December 28, 2012 5:30 PM
Posted by: Ed Tittel
After posting about Windows 8 UEFI Install on December 19, 2012, I’ve now been through that exercise enough times to have learned some “don’ts” along with the instructions I provide in that blog, and those you also find in the EightForums tutorials on creating a bootable UFD for UEFI and doing a Windows 8 UEFI install. As always, I keep reading about more and better ways to do things in setting up the UFD and performing the install, and I found some approaches to avoid as well as some potential gotchas to explain. Here goes:
1. Despite what other sources may say, you can’t use the Microsoft Store’s Windows 7 USB/DVD download tool to build a bootable UFD that works with UEFI. It will cheerfully deploy the Windows 8 ISO on the UFD, but when you examine the drive inside your PC BIOS for boot targeting, it lacks the essential UEFI: label needed to drive a UEFI drive layout during Windows 8 installation. That said, this tool is good for one thing: It checks .iso file integrity to make sure they can and will install properly.
2. It’s a grand idea to check the integrity of the Windows 8 .iso file you set up with diskpart and whose contents you copy to your bootable UEFI UFD. I didn’t do this on my first try, and sure enough my ISO file was corrupted. It threw a “missing media driver” error in the initial stages of the install, and only Internet research showed me that this normally indicates integrity problems with the files extracted from the ISO for use on the UFD. A quick download from MSDN and a rebuild of my UFD and everything on the next attempt worked exactly as it should.
3. Disconnect all other Windows boot drives from your target system before you attempt a UEFI install. I didn’t do this on my second attempt, and learned that the new drive simply uses the EFI partition on the original system drive to do its boot thing and doesn’t create a native EFI disk partition structure on the second drive (because it’s already got a working one on the original EFI system drive, thank you very much). Unfortunately, this did some very weird stuff to the EFI and boot partitions on that original system drive, too. In fact, when I booted into that original partition, the OS wouldn’t come up. I had to reboot from the UEFI UFD, run the repair option from the installer, and restore my most recent system image (taken earlier that afternoon before all these shenanigans began, as a necessary precaution) before I could restore the system to normal, proper operation. Subsequent research showed that some installers actually disconnected ALL other drives from their systems besides the intended system target drive when doing a UEFI install, because of other odd issues here and there that popped up when other drives were present.
4. I learned that the Windows boot manager will let you boot directly into a VM without also booting the underlying host machine. I didn’t realize what was going on at first, and was nonplussed at the presence of a virtual Ethernet interface that couldn’t connect to the Internet (of course not, without the virtual switch connection to the host, there is no Internet link). But this sorted itself out pretty quickly, and I learned to include VM in the computer name for all Windows 8 VMs going forward so I can tell what’s what when the boot manager asks me which OS I should boot!
Here’s what Disk Management reports as the layout for my EFI drive:
First recovery, then EFI, then Windows boot.
My next goal is to create a bootable UFD or DVD that will let me run the UEFI shell from a cold boot. So far, I’ve been unable to get that working on my UEFI systems, either. I hope to make some informative and useful reports on the shell environment in the relatively near future. Stay tuned!
December 26, 2012 4:37 PM
Posted by: Ed Tittel
Chances are better than average that those who read this blog won’t themselves benefit from this information. But most IT pros have friends, family, and perhaps even co-workers or fellow staff members who could benefit from a quick-n-easy introduction to Microsoft’s latest and greatest desktop OS.
This mini-edition comes from Andy Rathbone, the author for all Windows Dummies titles back to the very first one.
All it takes is visiting the download link, providing contact info (which you can make completely bogus if you like), and clicking the Submit button. Next up comes a download link to this 11 MB PDF file. Aside from brief sponsor info at the head of the book, and a one-age ad for Dell “Windows 8 optimized devices” at the very end, the material is otherwise devoid of advertising. This is what’s known as a “For Dummies custom publication” inside Wiley — I’ve written about a dozen of these myself — and it uses a smaller trim size (5.5 x 8.5″ on paper, slightly less in e-book form). So its 138 pages of actual content (not counting front matter and the concluding advertisement) aren’t as substantial as a full-size For Dummies book of the same length could be, but the content is well-written and pretty informative (as you’d expect from Rathbone, one of the most successful authors in the whole For Dummies line-up).
Here’s a snapshot of the table of contents, by Chapter title
Chapter 1: The New Start Screen
Chapter 2: The Traditional Desktop
Chapter 3: Storage: Internal, External and in the Sky
Chapter 4: Working with Apps
Chapter 5: Engaging the Social Apps
Chapter 6: Getting Connected and Having Fun Through the Start Screen
Chapter 7: Ten Things You’ll Hate about Windows 8 (And How to Fix Them)
All in all this is a nice little self-starter for those who might be inclined to greet Windows 8 with trepidation or confusion, rather than digging into help files, online guides, and other available tools to help them figure out the new desktop in record time. I figure that makes it a nice link to pass onto others who might benefit from its sometimes amusing but always helpful content. Happy Holidays!
December 24, 2012 4:56 PM
Posted by: Ed Tittel
Last Thursday, right after applying the second MS12-078 patch to my production Windows desktop machine, Identity Safe in Norton Internet Security 2013 quit working. I didn’t have time to deal with this until the weekend, and worked around the loss of access to my password vault because I’m lucky enough to have memorized all of my really important passwords for my most frequently-accessed password-protected Web assets. The basic symptom was as follows: every time I tried to access Identity Safe, I first had to login to my online Norton account, but each such login attempt would end unsuccessfully with an error message that the software was unable to access the Internet. This, despite my ready ability to login directly to my Norton account online, and actually see the contents of the Identity Safe/Vault with my own eyeballs.
When it works, great; when it fails, account/password data inaccessible.
A little quick Web research showed that hundreds, if not thousands, of other Norton users have suffered from the same problem, some as far back as this summer. Thus, although my symptoms didn’t manifest until Thursday, December, 20, the day that the second coming of MS12-078/KB2753842 occurred, it’s not at all necessary that those two events be related to each other. After trying various fixes and workarounds from the Support pages and from advice dispensed to other fellow sufferers, I got exactly nowhere.
So, yesterday I finally took the time to open an online chat with Norton Tech Support and ask for some professional help. It turns out that a remove-and-replace operation on NIS 2013 was necessary to restore Web-based access to the password vault. But somehow during the remove-reinstall maneuver, my original database of account and password information got trashed. The Norton tech support pro valiantly tried to restore the contents of the vault using the local backup file that the program creates in the C:\Program Data\Norton\<<SID>>\NIS_126.96.36.199\IdentitySafeDataStore folder every day, but the Import operation on that file returns the error “file unreadable or corrupt.” I jumped in to help out, and started using Acronis True Image Home to mount images for backups going into late November, but each had the same results: no luck. After about 90 minutes on the phone, we decided to give up and I was faced with having to rebuild all 243 of my accounts and password manually. Ouch!
Later that afternoon, running an errand with the family, I had an idea: Why not dig further back into my backup trail, and find an identity safe snapshot that predated my adoption of the Norton Vault (Web-based technology that superseded local disk-based Identity Safe stuff)? Sure enough, I found a file named IDDStor2.dat in the same folder dated July 5, 2012, and was able to import it into my current Vault environment without difficulty. And then, in looking at the directory structure of the afore-cited Program Data director for Norton stuff, I observed a pattern that probably indicated why our import efforts failed:
- Notice the folder names starting 5e0 vs 8d2.
I have to believe that the folder names represent some kind of unique ID or hash value, and that the reason the import failed is because the ID or hash value is used to decrypt the contents of the locally-stored vault information. That’s because the 8d2… folder name represents where vault stuff lived when the previous NIS 2013 installation was active, but the 5e0… folder took over when the latest installation occurred. By my reckoning, the error that caused all this grief was the failure to export the local vault contents to a more readable file format before reinstalling NIS 2013 and breaking the link that permitted the vault to be properly decrypted at runtime. Thus, I’m adding a manual export of that data to a file on another drive to my weeky list of system maintenance chores. I hope it’ll keep me out of hot water for the foreseeable future.
I’m lucky: I only lost a couple dozen pairs of account-password information when I reverted by to July’s vault snapshot. I also keep my logins and account information in a special email folder (the welcome messages that follow new account setups don’t always provide all the necessary details but they do make it possible to recover them) so I’ve been able to keep up my daily routine without losing too much time or effort to get back to where I started. Other folks who face this kind of problem may not be so lucky, however. For them, some time and effort — and possibly even heartbreak — might be involved in returning to status quo. So, to all who use the online Norton Vault, I strongly recommend making an occasional export of the Vault contents. That way, you’ll never lose more than what occurs between the time of the snapshot and the time at which you lose access to your current vault contents.
I asked the Norton Tech Support rep who helped me out to communicate to his superiors that it’s not acceptable to create an environment wherein complete loss of important data can occur, especially for something as important as an account-password store. I sincerely hope they come with a more foolproof way to protect such information in the event of software problems or failures, and that this kind of situation isn’t allowed to persist.
December 21, 2012 5:19 PM
Posted by: Ed Tittel
Security bulletin MS12-078, originally released on 12/11/2012, was updated yesterday (12/20/2012). This is a critical patch that seeks to address “vulnerabilities in Windows Kernel-Mode drivers [that] could allow remote code execution,” so it’s a pretty big deal. The update has to do with corrections to the way that Windows kernel-mode drivers handle objects in memory. So far there have been some reports of font corruption in Windows XP and Windows 7 as a result of this fix, which manifested as disappearing fonts in PowerPoint, Corel Draw, Quark Express, Flexi, and other graphics/layout applications. Apparently, this is what occasioned the out-of-band “band-aid” on December 20 to fix the bugs introduced by the original version of the MS12-078 update released on December 11. There’s a good story about this on the Infoworld Tech Watch by Windows and Office guru Woody Leonhard dated December 14 — I wish he’d update to follow up with coverage of the band-aid — and he has done so, see his “re-issue” blog at the same site.
In today’s follow-up post, Woody identifies a “list of borked apps” as follows: Quark Xpress, Quark CopyDesk, FlexiSign, SignLab, Musescore, Avid Marquee, Bentley MicroStation, Inkscape, Xara, Extensis, Serif PagePlus, Document Toolkit, Flash in design mode, and most embarrassingly PowerPoint and, reportedly, Excel. That’s quite a handful!
Apparently, it’s tied into the OpenType Compact Font Format (CFF) driver, as documented in MS KB article 2753842. Yesterday MS amended the KB article to add this language:
The original version of security update 2753842 had an issue related to OTF (OpenType Font) rendering in applications such as PowerPoint on affected versions of Windows. This issue was resolved in the version of this security update that was rereleased on December 20, 2012.
The upshot of this re-issue is that you need to install this new version of MS12-079/KB s753842 whether or not ou installed the original, bug-infested version. That’s why many users will see the patch offered a second time (the first time on or around December 11, the second time starting yesterday, December 20). It’s the only way to fix the bugs that the original patch introduced, while also addressing the security vulnerability that both patches were intended to address, even though the first one didn’t do so in the most efficacious way.
December 19, 2012 8:00 PM
Posted by: Ed Tittel
OK, I admit it. I’m often a “better late than never” kind of guy. I’ve been writing about UEFI and Windows 8/Windows Server 2012 since September 2011, but I’ve just now finally gotten around to performing an intentional and fully-functional UEFI install of Windows 8.
A UEFI install requires jumping through some hoops, but is very doable.
This comes about thanks in very large part to postings on the Windows Eight Forums by forum meister Shawn Brink (aka Brink) and an anonymous poster named Arkhi, respectively entitled:
The steps involved are fairly straightforward once you assemble the correct ingredients and build yourself a Windows 8 installation bootable USB flash drive for UEFI. The other necessary ingredient is a target system drive that is completely blank (if you plan to recycle a drive that’s already been used as a system drive without a UEFI boot, you’ll need to remove all partitions from that device so it shows up in the Disk Management utility as unallocated space. If you need to prep the drive, you can use the
diskpart utility to do this from an elevated command prompt (right-click cmd.exe, then select Run as administrator; you’ll be wiping the contents of the entire drive so if there’s anything on it you might ever need again be sure to back it up beforehand):
#note the disk number for the drive you want to wipe clean; I'll use 5 as the number in the example code that follows
select disk 5
Launch the Windows 8 installer, then when the “Where do you want to install Windows?” screen appears, highlight the blank target drive, and select the New entry. Click Apply, and then OK. The disk will be formatted using GPT (GUID partition table) into 4 partitions as follows:
- Partition 1: Recovery
- Partition 2: System (an EFI system partition that houses NTLDR, HAL, boot.txt, drivers, and other key system boot files)
- Partition 3: MSR (a Microsoft Reserved partition that reserves space on the drive exclusively for subsequent OS use)
- Partition 4: Primary (this is where your Windows OS will actually, and serves as the Windows system partition)
Windows 8 must be installed to Partition 4, the Primary partition. At this point, UEFI install is properly set up and you can proceed with a clean install of Windows 8 from here. If you get an error message that reads “Windows can’t be installed on drive X partition Y” don’t worry unless you can’t click the next button (this is apparently an occasional glitch in the installer, which works properly despite the error message). One more word of warning: UEFI install works only with 64-bit Windows 8; 32-bit Windows 8 versions are not supported!
December 17, 2012 7:29 PM
Posted by: Ed Tittel
Windows 8 has been out for almost two months now in GA form, but the numbers at NetMarketShare still barely register its presence. A quick look at the November 2012 OS pie chart shows that Windows 8 fails to register, except as part of the “other” category.
Windows 8 is subsumed under the “Other” heading here.
A further look into the text details shows that Windows 8 registers just behind Linux, whose 1.25% share still leads Windows 8′s 1.09% by 0.16%. It should be interesting to follow the growth of Windows 8′s share of the market pie over the months ahead to see how quickly it can edge its way past Linux and into Mac OS territory (more than 1.25% but less than 2.19%). I predict that it could be as long as one year before Windows 8 edges past the other OSes and starts encroaching into Windows Vista’s current 5.7% marketshare. It’s possible that Windows 8′s move past those non-Windows entries could also coincide with surpassing Vista, but I’m not yet convinced it can must enough upward momentum to climb that far, that fast.
In any case, this should be an interesting marketshare pie to keep watching. Count on me to report back regularly as and when things start to change.
December 14, 2012 6:49 PM
Posted by: Ed Tittel
When is a PC not really a PC? When it’s a virtual machine (VM), of course. In that case, software is used to emulate a physical machine of sorts, as well as the operating system and applications it supports. Burning with curiosity this morning, I fired up DriverAgent to see its takes on what goes into the virtual innards of a Windows 8 VM in the company’s latest and greatest desktop environment.
An interesting grab-bag of generic PC parts.
The first thing I noticed about the listing was the lack of hardware details — such as, for example, no CPU (no Processor entry), no monitor, no physical storage devices, and so forth. The next thing is the presence of a number of numerous entries based on the old Intel 810 Chipset and its related 82371AB/EB controllers — including a PCI Bus Master IDE controller, a PCI to ISA bridge (ISA mode) controller, and a Pentium II Processor to PCI bridge. All of this points to an older and very generic Pentium II virtual machine architecture for Hyper-V desktop OSes. This makes sense, because a large number of virtualized device drivers are available for this virtual platform, and makes the rest of the plumbing for such VMs easy to define and hook up, including other no-name system elements like the COM1 communications port, the PCI bus, CMSO/real time clock, DMA controller, motherboard resources, numeric data processor, a programmable interrupt controller, and so forth. And when there’s IO to be done we see virtualized drivers including an Msft Virtual CD/ROM ATA device, and a Virtual HD ATA device.
All very simple if not also entirely rudimentary. Intel’s had emulators for all these parts kicking around for years. I’m pretty sure that where at least the baseline virtual PC elements in this architecture originate. It also gets interesting if you visit DriverAgent and right-click on the itty-bitty icons at the left of each entry that appears in the preceding screencap. Normally, anything with a “real driver” attaches to a link where you can find alternate drivers you might wish to substitute for what you’re currently using (at least on a non-virtual PC). As I click through the list, only the following elements have links attached:
- Intel 82371AB PCI Bus Master IDE Controllers PCI Drivers
- Microsoft Hyper-V S3 Cap (but the corresponding driver page is empty)
- Generic PnP Monitor (driver page empty)
- Intel 82371AB/EB PCI to ISA bridge (ISA mode)
- Intel 82443BX Pentium(r) II Processor to PCI Bridge PCI Drivers
- Microsoft Shared Fax Driver (driver page is empty)
- Microsoft XPS Document Writer v4 (driver page is empty)
Everything else is completely virtualized, probably integrated into the runtime virtual machine image that supports desktop operating systems inside Hyper-V v3. In pondering why Microsoft chose such simple, basic elements and such a rudimentary infrastructure for the virtual architecture, I’m struck by how far back in time the hardware upon which the virtual machine is modeled actually goes. It’s old enough to accommodate even “ancient” Windows versions (a lot of this stuff goes back to the 1999-2001 period) yet capable enough to provide useful PC emulation even for modern desktop operating systems like Windows 7 and 8. When I run either of those OSes on a modestly equipped host PC (i7 2600K with plenty of RAM) they are surprisingly fast and snappy, not much slower than the host OS itself, running on the same hardware.
Given that updating drivers for a virtual machine is fraught with peril, I’m glad that DriverAgent didn’t find any drivers it thinks need to be updated on the test VM where I captured the screenshot. I have to image that if and when such driver updates occur, they’ll be handling as part of a rebuild of the baseline VM images, and simply be passed down the line for ordinary users to test and deploy as they see fit.
December 12, 2012 11:04 PM
Posted by: Ed Tittel
I’m editing an upcoming book for Sybex from my friend and sometimes co-author Darril Gibson. Its current working title is MCSA: Microsoft Windows 8 Complete Study Guide: Exams 70-687 and 70-688 (ISBN-13: 978-1-118-55687-0), and it’s chock-full of interesting and useful information about Windows 8 internals, installation, deployment, and maintenance. I’ve been chewing my way through the Hyper-V chapters lately, and have had the unique pleasure of getting paid to learn stuff I need to know anyway. It’s been great fun, and it’s amped up my understanding of and appreciation for the latest Microsoft desktop OS. This book is due out in the March-April 2013 timeframe for those who may be interested in checking it out further…
In working with and installing VMs inside the Hyper-V environment on a couple of Windows 8 test machines to complete and evaluate the exercises that Darril provides in his book – worth the price of purchase all by themselves IMO – I’ve learned a number of very interesting lessons about working with VMs in Hyper-V on Windows 8, and made some equally interesting observations:
- For moderate usability and performance, Windows 8 and Windows Server 2012 VMs need RAM allocations of at least 3 GB (and with Windows and RAM, more is always better, as long as you can spare it—I try to leave no less than 8 GB of RAM for the host OS to do its thing at all times, which means I’m equipping my new systems with a minimum of 16 GB of RAM on notebooks, and 24-32 GB on desktops).
- Don’t forget you can use RDP to attach to VMs. It beats the default Virtual Machine Connection windows that double-clicking a VM entry opens through Hyper-V Manager: not only can you expand the RDP windows to fill the whole screen (for VMC windows, resolution is limited to 1024×768), but you also get access to audio from the VM, which the VMC window does not support. You don’t have to strike CTRL-ALT-Left Arrow to change the mouse focus, either: you can just mouse naturally in and out of the RDP window as you like.
- On PCs with (mostly smaller) SSD boot drives – my typical configuration nowadays, and I suspect likewise for many IT pros and PC enthusiasts – it’s necessary to move virtual hard disks (VHD and VHDX files) plus snapshots to another drive to keep from overstuffing storage on your system/boot drive. When you set up a VM you have the option to define an alternate location for such files. I strongly recommend you get in this habit, if space on your boot drive is constrained.
- In Darril’s book he recommends setting up Windows 8 and Windows Server 2012 test environments through a private virtual switch. This is probably a good way to run a test network day-to-day, but you must occasionally change the switch designation over to external (able to access the Internet through the host). First, this is necessary to activate Windows inside the individual VMs, and second, it’s needed to gain access to Windows Update to keep the patch levels of the guest OSes up-to-date and in synch with production environments.
- For test networks, Microsoft’s built-in Windows Defender anti-virus/anti-spyware package is plenty good enough for security protection. Unless you have to install a different security package to maintain parity with production networks, there’s no need to switch to something else. That said, you’ll want to exclude the physical disks where you store virtual hard disk images from antivirus scanning by the host system, not only because of potential performance impacts, but also because they’re already being scanned within the VMs anyway. OTOH, if your AV software permits process-level scanning exclusions, you’ll also want to exclude vmms.exe and vmwp.exe to keep additional process overhead out of the way.
- If possible, put your VHDs on a RAID 10 array, which offers striping performance with mirrored redundancy: this delivers the best I/O performance with the fault tolerance of mirroring. Takes more drives to implement this, to be sure, but offers the best of both worlds (performance and protection). Remember that static, fixed-size allocation VHDs also deliver better performance, while dynamically expanding VHDs help keep disk consumption lower. A classic speed-space trade-off!
- Hyper-V Dynamic Memory is the bomb! Though you must specify startup RAM and Maximum RAM sizes, it’s a boon to let Hyper-V manage memory consumption in real time. I recommend using a generous static memory allocation (4 GB or better for virtual desktops, 8 GB of better for virtual servers) along with Task Manager to observe test or reference VMs at work under various loads to record start-up and peak load memory consumption to set startup and maximum RAM allocations to make sure you don’t over- or under-provision them with RAM.
Given that RAM is so cheap these days (I just bought 32 GB – 4 x 8GB modules – for one of my desktops for a paltry $70) do your best to max out your systems with RAM if you want to work with Hyper-V. That way, you’ll be able to make sure the host OS and its guest VMs all have enough working space to get their jobs done!
December 10, 2012 8:19 PM
Posted by: Ed Tittel
If you work with Windows desktops, especially virtualized ones, you’re probably already wise to the wiles and virtues of working with Windows images, probably using some mix of virtual disk (.vhd or .vhdx) and Windows image (.wim) file formats. As you begin to work your way into Windows 8 images, you’ll find the built-in Windows Deployment Image Servicing and Management Tool, aka DISM, offers some interesting additions to and enhancements from its capabilities in Windows 7. DISM was also retro-fitted to Vista, but had to be downloaded in the form of the Windows Automated Installation Kit, aka WAIK, itself now superseded in Windows 8 with the Windows Assessment and Deployment kit, aka ADK. I’ve just started digging into the DISM utility more seriously, as I’m trying to work around an EFI disk partition issue on one of my Windows 8 desktops that’s preventing the new record image (recimg) command from capturing an image on that particular machine. Along the way to further understanding, I came across a peachy resource I wanted to share, because it’s likely to be as helpful to other readers as it’s already been to me — namely, the DISM technical reference from TechNet.
This reference not only includes a useful overview, it also includes a useful set of how-tos on using DISM, as well as the outright and typical command line reference information you’d expect for an important and complex management tool in any system administrator’s toolbox. So far, two items in the how-to collection have proven especially informative in my quest for a current refresh image for my Windows 8 desktops: they’re entitled Create and Manage a Windows Image and How to Take Inventory of an Image or Component. This items have helped me to better understand why, when, and how to use DISM in creating and manipulating Windows image files, and to get my head around the often-complex syntax of the DISM command. I’ve also discovered a CodePlex project called DISM GUI that presents a graphical shell around DISM (the following screenshot shows WIM information for a typical Windows image constructed for a bootable OS install UFD using the Windows 7 USB DVD Download Tool).
The DISM GUI project makes fooling around the this command a little easier.
DISM GUI promises to make real work with DISM more straightforward, too, but I’m not deep enough into its ways and workings yet to comment intelligently on that scenario. All I can say at this point is “Looks good!”