Are you aware of BitLocker and what it can do?  If not, you can read a full lowdown here, however, in a nutshell, BitLocker is a new feature in Windows Vista Enterprise and Windows Vista Ultimate which prevents a thief who boots another operating system or runs a software hacking tool from breaking Windows Vista file and system protections or performing offline viewing of the files stored on the protected drive.  Essentially, it is locking your data down, should your machine fall into the wrong hands...

Up to now, I was under the impression that BitLocker could only be used to encrypt your system drive, i.e. your Vista installation drive, typically C:\.  This is partially true - from within the nice user interface that Vista provides within the control panel, you can only BitLocker your system drive, however, if you want to put your command line tools to the test, you gain full control over BitLocker, giving you the ability to enable it on any NTFS volume.  Yes.  Even USB external IDE drives.

By doing the following:

1. Open an elevated command prompt
2. Change to %WINDIR%\System32
3. Enter cscript manage-bde.wsf -status

The result is a list of all the drives on my system, external or otherwise, that can be used for BitLocker.  If they can't be used, it simply won't list them.  My USB External disk was one of the results, as the picture shows.

Steve Riley provides a host of further information on the BitLocker Command Line Interface, including the different commands you can use to control BitLocker - I'd say this is pretty useful stuff, especially for external USB disks!

I think the key point to note, regardless of whether you are using the command line or the GUI to enable BitLocker - Make a note of your Recovery Key and keep it somewhere safe!  You never know!

Do you rebuild your machine regularly?  Well, you shouldn't need to, becuase Vista looks after itself, however, when the need does arise, it's a bit of a pain.  Not the actual Vista install process, oh no, the pain in the backside arises once you've finished installing it.

For me, with my Sony Vaio, once Vista is installed, I then have to pull down all the latest updates from Windows Update, which will result in 1 reboot, maybe 2.  I then have to install the other device drivers that aren't on Windows Update yet (There are only 3 for my machine, so not too bad) and then the Vaio Utilities.  These Vaio utilities are obviously still in their infancy, as the first 4 you install need a reboot straight after each one.  Potentially I'm up to 5 or 6 reboots already.  Once my OS and hardware are working nicely, it's then the turn of installing all my applications that I regularly use.  Office 2007 being one, but also the others such as FoxIT PDF Reader, Windows Live Writer, Windows Live Messenger and so on.  Again, some of these may require a reboot, but regardless of this, the time taken to install all of these, one by one, can be quite long.

So, I go through the whole process.  My machine is up to date and running well, my applications are installed, along with my machine utilities.  All is good.  And relax.

What happens next time?  Next time I want to rebuild my machine?  Do I have to do the whole process all over again?  No, and there are a couple of ways to save yourself the time and effort for the future.  One of these would be to perform a Complete PC Backup of your machine, as is, right now, and simply restore from that at the future date.  Easy Peasy - but what about an image that you would like to distribute within your organisation, or your team at work.  This was the problem our team faced.  We all have Sony Vaio's, and I thought, why not save everyone time rebuilding their machines and create this golden image, that we, as a team can deploy quickly and be back up and running after a rebuild within an hour.  Make sense?  Here's how I did it.

Before I go on, it's important to talk about BDD, or Business Desktop Deployment.  The workbench is a piece of software you can download free, and use to create these golden images.  Once installed, along with the Windows Automated Installation Kit, it allows you to pull Vista WIM files from the original Vista DVD, add applications and installation commands, drivers, language packs, services packs, updates and so on, and then once your 'Distribution Share' is populated, create 'Builds' which you can subsequently deploy from DVD, USB, WDS Server etc.  The BDD really is your one stop shop in terms of deployment, and it's free, so you can get going in no time.  Get it here.

I however, chose to take the manual approach. :-)  The BDD harnesses the same technology that I will detail - you just don't need to script anything!

So, what do you need before we start?  Well, you need to get to your 'Golden State'.  Install all your applications, drivers, updates and so on, so that you are happy with that masterpiece that you've just slaved over.  Next, you'll need the Windows Automated Installation Kit, and the User Guide is always useful too.  What is it?  Well, it's "designed to help original equipment manufacturers (OEMs), system builders, and corporate IT professionals deploy Windows onto new hardware. The Windows AIK is a set of deployment tools supporting the latest release of Windows. This guide describes the methods, tools, and requirements for deploying Windows".  Read more here.

The reason we need the WAIK is because it contains WinPE 2.0, or Windows Pre Installation Environment and a couple of other tools.  This hasn't been free to download before, but with Vista, it is, and we need it.  In fact, every single deployment of Vista uses WinPE in some shape or form.  Yes, even the original DVD.  Anyway, we need to boot into WinPE 2.0 in order to capture our masterpiece Golden Image.  Before we do this however, we need to create our WinPE media.

Josh has got a great post on how to do this for a USB stick, here.  It's important to note the key tool you need to copy across in 'Step 4' is ImageX.  This is the tool that does the capturing magic.  More on this later.  James has also got a great post on customising WinPE and creating an ISO, if you'd prefer to go down the CD route, rather than USB.  If you just want the instructions on creating a WinPE 2.0 CD, here they are:

1. Open an administrative command prompt
2. cd Program Files\Windows AIK\Tools\PETools\
3. copype.cmd x86 c:\temp\winpe_x86
4. copy “c:\program files\Windows AIK\Tools\x86\imagex.exe” c:\temp\winpe_x86\iso\
5. copy wimscript.ini (sample attached to this post) to c:\temp\winpe_x86\iso\
6. oscdimg -n –bc:\winpe_x86\etfsboot.com c:\temp\winpe_x86\ISO c:\temp\winpe_x86.iso
7. Burn this ISO to a CD (use your favorite CD burning software)

So, for this scenario, say you've created the bootable WinPE 2.0 USB Stick.  From within Windows, do a search from the start menu, for Sysprep.  The result should be displayed in the Start Menu.  Click on the folder and then, double click the 'sysprep' application.

Ensure that your dialog box looks like the one on the left before continuing.  I've chosen shutdown, because it gives you that little bit more time to get ready before booting into WinPE - last thing you want is a reboot but forget to put your WinPE disc in!

So, when you are happy, click OK and wait for your system to shut down.

When it's all shut down, give yourself a pat on the back and get a cup of tea (brew).  The next bit involves a tiny bit of scripting :-)

Make sure you have your WinPE media inserted, and that you know how to boot from that particular device.  Switch on and boot into WinPE.

When you are at the X:\Windows\System32 in WinPE (or something like that, it's off the top of my head!), you need to change the drive letter to your WinPE Media.  Once you are on the right drive, execute the following:

imagex.exe /flags “Ultimate” /compress fast /capture c: z:\MyGoldenImageName.wim "ULTIMATE Golden Image" /verify

• ImageX is the image capture tool, which pops out the WIM file at the end of the process.
• /flags is very important - do not forget this one, the process won't work without it.  My version of Vista is "Ultimate" but if you are building an image for a different version, you can find a list of the flags here.
• fast compression is the default - if you leave this out, it will still compress in fast mode.
• z: in this case is a drive on your system with enough space to hold the wim file.  It can be the same drive you are capturing.
• "Ultimate Golden Image" is just the name of the image.
• /verify enables file resource verification by checking for errors and file duplication.  The /verify option will affect the overall capture time. During a capture operation, the progress bar indicates the status of the capture operation only, not the verify operation. When the capture is complete, the verify process begins. This process takes time even though the progress bar shows 100 percent.
• My WIM file was around 4.3gb (for a 13gb drive!) when the process finished.  I'd pick an drive with plenty of space, just to be sure the WIM file fits on, and the process doesn't result in an error.

Once it's all done, type exit and you'll need to boot back into Windows as normal, however, seeing as the machine has been sysprepped, you'll need to go through answering the questions about time zone, username etc.

So, you now have your Golden Image, in the shape of your WIM File.  How do you deploy it?  Well, one option is to use WDS, and deploy from a Windows Server, 2003 or 2008.  You could make a bootable USB key, but mine wouldn't fit on the ones I have - I chose DVD.

So, once you are back into Vista, you need to do the following:

1. Copy the entire contents of your original Vista DVD to a directory (i.e. c:\Vista)
2. Delete install.wim from the 'sources' folder in c:\Vista
3. Rename z:\MyGoldenImageName.wim to install.wim and move it to c:\Vista\sources
4. Open an administrative command prompt
5. Type cd Program Files\Windows AIK\Tools\PETools\
6. Type oscdimg -n –m –lMyGoldDiscName –h –b”\x86\boot\etfsboot.com c:\Vista c:\MyGoldDiscName.iso
1. Alternatively, if you have another piece of software to create bootable ISO files, you can use this instead of Step 6.
7. Your ISO shouldn't take too long to build, and once complete, burn to a DVD with your DVD writing software!

That's it!  Process complete!  You are now ready to deploy that image into your organisation.  Now, my image has the Sony Vaio utilities within it, but, because the image was sysprepped, I could still deploy it onto a Toshiba machine, I'd just have to uninstall the utilities when it booted up!  That is the beauty of the WIM format!

The installation from your custom DVD will take a little longer than the usual Vista install, but when all is complete, you are ready to go, with all your application sitting waiting for you.  The great thing about this is, you can do it, with free tools available for download.  Have a go and save yourself time in the future.  Like I said at the top, you could use BDD to create your builds and deployment media, i.e. your ISO file - it's executing the same kind of commands that I wrote above, but in a more user friendly fashion.  Using either method, you are definitely on to a winner.

Useful time saver?  I'd say so.  Enjoy.

Anything like the one above?  Mine sure would, although the Xbox would be a little closer to the PC, and the wireless controller would obviously be next to me as I worked.  Also, where's the home cinema system?  :-)

Anyway, the idea is to explore the virtual office, which is packed with information on the 2007 Microsoft Office system, Windows Vista and Exchange Server 2007!  There are little tid-bits of information scattered throughout the office, along with links to further information.  I've just had a go, and the amount of information in there is excellent.  There are even links to case studies for the different technologies.

Do you know the best bit?  If, when you're looking around the Dream Office, you see a gold key, click on it.  When you collect 3 keys, you can fill in your details and be entered into a prize draw to win your very own dream office!  Cool!

You may as well have a go, you've nothing to lose, and you get some great Vista, Office and Exchange info to boot.

Don't forget to have a quick go on the Scaletrix! :-)

Share this post :

but obviously not! Hat tip to Sean at one of our Partners, Computer2000, who, at a recent event, told me about a Management Pack that had been developed by one of our Gold Certified Partners in Denmark which, wait for it, monitors the health of a coffee pot.

I didn’t believe it either, but it’s true!  There’s a video and everything!  You have to check out the video – I don’t know how he’s keeping a straight face whilst talking about this :-)

Now, before you rush out and set this up, there are a couple of pre-requisites you’ll need to be aware of, such as you’ll need System Center Operations Manager 2007 R2, the .NET Framework 3.5, and a network connected camera to monitor the coffee pot, but most importantly, you’ll need a coffee pot which is transparent.  This may upset many of you who have invested in one of the many different coloured coffee pots out there.  I’m sure, if you’re more of a tea drinker like me, there’s the potential to adapt this for tea too, although don’t leave the tea-bag in for too long, as you’ll end up with a ‘cuppa’ that can only be described as terrible :-)

Joking aside though, what this shows is the flexibility of something like Operations Manager.  Being able to create your own customised Management Packs, tailored to what is important to you, is one of it’s key strengths and really helps you to make management relevant to your specific environment.  The guys have even provided the secret sauce, I.e. the content of the management pack, so there’s potential for modification and tailoring to your environment.

Hot off the press, the Release Candidate for Windows Server 2008 R2 and Windows 7 has been released!

You can grab the Release Candidate from here, however there are a couple of things you should know about before you steam right ahead!

• In order to download and install the Windows 7 and Windows Server 2008 R2 SP1 Release Candidate you must currently have a Release to Manufacturing (RTM) version of Windows 7 or Windows Server 2008 R2 already installed.
• If you have previously installed the Windows 7 and Windows Server 2008 R2 SP1 Beta on your machine, you must uninstall the beta before installing the Release Candidate

• Go to Windows Update in the Control Panel, uninstall the beta, select Check for Updates, then install the release candidate. You do not need to run the WUSignupTool a second time to be offered the release candidate. You do not need to install any updates before installing the release candidate

There are also a couple of useful resources that you may want to take a look at:

• SP1 Release Candidate Forum for Windows 7 and Windows Server 2008 R2

• Windows 7 and Windows Server 2008 R2 Service Pack 1 Release Candidate FAQ

• Windows 7 and Windows Server 2008 R2 Service Pack 1 Release Candidate Documentation

If you’re managing your Hyper-V hosts with SCVMM 2008 R2, you may want to hold off on the SP1 build for your hosts initially (or play with it on an alternative server) as the current release of SCVMM won’t support SP1 of Hyper-V just yet, but I’m sure there will be an accompanying build in the near future.

If all of this is new to you, and you’re not even sure what’s coming with SP1, then this should help you get up to speed:

• Remote FX: With Microsoft RemoteFX, users will be able to work remotely in a Windows Aero desktop environment, watch full-motion video, enjoy Silverlight animations, and run 3D applications within a Hyper-V VM – all with the fidelity of a local-like performance.
• Hyper-V Dynamic Memory: With Hyper-V Dynamic Memory, Hyper-V will enable greater virtual machine density suitable for servers and VDI deployments.

No more advice from me – again, the download is here!

If you are thinking of adopting, deploying, or testing Windows Server 2008, these guides should prove very useful indeed:

The Windows Server 2008 Reviewers Guide provides a comprehensive technical overview of the innovative features and functions that make Windows Server 2008 the next-generation Microsoft Windows Server operating system and successor to Microsoft Windows Server 2003. This guide also provides information about the benefits Windows Server 2008 offers diverse users, as well as information about different scenarios.

This document supports the release of Windows Server 2008

Included in This Document

• Introduction to Windows Server 2008
• Server Virtualisation
• Centralized Application Access
• Branch Office
• Security and Policy Enforcement
• Web and Applications Platform
• Server Management
• High Availability
• Better Together—Windows Server 2008 and Windows Vista

Download it from here: Reviewers_Guide.doc

The Windows Server 2008 Security Guide provides the following benefits:

• Fast, easy deployment - Customers using the guide’s best practices, predefined templates, and automated tools have reduced the time required to deploy security configurations by up to 80 percent.  And by using the Windows Server 2008 Security Guide together with the Microsoft Deployment Toolkit (MDT) 2008, customers can automate the secure installation of their entire Windows Server 2008 infrastructure.
• More reliable - Automated tools and templates eliminate many manual steps—giving customers faster, more reliable results.
• Comprehensive - The guide includes information on hundreds of Windows Server 2008 security settings with recommendations for each setting.  The guide also explains in detail how to further harden server roles—a key feature of Windows Server 2008—such as Active Directory Domain Services (AD DS), Web, and Terminal Services.
• Thoroughly tested - All security recommendations are fully tested in Microsoft labs, and verified by customers and partners under real-world conditions.
• Free - The Windows Server 2008 Security Guide and the GPOAccelerator are available as free downloads from the Microsoft Download Center. This Solution Accelerator includes the guidance, settings, templates, and the automated tool.

You can find more information here: http://technet.microsoft.com/en-us/library/cc264463.aspx and download the guide, here: http://www.microsoft.com/downloads/details.aspx?FamilyID=fb8b981f-227c-4af6-a44b-b115696a80ac&displaylang=en

If, like me, you're intending to rebuild your test/dev environment and you are thinking of enabling Hyper-V, what's the best way to ensure you have all the latest, correct bits, installed in the right order?  Well, here's the order that's being recommended to do things in:

1. Install Windows Server 2008 x64 RTM which includes the Hyper-V beta (not enabled by default)
2. Download and install KB949219 -> x64 version for the host
3. Enable the Hyper-V Role - you now have Hyper-V RC0 installed and enabled.

Should you then have any virtual machines, either pre-built from the Hyper-V beta, or VMs you are intending to build from scratch, you need to do the following:

• For Windows Server 2008 (x86 or x64) Virtual Machines - install KB949219 inside the guest OS (x86 or x64)
• For Windows Server 2003 SP2 (x86/x64) - Install the Integration Components from the menu
• For Windows XP SP3 (x86) - Install the Integration Components from the menu
• For Windows Vista SP1 (x86) - Install the Integration Components from the menu

Being able to enable the Integration Components within XP XP3 and Vista SP1 machines means that not only will your mouse no longer get captured (much annoyance) but the guest OS's will also be able to take advantage of the synthetic driver model, providing a much more optimal level of hardware access and performance for the guests.  Windows Server 2003 SP2 already had integration components, but I'd advise you to install the latest integration components if you are bringing these VMs from the Hyper-V beta build.

It was quite a strange day yesterday - not strange in a bad way, not at all.  It started with an email from David, at TranquilPC.  He'd found, via my blog, that James and I were putting on another set of Vista: After Hours events at the end of September.  Why was this of interest to David?  Well, apart from the events being amazing ;-) (and therefore of interest to everyone!), David and the team at TranquilPC have recently developed a dedicated Home Server appliance, the T7-HSA which has not only received a positive review on PC-Pro but has some very compelling specifications.  The PC itself is fanless, and therefore silent, but also packs a 500GB hard disk, and wait for it...runs on less than 24 Watts.  Now I'd say that's pretty impressive.  Even better for the environmentalists out there, which includes me, 70% of the casework is recycled.  Great stuff.

Aside from the products that TranquilPC create, David and I started a conversation of marketing, and I brought up the whole world of blogging, after all, it was how David found me - even though he'd conversed with Microsoft in the past, he found me through the blog.  I explained how easy it was to start, and although it takes a while to get going, within a few months, I'm sure you'll see it gaining momentum.  David obviously took this on board, as later in the day, he'd created his blog, and was already publishing away!  Nice work!

As a business, there really is value in embracing Web 2.0, and the blogging bug.  With a technology blog in general, Scoble has some great advice - it's important to be real, be human, and generate open discussion, not just plug your products.  Obviously you want to shift more product out of the door, but in blogging, indirect is often more powerful than direct selling.  Also, take criticism constructively - expect to get it.

It's also very useful to comment on other peoples' blog's.  Not only does it build up a network, and rapport, but it can also generate links back to your own site, and create a community around your site, and inevitably your products.

It's also worth noting that it's a good idea to have a decent blogging tool <startPlug> and to meet your needs, you won't get much better than Windows Live Writer :-) (Couldn't resist).  It even, as James points out, now has a Social Bookmarking Plugin to help drive traffic to your blog.</startPlug>

You'll be able to get a look at the T7-HSA, along with a stack of other cool technology at the Vista: After Hours events, taking place at the end of September.

Share this post:

Now, I didn't even know this existed - I knew XP Embedded had been around for a while, but I wasn't sure that Microsoft were actually going to produce an Embedded version of Windows Vista, but they have, and you can get all the details from here.

The great thing is, even though you are using Vista technology on these small, and sometimes custom devices, you can still get many of the benefits of the full blown Vista, such as built-in protection against malicious software, intelligent warnings around hardware failure and sophisticated backup technologies, and with the Ultimate version (Business and Ultimate are the 2 options available), you even have BitLocker, and the Multi-Language User Interface.

This site is your perfect launch pad to more information - check it out!

I mentioned the other day about a couple of TechNet events that James and I are doing in a couple of weeks time, and I thought I'd spill the beans a little more on what we will be covering in the sessions.  Just a note before I continue - this stuff if purely aimed at the consumer market, so we won't be covering all the businessy-type bits, just the really cool stuff!

OK, first things first, there are 2 sessions, one on the 1st May and one on the 3rd May.  Just so you know, the details are:

01 May 2007 18:30 - 21:20 GMT
Welcome Time: 18:00
Leeds Showcase Cinema, Screen 220 (That's a big Cinema?), Gelderd Road Birstall Batley West Yorkshire, WF17 9RQ
Register Here

03 May 2007 18:30 - 21:20 GMT
Welcome Time: 18:00
Microsoft Ltd, Chicago 1&2, Building 3, Microsoft Campus Thames Valley Park Reading Berkshire RG6 1WG
Register Here

So, what is the flow of the event?  Well, obviously we start with the obligatory intro, but then it is straight into demo demo demo, which we know you love!  The first session is dedicated to what you can do with Vista 'Out of the Box', so, things like Search, but not for documents, I'm talking tagging, photo's, videos and so on, but not just across the client, oh no, across on to Windows Home Server, which we will be demoing, live, uncut, for your viewing pleasure.

From Home Server, we move gracefully on to Photo Gallery, Movie Maker and DVD Maker, closely followed by a helping of Backup and Restore Center, focusing on the Complete PC Backup side of things, where we will demo a live Complete PC Backup.  We'll cover abit on Security, but focusing on Parental Controls and the granularity that it present in this area.  We'll finish the first section with some info on Networking and the Windows Firewall.

We'll give you some time to recover with a quick break, before we hit the real cool stuff...as session 2 is all about Vista: Extended....

We'll have a quick recap of session 1, before we hit you with 3 beauties straight off, namely cool gadgets, even cooler WPF and WPF/E applications (Now named Silverlight...), and because we want to treat you well, we'll be showing a couple of SideShow devices.  We then move on to my favourite area - the Media Center.  Add to that, the HD-DVD Drive, extending the experience onto the Xbox 360, and wrapping it all together with a it of Xbox Live vs Games For Windows - Live, and you have an enthralling demo (and a lot of kit to transport home!)

Sound fun?  Sound interesting?  Sound cool?

Register for 1st May @ Leeds Showcase
Register for 3rd May @ Microsoft Campus, Reading