|
Vol. 13, #14 - Apr 7, 2008 - Issue #668
|
|
Redmond Extends WinXP Life -- Kinda
|
| This issue of WServerNews is sponsored by |
|---|
|
- Editor's Corner
- New Unlimited Home Site License
- Redmond Extends WinXP Life -- Kinda
- Study Sees Microsoft Brand In Sharp Decline
- Readers Report On Their 'Vista Experience'
- Upcoming Sunbelt/Double-Take Seminars
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- Upgrading To Vista SP1 On Intel Chips? Proceed With Caution
- New Group Policy Newsletter
- Something That Vista SP1 "Fixed"
- Reader Reports Vista Nightmare
- Comparing XP and Vista - More On How To Speed Up Vista
- How To Format NTFS: More Tricks To Improve File System Performance
- Book Excerpt: How To Cheat At Configuring Exchange Server 2007
- Tips For Scheduling And Testing SQL Server Backups
- Windows Server News
- Microsoft To Patch Vista SP1, W2K8 Next Week
- Preventing Internet Access With Windows SBS
- How Do I Properly Configure WSUS?
- Citrix Heats Up VM Price Wars
- WServer Third Party News
- New Licensing Model For The House: The Unlimited Home Site License
- Paranoid About Security - Got Keylogger Anyway
- WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- FREE EBOOK: Administrator's Shortcut Guide to AD Security
|
FREE EBOOK: Administrator's Shortcut Guide to AD Security
|
Take 2 minutes to download a 30-day trial of ScriptLogic's Active
Administrator, an industry-leading AD management and auditing
solution, and you'll get a free copy of the eBook The
Administrator's Shortcut Guide to Active Directory Security.
In this comprehensive, 93-page eBook, you'll learn valuable AD
security tips from industry experts Derek Melber and Dave Kearns.
Download Active Administrator and get the free ebook today!
http://www.wservernews.com/080407-ScriptLogic
|
|
 |
Editor's Corner |
|
New Unlimited Home Site License
Make sure you read the story in the Third Party News about a brand new way
to license software for the house. Techies like you are especially going
to like it!
Redmond Extends WinXP Life -- Kinda
As expected, Microsoft will pull Windows XP from store shelves this June.
What wasn't expected is that some users will still have access to XP Starter
Edition for some time after that. Hear all the details in this podcast found
on SearchWinIT.com's blog page, plus find out what users are saying about
Vista SP1 and get a brief preview of next week's Patch Tuesday. This is a
short (6 min.) podcast you don't want to miss:
http://www.wservernews.com/080407-WinXP-Life
Study Sees Microsoft Brand In Sharp Decline
Research firm CoreBrand said Microsoft's brand is losing credibility and
mindshare with U.S. businesses, dropping from 12th place in 2004 to 59th
place now. And it was #1 in 1996. Something to do with Gates stepping down?
Let me know what you think what caused this at feedback@wservernews.com
Readers Report On Their 'Vista Experience'
I had a LOT of feedback last week, and some of it very detailed. It was
impossible to include all of them, and thanks very much for your time
and insights. I have published a few of these, which cover the various
(problem) areas. Highly informative reading in the Tech Briefing.
Upcoming Sunbelt/Double-Take Seminars
We'd like to invite you to the following seminars: Seminar: "Recovery Made
Easy for Exchange, SQL, and other Critical Applications" - Join Sunbelt
and Double-Take Software to find out the new ways that Double-Take v5.0
can help with high availability and disaster recovery for your servers
including full server failover, virtual systems and more.
Hosted at the Waikiki Beach Marriott Resort & Spa in Honolulu, HI on
Wednesday, April 9th. Register here:
http://www.wservernews.com/080407-DT-Honolulu-Seminar
Hosted at Microsoft in New York, NY on Wednesday, May 7th. Register here:
http://www.wservernews.com/080407-DT-New-York-Seminar
Two Quotes Of The Week by the late Sci-Fi writer Robert A. Heinlein
- "Never worry about theory as long as the machinery does what it's
supposed to do."
- "A generation which ignores history has no past and no future".
Thank you for being a WServerNews subscriber. Please
tell your friends about us. They can subscribe here:
http://www.wservernews.com/080407-Subscribe
|
Get Rid Of Your Old Second Generation Exchange AV
|
Yeah, it may work OK. But the yearly maintenance is scandalously high. You
can spend your valuable IT budget on something better than that. Get Ninja
for your Exchange AV. It is cheaper than Trend, McAfee or Symantec and true
third generation, integrated, policy-based antispam, AV, disclaimers and
more. It's very little money if you take advantage of the competitive
upgrade program. Try Ninja for 30 days. You will be amazed how easy it
is to set up and run: it takes 50% less admin time than the others!
http://www.wservernews.com/080407-Ninja-Email-Security
|
|
|
Tech Briefing |
|
Upgrading To Vista SP1 On Intel Chips? Proceed With Caution
Late last week, it was revealed that PCs made by Hewlett-Packard, Gateway,
China's Lenovo and others couldn't be upgraded to Vista Service Pack 1 if
they were using certain Intel chipsets. Symantec's Endpoint Protection and
NAC also have issues. Read the full article at MCPmag:
http://www.wservernews.com/080407-Vista-SP1-Intel-Chips
New Group Policy Newsletter
Does Rock always beat scissors? Not according to Group Policy Guru Jeremy
Moskowitz. In his latest Newsletter, Moskowitz uncovers how the new Group
Policy Preferences can "trump" real policy in this shocker! Also learn about
Jeremy's TWO new Group Policy books (with eChapter downloads) and his Group
Policy 2.0 training classes. It's all at:
http://www.wservernews.com/080407-Group-Policy-Newsletter
Something That Vista SP1 "Fixed"
Hi Stu, thought I would clue you in to one more thing that Vista SP1 "fixed".
I have been working with a large enterprise for some time providing them VPN
services with CPE Juniper Secure Access (SA) SSL VPN boxes. The IPSec-ish
client, the Network Connect Client, sometimes worked with Vista but then
there were just systems that would not work, or at the very least be
inconsistent in the ability to make a connection to the VPN appliance.
We were able to narrow down the issue during troubleshooting to the problematic
behavior when in certain locations. This was reminiscent of the early broadband
router problems with NAT Traversal (NAT-T) that something was not getting
through resulting in failure.
I read an early release about the SP1 RC1 and a couple of the comments in
there had to do with the TCP/IP stack. So, out of sheer frustration, I
had the engineers try applying the SP1 to several systems and test the
connectivity again. Low and behold, the problematic systems could now
connect. You'd'd figure that we could then nail down what exactly fixed the
issue, but neither Juniper nor Microsoft could give us an answer. I guess
I need to read up on the MS TCP/IP details as to what is new.
In reading your news letter it occurs to me that the changes to the stack
are also behind the copy speed as well. I would be interested to see a trace
on rejects or resets taking place to really identify what's going on. Just
thought you might be interested in a real world example of an affect of
the Vista SP1 package. Regards from San Diego, -- Perry Jurancich
Reader Reports Vista Nightmare
Hi Stu, In your last issue you said "I had a good chuckle and had to admit
he was of course right." You may have had a good chuckle, but I haven't.
I got my new Inspiron 9400 on April 4, 2007 with Vista Ultimate and Office
2007. $3000. Slow-file-copy bug. Copy 150 MB from a W2K machine to the desktop.
3 hours. Copy 1.5 GB on the desktop, to a copy on the desktop. 12 hours.
Nobody is laughing. Office 2007 crashes my line-of-business (LOB) Access app.
Wait for O2K SP1. It still crashes. Finally get fed up and put in for a paid
support fix. Bug acknowledged. Fix time, TBD. Nobody is even thinking about
smiling.
Vista SP1 comes, and I install it. It installs flawlessly, but takes out
every shadow copy on the machine. No big deal EXCEPT that it wipes out my
Wizardry 8 savegame files that were created on the machine, not any that
I copied to it, just the ones I created on the machine itself. 500+ hours
of game progress lost. Nobody knows how to smile.
Join the unit to the domain. Can't use Leech FTP-port is blocked by 'Windows
firewall with advanced security" Nobody can remember the word 'smile.' VPN
into the domain. Either have to tolerate not being able to browse the network
neighborhood OR I have to make the VPN carrier network a private network and
turn on network discovery and sharing to the whole Internet. No one can ever
remember smiling.
VPN into the domain again. Unless the machine is logged in with admin
credentials 'Windows firewall with advanced security" blocks access to the
SQL Server backend of the LOB app. Visions of sledgehammers haunt my sleep.
Try to turn off the 'firewall.' It's controlled by group policy. GPMC.mmc
doesn't exist. It was removed by SP1 as a security risk. I dream of wrecking
balls.
RSAT is supposed to have updated group policy tools for killing the 'firewall.'
Install it. All I get is a link to a help file. Eventually, I learn that I
have to go to what was Add and Remove Windows features and ADD the tools I
thought I just installed. Red-tinged building implosions begin to intrude
into my waking hours.
Pile through documentation on the firewall, looking to free up what
connections it 'protects' so I can tell it to leave the VPN connection alone,
don't find it. Find setting that are supposed to turn the firewall off
completely. They do-until the first reboot. Visions of Dresden, Germany
come to mind.
Copy the MS Access LOB app front end from the network to the local drive
after SP1 is installed. 65 MB. Gigabit backbone. This takes 8-12 seconds
for XP. 90 seconds for Vista. Have you ever seen 'Trinity and Beyond'?
Nobody's laughing Stu.
http://www.wservernews.com/080407-Trinity
I have new machines I need to order. Since my 'Line Of Business' app CAN'T
run on Office 2007 Pro OEM ($470 Canadian), I need Office 2007 OLP ($590)
to downgrade. Not that we have any use for the Ribbon and Nav Pane anyway.
Since Vista is such a dog I can either order Vista Business, format on
receipt, and downgrade-throwing away most of a day to do so-or order with
Vista Home Premium($150) and Vista Business Upgrade OLP ($230) and have it
shipped with XP while still having the right to upgrade if and when Vista
starts to work decently. I can order it with XP and take a full retail
upgrade shot-to-the-teeth if and when Vista starts to work decently. Not
funny at all.
I had great joy with Windows 2000 migrations. I put up with some discomfort
with XP migrations. I am stuck in a 'Saw' movie with Vista. It is thoroughly
and completely useless as a networked desktop compared to XP. It is almost
suicidally depressing. Let's not talk about 64-bit. I have already had to
downgrade one of those. -- Name Withheld on request
Comparing XP and Vista - More On How To Speed Up Vista
As always, I appreciate your newsletter. As an IT professional with an
extensive technical background, I finally broke down and had to check out
Vista for myself. So, I've got this DELL Latitude D620, dual core laptop
with a nice 7200 RPM hard drive, 2GB of RAM and a decent nVidia video card.
Overall, it's a nice system, and it came with Windows XP Professional.
I asked my old man to pick up a copy of Vista Ultimate from the Microsoft
store for me, and I went ahead and installed it one crazy afternoon.
First off, the installer took a good long while, but once it was done I
dived into making Vista run well. I turned off DEP and UAC and then tweaked
the advanced performance options. Specifically, I left only the few minimum
video options turned on that enabled the visual style of Vista. Sluggish,
is a good word to describe Vista, but I'll tell you which settings make it so:
- "Animate controls and elements inside windows"
- "Animate windows when minimizing and maximizing"
- "Fade or slide menus into view"
- "Fade or slide ToolTips into view"
- "Fade out menu items after clicking"
- "Show shadows under menus"
- "Show shadows under mouse pointer"
- "Slide open combo boxes"
- "Slide taskbar buttons"
- "Smooth-scroll list boxes"
- "Use drop shadows for icon labels on the desktop"
The first one in the above list actually makes a huge difference. It turns
off the .5 second animation that happens when you move your mouse over a
button, for example. As a former game developer, I understand how these
things affect performance. Maybe just moving your mouse over a button once
doesn't seem like much, but with all of those graphical effects turned on,
it adds up. The final one that makes the biggest difference is, of course,
the window frame transparency, which is up to user preference, but if you
disable at the very least the above, you can make Vista perform at XP levels.
It all looks nice when it's turned on, but the truth is, until hardware
catches up to the software, Vista is going to run sluggishly on most current
systems. Turning off all the animations above brought my laptop to near-XP
levels of performance. Doing a comparison between my XP and Vista systems
on a clean boot, I get the following results:
XP
Handles: 7203
Threads: 382
Processes: 29
RAM Usage: 437MB
Vista
Handles: 9606 (25% more)
Threads: 494 (23% more)
Processes: 38 (24% more)
RAM Usage: 467MB (8% more)
I realize the info is rather anecdotal and depends on the applications and
system spec, but suffice it to say that the systems are comparable and tuned
similarly (to my personal preferences). The difference in threads, processes
and file handles has a noticeable impact on system performance, but in truth,
those differences are minor in the grand scheme of things. Running World of
Warcraft, WinAMP and Outlook on my XP system puts me at almost the same place
as an unloaded Vista system. What really seems to bother people is the visual
sluggishness of the UI, and with the tweaks I listed above, that issue is
nearly non-existent. As always, your mileage may vary, but for me... I'm sold
on Vista, and quite happy with its performance. -- Aaron Stackpole
How To Format NTFS: More Tricks To Improve File System Performance
The best security features are the ones that protect a system without
slowing down the NTFS. Microsoft MVP Brien Posey offers some suggestions
for finding the right balance between NTFS performance and system security
in this tip.
http://www.wservernews.com/080407-Format-NTFS
Book Excerpt: How To Cheat At Configuring Exchange Server 2007
This excerpt from Henrik Walther's How to Cheat at Configuring Exchange
Server 2007: Including Outlook Web, Mobile, and Voice Access provides an
overview of Cluster Continuous Replication (CCR), a high availability
solution in Exchange Server 2007. Learn more about CCR's new log file
shipping and replay features as well as how to configure and manage a
CCR-based in your Exchange 2007 environment.
http://www.wservernews.com/080407-Configuring-Exchange-2007
Tips For Scheduling And Testing SQL Server Backups
Whether you're using SQL Server or SQL Server Express Edition, these tips for
scheduling backups will lead you to a successful restore. You'll learn how to
schedule backups in SQL Server via the SQL Server Agent and in SQL Server
Express using Windows Task Scheduler. SQL Server expert Denny Cherry also
shares how to test and secure your backups.
http://www.wservernews.com/080407-SQL-Server-Backups
|
|
Windows Server News |
|
Microsoft To Patch Vista SP1, W2K8 Next Week
Patch Tuesday is going to have eight updates with one 'critical' across
the entire Windows line. Five of the bulletins have severity ratings
of critical; all five address remote code execution flaws. The other
three have severity ratings of important, and include a remote code
execution flaw, an elevation of privilege flaw, and a flaw that can
allow spoofing. The updates will all require restarts. Here is Redmond's
Prepatch Notification:
http://www.wservernews.com/080407-Patch-Tuesday
Preventing Internet Access With Windows SBS
A question was asked recently on SearchWindowsSecurity.com regarding
Internet access while using Windows Small Business Server 2003 Standard
Edition. The user configured two network adaptors, one for the local
domain and one to connect to an ISP. While using SMTP in Exchange to
send email and a POP3 connector to retrieve email, it was discovered
that any client in the domain who put IP Server as their gateway can
access the Internet. Learn how to fix this problem and better manage
Internet access on Windows SBS. (registration required)
http://www.wservernews.com/080407-Windows-SBS
How Do I Properly Configure WSUS?
A poorly configured Windows Server Update Services can cause security issues,
as "skepticals" discovered. Check out solutions to this problem from your
Windows IT peers at the IT Knowledge Exchange. Then add your own suggestions.
http://www.wservernews.com/080407-Configure-WSUS
Citrix Heats Up VM Price Wars
Citrix has simplified its pricing model at the same time they released their
new XenServer V4.1. You can now deploy an unlimited number of virtual machines
or guest operating systems for $600 per server a year or $900 per server
perpetually. This puts additional pressure on VMware which is already
getting flak from Redmond.
The interesting bit is that the above prices are valid for servers with up
to four CPU sockets. Yes you read that right. This makes for less hassle
and lower cost. Both Microsoft and VMware charge per processor. And Citrix
still has their free Express Edition is still available for use on a single
server.
|
|
WServer Third Party News |
|
New Licensing Model For The House: The Unlimited Home Site License
This week, we introduced something completely new: An unlimited home site
license. This will be an option on all of our consumer products. Here's the
story. We are a research-intensive organization - we are constantly doing
surveys. Back in February, we were doing a survey for our upcoming security
product VIPRE, I noticed something interesting: On average, about 35% of
the respondents had more than 3 PCs in their household. (21% responded with
three computers, 28% responded with two computers and 17% responded with
one computer, out of 1009 respondents.)
The lesson was clear: a large group of users out there are getting to a
point where a typical 3-user license just doesn't cut it. That got me
thinking about a whole new idea, taken from the enterprise software space:
An unlimited home site license. Alex, Sunbelt's Prez really liked the idea.
So, after further discussion and some testing, we've formally launched our
new Unlimited Home Site License program. All of our consumer products have
this in place right now, but it will also be available for VIPRE. This is
an unlimited license - it works for as many computers as you have at home,
whether 3, 10, 50 or 100 computers. No guilt, no BS. No limits.
Here's how the new pricing for the Home Site License breaks out:
| iHateSpam | $39.95 |
| CounterSpy | $39.95 |
| Sunbelt Personal Firewall | $39.95 |
| VIPRE™ Antivirus + Antispyware | $49.95 | (scheduled release Q2/2008) |
The annual subscription provides protection for unlimited PCs and includes
one year of software updates and upgrades, any relevant threat definitions,
and live US-based toll-free technical support. Here is an example licensing
option page for CounterSpy:
http://www.wservernews.com/080407-CounterSpy-Licensing
Paranoid About Security - Got Keylogger Anyway
A quick note. I'm paranoid about security and consequently run well thought
of and fairly expensive firewall/spyware and virus programs. Despite all of
these, I wound up with a key logger on primary PC at home. Several programs
recognized it, but none removed or quarantined it. After some research, I
downloaded instructions for removal, which seemed to me needed a software
engineer to accomplish. Then I bought your latest Counterspy. You got rid
of it in about five minutes. Wonderful and thanks. -- J.G.
http://www.wservernews.com/080407-Licensing
|
|
WServerNews FAVE Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
WServerNews - Product of the Week |
|
FREE EBOOK: Administrator's Shortcut Guide to AD Security
Take 2 minutes to download a 30-day trial of ScriptLogic's Active
Administrator, an industry-leading AD management and auditing
solution, and you'll get a free copy of the eBook The
Administrator's Shortcut Guide to Active Directory Security.
In this comprehensive, 93-page eBook, you'll learn valuable AD
security tips from industry experts Derek Melber and Dave Kearns.
Download Active Administrator and get the free ebook today!
http://www.wservernews.com/080407-Product-of-the-Week
|
|
|
|
|
Email me: 