Offline File Cache Nightmares Resolved

Off-line files are a wonderful thing.  The fact that my users can synchronize the files from a central server (where they are backed up) to their laptop is great.  But what happens when things get out of hand?  In theory, users can save a lot more onto a file server than they can their local machine.  In practice, when the folder is set to synchronize in full to the local hard drive can cause headaches… like waking up one day and realizing that they have 0kb free on their C drive.

Okay, you go to the server and move the offending files to another location.  You log into the affected computer… and nothing doing, still zeroed out. 

The problem is that there is a folder called the Client Side Cache (or Offline Files Cache).  It is stored under the SystemRoot – i.e., it is (by default) c:\Windows\CSC.  Now, this folder can be moved, but it is not a simple process, and I will cover it in a later article.  The issue is that the CSC directory sits on the C Drive, and is completely secured against reasonable attempts to modify it manually… which is good, because trying to do so will cause some pretty serious issues.

So we have fixed the problem on the back-end, and now we have to fix it on the front-end, which means cleaning out the Client-Side Cache.  We can’t simply do this manually, we have to actually clean out the CSC database.  How do we do this:  Here you go:

**VERY IMPORTANT NOTE:

The Windows Registry is not meant to be touched by anyone who does not have a very thorough understanding of how it works, and can cause serious and irrecoverable damage to your Windows installation if handled improperly.  I strongly recommend that you do not do this if you are not extremely comfortable with it.

1. Open the Registry Editor (regedit.msc)

2. Navigate to HKLM\System\CurrentControlSet\Services\Csc\Parameters

3. If there is no Parameters key under CSC then you have to create it. 

4. Under Parameters create a new DWord 32-bit value called FormatDatabase.

image

5. Set the value to FormatDatabase to 1.

SNAGHTML6184ce7

6. Close the registry editor and reboot your computer.

Okay, that is the long way around, but it is also the ‘fewer chances for error’ way.  If you are not afraid of typos, you can do the following:

1. Open a command prompt with elevated privileges.

2. Type: reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Parameters /v FormatDatabase /t REG_DWORD /d 1 /f

(Where /v is the value, /t is the data type, /d is the data, and /f is force overwrite.)

3. Close the command prompt and reboot your computer.

Once your computer reboots you should be alright.  You shouldn’t even have to enter your Recycle Bin, the disk space should just be there Smile

Good luck, and remember to back it up before you hork it up!

Advertisements

Folder Redirection: Where’d these warnings come from?

Congratulations.  You have decided to implement a Folder Redirection policy on your domain.  There are real advantages to this, not the least of which is that all of your users’ profile folders will get backed up centrally… and that when they change computers their files and settings are just there.

You have created a Group Policy Object (GPO) in Active Directory that you have called Folder Redirection, and you have applied it to the Organizational Unit (OU) that your user account is in, and as is so often the case with Desktop Administrators, you have made yourself the guinea pig.  From Windows you run the command gpupdate /force, and are informed that in order for the Folder Redirection policy to be applied, you will have to log off and then log on again.  You do.

It must have worked!  Why do you I say that?  Because unlike most of the time, when logging on takes a few seconds, it took a full ten minutes this time.  As a seasoned Desktop Admin you understand that this is because all of the folders that you set to redirect – Documents, Pictures, Videos, Favorites, Downloads – are being copied to the server before you are actually allowed onto your desktop.  However a few minutes later, once you are logged on, you open Windows Explorer, and in the navigation pane you right-click on Documents, and see that the My Documents folder is no longer at c:\Users\Mitch, but at \\Sharename\Mitch.

Unfortunately there is one step that you are now saying to yourself ‘Mitch, you missed one thing!’ Because you know that when you clicked on Windows Explorer in the task bar, you got a warning message that looked like this:

SNAGHTML646cc73

As a seasoned IT Pro you know that security warnings are a way of life, and it wouldn’t bother you if you had to accept this every time… but you know your end users are going to go ape, so you need a solution.  No problem.

I should mention that while these steps will work for all versions of Windows since Windows Vista, the way you access the screens may be a little different.

1) Open Control Panel. Don’t be alarmed, you are going to get the same security warning when opening the CP.

2) In the Search window type Internet Options.  When it comes up, click on it.

3) In the Internet Properties window select the Security tab.

4) On the Security tab click on Local Intranet.  Then click on Sites.  Note that the Sites button will be greyed out until you select Local Intranet.

6) In the Local Intranet window click the Advanced button.

5) In the Local Intranet (Advanced) window type the location of your folder redirection share into the box marked Add this website to the zone:  Uncheck the box marked Require server verification (https://) for all sites in this zone.  Click Add.  Then click Close.

6) Close the Internet Properties window.

Now try opening Windows Explorer again.  It should open without the security warning.

If You’re Gonna Do IT Then Do IT Right…

Okay, so you know how to configure this setting for your individual desktop… but you don’t really want to have to go to every desktop/laptop/tablet in the organization and do this, do you?  Of course not, that is what Group Policy is for!

We are going to make one change to your Folder Redirection policy.

1) Open Group Policy Management Console.

2) Right-click on your Folder Redirection policy and click Edit…

3) Navigate to: User Configuration – Policies – Administrative Templates – Windows Components – Internet Explorer – Internet Control Panel – Security Page.

4) Right-click on Site to Zone Assignment List.

5) Enable the policy.

6) In the Options box click on Show…

7) In the Value name cell enter the UNC path of your file share.

8) In the Value cell next to the UNC path you just entered enter the value 1(Where 1=Intranet/Local Zone, 2=Trusted Sites, 3=Internet/Public Zone, and 4=Restricted Sites). Click OK then click OK in the Site to Zone Assignment List dialogue box.

9) Close Group Policy Management Editor.

That should be it… remember you will have to re-run your gpupdate /force on your machine, but even if you don’t it will apply in the next few logoffs, right?

**Thanks to Joseph Moody for the list of settings for the Zone Value list!

The Kobayashi Maru of Desktop Deployment

A couple of years ago I was asked to write an article on desktop deployment.  Back then Windows 7 was reasonably new, and there was a lot of chatter about the fact that you could not upgrade from a Windows XP machine directly to Windows 7.

Recently a lot of people have asked me about desktop deployment, what with Windows 8 becoming more widely accepted, and the end of support for Windows XP (#EndOfDaysXP) less than eight months away.  Although I am not doing a lot of deployment work these days, I reread this article that I wrote for the Springboard Series and decided it was still relevant.  I hope you like it!

The Kobayshi Maru of Desktop Deployment

Actual Reality: Desktop Virtualization Solutions from Microsoft

In July I presented my first webcast with BrightTalk.  They were putting together a series on virtualization, and asked if I would be able to speak about VDI and Desktop Virtualization strategies.  It was my pleasure!

The webcast is now available on-line.  I encourage you to download it, and let me know what you think!

Download the webcast here!

A Great Response Regarding OEM/Upgrade Media

Earlier this week I wrote a piece called “For when you want to let go… but can’t completely.’  I got a few interesting responses to it, but one really well thought out one from H. Mertens.  Here is his comment, and my responses to him. -M

A clarification over the OEM/Upgrade media issue:

A OEM installed OS (typical in most laptop purchases) by license can’t be installed on different hardware (some exceptions with regards to repairs). You will be required to change the Product Key for the VM instance away from the OEM SKU to for a product SKU that you (in addition) legally own. A MSDN or TechNet subscription can definitely come in handy in these circumstances, but note that these offerings also set restrictions regarding usage/purpose of the OS installation.

All of these are really good points.  In my article I neglected to address licensing at all.  If your OS license is OEM then you are not allowed to virtualize it… or rather, you can do it, but you have to make sure that you have a legitimate license to attach to the VM, and yes you will have to re-activate the installation.

Your reference to "Upgrade" media has similar considerations with regards to licensing, since it is permanently tied to the OS license/SKU/Product Key that it was used to upgrade(and it typically that is an OEM SKU).

When I refer to Upgrade Media you are right, it is permanently tied to the OS license that it was used to upgrade, but I do not agree with your statement that it would necessarily or even probably be OEM.

I confess, it has been a decade since I delved into these issues, but back then (which is on target because of our discussion of Windows XP) you were able to install Windows XP on top of Windows XP, and it would fix a lot of issues but your applications would still work.  The reason I referred to OEM media is because with OEM you could still install on top of, but it would clean you out – no applications, no user profile.  It wouldn’t delete them, it would just put them into a directory called Windows.old.

Notwithstanding these licensing caveats, OEM and vendor specific Upgrade media, as you mention, is, generally, very hardware specific and usually will not install successfully on "foreign" hardware.

Not only will most OEM and vendor-specific OEM software not install on most ‘foreign’ systems, it is a violation of the EULA to try to do it.  OEM software is married to the motherboard of the system with which it was purchased, and there is no acceptable ‘repurposing’ of that license… for any reason.  If the motherboard dies, when you replace it you must also buy another OEM license.

Off-the-shelf, "Full-Package-Product" (FPP), which can be use as "upgrade" media, is a SKU which can be moved (not copied) from device to device.

*** So the question arises: if you are migrating an image of OEM licensed OS away from failing hardware and onto, say, a virtualized system, would that be seen as an acceptable reuse of the OEM license? ***

OEM software may not be virtualized.  In the event of Windows Server and Hyper-V, there are exceptions to this.  However on the client-side there are no “acceptable reuse” scenarios.

Hint: Typically I upgrade my laptop’s OS with a MSDN/TechNet version since the OEM versions typically are "Home", limited feature set, SKU’s. To aid installing a new OS, I do usually copy over the "%windir%\System32\DriverStore\" of the active OEM installation onto a USB stick so as to resolve "unknown" device issues (use the scan folder option in updating these under device manager). Subsequent Windows Update may upgrade these, but it usually goes over easier once they are "known" devices requiring, perhaps, an upgrade.

Here is where your in-depth understanding of licenses falters my friend; MSDN/TechNet licenses are not to be used on production machines… period.  They are for test/dev only.  As such I am reasonably sure that by installing the OS from that source onto your laptop you are violating the EULA.  It is a very common misunderstanding that many people make, but in short MSDN and TechNet are not meant to be ways of getting all of your production software cheap, they are meant for you to use exclusively for testing purposes.

If you are a Microsoft Partner, then there are acceptable alternatives.  Certain MPN Partners (I don’t know which) are given a number of licenses of most Microsoft software that they can use in production.  If you are not at that level then you can invest in the Microsoft Action Pack Subscription, which entitles you to use the same licenses on (I think) ten computers… in production.

With regard to the DriverStore directory I confess that I generally follow the advice of an old acquaintance… The drivers installed at the source are likely already out of date, and it is usually just as easy to download the latest version from the manufacturer’s website.  Fortunately for me, Microsoft IT has an image for my laptop including the drivers, so it’s not a concern.  However you might want to take a few minutes to download them… and yes, making sure you have the networking drivers is a good idea before you wipe and re-load!

For when you want to let go, but can’t completely.

Mitch, I have been using my Windows 7 laptop for nearly three years.  It has all of my applications on it, and because of the custom dev work that I do a lot of what I have in there simply cannot be recreated – anywhere, let alone on another OS.  I want to upgrade my primary laptop to Windows 8, but cannot afford to lose my customizations and my environment.  What can I do?

I got this question from a peer last week and feel his pain; so many people have customized their desktop environment in ways that (they feel) is a stop-wall to upgrading – either in-place or on new hardware.  Fortunately Microsoft has some great tools that will help you out.

Hyper-V is now included in the Windows 8 desktop client.  You can capture your Windows 7 desktop image to a Virtual Hard Drive (VHD) and then create a new VM on your Windows 8 client and attach it.  But how can you capture that image?

Simple.

Microsoft has a free set of tools called the Sysinternals Suite.  One of those tools is called Disk2vhd.  Download it to your Windows 7 machine and run it – it will transfer your entire hard drive (or drives) to VHD files.  It is agentless and does not require an install – just run it and you can immediately convert every attached volume.

This method will actually work with any supported version of Windows.  That is not to say that it will not work with Windows NT 3.51, but it is not supported and I certainly have not tested it.  So if you want to keep your Windows XP installation as a crutch (you have 307 days left remember!) you can use the same methodology with that OS too.

Of course, when you boot to the VM you may have some issues because the hardware set is completely different.  In newer operating systems you may have to download some of the drivers for it to work properly; for legacy (Windows XP and earlier) OSes you may have to do a full install-in-place; do this carefully because depending on your media your apps may or may not continue to work (do NOT try to use OEM or Upgrade media for this!).

For bonus points, if you have a full Windows Server 2012 system up and running you can create the VM as a VM on that host, and let your Windows 8 use all of its RAM.  However with the amount of RAM in computers these days, coupled with the incredible memory management and compression with Hyper-V, you should be okay.

Questions?  Feel free to ask… and have a great day!

The Benefits of Windows Intune

Last month I had the opportunity to sit down with Robert Crane, the host of the Need to Know Podcast, about Windows Intune.  These podcasts are great for keeping IT professionals up to date on technologies that they may not know a great deal about, and Windows Intune is certainly one of those.  Dubbed by some as System Center in the Cloud, it is a cloud-based management tool for client devices from desktops and laptops to tablets and phones. 

Listen in to hear all about Windows Intune, and how it can help you to make money for your business!

TUNE IN BY CLICKING HERE!

Converting an SD Card to Permanent Storage in Windows Devices

So as you know I was all excited to buy the very first Microsoft Surface Pro.  I bought the 128 GB model because I knew that despite the fact that I have all sorts of external hard drives I was even likely to ax out 128 GB pretty quick.  Fortunately between Cloud-based storage (SkyDrive for my personal stuff, SkyDrive Pro for my business files) and the ability to add a micro-SD card I would be fine.

I arrived at my hotel in Redmond and the package from my Amazon.com seller was there; I excitedly ripped it open and inserted the 64 GB card into the Surface Pro, reformatted it with NTFS, and installed the SkyDrive Desktop Client on Windows 8 (which allows me to synchronize my SkyDrive files onto my device’s hard drive or, in this case, its SD card.

imageWow… ‘Your SkyDrive folder cannot be created in the location you selected.’ This was really disappointing, because that was exactly what I wanted to use my SD Card for… along with my Document, Picture, and Music Libraries.  I will be honest, it never occurred to me that I could not map these to external drives, although it does make sense.  However I was planning on making this SD Card a permanent drive in my Surface Pro, so I needed to find a way to do it.

\I did a little research and discovered that indeed there was a way… or rather a workaround that would work perfectly.  Here’s what I did:

1) I created a directory on my C Drive called c:\SD Card.

2) I opened Disk Manager in Windows – you can either do that by right-clicking on the bottom-left corner of your screen and selecting Disk Management. If you are on a tablet and have no mouse, you could alternately pull up that menu by clicking Winkey-X.

3) Right-click on your SD Card and click Change Drive Letter and Paths…

4) Click Add…

5) In the Add a new drive letter or path for X: (Where X is the drive letter represented by your SD Card) select the radio Mount in the following empty NTFS folder:

6) Click Browse…and navigate to the directory that you created.  Click OK.

You should now be ready to proceed.  To be sure, right-click on your SD card again and click Change Drive Letter and Paths… Your window should look like this:

image

The SD Card has both a drive letter and the mount point on the C drive.  If this is what you see then you are ready to proceed.  Cancel out of this window and close the Disk Management console.

I started the SkyDrive desktop app again and instead of mapping my SkyDrive folder to D: I mapped it to C:\SD Card\.

image

That looked a lot better.  I was able to proceed and my SkyDrive files are now synchronizing properly.

imageNow that my SkyDrive was done I decided to go the next step and map some of my Libraries to the SD Card as well.  This was easy at this point… I simply opened the File Explorer and created a new directory on the SD Card called d:\Pictures. I then right-clicked on the Pictures library that I wanted to redirect (in the Navigation Pane) and clicked Properties.  I clicked Add… and in the Browse window I selected the new directory (c:\SD Card) and clicked Include.  Back in the Properties box I clicked Set save location.  I also dragged it to the top of the list.  So now my Properties window looks like this:

Notice that the Pictures (C:\SD Card) is at the top of the list, and has a check mark next to it.  That means that when I start saving pictures (or decide to import them from another profile) they will go onto the SD card and not onto the internal drive.

All of these steps will work for tablets but also for hybrids, laptops, and even desktops.  It is a simple mechanism to convert external storage to internal storage.  The mount point on the C drive is used as a hard link to the SD card, and nothing stored in that directory is actually on the C drive… it just looks that way to ‘fool’ Windows into doing what you want to do.

Good luck!

What’s this new Cert? MCSA: Windows 7!

This post was originally written for the Canadian IT Pro Connection blog, and can be seen there at http://blogs.technet.com/b/canitpro/archive/2012/09/12/what-s-this-new-cert-mcsa-windows-7.aspx.

In April of this year Microsoft Learning announced its new generation of certifications.  Many of us who had previously earned certain MCITP (Microsoft Certified IT Professional) credentials were automatically ported into a new certification category, the MCSA (Microsoft Certified Solutions Associate).  Depending on the MCITP you had earned, you would get a different MCSA.

There are two senior certifications for the Windows 7 desktop:

  • MCITP: Enterprise Desktop Administrator
  • MCITP: Enterprise Desktop Support Technician

If you have earned either of these certifications then you already have received (or will shortly) an e-mail from Microsoft Learning informing you that you will soon be awarded the new MCSA: Windows 7.  Congratulations!

Now, the benefit to this is that when it comes time to earning your MCSA: Windows 8 you will only have to take a single upgrade exam (70-689).

If you would like to learn more about the MCSA: Windows 7 and MCSA: Windows 8 certifications, visit the Microsoft Learning page here.

I have long been a huge advocate of certifications; I have worked on many of the exams and courses, and have worked hard to earn the ones that I hold – not because I need them in order to teach the associated classes (although that was once a consideration), but because I strongly believe that certifications are proof that you have the respect for your profession to not only learn the right way to do things, but to sit down and prove it.

In 2012 Microsoft Canada held a series of virtual study groups for Hyper-V.  Across the country dozens of people studied together in groups, and dozens of them took (and passed) exam 70-659, earning them the MCTS: Windows Server 2008, Server Virtualization credential.  With the launch of the new products and certifications I hope that we will bring these study groups back… as a benefit to the user groups, and as a way to get more people certified.  Watch this space for more information, and if you are interested in a particular cert let us know and we’ll see what we can do to help you out!

Managing Your SMB-IT Without Server

A set of clouds

You have a small business.  You have been running Windows Small Business Server 2003 for six years, and you know that it is time to retire it.  The question is, what should replace it?

Before you make any definitive decisions, why not review what you need your server to do:

  • File Server
  • Mail Server
  • Internet Portal
  • Centralized Management

For the past several years you have paid a consultant to manage the server and your client PCs, and have primarily called him in for break-fix issues.  Maybe you were industrious and decided to learn the basics of IT so you could do a lot of the maintenance yourself.  You might even be a small-business IT consultant who has been managing and maintaining SBS environments for your clients.

You have heard so much about the cloud that you are in a bit of a fog… you know that people are talking about cloud-services, but haven’t quite figured out how they can work for you… to save you money, to earn you money.

Replacing the Server

For most small businesses I still recommend a centralized server; Active Directory is still the best mechanism you will find for centralized user management, and Group Policy allows you to lock down your environment.

With that being said, many of the functionalities offered in Microsoft Small Business Server are now available as part of two cloud-services offerings from Microsoft.  Microsoft Office 365 offers all of the functionality listed above (File Server, Mail Server, Internet Portal) and much more.  It is actually all of the following products in the cloud:

Office 365 allows you to have the functionality of all of these tools… without having to purchase or maintain them.  It also means that you will always have the latest versions of all of these… without having to upgrade.  ‘Your servers’ will be maintained by the Microsoft IT team, without your having to pay them hundreds of dollars per hour.  If any of your services go down (and admittedly they do occasionally) you can rest assured that before you even discover the outage the people who know the products best will already be well on their way to fixing the issues.

Managing the Desktop

Between the operating system and the applications, there is a lot of work that goes into the proper maintenance of your PCs.  That includes anti-malware, patch management, policies, and more.  Additionally being able to generate and view reports is a huge benefit – as I always say If you cannot measure it, you cannot manage it!

So Before we get into application side of things,  let’s discuss the benefits of the second cloud-services offering, Windows InTune.  InTune installs as a simple agent on your Windows PC, and the list of benefits is amazing:

  • Upgrade rights to Windows 7 Enterprise
  • Windows InTune Endpoint Protection (centralized anti-malware solution)
  • Centralized Patch Management
  • Policy Deployment
  • Application Deployment
  • Device Reporting
  • Alerts
  • License Management

When you subscribe to Windows InTune (per-PC subscription) you get the right to upgrade your legacy Windows client (Professional/Business/Enterprise SKUs) to Windows 7 Enterprise.  Right there you have the basis for the common operating system required to simplify management.

Windows 7 Enterprise Edition includes two features that Business Edition does not:

  1. Multiple language support; and
  2. BitLocker drive encryption technology

With the preponderance of mobile computing these days, as well as organizations doing business around the world, there is no question that Windows 7 Enterprise is an easier feature-by-feature sell than the lower-priced options, but that lower price seems to be a deciding factor so often.  With the Use Rights in Windows InTune you don’t have to settle.

Once the Windows InTune agent is deployed on a PC it will start populating the individual computer’s information to the InTune system, and you will be able to get a better idea of what you have.  On the Devices screen you will be able to see:

Computer Name Total Disk Space CPU Speed
Chassis Type Used Disk Space Last User to Log On
Manufacturer & Model Free Disk Space Serial Number
Operating System Physical Memory Last Hardware Status

imageIncluded in the Windows InTune installation is the Windows Intune Endpoint Protection engine, which will protect your PCs from malware.  It uses the built-in patch management system to keep the definitions up to date, and offers real-time protection, as well as centralized reporting and e-mail alerts to the Help Desk / Support Team / IT Guy when a computer is infected.

InTune 2.0 added the ability to centrally deploy applications to client PCs.  InTune 3.0 adds an extra to this – the ability for end-users to install published applications on-demand.  The new Company Portal allows users to help themselves on-line, before eventually ‘escalating the call’ to you.

Users can also deploy their own client from the portal, assuming they have the proper credentials.  This allows them to download a client using their corporate credentials, rather than you having to send them the file (along with the ACCOUNTCERT file) which would allow anyone (in theory) to install on any device that would automatically be managed by… you.

By far the most common application suite found on desktops in the workplace is Microsoft Office.  The most common complaint I hear about Office is the cost (followed by the difficult to understand SKUs).  Of course, with Office in the name it is no wonder that it is part of Office 365.

Of course there are several different SKUs to Office 365, and each one has different offerings.  The small business SKU (P1) costs $6/month, and does not include the installable suite.  However it does include Office Web Apps, which means you can create and edit Word documents, Excel spreadsheets, PowerPoint presentations, and of course use OneNote… all within your web browser.  This is great if you work on multiple systems, or if you are ever remote and need to work on a document.  The convenience loses its thrill when you realize you cannot work if you don’t have an Internet connection.

The E1, E2, and E3 SKUs do come with the client software, so if that is a requirement then those SKUs (which cost quite a bit more) are probably better for you.

Why you should consider maintaining a server on-site

Our mail server is gone… so are our SharePoint and File Servers.  Why then would I still recommend a small server in a small business environment? There are several reasons.

  1. Active Directory.  As I mentioned earlier in the article, AD is a great way to centralize security and credentials.  Additionally there are plenty of hooks from Active Directory into Office 365 (which can be covered in a later article).
  2. Deployment Server.  Microsoft Deployment Toolkit 2012 is the perfect companion to your new Windows 7 Enterprise licenses.  In under an hour you can create a deployment point that will deploy Windows and all of your applications (including the Lync Client and the Windows InTune agent) in fifteen minutes (or less).  It is by far the easiest way to deploy Windows to your desktops, laptops, and even tablets!
  3. Hyper-V.  Although many of our applications will be installed directly onto the laptop, many companies still have server-based applications that require an application server.  Hyper-V is the best way to create those servers on-site, for a plethora of reasons that have been outlined ad nauseum previously at www.garvis.ca, and countless other sites.  Of course, your virtualized application servers can run any version of the Windows Server operating system, but they can also run any supported client OS, as well as several iterations of Linux (supported and enlightened) and any other x86-based OS (neither supported nor enlightened).
  4. Group Policy.  Although Windows InTune v3 has much better policy support than its predecessors, there is no denying that Group Policy is the best way to granularly control, configure, and secure your client and server environments.  Whether you want to enforce secure passwords, BitLocker, or simply set a centralized screen saver and desktop wallpaper, the best way to do it is by creating a GPO in Active Directory.

As you see the combination of cloud-based services from Microsoft and an on-line Windows Server are the best way to manage your entire SMB IT infrastructure, but even if you are not going to maintain an on-premise server the cloud-based services can manage most of the needs of most SMBs.

By the way, there is one more advantage to these solutions… you will always have the latest and greatest.  Right now the Windows InTune subscription comes with use rights for Windows 7 Enterprise.  When Windows 8 is released, you will automatically have access to that platform.  Office 365 comes with Office 2010… but when the next version is released you will have that version right away too!

Interested in hearing more?  Drop me a line and we’ll talk… or you can check out www.windowsintune.com and www.office365.com to download 30-day trials of each!

Mac vs. PC… Does my sister have a point?

Image representing Apple as depicted in CrunchBase

Image via CrunchBase

It was the end of the week, my class was winding down, and my friend Peter Wolchak was baiting me into another ‘PC versus Mac’ debate on Facebook.  All in all, nothing all that unusual about it… until one of the most unexpected things happened.  My sister chimed in on the Mac side.

Oh brother of mine, who I do love dearly, Mitch Garvis, shall I remind you that I can get an extra 2-3 years out of my macs for every PC I replace for Ron or work or Mom? More expensive? I don’t think so…

Jennifer has been a Mac person for as long as I can remember… and while she and I do not subscribe to the same school of thought I do respect her right to that opinion.  However to hear her chime in on the side of ‘Macs are less expensive than PCs’ surprised me… I thought she was smarter than that!

Of course, she does make an interesting point.  Mac users do seem to keep their Macs longer than PC users keep their PCs.  I started to think about some of the reasons for that.

Here is a list I came up with.  I would love to hear your thoughts on this but remember: ‘Because they are better’ is not a legitimate argument.  I want to know why you think they are better!

  1. First and foremost let’s be honest: Apple makes a great machine.  I would be lying if I said otherwise.  Is their hardware better than all PCs? No.  Is it better than the vast majority? Yes! PC makers have to step up to the plate if they are going to compete, and models like the HP Envy and the Samsung Slate 7 are incredible, but they are a small minority in the field.
  2. Apply OS X requires less maintenance than Windows does, but with the majority of PCs (or close to them) still running Windows XP and Windows Vista, there is no doubt that OS X is easier.  Windows 8 will be even easier than Windows 7, but the legacy OSes… yeah, they were tougher.
  3. Apple wants people to fall in love with their macs (and iPads, and iPods, and iPhones…).  Microsoft and PC makers want you to use theirs.
  4. Apple controls the gamut, from the OS to the hardware and, in the case of iDevices, the applications as well.  There are fewer cooks in the kitchen as it were – fewer sets of hardware enabling drivers to worry about.  Microsoft (until the Surface devices come out) work on a different model, and anyone can make a compatible device, then program the drivers badly.  Hence they are quicker to crash, no doubt.  Does this mean that Macs don’t crash? HELL NO.  They just, as the great video by Hunter Cressall (sp?) states, they just Crash Different.
  5. You get what you pay for, even in the PC world.  You can buy a cheap, consumer-grade PC laptop for $399 (or less).  They will probably not last as long as the higher-end consumer or corporate ones.  My mother’s HP Pavillion is very nice, but it is indeed her third PC in five years (For the record her previous laptops worked just fine, she just wanted new PCs).  While I do go through a new higher-end laptops every few months, I also have many of the older ones – dating back to the Dell XPS M1530 which I got in 2007, and despite some physical issues (cracked case, etc…) that are easily fixed is still going strong.  Frankly I wish I still had my Acer Ferrari laptop which I got in 2005, and I am sure would still be working perfectly today!  All of this to say that if you buy a Mac for $1300 versus a PC for $500 you can replace the PC halfway through the life of the Mac, and still get a better ROI.  When you buy a pricier laptop (my HP Envy (base model without all of the fancy upgrades) would have cost the same as the Mac, and would last just as long.

I have gotten off track a little, but I do not want to sound defensive.  I am glad though that PC makers are starting to make ‘sexier’ machines.  The two that stand out in my mind are the Samsung Series 7 (I got to play with the newest model in Redmond last month and it was SWEET… slimmer than a MacBook Air and less expensive) and the Dell XPS 13 (which I have seen but not played with).  I have it on good authority that PC makers will be releasing a truly new line of laptops when Windows 8 releases, unlike the unimpressive refresh from the Windows 7 launch.

Also Microsoft has put the PC makers on notice with the announcement of the Microsoft Surface Tablets.  As a lot of writers and bloggers have pointed out, Microsoft is telling OEMs ‘Hey, if you want us to compete with Apple then you have to wow them… and THIS is how you do it!’  These next-generation tablets will have something going for them that the iPad and MacBook do not: they will run the same operating system and same applications on the tablet as they do on the desktop and laptop.  Hopefully the PC makers like HP, Dell, Lenovo, and the rest will take their cue and step up to the plate, just like Samsung did recently with the Slate Series 9.

I want to hear your thoughts though… do you prefer Mac or PC, and why? Let me know in the comments section, and I will give out prizes for insightful answers.  Yes, I will even try to dig up a couple of Mac prizes!

Creating a Multi-OS Environment with Boot from VHD

Computers that contain this sticker met the re...

I spend a lot of time demonstrating different technologies for different audiences.  Because of that I often need to use different operating systems and rather than take along several machines (which I often have to do anyways, but for other reasons) I have taken to configuring my laptop (currently an HP EliteBook 2740p) in a multi-book configuration.  When I boot up I get a menu asking me which OS instance I want to boot, and I am off to the races!

Of course, this is easier said then done when some of the operating systems that I use and present change as often as they do – either because of things that I do (domain join, virtualization demos) or new versions (as is the case with the current Windows 8 and Windows Server 2012).  This problem is easily solved using the Boot from VHD (virtual hard disk) functionality in Windows 7 (and later).

Step 1: Preparing your host system

Although this is not strictly necessary, I like to partition my physical hard drive and place the VHDs on a separate partition from the operating system that is installed on the physical disk.  This is partially a legacy practice from when I would install all of my operating systems for the multi-boot scenario on the disk itself.  My current configuration has three partitions, one whose sole purpose is storing the OS VHDs.  However thinking about it logically, there is no good reason I can think of why you can’t simply store the VHDs on the C drive.

You need to have the source media for the operating system you plan to install, as well as the imagex.exe file, which is a component of the Windows Automated Installation Kit.  You can download this from download.microsoft.com, but make sure you download the version appropriate for the operating system and architecture on which you are installing it.

Because I often work with multiple images, I create a directory on my system called d:\VHDs, and in that folder I create a sub-folder for each image file.  So I may have the following directories:

  • d:\VHDs\Windows8RP
  • d:\VHDs\Windows2K8R2
  • d:\VHDs\Windows2012RC
      I prepare the media by copying the

imagex.exe

      program into the

d:\VHDs

      folder, and then from the media of each OS I copy the

install.wim

      file from the

\sources

      directory into the appropriate subdirectory.  The

install.wim

    files are the actual image files of the operating system, and have been standardized since Server 2008 (and Vista).

Step 2: Creating a VHD

There are a couple of ways you can create VHD files within Windows.  I prefer to use the Disk Partition Tool (diskpart.exe) but if you want you can also use the Disk Management Tool within the GUI.

  1. In the Start Menu type cmd.exe and press <Enter>.
  2. In the command prompt window type diskpart.exe.  You should be prompted with a User Account Control window asking for confirmation. (If you are not an administrator you will be asked for credentials)  Click Yes.
  3. (Determine where you will store your virtual disk, and what you will name it.  for this example I will call it d:\VHDs\Svr2K8r2.vhd) Type create vdisk file=”d:\VHDs\Svr2K8r2.vhd” maximum=20480.  This will create a 20GB VHD file.
  4. Type select vdisk file=”d:\VHDs\Svr2K8r2.vhd”
  5. Type attach vdisk
  6. Type list disk.  You should now see a new 20GB disk (the line should have an asterix at the beginning).
  7. Type exit to quit the Disk Partition Tool.

NOTE:

    I created a 20GB VHD file, but you can size this to your needs.  Remember, you may also be installing applications, data, and other tools into your VHD file.  However size it to your needs and storage limitations.  The minimum should be no less than 9 for Windows 7, 10 for Windows Server 2008 R2.

Step 3: Apply the image to the VHD file

Now that our VHD file is attached to the computer, it is visible in Disk Manager.  Load that up (right-click on Computer, click Manage, and in the navigation pane click Disk Management) and initialize the disk, and then create a simple volume.  Take note of the drive letter that is assigned to it.  For the sake of the later step, let’s say the letter F: was assigned.

We can now apply the image using the ImageX tool.

  1. In the command prompt navigate to the d:\VHDs folder.
  2. Because .wim files can contain multiple builds of an OS (such as Windows 7 Ultimate, Professional, and Home Premium) we have to determine which one we will deploy by specifying the index that corresponds to the proper edition.  Use the following command to check the Index value of the operating system you want to build: imagex /info d:\vhds\Windows2k8R2\install.wim.  This will display all of the editions within the .wim file.  If you have a .wim file containing several builds you may want to add the switch |more onto the end so that it will allow you to scroll.
  3. In this case I want to build a VHD with Windows Server 2008 R2 Datacenter Edition (Full install), which might be Index 4.  I will type the following command: imagex /apply d:\VHDs\Windows2k8r2\install.wim 4 F:\ (Here the source media file is d:\vhds\Windows2k8r2\install.wim, and the drive letter assigned to the VHD is F:).

Step 3 will take a few minutes, but when it is done you can list the files and see that it resembles a bootable Windows 2008 R2 hard drive.  The problem is that most hardware will not recognize a VHD file as a boot device, so we need to edit the boot configuration data file, or BCD. 

Step 4: Editing your Boot Configuration Devices (BCD) file

Although this can be done from the command line (using bcdedit.exe) it is a bit of a pain.  there is a free (for personal use only) GUI tool called EasyBCD 2.1.2 which can do it for you. 

  1. Download BCDEdit 2.1.2 from SNAGHTML160d484www.neosmart.com.  Install the program and run it.
  2. Accept the EULA.  Please note that if you are using this for your work then you must buy the paid version.
  3. From the menu on the left select Add New Entry
  4. In the lower half of the window there is the option to add a Portable/External Media entry to the BCD list.  Ensure that Microsoft VHD is selected in the Type box.
  5. In the name box type the name that you want to appear in the boot menu (such as Microsoft Windows Server 2008 R2 Datacenter Edition (VHD).
  6. In the path box browse to the location of your VHD file (d:\VHDs\Svr2k8r2.vhd).
  7. Click Add Entry.

You are done!  All ready to go.

For Bonus Points!

  • Within EasyBCD you can click on the Edit Boot Menu option on the left, and choose which OS you want to be your default, and your timeout delay… but you have done it!  You are ready to restart into either operating system!
  • If you want to be able to revert your VHD configuration to this moment all you have to do is copy the VHD file to an alternate location.  If you ever hork things up all you have to do is copy over the original and poof, you are clean!
  • If you want to get fancy you can add several bootable VHDs to this menu… just follow the same steps!

That’s it.  The multi-boot option gets fancier in Windows 8, and I will cover that in a later article.  For now, as you know I always look forward to your comments and thoughts, and who knows… I might even give away the occasional prize for a good comment!

Everything you Wanted to Know and Ask about Windows Deployment!

For those of you who are interested in deploying Windows (and with 707 days left until #EndOfDaysXP who isn’t?) there are a couple of incredible webinars coming up that you definitely should not miss!  Stephen Rose will be holding a couple of discussions with MDT Product Manager Michael Niehaus (if you have ever heard me talk about him you know that I hold him in extremely high regard!) and Deployment guru Johan Arwidmark (a fellow MVP and a really nice guy).  They are in May and you should mark your calendars and register now because you should definitely not miss.  Here are the details… and tell them I sent you!

TechNet Webcast: Everything You Wanted to Know and Ask about Windows Deployment (Part 1)

Registration URL: http://go.microsoft.com/?linkid=9807963  or  http://bit.ly/JLTQLM

Date/ Time:    Tuesday, May 15, 2012 – 9-10am (Pacific)

Abstract: In this demonstration-rich, question and answer webcast, Windows Product Manager Stephen Rose moderates an open conversation with Microsoft Deployment Toolkit Product Manager Michael Niehaus and deployment guru Johan Arwidmark. They discuss the new Microsoft Deployment Toolkit 2012 release as well as tips and tricks from the experts about using the Windows Deployment Toolkit.

__________

TechNet Webcast: Everything You Wanted to Know and Ask about Windows Deployment (Part 2)

Registration URL: http://go.microsoft.com/?linkid=9807964   or  http://bit.ly/Kgny8y

Date/ Time:    Thursday, May 17, 2012  – 9-10am (Pacific)

Abstract: In this demonstration-rich, question and answer webcast, Windows Product Manager Stephen Rose moderates an open conversation with Microsoft Deployment Toolkit Product Manager Michael Niehaus and deployment guru Johan Arwidmark. They discuss the new Microsoft Deployment Toolkit 2012 release as well as tips and tricks from the experts about using the Windows Deployment Toolkit.

Why I Will Not Help You With Your Computer, or ‘Are you kidding me?’

A friend of a friend asked me for help with her computer the other day.  I was still on vacation, but my understanding was that she had a reasonably simply question.  I took the call.

Let me preface this by saying that I really respect her honesty.  She was upfront with me, and I appreciated that.  It changes nothing, but I appreciate the honesty nonetheless.

Here’s the gist:

…so I seem to have to roll back a patch or something, and cannot figure out how to do this.  My copy of Windows 7 is pirated so I can’t call Microsoft.

STOP.

Are you kidding me?  She really thought that it wouldn’t be a big deal for me to help her.  Here’s what the big deal is:

  1. I am a Microsoft MVP, a Microsoft Certified Trainer (as well as a plethora of other certs), and a Virtual Partner Technology Advisor for Microsoft Canada.  In short, I work closely enough with Microsoft that if you cannot call Microsoft for help, you cannot call me either.  I have too much to lose – working on pirated software can have all of those titles and awards and designations stripped from me, and it is just not worth it.  Frankly, if she had wanted to pay me $10,000 for the advice it still would not have been worth it.
  2. Software Piracy Hurts Us All.  I wrote an article by that name in October of 2006, and I believe it as much today as I did then.  If you cannot afford the software, use cheaper software.  However stealing software is never the answer.

Now the good news is that I told her that I could try to help her to get an inexpensive yet legitimate license for Windows 7 – and I might even install it for her and get it working properly for nothing.  I was willing to do this because she told me that she wanted to be legitimate.  At least with that attitude we can help her to go forth and sin no more.  However when people take the attitude that ‘Well, the company makes so much money, I deserve it’ or whatever else, I just end the conversation.  Yes, it costs money… but it cost money to develop and to support, and if you don’t want to pay for it, go Open Source.

Missing the Obvious: A great reason to ask for expert opinions.

I received the following e-mail from a colleague, and was glad to answer her questions.  However the most important question of all is her last one… “Have I missed any other issues that I should be looking at before beginning this migration?’”  I am so glad she asked that, because none of us are experts in everything.  Please read her e-mail, then my response.  (I have edited her e-mail down to protect her identity but also I simply removed a lot of extra information that is irrelevant to the point.

I am seeking your expert opinion on VMs and migrating from Windows 7 Ultimate 32 bit to Windows 7 Ultimate 64 bit.  I decided to build my first desktop computer, which is a 64 bit Windows 7. At every presentation that I attended, everyone stated that 32 bit software could be run on a 64 bit computer.

I purchased a copy of Laplink’s PC Mover Ultimate, so that I could migrate all of my programs and data to my new computer. Then I discovered via Laplink tech support that my plan would not work due to the difference in bit configuration in Windows between a 32 bit and 64 bit computer.

  • Does Windows 7 – 64 bit include an XP VM?
  • Do I have to provide a copy of XP?
  • How do I migrate the programs and data from my laptop to my new computer?
  • Can PC Mover be used?
  • How do I figure out how much space I need to allow for the VM.
  • Have I missed any other issues that I should be looking at before beginning this migration process? BTW, the reason that I need to migrate these programs is that I do not have CDs for two of them, which are Office 2007 and the Adobe suite.
  • Any other advice or suggestions would be greatly appreciated.

Here are my answers, but you will notice that when we get to the last point all of the others become irrelevant.

  • Windows 7 Professional, Enterprise, & Ultimate all include a feature called XP Mode which can be downloaded and installed for free. It is a Windows XP virtual machine based on Virtual PC.
  • If you use XP Mode you do not have to provide a copy of Windows XP.
  • Your best bet, without exception, for migrating programs is not to do it, but rather to reinstall them on the new machine. With regard to your data all SKUs of Windows 7 include a feature called Windows Easy Transfer which is the best way to migrate settings, preferences, and data.
  • I have no knowledge of PC Mover, but recommend the Microsoft tools over any third party tool.
  • See how much space you needed on the old version, and do the simple math.

The issue that you are missing is that you keep discussing virtualization and XP Mode, but at no point in your questions did you mention that you have any applications that need it.  XP Mode is a great solution for for cases where you have applications that are not compatible with Windows 7, but when the issue is a 32-bit to 64-bit issue there are other mitigations.

You seem to be focused on the limitations of Laplink’s product, and I am sure it is a fine product for simple solutions.  With regard to data, migrating from one PC to another – even across platforms and architectures – is reasonably simple, given the right tools.  However when you start looking at applications it is never recommended to migrate them. 

With the possible exception of custom apps where the relationship with the vendor is irreparable there is always a way to reinstall applications, although sometimes it will take a little bit of work.  In your case you are missing the media for some of your applications.  As long as you have a license (and they are not OEM licenses) you can find (or even borrow) the media and reinstall.  For both Microsoft and Adobe packages you can contact the vendor and they will help you out.  There may be a cost involved, but it is cheaper than replacing the packages… and will give you better results than trying to migrate them.

Windows XP Mode is a great solution for applications that are not compatible with Windows 7, but remember, it means you are still using Windows XP.  Of course XP was a great OS, but to put the matter into perspective remember this: If you had adopted a puppy the day that Microsoft released Windows XP, the puppy would likely be dead today.  Yes, XP is that old.  In 810 days Microsoft will stop supporting Windows XP completely, and you will have to find another solution to your issues.  Why not simply deal with them now?

Now, with regard to the last question: Any other advice or suggestions, I would say that if you are unsure you should invest in a consultation with an IT Pro who can look at your old system and make recommendations on the new.  As I always tell my classes, remember the Universal Consultants Answer (UCA): It depends.  However my best advice is that you have the opportunity to hold on to the old computer for a little while so don’t format it until you have been running comfortably on the new system for a few weeks.

Good luck!