Home » Windows 7

Category Archives: Windows 7

Offline File Cache Nightmares Resolved

Off-line files are a wonderful thing.  The fact that my users can synchronize the files from a central server (where they are backed up) to their laptop is great.  But what happens when things get out of hand?  In theory, users can save a lot more onto a file server than they can their local machine.  In practice, when the folder is set to synchronize in full to the local hard drive can cause headaches… like waking up one day and realizing that they have 0kb free on their C drive.

Okay, you go to the server and move the offending files to another location.  You log into the affected computer… and nothing doing, still zeroed out. 

The problem is that there is a folder called the Client Side Cache (or Offline Files Cache).  It is stored under the SystemRoot – i.e., it is (by default) c:\Windows\CSC.  Now, this folder can be moved, but it is not a simple process, and I will cover it in a later article.  The issue is that the CSC directory sits on the C Drive, and is completely secured against reasonable attempts to modify it manually… which is good, because trying to do so will cause some pretty serious issues.

So we have fixed the problem on the back-end, and now we have to fix it on the front-end, which means cleaning out the Client-Side Cache.  We can’t simply do this manually, we have to actually clean out the CSC database.  How do we do this:  Here you go:

**VERY IMPORTANT NOTE:

The Windows Registry is not meant to be touched by anyone who does not have a very thorough understanding of how it works, and can cause serious and irrecoverable damage to your Windows installation if handled improperly.  I strongly recommend that you do not do this if you are not extremely comfortable with it.

1. Open the Registry Editor (regedit.msc)

2. Navigate to HKLM\System\CurrentControlSet\Services\Csc\Parameters

3. If there is no Parameters key under CSC then you have to create it. 

4. Under Parameters create a new DWord 32-bit value called FormatDatabase.

image

5. Set the value to FormatDatabase to 1.

SNAGHTML6184ce7

6. Close the registry editor and reboot your computer.

Okay, that is the long way around, but it is also the ‘fewer chances for error’ way.  If you are not afraid of typos, you can do the following:

1. Open a command prompt with elevated privileges.

2. Type: reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Parameters /v FormatDatabase /t REG_DWORD /d 1 /f

(Where /v is the value, /t is the data type, /d is the data, and /f is force overwrite.)

3. Close the command prompt and reboot your computer.

Once your computer reboots you should be alright.  You shouldn’t even have to enter your Recycle Bin, the disk space should just be there Smile

Good luck, and remember to back it up before you hork it up!

Folder Redirection: Where’d these warnings come from?

Congratulations.  You have decided to implement a Folder Redirection policy on your domain.  There are real advantages to this, not the least of which is that all of your users’ profile folders will get backed up centrally… and that when they change computers their files and settings are just there.

You have created a Group Policy Object (GPO) in Active Directory that you have called Folder Redirection, and you have applied it to the Organizational Unit (OU) that your user account is in, and as is so often the case with Desktop Administrators, you have made yourself the guinea pig.  From Windows you run the command gpupdate /force, and are informed that in order for the Folder Redirection policy to be applied, you will have to log off and then log on again.  You do.

It must have worked!  Why do you I say that?  Because unlike most of the time, when logging on takes a few seconds, it took a full ten minutes this time.  As a seasoned Desktop Admin you understand that this is because all of the folders that you set to redirect – Documents, Pictures, Videos, Favorites, Downloads – are being copied to the server before you are actually allowed onto your desktop.  However a few minutes later, once you are logged on, you open Windows Explorer, and in the navigation pane you right-click on Documents, and see that the My Documents folder is no longer at c:\Users\Mitch, but at \\Sharename\Mitch.

Unfortunately there is one step that you are now saying to yourself ‘Mitch, you missed one thing!’ Because you know that when you clicked on Windows Explorer in the task bar, you got a warning message that looked like this:

SNAGHTML646cc73

As a seasoned IT Pro you know that security warnings are a way of life, and it wouldn’t bother you if you had to accept this every time… but you know your end users are going to go ape, so you need a solution.  No problem.

I should mention that while these steps will work for all versions of Windows since Windows Vista, the way you access the screens may be a little different.

1) Open Control Panel. Don’t be alarmed, you are going to get the same security warning when opening the CP.

2) In the Search window type Internet Options.  When it comes up, click on it.

3) In the Internet Properties window select the Security tab.

4) On the Security tab click on Local Intranet.  Then click on Sites.  Note that the Sites button will be greyed out until you select Local Intranet.

6) In the Local Intranet window click the Advanced button.

5) In the Local Intranet (Advanced) window type the location of your folder redirection share into the box marked Add this website to the zone:  Uncheck the box marked Require server verification (https://) for all sites in this zone.  Click Add.  Then click Close.

6) Close the Internet Properties window.

Now try opening Windows Explorer again.  It should open without the security warning.

If You’re Gonna Do IT Then Do IT Right…

Okay, so you know how to configure this setting for your individual desktop… but you don’t really want to have to go to every desktop/laptop/tablet in the organization and do this, do you?  Of course not, that is what Group Policy is for!

We are going to make one change to your Folder Redirection policy.

1) Open Group Policy Management Console.

2) Right-click on your Folder Redirection policy and click Edit…

3) Navigate to: User Configuration – Policies – Administrative Templates – Windows Components – Internet Explorer – Internet Control Panel – Security Page.

4) Right-click on Site to Zone Assignment List.

5) Enable the policy.

6) In the Options box click on Show…

7) In the Value name cell enter the UNC path of your file share.

8) In the Value cell next to the UNC path you just entered enter the value 1(Where 1=Intranet/Local Zone, 2=Trusted Sites, 3=Internet/Public Zone, and 4=Restricted Sites). Click OK then click OK in the Site to Zone Assignment List dialogue box.

9) Close Group Policy Management Editor.

That should be it… remember you will have to re-run your gpupdate /force on your machine, but even if you don’t it will apply in the next few logoffs, right?

**Thanks to Joseph Moody for the list of settings for the Zone Value list!

The Kobayashi Maru of Desktop Deployment

A couple of years ago I was asked to write an article on desktop deployment.  Back then Windows 7 was reasonably new, and there was a lot of chatter about the fact that you could not upgrade from a Windows XP machine directly to Windows 7.

Recently a lot of people have asked me about desktop deployment, what with Windows 8 becoming more widely accepted, and the end of support for Windows XP (#EndOfDaysXP) less than eight months away.  Although I am not doing a lot of deployment work these days, I reread this article that I wrote for the Springboard Series and decided it was still relevant.  I hope you like it!

The Kobayshi Maru of Desktop Deployment

Actual Reality: Desktop Virtualization Solutions from Microsoft

In July I presented my first webcast with BrightTalk.  They were putting together a series on virtualization, and asked if I would be able to speak about VDI and Desktop Virtualization strategies.  It was my pleasure!

The webcast is now available on-line.  I encourage you to download it, and let me know what you think!

Download the webcast here!

A Great Response Regarding OEM/Upgrade Media

Earlier this week I wrote a piece called “For when you want to let go… but can’t completely.’  I got a few interesting responses to it, but one really well thought out one from H. Mertens.  Here is his comment, and my responses to him. -M

A clarification over the OEM/Upgrade media issue:

A OEM installed OS (typical in most laptop purchases) by license can’t be installed on different hardware (some exceptions with regards to repairs). You will be required to change the Product Key for the VM instance away from the OEM SKU to for a product SKU that you (in addition) legally own. A MSDN or TechNet subscription can definitely come in handy in these circumstances, but note that these offerings also set restrictions regarding usage/purpose of the OS installation.

All of these are really good points.  In my article I neglected to address licensing at all.  If your OS license is OEM then you are not allowed to virtualize it… or rather, you can do it, but you have to make sure that you have a legitimate license to attach to the VM, and yes you will have to re-activate the installation.

Your reference to "Upgrade" media has similar considerations with regards to licensing, since it is permanently tied to the OS license/SKU/Product Key that it was used to upgrade(and it typically that is an OEM SKU).

When I refer to Upgrade Media you are right, it is permanently tied to the OS license that it was used to upgrade, but I do not agree with your statement that it would necessarily or even probably be OEM.

I confess, it has been a decade since I delved into these issues, but back then (which is on target because of our discussion of Windows XP) you were able to install Windows XP on top of Windows XP, and it would fix a lot of issues but your applications would still work.  The reason I referred to OEM media is because with OEM you could still install on top of, but it would clean you out – no applications, no user profile.  It wouldn’t delete them, it would just put them into a directory called Windows.old.

Notwithstanding these licensing caveats, OEM and vendor specific Upgrade media, as you mention, is, generally, very hardware specific and usually will not install successfully on "foreign" hardware.

Not only will most OEM and vendor-specific OEM software not install on most ‘foreign’ systems, it is a violation of the EULA to try to do it.  OEM software is married to the motherboard of the system with which it was purchased, and there is no acceptable ‘repurposing’ of that license… for any reason.  If the motherboard dies, when you replace it you must also buy another OEM license.

Off-the-shelf, "Full-Package-Product" (FPP), which can be use as "upgrade" media, is a SKU which can be moved (not copied) from device to device.

*** So the question arises: if you are migrating an image of OEM licensed OS away from failing hardware and onto, say, a virtualized system, would that be seen as an acceptable reuse of the OEM license? ***

OEM software may not be virtualized.  In the event of Windows Server and Hyper-V, there are exceptions to this.  However on the client-side there are no “acceptable reuse” scenarios.

Hint: Typically I upgrade my laptop’s OS with a MSDN/TechNet version since the OEM versions typically are "Home", limited feature set, SKU’s. To aid installing a new OS, I do usually copy over the "%windir%\System32\DriverStore\" of the active OEM installation onto a USB stick so as to resolve "unknown" device issues (use the scan folder option in updating these under device manager). Subsequent Windows Update may upgrade these, but it usually goes over easier once they are "known" devices requiring, perhaps, an upgrade.

Here is where your in-depth understanding of licenses falters my friend; MSDN/TechNet licenses are not to be used on production machines… period.  They are for test/dev only.  As such I am reasonably sure that by installing the OS from that source onto your laptop you are violating the EULA.  It is a very common misunderstanding that many people make, but in short MSDN and TechNet are not meant to be ways of getting all of your production software cheap, they are meant for you to use exclusively for testing purposes.

If you are a Microsoft Partner, then there are acceptable alternatives.  Certain MPN Partners (I don’t know which) are given a number of licenses of most Microsoft software that they can use in production.  If you are not at that level then you can invest in the Microsoft Action Pack Subscription, which entitles you to use the same licenses on (I think) ten computers… in production.

With regard to the DriverStore directory I confess that I generally follow the advice of an old acquaintance… The drivers installed at the source are likely already out of date, and it is usually just as easy to download the latest version from the manufacturer’s website.  Fortunately for me, Microsoft IT has an image for my laptop including the drivers, so it’s not a concern.  However you might want to take a few minutes to download them… and yes, making sure you have the networking drivers is a good idea before you wipe and re-load!

For when you want to let go, but can’t completely.

Mitch, I have been using my Windows 7 laptop for nearly three years.  It has all of my applications on it, and because of the custom dev work that I do a lot of what I have in there simply cannot be recreated – anywhere, let alone on another OS.  I want to upgrade my primary laptop to Windows 8, but cannot afford to lose my customizations and my environment.  What can I do?

I got this question from a peer last week and feel his pain; so many people have customized their desktop environment in ways that (they feel) is a stop-wall to upgrading – either in-place or on new hardware.  Fortunately Microsoft has some great tools that will help you out.

Hyper-V is now included in the Windows 8 desktop client.  You can capture your Windows 7 desktop image to a Virtual Hard Drive (VHD) and then create a new VM on your Windows 8 client and attach it.  But how can you capture that image?

Simple.

Microsoft has a free set of tools called the Sysinternals Suite.  One of those tools is called Disk2vhd.  Download it to your Windows 7 machine and run it – it will transfer your entire hard drive (or drives) to VHD files.  It is agentless and does not require an install – just run it and you can immediately convert every attached volume.

This method will actually work with any supported version of Windows.  That is not to say that it will not work with Windows NT 3.51, but it is not supported and I certainly have not tested it.  So if you want to keep your Windows XP installation as a crutch (you have 307 days left remember!) you can use the same methodology with that OS too.

Of course, when you boot to the VM you may have some issues because the hardware set is completely different.  In newer operating systems you may have to download some of the drivers for it to work properly; for legacy (Windows XP and earlier) OSes you may have to do a full install-in-place; do this carefully because depending on your media your apps may or may not continue to work (do NOT try to use OEM or Upgrade media for this!).

For bonus points, if you have a full Windows Server 2012 system up and running you can create the VM as a VM on that host, and let your Windows 8 use all of its RAM.  However with the amount of RAM in computers these days, coupled with the incredible memory management and compression with Hyper-V, you should be okay.

Questions?  Feel free to ask… and have a great day!

The Benefits of Windows Intune

Last month I had the opportunity to sit down with Robert Crane, the host of the Need to Know Podcast, about Windows Intune.  These podcasts are great for keeping IT professionals up to date on technologies that they may not know a great deal about, and Windows Intune is certainly one of those.  Dubbed by some as System Center in the Cloud, it is a cloud-based management tool for client devices from desktops and laptops to tablets and phones. 

Listen in to hear all about Windows Intune, and how it can help you to make money for your business!

TUNE IN BY CLICKING HERE!

%d bloggers like this: