Archive for November, 2009

P2V(hd) the easy way

Posted: November 22, 2009 in Virtualization

There are many methods for migrating a physical server to a Hyper-V virtual server but most of them require a management platform or third party software. For those in the market for a free and easy method to migrate physical server onto a virtual Hyper-V platform, life recently got much easier with the introduction of Disk2vhd. Created by Mark Russinovich and Bryce Cogswell (of Sysinternals), the latest version of this tool makes P2V migrations as easy as can be.

Disk2vhd is free and will run on Windows Server 2003 SP1, Windows XP SP2 or later. The utility supports 32 and 64 bit systems. Running the tool is as simple as selecting the disks to be captured and the target location. For performance reasons it is recommended not to save the vhd image to the disk being captured, but capturing across a fast network works very well.

Disk2vhd is available for download here (http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx).

One seemingly common problem with the capture process occurs when capturing a boot disk that does not include the required disk controller drivers for the IDE controller used by Hyper-V. This situation can be identified when the captured image boots with a blue screen on Hyper-V showing a 0x0000007B error code. Luckily, a simple modification can be made to the system before the migration process is started to correct this issue. This process involves making sure that 4 IDE driver files are available on the server and registered in the registry. This additional process is typically needed only on Windows Server 2003 servers and the required steps are explained in this KB article: http://support.microsoft.com/kb/314082. In my experience, on each system only one of the identified files was missing and once it and the associated registry keys were added, the P2V process worked flawlessly.

Now go get rid of those aging physical servers!

Group Policy Preferences aka GPPs

Posted: November 13, 2009 in Group Policy

The biggest change to group policies since Windows 2000 comes to Windows courtesy of a Microsoft purchase of a company called Desktop Standard. Among several excellent enhancements to group policies comes Group Policy Preferences (GPPs). GPPs allow group policy objects to control a whole new set of Windows settings using Active Directory based GPOs. Along with dozens of new policy settings, GPPs introduce several new concepts to GPOs, namely multiple setting actions, item level targeting and one time application of settings. Each of these individually would make this new mechanism worth a look, but the combination is one of the most powerful tools available to Windows system administrators, and it’s all included in Windows at no additional cost.

Requirements

Before we dig into what GPPs can control and how they control it, let’s go over the requirements for using GPPs. The popular misconception is that GPPs require a significant investment in upgrading the domain, DCs or the entire network to Windows 2008/R2 and Vista/Windows 7. The truth is that the requirements are significantly lower than that. There are two sets of requirements related to using GPPs, the requirements to edit a GPO and to apply a GPO:

  • Editing a GPO with GPPs requires a system running Windows Server 2008, Windows Server 2008 R2, Windows Vista SP1+ or Windows 7. Therefore, introducing a single machine running any of these operating systems to a network would allow GPOs using GPPs to be created.
  • Applying a GPO with GPPs is supported on the  above mentioned operating systems (Windows Server 2008, Windows Server 2008 R2, Windows Vista SP1+ and Windows 7) but also on Windows XP SP 2+ and Windows 2003 SP2+. In order to use GPPs on Windows XP SP2, Windows 2003 and Vista RTM, the new Client Side Extensions (CSEs) for GPPs must be downloaded and installed. The updated CSEs are included in Windows XP SP3 and Vista SP1.

You’ll notice that there are no requirements for your domain controllers and or other server operating systems!!!

Significant Features

GPPs introduce several unique new features that expand and enhance the usage of group policies and can be used for all GPPs:

  • Item level targeting

This feature, available on the Common tab, allows the construction of a multipart conditional statement that must be met before the setting is applied. Since the condition only applies to one setting, a single GPO can have settings that are applied to different users and computers. The condition parameters include items such as:

  • Computer Name
  • CPU Speed
  • Disk Space
  • Domain
  • Environment Variable
  • IP Address Range
  • Operating System
  • Organizational Unit
  • RAM
  • Site
  • and User

Also available are conditions that query specific registry keys, files, LDAP objects and WMI properties.

  • Apply once

Another feature that can be found on the Common tab and therefore used for the large majority of GPPs, is represented by a checkbox labeled ‘Apply once and do not reapply’. Using this setting allows the administrator to implement a default setting but allow users to modify the setting. This ‘soft’ application of GPO settings is a powerful tool for system administrators.

  • Modification actions

Found on the default and left-most tab of most GPPs is the Action pulldown. This setting provides granular control for the type of action used when applying the setting and contains the following options:

  • Create – This action will create a new object as specified. If an object exists, no action will be taken.
  • Replace – If the specific object exists, it will be removed and a new one created with the specified settings. If the object doesn’t exist, it will be created. This setting is similar to traditional GPOs and force a configuration regardless of existing settings.
  • Update – If the specific object exists, it will be updated with any specified settings. Other settings will not be distributed. If the object doesn’t exist, it will be created.
  • Delete – This action will search for the specific object and delete it.

GPP Extensions

Of the approximately 20 new setting areas (or extensions) introduced with GPP, the majority provide a new, easier method of configuring settings that historically required complex scripts, third party utilities or were not possible at all.

The following extensions can be used to replace tasks traditionally completed with scripts or batch files:

  • Drive maps
  • Printers
  • Environment
  • Files
  • Registry
  • Shortcuts
  • Local Users and Groups

Whereas the following extensions present functionality that is new to GPOs:

  • Start Menu
  • Folder Options
  • Power Options
  • Data Sources
  • Network Shares

The features, functions and elements described here are just examples of the new options available with GPPs. A review of the preferences sections within the GPO will quickly allow any administrator to find settings that address their own issues and optimize systems management in their organization.

hopefully this introduction helps readers understand GPPs a little better and leads some to leverage these very capable tools. If you have found a cool use for GPPs, please comment and share.

Welcome to the RDP Files

Posted: November 13, 2009 in General

It seems only fit to kick off a new blog with an introduction. An introduction to the author, to the content, and to the reason for writing a blog.

My name is Guy Yardeni.

I’m a 15 year veteran of IT infrastructure work, most of it done as a consultant and/or implementer assisting various organizations with deploying technologies such as directories, messaging, system management, security systems and content management platforms.

Most of my work these days focuses on the Microsoft products filling the above categories, but my past adventures have included in-depth exploration of Novell, Cisco, Citrix products and many more.

My typical day is spent designing solutions, implementing complex systems, supporting the technologies or providing knowledge transfer to IT staff about each solution and related products.

Which leads me to the question of why do we need another blog about IT technology: In the course of my work, I run across many difficult problems, questions and challenges. Most of these eventually do get solved, but many of the elements of the troubleshooting process or the solution are not available online. Furthermore, seldom are the details about the problem and the solution captured in an easily retrievable manner.

The notion that this hard to get, valuable information will not be available to myself (yes, I typically forget the details of the problem and solution after several months), my colleagues and IT professional seems very wasteful.

Therefore, the goal for this blog is to capture important information that I uncover in the course of my work and that would be valuable to myself and others down the road.

Finally, the name of the blog was selected because when I examine my work for the past several years, it seems that the tool that I use most often and that is most indispensable for my work is a good RDP client interface, which is used to remotely manage servers.

That’s it for the introduction, hope you’re ready for a steady stream of useful technical information.

Guy