Kevin Remde's IT Pro Weblog

  • What's the deal with cancelled flights?

    Bozo Airline Supervisor Bozos…

    I have never been one to go for conspiracy theories.  I don’t think that there’s some central organization that is setting gasoline prices at artificially high levels, or running the world’s economy because they are under the direction of aliens who want to maintain the appearance of all of us being able to determine our own fates.  However, recent events are causing me to suspect that certain industries may in fact LIE to their customers in order to save a few $’s.

    Here’s my story.  Monday, two days ago, found me traveling to Peoria, IL from Minneapolis.  I have one stop in Chicago.  I’m traveling on [Airline Name Deleted] Airlines.   

    Anyway, the flight from Minneapolis to Chicago was just fine.  No concerns.  So now I’m waiting my flight to Peoria.  “Hmm… I don’t see a plane out there.”… not usually a good sign.  But soon an announcement of my plane’s delayed arrival from somewhere else leads me to believe that there is hope.

    However… many minutes later, after the plane has emptied, there is announcement that they are “working on a mechanical issue” and that they “would let [us] know in 30 minutes what the status is.”  Uh oh…

    30 minutes pass.  True to her word, here’s the announcement. “We’re sorry, but the flight has been cancelled.  The rest of our flights to Peoria are pretty full today.  Come to the desk and we’ll give you some options.”

    The options were: Risk standby on [Truly Aggravating] Airlines or some other airline, take a bus voucher for a 3–3/4 hour ride, or let them put me in a hotel for the evening and take a flight tomorrow.

    Hmm… well, the flight tomorrow wasn’t an option.  Tomorrow is why I’m going to Peoria.  My briefing attendees won’t sit there waiting for me to arrive on the morning flight.  And it was being said that the standby option probably wasn’t going to work because those flights had been sold full, too.  So I guess that will be one bus voucher for me.  Thanks.

    “Oh, and sir… the next bus leaves in 10 minutes.. so I don’t think you’ll make it, but you can try.  Go and collect your bag at carousel ten.”

    Cool.  Go get my bag.  I walk briskly to carousel 10 (which is a LONG walk.  Any walk in O’Hare is a long walk.)  C’mon bag!  

    So I waited.  And watched.  And counted the minutes.  And watched the 3:00pm bus departure time come and go… but still no bag.  Frustrated, as you can imagine, I went to the luggage claim desk.  The “friendly” woman there informed me that my bag is on it’s way to Peoria on one of the later, “full” flights, so I should get it from the Peoria airport when I get there.

    Splendid.  So my bag is getting better treatment than I am, apparently.  It better, though.  It’s got several hundred dollars worth of Microsoft Software inside it.

    Anyway… I go to the bus terminal.  Yes indeed, I missed the 3:00 bus by 10 minutes.  And I found out that the next one departs at 7:00pm!  <sigh>  well… I got nothing but time (and a heavy laptop bag), so I head back to the terminal figuring, “I’ve got the bus ticket.  There’s no harm in going to the [Stupid] Airlines ticket counter and asking if there were please-oh-please some other option.”

    One the way to the ticket agent, I decided that I might just double-check the baggage-claim-carousel-from-hell to see if my bag might have suddenly appeared.  Guess what?!  A miracle!  My bag was there, going ‘round in circles!  Lesson learned: Never trust what [*@!*$#!] Airlines employees tell you – especially when their stories don’t match.

    Somewhat relieved that I had at least claimed my week’s belongings, I head to the ticket counter and explain my exasperation.  (I was really polite.  Seriously.  More polite than they deserved, which is ALWAYS a good thing.)  Unfortunately my exasperation or even my most polite smile couldn’t coax all the clickety-clacking on her circa 1976 keyboard to find me a flight to Peoria this evening, on any airline.  I said, “Well.. then can you get me a one-way rental car?” 

    “Nope.  We don’t do rental cars.” 

    [smiling, mostly] “Can I have a second opinion?”

    “I’ll get the supervisor.”

    “Great.  You to that.”

    Several minutes pass… and finally an obviously overworked supervisor du jour comes over.  “How can I be of assistance?”

    <gasp>  “Okaaaaay…. What do you recommend I do that won’t mean I have to sit around here for four hours and then another three-and-a-half hours on a bus?” 

    “I can give you this $5 voucher for a snack.”

    <bigger gasp>  “Um… (still smiling politely, but feel like I’m talking through gritted teeth..) Unless you know of a cab driver who will accept a $5 snack voucher in exchange for a trip to Peoria, this is not going to help much.”

    “I’m sorry sir.  That’s all I can do.  Well… actually, I can also give you this $10 voucher for dinner.  But that’s really all I can do.”

    “ummm… <sigh>  I guess I’m traveling by bus then.  Thank you.”  (See?  I am way too polite.  Thinking about it later, I’m kicking myself that I thanked them for so little.)

    So off I go, big bag and heavy laptop bag and all, back over to the bus terminal.  On the way I use my “$5” to buy $4.85 worth of coffee and bottled water at a Starbuck’s kiosk. (“Can’t give you change, Mr. Customer Sir.  Not for a voucher.”)  And then at the bus terminal I use my $10 to buy about $8.50 worth of Uno’s pizza and a Snapple. (“Can’t give you change, mack.  Not for a voucher.”) 

    Well…to cut to the end of this Monday saga; I catch the bus.  And because I’m going to the Peoria airport on a voucher, I have to be the very last stop.  (“Gotta do the regular route first, buddy.  You’ve only got a voucher.”)  Rental car folks kept their word, though… they were there waiting for me to arrive, even after their closing time.  Big points for Avis.  They do “try harder” when it means some nice lady waits around an extra half hour late in the evening just for little ol’ me.  Very nice!

    Is that the end of my story? NO!  Tuesday night I leave our event (Had a great time!  Thanks again, Peoria!) and head to the airport.  Check the bag.  Head to the gate.  Board says it’s still on time.  Cool.  Head to the wash room.  And just as I’m washing my hands, I hear the announcement.  “Flight #xyz from arriving from Chicago has been cancelled.  Because of this, flight #abc, the flight that Kevin A. Remde is on, has been cancelled.”

    I’m sure many people in the terminal heard the echoed “NOOOoooooooo!” emanating from the Men’s room. 

    Unbelievable.  So… back to the ticket counter, where they put me on a later flight on yet-another-but-obviously-more-reliable airline.  Fortunately, and thankfully, I actually SEE them hand my bag from one company to the other… and this new flight to Chicago goes just wonderfully – made better by the fact that one of my coworkers was also on the flight, so we each had someone to talk to.

    So where does this leave me?  I’m sitting here writing this, on Wednesday afternoon, at O’Hare gate G7 (oooh.. that may have given away the Airline. <heh>), having had two days prior of cancelled flights.  I’m waiting for a plane to arrive at the gate that will take me to Madison, Wisconsin.  It’s not here yet.  Hmmm… 

    And as you can imagine, I’m wondering… will it happen again?  Is it true that “bad things come in 3’s”, or will it be “the third time���s the charm”?  And did [really frustrating] Airlines make money on Monday when they cancelled my flight, because it only cost them $45 for a $30 bus ticket and $15 (really $13.35)

    So I’m also wondering: Maybe they lied. <gasp!> Conspiracy!  Could it be?!  Maybe “mechanical problems” sometimes is just code for “in this case we think we can save some big bucks by making you all make other arrangements and we’re willing to risk pissing you off because we know right now you have no other options so just shut up and take this voucher [forced smile]”.

    There is something I’m not wondering, however.  In fact, I’m absolutely certain… Unless I get some satisfaction from them in the form of at LEAST a letter of apology, I will NOT be traveling on [Poopy-Pants] Airlines ever again if I can help it.

  • TechEd Video Blog Extra

    Just a quick trip I took…


  • Windows Server Update Services (WSUS) is now available

    Outstanding!  The long wait is over!

    WSUS – the Windows Server Update Services – is now available.  This is the new version and replacement for SUS.

    Here’s the WSUS homepage, including links to where you can download it, and additional resources and documentation.

    If you’re just interested in the product overview, you can download it from here.


  • Resources for Security Risk Management Webcast

    The resources for the Security Risk Management webcast I delivered on June 13, 2005 can be viewed as an article HERE, or downloaded as an MS Word document THERE.

    I hope you will put them to use, and find them useful!

  • TechEd Video Blog - HOL Fixup

    Finally, another video blog entry…

    Hands-on-Lab AreaOn Monday, June 6th, Chris Henley and I were working in the Server Infrastructure area of the Hands-on-Labs.  We volunteered to fix a lab that was broken (HOL163), so I thought I’d document our efforts on video. 

    Here is the result.

  • Travelin' Man - This Week's FREE TechNet Briefings

    This week is another travelin’ TechNet Briefings week for me.  I’ll have the pleasure of presenting live events in Illinois and Wisconsin:

    June 21 – Peoria, IL

    Peoria Civic Center
    201 SW Jefferson Street    
    Peoria, ILLINOIS    61602 
    Phone: 303-673-8900


    June 23 – Madison, WI

    Sheraton Madison Hotel
    706 John Nolan Drive    
    Madison, WISCONSIN    53713 
    Phone: 608-251-2300


    Click on the date above if you are interested in registering. 


    Not sure if you should?  Well.. here’s what we’re covering this time around…


    Microsoft Windows Server 2003 Is Evolving
    With the recent release of Windows Server 2003 SP1, now is the best time to see the benefits of these significant updates.  Are you prepared for the changes this upgrade will have on your network system?  This is a great opportunity to see how SP1 may change your entire network infrastructure for the better.  Join our experts at this technical briefing.


    Microsoft SQL Server 2005 is coming
    It has been 5 years since a major Microsoft SQL Server release. In a technology timeline, that could be considered a lifetime!  Attending this session is your first step in preparing for a change that could give you a technical knowledge advantage over all the other IT Professionals working with corporate data.  Get prepared for the change coming soon.


    Click the links above to register, or visit the TechNet Briefings site ( for session topics and links to registration and additional resources.


    Tell your friends!  Invite your user groups!  And please introduce yourself and tell me you saw this on the blog.





  • Microsoft Shared Computer Toolkit Beta Is Now Available

    Microsoft Shared Computer Toolkit for Windows XP (Beta)

    Earlier this year we employees heard about this very cool toolkit that was in the works. It’s designed to help you lock-down and support computers that are running as shared resources.  Here are the details from the tool’s web page:


    Shared computers are commonly found in schools, libraries, Internet and gaming cafés, community centers, and other locations. Often, non-technical personnel are asked to manage shared computers in addition to their primary responsibilities. Managing shared computers can be difficult, time-consuming, and expensive. Without restrictions, users can change the desktop appearance, reconfigure system settings, and introduce spyware, viruses, and other harmful programs. Repairing damaged shared computers costs significant time and effort.

    User privacy is also an issue. Shared computers often use shared accounts that make Internet history, saved documents, and cached Web pages available to subsequent users.

    The Microsoft Shared Computer Toolkit for Windows XP provides a simple and effective way to defend shared computers from untrusted users and malicious software, safeguard system resources, and enhance and simplify the user experience. The Toolkit runs on genuine copies of Windows XP Professional, Windows XP Home Edition, and Windows XP Tablet PC Edition.

    Are you supporting shared computers?  If so, please share your experiences as a comment here.  We’d love to hear what you’ve done, or if you’ve found this toolset useful.


  • One-Stop for All Updates?

    “Okay… Windows Updates does my OS, and then I have to go to the Office page to scan for Office updates… and then I have to go to the Exchange page to find updates for my Exchange Server… and…”

    Yeah… It’s a pain.  But your crys have been heard.  Finally, the long-awaited Microsoft Update is live! 

    “Now available: Microsoft Update consolidates updates provided by Windows Update and Office Update into one location and enables you to choose automatic delivery and installation of high-priority updates.”

    Also, here’s a great starting point for other security tools.


  • Remde TechEd Diaries - Thursday

    Influencer Appreciation Party

    Thursday.  We’re slowly reaching the end.

    Last night’s “Influencer Appreciation Party” was fun… but it might have been more fun if they’d kept the Karoake idea going.  My opinion: More people were going to enjoy that than the dance mix.  And besides… I’m Kevin! 

    Karoake... NOT!

    Yes.. that is ME!  I was next up to sing, and then the DJ was told to give the singing a break and just play some dance music… so my name and selection were left up there for an hour-and-a-half while I waited.  Eventually he changed that screen… but it was rather disappointing watching very FEW people dance, and also knowing that there were a long line of willing (albeit questionably able) singers available for some good fun.

    Oh well.

    Today is more lab work.  Hopefully they have put back up that HOL163 (SRV10) so I can get it working properly.  Also, I want to do some of the SQL labs.  I hear they are excellent.


  • Remde TechEd Diaries - Friday

    Universal Studios Universal Studios Woodpeckers

    Friday!  Last day! 

    It’s with mixed emotions that we reach this day.  We’ve been learning a lot, partying hard, meeting people, and genuinely enjoying ourselves.  That’s the upside.  The downside, of course, is that we’re away from our families for a long time.  That.. to put it bluntly.. sucks.  So it’s good to be going home soon.

    But we did have fun last night, didn’t we?  Yeah!  Universal Studios!

    That was fun.  I went from attraction to attraction with coworker Shawn Travers and boss John Weston.  We got to see most of the good ones.  The food was good, too.  Didn’t get much time to see the live music or sample the libations (just as well), but really enjoyed the whole evening.  Outstanding, as always.

    Afterwards John Baker and I met up with our one-time webcast producer and now webcast coordinator Keith Mazzuco for a couple of Coronas.  Unfortunately, the really fun place we had been to twice before during the week turns out to be pretty boring on a Thursday.

    So now I’m back in my room.  It’s time to go to bed.  Tomorrow I’ll attend one of the SQL sessions, and then it’s back to working in the Hands-on-Labs and another shift on the Microsoft Across America “Mobile Experience”.   Then, since I’m not flying home ‘til Saturday, I think I’ll find something fun to do.  Maybe Pleasure Island.  I love live music.

  • Remde TechEd Diaries - Saturday - Goin' Home!

    TechEd 2005:  Learn.  Solve.  Grow.

    Yep.  We learned.  We solved.  And we growed.

    Here I am on the plane ride home.  And judging from all the TechEd bags, VB.NET magazines being read, and funny ‘No, I will not fix your computer’ t-shirts, this is a plane that’s chock-full o’ geeks.  And most of these geeks are only on their first leg home.  Not me, though… one of the benefits of living in the airline’s hub city.  One hop, and yer home.

    I wonder if the rest of the TechEd attendees had as much trouble closing their suitcases as I did.  I tried to keep the swag collection to a minimum this year, and thought I had “packed” sufficient “space”, but it’s always the same story.

    I could sleep now, because I’m pretty tired; But I have a webcast to deliver on Monday and many family activities this weekend that I’d much rather be doing while I’m home.  And I can work, only because I was bumped to first class.  Yeah baby.  It does have it’s priviledges.  Like being able to open your laptop enough to see the screen.  Mostly. 

    I’m seated here in seat 4B, drinking black coffee (Yep.. in first class you get FREE REFILLS!) and I’m preparing notes for the webcast on “Security Risk Management”.  As I returned to my seat from a recent stop at the lavatory (In the first class lav, you can use as many paper towels as you want!) I noticed Steve Riley snoozing in 2C.  Too bad I wasn’t sitting next to him, or I could be asking his input.  Of course, I don’t doubt that he already had input into this official Microsoft Security content I’m using.  …but little does he know that I’m also going to be stealing.. er… borrowing some of the funny-yet-effective pictures he used in his TechEd Simulcast webcast earlier this week. 

    And was that Jesper Johansson (sp?) snoozing next to him, with his head on Steve’s shoulder?  Naw…  but that sure is a funny thought. 

    Hey.. just now I even took two of those little bags of pretzels, and our flight attendant didn’t say a word about it!  In coach you’d get your hand slapped.. but I guess in first class you get by with mearly a disapproving glare.  Ah… the life of Riley.  (Yes… Steve too).

    So, what’s next for Kevin?

    After the family weekend and the webcast, I’m getting on a plane yet again – this time to Anchorage, Alaska.  Yep.  I’m filling in for Michael J. Murphy, who isn’t able to make it.  And I had “backup duty” this week.  So, if you’re in the Anchorage area, I’ll see you this coming Wednesday!  And Thursday and Friday I expect to do some sightseeing.  It’s been awhile since I’ve seen a glacier up-close-and-personal.  So, if you’re a wild woodland creature in the area, I’ll see you this coming Thursday or Friday!

    What’s this?  Yet another bag of 5 pretzel twists?!  Oh no, I couldn’t possibly. 

    Okay… you twisted my arm.


  • 20050613 Security Risk Managment Webcast Resources

    Resources for

    Security Risk Management Webcast

    June 13, 2005

    Presented by Kevin Remde


    Microsoft’s Security Risk Management Guide


    Computer Emergency Response Team (CERT)


    National Institute of Standards and Technology (NIST) Security Self-Assessment Guide for Information Technology Systems (SP-800-26).

    This guide can be accessed at


    IT Governance Institute (ITGI): Control Objectives for Information and Related Technology (CobiT), which includes the IT Governance Maturity Model. This document can be purchased from


    International Standards Organization (ISO) ISO Code of Practice for Information Security Management (ISO 17799).

    This can be purchased from


    For additional information on defining and categorizing information and information systems, refer to National Institute of Standards and Technology (NIST) Special Publication 800-60 workshops, and the Federal Information Processing Standards (FIPS) Publication 199.



    17 Questions to Assess Your Organization’s Security Risk Management Maturity

    Answer the following 17 questions and score each answer on a scale of 0 to 5 as illustrated in the table following the set of questions. These questions and the score levels help to determine the overall maturity level of your organization.


    1. Information security policies and procedures are clear, concise, well documented, and complete.
    2. All staff positions with job responsibilities involving information security have clearly articulated and well-understood roles and responsibilities.
    3. Policies and procedures for securing third-party access to business data are well documented. For example, offshore vendors performing application development for an internal business tool have sufficient access to network resources to effectively collaborate and complete their work, but they have only the minimum amount of access that they need.
    4. An inventory of IT assets such as hardware, software, and data repositories is accurate and up-to-date.
    5. Suitable controls are in place to protect business data from unauthorized access by both outsiders and insiders.
    6. Effective user-awareness programs are in place, such as training and newsletters regarding information security policies and practices.
    7. Physical access to the computer network and other information technology assets is restricted through the use of effective controls.
    8. New computer systems are provisioned following organizational security standards in a standardized manner using automated tools such as disk imaging or build scripts.
    9. An effective update management system is able to automatically deliver software updates from most vendors to the vast majority of the computer systems in the organization.
    10. An incident response team has been created and has developed and documented effective processes for dealing with and tracking security incidents. All incidents are investigated until the root cause is identified and any problems are resolved.
    11. The organization has a comprehensive antivirus program that includes multiple layers of defense, user-awareness training, and effective processes for responding to virus outbreaks.
    12. User-provisioning processes are well documented and at least partially automated so that new employees, vendors, and partners can be granted an appropriate level of access to the organization’s information systems in a timely manner. These processes should also support the timely disabling and deletion of user accounts that are no longer needed.
    13. Computer and network access is controlled through user authentication and authorization, restrictive access control lists on data, and proactive monitoring for policy violations.
    14. Application developers are provided with education and possess a clear awareness of security standards for software creation and quality assurance testing of code.
    15. Business continuity and business continuity programs are clearly defined, well documented, and periodically tested through simulations and drills.
    16. Effective programs are underway for ensuring that all staff perform their work tasks in a manner compliant with legal requirements.
    17. Third-party reviews and audits are used regularly to verify compliance with standard practices for securing business assets.


    Answer and score each of the 17 questions using one of these values from 0 to 5:

    0 Non-existent

    Policy (or process) is not documented, and previously the organization was unaware of the business risk associated with this risk management.

    1 Ad hoc

    It is clear that some members of the organization have concluded that risk management has value. However, risk management efforts are performed in an ad hoc manner. There are no documented processes or policies, and the process is not fully repeatable. Risk management projects seem chaotic and uncoordinated, and results are not measured and audited.

    2 Repeatable

    There is awareness of risk management throughout the organization. The risk management process is repeatable yet immature. The process is not fully documented, but the activities occur on a regular basis, and the organization is working toward establishing a comprehensive risk management process.

    3 Defined process

    The organization has made a formal decision to adopt risk management wholeheartedly to drive its information security program. A baseline process has been developed that includes clearly defined goals with documented processes for achieving and measuring success. The organization is actively implementing its documented risk management process.

    4 Managed

    There is a thorough understanding of risk management at all levels of the organization. Risk management procedures exist, the process is well defined, awareness is broadly communicated, rigorous training is available, and some initial forms of measurement are in place to determine effectiveness. There is some use of technological tools to help with risk management, but many—if not most—risk assessment, control identification, and cost-benefit analysis procedures are manual.

    5 Optimized

    The organization has committed significant resources to security risk management, and staff members are looking toward the future to ascertain what the issues and solutions will be in the months and years ahead. The risk management process is well understood and significantly automated through the use of tools (either developed in-house or acquired from independent software vendors).


    Scoring your Organization’s SRM Maturity Results:

    Calculate your organization’s score by adding up the score level of each statement. The following table provides information for each score range:


    51 or above

    Your organization is well prepared to introduce and use the Microsoft security risk management process to its fullest extent.



    Your organization has taken many significant steps to control security risks and is ready to gradually introduce the security risk management process. You should consider rolling out the process to a few business units over a few months before exposing the entire organization to its benefits.


    33 or below

    Consider starting the security risk management process slowly by creating the core security risk management team and applying the process to a single business unit for the first few months. After demonstrating the value of the process, expand it to two or three additional business units. As the process is accepted as demonstrating value, continue adding business units.


    Description of Tools Included in the
    Microsoft Security Risk Management Guide


    Data Gathering template (SRJA1-Data Gathering Tool.doc).

    A template to assist in facilitating discussions about gathering risk data.


    Risk Prioritization template (SRJA2-Summary_Risk_Level.xls).

    A Microsoft Office Excel template to assist in prioritizing summary-level risks.


    Detailed-Level Risk Prioritization template (SRJA3-Detailed Level Risk Prioritization.xls).

    An Excel template with a number of worksheets, all relating to the detail-level risk prioritization process.


    Sample schedule (SRJA4-Sample Project Schedule.xls).

    This schedule can assist you in planning activities for this phase.


    Network defenses


    For prescriptive guidance on securing perimeter networks with firewalls, see the Microsoft Systems Architecture Perimeter Firewall Service Design for the CDC Scenario, which is part of the Microsoft Systems Architecture Version 2.0 Solution, at


    For additional prescriptive guidance, see Chapter 15, “Securing Your Network,” in Improving Web Application Security: Threats and Countermeasures, at


    For prescriptive guidance on implementing secure wireless LANs (WLANs) using EAP and digital certificates, see Securing Wireless LANs: A Windows Server 2003 Certificate Services Solution, at


    For information about securing wireless LANs (WLANs) with PEAP and passwords, see


    For prescriptive guidance on using network segmentation to improve security and performance, see the MSA Enterprise Design, which is part of the Microsoft Systems Architecture Version 2.0 Solution, at


    For prescriptive guidance on securing internal networks with firewalls, see the Microsoft Systems Architecture Internal Firewall Service Design for the CDC Scenario, which is part of the Microsoft Systems Architecture Version 2.0 Solution, at



    Host defenses


    The Microsoft Patch Management Web site includes tools and guides to help organizations more effectively test, deploy, and support software updates. See:


    Step-by-Step Guide to Securing Windows XP Professional in Small and Medium Businesses is at


    For prescriptive guidance on securing Microsoft Windows® XP, see the Windows XP Security Guide, at


    For prescriptive guidance on securing Microsoft Windows Server™ 2003, see the Windows Server 2003 Security Guide, at

    Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP is a reference guide for the major security settings and features included with Windows Server 2003 and Windows XP. It is available at


    For prescriptive guidance on securing Windows 2000 Server, see the Windows 2000 Security Hardening Guide, at



    Application defenses


    The Exchange 2003 Hardening Guide provides information about securing Microsoft Exchange 2003 Server. It is available at


    The Security Operations Guide for Exchange 2000 provides guidance on securing Microsoft Exchange 2000 Server. It is available at


    Chapter 18, “Securing Your Database Server,” of the Improving Web Application Security: Threats and Countermeasures solution guide includes prescriptive information about securing SQL Server™. It is available at


    The Improving Web Application Security: Threats and Countermeasures solution guide provides a solid foundation for designing, building, and configuring secure ASP.NET Web applications. It is available at


    The Building Secure ASP.NET Applications guide presents a practical, scenario-driven approach to designing and building secure ASP.NET applications for Windows 2000 and version 1.0 of the Microsoft .NET Framework. It is available at



    Data defenses


    For information about backing up data on Windows 2000 networks, refer to the Backup and Restore Solution for Windows 2000–based Data Centers guide at


    For step-by-step instructions on how to implement EFS, refer to the Step-by-Step Guide to Encrypting File System (EFS), which is available at




  • Notes from the TechNet Briefing in Peoria, IL


    Hi Peoria!

    Nice to meet you!

    Here are the questions (with answers) I jotted down at our TechNet Briefing in Peoria, IL.

    Also, for your convenience, here is the link to my blog post containing the link to that resource document I handed out.

    Q: If I have an application exception defined in the Windows Firewall, what happens if that application crashes unexpectedly?  Will those ports that were opened for it remain open?

    A: UPDATE: The word I have on this is that if the application fails, the firewall will notice this and will not leave the ports open.  They may be open for a very brief time, but not long.


    Q: How do I know if my processor supports hardware DEP (Data Execution Prevention)?

    A: First of all, let me point you to a GREAT KB Article (875352) which contains a detailed description of DEP. 

    As I mentioned in our briefing, both Intel and AMD have processors that support Hardware-level DEP. 

    Intel calls the technology their “Execute Disable Bit”.  Here is the page that describes their support, with links to their products that support it.

    This press release from AMD describes their support also.  DEP support is currenly only in their A64's and the Socket 754 Sempron lines.


    Q: In the SQL Server 2005 Management Studio, can I work with logs on remote SQL Servers?

    A: Yes.  The SQL Server logs tool is found under the Management function for the database server you are connected to in the Object Explorer.  That server can be local OR remote. 


    Q: Are there any new “process throttling” capabilities?  [Other database products]  have a way to watch for processes that run out-of-control…taking up too many resource (CPU, Memory) from the rest of the system.  I don’t see a way to do it in 2000 and I’m hoping that 2005 has a solution.

    A: UPDATE: I received the following response in the TechNet Discussion Groups:


    sp_configure's 'query governor cost limit' can limit the time a quyery runs.

    In terms of using other resources, they are ungoverned, even with SQL Server

    Mike Epprecht, Microsoft SQL Server MVP
    Zurich, Switzerland

    Thanks, Mike!

    We love MVPs!  And those newsgroups!

    If you have a followup question or comment, feel free to enter it by clicking the comment link below.

  • Resources and Answers to Questions for the Anchorage, AK TechNet event

    Greetings!  Hello to all my new Alaskan friends! 

    Here is the link to the resource document that contains all the links and related information for both the SP1 and SQL 2005 session. 

    Come back here in a day or two (or subscribe via RSS) and I should have some answers to the questions I made note of during the morning. 

    But for now, I’m in Alaska!…so I gotta do some sightseeing while I’m here.


  • Planning for Security just got a whole lot easier

    Got this via an email to my district here at Microsoft, so I hope the source of the email doesn’t mind me sharing the public bits with all of you, because this is great stuff!


    The Microsoft Solutions for Security (MSS) team is proud to announce the release to Web of five new security planning guides:

    The Administrator Accounts Security Planning Guide
    This guide is designed to be an indispensable resource when organizations plan their strategy to secure administrator-level accounts in Microsoft Windows NT–based operating systems such as Windows Server 2003 and Windows XP. It addresses the problem of intruders who acquire administrator account credentials and then use them to compromise the network. The main goal of this guide is to provide prescriptive guidance in terms of the steps an organization can take to secure local and domain-based administrator-level accounts and groups.

    The Secure Access Using Smart Cards Planning Guide
    This guide is designed to help IT security professionals understand how to plan and implement secure access using smart cards for administrator accounts and remote access user accounts. It enables the reader to understand how to secure access using smart cards and examines the issues and challenges.

    The Security Monitoring and Attack Detection Planning Guide
    This guide is designed to help IT security professionals understand how to use the security event logs in Microsoft Windows as the basis for monitoring security and detecting attacks on a network. The guide helps the reader to identify relevant security events and interpret sequences of events that might indicate that an attack is in progress.

    The Services and Service Accounts Security Planning Guide
    This guide is designed to be an important resource when organizations plan their strategy to run services more securely under the Microsoft® Windows Server 2003™ and Windows® XP operating systems. The guide addresses the common problem of Windows services that are set to run with the highest possible privileges, which an attacker could compromise to gain full and unrestricted access to the computer, domain, or even to the entire forest. It describes ways to identify services that can run with lesser privileges and explains how to downgrade those privileges methodically. This guide can help organizations assess their existing services infrastructure and make some important planning decisions in relation to future service deployments.

    Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide
    This guide is designed to help IT security professionals understand how to plan and implement Virtual Private Network (VPN) Quarantine services featured in Windows Server 2003 Service Pack 1. The guide enables the reader to understand the approaches to VPN quarantine and examines the issues faced.

    Where to Find the Guides
    These guides were developed, reviewed, and approved by teams of authoritative experts in security management. They are available on Technet and the Microsoft Download Center. In addition, the guides are available on the TechNet Security Center at


    I hope you find these useful! 

    What other guides or security guidance would you like to see Microsoft provide?

  • SQL 2005 June CTP is available for download

    Yes, you heard right!  The most recent Community Technology Preview (CTP**) of SQL Server 2005 is available to all.

    Keith Combs writes about it, and includes links to where it is found.

    **Okay… call it a “beta” if you must.

  • Can my son the college student buy Microsoft Software Cheap?

    I have been asked this question several times, so I thought the answer was worthy of a blog post:



    Check out this “How to Buy” site for great information on offers and programs for students and teachers.

  • Security Rollup for Windows 2000 SP4 now available

    Microsoft Security Advisory (891861)

    Release of Update Rollup 1 for Windows 2000 Service Pack 4 (SP4)

    The links above are to the KB article and the landing page for this update that just went live yesterday (June 28).  If you’re supporting Windows 2000, you should definitely consider rolling this out.

    If you need more information first, check this out first:
    900345 : Problems that are fixed in the Update Rollup 1 for Windows 2000 Service Pack 4 that is dated June 28, 2005

  • Notes from the TechNet Briefing in Anchorage, AK

    Anchorage!  I’m way over-due posting this…

    Check it out!

    Kevin sees a glacier!

    Sorry for the delay.  I enjoyed a couple of days in your lovely state, taking a tour out of Seward, seeing lots of glaciers and amazing wildlife.  I know it’s all just the usual terrain there to you.. but to a Minnesota boy, it’s simply awesome!

    So after an all-too-brief stop off at home on Sunday, it was back on the road for me.  (Peoria – your Q&A is next up!)  

    Here are the questions (with answers) I jotted down at our TechNet Briefing in Anchorage.

    Also, for your convenience once again, here is the link to my blog post containing the link to that resource document I handed out.

    Q: Do the 64 bit processors support DEP?  What about the 64 bit versions of Windows?

    A: Yes, and yes. 

    Q: When will the SQL 2005 pricing be announced?

    A: How about SEVERAL MONTHS AGO?  I apologize that I missed this one.  According to a Feb 24 article I found at ENT Magazine, the pricing was announced WAY early… like back in February.

    Q: If I slipstream updates or an SP into a build image, will those updates or SPs show up in the Add/Remove Programs list?

    A: No. 

    Q: What is the certification path for SQL 2005?  Are there any updates announced yet for new MCDBA requirements?

    A:  I looked all over the MCDBA site, and didn’t see anything about 2005.  I will check with other sources and update this post if I find anything more.

    If you have a followup question or comment, feel free to enter it by clicking the comment link below.

  • My TechEd 2005 Photos

    Some TechNet Presentation IT Evangelists

    I’ve uploaded my photos to Flickr.  You’ll find them, along with others added to Colin’s Flickr group, HERE.

  • TechEd Video Blog #3 - Travelin' Thru

    Video 3: Travelin' Thru

    Man... Better late than never!  I'm finally finding the time to edit these! 
    This video – “Travelin’ Thru” – is the third of my Video Blogs shot at Microsoft TechEd 2005.

    You can also view it at The Blogcast Repository.  (Another BIG THANK YOU to them for letting me host these there.)

    Watch (subscribe to) this blog for new TechEd video blog installments coming soon!


  • Are you growing out of SBS 2003?

    …then the “Microsoft Windows Small Business Server 2003 with SP1 Transition Pack” is for you!

    Here are some note about the tool:

    Using Windows Small Business Server 2003 Transition Pack you can upgrade your computer running Windows Small Business Server 2003 to Windows Server 2003, Standard Edition, and the standard versions of the server applications. After performing this migration, you will be able to do the following:

    • Transfer the operations master role to another domain controller.
    • Establish trust relationships to and from another domain, or add child domains to your existing Active Directory forest.
    • Move server applications to another server. After the migration, you can move the server applications off of the original server. You might choose to move one or more applications to a separate server to improve the performance of the application. For example, if you are going to add more than 75 users, moving Exchange Server 2003 to a different server can help that application to perform better with the new user load.
    • Enable Terminal Server.
    • Increase your maximum number of users.
    • Increase the maximum number of processors supported from two to four.

    After you have migrated your server:

    • You will still be able to use the Windows Small Business Server tools; however, they will no longer be supported and you will not be able to reinstall or remove the tools.
    • You will no longer be able to run Windows Small Business Server 2003 Setup to modify (add, remove, re-install) the server applications.
    • Your business will be licensed for one copy of Windows Server 2003, Standard Edition, and the standard versions of the server applications.
    • You will have five client access licenses (CALs) for each server application. If you have more than five users, you must purchase additional CALs for each of the individual server products. For information about purchasing additional CALs, see the individual server product pages at the Microsoft Web site(
  • Skip the gym?

    I had to laugh when I saw this banner ad today.  It hits a little too close to home…


    I mean… I’ll skip the gym.  That’s not a stretch for me.  But to give up the fries?!

    Oh, maybe for the sake of downloading preview copies of SQL 2005 or Visual Studio 2005 I would.

  • Another one!

    Are you saying DBAs are fat?!

    I don’t see the connection between powerful database management tools and food!

    Why are they picking on DBAs?! 


  • Just what IS Business Intelligence really?

    Microsoft UK IT Evangelist Mat Stephen has posted a most excellent article – 

    Business Intelligence (BI): The way it is, without the blah blah 

    Written in plain English**, this really helped me further get my head around “OLAP” and “Cube”, and “English”. 

    “Having been to a Gartner BI conference, I’m quite convinced they would find it a challenge to describe something as simple as flicking a light switch in anything less than a 500k pdf.”

    For those of you interested in all-things-SQL, Mat’s blog is an excellent resource.  You should subscribe to it.  (Remember: RSS is NOT “Rocket Science Surgery”)


    **Yes, there are even references to Cricket.  And as an added bonus, he pokes fun at Donald Rumsfeld.