Network Administration & Consulting Services

These Release Notes provide important information you should know prior to deploying and using the Windows Vista SP1 operating system, including known issues. You should familiarize yourself with all of the known issues listed here prior to installing the software.

Source: www.microsoft.com

Yahoo Inc confirmed on Friday that it had received an unsolicited bid from Microsoft Corp to acquire the company and that its board of directors would consider the $44.6 billion deal.

Yahoo said in a statement that its board would evaluate the proposal "carefully and promptly in the context of Yahoo's strategic plans and pursue the best course of action to maximize long-term value for shareholders."

Source:Bink.nu

Today I received a call from one of my friends who was trying to map network drive in Vista Business (with no Service Pack 1). His account was not administrator’s account and he was not able to see mapped network drive in Explorer though it applied through the Domain Group Policy.

The issue is that by default, Windows Vista uses NTLMV2 for authentication when attempting to map network drives. To allow NTLMv1 or LM challenge-response operations do the following:

1. Control Panel -> System Maintenance -> Administrative Tools (run as administrator) -> Local Security Policies -> Local Policies -> Security Options

2. Find the Policy Key named Network Security : LAN Manager Authentication Level

3. Set the value to "Send LM and NTLM responses" or - and it seems to make the most sense -"Send LM & NTLM - use NTLMv2 session security if negotiated"

This also can be done by making a change in the Windows Vista registry

1. Run the registry editor and open this key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

2. If it doesn't already exist, create a DWORD value named LmCompatibilityLevel

3. Set the value to 1

4. Reboot

Source: http://youradmin.ca/

For installing Server Roles & Features on Server Core we can use an OCSetup.exe (OptionalComponentsSetup).  To identify all installable and/or installed roles and features we are using other tool, OClist.exe. However, at times some of those roles are not available by default (such as Hyper-V, …).

The Server Core installation option is a new option that we can use (i think it’s a best option) for installing Windows Server 2008.

A Server Core installation provides a minimal environment for running specific server roles, which reduces the maintenance and management requirements and the attack.
To achieve this, the Server Core installation option installs ONLY the subset of the binary files that are required by the supported server roles.

Right now, a server running Windows Server Core 2008 supports the following 9 server roles:

1. Active Directory Domain Services (AD DS) using dcpromo.exe
2. Active Directory Lightweight Directory Services (AD LDS)
3. DHCP Server
4. DNS Server
5. File Services
6. Print Services
7. Streaming Media Services
8. Web Server (IIS)
9. Hyper-V (Windows Server Virtualisation)

As i said, all Server Core server roles can be installed via OCsetup.exe, just with one exception of the Active Directory Domain Controller role. AD is done by using dcpromo and the Web Server which is done through the PackageManager (PkgMgr.exe).

Installing a specific server role follows the syntax below:

start /w ocsetup <serverrole-name>

1. Active Directory Domain Services (AD DS): dcpromo /unattend:<unattendfile.xml>
2. Active Directory Lightweight Directory Services (AD LDS): start /w ocsetup DirectoryServices-ADAM-ServerCore
3. DHCP Server: start /w ocsetup DHCPServerCore
4. DNS Server: start /w ocsetup DNS-Server-Core-Role
5. File Services: installed by default
6. Print Services: start /w ocsetup Printing-ServerCore-Role
7. Streaming Media Server: start /w ocsetup MediaServer (After copying the appropriate Microsoft Update Standalone package (.msu files) to your Server Core installation, and running the .msu file(s)).
8. Web Server: start /w pkgmgr /iu:IIS-WebServerRole;WAS-WindowsAc tivationService;WAS-ProcessModel
9. Hyper-V

Streaming Media and Hyper-V (and may be other roles) might be missing when looking through the Optional Component list (via OClist.exe).

To add updates/roles/features to the list, use the following command:  wusa <update>.msu /quiet

A typical example is the Streaming Media Server role, which only becomes available after copying the appropriate Microsoft Update Standalone package (.msu files) to your Server Core installation and running the .msu file(s).

Installing a specific feature follows the syntax below:

start /w ocsetup <feature-name>

start /w ocsetup BitLocker
start /w ocsetup BitLocker-RemoteAdminTool
start /w ocsetup FailoverCluster-Core
start /w ocsetup WINS-SC

When you connect to a new system you might be prompted for authentication or the access will fail. You can simply configure alternate sets of credentials to be used for various systems using the CMDKEY utility, as this example shows:

You can remove an entry using the cmdkey /delete: command.

With Hyper-V the world of networking is quite different than it was with Virtual Server. First to set the scene, with Windows Server 2008 installed on a system with one network adapter you will see this under Network Connections:

And your system is operating like this:

Once you install Hyper-V and create a virtual network your system now operates like this:

As you can see the parent partition (host operating system in Virtual Server lingo) is now using a virtual network adapter to connect to the physical network.  If you look at network connections on the parent you will now see the original network adapter and a new virtual network adapter:

The original physical network adapter now has nothing bound to it except the Microsoft Virtual Network Switch Protocol.  The virtual network adapter now has all of the standard protocols and services bound to it instead.

Some interesting things to note here:

• The virtual network adapter that appears under Network Connections will have the same name as the virtual network switch it is associated with.
  
  
• It is possible to create an 'Internal' virtual network - which will expose a virtual network adapter to the parent partition without needing to have a physical network adapter associated with it.
  
  
• Unlike with Virtual Server, Hyper-V only binds the virtual network service to a physical network adapter when a virtual switch is associated with the physical network adapter in question.  The advantage of this is that you avoid the performance overhead involved with having this service enabled on network adapters that are not associated with virtual network switches, the downside is that it means that networking gets disrupted on the network adapter in question when a virtual network switch gets created or deleted.

After two month of intensive using of the newest product from Symantec - Endpoint Protection (SEP) 11 - I am ready to make a statement: you want to wait at least till the first service pack before deploying SEP in production.

If you decide to try anyway, spend time to develop proper policies before clients installation. Turn off all features that you do not need at the moment. Pay close attention to Network Threat Protection and Outlook Auto-Protect features. May be it will be better to refrain from using them so far.

Symantec Endpoint Protection

Windows Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

Windows Malicious Software Removal Tool x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

Security Update for Windows XP (KB943485)

A security issue has been identified in LSASS that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows XP x64 Edition (KB943485)

A security issue has been identified in LSASS that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Server 2003 x64 Edition (KB943485)

A security issue has been identified in LSASS that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Server 2003 for Itanium-based Systems (KB943485)

A security issue has been identified in LSASS that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Server 2003 (KB943485)

A security issue has been identified in LSASS that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows XP x64 Edition (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Vista for x64-based Systems (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Vista (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows XP (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Server 2003 x64 Edition (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Server 2003 for Itanium-based Systems (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows Server 2003 (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

Security Update for Windows 2000 (KB941644)

A security issue has been identified in TCPIP that could allow an attacker to compromise your Windows-based system and gain control over it.

January 2008 Security Releases ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on January 8th, 2008.

In Windows Server 2003, you can start the RDC client (mstsc.exe) with the /console switch to remotely connect to the physical console session on the server (also known as session 0). In Windows Server 2008, the /consolesession 0 switch has been deprecated. In Windows Server 2008, is a non-interactive session that is reserved for services.

You can use the new /admin switch to remotely connect to a Windows Server 2008-based server for administrative purposes. The /admin switch is introduced with RDC 6.1. RDC 6.1 is included with the following operating systems:

• Windows Server 2008
• Windows Vista Service Pack 1 (SP1) Beta and RC
• Windows XP Service Pack 3 (SP3) Beta and RC

Note   RDC 6.1 (6.0.6001) supports Remote Desktop Protocol (RDP) 6.1.

RDC 6.1 does not support the /console switch. However, for backward compatibility, you can use the /admin switch to connect to the physical console session on a Windows Server 2003-based server. For example, to connect from a Windows Vista SP1 RC-based client to the physical console session of a Windows Server 2003-based server, you can run the command mstsc.exe /admin.

TechNet Briefing Luxemburg: Microsoft Application Virtualization (Microsoft Softgrid)

This session will explore the Microsoft Application Virtualization solution. It will explain you how you can easily change the way you do software delivery and how this will affect the numerous issues you are facing today with standard Electronic Software Distribution (ESD) solutions. We will also explore the different steps involved in the creation, publication and delivery of the virtualized applications to the end users.

Date : 16/01/2008 - morning - English

Register NOW

Robert Larson has done an excellent post on How to configure Hyper-V Clustering: http://blogs.technet.com/roblarson/archive/2007/12/17/building-a-host-cluster-with-hyper-v-be

The answer file is now an XML file instead of an INF file. You should to use Windows System Image Manager to create the XML file. Windows System Image Manager is part of WAIK and can be downloaded here.
To actually use this XML file, copy it sysprep.xml toc:\windows\system32\sysprep. That is the folder on a Windows Server 2008 system where sysprep.exe is located by default. From that location, you execute the following command:

sysprep /generalize /oobe /shutdown /unattend:sysprep.xml

The system will shut down. The next time you start this system (after cloning it), it will install with the settings in the XML file. The Computer Name will be automatically generated.

Configuring a Dell PowerEdge system for booting from virtual disk on MD3000i.