In the recently concluded 12th Edition of Virtual TechDays Event, I presented DaRT 7 to the audience. In this post I will show how to create DaRT Recovery Image. For this recovery you will need Windows 7 DVD & DaRT Tools to be installed on your machine with specific platform (x86/x64)
First question would be where do I download DaRT 7. Well, DaRT is part of Microsoft Desktop Optimization Pack (MDOP) available as a subscription for Software Assurance customers. Find more information over here http://www.microsoft.com/windows/enterprise/products/mdop/default.aspx
Additionally, for evaluation purpose you can obtain it from MSDN/TechNet Subscription. Lates version is Microsoft Desktop Optimization pack 2011 R2.
Once you download MDOP 2011 R2, you will find DaRT Installers. In this example I am demoing this on my Windows 7 x64 bit version of the OS hence I have installed x64 bit version of DaRT. I have installed MSDaRT70.msi
Once installed I can see the DaRT 7 available in Start Menu.
How to create a new DaRT Recovery Image
Step 1: Go to Start Menu –> All Programs –> Microsoft DaRT. Click on DaRT Recovery Image.
Step 2: Read the instruction on Wizart & click Next & point to Windows 7 or Windows Server 2008 R2 Installation files.
Step 3: Click Next and on the next screen it will show Preparing Files for DaRT Recovery Image.
Step 4: Click Next to proceed and wait for few minutes. It will take approximately 2-3 minutes to prepare the files.
Step 5: Once done you will the following screen. On this screen you can enable or disable any tools available for Local User.
In this example I DO NOT want my local user to use the tool called Locksmith, which can be used to reset the password for the Local Computer Accounts.
Note: However, during the remote management support when the Helpdesk Engineer will connect to the machine remotely during DaRT 7 Recovery Image is booted, the Locksmith will be enabled for the Helpdesk Engineer to perform specific account password reset task.
Step 6: Click Next & I have ticked on Allow remote connections (All DaRT tools will be available to the remote help desk)
I will leave the port number field blank so that random can be generated.
Also, I will provide the Remote Connection welcome message
Step 7: Click Next and on this screen you can point to the Debugging Utilities for Windows to be used to Crash Analyzer.
In this case I am not adding these tools but you can choose to install them and include.
Note: You can download the Debugging Tools for Windows as a part of Microsoft Windows SDK for Windows 7 and .NET Framework 4 (ISO)
Step 8: Click Next and here you can select the latest definitions for Standalone System Sweeper Tool useful for scanning malicious and unwanted software.
At this time I will say No and continue.
Step 9: Click Next and you can Add Device Drivers for specific hardware, which will be loaded during the DaRT Recovery Image Boot Process.
You can point to .INF files (if any) In this example I am not adding any driver.
Step 10: Click Shoe Files and HERE YOU CAN ADD ANY OF YOUR ADDITIONAL FILES OR UTILITIES
In this example, I am going to add IMAGEX.EXE utility that I often use to work with .WIM Files.
This is the content before adding Files.
I have created a new folder called as Tools and included a file IMAGEX.EXE and this is the content looks like.You can close the Explorer Window once adding all the necessary files.
Step 11: Click Next and it will give you an option to save the ISO file. I will leave the default location.
Step 12: Click Next to prepare the ISO. It will take approximately 3-5 minutes to prepare the DaRT 7 Recovery Image depending upon the components & the files you have added.
Step 13: Click Next & now you have option to burn the same ISO to the optical media or create a bootable USB stick using The Windows 7 USB/DVD Download tool available at http://wudt.codeplex.com/
In this case I am not burning so removing the tick mark
Step 14: Click on Explore folder to get you ISO File.
Step 15: Click Finish and you have your DaRT 7 Recovery Image ISO ready to use.
In the next part we will see how can we test the new Remote Connection feature.
Today’s blog post is around Windows 7/2008 R2 SP1 Installation along with Internet Explorer 9. As you all aware when you install Windows 7/Windows Server 2008 R2 with Service Pack 1, the default browser is Internet Explorer 8. Now, when you want to install Internet Explorer 9, there are several steps involved depending upon how do you choose to install IE 9. If you are downloading IE 9 package from the Internet and run the installation on a single machine it will download all the necessary pre-requisite packages and then performs the installation. Well, for a single machine that’s fine but what about large scale deployments in Enterprises, it will be difficult. In these cases, we prefer to integrate the Internet Explorer 9 packages with the Windows 7/2008 R2 installation media. Hence, when you deploy Windows OS, IE 9 packages is installed as a part of OS installation. You do not need to manually install it later on.
Following are the different deployment options available for IE 9 in your Organization or individual machines. I am covering the Image based deployment today, i.e. using Deployment Image Servicing and Management (DISM)
In this post I am going to talk about Slipstreaming Internet Explorer 9 packages using Windows 7/2008 R2 Service Pack 1 Installation Media/DVD. So what is Slipstreaming, well you can read this Wikipedia article http://en.wikipedia.org/wiki/Slipstream_(computing) Basically, Slipstreaming is a process of integrating patches, service packs into the main installation media, in this example Windows Operating System Files. To begin with first understand what are pre-requisite packages for installing IE 9. You can find the list of packages required for specific OS over here http://technet.microsoft.com/en-us/library/hh147968.aspx (Internet Explorer 9 Preinstallation Techniques)
Internet Explorer 9 Prerequisites for specific OS
Before you begin collect the necessary files. There are several steps involved for slipstreaming IE 9 packages into Windows Installation Media. In this example I will slipstream Internet Explorer 9 x64 package into Windows 7 x64 Ultimate Edition Media available via Retail channels. However, the same is applicable for Enterprise Edition as well as for all the full editions of Windows Server 2008 R2 SP1 media.
Now we are ready to perform our slipstreaming process. It’s a 3 step process. Let’s get going.
Step 1: Mount the install.wim file to a specific local folder along with specific Edition or all editions. The install.wim is located in the \Sources Directory on the Windows Installation Media. In this example we will mount ULTIMATE Edition to D:\MOUNT directory.
Get the Windows7/Windows Server 2008 R2 DVD Media & copy all files locally to D:\Windows7SP1x64. Now, go to Start –> All Programs –> Microsoft Windows AIK and launch Deployment Tools Command Prompt
Then, run the following command to see available editions on the Windows Installation DVD Media
This will show you following editions available. Note: In case of Enterprise edition there will be just 1.
Now, that we know how many editions available on the DVD media, let’s mount Ultimate Edition that has Index Number 4. Run this command to mount the Ultimate Edition files to D:\MOUNT
Step 2: Import the Pre-Requisite Packages located in the D:\IE9\IE9PRE directory and Internet Explorer 9 Package (IE9-Win7.CAB) located in the D:\IE9\IE9EXT to the mounted WIM File in the specific local folder.
Use the following command to import the Pre-requisites to the image mounted on D:\MOUNT
Use the following command to import the Internet Explorer 9 Package to the image mounted on D:\MOUNT
Step 3: Un-mount the install.wim using the /commit switch so the changes would be saved in the installation media
Once completed, you can use the WIM file to deploy Windows OS using bootable USB Drive or using WDS (Windows Deployment Server)
Here is the list of all the commands I used on 1 picture.
You can use the following sample script for slipstreaming the IE 9 package for all editions of Windows 7 x64 Retail DVD Media.
Save the file as IE9_SS_X64.BAT
@echo off cls mkdir C:\WIM C:\IE9.exe /x:C:\IE9 erase /F /Q "C:\IE9\IE9_SUPPORT.CAB" dism /Mount-Wim /WimFile:C:\DVD\sources\install.wim /index:4 /MountDir:C:\WIM dism /Image:C:\WIM /Add-Package /PackagePath:C:\IE9 dism /Unmount-Wim /MountDir:C:\WIM /commit dism /Mount-Wim /WimFile:C:\DVD\sources\install.wim /index:3 /MountDir:C:\WIM dism /Image:C:\WIM /Add-Package /PackagePath:C:\IE9 dism /Unmount-Wim /MountDir:C:\WIM /commit dism /Mount-Wim /WimFile:C:\DVD\sources\install.wim /index:2 /MountDir:C:\WIM dism /Image:C:\WIM /Add-Package /PackagePath:C:\IE9 dism /Unmount-Wim /MountDir:C:\WIM /commit dism /Mount-Wim /WimFile:C:\DVD\sources\install.wim /index:1 /MountDir:C:\WIM dism /Image:C:\WIM /Add-Package /PackagePath:C:\IE9 dism /Unmount-Wim /MountDir:C:\WIM /commit erase /F /Q "C:\IE9.exe" RD /S /Q "C:\WIM" RD /S /Q "C:\IE9" pause exit
For detailed demonstration you can watch my Zeollar Session covering the same http://www.zeollar.com/Session/275
Today, I will talk about installing Internet Explorer 9 using Command-Line Options. Internet Explorer 9 Installer supports installing by using Command-Line Switches.
Note: This post is not about using Command-Line Switches for IEXPLORE.EXE In case you are expecting are there any Command-Line options available for Internet Explorer then visit http://msdn.microsoft.com/en-us/library/ee330728(v=VS.85).aspx
Anyways, back to our the main topic. To start with Internet Explorer 9 Installation, you need to download the specific installer depending upon your Operating System & the Platform i.e. x86 or x64
You can download Internet Explorer 9 Installers & Language Packs from this link http://windows.microsoft.com/en-IN/internet-explorer/downloads/ie-9/worldwide-languages
In this example I will be showing the example of installing Internet Explorer 9 using Command-Line switches on Windows 7. I have downloaded the following 2 files for Windows 7.
To see the available Command-Line options for Internet Explorer 9, run the installer with /? option. It will be like this IE9-Windows7-x64-enu.exe /? and hit Enter
Once you hit Enter, it will give you an option with the supported Command-Line Switches.
IE9-Windows7-x64-enu.exe /X:D:\IE9 (This command will extract the IE9-Win7.CAB file in the D:\IE9 folder) IE9-Windows7-x64-enu.exe /update-no (Do not check for Internet Explorer updates.) IE9-Windows7-x64-enu.exe /closeprograms (To start installation without rebooting)
Any comments and/on questions/feedback welcome, feel free to share it over here.
Last week I blogged about the firmware update I received for my HTC Mozart running Mango RTM. Here is the quick summary.
I received 2 updates. First it updated Firmware from 2250.21.40600.707 to 2250.21.50001.707 on 8th Oct. http://blogs.technet.com/b/aviraj/archive/2011/10/08/htc-firmware-update-for-windows-phone.aspx?ocid=aff-n-in-loc--aa And Second updated Firmware from 2250.21.50001.707 to 2250.21.51001.707 on 21st Oct http://blogs.technet.com/b/aviraj/archive/2011/10/21/htc-update-for-windows-phone.aspx?ocid=aff-n-in-loc—aa
After installing this firmware update, as seen in the screenshot, it upgraded Firmware. Firmware revision from 2250.21.50001.707 to 2250.21.51001.707.
New Feature: INTERNET SHARING feature is now enabled on my HTC Mozart. You can connect up to 5 Guests i.e. 5 users can connect.
To enable INTENRET SHARING. Just to go Settings –> INTENRNE SHARING is now available. This will make your HTC Phone as a Wireless Broadcast Device.
For security you can setup a Password with Min. 8 characters.
Today, I received this new HTC Firmware revision for my HTC Mozart running Mango RTM.
Firmware revision from 2250.21.40600.707 to 2250.21.50001.707.
Couple of weeks back I blogged about HTC Firmware Update on my Windows Phone Mango Device over here HTC Firmware Update for Windows Phone
Today I received another update for Windows Phone Mango.
In this HTC Update for Windows phone Firmware revision remains the same but the RFU is updated from earlier 411408 to this current 417350.
This post is about Sysinternals Process Monitor. Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. You can watch my recently published video Sysinternals Tools for IT Professionals – PART I
This is how ProcMon looks like when it is showing all the activities.
One of the features in Process Monitor is BOOT LOGGING feature. To enable boot logging click on Options –> Enable Boot Logging
Once clicked, it will give following screen. First line is very IMPORTANT, it says Process Monitor is configured to log activity during the next boot.
You may choose Generate profiling events or not and click OK.
The moment to you click OK, it attaches the PROCMON20.sys driver and on next reboot it will start logging. You can check this with Sysinternals Autoruns.
Now, restart your PC.
Well, now that you have rebooted and you start using machine on regular basis. If you are using the system WITHOUT RE-OPENING PROCMON.EXE & SAVING THE LOGS, there is a file created in C:\Windows\Procmon.pmb by ProcMon Driver. This file is keep on growing by storing all logs/events so that you can access them later. THIS IS THE EXACT REASON YOU WILL END UP SEEING YOUR C: LOOKING LIKE THIS.
After system reboot, launch Procmon.exe, you will see following box. Click on Yes to save the collected data.
You will get an option to save the log data with .PML file extension. I have named the file BOOT.PML. Then it will start saving the data…
Meanwhile, go to Windows Explorer and the the Windows Folder. Inside the Windows Folder you will see the file Procmon.pmb, which has grown to about 3 GB in just about 10 minutes of boot time..
Once the complete data is saved in the BOOT.PML file, you will see the log data.
Well, now that you know what’s happening exactly, you need to close some applications or delete some temp data. Create some free space on your machine so that you can launch any application (including Procmon.exe ). make sure you do this quick fast because as long as you are not saving the logs, the file will be growing up continuously.
WHAT I WANTED TO HIGHLIGHT HERE IS THE FACT THAT THIS IS NOT A BUG IN THE TOOL BUT THE BEHAVIOUR OF THE TOOL. YOU MUST MAKE SURE THAT AFTER THE REBOOT YOU ARE SAVING THE LOGS TO AVOID GETTING INTO SUCH SITUATION.
Wish you all a very Happy Diwali and Prosperous New Year. May this Diwali bring you loads of happiness in your life. Avoid crackers and help environment.
Security rules are applied to measure a role’s relative risk for exposure to threats such as unauthorized or malicious users, or loss or theft of confidential or proprietary data. Examples of conditions that can affect whether violations of security rules are found by a Best Practices Analyzer scan include computers on which Windows automatic updating is turned off, or computers that are using nondefault port settings.
For more information about Best Practices Analyzer and scans, see Best Practices Analyzer.
For more details visit http://technet.microsoft.com/en-us/library/dd391934(WS.10).aspx?WT.mc_id=aff-n-in-loc—aa
This article describes step-by-step instructions for how to disable Microsoft Internet Protocol version 6 (IPv6) or its specific components in Windows 7, in Windows Vista, in Windows Server 2008 R2, and in Windows Server 2008. We do not recommend disabling IPv6. For more information, see the "What are Microsoft's recommendations about disabling IPv6?" question in the following article:
IPv6 for Microsoft Windows: Frequently Asked Questions (http://technet.microsoft.com/en-us/network/cc987595.aspx)
If you must disable IPv6 or components of IPv6, use the following steps. They outline the recommended method. To disable IPv6 or its components, you must be logged on to the computer as a member of the Administrators group, or your user account must be granted permissions to edit the Windows registry.
For more details visit http://support.microsoft.com/kb/929852
Microsoft® Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 (SP2) introduces new functionality to Forefront TMG 2010 Standard and Enterprise Editions.
The service pack includes the following new functionality and feature improvements: New Reports • The new Site Activity report displays a report showing the data transfer between users and specific websites for any user. Error Pages • A new look and feel has been created for error pages. • Error pages can be more easily customized and can include embedded objects. Kerberos Authentication • You can now use Kerberos authentication when you deploy an array using network load balancing (NLB). To read the release notes, see the Forefront TMG Release Notes (SP2).
Microsoft Forefront Unified Access Gateway (UAG) Service Pack 1 (SP1) Update 1 is an update to Forefront UAG that provides a number of functionality updates and other improvements.
The following is provided by Forefront UAG Update 1: • Lync web services publishing—Forefront UAG now supports publishing Lync web services • Dynamics CRM 2011 publishing—Forefront UAG now supports publishing Dynamics CRM 2011 • SharePoint 2010 with Office Web Apps—Forefront UAG now supports publishing SharePoint 2010 with Office Web Apps • Improved browser support—Forefront UAG now supports more web browsers than in previous releases
Visit for more information http://www.yourbrowsermatters.org/#/home
Microsoft IT deployed Microsoft BitLocker Administration and Monitoring (MBAM) which builds on BitLocker in Windows 7. MBAM offers an enterprise solution for BitLocker provisioning, monitoring, and key recovery. MBAM also helps to simplify BitLocker provisioning and deployments, improve compliance and reporting, and reduce support costs.
Microsoft BitLocker Administration and Monitoring (MBAM) is part of the Microsoft Desktop Optimization Pack (MDOP), a suite of technologies available as a subscription for Microsoft Software Assurance customers.
MBAM is designed to facilitate simplified BitLocker provisioning, key recovery, and compliance and audit reporting. MBAM accomplishes this by providing a simple administrative interface to BitLocker Drive Encryption (BDE), which in turn enables administrators to configure BitLocker encryption policies that meet the requirements of their organization. MBAM provides the ability to monitor compliance with established BitLocker policies, and access recovery key information in the event that either the user forgets their personal identification number (PIN) or password, or when system configuration affecting BitLocker prevents the user from using his or her computer.
When Microsoft IT began to install Windows Vista® in their client computer environment in late 2006 and early 2007, part of that implementation included the new BitLocker Drive Encryption technology. BitLocker technology required a level of integration with the Trusted Platform Module (TPM) that was not built into many hardware platforms used within Microsoft. TPM is an important part of an effective enterprise BitLocker implementation, as it is the preferred mechanism for securing BitLocker encryption keys.
Because of the early implementation and the deployment scenario, BitLocker-enabled clients required a certain amount of intervention and assistance from Microsoft IT support staff. Microsoft IT quickly discovered that managing multiple implementations of BitLocker in an enterprise environment involved significant troubleshooting and administrative resources. Microsoft IT had a limited set of tools to accomplish tasks such as implementing the encryption process, obtaining recovery keys, and ensuring compliance of BitLocker encrypted systems. These tools did not fulfill the Microsoft IT enterprise requirements. The result was that BitLocker administration was manual, tedious, and costly.
Complete Paper DOWNLOAD HERE
Finally Microsoft officially welcomes Skype. Skype is not part of Microsoft. Welcome to all the Skype Employees. Here is the official site http://www.microsoft.com/en-us/skype/
For complete Microsoft Press Release visit http://www.microsoft.com/presspass/press/2011/oct11/10-13SkypePR.mspx?WT.mc_id=aff-n-in-loc—aa
You can watch the zeollar.com session over here http://www.zeollar.com/Session/284
My deepest condolences to the Dennis Ritchie’s family & friends. I respect to the genius who created C Programming Language & jointly developed UNIX Operating Environment with Ken Thompson.
Microsoft respects your privacy. Refer to our online Privacy Statement. If you would prefer not to receive future promotional emails from Microsoft Corporation please go here to unsubscribe. These settings will not affect any newsletters you've requested or any mandatory service communications that are considered part of certain Microsoft services. To set your contact preferences for Microsoft newsletters, see the communications preferences section of the Microsoft Privacy Statement. Microsoft Corporation (India) Pvt. Ltd. 9th Floor, Tower A, DLF Cyber Greens, DLF Cyber Citi, Sector 25A Gurgaon, Haryana 122 002 INDIA
SCM makes configuration management for both desktops and your private cloud a snap! Version 2 of the Microsoft Security Compliance Manager (SCM 2) is now available for download!
Security Compliance Manager 2 is a free tool from the Microsoft Solution Accelerators team that enables you to quickly configure and manage your computers, traditional datacenter, and private cloud using Group Policy and Microsoft® System Center Configuration Manager.
SCM 2 provides ready-to-deploy policies and DCM configuration packs that are tested and fully supported. Our product baselines are based on Microsoft Security Guide recommendations and industry best practices, allowing you to manage configuration drift, address compliance requirements, and reduce security threats.
Easily configure Windows® operating systems, Microsoft® Office applications, and Internet Explorer with industry leading knowledge and fully supported tools.
Take advantage of SCM 2 to import the configuration of a “golden master” reference machine or existing Group Policy. Compare your standards to industry best practices, customize them using rich knowledge, and seamlessly create new policies and DCM configuration packs in the user-friendly UI designed to work with System Center Configuration Manager 2007 R2.
Key Features Include:
· Gold master support: Import and take advantage of your existing Group Policy or create a snapshot of a reference machine to kick-start your project!
· Configure stand-alone machines: Deploy your configurations to non-domain joined computers using the new GPO Pack feature!
· Updated security guides: Take advantage of the deep security expertise and best practices in the updated security guides, and the attack surface reference workbooks to help reduce the security risks that you consider to be the most important!
· Compare against industry best practices: Analyze your configurations against prebuilt baselines for the latest Windows client and server operating systems!
Security home page: http://www.microsoft.com/scm Security Compliance Manager 2 library page: http://technet.microsoft.com/en-us/library/cc677002.aspx Download SCM 2.
Forza Motorsport 4 delivers an entirely new car experience. Check out the commercial for the biggest and best Forza Motorsport entry yet. Visit http://forzamotorsport.net/en-us/forza4.aspx
Nokia World 2011 started and Nokia announced 2 Windows phones…
For Nokia World 2011 Event visit http://events.nokia.com/nokiaworld
The Nokia Lumia 800 is a stunning piece of industrial design that features a unique unibody polycarbonate chassis that’s available in 3 beautiful colors – black, magenta and cyan. Inside is a 1.4Ghz processor with a dedicated GPU, 16GB of storage, and a class-leading Carl Zeiss camera, all capped off with a 3.7” “ClearBlack” display that offers beautiful colors and razor sharp picture. It’s available for pre-order starting today on Nokia.com in select markets for approximately 420 Euros, and you’ll be able to buy locally from over 30 carriers and retailers in 6 European markets this fall, with carriers and retailers in Russia, India, Singapore, Taiwan and Hong Kong offering it for sale before the end of the year.
Here’s the official press shot:
Nokia’s First Two Windows Phones Are Here. Read more http://windowsteamblog.com/windows_phone/b/windowsphone/archive/2011/10/26/nokia-s-first-two-windows-phones-are-here-and-they-re-awesome.aspx
New Delhi, 12th October, 2011: Microsoft Corporation India Pvt. Ltd. today launched the Windows Phone in India. With an all new rich and dynamic user interface of Live Tiles and Hubs, Windows Phone enables people to quickly find, connect and consume the things that they care about the most. The new OS sports a smooth transitional user interface called 'Metro', a visually appealing modern design language based on a set of principles which are modern, clean, alive in motion, and authentically digital.
For more details visit http://www.microsoft.com/india/msindia/pressreleases/microsoft-launches-windows-phone-in-india/317/