Vol. 23, #6 - February 12, 2018 - Issue #1168
WServerNews: Last word (for now) on Meltdown/Spectre
- Editor's Corner
- Ask Our Readers - Issue with network printers with Win10 in WS2008R2 domain
- Ask Our Readers!
- From the Mailbag
- Last word (for now) on Meltdown/Spectre
- Send us your feedback
- Recommended for Learning
- Microsoft Virtual Academy
- Factoid of the Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- This Week's Tips
- Azure - Add a public IP address to a VM
- SharePoint - Populate a site for testing purposes
- Azure - Save money!
- Events Calendar
- More upcoming events
- New on TechGenix.com
- Recommended articles from TechGenix.com
- Tech Briefing - System Center
- SCCM: For those nasty incremental collections
- Connecting Configuration Manager to OMS
- Comanagement and migrating from ConfigMgr hybrid to standalone Intune
- Using ConfigMgr to Monitor Intel Vulnerability INTEL-SA-00086
- Time for a Tune-up
- Other Articles of Interest
- Use AWS cost optimization tools to avoid billing surprises
- How to win in the AI era? For now, it's all about the data
- Data center GPU use on the rise thanks to AI, big data
- Upgrade your IT admin career options with these tips
- WServerNews FAVE Links
- This Is Not Science Fiction
- Watch SpaceX Launching A Car To Mars
- Toyota Super Bowl Commercial 2018
- Monkey Taunts Tiger
- WServerNews - Product of the Week
- Avoiding GDPR Penalties – 5 Key Principles
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to [email protected] if you have any comments or suggestions!
And who says fresh air is good for your health?
By the way, if it's health your looking for, make sure you're subscribed to our other weekly newsletter FitITproNews and join the F2F (Farewell to Fat) Revolution! Go here for the most recent issue of FitITproNews:
Ask Our Readers - Issue with network printers with Win10 in WS2008R2 domain
A reader named David reached out to us with the following problem:
I have recently built some new desktops for our nonprofit, and after installing Windows 10 Professional on the local machines, joined the machines to the Server 2008 R2 domain (as domain administrator) and logged into the domain. As a domain admin, I have no control over any of the network printers on the new machines! If the printer was not installed by the local administrator, then is does not appear on the new desktop, and cannot be added by anyone in the domain. I am not running a print server on the domain, as Windows 7 machines did not require it, and I can still control the printers on the Windows 7 machines without any problems. Other Windows 10 Professional machines installed earlier are working just fine with the existing network printers.
So far, I have tried changing the User Access policy, adding the domain admins to the security tab on each printer as a local admin, added a print server to the domain controller (Yikes! What a nightmare!), and tried adding printers as the domain admin (won't work. HP printers want me to use an app. Its a desktop people. Why an app?). I changed the Group Policy on the server (Nope!). Help, please?
Do any of our readers have any suggestions concerning David's problem? Email us at [email protected]
Ask Our Readers
WServerNews now has over 400,000 subscribers worldwide! That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]
From the Mailbag
In Issue #1166 Intel Melts Down we talked about the Intel Meltdown/Spectre patch fiasco and seeks advice from our readers how best to deal with it and similar issues. One reader named Chris who works for an office products company replied with some simple but wise advice:
With over 30 years' experience in the IT industry, I have learned that this situation requires patience. I did not install any BIOS updates on the couple dozen servers and hundreds of desktops I maintain. I figured I would wait for the dead bodies to rise to the surface first. And that is exactly what happened.
And back in Issue #1164 IT the China way your Editor ruminated on the subject of China and its impact on in our IT-driven world. This precipitated the following fascinating response from Charles Lewis, a reader based in Tallahassee, Florida, USA:
Mitch, I subscribe to several YouTube vlogs, they're my window on the world in my old age. In case you might be interested, here are links to two living-in-China vloggers:
1. An aspiring travel journalist living in Shenzhen, China (just over the border from Hong Kong).
(9:53, using apps & technology to communicate in China)
(All her vlogs)
To make it more complex, the patches weren't properly tested, because the news leaked out too fast. As a result, the available patches were rolled out while lacking proper testing and their results. So companies like Microsoft found themselves in a split. Either to make the patches available and make them look bad because the patches themselves introduced new issues and challenges, or not to roll them out and make them look bad as well. So now the patches are available but do have warnings because there are potential risks attached to them. As a workaround - for the Microsoft patches - you can prevent the installation. But when you do that, future patches won't install either. Meaning, somewhere in time, the patches for Meltdown HAVE to be installed, because the alternative is even worse, making your systems vulnerable to other exploits as well for which are patches available but not installed...
2. This vlogger has nothing to do with servers, technology, etc. She is an Indonesian who teaches English at a private Muslim school in Yinchuan, China (northwest China, near inner Mongolia):
(17:25, Cashless in China)
(11:21, Bank and Supermarket in China)
(13:16, Muslim in Northwest China)
(All her vlogs)
And a little late, but... Happy New Year!
Thanks for this, we appreciate all our readers' comments even if they aren't specifically IT-related.
And now on to the main topic of this week's newsletter…
Last word (for now) on Meltdown/Spectre
I don't know about you but I've had difficulty keeping up with processing the flood of information coming out concerning the Meltdown and Spectre vulnerabilities. As a result I thought it would be cool if someone could set up a Wiki or other site with a detailed Q&A and demos and the latest news could be made available for IT pros. Not wanting to make so much work for myself I thought maybe I could conscript a few of our readers to set up and manage something like this, but then I thought most of our readers are probably too busy with their work to even consider doing something like this. So I googled and binged and quackquacked around to see if someone else has already done something like this, but came up empty.
Then a colleague pointed me to this site:
This site is the closest I can find to a comprehensive Meltdown/Spectre Wiki/Q&A so you might want to browse through and add it to your favorites. Note that the site doesn't render well in IE but looks fine in Edge.
If any of our readers finds a better site than this one, please let me know by emailing me at [email protected]
More Meltdown/Spectre news
Dell is apparently recommending that their customers do not install the BIOS updates that are supposed to resolve Spectre v2 vulnerabilities. BleepingComputer has more about this here:
There's also a Dell KB article about this:
Intel apparently plans to release new chips later this year that will include built-in protections against the Spectre and Meltdown attacks. You can read more about this on BusinessInsider here:
Finally, Windows admins may want to read this post on Rod Trent's site myITforum which concerns receiving Windows security updates when using third-party antimalware products:
If you find more Meltdown/Spectre news you feel we should share with our readers, email us at [email protected]
Send us your feedback
Got feedback about anything in this issue of WServerNews? Email us at [email protected]
Recommended for Learning
Download the Truly consistent hybrid cloud with Microsoft Azure whitepaper
If you are planning on integrating and extending your on-premises infrastructure with Azure, download the Truly Consistent Hybrid Cloud With Microsoft Azure whitepaper:
Microsoft Virtual Academy
SQL Database Fundamentals
Would you like to learn the basics of relational databases? Join us for this look at SQL Database fundamentals, along with those of database management systems and database components. Get an in-depth introduction to the terminology, concepts, and skills you need to understand database objects, administration, security, and management tools. Plus, explore T-SQL scripts, database queries, and data types:
Factoid of the Week - Movies about trains
Last week's factoid and questionwas this:
A new study reportedly exposes the sugar industry's decades-old effort to stifle research linking the eating of lots of sugar to heart disease. How much sugar do you consume each day? And do you use any sugar substitutes? If so, which ones and why?
Several of our health-conscious newsletter readers responded to this one:
Hi Mitch, I try to avoid sugar as much as I can, but it's in everything. Even though I prepare my own lunches, I am sure that there is some sugar in the condiments I use. I don't add sugar to my food and drink as a rule, unless I'm baking a dessert. Even then I tend to use less than called for. As a substitute, I like sucralose. It seems to be the most bio neutral, and has the least offensive after taste. But I'm not against aspartame, despite the dire warnings being shouted from the fringes. They seem to be mere panic, not supported by the massive number of studies done on its use. None of the substitutes them work very well in baking, though I can use sucralose to make apple pie that is passable, especially for my diabetic friends who would get none otherwise! When I do use sugar in cooking, I choose the least refined that I can get. I understand that the minerals in unrefined sugar may help the body metabolize it. Not sure how much of a difference it makes, but I also prefer the taste, so even if it's not much better I'll still stick with the raw version. --Todd who is in the US Military
Hello Mitch, the only time I ever use sugar is at restaurants, for my coffee. My sugar substitute of choice is a product from KAL, called Pure Stevia plus Luo Han (aka monk fruit). That stuff is incredibly sweet. A long time ago, I walked into a health food store, looked at the various sugar substitutes they had, and just bought one of each type. I wasn't really happy with any of them. They wouldn't dissolve properly in my coffee or they just weren't very sweet... except for KAL's product, Pure Stevia plus Luo Han. I don't know what they did different from all the others, but it dissolves properly and is very very sweet. It's a bit pricey, but, to me, worth every penny. --Michael
Now let's move on to this week's factoid:
Fact: Some people at Microsoft love trains.
Source: Chuck Timon, a Senior Premiere Field Engineer (PFE) at Microsoft who has contributed his expertise to several books I've written for Microsoft Press, sent me an email this morning saying, "Thanks very much for the trains plowing through snow video.....I love trains." The video he refers to was one of the Flixxy videos in the WServerNews FAVE Links section of last week's newsletter "Issue #1167 Some reflections on Meltdown/Spectre" which is archived here:
I responded to Chuck's kind email by saying, "Me too. Here's one of my favorite train movies" and pointed Chuck to the IMDB page for the movie "Death Train" that stars Mathis Landwehr and Arnold Vosloo:
Question: What's *your* favorite train movie? :-)
Email your answer to us at [email protected]
Until next week,
GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]
Veeam is happy to provide you with a study guide for Microsoft Certification Exam 74-409. The guide will take you through the exam objectives, helping you to prepare for and pass the examination.
Active Directory Replication PowerShell Module makes checking Active Directory replication easier and richer than repadmin.exe:
HP offers a BIOS Utility for automated configuration of BIOS/UEFI settings:
ConvertPOLtoDCM is a utility to convert Group Policy .pol files into Configuration Manager 2012 Compliance Cis:
Azure - Add a public IP address to a VM
Srinath Vasireddy explains how you can add a public IP address to an Azure VM when your Connect button is grayed out and you are not connected to Azure via an Express Route or Site-to-Site VPN connection:
SharePoint - Populate a site for testing purposes
Mike Lee shares a script you can use to create and populate data in a SharePoint Farm for testing purposes:
Microsoft Tech Summit on March 5-6, 2018 in Washington, D.C. USA
Microsoft Tech Summit on March 14-15, 2018 in Paris, France
Microsoft Tech Summit on March 19-20, 2018 in San Francisco, California USA
Microsoft Tech Summit on March 28-29, 2018 in Amsterdam, Netherlands
Microsoft Ignite 2018 on September 24-28, 2018 in Orlando, Florida USA
Add Your Event
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]
Up close and personal with Windows AutoPilot
While self-driving cars might be the future of driving, Windows AutoPilot is definitely going to be the future of Windows device provisioning.
Prevent cyberattacks with application whitelisting with Windows AppLocker
Want to keep nasty programs from running on your Windows computers? Application whitelisting with AppLocker is your key to making this happen.
Under the hood: Hyper-V shutdown registry settings
Knowing how things work under the hood can help you when a troubleshooting issue arises. Case-in-point: Hyper-V shutdown registry settings.
The importance of being earnest with software licensing
Software licensing often takes a back seat to other priorities, but the last thing your business wants is for the License Police to come knocking!
Get your geek on: Building a VMware home lab
Setting up a VMware home lab for learning and testing doesn't need to be expensive or difficult. Here's how you can do it.
SCCM: For those nasty incremental collections
Connecting Configuration Manager to OMS
From the TechNet UK blog
Comanagement and migrating from ConfigMgr hybrid to standalone Intune
From Gerry Hampton Device Management
From Windows Management Experts
Time for a Tune-up
From Michael Griswold's SCCM Tips and Tricks
Use AWS cost optimization tools to avoid billing surprises
Several AWS tools enable organizations to dissect their cloud bills, visualize spending and estimate future costs. Learn when -- and when not -- to use each.
How to win in the AI era? For now, it's all about the data
Deep learning pioneer Andrew Ng explains why data, not algorithms, gives companies a first-mover advantage in the current AI era. Plus: the four traits of an AI company.
Data center GPU use on the rise thanks to AI, big data
GPU vendors have added new devices and cards for data center servers, as data demanding workloads infiltrated the data center and overwhelmed traditional CPUs.
Upgrade your IT admin career options with these tips
Don't get stuck with habits from a time when Microsoft released updates every few years. Admins need to build their proficiency in PowerShell and cloud products to remain relevant.
This Week's Links We Like. Tips, Hints And Fun Stuff
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]
This Is Not Science Fiction
'Falcon Heavy' - the most powerful operational rocket in the world - will launch a Tesla Roadster electric car into space:
Watch SpaceX Launching A Car To Mars
SpaceX successfully launched the 'Falcon Heavy' rocket with a payload of a Tesla Roadster electric car going into an elliptical orbit towards Mars and around the Sun:
Toyota Super Bowl Commercial 2018
Monkey Taunts Tiger
A young tiger sits beneath a tree, trying to relax, when a monkey shows up and decides to have some fun with him:
Avoiding GDPR Penalties – 5 Key Principles
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7www.mtit.com.Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.