Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #14 - Apr 7, 2008 - Issue #668
Redmond Extends WinXP Life -- Kinda

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • New Unlimited Home Site License
    • Redmond Extends WinXP Life -- Kinda
    • Study Sees Microsoft Brand In Sharp Decline
    • Readers Report On Their 'Vista Experience'
    • Upcoming Sunbelt/Double-Take Seminars
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Upgrading To Vista SP1 On Intel Chips? Proceed With Caution
    • New Group Policy Newsletter
    • Something That Vista SP1 "Fixed"
    • Reader Reports Vista Nightmare
    • Comparing XP and Vista - More On How To Speed Up Vista
    • How To Format NTFS: More Tricks To Improve File System Performance
    • Book Excerpt: How To Cheat At Configuring Exchange Server 2007
    • Tips For Scheduling And Testing SQL Server Backups
  4. Windows Server News
    • Microsoft To Patch Vista SP1, W2K8 Next Week
    • Preventing Internet Access With Windows SBS
    • How Do I Properly Configure WSUS?
    • Citrix Heats Up VM Price Wars
  5. WServer Third Party News
    • New Licensing Model For The House: The Unlimited Home Site License
    • Paranoid About Security - Got Keylogger Anyway
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • FREE EBOOK: Administrator's Shortcut Guide to AD Security
FREE EBOOK: Administrator's Shortcut Guide to AD Security

Take 2 minutes to download a 30-day trial of ScriptLogic's Active Administrator, an industry-leading AD management and auditing solution, and you'll get a free copy of the eBook The Administrator's Shortcut Guide to Active Directory Security. In this comprehensive, 93-page eBook, you'll learn valuable AD security tips from industry experts Derek Melber and Dave Kearns.

Download Active Administrator and get the free ebook today!
http://www.wservernews.com/080407-ScriptLogic

Editor's Corner

New Unlimited Home Site License

Make sure you read the story in the Third Party News about a brand new way to license software for the house. Techies like you are especially going to like it!

Redmond Extends WinXP Life -- Kinda

As expected, Microsoft will pull Windows XP from store shelves this June. What wasn't expected is that some users will still have access to XP Starter Edition for some time after that. Hear all the details in this podcast found on SearchWinIT.com's blog page, plus find out what users are saying about Vista SP1 and get a brief preview of next week's Patch Tuesday. This is a short (6 min.) podcast you don't want to miss:
http://www.wservernews.com/080407-WinXP-Life


Study Sees Microsoft Brand In Sharp Decline

Research firm CoreBrand said Microsoft's brand is losing credibility and mindshare with U.S. businesses, dropping from 12th place in 2004 to 59th place now. And it was #1 in 1996. Something to do with Gates stepping down? Let me know what you think what caused this at [email protected]

Readers Report On Their 'Vista Experience'

I had a LOT of feedback last week, and some of it very detailed. It was impossible to include all of them, and thanks very much for your time and insights. I have published a few of these, which cover the various (problem) areas. Highly informative reading in the Tech Briefing.

Upcoming Sunbelt/Double-Take Seminars

We'd like to invite you to the following seminars: Seminar: "Recovery Made Easy for Exchange, SQL, and other Critical Applications" - Join Sunbelt and Double-Take Software to find out the new ways that Double-Take v5.0 can help with high availability and disaster recovery for your servers including full server failover, virtual systems and more.

Hosted at the Waikiki Beach Marriott Resort & Spa in Honolulu, HI on Wednesday, April 9th. Register here:
http://www.wservernews.com/080407-DT-Honolulu-Seminar

Hosted at Microsoft in New York, NY on Wednesday, May 7th. Register here:
http://www.wservernews.com/080407-DT-New-York-Seminar

Two Quotes Of The Week by the late Sci-Fi writer Robert A. Heinlein

- "Never worry about theory as long as the machinery does what it's supposed to do."
- "A generation which ignores history has no past and no future".

Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/080407-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Get Rid Of Your Old Second Generation Exchange AV

Yeah, it may work OK. But the yearly maintenance is scandalously high. You can spend your valuable IT budget on something better than that. Get Ninja for your Exchange AV. It is cheaper than Trend, McAfee or Symantec and true third generation, integrated, policy-based antispam, AV, disclaimers and more. It's very little money if you take advantage of the competitive upgrade program. Try Ninja for 30 days. You will be amazed how easy it is to set up and run: it takes 50% less admin time than the others!
http://www.wservernews.com/080407-Ninja-Email-Security

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Double-Take is a finalist in two categories of the 2008 Storage Awards, this industry's most prestigious event. Please vote for Double-Take here:
http://www.wservernews.com/080407-2008-Storage-Awards

Free Web-based Online Directory, Self Service Editing, LCS/OCS Presence! Want more? Check out the other editions with Enforced Data Integrity + Provisioning.
http://www.wservernews.com/080407-Namescape

FREE eBook with evaluation: Admin's Shortcut Guide to AD Security
http://www.wservernews.com/080407-Shortcut-Guide-to-AD-Security


Tech Briefing

Upgrading To Vista SP1 On Intel Chips? Proceed With Caution

Late last week, it was revealed that PCs made by Hewlett-Packard, Gateway, China's Lenovo and others couldn't be upgraded to Vista Service Pack 1 if they were using certain Intel chipsets. Symantec's Endpoint Protection and NAC also have issues. Read the full article at MCPmag:
http://www.wservernews.com/080407-Vista-SP1-Intel-Chips


New Group Policy Newsletter

Does Rock always beat scissors? Not according to Group Policy Guru Jeremy Moskowitz. In his latest Newsletter, Moskowitz uncovers how the new Group Policy Preferences can "trump" real policy in this shocker! Also learn about Jeremy's TWO new Group Policy books (with eChapter downloads) and his Group Policy 2.0 training classes. It's all at:
http://www.wservernews.com/080407-Group-Policy-Newsletter


Something That Vista SP1 "Fixed"

Hi Stu, thought I would clue you in to one more thing that Vista SP1 "fixed". I have been working with a large enterprise for some time providing them VPN services with CPE Juniper Secure Access (SA) SSL VPN boxes. The IPSec-ish client, the Network Connect Client, sometimes worked with Vista but then there were just systems that would not work, or at the very least be inconsistent in the ability to make a connection to the VPN appliance.

We were able to narrow down the issue during troubleshooting to the problematic behavior when in certain locations. This was reminiscent of the early broadband router problems with NAT Traversal (NAT-T) that something was not getting through resulting in failure.

I read an early release about the SP1 RC1 and a couple of the comments in there had to do with the TCP/IP stack. So, out of sheer frustration, I had the engineers try applying the SP1 to several systems and test the connectivity again. Low and behold, the problematic systems could now connect. You'd'd figure that we could then nail down what exactly fixed the issue, but neither Juniper nor Microsoft could give us an answer. I guess I need to read up on the MS TCP/IP details as to what is new.

In reading your news letter it occurs to me that the changes to the stack are also behind the copy speed as well. I would be interested to see a trace on rejects or resets taking place to really identify what's going on. Just thought you might be interested in a real world example of an affect of the Vista SP1 package. Regards from San Diego, -- Perry Jurancich

Reader Reports Vista Nightmare

Hi Stu, In your last issue you said "I had a good chuckle and had to admit he was of course right." You may have had a good chuckle, but I haven't.

I got my new Inspiron 9400 on April 4, 2007 with Vista Ultimate and Office 2007. $3000. Slow-file-copy bug. Copy 150 MB from a W2K machine to the desktop. 3 hours. Copy 1.5 GB on the desktop, to a copy on the desktop. 12 hours. Nobody is laughing. Office 2007 crashes my line-of-business (LOB) Access app. Wait for O2K SP1. It still crashes. Finally get fed up and put in for a paid support fix. Bug acknowledged. Fix time, TBD. Nobody is even thinking about smiling.

Vista SP1 comes, and I install it. It installs flawlessly, but takes out every shadow copy on the machine. No big deal EXCEPT that it wipes out my Wizardry 8 savegame files that were created on the machine, not any that I copied to it, just the ones I created on the machine itself. 500+ hours of game progress lost. Nobody knows how to smile.

Join the unit to the domain. Can't use Leech FTP-port is blocked by 'Windows firewall with advanced security" Nobody can remember the word 'smile.' VPN into the domain. Either have to tolerate not being able to browse the network neighborhood OR I have to make the VPN carrier network a private network and turn on network discovery and sharing to the whole Internet. No one can ever remember smiling.

VPN into the domain again. Unless the machine is logged in with admin credentials 'Windows firewall with advanced security" blocks access to the SQL Server backend of the LOB app. Visions of sledgehammers haunt my sleep. Try to turn off the 'firewall.' It's controlled by group policy. GPMC.mmc doesn't exist. It was removed by SP1 as a security risk. I dream of wrecking balls.

RSAT is supposed to have updated group policy tools for killing the 'firewall.' Install it. All I get is a link to a help file. Eventually, I learn that I have to go to what was Add and Remove Windows features and ADD the tools I thought I just installed. Red-tinged building implosions begin to intrude into my waking hours.

Pile through documentation on the firewall, looking to free up what connections it 'protects' so I can tell it to leave the VPN connection alone, don't find it. Find setting that are supposed to turn the firewall off completely. They do-until the first reboot. Visions of Dresden, Germany come to mind.

Copy the MS Access LOB app front end from the network to the local drive after SP1 is installed. 65 MB. Gigabit backbone. This takes 8-12 seconds for XP. 90 seconds for Vista. Have you ever seen 'Trinity and Beyond'? Nobody's laughing Stu Sjouwerman
http://www.wservernews.com/080407-Trinity

I have new machines I need to order. Since my 'Line Of Business' app CAN'T run on Office 2007 Pro OEM ($470 Canadian), I need Office 2007 OLP ($590) to downgrade. Not that we have any use for the Ribbon and Nav Pane anyway. Since Vista is such a dog I can either order Vista Business, format on receipt, and downgrade-throwing away most of a day to do so-or order with Vista Home Premium($150) and Vista Business Upgrade OLP ($230) and have it shipped with XP while still having the right to upgrade if and when Vista starts to work decently. I can order it with XP and take a full retail upgrade shot-to-the-teeth if and when Vista starts to work decently. Not funny at all.

I had great joy with Windows 2000 migrations. I put up with some discomfort with XP migrations. I am stuck in a 'Saw' movie with Vista. It is thoroughly and completely useless as a networked desktop compared to XP. It is almost suicidally depressing. Let's not talk about 64-bit. I have already had to downgrade one of those. -- Name Withheld on request

Comparing XP and Vista - More On How To Speed Up Vista

As always, I appreciate your newsletter. As an IT professional with an extensive technical background, I finally broke down and had to check out Vista for myself. So, I've got this DELL Latitude D620, dual core laptop with a nice 7200 RPM hard drive, 2GB of RAM and a decent nVidia video card. Overall, it's a nice system, and it came with Windows XP Professional. I asked my old man to pick up a copy of Vista Ultimate from the Microsoft store for me, and I went ahead and installed it one crazy afternoon.

First off, the installer took a good long while, but once it was done I dived into making Vista run well. I turned off DEP and UAC and then tweaked the advanced performance options. Specifically, I left only the few minimum video options turned on that enabled the visual style of Vista. Sluggish, is a good word to describe Vista, but I'll tell you which settings make it so:
  • "Animate controls and elements inside windows"
  • "Animate windows when minimizing and maximizing"
  • "Fade or slide menus into view"
  • "Fade or slide ToolTips into view"
  • "Fade out menu items after clicking"
  • "Show shadows under menus"
  • "Show shadows under mouse pointer"
  • "Slide open combo boxes"
  • "Slide taskbar buttons"
  • "Smooth-scroll list boxes"
  • "Use drop shadows for icon labels on the desktop"
The first one in the above list actually makes a huge difference. It turns off the .5 second animation that happens when you move your mouse over a button, for example. As a former game developer, I understand how these things affect performance. Maybe just moving your mouse over a button once doesn't seem like much, but with all of those graphical effects turned on, it adds up. The final one that makes the biggest difference is, of course, the window frame transparency, which is up to user preference, but if you disable at the very least the above, you can make Vista perform at XP levels.

It all looks nice when it's turned on, but the truth is, until hardware catches up to the software, Vista is going to run sluggishly on most current systems. Turning off all the animations above brought my laptop to near-XP levels of performance. Doing a comparison between my XP and Vista systems on a clean boot, I get the following results:

XP
Handles: 7203
Threads: 382
Processes: 29
RAM Usage: 437MB

Vista
Handles: 9606 (25% more)
Threads: 494 (23% more)
Processes: 38 (24% more)
RAM Usage: 467MB (8% more)

I realize the info is rather anecdotal and depends on the applications and system spec, but suffice it to say that the systems are comparable and tuned similarly (to my personal preferences). The difference in threads, processes and file handles has a noticeable impact on system performance, but in truth, those differences are minor in the grand scheme of things. Running World of Warcraft, WinAMP and Outlook on my XP system puts me at almost the same place as an unloaded Vista system. What really seems to bother people is the visual sluggishness of the UI, and with the tweaks I listed above, that issue is nearly non-existent. As always, your mileage may vary, but for me... I'm sold on Vista, and quite happy with its performance. -- Aaron Stackpole

How To Format NTFS: More Tricks To Improve File System Performance

The best security features are the ones that protect a system without slowing down the NTFS. Microsoft MVP Brien Posey offers some suggestions for finding the right balance between NTFS performance and system security in this tip.
http://www.wservernews.com/080407-Format-NTFS


Book Excerpt: How To Cheat At Configuring Exchange Server 2007

This excerpt from Henrik Walther's How to Cheat at Configuring Exchange Server 2007: Including Outlook Web, Mobile, and Voice Access provides an overview of Cluster Continuous Replication (CCR), a high availability solution in Exchange Server 2007. Learn more about CCR's new log file shipping and replay features as well as how to configure and manage a CCR-based in your Exchange 2007 environment.
http://www.wservernews.com/080407-Configuring-Exchange-2007


Tips For Scheduling And Testing SQL Server Backups

Whether you're using SQL Server or SQL Server Express Edition, these tips for scheduling backups will lead you to a successful restore. You'll learn how to schedule backups in SQL Server via the SQL Server Agent and in SQL Server Express using Windows Task Scheduler. SQL Server expert Denny Cherry also shares how to test and secure your backups.
http://www.wservernews.com/080407-SQL-Server-Backups


Windows Server News

Microsoft To Patch Vista SP1, W2K8 Next Week

Patch Tuesday is going to have eight updates with one 'critical' across the entire Windows line. Five of the bulletins have severity ratings of critical; all five address remote code execution flaws. The other three have severity ratings of important, and include a remote code execution flaw, an elevation of privilege flaw, and a flaw that can allow spoofing. The updates will all require restarts. Here is Redmond's Prepatch Notification:
http://www.wservernews.com/080407-Patch-Tuesday


Preventing Internet Access With Windows SBS

A question was asked recently on SearchWindowsSecurity.com regarding Internet access while using Windows Small Business Server 2003 Standard Edition. The user configured two network adaptors, one for the local domain and one to connect to an ISP. While using SMTP in Exchange to send email and a POP3 connector to retrieve email, it was discovered that any client in the domain who put IP Server as their gateway can access the Internet. Learn how to fix this problem and better manage Internet access on Windows SBS. (registration required)
http://www.wservernews.com/080407-Windows-SBS


How Do I Properly Configure WSUS?

A poorly configured Windows Server Update Services can cause security issues, as "skepticals" discovered. Check out solutions to this problem from your Windows IT peers at the IT Knowledge Exchange. Then add your own suggestions.
http://www.wservernews.com/080407-Configure-WSUS


Citrix Heats Up VM Price Wars

Citrix has simplified its pricing model at the same time they released their new XenServer V4.1. You can now deploy an unlimited number of virtual machines or guest operating systems for $600 per server a year or $900 per server perpetually. This puts additional pressure on VMware which is already getting flak from Redmond.

The interesting bit is that the above prices are valid for servers with up to four CPU sockets. Yes you read that right. This makes for less hassle and lower cost. Both Microsoft and VMware charge per processor. And Citrix still has their free Express Edition is still available for use on a single server.

WServer Third Party News

New Licensing Model For The House: The Unlimited Home Site License

This week, we introduced something completely new: An unlimited home site license. This will be an option on all of our consumer products. Here's the story. We are a research-intensive organization - we are constantly doing surveys. Back in February, we were doing a survey for our upcoming security product VIPRE, I noticed something interesting: On average, about 35% of the respondents had more than 3 PCs in their household. (21% responded with three computers, 28% responded with two computers and 17% responded with one computer, out of 1009 respondents.)

The lesson was clear: a large group of users out there are getting to a point where a typical 3-user license just doesn't cut it. That got me thinking about a whole new idea, taken from the enterprise software space: An unlimited home site license. Alex, Sunbelt's Prez really liked the idea.

So, after further discussion and some testing, we've formally launched our new Unlimited Home Site License program. All of our consumer products have this in place right now, but it will also be available for VIPRE. This is an unlimited license - it works for as many computers as you have at home, whether 3, 10, 50 or 100 computers. No guilt, no BS. No limits.

Here's how the new pricing for the Home Site License breaks out:

iHateSpam$39.95
CounterSpy$39.95
Sunbelt Personal Firewall$39.95
VIPRE? Antivirus + Antispyware$49.95(scheduled release Q2/2008)

The annual subscription provides protection for unlimited PCs and includes one year of software updates and upgrades, any relevant threat definitions, and live US-based toll-free technical support. Here is an example licensing option page for CounterSpy:
http://www.wservernews.com/080407-CounterSpy-Licensing


Paranoid About Security - Got Keylogger Anyway

A quick note. I'm paranoid about security and consequently run well thought of and fairly expensive firewall/spyware and virus programs. Despite all of these, I wound up with a key logger on primary PC at home. Several programs recognized it, but none removed or quarantined it. After some research, I downloaded instructions for removal, which seemed to me needed a software engineer to accomplish. Then I bought your latest Counterspy. You got rid of it in about five minutes. Wonderful and thanks. -- J.G.
http://www.wservernews.com/080407-Licensing


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

FREE EBOOK: Administrator's Shortcut Guide to AD Security

Take 2 minutes to download a 30-day trial of ScriptLogic's Active Administrator, an industry-leading AD management and auditing solution, and you'll get a free copy of the eBook The Administrator's Shortcut Guide to Active Directory Security. In this comprehensive, 93-page eBook, you'll learn valuable AD security tips from industry experts Derek Melber and Dave Kearns. Download Active Administrator and get the free ebook today!
http://www.wservernews.com/080407-Product-of-the-Week