Windows Enterprise Desktop


March 18, 2009  6:43 PM

Windows 7 Comes Off Pretty Darn Well

Ed Tittel Ed Tittel Profile: Ed Tittel

Now that I’ve gotten Windows 7 (the latest beta build: 7057) up and running on a couple of computers, I understand most of the recent hoopla it’s garnered a whole lot better. It is indeed quick and easy to install: under half an hour in all cases, working from an ISO download I burned to DVD after downloading it from MSDN. Windows 7 does consume fewer resources and run faster than Vista, just like other recent reports indicate. Also, it does a decent to stellar job of recognizing hardware and getting itself installed with a minimum of user input and activity involved. I selected a language, confirmed my time zone and locale, provided a key, and indicated I was using a home network. That was the entire extent of my interaction with the PCs upon which I installed this software (one notebook, one desktop, just to get the full flavor of Win7 in my test environment).

I also now understand that Windows 7 is a whole lot more like Vista than it is unlike Vista, though it does look completely different, and organize the desktop as well as access to programs, services, and so forth a bit differently. It worked perfectly with all the software I threw at it with only two exceptions: it wouldn’t run PerfectDisk 10 for defrag (analyzing a drive produced the generic catchall “Error 0″ notification) nor would it run Unknown Devices 1.2 (when run on Vista, this program reports “I don’t know what OS this is exactly, so I guessed where the PnP info is, and I’m right!” I’m guessing this means PnP data has moved in Windows 7 or it probably would have worked, too. That said, HunterSoft/Zhanguo.com’s Unknown Device Identifier worked fine on Windows 7).

Unlike Ed Bott’s recent report on installing and living with Build 7057, Windows 7 didn’t recognize all the devices on my HP HDX18-1001xx, as it did on his Dell XPS 420. It only missed on 7 items though, including two Intel ICH9 chipset elements (Thermal Subsystem 2932 and SMBus Controller 2930), the notebook’s built-in HP Webcam and Validity Fingerprint scanner, the ENE CIR Receiver (for IR remote control support), the ATSC/Analog TV tuner card, and the JMicron memory card reader (MS, SD, SD/MMC, xD). A quick trip to the HP Customer Care Web pages for my notebook made downloading the necessary 32-bit Vista drivers a snap. All installed without a hitch. I was even able to use my old tried and trusted DriverAgent tool to check and confirm driver status, as shown here:

DriverAgent Works Nicely with Windows 7

Most impressively, the wireless networking and Bluetooth elements on the system worked flawlessly as soon as the system booted “for real” after the install completed. This is the first time in my experience that wireless connections have worked as quickly and painlessly with Windows as they did here, Vista and XP included.

All this experience and my (mostly successful) navigation of the Windows 7 UI confirms my belief that Windows 7 is incredibly Vista-like. This definitely explains why MS is touting Vista as the right point of departure for getting to know Windows 7, because these two OSes are more alike than they are different. It’s also made working with and getting to know Windows 7 a whole lot easier and faster than I expected it to be.

My next project is to install Windows 7 on an Asus Eee PC 1000HE, but I’m waiting on a USB enclosure for a DVD drive to arrive by mailorder before I can get started on that project–which I’ll be documenting extensively in an article for InformIT.com. Stay tuned here for the high points, and for more information about my Win 7 adventures. So far, so good, however.

March 16, 2009  6:21 PM

Dual-boot Vista (or XP) and Windows 7–the Easy Way!!

Ed Tittel Ed Tittel Profile: Ed Tittel

While indeed you can shrink the system partition on your current boot/system drive and install Windows 7 on a new partition you create by trimming space from that partition, why bother? You can install Windows 7 to an external hard disk (eSATA only, USB won’t work[updated 5/17/09 thanks to feedback from reader Jay Visaria]) and then manipulate the boot drive order in BIOS to control which OS boots on your machine.

Leave your current boot drive order unaltered, and Vista will continue to boot as always. Change your boot order so that the Win7 boot drive is ahead of the Vista boot drive and presto! you’ll boot into Windows 7 instead of Vista. This is a great and easy way for admins to muck about with Windows 7 on familiar hardware, while avoiding potential difficulties that dual-booting from the same volume can sometimes cause. This is significantly less likely with Windows 7 and Windows Vista than other Windows versions because both of those versions use the same BCD files and software. But I’ve been bitten too many times in my Windows forays–especially into new and relatively uncharted territory–to want to put a production OS and a beta OS on the same drive.

Now that the beta is publicly available and all kinds of people want to jump on this new OS, dual-booting is bound to be an issue for many. Though there are many other ways to scratch this particular itch, I prefer the one just described because it keeps things as disjoint as possible. I’m leery enough about the Win7 beta that I turn the external drive upon which it resides on only when I want to explore its file system from Vista, or when I actually want to run Windows 7 and boot from that drive. It stays off the rest of the time.

Know of other, better methods? Please share them with me, but don’t tell me to run Win 7 in a VM, please. I already know how to do that, too!

Thanks,

–Ed–


March 13, 2009  4:52 PM

Windows 7 Gains Added Luster

Ed Tittel Ed Tittel Profile: Ed Tittel

Long-time Windows expert Ed Bott posted an extremely interesting, if not downright intruiging blog yesterday on ZDNet. It’s entitled “Is Windows 7 reliable enough to release now?,” and proceeds to make a reasonably convincing case that the answer to that question might be “Yes!” before concluding that more testing and QA, and another cycle of updates and improvements remains warranted.

What I found both interesting and compelling about his post were the following observations and story elements:

  • Windows 7 build 7048 (released about a week ago) is proving uncommonly stable, with only a few minor hiccups and no serious crashes or BSODs to report
  • Great screenshots from the new Reliability Monitor and a new memory monitor are worth their weight in gold in showing what the new interface looks like and what it has to say about the OS itself
  • He was able to get an astounding number of applications (some with multiple instances, counts running from 3 to 7) up and running in parallel without experiencing slowdowns when toggling among existing apps or opening new ones
  • The base install recognized all devices on his Dell XPS 420 desktop PC, so that no driver updates post-install were needed outside those included in the install image or via Windows Update

Bott also reports that numerous calls to release Win 7 now (or soon) are circulating around the net but that MS is unlikely to comply. I’m starting to wonder, though, if some of the other rumors that Win 7 will be released to manufacturing (RTM) in Q4 09 might not be right on target. Only time will tell.

For my part this fuels my desire to jump onto the latest Win 7 beta. I’m particularly interested to see if I can install it on my Asus Eee 1000HE netbook PC, and how it will work in such a confined environment (single core Atom, 2 GB RAM, 160 GB HD, …). I look forward to fooling around with this latest beta, and to reporting on those results next week!


March 13, 2009  4:38 PM

Patch Tuesday March 2009

Ed Tittel Ed Tittel Profile: Ed Tittel

Tuesday, March 10, was the second Tuesday of the month, the day colloquially known to MS system administrators and security mavens as “Patch Tuesday.” Here’s a smorgasbord of the items that showed up in the list of 3/10/2009 items with relevance for Windows Vista:

  • MS09-006 Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (KB958690). This is first kernel vulnerability to come along for a while and as such affects all supported versions of Windows back to Windows 2000. Most fixes go the the Win32k.sys file, which ranks right up there with ntoskrnl.exe at the heart of Windows OSes everywhere. Update this one quick!
  • MS09-007 Vulnerability in SChannel Could Allow Spoofing (KB960225). This privately reported item, if exploited, could allow an attacker who gains access to end-user certificates to successfully impersonate (spoof) those users, but only when the public key component of an authentication certificate has also been obtained as well. This affects all supported versions of Windows as well. If you use end-user certificates as part of your authentication mechanisms, you’ll want to apply this update quickly as well.

Another bulletin (MS09-008) was also released with fixes for vulnerabilities in DNS and WINS Server code that could permit address spoofing for potential man-in-the-middle or site impersonation attacks. But you can leave these fixes for the server gang, unless you happen to take care of your organization’s servers as well.

For the record, only MS09-006 is rated Critical, while both MS09-007 and MS09-008 are rated Important. Given the nature of the related vulnerabilities, anyone who’s affected by either Important item should probably expedite pushing this update out as quickly as possible anyway. And of course any Critical item needs to make its way onto Vista (and other Windows) machines as soon as circumstances and testing/deployment requirements permit.


March 9, 2009  8:50 PM

Paragon Partition Manager 9.0 Pro Edition

Ed Tittel Ed Tittel Profile: Ed Tittel

If the care and feeding of your Vista systems is anything like mine, from time to time there’s just no getting away from messing with disk partitions. For me, that means one of several activities gets underway:

  • Migrating a notebook or desktop user from a smaller drive to a larger one, sometimes with additional logical volumes to add into the mix, sometimes without.
  • Setting up desktop machines to use VM technology of some kind (I’ve learned it’s safer to set up and run a separate logical and/or physical volume in which to run VMs to keep system or data partitions from filling up completely).
  • Setting up sandboxes of one kind or another for testing, specific applications, or whathaveyou.

I’ve used the Disk Management utility in Administrative Tools (Start, Control Panel, Administrative Tools, Computer Management, Storage, Disk Management) since the NT 4.0 days, but though this tool has gained in capability and flexibility considerably since then, it still can’t compare to a commercial disk partition management tool. And as such tools go, I’ve learned to like Paragon’s Partition Manager 9.0 Professional Edition better than most of the others I’ve used (Partition Magic, EASEUS Partition Master, Acronis Disk Partition Manager, and so forth, though those with no budget for software left may have to opt for the Open Source gparted instead).

Strictly as a partition management tool, Paragon Partition Manager is worth the $65 or so this program will typically cost you. As the following screenshots amply illustrate, it not only allows you to manage partitions quite nicely (create, format, resize/redistribute space, merge, and even undelete) it will also let you copy partitions or entire drives (either logically or physically), perform various types of partition- and disk-level backups and restores, and even install a boot manager (great for multi-boot to older Windows versions and/or Linux), and even a file transfer wizard to grab files from inside a working partition, or a backup snapshot the program has made of any partition you’ve saved. There’s even a byte-level disk editor available to those knowledgeable and intrepid enough to use such a powerful but dangerous tool.

The Partition Manager Entry screen shows major functionality groups.

The Partition Manager Entry screen shows major functionality groups.

When you actually start to use the program, you see a multi-pane interface that looks much like many other disk utilities, with similar silos at the left (a control panel, as it were), controls and displays at the right (for specific items or tasks related to the chosen activity), and icons along the top to provide instant access to the most common tasks. Here’s a look at the wizard driven elements for Backup, Copy, and Tools on the left, with disk views at the right (notice how physical disks act as containers for logical volumes).

Tasks on the left, details and displays on the right.

Tasks on left, details and displays on right (click for larger version)

All in all, Paragon Partition Manager 9.0 makes a pretty good addition to any Vista admin’s toolbox. The partition tools are the best and most worthwhile components of the tool, but the backup, copy, and boot management capabilities can be handy when migrating users from one disk to another. The recovery tools are adequate, but only from a very basic perspective (I’ll stick to a well-crafted VistaPE recovery UFD any day). I also found the lack of user-driven search a bit frustrating when the time came to search the help files (you can only plough through an index that they create, and pick the terms inserted therein). Minor nits to be sure, and no reasons not to try this program out for yourself, or even to buy a copy of your very own.


March 6, 2009  8:51 PM

Vista Wins 2009 Fiasco Award

Ed Tittel Ed Tittel Profile: Ed Tittel

Gosh, I love writing headlines because they can say so much and so little at the same time. Today’s blog makes a terrific case in point. It refers to the recent Fiasco award for 2009, chosen by an anonymous Fiasco Awards Team, which was in turn sponsored by the Catalan Association of Telecommunications Engineers (apparently this is a one-time thing, so it’s neither fair nor accurate to link the Fiascos only with the Catalan Association of so-on-and-so-forth). At least one other source describes the Fiasco as a kind of “worst IT product” designation in its reporting, but closer examination of the Association’s own description of the Fiascos reveals there’s a bit more at work here than simply recognizing “worst in show” performance or capability.

What a Fiasco represents is a product, service, or idea from any sector in information and communication technologies that winds up as a complete and total flop. Here’s a quote from the afore-cited Web page that bears the title “The Spirit of the Fiasco Awards.

Technological advance is not a straight path. Despite the economic investment, intellectual efforts and hopes invested on it, it often happens that instead of achieving a successful product, a profitable company, a new useful service or an interesting development through it, we just end up with a real Fiasco in our hands. But both success and fiasco are a part of the same process of leaping forward, head and tail of the same coin. The first, we celebrate, from the latter, when the initial shock is overcome, we learn, and in addition, they tend to be very funny.

To me this award is more synonymous with “good ideas gone spectacularly bad” or perhaps even “it seemed like a good idea at the time” than it is with a “worst in class” designation. Though there are plenty of others who will tar and feather Vista with bad reviews, bad marks, and even bad cess, I think it’s fantastic that an IT organization would seek to find humor in making such awards. Lord knows there have been days when I’ve chased Vista’s tail all over the landscape when a little humor would have been more than welcome. And so I can appreciate and embrace the idea of the Fiasco much more than something more curmudgeonly in outlook and intent. After all the kvetching about Vista I’ve slogged through in writing this blog, it’s great to find something that’s more on the tongue-in-cheek side of the street rather than the vitriolic rant side instead.

Here’s how Vista acquired the 2009 Fiasco award. In response to a survey, 6400 individuals registered on the Fiasco site, and completed a ranking poll to choose the winner. With 5222 (or 81.6%) of respondents choosing Windows Vista, it swamped the other competitors for this award. These included OLPC (One Laptop Per Child, the second place finisher), Second Life (third), Google Lively (4th), and Mobuzz (5th), though numerical breakdowns for these other contestants aren’t readily available.

Tonight at dinner, I’m going to raise my glass and propose a toast to my favorite Fiasco–namely Windows Vista. I urge you to do likewise, at your first opportunity.


March 4, 2009  4:18 PM

Vista SP2 RC Now Available for Download

Ed Tittel Ed Tittel Profile: Ed Tittel

Visit the Microsoft Download Center today (March 4, 2009) and you’ll see numerous Windows Server 2008/Windows Vista SP2 downloads available there, all of which posted on 3/3/2009. When I visited the page in the morning, here’s what shows up under the New Downloads heading there:

Today's New Downloads are all about the SP2 RC

Today's downloads are all about SP2 RC

Careful inspection of these listings, however, reveals that all of them still include the word “Beta,” even though all are indeed new files that posted yesterday. Only the DVD ISO includes a filename that specifically mentions RC2–namely, 6002.16670.090130-1715_iso_update_sp_wave0-RCSP2.0_DVD.iso.

Other downloads simply reference their associated KB articles by number, as with the IA64-based offering that appears at the top of the listing shown in the preceding screenshot–namely, Windows6.0-KB948465-IA64.exe. Here again, these articles specifically reference the SP2 beta releases, and make no mention of the Release Candidate itself.

This leads me to a couple of contemplative musings:

  • If you want to see what’s in RC2, you’ll want to download and inspect the DVD ISO download
  • Microsoft will probably either be issuing a clarification soon, or will replace those other downloads with RC2-labeled materials and KB articles

We’re all going to have to stay tuned to see what happens next. Very interesting! As for myself, I’m downloading the ISO image right now, and will use Daemon Tools to see what’s inside as soon as the download finishes (in 28 more minutes according to the download manager).


March 2, 2009  4:15 PM

Secunia Flags Flash10a.ocx as threat, but clean-up requires some contortions

Ed Tittel Ed Tittel Profile: Ed Tittel

Now that I’ve been running Secunia Personal Software Inspector (PSI) on my Vista machines for about three months I’m starting to learn a little about this program’s behavior. Last Friday, Secunia notified users about an important update to Adobe Flash, part of which involved replacing an older version of its ActiveX control for Explorer with a newer version. This involved installing a package that included a file named Flash10b.ocx, which replaces Flash10a.ocx.

Apparently the installer is not only supposed to add Flash10b.ocx to the %windir%\System32\Macromed\Flash directory, it’s also supposed to delete the previous version, Flash10a.ocx as well. The problem is, deleting ActiveX components you use requires that they be unregistered first. To do this for the aforementioned file, enter this string at the command line:

regsvr32 “C:\Windows\SYSTEM32\Macromed\Flash\Flash10a.ocx” /u

On the other hand, you could use your handy-dandy WinPE boot UFD to reboot the machine and delete this file without having to unregister, because you’re then running inside a different Vista runtime that isn’t using that ActiveX control. However, a double reboot takes at least 5 minutes on my Vista machines: once to boot into WinPE, and again to return to a normal Vista runtime environment after deleting the file. On the other hand, unregistering this ActiveX control takes less than ten seconds. Thus, it’s easier and faster to unregister the file first, then delete it without resorting to the UFD. You can even write a short batch file to automate the entire process, and deploy it around your network to Vista desktops.One more thing: before you attempt to delete this file, please close Secunia PSI as well. If you leave it open, it will hang onto a handle to this file. And of course, that too will prevent you from deleting it.

Those readers who’ve followed my advice and have installed PSI or CSI (the newly-renamed “Corporate Software Inspector” or CSI, that replaces the older NSI for Network Software Inspector) may benefit from this tidbit of information, if they haven’t figured it out already for themselves. As foibles go, however, this one’s pretty minor, and would only require Secunia to add a short note to this effect in their clean-up instructions. I’m still glad to have Secunia in my corner, though, and since I’ve started using their software inspectors my machines have kept up with patches, fixes, and updates on a more-or-less a same-day basis, except for occasional weekends or holidays when I choose not to check on my growing collection of PCs.


February 27, 2009  5:08 PM

Vista SP2 RC On Its Way

Ed Tittel Ed Tittel Profile: Ed Tittel

On Wednesday, February 25, Brandon LeBlanc, Windows Communications Manager for the Windows Client Communications Team, posted information to The Windows Blog to announce the Release Candidate (RC) for “Service Pack 2 for Windows Vista and Windows Server 2008.” Otherwise known as SP2 for Windows Vista and Windows Server 2008, this update is still in beta, but is now available to TechNet and MSDN subscribers for broad access and testing.

Important details of the RC version’s contents (and those planned for release when SP2 goes live later this year, probably in April) are spelled out in LeBlanc’s same-day posting entitled “Notable Changes in SP2 RC for Windows Vista and Windows Server 2008.” There’s also a TEchNet (dated 2/26/2009) document on SP2 available entitled “Hotfixes and Security Updates in Windows Server SP2 and Windows Vista SP2” as well. It’s probably worth a taking a look at these documents, but here’s my take on some highlights:

  • As I mentioned in my previous blog, SP1 remains a mandatory pre-requisite for the install of SP2
  • Users who wish to update to SP2 using Windows Update or Windows Software/Server Update Services (WSUS) have to patch the servicing stack to automate the SP2 install (see KB 955430 for details; the typical URL http://support.microsoft.com/kb/955430 is not yet working as I write this, however).
  • Download sizes run fom 300 to 622 MB for standalone packages, and from 41-90 MB for Windows Update users (DVD info not yet available).
  • Lots of interesting changes to setup and deployment, including a single installer for both Vista and Windows Server 2008, incompatible driver checks, improved error handling and messages, better logging, more secure installation, and post-release installer serviceability. As with SP1, there will also be an SP2 cleanup tool (Compcln.exe) to remove pre-SP2 files from machines, or to reduce the size of slipstream images used to install Vista and/or Windows Server 2008.

Anybody who’s interested who also has a TechNet or MSDN subscription can now sally forth and grab this beta. Because most enterprise admins have one or the other, if not both, this means you!


February 25, 2009  4:30 PM

Here Comes IE8 RTM!!

Ed Tittel Ed Tittel Profile: Ed Tittel

One of my best sources for leaked info from Microsoft continues to be Malaysian-based site TechARP. Today’s blog is based on some recent reportage from them about the upcoming Internet Explorer 8 release. The latest date for release to manufacturing (RTM) is March, 2009, most likely sometime in the latter half of that month (details are expected on March 5, though it’s not yet clear if those details will be available only for internal consumption at Microsoft, or in the form of a more public announcement; interestingly TechARP promises to keep us posted either way).

Here’s what IE8 is supposed to deliver, as compared to previous versions:

  • Improved performance and reliability that TechARP reports as “extensive”
  • Enhanced and expanded visual search suggestions that not only govern general search, but also searches related to shopping, social networking, news and portal sites, sports, and other information categories.
  • “Enhanced user experience, greater user privacy, and security enhancements.” This sound like straight-from-MS verbiage that could mean a lot and deliver very little. I guess we’ll have to wait and see.

When MS does release IE8 to manufacturing, OEMs can then use it as a supplement at their option for subsequent Vista and XP installs. Thus, it could start showing up as a pre-installed Windows feature shortly thereafter. So far, no dates for public release via Windows Update are available, but that will be just a matter of time once RTM is set. For most major Windows components, this usually occurs within 60-90 days of RTM so we should expect widespread availability of IE8 in May or June of this year.

Interested admins should probably be even more interested in downloading the latest beta (2) version after reading this news. That download is still available on the Windows Internet Explorer 8 Home page. It’s still necessary to uninstall IE 7 on any test machines before installing IE8 on those machines; presumably this stricture will also apply to production machines once IE8 goes into public release. Time to get ready!


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: