The following is just one page from the resource kit. This help file should be a part of your IT Pro toolset because it will be an invaluable resource as you explore the product, test deployment tools and processes, and manage the desktops later.
This particular sample is the “What’s new for IT professionals in Office 2010” section close to the beginning of the file.
Where do you get this resource? Go get it @ http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e6dcc787-4653-49da-aeef-564a64dd4ac5. Like most of the .CHM’s you download, don’t forget to right mouse click the file and go to the properties in order to verify you approve it’s use even thought it was downloaded from the internet.
Here’s the sample section from the file. Enjoy.
Microsoft Office 2010 provides new features and improvements that help IT administrators configure, validate, deploy, and protect their Office installations. This article describes some of the changes in these areas.
In this article:
- Licensing and volume activation
- Office 2010 64-bit editions
- Security changes
- Office Customization Tool changes
- Application virtualization
- Additional resources
Licensing and volume activation
<?XML:NAMESPACE PREFIX = [default] http://ddue.schemas.microsoft.com/authoring/2003/5 NS = "http://ddue.schemas.microsoft.com/authoring/2003/5" />
Microsoft includes product activation technologies in the following products sold through the Volume Licensing channel: Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2, and now Office 2010. Product activation is verification with the manufacturer to confirm that software is genuine and that its product key is not compromised. Activation establishes a relationship between the software’s product key and a particular installation of that software on a device.
Activation types include retail, volume, and OEM, and most require interactive steps by the user or IT professional, such as entering a product key from the packaging, or contacting a networked server or telephone service center. Activation technologies and tools vary according to the different channels for the software — retail, volume, and OEM.
The Microsoft policy requires the activation of all editions of Office 2010. This includes those obtained through a Volume Licensing program. This requirement applies to Office 2010 running on both physical computers and virtual machines.
You can use the following methods to activate Office 2010 with Office Activation Technologies:
- Key Management Service (KMS). KMS uses a KMS host key to activate a KMS host computer and establish a local activation service in your environment. Office 2010 connects to the local KMS host for activation.
- Multiple Activation Key (MAK). With a MAK, clients activate Office 2010 online with the Microsoft hosted activation servers or by telephone
- A combination of KMS and MAK.
For more information about Office Activation Technologies, see Volume activation overview for Office 2010 and Volume activation quick start guide for Office 2010.
Office 2010 64-bit editions
Processors that are 64-bit are quickly becoming the standard for systems ranging from servers to desktop computers. The 64-bit systems can use more virtual and physical memory than 32-bit processors. This lets users work with much larger data sets than they could previously, to analyze and solve large computational problems. Office 2010 introduces native 64-bit versions of Office products to take advantage of the additional capacity provided by 64-bit processors. This additional capacity is only needed by Office users who require Microsoft Excel spreadsheets that are larger than 2 GB, for example. The 32-bit version of Office 2010 provides the same functionality and is also compatible with 32-bit add-ins. This is why Office 2010 will install the 32-bit version by default.
For information about the supported operating systems, supported scenarios, setup process, and deployment considerations for 64-bit Office 2010, see 64-bit editions of Office 2010.
Fortunately, several new security controls in Office 2010 make it easier for IT professionals to build a robust defense against threats without diminishing information worker productivity. Five of the new controls provide countermeasures for hardening and reducing the attack surface and mitigating exploits. These include the following:
- Data Execution Prevention (DEP) support for Office applications A hardware and software technology that helps harden the attack surface by preventing the execution of viruses and worms that exploit buffer overflow vulnerabilities.
- Office file validation An Office software component that helps reduce the attack surface by scanning files for file format (file fuzzing) exploits before the files are opened by an application.
- Expanded file block settings A suite of Group Policy settings that helps reduce the attack surface by providing more specific control over the kinds of files an application can access.
- Office ActiveX kill bit An Office feature that administrators can use to prevent specific ActiveX controls from running within Office applications.
- Protected view A sandbox environment that helps mitigate attacks by enabling users to preview untrusted or potentially harmful files in a secure viewer.
In addition to these new controls, Office 2010 provides several security enhancements that further harden the attack surface by helping to ensure the integrity and confidentiality of data. This includes the following:
- Cryptographic agility for Microsoft Excel 2010, Microsoft PowerPoint 2010, and Microsoft Word 2010.
- Trusted time stamping support for digital signatures.
- Domain-based password complexity checking and enforcement.
- Encryption strengthening enhancements.
- Improvements to the password to modify feature.
- Integrity checking of encrypted files.
Office 2010 also provides several security improvements that have a direct effect on information worker productivity. Improvements in the message bar user interface, a trust model that remembers users’ trust decisions, Trust Center user interface settings, and single identity management are some examples of new features that help make security decisions and actions less intrusive to information workers. In addition, many of the new and enhanced security controls can be managed through Group Policy settings. This makes it easier for you to enforce and maintain your organization’s security architecture.
Office Customization Tool changes
The Office Customization Tool (OCT) is the main customization tool that administrators use to customize an installation of Microsoft Office 2010 (and the 2007 Microsoft Office system). The OCT is part of the Setup program and is the recommended tool for most customizations, and is available only with volume licensed versions of Office 2010, such as Microsoft Office Professional Plus 2010. To determine whether an Office 2010 installation is a volume licensed version, check the Office 2010 installation disk to see whether it contains a folder named Admin. If the Admin folder exists, the disk is a volume license edition; otherwise, the disk is a retail edition.
You run the OCT by typing setup.exe /admin at the command line from the root of the network installation point that contains the Office 2010 source files; for example, \\server\share\Office14\setup.exe /admin.
For more information about the OCT, see Office Customization Tool in Office 2010.
The Office 2010 release provides the following new features:
- Two architecture-specific versions of the OCT, one for 32-bit Office 2010 and one for 64-bit Office 2010. The 64-bit version of the OCT supports 64-bit client editions of Office 2010, and provides the same user interface, capabilities, and OPA settings as the 32-bit version. The OCT files are located in the Admin folder under the x86 (32-bit) and x64 (64-bit) folders, respectively.
For information about 64-bit Office 2010, see 64-bit editions of Office 2010.
- Import feature that lets administrators import 32-bit OCT customization (.msp) updates into the 64-bit version of the OCT and 64-bit .msp updates into the 32-bit version of the OCT. This allows administrators of mixed environments (32-bit and 64-bit) to do the Setup customizations one time. For more information, see Import an Office 2010 Setup customization file.
- Support for adding multiple Microsoft Outlook e-mail accounts.
Microsoft Application Virtualization (App-V) is another method to deploy Office 2010. Virtualization transforms applications into virtualized, network-available services that are not installed on the users’ computer. Instead, applications can be automatically delivered to the users’ computer as users need them.
By using App-V and Office 2010 together, you can quickly deliver the latest version of Office without having to worry about application conflicts or delays in productivity for users. Deploying Office 2010 with App-V 4.6 (currently in Beta) includes new support for integration with SharePoint Products and Technologies, Outlook Search, and Microsoft OneNote 2010. App-V 4.6 is scheduled for release in 2010.
App-V significantly reduces regression and application interoperability testing. App-V also minimizes the effect on users during application upgrades, patching, and terminations of user rights to applications because restarts and uninstallations are no longer required.
For more information about Application Virtualization, see Planning and Deployment Guide for the Application Virtualization System (http://go.microsoft.com/fwlink/?LinkId=156611).