JaLaBlog

ceteris paribus…

To be continued…

Posted by Jacques on Monday, 29 July 2013

…hope to find more time to actively blog again

Posted in . | No Comments »

Problem getting image on projector from a Windows UltraBook with mini DisplayPort > VGA Adaptor?

Posted by Jacques on Friday, 25 May 2012

Then you might have the wrong DisplayPort_to_VGA adapter. I lost two days troubleshooting this issue for the new Dell XPS 13 and couldn’t get any single hint from the Dell Pro Support Sad smile.
Finally, I found the explanation AND the solution in this post

Posted in . | Tagged: , | 3 Comments »

How to deploy Windows 7 on non-PXE Ultrabooks with MDT LiteTouch…

Posted by Jacques on Thursday, 12 April 2012

Recently, we acquired the new Dell XPS 13 Ultrabooks (Make = “”, Model = “Dell System XPS L321X”. Like for most Ultrabooks, there is no space for a classic RJ45 NIC interface. The network connectivity is given by a combined WLAN (Intel Centrino)/WPAN (Bluetooth) chip or through USB using a LAN RJ45/USB Adapter.

We use the LevelOne USB-0401: Gigabit LAN USB2.0 Adapter to deploy our Windows 7 build from our WDS/MDT server over the network. The problem is that this network connection over USB is lacking the PXE features and nothing in the BIOS will let you boot directly from the network. I gave the challenge of deploying this kind of device to my apprentice. One day later, he had the four Dell XPS 13 fully deployed with our WDS/MDT server and our Windows 7 build image. Here are what you need to do:

Requirements
  • A LAN RJ45/USB Adapter
    We use the LevelOne USB-0401: Gigabit LAN USB2.0 Adapter
  • A USB stick
    With a bootable NTFS partition (see below)
  • A WDS/MDT Server fully configured for LiteTouch deployments
    See the MDT article serie in this blog.
  • The MDT LiteTouch WinPE must include the network and mass storage driver required by the Ultrabook.
    Use the usual MDT way to rebuild the LiteTouch WinPE so it includes the required drivers.
Challenge

In a conventional LiteTouch deployment, Network Boot will be initiated by the F12 keystroke. This will start the PXE Boot: a WDS server will be discovered, and a LiteTouch WinPE image will be transferred to the client over tftp. WinPE will boot the client in a RAM disk X: . The LiteTouch WinPE OS contains all what is needed to initiate the MDT LiteTouch deployment: gathering the the hardware details of the client and connecting to the MDT Server, the deployment share, and the MDT database.

On non PXE-Clients, the LiteTouch WinPE OS cannot be delivered from the WDS server. All we have to do is to boot from a USB stick instead of from the network. Instead of transferring the LiteTouch WinPE over the network to a RAM disk X:, we will start the LiteTouch WinPE from a bootable USB stick, and MDT LiteTouch deployment can be initiated normally.

Building a bootable USB drive with a MDT LiteTouch WinPE

Format and make the USB drive partition active using diskpart:

  • diskpart
  • list disk
    • check which disk number is your inserted USB stick.
  • select disk 3
  • select partition 1
  • format fs=ntfs override quick
  • active
  • assign

Create a bootable USB drive:

  • Copy the boot folder from “C:\Program Files\Windows AIK\Tools\PETools\x86\boot”to the USB drive
    • if you intent to install a x64 system, copy boot from “C:\Program Files\Windows AIK\Tools\PETools\amd64\boot”
  • Create a folder named \Sources on the USB drive
  • Copy the LiteTouch WinPE file from the DeploymentShare$ to the \Sources folder on the USB drive as boot.wim
    • \\WDS_SERVER\c$\DeploymentShare\Boot\LiteTouchPE_x86.wim for x86
    • \\WDS_SERVER\c$\DeploymentShare\Boot\LiteTouchPE_x64.wim for x64
  • Copy bootmgr from “C:\Program Files\Windows AIK\Tools\PETools\x86”to the root of the USB drive
    • For x64 systems, copy bootmgr from “C:\Program Files\Windows AIK\Tools\PETools\amd64”
  • Install the Windows 7 boot loader:
    • bootsect.exe /nt60 <USB driveletter:>
    • bootsect.exe is located under the same path as the folder boot. C:\Program Files\Windows AIK\Tools\PETools\”amd64/x86″
      See Technet article here.

 

The USB drive is now bootable and contains the MDT LiteTouch WinPE which is usually transferred when booting from the network (PXE-boot / F12).

Posted in . | Tagged: , , , | 11 Comments »

App-V Error …-00002002

Posted by Jacques on Thursday, 25 August 2011

If your get the following App-V client error when refreshing your apps from the App-V Client Console:

The Application Virtualization Client could not update publishing information from the server App-V Server.
The server will not allow a connection without valid NTLM credentials.
Report the following error code to your System Administrator.

Error code: 4615186-1690900A-00002002

And If you have Windows Live Essentials installed on your computer, the following is for you!
To resolve this issue:

  • Locate HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  • Remove “livessp” (leave the others) from “Security Packages”
  • Reboot

Posted in . | Tagged: | 5 Comments »

Excellent Hyper-V Gotchas paper.

Posted by Jacques on Tuesday, 23 August 2011

An excellent Hyper-V gotchas paper has been published here by Tony Soper and Stephan Schwarz on the Microsoft TechNet Wiki. It is a gold mine for understanding and troubleshooting Hyper-V.

Posted in . | Tagged: | No Comments »

Slow search on redirected and offline available users folders when online over “pretty-but-not-so-fast” network.

Posted by Jacques on Friday, 10 June 2011

In our Windows 7 client environment, we use roaming profiles, redirected shell folders (including Start Menu), and offline files by default. Offline files are indexed by policy. So we assume searching the redirected user folders to be be fast, since everything is indexed locally, and even read operations are performed on the local cache since the Vista implementation of Client Side Caching (CSC).  However, we experience slow searches in the following situation: the client is connected to the file server over a “pretty” fast network whose speed is over the Slow-link Threshold. This threshold determines when to automatically switch to the Slow-link Offline Mode and is configurable through policies. This is the typical VPN/DSL connection scenario, in which users experience slow searches in the Start Menu.

Here is the beginning of an explanation why search in the user’s Start Menu is slow over DSL/VPN:

In this scenario, the mode is online, because the network speed is sufficient and the Slow-link Threshold does not force to switch to Slow-link Offline. It’s also what we expect. In the Online Mode, reads are done on the local cache, but what I didn’t remember is that Browse Folders is done on the server share. But since search should look in the local index, the hits should appear immediately. Maybe, when the hits are obtained from the local index, they just point to the folder location which is browsed online as shown on the table below. Has to be confirmed.

image

Source: http://technet.microsoft.com/en-us/library/cc749449(WS.10).aspx

If this is the case, the search of offline available items will always be limited by the network speed when online. I’m confident that this is the right explanation. If I’m right, we will have to give up with redirecting the user start menu and just let it back in the roaming user profile. Another possibility would be to use the “Configure slow-link mode” policy for the redirected User Start Menu UNC with a latency of 40 for instance, the default being 80. In this case, just the User Start Menu folder would transition to Slow-link Offline on “pretty-but-not-so-fast” connections such as VPN/DSL or VPN/WAN. Then we could use the “Configure Background Sync” policy in order to increase the synchronization frequency of Slow-link Offline transitioned network folders.

Any comment on this hypothetic is welcome.

See also:

Posted in . | Tagged: , , | 4 Comments »

Do you know EtherPad?

Posted by Jacques on Thursday, 9 June 2011

Matt (e-learning technologist @ UCL) just let me discover this very simple and fast cloud application. EtherPad is sort of a online collaborative draft editing tool that lets you create public (cookies-and unique URL-based) or private (user-authentication) “pads”. The creator or any invited participant can invite other participant for simultaneously or asynchronously co-editing the pad. Editors and their text are color-coded. A time-slider view lets you replay the full history of the pad edition, allowing reverts or fixing point in time versions. The pad an any of its time versions can be exported to MS-Word, HTM, or PDF.  The EtherPad code has been bought by Google who made it open source, and it’s nor really clear what Google intents to do with it. But there are several free implementations of it, http://shamblespad.com/  seems the most serious one.

But no warranty on data privacy and security….

Thanks Matt for the hint.

Posted in . | Tagged: , | No Comments »

Managed or unmanaged IT environment, and consumerization of IT: challenges, chances and risks.

Posted by Jacques on Thursday, 2 June 2011

Abbreviations:

  • BYOC/D -  Bring Your Own Computer/Device
  • UCL – University College London
  • QAS – Quest Authentication Services
  • AppV – Application Virtualization
  • RDP – remote Desktop Protocol

I’m currently sharing views and experience with UCL IT guys about a “New Desktop” project. I have been active for years in providing the best possible desktop experience to my users at Microbiology ETH by delivering fully managed, secure, sustainable, and economically efficient desktop and notebook environment while preserving flexibility and performance.

I just came upon a recent blog post by Brian Madden, “The consumerization of IT: Why most vendors get it wrong, and why it’s a real challenge today. (Part 1)” that leads me to put my convictions in question and rethink parts of my concepts about user experience in our IT environment.

 

Managed and unmanaged client environments

Companies have usually a strong line of command and IT clients have been typically deployed in a controlled way: fully managed PCs, locked-down desktops, perimeter protection, limited access through VPN and network access control…

In higher education, academic freedom and autonomy of the departments have primacy over line of command and central management. Often only shared services are provides centrally in a “take it or let it, we don’t care”  philosophy. Most universities end up with an organically grown mix including full, partially, and not managed client environments".

As an evangelist of fully managed IT environments, I used to emphasize the following arguments:

  • economic efficiency through standardization
  • better, richer overall offering and user experience
  • releasing researchers and students from the burden of installation, maintenance, and troubleshooting, so they really can focus on their core duties.
  • sustained security and reliability

All the arguments are still valid, but the concept is now confronted with a totally new reality…

 

Emergence of a new IT reality

With SaaS and cloud technology, it has never been so easy and convenient for a user to circumvent or bypass the corporate IT environment, and use his/her own PC, Mac, iPad, ChromeBook (the BYOD – Bring Your Own Device generation) to achieve all the tasks she is expected to fulfill for the company, her PhD Thesis, or her lab supervisor. Equipped with a set of cloud or SaaS services such as join.me, Dropbox, Google Apps, live@edu and Office 365, Skype, SlideShare…., using corporate services over HTTPS (Exchange, Lync, RemoteApp Server Web Access…), the user can nearly completely free himself from locked down corporate IT. It is no more possible to block them, they know how to use the new technology. “I will complete all my tasks, I will do what you expect me to do, I will even surprise you, but I do not need your locked down PC for that. So please do not disturb me with that, do not even try, I’m going to use whatever I want and choose the tools I like best.” According to Brian Madden, “the consumerization of IT is not about BYOD. The consumerization of IT is about the fact that today’s users can do whatever they want, and you in IT can’t stop them even if you wanted to.”

For the faculties, departments or labs that never had a professionally managed IT environment, the emergence of this new IT world virtually opens “access to more technology than you ever fantasized about just a few years ago”. The adoption of these new cloud services is happening in a dazzling pace, and the evolution is even more chaotic as in the old world. That said, the new world does not bring all what a corporate IT environment should have brought them (yet).

Where a high quality, managed client environment is is place (companies, some labs and groups in the faculties), the consumerization of IT phenomenon is more difficult to embrace, it is seen more as a threat than as a chance, or just as an edge emergence for geeks or kids.

The client environment I am delivering at Microbiology ETH is fully managed: all computer are standard, deployed automatically, joined in the AD domain, configured with group policies, UAC is forced, patched and monitored by WSUS and Avira servers. They are behind my firewall, get access to my VLANs through machine certificate authentication (IEEE802.1x) in the wired and WIFI infrastructure. Even VPN to my VLANs is only possible for fully managed machines that present the AD-auto-enrolled machine certificate. Application are provisioned and maintained with App-V and a self-service kiosk which provides a high degree of flexibility to the end user without the need for an admin account. Deployment is fast, easy, flexible, and inexpensive with WDS and MDT. Notebook users can ask for a local admin account, but are taught to use it with UAC and not to run admin sessions. Roaming Profiles, folder redirections, offline file, previous versions, App-V bubbles, VM sandboxes for testing, all these building blocks make my environment stable, rich, efficient to manage, and flexible for the user.

SO why should I care about consumerization of IT at all?

 

Risks of ignoring

If I stick to my fully-managed-only concept, I will have to keep pace with the tremendous SaaS/Cloud offering without being able to provide the same degree of freedom and flexibility.I will need a lot of resources for implementing, maintaining new services as well as a lot of energy in convincing my users to use my fantastic services. And at the end of the day, my users will use what they like to use: dropbox, Gmail & co.  If I’m totally closed and narrow-minded, I will end up with making my Institute attracting and retaining the best talent.

 

Risks of adopting

Well, the risk of embracing consumerization of IT is obvious: It is to consider that Bring-your-Own-Device and Just-Use-Technology-You-like can be accepted in an uncontrolled way. You will end up with a chaotic set of work methodologies, compatibility barriers, reduced shared knowledge, and last but not least loss of control of company data and integrity & security issues. The risks are not in adopting, but in considering that consumerization of IT in the enterprise can replace the strong corporate IT services.

 

How to make use of it

In fact, consumerization of IT should complements, enhances your managed IT environment, making it more open, more fun, if you do it in a controlled way.

I’m going the consider the following mind-shift for the Institute I’m managing at ETH:

  • Continuing effort in providing a solid, fully managed client environment – the Managed World
  • Making the this Managed World more friendly for the BYOD generation – the Unmanaged World

The principles that will guide this shift include:

  • You can only take responsibility over what you can control. That means endorsing responsibility for the Managed World only.
  • BYOD and IT consumerization cannot replace the portfolio of fully managed services, but just enhance them in making it more user friendly.
  • Being open to and Supporting BYOD and SaaS/Cloud services helps making the Institute environment more attractive to “think different” people.
  • Data integrity, security, and business continuity have the primacy over all other considerations.

Features of the Managed World (all already in place)

  • Fully managed lifecycle of the client desktop
    – Client computer fleet concept
    – MS-Windows latest version x32 and x64
    – LiteTouch OS Deployment (MDT/WDS)
    – Active Directory Domain joined
    – Software provisioning with App-V
  • Security
    – Update/Patching
    – Patch level and security monitoring
    – Central management and configuration with Group Policies
    – Microbiology VLAN, FW-protected
    – Exclusively IEEE802.1x LAN/WLAN authentication with auto-enrolled  Domain Machine Certificate
    – VPN access to the Institute Network only with auto-enrolled Domain Machine Certificate
  • User experience
    – Anytime/everywhere access to all Institute and ETH resources with any managed client 
    – No binding to the device / device-independent, full roaming work-style / back to production in minutes in case of device crash
    – Roaming Profiles, Redirected Shell Folders
    – Offline Files synchronization
    – Same login, profile, and experience on any desktop, workstation, notebook, tablet, and scientific acquisition device
    – Convenient offline work
    – Access to print server, home and group folders, scientific shares
    – Previous versions (4 shadow copies daily)
    – Full daily backup of all data, profiles and settings (server-based) with de-duplication
    – Access to self service AppV kiosk (300+ Apps)
    – Single sign-on to all services (Exchange, SharePoint, Linux servers (QAS), RemoteApp and RemoteDesktop Farm, file shares…)
    – Fast search on all users folders
    – Fast login, good and stable overall performance
    – Full support of devices and services
    – PhD managed Notebook inexpensive offering.
    – Access to all private Cloud/SaaS tools and services, directly over HTTP or with the required client provided by AppV (Dropbox, Skype, TeamViewer)

Features of the Unmanaged World

  • New BYOD officially welcome: Private Mac, iPad, ChromeBook, Notebooks, Tablets, … welcome
  • BYOD devices get an IP address in a network outside the Virtual Private Zone of the Institute. BYOD dock in the public ETH docking network of ETH. SLL user authentication.
  • No Active Directory Domain joining
  • Zero managed configuration, zero monitoring
  • Microbiology IT resources accessible:
    New Scientific file shares (NAS)
    New Printers (direct access over IP or HTTP, no print server)
    New SharePoint Intranet
    New RemoteApp and Remotedesktop Server Farm
    New Access to all features of the Managed World from BYOD through Terminal Services (RDP), but through this channel only.
  • No backup service for local data on BYOD
  • Zero support of the private BYOD.

This is is how I see  embracing “consumerization of IT” in a research Institute in higher education, today. This of course not a definitive concept. Your comments are welcome!

Posted in . | 8 Comments »

Lost trust relationship between Windows VMs and Domain Controllers.

Posted by Jacques on Wednesday, 1 June 2011

Some SysAdmins are confronted with domain member servers or domain member computers regularly loose there trust relationship with the domain controllers, forcing them to logon as local admin and re-join the machine to the domain. The explanation is easy. Every domain computer has an AD computer account with an automatically generated password. Computer account passwords are used to establish secure channel communications between members and domain controllers and, within the domain, between the domain controllers themselves. Once it is established, the secure channel is used to transmit sensitive information that is necessary for making authentication and authorization decisions.The domain computer attempts to change its computer account password as specified by the setting for Domain Member: Maximum age for machine account password, which by default is every 30 days.

So imagine the following scenario for a virtual machine:

  1. The VM is joined to the domain. A computer password gets automatically generated and used to create the secure communication channel with the domain controller is established. The domain computer has a trust relationship with the domain controller.
  2. A snapshot of the VM is created.
  3. The VM is used, and eventually, the computer password gets changed after 30+ days, according to the default security policy.The new password is written in the differential file, after the snapshot.
  4. The VM is reverted to previous snapshot: The differential file is deleted, and the VM will use its previous password when booting in the domain. The secure communication channel cannot be established anymore, and the trust relationship is lost.

One can attenuate this problem by raising the Maximum age for machine account password to something like 60 days (Registry, local policies, or GPO). Another radical workaround would be to enable the Disable Machine Account Password Change, what I don’t recommend because this would introduce an big security threat. You will find both policy settings under Computer Policies/Windows Settings/Local Policies/Security Options. You will find the registry key under HKLM\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters.

Posted in . | Tagged: , , , | 1 Comment »

Office 365 vs. Google Apps: Microsoft Comes Out Firing

Posted by Jacques on Wednesday, 1 June 2011

Interesting, facts-based paper by Paul Thurrot, read here. This article is pretty in line with what I’m currently experiencing here at University College London, where 22000 students and most of the staff and faculty have been migrated to live@edu (live@ucl).

Posted in . | Tagged: | No Comments »

Hybrid vs. Pure Cloud

Posted by Jacques on Saturday, 21 May 2011

In-Cloud-“Outsourcing” of IT services that have long been available on premises, such as messaging, collaboration, or databases and web services is a delicate strategic decision and nearly every CIO is confronted with it. The old IT determinants – availability, performance, security, scalability, TCO, recovery and disaster recovery – need to be re-assessed quasi from scratch, SLAs paradigms change to new business models, and new questions arise, including flexibility, performance, latency, and, most important, confidentiality and ownership of data, resources, and services. Higher education institutions maybe concerned by the loss of in-house know-how and learning effect of on-premises IT services. This has been observed in the past with other technologies as they transition from a specificity to a commodity status. Thus, going-in-the-cloud discussions go beyond  just economic criteria.

The Cloud is just emerging, but it is in every mouth, in any IT conference keynote, and the competition among the key players (e.g. Amazon, Google, IBM, Microsoft, Oracle…) is just unbelievable, especially when it comes to attract colleges and university. But the proposed business models are very different. Some companies just want to control user data and habits and make money with advertizing business (usually not in a open, declared way); other will try to bind users and institutions with proprietary solution and make any way back on premises virtually impossible; and other just want to transition from software licenses to cloud licenses.

To my opinion, it is crucial that:

  • organizations maintain ownership and control on their user’s identity management. The organization’s identity management must be federated with the cloud provider and fully support claims based authentication and authorization with e.g. shibboleth and openID
  • users and services can be moved back and forth between on-premises and in-cloud services easily
  • the cloud architecture and technology of the provider must support the coexistence of private and public cloud

Hybrid clouds exactly address these criteria, pure cloud services don’t. I think that only hybrid clouds will help organizations transitioning and individuals overcome culture change and uncertainties.  I also found this article that presents an interesting view on cloud positioning: http://en.wikipedia.org/wiki/Openid

Posted in . | Tagged: , | No Comments »

The correct way of adding accounts in Outlook 2010

Posted by Jacques on Thursday, 19 May 2011

It has been cumbersome to add additional mailbox accounts to your Outlook 2003 or 2007. The procedure (File / Account settings / Change / Advanced / More settings / Advanced and then by "Open Additional mailboxes") which is still working in Outlook 2010 isn’t really intuitive, and deleted and sent emails eventually ends in the Sent and Deleted folder of the primary mailbox.

I just found this post in a comment of one of my previous post and I think that it is worth advertizing it here… The post is a detail article about the changes in Outlook 2010 for additional mailboxes, and it includes the new features as well as the step-by-step to add mailbox accounts…

http://www.oostdam.info/index.php/sectie-blog/28-office-vragen/278-outlook-2010-sent-items-in-owners-mailbox

Posted in . | Tagged: | No Comments »

Here are the valid OS Values for App-V OSD Files

Posted by Jacques on Wednesday, 9 December 2009

Target OS OSD Tag Value Minimal AppV Client
Windows NT <OS VALUE="WinNT"/> 4.1
Windows 2000 <OS VALUE="Win2K"/> 4.1
Windows 2000 Server <OS VALUE="Win2KSvr"/> 4.1
Windows 2000 Terminal Server <OS VALUE="Win2KTS"/> 4.1
Windows XP <OS VALUE="WinXP"/> 4.1
Windows XP x64 <OS VALUE="WinXP64"/> 4.6 x64
Windows Server 2003 <OS VALUE="Win2003Svr"/> 4.1
Windows Server 2003 Terminal Server <OS VALUE="Win2003TS"/> 4.1
Windows 2003 Terminal Server x64 <OS VALUE="Win2003TS64"/> 4.6 x64
Windows Vista <OS VALUE="WinVista"/> 4.2
Windows Vista x64 <OS VALUE="WinVista64"/> 4.6 x64
Windows 2008 Terminal Server <OS VALUE="Win2008TS"/> 4.5
Windows 2008 Terminal Server x64 <OS VALUE="Win2008TS64"/> 4.6 x64
Windows 7 <OS VALUE="Win7"/> 4.5 sp1
Windows 7 x64 <OS VALUE="Win764"/> 4.6 x64
Windows 2008 R2 Terminal Server x64 <OS VALUE="Win2008R2TS64"/> 4.6 x64
     

Note that this post is provided “as is” with no warranty nor supportability engagement. It does not engage my responsibility at all.
Nevertheless if you consider this not clear, incomplete or inadequate, please let me know !

Posted in . | Tagged: , | 2 Comments »

Adding OS to your OSD files…

Posted by Jacques on Saturday, 5 December 2009

You’ve sequenced hundreds of packages for App-V 4.x. You did it for Windows XP or Vista. And now you want to use these packages for your new client OS, for instance Windows 7… So you need to add the XML tag <OS VALUE="Win7"/> in each single OSD file…

This utility is for you!

image

Download


Requires .net framework 3.0
Thanks to Fabian 🙂

Note that this post is provided “as is” with no warranty nor supportability engagement. It does not engage my responsibility at all.
Nevertheless if you consider this not clear, incomplete or inadequate, please let me know !

Posted in . | Tagged: , , | 1 Comment »

New, improved, or well established variables in CustomSettings.ini (MDT2010)

Posted by Jacques on Monday, 16 November 2009

Variable Example Comment
SLShareDynamicLogging=

\\server\share\%OSDComputerName%

Online logging: the BD.log get written on the target computer and on the network share you spevify for the variable simultaneously.
See Michael Niehaus’
DriverSelectionProfile =Nothing Override the driver Selection profile in the Inject Drivers step of the task sequence.
DriverGroup001=
DriverGroup002=
%make%\%Model% Using this variable with this example avoids you to configure this in the Make and Model method of the Database and let you use a common task sequence for all types of target computer.
The %make%\%Model% must exactly match the path to your driver folders in the Deployment Share.
To get the right WMI strings for make and model, use the wmic commands at the command prompt of the target computer:

  > wmic ComputerSystem Get Manufacturer
  > wmic ComputerSystem Get Model

When creating the master image, make sure to remove this variable and put “Nothing” in the BuildMaster task sequence to avoid polluting your neutral master with specific drivers.

See Michael Niehaus’ blog.

Driverinjectionmode= Auto ¦ All Override the options of the Inject Drivers step of the task sequence:
  • Auto = Inject only matching drivers from the selection profile or folder.  This is the same behavior as MDT 2008, injecting all drivers that matched one of the PnP IDs on the computer.
  • All = Inject all drivers from the selection profile or foler
DoNotCreateExtraPartition YES ¦ NO Controls the creation of the hidden 100-300 MB partition intended for BitLocker.
WSUSServer= http://mywsusservername Getting MDT to install updates from your WSUS server
Note: if “ZtiWindowsupdate takes too long ‘", see http://social.technet.microsoft.com/Forums/en-US/mdt/thread/26833f62-7c1f-4a40-a7c6-4d2ad31c6b61

 

 

[Back to MDT2010 TOC]

Posted in . | Tagged: | No Comments »

New post series on MDT2010

Posted by Jacques on Monday, 16 November 2009

Just back from TechEd Europe in Berlin, I’m going to immediately start my new Windows 7 and Windows Server 2008 R2 deployment lab with the new MDT 2010. I will document my steps here from WDS settings to multicast deployment as I did for MDT 2008, Vista and W2k3 just one year ago. I hope that these posts will encounter as much success as the previous series…. Your feedback always welcome, of course.

Along we the progress of my lab, this table of contents will grow and link you to the different posts. Be patient, I have many other projects to run beside this one….

  1. New, improved, or well established variables in CustomSettings.ini
  2. Setting up WDS
  3. Setting up MDT2010
  4. Importing MDT2008 deployment shares
  5. Populating the deployment share
  6. Advanced settings
  7. Creating a master image
  8. Deploying your master image
  9. Offline servicing
  10. WinRE

Posted in . | Tagged: | No Comments »

Shared Mailbox added in outlook profile but, where will Sent Item be saved?

Posted by Jacques on Friday, 18 September 2009

clip_image002There is a common query across everywhere, when we add a shared mailbox in outlook profile and sending a mail from that account (using Send-As or Send On Behalf of) by specifying it in From field, mail item will be saved into ‘Sent Item’ of primary mailbox instead of ‘Sent Item’ folder of shared mailbox as per normal behaviour of Outlook.

Something like when I opened ‘Support’ mailbox in my outlook profile as an additional mailbox and sending mail from ‘Support’ mailbox by specifying it into From field. It will be saved into ‘Sent Item’ of Amit Tank’s mailbox and not in Sent Item of ‘Support’ mailbox.

clip_image002

Solution:

Microsoft has released an Outlook 2007 hotfix package dated June 30, 2009 to resolve certain issues and this issue is addressed in that list.

So Install this hotfix package and add a registry key to make it enable.

  1. Hotfix: Description of the Outlook 2007 hotfix package (Outlook.msp): June 30, 2009
  2. Set below registry key as per KB972148 to enable this functionality.

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Preferences]
"DelegateSentItemsStyle"=dword:00000001

Voila! Now all mails, sent from shared mailbox account, are being saved into ‘Sent Item’ of shared mailbox.

Source: http://exchangeshare.wordpress.com/2009/07/15/shared-mailbox-added-in-outlook-profile-but-where-will-sent-item-be-saved/

Posted in . | Tagged: | 2 Comments »

Windows 7: choosing what flavor to install from the same distribution…

Posted by Jacques on Saturday, 22 August 2009

I do not know the source of the following info:

“With the version of the Windows installer that comes with Win7, there is a new file at /Sources/ei.cfg that tells the Windows installer what OS it should install. Here’s what the file looks like from the ultimate disc: [EditionID] Ultimate [Channel] Retail [VL] 0
When the Windows installer sees this file, it becomes keyed to whatever distribution the file specifies. In this case with an Ultimate disc, we cannot install Home Premium or Professional. We have not yet had a chance to test OEM and retail keys since we don’t have both, however it certainly looks like the installer is going to make a distinction there too.
Perhaps the most interesting bit of this is that the installation process itself hasn’t changed – the Windows installer still supports One Disc to Rule Them All operation, and the Windows image that comes with Ultimate for example has absolutely no problem installing lesser versions. In fact if you remove ei.cfg so that the Windows installer is not told to install a specific version, it will revert to One Disc mode. The distinction between discs is entirely trivial, dictated by a single 51 byte configuration file. You can have a One Disc installer, Microsoft just don’t want it to be the default action for some reason.”

Posted in . | Tagged: | No Comments »

The ever growing –omics family

Posted by Jacques on Monday, 15 June 2009

genomics – transcriptomics – proteomics – metabolomics – phenomics – agronomics – lipomics/lipidomics – glycomics – cellomics ….

Do you have another –omics to suggest?

Posted in . | Tagged: | No Comments »

App-V sequencing of FlowJo 7.5

Posted by Jacques on Tuesday, 9 June 2009

Recently, I sequenced the newest FlowJo 7.5. I ended with the issue that the application never ended to load. It was possible to possible to use the program for a few moments, but it evebtually crashed with the message:

The SoftGrid Client could not launch application_name.
The application took too long to be ready to interact with the User, possibly because the system was too busy. Please try again in a few minutes. If the problem persists, please report the following error code to your system administrator.
Error code: xxxxxx-xxxxxx04-0000041E

I tried the solution given under http://support.microsoft.com/kb/931112, but it did not help.

I could resolve this issue by changing the code snippet in the OSD file from:

<VM VALUE="Win32">
<SUBSYSTEM VALUE="windows"/>
</VM>

to:

<VM VALUE="Win32">
<SUBSYSTEM VALUE="console"/>
</VM
>

Posted in . | Tagged: , | No Comments »