Microsoft today pointed out new features in Windows 10 version 1703 for IT pros. The new Windows 10, version 1703 or Windows 10 Creators Update is now available for download. The new features in latest version 1703 will help IT Pros easily manage, and better protect, the devices and data in their organizations. Check out more details below.
New in Windows 10 version 1703 for IT professionals
- New and improved provisioning options to help you configure devices without imaging:
- Windows Configuration Designer, formerly known as Windows Imaging and Configuration Designer (ICD), is now available in Windows Store as an app. It includes several new wizards to make it easier to create provisioning packages for desktop devices, mobile devices, and kiosks—as well as the option to remove pre-installed software in both the desktop and kiosk wizards.
- You can now create provisioning packages to bulk enroll devices in Azure Active Directory (Azure AD) and then enroll in a mobile device management (MDM) solution, if required.
- New PowerShell cmdlets enable you to automatically install provisioning packages created using Windows Configuration Designer.
- MBR2GPTEXE, a new command-line tool that enables you to convert a disk from a Master Boot Record (MBR) to a GUID Partition Table (GPT) without modifying or deleting data on the disk, helpful in automating the conversion from BIOS to UEFI.
- Windows Hello for Business, which replaces passwords with two-factor authentication, has been improved to support organizations that are restricted to using AD on-premises for authentication and can’t use cloud-based solutions like Azure AD.
- New Windows Defender Advanced Threat Protection (ATP) capabilities, including the ability to create custom threat intelligence alerts, investigate a specific user account, and take immediate actions on a machine or file to contain a breach.
- Enhancements to Windows Defender Antivirus (AV) (previously known as Windows Defender), including updates to how the Block at First Sight feature can be configured and the ability to specify the level of cloud protection.
- Enhanced mobile device management (MDM) support:
- The ability to configure security policies through MDM that were previously only available through Group Policy. In fact, we have enabled close to 300 new security policies natively through MDM. (If you are new to MDM on Windows 10, see Modern management for Windows 10.)
- The MDM Migration Analysis Tool (aka MMAT), which helps you transition Windows 10 device management from Group Policy to MDM by assessing which policies currently in use are available through MDM.
- New MDM configuration service providers (CSPs), including:
- Office CSP, which enables the installation of the Microsoft Office client on a device via the Office Deployment Tool.
- EnterpriseAppVManagement CSP, which enables the management of virtual applications in Windows 10 PCs (Enterprise and Education editions) and enables App-V sequenced apps to be streamed to PCs even when managed by a MDM solution.
- DynamicManagement CSP, which enables policies to be enabled dynamically based on location, network, or time. (For example, you could disable cameras on managed devices when at a work location.)
- BitLocker CSP, which enables device encryption management (For example, you could require storage card encryption on mobile devices, or require encryption for OS drives on PCs).
- CleanPC CSP, which enables the removal of user-installed and pre-installed applications, with the option to persist user data.
- NetworkProxy CSP, which enables proxy server configuration for Ethernet and Wi-Fi connections.
- New MDM settings to turn off many items in the Start menu, including frequently used apps, switch account, and restart/shut down/hibernate/sleep.
- The ability to customize Start and taskbar layout in Windows 10 Pro with Group Policy, and new support for customized taskbar policy deployed via MDM.
- The ability to control which pages in the Settings app are visible to users using either MDM or Group Policy via the Settings/PageVisibilityList setting. Blocked pages will not be visible in the app and, if all pages in a category are blocked, the category will be hidden as well.
- Support for mobile application management (MAM), including integration with Windows Information Protection, which provides individuals with access to business apps on their personal Windows devices while protecting company data.
- Improved manageability support in Microsoft Edge with the addition of new Group Policy and MDM settings geared towards customizing experiences, security, and privacy (e.g. Allow Address bar drop-down list suggestions, Allow Adobe Flash, Set default search engine, Keep favorites in sync between Internet Explorer and Microsoft Edge, etc.)
Enhancements to Windows as a service:
- More control over configuring when devices receive feature updates and quality updates in Windows Update for Business.
- The ability to monitor the installation progress of both quality and feature updates with Update Compliance.
- Express update support for Configuration Manager, in addition to current Express support for Windows Update, Windows Update for Business and WSUS.
- Registry Editor (REGEDT32.EXE) now has an address bar, keyboard shortcuts, and abbreviations, such as HKCU (for HKEY_CURRENT_USER) and HKLM (for HKEY_LOCAL_MACHINE).
- Windows Subsystem for Linux (WSL), which allows users to run native, unmodified Linux command-line tools directly on Windows, without virtual machines.
- Command Prompt has been replaced with PowerShell in the Quick Link (Win+X) menu by default.
- Streamlined virtual private network (VPN) makes it possible to easily activate a connection from the Network fly-out menu.
- Hyper-V improvements, including:
- “Quick Create,” a new option to create virtual machines in Hyper-V.
- Hyper-V instances will now remember your zoom level for the next session.
- You can now override the scaling in Hyper-V virtual machines.
- You can now resize Hyper-V windows in Enhanced session mode.
- New display options, including:
- You can now let Windows reduce the blue light emitted from the screen with the Night light.
- High-DPI scaling improvements for desktop applications.
- A new setting in Properties for programs that will enable improved high-DPI rendering.
- Windows will now better handle desktop icons when changes to the device’s setup (like removing a screen) are made.
- In-box apps that were uninstalled by the user won’t automatically reinstall as part of the feature update installation process. (Apps de-provisioned by IT administrators will still be reinstalled.)
- Windows can now use Dynamic Lock to lock your PC when you leave it, with Windows Hello.
- Setting up Windows Hello now provides visual guidance which tracks your face in real time.
However, Microsoft also removed or deprecated some features in Windows 10, version 1703, see the Microsoft Knowledge Base.