A Windows 11 PSA

In this post, I highlight one of the lesser-understood requirements to the Windows 11 install process.

It's Coming!

The arrival of Windows 11 is imminent – that much you are probably aware of. If you didn’t know, well, now you do …

Windows 11 promises to do everything that Windows didn’t do before. It’s been “redesigned for productivity, creativity, and ease.” I have no doubt that it will bring some new capabilities and features with it, but I’m not entirely sure how far the changes will extend. 

Because I’m part of the Windows Insider program (I suspect many of your are, as well), I’ve been getting regular OS updates that have extended beyond standard Windows Updates for some time now. In fact, the Beta Channel that I’ve been keeping my machines in gives me early access to Windows 11 builds, and I did get an obvious Windows 11 build installed on my laptop just a couple of days ago.

I didn’t, however, get the same build on my primary workstation. After a little checking, I realized my primary workstation had been “demoted” to the Release Preview Channel within the Windows Insider program:

The Release Preview Channel gets you features and fixes in advance, but it doesn’t get you Windows 11.

It wasn’t immediately clear to me why my primary workstation had been recategorized. I had to read through some old email to understand what had happened.

Do You Trust Me?

The reason for Threadripper’s demotion can be best summed-up this way: it was as an issue of trust.

More accurately: Microsoft couldn’t detect an active Trusted Platform Module (TPM) within my system, and so I didn’t appear to meet the minimum hardware requirements for Windows 11 seen below:

Platform security is an important topic and a concern of mine, but I need to be forthcoming with you: in the past, I really didn’t care too much about what TPMs did or how they worked. I knew that they were present in a lot of hardware (particularly laptops). If anything, that TPM hardware caused me headaches on systems that I simply wanted to setup without the need to “secure boot.” It seemed like it was never as easy to simply install an OS on hardware that included a TPM as it was on other hardware.

TPM hardware has matured over time (we’re on v2.0), and if you want to install Windows 11, you’re going to need to turn that TPM on, so you should learn a little about it.

TPM Time

It seems that TPM chips do quite a bit. If you want to turn on Windows Bitlocker these days (a good idea), the TPM chip gets involved. In essence, the TPM chip is your crypto companion, essentially enabling the encryption of information you might wish to pass across the net or store on your system. I’m sure it does more than just crypto, but that fact alone earns my respect. What a lousy job!

As you folks who follow me on this blog know, The Threadripper was built about a year ago. It naturally has a TPM module, but I hadn’t enabled it. While browsing net posts, I learned that Asus had been hard at work on BIOS updates that would enable the TPM modules for DIY folks (like myself) more easily, make them more visible, and allow them to upgrade to Windows 11. So, I did things the Asus way and rebooted my system with a USB drive that had an updated firmware image on it:

ASUS BIOS Screen

… and got my system BIOS up to v1502. It was a piece of cake, and when I went back to my Windows Insider settings (post-upgrade), it looked like I was sitting pretty:

Windows 11 Installed in Preview

But most importantly, it made the presence and the function of the TPM on the mainboard visible:

So if you want to be Windows 11 ready and ensure a smooth experience, make sure your TPM is visible in the system:

An active trusted platform module

Because you know Windows is going to look for it!

References and Resources

Faster Access to Office Files in Microsoft Teams

While we were answering (or more appropriately, attempting to answer) questions on this week’s webcast of the Microsoft Community Office Hours, one particular question popped-up that got me thinking and playing around a bit. The question was from David Cummings, and here was what David submitted in its entirety:

with the new teams meeting experience, not seeing Teams under Browse for PowerPoint, I’m aware that they are constantly changing the file sharing experience, it seems only way to do it is open sharepoint ,then sync to onedrive and always use upload from computer and select the location,but by this method we will have to sync for most of our users that use primarily teams at our office

Reading David’s question/request, I thought I understood the situation he was struggling with. There didn’t seem to be a way to add an arbitrary location to the list of OneDrive for Business locations and SharePoint sites that he had Office accounts signed into … and that was causing him some pain and (seemingly) unnecessary work steps.

What I’m about to present isn’t groundbreaking information, but it is something I’d forgotten about until recently (when prompted by David’s post) and was happy to still find present in some of the Office product dialogs.

Can't Get There From Here

I opened-up PowerPoint and started poking around the initial page that had options to open, save,  export, etc.,for PowerPoint presentations. Selecting the Open option on the far left yielded an “Open” column like the one seen on the left.

The “Open” column provided me with the option to save/load/etc. from a OneDrive location or the any of the SharePoint sites associated with an account that had been added/attached to Office, but not an arbitrary Microsoft Teams or SharePoint site.

SharePoint and OneDrive weren’t the only locations from which files could be saved or loaded. There were also a handful of other locations types that could be integrated, and the options to add those locations appeared below the “Open” column: This PC, Add a Place, and Browse.

Selecting This PC swapped-out the column of documents to the right of the “Open” column with what I regarded as a less-functional local file system browser. Selecting Add a Place showed some potential promise, but upon further investigation I realized it was a glorified OneDrive browser: 

But selecting Browse gave me what appeared to be a Windows common file dialog. As I suspected, though, there were actually some special things that could be done with the dialog that went beyond the local file system:

It was readily apparent upon opening the Browse file dialog that I could access local and mapped drives to save, load, or perform other operations with PowerPoint presentations, and this was consistent across Microsoft Office. What wasn’t immediately obvious, though, was that the file dialog had unadvertised goodies.

Dialog on Steroids

What wasn’t readily apparent from the dialog’s appearance and labels was that it had the ability to open SharePoint-resident files directly. It could also be used to browse SharePoint site structures and document libraries to find a file (or file location) I wished to work with.

Why should I care (or more appropriately, why should David care) that this can be done? Because SharePoint is the underlying storage location for a lot of the data -including files – that exist and are surfaced in Microsoft Teams.

Don’t believe me? Follow along as I run a scenario that highlights the SharePoint functionality in-action through a recent need of my own.

Accounts Accounts Everywhere

As someone who works with quite a few different organizations and IT shops, it probably comes as no real surprise for me to share that I have a couple dozen sets of Microsoft 365 credentials (i.e., usernames and associated passwords). I’m willing to bet that many of you are in a similar situation and wish there were a faster way to switch between accounts since it seems like everything we need to work with is protected by a different login.

Office doesn’t allow me to add every Microsoft 365 account and credential set to the “quick access” list that appears in Word, PowerPoint, Excel, etc. I have about five different accounts and associated locations that I added to my Office quick access location list. This covers me in the majority of daily circumstances, but there are times when I want to work with a Teams site or other repository that isn’t on my quick access list and/or is associated with a seldom-used credential set.

A Personal Example

Not too long ago, I had the privilege of delivering a SharePoint Online performance troubleshooting session at our recent M365 Cincinnati & Tri-State Virtual Friday event. Fellow MVP Stacy Deere-Strole and her team over at Focal Point Solutions have been organizing these sorts of events for the Cincinnati area for the last bunch of years, but the pandemic affecting everyone necessitated some changes this year. So this year, Stacy and team spun up a Microsoft Team in the Microsoft Community Teams environment to coordinate sessions and speaker activities (among other things).

Like a lot of speakers who present on Microsoft 365 topics, I have a set of credentials in the msftcommunity.com domain, and those are what I used to access the Teams team associated with M365 Cincinnati virtual event:

When I was getting my presentation ready for the event, I needed access to a couple of PowerPoint presentations that were stored in the Teams file area (aka, the associated SharePoint Online document library). These PowerPoint files contained slides about the event, the sponsors, and other important information that needed to be included with my presentation:

At the point when I located the files in the Teams environment, I could have downloaded them to my local system for reference and usage. If I did that, though, I wouldn’t have seen any late-breaking changes that might have been introduced to the slides just prior to the virtual event.

So, I decided to get a SharePoint link to each PowerPoint file through the ellipses that appeared after each file like this:

Choosing Copy Link from the context-sensitive menu popped-up another dialog that allowed me to choose either a Microsoft Teams link or a SharePoint file link. In my case, I wanted the SharePoint file link specifically:

Going back to PowerPoint, choosing Open, selecting Browse, and supplying the link I just copied from Teams …

… got me this dialog:

Well that wasn’t what I was hoping to see at the time.

I remembered the immortal words of Douglas Adams, “Don’t Panic” and reviewed the link more closely. I realized that the “can’t open” dialog was actually expected behavior, and it served to remind me that there was just a bit of cleanup I needed to do before the link could be used.

Reviewing the SharePoint link in its entirety, this is what I saw:

https://msftcommunity.sharepoint.com/sites/M365CincinnatiTriStateUserGroup-Speakers/_layouts/15/Doc.aspx?OR=teams&action=edit&sourcedoc={C8FF1D53-3238-44EA-8ECF-AD1914ECF6FA}

Breaking down this link, I had a reference to a SharePoint site’s Doc.aspx page in the site’s _LAYOUTS special folder. That was obviously not the PowerPoint presentation of interest. I actually only cared about the site portion of the link, so I modified the link by truncating everything from /_layouts to the end. That left me with:

https://msftcommunity.sharepoint.com/sites/M365CincinnatiTriStateUserGroup-Speakers

I went back into PowerPoint with the modified site link and dropped it in the File name: textbox (it could be placed in either the File name: textbox or the path textbox at the top of the dialog; i.e., either of the two areas boxed in red below):

When I clicked the Open button after copying in the modified link, I experienced some pauses and prompts to login. When I supplied the right credentials for the login prompt(s) (in my case, my @msftcommunity.com credentials), I eventually saw the SharePoint virtual file system of the associated Microsoft Team:

The PowerPoint files of interest to me were going to be in the Documents library. When I drilled into Documents, I was aware that I would encounter a layer of folders: one folder for each Channel in the Team that had files associated with it (i.e., for each channel that has files on its Files tab).  It turns out that only the Speakers channel had files, so I saw: 

Drilling into the Speakers folder revealed the two PowerPoint presentations I was interested in:

And when I selected the desired file (boxed above) and clicked the Open button, I was presented with what I wanted to see in PowerPoint:

Getting Back

At this point, you might be thinking, “That seems like a lot of work to get to a PowerPoint file in SharePoint.” And honestly, I couldn’t argue with that line of reasoning. 

Where this approach starts to pay dividends, though, is when we want to get back to that SharePoint document library to work with additional files – like the other PowerPoint file I didn’t open when I initially went in to the document library.

Upon closing the original PowerPoint file containing the slides I needed to integrate, PowerPoint was kind enough to place a file reference in the Presentations area/list of the Open page:

That file reference would hang around for quite some time depending on how many different files I would open over time. If I wanted the file I just worked with to hang around longer, I always had the option of pinning it to list.

But if I was done with that specific file, what do I care? Well, you may recall that there’s still another file I needed to work with in that resides in the same SharePoint location … so while the previous file reference wasn’t of any more use to me, the location where it was stored was something I had an interest in.

Fun fact: each entry in the Presentations tab has a context-sensitive menu associated with it. When I right-clicked the highlighted filename/entry, I saw:

And when I clicked the Open file location menu selection, I was taken back to the document library where both of the PowerPoint files resided:

Re-opening the SharePoint document library may necessitate re-authenticating a time or two along the way … but if I’m still within the same PowerPoint session and authenticated to the SharePoint site housing the files at the time, I won’t be prompted.

Either way, I find this “repeat experience” more streamlined than making lots of local file copies, remembering specific locations where files are stored, etc.

Conclusion

This particular post didn’t really break any new ground and may be common information to many of you. My memory isn’t what it once was, though, and I’d forgotten about the “file dialogs on steroids” when I stopped working regularly with SharePoint Designer a number of years back. I was glad to be reminded thanks to David.

If nothing else, I hope this post served as a reminder to some that there’s more than one way to solve common problems and address recurring needs. Sometimes all that is required is a bit of experimentation.

References and Resources

Running As Administrator All The Time.

In this post, I review the process of creating Taskbar and Start Menu shortcuts that automatically “Run as Administrator” with a left-click or two.

UPDATE (6/9/2019): Jonathan Mast, who happens to be a pretty sharp guy and friend of mine, saw this post and enlightened me with another tip (which I've tried and verified). If you want to launch an application as an Administrator, you can also press <CTRL><SHIFT> while left-clicking the shortcut. Microsoft officially lists this shortcut among its list of Taskbar keyboard shortcuts here. It just so happens that Jonathan now works for Microsoft!

This post is nothing earth-shattering, and my only hope is that it exposes a person or two to a less-than-obvious technique that might yield some incremental time savings when building shortcuts.

I was building some virtual machines the other day, and I was dropping shortcuts onto the Windows Start Menu and the Windows Taskbar with abandon. Creating shortcuts is relatively easy, but I wanted the applications associated with the shortcuts to run with Administrator privileges.

To launch an application from an associated shortcut, we typically do one of the following:

  • Single left-click an application shortcut icon (for applications on the Start Menu or Taskbar)
  • Double left-click an application shortcut icon (in the case of a desktop application shortcuts)

We’ve been doing this for decades now to execute an application. But when we want to launch an application within the security context of an account with Administrator rights, we’ve got to do that right-click thing to select “Run as Administrator” from the list of menu options we’re presented with. It’s a trivial step, I know, but it’s annoying as all get out. My index finger wants to do the clicking, dammit …

Well, there’s a better way to handle this situation. Wouldn’t you like to set up your Start Menu and Taskbar shortcuts to automatically “Run as Administrator” whenever you launch them in the standard left-click (or left double-click) fashion?

The Task at Hand

This is actually relatively easy to do, but I’m sure that there are at least a few out there for whom this will be new knowledge.

For Taskbar-pinned application shortcuts that you always want to launch with Administrator privileges, perform the initial right-click that you normally would to select “Run as Administrator” as demonstrated in the image above and to the right for the Windows PowerShell icon I have pinned to my Taskbar. Instead of clicking “Run as Administrator” as is normally the case, right-click again on the name of the application you want to set up to run in the context of the Administrator account.

In the case of my example, that’s Windows PowerShell. So, I’d right-click once to open the context-sensitive menu seen above, and then I’d right click the “Windows PowerShell” option to open the second context-sensitive menu seen on the left.

Upon selecting “Properties” with a left-click from the second context sensitive window shown above and to the left, the Properties dialog box would appear for the application (as shown below).

Upon seeing this dialog box, you should left-click the “Advanced …” button that appears approximately 2/3 of the way down the dialog on the right. When you click that the “Advanced …” button, you’ll see an “Advanced Properties” dialog open as seen below.

At this point, simply click on the “Run as administrator” checkbox and click the “OK” button on all of the open dialogs to apply your changes. From this point forward, whenever you left-click on the Taskbar shortcut you’ve just configured, the associated application will launch in the context of the Administrator account!

What About Start Menu Items?

Setting up Start Menu shortcuts to “Run as Administrator” is really just a variation on the theme we’ve already established. As with the Taskbar shortcuts, we begin by right-clicking the desired shortcut. In this example, I’m going to use  “.Net Reflector 9.0” shortcut:

After the first right-click, I then hover over or expand the “More” menu item and select the “Open file location” option:

This will open Windows Explorer to the location in the local file system of the shortcut we’re interested in configuring.

From this point onward, it’s the same as it was with the Taskbar shortcuts. Simply click the “Advanced…” button and check the “Run as Adminstrator” box for the shortcut to have the associated application launch in the Administrator context.

Wrap-up

This post wasn’t rocket science, but when I was reminded of the shortcut configuration process (by the recent creation of a new batch of SharePoint 2019 VMs and all of their shortcuts), I figured sharing it out might help a person or two. And after all, that’s what it’s all about! Besides, it gave me the chance to write something up, so I consider it an all-around win. I hope that you feel the same way