If you have users complaining about incomplete search results on RDS Server 2019, especially in Outlook, this registry key might fix the problem. It did fix mine.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search
DWORD EnablePerUserCatalog 0
This will create the index database under C:\ProgramData\Microsoft\Search\Data\Applications\Windows rather than in the user's AppData folder. It should look something like this:
A while back Microsoft announced the new and shiny Windows Server 2022 and just a few weeks ago the ISO of the technical preview has been made public.
What is new you might ask? Well from the articles I read, Windows Server 2022 is more secure, has a better integration with Windows Admin Center (aka modern MMCs) and has simpler migration steps if you want to move your server to Microsoft Azure. Check the article at the bottom of this page.
There are also some visual changes. Take a look at the start screen:
Microsoft Edge Chromium comes pre-installed on Windows Server 2022:
Icons are modern looking like in the latest versions of Windows 10:
The Settings app looks also slightly different
The old Control Panel is luckily still around:
So while aesthetically you might say very little has changed from Windows Server 2019 or even 2016, I am positive that Microsoft has done a lot of changes under the hood that matter and make your infrastructure more secure than ever. This is the version of Windows Server you want to install by default in 1-2 years time.
References:
https://www.qubicgroup.com/news/microsoft-reveals-list-of-new-features-for-windows-server-2022/
In this day and age having an on-premise Active Directory is not mandatory, especially if you are a small and/or new organization. Most of the services will be in Microsoft 365 anyways, so why bother maintaining local AD?
If you have an Azure Active Directory Tenant, users are allowed to join Windows 10 devices to the AAD domain by default.
In the AAD Portal, under Devices > Device Settings, settings can be adjusted to the organization's needs.
Joining the device is very easy. Just open the modern Settings app in Windows 10 > Accounts > Access work or school > + Connect. Then select Join this device to Azure Active Directory.
After logging off, any user that is a member of the tenant can log in with their email address/Azure AD account.
If you do hate passwords, this new feature from Microsoft might have solved that problem. With this feature, a user can send a push notification to Microsoft Authenticator, allowing access to any Microsoft 365 site without entering a password.
First of all, enable the so called "combined registration experience" in Azure AD under User settings.
Since I have a new tenant, the feature is automatically enabled for me.
After that, browse to Security > Authentication Methods > Policies. Select Microsoft Authenticator and enable it.
Users are not forced to use the new authentication method. They have to set that up themselves at https://aka.ms/mysecurityinfo.
Select Authenticator App as the method.
Download Microsoft Authenticator on the mobile phone.
Scan the QR code shown there.
Inside the Microsoft Authenticator app, select "Set up phone sign-in" and follow the wizard.
Now, upon logging in, you can select "User an app instead". This will trigger a notification on the phone app.
References: