Microsoft have released both Windows 10 version 1703 and ADK 1703 last week, one is on MSDN the other on Microsoft’s download site.
Two Know Issues:
OSD – App-V tools are missing in ADK 1703 when being installed on Windows Server 2016 (sometimes)
OS Deployment – Installing ADK 1703 on Windows Server 2016 could fail
For those of you who have started deploying Windows 10 1607, you might notice a change in the behavior of the Windows Update agent for PCs that are configured to pull updates from WSUS. Instead of pulling the updates from WSUS, PCs may start grabbing them from peers on your network, leveraging the Delivery Optimization service for referrals to other PCs that have already obtained the content. This change should generally help reduce the amount of network traffic being generated for both quality (monthly) updates and feature updates, offloading that traffic from the WSUS server. It will add some additional traffic between each client PC and the Delivery Optimization service on the internet, as it has to talk to this internet-only service in order to get a list of peers.
If the Windows Update agent can’t talk to the Delivery Optimization service (due to firewall or proxy configurations), or if there are no peers able to provide the content, it will then go ahead and grab the content from the WSUS server.
There is a new Group Policy setting available if you want to disable this behavior, e.g. because you are already using BranchCache for peer-to-peer sharing. To do this, you need to set the “Download Mode” policy under “Computer Configuration –> Administrative Templates –> Windows Components –> Delivery Optimization” to specify “Bypass” mode, which will result in the client always using BITS to transfer the content from WSUS (with BranchCache jumping in to provide the peer-to-peer capabilities through its integration with BITS):
Of course to set this policy, you need the latest ADMX files, which can be downloaded from https://www.microsoft.com/en-us/download/details.aspx?id=53430 and are also included in Windows 10 1607 and Windows Server 2016. (The “Bypass” setting wasn’t available in previous versions.) See https://support.microsoft.com/en-us/kb/3087759 for details on how to update the Group Policy central store with these latest ADMX files, if you are using a central store.
Source: https://blogs.technet.microsoft.com/mniehaus/2016/08/08/using-wsus-with-windows-10-1607/
We’re happy to announce the release of our newest free ebook, Deploying Windows 10: Automating deployment by using System Center Configuration Manager (ISBN 9781509301867), by Andre Della Monica, Russ Rimmerman, Alessandro Cesarini, and Victor Silveira.
This ebook is also available for download at the Microsoft Virtual Academy (MVA).
Get a head start deploying Windows 10—with tips and best practices from experts in the field. This guide shows you how to deploy Windows 10 in an automated way without impacting end users by leveraging System Center Configuration Manager, which is the most used product to deploy Microsoft operating systems in the industry today.
I thing i see at many client’s where i come is. Enable Automatic scavenging of stale records is forget to enable. This is a best practise. See: https://technet.microsoft.com/nl-nl/library/ff807390(v=ws.10).aspx
Use the Microsoft Best Practice Analyzer 
Powershell 
Set-DnsServerScavenging –ScavengingState $True –RefreshInterval 7:00:00:00 –NoRefreshInterval 7:00:00:00 –ScavengingInterval 7:00:00:00 –ApplyOnAllZones –Verbose
This security update resolves a security feature bypass in Microsoft Windows. An attacker could bypass Kerberos authentication on a target machine and decrypt drives protected by BitLocker. The bypass can be exploited only if the target system has BitLocker enabled without a PIN or USB key, the computer is domain-joined, and the attacker has physical access to the computer.
This security update is rated Important for all supported editions of Windows. For more information, see the Affected Software section.
The update addresses the bypass by adding an additional authentication check that will run prior to a password change. For more information about the vulnerability, see theVulnerability Information section.
For more information about this update, see Microsoft Knowledge Base Article 3105256.
Microsoft has released the Windows 10 Group Policy (.ADMX) templates . These .ADMX templates are released as a separate download package so you can manage group policy for Windows 10 clients more easily.
This new package includes additional (.ADMX) templates which are not included in the RTM version of Windows 10.
To download the Windows 10 Group Policy (.ADMX) templates, please visit http://www.microsoft.com/en-us/download/details.aspx?id=48257
To review which settings are new in Windows 10, review the Windows 10 ADMX spreadsheet here:http://www.microsoft.com/en-us/download/details.aspx?id=25250
Windows 10 build 10240 has been released to the Fast Ring. That’s what I’m running on my laptop now. There were heavy rumors yesterday that this is the to Release To Manufacturing (RTM) build and is the one to be publically available on July 29th. But there is no hard confirmation on this by Microsoft yet Build 10240 now available for Windows Insiders in Fast and Slow rings.
“Over the past few days we’ve been preparing our release pipelines and processes, and this build is one step closer to what customers will start to receive on 7/29 …
On Monday we announced that builds from here on will only be available through Windows Update, so to get this one you can either wait and it will be installed automatically.”
Here’s how you prepare to roll it out in your company.
In a previous blog post I wrote about the update you needed for your KMS server to be able to activate Windows 10 clients. Read about that in KB3058168: Update that enables Windows 8.1 and Windows 8 KMS hosts to activate a later version of Windows
Meanwhile Microsoft has also published the Windows 10 client KMS activation which keys can be found here Appendix A: KMS Client Setup Keys
Operating system edition
KMS Client Setup Key
Windows 10 Professional: W269N-WFGWX-YVC9B-4J6C9-T83GX
Windows 10 Professional N: MH37W-N47XK-V7XM9-C7227-GCQG9
Windows 10 Enterprise: N: NPPR9-FWDCX-D2C8J-H872K-2YT43
Windows 10 Enterprise N: DPH2V-TTNVB-4X9Q3-TJR4H-KHJW4
Windows 10 Education: NW6C2-QMPVW-D7KKK-3GKT6-VCFB2
Windows 10 Education N: 2WH4N-8QGBV-H22JP-CT43Q-MDWW
Windows 10 Enterprise 2015 LTSB: WNMTR-4C88C-JK8YV-HQ7T2-76DF9
Windows 10 Enterprise 2015 LTSB N: 2F77B-TNFGY-69QQF-B8YKP-D69TJ
Do note this is the key you use when you activate the Windows 10 Client against a KMS server. It is not the KMS license server key. That one you’ll need to obtain from your valid Microsoft licenses.
Windows 10 will be available on July 29th 2015. Microsoft has prepared for this by already making an Update(KB3058168) that enables Windows 8.1, Windows Server 2012 R2, Windows 8, and Windows Server 2012 Key Management Service (KMS) hosts to activate a “later version of Windows”. This must means Windows 10. I do not know if this means that is even for Windows Server 2016. Windows 10 will be activated by a KMS server running this update but it might.
Select the version you need for the KMS server or servers you use and install them.
Microsoft has released a free ebook of “Introducing Windows 10 for IT Professionals, Preview Edition”. You can download the ebook here. Special thanks to Mark Swinkels
