RSAT released for Windows 7

Microsoft has released the Remote Server Administration Tools (RSAT) for Windows 7. These tools allow you to “manage roles and features that are installed on computers that are running Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003, from a remote computer that is running Windows 7”.

Download from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=7d2f6ad7-656b-4313-a005-4e344e43997d&displaylang=en

Configure Bitlocker in Windows 7 on a TPM enabled machine.

Introduction:

This guide is an update to my earlier post on Bitlocker in Windows Vista.

BitLocker Drive Encryption is an integral security feature in the Windows Vista and Windows 7 operating systems that provides considerable protection for the operating system on your computer and data stored on the operating system volume. BitLocker ensures that data stored on a computer running Windows Vista remains encrypted even if the computer is tampered with when the operating system is not running. This helps protect against “offline attacks,” attacks made by disabling or circumventing the installed operating system, or made by physically removing the hard drive to attack the data separately.

This guide demonstrates how to configure a basic installation of Bitlocker with a TPM Enabled machine and assumes you are performing a clean build on a new machine using a network based WDS build.

Important things to remember before you begin

  • Bitlocker is particularly recommended to users of Laptops within the University.
  • Backups are more important than ever on encrypted disks as recovery will be all but impossible if the disks hardware fails.
  • Changing a systems hardware will cause the TPM to react and have the system lock down. This can easily be fixed by using the Bitlocker recovery key but only if you still have it!

Prerequisites

A Machine with a TPM chip
Windows 7 Installation media (DVD or WDS install)

1. Build the machine as normal. Unlike Windows Vista, Windows 7 automatically creates (and hides) the tiny system parition required for drives encrypted with Bitlocker to boot.

2. Once the machine has finished building restart and enable your TPM in the BIOS if it is not already. There does not seem to be any convention on how the TPM is referred to but with HP machines it is so as the ‘Embedded Security Device’

3. Logon to Windows and navigate to Control Panel\All Control Panel Items\BitLocker Drive Encryption.

Bitlocker

4. Select the drive you want to Encrypt.

Bitlocker

5. Choose a method of saving your recovery key.

6. Check the ‘Run BitLocker system check’ option.

Bitlocker

7. Finally restart the machine. After logon you will see a notification that the drive is being Encrypted.

Bitlocker

Windows 7 has arrived on campus!

Could Newcastle University be the first organisation in the UK to have Windows 7 RTM available for deployment by WDS…. ?

Whilst there is much discussion at present on campus about how and when we will begin to properly support Windows 7, we didn’t want to let the grass grow under our feet as far as our WDS implementation of the new o/s was concerned.

Adding it to the existing WDS Service was a breeze of course, so perhaps there’s nothing to brag about really 🙂

Windows 7 may ship with IE in Europe after all

It seems that there may be agreement between the European Commission and Microsoft to Windows 7 being released in Europe with Internet Explorer 8 present, but with consumers being offered a “ballot screen” which would allow them to simply select from a list of other web browsers. This would set the chosen browser as default and disable Internet Explorer.

This would mean that the issues that I discussed in my previous post about Windows 7 E would go away as the versions of Windows 7 shipped in Europe would share the same functionality as the rest of the world out of the box, which is a positive step. PC manufacturers would still be free to choose to pre-install any browser(s) that they choose to be the default of the machines they ship in Europe.

The proposal states that the ballot screen will be populated with up to 10 of the most used web browsers (with a usage share of at least 0.5% in the European Economic Area, and only one version per vendor), with the top 5 being given prominence. The proposal also includes a commitment to bring the ballot screen retrospectively to XP and Vista via Windows Update.

For more detail, read Microsoft’s press release regarding their proposal to the European Commission and the statement from the Commission.

Windows 7 E

Within the University, the issues in this post aren’t going to be relevant since ISS will deal with it, but I know that we have people reading this from outside, and that those of you who are our colleagues will be the IT support for their family and friends, who may have to deal with it. I’m sure you’ve heard this news before reading this, but in case you haven’t prepare to be shocked and bemused…

Following on from various wrangling and threats of fines after a complaint to the European Union from browser maker Opera about Microsoft’s bundling of Internet Explorer with Windows being anti-competitive, Microsoft has stated that it will release special E editions of the different Windows 7 versions in Europe. Windows 7 E editions will not contain a web browser, and unlike the old N (which didn’t contain Windows Media Player, to try to please the EU, and which nobody bought), there’s no option this time – if you’re in Europe, you get the E edition and you can’t purchase a version of Windows 7 that contains IE.

Funnily enough Opera isn’t pleased about this, presumably because they have to now provide a distribution mechanism for people to get their browser onto a PC that doesn’t have a browser already with which to download it, and increasingly may not have an optical disk drive. Opera would like Windows 7 to include a “ballot screen” which would provide a selection of browsers that the user could choose from. It doesn’t take a genius to see why Microsoft would be reluctant to do that since however they ordered the options, someone would be bound to complain (and by “complain”, I mean “probably take legal action”).

It’s not all bad though. The majority of consumers who use Windows get it with a new PC, and the OEMs who manufacture those PCs aren’t going to send one out to retail without a web browser. They’ll undoubtedly do deals with one browser company or another to bundle their offering as they do with anti-virus and other software. The vast numbers of Windows users in a corporate environment don’t need to worry either since their IT department will sort them out. The only people who are really affected by this are the small percentage who buy a boxed (or downloaded) copy of Windows 7 to upgrade an existing computer. It’s a small percentage of people who buy Windows this way simply because the numbers of corporate users and PC buyers are so large, but I expect that the number will be larger with Windows 7 simply because it’s so much better suited to running on existing hardware than Windows Vista was – I’m running it quite happily on my netbook and I also put the release candidate on my mother’s creaking “built for XP” laptop with 512Mb RAM; it works fine!

I said this affects people who are buying a copy to upgrade, but the other caveat to this is that because there were no Windows Vista or XP E editions, Microsoft isn’t providing Windows 7 E upgrade versions as they have done previously. They are providing the full version of Windows 7 E, in the UK, for roughly the equivalent of the upgrade pricing they’re using outside the EU if you pre-order from selected suppliers between now and the 9th August.

So, if you’re moving your old PC to Windows 7 E, not only will you not have a browser, but you’re going to have to do a clean install too. Microsoft have put up a web page which takes you through the steps you can take to make the transition as painless as possible. Obviously it tells you how to get to running Windows 7 E with IE8, but if you already use a different web browser I’m sure you can work out how to switch it in at that point.

Of course it’s not only people using Windows in Europe who are impacted by the release of the E editions. Software developers worldwide, who may have used the fact that IE was present in every version of Windows in their applications, will have to look at ways around it being missing, or another browser being in its place. There is some excellent advice for developers on the Windows blog about this. I’d recommend that Windows sys admins check that out too, since it’ll help them in testing software before rolling it out across their Windows infrastructure.

Some further reading regarding Windows 7:
…for IT Pros: Talking About Windows and IT Pro at Home
…for people building hardware or developing software: Ready. Set. 7.

Windows 7 and Windows Server 2008 R2 Event – 8th July

For Windows sys admins, the biggest contacts on your approach radar right now are Windows 7 and Windows Server 2008 R2, due to release later in the year (but be complete and released to manufacture next month). This free evening event, right here on the campus, couldn’t be much more timely then.

Rik Hepworth, the IT Director at Black Marble, will cover some of the great new features of the new operating systems, including BranchCache, XP Mode and what I personally think is the number one feature, DirectAccess.

This is bound to be a popular event, so sign up early over at the VBUG site.

TechNet Conference goes virtual (19 June 2009)

From Microsoft:

We’re pleased to announce the launch of the very first TechNet Virtual Conference taking place on 19 June 2009.

You told us that time and budget pressures make attending in person events difficult – so to help both you and the environment we decided to take the TechNet Conference virtual. Now you and your colleagues can join us to get a flavour of some key Microsoft technologies from the comfort of your own desks.

  • Windows 7 – Deployment and Management
  • Windows Server 2008 R2 – 10 things to make life easier for IT Pros
  • An overview of Office Communications Server R2 and voice capabilities
  • The trials and tribulations of SharePoint implementation

We are also really pleased to announce an exclusive Keynote featuring Mark Russinovich, Microsoft Technical Fellow specialising in the Windows platform.

And that’s not the only difference this year. In addition to Microsoft technology news and product overviews from the experts, the TechNet Virtual Conference will also feature a second auditorium focused on IT Management, including:

  • How IT will change over the next 10 years and why you should care – an exclusive session delivered at TechEd EMEA
  • Growing the Business and Managing Costs at Microsoft – An Insider’s View, presented by Asif Jinnah, IT Manager, Microsoft UK

Click here to see the full agenda.

http://technet.microsoft.com/en-gb/dd819085.aspx