Jun 29 2012

How Windows 8 Can Make Life Easier for IT Shops

There’s more to Windows 8 than just the new Metro interface.

With much of the press coverage for Windows 8 being focused on the new Metro interface and development environment, you might think that Microsoft doesn’t have much in the bag for system administrators at large organizations. Even the recent Windows 8 Consumer Preview product guide is scant on details.

But, as expected, Microsoft will include many evolutionary improvements to encourage adoption. Here are just a few.

Reset and Refresh with Windows 8

Consumer PCs have long been shipped with system restore disks or partitions, which allow a quick OS restore to factory settings if a major problem occurs. Windows 8 includes similar functionality; and while this won’t replace system imaging in large organizations, it should prove useful in smaller organizations with limited IT support. IT staff will be able to create a base system image so that users can revert to a system that’s configured with all the necessary applications and configuration settings in place.

Both Reset and Refresh operations involve a complete reinstall of Windows, but a Reset removes all data, programs and settings, while a Refresh keeps data, Metro apps and other important configurations. Unfortunately, because of the various install technologies for Desktop Mode applications, they cannot be maintained as part of a Refresh, although the restore process does leave an HTML file on the desktop, with a list of all the previously installed desktop programs.

A Reset is useful in situations where a PC is due to be reassigned to another user or decommissioned. Organizations concerned about data security can choose to go beyond a standard format operation during the reinstall process and write random data to all sectors on the disk, making it difficult to get the data back without using sophisticated recovery equipment.

A Refresh is likely to be more useful than Reset, because there’s no need to back up local data. During the Refresh process, the drive is scanned for data, settings and Metro apps, which are moved to a protected location on the local disk. Windows is then reinstalled, and the Windows Recovery Environment (RE) restores the data, settings and apps in the new copy of Windows. The PC boots straight to the reinstalled OS without going through the usual setup screens encountered when Windows is installed for the first time.

Windows 8 refresh

Supporting Windows RT Tablets via Windows Store

The tablet revolution has put the app store at the center of curated computing, where programs are vetted by the OS vendor to ensure that quality standards are met. Windows 8 will include an integrated app store and new Metro-style apps developed on the Windows Runtime (WinRT) environment. On Intel platforms, Metro apps can be managed using traditional tools, such as System Center Configuration Manager (SCCM).

Windows 8 Figure 2

Because Windows RT (previously Windows on ARM) cannot join an Active Directory domain and has no desktop, there will be a new management client that enables organizations to deliver applications to users via the cloud using a self-service portal. At the time this article was written, this management feature was part of Windows RT devices only.

On Intel platforms, system administrators will be able to sideload Metro-style line-of-business apps; for example, install the apps without going through the Windows Store, when the “Allow all trusted applications to install” Group Policy setting is enabled and the apps are signed and trusted by the local computer. The computer must be joined to an Active Directory (AD) domain for sideloading per-user apps. Signed app packages — .appx files — can be added on a per-user basis using PowerShell:

import-module appx
add-appxpackage c:\myapp.appx

To confuse matters, Metro-style LOB apps can be provisioned, or pre-staged, for all users, so they are installed at first logon. In this case, the PC doesn’t need to be a member of an AD domain.

Add-AppxProvisionedPackage -Online -FolderPath c:\Appx

If you choose not to disable Windows Store for users, AppLocker can be configured to determine which publically available Metro apps can be installed.

Hyper-V Virtualization with Windows 8

Virtual PC is Microsoft’s desktop virtualization product for Windows 7, with the technology sitting at the core of Windows 7 XP Mode. It’s an application compatibility solution that allows organizations to upgrade to Windows 7 while still running programs that aren’t compatible with the operating system. Windows 7 XP Mode goes further than the standalone Virtual PC product, and applications running in the virtual machine can be launched as if they were installed on the host PC’s desktop, avoiding the confusion that might occur if users are required to switch between a physical and virtual desktop. XP Mode has the disadvantage of being fairly slow, with limited hardware support.

Previously available only in Windows Server, Hyper-V is part of Windows 8 Professional and provides significantly better performance and hardware support than Virtual PC. Technical constraints that didn’t affect Hyper-V on the server, such as support for “sleep” and “hibernate,” have been addressed allowing Microsoft to offer Hyper-V on the client using Windows 8 for the first time.

Windows 8 Hyper V

While this is the news developers and IT administrators have been waiting to hear for a long time, it remains unclear if the integration capabilities of Windows 7 XP Mode will be ported to Hyper-V, or whether XP Mode will be updated to support Windows 8. One way or the other, it’s likely that Microsoft will offer a solution via its Microsoft Desktop Optimization Pack (MDOP) for Software Assurance customers.

Access to a Hyper-V virtual desktop can be given via a Remote Desktop Connection and, though not as convenient as XP Mode integration, provides easier access to a virtual machine than using the Hyper-V management interface. One drawback of this access method is that the VM must already be running to establish a connection.


Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.