News Categories
Announcement (9) Amy Babinchak (64) Tips (1) SBS 2011 (6) Windows Essentials 2012 (4) Edwin Sarmiento (28) SQL Server (22) SQL Server 2012 (6) SQL Server Clustering (3) SQL Server Disaster Recovery (6) Windows Server 2008 Clustering (1) log shipping (1) Brian Higgins (3) Uncategorized (42) Hyper-V (67) Virtualization (13) Windows 8 (13) Cisco VPN Client (1) Windows Server 2012 (24) Friend of TT (4) Hangout (2) Office365 (4) DNS (8) Jeremy (7) Cliff Galiher (3) Active Directory (12) ClearOS (4) Linux (4) presentations (2) SQL PASS (6) Chris Matthews (4) Printers (2) SharePoint (8) SQL Server Administration (7) Windows PowerShell (3) recovery model (1) sql server databases (1) Dave Shackelford (7) SMB Nation (1) Steve (1) Boon Tee (5) Kevin Royalty (3) Lee Wilbur (2) Philip Elder (10) SMBKitchen Crew (31) Susan Bradley (15) AlwaysOn (1) AlwaysOn Availability Groups (4) readable secondaries (1) row versioning (1) undocumented (1) The Project (2) Webinar (3) Enterprise for SMB Project (9) Security (25) Remote Desktop Connection for Mac (1) Remote Desktop Services (8) Windows Server 2008 (1) Exchange (15) Powershell (6) Microsoft (15) Performance (7) data types (1) Server 2012 (1) monitoring (1) DevTeach (1) SQL Server High Availability and Disaster Recovery (5) Clusters (44) Hyper-V Server 2012 (2) Business Principles (26) Cost of Doing Business (13) DHCP (7) sbs (15) Windows Server (30) SMBKitchen (26) Windows Server 2008 R2 (4) StorageCraft (1) P2V (1) ShadowProtect (6) StorageCraft ShadowProtect (1) VHDs (1) Intel RAID (2) Intel Server System R2208GZ (1) Intel Server Systems (17) RAID (2) SAS (2) SATA (2) Server Hardware (12) Microsoft Licensing (2) OEM (2) System Builder Tips (4) Intel (5) Intel Channel Partner Program (4) Intel Product Support (10) Intel Server Boards (2) Intel Server Manager (2) Cloud (26) IT Solutions (2) On-Premises (20) SMB (9) WIndows Azure (2) StorageSpaces (1) Error (47) Error Fix (35) Intel Desktop Boards (2) Intel SSDs (2) SSD (2) Business Opportunity (17) Data Security (11) Identity Security (7) Information Security (14) Privacy (2) Intel Modular Server (6) Promise (2) Storage Systems (9) Live ID (2) Microsoft ID (4) User Profiles (2) Articles (2) Building Client Relationships (6) DBCC IND (2) DBCC PAGE (2) filtered indexes (2) SQL Server Index Internals (2) training (11) Adobe (3) Internet Street Smart (8) Intel Storage Systems (2) LSI Corp (2) LSI SAS6160 Switch (2) Storage Spaces (7) Firmware Update (2) Product Support (7) Hybrid Cloud Solutions (3) Server Core (2) MAXDOP (1) SharePoint 2013 (1) SharePoint best practices (1) SQL Server Authentication (1) Family (5) Alternatives (1) SBS 2011 Standard (4) Microsoft Small Business Specialist Community (2) Microsoft Surface (2) SBSC (2) Networking (4) Availability Groups (3) CANITPro (1) HA/DR (1) Step-By-Step: Creating a SQL Server 2012 AlwaysOn Availability Group (1) webcast (1) VMWare (2) Conferences (2) Client Focus (2) Disaster Recovery (6) Error Workaround (8) Troubleshooting (4) Logitech (2) Product Review (7) Windows Features (4) XBox Music (2) SBS 2008 All Editions (4) MDOP (2) Microsoft Desktop Optimization Pack (2) Software Assurance (2) W2012E (6) Windows Server 2012 Essentials (6) Internet Explorer (3) USB 3.0 (2) USB Hard Drive (2) Bug Report (2) Microsoft Office 365 (5) sharepoint online (2) BitLocker (2) Windows (2) Microsoft Update (3) Swing Migration (2) Windows Update (4) Outlook (2) Group Policy (9) WS2012e (2) WSUS (3) Office (3) Microsoft Downloads (5) Microsoft Office (3) DRP (3) Virtual Machines (2) Virtual Server Hardware (2) online course (1) SQL Server learning (7) 2 Factor Authentication (2) 2FA (2) PASS Summit 2013 (4) SQLPASS (5) Contest (1) e-learning (1) Udemy (1) smbtechfest (1) backups (2) PASS Summit First Timers (3) IIS (2) RD Gateway (4) RD RemoteApp (2) RDWeb (4) Remote Desktop Connection (2) Remote Web Access (2) Remote Web Workplace (2) Cryptolocker (6) Backup (4) Restore (2) CryptoLocker (1) AuthAnvil (1) SBS 2003 (1) SBS Migration (1) Windows Server 2012 R2 (9) Documentation (1) IE 11 (4) testimonials (11) SQL Server 2008 (1) Best Practices (1) Support (1) Intel Xeon Processor (1) RemoteApp (1) Android (1) iOS (1) Hyper-V Replica (2) PowerShell (2) SBS (3) Break (1) Business Intelligence (1) Excel 2013 (1) Power Map (1) Power Query (1) PowerBI (1) MultiPoint (2) Surface (1) Net Neutrality (1) Opinion (2) ASP (9) HP (2) Scale-Out File Server (8) SOFS (10) Windows Phone (1) Updates (1) Intel NUC (1) Intuit (1) QuickBooks (1) Office364 (1) Intel Server Systems;Hyper-V (1) Firewall (1) Patching (1) Mobile (1) Mobility (1) sharepoint (1) Microsoft Security (1) Beta (1) Storage Replication (1) outlook (1) Hyper-V Setup (3) JBOD (1) Azure (1) PCI (1) PCI DSS (1) PII (1) POS (1) MicroStaff (2) Catherine Barr (2) Third Tier (1) BeTheCloud (1) BrainExplosion (1) LookAWhale (1) Manuel (1) Rayanne (3) SuperSecretNews (1) TechYourBooks (3) Managed Services (1) Training (1) E-mail (1)
RSS Feed
SMBKitchen Archives: Managing Click to Run Office
Posted by Amy Babinchak on 25 February 2015 11:24 AM

Managing Office 2013 Click to Run

Click to Run is Microsoft’s newer way to deploy Office licensing. First starting with the Office 2010 retail skus, it is now included as an option with Office 365 Office deployments. With Office 365 volume licensing in fact, you have the choice of deployment via Click to run or deployment via the traditional MSI code. The major difference between Click to Run deployments and traditional Office deployments is in how the updates are deployed. In Click to run an App-V streaming method is used so that you get the entire Office image deployed to you as a whole. The next time there is an update, you’ll get the entire upgrade of the deployment. Traditional Office, you get your updates via Microsoft Update.

Click-to-Run is available for the following products from Office 365:

· Office 365 ProPlus

· Visio Pro for Office 365

· Project Pro for Office 365

· SharePoint Designer 2013

· Lync 2013

· Lync 2013 Basic

The products that are available to you depend on your Office 365 subscription.

Click-to-Run is also available for the following retail products:

· Office Professional 2013

· Office Home and Business 2013

· Office Home and Student 2013

Traditional Office updating

First a bit of background on traditional Office deployments. Office updating is controlled by Microsoft update, not Windows update. Windows update only offers up Windows updates only, that is, only updates for the operating system itself. On standalone unmanaged systems you must flip the machine over to Microsoft update in order to receive Office updates. Typically at the end of an install of Office the machine will ask you if you wish to stay up to take with Office updates. Saying yes at this step will do several things. Firstly it will opt you into Microsoft updates, secondly it will enable automatic updating.

If you have ever been convinced that your windows update settings spontaneously changed from what you set it to be, chances are you said yes at this user prompt and didn’t realize the impact of saying yes. Patches for traditional office can also be managed by third party patching engines such as WSUS

Click to Run

Beginning in 2010, Microsoft started deploying certain retail versions of office using their “features on demand” or “app-v” deployment. When you first start installing a click to run Office version, it will start to install the entire image to the machine. You will see indications of what it is doing in the background. You have to make sure you do not turn your computer off during this time otherwise you may need to remove the Office install and reinstall it. Click to run does not get updates via Microsoft update and thusly every patch Tuesday you will not see Office updates being offered up. Rather an entire new install will be streamed down to the workstations typically a day or two after the second Tuesday of the month.

Rolling back

But invariably the question comes up, what if there is an incompatibility with the streamed version of Office and some line of business add in? How can you roll back to a prior working version of Click to Run? It’s not as difficult as it might seem and also points out that in a domain or network setting, Click to Run can be centrally managed as well. In the case of the unmanaged workstation, you can roll back to a prior working version by doing a repair install.

The process to How to revert to an earlier version of Click-To-Run Office 2013 is as follows:

1. Disable Office 2013 updates. In Outlook Click File, Office Account, Office Updates and click Disable Updates.

2. In your Outlook calendar add an appointment reminder for a date in the future to remind you to re-enable updates.

3. Open an elevated cmd.exe (right click on “Command Prompt” and choose Run as administrator)

4. Change Directory to the path of integratedOffice.exe

In the command prompt type the following syntax depending in you are running 32 or 64 bit Office:

cd %programfiles%\Microsoft Office 15\ClientX64\ For the 64 bit version of Office


cd %programfiles%\Microsoft Office 15\ClientX86\ for the 32 bit version of Office

5. Run the following command to revert to September 2013 version of Office 64 bit:

C:\Program Files\Microsoft Office 15\ClientX64>integratedoffice.exe REPAIRUI RERUNMODE version 15.0.4535.1004

Or for the 32 bit version of Office

C:\Program Files\Microsoft Office 15\ClientX86>integratedoffice.exe REPAIRUI RERUNMODE version 15.0.4535.1004

*Note*: Available versions are listed here:

You will need to determine the last working build of Office and roll back to that version.

6. This brings up the Online Repair dialog. Choose *Online Repair*

Once complete you can check your version to verify it updated properly.

Network customizations

In a domain or network setting you can control this process even more.
Click-to-Run for Office 365 products are based on core virtualization and streaming Microsoft Application Virtualization (App-V) technologies. Click-to-Run resources run in an isolated virtual environment on the local operating system.

To customize Click-to-Run for Office 365 installation settings for an on-premises deployment of Office 365 ProPlus, administrators who have signed up for Office 365 can use the Office Deployment Tool. You download the Office Deployment Tool from the Microsoft Download Center site. The download includes a sample Configuration.xml file. To customize a Click-to-Run for Office 365 installation, you run the Office Deployment Tool and provide a custom Configuration.xml configuration file. The Office Deployment Tool performs the tasks that are specified by using the optional properties in the configuration file.

You can specify the following Click-to-Run installation options in the Configuration.xml file:

Product and languages to install or remove

· Source path

· Level of user interface to display

· Logging options

· Product updates behavior

Download the Office customization tool from the Microsoft download center.


Click to extract the contents.

Accept the EULA


You will note you have a setup.exe and a configuration file.


The setup file has several switches


To begin the customization process open up the configuration file in notepad and edit the variables as follows:

<!– <Add SourcePath=”\\Server\Share\Office\” OfficeClientEdition=”32″ >
<Product ID=”O365ProPlusRetail”>
<Language ID=”en-us” />
<Product ID=”VisioProRetail”>
<Language ID=”en-us” />
</Add> –>

<!– <Updates Enabled=”TRUE” UpdatePath=”\\Server\Share\Office\” /> –>
<!– <Display Level=”None” AcceptEULA=”TRUE” /> –>
<!– <Logging Name=”OfficeSetup.txt” Path=”%temp%” /> –>
<!– <Property Name=”AUTOACTIVATE” Value=”1″ /> –>

In the first line you indicate where the click to run installer files will be located.

<!– <Add SourcePath=”\\Server\Share\Office\” OfficeClientEdition=”32″ >

Make sure that the user has read rights to that share location in order to install Office. Indicate the edition of Office, either 32bit or 64 bit.

<Product ID=”O365ProPlusRetail”>

Edit the name of the product you are deploying in the network.

<Language ID=”en-us” />
Enter in the language you wish to deploy.

<Product ID=”VisioProRetail”>
<Language ID=”en-us” />
Enter in any additional products you wish to install.

If you download Office Pro Plus from Office 365 (e.g. E3 plan) and use the Office Deployment Tool for Click-to-Run ( ) and use the scripts i.e. ‘setup.exe /download’ and ‘setup.exe /configure’ as per Technet articles for the tool ( , and )>, from an on-premises location, i.e. network share, the Office 2013 apps are NOT set to automatically update.

Open any Office app, click on File – Account, look under “Product Information” and click on the “Update Options” button to enable them.

Either use group policy or set the updates element to automatically update or point to a network location:

* GPO ( ) and

* Utilize the “Updates element” within the Click-to-Run configuration.xml file ( ) and set up a local network share for an “Update Path” ( )

Switching back to MSI deployment

Be aware you can flip Click to run back to a traditional deployment by downloading the msi file. In Office 365 you can find this msi download easily. Even if you are a retail customer you can log into the account portal and download the Office 2013 msi from there.

How to switch back to MSI (old fashioned MU updates) deployment

Managing retail Office 2013

Currently I can find no way around the need for a Microsoft account for a retail or keycard deployment. There are two means of managing these accounts.

One master account.

Using this method one master Microsoft account is set up for the entire firm. A manual spreadsheet must be maintained of which user has which product key assigned to them.

Each user gets a Microsoft account.

The second way is each user in the firm gets a Microsoft Live ID that matches their business email account. Each product key is then set up in each separate Live ID. You can rename and re-alias this account as the person leaves the firm. Log in with the Microsoft account credentials to manage the information there. 

Read more »

Protecting Merchant Point of Sale Systems during the Holiday Season
Posted by Third Tier on 13 November 2014 08:27 AM

One of the services that we provide to members of the SMBKitchen ASP at Third Tier are classified documents prepared by various government agencies relating to IT security. Being aware of the current threats can give you a leg up on protecting your clients. Having access to the research let’s you understand the threats in a way that your competition simple won’t. When you know more, you can provide more value to your clients. It really is that simple.

We’ve never before been able to share this information with the general public but recently this document came to us and was declassified for public consumption. Below is the first page and link to document the full document.

This advisory was prepared in collaboration with the Financial Services Information Sharing and Analysis Center (FS-ISAC), the United States Secret Service (USSS), and the Retail Cyber Intelligence Sharing Center (R-CISC), and is directed towards retailers or companies which are processing financial transactions and managing customer personally identifiable information (PII) during the upcoming holiday season and beyond. This advisory serves to provide information on and recommends possible mitigations for common cyber exploitation tactics, techniques and procedures (TTPs) consistently and successfully leveraged by attackers in the past year. Many of these TTPs have been observed by the FS-ISAC, through its members, and identified in Secret Service investigations.

The TTPs discussed in this report include:

• Exploiting commercial application vulnerabilities

• Unauthorized access via remote access

• Email phishing

• Unsafe web browsing from computer systems used to collect, process, store or transmit customer information  

This document provides recommended security controls in these four commonly observed areas to protect customer data and also provides recommendations to smaller merchants who should work with their vendors to implement these recommendations (see Appendix A).

This advisory is not intended to be a robust, all-inclusive list of procedures as attackers will modify TTPs depending upon the target’s network and vulnerabilities. This report does not contain detailed information about memory scraping Point of Sale (PoS) malware that has been used in recent high- profile data breaches. Secret Service investigations of many of the recent PoS data breaches have identified customized malware only being used once per target.  A list of observed PoS malware families is provided in Appendix B.  

These recommendations should be analyzed by cyber threat analysis and fraud investigation teams based on their operational requirements.  The information contained in this advisory does not augment, replace or supersede requirements in the Payment Card Industry Data Security Standard (PCI DSS); however, the PCI DSS version 3.0 recommendations are cited when appropriate.1 

Download the full document


Not a Third Tier customer yet? Let me introduce:  We’re Third Tier. We provide advanced Third Tier support for IT Professionals and MicroStaffing for IT consulting firms. Come on over, create an account (no charge) and follow our social media locations.

Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN

Read more »

Recording Posted
Posted by amy on 27 January 2014 11:42 AM

I recently gave a talk at the Tampa IT Pro group’s 10th anniversary. It was about my local small business IT firm, Harbor Computer Services, and the direction we need to head given all of the changes that are happening in technology. We’re in a real critical moment where 80% of  small business IT firms are going to go out of business if they don’t know who they are and have a plan. I don’t intend to be part of that statistic.  I hope that you don’t either. It’s been what the whole SMBKitchen Project was about and 115 firms participated and don’t plan to be part of that statistic either.

Honestly the recording is lousy and the evening was plagued with technical issues and the recording captured the presenters view of PowerPoint rather than the full screen view, anytime I turned my head away from staring at the laptop screen you’ll hear my voice fade (I tried to be my very best statue) but hey we were on  our second laptop to try to get this thing going so it was par for the course of this particular evening. Several people have asked me for a recording so here it is. If you were at the SMBTechFest in October, this talk is very similar to that one and they have a much better recording but it’s for attendees only.

Not a Third Tier customer yet? Let me introduce:  We’re Third Tier. We provide advanced Third Tier support for IT Professionals. Come on over, create an account (no charge) and follow our social media locations.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN

Read more »

Presentation: Transforming a Small IT Firm
Posted by amy on 13 January 2014 11:15 AM

Back in October I gave a presentation at SMBTechFest on how I am transforming Harbor Computer Services to survive well into the future without losing the core of what has driven us to succeed in the past. This amounts to an attempt to distill in to about 90 minutes or so what has taken many, many pages of written documents in the SMBKitchen Project to describe. Here you can learn what that looks like in action for a real firm.

Live remote access to this presentation is available. Please join me in Tampa (remotely).

Meeting Calendar Item 

Vision of the Future
Presenter: Amy Babinchak
Small business networks remained the same for many years. The standard was a server, some workstations and perhaps a networked printer. Many of us built our businesses on installing and maintaining those networks. Now things are changing rapidly and Amy predicts that cloud services will result in a 60% revenue loss from migration, installation and maintenance if she didn’t change a thing about her business. In this session she will share how she is changing her business, Harbor Computer Services, to meet the challenges ahead.
Amy Babinchak is a Small Business MVP and Owner Harbor Computer Services and Third Tier. Amy has been an ISA, EBS and SBS MVP and yet still contends that it’s not her fault that the products were cancelled. She has opened Harbor Computer Services as a firm specializing in small business technical support services in 2000 and Third Tier to assist other IT firms with technical challenges in 2008. She started into small business IT after realizing that they were not being taken seriously by most IT professionals. Amy has always enjoyed the business side of IT as much as the technical.

So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals. This means you. Need a hand getting unstuck on a problem? Need to get a project implemented efficiently?

Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN

Read more »

Near Tampa?
Posted by amy on 09 January 2014 11:56 AM

If you haven’t been part of the SMBKitchen Project then you may have missed out on the papers and discussion surrounding consulting in the new era. Amy is going to attempt to bring together a lot of pages on the future of consulting in small business published there into a single presentation. If you are near Tampa next week stop by for the presentation that Amy is giving at the local usergroup. It’s about how she has transformed Harbor Computer Services from an infrastructure company into one that plans to survive into the new era of Cloud computing without losing their mission, and desire to excel in small business IT services.

80% of small IT firms will go out of business after losing 60% of their revenue if they don’t change with the times. We’re already seeing the decline. We’re going to deep dive into how to survive. Amy will lay out exactly what Harbor has been, is today and plans to become for it’s clients.

Wednesday January 15th

Mosaic Dealer Services, 1310 W Carmen St, Tampa FL 33606

Presentation starts at 6:30pm but come at 5:30pm and join us for food and drink!


If you are coming from Kennedy Blvd, there’s a traffic light at the corner of Kennedy and Willow Ave. Turn north on Willow St, proceed to the  5th street on left (Carmen St). Turn left on Carmen St, and then pull into the parking lot on your left.


If coming from the Interstate, take the Armenia/Howard exit, and head south on Armenia Ave. About 5 streets down, turn left (east) at the traffic light onto Cypress St. Proceed past the 4 way stop at the corner of Cypress and Rome. Proceed to the traffic light at the corner of Cypress and Willow. Turn right onto Willow, then turn right at the next street (Carmen St), and then pull into the parking lot on your left.

So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals. This means you. Need a hand getting unstuck on a problem? Need to get a project implemented efficiently?

Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN

Read more »

We’re more than just tech support
Posted by amy on 18 December 2013 12:56 PM


I know that anyone over at Third Tier will be exceptional. I do not have a favorite. I do love to read Amy’s business insights and all of her opinions, suggestions, and advice have truly helped me open my eyes. I love her business model and I thank her for sharing these topics.

Joe Fulgieri, JMF TechServices, Inc.

Thanks Joe! Joe got these insights though his subscription to the SMBKitchen Project. We’ve been talking about the future – business, hyper-v, non-Microsoft solutions, essentials server, monthly patching directions, exchange, and more.  If you didn’t subscribe you aren’t too late. You can still gain access to all of the information that we published as part of the project. We’ll be published additional documents through February. So join up!

Read more »

Help Desk Software by Kayako Fusion