Handy Windows 7 GPO Policies

The official roll-out of Windows 7 has begun in my office.  We are doing a round of hardware refreshing for some end users and with that comes Windows 7 and Office 2010. Here are a couple handy GPO settings we’ve used to make our lives easier.

Verbose Startup and Shutdown – by default, Windows 7 will just display “please wait…” while it handles it’s startup and shutdown processes.  If you find the verbosity of Windows XP handy, likely displaying the name of software that’s being installed automatically, you’ll want to change use these policies.

Computer Configuration – Policies – Administrative Templates  – System – Verbose vs normal status messages = Enabled

Computer Configuration-Policies – Administrative Templates – System – Remove Boot / Shutdown / Logon / Logoff status messages = Disabled

Let Users Install Printers – Windows 7 increased security and UAC will prompt standard users for administrative credentials before adding a printer because the driver store is a protected area.  If running around to help every user who’s trying to add another network printer isn’t your cup of tea, try these policies to give the standard user a little bit more power.

Computer Configuration – Policies – Administrative Templates – Printers – Point and Print Restrictions = Disabled

User Configuration – Policies – Administrative Templates – Control Panel – Printers – Point and Print Restrictions = Disabled

What’s A Techie To Do?

Or rather, what have I been up to lately?

Been doing a lot of “spring” cleaning at the office. Trying to tie up loose ends on lots of little projects.

1) Upgrading Shoretel – I’ve been using Shoretel since Shoretel 5. We’ve been through several upgrades since then and last week moved to Shoretel 12.3.  We have a fabulous reseller that did most of the work for me. Sometimes it’s nice to just sit back and watch the magic. The trickiest part was getting the MSI file for the new desktop software, Shoretel Communicator, out of the setup file so I could deploy it with a GPO.  This guy had a good blog post that helped me out.

2) Removal of Exchange 2003 – Back in October I migrated our mail to Exchange 2010 SP1. Our old server had going through several stages of being decommissioned and had been left turned off for several months as other more pressing project got to me. I finally turned it back on and ran the setup program to remove it.  It didn’t go completely flawlessly, but most issues were resolved by fixing a few public folder replication issues and then deleting the server from the Exchange 2003 ESM.

3) Training for Windows 7 and Office 2010 – We have finally reached the point where we are doing a bunch of hardware refreshes for staff in the office.  That means moving from XP / Office 2007 to Windows 7 and Office 2010.  I’m not doing the hardware deployments, but I’m responsible for providing basic training to the staff so they are prepared for some of the changes that will come.  My first two sessions were this week and I concentrated a lot on the new start menu and taskbar in Windows 7.  Also, Outlook 2010 has quite a few navigation changes that are notable.

4) De-cluttering My Desk – While not a super-techie endeavor, it needed to be done. I trashed piles of CDs and DVDs of very dated software, including diskettes for installing Windows 2000 Server. Diskettes!! Ah!!  If anyone is looking for the DVD to install Windows 95, I’m your girl. I’m hanging that in my cube for decoration.

Upcoming May Events – Password Stealing; Windows Deployment

Pacific IT Professionals May Meeting – On May 8th This Month!
Date/Time: Tuesday, May 8, 2012 – 6:30pm
Topic: Sam Bowne – CCSF Professor and CISSP will be presenting on Stealing Passwords Remotely & Malware Analysis. Join us to hear Sam talk about Stealing Passwords Remotely & Malware Analysis – it should be a great technical security discussion meeting where you can ask questions and hear some interesting things about Malware and password security.

Please remember to RSVP if you’ll be attending.

Also a few upcoming events from Microsoft –

TechNet Webcast: Everything You Wanted to Know and Ask about Windows Deployment (Part 1)
Registration URL:  http://go.microsoft.com/?linkid=9807963  or  http://bit.ly/JLTQLM
Date/ Time: Tuesday, May 15, 2012 – 9-10am (Pacific)
Abstract: In this demonstration-rich, question and answer webcast, Windows Product Manager Stephen Rose moderates an open conversation with Microsoft Deployment Toolkit Product Manager Michael Niehaus and deployment guru Johan Arwidmark. They discuss the new Microsoft Deployment Toolkit 2012 release as well as tips and tricks from the experts about using the Windows Deployment Toolkit.

TechNet Webcast: Everything You Wanted to Know and Ask about Windows Deployment (Part 2)
Registration URL:  http://go.microsoft.com/?linkid=9807964   or  http://bit.ly/Kgny8y
Date/ Time: Thursday, May 17, 2012  – 9-10am (Pacific)
Abstract: In this demonstration-rich, question and answer webcast, Windows Product Manager Stephen Rose moderates an open conversation with Microsoft Deployment Toolkit Product Manager Michael Niehaus and deployment guru Johan Arwidmark. They discuss the new Microsoft Deployment Toolkit 2012 release as well as tips and tricks from the experts about using the Windows Deployment Toolkit.

Remote Assistance in Windows 7

Today I had a random reason to use the built-in Remote Assistance features of Windows 7.  I was helping troubleshoot an issue with a vendor on a user’s machine, using the user’s session.  Here are some things I noticed about the Remote Assistance that differs from a regular Remote Desktop session.

  • Remote Assistance will give you a view of all the users screens with the full screen resolution.  In this case the end user had 3 monitors, so I had to expand my view the that machine across the majority of my 3 monitors in order for it to be usable.  Normally when you do a simple remote desktop session, all the applications and desktop icons from multiple monitors are fitted to one screen.  This may or may not annoy you, depending on how you like to work with remote systems.
  • Remote Assistance really assumes you have a person sitting at the computer.  As the remote support person, it’s very easy to accidentally loose your rights to control the remote desktop by hitting Escape or Cntl-Escape.  You need the end user to re-authorize your request for control. (My end user used this troubleshooting time as an excuse to get coffee, so I had to run back to the desk to authorize that a few times.)
  • Remote Assistance blocks your ability to send email using the users email application, in this case, Outlook 2007. While I can see how this is good from a security standpoint, it was a hurdle when I wanted to use the email account to send some log files to the vendor.

The Remote Assistance features can certainly be handy depending on what a remote support person needs to be able to do on a user’s workstation.  I’ll probably use it again, but only when I’ve got someone sitting there to help with any control issues, since the whole point of using it is to save me from having to leave my desk!

Shopping for Hard Drives? Pay Attention to Sector Sizes

Disk drive manufacturers are transitioning to the production of Advanced Format disk drives, which have 4 KB physical sector size instead of the traditional 512 bytes.  While larger sectors will ultimately improve performance, many applications are not written to take advantage of the change, so a transitional technology called “512-byte emulation” is used to support the 512 byte logical addressing.  These disks are known as “512e” disks, for short.
Advanced Format drives will ultimately be the future standard, however some applications may have issues with the transitional 512e drives, especially if you are imaging a machine to new hardware and the OS and applications aren’t expecting a difference in physical and logical sector sizes.
Microsoft has a hotfix available for Windows 7 and Windows Server 2008 R2 than can address several potential issues introduced with this type of disk.  Check out KB 982018 for additional details and several known issues.  I’d be particularly aware if you are doing any P2P migrations of servers that support Active Directory, DHCP or act as a CA, as the ESENT engine is sensitive to the reporting of sector size, as detailed in issue #1 of the knowledge base article.

There’s Still Time to Win a Copy of Windows 7

If you are looking for a way to get your hands on a copy of Windows 7 Ultimate and you have a good story about how Windows 7 helped save your company money, solve a problem or somehow made your IT day, you have until the end of January to submit the story to Microsoft and win!

Microsoft will be giving away 10 copies of Windows 7 Ultimate to the 10 “Best Windows Stories”.  If you’ve got a great story, check out the contest rules and fire up your literary side.  The contest ends at 11:59pm on January 31st.

Coming Soon! – Chat with MVPs, Learn about IPv6 and Hang with PacITPros

October is starting out with a bang.  Here are a few upcoming events that you might want on your calendar.  Please visiting their listed sites for more information or to register.

October 5th – PacITPros Monthly Meeting – This month they welcome Chad Scott, Solution Architect with Infoblox who will be going over their DNS/DCHP/IPAM solution plus their newest solution of NetMRI from the recent acquisition of Netcordia.  Also featured will be Kenny Spade, Academic Developer Evangelist with Microsoft presenting on Windows Phone 7. This will be a sneak peak prior to the official launch date, so you will get to see the handset and OS in action.

Meeting location is at the Microsoft Office, 835 Market Street, Suite 700, San Francisco, CA 94103. Please RSVP at the www.pacitpros.org website.

October 14th – Chat About Microsoft Office and Windows with the MVP Experts, 10-11am PST -Would you like to learn more about the cool new features in Office 2010 and Windows 7 and what has changed since previous versions? Do you use Microsoft Office but would like to learn tips and tricks to be more productive at home, school or at work? Perhaps you are a new user who has questions on how to get started with Windows 7 or using the Office ribbon? Or would like to learn how to protect your computer from malware and viruses. Or perhaps you are just stuck and need answers. 

The Microsoft Most Valuable Professionals (MVPs) are here to help! The MVPs are the same people you see in the technical community as authors, trainers, user groups leaders and answerers in the Microsoft forums. For the first time ever we have brought these experts together as a collective group to answer your questions live.

MVPs will be on hand to take questions about Microsoft Office 2010 or Office 2007 products such as Word, Excel, PowerPoint, Outlook, Access, Project, OneNote and more. As well as the Windows 7 and earlier versions such as Windows Vista. In addition to Microsoft Office, the chat will cover Windows related topics such as upgrading, setup and installation, securing your PC, Internet Explorer, personalizing your computer desktop or having fun with Windows Live Essentials to share photos, make movies and more. All levels of experience are welcome from beginners and students to intermediate power users.

Please join this informative Q&A style chat and bring on your basic and your tough questions!

November 2-4th – The gogoNET LIVE! and CAv6TF IPv6 ConferenceWith IPv4 addresses predicted to be depleted within 18 months we all need to start becoming familiar with IPv6. The California IPv6 Task Force is pleased to present the gogoNET LIVE! IPv6 conference at San Jose State University to:

– Get the knowledge you need from experienced IPv6 professionals
– Learn IPv6 theory in workshops
– Make useful technical contacts in the IPv6 world

 This is the only local West Coast IPv6 event for the remainder of 2010 and it is right here in the Bay Area so take advantage of this opportunity to increase your knowledge on all things related to IPv6.  gogoNET LIVE! is a live version of the gogoNET social network that has close to 30,000 IPv6 professionals as members.

Be prepared, don’t fall behind – this is your chance to get on the cutting edge of IPv6 deployment. Visit http://gogonetlive.com for details and to register.