Ironkey Fail: Time to change.

/ Mitch Garvis / Leave a comment

WTG keysThere is probably no good reason why I have four (4) military grade USB keys on my key ring with Windows To Go (WTG) configured on each one… but since 2015 I have written about four different devices, and I keep all of them.  Of course, they are not all always up to date… but when a new version of Windows 10 is released, I try to upgrade either some or all of them.  I skipped 1709, so I decided to take an afternoon and recreate all four keys on Windows 10 1803.

My Apricorn key worked just fine.

My Spyrus key worked just fine.

My Ironkey W300 (the one without hardware encryption) worked just fine.

My Ironkey W500 (the one with hardware encryption)… did not.

I spent a few hours trying to make it right, but to no avail.  I finally gave up (for now) deciding to come back to it later on.  And then I got an e-mail press release from Spyrus, claiming that ‘…SPYRUS Windows To Go Device Trial Pack with SEMSaaS Device Management to Replace Competitive Devices that Do Not Support Recent Windows 10 Updates’

Interesting… I decided to go through my archives and see if I would be able to create a Windows To Go installation with an earlier version of Windows.  Fortunately on one of my external hard drives I found an ISO for Windows 10 1703 Enterprise (remember that we need the Enterprise SKU for WTG!) and I spent a few minutes working on it last night.  Presto, it worked!

So the good news is: If you have an Ironkey W500 (or W700 I would think), it will still work with Windows 10 (1703 and earlier). 

The bad news is: your USB key which you spent hundreds of dollars on will only work with an operating system that will go out of support in a few months, and unless Kingston changes its policy (which seems to have been to ignore the Ironkey acquisitions and let the products die) then this is unlikely to change.

I do not know if that policy will change, or if there is something going on behind the scenes that we do not know about.  What I do know is that there is a control panel that the Ironkey toolkit installs to the install.wim file before you deploy it from the Windows To Go Control Panel, and that control panel does not seem to be compatible with Windows 10 versions later than 1703.

And so, I hate to do this, but I have to revise my previous statements.  I will give the Spyrus Workspace Pro a big thumbs up, and I will give the Apricorn Aegis Secure Key 3z a big thumbs up.  The Ironkey W500, I’m afraid, is now a do not buy

Advertisements

KB4103723: DO NOT APPLY!

/ Mitch Garvis / 2 Comments

image

Hey folks, if you know what is good for you, do not apply this patch yet.  KB4103723 protects against a CredSSP vulnerability that has not yet been compromised.  However, it will break lots of things in your system, including RDP and Hyper-V connections.  Errors will include CredSSP errors when trying to connect via RDP (or Hyper-V Manager, or Failover Cluster Manager, or SCVMM).

Remote Computer: This could be due to CredSSP encryption oracle remediation.

Good luck!

Automated Virtual Machine Activation

/ Mitch Garvis / Leave a comment

Let’s face it… Microsoft wants you to use Microsoft, so when it can, it creates technologies that make it easier for you to do so.  Automatic Virtual Machine Activation (AVMA) is one of those tools.

I remember when Microsoft got into the server virtualization game, it really had very little to compete with VMware, other than price.  That has certainly changed, and while Hyper-V is not completely where ESXi is, it is damned close… and there are some benefits, such as AVMA.

What is it?  Simple.  If your virtualization host is running Hyper-V, then your guest VMs do not need to activate to Microsoft… or even to a KMS Server for that matter.  They activate directly to the host.  That means that rather than having to keep track of (or worse, share) your Product Keys, you can simply share the AVMA keys.  The rest is done through the Data Exchange Integration Service in the Hyper-V stack.

The downside?  You have to have an (activated) Windows Server Datacenter Edition as your host.  In other words, it will not work with Hyper-V Server.  That is not a huge downside, but it is significant.

The keys are available for free on-line, and the activation is done against your host.  So use the following keys:

Windows Server 2016

Edition AVMA key
Datacenter TMJ3Y-NTRTM-FJYXT-T22BY-CWG3J
Standard C3RCX-M6NRP-6CXC9-TW2F2-4RHYD
Essentials B4YNW-62DX9-W8V6M-82649-MHBKQ

Windows Server 2012 R2

Edition AVMA key
Datacenter Y4TGP-NPTV9-HTC2H-7MGQ3-DV4TW
Standard DBGBW-NPF86-BJVTX-K3WKJ-MTB6V
Essentials K2XGM-NMBT3-2R6Q8-WF2FK-P36R2

(Notice that this works only for Server 2012R2 and later.  The feature was only introduced in that version.)

One thing you need to make sure of in the guest VM settings… You need to have Data Exchange enabled in the Integration Services context, as seen here:

Capture

…So now, you can include the AVMA key in your VM templates, and you will be all set.  But if you didn’t do that, try the following command:

slmgr.exe /ipk C3RCX-M6NRP-6CXC9-TW2F2-4RHYD

That will add the product key to your VM, and all that is left to do is activate it using the following:

slmgr.exe /ato

That’s it… Have fun!

 

Default Gateway Corrections

/ Mitch Garvis / Leave a comment

PowerShell.jpgThe default gateway setting in Windows (and every other networked operating system) is a simple setting that tells your network interface card (NIC) where to send traffic when sending it outside of your domain segment.  More often than not, it will be the .1 address of a network segment (e.g.: 10.0.0.1), but that is not always the case.

It is one of those settings that you set once and forget it… It almost never needs to be changed… until it does.  Network reconfigurations do happen, and changing the default gateway is simple to do in the graphical user interface via the Properties window of your network interface, simply by modifying the appropriate field in the  Internet Protocol Version 4 (TCP/IPv4) properties.

But what if you need to do it for several machines?  Of course, PowerShell to the rescue!

First, you need to check what your NIC Interface Index is:

Get-NetIPConfiguration

This will give you an output that looks like this:

Get-Alias

As we see in this example, the server was moved from one network segment (10.128.43.x/24) to a new one (10.128.11.x/24).  Because of that, we need to assign a new Gateway in the proper network segment.

The Interface Index here lists as 3.  Remember that.

Before we add the new Gateway, we have to remove the old one.  Otherwise the NIC will have two gateways, and that can cause issues.

Remove-NetRoute -ifindex 3 -NextHop “10.128.43.1”

Notice that we put in 3 for the ifindex (the Interface Index), and the old gateway in quotes.

Now that we have a clean slate, all we have to do is configure the new default gateway, with this:

New-NetRoute -interfaceindex 3 -NextHop “10.128.11.1” -destinationprefix “0.0.0.0/0”

Again, we change our interfaceindex to 3, and our NextHop to the proper gateway.  When you run these two commands, you should get the following output:

Done

That’s all there is to it!  Of course, you may want to execute this script against a group of computers, but that’s for another time…

 

 

 

Replay: Not quite a Second Shot, rather like buying Exam Insurance.

/ Mitch Garvis / Leave a comment

Microsoft certifications are worth the money… but there is certainly money involved.  You are paying USD$165.00 to sit an exam, whether you pass or fail.

Some time ago, Microsoft started offering Second Shot vouchers.  As long as you pre-registered for it, you would get the chance to re-sit an exam in the event that you did not pass.  They were a great way to encourage candidates to try, and if they failed, they would be able to take the exam again at no extra cost.

The last time I wrote about these vouchers was nearly 6 years ago.  I do not know if they have come up since, but I don’t think I have taken advantage in a long time.

MindHubThere is now a program called Microsoft Exam Replay.  This is not a free offer from Microsoft, rather it is like buying an insurance program up front.  Instead of purchasing the exam outright, you purchase an exam voucher + retake from MindHub.  The cost? USD$230, or USD$65.00 more than the cost of the exam.  In other words, it is a bad investment if your confidence level is high… but if you are really uncertain, it may be worth your while to look into it.

Reading the on-line reviews, there is no consensus.  It seems they are like olives… you either love it or hate it.  I am not planning to take any exams in the near future, so I will not be trying them out.  However, if you are concerned, then better safe than sorry.

Microsoft Technology Roadshow

/ Mitch Garvis / Leave a comment

Azure-imageTuesday morning I stood up in front of a great audience of IT Professionals at the Westin Hotel in Ottawa.  The subject? Azure networking.

One of the slides that Microsoft gave me for the ‘Curtain Warmer’ contained a list of links for further information.  They are:

Azure Training:

https://azure.microsoft.com/en-ca/training

Azure Certification:

https://www.microsoft.com/en-ca/learning/certification-overview.aspx

Windows Certifications:

https://www.microsoft.com/en-ca/learning/windows-certification.aspx

Productivity Certification:

https://www.microsoft.com/en-ca/learning/mcse-productivity-certificatio.aspx

Mobility Certification:

https://www.microsoft.com/en-ca/learning/mobility-certification.aspx

Windows 10 Support Extended

/ Mitch Garvis / Leave a comment

Team10I know, I am a couple of months late on this… on February 1st, 2018 Microsoft announced that it would be extending support on Windows 10 Editions 1709, 1703, and 1607.  That means that instead of having 18 months of support, you will have 24. The bad news? This applies only to the Enterprise and Education SKUs of the product.

According to Microsoft, this is the current support calendar:

Release Release Date End of Support End of Support for Enterprise/Education
Windows 10 (1607) August 2, 2016 April 10, 2018 October 9, 2018
Windows 10 (1703) April 5, 2017 October 9, 2018 April 9, 2019
Windows 10 (1709) October 17, 2017 April 9, 2019 October 8, 2019

For those of you not paying attention, End of Support for Windows 10 (1607) was earlier this week, as well as End of Additional Servicing for Enterprise, Education for Windows 10 1511.

For those of you who say that it is unfair that Enterprise and Education SKUs get longer support cycles, please remember that most customers who buy the Home and Pro SKUs are buying much fewer licenses, and the free upgrade (via Windows Update, as well as numerous other channels) makes it much easier to manage, as compared to Enterprise and Education license customers, where customers often buy tens (and hundreds) of thousands of seats, and need time to check software compatibility and to actually roll out (via their enterprise deployment tools) the myriad seats that they have.

 

Where is 1803?

/ Mitch Garvis / 1 Comment

Team10For those of you who have been eagerly anticipating the release of the latest release of Windows 10 (Version 1803), you know that it was slated to be released to the public April 10th, 2018.

Those of us who went to our sources (mine is https://my.visualstudio.com), or expected to see it appear in our Windows Update stream, we were met with disappointment.

It seems that someone at Microsoft discovered a ‘blocking bug’ – that is, a bug that is serious enough to delay the launch of the new platform – over the weekend.  Because of this, they are holding off on the release until the bug is fixed.

While Microsoft has not announced a new release date (I don’t think they ever officially announced April 10 as the old release date), we can assume that they are working hard and fast at getting it out the door.  My conservative estimates would expect to see it by the last week of April.

Fortunately, because Microsoft recently extended the support dates for the Enterprise and Education Editions of Windows 10 (see my article dated April 12, 2018), there is no pressing contractual reason for them to rush a less-than-satisfactory version of their flagship operating system out the door.  Let them take the time they need to get it right before releasing it to the public.

Incidentally, according to my sources, for whatever it is worth the RTM (Release to Manufacturing) build will be Build 17133.  This is one of those interesting tidbits to almost nobody, but will be important for the few who really need to know.

I Think… therefore, I am uncertain.

/ Mitch Garvis / Leave a comment

I spend a lot of time speaking with clients about their environments.  From time to time, my job is to ‘interview’ them, so that I can properly document their environments.

Recently I was speaking with a couple of admins at a private sector company who were very proud of their environments.  They had hired a sub-contractor to deploy much of their infrastructure, and they were pleased to answer my questions.  They had engaged my serviced to audit the work performed by the other contractor, and were pretty sure that the meeting would be pro-forma, and I would sign off on everything that had been done.

MDG: How often are backups performed?
Client: Daily for most systems, hourly for highly transactional servers.

MDG: How long are your backups retained?
Client: Hourly and Daily backups are retained for 30 days, weekly backups are retained for 6 months, monthly backups are retained for a year.

MDG: How often are your servers patched?
Client: Monthly… we think.

Those last two words send chills down my spine… and I hear it more often than you would think.

Is it our job to know everything about our environments?  Maybe, maybe not… but if you think and you do not know, then you should be following up and making sure.

Why does it scare me that this was their answer?  Because one of the people in the room was responsible for the security and stability of the environment, and an unpatched server will eventually be an unsecure server.

It is not surprising that in a large environment that the manager does not know every detail of the day-to-day operations of his network; he has people reporting to him who are responsible for these things.  In fact, the person responsible for testing, approving, and applying patches was not in the room for this meeting.  He was, we can assume (as this meeting was held on Patch Tuesday), somewhere testing patches.  The manager does not need to know everything… but he has to be able to get that information.

question-markSeventeenth Century French philosopher René Descartes stated: “Cogito ergo sum” (French: Je pense, donc je suis; I think, therefore I am).  He was claiming that he knows that he exists, because he is able to think.  While I feel this philosophy can be disproven by a great many zealots who certainly are but seem unable to think, he was essentially saying that thinking is a good thing.  Socrates – the Athenian philosopher of the Fifth Century B.C.E., claimed that “The only true wisdom is in that you know nothing.”   He was not saying that stupidity is a good thing, rather that it is important to question everything.

So, is it better to think that you know how often your systems are patched, or to know that you do not know, and thus inquire?  While I have never spent a great deal of time studying philosophy (Athenian, French, or otherwise), I think when we are unsure, it is better to inquire.

In my follow-up meeting a few days later, the manager came equipped with a sheaf of printed reports that I had asked for… including the one that showed that patches were indeed applied on a monthly basis, and a list of pending patches, failed patches, and unprotected systems.  The client was doing exactly what they needed to do, and the consultant who had deployed their infrastructure had indeed implemented two separate and complementary patch-management systems, including System Center Configuration Manager (SCCM) with Windows Server Update Services (WSUS), and System Center Virtual Machine Manager (SCVMM) for their virtual servers and hosts.  My client, whose systems integrity were never an issue, was happy that he had gone to make sure, and in fact extracted reports that he had never actually checked before.  His systems were fine… and so was his peace of mind… now.

Going back to the philosophical questions for a minute, we have all heard the question: “If a tree falls in a forest and no one is around to hear it, does it make a sound?”  This is attributed to Eighteenth Century philosopher George Berkeley (in his work “A Treatise Concerning the Principles of Human Knowledge” published in 1710.  In systems administration, the unheard tree can lead to eventual disaster, depending on the scope.  If a system is not properly patched, it can be vulnerable to myriad vulnerabilities.  If systems are not reporting properly, it might mean that the systems are not available… or something more sinister.  That is why we have to check these reports, to make sure that what we believe to be our solid environment is indeed solid, and will remain so.

My client (the company’s IT Manager) had a mostly stable environment, but three systems listed on the reports he brought had not been patched in several months, thereby missing a critical patch that we knew had led to an exploited vulnerability.  The lack of noise – very few admins get active alerts that a system failed to patch – was deafening, and left unchecked could have had disastrous results.  Fortunately, that did not happen; the three unsecured systems were immediately flagged and quarantined, and after a few minutes with the Desktop Support Team were again right as rain.  All is well…

While we may wax poetic, IT is not about philosophy.  Knowing is important; Certainty is crucial; Silence can be Critical.

…And yet, as IT Professionals, just as with long-dead philosophers, it is important for us to keep asking questions, to keep actively seeking the truth, and questioning the silence.  If you don’t?  Well, that tree may fall on your head, and your thinking will mean you are… out of a job.

Windows Live Essentials… died quietly.

/ Mitch Garvis / 1 Comment

I have been blogging on WordPress for years, and before that I used a different platform… but it has been over a decade that I have been using Windows Live Writer to write my blog articles.  On occasion, I would write on the WordPress app on my phone or iPad, and sometimes even from the web console (www.wordpress.com).  For the most part, it has been Live Writer.

WIndows Live

They stopped upgrading Live Writer (and the rest of the Windows Live Essentials suite) a few years ago – it never made it onto Windows 10.  As I wrote in 2015, it would still work, as long as you jumped through Microsoft’s hoops (See article).

Microsoft cut support completely on March 22, 2017.  According to the official page:

As of this morning, March 22, 2017,

Windows Essentials 2012 download offline installer (Microsoft site) is no longer available.

(March 21, 2017 was the last date the offline installer was available.)

——————-

As this download is no longer available, further daily reports here on availability will cease.

The era is well and truly over, and I had not noticed it… Windows Live died quietly.

Fortunately, for those of us who saved the offline installer file (wlsetup-all.exe), it can still be installed, using the same instructions I wrote in the article in 2015.

If you do not have that file… well, I am sure that knowing the file name, you will be able to find a copy of it somewhere on the web.  I just want to remind you that files you get from untrusted sources will be just that… untrusted.  It is pirater beware, and yes… by downloading from untrusted sources, you are essentially pirating software (even though it was always free from Microsoft).

Before you ask, the answer is no… I have not yet moved onto a different blogging platform; I have not even looked into it.  I am just happy I tucked that old file into my Downloads directory whenever I last installed my Surface Pro 4… frankly, I only discovered the end-of-support when I reinstalled it recently.  I suppose I should look to see what else is out there, how I could make my blogging experience better.

Any suggestions?

R.I.P. Windows Live

Gone, not forgotten, and certainly missed.

SCOM Prerequisites: A Web of Confusion

/ Mitch Garvis / Leave a comment

Microsoft’s System Center Operations Manager (SCOM) has several prerequisites that must be installed for each component, and frankly, some of those can be cumbersome to get around.  Of course, it is nice for the SCOM installation console to let us know that Report Viewer (a free download from Microsoft, link provided in the notifications window) is a prerequisite… but they do not tell you that System CLR Types for SQL Server 2014 are a prerequisite to Report Viewer, no link given (spoiler alert: it is a component of the SQL Server 2014 Feature Pack).

Of all the components, it is the SCOM Web Console that has the most prerequisites, and frankly some of them are easier to install than others.

WebConsole Prerequisites

We have our work cut out for us, it would seem… unless we use PowerShell!

Yes, we could much our way through the Add Roles & Features wizard in Server Manager… and if you are only installing it the once, then that is probably fine.  If you are a consultant and expect to be installing SCOM more than once in your client environments, I strongly suggest you grab these PowerShell scripts.

Of course, the Report Viewer Controls Check is still going to fail, but those prerequisites are really easy – the link for the Report Viewer is here, and I hope you took the opportunity to install the SQL Server 2014 Feature Pack before you do that.

Script:

Import-Module ServerManager

Add-WindowsFeature NET-Framework-Core,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,Web-Request-Monitor,Web-Filtering,Web-Stat-Compression,Web-Metabase,Web-Asp-Net,Web-Asp-Net45,Web-Windows-Auth,NET-HTTP-Activation,NET-WCF-HTTP-Activation45 -restart

This should do it… you will need to reboot the server in order for a few things to register properly (ISAPI and CGI and all sorts of stuff), but when you restart the installer and check your prerequisites…

Prerequisites Passed

That’s what we want to see… so in a few minutes time (the web console really does not take a long time to install) you should be able to navigate to https://servername/OperationsManager and you will see…

WebConsole

Now go forth and script, my good man!

I am heading out of town for a week or R&R… See you next Friday!

It’s Good to be Back…

/ Mitch Garvis / Leave a comment

Okay, I never really left… but it was touch and go for a bit.  After having made the payment yesterday, I woke up Friday morning to an e-mail that I have now received eleven times.

Thanks for renewing your MCT membership!

While it is not quite the twelve year anniversary of my earning this distinction (I first achieved it July 21, 2006), it is the eleventh renewal.

A lot has changed in the past twelve years… in my life, to the Microsoft Certified Trainer (MCT) program.  The least of the changes is the cost per year – we all complained when the cost jumped to USD$800 per year, and a lot of my brethren decided the benefits was no longer worth the cost.  Fortunately for them, Microsoft Learning created the MCT Alumni program.

Personally, while I consider the cost to be excessive, I still feel it is worth paying.  I have worked with several my clients because I was able to start by training their staff.  When I have free cycles, because I am able to teach Microsoft Official Curriculum courses, I can reach out to training centres (and brokers) around the world to offer them my services.  As well, there is a cachet to having the title.  ‘Hey, that guys is an MCT… he must know something.’

Until a few years ago, I was extremely involved in the MCT Community.  I was an MCT Regional Lead from 2012-2013 (see article); I volunteered as a proctor and facilitator for hands-on labs at events like TechEd and Ignite; I wrote myriad articles helping people to understand their certification paths.  All in all, I did what I could to help make the program better.

I have stepped back from all of that, as I have stepped back from most if not all of my community involvement overall.  I will always be proud of what I did, but I felt it was time for others to step up and take over.

MCT_logoMy MCT is not like that; while there is an MCT Community, I consider my MCT a vital tool in my professional toolbox.  Being able to teach courses, having access to the Microsoft course ware library and on-line labs for my own professional development, all of these are worth the price of admission right there… even if my company was not willing to cover the cost (which I am grateful that they are).

When I was an independent contractor, being able to train was a key component of my business.  Between my time as a contractor with Microsoft Canada (I could not have been an Evangelist if I had not been a trainer) and HP (I spent several months contracting to them, teaching System Center), as well as teaching courses through both Microsoft and other Learning Partners, I made a pretty respectable living.

Now that I am working with Cistel, I will likely spend most of my time consulting, implementing, reviewing, and so on.  But that does not mean that I will not occasionally be called on to teach courses, both internally and for our clients.  In the year since I started contracting with them before joining them full-time, both scenarios have happened.

While I enjoy consulting, I also truly enjoy teaching.  It is great to build and upgrade and improve upon systems, but it is also great to teach others to know and understand concepts, technologies, that they had not previously known.  Being with a company like Cistel, I have the opportunity to do both… as long as I maintain my Microsoft Certified Trainer status.

If you have ever sat one of my sessions – whether a class, a seminar, a user group presentation, anything – I am always happy to hear your thoughts, and just to stay in touch.

Thank you all!

Mitch Garvis, MCT

MCT_Logo New

I Made The Papers!

/ Mitch Garvis / 1 Comment

It has been a long time since I got a notification that an article I wrote made the top of anything, so this morning when this came across my Twitter feed I was quite pleased:

@vanessabruwer: The latest System Center Weekly Roundup! https://t.co/oT361QLUE6 Thanks to @USportsSG @MGarvis @ComtradeSoftw #sccm #sysctr

Yes, this put a smile on my face.  I will never again be recognized by the Microsoft MVP Program and I am okay with that… but once in a while, getting recognized for my writing feels good.  Thanks Vanessa!

Juiced Again!

/ Mitch Garvis / 1 Comment

About 2.5 years ago, I wrote an article called I’m Juiced… Because my Surface Pro 3 Got Juiced!  It was a play on words because I had won an adapter for my Surface Pro from Juiced Systems that was a 4-in-1 adapter custom-fitted to the Surface Pro 3, with two USB 3.0 ports, an SD Card reader, and a Micro-SD Card reader. I loved it, and was disappointed that when I upgraded to my Surface Pro 4 it did not fit (see article).

Fast-forward a couple of years, I started working at Cistel Technologies in Ottawa with one of the hosts of the show on which I won the adapter (The Universal Windows Podcast, previously known as SurfaceSmiths).  Colin and I were taking one day, and I lamented that it was too bad that I could no longer use the 4-in-1.  He told me that the company had started making them for the Surface Pro 4… and more than that, there were now several versions of it.  I got on that right away, because I seem to go overboard on these things… especially when the devices are so useful!

Surface Pro 4 4 in 1 Adapter

According to the company website, this adapter is “…a beautifully constructed adapter designed specifically for your Surface Pro 4. The adapter will not block or impair any ports or charging inputs. Extend your Surface Pro 4 capabilities with a low profile, travel ready, USB 3.0 hub.”  It has two USB 3.0 ports, one Micro SD input, and one Micro USB input to provide power to the adapter.  It measures 63×32.5×9.8mm, making it small enough to travel in whatever sleeve you carry your Surface Pro in, and yes… it also works with the Surface Pro 3.

Juiced 4in1This device works for me in a pinch, when I just need an extra USB slot, or I need to read from (or write to) a Micro SD card.  The Micro USB input allows me to boost the power to the adapter, so I can quickly and confidently charge two smart phones simultaneously.  It actually provides enough power to run a USB 2.0 docking station… but that dock would make the adapter redundant.

As you can see, just like with the previous iteration, it is angled properly to meld perfectly to the device.  Definitely a worthwhile investment.

Surface Pro 4 Multifunction Adapter

Juiced MFAIf you work in wired environments where you need an RJ-45 connection, this is the perfect adapter for you.

The Juiced Systems Microsoft Surface Pro 4 Multifunction adapter gives you two USB 3.0 ports, as well as an Ethernet input so you can connect to a wired network.  I do not spend a lot of time on wired networks, but there are a few places where I need to connect, and WiFi is not an option.  This device stays in my sleeve for that very reason.

Universal USB 3.0 Media Adapter

Juiced MediaThe USB 3.0 Media adapter is not contoured to specifically fit to the Surface Pro, rather it will work with any device with a USB port.  Its body is aluminum, unlike most such adapters which are usually cheap plastic.  You can feel this device is stronger and more durable than most.  According to the product page: “The adapter is designed for on the go productivity for all of your laptops media needs.”  I don’t know about that, but with two USB 3.0 ports, an SD Memory Card reader, a Micro SD Memory Card reader, and a Micro USB input to add power, it certainly does extend the functionality of my Surface.  This one includes a Micro USB cable to plug in so you can boost the ports.  While this device is not designed specifically for the Surface Pro 4 like the other ones, I definitely look to this one as my go-to adapter.  If I have to choose between the three that I am reviewing, this is the one I go to.  No, it does not have the Ethernet port… but I usually don’t need it, and the multiple USB ports plus the full-size and Micro-SD card readers make my life as a photographer much simpler.

Juiced Media 2

All three of these adapters – along with dozens more – are available online from Juiced Systems, and are definitely worth the investment.  In this day and age where our devices – and especially our tablets – are offering fewer and fewer ports, and we have more and more devices, then having the ability to add the ports we need this easily can make our lives easier.

All three devices retail for $29.99, and ship pretty quickly.  I strongly recommend you try them out.  You will not be disappointed!