Windows 7 and Windows Server 2008 R2

October 3, 2009

Microsoft finally announces on July 22nd, 2009 that Windows 7 and Windows Server 2008 R2 (both share same code base and designed to lock-step) have been released to manufacturing (RTM) milestone. In fact, the RTM of Windows 7 and Server 2008 R2 has been expected for quite some time, which is rumored to be on July 13th, 2009, although official time line stressed second half of July 2009. In fact, the official Windows 7 RTM build version 6.1.7600.16385 has been confirmed days earlier.

With the RTM, it means that Windows 7 and Windows Server 2008 R2 development has finally wrapped up, the code is final, and will be released to OEM (original equipment manufacturers) and system builders within 48 hours (Windows 7 OEM availability on July 24 2009) to allow them some time to build the operating system into computers and other “smart” hardware so that these Windows 7 or Server 2008 R2 powered machine can be available in time for the Windows 7 and Windows Server 2008 R2 worldwide general launches. Windows 7 set to debut publicly on October 22nd, 2009 and Windows Server 2008 R2 will be generally available on or before that date, accourding to Microsoft’s press release. The whole release schedule of Windows 7 RTM to OEM, MSDN, TechNet, Action Packs and Microsoft partners has also been announced.

According the the Windows 7 Team Blog, the RTM is build 7600, and was declared and signed off after all validation checks and significant RTM quality bar testing on a RTM contender were met. Microsoft released Windows 7 Beta at build 7000, and Windows 7 RC at build 7100. Steve Ballmer, Microsoft Chief Executive Officer also confirmed Windows 7 has finalized during Microsoft Global Exchange (MGX) in Atlanta, Georgia later in the day.

Windows Server 2008 R2 and free standalone Hyper-V Server 2008 R2 have also been declared to RTM milestone by Windows Server Division Blog. Windows Server 2008 R2 and Hyper-V Server 2008 R2 release schedule is little faster but almost similar when compared with Windows 7, with an evaluation software available for download in the first half of August and the full product available to customers with Software Assurance in the second half of August.

The Windows 7 and Windows Server 2008 R2 builds that are being RTM were compiled on Monday July 13, with full build version string of 6.1.7600.16385, also written as 7600.16385.090713-1255, as confirmed by Larry Osterman, a 20+ years Microsoft software design veteran engineer on his blog. The official RTM build is signed off on July 17, 2009 in a long process that only completed today.

With the RTM of Windows 7 and Windows Server 2008 R2, it also officially marks the end of Windows 7 and Server 2008 R2 alpha, beta and release candidate phase. However, don’t expect Windows 7 development to stop, as future updates will come soon (probably sooner than most expected) in the form of hotfixes and service pack with rumor of Service Pack 1 (SP1) already emerging.

While no official untouched and unmodified Windows 7 and Windows Server 2008 R2 DVD ISO images have been leaked yet, end-user self-made ISO images of Windows 7 RTM and home-made ISO of Windows Server 2008 R2 RTM have already available for download, which although may not stamp with official signature of Microsoft, but it’s based on original install.wim (the archive that stores all Windows 7 system files) extracted from original Windows 7 RTM DVD.

Windows 7 RTM includes a version check that blocks upgrade path from pre-release version of Windows 7 (e.g. Windows 7 RC or Beta) to Windows 7 final RTM build. Use this hack to modify cversion.ini to allow in-place upgrade from prerelease version of Windows 7.

Update: Original Windows 7 RTM ISO (x64 andd x86), original untouched Windows 7 RTM OEM ISO (32-bit and 64-bit) and Windows 7 E RTM ISO (32-bit and 64-bit) have leaked.

Lastly, Engineering Windows 7 blog has published a video clip showing the final few minutes before RTM, where it’s a sign-off process where each and every team that contributed to Windows formally commits to having successfully executed the work necessary for the product to be in the release process. The video shows Windows 7 Team gather one last time (for Windows 7) in the “Ship Room” and a representative from each team signs (literally) and signifies their teams readiness for manufacturing.

New Trends For Laptop Computers

September 25, 2009

Laptop computers are becoming synonymous with business productivity, college education, and even gaming. Due to their portable nature, we are seeing laptops in more and more places as people find ways to take their business on the road. To accommodate this behavior, many large companies are constantly developing new applications and tools to help us interact with our computers.

Recently we have seen a trend toward a more effective touchscreen input. This latest trend has stemmed from all the other smaller gadgets that have taken advantage of touchscreen technologies, and customers are starting to expect it everywhere. A laptop with a touchscreen display isn’t exactly a new idea, but we haven’t had anything like the new products that are coming out.

The biggest reason why many of the large companies are making a touchscreen laptop is because the new Windows 7 operating system that is on the horizon will have built in support for touchscreen technology. Until now, companies have had to go out of their way to make sure the hardware and software lined up properly, but now the basic operating system will be compatible with the technology.

Both HP and Dell have already released two-finger touchscreen laptops, and both continue to develop more advanced technologies in this arena. Lenova has just announced a new kind of screen, however, which will allow users to employ a multi-touch technology.

In other words, many of the touchscreens that are already on the market allow users to easily interface with various programs. They can manipulate images, zoom in on maps, and scroll through documents with just a couple finger movements. They can also let you press buttons or turn pages on certain applications. With the new four-finger, multi-touch interface users will have a lot more control over the objects.

This will be particularly useful for designers or engineers who have to work with a lot more images and objects than other computer users. Anyone that requires a very high level of precision as they interact with the computer will be able to appreciate this level of control.

Laptop computers seem to be everywhere in our modern society and most computer companies are still developing new ways for us to integrate them into our lifestyles. Even so, many users feel that laptops are lacking in some areas and insist on using other peripherals to make the interactions simpler. Touchscreen technology could be the new application that will eliminate the need for all those extra add-ons.

Tablet and laptop computers are going to benefit the most from these new developments in technology, but there will likely be a big trend toward touchscreen applications in other areas as well. Our phones have laid some groundwork for casual touchscreen use, and now full computers will be able to take it to the next step.

How to Make Windows 7 Lean and Mean

September 2, 2009

Now that Windows 7 RTM (Release to Manufacturing) is out and will soon be available to the general public, I think it’s a good time to share some of the things how to make your system “lean and mean”. Before I begin I want to emphasize that the techniques and tricks I present here are based on my own personal experiences as a beta tester and MVP, often getting access to pre-release CTP (Community Technology Preview) and beta offerings that the typical user does not have access to. I make no guarantees that your experience will be exactly as mine, nor that any or all of the techniques I describe will work for you. In other words, use at your own risk, Your Mileage May Vary, and I make no guarantees of specific performance or appropriateness for your particular situation and usage of the operating system. Simple common sense is the guideline here. In some cases the advice that I give may appear contrary to what Microsoft recommends. You’ll simply have to use good judgment and decide what’s right for you. Everything I recommend is reversible, so you do not have to worry, as long as you understand what you are doing.

First, we need to understand that Windows 7, like it’s predecessors Windows Vista and Windows XP, installs by default with certain services and settings enabled. It may very well be that you, the user, may not want some of these settings and services and so it is up to you to determine “What does what”, and “Do I really need or want it”. On the other hand, some services are essential for the operating system to function, so experiment at your peril!

This article is a work in progress. I’m starting out with some basic recommendations based on my own personal experiences. If you have an idea or an addition you would like to contribute, please do not hesitate to post it as a comment at the bottom and I’ll add your suggestion and give you credit for it.

Windows 7 installs and starts (by default) some services and settings that I know I do not want or need. These services take up system resources; they do not come “for free”. Every service that is running when your PC has completed the boot-up process takes up valuable system resources, threads, and memory. It is up to you to decide what you should allow to run and what to disable. There are also a number of “behind the scenes” services and features that run by default; some of these can be safely disabled or turned off. This article will focus on the ones that I believe are the most obvious and will give you the most “bang for the buck”, and I’ll present alternatives in some cases.

Before you start doing these tweaks, right-click on the taskbar, and choose “Start Task Manager”. Switch to the Performance tab, and make a note of the Memory graph reading. You can check this again when you’re done and have rebooted to see the “bottom line”!

1. AntiVirus and Malware Protection. Windows 7 does not come with a full  antivirus software suite  installed. It has only “Windows Defender”, which runs as a service. I recommend that you disable Windows Defender, and instead, download and install AVG Free Antivirus. AVG Free is feature complete (the only thing the free version appears to be missing is RootKit detection). If you have AVG Free installed, there is no need to have two anti-malware processes running, which is why I recommend disabling the WIndows Defender service. If you like the free product, you can upgrade to the “for pay” product at any time. In fact, you’ll get some nag screens inviting you to do so. I have not done so yet, I’m completely happy with the free product, which so far seems to be able to catch virtually everything.
2. System Recovery. Windows 7 installs (on a clean install) with System Recovery (System Restore) turned on. I recommend that you turn it off. In my opinion, 99% of system failures and failure to boot correctly are due to Registry entries that are either corrupt, or incorrect. Therefore, the fastest and easiest way to “go back” to a good system is to be able to choose to restore a recent registry backup and reboot.  The best way I know to do this is with a utility called ERUNT, from Lars Hederer. This works on every version of Windows, both 32 bit and 64 bit. Download this, install it, accept the defaults, and it will enter a Startup folder batch file that will back up your Registry for that day when you boot up. To restore a previous registry, just go to C:\Windows\ERUNT\Autobackup\ , choose the date you want, and in that folder, execute the ERDNT.EXE file. Your Registry from that day will be restored, you reboot, and you’re done. If your machine won’t boot at all, hold down the F8 key and choose Safe mode, and you can do the same Registry restore. If you don’t do any of the other tweaks in this article, please do this one. I can virtually guarantee that you will thank me at some point in the future!
3. Turn off Windows Search ServiceWindows Search is constantly reviewing files on your system to make their contents available for quick searching.Frankly, I keep my “stuff” pretty organized, so I don’t need this extra overhead — and Search in Windows Explorer still works fine if I need it, it is just slower. Windows Search can really impact system performance.

   To disable this:

   * Click Start, then Computer
   * Right Click the C: Drive
   * On General Tab, Uncheck Index this drive for faster searching
   * On the next dialog box, Select Include subfolders and files
   * You should also Stop and set to Disabled the Windows Search Service.

4. Turn off Remote Differential CompressionRemote Differential Compression measures the changes in files over a network to transfer deltas with minimal bandwidth rather than transferring an entire file that has previously been moved. Because it constantly checks for file changes, this service can hinder system performance.To disable this service:

   * Open Control Panel
   * Switch to Classic View
   * Select Program Features
   * Choose Turn Windows features on and off
   * Scroll down and uncheck Remote Differential Compression

5. Turn off Automatic Disk DefragWindows 7  has an always-on defragment feature that isn’t really that necessary and can cause system slow down. Just remember to run a defrag manually every week.To disable this:

   * Press Start (Windows key) and E,  then select Computer
   * Right Click the C: Drive
   * Choose “Properties”
   * Select the Tools Tab
   * Click “Defragment Now”
   * Uncheck “Run on a schedule”
   * See “Defraggler” at the bottom. It’s free.

6. Add a 2GB or higher USB Flash drive to use Ready BoostReady Boost uses a USB thumb/flash drive to provide some quick access memory the operating system can use as extra RAM. The Ready Boost system can improve system performance.To set this up:

   * Insert a USB Flash Drive (preferably 2GB or more)
   * Click Start then Computer
   * Right Click the USB Drive in My Computer
   * Select the Ready Boost Tab
   * Choose Use this device
   * Select as much space as you can free up for RAM usage vs. Storage

7. Turn off  HibernationWindows hibernation background services can use a large amount of system resources. If you don’t use the Hibernate feature regularly you can to disable it to give Windows 7 a performance boost.To disable Hibernation:

   * Select the Control Panel then Power Options
   * Click Change Plan Settings
   * Click on Change Advanced Power Settings
   * Expand the Sleep selection
   * Expand the Hibernate After selection
   * Bring the selector down to zero
   * Click Apply

8. Windows Firewall.  My computers are behind a wireless router, which (in case you didn’t know) includes a very good built-in Firewall. There’s no need to have two firewalls running, so I have Windows Firewall disabled. NOTE: some programs require Windows Firewall to be running in order to install correctly, so you may have to temporarily turn it on.
9. Security Center. Once you have all your antivirus, firewall and whatever else protection you need going, there’s no longer any need for the silly Security Center service. Disable it. Let’s read what the service description says:”The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer.  The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service.  The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel.  Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions.  The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system.”Does the above make any sense to you? It doesn’t to me. I already have everything set the way I want, so I don’t think I need some service running, taking up resources, just to monitor it. That’s why I have it disabled. You decide.

   Disable excess Windows Services that Auto-Start at Startup

   Just like Windows XP and  Vista, Windows 7  ships with all kinds of services enabled that load at startup and may never be used by most users.

   To see what loads at startup and disable the ones you probably won’t need:

   * Click Start then Control Panel
   * Select Administrative Tools
   * Choose System Configuration
   * Click the Services Tab

   You can safely deselect:

   * Offline Files (unless you’re using Offline File Sync)
   * Tablet PC Input Service (unless you have a tablet PC)
   * Terminal Services
   * Windows Search (If you already disabled indexing)
   * Fax (unless you’re using a fax modem)

   Disable Excess Windows Features

   Windows 7 ships with other features that are listed separately in the operating system from the startup services.

   You can view and disable these features:

   * Click Start, then Control Panel
   * Select Program Features
   * On the left panel, select Turn Windows Features on or off

   You can safely deselect:

   * Indexing Service
   * Remote Differential Compression
   * Tablet PC Optional Components
   Windows DFS Replication Service
   * Windows Fax & Scan (unless you use a modem for faxing)
   * Message Queue – unless you’re using this as a programmer.

   Set a fixed size Page File

   In Control Panel the System applet has different tabs where you can manage these settings. The recommended size for a fixed Page file is shown at the bottom of the Virtual Memory tab. Choose this size as both the minimum and maximum under “Custom size”.

   In Networking, Turn off Qos Packet Scheduler

   On many machines, this will speed up networking. You can also Uncheck “IPV6” since you probably don’t need this just yet.

   Turn off the “chrome”

   Turning off the fancy Aero interface, turning off the sidebar ( now called something like “gadgets”), and otherwise disabling the features that make Windows 7  look and feel unique will help speed up performance. Free programs like CCleaner (“Crap Cleaner”)  have features that let you manage the startup programs and clean up unneeded files off your hard drive. I also recommend their defragmentation tool, “Defraggler”.

   You can find some additional candidates for windows services that can be turned off here.

   If I had to pick only two of the above tweaks, it would be numbers 2 and 3!

Configuring Windows Remote Desktop from the command line

July 31, 2009

How to use Windows Remote Desktop (mstsc.exe) from the command line to connect to remote servers from saved shortcuts or with custom options.

Introduction

If you are interested in using Windows Remote Desktop from the command line, likely you already know what it does but you may not have realized all that you can do with it. Windows Remote Desktop allows you to remotely control just about any windows PC or Server. You can perform remote control from PC to PC, Server to Server, PC to Server, or Server to PC. The server component of RDP is built into the Windows Operating System whether it is XP, Vista, or Windows 7 (but you must authorize remote desktop to that computer). On the desktop side, that connection to the PC is limited to a single connection where you remote control the console. However, on the server side, in say Windows 2003 or 2008, you can enable multiple users to connect to the server with Terminal Services.

However, no matter whether you are using a desktop or server OS, the client piece of software is the same – the Remote Desktop Connection or Remote Desktop Client, as I like to call it. The executable for the Remote Desktop Connection is called mstsc.exe and it’s located in %systemroot%/system32/mstsc.exe.

Let us learn all that you can do with mstsc.exe…

Running Windows remote Desktop Connection from the CLI

In Chris Sander’s WindowsNetworking.com Admin Tip – Using the Remote Desktop Client from the Command Prompt – he covers the quick command line how-to of Windows Remote Desktop. As Chris points out, the basic command syntax for mstsc.exe is:

mstsc.exe {ConnectionFile | /v:ServerName[:Port]} [/console] [/f] [/w:Width/h:Height]

However, if in Vista, you run mstsc /?, you will see that there are more options for it:

Figure 1: Remote Desktop Connection Usage Help Screen

On most computers I walk up to and use, the remote desktop connection is not easily locatable in the Start Menu. Because of this, I have gotten used to starting Remote Desktop by going to Start -> Run and then just typing mstsc and pressing Enter.

This way I do not spend any time navigating the Programs menu.

Common reasons to run mstsc from the CLI

I love Remote Desktop because from my laptop or desktop system, I can connect to any of my PCs or servers in my infrastructure. It is very “empowering”.

I often need to use the command line options. One common thing to do is to save a RDP File, which is a saved configuration file for a particular RDP connection – or really a particular server or PC that you commonly connect to. Of course, you could even have multiple RDP files for the same server or PC if you want to have multiple saved configuration files.

These “.rdp” files are just simple text files that you can create or edit with notepad. Here is a look at one:

Figure 2: RDP file opened in notepad

While you can do this with notepad, the most common way to edit a .RDP file is to use the GUI Remote Desktop client because it offers options to Open, Save, and Save as connection files, like this:

Figure 3: Opening and Saving RDP Connection Settings

I can also edit a particular file using the GUI but initiate it from the command line with the /edit option for mstsc, like this:

mstsc /edit test.rdp

Some common reasons that I would save RDP files for later use are:

• Have save connections to multiple servers and put those saved settings on my desktop or in the folder in the Start menu, like this:

Figure 4: Creating multiple RDP server connections in the Start Manu

• Have multiple versions of the same connection – maybe I connect to a virtual desktop using VDI and I have one icon that creates a full screen RDP connection and one that creates an 800×600 resolution connection
• Perhaps I have one RDP file that connects to a server and another RDP file that connects to a server and runs an application (which can be specified in the .rdp file)

Creating a Desktop Shortcut to run Remote Desktop

Let us say that you wanted to create a desktop shortcut to connect to a particular server. You could either use the base set of command line options or you could use those options and a .rdp connection file.

Either way, you need to be able to enter the full command line into the desktop shortcut creation wizard.

Let us say you want to create a desktop shortcut to:

• Connect to server “exchange”
• Connect to the console of that server
• Create an 800×600 window

To do this you would run:

mstsc.exe /v:exchange /admin /w:800 /h:600

And to create a desktop shortcut, you would enter this into the create shortcut location, like this:

Figure 5: Creating a desktop shortcut with RDP

However, if those basic options are not enough, you need to use a .rdp connection file.

To do this, just run mstsc.exe, go in and customize your connection all that you want. Add sound, customize the bandwidth, set an application to be run, tweak the performance, connect local devices & resources like printers and the clipboard. When you are done, just click the Save as button on the General tab under connection settings. When you save it, give it a name like fileserver. Make sure that you know what folder your RDP file was saved in. I also recommend testing your connection here to ensure that it works as expected.

Once saved, you can close out the Remote Desktop Connection window and then go to create your desktop shortcut. When you enter the desktop shortcut location, you will enter the connection file after msctsc.exe. Make sure that you enter the full path to the .rdp file. The .rdp file needs to be in your path, or your desktop shortcut and .rdp file should be in the same folder. Thus, it would look something like:

Mstsc.exe c:\users\david\documents\exchange.rdp

OR, if you are all going to run mstsc with a connection file, you do not need to create a desktop shortcut at all. All you have to do is to save the RDP connection settings file then run it. The file itself, when run, is associated with mstsc.exe so it will be run and your connection will automatically initiate to the server specified in the connection file.

One final tip – if you want to change the defaults that mstsc uses to connect when you run it without any customizations, you can edit the Default.rdp file in your home documents folder.

Troubleshooting File System Problems

July 31, 2009

This article presents a systematic approach to troubleshooting file system problems on servers running Windows Server 2003. Various tools for troubleshooting disk problems are examined and best practices for using them are explained.

A corrupt or damaged file system can result in various effects ranging from data loss to rendering your system unbootable. Smart IT pros will therefore take steps to maintain their servers’ file systems and will know how to systematically troubleshoot disks when things go wrong. This article discusses both preventive disk maintenance and provides some tips for using various tools to maintain and troubleshoot file systems on Windows servers.

Seven Golden Rules for Disk Maintenance

Let’s begin with a proactive approach to file system maintenance. What steps should an administrator take to help prevent file system problems from happening in the first place? Here are my seven golden rules on the subject, in no particular order:

1. Upgrade your servers to Windows Server 2003. There’s real value in doing this as far as disk maintenance is concerned, for example:

* The chkdsk command in Windows Server 2003 runs a lot faster than the Windows 2000 version of this utility, plus it can fix things like a corrupt Master File Table (MFT) that the previous version of the utility would choke on.
* Powerful new command-line tools like DiskPart.exe, Fsutil.exe and Defrag.exe give you more flexibility for managing disks from the command-line instead of the GUI. These tools can be scripted to automate common disk management tasks you need to perform on a regular basis.
* The new Automated System Recovery (ASR) feature greatly simplifies the task of restoring your system/boot volume in the event of catastrophic disk failure.

2. Use hardware redundancy. RAID 1 disk mirroring lets you recover from catastrophic system volume failure with zero downtime, while RAID 5 is a great way of protecting your data volumes. Windows servers include support for built-in software RAID but you’ll get better performance and true hot-swap redundancy by investing more money and buying a hardware RAID controller for your system instead. Don’t forget though, keep a few spare drives handy so you can swap them during an emergency—redundancy is useless if you don’t have the redundant hardware around to use it. Note that if you do choose to go with the software RAID provided by Windows, mirroring your boot and system volumes requires that these volumes be one and the same i.e. one volume is both your boot volume (contains operating system files) and your system volume (contains hardware-specific boot files).

3. Use a good antivirus program. Viruses can be nasty, and one of the things they can do when they infect a machine is to corrupt the Master Boot Record (MBR) and other critical portions of your hard drives. Not only should you have AV installed on your servers, you should also avoid risky behaviors such as running scripts from untrusted sources, browsing the web, and so on. These are just the kinds of behavior that can lead to infecting your system, so avoid doing things like this on your production servers.

4. Defragment your file systems on a regular basis. This is especially important on servers on which a high number of transactional operations occur as the file systems can quickly become fragmented, dragging down the performance of applications running on your server. To perform a successful defrag you should really have at least 15% free space left on your disk, so make sure you don’t let critical system or data disks fill up too much or they’ll be harder to maintain. The new command-line Defrag.exe tool of Windows Server 2003 is useful here since you can schedule regular running of this tool during off-hours using the Schtasks.exe command instead of having to defrag manually or buy a third-party defrag tool.

5. Run chkdsk /r on a regular basis. This command finds bad sectors on your disk and tries to fix them by recovering data from them and moving it elsewhere. You can run this command either from a command-prompt window or from the Recovery Console if you can’t boot your system normally. Remember that when you try and run chkdsk.exe on your system or boot volume, Windows configures autochk.exe (the boot version of chkdsk.exe) to run at your next reboot. This means you’ll need to schedule downtime for your server when you perform this kind of maintenance so that autochk.exe can run.

6. Check your event logs regularly for any disk-related events. Windows sometimes determines on its own when a disk is “dirty” i.e. there are file system errors present on it. In that case, Windows automatically schedules autochk.exe to run at the next reboot, but it also writes an event to the Application log using either the source name “Chkdsk” or “Winlogon”. So filter your Application log to view these kinds of events on a regular basis or collect them using Microsoft Operations Manager (MOM) or whatever other systems management tool you use on your network.

7. Back up all your volumes regularly. As a last recourse in the event of a disaster, having working backups of both your system/boot volume and data volumes is critical. ASR in Windows Server 2003 makes backing up the boot/system volume easier, while backing up your data volumes can be done using the Windows Backup (ntbackup.exe) tool or any other backup tool such as one from a third-party vendor. Whatever way you choose to back up your system, do it regularly and verify your backups to ensure you can recover your system using them.

I should also add an eighth and final rule as well:

8. (the Platinum rule) If your disk starts to make funny sounds, don’t ignore them—do something. Disk failure is often preceded by funny sounds emanating from your computer. These clicking, scraping, screeching, or other types of sounds mean trouble, so when you hear them it’s time to make sure you’ve got a recent backup and a spare disk handy just in case. And it’s also time to check your event logs, run chkdsk –r, and use other maintenance and troubleshooting tools to check the health of your disks. Don’t ignore these funny sounds!

Tips for Troubleshooting

While a proactive approach to maintaining disks and their file systems is important, it’s also inevitable that disasters will occur and you’ll need to react to them appropriately. Here are some tips to using one of the key maintenance tools for disk and file systems that is included with Windows Server 2003, namely Chkdsk.exe:

* Make sure you know you have a good recent backup before you run chkdsk.exe.
* Never interrupt Chkdsk.exe while it’s doing its job.
* Make sure you have enough time during your maintenance downtime window to run Chkdsk.exe—on very large volumes this command can take a long time to finish its work. To speed up the operation of Chkdsk.exe on very large volumes, you can run it in a “light” form by specifying chkdsk drive_letter /f /c /i before you try running the slower chkdsk /r.
* Chkdsk.exe can’t run on the boot/system volume when Windows is running, and it also can’t run on data volumes when file handles are open on the volume. The reason being that in both of these situations Chkdsk.exe is unable to lock the volume for its exclusive use. In these cases, Chkdsk.exe will be scheduled to run at the next system restart.
* If you think your volume may be dirty but you don’t want Autochk.exe to run when it reboots—for instance, if your server is heavily used and you can’t afford the downtime while Autochk.exe runs—you can use the Chkntfs.exe command to first determine whether the volume is dirty or not, and second to find out whether Autochk.exe is currently schedule to run at the next restart. If you determine that the volume is dirty and Autochk.exe is scheduled to run at next restart, you can delay running Autochk.exe using the chkntfs /d command. Note however that doing this is risky—if your volume is dirty you should deal with it as soon as possible and not procrastinate.

Configuring Disk Quotas in Windows 2003

July 31, 2009

About Disk Quotas

Unfortunately, in Windows NT Disk Quotas didn’t exist, which was much to the disappointment of Windows Administrators. Along came Windows 2000 and with the introduction of Disk Quotas it meant Administrators had the ability to track and control user disk usage. The only problem was that they didn’t really have a sufficient way of managing disk quotas. Scripting, reporting and remote usage methods were somewhat limited and ambiguous. Windows 2003 offers better all round functionality and easier enterprise-wide disk quota manageability.

Disk quotas are used in conjunction with NTFS, Group Policy and Active Directory technology. NTFS is the file system on which disk quotas can be set, Group Policy is what is used to set disk quotas on a specific set of users and computers, and Active Directory is used to gather a list of users to which the disk quota group policy will be set. It is important to note that disk quotas can only be used with NTFS; setting them up on FAT or FAT32 drives is not possible.

Disk quotas are configured on a per volume basis and cannot be set on a file or folder level. Each volume would have its individual settings which do not affect any other volumes. You may have a single disk partitioned into two volumes (drives C and D for example) with each having their own quota settings. Disk quotas can also be configured on a per user basis and different groups of users can have different limits set. Administrators are the only ones to whom a disk quota does not apply; by default there are no limits for an Administrator.

There are numerous reasons you may wish to make use of disk quotas. Based on the requirements of your organization you might choose to configure disk quotas if you have a restricted amount of disk space on a specific server, a limited number of servers, or perhaps the need to monitor user disk space usage without actually enforcing a quota. You might be wondering why you’d want to just monitor user disk space usage. Well, let’s say you have a fileserver set up with multiple users in your organization using it everyday to store temporary files. As time goes by and perhaps people forget to delete the files from the server, the amount of available disk space will continue to decrease. If nothing is done about it then users will be denied the right to add more files on the server (until some old files are removed). By monitoring user disk space usage with Microsoft’s disk quotas, you can be notified of when space is running out and then increase the allocated space on the server accordingly or notify your users that they need to delete their files from the server. Additionally, setting a quota warning level will allow for a system event log to be written for your review.

Setting a Group Policy

The most practical means of configuring disk quotas on a large scale would be through a domain-level group policy. This will configure the settings automatically on any of the volumes you wish to have disk quotas enabled, saving you the need to have to configure each volume independently.

Open the Group Policy Object Editor (gpedit.msc) and navigate to Computer Configuration > Administrative Templates > System > Disk Quotas. On the right hand pane you will see a list of policies that can be applied. Double click the “Default Quota Limit and Warning Level Properties” setting.

Figure 1: The Default Quota Limit and Warning Level Properties Dialog

The default quota limit is the maximum amount of space assigned per default quota, whereas the warning level is the amount of space at which a warning is triggered. Normally 90-95% of the total value is a good limit to set as a warning.

Now configure any other settings you wish to be applied by selecting them from the right hand pane. To have your changes applied immediately you can enable the “Disk Quota Policy Processing” policy and choose “Process Even If The Group Policy Objects Have Not Changed” from Administrative Templates > System > Group Policy.

Figure 2: The Disk Quota Policy Processing Dialog

You may also want to manually force a group policy update using the gpupdate utility. Simply go to Start > Run and type gpupdate followed by the return key. This will refresh both the computer and user policies.

Whatever changes you make in the group policy will be reflected on the Quota properties tab of each volume you wish to configure in your domain. The options will appear grayed out and non-editable.

Configuring Disk Quotas and Disk Quota Entries

Using the Computer Management console, you can configure disk quotas for a local or remote volume from a central location. To open Computer Management, you have three choices; either right click My Computer and select Manage, type compmgmt.msc in the Run bar or select Computer Management from the Administrative Tools folder.

Select which computer you wish to manage from the root node. To select a remote machine right click the “Computer Management” node, select “Connect to another computer…” and choose the computer you wish to manage. Now, navigate to Storage > Disk Management and select the volume you want to configure from the right hand pane and open the properties dialog. Click the Quota tab and enable the options you want to be enforced.

Figure 3: The Disk Quota Properties Dialog

The traffic lights icon at the top indicate the status of the disk quota; red means quotas are disabled, orange signifies a changeover is taking place (while it rebuilds the disk information), and green means disk quotas are enabled. A textual representation of the status is shown on the right of the image.

Check “Deny disk space to users exceeding quota limit” to have Windows restrict users from adding more data to their allocated disk space when the quota limit has been reached. Users will be unable to add more data until some space is freed up.

As you can see from Figure 3 above, the quota limit for new users is greyed out. This is because we have already set it from the group policy, which overrides any customizable settings on the quota tab of a volume. In this case we have limited the user’s disk space to 500MB and set a warning level to 450MB.

You may choose not to limit disk usage and just enable quotas to track disk space usage on a per volume basis by leaving the “Deny disk space to users exceeding quota limit” checkbox unchecked and logging a warning when a user exceeds the warning level defined as part of the quota limit. Whenever a user exceeds this limit a Warning event log will be written to the Application Event Log and shown in the Event Viewer.

Figure 4: A warning event log for disk quotas

As per http://support.microsoft.com/kb/915182 there is a known issue in the pre service pack version of Windows 2003 in that the Warning event log is incorrectly shown as an Information log in Event Viewer. In the Quota Entries application however, it is correctly displayed as a Warning.

When you press the Apply button on the Disk Quota Properties Dialog you are notified that the volume will be rescanned to update the statistics and that this operation may take several minutes. Simply press OK to continue and have disk quotas enabled on that volume.

Quota Entries

Click the Quota Entries button on the Disk Quota Properties Dialog to view a list of individual disk quota entries. From this section you can create, delete and manage quota entries for specific users or groups. If a user requires more space than others then you can set this from here.

Go to Quota > New Quota Entry and the Active Directory User Picker will appear. Choose a user from Active Directory and press OK. You will be given the option to limit disk space and set a warning level or not limit disk usage at all.

Figure 5: Adding a new quota entry

Once you have chosen your preferred settings, press OK and the user will be added to the list. You can monitor a user’s disk usage by looking at the properties of each of the columns. ‘Status’ indicates whether the user is within their limit, if a warning has been logged or if the limit has been exceeded; the icon will change accordingly.

Figure 6: Viewing a list of Quota Entries

Disconnect Terminal Server Sessions Using Command Line

July 31, 2009

Sometimes users forget to logoff their sessions from the Terminal Server computers. When you try to log on to those servers you get “There are no sessions left”. In this situation, you need to disconnect user’s session from the Terminal Server using either the Terminal Server Manager or command line tool. This article explains how you can use a command line tool from a remote computer to do so:

Steps for disconnecting a Sesion from a Single Server:

* Query all the sessions on the Terminal Server by running the following command:

Query Sessions /server:Server_Name

* Note down the ID of the session you want to disconnect.

* Run the following command to disconnect user’s session from the Terminal Server

Logoff ID_Number /Server:Server_Name

The above command will disconnect the same session from all the servers mentioned in the Servers.txt file.

Create a Kernel Memory dump file for diagnostic purpose

July 21, 2009

Sometimes you might need to generate a Kernel Memory dump file to troubleshoot the issues related to Kernel Mode components. There are three methods you can use to do so as described below:

* Crash.exe
* CrashOnCTRLScroll
* NMI (NMICrashDump)

The Crash.exe is available in both command line and GUI version.

To use CrashOnCTRLScroll, you need to create a registry entry at the following location in the registry:

* KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters
* Entry Name: CrashOnCTRLScroll
* Type: DWORD
* Value: 1(enabled), 0(disabled)

You need to restart the server for changes to take effect. After you have restarted the server, use the “CTRL+Scroll Lock Scroll Lock” to crash the server. A memory dump file will be generated at the default location on system drive.

To use the third method (NMI), you need to make sure that your server support the Non-Maskable Interrupt (NMI) capabilities. To use this method you need to create a registry entry at the following location and then press a switch located on the server to crash and generate a Kernel Memory dump file:

*
KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl
*
Entry Name: NMICrashDump
*
Type: DWORD
*
Value: 1

Remote Access Service Problems

July 21, 2009

If you have done any work with Remote Access Services, you know that the various configuration wizards available usually do a pretty good job at simplifying what would otherwise be a fairly complicated setup. Although Microsoft has done a pretty good job of masking the Remote Access Service’s underlying complexity, this can sometimes be a double-edged sword. When things do not work as expected, it can sometimes be a little bit tough to troubleshoot the problem because so much of the Remote Access Services inner workings are hidden beneath the surface. Often though, the solution to seemingly daunting problems is surprisingly simple if you know where to look. In this article, I want to talk about some of the Remote Access Service related problems that I have run into over the years, and how to get around them.

Users Can’t Browse the Network

The most common problem that I have encountered in relation to Remote Access Service involves users connecting to a RRAS server from their home computers and not being able to browse the network. This is also one of the problems that I have always dreaded troubleshooting the most, because it means diagnosing problems with somebody’s home computer.

If you attempt to diagnose the problem over the phone, it usually means a long troubleshooting session after hours. After all, the user has to be at home before they can help you troubleshoot their home computer. Needless to say, this is no fun, because nobody wants to have to do telephone support for a user once they go home for the day.

On the other hand, if you have the user bring their computer into the office you might be able to solve the problem more quickly, and you may even be able to do it during the work day rather than using your own personal time, but you may have the user hovering over your shoulder the entire time.

As for the actual diagnostic process, there are any number of things that can cause a user not to be able to browse the network once they connect to the RRAS server. I myself have run into situations in which the user’s home computer was infested with viruses, and situations in which the user’s kid had altered the TCP/IP stack. Both of these types of situations can take a lot of effort to repair. The good news is that my experience has been that the vast majority of the time, correcting the problem is fairly simple.

The first thing that I would recommend doing is teaching the user how to map a network drive, and then how to use the mapped drive to get to their files. I have seen a number of situations, particularly with older versions of Windows, in which network browsing does not work, but drive mapping does.

Another thing that you can do to correct the problem is to have the user change their workgroup setting. Most of the time, when a consumer buys a PC, PC to PC is configured by default to act as a part of a workgroup named WORKGROUP. Most corporate networks use domains rather than workgroups. Often times, directing the user to change the workgroup name to match the name of the domain that they are logged into will allow the user to browse the network.

Trouble Dialing in to a Remote Access Server

Probably the second most common problem that I have encountered with relation to the Remote Access Services involves the user attempting to dial into a Remote Access Server, but not actually being able to establish connectivity. Again, there are any number of situations that can cause this problem.

In my own personal experience, I have used the Remote Access Services primarily as a means for allowing users located in remote areas to dial into the corporate network. In these types of situations, using Remote Access Services and a dial in connection may be the only option because of the unavailability of broadband connections in these types of areas.

What I have found is that often, these remote areas have phone lines of insufficient quality to reliably carry data. I have also sometimes found this to be true of older office buildings whose phone lines have been in place for a long time.

Phone line quality issues are always a little bit tricky to overcome. In some situations, I have been able to at least partially correct the problem by installing filters between the phone line and the modem. These filters help to condition the line by getting rid of excess noise. Other times though, low-budget filters are ineffective, and I have had to seek help from the phone company.

If you are trying to establish a connection in a rural area, or if the phone lines coming into the building are ancient, it is fairly easy to explain why you may not be getting a good connection. Other times though, the reason why a connection is failing is a lot less predictable.

If you have ever looked around in the Remote Access Services console, you have probably noticed that there is no mechanism in order to diagnose connectivity problems. However, there are some helpful diagnostic tools in the Control Panel.

If you are having trouble establishing a connection using a modem, then the first thing that you will have to do is to narrow the problem down to either the client or the server. Typically, this is easy to do because if the problem exists on the server end than any clients to dial into that server will experience problems. If only one client experiences the problem, then it is a good bet that the problem is related to the client, not to the server.

Before you determine that the problem is definitely client related, you must consider whether or not the server uses multiple phone lines. If the server does use multiple phone lines, then you should do some tests to see if other clients are able to dial into the same phone line as the client who is experiencing difficulties, and successfully establish a connection.

Another thing that you should take into account is whether or not the connection has ever worked reliably in the past. If the connection has always been reliable, but suddenly refuses to work, then there are a couple of things that you can look for.

One possibility is that the phone company may be doing work in the area. I would not really think that this would cause any problems as long as you can still get a dial tone on the line, I have experienced situations in which modem connectivity failed until the guys outside on the pole finished what they were doing.

A more common problem is that an electrical surge may have damaged the modem. Even if there have not been any storms recently, it is not uncommon to have electrical surges on phone lines. These surges are not usually strong enough to damage a telephone, but they can damage a modem; particularly if the modem line does not pass through a surge protector. The easiest way to test for this condition is to simply swap out the modem and see if you can establish connectivity.

10 New Features of Windows 7 Networking’

June 24, 2009

10 new features of Windows 7 Networking and what is new and improved in the area of networking with Microsoft’s latest operating system – Windows 7.

Windows 7 offers end user and IT Admins a number of new networking features. Let us look at the top 10 Windows 7 Networking features.

1. Libraries

One new networking feature of Windows 7 that aggregates data from multiple sources into a single folder view. This could also be called a virtual folder. Actually, it is an indexed view of multiple data sources.

Because of the new library functionality, many of the common user folders in Windows 7 have been renamed. In Windows Vista you had Documents, Downloads, Photos, Videos, and Music. In Windows 7, these folders have been renamed and now you have Personal Documents, Personal Downloads, Personal Photos, Personal Videos, and Personal Music.

Yes, in other words, all the folders in a user’s home directory have been renamed with the word Personal in front of them. As I said, there is a reason for this and that reason is to allow us to use libraries and to distinguish between public and personal (private) documents.

Besides these personal document folders, each Windows 7 computer is going to have public folder such as Public Documents.

To reiterate, the purpose of Libraries is to join together these personal and public documents into a single documents directory (as well as any other libraries that you create).

Thus, the default Libraries in Windows 7 are:

* Documents: made up of Personal Documents and Public Documents
* Downloads: made up of Personal Downloads and Public Downloads
* Music: made up of Personal Music and Public Music
* Photos: made up of Personal Photos and Public Photos
* Videos: made up of Personal Videos and Public Videos

To me, the best thing about Windows 7 Libraries is that you can create your own libraries. How do you do it? Easy. In explorer view, just go to your Libraries, right-click, then click on New – Library.

Fig 1

From here, your new Library will be included in the list of Libraries in the Navigation Pane of all Explorer views (assuming you checked the show in navigation pane).

Once you create it, you need to decide what you want included in the library. To do this, right-click on the folder and click Properties. On the Library Tab, click Add, select a folder, then, click Include in Library. You can include as many folders in your library as you want.

Of course, the inclusion of folders in your library view is critical to make the library of any use.

2. Network and Sharing Revisions

In Windows Vista the Network and Sharing center was pretty, what I would call “busy”. There were lots of options and things that could be done resulting in the use of it being fairly confusing.

In Windows 7 the Network and Sharing center has been simplified. Here is what it looks like:

The Network and Sharing options have been moved to the Choose homegroup and sharing options window (which we will look at in a minute) and the left navigation options have been moved to other menu windows. I also think that the view your active networks section now looks much nicer and easier to understand.

Personally, I wish that there were more technical networking details shown on the Network and Sharing window. However, I am a technical networking guy and that is likely why I feel that way. I can see where perhaps Microsoft would want to shield less experienced users from technical network details.

3. View Available Networks (VAN)

While the “View Available Networks” or VAN feature sounds like it could be complex and a whole new kind of virtual network, it isn’t. However, it is pretty helpful. Essentially, the VAN feature allows you to view all available networks and connect to them, directly from the system tray. Here is what it looks like:

With users being more mobile and connecting to various networks, this is a much needed feature.

4. Super Fast Wake up and Boot, Smart Network Power, and Wake on LAN for Wireless

Some of the new features of Windows 7 are there to speed up Windows 7 or save power. Here are 3 examples:

* Fast Wake Up & Fast Boot – enables your Windows 7 machine to wake up faster when it was put in hibernate or standby mode. The fast boot feature allows Windows 7 to boot up faster when it is powered on from a cold boot.
* Smart Network Power – turns off the power to your Ethernet jack when there is no cable connected
* Wake on LAN for Wireless – bring the well-known wired Ethernet feature to wireless networks. Think about it – an Admin can wake up thousands of sleeping computers, not even wired to the network, using wake on LAN for wireless.

5. BranchCache

BranchCache is a big win for branch office users and IT Admins. With BrachCache, when remote Windows 7 users access file or Intranet content on a Windows 2008 R2 server at the headquarters, that data is downloaded to the remote branch. The second time that the same Windows 7 PC, or a different Windows 7 PC, needs that data or Intranet content, access to it is much faster because it has already been cached.

BranchCache can operate in two modes – Hosted Cache or Distributed Mode. With Hosted Cache, a Windows 2008 R2 server at the branch office is the central caching server for that branch. With Distributed Mode, no Windows 2008 R2 server is needed and the cache data is stored on the distributed Windows 7 PCs at the branch.

Before you can raise your security red flag, you should know that BranchCache complies with all Windows security settings and always checks to ensure that it is delivering the latest version of the file to the Windows 7 PC that requested it.

6. Virtualization Enhancements

With the Windows 7 Virtualization Enhancements, when you run Windows 7 in a VDI (virtual desktop interface) mode, the end user will enjoy a higher quality experience. To help you visualize how this works, let us say that you have a Hyper-V server and you are running Windows 7 as a Guest virtual machine on the server. End users running thin client devices connect to the Windows 7 Guest VMs on that server. Previously, with Windows XP or Vista, there would have been limitations to the users’ experience, as compared to a traditional desktop. With Windows 7 many of these limitations are removed. Here is what Windows 7 provides when used in a VDI mode:

* The Windows Aero Interface
* Viewing of videos in Windows Media Player 11
* Multiple monitors
* Microphone for VoIP uses
* “Easy Print”, which allows you to use a printer on the local printer without installing a printer driver
* Common tools for IT Admins to manipulate virtual desktop images

Something else that is new about Windows 7 and VDI is the new Windows Vista Enterprise Centralized Desktop (VECD) license.

7. Fix a Network Problem

One of my favorite changes to Windows 7 networking is the update to Vista’s diagnose and repair. In Windows 7 if you want to get assistance fixing a network issue, you just click Fix a network problem. Sound simple and clear, right? That’s what I like about it.

From Windows 7 Network and Sharing, if you click Fix a Network Problem, you get this window, asking you want you want to fix:

Windows 7 will go through and attempt to fix any network issues that you select. It will even ask you if you want to fix it as a Windows Administrator. Here is what fixing a homegroup looks like:

8. QoS Enhancements

While Quality of Service (QoS) is not something that end users think about they do see the results if QoS is not working. Windows 7 offers a number of QoS enhancements.

URL based QoS is one of the new Windows 7 QoS Enhancments. Since many mission critical enterprise applications have been moved into hosted web environments, URL based QoS is the answer to giving those IT Admins the ability to prioritize those mission critical web applications over, say, other general web surfing.

Is it slick and exciting? Maybe not but it is a very valuable feature resulting in a better experience for the end users.
9. DirectAccess

I like how Microsoft characterizes the new Windows 7 feature, DirectAccess –

1. Help mobile users get more done
2. Help IT Admins manage remote machines more effectively

The combination of both of these things make DirectAccess worth learning more about (and likely implementing).

So what exactly is DirectAccess? Today, mobile users can connect to the enterprise network with VPN but it is not always easy and can be difficult to configure. DirectAccess wants to be the answer that allows end users to connect to the enterprise quickly and easily, without VPN.

For the IT Admins, DirectAccess will allow them to manage laptops even if the laptops are not connected to the VPN. The IT Admin can schedule software to the updated or configuration changes to be made, the next time that device connects using DirectAccess.
10. HomeGroup

Absolutely, the best new Windows 7 networking feature for home and small office users is the homeGroup feature. Essentially, a homegroup is a simple way to link computers on your home network together so that they can share pictures, music, videos, documents, and printers. There is just a single password that is used to access the homegroup, making creating it and connecting to it easy.

To configure a Windows 7 Homegroup, you can click on Choose Homegroup and Sharing Options from the Network and Sharing Center in Windows 7, then Create now (assuming your network location is set to Home).

You will be asked what types of personal content you want to share with the HomeGroup.

You will be able to select what you want to share in the homegroup.

And you will be given a single password, used on other computers, to connect to the homegroup.

When you are done, the Homegroup and Sharing center will look something like this:

A First Look at Windows 7 Backup

June 19, 2009

The Windows 7 Backup and Restore Center offers tremendous improvements over the Windows Backup application that is found in Vista. In this article I will conclude the series by showing you some more of these improvements.

Last month, I spoke about some of the more frustrating shortcomings found in the Windows Vista version of Windows Backup. I also spoke about how those issues are being addressed in Windows 7. In this article, I want to wrap up the series by talking about some more of the improvements found in the Windows 7 backup application.

Creating a Backup

The overall process of creating a backup is similar to what was involved in backing up Windows Vista. When you open the Backup and Restore Center, you are given the chance to either schedule a backup or to create an image backup.

Maybe it’s just me, but I find the wording of these two options to be a bit misleading. It sounds as though you would use the Create an Image Backup option to create a onetime backup, and use the Schedule a Backup option to backup the system on a regular basis.

In a way, this really is what these options do, but there is an important distinction between the two options. If you create an image backup, you can not use it to restore individual files. It is used only for the purpose of restoring the entire machine to its previous state. On the other hand, a scheduled backup does allow you to restore individual files and folders should the need arise.

If you do decide to create an image backup, the Backup and Restore Center gives you the option of creating a system recovery disk when the backup process completes. A system recovery disk is a bootable CD or DVD that contains various Windows recovery tools that you can use to help you to recover from a serious error. The system recovery disk can also be used to restore an image backup. You can see Windows 7’s description of what the system recovery disk does in Figure A. You will notice in the screen capture below that the system recovery disk is referred to as a system repair disk. Keep in mind that Windows 7 is still in beta testing, and some of the features have changed names over the course of the beta testing period. When features have changed names, not all of the dialog boxes have been updated to reflect the feature’s new names.

Figure A: The System Recovery disk is a bootable CD or DVD that can be used to recover from serious system errors

If you want to create a onetime backup that you can restore individual files and folders from, you will initially have to set up a scheduled backup. Once the backup completes you will see a screen that is similar to the one that is shown in Figure B.

Figure B: This is the screen that Windows 7 displays after a scheduled backup completes

The first thing that I want to point out about this screen is that once you have performed an initial backup you have the option of manually performing subsequent backups any time that you want by clicking the Back Up Now button.

Another thing that I wanted to point out about this screen capture is that there is a Change Settings link located at the bottom of the backup section. You can use this link to change the drives, files, or folders that are included in the backup, the backup destination, or even the schedule. In fact, if you initially told Windows to create a scheduled backup, you have the option of completely disabling the schedule so that the backup only runs when you manually initiate it.

Restoring Your Files

Aside from not allowing you to restore files and folders from an image backup, Windows 7 makes it fairly easy to restore files and folders. If you look at Figure B, you will notice that the Restore section contains a Restore My Files button, and a link that you can use to Restore All User’s Files. Both of these options will allow you to restore individual files and folders, but there are some major restrictions that you need to be aware of.

Firstly, using these options only restores data from the most recent backup. If you need to restore data from an older backup, you will have to use a different option. I will show you how to do that later on.

Another restriction that you need to be aware of is that both of these options are designed so that they will only restore data that is located in the user profile directories. If you need to restore data that was originally located in a folder outside of a user’s profile then you will have to use a different restoration option. You do however have the option of restoring profile data to an alternate location.

If you go back to Figure B, you will notice that there is an option to Select the Backup to Restore Files From. If you select this option, then you will be taken to a screen that asks you which backup you want to restore, as shown in Figure C.

Figure C: You can revert to an older backup

If you look at the figure above, you will notice that only one backup is listed. I am honestly not sure if this is a bug or if the Backup and Restore Center was designed this way intentionally, but multiple backups that were made on the same day are not listed. If you select a backup and click Next, you will be taken to a screen that contains a link labeled Choose a Different Version. Clicking this link shows you all of the backups that exist, as shown in Figure D.

Figure D: Clicking the Choose a Different Version link shows you which backups are actually available

One Last Thing

Before I wrap up this article, there is one last thing that I want to show you. As you may recall, Windows Vista gave you the option of writing backups to a hard drive, but you had to dedicate the entire drive to the backups. Windows 7 still allows you to backup data to a hard drive, but the hard drive is no longer required to be dedicated to the backup process.

If you open the drive containing your backups, you will find that you can even manage your backups by double clicking on the backup file. When you do, Windows will open the dialog box that is shown in Figure E. This provides you with a quick and easy way of performing a restoration.

Figure E: Double clicking on a backup file causes Windows to open this dialog box

One cool thing about this feature is that it gives you an option to manage the disk space that is used by the backup. Clicking on this option allows you to see how much space the backup is actually using, and it allows you to purge older versions on the backup, as shown in Figure F.

Figure F: Windows 7 allows you to manage the space consumed by your backups.

Conclusion

As you can see, the Windows 7 Backup and Restore Center is far more flexible than the Windows Backup application that comes with Vista is. It will be interesting to see if Microsoft ends up making any more changes to the backup application between now and the time that Windows 7 is released.

Working with Read Only Domain Controllers

June 19, 2009

Introduction

In Windows Server 2008, Microsoft has brought back a feature that we have not seen since Windows NT; Read Only Domain Controllers. In this article, I will explain why this is, and the advantages of using Read Only Domain Controllers.

I hardly ever watch television, but when I sat down to write this article, I couldn’t help but remember an episode of 30 Rock that I saw a while back. In that episode, the show’s main character, Liz Lemon, was dating a guy who was the only person in New York City who was still selling pagers. When Liz told him that nobody uses pagers anymore because everybody uses cell phones, he insisted that technology was cyclical, and that the pager was going to make a big comeback.

Although the remark was intended to be comical, I think that technology is more cyclical than most people realize. For example, I do not expect to ever see the pager making a comeback, but is cell phone texting really all that different from the text based pagers that we all had fifteen years ago?

Perhaps a better example of the cyclical nature of some technology is a new type of domain controller found in Windows Server 2008 called a Read Only Domain Controller, or RODC. The reason why I say that this is an example of cyclical technology is because in a way, RODCs are a left over from over a decade ago.

Windows NT was Microsoft’s first Windows Server operating system. Like modern Windows Server operating systems, Windows NT fully supported the use of domains. What was different though, was that only one domain controller within each domain was writable. This domain controller, known as the Primary Domain Controller or PDC, was the only domain controller that an administrator could write information to. The primary domain controller would then propagate updates to the other domain controllers within the domain. These other domain controllers were known as backup domain controllers, and were read only in the sense that they could only be updated by the primary domain controller.

Although this domain model worked, it had its downside. Most notably, a problem with the primary domain controller could cripple the entire domain. As you probably know, Microsoft introduced some major changes to the domain model when they released Windows 2000 Server. Windows 2000 Server introduced two new technologies for domain controllers, both of which are still in use today; the Active Directory, and the multi master domain model.

Although there is still a PDC emulator role and a few other specialized roles, for the most part every domain controller in a multi master domain model is writable. That means that an administrator can apply an update to any domain controller, and the update will eventually be propagated to all of the other domain controllers in the domain.

The multi master domain model was retained in Windows Server 2003, and is still used in Windows Server 2008. However, Windows Server 2008 also allows you to create Read Only Domain Controllers. RODCs are domain controllers on which the Active Directory database cannot be updated directly by administrators. The only way of updating these domain controllers is to apply a change to a writable domain controller, and then allow the change to propagate to a RODC. Sound familiar?

As you can see, RODCs are nothing short of a relic from the days of Windows NT. In this case technology truly has become cyclical! Of course Microsoft would not have brought back RODCs if there were not some advantage to doing so.

Before I begin explaining why Microsoft brought back RODCs, let me first clarify that the use of RODCs is completely optional. If you want every domain controller in your entire forest to be writable, then you can certainly do that.

The other thing that I want to quickly mention is that even though RODCs are very similar to the Backup Domain Controllers (BDCs) that were used in the days of Windows NT, they have evolved a bit. There are a couple of things that are unique about RODCs, and I will point those things out as we go along.

OK, so why did Microsoft bring back RODCs? It has to do with the challenges of supporting branch offices. Branch offices have traditionally been tough to support because of their isolation and because of the nature of the connection between the corporate headquarters and the branch office.

Traditionally, there have been several different options for managing branch offices, but each has its own set of advantages and disadvantages. One of the more common ways of dealing with branch offices is to keep all of the servers in the main office, and provide the branch office users connectivity to those servers through a WAN link.

Of course the most obvious disadvantage to using this method is that if the WAN link goes down then the users who are in the branch office are unable to do much of anything, because they are completely cut off from all of the server resources. Even if the WAN link is functional though, productivity may suffer because the WAN links are often slow and easily congested.

Another common option for dealing with branch offices is to place at least one domain controller in the branch office. Often times, this domain controller will also act as a DNS server and as a global catalog server. That way if the WAN link goes down, the users in the branch office will at least be able to log into the network. Depending on the nature of the branch office user’s jobs, there may also be other servers located at the branch office.

While this solution usually works out pretty well, there are some disadvantages to using it. The primary disadvantage is the cost. Placing servers in branch offices requires the organization to shell out money for server hardware and for any necessary software licenses. There are also support costs to consider. An organization needs to determine whether they want to hire full time IT staff to support the branch office, or if they can deal with the amount of time that it takes the IT staff to travel from the main office to the branch office when onsite support is needed.

Another issue with keeping servers at the branch office is security. It has been my experience that servers located outside of the datacenter are basically unsupervised. They are often just locked in a closet at the branch office, and employees at the office who have a key to the closet have to be trusted not to mess with the servers.

As I mentioned earlier, WAN connections can often be slow and unreliable. Herein lies another problem with placing servers in a branch office. Domain controller replication traffic can congest the WAN link.

This is where RODCs come into play. RODCs are just like any other domain controllers, except that the Active Directory database is not directly writable. Placing an RODC at a branch office does not get rid of Active Directory replication traffic, but it does reduce the workload of the bridgehead servers because only inbound replication traffic is allowed.

RODCs may also improve security, because people at the branch office cannot make any changes to the Active Directory database. Furthermore, no account information is replicated to RODCs. This means that if someone were to steal a RODC, they would not be able to use the information that they get off of it as a means for hacking user accounts. The fact that user account information is not written to RODCs also reduces the amount of replication traffic that flows across the WAN link, but it does mean that with some exceptions user authentication still depends on the WAN link being available.

10 different ways to troubleshoot DNS resolutions issues.

June 17, 2009

Introduction

We all need proper DNS resolution for our network applications. When it this is not working, what do you do? Let us find out…

Let’s face it, when DNS resolution is not working, using anything on your computer that has to do with networking is painful because there is good chance it will not work. DNS really is not a “nice feature” of a network, it is a requirement. As a network admin, I have heard the alarming cry of end users moaning that the network is down, when it would be the cause of the DNS servers. In these cases I assure them that the network is up and running fine but it is the DNS servers that are down! As you can imagine, that does not go over very well with them because to an end user, it is all the same thing. DNS is “the network” (not that they know what DNS is anyway).

So how do you troubleshoot this critical network infrastructure service when you are on an end user PC (or your PC) and DNS is not resolving a DNS name? Here are the 10 tips and tricks that I recommend you try to get DNS working again…

1. Check for network connectivity

Many times, if you open your web browser, go to a URL, and that URL fails to bring up a website, you might erroneously blame DNS. In reality, the issue is much more likely to be caused by your network connectivity. This is especially true if you are using wireless networking on a laptop. With wireless security protocols, the key will be periodically renegotiated or the signal strength will fade, causing a loss of network connectivity. Of course, you can lose network connectivity on any type of network.

In other words, before blaming DNS for your problems, start troubleshooting by checking “OSI Layer 1 – Physical” first and then check your network connectivity. Here you should find a wireless connection with a valid Internet connection.

Figure 1: Good Wireless Network Connection

Notice how the Access is Local and Internet. If it just said “Local” then you do not have a valid network address (you only have a private APIPA that starts with 169.x.x.x).

This brings me to my next point. Make sure that you have a valid IP address on your network. You can check this out by going to View Status on the screen above and then to Details, you can check your IP address and verify your DNS Server IP addresses. Again, if you have a 169.x.x.x IP address you will never get to the Internet. Here is what it looks like:

Figure 2: Verifying your IP address and DNS Server IP addresses

2. Verify your DNS server IP addresses are correct and in order

Once you know that you have network connectivity and a valid IP address, let us move on to digging deeper into DNS by verifying that your DNS Server IP addresses are correct and are in the right order.

If you look at Figure 2 above, you can see the IPv4 DNS Server IP addresses. Notice that these are both on my local LAN / subnet so that I can access them even if my default gateway is down. This is how it works on most enterprise networks. However, your DNS servers do not always have to be on your subnet. In fact, with most ISPs, the DNS Server IPs would not even be on the same subnet as the default gateway.

In most home/SMB router configurations, they do not have their own DNS servers and the SMB router is proxying DNS to the real DNS Servers. In that case, your DNS Server IP address may be the same as your router.

Finally, make sure that your DNS Servers are in the right order. In my case, with the graphic in Figure 2, my local DNS Server is 10.0.1.20. It is configured to forward any names that it cannot resolve to 10.0.1.1, my local router. That router is proxying DNS to my ISP’s DNS Servers. I can look up those DNS Servers on my router, shown below in Figure 3.

That brings me to two more points. First, make sure that your DNS Servers are in the right order. If you have a local DNS Server, like I do, and you are looking up a local DNS name, you want your PC client to lookup that local DNS name in the local DNS Server FIRST, before the Internet DNS Server. Thus, your local DNS server needs to be first in your DNS settings as these DNS Server IPs are in the order that they will be used.

Secondly, you should be able to ping the IP address of your ISP’s DNS Servers. So, just as my DNS servers are listed above on my router, I can verify that I can ping them even from my local PC:

Notice how the response time from the ping to my ISP’s DNS Server is horrible. This could cause slow DNS lookups or even failure if it takes too long for the DNS server to respond.

3. Ping the IP address of the host you are trying to get to (if it is known)

A quick way to prove that it is a DNS issue and not a network issue is to ping the IP addressof the host that you are trying to get to. If the connection to the DNS name fails but the connection to the IP address succeeds, then you know that your issue has to do with DNS.

I know that if your DNS Server is not functioning then it could be hard to figure out what the IP address is that you want to connect to. Thus, to carry out this test, you would have to have a network diagram or, like many network admins do, just have the IP address of a common host memorized.

If this works, until the DNS server is available again, you could manually put an entry in your hosts file to map the IP to the hostname.

4. Find out what DNS server is being used with nslookup

You can use the nslookup command to find out a ton of information about your DNS resolution. One of the simple things to do is to use it to see what DNS server is providing you an answer and which DNS server is NOT

Figure 4: Pinging my ISP’s DNS Server

Notice, in Figure 5, how my local DNS server failed to respond but my ISP’s DNS server did provide me a “non-authoritative answer”, meaning that it does not host the domain but can provide a response.

Figure 5: nslookup output

You can also use nslookup to compare the responses from different DNS servers by manually telling it which DNS server to use.

Notice, in Figure 5, how my local DNS server failed to respond but my ISP’s DNS server did provide me a “non-authoritative answer”, meaning that it does not host the domain but can provide a response.

You can also use nslookup to compare the responses from different DNS servers by manually telling it which DNS server to use.

5. Check your DNS suffix

If you are looking up a local host on a DNS server that your PC is a member of, you might be connecting to a host and not using the FQDN (fully qualified DNS name) and counting on the DNS suffix to help out. For example, if I were to connect to “server1”, the DNS server could have multiple entries for that DNS name. You should have your network adaptor configured with the connection specific DNS suffix, as shown on the first line on the graphic above, labeled Figure 1. Notice how in that graphic my DNS suffix is wiredbraincoffee.com. Whenever I enter just a DNS name like server1, the DNS suffix will be added on the end of it to make it server1.wiredbraincoffee.com.

You should verify that your DNS suffix is correct.

6. Make sure that your DNS settings are configured to pull the DNS IP from the DHCP server

It is likely that you would want your network adaptor to obtain DNS Server IP addresses from the DHCP Server.  If you look at the graphic below, this adaptor has manually specified DNS Server IP addresses.

You may need to change to “Obtain DNS server address automatically” in order to get a new DNS server IP. To do this, open the Properties tab of your network adaptor and then click on Internet Protocol Version 4 (TCP/IPv4).

7. Release and renew your DHCP Server IP address (and DNS information)

Even if your adaptor is set to pull DNS information from DHCP, It is possible that you have an IP address conflict or old DNS server information. After choosing to obtain the IP and DNS info automatically, I like to release my IP address and renew it.

While you can do this with a Windows Diagnosis in your network configuration, I like to do it in the command prompt. If you have UAC enabled, make sure you run the Windows cmd prompt as administrator then do:

IPCONFIG /RELEASE

IPCONFIG /RENEW

Then, do an IPCONFIG /ALL to see what your new IP and DNS Server info looks like.

8. Check the DNS Server and restart services or reboot if necessary

Of course, if the DNS server is really hung, or down, or incorrectly configured, you are not going to be able to fix that at the client side. You may be able to bypass the down server somehow, but not fix it.

Thus, it is very likely that you, or the admin responsible for the DNS server, need to check the DNS Server status and configuration to resolve your DNS issue.

9. Reboot your small office / home DNS router

As I mentioned above in #2 and showed in Figure 3, on home and small office routers, the DNS server settings are typically handed out via DHCP with the DNS server set to the IP of the router and the router will proxy the DNS to the ISP’s DNS server.

Just as it is possible that your local PC has network info (including DNS server IP Addresses), it is also possible that your router has bad info. To ensure that your router has the latest DNS server information, you may want to do a DHCP release and renew on the router’s WAN interface with the ISP. Or, the easier option may be just to reboot the router to get the latest info.

10. Contact your ISP

We all know how painful it can be to contact an ISP and try to resolve a network issue. Still, if your PC is ultimately getting DNS resolution from your ISP’s DNS servers, you may need to contact the ISP, as a last resort.

How can I change a drive letter in Windows XP?

June 15, 2009

When you add drives to your computer, such as an extra hard drive, a CD drive, or a storage device that corresponds to a drive, Windows automatically assigns letters to the drives. However, this assignment might not suit your system; for example, you might have mapped a network drive to the same letter that Windows assigns to a new drive. When you want to change drive letters, follow these steps:

1. Right-click My Computer, and then click Manage.
2. Under Computer Management, click Disk Management. In the right pane, you’ll see your drives listed. CD-ROM drives are listed at the bottom of the pane.
3. Right-click the drive or device you want to change, and then click Change Drive Letter and Paths.
   
4. Click Change, click Assign the following drive letter, click the drive letter you want to assign, and then click OK.
   

You will not be able to change the boot or system drive letter in this manner. Many MS-DOS-based and Windows-based programs make references to a specific drive letter (for example, environment variables). If you modify the drive letter, these programs may not function correctly.

image001

image002

Use These 10 Tips to Write Your Most Popular Post Ever

June 12, 2009

One popular post can bring your more traffic and links than a month’s worth of your usual content.

In this post, I want to set you a challenge with the potential to launch your blog into the stratosphere.

Make the next post you write your most popular post ever.

The following ten tips form my key advice for tackling this task. I used all of them when hitting the Digg front page for the first time. There’s no blueprint you can follow to write an incredibly popular post, but you won’t have a chance unless you try. I’m confident these tips will give you a good shot at success.

1. Time is more important than talent. Work on something for eight hours and you can bet it will be good. You don’t need to spend that long, however (though that’s how long it took me to craft the first post I wrote that hit the Digg front page). More time means you can refine, format and fill your post with plenty of value. Take the time to really craft your content. It will show in the finished product.

2. Use your best idea. A post will never become wildly popular unless it fulfills a need, and does so emphatically. What’s something your niche wants but hasn’t got yet? Can you assemble a whole lot of really awesome (targeted) resources in one place? The more your posts helps people, the better it will do.

3. Use formatting to your advantage. These days, social media is key when it comes to launching your posts into the stratosphere. Social media users are notoriously spoiled for choice, however. Use formatting to emphasize the best aspects of your post. Hone in on your funniest lines, your most profound bits of advice, your best resources. Make them stand out.

4. Brainstorm headlines. There are probably one or two bloggers who’ve completely mastered the art of writing headlines for social media (you’ll know who they are). The rest of us haven’t been blessed with such skills. When you see a great headline, chances are it’s option #12 of a dozen choices. Few of us can think of a great headline straight away. Spend ten minutes brainstorming and you’re bound to stumble across something that works. A weak headline will cripple your post’s chances of success. It’s essential that you put a lot of work into getting it right.

5. Invest plenty of value in your post. Ever bookmarked or voted for something without completely reading it? We’ve all done it. It’s because of the ‘Wow’ factor — the presence of enough promised value in one place gets the reader enthusiastic about the post straight away. Instead of 5 tips, why not share 50? Instead of 9 resources, why not 40 or more?

7. Beauty is in the eye of the beholder. If your post looks good, it will draw readers in. Take the time to add images, thumbnails and formatting to what you create. Make your post a visual feast. With so much web content presented in a bland way, your post is guaranteed to stand out.

8. Tell them what you’re going to tell them. Readers will skip your waffly introduction. You can say the same in less words, particularly when you’re writing for an impatient reader: someone who wants to get straight into your tips/resources/opinions. Use your introduction to highlight why the reader should stick with your post. There’s a reason my post introductions mainly consist of: “In this post, I’m going to do this, this and that.” It’s what people really want to know: what am I getting in exchange for my attention?

9. Send messages with links. The best way to get a blogger to investigate your blog is by linking to them. We’ve got a natural desire to know what’s being said about us. If your post becomes really popular, each link inside it should send enough traffic outwards to be worth investigating. Be generous with your outbound links when writing your most popular post. It gives other bloggers an incentive to link to you, because it’s ultimately more promotion for them.

10. Utilize your network. If you want people to Digg, Stumble or Reddit your post, there’s no reason why you need to sit back with fingers crossed and hope it happens. Ask them. Your loyal readers like you. You entertain them, or teach them, or help them. If voting is a simple matter of clicking a link they’ll be more than happy to do so. Ask for votes in your post and email readers and social media influencers. In most cases you will need to get the snowball rolling. After that, others will do most of the work for you.

Bonus tip:

11. Examine what worked before. Study your most popular posts so far. What’s common about them? Why did they work? What needs did they address? In creating your most popular post, it’s important to learn by example and build on what has worked for your blog in the past. Another good idea is to analyze the most popular posts on other blogs in your niche. Why did they work? What’s remarkable about them? You can transfer those qualities over into what you write.