Vol. 17, #21 - May 21, 2012 - Issue #880 Image

Networking Ruminations

  1. Editor's Corner
    • From the Mailbag
    • Mailbag Overflow
    • Networking Ruminations
    • Tip of the Week
    • Recommended for Learning
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Events Calendar
    • Americas
    • Europe
    • Asia/Pacific
  4. Webcast Calendar
    • Running a Small Business on Office 365
    • This Week's Webcasts
    • Register for Webcasts
  5. Tech Briefing
    • How to convert your laptop to a Private Cloud Lab
    • More than you ever wanted to know about Remote Desktop Licensing
    • Get the latest Group Policy settings reference spreadsheet
    • New Slow Logon, Slow Boot Troubleshooting Content
    • How to NOT use Win32_Product in Group Policy Filtering
    • Windows Defender Offline is now available
    • Send text messages using Outlook 2010
  6. Windows Server News
    • The basics of cloud-based data storage
    • How to stagger your VDI project rollout: start with a VDI POC
    • How to recognize and prevent a hypervisor attack to protect data
    • Consumerization of IT: what's VDI got to do with it?
  7. WServerNews FAVE Links
    • This Week's Links We Like. Fun Stuff.
  8. WServerNews - Product of the Week
    • Deploy 3rd party patches with Microsoft WSUS or SCCM

Deploy 3rd party patches with Microsoft WSUS or SCCM 

SolarWinds Patch Manager makes the time-intensive, error-prone chore of patching third party apps across tens of thousands of Microsoft Windows® servers and workstations simpler, faster, and more reliable at a price you can't beat. And you can leverage your existing Microsoft WSUS and System Center Configuration Manager (SCCM) deployments. Automatically receive pre-built patches for common third party apps such as Adobe® Acrobat, Reader, Flash, Apple® iTunes, Google® Chrome, Mozilla® Firefox, Oracle® Java, and more. Use PackageBoot™ technology to execute custom actions before and after patches are deployed. Rest assured that even the peskiest of patches (like Java!) get deployed correctly. 

Download a free trial of Patch Manager

Editor's Corner

Save this newsletter so you can refer back to itand find helpful tips, tools and other resources that can help you when you face some planning decision, management task or troubleshooting headache!

From the Mailbag

In last week's newsletter Barenaked Servers I asked the question "How popular is tape backup among our readers?" I received the following response from Keith, an IT consultant in Ohio:

For organizations that have only a single site, tape backups are still the most cost effective mechanism for backing up and getting a copy of the backup off site. We are able to do a full backup of our critical Windows and Linux systems each night to a single LTO-4 tape which is stored offsite in safe deposit box at our local bank. As our storage (and backup) needs grow, I expect to replace the LTO-4 tapes with LTO-5 or LTO-6 tapes, but the basic backup scheme will remain.

Keith also had a bone to pick concerning the vendor of a popular backup product:

Since you mentioned Backup Exec... Apparently the Symantec Backup Exec product mis-planners didn't realize that customers are still using tape drives for backups. In Backup Exec 2012, they changed from a "job-centric" to a "server-centric" model and eliminated the ability to create a single backup job that backups multiple servers. It is possible to work around this non-feature by a PowerShell script to execute BEMCLI (Backup Exec Management Command Line Interface) commands, but what were they thinking?

Michael, who runs an IT business in Indiana, weighed some of the pros and cons of tape backup vs. cloud backup:

Although tape backup is not without its problems and shortcomings, I too, belong to the old school of believers. Recently, my trusty 4MM DAT tape drive (okay, small office here) went south. Rather than replace it with better tape technology like LTO, I chose the less expensive option and decided to ‘go to the cloud’. I picked a provider (based on cost) known as iDrive to back up my 70GB on a nightly basis. It was excruciatingly slow getting the initial backup of this 70GB… almost two weeks. Once everything was done, the incremental nightly takes around 50 minutes. I have tested several restore options and those appear to be trustworthy. Do I miss my tape? ABSOLUTELY! The cost of backing up 150GB maximum for 1 year is $49.50 or $4.95 / month. Not a bad price, but I am not really comfortable having my data stored somewhere ‘out there’. Most likely, in the next twelve months I will purchase a new tape drive and tapes to bring my backups back in-house.

Finally, remember that January 23 issue Lengthy Logons about possible causes of slow logons in Windows environments? Check out the Tech Briefing section of this newsletter for a couple of blog posts from the Directory Services Team at Microsoft concerning possible causes and procedures/tools for troubleshooting delayed logons in Active Directory environments.

Got feedback on anything in this newsletter? Email us at [email protected]

Mailbag Overflow

Check out Trench Tales, a series of articles on WindowsNetworking.com where we publish additional tips and comments from our newsletter readers that we're unable to include in our Mailbag column due to space limitations:

Networking Ruminations

This week's editorial is a medley of tips and resources on the topic of Windows networking that have crossed my desk recently. Let's begin.

Accessing Samba shares from Windows 7

Samba is a popular open-source SMB file-sharing platform typically used in UNIX/Linux environments. Legacy versions of Windows generally have no trouble accessing files on Samba file servers, but getting Windows 7 to connect to Samba shares using NTLMv2 can be challenging.

To get this to work you'll need at least version 3.0.21 of Samba since that was the first version that supported NTLMv2. Make sure also that the smb.conf file on your SAMBA file server includes the following:

lanman auth = no
ntlm auth = yes
client NTLMv2 = yes
client lanman auth = no
client plaintext = no
server=domain

Finally, use net join to join the machine to the domain using the domain admin password.

Everything should work fine now, but if it still doesn't then try disabling SMB signing by following the steps on this TechNet page:
http://www.wservernews.com/go/1337585797496

You can get Samba here:
http://www.wservernews.com/go/1337250400018

The following book from O'Reilly is a bit dated but it's still probably the best book about Samba out there:
http://www.wservernews.com/go/1337250405315

Switching from wireless to wired network

Your Windows 7 computer is connected to the Internet via a wireless network and has been assigned an IP address by that network via DHCP. You decide to connect your computer to a wired LAN. Can Windows 7 be configured to automatically switch from the wireless to wired network when the LAN connection becomes available?

Unfortunately there isn't an in-box way of doing this in Windows 7. Furthermore, killing the wireless connection so Windows can use the faster wired connection might break apps that need Internet connectivity. Windows 8 will support this kind of scenario however, though there still might be problems with apps that establish long-lived passive connections over the network.

However, laptop vendors often provide tools that can do this. For example, the HP 8540 EliteBook ghas a BIOS setting you can configure that will disable wireless connectivity whenever wired connectivity is established. And Lenovo laptops have something called Access Connections (IIRC) that can automatically turn off wireless networking when you connect your laptop to a LAN.

There are also some third-party software solutions for accomplishing this--see the Admin Toolbox section of this newsletter for several of them. And if you can recommend any other software solutions from your own experience with this type of scenario, let me know at [email protected] and I'll be happy to share with our readers.

Note that the reason for wanting to automatically disable wireless connections when connected to the LAN is more than just a matter of speed--it's also a matter of security. That's because bridging of wired and wireless network interfaces might enable malicious users via your wireless interface to access your company's internal corporate network via your LAN interface. However, you can mitigate this risk by disabling network bridge functionality using Group Policy as described on this TechNet page:
http://www.wservernews.com/go/1337585878231

Preventing connections to unknown wireless networks

If your company wants to prevent users with Windows 7 laptops from being able to connect to unknown (i.e. unauthorized) wireless networks, you can enforce this with Group Policy as described in this excellent post from the Group Policy Central blog:
http://www.wservernews.com/go/1337250419894

Using PowerShell to change your network location type

Unidentified networks in Windows 7 are automatically configured as Public networks. If you need to change your network location type from Public to Work, you can do so using the Windows PowerShell script in this post on Darene Lewis's MSDN blog:
http://www.wservernews.com/go/1337250426425

Best RJ45 crimping tools and other gadgets

If you need to lay down some Cat5e/Cat6 cabling in your home or office, you'll need some good tools. A good crimper is especially important unless you want your connections to fail intermittently. The following are a few recommendations from some colleagues:

Paladin CrimpALL Crimper:
http://www.wservernews.com/go/1337250432347

Paladin All-in-One Crimper:
http://www.wservernews.com/go/1337250437675

TRENDnet RJ-11/RJ-45 Crimp/Cut/Strip Tool:
http://www.wservernews.com/go/1337250440191

Eclipse UTP Universal Stripping Tool:
http://www.wservernews.com/go/1337250442409

Eclipse Multi-Modular Cable Tester:
http://www.wservernews.com/go/1337250450144

eStar Network Cable Tester:
http://www.wservernews.com/go/1337250447409

And if you want everything together in one package:

Paladin Network Tool Bundle:
http://www.wservernews.com/go/1337250452800

Finally, this seems to be a favorite as far as patch panels goes:

Leviton Twist and Mount Patch Panel:
http://www.wservernews.com/go/1337250472019

Got any networking tools or hardware to recommend? Email me at [email protected]

Windows networking on WindowsNetworking.com

WindowsNetworking.com, one of the sites of this newsletter's parent company TechGenix Ltd., has some great articles on Windows networking. These articles range from the networking fundamentals to advanced topics. Here's a brief selection:

10 Core Concepts that Every Windows Network Admin Must Know:
http://www.wservernews.com/go/1337250480519

15 Network Admin Apps for Windows Phone 7:
http://www.wservernews.com/go/1337250482581

15 Network Admin Apps for Android:
http://www.wservernews.com/go/1337250485253

10 Network Admin Apps for iOS:
http://www.wservernews.com/go/1337250488738

New Networking Features in Windows 8 Consumer Preview:
http://www.wservernews.com/go/1337250491769

Saving Money on the Network Budget:
http://www.wservernews.com/go/1337250493941

IPv6 multicast background traffic (series):
http://www.wservernews.com/go/1337250496144

Securing Wireless Network Traffic (series):
http://www.wservernews.com/go/1337250499832

Why DNS is So Important to Your Client IP Configuration:
http://www.wservernews.com/go/1337250502550

10 Ways to Troubleshoot DNS Resolution Issues:
http://www.wservernews.com/go/1337250517285

Additional resources on Windows networking

Finally, here are a few threads from the Microsoft TechNet forums concerning various issues relating to Windows networking:

Wake on LAN not working:
http://www.wservernews.com/go/1337250520488

Can't access Win XP from Win 7 - "[machine] is not accessible":
http://www.wservernews.com/go/1337250522644

Setup Wifi connection + VPN before domain logon:
http://www.wservernews.com/go/1337250524785

Unidentified Network appears every Windows 7 reboot and stops NW access:
http://www.wservernews.com/go/1337250527207

How to change default TCP/IP to v4?
http://www.wservernews.com/go/1337250531707

Windows 7 can't access Share in a workgroup:
http://www.wservernews.com/go/1337250533926

Networking multiple Windows 7 machines:
http://www.wservernews.com/go/1337250535957

Windows 7 cannot access file share on Server 2003 File Server:
http://www.wservernews.com/go/1337250538176

Got questions?

The best place to get all your Windows 7 networking questions answered is the Windows 7 Networking forum on TechNet:
http://www.wservernews.com/go/1337250542879

For best results, be sure to read the first post "How to ask a question efficiently in TechNet forum" before posting any questions to the forum.

Share your expertise!

Got Windows networking tips, gotchas or funny stories make some good point? Share your expertise with our readers by sending them to us at [email protected]

Tip of the Week

This tip is about how to print from a Windows 7 computer to a Windows XP printer in a workgroup. A colleague has a small office where they are now using Windows 7 x64 computers connected as a workgroup for performing their work, but the shared USB printer is still connected to a computer running Windows XP Professional x86. The printer was supported by Windows 7 which has the necessary in-box drivers for the device. He tried to get one of the Windows 7 computers to print to the shared printer by clicking Start, then Devices and Printers, then Add a Printer, and then Add a network, wireless or Bluetooth printer. The network printer showed up in the Add Printer dialog, but when he tried to install it a message displayed saying that drivers couldn't be found for the device.

Here's how he solved the problem:

  1. Plug the USB printer into the Windows 7 computer so it gets recognized. Updated drivers will be downloaded from Windows Update if available, and the printer will be displayed in the Devices and Printers folder.
  2. Right-click on the printer in the Devices and Printers folder and select Printer Properties.
  3. Select the Ports tab and click Add Port.
  4. Select Local Port and click New Port.
  5. Type the UNC path to the printer (e.g. \\name_of_XP_machine\share_name)
  6. Click OK until all dialogs are closed, then reconnect the printer to the Windows XP computer and try printing to it from the Windows 7 computer.

Got any tips to recommend to our readers? Let us know at [email protected]

Recommended for Learning

Microsoft Press offers a number of free ebooks in PDF, Mobi (Kindle) and epub format. For a list of what's currently available, see this blog post on the Microsoft Press blog on MSDN:
http://www.wservernews.com/go/1337250553707

Quote of the Week

"Within reason, you can get whatever you want if you're aware of your options, if you test your assumptions, if you take shrewdly calculated risks based on solid information, and if you believe you have power. The formula is almost laughably simple. Believe firmly that you have power and you'll convey that self-confident perception to others. It is you who determine how they see, believe, and react to you." --Herb Cohen from his book "You Can Negotiate Anything"

If you're ever in a position where you have to negotiate something (and who isn't?) then you'll benefit if you've read Herb's books. Here are links to them:

You Can Negotiate Anything:
http://www.wservernews.com/go/1337250559098

Negotiate This! By Caring, But Not T-H-A-T Much:
http://www.wservernews.com/go/1337250563051

Until next week,

Cheers,
Mitch Tulloch

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Download SolarWinds Trio of Free Tools for Microsoft Active Directory.
http://www.wservernews.com/go/1337251691402

Compare, Report, Consolidate and Simplify Group Policy.
http://www.wservernews.com/go/1337251693714

Automatically disable wireless and endpoint devices on docked computers connected to the company network:
http://www.wservernews.com/go/1337250568723

Makes sure your laptop's wireless card is off when you are wired into the company network to prevent bridged connections:
http://www.wservernews.com/go/1337250573848

Use this tool to automatically disable/enable wireless interfaces and reduce security risks:
http://www.wservernews.com/go/1337250578707

 

Events Calendar

Americas

Europe

Asia/Pacific

Add your event

Contact Michael Vella at [email protected] to get your conference or other event listed in our Events Calendar.

 

Webcast Calendar

Running a Small Business on Office 365

May 24, 2012 - Learn how your business can be more efficient and save costs with Microsoft Office 365 and the cloud. You also see how Tom Werner moved a real estate business to Office 365 and how it's using SharePoint, Exchange, Lync, and Office together:
http://www.wservernews.com/go/1337250603785

This Week's Webcasts

Register for Webcasts

 Add your Webcast

Contact Michael Vella at [email protected] to get your webcast listed in our Webcasts Calendar.

Tech Briefing

How To Convert Your Laptop To a Private Cloud Lab

Systems Management Expert Dan Stolts on the ITProGuru Blog shows you step by step how to set up a private cloud environment using Windows Server 2008 R2 SP1 that you can use for testing purposes:
http://www.wservernews.com/go/1337250623067

More than you ever wanted to know about Remote Desktop Licensing

The Directory Services Team at Microsoft tells you how to save your support calls when you have Remote Desktop Licensing questions or issues:
http://www.wservernews.com/go/1337250628004

Get the latest Group Policy settings reference spreadsheet

The Group Policy Team Blog has released a spreadsheet that covers the available administrative template settings and security settings for Windows Server “8” Beta, Windows 8 Consumer Preview and all earlier versions of Windows is now available in the download center
http://www.wservernews.com/go/1337250633239

New Slow Logon, Slow Boot Troubleshooting Content

The Directory Services Team summarizes root causes and troubleshooting tools and procedures for resolving slow boots and delayed logons
http://www.wservernews.com/go/1337250639364

How to NOT Use Win32_Product in Group Policy Filtering

Another possible source of slow logons in your environment may be misusing the Win32_Product class in Group Policy Filtering. The Directory Services Team explains this in detail:
http://www.wservernews.com/go/1337250645848

Windows Defender Offline is now available

Windows Defender Offline helps protect your PC by scanning it to remove rootkits and other advanced malware that can't always be detected by antimalware programs. More information here:
http://www.wservernews.com/go/1337250647973

Send Text Messages Using Outlook 2010

The Outlook Blog shows you how to stay connected by sending and receiving text messages (SMS) using Outlook 2010:
http://www.wservernews.com/go/1337250650004

 

Windows Server News

The basics of cloud-based data storage

Storing data in the public cloud has its obvious advantages. Cloud’s elastic provisioning capabilities gives you access to additional storage space when you need it. What you choose to store in the cloud versus on local servers, however, makes a difference. This expert tip details the types of data that are good fits for public cloud storage.
http://www.wservernews.com/go/1337250660473

How to stagger your VDI project rollout: Start with a VDI POC

The flick-the-switch method might work for some IT projects, but when it comes to a VDI project rollout, you're better off with a staggered method. With a staggered VDI project rollout, you can gather performance and resource metrics along the way, so you're ready for success when it's time for the full VDI deployment.
http://www.wservernews.com/go/1337250666161

How to recognize and prevent a hypervisor attack to protect data

While numerous guest OS and network security vulnerabilities exist in a virtual environment, a successful hypervisor attack could have devastating consequences. But, with the right plan in place, you can better protect data and minimize your virtualization and hypervisor security vulnerabilities.
http://www.wservernews.com/go/1337250668239

Consumerization of IT: What’s VDI got to do with it?

As more desktop virtualization vendors and users turn their attention to the consumerization of IT, we examine the technology's relationship with this disruptive trend.
http://www.wservernews.com/go/1337250676958

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

Image

Business Insider tells us to stop everything and play the original Wolfenstein in our browser right now!
http://www.wservernews.com/go/1337250683145

Did you know that one asteroid may contain more platinum than has ever been mined on earth?
http://www.wservernews.com/go/1337250686536

Is it actually dangerous to use cell phones or other portable electronics on board an aircraft?
http://www.wservernews.com/go/1337250699005

The flight and orbit of NASA's new spacecraft “Orion” that will take humans far beyond low-Earth orbit:
http://www.wservernews.com/go/1337250701130

'Jetman' Yves Rossy soars over Rio de Janeiro's iconic skyline, including the famous 'Christ the Redeemer' statue:
http://www.wservernews.com/go/1337250703473

Check out this LG 3D projection on a building facade in Berlin:
http://www.wservernews.com/go/1337250709942

 

WServerNews - Product of the Week

Deploy 3rd party patches with Microsoft WSUS or SCCM 

SolarWinds Patch Manager makes the time-intensive, error-prone chore of patching third party apps across tens of thousands of Microsoft Windows® servers and workstations simpler, faster, and more reliable at a price you can't beat. And you can leverage your existing Microsoft WSUS and System Center Configuration Manager (SCCM) deployments. Automatically receive pre-built patches for common third party apps such as Adobe® Acrobat, Reader, Flash, Apple® iTunes, Google® Chrome, Mozilla® Firefox, Oracle® Java, and more. Use PackageBoot™ technology to execute custom actions before and after patches are deployed. Rest assured that even the peskiest of patches (like Java!) get deployed correctly. 

Download a free trial of Patch Manager

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.