Vol. 20, #31 - August 3, 2015 - Issue #1041
Updating Windows 10 (or not)
- Editor's Corner
- Reminder: Free AWS course for WServerNews subscribers!
- Ask Our Readers: Upgrade PDC emulator before or after upgrading Exchange?
- From the Mailbag
- Updating Windows 10 (or not)
- Windows 10 and mediaphiles
- Revisiting eyestrain and IT pros
- Guarding against ID theft
- Conspiracy Corner: Why does this site load so slowly?
- Send us your feedback
- Recommended for Learning
- Microsoft Virtual Academy
- Registration is open for Exchange CON 2015
- Virtualization CON 2015 Sessions On Demand
- Quote of the Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- This Week's Tips
- Cloning trick
- Disabling scheduled tasks that run with SYSTEM privileges
- Events Calendar
- North America
- Webcast Calendar
- Register for Webcasts
- Tech Briefing
- Enterprise IT
- Microsoft Azure
- Microsoft Exchange and Office 365
- System Center
- Windows Server
- Recommended TechGenix Articles
- Recommended articles from websites in TechGenix Network
- Windows Server News
- Bridging the cloud generational gap
- Workloads that should remain on physical hardware
- Steps to virtualize apps with ThinApp
- Pitfalls of Apple's Mac OS in the enterprise
- WServerNews FAVE Links
- Swiss Cow Airlifted By Helicopter
- UK Magicians Hijack Live TV News Broadcast
- Spitfire Lands Without Wheels
- Intelligent Dog
- WServerNews - Product of the Week
- Deep Packet Inspection for Quality of Experience Monitoring
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to [email protected] if you have any comments or suggestions!
This week's newsletter is about a new tool Microsoft is releasing out of band for Windows 10 that allows end users to block or hide any software updates you don't want Windows Update to apply to your machine. We also have lots of other useful and interesting stuff so be sure to read everything in this issue!
Speaking of blocking things, what's an antidote for writer's block? As editors of this newsletter we sometimes stare at a blank screen endlessly muttering "woh woh woh" to ourselves. To find a solution to our problem of writer's block we naturally went to Dilbert:
Reminder: Free AWS course for WServerNews subscribers!
Pluralsight, a global leader in online training and assessment for technology professionals, is offering free access for all our newsletter subscribers to their online course Amazon Web Services (AWS) Fundamentals for System Administrators. This course introduces Amazon AWS cloud capabilities to administrators, engineers, and architects looking to design and deploy on the AWS cloud. It covers core AWS skills and concepts needed to begin working with AWS and to achieve AWS certification. Once you sign up for this course you'll have free access until September 30, 2015. Sign up here for this terrific free offer:
Ask Our Readers: Upgrade PDC emulator before or after upgrading Exchange?
In Issue #1039 Systems Management Briefs, we included the following request from a reader named Steve:
I have 2 standard 2003 servers I'm migrating to 2012 R2. One is the Primary Domain Controller and is also running exchange 2003. The second is just a terminal server bit it's the secondary domain controller. My target 2012 servers are all 2012 R2 Standard Edition, in 3 separate VM's. They are all joined to the current 2003 domain ready for migration (in fact, we are running a test migration of the accounting system right now on the new server). At the end of the domain & Exchange migration, the new PDC, Exchange 2010 and Terminal server will all be running as discrete VM Servers so I'm essentially "splitting" the existing 2003 server in 2 and extracting out the PDC and Exchange 2010 into separate servers (all on the same domain of course). This particular installation will continue to run on premises only Exchange 2010. In order to install Exchange in this environment, it is necessary to do so by following a configuration that results in running a live Exchange migration to 2010 at the end of the installation. Basically a one shot deal.
No problem so far but one big question: since the PDC has to be migrated, the server roles have to be migrated to the new 2012 R2 PDC and the old server will then have to be demoted yet still run exchange 2003 until all mailboxes are migrated (200+Gb's of mailbox storage). Question: is it best (or required) to migrate the domain controller and roles BEFORE installing Exchange 2010 or is it necessary or best to install, migrate and wait for mailbox moves to complete on the Exchange 2010 server while it is running on the OLD domain PDC first then do the PDC migration. Which one's first?
Reader Vidyadhish Desai from New Zealand responded to Steve's request with the following suggestions:
My suggestion would be:
1. Install Exchange 2010 on your new VM.
2. Migrate all your mailboxes to the new Exchange server.
3. Move all the FSMO roles to the new 2012 R2 domain controllers.
4. Ensure Exchange 2010 is now looking at the new servers for all domain and configuration related information.
5. Demote your 2003 domain controllers.
This is just a summarized version; exact steps I am sure you already know about them.
Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]
From the Mailbag
Back in Issue #1039 Systems Management Briefs, we included a brief news item called Remembering the launch of Windows 95 and asked if any of our newsletter readers still remembered the day Windows 95 was launched. We included a few personal stories submitted by readers in the Mailbag section of Issue #1040 AWS resources, and below are several others we've received from our readers. The first story is from a reader named Fraser who is a retired Technical Writer in New Zealand:
Yes I remember the day well, it was held in the Aotea Centre in Auckland, the hype was amazing, didn't get a T-shirt (our boss was fuming over that) but got a hat and a pen. Bill Gates was there in person and when he came on stage the place just buzzed, to actually see him in New Zealand although never got to speak to him. They were giving away copies on CD but the bun fight to get one beat me, later on found one, still have at home. Up to this stage I had been using DOS and Unix and WFWG 3.11 so this was a major change and I actually came to like the product. Things were so different then, we felt that we in the cutting edge of technology.
The next was submitted by Rich from San Diego, California USA:
I didn't attend the release of W95 at Microsoft, but a local event by MS here in San Diego. The only thing I remember specifically about it was that it now did most of what I'd already had W3.11/workgroups doing with free utilities. As time went on, of course, it far surpassed the 3.x versions. This is against what I believe more in, that is, only load what you will use, and many folks didn't need (and to this day still don't use) the features included in the OS. Sort of like loading huge Word application when all you do is write letters and print them (or now, email them. I was disappointed in the move from text configuration files to the registry. Still frustrating to me and one of many reasons I'm also very much into Linux. Unfortunately, Linux has embraced similar ideas of late and many config files are no longer text, but complicated binary files.
Next up are some fascinating reflections by Charles, a Senior IT Services Consultant for a civic government in the USA:
The day that Windows 95 launched, I was on the phones taking support calls for the product. It was my first real job in the IT world, working for a company contracted to outsource support calls for Microsoft. We had about a month of training on Windows 95, trying to learn as much as we could about the product. Also, we were training on how to take phone calls, answer questions, control the direction of the calls, and deal with the customers' frustrations. This in no way prepared us for the volume of calls when the floodgates opened on the first day.
We started taking calls around 7:00 AM local time. People had gone to retail stores, which opened up just after midnight, bought Windows 95, and installed it on their computers earlier that morning. The call queue indicator light was red (which meant 10 or more calls in queue) for the next two weeks. Many customers had to wait on the phone up to four hours, before talking to a tech support team member. There were all types of installation issues, driver compatibility problems, and a new way of using Windows, because it was so different than DOS and Windows 3.1. It was a baptism of fire. A number of my fellow coworkers quit because of the stress and pressures from the calls, technical issues, and stresses dealing with people and their problems. There were veterans from the DOS and Windows 3.1 products who helped us solve issues and cope with the stress. After the first two weeks, the call volume dropped (anywhere from 4 to 9 calls in the queue) and we were past the initial shock of the launch. If you made it through those first two weeks, you could handle almost anything that was thrown at you.
Over the next few months, we gained knowledge and confidence with Windows 95, and dealt with some new challenges. Not all BIOS could work with the newer "Plug and Play" technology. There were troubles with the Windows 95 number 2 installation floppy disk going bad. Some computers didn't have the minimum RAM necessary to run Windows 95, so a product called "SoftRAM" was used. The product was supposed to compress and increase the capacity of the installed RAM, similar to what DriveSpace did with the hard drive. It didn't actually do the job that it claimed it could, and we secretly called it "SoftSCAM". After some time, the Windows 95 Plus pack was launched and so was the first version of Internet Explorer. No need to install a separate IP stack with Winsock.
We've come a long way since the launch of Windows 95. A lot of what was in it, the Start Button and menus, desktop and icons, and the way we identify what a computer interface is, points back to when Windows 95 was new. I still have a Windows 95 analog watch that I got from that first year.
Wow thank you for the amazing stories, I had forgotten what a leap Windows 95 was compared to Windows For Workgroups (WFW) 3.11, Windows 3.1 and MS-DOS! I do recall now the problems with Plug and Play (PnP) on some system hardware and some other driver problems happening. I almost think that moving to Windows 8 was just as jarring for many people and I'm wondering whether Windows 10 will help Microsoft regain some of the trust they've lost with much of the end user community or whether that trust is gone for good. I'm cautiously hopeful but we'll see in the coming months how things play out.
Anyways, these are all terrific stories--please keep 'em coming! :-)
And now on to the main topic of this week's newsletter...
Updating Windows 10 (or not)
Allowing your operating system to decide when a new device driver or other software update needs to be installed may work well inside the Walled Garden in Cupertino where Apple controls both the software and the hardware. But will it work in the Windows world where the hardware is mostly produced by third-party vendors?
Some think not and envision a nightmare scenario where Windows Update pushes out a buggy driver update that bricks millions of laptops, tablets and PCs running Windows 10 leaving users helpless and frustrated. Windows 7 offers users a way out by allowing them to hide updates they've heard might cause problems if they're installed on their systems:
Figure 1: You can hide a software update in Windows 7.
As a short aside you might have noticed that the KB2952664 update listed as Important in the above screenshot is the (in)famous "nagware patch" asking if you want to upgrade your machine to Windows 10 when it becomes available. Since the work machine I see this on is currently running Windows 7 and I don't plan to upgrade this particular machine (we'll be purchasing brand new PCs for running Windows 10 in our business) so I think I'll hide this update right now...done. You can read more about KB2952664 in this article from InfoWorld:
Anyways, Windows 8 also includes this same capability of being able to hide or unhide selected software udpates. Hiding a software update like this effectively blocks Windows Update from installing the update on your machine or even downloading the update if it hasn't already been downloaded. If you're not familiar with this feature you should see this tutorial from SevenForums:
Unfortunately this UI feature has been removed from Windows 10 which limits your ability as an end user from preventing troublesome driver updates from being installed and re-installed from Windows Update. The removal of this feature generated some outcry from the user community. As a result Microsoft has now released a tool you can download that will restore your ability to hide unwanted software updates (and also unhide them should you change your mind later). Shawn Keen, a Microsoft MVP in the technical expertise area called Windows Experience, has published an excellent article describing this tool in his blog called CmdrKeene's Blog:
Microsoft Knowledge Base article KB3073930 contains the official details concerning the tool and a link where you can download it from:
By installing this tool you can essentially restore the same ability to hide/unhide updates that was included in Windows 7/8 but removed from Windows 10. Let us know what you think of this tool if you install and use it by sending your comments to [email protected]
Of course, this tool is intended only for end users whose machines are unmanaged i.e. not joined to a domain. In a corporate environment can centrally manage the updating of Windows 10 client machines using Windows Update for Business (WUB) which is described as "a new management option for Windows 10 to always keep devices up to date with the latest security updates and Windows features" as was mentioned at Microsoft Ignite:
Unfortunately WUB hasn't been released yet even though the release of Windows 10 is right around the corner. You can read a bit more about WUB here:
We'll be devoting an issue of WServerNews to WUB when we can learn more about how it's implemented and managed. You should also read this post by Andre Da Costa on the Microsoft Answers Community about the new servicing model Microsoft is introducing with Windows 10:
See also the Microsoft Virtual Academy section later in this newsletter for information about an upcoming live event on preparing your enterprise for this new Windows 10 servicing model.
Windows 10 and mediaphiles
If you're a mediaphile (an enthusiast of technology for home entertainment) then you might want to think twice about upgrading your home PC to Windows 10 based on this blog post by long time Microsoft MVP Barb Bowman:
Windows 10 Home Entertainment (Should you Upgrade?)
Barb's Connected World is one of those blogs that every technology enthusiast should add to their newsfeed. And she doesn't just cover Windows technologies. For example, she has a fascinating article on Apple's iOS HomeKit here:
Revisiting eyestrain and IT pros
Way back in Issue #1025 Eyestrain solutions for IT pros and Issue #1027 Reader Feedback: Eyestrain solutions for IT pros, we examined the problem of mitigating the eyestrain that many IT professionals experience as a result of the numerous hours they spend each day looking at monitors, laptop screens, tablets and smartphones--not to mention wall-sized television screens when they get home from work (if they ever get home from work). One of our newsletter readers Samuel Jackendoff who is married to a Doctor of Optometry has been kind enough to compile together a number of resources on the relationship between blue light and eyestrain and has published them here so our readers can benefit from them:
While I've described my current solution (covering my monitors with blue-blocking plastic filter material) in the above issues, I was still often experiencing discomfort when using my iPad until one day recently when I looked at the Accessibility options in the General section of the Settings app. When I selected the Increase Contrast option on the Accessibility page I discovered three settings that when turned on have resulted in a definite lessening of the discomfort I have been experiencing when looking at stuff on my iPad:
Figure 2: iOS accessibility settings for improving contrast.
This tip is not mentioned in Samuel's section Software Solutions on his resource page so I thought I'd mention it here for any readers who might benefit. And if any of you IT pro readers out there have discovered any additional tips, tricks or tools for mitigating any eyestrain you've been experiencing with your computers, please feel free to email us your suggestions at [email protected]
Guarding against ID theft
Wired recently published an article about how the ID theft-protection company Lifelock have themselves experienced a data breach:
We'd be interested in hearing from some of our tech-savvy readers whether they are concerned about ID theft and what steps they suggest taking or tools they recommend using to safeguard oneself against such theft. Send your comments to us at [email protected]
Conspiracy Corner: Why does this site load so slowly?
Business Insider reports on rumors that news sites may load slowly because they're trying to squeeze more money from businesses advertising on the site:
Of course take what you read on BI with a large grain of salt. Still, it's an interesting scheme and I wouldn't be surprised if it's happening sometimes...
Send us your feedback
Got feedback about anything in this issue of WServerNews? Email us at [email protected]
Recommended for Learning
Want to sharpen your PowerShell chops? Microsoft's Rob Linsky shares his top four Windows PowerShell resources on the Born To Learn blog here:
So much to learn and so little time...
Microsoft Virtual Academy
August 13: Preparing Your Enterprise for Windows 10 as a Service
Are you ready for Windows 10 as a Service? Find out in the fifth episode of the Enterprise Mobility Core Skills series! Join Simon May to learn how to take advantage of the Enterprise Mobility Management (EMM) features built directly into Windows, including single sign-on, mobile device management (MDM) functionality, and improved security and identity protection. Register today!
Registration is open for Exchange Con 2015
Registration is open for this year’s MS Exchange CON event, the annual online gathering of IT Strategists, System Administrators, Solution Providers and, and Microsoft MVPs. This virtual live event is I hosted by MSExchange.org and TechGenix as a convenient and cost-effective opportunity for IT Professionals everywhere to catch-up on the latest technologies, solutions and strategies to manage MS Exchange in the Enterprise, Office 365 and Hybrid Environments.
This year’s event kicks off with a Keynote address by Michael Osterman, discussing the challenges and uncertainties facing organizations as they deal with the shifting landscape of on-premise Exchange and Office 365. A few of the wide range of topics and issues he’ll address includes:
- Important considerations when migrating to Office 365 from an Hybrid environment
- The newest trends in security and content archiving
- Need-to-knows about Microsoft’s built-in security and archiving capabilities
- The new features and functions Microsoft is likely to offer in future Exchange releases
The virtual live conference takes place on Thursday, September 24, 2015, starting at 10am ET / 9am CT / 7am PT / 3pm GMT.
Following the kick-off presentation, you will be able to choose from multiple breakout focus sessions featuring experts addressing topics of interest to the MS Exchange Community and the newest tools offered by leading solutions providers, including ENow, Barracuda Networks, Kemp Technologies, and Binary Tree.
Participation is limited to the first 1,000 registrants, so reserve your spot today!
Virtualization CON 2015 Sessions On Demand
Recordings of VirtualizationCON 2015 Sessions Available On Demand
Available until August 31, 2015
View the recorded sessions from Virtualization CON 2015, hosted by VirtualizationAdmin.com, at your convenience. This annual, online gathering of Administrators and IT Professionals joining with Virtualization Experts presents the latest virtualization technologies, challenges and solutions. The recordings of all sessions will be available through August 31, 2015.
Keynote Address by Brien Posey: The Present and Future of Virtualization - Join Microsoft MVP and freelance technology writer Brien Posey who reviews the latest trends, technologies and challenges in virtualization.
Focus Session sponsored by Veeam: Item Level Recovery for Tier-1 Applications – Learn how you can recover your critical applications and enable the Always-On Business with the help of Free tools from Veeam.
Focus Session sponsored by VMTurbo: Keeping the Lights Bright in a Virtual Environment! – Find out how the industry is shifting towards a more SLA focused and policy-driven operations strategy an why this is important.
Capstone Session: Has Virtualization Met Expectations? – Join Brien Posey, Veeam’s Jason Acord and VM Turbo’s Eric Wright as they discuss leading questions many organizations face when considering, planning or implementing a virtualized environment.
Quote of the Week
"First we thought the PC was a calculator. Then we found out how to turn numbers into letters with ASCII and we thought it was a typewriter. Then we discovered graphics, and we thought it was a television. With the World Wide Web, we've realized it's a brochure." --Douglas Adams
Until next week,
Note to subscribers: If for some reason you don't receive your weekly issue of this newsletter, please notify us at [email protected] and we'll try to troubleshoot things from our end.
Path Copy Copy is a Windows Explorer add-on to copy the path of a file/folder in various formats like name, path, and UNC path.
CPUID displays information about your computers processor(s). Speed, cache size, features, clock multipliers, codename, brand and more.
Open DBDiff is an open source database schema comparison tool for SQL Server 2005/2008.
GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]
Reader Tony Gore sent us the following tip:
Here is a useful trick that got me out of a hole the other day. Don't ask how I go there, but it is to do with cloning a hard drive to an SSD for a new PC and renaming it on a Windows network and then finding that the old PC gave me problems.
Basically the problem is that the old PC was not in the AD database, so I could not log on as the domain administrator and for whatever reason, the passwords for the local administrator would not work. However, I did have a cached user domain login. I found that if I tried to do something requiring elevated privileges, the cached domain admin credentials would still work – I just could not log in with them. However, I could not reset the local administrator password of find an obvious way of running anything that would allow me to do that at a UI level. But I found that I could run an elevated command prompt, add a user and then elevate them to an administrator with:
net user /add NewAdmin NewPassword
net localgroup administrators NewAdmin /add
I think this probably only works where the domain admin has not logged on to the PC (or possibly not for a long time – this PC was set up originally on the network 3 years ago and it is possible that the domain admin never logged on) but the domain admin has been used to get elevated privileges e.g. whilst setting something up for the user e.g. a new printer. This was a lot easier than having to try and crack the password or repair/reinstall Windows.
Disabling scheduled tasks that run with SYSTEM privileges
Recent versions of Microsoft Windows occasionally seem to have a mind of their own when suddenly out of the blue your CPU hits the ceiling and stays there for several minutes. If you rely on your Windows computer to get your work done, it's annoying when this happens as your machine can become slow to respond to use input. One cause of such occurrences is when a built-in scheduled task kicks off to defrag your drive or rebuild your search index or perform some other annoying "optimization" of your machine. Unfortunately such tasks usually run under SYSTEM privileges so you can't use Task Scheduler to disable the task even if you're logged on as Administrator. If you've been looking for a solution to this problem, check out this article on the security blog Lockboxx:
GOT TIPS you'd like to share with other readers? Email us at [email protected]
North AmericaAWS re:Invent on October 6-9 in Las Vegas, Nevada USA
Microsoft Convergence on April 4-7, 2016 in New Orleans, Louisiana USA
Add Your Event
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]
Register for Webcasts
Add your Webcast
PLANNING A WEBCAST you'd like to tell our subscribers about? Contact [email protected]
Reporting Application of GPOs on Remote Computers and Generating A Report (Part 1) (WindowsNetworking.com)
File Sync Solutions as Alternatives to Folder Redirection – AppSense DataNow (Aaron Parker)
Introducing Azure Resource Manager cmdlets for Azure PowerShell DSC Extension (Windows PowerShell Blog)
Hybrid Network Infrastructure in Microsoft Azure (Part 3) (WindowsNetworking.com)
Microsoft Exchange and Office 3065
Troubleshooting synchronization with Windows Azure Active Directory (WAAD) (Part 4) (MSExchange.org)
Product Review: Stellar Mailbox Exchange Toolkit (MSExchange.org)
Cleaning up old AEM data (Kevin Holman)
OpsMgr: Sample Alert Widget Template with Logical Expression Filtering Capabilities (Wei Out There)
Active Directory Insights (Part 1): Configuring DNS on domain controllers (WindowsNetworking.com)
Active Directory Insights (Part 2): Digging into Trusts (WindowsNetworking.com)
Saying Goodbye to On-Premises Exchange (Part 4)
Amazons EC2 (ECS) Container Service Supporting Docker (Part 2)
Taking a Close Look at Hyper-V Host Properties in SCVMM 2012 R2 (Part 2)
Active Directory in the Cloud (Part 2)
How to Successfully Create a Hyper-V Cluster Using Virtual Machine Manager (Part 4)
Bridging the cloud generational gap
Whenever there is any kind of computing revolution, organizations have to rethink how applications are built and how they behave. With cloud computing, users won't just move their apps to the cloud, they'll design them to take advantage of cloud's scale and resiliency. Find out how to future-proof your cloud app development process today.
Workloads that should remain on physical hardware
While it's true virtualization can bring many advantages, it may still not be the right approach for every workload. Learn if you should actually virtualize or not, and find out why some workloads should stay physical instead of virtual.
Steps to virtualize apps with ThinApp
Like other application virtualization products, VMware ThinApp is based around the concepts of differencing and packaging applications. It's fairly easy to virtualize apps, but before you start the process, you should familiarize yourself with a few basic steps, including how to set up a VM, how to take snapshots, and how to use the Setup Capture utility to run scans.
Pitfalls of Apple's Mac OS in the enterprise
Whether you're a Mac OS fan or not, it is important to understand the potential pitfalls that come with these computers, such as compatibility, applications, support, networking and other issues. Fortunately, if you already know what could be coming your way, you can get the training and tools you need ahead of time to manage Macs. Find out more about what to expect from Macs in the enterprise.
This Week's Links We Like. Tips, Hints And Fun Stuff
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]
Swiss Cow Airlifted By Helicopter
A cow with a bad hoof, that was too painful for it to walk down the mountain to the vet, is lifted by helicopter out of the Swiss Alps:
UK Magicians Hijack Live TV News Broadcast
British magician duo Young & Strange perform a funny shrinking man illusion in the background of a live broadcast at Westminster Palace:
Spitfire Lands Without Wheels
A pilot brings his WW II Spitfire in for an emergency landing with no landing gear:
A smart dog figures out how to get the ball out of the water without getting wet:
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.