6to4 protocol 162
16-bit applications 18
32-bit Windows 10 version 17
64-bit Windows 10 version 17
802.11 wireless standards 173
access. See also data access; See also remote management
access control entry (ACE) 235
access control list (ACL) 235
accessibility options
ACE. See access control entry
ACL. See access control list
Action Center
activation
status, viewing 117
Active Directory
installing on Windows Server 2016 127
physical components of 126–127
Active Directory Administrative Center (ADAC) 129–131
Active Directory Domain Services (AD DS) 157, 220, 249
active stylus support 19
Add-PhysicalDisk cmdlet 204
Add-Printer cmdlet 351
Add-PrinterDriver cmdlet 351
Add-PrinterPort cmdlet 351
AD DS. See Active Directory Domain Services
Add Work or School Account 419
ADKsetup.exe 267
Admin Approval Mode 402
administrative accounts 122–123, 401
administrative privileges 122–123, 401–403
Administrator account 394
administrator privileges 250
advanced management tools 424–439
MDM Migration Analysis Tool 438–440
Microsoft Management Console 432–434
Advanced TCP/IP Settings dialog box 149
Airplane mode 90
Allow Telemetry policy 307
answer files 24
anycast addresses 151
application compatibility
Application Compatibility tools 7–9
application program interfaces (APIs) 326
applications
allowing through Windows Firewall 167–168
installing 40
Microsoft Store Apps 248–249, 260–266
uninstalling 82
uninstalling or changing 254
apps. See applications
App-Triggered VPN 161
assigned apps 251
authentication 171
defined 392
Extensible Authentication Protocol 159
traditonal 404
two-factor 20
Windows Hello for Business 404–406
authorization
defined 392
Automatic Private IP Addressing (APIPA) address 148
Azure Active Directory (Azure AD)
restoring previous versions 388–389
backups
Backup And Restore tool 378–381
time for 379
BCDboot tool 46
BCD Editor (Bcdedit.exe) 34–35
biometric authentication 404–407
biometric devices 21
BitLocker 20
BitLocker Drive Encryption 205–207
recovering encrypted drives 248
bloatware 29
Boot Configuration Data (BCD) Store 34–35
booting
built-in Windows logs 331
Checkpoint-Computer cmdlet 366
checkpoints
virtual machine 111
classless addressing 146
Classless Interdomain Routing (CIDR) 146
Clear-DnsClientCache cmdlet 179
installing role 108
client resolver 153
CMAK. See Connection Manager Administration Kit
collector-initiated subscriptions 333, 334
command prompt
uninstalling updates using 322–323
compatibility
Compatibility Administrator 7, 8, 9
computer-aided design (CAD) 181
Computer Configuration 132
Computer Management
user account management with 395–396
computer worms 355
configuration
Device Health Attestation 414–415
devices and device drivers 52–77
DirectAccess connections 161–162
disks 182
file system permissions 233–241
IPsec 171
Microsoft Management Console 432–434
network discovery 172
User Account Control 121–124, 401–403
Windows Defender Credential Guard 410–412
with Group Policy Objects 84–87
Configuration Designer 22
Configuration Manager
for app deployment 253
VPN profiles in 161
configuration service provider (CSP) 415
Connection Manager Administration Kit (CMAK) 160
connection security rules 169, 171
Connect To A Workplace Wizard 158
Continuum 19
Control Panel
Devices And Printers app 55–56
UAC configuration with 402–403
uninstalling updates using 322
user account management in 397
convertible devices
Convert-VHD cmdlet 195
core services
Cortana 19
enabling 98
requirements 100
Create A HomeGroup Wizard 221
Create A Shared Folder Wizard 224
Current Branch for Business (CBB) 312–315
custom rules 169
DAC. See dynamic access control
DACL. See discretionary access control list
data
data access
dynamic access control 247
file system permissions 233–241
Data Collection And Preview Builds node 306–307
data files
backing up 12
data recovery
previous versions 387–390, 392
data types
accessible by USMT 40
Default Account 394
default gateway address 144
Defer Windows Updates 306
Delivery Optimization node 307–308
Deployment Image Servicing and Management (DISM) tool 22, 46, 74–76
to add/remove Windows features 49–50
Desktop
desktop apps
uninstalling or changing 254
desktop PCs 181
device drivers
backward compatibility 69
package management 71–73, 75–76
pre-installing 71
preventing updates over metered connections 58–59
Universal Windows driver 69
unsigned 70
Device Health Attestation 414–415
Device Installation Settings 60–61
Device Manager 54–55, 64, 66–69, 430–431
Device Properties 55
Device Registration
devices
health attestation 20
provisioning with WIndows Configuration Designer 114–116
selecting Windows 10 edition for 15–18
viewing installed 56
viewing settings of 67
Devices And Printers app 55–56
Devices By Connection 67
Devices By Type 67
Device Health Attestation 414–415
Windows Defender Device Guard 413–414
DirectAccess clients 162
DirectAccess connections 161–162
DirectAccess server 162
Disable Automatic Restart On System Failure 373
Disable-ComputerRestore cmdlet 366
Disable Driver Signature Enforcement 373
Disable Early-Launch Anti-Malware Protection 373
Disable-NetFirewallRule cmdlet 170
Disable-PnpDevice cmdlet 73
discretionary access control list (DACL) 225, 235
Disk Management 43, 45, 187–188, 211
DiskPart 190
disks. See also virtual hard disks
configuration 182
importing foreign 211
initializing basic 211
Dism.exe 259
DNS settings
document version control 210
domain controllers 125
operations masters 126
read-only 126
domain joins
Domain Name System (DNS) server address 145
domain networks 163
domain user accounts 418
drive partitioning 182
driver packages
Driver Store 71
drives
DVD installation 22
dynamic access control (DAC)
troubleshooting 247
Dynamic Host Configuration Protocol (DHCP) 23, 148
EAP. See Extensible Authentication Protocol
Easy Connect 278
Edb.chk 128
Edb.log 128
Enable Boot Logging Mode 373
Enable-ComputerRestore cmdlet 366
Enable Debugging Mode 373
Enable Low-Resolution Video Mode 372, 373
Enable-NetFirewallRule cmdlet 170
Enable-PnpDevice cmdlet 73
Enable Safe Mode With Command Prompt 373
Enable Safe Mode With Networking 373
encryption 171
enterprise environment
File History in 387
implementing Windows 10 in 114, 315
Active Directory configuration 125–129
Windows Configuration Designer tool 114–116
Recovery options in 370
Event Properties dialog box 332
event subscriptions
creating 334
viewing 333
accessing remotely 335
exFat file system 185
Exit-PSSession cmdlet 289
Extensible Authentication Protocol (EAP) 159
FAT32 file system 185
File Explorer
managing files and folders with 233–234
Quick Access 234
sharing folders using 225
File History
backup options 385
enterprise considerations 387
restoring previous versions 388–389
files
backing up and restoring 378–392
fetching with OneDrive 232–233
managing with File Exporer 233–234
previous versions of 387–390, 392
recovering from OneDrive 242–243
file systems
exFat 185
FAT32 185
permissions configuration 233–241
RAW 205
types of 185
firewalls
firmware upgrade 30
fixed provisioning 201
folders
backing up and restoring 378–392
managing with File Exporer 233–234
previous versions of 387–390, 392
foreign disks
importing 211
Format-Volume cmdlet 189
Full Control permissions 234
fully qualified domain name (FQDN) 153
Get-ComputerRestorePoint cmdlet 366
Get-DnsClientCache cmdlet 179
Get-NetFirewallRule cmdlet 170
Get-NetIPAddress cmdlet 150, 152
Get-NetIPv4Protocol cmdlet 150
Get-NetIPv6Protocol cmdlet 152
Get-Partition cmdlet 189
Get-PnpDevice cmdlet 73
Get-PnpDeviceProperty cmdlet 73
Get-PrintConfiguration cmdlet 351
Get-Printer cmdlet 351
Get-PrinterDriver cmdlet 351
Get-PrinterPort cmdlet 351
Get-PrinterProperty cmdlet 351
Get-service cmdlet 428
Get-SmbShareAccess cmdlet 226
Get-SmbShare cmdlet 226
Get-StoragePool cmdlet 204
Get-VHDSet cmdlet 196
Get-VirtualDisk cmdlet 204
Get-Volume -FileSystemLabel “System” cmdlet 34
global catalog servers 126–127
globally unique identifiers (GUIDs) 35
Grant-SmbShareAccess cmdlet 226
Group Policy
configuration 125–129, 131–135
Group Policy Management Console (GPMC) 131
Group Policy Objects (GPOs)
about 132
configuring Remote Assistance with 280
configuring Remote Desktop with 283–284
converting to MDM policies 438–440
creating and applying 134
File History 387
for DirectAccess connections 161
for securing removable devices 208
for UAC settings 124
sections 132
to disable notifications 93
Windows Hello for Business 407
Windows Store 328
Guest account 394
guest networks 164
GUID Partition Table (GPT) 44, 182
hard disk
erasing 368
hard disks. See disks
monitoring software 212
solid state 213
hardware. See also devices
compatibility for Windows 10 3–6
device and device drivers 52–77
requirements for Windows 10 2–6, 18–21
high-touch retail media deployment 22
HKEY_CURRENT_USER 14
home folders 396
HomeGroup 416
configuring connections 220–223
media streaming with 222
host names 153
Hotspot 2.0 networks 175
Hyper-V
installing role 108
ICACLS parameters 239
image-based installation 23
inbound rules 169
incremental build process 308–312
Initialize-Disk cmdlet 189, 195
Insider Preview 308–312, 323, 324
installation log file 32
Internet Assigned Numbers Authority (IANA) 147
Internet Explorer
features 104
Internet Explorer SmartScreen Filter 354
Internet Protocol version 4 (IPv4)
address 144
connection configuration 147–150
default gateway address 144
public and private addressing 147
Internet Protocol version 6 (IPv6)
addressing 151
connection configuration 151–153
overview of 150
Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) 161
IP addressing 153
IPConfig 178
IP-HTTPS protocol 162
IPsec
configuration 171
ISO disc image 33
Laplink 39
Last Known Good Configuration 373
line-of-business (LOB) applications 316
Link Layer Topology Discovery (LLTD) 216
Link-Local Multicast Name Resolution 154
lite-touch installation (LTI) 252
LoadState command 42
Local Security Authority 411
LockDown 161
logical unit number (LUN) 199
Long-Term Servicing Branch (LTSB) 315–317
Long-Term Servicing Channel (LTSC) 16, 316
low-touch deployment 22
LTI. See lite-touch installation
master boot record (MBR) 182
MDM Migration Analysis Tool (MMAT) 438–440
MDT. See Microsoft Deployment Toolkit
mean time between failures (MTBF) 212
Media Creation Tool (MCT) 32, 47
media streaming 222
memory 346
memory cards 205
metered connections
preventing device driver updated on 58–59
Microsoft accounts
connecting to your device 400–401
signing up for 400
Microsoft Active Protection Service (MAPS) 358
Microsoft Assessment And Planning Toolkit (MAP) 3–6
Microsoft Deployment Toolkit (MDT) 249, 252–253, 370
Microsoft Edge
Microsoft Intune
app deployment in 254
VPN connections in 161
Microsoft Management Console (MMC) 187, 271, 342
remote management with 286–288
Microsoft Office Online 231
Microsoft Store 260
update settings 327
installation 261
settings configuration 262–264
Microsoft Store for Business 265–266
Microsoft Store for Education 265–266
Microsoft Surface Pro 80
Microsoft Volume Licensing Service Center 317
migration
for user data and settings 14–15
from previous Windows version 38–42
side-by-side 13
Miracast 19
MMC. See Microsoft Management Console
mobile device management (MDM) 314, 406, 438–440
mobile devices
updates 314
monitoring. See also performance monitoring
real-time 347
mSATA form factor drive 180
Msiexec.exe 251
multifactor authentication 404–409
Multiple Activation Key (MAK) 119
name resolution
NetBIOS names 153
Net Share 226
network address translation (NAT) 147
Network And Sharing Center 163, 166, 172, 215
DirectAccess connections 161–162
network discovery 216
configuration 172
networking
IPsec 171
network discovery 172
network locations
Network Location Server (NLS) 162
networks
New-NetFirewallRule cmdlet 170
New-PSWorkflowSession cmdlet 289
New-SmbShare cmdlet 226
New-StoragePool cmdlet 204
New-VirtualDisk cmdlet 204
Notification area 95
NSLookup 178
Ntds.nit 128
NTFS file system 185, 186, 205, 380
NTFS permissions 234–239, 246–247
OneDrive 19
fetching files from PC 232–233
Previous Versions feature 392
Search Everything feature 392
synchronization 244
OneDrive Files On Demand 230–231
Operations Management Suite (OMS) 24–28
operations masters 126
Optimize-StoragePool cmdlet 204
Optimize-VHD cmdlet 195
Optimze-VHDSet cmdlet 196
original equipment manufacturers (OEMs) 29
outbound rules 169
out-of-box experience (OOBE) 370, 422
parity spaces 200
passwords
patches. See updates
Patch Tuesday 318
Pathping 178
PCmover Express 39
performance bottlenecks 361
performance counters 344
performance issues
Performance Monitor
performance monitoring 329–362
using Resource Monitor 340–346
performance object instances 344
Performance tab 338
personalization 38
Personalization settings 86
PIN gesture 407
Plug And Play 68
port rules 169
post-installation configuration 77–115
power settings
PowerShell 188–190. See also PowerShell cmdlets
management task automation with 436–438
managing services with 428
printer management using 350–351
remote management with 271, 284–286
sharing folders using 226
user account management in 398–399
PowerShell cmdlets
creating simple 437
disk-related 189
enabling 437
file and folder permissions 239
IPv4 networking 150
IPv6 networking 152
Storage Spaces 204
System Restore 366
troubleshooting 178
PowerShell Share cmdlets
folder sharing 226
Pre-Boot Execution Environment (PXE) 23
predefined rules 169
Previous Versions feature 247, 387–390, 392
principle of least administration 238
printers
remote 350
viewing installed 56
Printers & Scanners screen 352
Print Management tool 218
Print Spooler 220
Processes tab 337
product keys 117
profile folders 396
program rules 169
benefits of 267
management tasks with 267
public key infrastructure (PKI) 162
Public network location profile 285
public networks 164
published apps 251
quality of service (QoS) 216
quality updates 300
RacTask 359
RAID-5 184
ransomware 355
RAW file system 205
RDP. See Remote Desktop Protocol
read-only domain controllers (RODC) 126
real-time monitoring 347
recovery. See data recovery; See system recovery
redundant storage 213
ReFS file system 185
Registry Editor (Regedit.exe) 257
registry keys 257
Remote Assistance 271
using GPOs 280
remote management with 280
Request Assistance feature of 276–278
Remote Desktop 271
user 276
Remote Desktop Protocol (RDP) 271
remote management
settings configuration 272–276
with Windows PowerShell 288–289
remote printers 350
Remote Server Administration Tools (RSAT) 132
removable devices
document version control 210–211
formatting 205
Remove Everything 368
RemovePhysicalDisk cmdlet 204
Remove-Printer cmdlet 351
Remove-PrinterDriver cmdlet 351
Remove-PrintJob cmdlet 351
Remove-SmbShare cmdlet 226
Remove-StoragePool cmdlet 204
Rename-Printer cmdlet 351
Repair-VirtualDisk cmdlet 204
Res1.log 128
Res2.log 128
reset 369
Resilient File System (ReFS) 181, 186–187, 203, 236
Resolve-dnsname lon-DC1.adatum.com. cmdlet 179
Resource Monitor
opening 340
Oviewview tab 340
performance monitoring using 340–346
Resources By Connection 67
Resources By Type 67
resource-sharing networks 156–157
Restart-PrintJob cmdlet 351
Restart-service cmdlet 428
restore points 388
Resume-PrintJob cmdlet 351
roaming profiles 15
rotation lock 90
rules
advanced security 169
creating 170
SACL. See system access control list
ScanState tool 42
scripts
creating simple 437
enabling 437
Search Everything feature 392
second-level address translation (SLAT) 17
Secure Boot 20
Secure Digital High-Capacity Memory Cards 363
Secure Digital High-Capacity (SDHC) memory cards 205
security
connection security rules 171
IPsec 171
rules 169
Windows Defender Security Center 168
Windows Firewall 143, 144, 163, 165, 165–172, 166, 167, 168, 169, 170, 171, 172, 215, 272, 273, 276, 285, 286, 288, 292, 295, 297
security updates 301
Server Manager Tools menu 129
Server Message Block (SMB) 215–216
services
configurable options for 426
Services management console snap-in 424–426
Services tab 340
servicing 300
Set-ExecutionPolicy cmdlet 437
Set-NetFirewallRule cmdlet 170
Set-NetIPAddress cmdlet 150, 152
Set-NetIPv4Protocol cmdlet 150
Set-NetIPv6Protocol cmdlet 152
Set-PhysicalDisk cmdlet 204
Set-PrintConfiguration cmdlet 351
Set-Printer cmdlet 351
Set-PrinterProperty cmdlet 351
Set-service cmdlet 428
Set-SmbShare cmdlet 226
Set-StoragePool cmdlet 204
Settings app 322
for VPN connections 160
user account management in 397–398
Setuperr.log errors 32
multiple shares 227
permissions 227
Shared Folders snap-in 224–225
shared network folder installation 23
share permissions 223, 225, 227, 246–247
Show Hidden Devices 67
Show Or Hide Updates troubleshooter 63
single sign-on (SSO) 419
smart cards
virtual 21
SMART monitors 212
software requirements
solid-state drives (SSDs) 180, 213
source-computer initiated subscriptions 333
spanned volumes 183
spyware 355
SRV resource records 126
Standard User Analyzer 7
Start menu
configuration
with Group Policy Objects 84–87
layout 85
Start-service cmdlet 428
Startup tab 339
Stop-service cmdlet 428
storage
disks 182
redundant 213
storage pools 199–201, 201–204
managing with PowerShell 204
optimization 203
storage layouts 200
streaming media 222
striping 184
stylus support 19
system access control list (SACL) 235
system bottlenecks 361
System Center 2012 R2 Configuration Manager 249
System Center Configuration Manager 370
System Configuration tool 428–429
System Diagnostics 342
System Information tool 184
System Performance 342, 343–344
System Protection
clean up 377
current usage 376
turning off 377
System Protection tab 375
system recovery
system resources
System Restore 247–248, 365–368
Advanced startup options 367
Systems Properties
enabling remote management through 274–276
system stability monitoring 358–360
taskbar 87
Task Manager
performance monitoring with 335–340
Performance tab 338
Performance view 341
Processes tab 337
Services tab 340
tabs 336
Users tab 339
Task Scheduler 366
Task Scheduler library 359
Temp.edb 128
Teredo protocol 162
theme settings 87
thin provisioning 201
tiles
grouping 83
touch-centric operating system 19
Tracert 178
traffic filters 161
trial software versions 29
Trojan horses 355
troubleshooting
dynamic access control 247
performance issues 342, 360–362
tools 178
Windows Update 308
Trusted Platform Module (TPM) 20, 407
tunneling technology 161
two-factor authentication 20
Type 4 Print Class Drivers 218–219
UEFI Firmware Settings 372
unicast addresses 151
Unified Extensible Firmware Interface (UEFI) 20
Universal Windows driver 69
Universal Windows Platform (UWP) 326
Update Driver Software Wizard 57
Update History page 303
updates
Current Branch and Current Branch for Business 312–315
history
Long-Term Servicing Branch 315–317
mobile devices 314
quality 300
security 301
Show or Hide Updates troubleshooter 320–321
uninstalling
in Settings 322
using Control Panel 322
Update-StoragePool cmdlet 204
advantages of 33
disk space for 32
errors 32
from Windows 7 Home 11
reverting to previous build 323–326
using installation media 31–33
valid upgrade paths 38
USB drives
USB flash drives 205, 209–210. See also removable devices
USB installation 23
User Account Control (UAC) 401–404
user accounts
connecting Microsoft account to 400–401
creating 130
default accounts 394
domain 418
local accounts 393–394, 395–399
User Configuration settings 132
validation of 125
user data
User Experience Virtualization (UE-V) 38–39
user interface
user personalization 38
user registry 14
user rights assignments 244–246
user settings
syncing 19
Users tab 339
User State Migration Tool (USMT) 15, 39–42, 268
UsmtUtils 41
VHDs. See virtual hard disks
VHD Set (VHDS) 192
VHDX 192
virtual desktops 89
virtual hard disks (VHDs)
applying Windows image to 45–46
boot options 46
configuration 109
create and configure native boot 43
Disk Management to attach 43
formats 192
MBR-partitioned 45
virtual machines
checkpoints 111
core components 109
creating 109
running 111
vs. multibooting 36
Virtual Secure Mode 21
virtual smart cards 21
viruses 355
Volume Activation Management Tool (VAMT) 119–120
Volume Activation Services 119
Volume Licensing Center (VLC) 31
volumes
simple 183
spanned 183
striping 184
Volume Shadow Copy Service (VSS) 366, 380, 387–390
vssadmin command-line tool 375–376, 389
WBAdmin
command line reference 382
WBAmin.exe 382
WDS deployment 23
web browsers
Web Credentials 409
WEP. See Wired Equivalent Privacy
Wi-Fi Direct
Wi-Fi Protected Access (WPA) 174
Wi-Fi settings
Windows 7 Home
upgrading from 11
Windows 8.1 33
Windows 10
advanced management tools 424–439
configuration
for regional and language support 50–52
devices and device drivers 52–77
hardware requirements 2–6, 18–21
implementation of 1
implementing in enterprise environment 114–134, 315
Active Directory configuration 125–129
Windows Configuration Designer tool 114–116
incremental build process 308–312
choosing upgrade or clean 9–15
methods 30
migrating from previous Windows version 38–42
native boot scenario configuration 33–37
Upgrade Readiness configuration 24–28
Long-term Servicing Branch 315–317
post-installation configuration 77–115
remote management tools in 271–272
requirements for
reverting to previous build of 323–326
updates
user interface customization 77–96
Windows 10 Business Edition 17
Windows 10 Education 16
Windows 10 Enterprise 16
Windows 10 Enterprise LTSC 16
Windows 10 Internet of Things (IoT) editions 17
Windows 10 Mobile 17
Windows 10 Mobile Enterprise 17
Windows 10 Pro 16
Windows Assessment and Deployment Kit (ADK) 7, 22, 39, 267
Windows Biometric Framework 21
Windows Configuration Designer tool 114–116
Windows Configuration Designer (WCD) 370
Windows Credentials 409
Windows Defender Credential Guard 410–412
Windows Defender Device Guard 413–414
Windows Defender Security Center 168, 354–358
advanced threat detection 357–358
Fresh Start 370
History screen 357
Home screen 356
scan options 355
Windows Easy Transfer 39
Windows features
using DISM to add/remove 49–50
Windows Firewall 215
enabling remote management in 272–274
Windows Firewall With Advanced Security 168–171
Windows Hardware Developer Center Dashboard portal 69, 71
Windows Hardware Quality Labs (WHQL) 73
Windows Hello for Business 21, 404–406
Windows logs 331
Windows Management Instrumentation (WMI) 251, 322
Windows Memory Diagnostic tool 361–362
Windows Network Diagnostics 178
Windows PowerShell History 131
Windows PowerShell ISE 438
Windows Preinstallation Environment (Windows PE) 23
Windows Recovery Environment (Windows RE) 371–374
Windows Server 2016
installing Active Directory on 127
Windows Server Update Services (WSUS) 218, 320
Windows Store apps
Windows System Image Manager (Windows SIM) 23–24
troubleshooting 308
viewing list of installed packages 323
Windows Update Stand-Alone Installer (Wusa.exe) 323
WinSxS directory 77
wipe-and-load migration 10, 13–14
Wired Equivalent Privacy (WEP) 174
modes 173
Workplace Join 419
WPA. See Wi-Fi Protected Access
WPA2 174
zero-touch deployment 22
zero-touch installation (ZTI) 252
18.191.11.89