Windows 7: Setting up a USB bootable device for installs

April 24, 2009
Este artigo foi publicado pelo Jeff Alexander, um IT Pro Evangelist na Australia e explica como instalar o Windows 7 a partir de um disco USB.

Publico-o na integra para lhe poder aceder quando precisar!

http://blogs.technet.com/jeffa36/archive/2009/04/22/windows-7-setting-up-a-usb-bootable-device-for-installs.aspx

Windows 7: Setting up a USB bootable device for installs

WTB_banner_win7
These days I install, re-install and install Windows 7 again and I wanted a quicker way of doing this without having to use a DVD all the time.  Plus I wanted to be able to install x64 and x86 for both server and client.  And I have a HP Mini 2140 on loan which of course does not have a DVD drive.  So enter the humble USB key to solve this task.

You will need at least a 4GB USB key to fit the entire contents of the Windows 7 DVD.  In Australia you can pick these up for under $25 now so it’s not a huge outlay.  We have a bunch in the office as part of a promotion so I have one for x86 and x64.  So the next thing you are going to need to do is format this disk using DISKPART.  Follow the steps below:

  1. Insert the Windows 7 DVD into the optical drive on your computer.
  2. Insert the USB drive and make sure you can see it in explorer.
  3. Run DISKPART – I’ll use screenshots to explain the rest of the steps.
  • At a command prompt type DISKPART

diskpart1

  • Now before you do anything else make sure you have inserted the USB drive and you can see it in explorer.

diskpart2

  • Type LIST DISK to see a list of available disks

diskpart3

  • Type SELECT DISK 3 ( in my case it happens to be disk 3)

diskpart4

  • Type CLEAN which will wipe the disk

diskpart5

  • Type CREATE PARTITION PRIMARY

diskpart6

  • Type SELECT PARTITION 1

diskpart7

  • Type ACTIVE to make this partition the active partition.

diskpart8

  • Type FORMAT FS=FAT32 (wait for it to get to 100% complete)

diskpart9

Type ASSIGN so a drive letter gets assigned in explorer.

diskpart10

Now you should have a USB disk ready for the Windows 7 source files.  If you have the DVD load that into your DVD drive and copy the entire contents to the root of the USB drive.  Once that is done you will have a bootable USB disk ready for you to build your machines much much faster with Windows 7.

I find this a useful and quick way to get machines build and it’s portable as well!

Talking about Torneio Microsoft – Equipa MIC

March 26, 2009

 

Quote

Talking about Torneio Microsoft – Equipa MIC

Torneio Microsoft - Equipa MIC

Hosted by:

Francisco Morais

Date and time:

Thursday, March 26, 2009, 3:45 PM – Wednesday, July 01, 2009, 4:45 PM

Location:

My Indoor

View this event on Windows Live

Talking about Ask the Directory Services Team : How do I find out what changes are going on in my Active Directory

March 19, 2009
Este artigo veio em tão boa altura e está tão bom que não resisto a publicá-lo na integra!!!
 
How do I find out what changes are going on in my Active Directory?

 

Herbert here. Here are some common questions asked by AD Administrators:

- Why has my AD database size increased by 500MB in the last three weeks?
- I see lots of AD replication in Domain Controller monitoring. What are all these changes?

Both symptoms can be severe enough to impair the operations of your AD forest. Here are examples of past occurrences that we tracked down:

312403  Distributed Link Tracking on Windows-based domain controllers
http://support.microsoft.com/default.aspx?scid=kb;EN-US;312403

318774  Removing duplicate and unwanted proxy addresses in Exchange
http://support.microsoft.com/default.aspx?scid=kb;EN-US;318774

940262  The Active Directory database size increases unexpectedly because a Windows Server 2003-based DNS server inappropriately creates several SerialNo objects
http://support.microsoft.com/default.aspx?scid=kb;EN-US;940262

In order to find the cause for the problems, you should find what has changed in the AD database recently. Now Active Directory assigns an "Update Sequence Number" (USN) to each change. These USNs are 64 Bit Integers and are specific to a Domain Controller. The DC GUID and USN together uniquely identify a database change. A USN is both assigned to originating changes and replicated changes. So even for read-only GC content, you see local USNs getting written.

You can use these USNs to identify recent changes in the database of each DC. Each AD Server (includes AD/AM and LDS) has an attribute named “highestCommittedUSN” on its RootDSE object. Here’s an example output from LDP:


12> supportedLDAPPolicies: MaxPoolThreads; MaxDatagramRecv; MaxReceiveBuffer; InitRecvTimeout; MaxConnections; MaxConnIdleTime; MaxPageSize; MaxQueryDuration; MaxTempTableSize; MaxResultSetSize; MaxNotificationPerConn; MaxValRange;
1> highestCommittedUSN: 175389104;
4> supportedSASLMechanisms: GSSAPI; GSS-SPNEGO; EXTERNAL; DIGEST-MD5;

Based on this number, you can query for the most recently changed Objects using an LDAP query. As an example, I’m using LDIFDE and I’m subtracting 10000 from the “highestCommittedUSN” value seen on RootDSE:

Ldifde /d dc=contoso,dc=com /s contoso-DC1 /r "(usnchanged>=175379104)" /f domain-NC-last-10000-080919.txt

This file now contains the names of the objects that were changed or created recently. The object names give you a hint as to what area of AD you need to look at, but it may not be enough of a clue yet. If they are not all new objects (very recent whenCreated attribute), you may want to look at what attributes have been changed. Also, you want to know from which DC the object change is originating.

Maybe the DC that writes all the changes is the primary DC your provisioning system is working against, or it’s a DC you don’t expect to see. To get this information, retrieve the object meta-data using:

repadmin /showobjmeta <DC name> <Object-DN>

The output looks like this:

Loc.USN         Originating DC   Org.USN  Org.Time/Date        Ver Attribute
=======     =============== ========= =============       

175389437     HQ\contoso-DC1   175389437 2008-09-16 18:12:46    2 name

The leftmost column is the local USN; the more interesting fields are to the right, where you see the originating DC information and change time-stamp, attribute version and name. If the version is really high, it could mean excessive updates to this attribute which deserves more investigation.

You should also look out for changes seen for linked attributes (Windows Server 2003 Forest Mode and higher):

Type    Attribute     Last Mod Time                    Originating DC  Loc.USN   Org.USN        Ver   Distinguished Name
============================================================================
ABSENT  member 2008-09-19 15:14:01       HQ\contoso-DC1 175384020 175384020   2    CN=test-user1,OU=Test-OU,DC=contoso,DC=com
PRESENT member 2008-09-16 18:22:29       HQ\contoso-DC1 175379684 175379684   1   CN=test-user2,OU=Test-OU,DC=contoso,DC=com

Note: High values for USNs will distort the table view.

Many “ABSENT” and high version numbers indicate high activity with linked values. “ABSENT” indicates a deleted link, so you can think of it as a value tombstone. It’s treated just like an object tombstone in the database. During replication it means that the value is deleted from the attribute, in this case a group membership.

Attributes that can contain lots of data deserve special attention. This often applies to attributes containing binary values, including the security descriptor for AD or Exchange, or attributes containing certificates. Note that by default, LDIFDE does not dump “ntSecurityDescriptor”. If any of these attributes show high version numbers or a recent update time stamp on many objects, you should investigate further. It will depend on the attribute on how you investigate the changes, for example for “ntSecurityDescriptor” you can dump it using DSACLS and check out any excess Access Control Entries.

Excessive changes to “ntSecurityDescriptor” are not so much a problem regarding database size because there is single instance storage for these since Windows Server 2003. But they can take lots of replication bandwidth.

The information on objects, attributes and originating DC you collected so far should give you good hints regarding the originator of the changes. If it’s not clear yet, you can enable auditing on successful changes to these attributes to find out the process that is making these changes. It may be necessary to make the attribute viewable in ACL Editor so you can define auditing for it. See the guide in:

296490  How to modify the filtered properties of an object
http://support.microsoft.com/default.aspx?scid=kb;EN-US;296490

But what if there is no pattern evolving while you get the data?

One approach is to repeat the LDIFDE export and reduce the window until you see a pattern. Maybe the problematic changes only happen at certain times of the day, so it would also play a role when you create the export. Or the changes happen on a branch office that only replicates at a certain time of day.

But there are also more naming contexts that may have excessive changes, such as Configuration or the DNS partitions ForestDnsZones and DomainDnsZones, and on GCs. Hopefully, the admins of the other domains are already aware of the excessive changes. This is how you search the whole of the GC data:

Ldifde /d "" /s contoso-DC1 /t 3268 /r "(usnchanged>=175379104)" /f GC-last-10000-080919.txt

Hint: Keep in mind that this query only shows changes for attributes that are present in the GC.

And finally, the problem may not be with existing objects that are changed, but with objects that are deleted and re-created all the time. Deleted objects still take database space for the tombstone, and the new objects cause replication traffic. LDIFDE can include deleted objects in the query when you pass the “/x” option:

Ldifde /d dc=contoso,dc=com /s contoso-DC1 /x /r "(usnchanged>=175379104)" /f domain-NC-last-10000-deleted-080919.txt

If the combined size of the tombstones is a problem, you have to wait until the garbage collection is done before you can reduce the size of the database file using an offline defragmentation. We advise against shortening Tombstone Lifetime for the sole purpose of kicking out these objects earlier. When you have strict replication enabled and replication quarantine is enforced, this shortening TSL to a few days can have a drastic impact on the availability of your Active Directory.

I hope you’re having fun investigating all your ongoing AD changes. I think you’re up to a few interesting findings.

- Herbert Mauerer

Active Directory Topology Diagramer

November 30, 2007

The Active Directory Topology Diagrammer (ADTD) tool is now available for download for free from the Microsoft Web Site at the following address: http://www.microsoft.com/downloads/details.aspx?familyid=cb42fc06-50c7-47ed-a65c-862661742764&displaylang=en&tm#Overview

Brief Description

The Microsoft Active Directory Topology Diagrammer reads an Active Directory configuration using ActiveX Data Objects (ADO), and then automatically generates a Visio diagram of your Active Directory and /or your Exchange 200x Server topology. The diagramms include domains, sites, servers, administrative groups, routing groups and connectors and can be changed manually in Visio if needed.

image

Technorati tags: , ,

Exchange Server Documentation Updates – November 2007

November 8, 2007

A new set of documentation regarding Exchange 2007 is available from the Exchange Server documentation team.

The Exchange Server documentation team is pleased to announce the following new Exchange Server 2007 content.

You can see these articles and other Exchange Server documentation content in the Microsoft Exchange Server TechCenter.

To see what content has changed for Exchange Server 2007 with Service Pack 1, take a look at What’s New in Exchange Server 2007 SP1.

The following downloads are also now available for SP1 content:

 

and I’ve noticed the "geekness alert!" send by Rui Silva and I will download and print the poster!!

That’s super cool!

del.icio.us tags: ,

Insight for Active Directory v1.0

November 7, 2007

ADInsight is an LDAP (Light-weight Directory Access Protocol) real-time monitoring tool aimed at troubleshooting Active Directory client applications. Use its detailed tracing of Active Directory client-server communications to solve Windows authentication, Exchange, DNS, and other problems.

ADInsight uses DLL injection techniques to intercept calls that applications make in the Wldap32.dll library, which is the standard library underlying Active Directory APIs such ldap and ADSI. Unlike network monitoring tools, ADInsight intercepts and interprets all client-side APIs, including those that do not result in transmission to a server. ADInsight monitors any process into which it can load it’s tracing DLL, which means that it does not require administrative permissions, however, if run with administrative rights, it will also monitor system processes, including windows services.

Insight for Active Directory v1.0

 

Technorati tags:

Microsoft vs. Blackberry

October 24, 2007

Microsoft announced the new Microsoft® System Center Mobile Device Manager 2008 and that will make the main competitor rethink all strategy.

The main reasons that keeps Blackberry selling devices and servers are the supportability, the easy way to manage devices from a centralized point in the network. And the feeling of security that a blackberry user gets when he use his device.

From now on Microsoft will try to compete in this areas, centralizing the management of mobile devices in the Active Directory via Group Policies and bringing a new layer of security to the mobile network, implementing software distribution

Very well explained @ Mr. Mobile

There are 3 core areas of capability in Systems Center Mobile Device Manager 2008.

1) SECURITY: Windows Mobile devices will be able to participate in Active Directory.  They will join Active Directory and can then be managed through Group policy to allow administrators to control the features and functions of a Windows Mobile Device.  You can control whether WiFi can be enabled, the camera can be used, which applications can be whitelisted or blacklisted.  There are over 130 policies that can be deployed.  

2) DEVICE MANAGEMENT: IT teams can manage Windows Mobile phones end-to-end through a single solution rather than many, helping save time and resources.  

  • Easy distribution of software over the air
  • Easily add more users as needed and as solution grows
  • Over the Air enrollment of devices- just type in a password and go.
  • Integration with Windows Server and mobile development investments, such as AD, GP, MMC Console, Powershell, WSUS 3.0, and Microsoft Dynamics

3) DATA ACCESS: System Center Mobile Device Manager 2008 provides a Mobile VPN that gives a secure single point of access to the corporate network.  You can use this to access any line of business applications or Intranet applications.  It also enables a fast reconnect if disconnected and provides easy transition from Wi-Fi to carrier networks with Internetwork Roaming

System Center Mobile Device Manager will be available in the first half of 2008.  

image

Scalability

image

Security

PopFly goes public

October 19, 2007

PopFly goes into a public beta and the logo had changed too!…

image

Introduction

What is Popfly?

Microsoft® Popfly™ is a web site and tool to help people create and share web sites, mashups, and other kinds of experiences. It has two parts: the social network, which we call "Popfly Space" and the online tool for creating different kinds of experiences, which we call "Popfly Creator."

What can you do with Popfly?

Programming is not something that takes years to learn. With Popfly Creator, in just a few minutes, you can create something that will have people saying "wow."

With Popfly you can create a mashup using functionality from Virtual Earth, Flickr, Yahoo!, Twitter, and more.

del.icio.us tags:

Hotfix for Excel

October 15, 2007

Hotfix for Excel released

"(…)If you’re a fan of the numbers 65534.9999999995 and 65535.99999999995, we’ve got good news for you. The bug that caused them to display 65535 and 65536 has been fixed. We released a couple of hotfixes for the issue yesterday. If such things interest you, head over to here and here to check out the Knowledge Base articles that will help you. Those are the fixes for both Excel 2007 and Excel Services in Office SharePoint Server 2007. One other note: This is NOT a security vulnerability. It’s a formatting issue with the display of some calculation results."

Technorati tags: ,

Windows Live SkyDrive updated

October 12, 2007

The beta of Windows Live Skydrive was updated today.

the news are:

  • increased storage capacity, from 500 Mb to 1 Gb

image

  • RSS Feeds on Public Folders

image

  • See who uploaded a file

image

  • Add a contact directly within SkyDrive

image

You can check for more @ the Windows Live SkyDrive team blog

del.icio.us tags:

Follow

Get every new post delivered to your Inbox.