A hand-drawn look at Windows 7 and Server 2008 R2

Posted on by
Reply

For those who have been struggling to find information about the new features of Windows 7 and Windows Server 2008 R2 (you likely don’t read this blog or mine!), or if you just like to see information presented in a creative way, you should check out the series of cleverly hyperlinked videos put together by my good friends Andrew and James from the TechNet UK IT Professional Technical Evangelist Team.

Since I can’t embed the launchpad video on this blog engine, head over to Andrew’s post to get started.

23rd September: Three fantastic Microsoft enterprise IT presentations

Posted on by
Reply

We are very pleased to be able to announce a stellar line up of technical presentations and speakers from Microsoft at the September VBUG Newcastle IT Pro meeting here on the Newcastle University campus…

The Dynamic Desktop Experience – Windows 7, Windows XP Mode, App-V, MDT, MDOP and System Center – Dan Oliver

Windows 7 offers Microsoft’s customers with an opportunity to deliver a platform that releases new capabilities that deliver real business benefit and significantly reduced cost of ownership. The challenge for most companies is that deploying and migrating desktops is time consuming and traditionally offers service continuity risks with Application Compatibility that can prevent progress. This presentation will show capabilities, architectures and strategies that allow companies to move forward cost effectively to the benefits of a modern operating system. Level: 100

Dan Oliver is a Pre Sales Architect within Microsoft UK’s Speciality Technology Unit with some 14 years’ experience of Microsoft-based solutions primarily in the virtualization and systems management fields. Dan has a background that covers a broad spectrum of industry sectors ranging from Financial, Telecoms, Partners, Legal, Professional Services and Healthcare. Dan has also had the opportunity to work as a Chief Technology Officer for the Faculty of Advocates in the Scottish Legal Sector.

Novell and Lotus Notes – Migrating to Microsoft – Conrad Sidey

The business value of implementing Microsoft technologies like Active Directory, Exchange 2007 and SharePoint are clearly understood within Microsoft. For our customers that are still running their organisation on technologies like Novell and Lotus Notes they are starting to gain an understanding of the value of migrating to Microsoft technologies. The purpose behind this presentation is to provide the technical community with an insight into leading a project and architecting a solution to migrate environment that are running both Novell Netware and Lotus Notes. The presentation will discuss envisioning & planning of a Novell and Notes migration project, approaches to undertaking the migration depending upon the business drivers, providing an overview of the approach we are taking in migrating a UK Local City Council while providing coexistence, as well as presenting a number of migration & coexistence recommendations or lessons learnt from the project. Level: 200

Conrad Sidey is a Solution Architect within Microsoft Consulting Services with some 17 years’ experience of Microsoft-based solutions primarily in the infrastructure field. Conrad has a background that covers a broad spectrum of industry sectors ranging from Financial and Insurance, Manufacturing, Aero-Engineering, Defence, UK and European Government Agencies, Power Generators, Retail and Brewing. Conrad has also had the opportunity to work with large scale outsourcing services providers.

Implementing the “Black Box” – Performance Monitoring and Analysis for proactive and reactive support, server baselining and capacity planning – Richard Diver

All current versions of Windows come with a free tool that can prevent server downtime and solve many mysteries – Perfmon!

A little bit of practice with this tool can really help to solve issues with servers that may not even be performance related. Working at the OS level, you can find cause to most performance bottlenecks regardless of server function (Exchange, DC, Web etc).

This is something that has even more focus in future versions of Windows; a brief overview of these benefits will be shown also! Level: 300

Richard Diver is a Premier Field Engineer with 10 years experience implementing and supporting a range of Microsoft technologies, specialising in Active Directory, Server Platform and Virtualisation.

Wrap up Q&A with all presenters at the end.

Time: 18:45 to 21:00

Location: Room 118, Claremont Tower, Newcastle University, Newcastle-upon-Tyne, NE1 7RU

Price: FREE

Please register for your place at the VBUG site so we can make sure we have enough space and refreshments. 🙂

RSAT released for Windows 7

Posted on by
Reply

Microsoft has released the Remote Server Administration Tools (RSAT) for Windows 7. These tools allow you to “manage roles and features that are installed on computers that are running Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003, from a remote computer that is running Windows 7”.

Download from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=7d2f6ad7-656b-4313-a005-4e344e43997d&displaylang=en

Configure Bitlocker in Windows 7 on a TPM enabled machine.

Posted on by
Reply

Introduction:

This guide is an update to my earlier post on Bitlocker in Windows Vista.

BitLocker Drive Encryption is an integral security feature in the Windows Vista and Windows 7 operating systems that provides considerable protection for the operating system on your computer and data stored on the operating system volume. BitLocker ensures that data stored on a computer running Windows Vista remains encrypted even if the computer is tampered with when the operating system is not running. This helps protect against “offline attacks,” attacks made by disabling or circumventing the installed operating system, or made by physically removing the hard drive to attack the data separately.

This guide demonstrates how to configure a basic installation of Bitlocker with a TPM Enabled machine and assumes you are performing a clean build on a new machine using a network based WDS build.

Important things to remember before you begin

  • Bitlocker is particularly recommended to users of Laptops within the University.
  • Backups are more important than ever on encrypted disks as recovery will be all but impossible if the disks hardware fails.
  • Changing a systems hardware will cause the TPM to react and have the system lock down. This can easily be fixed by using the Bitlocker recovery key but only if you still have it!

Prerequisites

A Machine with a TPM chip
Windows 7 Installation media (DVD or WDS install)

1. Build the machine as normal. Unlike Windows Vista, Windows 7 automatically creates (and hides) the tiny system parition required for drives encrypted with Bitlocker to boot.

2. Once the machine has finished building restart and enable your TPM in the BIOS if it is not already. There does not seem to be any convention on how the TPM is referred to but with HP machines it is so as the ‘Embedded Security Device’

3. Logon to Windows and navigate to Control Panel\All Control Panel Items\BitLocker Drive Encryption.

Bitlocker

4. Select the drive you want to Encrypt.

Bitlocker

5. Choose a method of saving your recovery key.

6. Check the ‘Run BitLocker system check’ option.

Bitlocker

7. Finally restart the machine. After logon you will see a notification that the drive is being Encrypted.

Bitlocker

Windows 7 has arrived on campus!

Posted on by
1

Could Newcastle University be the first organisation in the UK to have Windows 7 RTM available for deployment by WDS…. ?

Whilst there is much discussion at present on campus about how and when we will begin to properly support Windows 7, we didn’t want to let the grass grow under our feet as far as our WDS implementation of the new o/s was concerned.

Adding it to the existing WDS Service was a breeze of course, so perhaps there’s nothing to brag about really 🙂

The March of Progress Continues…

Posted on by
Reply

March of Progress

I thought it would be interesting to see where things stand with Operating System usage in the Active Directory compared with the data I collected in March. These figures are based on Active Computer Objects.

Windows Clients: 10960

Windows Clients

Windows Vista: (March) 472 (5%)
Windows Vista: (Today) 1571 (14%)
Windows XP: (March) 9894 (95%)
Windows XP: (Today) 9386 (86%)

Windows Server: 392

Windows Server

Windows Server 2008(March): 65 (17%)
Windows Server 2008(Today): 136 (31%)
Windows Server 2003(March): 323 (83%)
Windows Server 2003(Today): 307 (69%)

More Microsoft blogs than your body can handle!

Posted on by
Reply

Yesterday BlogMS posted an up to date list of all the official Microsoft team blogs. There’s something for everyone there, with 252 in total!

Since we’re in Higher Education, I’m going to highlight the UK HE blog as one that should be interesting to many of the readers of this blog. You can check out the rest of the list for yourself to see what interests you:

http://blogs.technet.com/blogms/pages/directory-of-microsoft-team-blogs.aspx

Advanced NTFS Permissions

Posted on by
Reply

Much time can be saved by making use of Advanced NTFS File Permissions. I found the following article at builderau.com.au which gives a good description of Advanced NTFS permissions.

You can also see some other information on basic permissions and some recommendations in my earlier post.

Traverse Folder/Execute File: Users can navigate through folders to reach other files or folders, even if they have no permissions for the traversed files or folders. The Traverse Folder permission takes effect only when the group or user doesn’t have the Bypass Traverse Checking user right in the Group Policy snap-in. (By default, the Everyone group has the Bypass Traverse Checking user right.)

List Folder/Read Data: Users can view a list of a folder’s contents and data files.

Read Attributes: Users can view the attributes of a file or folder, such as read-only and hidden. (NTFS defines these attributes.)

Read Extended Attributes: Users can view the extended attributes of a file or folder. (Defined by programs, extended attributes may vary.)

Create Files/Write Data: The Create Files permission allows users to create files within the folder. (This permission applies to folders only.) The Write Data permission allows users to make changes to the file and overwrite existing content. (This permission applies to files only.)

Create Folders/Append Data: This Create Folders permission allows users to create folders within a folder. (This applies to folders only.) The Append Data permission allows users to make changes to the end of the file, but they can’t change, delete, or overwrite existing data. (This applies to files only.)

Write Attributes: Users can change the attributes of a file or folder, such as read-only or hidden. (NTFS defines these attributes.)

Write Extended Attributes: Users can change the extended attributes of a file or folder.

Delete: Users can delete the file or folder. (If users don’t have the Delete permission on a file or folder, they can still delete it if they have the Delete Subfolders And Files permission on the parent folder.)

Read Permissions: Users have reading permissions of the file or folder, such as Full Control, Read, and Write.

Change Permissions: Users have changing permissions of the file or folder, such as Full Control, Read, and Write.

Take Ownership: Users can take ownership of the file or folder. The owner of a file or folder can always change permissions on it, regardless of any existing permissions that protect the file or folder.

Windows 7 may ship with IE in Europe after all

Posted on by
Reply

It seems that there may be agreement between the European Commission and Microsoft to Windows 7 being released in Europe with Internet Explorer 8 present, but with consumers being offered a “ballot screen” which would allow them to simply select from a list of other web browsers. This would set the chosen browser as default and disable Internet Explorer.

This would mean that the issues that I discussed in my previous post about Windows 7 E would go away as the versions of Windows 7 shipped in Europe would share the same functionality as the rest of the world out of the box, which is a positive step. PC manufacturers would still be free to choose to pre-install any browser(s) that they choose to be the default of the machines they ship in Europe.

The proposal states that the ballot screen will be populated with up to 10 of the most used web browsers (with a usage share of at least 0.5% in the European Economic Area, and only one version per vendor), with the top 5 being given prominence. The proposal also includes a commitment to bring the ballot screen retrospectively to XP and Vista via Windows Update.

For more detail, read Microsoft’s press release regarding their proposal to the European Commission and the statement from the Commission.