This in my email awhile ago…these provide a great way of understanding what MDOP offers in terms of technologies…
MDOP Demo Mate Demos are available at MS Download Center (please find individual links below). Demos for the following products can be found at these hyper links:
Microsoft Enterprise Desktop Virtualization (MED-V)
Asset Inventory Service (AIS)
Advanced Group Policy Management (AGPM)
Desktop Recovery Tool (DaRT)
Desktop Error Monitoring (DEM)
Application Virtualization (APP-V) : App-V includes a series of demos to show the new capabilities released in 4.5. The demos take you step-by-step through the following topics:
· Sequencing, Publishing and the End User Experience including App-V Client configuration options using the App-V Full Infrastructure
· Update, Unassign and Remove a Virtual Application using App-V Full Infrastructure
· Using Dynamic Suiting to create a Plug-In Dependency in Excel
· Using App-V Metering to Manage Application Licenses
· All App-V Demos above combined into a single demo session
I’m sure those of you affected are saying “finally!”. Ill link to Mike Stephen’s post at the AskDS blog. Enjoy!
I know its a big sigh of relief for us to get it to you! :)
Some customers have reported to us that the AGPM 3.0 client can sometimes take up to 30 seconds to start before it gives you access to the console. While its doing that, the GPMC snap-in essentially looks like its hung. We only ever see this issue in isolated environments such as virtual machine test environments and GPMC clients that don’t have an Internet connection.
So why is it doing that?
AGPM uses a fair amount of managed code (that means .NET code). Our code is always signed with Authenticode signing so you can be sure it came from us. When the GPMC snap-in loads and AGPM snaps into that, Authenticode invokes a CRL check. There are some hard coded timeouts built into signature checking - of 15 secs for the first signature and 20 seconds for cumulative signature checks. When you’re in an isolated environment each of these timeouts gets hit which explains the 30 seconds (actually 35 seconds to be exact).
What can I do about it?
If you know that certain machines will always be isolated and never able to check the CRL lists then you can set some Group Policy options to modify these timeouts - these will affect anything else in Windows that does a CRL check so its entirely possible that other timeouts you may be mysteriously hitting in managed code will also be "fixed" by this change. Here’s what you do:
- Start GPMC and choose a policy that affects your clients/servers that you’re using for AGPM testing
- There’s some computer management policy under security settings and PKI.
- Within there is a policy called Certificate Path Validation Settings.
- Within that is a tab for “Network Retrieval” and that controls the system timeouts for CRL lookups. You could potentially set these values quite low – to 1 second for each one.
Bear in mind the implications of what you are doing here. This essentially means that CRL’s will not be looked up by any machine that is affected by this policy!! Only do this if you know that these machines will never be connected to the Internet.
That said, a couple of customers have tested this and report that it works well. Let me know if it fixes it for you!
While I was at TechEd USA, a good friend of mine, Andrew Coates, interviewed me to talk about Windows new in Group Policy for Windows 7. In turned out to be a discussion in Agile development and our experiences with it plus a little bit of discussion on Windows 7 :)
I guess thats what happens when a developer interviews you! Enjoy!
I think Lilia has the TechNet Edge bug. She conned Lindsay (one of our dev team) into helping her show off the Powershell work in Windows 7 to do queries for settings. Great job girls!
Link here: http://edge.technet.com/Media/Using-PowerShell-to-manage-GPOs/
Heres another good one. A customer had a problem. He was trying to install an application using quiet mode….you know the syntax “XYZApp.msi /qn” which essentially does the install and doesn’t flag anything to the user. In this case it was DaRT so the installer looked like:
Msiexec /i MSDaRT.msi TARGETDIR=D:/MSDaRT /qn
The problem is that on Vista and Windows 7 the application requires elevation because you don’t have administrative privilege at that time. So as a handy tip, if the app doesnt invoke elevation within the MSI itself (cause thats now possible), a good way of achieving this is to execute an elevated command prompt first and then execute the MSI within that command shell.
We had an interesting issue reported with DaRT.
If user deletes a file that has Unicode characters in its file name (say for example: Chinese) and tries to restore the file using ‘File Restore’ tool, it should able to search the file and copy the file successfully.
However, in this some cases the tool is able to search the file but does not show the Unicode characters present in the file name.
This is because the incorrect language version of DaRT is being used to recover the machine – so if you are recovering a machine that is installed with a specific language, then you must use the appropriate language of DaRT to match the OS.
Got this in my mail today…
50% off all Books from the MS Press Online Bookstore!
MS Press Online Bookstore turns 1! Receive 50% off all books at www.mspress.com.au until June 30, 2009 when you enter this exclusive code at the checkout MSPRESS1.
Also don’t forget MS Press has an Amazon Price Match Promise on all books. If you find a cheaper priced book on Amazon – MS Press will match it. For more details visit the website.
If youre using the older RSAT tools for Windows 7 Beta, dont use them on the RC. Use the new ones! All your favourites are there:
RSAT Client is the collection of Windows Server management tools which enable IT professionals to manage their Windows Server infrastructure from their PCs running Windows 7 and includes the following Server Manager, Active Directory Certificate Services (AD CS) Tools, Active Directory Domain Services (AD DS) Tools, Active Directory Lightweight Directory Services (AD LDS) Tools, DHCP Server Tools, DNS Server Tools, File Services Tools, Hyper-V Tools, Terminal Services Tools, BitLocker Password Recovery Viewer, Failover Clustering Tools, Group Policy Management Tools, Network Load Balancing Tools, SMTP Server Tools, Storage Explorer Tools, Storage Manager for SANs Tools, Windows System Resource Manager Tools.
The main download page is here http://www.microsoft.com/downloads/details.aspx?FamilyID=f6c62797-791c-48e3-b754-c7c0a09f32f3&displaylang=en
· Microsoft Remote Server Administration Tools for Windows 7 RC (x86): http://download.microsoft.com/download/1/F/C/1FC27A82-15D9-4D93-B3BC-24204175F9DF/Windows6.1-KB958830-x86.msu
· Microsoft Remote Server Administration Tools for Windows 7 RC (x64): http://download.microsoft.com/download/1/F/C/1FC27A82-15D9-4D93-B3BC-24204175F9DF/Windows6.1-KB958830-x64.msu
Lilia and I have been busy. Last week she was at the Microsoft Management Summit in Las Vegas talking all about the changes in Windows 7 and Windows Server 2008 R2 Group Policy. Then she did a talk on Advanced Group Policy Management.
This week we sat down and spent some time with Adam Carter from Technet Edge and spent a bit of time talking about Windows 7 and Windows Server 2008 R2 Group Policy. As we mentioned in the closing comments - were happy to do more of this stuff and talk all about it in detail but also how to troubleshoot GP and even what you can do to save yourself proactively before you hit the pain issues. Oh and if you have time, take a look at the presentation MVP Kurt Roggen did on the new stuff inGP!
Of course next week TechEd USA is on again in LA. Ill be there presenting the same two sessions that Lilia did, hanging out at the booth and even doing a TechTalk. If youre around, come by and say hello.
Go Office team! They just released the new Administrative Templates for Office 2007 SP2. From the download website:
“…This download includes updated Group Policy Administrative Template and Office Customization Tool OPA files; an updated Office Customization Tool; and ADMX and ADML versions of the Administrative Template files. This update assumes that you have updated your 2007 Office System applications with the 2007 Office System Service Pack 2 (SP2)…”
Download the goodness here
Awhile ago Andrew Dugdell from the Brisbane Infrastructure Group (BIG) and I discussed the idea about me presenting to their user group on Windows 7 GP changes and what you need to do to get ready for Windows 7. At the time I thought it might be a really good idea for me to be able to rehearse my TechEd USA session that Im doing on the same topic. Thouhg Im afraid to say its gotten a little bigger than that now.
Instead of just the BIG group...its going national! Yes....you heard it first here (goodness I hope I havent stole anyones thunder!). Its apparently now gonna be a Live Meeting webcast if they can get it all organized. You can download the Live Meeting client here and then watch on Jeff Alexanders blog or the TechNet Australia Flash newsletter or the instigator of all this, the BIG website, for more information on the connection details. Its going to be an early session on Friday May 8th around 8am AEST.
Come one, come all.
We had an interesting issue that we identified. If a customer has a deployment of AGPM 3.0 and the AGPM client connecting to the server is in a different language, (lets say Portuguese) than the server installation (which might be in US English), displaying the settings reports of the the GPO's doesnt show the correct language. It shows English information.
This is because in AGPM, reporting is generated from the server side not the client. The fix is actually pretty easy. Make sure that the ADML files are installed correctly on the server side for all languages that need to be supported by the server. This can be simple file copy or actually installing the correct locale to support this.
Let me know if you run into this issue and need help :)
This in my junk mail today. Apparently the FBI is approving the Nigerians now handing out cash too. Nice! (For those naive enough to think this could be real....its a scam! :) (cant believe I would need to say that but anyway)
Federal Bureau of Investigation
FBI Seattle Division
1110 Third Avenue
Seattle, Washington 98101-2904
Payment Code: R5109176K
Reg No: 132731593
+234 704 182 1204
Date: April 18, 2009
The Federal Bureau of Investigation has discovered through our intelligence Monitoring Network that you are eligible to receive the sum of $7,500,00.00 USD regarding to an over-due Inheritance/Award payment which was fully endorsed to be paid in your favor.
Therefore, the FBI Seattle Division in conjunction with the United States Department of Homeland Security (DHS), Has screened through our various Monitoring Networks and has been confirmed and notified that the transaction you have with the Financial Institution is Legal and you have the Lawful Right to claim your due fund.
The President His Excenllency Alhaji Umaru Musa Yar'Adua President of the Federal republic of Nigeria has given us to the final approval to pay your fund to you within the next 48hrs,
Your fund valued $7,500,000.00 USD has been deposited into a Gold smart Card number: blah blah blah personal identification is ATM- 7997 this card will enable you buy and withdrawal cash anywhere around the world this is done for your own security, with this card you will not have to take the risk of sending us your personnal banking details online as you have been strongly advise by your local bank not to send your banking details to anyone online.
What you are required to do now to Pay the fees of $120.00 USD for the shipment of your Gold Smart card to your choice location, $120.00 USD is the only fees that has been approved by both the FBI and the Bank that you are to pay as cost of Delivery of your Card to you by the courier company.Once the fees is been paid your will get to you in the next 2-3 working day.
Note: Your funds are protected by a hardcover insurance policy, which makes it impossible to deduct any amount from the money before it can be remitted to you.
This means that the above charges cannot be deducted from the Funds and hence must be provided by you before your fund is transferred to you.
The payment for any of the above options should be sent via Western Union Money Transfer in the name of the Head of Operations Mr. Patrick Ighome.
Find below the payment information.
Name of receiver: Patrick Ighome
Office Address: Plot 143, Ahmadu Bello Way, Victoria Island, Lagos 23401 Nigeria.
Text Question: In God
Answer: We Trust
Name of Sender:.....................
Address of Sender:..................
MTCN#...............................
Please contact the Head of Operations Dr.Bryan Rowe Central Bank of Nigeria As soon you make the your payment.
<dodgy remainian email address omitted>
As soon as he receive your payment, he shall proceed with your fund transfer immediately.
We anticipate your prompt response.
If you need to contact me at any stage please do not hesitate to call (xxx) 350-6981.
Sincerely,
Steven M. Dean (Assistant Special Agent-in-Charge) cc Robert Mueller (FBI Director)
Laughed today. Qantas usually makes me cry but today I got a laugh...
Read this article on NineMSN that some python snakes "broke free". Arent you picturing right now these little snakes, with crowbars, trying to break open the lid of their container in an effort to get out :) That was my first laugh.
The second one was this: "...Qantas, after establishing that the snake was not threatened or endangered, fumigated the aircraft to kill the four pythons..."
Nice one. So where are they now I wonder? Hmm...funny smell coming from near you Mummy... :)
