My previous article, The new way to configure Internet Explorer proxy settings with Group Policy, spoke about how the Internet Explorer Maintenance section of Group Policy has been killed off in favour of ADMX templates and Group Policy Preferences. One benefit of this is that you get rid of the time-consuming “Branding Internet Explorer” section when a user logs on to a PC.
Thanks to the lack of communication from Microsoft, we now need to scramble around to get all of our Internet Explorer Favorites re-deployed for any PC with IE10 or above. Thankfully it is a relatively simple, if tedious task. I used the GPMC on a 2008 R2 member server
Is your hard disk overloaded?
I love my little Windows 8 HP ElitePad but if I had one major complaint its that I got the one with only 32GB. I knew, from years of maintaining PCs, laptops & netbooks, that the space would quickly be eaten up by Windows Updates alone! In fact, when the ElitePad was brand new out the box it unbelievably only had 11GB free.
I went to upgrade to Windows 8.1 now it has been publically released but discovered that I only had around 750MB free on my c: drive! The Win8.1 Pro download was 2.1GB itself so I had to do some serious freeing up of disk space. Unfortunately, Windows is quite good at hiding this stuff and a lot of online guides make recommend pointless “tips” such as “to save space, flush the DNS cache”!
So here is my guide on several options you have to free up space on your restricted device. Some of them, like removing the recovery partition, are one-offs but others can be repeated whenever space starts to get a bit tight
You may be wondering why you would bother upgrading your existing Windows XP and Vista machines to Windows 7, when Windows 8 has just been released.
Whether you are a home user or a large company there are great benefits to be had from upgrading and using your new Windows 7 PC as a stepping stone to Microsoft’s latest and greatest.
Windows XP recently celebrated its 10th birthday, a major achievement for it to keep such a stronghold but also a major issue when it becomes time to change to something new. The are always scare stories when Microsoft releases a new OS. The fact of the matter is, change often creates such fear-mongering when really its an opportunity waiting to be taken advantage of.
Businesses stayed away from Windows 7 for 2 major reasons
- Windows Vista had a terrible launch, fraught with bad reviews and needing an extra expense of upgrading hardware
- Due to people sticking with XP, business software wasn’t upgraded and smaller bespoke software would cost a fortune to redevelop for a new OS
Nowadays, this isn’t as much of an issue. Windows 7 runs easily on hardware over 4 years old and really flies on the latest kit. All major applications have been updated or can be delivered via modern methods like application virtualisation or by using tools like Microsoft’s free application compatibility toolkit or XP Mode. OS deployment technologies have moved on too, meaning you can upgrade people from XP to 7 in a couple of hours.
And now for something a little different. The true(-ish) story of how I got my new job as a SysAdmin for LinkedIn …
Once upon a time, there was a country boy from the shire of Bedford. One lucky day he received a Windows Phone 7 smartphone from the wizards at Microsoft. It let him do lots of magical things. His favourite trick was to check-in using the Foursquare spell. He got so good at using this spell he managed to conjure himself into the mayor of Bedford train station. Continue reading
One of the issues with Windows 8 is trying to find how to shut it down!
Only the free developer preview has been released so far, so all may change by time the beta comes out (rumoured February 2012). For now it’s been quite tricky to shutdown or restart your PC. One way is to create some shutdown tiles for the Start Screen but I’ve learnt a couple off ways using just the keyboard.
- Press [CTRL]+[ALT]+[DEL] then use the Power button at the bottom right of the screen. You can press tab a lot of times to get to the Power icon but the option below is a bit quicker
- [WIN]+[I], [LEFT], [SPACE], [UP], [ENTER]
“+” means press the keys together, a “,” means do the next press separately
To get these simple but cool emoticons/emoji/smilies or whatever you want to call them you will need the Segoe UI Semibold font that comes with Windows 7 (possibly Vista too?).
In Microsoft Word, click the Insert tab on the ribbon. On the far left click the Symbol button followed by the More Symbols option
We use Group Policy to tweak the default settings on Microsoft Servers and PCs. You edit the policies using the Group Policy Editor console (gpedit.msc) but to manage the policies you use the Group Policy Management Console (gpmc.msc). The more policies you start to create, the more confusing managing them can become and with each new version of Microsoft software (Office included) new Group Policy templates are added. This article is to give you an insight into exactly what the Group Policy Management Console (GPMC) is about and how everything links together.
It’s always best to edit policies from the latest OS. This is one of the reasons to always have a VM somewhere with the latest OS purely for Group Policy. Alternatively, if you are using the latest OS then you can install the GPMC from the Remote Server Administration Tools (RSAT) and then edit the policies from there. If you don’t, it’s not a big issue but some policies won’t be available. All of the templates can be stored in a central location in Active Directory so they can be accessed by all domain machines. There is some debate whether it is best to have the policies held locally rather than in the central store but I think it works well. By default this is \\DCName\sysvol\domain.name\Policies\PolicyDefinitions. If you ever download a new template you will need to put it in there. For more details on activating the central store se the following Microsoft Support article
Inheritance & Precedence
Group Policies Objects (GPOs) are created in the Group Policy Objects folder in GPMC. Policies are then linked to Active Directory Organizational Units (OUs). You can link as many Policies as you like to an OU and you can also link the same policy to as many OUs as you like. You can also block inheritance by right-clicking an OU and disabling it. The precedence of any GPOs, i.e. what GPO policy wins out of any competing policies, can be changed in the Linked GPO tab of an OU. Normally the deepest policy wins. Continue reading
Jump down to Step 1 to skip the blurb
Any Microsoft Windows operating system has services. These are little programs that run in the background of the OS to keep things ticking over. They’re really fundamental to servers as it means that programs can run in the background without any user being logged. In fact Windows servers are fine-tuned to give better performance to background services rather than any app running on the screen.
It’s always the best principle to log on with the least amount of privileges on any PC, i.e. you shouldn’t log on to a desktop or server with full admin rights. You should log on as a normal user and only elevate the programmes authority to admin level if absolutely necessary.
Some System Administrators may want an easy life and just let everything “run as admin” as it cuts back on a lot of problems, especially when using old software. Obviously this greatly widens the security attack vector, as any user who can gain access to the machine can do anything they want on it.
However, one of the issues of running as a standard user is that you are not allowed to stop or start Windows services. That is by design, you wouldn’t really want a non-admin to stop a critical service. The problem is when you have a Service Account running (as good practice dictates) as a lowly user. To get around this you can give the Service Account permission to do whatever you want to a particular service you want. Unfortunately, this is a bit more convoluted than setting file permissions. This article will explain how to achieve this. It applies to all versions of Windows from Windows 2000 or newer. My screenshots are from the Windows 8 Developer Preview. Continue reading
Windows Update (a.k.a. Microsoft Update) is normally pretty reliable in terms of keeping your computer up to date and secure. Unfortunately, there are times when an update crashes your PC (usually due to a conflicting OEM driver) or the update process just stops working. Since Windows Vista, Microsoft moved away from using the update.microsoft.com website and now has a dedicated app in the Control Panel. However, the underlying technologies are still the same. Even if you have the Windows Software Update Services (WSUS) server, controlling 100s or 1000s of computers in a corporate network, you are still going to come across the same kind of problems. You would hope that WSUS had some easy troubleshooting/rollback tools built in but unfortunately that is not the case.
I thought it would be a good idea to gather all the various methods and tools I use when troubleshooting Windows/Microsoft Update to help both Home and Enterprise users alike
In a previous article, Installing Linux via PXE using Windows Deployment Services (WDS), I talked about using PXELinux to enable deployment of WDS images, Linux distros and a multitude of tools. It got a bit heavy when trying to make this all work but the system is now up & running and we have already benefitted from it on many occasions. So here is my guide for Microsoft admins wanting to enhance their existing Windows Deployment Services server.
Step One – Install WDS
This should be obvious and if you are reading this I imagine you’ve done it already. Ours is running on a Windows Server 2003 box but it should work fine with the latest, more secure, stuff.
- We will be adding bits to the folders within the \\WDS\REMINST share