Controlling Microsoft Store Access

If you’re managing a fleet of computers in a business, you may not want users being able to access everything in the Microsoft Store. Having users a few clicks away from installing ‘Slotomainia’ or ‘Ninja World’ might not be what you want readily available on a business computer. You may also not want other services that can contribute to data leakage, or shadow IT type solutions that users decide to adopt.

As long as you are running Windows 10 Enterprise or Education, you could completely disable the Microsoft Store functionality by either using Applocker to maintain a whitelist of allowed packaged apps, or using Group Policy to enable the “Turn off Store application” under Computer Configuration > Administrative Templates > Windows Components.

For Windows 10 Pro and Home users, this won’t work so you’ll have to try other methods such as uninstalling Windows Store on each PC with the PowerShell command Get-AppxPackage ​*windowsstore*​ | Remove-AppxPackage

Disabling the Microsoft Store entirelybut you may find that there is a requirement to use a few of the Microsoft Store apps by your users. For this option (again just for Enterprise and Education, and you’ll need Office 365 or Azure AD), you can instead have a Private Store. This is enabled again in Group Policy, using the setting “Only display the private store within the Microsoft Store app” again under Computer Configuration > Administrative Templates > Windows Components.

The Microsoft Store will look pretty bare at this stage (I see the 5 apps in the screenshot below by default), so you’ll want to add or remove some apps. This is done online, Enterprise customers go to and education customers go to You’ll need to sign in with an account that’s an Azure AD or Office 365 Global Administrator, but can then grant access to others.

To add an app, under ‘Shop for my group’ you can search or click through options to find the app you’re after – I’ve chosen Microsoft To-Do for this example. Going onto the app’s page will give you a button that says ‘Get the app’. Once you click that, you’ll see the message “Microsoft To-Do has been purchased and added to your inventory.” After you’ve done that, go to the “Manage” tab and then the “Products and Services” option on the right hand side. Find the app, click the ellipsis (…) and choose “Add to private store”

You will finally see a message saying that the app has been added to your store, but may take up to 36 hours to show.

There’s also the option to assign an app to a user, this is only needed if it’s a licensed or paid for app that you want to give only to certain users – you may have bought 10 copies of a particular Windows Store app and need to control who has access to it.

It’s worth having a look through the other options on this page as you can control settings such as letting users make purchases,  what your organisation will be called in the Microsoft Store app and if you get invoices for the store via email.

Overall the Private Microsoft Store is rather easy to set up, lets you give users self-service access to apps that you allow, and gives you an easy way of letting someone install a Microsoft Store app in the future without having to enable the entire store.

Cryptocurrency Trading

I’ve been mucking around with Cryptocurrency for a little while now, and thought I’d write up a guide on how to get started. I’ll write this as simple as possible at a high level.

What are Cryptocurrencies?

They are digital currencies (such as Bitcoin, but there are many, many others) that operate on a decentralised network. That means, instead of a centralised server hosting all the records and transactions, it’s carried out on a peer to peer network where all members can keep everyone else in check. The term ‘blockchain’ is used to describe the method of keeping all this in check, a ledger that has methods of making sure transactions are correct and legitimate, with in built error-checking.

A cryptocurrency has a real world value, just like any countries’ currency value (for example US dollars or AU dollars), but is much less regulated. It’s value is available to see on different exchanges that accept the particular cryptocurrency type in question, and just like shares are based on buy and sell values.

The coins themselves are created through a process called ‘mining’. It’s a good comparison to going down a mine and trying to find gold; a rock of value in a vast area of worthless rock and dirt. When mining a cryptocurrency, complex maths equation is performed, similar to trying a key to see if it opens a lock. Each valid result gets added to the blockchain, and the person/device who found the result gets paid a reward in the form of coin.

If you want to try some very light mining, you can check out JSECoin^ and you can start doing it from your internet browser. You’re mining JSECoin of course on this link, which hasn’t gone to market yet (but they’re forcasting ~$1US a coin, which is probably a bit high!) – but it’s a good way of showing mining without having to know what you’re doing.

It’s also worth noting that coins don’t need to be traded in full units. At the time of posting (28th December 2017), 0.005 Bitcoins are worth $92.98AU. Prices fluctuate so much though, that several percentages of value being gained or lost in a 24 hour period is quite normal.

Each cryptocurrency will have it’s own unique traits and applications, and you’ll need to read up on a particular coin to find out more about it. Bitcoin was the first cryptocurrency invented, so any other type of coin is referred to as ‘altcoins’ (aka alternative coins). Also, each coin has a trading code like the stock market; Bitcoin is known as BTC.

How do I get started?

Firstly; yes there has been a huge boom in Bitcoin. It’s value is over $20,000AU at the time of writing per coin, where most other coins are well below $1000AU, with many being only a few cents each. The prices of many coins fluctuate with huge swings, which makes it both exciting and incredibly risky.

Step 1 – Sign up to a cryptocurrency exchange that you can get your ‘real world’ money into. Ones worth looking into in my opinion are:

Coinbase^ you get $10 if you buy or sell at least $100.

BTCmarkets which is an Australian based exchange, if you feel more comfortable trading with an AU company (and easier for Australians to deposit and withdraw). They recently reduced the Bpay amount from $500 to no minimum.

CoinSpot^ is another Australian based exchange, but has a lot more coin types than BTCmarkets (who has only 6). This one is the most user intuitive and basic, is clear about wallets for storing funds etc. .

Both of these exchanges will let you transfer in money via easy methods (Coinbase is Visa/Mastercard, BTCMarkets is Bank Transfer or POLi). Depositing money has no fee attached at time of writing, but please read the terms of the exchange you’re using to confirm this.

Step 2 – Verify your account. This will probably be giving a copy of your driver’s license or passport. Be wary and only use a company that seems legitimate and you can find good feedback on before giving a website important information about yourself!

Step 3 – Transfer funds. This can take a couple of days to show up in your exchange.

Step 4 – While waiting for the funds to turn up, sign up to a ‘better’ exchange that has a lot more types of cryptocurrency. The one I use is

Binance^ –  this is where I do most my trades.

Kucoin^ is a newer one that has some different coins. You can also buy their own coin, that pays out based on trading fees on the same site.

UPcoin^ is a new exchange that’s just about to launch, and can be good to get in early on some of these exchanges as they often lock out new signups for periods of time.

The fees are a *lot* less for buying and selling. Compare Coinbase and Binance – you just want to get your money to an exchange like Binance, and it requires a stepping stone like Coinbase to do so.

Step 5 – (After funds have turned up at Coinbase) Buy a cryptocoin for the full amount of money you want to use (which is probably the full amount you transferred). This should be in Bitcoin or Ethereum, as you’re transferring this over to Coinbase to then buy other coins with. Of course if you purely want to invest in one of the few coins on Coinbase (They have 4 at time of writing; Bitcoin, Bitcoin Cash, Ethereum and Litecoin), then you don’t need to move it anywhere. Binance however has 96. There’s hundreds out there that can be hard to find what exchange accepts them; but Binance is a great starting point.

Step 6 – Transfer your Bitcoin or Ethereum from Coinbase to Binance. This is done by withdrawing from Coinbase, and depositing into Binance (it’s a single transaction to do this). From the Binance end, you’ll need to get the deposit address for the coin type you’re transferring (Bitcoin or Ethereum). Then from Coinbase, you’ll need to withdraw the full amount of coin you have, using the address from Binance. What you’re doing here is moving your coins from the wallet in Coinbase, to the wallet in Binance.

Here’s a good YouTube video showing you how to do this step:

Step 7 – After a few minutes, your coins will be available in Binance. From there, you can start trading the Bitcoin or Ethereum for the other coins you’re after. Again, like a stock market you can set the price you want to buy at, with full visibility of the going buy and sell requests. The video above also shows this. You can start small with your purchases – the fees are normally a small % of your coins, so there’s no cost difference at the end of it if you do lots of little transactions, or one large one.

Keep in mind a few of these steps do incur costs, but they’re small (a few % max at the end of it). You’ll usually see changes in the value of your coins greater than the transaction fees in the first day, so it’s not a big deal.

Other Notes

Tax implications from Australia – read the ATO’s page on this. A highlight from that page is under ‘Using bitcoin for personal transactions’ –  “Where you use bitcoin to purchase goods or services for personal use or consumption, any capital gain or loss from disposal of the bitcoin will be disregarded (as a personal use asset) provided the cost of the bitcoin is $10,000 or less.”

As Coinbase is in USD, you may have problems withdrawing from Australia. BTCMarkets I didn’t have any issues with, but you can also find other ways to spend/extract your funds.

As you research cryptocurrency, here’s some terms you may come across:

ICO – These are Initial Coin Offerings that startups use to launch a new coin. You’re normally buying tokens that end up being converted to coins of the new cryptocurrency being launched, which could be months away. The coin could also be worthless – it’s a gamble. I’ve only put some money into one so far which is Pluscoin  which sounds interesting in earning coins by visiting fast food restaurants. I might never see my money or I might make many times my investment – who knows! Some ICOs will give you free tokens in the hope of referrals that will lead to purchases – such as Sphere^ which will give you 100 free tokens just for registering, no purchase necessary. (Future note – Pluscoin ICO I lost most my money on, as the coin launched at 5% of the cost of the ICO! This isn’t to say ICOs are bad, but they’re an even higher gamble than general trading, and more research should be put into an ICO before handing over your coins).

HODL – This internet term is used a lot to indicate the practise of just holding your coins. Don’t sell because they’ve dropped, just keep holding and hoping. This generally works because more and more people are getting into cryptocurrency, and eventually the value goes up again. One day it won’t work, but so far it’s been a pretty safe tactic.

Shilling – As you can see from the info I’ve provided, many services and offerings have referral links. Shilling is either related to people who make claims to get you to sign up using their links, or are trying to increase value of a coin they might hold themselves. Generally, don’t believe anything you read on the internet :)

Pump and Dump – The concept of getting a large group of people to buy up one coin on one exchange to raise the price, to then quickly sell off for a profit. Nothing is driving the price up beyond the group’s demand. People will often claim this as a reason behind quick spikes and drops in prices, and it may be true in many cases. For example. here’s a Discord (like IRC) chat group purely for Pump and Dumps.

Wallets – Where your coins are stored. Ideally, if you’re holding onto coins you can move them into a private wallet. There’s different applications and options around this – it’s not necessary to get started, but if you’re dealing with decent money you should read up on them. In the meantime, use 2FA on any online account that’s dealing with money.

FUD – Fear, uncertainty and doubt. Because the cryptocurrency world isn’t regulated, tricks that are banned in the stock market are used here. People will have a reason they want coin to go down, and places like Reddit, Twitter and Facebook are full of people saying things for their own gain, or spreading information because they read it somewhere. Rumors and faked screenshots can drastically affect the market. Be incredibly weary of any advice (positive or negative) you read.

FOMO – Fear Of Missing Out. This applies to the people doing the trading, they’ll often jump on something going up as they don’t want to wait and miss out on a big price spike. This also drives buys and the price up on rumours; get in early and make the most profit. The point of calling out FOMO is to not make emotional based decisions when trading.

If this is all too hard, then at your own risk you can look at other opportunities such as USI Tech (non-affiliate link here) where they invest the money for you with mysterious automated cryptocurrency trading software. You buy packs (starting around 50 euros), and over roughly 140 working days you’ll get your investment back + 40%. This one is a multi-level marketing system, so you’ll see a lot of strongly positive and negative information around the web. I have a single pack which returns ~0.8% each working day, and it’s paid in Bitcoin. I have friends who have been very successful in this system, but that doesn’t mean it’s foolproof. (Future update – this particular operation has been shut down in the US and Canada, so be extremely cautious in programs like these which may purely be pyramid or ponzi schemes).


Feel free to ask me any questions publicly or privately – I purely do this out of interest and fun, and although I hope to make lots of money, it shouldn’t be seen as a sound investment method without a lot of time invested. I’ll also update this page as things change or I find more information to add.

^ These are affiliate links, meaning I get a few $ if you use them. If you don’t want to use those links, go to the site manually – but there’s no negative impact to you for doing so.


Lenovo ThinkPad P51s Review

Thanks to Lenovo and their Lenovo Insiders program #LenovoIN,  I received a new Lenovo ThinkPad P51s.

I’ve previously reviewed the ThinkPad P50 (which has been superseeded by the ThinkPad P51) which is the big brother or sister to this device. Where the P51 is a top end workstation with multiple hard drive bays, 4 RAM slots and so on, the P51s drops a few of these extra features to be a bit more mobile, while still fitting in the workstation class.

Tech Specs

Here’s an overview of the possible technical specifications of the P51s, with the options I have on this model bolded. I’ll talk in more details about some of these below.


  • 7th Gen Intel® Core™ i5-7300U Processor (3M Cache, 2.6GHz, max. 3.5GHz), vPro
  • 7th Gen Intel Core i7-7500U Processor (4M Cache, 2.7GHz, max. 3.5GHz)
  • 7th Gen Intel Core i7-7600U Processor (4M Cache, 2.8GHz, max. 3.9GHz), vPro
Operating System
  • Windows 10 Home 64-bit
  • Windows 10 Pro 64-bit

  • 15.6″ FHD (1920 x 1080), anti-glare, IPS, 250 nits, 700:1 contrast ratio
  • 15.6″ FHD (1920 x 1080), anti-glare, IPS, 250 nits, 700:1 contrast ratio, with on-cell touch
  • 15.5″ UHD (3840 x 2160), anti-glare, IPS, 300 nits, 1300:1 contrast ratio
  • Intel HD Graphics in processor and NVIDIA® Quadro® M520M, 2GB GDDR5 memory

  • Up to 32GB / DDR4 2400MHz1, dual-channel capable, 2 x SO-DIMM sockets ( 2 X 8gb16Gb)
  • HD 720p
  • SSD / SATA 6Gb/s: 128GB
  • SSD / PCIe NVMe, 8Gb/s, OPAL 2: 256GB / 512GB / 1TB
  • HDD / SATA, 6Gb/s, 2.5″, 7mm high: 500GB 7200RPM / 1TB 5400RPM
Dimensions (W x D x H)
  • 365.8 x 252.8 x 19.95 – 20.22 mm
  • Discrete non-touch:
    • With 4 + 3-cell: starting at 1.99 kg
    • With 4 + 6-cell: starting at 2.18 kg
  • Discrete multi-touch:
    • With 4 + 3-cell: starting at 2.01 kg
    • With 4 + 6-cell: starting at 2.20 kg
Internal battery
  • Integrated 4-cell (32 Wh)
External battery
  • 3-cell (24 Wh) or 6-cell (72 Wh)
Battery life
  • 4 + 3-cell: up to 13.5 hours
  • 4 + 6-cell (72 Wh): up to 26.4 hours
AC adaptor
  • 65W
  • 6-row, spill-resistant, multimedia Fn keys, numeric keypad, optional backlight
Fingerprint reader
  • Swipe style fingerprint reader on the palm rest (optional)
Audio support
  • HD Audio, Realtek® ALC3268 codec / stereo speakers, 2W x 2 / dual array microphone, combo audio/microphone jack
  • Intel Ethernet connection
Wireless LAN

  • Intel Dual Band Wireless-AC 8265, 2×2, Wi-Fi + Bluetooth® 4.14, M.2 Card
  • Intel Tri-Band Wireless-AC 18265, 2×2, WiGigTM + Wi-Fi + Bluetooth® 4.14, M.2 Card (configurable from model with UHD display only)
  • 3 x USB 3.0 (1 x AlwaysOn)
  • 1 x USB-C/Thunderbolt
  • HDMI
  • Ethernet (RJ45)
  • Combo audio/mic
  • CS13 Docking
  • Media card reader (SD 3.0 UHS-I)
  • Smart Card Reader (optional)

Processor: It’s always nice to have the fastest. This has Intel 7th gen CPU options, which now are 1 behind the latest, but usually between single generations there’s not that much of a difference.

Display: Would have been nice to have touch screen, but I’m still happy with a 1080p res. Above that, and Windows 10 scaling + remote desktopping doesn’t usually make for a good experience. It seems like a higher quality display than what’s on my P50, something a bit more crisp about it.

Graphics: Having a dedicated graphics card is always a bonus on a laptop, and the 2GB NVIDIA Quadro M520M is about the same as a GeForce 940MX if you’re looking up benchmarks. This should give you high level gaming at 720p, or decent level gaming at 1080p.

Lenovo ThinkPad P51s Display

Memory: It doesn’t have 4 slots like it’s P51 sibling, but can still take two 16GB sticks. This one has two 8GB sticks which is plenty, but if I wanted to run lots and lots of VMs or a few beefy ones, I might upgrade that amount.

Battery: This took me a little bit to realise. There’s both an internal battery, and an external battery. I first connected the battery that came with it and noticed it was only 3 cell. I thought that wasn’t too big, but then found it also had a 4 cell battery inside. If you remove the external battery and the power plug, the laptop keeps going. 13.5 hours is a pretty good claim, and makes sense with that much battery power. It starts getting crazy with a 26.4 hour claim when using a 6 cell battery plus the internal 4 cell, and a good option if you really need your laptop to stay awake longer than you will.

Ports: Let’s look at each side of the laptop –


Left side – Rectangle charger plug, USB3, USB-C, Smartcard slot (filled in on this one)

Back – Nothing to see here, battery and hinges

Right side – 3.5mm headphone port, 2x USB3, full HDMI, full Ethernet

Another point I noticed about this laptop is that it came with a USB-C power cable, but still had provision for the older rectangle power cord. Handy if you have those from the last few years of ThinkPads as either port will charge the laptop.

Keyboard: Most people are fans of the ThinkPad style of keyboards, and this one even has a number pad. Nothing too different or tricky here – I liked the feel of both the keys and the trackpad on this model, and there’s no buttons that felt out of place for me (good to see Caps Lock where it should be!)

Lenovo ThinkPad P51s Keyboard

Other observations: The circular power button felt slightly off center, as in the left side of the button dipped in further than the right side. Not something that will make any difference, and isn’t visible unless you look really closely, but still worth mentioning to anyone that will notice non-perfect things like me :)

At around 2KG the laptop isn’t light, but it’s much lighter than the P50 on my desk. It feels solidly built, the hinge style seems strong and there’s very little screen wobble. The fingerprint reader is also nice for Windows Hello, but this unit actually came with Infa red cameras too – meaning I can use my face to log in. You visibly see something flashing when it tries to read your face (at a guess they’ve got some sort of film over the lenses to show that, since IR is invisible to our eyes normally.

Beyond that, I’m very happy with this laptop. There’s no frills to it’s appearance, so it’s square and black like most ThinkPads, but it’s enjoyable to use with a screen that has a decent bezel.

The laptop is also pretty much a ThinkPad T570 with a Quadro graphics card in it, so if you’d rather the consumer Geforce option, check that out too. If you’re looking at videos on how to take this laptop apart, the T570 is identical.

Lenovo ThinkPad P51s vs P51 or P71: If you’re wondering which to get, the main decision is purely tech specs based. The P51s can take 2 RAM sticks, for a max 32GB RAM. The P51 however has 4 slots, which doubles the max to 64GB.

It’s similar with the hard drives – a single drive in the P51s, versus the P51 that can hold either; a combo of two M.2 drives and one 2.5″ drive, or two 2.5″ drives. The third spec factor is the dedicated graphics card which in the P51 has 4GB RAM rather than the P51s’ 2GB. The M2200 is also a higher end card than the M520, and worth looking up comparisons on performance.

Finally the CPU, although the P51s can take a high end i7, it’s still not the Xeon you can get in the P51. Deciding what you want and need in specs, or leaving your options for upgrading in the future. If you don’t need the high end options, the P51s is a great choice which comes in a much thinner form factor, and a bit less weight.

All the above applies to the P71 too, just with a larger 17.3″ screen.

Feel free to ask any questions below about the laptop, and I’ll leave a banner here that should update on any Lenovo Australia deals currently on offer:

Microsoft Word – Show all formatting marks

Microsoft Word 2016 and earlier versions have a handy toggle for ‘Show/Hide paragraph marks and other hidden formatting symbols’. It’s that backwards P looking thing in the Word ribbon:

… but also choosable from Word’s options under the Display section, called ‘Show all formatting marks’:

By default, this option is off. I had a business requirement to have it on by default, which proved harder to work out than I thought.

Normally for Word and Office, a user option is controlled by the registry. Procmon is great for capturing those changes, but I couldn’t see anything when toggling this option.

Jeremy Moskowitz from PolicyPak gave me a hint on finding the solution on this one; Word sets some of it’s user settings at the time of closing Word, rather than changing an option and pressing ‘OK’.

Once I knew that, the setting was easy to find.


DWORD Value - ShowAllFormatting

1 - Enabled / On

0 - Disabled / Off

Word will read this setting at startup, and write to it at shutdown based on what the setting was last set to.

Using Group Policy Preferences and setting the option ‘Apply once and do not reapply’ to push out the registry setting will make it the default, but let users change it as they please.

Deploying a Locked Down Start Menu in Windows 10

The tiles in Windows 10’s Start Menu can be rather messy. By default, you get a lot – and they may be things you don’t want there such as News, Sports, Photos, Microsoft Store etc.

Since Windows 10 1607, there’s been a way to control this. Customize Windows 10 Start and taskbar with Group Policy covers how to do this, but there’s some errors and links that don’t work, so I thought it was worth giving a quick overview on how to do this.

Keep in mind that this process locks down the Start Menu tiles completely, users won’t be able to add, remove or change anything to do with tiles.

The first step is to configure the Start Menu tiles how you want them on a computer. You can add, remove, move, resize etc until you’re happy with how it looks.

Once that’s done, you’ll need to export the layout to an XML file. Easily done by opening PowerShell and running Export-StartLayout. This needs the -Path switch, e.g. Export-StartLayout -Path “C:\temp\startmenu.xml”

Copy the resulting startmenu.xml file into a central location that clients will be able to access, or copy it out to each machine through Group Policy Preferences. This XML file will be called in the Group Policy setting “Start Layout”.

The Group Policy setting called “Start Layout” lives in User Configuration or Computer Configuration > Policies> > Administrative Templates >Start Menu and Taskbar. You’ll probably want this at the user level rather than the computer level, but it depends at what layer you want this locked down at. 

If you can’t see this policy at all, then you may need to update your Group Policy templates. Each time a new version of Windows 10 comes out, there’s usually new or updated Group Policies to use. There’s a good step-by-step here if you need help – I’d recommend downloading the templates that match the latest version of Windows 10 you’re managing.

Start Layout in Group Policy

For this policy, you’ll be setting the radio button to Enabled, and setting the Start Layout File value to the path of the XML file that you copied out or placed centrally.

Start Layout Settings

Once that is done, the Group Policy object containing this setting needs to be pointed at the users or computers you want it to apply to, just like any other Group Policy.

The end result is the client then having the same Start Menu tiles configured in the XML file.

You may find that some of the tiles are missing. I’ve seen this happen when the shortcut the XML points to isn’t in the location expected. Here’s an example XML file with just one tile configured for Notepad:

<LayoutModificationTemplate xmlns:defaultlayout="" xmlns:start="" Version="1" xmlns="">
 <LayoutOptions StartTileGroupCellWidth="6" />
 <defaultlayout:StartLayout GroupCellWidth="6">
 <start:Group Name="">
 <start:DesktopApplicationTile Size="2x2" Column="0" Row="0" DesktopApplicationLinkPath="%APPDATA%\Microsoft\Windows\Start Menu\Programs\Notepad.lnk" />

When a Tile is added to the Start Menu, if it doesn’t exist already, it will create a .LNK file and uses that for the tile. You may need to copy these off the computer you created the tiles on the in first place too, and copy them out to the same path on the computers you’re pushing this setting to.

You can also manually update or change the XML file yourself, which can sometimes be easier than going through the whole export process again.

One last thought I have on this, is that you can have multiple XML files going to different computers or users based on their requirements – but don’t over complicate things or you’ll be constantly managing tiles!