Comments for 4sysops

Comment on Why I don’t wanna be a Mac by Michael Pietroforte

Michael Pietroforte — Mon, 15 Mar 2010 07:44:05 +0000

HSD, how are the insides of an Apple computer related to my argument? The point is that I would be embarrassed if I show off with a Mac in a coffee shop because everyone would think this is just another Mac wannabe. Opening my Mac and showing all other coffee shop visitors that even my motherboard has an outstanding design wouldn’t really be helpful. However, the trick with the colored sleeve is great. Did you ever post this tip in an Apple forum?

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 2: Unique SIDs are necessary by Michael Pietroforte

Michael Pietroforte — Mon, 15 Mar 2010 07:30:25 +0000

ben, thanks for the hint. I think Daniel Petri’s problems are related to the fact that domain controllers need unique SIDs. Mark has mentioned this in his article. I added a corresponding note to my article.

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 2: Unique SIDs are necessary by ben

ben — Sun, 14 Mar 2010 02:33:35 +0000

You need to change the SID on servers especially
for more proof look at
http://www.petrikb.com/email-stuck-in-drafts-folder.htm
Petri has proof that SID problem exist and it happened to him!
I think Mark was forced to write his response and take down newsid since it went around sysprep which forces you to reactivate your server with Microsoft
and remember to change the SID you need to click the GENERALIZE option

Comment on Three ways to reset a Windows Vista admin password by Katie

Katie — Sat, 13 Mar 2010 22:18:19 +0000

What worked easiest (after 4 hours of trying different things, including burning password restore discs and going into safemode!) was hitting f11 at start up and doing a system restore to an earlier date. I just choose the previous day when the password worked. Then it restarted, I entered the password and it worked. I then went into user accounts and changed my password to a blank. Inotherwords, no password. I believe it is true that the microsoft updates affected the password. There were three updates installed between yesterday and today when my password didn’t work. I’m thankful I kept trying until I saw that suggestion!

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 2: Unique SIDs are necessary by Michael Pietroforte

Michael Pietroforte — Fri, 12 Mar 2010 17:09:02 +0000

Thanks Jason. It is interesting that nobody appears to know what Sysprep is doing in detail even though almost every admin around the globe is using it.

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 2: Unique SIDs are necessary by Jason Sandys

Jason Sandys — Fri, 12 Mar 2010 16:54:33 +0000

To the best of my recollection, you could only get Sysprep if you had an EA during the NT 4 days — kind of like you could only get WinPE with an EA up until just a few years ago. So it wasn’t an explicit charge, but not free nonetheless.

The 31 number is also to the best of my recollection but was straight from the mouth of Mark R in a QA sessions at the beginning of December. The way he stated it he wasn’t even sure of the number and said something like “around 31″.

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 1: All the important Sysprep functions by Michael Pietroforte

Michael Pietroforte — Fri, 12 Mar 2010 10:20:56 +0000

Enabling the local administrator account is a big security risk. It is better to create a new account with admin rights. I've described how to enable the local administrator account before, if you really need it. Setting a local admin password makes sense. There are many tools out there which allow you to reset the password network wide. For example: AutoAdministrator, ManageEngine Desktop Central, or Passgen.

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 2: Unique SIDs are necessary by Michael Pietroforte

Michael Pietroforte — Fri, 12 Mar 2010 09:57:42 +0000

Jason, I don’t remember that Microsoft ever charged for Sysprep. I only remember that they were forced to release such a tool because the SID removal functions of third party NT cloning tools didn’t work properly.

How did you get this number of 31 unique identifiers? Do you have the URL of the source? Sysprep does lots of undocumented things. But it seems nobody really knows what exactly.

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 2: Unique SIDs are necessary by Jason Sands

Jason Sands — Fri, 12 Mar 2010 01:18:26 +0000

Actually the number one reason to use sysprep is because there are around 31 other unique identifiers on any given Windows system that sysprep actually does take of. Mark’s point in the blog post (this is first-person not relayed) is that newsid never did anything for anybody. He had people complain that newsid was no longer supported on Vista+ so he dug into a little and discovered that newsid has always been essentially a useless tool.

Also note that there have been versions of sysprep around since the NT4 days, 10+ years ago. It wasn’t always freely available, but since at least XP (maybe even 2000) it has been included on the media.

Comment on Live backup of a virtual machine with Virtual Server 2005 R2 SP1 using Volume Shadow Copy Service (VSS) by Sav

Sav — Thu, 11 Mar 2010 16:05:25 +0000

I’m using BackupChain for Virtual Server 2005 as well as VMWare. It creates delta incremental files which only contain file changes and takes snapshots while the VMs are running. This way we save a lot of storage space and bandwidth because we send the backups via FTP to another server.
Sav

Comment on Windows 7 DirectAccess – Features by Eric

Eric — Thu, 11 Mar 2010 14:45:16 +0000

If a mobile user is connecting from a laptop, the laptop is joined to the domain, and the user has previously logged into the domain, the credentials will be cached, so the user can log in even though there is no connection back to the main office at the time of login. As soon as laptop computer is on the Internet, the laptop will have access to the main network (to access shares, etc.). This description is true for both DirectAccess and the VPN Dialer 2009 products.

Comment on Why Sysprep is an obligatory Windows deployment tool – Part 1: All the important Sysprep functions by KIp

KIp — Thu, 11 Mar 2010 14:38:04 +0000

A nice article. We are getting ready to start our Windows 7 images and your information will prove very useful. One question I have regarding sysprep disabling the admin account? Our organisation like to have the admin account enabled and with a secure password in place. How would I stop sysprep doing this or should I simply re-enable later?

Comment on Windows 7 DirectAccess – Features by ahollister

ahollister — Thu, 11 Mar 2010 13:51:14 +0000

so how will this deal with the situation of a mobile user connecting via aircard?

currently i have the problem that until the user logs in and activates the aircard software, there is no internet connection….

any ideas or advice much appreciated

Comment on Serious Apache vulnerability – Sysinternals updates by Michael Pietroforte

Michael Pietroforte — Thu, 11 Mar 2010 11:27:13 +0000

Thanks for the compliment. You know, I always wanted to be a comedy writer, but then I realized that I am not good enough and so I became a M$ blogger.

Comment on Help in Sysinternals tool says “Navigation to the webpage was canceled” by Charl Botha

Charl Botha — Wed, 10 Mar 2010 21:29:28 +0000

Thank you very much for your explanation, it saved me quite some frustrating!

Comment on Serious Apache vulnerability – Sysinternals updates by David Finster

David Finster — Wed, 10 Mar 2010 20:59:32 +0000

The article you linked to doesn’t mention what platform is affected. The original article is worthy of the same criticism I gave your tweet. Help Net Security is advertising food – the site is 75% ads.

I only follow this blog for the laughs. Thanks for keeping me entertained.

Comment on What is THE cloud? My interpretation of Steve Ballmer’s cloud concept by Dean

Dean — Wed, 10 Mar 2010 20:18:41 +0000

I am sorry! I’ve missed this – tired:)

Dean

Comment on Serious Apache vulnerability – Sysinternals updates by Michael Pietroforte

Michael Pietroforte — Wed, 10 Mar 2010 19:48:30 +0000

Actually, I only linked to it because Apache on Windows is affected. After all, this is a blog for Windows admins. And doesn’t the article mention that there is an update available? I just copied the title of the article. Do you think Help Net Security is interested in Microsoft FUD? Why didn’t they use your title? Don’t you think that you are a little oversensitive?

Comment on Serious Apache vulnerability – Sysinternals updates by David Finster

David Finster — Wed, 10 Mar 2010 19:04:27 +0000

To be fair – the Apache problem is on Windows only, and only affects the ISAPI module. And, to be even more fair, this isn’t an unpatched problem that Microsoft chose to ignore for months. The patch was released 4 days ago.

“Patch released for serious vulnerablility with Apache mod_isapi on Windows” would still fit in your tweet and be accurate – and less Microsoft FUD.

Comment on What is THE cloud? My interpretation of Steve Ballmer’s cloud concept by Michael Pietroforte

Michael Pietroforte — Wed, 10 Mar 2010 18:11:58 +0000

Dean, the poll results are correct because it is possible to select multiple answers. Thanks anyway. I will blog about this poll soon.