Core OS

I typically enable this registry setting (or Group Policy, if it is more than one machine), when trying to debug problematic systems. This setting will show you more information as the system boots up and you log in, so instead of just seeing "Applying computer settings...", you will see much more information as each module/subsystem comes online.

It is particularly handy on Terminal Servers, but I have also used it on severely broken XP boxes. One thing worth noting though, is that some of the messages will reveal the default %WINDIR%, if you are nervous about that type of information disclosure on locked down systems.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\

Create a DWORD called 'verbosestatus' and set it to '1'

More information, and where to specify this in a GPO, is here: KB 325376

Nelly Porter from Microsoft answered my many questions about the new RDP client features, in the newsgroups, and here is the info I was passed along:

[snip]

Aaron,

Public mode:


When the TS client is running in public mode it does not persist to disk or
the registry any private user data (e.g. username, domain, password, etc.)
on the machine which it is running, nor does it make use of any saved
private data that may exist (e.g. trusted sites list, persistent bitmap
cache, username, etc). In essence, the client operates as if there is no
registry or secondary storage present for private data. However, the client
still honors GP settings. To run the client in public mode, the /public
parameter is used:

mstsc /public

About /span and /h: /w: mode

Applications running in TS session can make use of additional monitors. For
example, if you have a large, high-resolution display for a CAD application,
the application can use monitord for output. That means you don't have to
worry about accidentally dragging windows onto that screen. For this
specific modes we

1. Limit Max Resolution to 4096x2048

2. No Dialog Repositioning, including win-logon dialog

Dialog repositioning ensures that dialogs appear in a user-defined location,
rather than in the center between two displays. For the /span mode we fully
rely on the user actions to reposition the dialogs to one of many possible
locations. As a side effect, the logon dialog can be difficult to locate and
use.

3. BBar or Connection Bar

When user starts remote session bbar is displayed with the logon screen.
Currently Bbar is positioned in the center and can eventually being outside
of the visible area of the screen, so when users would like to close the
remote session using bbar, they would have difficulties to locate closing
buttons. We scale bbar with the goal to center it on the primary monitor,
so user would be able to locate it and use any time.

4. Client Maximization option

If a client window is maximized, the screen is enlarged to cover all the
primary and secondary displays, if and only if the resolution of displays
are the same and their geometry is well positioned, it means the bottom
coordinates of both monitors are the same and the heights are the same.
Otherwise the maximized client window only enlarges to cover the display on
which it resides.

5. /span option

To automate correct maximize experience of the TS client window, the /span
option is introduced. It would automatically maximize TS client window,
instead of require users to calculate the sum of the width of their
monitors, the span option should be used. The span option would provide
convenient automatic way to maximize the client boundary windows to fit all
screens if and only if the geometry and resolution of all screens match.
/span option would hide the scrolling bar and would be very similar to
full-screen mode.

. when /span option is chosen or span:i:1 set in the rdp file, the
client would automatically start in maximize mode.

. /span option provides help to describe the option to user when
mstsc.exe would run on command line

. when both /span and /h: /w: options are present /span option
would take preference

. to override /span option in rdp file user should delete it or set
to 0, span:i:0

. when /span option is selected, the "Display" tab should have
grayed out slider for remote desktop size, so users would not be able to
change the initial setting and confuse themselves even more.

. /span option will not be saved to rdp file automatically

Thanks for asking, hope it helps.

Nelly

Finally a use for those TPM chips that have been shipping in new laptops and desktops. One of the main functions of the chips is to add hardware support for DRM but one other aspect is to provide a secure hardware-based encryption chipset that can be used by software to encode/protect your bits.

You can still use BitLocker without TPM but it isn't considered as 'strong' as using a dongle combined with a TPM-enabled laptop/desktop. It looks like a lot of the shortcomings of EFS in Windows 2000 and 2003 are being addressed with BitLocker also.

A good step-by-step walkthru of BitLocker can be found here:
http://www.microsoft.com/technet/windowsvista/library/c61f2a12-8ae6-4957-b031-97b4d762cf31.mspx

The tinyURL version of that link is:
http://tinyurl.com/h4nc8

I'm not sure if it is supposed to or not, but it looks like you can force install the exFAT driver into Windows XP and 2003 installations. I'm not sure if this will work with newer Vista builds, but for testing out removable media between Vista and XP boxes, it can be a handy trick.

I'm sure it is extremely unsupported but I'm not keeping any mission critical data on any exFAT partitions yet anyway.

For the curious, exFAT is the new way to get around the 32GB FAT32 limitation in Windows (2TB in theory), which is not backwards compatible with FAT32, but is aimed to be simple enough to put onto embedded devices, cameras, etc.

I'm already on the Vista/Longhorn beta but this looks like it is a special group of testers that will be like a 'steering comittee' for the upcoming technologies.

Go here to apply:
http://blogs.technet.com/keithcombs/archive/2006/04/19/425635.aspx

I’ve always wanted a piece of software like this. I could have used it when working on a VBrick codec problem a few months ago.

You could think of it as VMWare’s ‘snapshot’ technology, without using VMWare.

For instance, say you want to test out a new version of Adobe Acrobat. You install it while this software is running, and it takes note of all the system changes. Later on, you decide that you don’t like the new version of Acrobat, so you want to remove it without relying on the uninstall program to do the right thing. Bang, just reverse the ‘layer’.

It is free for personal use so I’m definitely going to give it a whirl.

http://www.pcmag.com/article2/0,1895,1941377,00.asp

Subject line says it all pretty much - although there of course is a lot more involved than just that. A blanket statement like that doesn't cover all the aspects of BitLocker in Vista.

They have opened up their own blog which is worth a visit at: http://blogs.technet.com/bitlocker/archive/2006/04/14/welcome.aspx

x64 drivers and Vista support is lacking in many areas still but this will at least get you printing if you have one of these printers. It is technically a workaround or what I would refer to as a 'kludge' until something official comes out.

Overall, try to install the USB printer as a DeskJet 990C and see if that works for you. It should use the built-in Windows drivers to do the dirty work, and you probably won't have all the features of every printer, but it is a lot better than downloading a 200MB ISO image for a 50k driver. That should also tip you off as to what featureset/language that these printers are using, so you could also get Linux printing working if you have one of these printers.

I've always loved my LaserJet 4MV since it can do PCL and Postscript but I have avoided the WinPrinters in general because they typically have very finicky/picky drivers that never quite work right. Things have gotten a lot better than the 'good ole days' but I've been burned too many times by multi-function devices doing 4 things poorly instead of doing one thing excellently.

Multifunction can also mean multi-failure.

I think these days most WinPrinters 'know' a subset of PCL so you can typically get them to limp along with a generic driver or like in the instance of the DeskJet, they know old-style DeskJet language.

http://h10025.www1.hp.com/ewfrf/wc/document?lang=en&lc=en&cc=us&docname=c00625738&lang=en&cc=us#

I haven't tried this product yet but they are giving out 5 free application licenses.

http://www.2x.com/applicationserver/application-publishing.htm

Mostly useful only for debugging situations but I'm trying to track down a strange ASP.NET crash on shutdown so this is helping the cause:

'RUNDLL32.EXE %Systemroot%\SYSTEM32\WBEM\WMISVC.DLL,MoveToAlone'

You will have to reboot your system for it to take effect.

Once you have narrowed down the problem, or fixed it, you can restore the default behavior by running:
'RUNDLL32.EXE %Systemroot%\SYSTEM32\WBEM\WMISVC.DLL,MoveToShared'

If you think WMI is seriously damaged, run WMIDIAG on it.

Missing, but registered SNMP DLLs ended up being my problem.

If you have any spare flash ram laying around unused, and you have a machine that is starved for memory, which I suspect a lot of machines will be when they want to run full blown Vista sessions, pop in the flash drive and enable Superfetch on the drive by going o the 'Memory' tab of the Drive property. If you are using a card memory reader as a 'ghetto' flash drive, you will want to make sure it is USB 2.0 or Firewire. Sandisk Ultra CompactFlash comes to mind, off the top of my head.

Vista won't 'announce' it as an available option on a drive if it doesn't pass a few media speed tests.

You can read more about it here:
http://thelazyadmin.com/index.php?/archives/401-Enabling-Vista-SuperFetch.html

I forgot about this one today when I was migrating a server from Windows 2000 to Windows 2003.

The current server handles DHCP, file services, and print services, and the main goal is to get everything moved while people work. Obviously, at some point there will have to be a cutover but I like to make things as transparent as possible with file server migration tools, print server migration tools, and DHCP migration tools. One of the sticking points is that this file server hosts most of the user profiles, so that makes it a little more cumbersome. Your best techs are the ones that have end users that are not aware that anything on the backend has changed.

Since I wanted some freedom of downing the old server when I needed to, I moved DHCP services to another server in the domain, running Windows 2003. I used the resource kit tool DHCPExim to export from 2000 and deactivate the DHCP scopes involved. I tried to import that data into the 2003 server but I should have remembered that the jet database/schema/file structures changed between 2000 and 2003.

Netsh to the rescue - a simple 'netsh dhcp dump >dhcpdump.txt' on the 2000 server gave me a usable configuration file to work from. I did a search and replace for the old and new IPs, saved the new file and then ran 'netsh exec dhcpdump.txt' on the 2003 box. Bam, DHCP has been migrated, except for the client database, so I made sure to set DHCP to do conflict detection under the 'Advanced' tab.

So far, so good (so what?).

Now back to robocopy'ing the file system structure...

I still like VMWare better than Microsoft Virtual Server, mostly because I'm more familiar with VMWare, but it is nice to know that free enterprise (pun intended) still works in the US.

It is even better news for Windows 2005 R2 since you can run 4 virtual machines off 1 license, legally.

http://blogs.technet.com/jhoward/archive/2006/04/03/424050.aspx