Archive for category Windows Server 2008R2

Windows UI Wierdness

The User Interface (UI) in Windows is more friendly than ever now that Windows 7 has been released. Furthermore, it syncs and matches that of the Windows 2008 R2 interface, so if you know your way around one, you can easily navigate between the two. I’ve been doing loads of work with both lately on laptops, and I came across a strange thing and thought hmph and was wondering what you thought…

Try this for yourself and then ask, “Why is that in the UI”?

Click on start and type “power set”.  It should come up with change battery settings:

power-settings

When that window comes up, simply click on “Change plan settings”. My example screen shows my machine on the balanced setting, yours may vary:

change plan settings

That will bring up the basic options/settings for the specified power plan. On that screen, click “Change advanced power settings”:

change advanced settings

Now you’ve got the advanced settings open, expand the battery section and then expand “low battery level” for example (you could also choose critical battery level):

low battery level

OK, so is it me, or why is there a plugged in percentage in the UI? If I hover over it the tool tip reads:

Percentage of battery capacity remaining that indicates the low battery action

which is all fine, but can you tell me, if I’m connected to a power supply (a.k.a. plugged in), how can my battery be diminishing it’s power and how will I ever see it “drop” below a certain percentage?

UI flaw?

Tags: , ,

Microsoft Virtualisation Just Got Even Better

We’re all eagerly anticipating Service Pack 1 as everyone does for things, but today the world got shook up with a pre-SP1 announcement that had loads of other “goodies” in it.  There was a webcast (Virtualisation Hour) that announced some cool things…Let’s look at them more in detail:

            • Windows XP Mode no longer requires hardware virtualization technology
            • Microsoft Dynamic Memory will allow customers to adjust memory of a guest virtual machine on demand to maximize server hardware use
            • Microsoft RemoteFX will enable users of virtual desktops and applications to receive a rich 3-D, multimedia experience while accessing information remotely.
            • New roaming use rights improve flexibility
            • Big partnerships with Citrix – http://www.citrixandmicrosoft.com/

So, what’s that really mean?  Microsoft is committed to improving virtualisation for you me and the rest of the world.  They’re also listening to the consumers as above is what people have been asking for.

Looks like the optimised desktop isn’t so far off or so difficult to manage is it?  (More on the optimised desktop in a later blog)

Source: Microsoft Press Pass

Tags: , , , ,

Using BitLocker To Go (and what to look out for)

As the world becomes overrun by USB keys and more and more people leave their data behind in black cabs, we need ways to protect this data.  Windows Vista introduced BitLocker drive encryption and with Windows 7, we’ve got BitLocker to Go, the ability to take drive encryption and encrypt our portable/USB devices.  Here’s how it works – and a few things to look out for along the way (if you’re comfortable as to how to encrypt devices with BitLocker to go, you can continue to the “what to look out for” area further down in the document)

  1. Insert your USB key and let it be recognised by Windows.
  2. Open explorer (either by going Start –> Computer or by pressing the windows key and E)
  3. Right click on the drive you’d like to encrypt and choose Turn on BitLocker…
    turn on bitlocker to go
  4. Choose how you’d like the drive encrypted:
    bitlocker to go encryption options
  5. Save the recovery key somewhere other than the USB drive 😉
    bitlocker to go recovery key
  6. Begin the encryption process
    begin encryption process
  7. Sit back and wait patiently as it encrypts the drive
    bitlocker to go encrption process
  8. When it’s all encrypted, you’ll now see a logo that shows it’s encrypted:
    bitlocker to go encrypted drive

Now, here are things to take in to account:

Q. Can I use BitLocker To Go to encrypt USB keys on all versions of Windows 7?

A. No, the full functionality of BitLocker To Go is only part of the Enterprise and Ultimate SKU’s.  You can read BitLocker To Go encrypted drives on Windows 7 Home Basic, Home Premium and Professional, but you cannot write to them.

 

Q. Once I’ve set up BitLocker To Go on a device, can I disable it?

A. Yes you can.  Click on Start and type “BitLocker Drive Encryption”.  Inside this control panel applet you can remove drive encryption.

 

Q. Can BitLocker To Go enabled devices be read on Windows XP and Vista (automatically)?

A. They can, but ONLY if the drive is formatted as FAT.  If it isn’t formatted FAT, the utility that allows the removable storage to be read will not be seen.

 

Q. Can I write to my BitLocker to Go enabled device on Windows XP and Vista?

A. No, you’re device, provided you can gain access to it, is Read-Only on XP and Vista.

 

Q. Can I download a utility in lieu of using the BitLocker to Go partition (again, provided my data is FAT)?

A. Yes, there is a utility you can download which will enable the partition to be read – again – providing it is formatted FAT:

http://www.microsoft.com/downloads/details.aspx?FamilyID=64851943-78c9-4cd4-8e8d-f551f06f6b3d&displaylang=en

 

Q. Windows 7 and Server 2008 R2 use the same codebase so can I use a BitLocker To Go encrypted device on Server 2008 R2?

A. Yes, you can, however, you MUST first install the BitLocker feature on Server 2008 R2 you’re wishing to read the BitLocker To Go encrypted device on

feature install

If you’re aware of any other “gotcha’s” with BitLocker To Go that aren’t listed above, please let me know and I’ll be happy to add them.

CREDITS:
Thanks to @xpworld for his inclusion on versions.

Tags: , , , ,

Yet another reason why Hyper-V (or SCVMM) is better than VMware

Today I got called to a client’s site who recently moved from premises A to premises B.  This meant they turned off their VMware ESX 3.0 server for the first time in a while.  When they relocated they couldn’t authenticate nor could they get to their file/print server.  A quick analysis showed a few things:

  • New building = New IP scheme (ugh)
  • Upon logging in to the ESX web portal, the two servers were still off

Noting this, no worries, in the web portal, lets start them up.  Easy and straightforward.  Now, here’s the kicker.  I wanted to remote control the servers via the console or via the VI client (to look at potentially changing IP addresses or find out what the old scheme was and change it to match/overllap the new scheme)…Wrong move.

The server first told me I had a non-supported browser.  I was using IE 8 (as it is standard with Windows 7).  Ok, no problem, as an IT Pro, I’ve also got other options…Firefox 3.5.7…nope not supported either.  Opera?  Guess what, no go.  Ok, so let’s download the VI Client and do it that way.  Downloaded no problem but when starting it, the woes began again:

only on 32 bit

Thanks VMware.  Your client only works on 32 bit architectures.  So that means most IT professionals who have more than 3 GB of memory can’t use your client?  Oh, one other thing, nice UAC prompt:

contact your admin

Program name: Contact: Your local administrator

OK, so my rant now done, why does this upset me?  Well, Hyper-V can be managed:

  • locally on 32 or 64 bit with RSAT
  • remotely with RDP
  • in just about any browser using SCVMM

Yet another reason why I think I’m going to be sticking with Hyper-V.

NOTE: Yes, I know there are ways around installing the 32 bit client on a 64 bit OS, but I didn’t want to, nor did I have the time, to pull apart the installer with an MSI builder and have it bypass the OS checks.  That’s not my job and that’s not why customers pay VMware loads of money for their software – OH, payment…that’s right Hyper-V is FREE too and it has this functionality in built :)

Tags: , , , , , ,

Is Direct Access Really That Hard To Setup (No) or are we becoming IT Complacent (Yes)?

DirectAccess

If you’ve been here before, you’ve seen various posts on Direct Access…If you haven’t been, shame on you (however for your convenience, here are the stories):

BMW and Windows 7 – Two Top Performers

Direct Access and Schools

Direct Access – Step-By-Step

Windows 7 – Direct Access & Schools

OK, now that we’ve cleared that up, what’s this post about?  Well, I came across an article the other day on Network World entitled “Microsoft DirectAccess: The ugly truth” and I wanted to take a minute and look at the article and think about IT in general and ask is Direct Access really that ugly to setup or has IT over the years made administrators and journalists lives easier by becoming too GUI and Wizard driven?

Direct Access, as we all know, requires Windows Server 2008 R2 and Windows 7.  No brainer.  We also know it requires IP v6. Another no brainer.  We all know Cisco equipment requires extensive knowledge of the CLI, however we don’t call it ugly to set up do we?  Back in the early days of NT (when Novell was king – wow that was a while ago), NDS required CLI and we didn’t call that ugly did we?  No, that is what made the difference between the IT Professional and the junior on staff.  Today however, Active Directory, Exchange, all of the tools that most IT administrators use, they’re all GUI and Wizard driven and you needn’t know the idiosyncracies and ins and outs of them.  Simply point and click, therefore we all associate ease of IT administration with the tools, whereas really we just know what we’re doing and these enablers make it that bit easier to use/implement.

With Direct Access we now find ourselves in the same situation, however we’re blaming technology for what it’s actually given us.  Direct Access isn’t that hard to set up if you know what you’re doing and it’s not ugly to set up either…No more so than VoIP and that requires just as many components as Direct Access…The key critical factor is you have to have the Direct Access knowledge – similar to setting up public folders in Exchange 2007 prior to SP1 – you had to use command lines and know what you were doing :)

I’m not knocking the article in any way, I’m just saying that maybe the spin it was written with was wrong as Direct Access isn’t really five years early, nor is it a forklift upgrade and in all actuality, the smaller networks are the ones better suited towards this as there is less to go wrong when setting it up.

If anyone is confused about it, I know a good consultant named Justin Rodino who would be more than happy to assist with any implementation :)

Happy Direct Accessing – the easy way :)

Tags: , ,

Technology in Schools…Be the big dog, don’t get chased off the porch…

ms_bett_polariod Anyone who knows technology in schools has heard of BETT.  It’s tagged as:

BETT is the world’s largest educational technology event. Use this site to find products and suppliers, and discover the latest ways to use technology for teaching and learning.

and this year, with all of the latest technology being released in October and other new stuff on it’s way in, should be no different.  Let’s have a look at some of the stuff that’s actually on offer there in London…

  • Kathryn Furness from Monkseaton will be talking about how they use OneNote to aid collaborative learning
  • Alex Pearce, who used to be ICT manager at Great Barr School, is going to show us some of things he’s found in the beta version of SharePoint 2010
  • Simon Brennand, from Philip Morant School in Essex, is going to talk about Windows 7 and share some of things he’s learnt while using it
  • Mike Herrity, from Twynham School in Dorset, is going tell stories too – about how they’ve created a Learning Gateway that’s doing everything from connecting parents to easing the KS4 Options process
  • Guy Shearer, Principal from Lodge Park Technology College, will be talking about their choice to use Live@edu for their students – to reduce the cost of their email service, as well as enhancing the collaboration options available to staff and students.

So, let’s look at that from a business perspective…Office 2010 on showcase, Windows 7 in action and schools taking it up, BPOS (live@edu) in practice….  That’s definitely a conference I wouldn’t mind visiting…More info can be found over on Microsoft’s UK School’s Learning blog:

http://blogs.msdn.com/ukschools/archive/2010/01/11/planning-your-days-at-bett-2010-the-microsoft-theatre-schedule.aspx

Tags: , , ,

BMW and Windows 7 – Two Top Performers

BMW_logo Last year BMW opted to be one of the “guinea pigs” of the new Windows Operating System – what we all now have come to know (and most love) – Windows 7.  However, when they began the pilot, they didn’t realise their users would liken to it as much as they did.  At first, there was kickback from those internal saying it was a bit childish and was more “playful” than useful however after using it more and more, they have found it “extremely friendly”, “quick”, and that it “just works”.

In their initial pilot BMW hoped to have over 500 implementations of Windows 7 in their environment by the end of this year, and they’ve well exceeded that.  So much so, they’re on target to having hopefully 5,000 deployed workstations by October 2010 and will be going full steam ahead with the remainder of the 85,000 by 2011.

Not only do the users now more thoroughly enjoy the experience but they’re finding their battery life lasts 20% longer than the previous OS and better than ever, the new technology – DirectAccess – is giving them back 5 minutes per user per day in no longer having to make VPN connections back to HQ.  That coupled with quicker network connectivity, means less burden on the IT staff and, well another reason why Windows 7 is as successful as it is.

Credit: CIO Magazine

Tags: , ,

Direct Access and Schools

DirectAccess-Overview With the release of Windows 7 and Server 2008 R2, the “better together” scenario has many songs to be singing.  One of the biggest for schools is Direct Access.  How frequently do we see Instructors being given access remotely to the school network either via VPN or via Citrix.  This is all well and good, but as instructors commonly point out, they want it idiot proof, simple and easy and whilst Citrix and VPN are good technologies, they aren’t necessarily easy nor idiot proof (especially if you have to do two-factor authentication with VPN!).

Recently Microsoft UK Schools as well as Microsoft UK Higher Education have written – ok, they stole the articles from each other 😉 – blog postings on DirectAccess and it’s benefits to the school environment…

Here’s the UK Schools article (posted 24/12/09):

http://blogs.msdn.com/ukschools/archive/2009/12/24/using-windows-7-direct-access-to-connect-teachers-to-your-school-network-securely.aspx

Here’s the Higher Ed article (posted 05/01/10):

http://blogs.msdn.com/ukhe/archive/2010/01/05/using-windows-7-directaccess-to-connect-staff-to-your-university-network-securely.aspx

The point to get across though is definitely that DirectAccess is a useful technology and should you be in a school environment, it is something definitely to look in to, especially if you have upgrade rights – as it will get you big kudos with your boss, the teachers, and going forward possibly students – being able to do work from home!

Tags: , , , , ,

“God Mode” “SuperAdmin Mode” – It’s not what it’s cooked up to be

Recently there have been floods of posts to the Internet on what everyone has titled a “cool new feature” or a “super admin” feature of Windows 7.  Let’s have a look at some of the articles:

http://community.winsupersite.com/blogs/paul/archive/2010/01/04/windows-7-god-mode.aspx

http://blog.hznet.nl/2010/01/enable-windows-7-superadmin-mode/

http://windows7themes.net/windows-7-enable-secret-godmode.html

http://blogs.technet.com/ferris/archive/2010/01/04/a-new-year-tip-how-to-enable-godmode-in-win7-and-svr2008r2.aspx

However, in all actuality, it isn’t a “God” or “Super Admin” mode at all.  What it actually does is reference a GUID in the registry:

{ED7BA470-8E54-465E-825C-99712043E01C}

that shows a full listing of the control panel applet.  Yep, that’s all it does – a shell folder view using a special GUID that produces a list mode of all of the available tasks in the control panel applet.  No God mode, no special access rights to hidden things that weren’t already there, and here’s the best one – it has been around for a while now, it’s not new to Windows 7. 

 Let’s look at it in the registry:

control-panel-all-tasks

As you can see on the left, the hive and the right, the default key shows “All Tasks” and the System.AppUserModel.ID that it calls – ControlPanel :)

….Sorry to be the bearer of bad news, but nothing too fancy about this GUID and unfortunately it’s no “God Mode” or “SuperAdmin Mode”, just a listing of all of the control panel applets ram-jamed on one screen, rather than separated out by their tasks (and drill-down) to help ease congestion for the normal user, of which Windows 7 is targeted at…

Tags: , , , ,

InformationWeek and Virtualisation – Take it with a grain of salt

DISCLAIMER: Yes, I’m a Microsoft MVP, MCT, MCITP, CCNA and hold various other certifications, however when I write articles I will take the view that there might be a better technology out there than Microsoft, but I will ensure I write articles with the proper facts being portrayed and not try to put a “media” spin on things.

OK, now that’s over, let’s look at what has got me revving.  A bloke called Elias Khnaser has written an article for Information Week entitled “9 Reasons Enterprises Shouldn’t Switch to Hyper-V”.  He didn’t put a disclaimer at the top, but Elias works for a company called Artemis Technology and if you go to their “Partner” page, Artemis is a VMware Enterprise Partner and they consider this their one of their “Spotlights” compared to their Microsoft Gold Partner status which is just listed as a valued partner.  (UPDATE: since writing this article, the logo has changed to include their areas of expertise and has been fixed, however at the time of writing the logo was “warped” and furthermore if you moused over it, the description about the partner was set to “information to come”, whereas all of the other valued parnters seemd to have descriptions).

Anyways, let’s look at the article…

1. Breadth of OS Support….:

Hyper-V, however, supports only Windows and SuSE Linux

Hmm:

http://www.microsoft.com/windowsserver2008/en/us/hyperv-supported-guest-os.aspx

Microsoft support more than just Windows OS’s and SUSE.  Here’s another page I’d like to steer Elias to:

http://boincstats.com/stats/host_os_stats.php?pr=bo&st=0

OK, so it’s a piece of software, but what does it say? Yep, that says of the top 15 OS’s 12 are Microsoft’s, so why support such a breadth of OS’s if there’s no need to…Anyways, I digress.  Let’s carry on:

2. Memory Management

In this article it goes in to Memory management and talks about how Microsoft just say throw more memory at the situation whereas he states VMware can overcommit and utilise more memory…Interesting, in contrast to this article:

Performance Tuning Best Practices for ESX Server 3

That white paper clearly states:

Avoid frequent memory reclamation.  Make sure the host has more physical memory than the total amount of memory that will be used by ESX plus the sum of the working set sizes that will be used by all the virtual machines running at any one time.  (Note: ESX does, however, allow some memory overcommitment without impacting performance by using the memory management mechanisms described in “Resource Management Best Practices” on page 12 [of this document].

key word of course is *some*, yet everyone knows you never overcommit memory in a production environment (thanks to my friend Mitch Garvis for the heads up on this one – A Brief Discussion of Security with Regard to Resource Over-Commitment in VMware)

3. Security

Well, don’t get me started on this one as VMware has a kernel infrastructure that means if you inject one malous driver in to the Hypervisor layer it can (and will) affect EVERY VM you have.  Hyper-V does it differently.  Here’s a reference for the differences:

http://4sysops.com/archives/the-difference-between-the-microsofts-hyper-v-and-the-vmwares-esx-hypervisor/

Biggest difference is microkernalised hypervisors versus monolothic hypervisors.

4. Live Migration

Well, lets look at this one.  In order to do it with VMware, it’s not as straight forward (oh wait, it’s not mentioned in this review of *one* paragraph) as it seems either.

5. Priority Restart

Seems as though the spin on this paragraph is going down the clustered route not a priority restart route.  He mentions Exchange, IIS, SQL all of which, you don’t want a VM infrastructure to *move*.  You want them highly available via clustering, not a VM management utility or tool…

6. Fault Tolerance

Not sure where this one is heading, but again it seems like he’s letting VMware control the applications, something any good system administrator (see third party software and reliability).

7. Hot Adds

All I need to say is CSV and I don’t mean comma separated values.

8. Third Party Vendor Support

Please list some…Furthermore, I’d ask why (and 9 is maturity) if VMware is so much better, do they need third party products to make their product good?  Hyper-V has SCVMM R2 and that’s all you need, period.

9. Maturity

Sure Hyper-V hasn’t been around long, but you have to admit, it’s gaining ground on VMware at a very fast pace now that the R2 version is out and the “kinks” have begun to be ironed out…

Morale is,  it seems this story has a load of FUD in it and that proper research wasn’t done in order to make it impartial.  Next time an article like this is written, maybe it should be prefaced with the caveat the author is a VMware addict or seems to be trying to have it out for Microsoft Hyper-V, for whatever reason that might be.

Tags: , ,