Internet Explorer 8 Release Candidate 1 has been released. This will be the final test version before RTM. See http://www.microsoft.com/windows/internet-explorer/beta/default.aspx for details
Dave
IE8 RC1 Released
Reply
Author Archives: David
Microsoft Filter Pack for Desktop Search
http://on10.net/blogs/sarahintampa/Filter-Pack-For-Windows-Search/
“With the the Microsoft Filter Pack installed, Windows Search 4.0 is able to search within Word, Excel, PowerPoint, and other Office 2007 documents based on the text they contain”. Sounds useful to me.
Dave
Group Policy Troubleshooting
Some useful tools and tips on troubleshooting group policy from Microsoft.
http://blogs.technet.com/grouppolicy/archive/2008/11/05/troubleshooting-quick-fixes.aspx
Dave
Windows 7 will be called Windows 7
Windows 7 will be imaginitively called Windows 7 unlike previous versions of ths OS, see here for details
Dave
Office 2007 is driving me nuts!
I have to admit that I love Office 2007 – it has so many great new features that make it possible to make really great looking documents with minimal effort and no need to have any real design skills. However, it does drive me round the bend when I’m trying to work out how to do some very simple stuff; it is just so different from Office 2003. All these weird ribbon menus… where IS everything!? It even took me ages to work out that this:
is a menu button! I thought it was just a nice logo and was quite surprised when I clicked on it and it opened a whole new world of menus!
If, like me, you’re finding Office 2007 a tad confusing, help is at hand! Microsoft have provided a series of interactive guides here:
http://office.microsoft.com/en-us/training/HA102295841033.aspx
The guides provide an excellent way of quickly locating task buttons and menus in Office 2007, and will save many a headache for all experienced Office 2003 users who are grappling with the new Office technology! Try starting the Word interactive guide now and you’ll see what I mean. Once the Office 2003 environment starts up, click on File… Open… and then watch…
Limiting software usage through GP delegation
To apply a group policy to just a few selected computers in an OU containing many other computers, you can use Group Policy delegation. There are a couple of ways of doing this: one involves Denying access to a group of computers and the other involves Allowing access to a group of computers. It really depends on your local OU structure and what you want to achieve as to which method you use.
DENY
First of all, create a security group of computers (call it something meaningful) and add the PCs that you *don’t* want to get the policy.
Run the Group Policy Management Console/Snapin, and browse to the group policy in question. Click/double-click it so that you see the tabs Scope, Settings, Detail and Delegation in the right-hand pane.
Click on the Delegation tab.
Click Advanced.
Click Add and enter the name of the group of computers. (If you just want to specify a single computer name, that’s okay, but you’ll need to click on Object types first and check the Computers box – groups are easier to maintain though).
Once you’ve added the computer/group of computers to the ACL, you’ll need to check the *DENY* on Apply Group Policy. In this example, I’ve denied rights to UCS Cluster Computers to apply the policy 3 Central 7-zip 4.42:
ALLOW
This is more or less the same procedure. Create a group of computers that you *do* want to get the policy. Click on Delegation… Advanced so that the Security box appears. Remove Authenticated users from the ACL, and add your group of computers. Ensure that Apply Group Policy is selected for this group. ISS use this method for securing the 5 Licensed software policies.
Now what?
Now when you apply the group policy to an OU, only the PCs that are in the allow/deny group will be allowed/denied access to the software.
If you’re using the old Group Policy management tool (the one that’s integrated into Users and Computers), you can make the same changes by just right-clicking the Group Policy, selecting Properties, and then the Security tab.
You can use this method to secure any Group Policy regardless of its purpose, the policy doesn’t necessarily need to be a software policy. For example you can limit application of a policy that adds users to a local machine admin group.
Something to note
To change delegation on a group policy, you must have rights to modify the policy security.
Vista is so protective…
A bit of a gotcha with using the Active Directory Users and Computers tool on Vista is that it (very sensibly) protects the objects you create from accidental deletion but (very annoyingly) doesn’t inform you that it’s done this. If you are using the AD Tools on Vista and you suddenly find that you can’t delete something you created, then check the Object tab on the object in question. If the “Protect Object from Accidental Deletion” box is checked as shown here within the red circle:
… you’ll need to uncheck it before you can delete or move it.