Hot off the presses from the Microsoft Worldwide Partners Conference:
Or if you don't want to read about and just want the bits, go here:
Unlike some other free offerings out there, this is the full version allowing you to create, modify, and save Virtual Machines. There are also some interesting licensing options coming with Vista so be sure to check out the announcement!
Power is increasingly a critical design factor for large data centers. Few are larger than those powering the big web properties such as MSN, Yahoo, and Google. The article below was interesing in that it shows just how far (east) companies are willing to go to maximize efficiency and minimize cost.
A question came up this morning from a customer who wants to create a GPO that applies to a group of machines and maps specific printers to those machines and does not allow logged on users to map additional printers to those machines or remove the already mapped printers.
Unless running Windows Server 2003 R2, there isn't a specific GPO to map printers. In R2 with the Print Management console you can configure it to have a GPO map printers. It uses a combination of GPO and an executable to push printers by user or machine as described here. Absent that I’ve always done it via login script deployed via a GPO.
In this case, the customer wanted it scoped to certain machines so we'd probably need to use a WMI filter on the GPO so it only runs the login script when the user is logging in to those machines. The sticking point is that a simple WMI filter query isn’t going to be able to query AD to see what OU the computer is in.
A way around this would be to apply a machine startup script via GPO for those machines that creates an environment variable. Then have the user login script GPO with a WMI filter looking for that environment variable. If it’s there, run the GPO login script to map printers, if not, don’t run. A little complicated but it’s really only 3 steps and a few lines of code. If WMI filtering isn’t available you could just have the login script check for the variable but it would run on all machines the user logs in to.
1. Machine startup script from GPO applied to desired computers creates an environment variable2. User login script from GPO with a WMI Filter looking for the environment variable only runs if it’s there3. Login script maps the appropriate printers4. GPO (described below) disables user’s ability to add/delete printers
In the second half of the article below it outlines the GPO settings for disabling a user’s ability to both add and delete printers.
Following this methodology you should be able to mandate a set of printers that gets mapped on a machine and prohibit the user from changing the set. Of course this is much easier with Windows Server 2003 R2...
I hope to use this space to both provide and solicit insight on the art and science of large scale IT infrastructure architecture. In my work at Fortune 500 companies and large Federal Agencies, I've seen projects both succeed and fail largely due to the processes and decisions made by architects early in the design effort. Unlike our friends on the developer side of the house, there is less guidance and fewer best practices available for infrastructure architects. My hope is that this blog can be a conduit for information and discussion enabling us to build better infrastructures and advance our knowledge/careers.
A little background: My name is David Ziembicki and I am a Senior Consultant in the Intelligence and Homeland Security practice of Microsoft Consulting Services. In my role I lead large design, implementation, and migration projects at Federal government agencies. I have been in the consulting industry for the past 8 years and am a charter member of the Microsoft Certified Architect - Infrastructure program. My primary areas of expertise are Active Directory, Security, Server Virtualization, Server Deployment, Novell/NT Migration, and Scripting. Prior to joining Microsoft, I was a Senior Information Security Engineer at SAIC, consulting at the Defense Information Systems Agency. I have previously been a Principal Consultant at Avanade with their Technology Infrastructure practice, V.P. of technology at a wireless Internet provider, and consultant with Deloitte Consulting.
I am interested in all things technology related, have an inordinate amount of equipment in my home lab, and am a big auto racing fan (Formula 1, Indycar, lawn mowers, anything that moves)
Thanks for stopping by!