November 2007 - Posts

Use full DNS Names and OS tags in GINA's Dropdown Dialog box

Someone on the Activedir newsgroup wanted DNS names in the logon dialog box users see rather than the NetBIOS name. I didn't initially think this was possible but the poster insisted they had seen it done before. well, 2 solutions were proffered: Jorge de Almeida Pinto came up with a custom ADM which could apply to the boxes you wanted this feature enabled on and Dean Wells provided a reg hack which did the same thing. Thought I should share both:

--------------------------------------------------------

Custom ADM

--------------------------------------------------------

; Custom ADM to change how domain names are shown in the logon box
; REMARK: these are preferences and NOT policies. As such make sure you enable viewing of preferences in the GPEditor!

CLASS MACHINE

 CATEGORY "System"

  CATEGORY "Net Logon"

   CATEGORY "Domain Name in Logon Box"

    KEYNAME "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

    POLICY "Show Full DNS Names At Logon"
     EXPLAIN "EXPLANATION: When enabled, the list of domains on the logon dialog will show the full DNS names (hierarchical) rather than the NETBIOS names (flat)."
     VALUENAME "DCacheShowDnsNames"
     VALUEON  NUMERIC 1
     VALUEOFF NUMERIC 0
     END POLICY

    POLICY "Show Additional Domain Information At Logon"
     EXPLAIN "EXPLANATION: When enabled, the list of domains on the logon dialog will contain brief information about each domain after the domain name."
     VALUENAME "DCacheShowDomainTags"
     VALUEON  NUMERIC 1
     VALUEOFF NUMERIC 0
    END POLICY

   END CATEGORY

  END CATEGORY

 END CATEGORY

--------------------------------------------------------

Reg Hack

--------------------------------------------------------

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"DCacheShowDomainTags"=dword:00000001

"DCacheShowDnsNames"=dword:00000001

--------------------------------------------------------

Both are cosmetic changes and do not change the logon process in anyway. Just interesting to know it can be done. 

Posted 08 November 2007 06:19 PM by Austin | no comments

Filed under: Windows, Fun

ADInsight for Active Directory

Mark Russinovich and Bruce Cogswell of Sysinternals fame have release ADInsight for Active Directory as one of the free utilities on their Microsoft Site. This tool I like to call the MRI Scan for AD. It uses DLL injection techniques into all processes to watch for WLDAP32 transactions. WLDAP32 is where Microsoft implements the LDAP API. You can see how your application talks to AD and what responses are returned. This capability can be invaluable in many application design scenarios when you can't figure out why your app's conversation with AD is spitting errors or even general troubleshooting to see "under the covers".

The Application is very similar to Regmon and Filemon in it's GUI and if you've used either before ADInsight should feel familiar.

The great thing I also see is you can Rt Click on an call sent to the directory and click on event information which takes you to an MSDN site with an explanation of the transaction. This can be an excellent learning tool as well!

 

If the tool is pointed against an Active Directory where lots on calls are taking place, you can also filter events with the same flexibility available in Filemon and Regmon.

The Process Filter allows the selection of processes to include or exclude there is also a transaction filter for those transactions that you want to view. This selection is made so much easier by the transaction group filter which allows the viewing of a collection of transaction e.g. connects. If a group is chosen, all applicable transactions are selected in the transactions list.

This is definitely another necessary tool in the arsenal of anyone working with Active Directory.  

Posted 07 November 2007 08:31 PM by Austin | no comments

Filed under: Active Directory, Microsoft

Microsoft's Awesome Stats

Anyone who's been to a conference where someone from MSFT's been talking about "How Microsoft Does IT" has probably heard this or something similar but these stats are just awesome I think (Source Bink.nu):

Microsoft internal IT:

600k connected devices
10,000 Servers
3 Datacenters 1 operations center
11% is virtualized in Microsoft Datacenters
330 of 385 servers run Windows Server 2008 (RC0) plus all 85 Microsoft.com servers
11 clustered systems
30,000 users in Redmond domain (50,000 with vendors)
NAP reporting 140K clients, 90 clients deferred mode

The Redmond Active Directory domain is running in Windows Server 2008 mode since last Thursday (Nov 1st)

Microsoft Email:

6 million internal emails per day
20 Million emails from Internet
97% rejected as spam
99,999 uptime

Worldwide:

140,000 end users
550 buildings
98 countries
1/3 of the sites are connected over Internet only

2300 Line of business applications
1 single SAP instance (5 Terrabyte database)
Dynamics/MSCRM

Windows Live Services:

130,000 servers online
435 Million unique users
280 Billion pageviews daily
12 Billion emails daily
6 billion Instant Messages daily

Remote connect:

1 million VPN sessions per month
80,000 unique OWA users
Remote app portal
TS gateway 20,000 users
Direct Connect pilot

Microsoft.com figures
55,7 million unique users, #4 overall site in US
280,5 Unique users wordwide #6 site worldwide
15,000 request a sec

Posted 06 November 2007 11:53 AM by Austin | no comments

Filed under: Windows, Microsoft

Burn CD's and DVDs with Powershell

Included with Microsoft Vista is a new API for scripting against optical drives; the Image Mastering API version 2 or IMAPI2. This makes it possible to retrieve information from optical storage media like CDs and DVDs and write to them.

The story around the IMAPI and what you can do with it can be found on msdn but what brought it to my attention was the Scriptcenter newsletter this week where a VB sample of how to burn CDs/DVDs using the Image Mastering API was described. Yep, if we can do it with VB there's got to be a PoSHer way to do the same thing so I gave it a go and over a couple of hours managed to get my version to work.

Who needs ISO burning tools anymore ay? Roll your own!

My modification of the script accepts one argument which is the path to the ISO file and it barfs if a wrong path is given. 

The assumption is that the CD/DVD writer is first optical drive on the system (If it's not, change the msftdiscMaster2 index used in the msftdiscrecorder2 initializedrecorder method ).

Minor error checking has been thrown in to ensure a valid path to an ISO file is provided and that the disc is blank.

---------------------------------------------------------------------------------------

param(
        [string]$path = $( throw "Please Specify path to an ISO file")
         )
# Set binary file type
Set-Variable -name adFileTypeBinary -value 1 -option Constant

# Test if path exists else fail
if (Test-Path -path $path -isValid)
{
    $isoFile = $path

    # Create disc master to burn to optical drives
    $obm = New-Object -comobject "imapi2.msftdiscMaster2"

    # Create a DiscRecorder object for the specified burning device
    $obr = New-Object -comobject "imapi2.msftdiscrecorder2"
    $obr.initializediscrecorder( $obm.item(0) )
    $dataWriter = New-Object -comobject "IMAPI2.MsftDiscFormat2Data"
    $dataWriter.Recorder = $obr
    $dataWriter.ClientName = "ISOTest1"

    # Write stream to disc using the specified recorder
    Write-Host "Writing to disc..."
    $objStream = New-Object -comobject "ADODB.Stream"
    $objStream.open()
    $objStream.type = $adFileTypeBinary
    $objStream.LoadFromFile( "$isoFile" )

    # Check disk is blank else fail
    $addr = $dataWriter.NextWritableAddress
        if ( $addr = "0"  )
            {
                $dataWriter.Write( $objStream )
                Write-Host "Done"
            }
        else
            {
                Write-Host "Cannot write to disk" }
            }

else
    {
    Write-Host "A valid ISO file was not found"
    }

---------------------------------------------------------------------------------------

The Scriptcenter site shows other examples in VB and they can all be converted to Powershell with very little effort.

Binaries for for versions of IMAPIv2 for other platforms can be obtained here:

Image Mastering API v2.0 for Windows XP

Image Mastering API v2.0 for Windows Sever 2003

Image Mastering API v2.0 for Windows XP x64 Edition

Image Mastering API v2.0 for Windows Server 2003 x64 Edition

Posted 02 November 2007 05:47 PM by Austin | no comments

Filed under: Powershell, Windows, Windows Vista, Fun

PoSH is here to stay!

I'm sure a lot of my crew are almost getting to their wits end with my persistent harping about the capabilities of Powershell and the need for anyone involved in Windows management to get on the act now. I ain't stopping though. This is probably the single most significant change to the way we will do things in the Windows space.

During my regular cruise of my favorite blogs, I came across the entry yesterday on Dmitry's blog where he caught on the jist from Citrix that they were rewriting their APIs for the next version of Presentation Server codenamed Parra so they had Powershell interfaces!

This is another massive join to the Powershell community and it's only going to get bigger and better.

Posted 02 November 2007 03:42 PM by Austin | no comments

Filed under: Powershell, Windows

Exchange Unplugged!

Sounds like an MTV show but t'was much better than that! Eileen Brown and her crew brought the Exchange 2007 and Unified Communications road show to Manchester in Association with BT Lynx. The day long event was held at the Museum of Science and Technology and I think the location was just perfect with the Dr Who show going on there as well :-)

Brett Johnson and Julian Datta gave awesome demos of Exch07 and Office Communication Server which all went flawlessly. Apparently, the last time they gave the demos, Brett's Shuttle, a quad core, 8Gb beast, ignited! That must have been fun.

This was the first time I had heard Brett present and I was well impressed. He kept the audience well engaged and his wit was classic!

Toy of the day was the hyper cool Microsoft Roundtable conference phone providing a 360 degree view of the conference room and a high res image of the active speaker.

My takeaways from the show were:

1. Exchange 07 & OCS are going to change the way we communicate. Voice, Video and text can now be affordably converged on the IP protocol and with presence information, playing "phone tag" will be a thing of the past.
2. Learn Powershell. It's the future! The Exchange servers Brett built were installed and configured using Powershell Scripts & commands. 

If you haven't been to the Exchange Roadshow, there's 2 more dates I think. Make sure you catch them if you can. Well worth it:

2nd November 2007, Warwickshire: Exchange Unplugged in association with Post CTI

5th November 2007, Glasgow: Exchange Unplugged in association with Capito

Posted 01 November 2007 12:59 PM by Austin | no comments

Search

This Blog

• Home
• Contact

Tags

• Active Directory
• Conference
• DEC
• Fun
• Microsoft
• Powershell
• Terminal Services Gateway Service
• Windows
• Windows Server 2008
• Windows Server Team Meeting
• Windows Vista

Navigation

• Home
• Blogs
• Forums
• Photos
• Downloads

Archives

• January 2008 (1)
• November 2007 (6)
• October 2007 (9)
• September 2007 (3)
• August 2007 (3)
• July 2007 (7)