Some More Windows 10 Observations

RJM62

Touchdown! Greaser!
Joined
Jun 15, 2007
Messages
13,157
Location
Upstate New York
Display Name

Display name:
Geek on the Hill
Some more Windows 10 observations.

As I said before, I'm not a big fan of upgrading an OS that's still in support, works well, and does whatever you need it to do. "If it ain't broke, don't fix it" has always worked well for me. But when buying or building a new machine, using an OS that has less time left before sunset doesn't make sense unless you have a specific reason for doing so.

I'd been debating building a new machine, buying a new Windows machine, or switching to Mac. A week ago, I decided to take a trip to Micro Center with no specific mission other than fact finding. It's about a two-hour trip from where I live to the nearest Micro Center, but there's no other place even remotely acceptable anywhere closer to me. They're also an authorized Apple seller, so I could compare options. Also, Micro Center has a 15-day no-nonsense return policy that they actually honor.

As for Mac, I like Macs. I like Apple as a company, for the most part. I like iOS as far as stability and security are concerned. I am not a fan of the iOS GUI, but I could live with it if I had to.

But it would be an adjustment for me. I'm used to doing things on Windows. And frankly, Windows works well for me in terms of actually doing what I need done. Win2K was rock solid, XP was okay if you just used it for work and avoided programs that relied on VxDs, Vista was okay if you disabled UAC, and both 7 and 8 were excellent in terms of stability unless you really abused them.

So I looked at Macs, I looked at parts to build a PC, and I looked at factory-made PCs. I bounced to and fro in all three directions for a couple of hours. I even had most of the parts to build a new PC in my cart at one point.

But I ultimately walked out with an HP ProDesk 400 G3 MT because it was on sale for a lower price than I could build or buy a comparable machine. The price was about $75.00 lower than I would have paid for the identical machine with my HP employee discount (compliments of First Tech Fed), and about $125.00 lower than I would have paid for a comparable Lenovo machine with my SUNY faculty discount.

I also liked that it's one of HP's business-class machines, which I've always had good luck with as a user and a consultant. I've found them to be well-made and well-supported, and they don't come with the mounds of crapware that most of HP's consumer-class machines have.

The only thing I would have preferred would have been an i7 processor rather than the i5-6600 (3.3 GHz). But the i5-6600 is at or near the top of the i5 line, and the only software I occasionally use where an i7 would make a difference is Premier, which I use only a few times a year. Also, the mobo will support an i7 if I ever do decide to upgrade.

The computer was manufactured in November of 2015 and came with Win7Pro pre-installed, along with a license and DVD for Win10Pro. I bought a spare hard drive and did a fresh install of Win10Pro with the intent of testing it intensively during the return privilege period. If I didn't like it, I could then return it in salable condition. Barring any major disasters in the next seven days, however, I have decided to keep it.

Having spent a little over a week testing the machine and Win10Pro, here are my observations.

Good Things about Windows 10 Pro

With all the trash-talk about Win10, I thought it only fair to start with some good things about it. Please note that these comments apply to Pro only. There have been so many settings that were only accessible via the Group Policy Editor that I already would have either returned the machine or upgraded to Pro had come with Win10Home.

Here are a things about Win10Pro that I like.

1. It's fast, smooth, and stable, with one annoying exception that I'll get into later.

2. Its legacy software support is far superior to that of Win7 or Win8. I installed some old programs that required Compatibility Mode in Win7 and Win8, but which installed and ran perfectly without it in Win10.

3. Resource management is excellent, especially its multicore processor management. Note, however, that I did a fresh install. From my research, it seems that failure to utilize all available cores and other resource management issues are common problems with upgrades.

4. Anything network-related is a breeze to set up. Network discovery works beautifully. It quickly found, installed, and installed the software for almost every printer and other device on my network very quickly and very automatically. I didn't even need to point it at the IPs. I was impressed.

The only hiccup was with my HP CLJ-3600 printer, which it found, but wasn't sure about which driver to use. I used the Vista driver because it's the one that HP recommends for Win10, but several others that were in the list also would have worked.

5. As far as I can tell, all of the snooping and almost all of the advertising can be fairly-easily disabled. I've been watching my router logs, and I haven't come across anything suspicious since doing so. The only ad I haven't been able to disable is the one on Solitaire, which I really don't care about. Presumably some of the other games and apps also have some ads, but I didn't try most of them, so I can't say for sure.

I won't go into detail about what to disable because it can be found in about a bazillion places on the Interwebs, and because everyone has different definitions of what constitutes a privacy invasion. Because the advertising ID can be completely disabled, I'm mainly concerned about stuff that identifies me and/or might contain information that could be used for identity theft if it were hacked, or stuff that consumes resources for purposes that I don't need. The software I actually use is not ad-supported, so the advertising part of it is pretty much a moot point for me.

Bad Things About Windows 10 Pro

1. I don't like that the snoopware is enabled by default, and I don't like that Microsoft is moving in that direction. Yes, it can be disabled. But I think it should be disabled by default. One Google in the world is enough, thank you.

2. The native Start Menu / Search box has an annoying habit of breaking. When this happens, you can't type into the search box, you can't right-click any shortcuts in the toolbar or quick-launch, and you can't left-click the Windows Start button. (You can right-click the Start Button, however, for whatever bizarre reason.)

This is not an easy nor a fast problem to fix. There are several ways to try, all of which are very time-consuming, most of which would be intimidating to someone who's not comfortable in Powershell, and none of which will necessarily work. I gave up and created a new profile and moved my stuff into it. Which brings me to:

3. Except for what was limited by Group Policy (which is only available in Pro, by the way), new profiles re-enable the snoopware by default. It is possible to disable it system-wide in Group Policy and/or in the Registry if you plan on having multiple users and want it disabled machine-wide, but it would be extremely tedious.

4. There is no more tapping F8 during boot to get to Safe Mode. The only way to get to Safe Mode, from what I've read (I haven't actually tried it) is to interrupt the boot three times in a row, which is likely to cause even more harm to a damaged system.

Safe Mode and Safe Mode with Networking can be added as boot options rather easily (as can other options, such as booting to a recovery environment), but unless you do that, those options will not be available to you if and when you need them.

5. The native GUI is still horrid. It's not quite so horrid as the native Win8/8.1 GUI, but it's not much better. It's like the Metro interface with some grudging concessions to people who hated it. Classic Shell fixes that problem, however.

6. Automatic updates are enabled by default. This can only be easily changed in Group Policy Editor, which is only available in Win10Pro and higher. If you've dealt with enough systems that were hosed by an update, then you can understand why this is problematic. I want the opportunity to refresh my backups before installing updates.

7. Windows Defender keeps on checking for signature updates and notifying me to download them even when it's turned off. I have not yet found a way to disable this (but I really haven't tried that hard yet). Also, I know of no easy way to permanently turn off Windows Defender itself other than in the Group Policy Editor, which again is a Pro and higher feature.

Other Observations Based on My Farting Around Scientific Testing

1. As with other recent versions of Windows, the Administrator account is not available for login by default. This means that if your profile gets hosed and you're the only user, you can't easily boot into another admin profile. The Administrator login can be easily enabled, but you have to do it yourself. If you're the only user, then I suggest you do so.

2. If you like to make hard drive clones, don't assume that your long-beloved software will produce usable copies. In my tests, a clone made by Casper 8.0 failed to boot. A clone made by Macrium did boot.

3. Also, don't assume that the bootable recovery media for your beloved imaging software will work. This is probably more a hardware issue than a software one, but test it first anyway. In my case, a Macrium recovery environment saved to a flash drive worked, but a recovery CD made by the same software did not. I know not why.

4. The only performance problem I've had has been one that also happened on occasion with Win8.1, and it only happened once on 10: Adobe Fireworks sometimes crashes if you try to open a file with it when it's not already running. When this happens, the only thing that seems to fix it is a reboot. The temporary workaround until it's convenient to reboot is to open Fireworks first, then open the files.

In fairness, Adobe hates Fireworks and has basically stopped supporting it. The only reason they even make it available is because enough of us have threatened to cancel our Creative Cloud accounts if they ever pull it. Adobe wants everyone to use Photoshop, which is a great photo editor, but was not designed for the Web like Fireworks was.

Conclusion

Windows 10 Professional runs my current software at least as well as 8.1 does (probably a little better), and legacy software better than 8.1. It's a fast, stable platform for what I do. It has excellent resource management and superb, simple, and largely automated networking that actually works. All in all, it's a competent and capable OS.

Unfortunately, it's marred by snoopware that must be disabled manually, has a horrid GUI, lacks important and customary system recovery options by default (which can be manually added back), has an automatic update feature that can only be disabled in Pro and higher, and has an annoying (and as-yet unsolved) bug that causes the Start Menu / Toolbars / Taskbar / Quick Launch / Search functions to collectively **** the bed from time to time, and which can be very difficult to fix.

My advice, if you want to use Windows 10, is:

1. Use only the Pro version.

2. Disable the snoopware as you see fit, according to your own definitions of what constitutes a privacy violation and/or security risk.

3. I use a local login, not a Microsoft account, as my login. Most (but not all) MS services can be accessed from within a local account if you log in to Microsoft for the session. If you want all your data and settings synced across multiple devices, however, a local account will not do that. (Or at least I don't think it will. I haven't looked into it that deeply.)

4. I personally did not configure One Drive. But then again, I already have all the online storage I could possibly want. One Drive probably is a perfectly good service. I just don't need it.

5. I suggest you refuse Cortana's offer to "get to know you." She'll pout, but she'll get over it. She's tougher than she looks.

6. Disable automatic updates so as to be able to make backups first.

7. Add the Safe Mode and whatever other recovery boot options you love back into the boot options.

8. Enable the Administrator login if you're the only user with an admin account.

9. Make frequent restore points. System restore might fix the Start Menu problem if it occurs.

10. Obtain and test good system backup software, and back up very religiously. In fact, make multiple backups. I make both clones and images of the system drive in addition to online data backups. The one phrase I never heard a client say after a data disaster was, "We have too damn many backups to choose from!"

Rich
 
Last edited:
Thank you, Rich!
I don't know when I'll need this, but I'm sure the day will come. (preferably after they've fixed the search glitch)
 
Nice write up Rich.

Folks don't realize that stuff like the above is just the piddling needed to make base recommendations and to get an OS like this one ready for a corporate/enterprise environment is truly a death march from hell of getting every single setting right and all of the registry and group policy stuff and testing the crap out of it -- and still getting bitten in the butt by some stupid setting that was missed.

That is why I loathe the need to spend even MORE time working on turning off the snoopware. The last thing any small IT shop needs is the OS maker wasting their time. Stuff is already bad enough as it is.

Anyway, interesting info on all that crap being re-enabled on a profile switch, Rich. Argh. Beat head here.

Also wondering: You doing everything wired for network or are you doing wireless at all? Reason I ask: We've seen some totally annoying "power saving" behavior of machines on 8.1 Pro shutting off wifi connectivity by default when the user is logged out. Considering that these machines are in a Windows Domain and there's a number of servers they need to talk to for updates, anti-virus/anti-malware, and what not, and they don't appear to respond to a Wake-On-LAN packet on their wifi interfaces either (because they're already on, but they've dropped their wifi to conserve power), none of the traditionally "overnight" automation works.

We've poked at them pretty hard trying to get the settings right. Tell the OS in the wifi driver it's not allowed to shut the interface off or control its power, make sure the manufacturer's crapware isn't changing power settings, and even told the laptops they weren't allowed to go to sleep. All on that one model of Dell business laptops to no avail so far.

We have a ticket open with Dell but don't expect much to come of it.

So if the user logs out, wifi dies. If the user simply locks the laptop it stays up.

At least we only bought two of the stupid things. The other Dell laptops (cheaper actually) don't do it.
 
Nice write up Rich.

Thanks! :)

Folks don't realize that stuff like the above is just the piddling needed to make base recommendations and to get an OS like this one ready for a corporate/enterprise environment is truly a death march from hell of getting every single setting right and all of the registry and group policy stuff and testing the crap out of it -- and still getting bitten in the butt by some stupid setting that was missed.

That is why I loathe the need to spend even MORE time working on turning off the snoopware. The last thing any small IT shop needs is the OS maker wasting their time. Stuff is already bad enough as it is.

Anyway, interesting info on all that crap being re-enabled on a profile switch, Rich. Argh. Beat head here.

Yep. I found that mildly annoying, to say the least.

Also wondering: You doing everything wired for network or are you doing wireless at all? Reason I ask: We've seen some totally annoying "power saving" behavior of machines on 8.1 Pro shutting off wifi connectivity by default when the user is logged out. Considering that these machines are in a Windows Domain and there's a number of servers they need to talk to for updates, anti-virus/anti-malware, and what not, and they don't appear to respond to a Wake-On-LAN packet on their wifi interfaces either (because they're already on, but they've dropped their wifi to conserve power), none of the traditionally "overnight" automation works.

We've poked at them pretty hard trying to get the settings right. Tell the OS in the wifi driver it's not allowed to shut the interface off or control its power, make sure the manufacturer's crapware isn't changing power settings, and even told the laptops they weren't allowed to go to sleep. All on that one model of Dell business laptops to no avail so far.

We have a ticket open with Dell but don't expect much to come of it.

So if the user logs out, wifi dies. If the user simply locks the laptop it stays up.

At least we only bought two of the stupid things. The other Dell laptops (cheaper actually) don't do it.

I can't help you with that one. I only have two computers on wireless: The HP Envy laptop I'm using now (running Win8.1), and a CentOS 7 video server. Neither has ever had any problems such as you describe. Everything else is wired.

The Linux machine is also an HP laptop that I re-purposed as a Linux video server, so maybe your problem is a Dell thing. Maybe Dell has some sort of power saving mode built in to the radio or elsewhere on the system that shuts it off when no one is logged in. But I have no recent experience with Dell, so I really can't say. I've only used HP machines since I got out of the tech support end of the business, and I never had the problem you describe.

Rich
 
Thank you, Rich!
I don't know when I'll need this, but I'm sure the day will come. (preferably after they've fixed the search glitch)

Hopefully it will be fixed. MS knows about the bug.

It happened again today, by the way, but this time it was an easy fix. I deleted the database in the TileLayerData directory and reinstalled all the MS apps. For whatever reason, it worked today. The same thing happened the other day and it didn't.

I think there may have been a problem caused by the Win10 build upgrade that installed itself the night I set up the machine. I tried to run SFC earlier today to make sure everything was kosher before refreshing the backup, and it found some corrupted files that it couldn't fix. DISM wouldn't fix them from the sources on the drive or the installation CD, either.

I wound up having to download the ISO of the new build from MS, extract the install.wim from it, and then run DISM pointed to the new source. After that, SFC fixed the files and I made the backup. And then the Start Menu and everything associated with it **** the bed again. But as I said, this time it was an easy fix.

Rich
 
Man, I don't know how you Windows guys are able to find all this time it takes to get your computer to actually work.

1. open box
2. remove mac
3. press power button
4. install 1password, virtualbox, vagrant
5. make money

iCloud puts all my files on the machine, my passwords just all sync over. I don't setup anything for backups or have to test how I'm going to restore this thing when it craps out on me...because it never does.

I don't fool with the registry, group policy, windows updates, etc. I don't reboot 30 times.

That process takes...oh..probably less than 10 minutes including the time it takes me to open the box that contains the mac. I adjust absolutely no settings. It just works, which lets me just work :)
 
Last edited:
Man, I don't know how you Windows guys are able to find all this time it takes to get your computer to actually work.

1. open box
2. remove mac
3. press power button
4. install 1password, virtualbox, vagrant
5. make money

iCloud puts all my files on the machine, my passwords just all sync over. I don't setup anything for backups or have to test how I'm going to restore this thing when it craps out on me...because it never does.

I don't fool with the registry, group policy, windows updates, etc. I don't reboot 30 times.

That process takes...oh..probably less than 10 minutes including the time it takes me to open the box that contains the mac. I adjust absolutely no settings. It just works, which lets me just work :)

I don't disagree, and I really did consider a Mac this time around.

It really came down to a matter of familiarity for me, both as a user and a maintainer of the system. As a user, it's just a matter of long-established habits and ways of doing things. As a maintainer, there's really nothing that could happen to Windows or to a PC's hardware that I couldn't fix by myself if I had to. Some of the fixes might be cumbersome, drastic, require a drive to Micro Center if a piece of hardware failed, and/or depend on backups; but they would nonetheless be doable, by me, with just the knowledge, tools, and resources that I already have.

Of course, the counter-argument is that problems are less likely to occur on a Mac in the first place. I don't disagree. Macs have fewer imperfections than PCs. The OS is fundamentally stable and more secure, and the software environment more strictly controlled. Being a Windows user does mean accepting that the system is far from perfect, which I fully understand makes little sense to Mac users.

The best analogy I can come up with off the top of my head is that Windows is a bit like the New York City transit system. People gripe about it all the time, but the fact is that it usually works. And when parts of it stop working, you can almost always find your way around them once you get to really know the system.

If an underground portion of the system floods, if a suicidal person jumps in front of a train, if a switch on an elevated line freezes, if NYPD / TSA are investigating a terrorist threat that necessitates shutting down a portion of the system, or if any of the many other things that can cause the system to hiccup occur, a long-time user usually will know a workaround. And if there is none, the MTA will create a kludge to work around it. Trains are sometimes routed over different lines, run in the opposite direction on a track from their usual ones, or switched from express to local service (or vice-versa), for example; and if none of those are viable solutions, then the MTA sets up special bus service to get around the problem area.

New Yorkers accept these things in typical New Yorker fashion, meaning that they ***** and moan about them, but otherwise take them in stride and get on with life and business. And the next day, they get back on the subway and do it all over again. It just becomes "normal" after a while.

I feel pretty much the same way about Windows. Yeah, it's imperfect and sometimes infuriating. But really, there are very few problems that can't be fixed once you get to know it and plan around the failure possibilities.

In fact, in both my personal and professional life combined, I've probably scrapped and reinstalled Windows systems because I had to (meaning that the systems were not otherwise repairable -- at least not by me) fewer than a dozen times, even going back to 9x days. (I did it many more times, however, because the users had nothing of importance on their machines anyway, and reinstalling Windows was the easier fix.) Most Windows problems are fixable, albeit not always easily.

Also, equivalents to Mac programs to facilitate transition to a new machine for whatever the reason do exist for Windows. I also have a hunch that MS is eventually going to use OneDrive in a way that makes it possible to completely restore a user's system on a new machine with a few clicks. Whether people are comfortable with MS retaining enough of their data to make that possible is, of course, another issue.

In all fairness to MS, Windows 7 and 8/8.1 were both pretty much trouble-free for me, and I suspect 10 will be as well as soon as they get the Start Menu bug fixed. I don't recall either my 7 or 8/8.1 machines ever crashing or BSODing. There were the occasional applications that had to be reinstalled or tweaked, but most of them were old and not really supported on the newer systems.

Finally, I'm not a high-risk user. Computers don't fear me when I come near. I don't play games, watch bootleg movies, download pron, share files, use pirated software, or do any of the other things that make PCs tremble in fear. Probably 95 percent of the time I'm just using one or more of the Adobe CS apps. So of course I have fewer problems overall. I'm the kind of user that computers like.

So in the end, although I seriously considered switching to Mac this time around, my decision to stay with Windows was based on familiarity and comfort. It included an expectation that Windows would work well most of the time, an acceptance that sometimes it might not, but also a confidence that I could deal with the times when it didn't if I followed common-sense precautions like making good, frequent, and redundant backups in advance.

I suppose you could say that it's an expectation of imperfection. But as with the subways, it's something I've come to accept.

Rich
 
Last edited:
I don't disagree, and I really did consider a Mac this time around.

It really came down to a matter of familiarity for me, both as a user and a maintainer of the system. As a user, it's just a matter of long-established habits and ways of doing things. As a maintainer, there's really nothing that could happen to Windows or to a PC's hardware that I couldn't fix by myself if I had to. Some of the fixes might be cumbersome, drastic, require a drive to Micro Center if a piece of hardware failed, and/or depend on backups; but they would nonetheless be doable, by me, with just the knowledge, tools, and resources that I already have.

Of course, the counter-argument is that problems are less likely to occur on a Mac in the first place. I don't disagree. Macs have fewer imperfections than PCs. The OS is fundamentally stable and more secure, and the software environment more strictly controlled. Being a Windows user does mean accepting that the system is far from perfect, which I fully understand makes little sense to Mac users.

The best analogy I can come up with off the top of my head is that Windows is a bit like the New York City transit system. People gripe about it all the time, but the fact is that it usually works. And when parts of it stop working, you can almost always find your way around them once you get to really know the system.

If an underground portion of the system floods, if a suicidal person jumps in front of a train, if a switch on an elevated line freezes, if NYPD / TSA are investigating a terrorist threat that necessitates shutting down a portion of the system, or if any of the many other things that can cause the system to hiccup occur, a long-time user usually will know a workaround. And if there is none, the MTA will create a kludge to work around it. Trains are sometimes routed over different lines, run in the opposite direction on a track from their usual ones, or switched from express to local service (or vice-versa), for example; and if none of those are viable solutions, then the MTA sets up special bus service to get around the problem area.

New Yorkers accept these things in typical New Yorker fashion, meaning that they ***** and moan about them, but otherwise take them in stride and get on with life and business. And the next day, they get back on the subway and do it all over again. It just becomes "normal" after a while.

I feel pretty much the same way about Windows. Yeah, it's imperfect and sometimes infuriating. But really, there are very few problems that can't be fixed once you get to know it and plan around the failure possibilities.

In fact, in both my personal and professional life combined, I've probably scrapped and reinstalled Windows systems because I had to (meaning that the systems were not otherwise repairable -- at least not by me) fewer than a dozen times, even going back to 9x days. (I did it many more times, however, because the users had nothing of importance on their machines anyway, and reinstalling Windows was the easier fix.) Most Windows problems are fixable, albeit not always easily.

Also, equivalents to Mac programs to facilitate transition to a new machine for whatever the reason do exist for Windows. I also have a hunch that MS is eventually going to use OneDrive in a way that makes it possible to completely restore a user's system on a new machine with a few clicks. Whether people are comfortable with MS retaining enough of their data to make that possible is, of course, another issue.

In all fairness to MS, Windows 7 and 8/8.1 were both pretty much trouble-free for me, and I suspect 10 will be as well as soon as they get the Start Menu bug fixed. I don't recall either my 7 or 8/8.1 machines ever crashing or BSODing. There were the occasional applications that had to be reinstalled or tweaked, but most of them were old and not really supported on the newer systems.

Finally, I'm not a high-risk user. Computers don't fear me when I come near. I don't play games, watch bootleg movies, download pron, share files, use pirated software, or do any of the other things that make PCs tremble in fear. Probably 95 percent of the time I'm just using one or more of the Adobe CS apps. So of course I have fewer problems overall. I'm the kind of user that computers like.

So in the end, although I seriously considered switching to Mac this time around, my decision to stay with Windows was based on familiarity and comfort. It included an expectation that Windows would work well most of the time, an acceptance that sometimes it might not, but also a confidence that I could deal with the times when it didn't if I followed common-sense precautions like making good, frequent, and redundant backups in advance.

I suppose you could say that it's an expectation of imperfection. But as with the subways, it's something I've come to accept.

Rich
I get it. That said -- years ago I was part of an IT team where every team member had a Lenovo laptop and knew a hell of a lot about Windows. About half of us knew Linux quite well.

One by one we just started jumping to Macs and finally the Windows server guy jumped as well. You'd never get any of them back on a Windows computer again. Everyone took less than a week to be just as if not more productive.

The thing that Microsoft does well though -- they have REALLY nice tools if you want to do .NET development. The .NET stack and tools really are more polished then basically anything out there. Of course, if you don't want to do .NET, you'd be better off on a Mac.

I think Swift is going to change that...but it's not there yet.
 
Man, I don't know how you Windows guys are able to find all this time it takes to get your computer to actually work.

1. open box
2. remove mac
3. press power button
4. install 1password, virtualbox, vagrant
5. make money

iCloud puts all my files on the machine, my passwords just all sync over. I don't setup anything for backups or have to test how I'm going to restore this thing when it craps out on me...because it never does.

I don't fool with the registry, group policy, windows updates, etc. I don't reboot 30 times.

That process takes...oh..probably less than 10 minutes including the time it takes me to open the box that contains the mac. I adjust absolutely no settings. It just works, which lets me just work :)

It's not as bad as they're making it sound.
I just bought 2 laptops for my kids and I did a fresh Windows install on the home PC. The laptops were 10 minutes tops since we all have windows accounts. Some personal preference tweaks and they were ready to roll.

I don't understand the constant complaining from "IT workers" who are being paid for doing the things they are complaining about.

There's no shortage of people in the world wiling to do our jobs cheaper, and with no whining, even if they cant do it as well. Think about that, guys.
 
Thanks for the write up. I just built a new box and installed Win7Pro. Your write up has convinced me to keep it.
 
Thanks for the write up. I just built a new box and installed Win7Pro. Your write up has convinced me to keep it.

My pleasure.

Hey, Win7Pro is solid. The only problems are that you're shorting yourself out of support and that some updates and upgrades won't be backported. If neither of those things bother you, then hey, I can't say I blame you. Win7 is a masterpiece.

I've had no problems with 10 since my last post. The only real problems I've had with it at all have been the source not updating with the build upgrade (or maybe becoming corrupt), and the Start Menu bug.

I was able to fix the image problem by downloading the ISO for the current build, extracting the WIM, and running DISM and SFC. That was time-consuming (and annoying that it was even necessary), and they probably would be intimidating to users who have never worked in a shell, but they did fix the problem.

As for the Start Menu bug, I have a couple of hunches about it. The last time it crashed was after I rebuilt the image source but (I think) before I rebooted. Also, simply reinstalling all of the built-in apps (I think after a reboot) fixed it. It hasn't crashed since then.

But I also didn't uninstall any of the built-in apps this time. I haven't run them, but I haven't uninstalled any of them. So I think the Start Menu bug may be related to uninstalling one or more of the apps, and that the obsolete or corrupt image source the first time I tried to fix it by reinstalling all the apps may have prevented that simple fix from working. It worked after I rebuilt the image with DISM and ran SFC.

A few more observations since I have extra keystrokes lying around today...

I'd heard good things about the latest BitDefender, so I decided to give it a try. I wasn't happy with it. Just the basic antivirus functionality slowed things down (especially network access); and the more advanced functions, especially the ransomware protection, interfered with too many routine tasks.

The biggest problem was that child processes of executables that had been granted permission didn't always inherit the permissions, which made for a lot of annoyance when trying to do simple things like edit some document. I finally gave up, uninstalled BitDefender, and switched back to my trusty ESET NOD32, which has caused no issues.

I also tried a bunch of backup programs, and Macrium Reflect seems to work the best with Win10. The only problem I had was that the recovery CD didn't boot. But a flash drive using the same settings did, so it may have just been a bad burn. I didn't try burning a second one. I'll probably do that later today.

Other than that, Macrium Reflect has worked flawlessly with Win10. I have the imaging set up automatically using Grandfather-Father-Son, and it's worked fine. I also use Macrium to make a clone, but I do those manually, usually before some major change to the system, and again afterwards once I'm satisfied that nothing got hosed. Recovery testing has been successful for both modes.

Macrium also allows the recovery system to be installed as a boot option, which I'll do once I purchase the license if the software continues to function well.

By the way, I'm backing up to two external hard drives via USB 3.0 (one for the clone and one for the images), and Macrium finds both drives from the recovery flash drive with no issues. It also finds my local network from the recovery drive, so that's another available option.


CZMH4-pXEAEblJi.jpg


My twins.

I also have online backup with BackBlaze in addition to the clone and the image, and all my Web files and some critical personal files are uploaded to and backed up from one or another of my own servers, as well. I'm a little OCD about backups.

In any case, all in all, I can live with 10. I'm still annoyed about the snooping, but it can be disabled; and I suspect that the Start Menu problem is linked to uninstalling one or more apps and that MS will figure it out and fix it. Other than those considerations, it's performed well in my testing.

Rich
 
Last edited:
Thanks for the reports.

I was able to fix the image problem by downloading the ISO for the current build, extracting the WIM, and running DISM and SFC. That was time-consuming (and annoying that it was even necessary), and they probably would be intimidating to users who have never worked in a shell, but they did fix the problem.

They would definitely be intimidating to users who don't know what WIM, DISM, and SFC mean!
 
Man, I don't know how you Windows guys are able to find all this time it takes to get your computer to actually work.

1. open box
2. remove mac
3. press power button
4. install 1password, virtualbox, vagrant
5. make money

iCloud puts all my files on the machine, my passwords just all sync over. I don't setup anything for backups or have to test how I'm going to restore this thing when it craps out on me...because it never does.

I don't fool with the registry, group policy, windows updates, etc. I don't reboot 30 times.

That process takes...oh..probably less than 10 minutes including the time it takes me to open the box that contains the mac. I adjust absolutely no settings. It just works, which lets me just work :)

To be fair, I use a Mac at work now. When I got it, it was more like:

1. Open Box
2. Remove Mac
3. Press Power Button
4. Realize that there is no ethernet port on it, so connecting to a domain is impossible without buying an adapter
5. Install adapter, connect to Active Directory
6. Deal with constant freezes of Microsoft Office products, where one freezes and all other open Microsoft apps freeze also
7. Inexplicably, change the language setting to English, rather than English-US to allow Microsoft Lync to remain connected
8. Install Virtual Box
9. Try to find an inexpensive alternative to a docking station since no one makes a good, inexpensive one.

Now that I'm up and running, it works well, but it was hardly plug and play. The design decision to not include either a VGA/DVI port nor an ethernet port, and to use a proprietary "Lightning" or "Thunder" whatever the hell its called, port, is mind-boggling.
 
To be fair, I use a Mac at work now. When I got it, it was more like:

1. Open Box
2. Remove Mac
3. Press Power Button
4. Realize that there is no ethernet port on it, so connecting to a domain is impossible without buying an adapter
5. Install adapter, connect to Active Directory
6. Deal with constant freezes of Microsoft Office products, where one freezes and all other open Microsoft apps freeze also
7. Inexplicably, change the language setting to English, rather than English-US to allow Microsoft Lync to remain connected
8. Install Virtual Box
9. Try to find an inexpensive alternative to a docking station since no one makes a good, inexpensive one.

Now that I'm up and running, it works well, but it was hardly plug and play. The design decision to not include either a VGA/DVI port nor an ethernet port, and to use a proprietary "Lightning" or "Thunder" whatever the hell its called, port, is mind-boggling.

I like the decision myself. My Macbook Pro isn't thick enough to support any of those ports.

When they first got rid of the ethernet adapter I thought it was ridiculous. I of course made sure I ordered an adapter with the laptop. Funny thing is, I've never used it, and I have no clue where the hell it is anymore.
 
I like the decision myself. My Macbook Pro isn't thick enough to support any of those ports.

When they first got rid of the ethernet adapter I thought it was ridiculous. I of course made sure I ordered an adapter with the laptop. Funny thing is, I've never used it, and I have no clue where the hell it is anymore.

We have corporate wifi, which I use exclusively, but in order to join the macbook to the domain, it had to be hard wired. So I was stuck on day one.
 
Thanks for the reports.



They would definitely be intimidating to users who don't know what WIM, DISM, and SFC mean!

Yeah... I guess that, too. SFC has been around for a while, but I think DISM was introduced with 8. Or maybe 7. I forget. It's very useful and very powerful, and it's really not hard to use if you're not afraid of the shell. But it does demand the exact build source that the machine reports is installed.

The thing that's bizarre about it is that by default, it's supposed to pull the needed build from MS if it can't find the source. But I've yet to see it actually do that. It just runs for 20 or thirty minutes and then complains that it can't find the source. So you wind up having to download the source ISO and then either mount it or extract it.

I did notice that the MS link to download the ISO is now a customized, expiring link. That's probably why DISM can't find it anymore.

Rich
 
Man, I don't know how you Windows guys are able to find all this time it takes to get your computer to actually work.

1. open box
2. remove mac
3. press power button
4. install 1password, virtualbox, vagrant
5. make money

iCloud puts all my files on the machine, my passwords just all sync over. I don't setup anything for backups or have to test how I'm going to restore this thing when it craps out on me...because it never does.

I don't fool with the registry, group policy, windows updates, etc. I don't reboot 30 times.

That process takes...oh..probably less than 10 minutes including the time it takes me to open the box that contains the mac. I adjust absolutely no settings. It just works, which lets me just work :)

I've been a PC guy since the Fall of 1982. My core machines are still Windows, but I now have one desktop Mac and a Macbook Air for travel. I've been telling my 88 year-old father that it's time he gets a Mac. He spends a fortune annually getting his Windows PC cleaned up after continual infections and problems. I'm too far away to adequately support him (and would have trouble finding the time if I were closer!) so I'm lobbying hard for him to make the switch. It's definitely the right answer for senior citizens.
 
I did the upgrade to 10 and right away started having display issues (Specifically in firefox)

Portions of the screen just disappear. Move the window or resize and it comes back.

I will take a screenshot next time it happens
 
We have corporate wifi, which I use exclusively, but in order to join the macbook to the domain, it had to be hard wired. So I was stuck on day one.


Why bother joining the Windows Domain anyway? All it does is put a computer object in the AD tree that's unnecessary.

Mac is going to auth for resources from keychain anyway, and user login auth from a Mac to a DC is busted as hell. If you take it offsite, you're essentially locked out of that user account. No cached credentials. Network or DCs down? No login at all then either. It's just doing a real time LDAP query.

Domain joining Macs is kinda dumb and useless unless you have some third party management software that's going to dork with it as soon as it shows up in AD.

I found it quite useless and we don't require our Mac users to attach to AD at all. They still have to auth to get to Windows shares on the local NAS of course, or use a print queue, but not actually join the Domain as a computer object. It doesn't buy you anything.
 
Why bother joining the Windows Domain anyway? All it does is put a computer object in the AD tree that's unnecessary.

Mac is going to auth for resources from keychain anyway, and user login auth from a Mac to a DC is busted as hell. If you take it offsite, you're essentially locked out of that user account. No cached credentials. Network or DCs down? No login at all then either. It's just doing a real time LDAP query.

Domain joining Macs is kinda dumb and useless unless you have some third party management software that's going to dork with it as soon as it shows up in AD.

I found it quite useless and we don't require our Mac users to attach to AD at all. They still have to auth to get to Windows shares on the local NAS of course, or use a print queue, but not actually join the Domain as a computer object. It doesn't buy you anything.

I'm not sure what you mean about being locked when offsite. It works fine when I'm not at work, and even without any network connectivity at all.

As for why? You'd have to ask the Desktop folk. I have no clue why they require half of the crap they require (like MobileIron for Android..sigh)
 
I'm not sure what you mean about being locked when offsite. It works fine when I'm not at work, and even without any network connectivity at all.



As for why? You'd have to ask the Desktop folk. I have no clue why they require half of the crap they require (like MobileIron for Android..sigh)


Will have to hunt more but in my testing if the network is unavailable you get a red ball in the username box and no network users can be used for login. Frankly I didn't test it much.

There's little one can "manage" remotely on a Mac that having a company admin account and ssh can't deal with. Not without third party software or a Mac server anyway.

Was chatting with Jesse a while back about managing macs and we both agreed Apple IDs are the real PITA with company purchased software that shouldn't be associated with an individual's Apple ID.

I figured you had "rules to follow". Can't really get away from it. We haven't forced that particular one yet. We're also not thousands of machines and multiple sites either, but if we were there's better third party management things than Apple offers natively.

They have a crap-ton of support for pre-configuring and locking down iOS devices, and you can even do that before they leave the factory if you get set up right with them, but desktops/laptops they're stuck in the 90s for "enterprise" level management tools.
 
I did the upgrade to 10 and right away started having display issues (Specifically in firefox)

Portions of the screen just disappear. Move the window or resize and it comes back.

I will take a screenshot next time it happens

I haven't heard too many good things about the upgrade to Win10 (as opposed to a clean install). I'm not even sure the build upgrade from 10 to a more recent build of 10 went quite right, as I mentioned earlier.

What kind of video hardware does the machine have, how much RAM is allocated for video, and what's the total machine RAM? It could be a resource issue. Or it could be a driver problem. I'd check those things first.

Actually, if I were still in that end of the business, I think I'd also routinely run SFC / scannow in an elevated CMD or PowerShell after any upgrade to Win10. That's based on my own experiences with the build upgrade as well as what I've read about 7/8 to 10 upgrades in general. If SFC reports that it found problems that it can't fix, then you need to rebuild the image using DISM and then run SFC again. Even if they have nothing to do with your current issue(s), the inconsistencies are likely to cause problems at some point down the road.

Rich
 
Last edited:
Will have to hunt more but in my testing if the network is unavailable you get a red ball in the username box and no network users can be used for login. Frankly I didn't test it much.

There's little one can "manage" remotely on a Mac that having a company admin account and ssh can't deal with. Not without third party software or a Mac server anyway.

Was chatting with Jesse a while back about managing macs and we both agreed Apple IDs are the real PITA with company purchased software that shouldn't be associated with an individual's Apple ID.

I figured you had "rules to follow". Can't really get away from it. We haven't forced that particular one yet. We're also not thousands of machines and multiple sites either, but if we were there's better third party management things than Apple offers natively.

They have a crap-ton of support for pre-configuring and locking down iOS devices, and you can even do that before they leave the factory if you get set up right with them, but desktops/laptops they're stuck in the 90s for "enterprise" level management tools.


It's been awhile since I've delt with it, but we had probably about 100 macs joined to our domain. They always worked fine off-site, cached it somehow.

Really there wasn't a lot of benefit though from joining to the domain. Basically just provided unified auth.

I personally refused to ever let my laptop join the domain as I was afraid I was going to get locked out in a really bad way someday when I was offsite and a bunch of stuff was crashing.
 
It's been awhile since I've delt with it, but we had probably about 100 macs joined to our domain. They always worked fine off-site, cached it somehow.



Really there wasn't a lot of benefit though from joining to the domain. Basically just provided unified auth.



I personally refused to ever let my laptop join the domain as I was afraid I was going to get locked out in a really bad way someday when I was offsite and a bunch of stuff was crashing.


That's so weird. I just played some more today and my work mini just says "network login unavailable" when I yank the Ethernet cable out and turn the wifi off.

Oh well, will play with it some more. We still haven't dealt with a written policy for BYOD either and many of the Macs are folks running their own. We haven't gotten too worried about it... Yet. Too small.

And understand the need for not hitching the auth wagon to stuff you may have to login remotely to fix. Always have a back door... If you're the schmuck who'll have to fix the Internet. Ha.
 
There are a lot of users smarting from a negative Windows 8 experience. If I were buying, I'd try and get Windows 7 if I could. Not sure if thats still possible.
 
Back
Top