Windows System Update Readiness Tool

A new tool is being offered through Windows Update; the System Update Readiness (SUR) Tool. It is designed to help diagnose and fix issues that are preventing Windows updates or Service Packs from installing correctly. According to the documentation it is only offered to systems that are experiencing one of the conditions that the tool could resolve. (How it can determine this without first running is beyond me.) The tool runs on Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2. Like the monthly Windows Malicious Software Removal Tool (WMSRT), it runs a onetime scan of your system to determine if it is experiencing one of the issues it can detect and fix. A log of this activity is written to %SYSTEMROOT%LogsCBSCheckSUR.log. As of this writing the tool is presented in Windows Update as System Update Readiness Toll for Windows 7 for x64-based Systems (KB947821) [February 2011]. This leads me to beleive that it will be updated and offered in new “versions” further on.

You can also download the tool manually and run it, check the first link below.

On one system I experienced an error when trying to install Windows Server 2008 R2 Service Pack 1; An unknown error has occurred; error code 0x800f0818. I ran the SUR Tool and it detected an error in the %SYSTEMROOT%ServicingPackages folder, which it was able to repair. After that SP1 installed successfully.

One strange thing to note in this case was that I was installing SP1 through Windows Update, and both SP1 and the SUR tool were selected for install. For some reason the SP1 install ran first and failed, then the SUR tool ran and repaired the error that prevented the Service Pack from installing. Should have been the other way around.

More info:

Blue Screen (BSOD) on VirtualBox VM

I’ve got to handle it to Oracle; their virtualization software VirtualBox is amazing…and free! It’s features surpass Windows Virtual PC by leaps and are on par with VMWare Workstation. Lately I have been using it for all my host-based virtualization needs.

I am in the process of setting up a new computer and part of that means moving all my VMs. I use the export and then import feature in VirtualBox to do this. After I moved a Windows XP machine it would not boot on the new PC, and kept bluescreening continuously. This was the error:

VirtualBox Bluescreen

DRIVER_UNLOADED_WITHOUT_CANCELLING_PENDING_OPERATIONS caused by intelppm.sys.

After a brief Google search I turned up this post by Ben Armstrong (Virtual PC Guy) from the Microsoft virtualization team:http://blogs.msdn.com/b/virtual_pc_guy/archive/2005/10/25/problems-with-intelppm-sys-and-processr-sys-under-virtual-pc-virtual-server.aspx

According to Ben this driver; intelppm.sys, processr.sys and perhaps also p3.sys can cause problems when they try to do something that is not supported by the hypervisor. Apparently the problem affects Microsoft products such as Virtual PC and Virtual Server as well. There is also a ticket logged for VirtualBox regarding this issue: http://www.virtualbox.org/ticket/420

The solution is to boot into Safe Mode (F8 during start up) and entering one or more of these commands, depending on which driver is causing the issue:

  • sc config p3 start= disabled
  • sc config intelppm start= disabled
  • sc config processr= disabled

You could also follow the instructions in Ben’s post and do these changes manually in the Registry.

GPS Fun with the Windows 7 Sensor and Location Platform

Introduction

Windows 7 has a new framework; the Windows Sensor and Location Platform. In short it is a system that enables the OS to utilize different sensors; e.g. a GPS device to track your location, a light sensor to dynamically adjust your screen brightness based on the ambient lighting, an accelerometer to use for games etc. I want to focus on GPS in this post.

Architecture

Up until now; the usual way to connect a GPS device to your computer was for it to emulate a COM port and then send standard NMEA GPS data to the port at a specified baud rate. This worked OK in my opinion, but with the new framework the GPS device, or sensor, is exposed directly to the OS. No more intermediary COM ports. This works the same for any sensor, by the way.

GPS in action

As of this writing, there are very few devices compatible with the new framework out there. I only know of the USB GPS Devices from ublox. To work around this you can use Michael Chourdakis’ excellent GPSDirect driver that acts as a layer between a legacy GPS device that sends NMEA data through a COM port, and the Sensor and Location Platform.

To set this up do the following:

  1. Configure your GPS to work with Windows. This can be through Bluetooth, USB or special software for use with built in devices. When done you should have at lease one new COM port that sends the GPS NMEA data, and you should also know the baud rate of this port. This screenshot is from the COM port associated with my HOLUX GPSlim236 device:
    image
  2. Download and run the GPSDirect software and input the data from your COM port:
    image
    Then hit Install.
  3. You should immediately be prompted by Windows if you want to enable the new sensor:
    image
  4. Select Enable.
  5. You can now close the GPSDirect software. The driver will remain loaded until you remove it.
    Note: There is an issue with the current version of GPSDirect, v 0.0.0.16, in that it does not reconnect to the COM port if the GPS is disconnected or turned off.
  6. Open the Location and Other Sensors applet in Control Panel and configure your sensor:
    image
    Pay special mind to who can use the sensor as you may not want you location information used by all the selected users:
    image

Testing

Unfortunately there are very few applications that are able to use the location information a GPS device can provide. In fact I know of only one; the Windows Weather Desktop Gadget!

If you add this gadget to your desktop, and have a your GPS working, it will automatically detect that your computer is “location aware” and try to automatically find the weather forecast for your location.

image

image

Notice the little “signal” icon in the gadget. This indicates that the location was determined by using the computer’s location framework.

Don’t have a GPS?

If you do not own a GPS device but still play around with the location functionality, you can try the GeoSense application. What GeoSense does is that it uses a hybrid mix of geolocation service providers and geolocation methods to pinpoint your location as accurately as possible. It currently supports Google Location Services (WiFi) and Google Location Services (IP), with several more under consideration. GeoSense is written natively for the Sensor and Location Platform so you just have to install it to use it.

After installation you will have a new sensor in you Location and Other Sensors applet, which can be configured in the same way as GPSDirect (or any other location sensor).

image

Other uses

GPS is just one of many applications of the new framework. Especially for games I think we will see a whole new group of controllers that utilize the new API. One example of this is a driver written by Rajasekharan Vengalil, that lets you use the Nintendo Wiimote with Windows 7! Check it out here.

More info

Printing nuggets

Someone once told me “Users and printers take the fun out of the whole network.” The printing part I am inclined to agree with…

I met up with an old friend today that works for a large printer manufacturer and he imparted the following printing tips to me:

  • Disable bidirectional support on your printer
    This is done under the Sharing tab on the server:
    image
    This will save traffic from the clients to the printer every time a user views the properties of the printer, thus speeding up the printer properties dialogue. If you install new equipment on the printer; temporarily enable bidirectional support to update the printer on the server.
  • Never use the driver drop down box
    This setting is found on the Advanced tab of the printer:
    image
    Instead, use the New Driver button right next to it. If you use the drop down box it is a good chance that the printer will not load all the DLLs and other files that it needs. This is a common fault with printers not displaying the correct features etc.
  • Printer drivers use SNMP to query print devices for their supported features
    If you are having problems detecting the features of the printer, try to enable SNMP through any firewall that is between the server and the print device. Also, the SNMP functionality is usually implemented in the driver itself, and as such is not dependent on the SNMP functionality in Windows.
  • Universal printer drivers are usually slower than dedicated drivers
    This might be so, but the benefits of using only one driver per printer manufacturer far outweighs this problem, in my mind.

Happy printing!

Consumption of data vs. creation of data

According to the latest buzz we are in the middle of the tablet/slate revolution. This is based on the popularity of the IPad, the launch of the Samsung Galaxy Tab and countless other upcoming devices of the same type, as well as the popularity of IPhone and the recent launch of Windows Phone 7. In my mind all these devices are signs of the coming cloud based Internet where we no longer store our own data on huge hard drives in our home computers or NAS boxes on our networks, but rather just use sleek touch based devices with virtually no local data storage capabilities, to consume the data we want. But in that consumption there is a challenge; all these devices are excellent at consuming data, but not great at creating it. Who would use their IPad to write a report or work with a spreadsheet? Or write code? For those tasks a laptop or desktop is still the best choice. But when it comes to reading the latest edition of Wired or watching streaming video, the slates beat the laptop/desktop hands down. Dropping down on the couch with the laptop is OK at best. I am sure that this division of labor will change over time, but right now I think it is food for thought. And as always; feel free to disagree!

Morgan

Overriding Apple QuickTime 7 installation language

I prefer when software I want to run either comes in a specific language, or lets me choose the language during installation. In an effort to be more user friendly a lot of software is configured to detect the region your computer is set to. I prefer to run my OS in English, but have my region set to Norway. This results in a lot of software ending up with a Norwegian UI. Here is how you fix this for QuickTime 7:

  1. Download the QuickTimeInstaller.exe from Apple.
  2. Extract it using e.g. 7-Zip
  3. Download and install the Orca MSI Editor.
  4. Open QuickTime.msi in Orca
  5. Go to ViewSummary Information…
  6. Find the Languages box and delete all language ID except the language you want. In my case I want English which is 1033.
  7. Save the MSI over itself.
  8. Repeat the process for AppleSoftwareUpdate.msi
  9. Install QuickTime by double clicking QuickTime.msi
  10. Open Explorer and find the Apple Software Update installation directory. Either C:Program Files (x86)Apple Software Update or C:Program FilesApple Software Update, depending on your system architecture.
  11. Open the SoftwareUpdate.Resources folder and find the language you want (still English for me), e.g. en.lproj.
  12. Copy the SoftwareUpdateLocalized.dll from the folder of the language you want, into the folder Apple Software Update is using. Again for me; copy SoftwareUpdateLocalized.dll from the en.lproj folder into the nb.lproj folder, overwriting the existing file.
  13. Repeat for the SoftwareUpdateFiles.Resources folder.

Now both QuickTime and the Apple Software Update should both display the language you want.

PS: You can’t just delete the language folder you don’t want from the SoftwareUpdate.Resources  and SoftwareUpdateFiles.Resources folders. If you do Windows Installer will repair the application the next time you try to launch it.

Entourage 2008 EWS and Public Folders

Microsoft Entourage 2008 for Mac, Web Services Edition is a required upgrade if you are using Exchange Server 2010. Entourage 2008 (without EWS) uses WebDAV to communicate with Exchange Server and WebDAV has been removed from Exchange Server 2010. Entourage EWS now uses Exchange Web Services (EWS) as the primary protocol for communicating with Exchange Server. This means that Entourage now can potentially access all the information available through EWS.

So what about Public Folders? According to the Entourage EWS documentation Entourage can now access Public Folders, but there is no mention of whether Entourage needs Public Folders. Entourage without EWS did absolutely need Public Folders. During Exchange Server 2007 installation you got a question; Do you have any client computers running Outlook 2003 and earlier or Entourage in your organization? If you answered yes; a public folder database would be created. If you answered now; no public folders in your organization. Since Entourage EWS now can access free/busy data through EWS there should be no reason to continue having Public Folders in your Exchange organization. But I have been unable to clearly determine if that is the case. Right now I think it is unnecessary, but I will do some further testing.

Viewing the contents of Group Policy Registry.pol files

While investigating some EFS settings I needed to look at the raw data in Group Policy settings files, usually called Registry.pol and located in the SYSVOL share for each GPO. First I tried to load it as any other hive in Registry Editor, but that did not work, indicating that .pol files do not use the same format as the Registry does.

After a bit of searching I found this excellent utility at the gpoguy.com website: Registry.pol Viewer Utility.

With it I could read (but not change) the information in my Registry.pol file.

The Registry.pol format is documented at MSDN.

Establishing a performance baseline

Introduction

A performance baseline is a vital part of you system documentation. A baseline should be established immediately after a new system has entered production, and should be repeated with regular intervals. That way you can see how your system performs over time and make informed decisions about when a system will have to be upgraded etc.

Creating a baseline

The primary tool you use to capture a baseline on the Windows platform is Performance Monitor (or just Performance or PerfMon). PerfMon is an MMC snap-in that enables you to record various aspects of you system. These are called objects and counters. An object can be e.g. the Processor which in turn has several counters, e.g. % Processor Time.

Which counters?

Which counters you capture depends on the role of the system you are establishing a baseline for. The counters captures for a SQL server are different from those captures on an Exchange Server.
This table lists some important counters. The Role column indicates which server role the counter is applicable to.
ObjectCounter Definition Recommendations Role
Processor% Processor Time % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the duration of the idle thread is active in the sample interval, and subtracting that time from interval duration.  (Each processor has an idle thread that consumes cycles when no other threads are ready to run). This counter is the primary indicator of processor activity, and displays the average percentage of busy time observed during the sample interval. It is calculated by monitoring the time that the service is inactive, and subtracting that value from 100%. A CPU time of more than 90 % for extended periods of time is generally regarded as a problem. All
MemoryPages/sec Pages/sec is the rate at which pages are read from or written to disk to resolve hard page faults. This counter is a primary indicator of the kinds of faults that cause system-wide delays.  It is the sum of Memory\Pages Input/sec and Memory\Pages Output/sec.  It is counted in numbers of pages, so it can be compared to other counts of pages, such as Memory\Page Faults/sec, without conversion. It includes pages retrieved to satisfy faults in the file system cache (usually requested by applications) non-cached mapped memory files. Although it is normal to have some spikes, this counter generally remains at or close to zero. All
PhysicalDiskAvg. Disk Queue Length Avg. Disk Queue Length is the average number of both read and write requests that were queued for the selected disk during the sample interval. The number of requests should not exceed two times the number of spindles constituting the physical disk. If the number of requests is too high, you can add additional disks or replace the existing disks with faster disks. All
PhysicalDiskAvg. Disk sec/Read Avg. Disk sec/Read is the average time, in seconds, of a read of data from the disk. Should not be above 25 ms.
PhysicalDiskAvg. Disk sec/Write Avg. Disk sec/Write is the average time, in seconds, of a write of data to the disk. Should not be above 25 ms.

Tools

Tool name Description Notes
logman.exe CLI utility included in Windows Server 2003 and newer. Logman manages the “Performance Logs and Alerts” service for creating and

managing Event Trace Session logs and Performance logs.
perfmon.exe Performance Monitor Can also be launched by using perfmon.msc
Performance Analysis of Logs (PAL) Tool Open source utility on Codeplex http://pal.codeplex.com/
ExPerfWiz ExPerfWiz is a powershell based script to help automate the collection of performance data on Exchange 2007 and Exchange 2010 servers. http://code.msdn.microsoft.com/ExPerfwiz
LogWiz Automate the collection of Performance monitor logs using logman.exe http://logwiz.codeplex.com/
relog.exe Relog creates new performance logs from data in existing performance logs by changing the sampling rate and/or converting the file format. Supports all performance log formats, including Windows NT 4.0 compressed logs.
Typeperf.exe Typeperf writes performance data to the command window or to a log file.
TraceRpt.exe Tracerpt processes binary Event Trace Session log files or real-time streams from instrumented Event Trace providers

and creates a report or a text (CSV) file describing the events generated.

Commands

Establish a one week performance baseline for a Domain Controller:
logman.exe create counter “Active Directory Baseline (1 Week)” -c “Processor(*)% Processor Time” “NTDS*” “DNS*” “PhysicalDisk(*)Avg. Disk Queue Length” “MemoryPages/sec” -max 50 -rf 168:00:00 -cnf

Links

Customizing pinned shortcuts on the Taskbar for Windows Server 2008 R2

OK, this is one way. I am sure there are several others. Can anyone say convoluted…?

(This is mainly intended for use on Remote Desktop Servers.)

  1. Create a test user.
    My user is named Bob in this example.
  2. Log on as Bob and pin the shortcuts you want on the Taskbar, and remove the ones you do not want.
  3. Log off Bob and log on as an Administrator.
  4. Load the Default User registry hive:
    reg.exe load HKUDefaultUser c:UsersDefaultNTUSER.DAT
  5. Load Bob’s registry hive:
    reg.exe load HKUBob c:UsersBobNTUSER.DAT
    (Your path may be different.)
  6. Export the following key:
    HKEY_USERSBobSoftwareMicrosoftWindowsCurrentVersionExplorerTaskband:
    (reg.exe export HKEY_USERSBobSoftwareMicrosoftWindowsCurrentVersionExplorerTaskband Taskbar.reg)
  7. Edit the Taskbar.reg file:
    1. Remove the FavoritesResolve value.
    2. Change the key path from Bob to DefaultUser (this is the name in the registry path where you mounted the Default User hive). This so we can import the changes that Bob made to his Taskbar into the loaded Default User profile registry.
    3. Save and import
      The changes should now be in the Default User registry.
  8. Unload Bob’s hive and the Default User hive:
    reg.exe unload HKUBob
    reg.exe unload HKUDefaultUser
  9. Navigate to the following folder in Bob’s profile:
    <Bob’s profile root>AppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser Pinned
  10. Copy the entire contents of the folder into the same location in the Default User profile.
    (xcopy.exe “c:UsersBobAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser Pinned*.*” “c:UsersDefaultAppDataRoaming
    MicrosoftInternet ExplorerQuick Launch”
    )
  11. Run the following commands to remove the Everyone and BUILTINUsers security principals from the Server Manager and PowerShell shortcuts. These are copied into the User Pinned folder for every new profile, and the only way to prevent this (that I have found), is to prevent access to them. The Administrator still retains access through the remaining permissions on the shortcut files.
    1. icacls.exe “%ProgramData%MicrosoftWindowsStart MenuProgramsAccessoriesWindows PowerShell” /T /inheritance:d
    2. icacls.exe “%ProgramData%MicrosoftWindowsStart MenuProgramsAccessoriesWindows PowerShell” /T /remove:g *S-1-1-0 *S-1-5-32-545
    3. icacls.exe “%ProgramData%MicrosoftWindowsStart MenuProgramsAdministrative ToolsServer Manager.lnk” /inheritance:d
    4. icacls.exe “%ProgramData%MicrosoftWindowsStart MenuProgramsAdministrative ToolsServer Manager.lnk” /remove:g  *S-1-1-0 *S-1-5-32-545
      NOTE: These file system security settings can be propagated with Group Policy Security Policies. A template file doing just that is attached to this post.
  12. Log on as another regular user (not Bob) and verify that the pinned programs are available.
  13. Duplicate the Default User profile to other servers if necessary.

References:

Security Policy Template File

Morgan