and the keyboard itself still feels normal despite having this extra ability.

Battery life has been improved again, and quite drastically – a claim of 4-5 hours more than the previous generation. Quite impressive!

Here’s a full photo of the keyboard:

After using this for a while, I have no faults to pick. Caps Lock is where it should be, as well as page navigation buttons (such as home and page up). The keys are nice to use, trackpad is a great size and has the physical mouse buttons if you prefer. There’s also a fingerprint reader that works great with Windows 10 Hello for almost instant logins.

If you’re trying to identify a X1 Yoga Gen1 vs a X1 Yoga Gen2 (beyond checking the side for USB-C!) it’s easy to see via the keyboard. For one, the PrtSc (print screen) button is different:

X1 Yoga Gen 1 PrtSc

X1 Yoga Gen 2 PrtSc

Or, you can look at the F12 button, the newer Yoga has a star:

X1 Yoga Gen 1 F12

X1 Yoga Gen 2 F12

Let’s have a look at the sides of the laptop:

Left Side: USB-C in, USB-C out, USB 3, USB 3 with power out (can charge a phone without powering on laptop)

 

Right Side: Stylus, Power, 3.5mm Headphone Jack, Ethernet adapter port, USB 3, Full Size HDMI

Back – Hinges, Protected Slot for SD and SIM

As you may have noticed, the old rectangle power cable port has gone, replaced by USB-C. This is the new industry standard, and it’s good to see Lenovo be a part of that. USB-C charges quickly, and if you have a phone with the same port, can be used to charge that too. The rapid charge claims to get to 80% charge in 60 minutes which I’m very happy with, and experienced similar charge times in real life.

Also there’s no full size network port – the laptop would have to be thicker because of this, so I can live with a dongle on that. Most of the time the laptop is being used portable on Wifi, or at a workstation and using a dock, so this isn’t a dealbreaker.

Speaking of docks, that’s what the USB-C out port is for. My experience so far with those docks has been much better than the older USB 3 models which seemed to lock up occasionally, and there’s the added bonus of running power and data over 1 cable!

I haven’t picked on this year’s X1 Yoga because there’s really that little to pick at. The 7th Gen CPU only supports Windows 10, so you can’t use Windows 8.1 or 7, but that’s an Intel CPU/Microsoft limitation across all laptops and desktops now. Beyond that, I really like this laptop – even more than last year’s. At my work, this is our standard laptop purchase now, which is why I’ve been able to review it, tied into a Windows 10 rollout (It wasn’t given to me by Lenovo).

I can honestly say that I believe this is the right time to upgrade if you’re thinking about it. This laptop will last many years, incorporates all the new features and connections that I think are worth considering, and doesn’t leave anything behind. You won’t be disappointed with this laptop!

Disabling Outlook Opening Mail Attachment Prompt

Going from Outlook 2010 to 2016, I’m finding a lot of new features and changes that need to be fine tuned for my environment. One of these is the ‘Opening Mail Attachment’ prompt that says ‘You should only open attachments from a trustworthy source.’. The tickbox to ‘Always ask before opening this type of file’ is greyed out, which would help a single user avoid the prompt, but also doesn’t help in an enterprise setting.

There are some guides online already that advise to open Outlook as an administrator, tick the box, and you’re set. However, I couldn’t find anything on how to automate this or roll out the setting.

After using Procmon, it appears that each file type is checked against the registry hive of HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ – The file will be recognised as a certain class. Sometimes this is obvious where the class is named the same as the file extension, but usually it’s something more descriptive.

For example, a .bat file is under batfile, and known as a Windows Batch File. It also makes sense that the tickbox is greyed out, as a user will normally not be able to change HKEY_LOCAL_MACHINE settings without administrator privilidges.

Once you know what Class you’re looking at, there should be an ‘EditFlags’ registry key. From what I’ve seen, this can be either REG_BINARY, REG_DWORD. It appears that the default REG_BINARY value is 00 00 00 00, and the DWORD is 0x00000000. Changing the third set of 00’s to 01, or the third 0 in the set of 8 digits is what changes for that Class when the tick is removed from ‘Always ask before opening this type of file’.

For me, pushing out these settings below for .NRL files avoided the prompt for all users:

Key path SOFTWARE\Classes\Nrl
Value name EditFlags
Value type REG_BINARY
Value data 00000100

For whatever app you’re trying to do this for, I’d recommend using Procmon to check what changes when removing the tickbox, but at least with this information you should be able to narrow down what you’re searching for.

CIAOPS Podcast – Adam Fowler

I’ve been a bit quiet here this month. One of the reasons was having a Microsoft Premier Field Engineer (PFE) onsite for a week for an Azure Fast Track. It’s a program provided by Microsoft to give you someone that can help you start onboarding to the product of choice. I’ve done a few Fast Tracks now and they’ve always been valuable – having a great tech sent onsite and pretty much doing whatever you want to focus on around the topic.

By sheer luck, that Microsoft PFE was Marc Kean, co-host of the Need To Know Podcast. That meant I had the opportunity to go on the podcast, which went live this week. It was great having Marc over, and we also caught up with Brett Moffett who co-runs the Adelaide Microsoft IT Pro Community with me.

I’d mentioned the podcast and CIAOPS only at the start of the month here, and this was before I knew I’d be spending a week with Marc, and even be on it. Funny how these things happen sometimes. I also said I’d have these links on my site by the time the podcast went live, but I missed that by a few days :)

Hopefully I’ll have some more techy posts up soon, there’s a lot of different things I’ve got happening so I’m sure it won’t be far off.

Also, if you’re ever visiting Adelaide and either want to attend or even present at our user group, please join the Meetup group and come along!

 

CIAOPS Academy

Today I’m sharing Robert Crane‘s CIAOPS Academy service. He’s an Australian based Microsoft Office Servers and Services MVP, and seems to be rather busy with all his different projects, including the CIAOPS Need To Know podcast.

That podcast I highly recommend as an easy way to keep on on the latest Office 365 and Azure news. Even though I try to keep on top of it myself, they often raise other new features or changes that I hadn’t come across yet.

Beyond that though, the CIAOPS Academy is a service I personally pay for that Robert provides. I am on the lowest tier, but the private Facebook group that Robert runs is an invaluable source of fellow professionals who ask and help all things in the Microsoft tech space.

It’s different to other communities with it’s paywall, as everyone is invested and cares about the topics raised.

There’s also a referral program for signups – sure you can use my affiliate link to CIAOPS Academy or use one that doesn’t help me pay for my own access here. I’m not one to suggest services or products I don’t believe in myself, but I’ve had several questions raised already which has more than paid for the service in my mind.

The bronze level (which is what I use) is enough for me right now, but higher levels give you access to videos and other training materials.

The bonus news I can share here is that there is now a 7 day trial available, which is mentioned at the bottom of the patron page above. If you want to see what it’s about and check it’s worthwhile, you can now do it for free!

In summary, if you’re someone who is either new to, or currently managing Office 365 and Azure, this is a great group of people to be a part of. I’m not the only other Microsoft MVP there, which I think shows the value of this service.