Every time I am discussing MAK with a desktop engineer and I explain they can script activation you can see them sort of look off somewhere like "great, now I get to be a programmer too". Well, you don't have to!
Slmgr.vbs is included in the System32 directory of Vista, which means it is in the path and can be called from anywhere. This script includes everything you'll need to automate MAK activation. It also includes everything you need to remotely give a machine it's key and activate, or activate a KMS, or clear a key, or see when a machine expires, or what type of key it used, or switch between KMS and MAK! See the following screenshot. To generate this yourself just click start, and in the search field type "slmgr.vbs /?".
Why does this matter? Well, let's say you embed your MAK in an image and want to have the machine activate when it comes online. Just add "slmgr.vbs -ato" to the runonce key and as long as the machine has Internet access it will activate. You could also embed this in a startup script and check activation status. If not activated, do it now, etc.
I mentioned above you also use this script to activate a KMS. If you are using a Vista machine to host the Key Management Service, there is nothing to install. You simply pass this script your key and it will activate the service. There is a great deal of how-to information in the Step-by-Step guide.
Today I'm in Columbia, Missouri at the MOREnet Security Symposium. The speaker up before me is really good!
Vista has some really interesting security features for schools. Network Access Protection and BitLocker are both topics I view as being incredibly valuable to education when they are understood and implemented correctly. For managed environments like computer labs (some are managed), UAC and the new group policies hold great promise. The list goes on and on but there are a few obvious "low hanging fruit" that could really make a difference in some environments.
Security specialists working in education environments have many unique challenges. The machines are largely unmanaged, there is resistance to locking them down, and unlike business environments in many cases the administrator does not work for the people who own the machine. The tool I am most excited about in totally unmanaged environments is NAP. It CAN fit even if you are not end-to-end Microsoft infrastructure. I'm working on getting a how-to written focused on Education. NAP will require Longhorn server so you have time to think and plan.
Next week I'm going on the road to visit schools in Denver, Phoenix, and Las Vegas back to back to back. I'm about to hop on a conference call with a peer to discuss the agenda. I'm thinking about abandoning the slide deck (I hate slides) and creating a tips and tricks type demo. I haven't come up with the list yet but it should be easy enough. Care to help?
Many years ago when I heard podcasts were becoming available I knew it was only a matter of time before content was available to match my interests. <sigh> Well, it's definitely happening and since I got my Zune I'm hooked. I'm still playing around with different receivers but I keep coming back to IE7. It gets the job done without an extra app. Once RSS Bandit adopts the central OPML in Vista I'll probably go back as it has been my choice for quite some time.
A couple of thoughts
I won't point you directly to the podcasts but here are some of the sites that host them
For some reason my wife says that phrase every time I mention my blog. She thinks it should be the name of my site. Not likely.
So, I haven't posted in quite some time. In fact I haven't posted in over a month. I haven't given up. Two factors kept me away from blogging in October. One, I was insanely busy visiting customers and hosting conference calls to discuss Windows Vista as we got closer and closer to RTM, and then the following weeks as customers got access. Two, many of the things I was thinking about were not RTM yet and so I didn't want to publicly write about them. This has nothing to do with confidentiality although that would be another good reason, I just don't like to talk about a technology until the details have been locked down. There's a better than 0 chance that something will change during development and make something I said incorrect, so IMHO it's better to just avoid doing it.
Now I have a thousand thoughts bottled up and am ready to get back in to blogging. I'm going to make a commitment to myself. I am going to blog every day for the next 30. From now until Christmas day I am going to post every day. I'm trying to keep in mind with that kind of frequency not everything has to be focused on Vista...
Also - testing supplemental server for photos/maps, etc. Excuse the aerial map of the St. Louis Microsoft office: