About James

I am an Infrastructure Systems Administrator in the Infrastructure Systems Group (ISG) within ISS. We are responsible for a number of the core services which support the IT Infrastructure of the University including Active Directory, Exchange, DNS, Central Filestore, VMware and SQL. I hold number of current Microsoft Certifications and am also a Symantec Certified Specialist (Netbackup) http://twitter.com/JamesAPocock

Deleting Windows Profiles

Written by James Pocock:

There have been a few problems recently with local copies of roaming profiles being incorrectly deleted. The following procedure should be followed when deleting a profile.

Removing the Local copy of the profile

A common mistake is to simply logon to the local machine as an administrator and delete the users Profile from C:\Users or C:\Documents and Settings.

However, deleting only the local folder does not remove some key registry settings. While XP is usually quite forgiving of this Windows Vista is not and a profile which has been deleted in this fashion will never function correctly on the machine until it is rebuilt.

The profile should be fully deleted from the local system by using the User Profile settings option in System Properties.

In Windows XP:

System Properties > Advanced Tab > User Profiles > Settings

In Windows Vista:

System Properties > Advanced System Settings > Advanced Tab > User Profiles > Settings

Profile 1

Highlight and delete the profile you wish to remove (you may need to reboot first).

Profile 1

Finally you can manually remove any residual folders from C:\Users or C:\Documents and Settings.

Remove the Server Copy of the Profile.

Within the CAMPUS network only the user and server administrators have permissions to remove a profile. There are two ways to go about this.

Map a drive to the folder above the users remote profile folder with the user using their user account. You can find out the path by using CAMA.

Alternatively you can request this process is performed by ISS by emailing helpline@ncl.ac.uk

Rename the folder as zap.username. This is important because The CAMPUS profile servers have run scheduled tasks which remove folders prefixed with zap. each morning at 06:30. This allows some time to retrieve files from the old profile. More importantly, If the old profiles are not deleted they will count against the users quota.

Server 2008 Clustering Best Practices

I’m posting these notes largely for my benefit but it may be of some interest to anyone Clustering with Server 2008.

General Best Practices

  • Use the Failover Cluster Configuration Program (FCCP) during setup.
  • Use identical equipment where possible and run the Cluster validation tool after each configuration change.
  • Microsoft will only support validated clusters.
  • Take regular system state backups.
  • Use preferred and possible owners and choose carefuly.

Quorum Best Practices

  • Use a dedicated basic single volume disk
  • RAID 1+0 recommended.
  • No need to backup Quorum disk.
  • Avoid DFS paths when using file share witness.

Windows Vista Service Pack 2 Preview

We received some information on Vista Service Pack 2 in a session today.

As you might expect, the news is not all that thrilling. Vista SP1 is already the most stable, feature packed OS Microsoft have released to date so this is really only a Service Pack in the traditional sense.

  • Default power management policy will be 10% more efficient
  • Hyper-V support incorporated.
  • Native Blu-ray burning and new explorer icon.
  • Even greater application compatibility.
  • New feature pack for Wireless including Bluetooth 2.1 support.
  • Better wake-up for WiFi coming out of sleep mode.
  • RSS gadget side-bar improved.
  • TS licensing bugs fixed.

Wednesday: Server Core and Group Policy

I’ve been to two sessions this morning. One on Group Policy where I picked up some excellent tips on debugging and tracking GP’s and an excellent presentation on Server 2008 Core by Mark Minasi.

I will definitely be writing a lot more about Server Core and the GP information I learnt today but one of his very useful tips that applies to other systems was this command:

wmic qfe list > outputfile.txt

This outputs a list of all patches applied on the computer as well as the support URL’s, install date and other information.

Notes on Windows Client Deployment

This morning I attended a session on Windows Client Deployment. There was some mixed news.

The good

A tool called Deployment Imaging Servicing and Management (DISM) is due for release next year as will an updated version of ImageX. This will form part of WAIK 2.0

  • DISM will be able to work with WIMs and VHDs.
  • DISM will allow simple add/remove/lisitng of drivers and Windows features.
  • Dynamic driver provisioning will allow drivers to stay on the WDS server. The image will contain references to the drivers meaning that only the drivers needed are transferred to the machine.
  • WDS will deploy VHDs in the same way as WIMs however they will still need to be syspreped.

The Bad and the Ugly

  • DISM is another command line tool.
  • There will be no update to WSIM. It will look and feel exactly the same.
  • No GUI for ImageX.
  • No updates to WDS manager for dealing with legacy RIS images.

‘Windows Server’ 7 aka Windows Server 2008 R2 Feature list

Last week at PDC Microsoft announced that Microsoft Windows Server 2008 R2 will be the server variant of Windows 7.

Here at TechEd we are seeing demonstrations of some of W7/R2’s features. Here is a quick run through. More detail to follow.

  • Live Migration
  • Remote Desktop Services which will supersede Terminal Services.
  • Bitlocker to go
  • Direct access (a possible killer app for Server 2008 R2 and IPv6)
  • BranchCache.
  • SMB enhancements
  • Offline file enhancements including a ‘Usually offline mode.’
  • Wake on Wireless LAN.
  • Improved power management and increased control via Group Policy.
  • Group Policy scripting with Powershell.
  • Programmatic interface in to performance and reliability systems.

Tuesday I: Security Enhancements in Windows 7/Server 2008 R2: Bitlocker & Applocker

I’ve just attended a Windows 7 Roadmap session and some of the enhanced security features of Windows 7 and Server 2008 R2 were demonstrated.

Bitlocker to go

Bitlocker will be available for USB keys and other removable devices. The demonstration showed a once click encryption of a USB stick which is secured against a passphrase or smart card. Group policy preferences will be able to enforce the use of Bitlocker and Bitlocker to go in the domain. Bitlocker to go encypted devices will also be backwards compatible with Windows Vista and XP.

Applocker

A white list of applications can be created using digital signatures. They can be filtered by publisher, version number and other fields which are automatically extracted from an applications executable package.

Monday II: Keynote

The keynote was given by Brad Anderson the General Manager of Microsoft’s Management and Services division and focused on ‘Dynamic IT.’ One of the main elements was Virtualization and its management. The video of the Keynote will be available online soon if it is not already but here are some notes that I jotted down.

Some interesting figures were mentioned.

  • Most servers across the word are running at less than 10% utilisation
  • ‘In the future’ a predicted 5% of the worlds energy consumption will be by the Datacenter
  • Microsoft’s use of Virtualization has seen energy savings of up to 90%.

We saw a demo if System Center Virtual Machine manager including the live migration feature in Windows Server 2008 R2. Application virtualization was also mentioned and we were told that this will make application compatibility issues a thing of the past. Brad Anderson also said that Microsoft had observed a trend in enterprises towards only running server services on physical machines ‘by exception’.

A demo of Microsoft System Center Operations Manager 2007 R2 Beta then followed which supports cross platform extensions and will be able to monitor Solaris, Suze, Redhat, MySQL, Oracle on top of the services it can currently manage.

The keynote then went in to detail on Windows Server 2008 R2 (M3 available for download) but I will post separately on this.

The Keynote finished with an overview of Microsoft Online services focusing on a mixed local and hosted implementation of Microsoft Exchange. The service is due for release in EMEA during spring 2009.

There were also demonstrations of features of the next version of SQL server ‘Kilimanjaro’ and some other areas which Jonathan may like to discuss.

Monday I: Greetings from Barcelona!

Jonathan, Dave Sharples and I are here in Barcelona to attend Microsoft Tech Ed EMEA 2008. Right now we are getting ready to head over to conference centre to attend the Keynote which will be given by Brad Anderson the General Manager of Microsoft’s Management and Services division.

We will then head to various sessions and have access to the Microsoft testing centre and Exhibition. This being my first Tech-Ed I’m not too sure what to expect in terms of announcements but will be posting highlights later today.

Until then.

Microsoft Tech Ed EMEA 2008 IT Professionals

Next week Jonathan and I are off to Barcelona to join 5000 other IT Professionals at Microsoft Tech Ed EMEA 2008 for IT Professionals.

Tech Ed will give us the opportunity to learn about new the new products and features coming from Microsoft as well as drilling down into our own areas of interest. So far I have booked some sessions on Group Policy, Server Core, Security and Windows 7.

I will be trying to make at least a couple of blog posts each day and I am sure Jonathan will too.

Feel free to make comments, suggestions and ask questions. We will have the opportunity to put questions directly to Microsoft and we will be happy to do so on your behalf so please let us know.

You can also keep up with the action as it unfolds on Tech Ed TV.

TechEd

http://www.microsoft.com/emea/teched2008/itpro/