This is an incredibly valuable task. Windows Vista employs "Image Based Setup", meaning their is no more i386 folder. Instead, Windows now comes on the DVD as an image that is copied and expanded during setup. An admin can capture a custom .WIM windows image and mount the WIM to add/modify/remove files. Did you know you can also edit the registry?
Mount the WIM file to a local folder using ImageX.
C:\ImageX>imagex /mountrw install.wim 1 c:\mount ImageX Tool for WindowsCopyright (C) Microsoft Corp. 1981-2005. All rights reserved. Mounting (RW): [C:\ImageX\install.wim, 1] ->[c:\mount] Successfully mounted image (RW).
C:\ImageX>imagex /mountrw install.wim 1 c:\mount
ImageX Tool for WindowsCopyright (C) Microsoft Corp. 1981-2005. All rights reserved.
Mounting (RW): [C:\ImageX\install.wim, 1] ->[c:\mount]
Successfully mounted image (RW).
Load the registry hive you need. In this case let's mount HKLM\Software.
C:\mount>reg load HKLM\test c:\mount\windows\system32\config\software The operation completed successfully.
C:\mount>reg load HKLM\test c:\mount\windows\system32\config\software
The operation completed successfully.
Open Regedit to make changes or use Reg Add from the command line.
Unload the reg hive.
C:\Windows\system32>reg unload HKLM\test The operation completed successfully.
C:\Windows\system32>reg unload HKLM\test
Unmount the image.
C:\ImageX>imagex /unmount /commit c:\mount ImageX Tool for WindowsCopyright (C) Microsoft Corp. 1981-2005. All rights reserved. Unmounting: [c:\mount]... Successfully unmounted image.
C:\ImageX>imagex /unmount /commit c:\mount
Successfully unmounted image.
It really is that simple. Changes to be made without having to apply, sysprep, and recapture the image. You could leverage this as a tool in a variety of ways such as to embed a script to run application installations after the image has been deployed, automate activation using slmgr.vbs, etc.
At a presentation last week a gentleman asked me if Vista includes a tftp client. Today I was poking around in the Vista add/remove features and there it is! Below is the command line output of tftp /?.
I've heard a few people actually say ImageX.exe is included with Vista. That's not technically accurate. ImageX is most certainly a value add to Vista but it is packaged separately in a download called "WAIK" or Windows Automated Installation Kit. So let's say you want to use ImageX but don't want to run the full WAIK install. You copy imagex to a separate machine and run it. Works, but certain things fail, why? There are a number of other files you'll want to copy in addition to the EXE. To mount a WIM read/write and do other interesting things copy these files (everything in the same folder). Combine their total size is 1.01 MB.
Ok, now you attempt to mount read/write and you receive an error that imagex was unable to find the file? That's because it needs to load the filter to be able to mount an image stored within the WIM. WIM supports single instance storage and allows appending a new image to an existing file. This considerably saves file size and disk space but does mean you need to install the wimfltr.inf file.
Simply open the folder in Windows Explorer, right click on wimfltr.inf and click "install". Approve the UAC prompt. Done. If you need to script the install or want to run it from the command line, by using the context menu you actually executed the following command.
%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 <filename.inf>
I've got blog fodder for months to come. In fact, I'm about to take some time off for vacation so I may get several written ahead of time so I can post each morning with only editorial responsibility. :-)
This is a trick that has already saved me a lot of time. There are a lot of these tricks in Vista, so many that I'm creating a slide deck of tips and tricks for Vista users. As I get each slide polished up I'll do my best to also post the ideas out to Off Campus so you can see the things I'm working on. I welcome comments and feedback, especially things like "I do that too except I add this little bit and it makes it all the more valuable..."
So here's posted trick number one - Opening Control Panel applets from the Start Menu. It's very easy, and very simple. Prior to Windows Vista to open a Control Panel applet you either created a shortcut or you set the Control Panel to expand on mouse-over. In Vista, I use the Search field to launch all my apps. I very rarely actually navigate the Start Menu to find a specific icon. You can also launch Control Panel applets this way. See the screenshot example of bringing up the Windows Firewall applets. I use this very often for printers, network, firewall, you name it.
Link to IEBlog : IE6 and IE7 Running on a Single Machine
Tough to believe but I've already been asked at least 5 or 6 times if you can run I#6 on Vista. To my knowledge no one has done that yet and I don't expect to hear about it anytime soon, the IE7 advantages are too great. There certainly are some sites that "break" when you open them in newer browsers and those will take some time to sort out. Here's some interesting info from the IE team. You can download a fully functional and pre-activated VM running XP and IE6 for testing and running older web apps. For Vista you'll need VPC07 which is available on Connect.
When you open "Network" in Windows Vista you'll find you do see more machines than you did in XP, assuming other machines on your network are running Vista and are in the "Home" profile. That's due in part to the Link Layer Topology Discovery protocols in Windows Vista. This makes it easier for machines to discover each other and determine how they are connected on a network. For example, do you have your own DNS server on a home network? Maybe but probably not. That makes it difficult for your home computers to find each other and discover names. They leverage older protocols that are not as reliable. LLTD is meant to help solve those types of issues.
So what about the XP machines are your network? Can you discover them? You can but you'll need to install the LLTD hotfix available for XP. This isn't something you would want to deploy enterprise wide without first doing a lot of testing as it does obviously change how machines are talking to each other. There is a LLTD specifications guide that should answer most questions. There is also a write-up by the Cable Guy.
Link to Download details: Link Layer Topology Discovery (LLTD) Responder (KB922120)
Virtual Earth keeps drawing my attention. Seriously, have you seen the features they've been adding? I noticed they now have a wifi hotspot locator. The only thing I don't see is a way to submit new hotspots, for example it lists the UPS store in my area but a St. Louis Bread Company (Panera) opened a couple of weeks ago and I wish I could submit it as another hotspot. There must be a legal issue or something, I'm sure they don't want it to be a place for people to submit unprotected wireless networks they've found.
Link to Windows Live™ WiFi Hotspot Locator Beta
Also, I see on the Virtual Earth team blog that now when you trace in a custom map it will measure distance for you. I have a friend who's an ultra-marathon runner. I'm sure he'll be all over this.
I also just learned that you can navigate Virtual Earth with an Xbox 360 controller. Yeap, this has been there in Virtual Earth 3D all along and I didn't realize it until I heard about it by proxy of a friend who had recently been visiting with the Live.com group on campus. I guess I'll have to start taking a controller on the road with me when I demo. This all adds value to the third pillar. It's been a while since I traveled with Xbox gear but with Halo 3 going to beta I may have to start lugging the extra weight again.
Finally, I know this is a "me too" thing but I want to point out the new Microsoft.com.
I was recently asked if there is any way to disable protected mode in IE7 via GPO for a set of users. First off, I highly recommend against disabling protected mode. There are substantial security benefits gained by having it enabled. It would be far better to put the site or sites in the trusted sites zone and adjust settings accordingly. If you need to modify these settings via GPO you can, there is an MSDN site with information to understand protected mode and with guidance on managing it through GPO.
By now you should have a basic understanding of windows imaging using .WIM technologies and ImageX. In the WAIK there is an update for Server 2003 to install WDS, Windows Deployment Services. Many customers in the past have simply staged Windows images on a file share and boot to Windows 98 boot disks to apply them. If that is your existing process, WDS can be leveraged in much the same way and offers a richer and more flexible solution.
WDS is the next evolution of RIS. If you are an administrator of a RIS environment WDS will offer a familiar set of features, using PXE boot to contact the server and apply images. For many schools PXE is not an option or not all machines support PXE.
You may remember RIS has a tool named RBFG that allowed creation of a floppy boot disk for machines that do not support PXE. WDS has a very similar tool named a "discover boot image". This is a copy of WinPE with Windows setup embedded that looks for a WDS server. A USB key is supported WinPE media in Vista and that makes for a very attractive combination. When your technicians are working with customers they simply insert the key and reboot. The machine would completely re-image itself with whatever prompts you would like, authentication, drive configuration, image selection, computer name, or even no prompts at all.
To create the discovery image you must first import a boot.wim from your Vista DVD in to WDS. You can name these images however you wish. I like to name boot.wim "Deploy an Image", then create a capture image and import the new WIM as "Capture a new Image", and finally import the WinPE.wim from WAIK and call it "Maintenance. These are the names that will appear in the network boot options when you PXE boot a machine.
Next, right click on your boot.wim import and select "Create Discover Boot Image".
This will create a new WIM file. You can name it whatever you please and store it in a folder of your choosing. Now reference the WAIK for instructions on putting in on a USB key.
Using the walkthrough, create a bootable USB key but use the new WIM file you created for the discovery image rather than the WinPE.wim file from WAIK.
Finally, create an answer file in system image manager containing the options you would like to suppress such as authentication, default language, drive configuration and image selection. In WDS, view the properties of your server and set the correct file for your architecture under "enabled unattended installation".
WDS is a very attractive solution for schools because it is very simple and inexpensive to deploy, and it offers very flexible solutions for technical administrators who are familiar with booting to a disk and applying an image. With WDS, you have the benefits of a full 32-bit boot environment with Windows setup as the GUI, or of course you could suppress all setup questions and make this your "magic re-imaging USB key".
In the past I've mentioned slmgr.vbs. I just used it to remotely provide a key to a workstation and activate it. It was very simple. The syntax took me a couple of tries but here it is -
slmgr.vbs machinename domainname\username password -ipk PID
This first step will provide the machine with a key. Substitute your info in all the appropriate places including your product key in place of PID.
slmgr.vbs machinename domainname\username -ato
This step activates the machine.
If the target isn't a member of a domain you can use a local administrator account. You also will need access through the local Vista firewall to make changes in WMI. This is documented in the Volume Activation Step-by-Step Guide which is a must-read for deployment experts. A copy is also provided as a document in the beta download of BDD 2007 on Connect.
These steps appear to work for any version of Vista. I have tried it on Ultimate successfully, if you're curious.
In the last few days there has been a lot of chatter about a vulnerability found in Windows. Ars Technica has a good write-up. The point is you have to have access to the machine to exploit the vulnerability. It should be taken seriously without a doubt but when I see things like this I have to remind myself about the 10 immutable laws of security.
I love reading the Student Tablet PC blog. This is a really interesting idea that includes the value of not just a tablet but the applications such as OneNote and how they can add value to studying.
Link to The Student Tablet PC » Blog Archives » Expert Tiny-Writing Cheat Sheets
In my life, I use OneNote to layout items I'd like to discuss during demo's. As I am presenting I often find it would have made more sense to address things in a different order, and with OneNote I just drag and drop the list items around. The numbering automatically updates. I can also print or send these notes to the audience if they would like to take notes on top of the agenda. This method should also work well in a classroom.
It would be great to hear your comments if you have other creative ways you use a tablet in a learning/teaching environment.
Interesting report from a new Microsoft blogger. I actually caught up with the article over on Bink. What's really interesting is that enabling the Aero interface did not show much overall impact on performance. I would have to agree with this. A couple of times if I had a runaway app slowing down my machine I have disabled Aero thinking to myself - if the rumors are true, going to Vista Basic or Windows Classic may help. I'm yet to show an increase in performance by disabling the Aero interface.
I've also read several people claiming they see little to no benefit from Readyboost. I recently moved from a 256 MB USB thumb drive to a 2 GB drive and dedicate 1 GB to Readyboost. I definitely can tell when the key is plugged in. That makes sense in my mind since my page file would be much larger than 256 MB.
Link to Windows Performance Blog : The results are in
Today I was working with a public school district on sysprepping workstations running Vista Business. We found with the Dell gx520 we had to uninstall the Soundmax audio drivers before sysprep would complete successfully when using generalize. Good to know if you're working on a similar issue.
Posted after midnight but I'll give myself credit for this as a Wednesday post... :-)
They came for Vista
Blog that points over to animations for sharing knowledge with retail partners. These are fantastic.
Also - no post yesterday. That's a result of being on vacation and spending the day with family. By the end of the day I find I've exerted twice the energy of a standard work day. The good news is, Christmas shopping is done!
The gist of this article is even if the tool you're using does not support search folders you can place a search folder within a real folder and it should pick it up. That really gets my mind working on scenarios... Theoretically I could craft all kinds of uses for this.
Two posts today to make up for yesterday.
I selected and purchased my own present this year. It's actually Christmas and Birthday since I've got a Birthday coming up on the 9th. What did I get?
Yes, I know I'm late to the game. I've really been dragging my feet but now with the 360 being a Media Center Extender for Vista and the new Video Marketplace I have run out of excuses. I'm really impressed. This is a consumer platform in the making and I see all kinds of potential value-adds for the home user. I'm most excited that the Universal remote is able to control my TV. That was a major drawback on of the remote that came with my HP z552. In fact, with the new remote and the extender interface between the 360 and Vista, I don't have any reason to toggle inputs back to the MCE. The extender interface is now so good that I can barely tell I'm not actually connected to the console of the MCE. My Zune music plays through the 360 while I'm gaming which is really cool/fun.
The biggest "oh man, I should have done this a long time ago" moment came right away when I was going through the movies in Video Marketplace and MI3 was in the list. There was a rented copy from Blockbuster laying on the entertainment center shelf in my peripheral view. I could have bought it from Xbox Live instead of renting and then I wouldn't have to worry about returning it. I really hope the video marketplace continues to evolve. I'd love to see more partnerships exposed especially if some of the video providers could get dedicated blades.
and Happy Holidays to everyone!
So I stopped by a Gamestop the other day to grab a wireless headset (which my dog has already tried to chew up) and as I was checking out the lady at the counter said "would you like me to put you on the list for Halo 3? It's only 5 dollars down." My first reaction was disbeleif that maybe she was confusing H3 with some other game so I asked her when it would be coming out. She checked her list and responded "uh, says here November 2007." As if I was asking silly questions and shouldn't be a bit surprised the waiting and reservations are starting almost a year in advance. Man, I can't wait!
Anyway, new video on the Bungie site that goes in to a lot of detail regarding the development of the Brute opponent. The abaility for these characters to work together is really interesting.
I had a few other things to write about today but I'll keep them in the queue for now. This has been a major request from a lot of customers.
Link to Error message when you install the Windows Server 2003 management tools on a Windows Vista-based computer: "MMC could not create the snap-in"
As an experiment I have recorded a short screencast on ImageX and published it to Soapbox. I recorded the screen capture using Media Encoder and then narrated the audio in Movie Maker. Overall the experience was very simple. This session is quite brief and covers several of the things I have written about in the past.
Video: Using Image X to Mount a WIM
I hope to record future sessions. I would like to cover several other topics on Vista deployment such as capturing an OS, appending, applying, etc. I would also like to cover setup and usage of BDD 2007.
I'm working through all the different scenarios I anticipate schools will leverage to stage and deploy Vista. This is probably the simplest. You just take a Vista DVD and copy setup.exe from the root as well as the "Sources" folder and everything in it to share. You can replace the install.wim file within the sources folder with your own custom image and you can specify an XML answer file when setup.exe is executed or just step through the few prompts that Vista asks when a user runs setup. This offers the benefit of GUI based setup and can be launched from XP, WinPE, or an existing Vista machine. Through the benefits of the WIM technology you could offer several different images this way by appending each to the WIM and letting the user choose. You could also fully automate this approach by configuring a USB key to run WinPE and run setup after boot.
Hope to have time to work on another video later this evening...
I had a really interesting discussion today. I enjoyed a side conversation with a customer in higher education who works within a smaller department that leverages a centralized Email solution. The central solution offers a relatively low amount of storage so most of the users in his department use PST files to store mail long term.
The problem is he gets the task of backing up this Email. He has made the recommendation to his users that they log off at night. They use group policy to assign roaming profiles so the PSTs would sync up to a file server where they would then backup to tape. However, many of the users do not log off, ever, they just lock their machines and walk away. This means the PST file is still open and he does not wish to pay expensive third party options to backup open files.
Solution - Windows Vista. My gut response was leave the mail on the server but this was not an option. My next idea was to use Windows Backup to backup the mail files to the server and then let those files backup to tape. We experimented with some options and I found the results to be very usable. Windows takes advantage of VSS to snapshot these files even though I was logged on and had Outlook open.
Screen shot demo below. I'm in an airport so recording this as a video is not really an option!
First, open the start menu and type "backup". Click Backup and Restore Center. I have really gotten in to the habit of using search to find applications which is leading me to be just as lazy in organizing shortcuts as I have become about organizing files. Just the same, I save a lot of time each day.
Next, select Backup Files. You could certainly use CompletePC backup but in this case we are just looking for Email.
This will start the backup wizard. Your screen may look different than what you see here if you have not run the backup wizard before.
Select the drive or network location where you would like to store data. If you prefer to use an external drive that's a good alternative if you do not have a network file server available. I am selecting a second partition on my machine for demo purposes.
Now select which disks you would like to include in the backup. As you can see I have my drives configured for BitLocker with a 1.5 GB S: drive to store the boot files unencrypted. I am going to ignore that partition and only use C: where I have mail stored in Outlook.
This is where things get more interesting. You can select content by type and let Vista go out and find the files for you. I only selected "Email".
This would also be valuable if you were scheduling a regular backup of other files. Indeed, I may use this tool to backup our family pictures on a more regular basis in the future.
When you finish the wizard the backup will initiate and run if you so choose. I mentioned in the past that WBAdmin uses CompletePC backup and stores backup data in a VHD file that can later be mounted as a disk using VHDMount. To my surprise, the File Backup saved data to a succession of ZIP files instead. The Backup job captured the offline stores I had in each of my mail applications and even discovered I have PST archive files located throughout my profile in custom locations. In the image below you can see Backup files 1.zip. I ended up with 5 zip files since I have a series of archive files in my profile.
No really, it's unbelievable outside today. I'm going to take my phone and dog and take my next conference call outside on a short hike. Then I'm going to meet a friend and hit some bike trails...
Link to This is Vista - Time to get Vistafied... : Vista: Shadow Copies
However, I'm not falling short on my commitment to blogging! Check out the link above. I don't know Matt but he did a really nice job on this write-up and he appears to have a very similar approach to my style of publishing. I was planning to write about shadow copies sooner or later, Matt beat me to it!
BTW Matt, great CSS work on your site.
A sincere good luck to everyone finishing out the semester this week. Seems like just yesterday...
Link to The Student Tablet PC » Blog Archives » Happy finals, everyone
Great info on the Student Tablet PC blog on study tools.