Author: Adam Fowler

Four Generations of the Lenovo ThinkPad X1 Yoga

Posted on September 3, 2019July 14, 2021 by Adam Fowler

Lenovo’s X1 Yoga is my favorite business laptop. Ever since the X1 Yoga Gen 1 came out, I liked it over the other X1 options as it was an all-rounder, while doing everything really well.

That first generation came out in 2016, and each year there’s been a new one, the 2nd Gen, 3rd Gen and now in 2019, we’re at the 4th Gen.

It’s about time I did a round up and comparison of these four models.

Lenovo ThinkPad X1 Yoga Gen 1

The Gen 1 came out in 2016 as the X1 Carbon became lighter, thinner and lost it’s touchscreen. There was mixed reaction to this decision from Lenovo, and although the Yoga had existed in several forms previously, this was the first in the ThinkPad X1 series.

Notable on this model is the OneLink+ connector – a shortlived port for a OneLink+ dock that only survived a single generation, to be replaced by USB-C/Thunderbolt. It has the standard rectangle style power plug hole, again this would not be seen on future X1 Yogas.

This is the only model to not have a dedicated Ethernet port, instead a special OneLink+ Ethernet dongle, USB2 100mbit dongle or USB3 gigabit dongle was required.

Lenovo ThinkPad X1 Yoga Gen 2

2017 saw this release with the 7th Gen Intel CPU and the OneLink+ port abandoned, replaced by USB-C. This was great, since it was now an industry standard and meant there was a lot of flexibility with what power pack and dock you could use.

This is the first model to have an OLED display option, and strangely this Gen 2 is slightly thicker and heavier than the Gen 1. There wasn’t that many improvements in this model, but overall it’s pretty well rounded solution.

Battery life on this was claimed to be a lot better than the Gen 1.

Lenovo ThinkPad X1 Yoga Gen 3

It was the third model’s turn in 2018 which saw few changes again. Another generation jump on the Intel CPU, which this time doubled the core count from the 7th to 8th mobile CPU generation.

Other smaller changes included the introduction of a shutter over the camera, a HDR display option with Dolby Vision, and the black colouring a bit different – the chassis is glossier, and anything silver has gone black including the hinges and ThinkPad logo (it still looks silver in this photo sorry!)

Lenovo ThinkPad X1 Yoga Gen 4

And finally, here we are in 2019 with the Gen 4 being released… and it’s a major jump. The biggest jump we’ve seen year to year so far. An all metal chassis, the laptop footprint has been drastically reduced (17% smaller footprint, 11% thinner), the colour is now ‘iron grey’ which I’m personally a fan of, and the screen to bezel distance is much smaller.

There’s also a new connector for a different ethernet dongle, and support for a new style of dock that connects on the left hand side to the combo USB-C/ethernet slot. Of course it’s jumped a CPU generation again, up to Intel’s 8th.

The MicroSD slot has been dropped, probably as part of making the laptop smaller. If you really need that, then look at any of the previous generations.

One other interesting feature is a new privacy screen option called PrivacyGuard that can be toggled on and off, and stops people seeing the screen on an angle. The retractable key feature has gone again – there’s no rubber feet to protect the keys, but they might be minutely sunk in, I couldn’t tell with the naked eye.

The final note on this model is that it has a very similar CPU to the Gen 3, still an 8th Generation Intel CPU but a newer variant – Whiskey Lake rather than Kaby Lake.

Let’s have a look at the 4 generations stacked together, going bottom to top Gen 1, Gen 2, Gen 3 and Gen 4:

You can see that footprint difference in the photos above. The 4th Gen looks completely different to the rest.

Each of my individual reviews lists out the possible specs for each model if you want to dive a bit further into the technical differences;

Lenovo Thinkpad X1 Yoga Gen 1
Lenovo Thinkpad X1 Yoga Gen 2
Lenovo Thinkpad X1 Yoga Gen 3
Lenovo Thinkpad X1 Yoga Gen 4

The X1 Yoga will never be as small and light as the X1 Carbon, and never be as portable as the X1 Tablet, nor the powerhouse of the X1 Extreme – but it is all of these devices at once in it’s own way. It’s still my pick of the X1 series for it’s flexibility, but the other choices could also be better for your personal needs if you know how you’re going to use it.

Lenovo ThinkPad Yoga X1 Gen4 Review

Posted on August 28, 2019September 5, 2019 by Adam Fowler

Lenovo’s newest ThinkPad X1 Yoga is out, and as soon as I took it out the box there were some vast differences compared to all the other X1 Yogas. I’ve spent some time using one for a few weeks now, so let’s check it out.

Where to start with the differences… it has a smaller footprint, it’s all metal, it’s a different colour (iron gray) and it just doesn’t look like the older X1 Yogas.

I’ve written up a quick comparison of the ‘Four Generations of ThinkPad X1 Yoga’ seperately, so I’ll try to focus on this more as a standalone review.

Here’s an overview of the tech specs with the options I have bolded:

Processor	8th Gen Intel® Core™ i5/i7 Processor: Intel Core i5-8265U (4C / 8T, 1.6 / 3.9GHz, 6MB) Intel Core i5-8365U (4C / 8T, 1.6 / 4.1GHz, 6MB) Intel Core i7-8565U (4C / 8T, 1.8 / 4.6GHz, 8MB) Intel Core i7-8665U (4C / 8T, 1.9 / 4.8GHz, 8MB)
Operating System	Windows 10 Home 64 Windows 10 Pro 64
Display	14″ 4K UHD (3840 x 2160) IPS with Dolby Vision^™ HDR400, 470 nits, glossy, multi-touch 14″ WQHD (2560 x 1440) IPS, 280 nits, glossy, multi-touch 14″ FHD (1920 x 1080) IPS, low power, 380 nits, glossy, multi-touch 14″ FHD (1920 x 1080) IPS PrivacyGuard, 380 nits, glossy, multi-touch
Multi-touch	Capacitive-type multi-touch, AR (anti-reflection), AS (anti-smudge), supports 10-finger gesture
Pen	ThinkPad Pen Pro, on-board rechargeable
Graphics	Intel UHD Graphics
Memory	8GB or 16GB / 2133MHz LPDDR3, soldered
Webcam	720p HD Camera with microphone IR & 720p HD Camera with microphone
Storage	Up to 1TB PCIe SSD (256GB here)
Dimensions (W x D x H)	323 x 218 x 15.5 (mm)
Weight	Starting at 1.36 kg
Case colour	Iron Grey
Case material	Display cover: Aluminium Bottom: Magnesium
Battery	4-cell (51 Wh), integrated
Battery life¹	Up to 18.1 hours
AC adaptor	65W USB Type-C (supports RapidCharge)
Keyboard	Backlit keyboard with white LED
UltraNav™	TrackPoint® pointing device and buttonless Glass surface touchpad
Audio support	Stereo speakers 2 x 2W, 2 x 0.8W Dolby® Atmos™ speaker system Quad array far-field microphones
Connectivity	WLAN: Intel Wireless-AC 9560, Wi-Fi 2×2 802.11ac + Bluetooth® 5.0W WAN: Optional integrated Mobile Broadband 4G LTE-A (Fibocom L850-GL) Ethernet: via optional ThinkPad Ethernet Extension Adaptor Gen 2
Security	Match-on-Chip Touch Fingerprint Readerd TPM 2.0 chip ThinkShutter camera cover Security-lock slot
Ports	2 x USB 3.1 Gen 1 (1 x Always On) 2 x USB 3.1 Type-C Gen 2 / Thunderbolt™ 3 1 x HDMI 1.4b 1 x Ethernet extension connector 1 x nano-SIM card slot (WWAN model) 1 x headphone/mic jack 1 x side docking connector
Supported docking	ThinkPad Thunderbolt™ 3 Dock ThinkPad Basic/Pro/Ultra Docking Station CS18 ThinkPad USB 3.0 Pro/Ultra Dock

Processor – It’s nice to have the 8th Gen CPU with it’s 4 cores / 8 threads on the entry level option, but this is the first time we’ve not seen a generational jump from the previous year’s X1 Yoga. The 8th Gen for laptops was a good change though, as it doubled the core count. I’m not sure why Lenovo didn’t go for the newer 9th gen CPU; maybe it wasn’t ready in time, and since the 8th to 9th jump isn’t much of a difference they went ahead with the 8th gen again – albeit Whiskey Lake rather than Kaby Lake.
Update: Lenovo have now announced that they’ll be releasing a 10th gen CPU option in September 2019, with everything else being identical.

Display – Although I have the lowest end 1080p screen as usual, it’s a really crisp screen to look at. The viewing angles are impressive, at no stage does the screen become less readable and the bezel itself is small – a lot smaller than previous models. There’s also the PrivacyGuard option which might not be available at the time of writing, but it looks like a nice choice for users who work in public areas. That full 4K option with HDR/Dolby Vision would also look great I’m sure!

Dimensions – Weight wise it’s about the same as previous models, not too heavy – but the footprint it takes up is 17% less than previous models. Those now feel much chunkier that I’ve been using this new one, and it’s not too small. It’s also a bit thinner than previous models too, by 11%.

Audio Support – The speakers have been moved since previous models, and the sound now comes out the top of the keyboard so the sound appears to come straight at you, with the subwoofer on the bottom of the unit.

Ethernet – This is an interesting change – there’s a new Ethernet dongle connector which appears to be due to the new dock support.

Personally I’d rather just have a USB3 dongle or an actual Ethernet port, but I also want a thin laptop, and I still *could* use a USB3 dongle – which has the overhead of using the USB BUS instead of getting directly to Ethernet on the laptop.

Let’s see more of this laptop:

Here’s a photo of the screen (which doesn’t do it justice quality wise), but you can see how much smaller the bezel is on this.

On the left side of the laptop going from left to right we have USB-C, USB-C + Ethernet in a single port but can still be used separately, USB 3, full sized HDMI and a 3.5mm audio jack.

Lenovo ThinkPad X1 Yoga Gen 4 Right Side

The right side has the stylus, which is a bit more hidden than previous models (and sometimes I try to press that to power on the unit), power, USB 3, vent, and Kensington lock.

Lenovo ThinkPad X1 Yoga Gen 4 Right Keyboard

The keyboard is nicely laid out without any keys in strange places, backlit also and the keys are easy to type on. The Trackpad too works well – nothing to complain about here at all.

Conclusion

I can honestly say this is the best X1 Yoga yet. There’s no negatives at all to me, beyond price since it’s the newest. If you care about Ethernet you’ll have to use the new adapter, but that comes with it anyway and it’s unlikely you’ve invested in a bunch of those from older models.

The one removal that some people might not like is the inbuild SD Card reader – it was in previous generations – so if that’s a must have for you. you’re out of luck. Look at a different laptop or get used to using a USB SD Card reader.

It’s fast, the screen is great, it feels even higher quality than previous models due to being completely aluminium and magnesium, and it still even has a stylus tucked away. The speakers are improved, so it’s even a better movie watching experience on this business laptop.

RAM is soldered on as usual, the only thing you could upgrade would be the SSD and it’s not a laptop designed to be opened up – so make sure you get specs that’ll keep you happy for a few years.

I hope this review helps you decide what you’re looking for, feel free to post and questions below.

Also, if you want a video review, check out Lisa’s review on MobileTechReview:

How To Set Up Enterprise Mode for Microsoft Edge

Posted on August 15, 2019February 8, 2023 by Adam Fowler

AKA How to force certain websites when opened in Edge, to instead open in Internet Explorer.

Update 15th June 2022:
Note that there’s another way to now do this, using Enterprise Site List Manager which is an in-browser version of the standalone Enterprise Mode Site List Manager tool. Check it out using edge://compat/SiteListManager and here’s the official documentation:
https://docs.microsoft.com/en-us/deployedge/edge-ie-mode-site-list-manager
To access this via the Microsoft 365 admin center: Settings – Microsoft 365 admin center

Update 17th January 2020:
The New Edge is out, and there’s 1 extra Group Policy to do: Enable ‘Configure Internet Explorer integration’ and set it to ‘Internet Explorer Mode’ to open inside Edge as IE, or ‘Internet Explorer 11’ to open sites seperately in IE11 . The rest of this article still applies and is needed to make this work. Official documentation on docs.microsoft.com

Original Post:

Microsoft Edge is undergoing a big change with the underlying platform being migrated to Chromium – things will change with that (along with a new Internet Explorer mode) but that doesn’t help right now.

Many companies have certain websites they need to use that either require Internet Explorer, or work best in Internet Explorer. This isn’t about what browser is ‘best’, but some solutions were designed with only Internet Explorer in use.

Getting users to use the right website in the right scenario can be a pain, and every user seems to have their own opinion on what browser they prefer to use. Microsoft Edge has a great solution for this – Enterprise Mode. There was also an Enterprise Mode in Internet Explorer that worked in a similar way too, where you could force certain sites to run as a certain version of IE for compatibility reasons.

This is quite easy to set up, but I’ve found the existing documentation rather confusing to follow and doesn’t give an end to end explanation – or documentation is rather outdated and was written when the feature first came out, with a lot of options changing since then.

Step 1 – Enterprise Mode Site List Manager

Download Enterprise Mode Site List Manager (schema v.2) and install it. This is the program you’ll use to manage the sites you want to force to use IE rather than Edge:

Enterprise Mode Site List Manager will start off blank. Click the ‘Add’ button on the bottom, type in the URL of the site you want to use (don’t worry about http or https if you want to catch both). You then tell it what to do with that URL – Open in IE, Edge, or do nothing. Since we’re opening everything in Edge except what we want in this list, open in IE11 is the option we want, and leave it at the default IE8 Enterprise Mode (or change this if you need a different compatibility mode).

There’s two parts to maintaining a list – Exporting/Importing lists, and Saving as XML:

Once you have a record to test, go to File > Export. This will save your details into an .emie2 file, and put that somewhere central and safe. The idea is that you’ll need to import that file list to make a change, then export again. If you don’t do this, you won’t have a way for others to get the list of sites and make changes by importing that file at a later date. It has in-built version control (this is important, more later), in the screenshot above you can see it’s version 5.

Then, you can save your URL to an XML file. This is what Edge will read when it launches. Either save this file centrally where everyone can read it (no write access required, just read), or copy it to everyone’s computer locally via GPO. Personally I’ve just put it in a central location.

Step 2 – Configure Group Policy or Intune

I’m using Group Policy, but the Microsoft Docume n tation mentions Intune is supported too – we’re only changing registry settings, so that makes sense.

Turning on Enterprise Mode can be done at either the Computer or User level, and is under > Policies > Administrative Templates > Windows Components > Microsoft Edge > Configure the Enterprise Mode Site List.

Enable this setting, and in the options enter the path of where your XML is – e.g. \\server\sharename\edge.xml – or C:\Data\edgesettings.xml. Although the Group Policy says URL, it’ll accept UNC paths or drives.

If you’ve used a Computer Configuration setting, gpupdate then reboot (or reboot twice). To tell if the setting has applied, check the value of the registry setting:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main\EnterpriseMode 

or 

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main\EnterpriseMode

SiteList = The path you entered in the Group Policy setting.

If you’re see that, great! Group Policy is working. One caveat if you have System Center Configuration Manager (ConfigMgr) – it can potentially use this setting also as per this technet thread which is exactly what I had. I was testing a user policy, but this was configured at both the user and computer levels so my user setting was being ignored. I’m not sure if this is still used, but worth being aware of.

Version control is also recorded in the registry. It lives under:

HKEY_CURRENT_USER\Software\Microsoft\MicrosoftEdge\Main\EnterpriseMode

CurrentVersion = 5

regardless of the SiteList being under Computer or User. There’s a few catches with this – first, it’ll only show up after Edge is launched, and you wait ~65 seconds. It’ll show the same version as what’s contained in the XML, which was the version we saw in Enterprise Mode Site List Manager.

If you have the ConfigMgr setting, or have ever had Enterprise Mode for Edge enabled in your environment, then the version might already exist and be higher than what you’ve tried to deploy. On my PC, I saw version 28000 something – that’s a lot of versions.

You’ll need to either delete that value for everyone to start back at 0, then after Edge is launched per user, it’ll update to whatever your XML file contains, or update the version in Enterprise Mode Site List Manager to a higher number than whatever’s out there in your environment.

To change the version in Enterprise Mode Site List Manager, on the computer with it installed navigate to

C:\Users\your username\AppData\Roaming\EMIESiteListManager\ – in that path should be a file called SiteList.xml.

That file should have the first line as <site-list version=”5″> or whatever the current version is, and you can just change that ‘5’ to whatever number you want. Open Enterprise Mode Site List Manager and you’ll see that updated version number, which will then get written +1 to the XML file next time you save it out.

That’s really it – it’s simple, but there are a few catches I ran into when testing. Once this is in place, if a user goes to a site that you’ve listed in the XML, a new window opens in IE and goes to that site instead. It’ll also support subsites, so you don’t need to sent traffic for an entire domain like adamfowlerit.com there, it could be adamfowlerit.com/news and only hits to that subdomain will be triggered.

There’s a few other Group Policy settings around this such as forcing all intranet sites to go to IE, you’ll need to work out what’s best for your environment.

Blocking Legacy Authentication – Conditional Access vs Authentication Policies

Posted on August 13, 2019October 20, 2020 by Adam Fowler

I’ve already written a post on why Legacy Authentication (Basic) is bad, and Modern Authentication is good. At the time of writing, Authentication Policies were the way to go to block Legacy Authentication methods. Of course, things change and there’s now a better* option to look at – Conditional Access.

I’ve also covered Conditional Access before, and it’s really hard to fault the solution. There are now Baseline policies deployed by default (still in preview though) to Azure AD tenants with recommended best practices:

One of these is for blocking legacy authentication – but I’m not going to recommend you turn this on (at least for starters, it’s good at the end when you know you have full modern authentication support), as it’s a tenant wide setting that has no exceptions if you need to allow legacy authentication for an account (unlike Require MFA for admins, which does allow exceptions).

Instead, you can create your own policy that does the same. This means you can gradually roll it out, and put exceptions in place until you either work around them, or live with them. If you have a requirement for an account that requires legacy auth, then you need to consider how else you’ll protect that account – can you use other Conditional Access policies to restrict it to a certain region/locations, certain apps, platforms etc – lock it down as much as you can, and make sure the account has a long unique password.

The single important setting to block legacy auth via a Conditional Access Policy is blocking access to ‘Other clients’ via Client apps:

Microsoft have a full guide on how to set this up on docs.microsoft.com.

So, why is this better than using Authentication Policies? Two main reasons:

If an account has their access or signin blocked due to an Authentication Policy, it’s not logged. You can look at the user in Azure AD and check the sign-ins, but you won’t see anything. However, if it blocked via Conditional Access, you’ll have a nice log entry showing you it was blocked:

Side note: Although in this example I was logging in from Australia, I was trying to connect to Exchange Online via PowerShell. That seems to often be detected as being in the US, so be careful with region blocking.

The other reason is that Authentication Policies can take up to 4 (!) hours to apply, although it’s often more like an hour. That is a long time to wait, and you just have to keep waiting and trying until it works – except if you did it wrong, you won’t know and you’ll keep waiting. Or, if you need to unblock access while rolling out, it’s a long time to roll back.

Authentication Policies do have their place though, they give more granular control over what you want to block or not – say you know you want to block POP3 access company wide, but not IMAP – that’s possible in there, but not via Conditional Access.

Unless you have a good reason to use Authentication Policies, just use Conditional Access (and assuming you have Azure AD Premium P1 or P2 licensing to actually let you use Conditional Access, and if you are using Azure AD you should be on that licensing anyway). It’ll make your life easier!

Oculus Quest Review – Standalone VR Unit

Posted on July 25, 2019July 26, 2019 by Adam Fowler

It’s been two and a half years since I tried the Google Daydream, which I felt was a disappointment. Since then, there had been nothing that sounded like it was much better. Everything was either wired into a PC, or just an incredibly entry level experience with very little reason to bother.

That was, until I heard about the Oculus Quest. A standalone device, but with ‘proper’ controls like the PC connected Oculus Rift, HTC Vive, or any of the various Microsoft Mixed Reality headsets. I started to read up on it, and the more I read – the more it sounded like a winner. It had only just launched in the US, and people were raving about it online.

After a lot of consideration, I decided to order the 64gb Oculus Quest unit for $649AU (there’s a 128GB version for $799 which has no difference beyond the amount of storage doubled). That price point was probably the top I was willing to pay – $700+ just felt too expensive. There was also nowhere in Australia I could go to buy this device or check it out – Oculus has an online store, or via Amazon AU – I had to make the call to buy it unseen and untested.

I am really glad that I did. There’s not much to this – a headset, two controllers, 2 AA batteries and a very long USB-C cable for charging the headset.

This is the first ‘proper’ VR device that really is consumer friendly to the masses. You take the headset and controllers out, put the batteries in, turn on the headset and you’re ready to start setting it up.

The quick tutorials shown are easy to understand – you’ll need to use your phone to set up the Oculus Quest once (like pointing it to a wifi network) but after that, you never have to use your phone again.

Like older VR units, you’ll need to set up your ‘boundary’ – that is, the area you map out in your physical space where you’ll use VR without hitting anything. Older headsets needed you to walk a controller around the room, but the Quest (and I believe the new Oculus Rift S) improves on this greatly.

First, you’re able to see the outside world with the headset on, when it’s in passthrough mode. It will show a black and white live footage of what you’re looking at/ In this passthrough mode, you can draw on the ground where your play area is, which then creates a grid wall. The wall only shows up when you get too close to it, and the closer you are, the thicker the grids are.

You can also just set a boundary for sitting experiences, which just creates a circle around you.

Passthrough also kicks in if you go outside the boundary you’ve set up which I think is a great safety feature (or if you just want to go get a drink and can’t be bothered taking the headset off, either way).

Setting up your Oculus Quest

Once set up, there’s the ‘First Steps’ tutorial for using your device. It teaches you how to use the controls, while giving you a sandbox to play around and experiment with what’s possible. This is the app to show anyone who hasn’t used VR properly before – it’s immersive, easy, and actually fun.

The graphics on the Oculus Quest are not going to match what’s possible from a PC, but they are good enough to be immersed and not think the visuals are lacking. If you came from PC VR you’d notice the downgrade in quality of course, but that’s the cost of portability.

Check out this comparison of Robo Recall as an example. It’s quite a fun game and I was more than happy with the graphics:

Most games also support streaming via Chromecast to a TV, so others can see what the headset wearer is doing – I can see this as a great small party device where people take turns, especially with a game like Beat Saber:

The controller quality in my opinion, is great. I’ve seen some online discussion around the magnet-secured battery clips falling off, but I’ve experienced no issues at all. They’re the same controllers that come with the PC powered Oculus Rift S, and have touch-sensitive controllers to know when you’re pressing certain buttons or not – allowing your virtual hand to move around a bit.

The tracking is also great – the 4 cameras on the device are enough to work out where your controllers are and what they’re doing, with a very high level of accuracy and low latency. I don’t notice any lag at all when moving my hands around in a virtual world – it’s as good as instant, while being incredibly smooth.

The biggest negative is the cost. The headset isn’t crazy expensive, but the games are. They’re generally between $20AU and $50AU per game, which is going to make you think long and hard about what you buy. It might not sound that bad, but a lot of the games don’t have huge replayability – you’ll finish once after 1-2 hours then move on. Beat Saber for example is $46.99, but at least that’s the sort of game you’ll want to play again and again while improving. There are some free games, and the store is highly curated so there’s no rubbish apps, but it’s worth being aware of.

Being the tinkerer that I am, I wanted to see what else was possible for free on the Oculus Quest, and wrote up a separate post around some utilities I’ve been using – check it out if you want to sideload apps (including custom Beat Saber songs), stream PC games to the Oculus Quest via Wifi and making Steam think it’s a supported plugged in device, or mirror everything you do on the Quest to a computer, rather than just certain in-game support.

With all of the above in mind, I still strongly recommend the Oculus Quest, as long as you don’t have a PC powered VR unit already. It’s a great all-round experience, with good-enough graphics and a lot of fun to be had. It’s the sort of thing I want to go back and play again and again because it is so different to other gaming experiences. Playing in a virtual world where you need to actually look around and react will both give you a bit of a workout, and make you forget where you are in the real world.

Share this:

Share this:

Share this:

Share this:

Share this: