With nearly 1,000 settings available in Windows Server 2003 Group Policy, troubleshooting is a burdensome and often frustrating experience for administrators. The most frequent problem—by far—for group policy application is failure of the policy to work as expected.
So Many Policies, So Little Time. Microsoft gave us some rudimentary tools in Windows 2000 Server to help, including:
- Gpotool
- Userenv.log
- Gpresult
As good as these tools are, there are some serious deficiencies. For instance, debugging a GPO failure involves getting the user to log on to the computer with his account; running Gpresult.exe; saving it to a file; then passing the file to the administrator for analysis. Multiplying that process several times during testing quickly becomes frustrating for everyone concerned. (continue at source)
Not Microsoft, but a Russion security company has released a patch for Windows XP SP2. The leak is in the so-called DEP-mechanism (data execution protection). DEP checks the memory to prevent hazardous programs from executing. Security experts from the russian Positive Technologies discovered the leak in SP2 just before christmas. They reported it with Microsoft, but the software maker asked to wait on further notice. Because Positive Technologies still hasn't received a notice after one month of waiting, the company decided to release a patch of their own, named PTmsHORP.
(russian) (english)
When you normally log in to your Windows NT, 2000 or XP computer after having provided your user name and password (aka the "credentials"), a so-called "desktop" is created for you by a system component (the winlogon.exe process) that acts as the surface for your user shell, the taskbar, and all windows you create by starting programs. For every logged in user, Windows creates this single desktop, that has the name "default" and is therefore often called the "default desktop". SUperior SU and its desktop switcher can create additional desktops for you and on each desktop that is created, a new taskbar and desktop background with links on it, etc. is created. The real cool thing is, that every desktop runs in the context of a user whose user name and password you provide prior to creation of the desktop.
This white paper discusses deploying Microsoft SharePoint Portal Server 2003 on HP BladeSystem servers. Subjects covered include:
the business cases for employing blade technology
how blades fit within the SharePoint Portal Server 2003 architecture
deployment strategy and implementation for HP BladeSystem solutions
performance characterization results
local vs. SAN storage
practical RDP deployment example procedures and scripts
example hardware configurations and logical volume design
Conclusions of the paper are that the tested SharePoint Portal Server 2003 deployments capitalize on both the HP BladeSystem architecture, on SAN storage technologies, and provide excellent, scalable performance. Guidance includes recommended deployment configurations and practical examples of automated deployment procedures and scripts using Rapid Deployment Pack. The document also addresses different storage technologies (e.g. local disks vs. SAN) and how to automate deployment to both types of storage for various SharePoint Portal Server 2003 server roles.
(more)
If you're sitting at a computer, chances are you have a least one program from Jeff Raikes up and running—and it's probably more like two or three. That's because Raikes runs the Information Worker business unit at Microsoft, where he is not only responsible for Office, but a growing portfolio of related applications such as SharePoint and Live Meeting. A group vice president reporting directly to CEO Steve Ballmer, Raikes is also responsible for Microsoft Worldwide Licensing and Pricing. He must be doing something right—his group brought in $10.9 billion in fiscal 2004.
Bowing to objections from European antitrust officials, Microsoft Corp. yesterday scrapped plans to use the name "Windows XP Reduced Media Edition" for the stripped-down version of the operating system that it was ordered to sell in Europe. The name had raised eyebrows among industry analysts who predicted that it would discourage sales of the alternate Windows version.
But the company said the name was merely designed to distinguish clearly between the full-fledged operating system and the additional version that the European antitrust ruling requires it to offer. The alternate version comes without Windows Media Player and related functions. The European Commission asked the company to change the name, Microsoft spokeswoman Stacy Drake said yesterday.
(more)
Gates said Microsoft was 'certainly working hard' to release a new computer operating system, dubbed Longhorn, in 2006. 'It won't be a radical shift, but it will be clearly an improvement on Windows,' the ubiquitous operating system, Gates said," Loftus and Manzaroli report.
(more)
With the Install from Media (IFM) feature in the Active Directory Installation Wizard, you can use a restored system state backup as the data source when you promote a Microsoft Windows Server 2003-based domain controller in an existing domain. When you use IFM to promote a domain controller, you gain important advantages over network-based promotions.
These advantages include:
• Reduced use of network resources when new domain controllers are promoted in an existing domain.
• Faster sourcing of Active Directory directory service and global catalog data to a new domain controller.
• Improved recovery of Windows Server 2003-based domain controllers after a hardware or a software failure.
(continue at source)
Some two years after its introduction, Microsoft is seeking to drive its Tablet PC technology into the mainstream with lower prices. But some analysts say that alone won't do the trick -- and not many PC vendors are helping Microsoft's effort.
Microsoft and vendors including Toshiba and Acer want to move beyond niche markets, so they will no longer target Tablet PCs chiefly at mobile professionals and specific industries such as health care and insurance. This year both Acer and Toshiba (Profile, Products, Articles) will start selling tablets that are not as thin, light or powerful as their predecessors, but are up to 25 percent cheaper. "We're right on the verge of seeing a lot more competitively priced tablets on the market," said Robert Williams, director of business development and partner engineering in Microsoft's Mobile Platforms Division. "This spring you will see tablets go into retail in the $1,500 to $1,600 price range."
(more)
The Free Software Foundation is lobbying the European government to reject the server licence that Microsoft has proposed following the European Commission's antitrust ruling. Microsoft's terms, says the FSF, will mean that open source software such as the widely-used Samba file and print server software, will not be included in the interoperability measures intended by the EU.
(more)
When you need to perform tasks that require elevated privileges, you use RunAs to start a program with the local Administrator account. You quickly realize two things:
1. The program running as local Administrator cannot access network resources, since your local account is recognized only on your own computer; and
2. Any per-user settings apply to the local Administrator’s profile, not to the profile you normally work with.
MakeMeAdmin.cmd addresses these issues. When you run it, you get a Command Prompt running under your normal user account, but in a new logon session in which it is a member of the Administrators group. This Command Prompt and any programs started from it use your regular profile, authenticate as you on the network, but have full local admin privileges. All other programs continue to run with your regular, unprivileged account.(continue at source)
Microsoft has revealed some of the changes in the forthcoming release of its SQL 2005 database, scheduled for later in the year.
The offering will include code checking tools dubbed Prefix and Prefast, which were developed by Microsoft laboratories to check automatically for common flaws like buffer overruns. Prefix examines code before the database is built and Prefast after compilation.
"This is all part of a strategy to educate platform developers about security," Detlef Echert, chief security advisor for Microsoft in Europe, told vnunet.com. "While it will be possible to design systems without features like password protection built in, the default options will be more security conscious. A developer would have to go through several steps and make a conscious decision to write insecure code."
(more)
Microsoft Beta co-ordinator, Roger Holland, has just informed current testers of Windows Update v5 that version 6 of the update service is due to hit beta soon.
The Windows Update v5 beta ended late last year and Windows Update v5 is the current release that millions of users across the world are using. In an email to testers, Holland, thanks v5 testers and reminds testers that "the WU v6 beta is for testing only; you should not rely on this site to maintain security updates on any operational, non-test system."
The new release of Microsoft Update will aim to keep Microsoft products secure and up to date with the latest patches, beginning with Windows, Office, SQL, and Exchange. Microsoft are currently developing Windows Update Services for enterprise customers wishing to update Microsoft Windows 2000/XP, Microsoft Office XP/2003, Exchange and SQL.(continue at source)
Microsoft Corp. is planning to make its currently voluntary Windows anti-piracy program mandatory some time in the second half of 2005, company officials said on Wednesday. So far, however, Microsoft has no timetable for broadening the program to other Microsoft products, such as Microsoft Office, server software or games, company officials said. But they did not rule out such an expansion at some point. And Microsoft representatives hinted that the company might also allow Microsoft partners to employ the Genuine Advantage methodology and techniques in the future.
The "
Windows Genuine Advantage" initiative, which Microsoft launched in September 2004, is designed to check whether consumer and small-business customers are running legitimately licensed copies of Windows XP. Since September, about five million users have participated in the voluntary validation process, according to Microsoft officials.
(more)
Microsoft's plans to clamp down on the way illegal copies of its flagship Windows operating system receive updates—including security patches—could have a major impact on the SOHO (small office, home office) market and increase the risk of malicious hacker attacks, experts warned Wednesday.
The warning follows an announcement out of Redmond, Wash., that the "Windows Genuine Advantage" anti-piracy initiative, hitherto voluntary, will be mandatory by midyear. The program calls for Windows users to validate product keys, PC manufacturers and OS versions to allow Microsoft to crack down on cracked versions of the operating system. "This shouldn't surprise anyone. We all know this was coming once Microsoft went to an activation model for Windows XP," said Rick Fleming, chief technical officer at Texas-based security outfit Digital Defense Inc. "From a pure business standpoint, I understand it. Software vendors are losing the war against piracy, and they have to make some tough decisions."
(more)
The security patch Microsoft recently released against a flaw in the HTML Help ActiveX part of Windows does not address a newly discovered hole in the system.
Users of Windows XP are vulnerable, even if they are using fully patched versions of Service Pack 1. Windows 2000 running a fully patched Service Pack 4 are also at risk from the vulnerability which could allow a hacker to place malicious code, including spyware, on a system.
(more)
Microsoft will meet with representatives from the U.S. Department of Justice (DOJ) next month for the first of several briefings intended to ensure that its upcoming Longhorn operating system complies with the terms of the final judgment in the government's antitrust case against the software maker.
In court papers filed Tuesday, the government also said that its technical committee raised concerns about whether Windows XP and Service Pack 2 are in compliance with the judgment. Microsoft replied to those concerns recently and the government is reviewing its responses, it says.
(more)
Windows XP Professional x64 Edition
Note: The Windows XP Professional x64 Edition - CD will not be available until approximately late February. If you prefer to not wait for the CD version, you are welcome to continue to process your order for the download version.
Windows XP Professional x64 Edition is designed to address the most demanding business needs of technical workstation users who require large amounts of memory and floating point performance in areas such as mechanical design and analysis, digital content creation, and scientific and high-performance computing applications.
Download Windows XP Professional x64 Edition
Mac OS X and Mac OS X Server have been designed to fit into existing enterprise directory services. Apple’s extensible Open Directory architecture integrates with standards-based LDAP directory services, including Sun JAVA Enterprise Directory Server and IBM Directory Server, as well as with proprietary ones such as Microsoft’s Active Directory.
Mac Computers on Windows Networks
Apple has gone well beyond generic standards-based support. Mac OS X builds in support for all of Microsoft’s proprietary Active Directory services: Microsoft Kerberos authentication; Active Directory authentication policies, such as password changes, expiration, and forced password changes; and Active Directory replication and failover.(
more)
Our mission is to organize the world's information, and that includes the thousands of programs that play on our TVs every day.
Google Video enables you to search a growing archive of televised content – everything from sports to dinosaur documentaries to news shows.
Just type in your search term (for instance, ipod or Napa Valley) or do a more advanced search (for instance, title:nightline) and Google Video will search the closed captioning text of all the programs in our archive for relevant results. Click on a program title on your results page and you can look through short snippets of the text along with still images from the show. Visit the "About this show" side panel to learn when this show will air next.(
more)
Jan. 26, 2005 -- In 2005, Microsoft Corp. plans to enhance its anti-piracy engineering, education and enforcement efforts by expanding the Windows® Genuine Advantage program. Windows Genuine Advantage checks the authenticity of a user's software and provides access to popular software and other benefits, helping consumers and businesses ensure that they are receiving the greater reliability, faster access to updates, and richer user experiences offered by genuine Windows XP software.
Every year, millions of consumers and businesses worldwide are hurt by counterfeit software that they have purchased unwittingly, and many companies that sell legitimate software have difficulty competing with the artificially low prices offered by software counterfeiters. Counterfeit software puts users at risk of receiving an inferior product that may present security risks, be missing code or contain malicious code.(
more)
Brian Madden posted an artikel with a link to a paper of Dr. Bernhard Tritsch, the Chief Systems Architect for visionapp GbmH, a German server-based computing consulting company. The paper, called “The Big Iron Test” presents the methodologies and results of a study of Terminal Server on big (8 processor, 8GB of RAM) servers.
Here’s the best part of the visionapp paper: While there are many papers floating around the Internet that show the results of such a test, this paper shows the detailed methods they used to conduct the test. It details everything and includes the scripts for how they created the 150 user accounts, how they threw all the user sessions at the server (with the full source of the scripts they used) and how they handled user profiles (again, with scripts).
(more)
It's been almost two years since Tarantella acquired New Moon. Soon after the acquisition, Tarantella released Secure Global Desktop Terminal Server Edition which was just New Moon's Canaveral iQ product with a new name. A few weeks ago, Tarantella released version 4 of their Secure Global Desktop product. SDG adds several features to the "base" Terminal Server product, including application publishing, seamless windows, a web interface, load balancing, a DMZ relay server, desktop lockdown control, and client printer sharing (with a Unidriver). All this for a price of $60 per concurrent user!(continue at source)
In this article, MsExchange.org will show you how to administer the Full-Text index with a new command line tool – called MSSEARCH_ADMIN.VBS. This tool greatly expands the administration capabilities with a lot of missing features in the GUI administration (Exchange System Manager). You can use MSSEARCH_ADMIN.VBS with Exchange 2000 and Exchange 2003.(continue at source)
The clock says 8 a.m. CEO Steve Ballmer has been up since 4:45, has worked out and been in the office for a while. Tall coffee in hand, he's already his famous self: revved up, voluble, funny, charming and launching into a root-root-root for the home team.In an interview, Ballmer talks a lot about how, five years after Chairman Bill Gates made him CEO, he is redefining Microsoft for its next phase, making it more disciplined and decentralized. Though Microsoft (MSFT) has a reputation as a bully in the technology industry, Ballmer is trying to make it a better corporate citizen. As the company enters its 30th year, Ballmer, 48, is nudging Microsoft to make a transition to an enduring corporation — a General Electric or an IBM — that can long outlive its founders. To get there, Ballmer has driven structural and cultural change through the software giant.
(more)
The
Microsoft Password Change Notification Service Management Pack for MOM 2000 and MOM 2005 collects events placed into the event log by the Password Change Notification Service. Key events are highlighted to indicate possible service outages, configuration problems, and degraded performance so that corrective or preventive actions can be taken in a timely manner.
The Microsoft Information Technology organization (known as Microsoft IT) is introducing Domain Isolation to the Microsoft global enterprise network as part of Microsoft’s Embody Trustworthy Computing efforts. The purpose of Domain Isolation is to prevent unauthorized access (external and internal) to trusted assets. The technology chosen for isolation is Internet Protocol Security (IPsec). The result of these efforts is a secure, segmented network of trusted computers, which Microsoft calls “SecureNet.”
This white paper focuses on Microsoft IT's experiences with planning and deployment of IPsec to create SecureNet—their secure network.
The vast majority of modern messaging environments have a challenge of establishing and maintaining reliable and secure Internet e-mail connectivity. While the task of enabling Internet e-mail routing is relatively straight forward and usually well documented for most messaging platforms (most people view it as narrow as creating a DNS MX record for inbound e-mail and designing an equivalent of an SMTP connector for outbound e-mail), making a robust Internet e-mail system can be quite challenging. In this blog, I wanted to share some of the issues and challenges that Microsoft IT faced in the Internet e-mail area as well as demonstrate some solutions that were implemented in Microsoft’s own messaging environment to make Internet e-mail flow. This solution is based on Exchange 2003 technologies, so it may be relevant to other environments that have Exchange 2003 performing gateway functions to send and receive mail from the Internet.(continue at source)
Microsoft said today that it won't pursue any more appeals against an interim EU competition ruling to ship a version of Windows without Windows Media Player. In December Microsoft lost an appeal to the European Court of the First Instance and promised to ship WMP-less Windows in the EU "in January". Now we learn that OEMs will be able to receive WMP-less Windows "within the next few weeks".
At behind-closed-doors hearings in 2003 Microsoft argued, as it had before, that producing a version of Windows without Media Player was impossible. However this was undermined when Real Networks sensationally demonstrated Real Player running quite happily on an embedded version of Windows.
The full investigation into allegations of anticompetitive practices by Microsoft is expected to take five years. Last spring an interim ruling imposed a fine and some conditions on the company. Novell and long-standing Microsoft foe, trade group CCIA withdrew from the proceedings last November. CCIA realized the folly of its campaign after Microsoft paid it almost $10 million.
"Life is a constant reordering of priorities," said CCIA chief Ed Black. So true.
Sources claimed Microsoft is planning to introduce its 64 bit operating system for Intel and AMD processors (iAMD64) on the 29th of April. The sources are close to Microsoft. It appears there will be a release to manufacturing version of WinXP 64 in March. That's the stage before the CDs get stamped out and the boxes get printed.
Quite coincidentally, Intel will finally be ready with its full line of 64 bit capable CPUs, including Celeron 64s, close to that date. This, of course, is entirely coincidental and is just the way things can spookily happen at the same time in our industry.
(more)
Convincing businesses to upgrade to new versions of Office is a perennial challenge for Microsoft, but the company hopes a new Elixir might speed things up. An effort, code-named Project Elixir, will take shape later this year as a way to promote Microsoft's Outlook e-mail and contact program, with some additional fields, as a tool for viewing customer relationship data. Eventually, the plan could help the software giant elbow its way further into the customer relationship management market, where Siebel Systems, Oracle and SAP dominate. Microsoft started doing this internally last year, using Outlook as a means for its sales force to access a data warehouse linked to the company's Siebel CRM software.
Microsoft is currently in the process of trying to take that internal effort and transform it into a set of software tools that other companies can use. Although the company used Outlook internally with Siebel products, it could be linked to a variety of other customer relationship management programs. Interest from outside customers has been high, Charles Fitzgerald, Microsoft's general manager of platform strategies, told CNET News.com.
(more)
Microsoft Corp. said on Monday it had decided
not to appeal a December ruling by a European Union court ordering it to immmediately implement EU antitrust sanctions imposed last March.
"Microsoft has decided to forego its right to appeal the Court of First Instance's ... ruling of December 22, 2004," Microsoft said in a statement.
John Howard posted 13 links related to Group Policy, some are very interesting to read so here they are:
1
Redirecting the Users and Computers Containers in Windows Server 2003 (KB324949)
2
Group Policy Common Scenarios Using GPMC
3
Scriptomatic Tool
4
Staging Group Policy Deployments (Chapter 3, Windows Server 2003 Deployment Kit - Designing a Managed Environment Book) (more)
Intel’s virtualization technology, codenamed Vanderpool, is part of a collection of premier Intel designed and manufactured silicon technologies that deliver new and improved computing benefits for home and business users, and IT managers. Others in the market today include Intel® Hyper-Threading Technology and Intel® Extended Memory 64 Technology, with plans for Intel® Active Management technology and LaGrande technology that focus on management and greater security underway.
Virtualization enhanced by Vanderpool will allow a platform to run multiple operating systems and applications in independent partitions. With virtualization, one compute system can function as multiple “virtual” systems. With enhancements to Intel’s various platforms, Vanderpool technology can improve the robustness and performance of today’s software-only solutions.(
more)
Microsoft Corp. is expected to roll out the much-anticipated second beta release of its Visual Studio 2005 development platform at the end of March or early April, sources close to the company said.
According to sources, Microsoft is scheduled to release Beta 2 of Visual Studio 2005, code-named Whidbey, on March 31. Sources also said Microsoft is expected to release the release candidate version of Visual Studio 2005 around the time of the Microsoft PDC (Professional Developers Conference) in Los Angeles in mid-September. Microsoft officials had said to expect the final Whidbey release to ship in late summer 2005. Microsoft would not comment on the release dates specifically, but a company spokesman said the company has maintained that it would have the second beta of Whidbey in the first quarter of 2005.
(more)
Winternals is the commercial software firm run by Mark Russinovich and Bryce Cogswell. It's sister www.sysinternals site, is (or sure should be) well know by Windows power users around the globe as the source of outstanding free utilities. I've lost count of the number of times I've used their tools to really do useful things (e.g. regmon, filemon, bginfo, just to name a few!). Sysinternals takes those free tools to the next level and produce some really great commercial systems management tools.
One of Winternals' tools is the Administrator Pak. The current version 4.2 edition is a great set of tools enabling you to revive unbootable or damaged systems, diagnose problems with Windows, etc. The pack includes ERD Commander 2003, Disk Commander, NTFSDOS Professional, Remote Recover, Monitoring Tools, and TCPView Pro. Winternals is due to ship Version 5.0 later this month. The new version features improved versions of both ERD Commander and Remote Recover, a centralised navigator, and some new tools including Insight for Active Directory, AD Explorer, and Crash Analyzer Wizard. This later tool uses the standard crash dump tools you can download from MS to help you to diagnose the source of blue screens!
(url)
Microsoft's share of the browser market has continued to slide, according to a new study, indicating a continued momentum for users switching to Internet Explorer alternatives.
Between the beginning of December and mid-January, IE's market share dropped 1.5 percent to 90.3 percent, while the Mozilla Project's Firefox browser rose 0.9 percent to a total of 5.0 percent, according to market researcher WebSideStory.
(more)
A new Internet worm is squirming through Microsoft Corp.'s popular MSN Messenger chat network, anti-virus vendors warned on Thursday. The latest threat comes follows October's Funner worm attack and signals a growing trend to use instant messaging as a delivery mechanism for malicious activity.
According to an advisory from F-Secure, the new W32/Bropia-A worm users MSN Messenger to lure users into downloading one of the following files: "Drunk_lol.pif"; "Webcam_004.pif"; "sexy_bedroom.pif"; "naked_party.pif"; or "love_me.pif." Once executed, Bropia-A also drops a variant of the Rbot backdoor Trojan. Rbot represents the large family of backdoors fitted with the ability to control a victim's machine remotely by sending specific commands via IRC channels.
(more)
Microsoft co-founder and chairman Bill Gates recently answered a number of questions from a gadget’s weblog Gizmodo concerning the future of Microsoft, competition with Apple, plans for Longhorn, Xbox 2 and others.
“Well, the PC is our superset device in terms of media integration. You’ll see a ton of that stuff you see on the PC, like the ability to listen to your tunes... we did some of this on Xbox 1, where you could move music over and have tracks – it wasn’t a required feature for the games. We did build in the music mixer-type stuff, but we’ll build a lot of that stuff into the base thing. We’re evolving the photo and music stuff that’s in Windows and Xbox will get some of that extra capability. So you’ll see more synergy between Windows and Xbox. And we think these portable media devices, whether they are music only or with video, will take off. So we’ll make sure that we connect up as much as we can,” Mr. Gates said.
(more)
In this article we will cover how to optimize network connections on your Windows XP system. The optimizing of such connections lead to enhanced performance and security and are often overlooked. This article quickly shows you how to optimize and harden your network connections efficiently and effectively.(continue at source)
For those that might have not noticed or been aware of this tool, there is a
Web based utility from Microsoft that allows you to manage a SQL Databases. It provides both Integrated Authentication and SQL Authentication for logon and enables you to create, manage, and delete databases.
It also includes support for
Tables - Create, Edit, Delete, and Manage Properties
Stored Procedures - Create, Update, Delete, and Manage Properties
Queries - Adhoc Queries
Users - Assign rights to database objects
Rolese - Manage Roles
BTW, this component is also in the Microsoft Solution for
Windows based Hosting 3.0, but it includes some "Tweaks" and documentation to make it more hostable.
