Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Monday, October 27, 2008

Use WIM to store your classes.

As I continue in this line of work, I’m constantly faced with the same issue. How do I preserve all the data that I have accumulated? I’m beginning to think that I have the MCT download site sitting in these little USB powered boxes in front of me. I like to add a little value to the classes that I teach. Don’t get me wrong. The people at Microsoft do good work in developing these classes. As the instructor on the front lines though, I know that my students expect more. As a result I have extra labs, handouts, downloads and then some. Well how do you keep all this organized? Imaging.

I know, what are you talking about? Am I supposed to image my computer for each class? Of course not. You can image your files and restore them later. Let me just tell you a big advantage. My 5115A class with all the VMs, books, and my notes comes in at over 8 gigs. After I ran the imagex command with the /compress maximum switch the total file size is 1.8 GB. At that size, I was able to easily fit 5115 and 5116 on a single DVD as a backup. Sealing them up takes time, but deploying them is a breeze.

Rapid deployment can be a life saver when you show up on site and nobody has deployed the VMs for the class. It has happened to me before. I brought several DVDs and passed around my USB hard drive to the students while I started class. It was still 2 hours before everyone had the VMs running. Utilizing the new WIM image format, you can significantly reduce your rollout time in these situations by utilizing the WIM format.

You do not need to zap any hard drives for this. You are merely adding files to the hard drive. Why not zip them? Well, the WIM format takes advantage of single-instance storage. That means if the same file appears 8 times in what you are imaging, it will only be stored once. That saves significant storage space and increases deployment speed. Give it a try.

Monday, October 20, 2008

Using the Reliability Monitor as a Lie Detector

There are some days that we feel like parents. Our kids come back with something expensive that we gave them and it is broke. They have no idea what happened to it. All they know is that they want you to either fix it or get them a new one. Being the superior support personnel we all are, we ask our usual round of questions only to get vague answers in return. What if I could tell you that you could eliminate the “What did you install/uninstall” question? How about even getting rid of the “Did anything crash” question? With the Reliability Monitor, you can.

Your start the reliability monitor by opening it as an MMC Snap-in. You can also click Start and type rel. At the top of the search results, right mouse click Reliability and Performance Monitor and select Run as Administrator. If you right mouse click Reliability and Performance, you can connect to that other user’s computer. Using the Reliability monitor, you can see when things went south on that client. You can see what crashed, what was removed and what was installed.

In this image of the System Stability chart, you can click on each day to see what went on. We had a pseudo way of doing this in XP with the System Restore Points. What you click through the System Restore calendar you got a little detail about what was changed that caused the restore point to be created. My personal record for dealing with a user who was not truthful is 2.5 days. Once I uncovered the truth, the problem was resolved in 20 minutes. Image the time, money and frustrations that we could have saved with this tool.

Monday, October 13, 2008

Class questions for 5118A on October 6, 2008

Question for class: 5118A
Class Date: October 6, 2008
Location: Lantech Training – Indianapolis, IN
Below are the questions that we had to place in the “Question Parking Lot.” We answered them in class but I want to share with my readers what our up and coming MCPs are thinking about.

Where can we get a copy of Standard User Analyzer?

The Standard User Analyzer can no longer be downloaded on its own. Microsoft has moved it into the Application Compatibility Toolkit 5.0. You will also have to install the Application Verifier to get it to work. This move makes sense since its purpose was for developers to determine if their creations will work in Vista. As part of a migration team, we can use it to make sure our legacy applications can function in the Vista environment and to also help us find a way to make it work.


ACT 5.0:

Application Verifier:

What are the memory limitations for Ready Boost?

Ready boost is a way to increase the speed of your Vista machine. It was designed for systems with 512 MB – 1 GB to help them along. The rest of us can utilize them for performance enhancements as well. We do this by adding a USB key to your computer. When you insert the memory stick into the PC and auto play starts, Click Ready boost. The memory limits are 256MB – 4 GB. Microsoft recommends a 1:1 ratio on flash to system memory on lower end systems and a 2.5:1 ration on flash to system memory on higher end systems. The 4GB limit is due to the FAT32 partition on the flash drive. 4GB is the largest file size it can handle.

Monday, October 6, 2008

Questions and Answers from 5115A and 5116A September Class

Can you disable the Vista Public folder in a GPO?
· No.
· You can do a registry hack. This is not advisable.

PIN requirements for Bitlocker.
· The must be between 4 and 20 numerals long.
· It is created when Bitlocker is enabled.

What ports do Windows Meeting Place use?

TCP 801

Thursday, October 2, 2008

Why XP clients cannot request web enrollment certificates from Windows 2008

One of the strong points of what Microsoft has been doing over the years has been to maintain compatibility with software for previous versions of its operating systems. This has worked well for a long time. After all, why would you go through the expense of upgrading all your clients to a new OS if it meant buying completely new software packages. The cost would be to prohibitive. As with all old technology, sometimes the old has to give away completely to the new. Case in point, take a look at what the telegraph did to the Pony Express.

The Web Enrollment on Windows Server 2008 has changed. On a Vista machine, it will look as it always has. On XP, it simply will not work. The Server 2003 enrollment control, XEnroll.dll has been replaced by CertEnroll.dll in Server 2008. The enrollment agent has been moved from the server to the client (Vista). Since XP and 2000 relied on the enrollment agent being available on the server, this legacy Oss are not able to request a certificate. So, how do you install a CA on a Server 2008 based system without completely upgrading all your clients to Vista first? It’s a little combination of the old and the new.

First off, you can use a Vista client to request the certificate for the legacy OS. This is all fine and dandy, but a little cumbersome. The other option is to follow a best practice and have a subordinate CA that is running Server 2003 with Web Enrollment installed. This will allow your legacy Oss to continue functioning happily in a secured environment.

Correction to paragraph 2

I’ve found some contradictory information. XP/2000/2003 can still use web enroll on a Windows @008 AD CS server. AD CS will detect the legacy operating system and use Xenroll.dll to issue the certificates. One thing to note is that Smart Card enrollment is not support on the legacy applications unless you use one of the other methods mentioned.