Vagrant and Hyper-V — Tips and Tricks

A few months ago, I went to DockerCon as a Microsoft representative. While I was there, I had the chance to ask developers about their favorite tools.

The most common tool mentioned (outside of Docker itself) was Vagrant. This was interesting — I was familiar with Vagrant, but I’d never actually used it. I decided that needed to change. Over the past week or two, I took some time to try it out. I got everything working eventually, but I definitely ran into some issues on the way.

My pain is your gain — here are my tips and tricks for getting started with Vagrant on Windows 10 and Hyper-V.

NOTE: This is a supplement for Vagrant’s “Getting Started” guide, not a replacement.

Tip 0: Install Hyper-V

For those new to Hyper-V, make sure you’ve got Hyper-V running on your machine. Our official docs list the exact steps and requirements.

Tip 1: Set Up Networking Correctly

Vagrant doesn’t know how to set up networking on Hyper-V right now (unlike other providers), so it’s up to you to get things working the way you like them.

There are a few NAT networks already created on Windows 10 (depending on your specific build).  Layered_ICS should work (but is under active development), while Layered_NAT doesn’t have DHCP.  If you’re a Windows Insider, you can try Layered_ICS.  If that doesn’t work, the safest option is to create an external switch via Hyper-V Manager.  This is the approach I took. If you go this route, a friendly reminder that the external switch is tied to a specific network adapter. So if you make it for WiFi, it won’t work when you hook up the Ethernet, and vice versa.

You can also do this with PowerShell

Instructions for adding an external switch in Hyper-V manager

Tip 2: Use the Hyper-V Provider

Unfortunately, the Getting Started guide uses VirtualBox, and you can’t run other virtualization solutions alongside Hyper-V. You need to change the “provider” Vagrant uses at a few different points.

When you install your first box, add –provider :

vagrant box add hashicorp/precise64 --provider hyperv

And when you boot your first Vagrant environment, again, add –provider. Note: you might run into the error mentioned in Trick 4, so skip to there if you see something like “mount error(112): Host is down”.

vagrant up --provider hyperv

Tip 3: Add the basics to your Vagrantfile

Adding the provider flag is a pain to do every single time you run vagrant up. Fortunately, you can set up your Vagrantfile to automate things for you. After running vagrant init, modify your vagrant file with the following:

Vagrant.configure(2) do |config|  
  config.vm.box = "hashicorp/precise64"
  config.vm.provider "hyperv"
  config.vm.network "public_network"
end

One additional trick here: vagrant init will create a file that will appear to be full of commented out items. However, there is one line not commented out:

There is one line not commented.

Make sure you delete that line! Otherwise, you’ll end up with an error like this:

Bringing machine 'default' up with 'hyperv' provider...
==> default: Verifying Hyper-V is enabled...
==> default: Box 'base' could not be found. Attempting to find and install...
    default: Box Provider: hyperv
    default: Box Version: >= 0
==> default: Box file was not detected as metadata. Adding it directly...
==> default: Adding box 'base' (v0) for provider: hyperv
    default: Downloading: base
    default:
An error occurred while downloading the remote file. The error
message, if any, is reproduced below. Please fix this error and try
again.

Trick 4: Shared folders uses SMBv1 for hashicorp/precise64

For the image used in the “Getting Started” guide (hashicorp/precise64), Vagrant tries to use SMBv1 for shared folders. However, if you’re like me and have SMBv1 disabled, this will fail:

Failed to mount folders in Linux guest. This is usually because
the "vboxsf" file system is not available. Please verify that
the guest additions are properly installed in the guest and
can work properly. The command attempted was:

mount -t cifs -o uid=1000,gid=1000,sec=ntlm,credentials=/etc/smb_creds_e70609f244a9ad09df0e760d1859e431 //10.124.157.30/e70609f244a9ad09df0e760d1859e431 /vagrant

The error output from the last command was:

mount error(112): Host is down
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

You can check if SMBv1 is enabled with this PowerShell Cmdlet:

Get-SmbServerConfiguration

If you can live without synced folders, here’s the line to add to the vagrantfile to disable the default synced folder.

config.vm.synced_folder ".", "/vagrant", disabled: true

If you can’t, you can try installing cifs-utils in the VM and re-provision. You could also try another synced folder method. For example, rsync works with Cygwin or MinGW. Disclaimer: I personally didn’t try either of these methods.

Tip 5: Enable Nifty Hyper-V Features

Hyper-V has some useful features that improve the Vagrant experience. For example, a pretty substantial portion of the time spent running vagrant up is spent cloning the virtual hard drive. A faster way is to use differencing disks with Hyper-V. You can also turn on virtualization extensions, which allow nested virtualization within the VM (i.e. Docker with Hyper-V containers). Here are the lines to add to your Vagrantfile to add these features:

config.vm.provider "hyperv" do |h|
  h.enable_virtualization_extensions = true
  h.differencing_disk = true
end

There are a many more customization options that can be added here (i.e. VMName, CPU/Memory settings, integration services). You can find the details in the Hyper-V provider documentation.

Tip 6: Filter for Hyper-V compatible boxes on Vagrant Cloud

You can find more boxes to use in the Vagrant Cloud (formally called Atlas). They let you filter by provider, so it’s easy to find all of the Hyper-V compatible boxes.

Tip 7: Default to the Hyper-V Provider

While adding the default provider to your Vagrantfile is useful, it means you need to remember to do it with each new Vagrantfile you create. If you don’t, Vagrant will trying to download VirtualBox when you vagrant up the first time for your new box. Again, VirtualBox doesn’t work alongside Hyper-V, so this is a problem.

PS C:vagrant> vagrant up
==>  Provider 'virtualbox' not found. We'll automatically install it now...
     The installation process will start below. Human interaction may be
     required at some points. If you're uncomfortable with automatically
     installing this provider, you can safely Ctrl-C this process and install
     it manually.
==>  Downloading VirtualBox 5.0.10...
     This may not be the latest version of VirtualBox, but it is a version
     that is known to work well. Over time, we'll update the version that
     is installed.

You can set your default provider on a user level by using the VAGRANT_DEFAULT_PROVIDER environmental variable. For more options (and details), this is the relevant page of Vagrant’s documentation.

Here’s how I set the user-level environment variable in PowerShell:

[Environment]::SetEnvironmentVariable("VAGRANT_DEFAULT_PROVIDER", "hyperv", "User")

Again, you can also set the default provider in the Vagrant file (see Trick 3), which will prevent this issue on a per project basis. You can also just add --provider hyperv when running vagrant up. The choice is yours.

Wrapping Up

Those are my tips and tricks for getting started with Vagrant on Hyper-V. If there are any you think I missed, or anything you think I got wrong, let me know in the comments.

Here’s the complete version of my simple starting Vagrantfile:

# -*- mode: ruby -*-
# vi: set ft=ruby :

# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
  config.vm.box = "hashicorp/precise64"
  config.vm.provider "hyperv"
  config.vm.network "public_network"
  config.vm.synced_folder ".", "/vagrant", disabled: true
  config.vm.provider "hyperv" do |h|
    h.enable_virtualization_extensions = true
    h.differencing_disk = true
  end
end

Powered by WPeMatico

Make a Windows Server 2016 Essentials comparison to find the best fit

Windows Server 2016 Essentials, which replaces the soon to be obsolete Small Business Server, is available in two…

“;
}
});

/**
* remove unnecessary class from ul
*/
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

/**
* Replace “errorMessageInput” class with “sign-up-error-msg” class
*/
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {
$(this).removeClass(“errorMessageInput”).addClass(“sign-up-error-msg”);
}
});
}

/**
* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
*/
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
renameErrorMsgClass();
return validateReturn;
}

/**
* DoC pop-up window js – included in moScripts.js which is not included in responsive page
*/
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);
e.preventDefault();
});

similar-sounding options. And the version you install has a direct effect on usage rights and available features.

One point of confusion among enterprises during a Windows Server 2016 Essentials comparison is whether Essentials is a role within Windows Server 2016 Essentials or if it’s a separate stockkeeping unit (SKU) or edition. The answer: It’s both. And the difference between the two comes down to client access licensing.

The Windows Server 2016 Essentials edition is a separate SKU that you purchase. When you install an Essentials server from this SKU, it automatically establishes this version and sets up tools — after installing the core Windows Server 2016 OS.

The Essentials edition suits small businesses, nonprofit organizations and other businesses that previously gravitated toward Small Business Server; these shops likely desire a prefitted kit that sets things up and eliminates the need to hire a full-time IT staff member.

The Essentials experience, on the other hand, refers to the Essentials role that you can check within the Server Manager’s Roles and Features Wizard in any Windows Server 2016 edition. The Essentials role puts the features and control panel of Essentials onto a regular server box, without the native licensing features. All Windows Server 2016 DVDs and ISO images have this role as an option, so you get the functionality without purchasing the separate SKU.

Benefits of the Windows Server 2016 Essentials role

So, after a Windows Server 2016 Essentials comparison, why would an administrator want to install the Windows Server 2016 Essentials role? The bottom line: cool features. The Essentials product includes a portal that enables you to access certain desktops or laptops off premises using Remote Desktop Services over the web — without having to set up the RDS web experience and deal with certificates and Secure Sockets Layer ports. It also has a client backup feature; admins choose 100 of the most important user desktops and can automatically back them up to a member server — either instead of or in addition to the enterprise’s current backup strategy.

Why would an administrator want to install the Windows Server 2016 Essentials role? The bottom line: cool features.

For example, a branch office within your company needs some of the Essentials features but also must be connected to the domain at corporate headquarters. There are times when it’s valuable to have the Essentials role available along with the separate SKU. Often, this setup is ideal for smaller networks and small businesses that don’t have a full-fledged AD deployment but need on-premises authentication and storage that communicates with Office 365, hosted email and SharePoint functions.

Caveats of Windows Server 2016 Essentials

While in some cases it is beneficial to have both the Windows Server 2016 Essentials SKU and the role, there can be issues with this setup. A Windows Server 2016 Essentials comparison reveals some caveats:

  • Windows Server 2016 Essentials edition must act as the domain controller at the root of a forest; it must hold all of the flexible single master operations roles. However, admins can deploy the Essentials role or experience on any member server in an existing AD domain.
  • From a support perspective, the Essentials edition supports 25 single users and 50 devices, while the role on a regular member server supports 100 users and 200 devices.
  • Windows Server 2016 Essentials licensing diverges widely. Windows Server client access licenses must separately cover all of those 100 users and 200 devices on a member server under the Essentials role, as the role does not include any built-in client access licenses. The Essentials SKU, on the other hand, includes 25 user and 50 device client access licenses for that product — without the need to purchase any additional licenses.
  • Admins can only back up client computers to the one computer that is running the Essentials role; this must be configured manually.

Next Steps

Windows Server 2016 brings a cloud focus

Test your Windows Server 2016 licensing knowledge

Think carefully before a Windows Server 2016 upgrade

Dig Deeper on Windows Operating System Management

Powered by WPeMatico

Calling WinRT Components from a Win32 process via the Desktop Bridge

In today’s post, we are covering another step you can take on your journey across the Desktop Bridge: specifically migrating business logic to Windows Runtime Components, aka WinRT Components. Previously, Windows only supported calling OS provided WinRT components from Win32 applications. Any attempt to call user-defined (aka 3rd party) WinRT components would fail because the Win32 application did not have package identity, and thus there was no way to register the component with the system at installation time, nor any way for the system to find the component at runtime.

This limitation is solved because Win32 applications on the Desktop Bridge now have identity and are registered with the OS, including any Windows Runtime Components that are part of the package. In the Windows 10 Fall Creators Update, the Desktop Bridge supports this functionality, including support for both In-Process Servers and Out-Of-Process Servers.

Code sharing – Why WinRT Components vs other options

There are many different ways to share code in your application, so what you choose depends upon your scenarios. At a high level, here are a few ways as they relate to UWP and the Desktop Bridge:

  • DLLs – for scenarios that require in-proc code performance and do not need cross-language interoperability
  • WinRT Components – for cross-language interoperability, or support out-of-process activation for reliability
  • .Net library – for scenarios that work in-proc and all clients are managed developers, including PCLs or .Net Standard libraries

Authoring new code or moving code into a Windows Runtime Component allows code reuse between the AppContainer and Win32 processes in the same package. While you can reuse existing DLLs in your AppContainer process by calling LoadPackageLibrary by moving to a Windows Runtime Component, you gain greater reusability because of better language interoperability (Native C/C++, managed code with C# & VB and Javascript) and Visual Studio integration across all your projects. Additionally, WinRT components support an out-of-process activation model that enables greater robustness for your app.

How does it work?

Because applications on the Desktop Bridge have a manifest, the registration entries for the WinRT Component are the same as you would use for a UWP application – by using the InProcessServer and OutOfProcessServer extensions. These extensions register the ActivatableClassId and its implementation binary with your package, so when your application attempts to activate the class, the system can find it.

In-Process Servers

This feature now allows developers to easily share code between Win32 apps and UWP apps running in AppContainer that can be loaded In-Proc. The component is built the same, e.g. Create a new WinRT Component project in VS, and the registration in the manifest is exactly the same as for UWP in-process servers. Because there is no manifest schema change required, developers can use existing toolsets in VS2015 or VS2017 to build In-Proc servers, but these solutions can only deploy to a machine running the latest flights of the Fall Creators Update.

Below is an example of an in-proc registration for a C++ WinRT Component, where CPPSimpleMathWinRT.dll is a native implementation of the SimpleMath class.


    <Extension Category="windows.activatableClass.inProcessServer">
      <InProcessServer>
        <Path>CPPSimpleMathWinRT.dll</Path>
        <ActivatableClass ActivatableClassId="SimpleMathWinRT.SimpleMath" ThreadingModel="both" />
      </InProcessServer>
    </Extension>

Below, you’ll see a simple Winforms Calculator sample that leverages a C++ WinRT Component for its math engine.

And this is what it looks like at runtime:

Sample with a C++/CX WinRT Component: https://github.com/Microsoft/DesktopBridgeToUWP-Samples/tree/master/Samples/WinFormsWinRTComponent

Sample with a C# WinRT Component: https://github.com/Microsoft/DesktopBridgeToUWP-Samples/tree/master/Samples/WinformsManagedWinRTComponent

Out-Of-Process servers

The registration of an OOP server for an application using the Desktop Bridge extensions is very familiar to developers who have registered servers before in UWP. However, there are details to clarify and limitations to be aware of. While OOP servers allow you to share code between your Win32 and AppContainer processes, there are limitations on sharing data between clients — that is reflected in the instancing model of the server. It all depends on your application’s needs as to which instancing model you should leverage.

The instancing behavior of a server is determined by the claims on the process token, specifically whether or not a call to NTCompareToken() for the calling process and a running instance of the server returns true. If they match, then existing instance of the server is used. If they are different, then a new instance of the server is started.

One of the key claims is the app identity. Apps in UWP are defined in the manifest and in most UWP applications submitted to the Store, there is only one App. But on the Desktop Bridge you can have more than one. Another key claim is the trust level of the calling process. On the Desktop Bridge, the package itself is declared with the runFullTrust capability, <rescap:Capability Name=”runFullTrust” />, which allows one or apps to be declared with the FullTrust entrypoint, EntryPoint=”Windows.FullTrustApplication”. Apps using the FullTrust entrypoint can call any API they want. Usually this is your main Win32/.Net executable. I’ll refer to these applications as FullTrust apps.

If you do not have this entrypoint, then the application is running in a lower trust level, called Base Trust, and has additional restrictions in a sandboxed environment called AppContainer, which is typical for an app when you create a UWP app in Visual Studio. These different trust levels result in different claims on the process tokens, and the result is a different instance of the server.  This model is called ActivateAsActivator, or AAA. An example of this registration is provided below, and you’ll note that it is the exactly same as what you’d provide for a UWP application; there is nothing new here for using this instancing model to access the server from your Win32 code:


    &amp;lt;Extension Category=&amp;quot;windows.activatableClass.outOfProcessServer&amp;quot;&amp;gt;
      &amp;lt;OutOfProcessServer ServerName=&amp;quot;Microsoft.SDKSamples.Kitchen.OvenServer&amp;quot; &amp;gt;
        &amp;lt;Path&amp;gt;Microsoft.SDKSamples.Kitchen.exe&amp;lt;/Path&amp;gt;
        &amp;lt;Instancing&amp;gt;singleInstance&amp;lt;/Instancing&amp;gt;
        &amp;lt;ActivatableClass ActivatableClassId=&amp;quot;Microsoft.SDKSamples.Kitchen.Oven&amp;quot; /&amp;gt;
      &amp;lt;/OutOfProcessServer&amp;gt;
    &amp;lt;/Extension&amp;gt;

While the ActivateAsActivator model allows you to share code, creating a separate instance of the server per client can be heavy weight. To mitigate this, UWP introduced a concept called ActivateAsPackage (AAP), which provides a single instancing behavior for servers in the package. This is reflected in the new attribute IdentityType=”activateAsPackage” on the <OutOfProcessServer> element.

There is a limitation in the AAP model however, as you must specify which trust boundary you want the server to run in. The server must be registered for use by the AppContainer processes, or for use by the FullTrust processes. If you want to use the server in both the FullTrust and AppContainer processes, you’ll need to build and register two servers with separate server names and class names, as those names need to be unique per package. To register the server for use by your FullTrust process, a new attribute RunFullTrust=”true” has been added. If you want the server to be used by your AppContainer processes, leave the attribute out.

Both new attributes are under the xmlns:uap5=”http://schemas.microsoft.com/appx/manifest/uap/windows10/5” namespace. An example registration is provided below showing both Win32 and UWP server registrations:

AAP Registration of server for use by Win32, aka FullTrust, processes:


    &amp;lt;Extension Category=&amp;quot;windows.activatableClass.outOfProcessServer&amp;quot;&amp;gt;
      &amp;lt;OutOfProcessServer ServerName=&amp;quot;Microsoft.SDKSamples.Kitchen.OvenServer&amp;quot; uap5:IdentityType=&amp;quot;activateAsPackage&amp;quot; uap5:RunFullTrust=&amp;quot;true&amp;quot;&amp;gt;
        &amp;lt;Path&amp;gt;Microsoft.SDKSamples.Kitchen.exe&amp;lt;/Path&amp;gt;
        &amp;lt;Instancing&amp;gt;singleInstance&amp;lt;/Instancing&amp;gt;
        &amp;lt;ActivatableClass ActivatableClassId=&amp;quot;Microsoft.SDKSamples.Kitchen.Oven&amp;quot; /&amp;gt;
      &amp;lt;/OutOfProcessServer&amp;gt;
    &amp;lt;/Extension&amp;gt;

AAP registration of server for use by UWP processes:


    &amp;lt;Extension Category=&amp;quot;windows.activatableClass.outOfProcessServer&amp;quot;&amp;gt;
      &amp;lt;OutOfProcessServer ServerName=&amp;quot;Microsoft.SDKSamples.Kitchen.OvenServerUWP&amp;quot; uap5:IdentityType=&amp;quot;activateAsPackage&amp;quot;&amp;gt;
        &amp;lt;Path&amp;gt;Microsoft.SDKSamples.KitchenUWP.exe&amp;lt;/Path&amp;gt;
        &amp;lt;Instancing&amp;gt;singleInstance&amp;lt;/Instancing&amp;gt;
        &amp;lt;ActivatableClass ActivatableClassId=&amp;quot;Microsoft.SDKSamples.Kitchen.OvenUWP&amp;quot; /&amp;gt;
      &amp;lt;/OutOfProcessServer&amp;gt;
    &amp;lt;/Extension&amp;gt;

The sample uses the AAP scenario and shows two C# Winforms apps using a OOP WinRT Component, resulting in only one instance of the server executable. The WinRT Component is a modified version of the WRLOutOfProcessWinRTComponent sample from the Universal Windows Samples on github. In this example, both client call the server and call the BakeBread() method. You’ll see from the TaskManager that there is only one instance of the Server.

GitHub link: https://github.com/Microsoft/DesktopBridgeToUWP-Samples/tree/master/Samples/WinformsOutOfProcessWinRTComponent

Visual Studio Support

It’s worth calling out a couple details and workarounds in projects created for this solution. First of all, Visual Studio currently does not allow you to add project references from a WinRT Component project to a Win32/.Net project.  You can work around this by unloading the Win32/.Net project and adding the project reference to the project file directly, e.g.:


  &amp;lt;ItemGroup&amp;gt;
    &amp;lt;ProjectReference Include=&amp;quot;..ServerWRLOutOfProcessWinRTComponent_server.vcxproj&amp;quot; /&amp;gt;
  &amp;lt;/ItemGroup&amp;gt;

While this adds the reference, you will see a warning in Visual Studio, as this was not previously supported by the OS. We are working with Visual Studio to improve this in a future release, but for now you can ignore the warning.

Second, the samples are using a UWP JavaScript project to handle the app packaging. This technique is noted in the Desktop Bridge Packaging with Visual Studio documentation, and works as a reasonable solution until Visual Studio adds future support. The benefit of this approach is that you can add a reference from your WinRT component to the JavaScript project, and then the Visual Studio build system adds appropriate registrations for package dependencies, including VCLibs and .NetNative, as well as the <InProcessServer> extensions. Visual Studio does not support adding registrations for <OutOfProcessServer> registrations, so you’ll need to add those manually to the manifest

Metadata Based Marshaling – No more Proxy/Stub DLLs!

Finally, in the <OutOfProcessServer> example, we take advantage of the Metadata Based Marshalling feature (MBM) that was introduced in the Windows 10 Anniversary Update (Windows 10 version 1607). This feature has not gotten much attention, but it means that WinRT Component developers do not need to author a proxy/stub class, saving them time and tedious work. This is possible because the WinMD is deployed with the application, and thus the system can identify and marshal the types cross-process for the developer. You will notice that the server code in this example does not include the proxy project nor binaries.

Conclusion

With Windows Runtime Components and the Desktop Bridge, developers can take another step on their journey to migrate business logic to UWP. Windows Runtime Components provide code re-use that can work with either FullTrust processes or UWP processes, and they allow greater interop cross language.

For more information on the Desktop Bridge, please visit the Windows Dev Center.

Ready to submit your app to the Windows Store? Let us know!

This Week on Windows: .future podcast debut, virtual desktops and more

We hope you enjoyed today’s episode of This Week on Windows! Check out .future, the new podcast from Microsoft and Gimlet Creative about making the future happen; read our Windows 10 Tip on how to keep your apps organized with virtual desktops; head over here for more on the Ultimate Game Sale – or, keep reading for what’s new in the Windows Store.

In case you missed it:

<!–
!function(a,b){“use strict”;function c(){if(!e){e=!0;var a,c,d,f,g=-1!==navigator.appVersion.indexOf(“MSIE 10”),h=!!navigator.userAgent.match(/Trident.*rv:11./),i=b.querySelectorAll(“iframe.wp-embedded-content”);for(c=0;c<i.length;c++){if(d=i[c],!d.getAttribute(“data-secret”))f=Math.random().toString(36).substr(2,10),d.src+=”#?secret=”+f,d.setAttribute(“data-secret”,f);if(g||h)a=d.cloneNode(!0),a.removeAttribute(“security”),d.parentNode.replaceChild(a,d)}}}var d=!1,e=!1;if(b.querySelector)if(a.addEventListener)d=!0;if(a.wp=a.wp||{},!a.wp.receiveEmbedMessage)if(a.wp.receiveEmbedMessage=function(c){var d=c.data;if(d.secret||d.message||d.value)if(!/[^a-zA-Z0-9]/.test(d.secret)){var e,f,g,h,i,j=b.querySelectorAll(‘iframe[data-secret=”‘+d.secret+'”]’),k=b.querySelectorAll(‘blockquote[data-secret=”‘+d.secret+'”]’);for(e=0;e<k.length;e++)k[e].style.display=”none”;for(e=0;e1e3)g=1e3;else if(~~g<!]]>

<!–
!function(a,b){“use strict”;function c(){if(!e){e=!0;var a,c,d,f,g=-1!==navigator.appVersion.indexOf(“MSIE 10”),h=!!navigator.userAgent.match(/Trident.*rv:11./),i=b.querySelectorAll(“iframe.wp-embedded-content”);for(c=0;c<i.length;c++){if(d=i[c],!d.getAttribute(“data-secret”))f=Math.random().toString(36).substr(2,10),d.src+=”#?secret=”+f,d.setAttribute(“data-secret”,f);if(g||h)a=d.cloneNode(!0),a.removeAttribute(“security”),d.parentNode.replaceChild(a,d)}}}var d=!1,e=!1;if(b.querySelector)if(a.addEventListener)d=!0;if(a.wp=a.wp||{},!a.wp.receiveEmbedMessage)if(a.wp.receiveEmbedMessage=function(c){var d=c.data;if(d.secret||d.message||d.value)if(!/[^a-zA-Z0-9]/.test(d.secret)){var e,f,g,h,i,j=b.querySelectorAll(‘iframe[data-secret=”‘+d.secret+'”]’),k=b.querySelectorAll(‘blockquote[data-secret=”‘+d.secret+'”]’);for(e=0;e<k.length;e++)k[e].style.display=”none”;for(e=0;e1e3)g=1e3;else if(~~g<!]]>

<!–
!function(a,b){“use strict”;function c(){if(!e){e=!0;var a,c,d,f,g=-1!==navigator.appVersion.indexOf(“MSIE 10”),h=!!navigator.userAgent.match(/Trident.*rv:11./),i=b.querySelectorAll(“iframe.wp-embedded-content”);for(c=0;c<i.length;c++){if(d=i[c],!d.getAttribute(“data-secret”))f=Math.random().toString(36).substr(2,10),d.src+=”#?secret=”+f,d.setAttribute(“data-secret”,f);if(g||h)a=d.cloneNode(!0),a.removeAttribute(“security”),d.parentNode.replaceChild(a,d)}}}var d=!1,e=!1;if(b.querySelector)if(a.addEventListener)d=!0;if(a.wp=a.wp||{},!a.wp.receiveEmbedMessage)if(a.wp.receiveEmbedMessage=function(c){var d=c.data;if(d.secret||d.message||d.value)if(!/[^a-zA-Z0-9]/.test(d.secret)){var e,f,g,h,i,j=b.querySelectorAll(‘iframe[data-secret=”‘+d.secret+'”]’),k=b.querySelectorAll(‘blockquote[data-secret=”‘+d.secret+'”]’);for(e=0;e<k.length;e++)k[e].style.display=”none”;for(e=0;e1e3)g=1e3;else if(~~g<!]]>

Here’s what’s new in the Windows Store this week:

Adventure Time has arrived for Minecraft on Bedrock Engine Platforms!

 Adventure Time has arrived on Minecraft

Today, we’re bringing the Adventure Time Mash-Up Pack to Minecraft players on our Bedrock Engine Platforms! Those who are in the mood for some princess-saving on Windows 10, Pocket Edition and VR devices are now free to do so. Featured in this pack are all of your favorite Adventure Time characters, the world of Ooo, a bespoke texture set and original soundtrack – all for 990 coins in the Minecraft Marketplace. For the full announcement, head over to Minecraft.net! 

Anime Month in the Windows Store

 Anime Month in the Windows Store

Anime Month is back! Now through July 31, enjoy huge savings and earn rewards on TV, movies, and games. Plus, get the first seasons of Dragon Ball Z, Fairy Tail, and Yu Yu Hakusho for FREE all month long on Microsoft Movies & TV. Check out all that Anime Month has to offer in the Movies & TV section of the Windows Store.

Have a great weekend!

Bay Equity sets the bar for a new kind of mortgage lender with Surface devices

When brothers Brett, Casey and Jon McGovern decided to set up a full-service retail mortgage lending company in California’s San Francisco Bay Area in 2007, they couldn’t have picked a more inopportune time. Just a month after the McGovern brothers capitalized their business, the impending 2007-2008 global financial crisis hit full swing and was swiftly considered as the worst financial crash since the Great Depression of the 1930s. During this time of crisis, Bay Equity embraced digital transformation and invested in Surface Pro devices which helped them attract and retain great talent and enabled them to provide exceptional service to their clients.

Today, Bay Equity’s employees are completely powered by Surface Pro.

The company has rolled out more than 1,200 of the devices, alongside services such as Microsoft Skype for Business, and Microsoft Office 365 to facilitate quick and seamless communication and collaboration. Standardizing on Surface Pro devices has meant slashing redundant PCs and non-Windows tablets from the company’s device inventory, resulting in a saving of about $1.37 million.

Bay Equity’s employees are completely powered by Surface Pro.

Unlike many other mortgage lenders who were closing their doors, Bay Equity Home Loans’ founders remained dedicated to their dream of creating a family-oriented mortgage lending company that would provide high-quality customer services and lasting partnerships. “While everyone was running away from mortgage financing, we ran towards it,” co-founder and CEO Brett McGovern recalls. Bay Equity funded its first loan just one month after opening, and its rapid growth was recognized by San Francisco Business Times on its list of the Top 100 Fastest-Growing Private Companies in the San Francisco Bay Area in both 2011 and 2012. Fast forward to 2017, and the company now has operations centers and retail branches in more than 130 locations across states on both the east and west coasts of the US.

“The most talented people in our industry expect to have the best tools to allow them to execute at the highest level possible,” Brett says. “People see us as forward thinking and as having made the right investments in our company, which in turn is going to provide them a platform to be successful – and that’s what Surface represents for us.”

https://youtu.be/SRf_TIfBpBc]

Choosing the right device went deeper than just hardware specs and software packages- it had to make the right impression on the employees using the device, and reflect the ethos of Bay Equity to their customers. “We provide a premium service, and having a premium device is important,” CIO Phil Mikolaj said.

 “A lot of companies offer an appealing vision, but if their technology is difficult to work with, loan officers hesitate to join them. They don’t want to struggle to use the tools. That isn’t a problem for us; rather than being a barrier to recruiting, our technology attracts excellent people.”

One of these impressed end-users is seasoned mortgage banker, Kathryn Pedersen. Kathryn has spent fifteen years helping families find the perfect home, and she knows how much thought and consideration goes into a purchasing decision.

“Having a device that I can put in front of the client, and not have that division of them versus me, is great because we can work on something together as a team.”

She loves using Surface Pen to provide an intuitive writing experience on features like Sticky Notes and OneNote, helping her meetings with customer flow naturally, while making sure she never misses a thing. The security of her clients’ data is of the utmost importance.

“Security is really important, and Windows Hello is a feature that I can log in quickly using facial recognition. My kids tried to break into my Surface and neither one of them were successful, even though my daughter looks a lot like me.”

Kathryn credits Surface with helping her better balance her work life with her family life, and enabling her to make time for own family, too.

And Kathryn’s not the only one with more hours in her day. Surface is saving the Bay Equity’s IT department time integrating and supporting devices while their employees are saving time on training because of the familiar Windows ecosystem.

“We’ve gone from deploying PCs and laptops over a course of days to deploying Surface Pro devices in hours,” shares Phil Mikolaj.
 

Surface has proved so popular in fact, that the firm has replaced all of its previous desktop and laptops with over 1,200 Surface devices across the business, consolidating the number of devices they need and helping them foster a digitally enabled, totally mobile culture of workers.

“When I realized that I could dock it on my desk, I got rid of my PC, my iPad, and my laptop and only carried a Surface Pro from that point forward,” Phil says. “I cannot believe how it’s changing my efficiency as an individual employee.”

And with the introduction of the new Surface Pro’s upcoming LTE functionality, companies like Bay Equity will be able to work even more flexibly and productively, accelerating their path to full digital transformation.

Read more on how Surface gives financial professionals the tools they need to transform the way they work. For financial services companies like Bay Equity, security is a priority. Their businesses are built on clients’ data and trust. This whitepaper explores why cloud-based control of your devices, information, and users is so important.