22.Sep.2011 |
by Gusac |
Filed in: Articles, Tutorials
Overview of Fallback printer driver policy and how it is configured [More]
18.Sep.2011 |
by Gusac |
Filed in: Articles, Tutorials
Recently Microsoft released pre-beta version of Windows 8 for developers. Following are the
The pre-beta version was installed on a virtual machine which was used for Windows 7. Below are the minimum system requirements for installing Windows 8
System Requirements
Windows Developer Preview works great on the same hardware that powers Windows Vista and Windows 7:
1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
16 GB available hard disk space (32-bit) or 20 GB (64-bit)
DirectX 9 graphics device with WDDM 1.0 or higher driver
Taking advantage of touch input requires a screen that supports multi-touch
To run Metro style Apps, you need a screen resolution of 1024 X 768 or greater
Screenshot:
15.Sep.2011 |
by Gusac |
Filed in: Articles, Tutorials
Terminal Server Easy Print Overview [More]
30.May.2011 |
by Gusac |
Filed in: Articles, Tutorials
The server core installation of Microsoft Windows Server 2009 R2 provides minimal environment of running server roles. There are different editions of Server core available and the difference is the number of server roles available with them.
The different editions available are: Web, Standard, Enterprise and Datacenter.
The suitable edition of Windows 2008 Server Core R2 can be grabbed depending upon the requirements. Here is the comparison chart:
Server Roles
Web
Standard
Enterprise
DataCenter
Active Directory Certificate Services
No
Yes
Yes
Yes
Active Directory Domain Services
No
Yes
Yes
Yes
Active Directory Lightweight Directory Services
No
Yes
Yes
Yes
BranchCache Hosted Cache
No
No
Yes
Yes
DHCP Server
No
Yes
Yes
Yes
DNS Server
Yes
Yes
Yes
Yes
File Services
Yes
Standalone DFS
Yes
Yes
Hyper-V
No
Yes
Yes
Yes
Media Services
Yes
Yes
Yes
Yes
Print Services
No
Yes
Yes
Yes
IIS
Yes
Yes
Yes
Yes
25.May.2011 |
by Gusac |
Filed in: Articles, Tutorials
Forefront Threat Management Gateway can be configured to maintain a cache of Web objects and to attempt to fulfil Web requests from the cache. The Web caching is disabled by default. When you configure it, it starts caching all the website based on the criteria.
However, there could be scenario where you do not want to cache a particular website, say due security concerns or some issue with web application itself. TMG lets you disable the caching for a specific websites. Here are the steps:
Go to Web Access Policyin Threat Management Console.
On the Tasks tab, click on Configure Web Caching
In the new Cache Settings window, click on the tab Cache Rules and then click Newbutton.
We now have a wizard for creating a new rule, which looks like this:
Click to view the screenshot
Give the Cache rule name as per your requirements and click on NEXT.
Next is Cache Rule Destination.In this page we need to enter the destination domain/URL for which we are creating the cache rule. In our example, we are going to disable caching for winplat.net.
We need to enter the domain name object. If its already created then click on ADDand add the object, else create a new one. In our example, we are going to create a new domain name object:
For creating a new domain name set, click on Add, then New and the click New Domain Set Policy Elementdialog box, type a descriptive name for the policy element that will represent the domain that you do not want to cache content from.
Once you create a new Domain Set, add it. Here is the screenshot after adding the domain set:
Next is, New Cache Rule Wizard page. Choose the first option: ‘Only if a valid version of the object exists in the cache. If no valid version exists, route the request to the server.’ This rules tells TMG when to go to the web server to get a new copy of the webpage. Click on Next
Next page is for Cache Content, specifying whether the retrieved content should be cached or not. Since, we are disabling cache here, so we would choose the first option
Click Next and click on Finish. Once you close the wizard click on APPLY to save the changes.
16.May.2011 |
by Gusac |
Filed in: Articles, Tutorials
How to rename a Domain controller runnin Windows server 2008 operating system [More]
26.Apr.2011 |
by Gusac |
Filed in: Articles, Tutorials
Windows Vista/2008 server and later OS have version 2 of SMB (Server Message Block), which also has backward compatibility with SMB 1.0. Even though, SMB 2.0 is tested to be faster, it might cause some issues in some scenarios and you may wan to disable it.
There are different ways to disable SMB 2.0 at client end and server end.
Disable SMB 2.0 at server end:
Open Registry Editor (regedit.exe) and navigate to the following registry key":
HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters
Create a new DWORD value and rename it to: Smb2
Set the value data to 0. (0 denotes ‘Disable’)
Restart the system
Disable SMB 2.0 at client end:
Open the command prompt (cmd.exe) and type the following two commands:
sc config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc config mrxsmb20 start= disabled
Please note, there is a space after the equal to (‘=’) sign in the command.
8.Apr.2011 |
by Gusac |
Filed in: Articles, Tutorials
There is just some logic with which Windows handles the file level permissions while moving or copying files from one location to another. Depending on the destination, be it the parent folder, same volume or a different one, the Access control Entries (ACE) are added or replaced from the file Access Control List (ACL)
The way Windows 7 or Windows 2008 R2 handles the permissions while move/copy operation is different from previous version of Windows. This article talks only about how Windows 7 and Windows 2008 R2 server handles
The table below has the source and destination folder with the type of operation performed. The result is provided against each operation
Source
Destination
Operation
Result
Child Folder
Parent Folder
Copy
Both explicit and implicit Permissions are NOT retained. Permissions of destination parent folder are inherited.
Chid Folder
Parent Folder
Move
Explicit permissions are retained only and destination folder permissions are inherited.
Same Volume
Same Volume, Folder A
Same Volume, Folder B
Copy
Both explicit and implicit Permissions are NOT retained. Permissions of destination parent folder are inherited.
Same Volume, Folder A
Same Volume, Folder B
Move
All implicit and explicit permissions are retained. Destination parent folder permissions are NOT inherited.
Different Volume
Folder A
Folder B
Copy
Both explicit and implicit Permissions are NOT retained. Permissions of destination parent folder are inherited.
Folder A
Folder B
Move
Both explicit and implicit Permissions are NOT retained. Permissions of destination parent folder are inherited.
23.Mar.2011 |
by Gusac |
Filed in: Articles, Tutorials
Print spooler crash isn't a rare phenomenon in IT Administration world. It is something that leaves an admin scratching his head, figuring out what is causing it. Most of the time it's due to some faulty printer driver and bigger the environment, harder it is to identify the culprit driver. But that's going to be the thing of past now. With Windows 2008 R2 and Windows 7 comes the Printer Driver Isolation.
As the name suggests, Printer Driver Isolation or PDI isolate the printer drivers files into a different process than Print spooler (spoolsv.exe). The isolated printer drivers are not loaded in the process space of spoolsv.exe but instead a different process. So, if any problem that occurs in the faulty drivers will cause the process they are loading in to fail instead of spoolsv.exe, hence preventing the production down time for Print servers.
The process that host the isolated printer driver files is PrintIsolationHost.exe. This process host the printer drivers which are set to be run isolated. If anything goes wrong with these drivers, they will cause PrintIsolationHost.exe to crash and not spoolsv.exe. The purpose of the driver isolation feature is to prevent print drivers that fail or behave badly from adversely affecting the print spooler process
There are three modes of Printer Driver Isolation:
None - Printer drivers are loaded in the spooler process, just like before.
Shared - Printer drivers set to run in a single shared instance of PrintIsolationHost.exe process, separated from the spooler process. This is the default mode.
Isolated - Each Printer driver is set to run in its own separate instance of PrintIsolationHost.exe process.
To check if Printer Driver support PDI: Navigate to the following registry location: HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\<environment>\Drivers\Version-3\<driver>\PrinterDriverAttributes
Possible values: 0: Printer driver does not support PDI 2: Printer driver supports PDI If the value is missing, it defaults to 0, that is, the driver does not support PDI
How to change the Printer Driver Isolation mode
There are three ways to determine Isolation mode for Printer drivers:
INF files associated with the printer driver
Print Management Console (PMC)
Group Policy
INF files associated with the printer driver
The printer driver inf files advertises whether the driver supports PDI or not. The inf files contains a the keyword DriverIsolation to indicate its support for the PDI. As mentioned above, value 0 indicates that the driver does not support PDI and the value 1 indicates it supports it. So, in an inf file, it should look like:
DriverIsolation=0 DriverIsolation=2 Again, If the keyword is not there then it defaults to 0
Print Management Console (PMC)
The print management console or PMC lets you manage the driver isolation easily. If you open the PMC and go to the Drivers for the print server you want to manage, it will list all the print drivers installed on that server along with their Isolation state. Below is the screenshot for your reference:
To change the Driver isolation, right click on the printer driver and select the option 'Set Driver Isolation. The drop down menu will all the available options.
Please note:
The System Default option is the setting defined in the driver itself by default or by group policy.
If group policy ‘Execute Print drivers in isolated processes’ is Disabled, then you cannot change the isolation mode.
Registry value for PDI settings:
The driver names, for which PDI mode was set explictly, are stored in registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\ [PrintDriverIsolationGroups]
The value data is stored in a format to differentiate the Isolation state. the format is: <None>\<None>\\<Shared>\<Shared>\\<Isolated>\<Isolated>
The three groups (None, Shared & Isolated) are separated by double slashes ‘\\’ and within each group, drivers are separated by single slash ‘\’
Please note: For drivers which have Driver Isolation state as System Default, will not be listed in the registry. The registry contains names for the drivers for which PDI mode was change explicitly.
If you do not have any driver in one group then it will be left as it is but double slashes \\ would still be there.
Group Policy
There are two group policies for PDI ad they can be found under: Computer Configuration\Administrative Templates\Printers.
The Group policies are:
Execute print drivers in isolated processes
Override print driver execution compatibility setting reported by print driver
Policy: Execute print drivers in isolate processes:
This policy setting determines whether the print spooler will execute print drivers in an isolated or separate process. When print drivers are loaded in an isolated process (or isolated processes), a print driver failure will not cause the print spooler service to fail.
If you enable or do not configure this policy setting, the print spooler will execute print drivers in an isolated process by default.
If you disable this policy setting, the print spooler will execute print drivers in the print spooler process.
Notes: -Other system or driver policy settings may alter the process in which a print driver is executed. -This policy setting applies only to print drivers loaded by the print spooler. Print drivers loaded by applications are not affected. -This policy setting takes effect without restarting the print spooler service.
Policy: Override print driver execution compatibility setting reported by print driver:
This policy setting determines whether the print spooler will override the Driver Isolation compatibility reported by the print driver. This enables executing print drivers in an isolated process, even if the driver does not report compatibility.
If you enable this policy setting, the print spooler will ignore the Driver Isolation compatibility flag value reported by the print driver.
If you disable or do not configure this policy setting, the print spooler will use the Driver Isolation compatibility flag value reported by the print driver.
Notes: -Other system or driver policy settings may alter the process in which a print driver is executed. -This policy setting applies only to print drivers loaded by the print spooler. Print drivers loaded by applications are not affected. -This policy setting takes effect without restarting the print spooler service.
4.Mar.2011 |
by Gusac |
Filed in: Articles, Tutorials
Windows has special folders like Tasks, Printers, My Documents etc. You can create such special folders by renaming a new folder with a specific GUID. However, we are here to discuss a new special folder in Windows vista and windows 7 coined as ‘GodMode’
Godmode gives access to all the Windows settings in one place, making it easier for you to change and tweak your windows from one place.
Steps to create Godmode:
Create a New Folder
Rename it to "GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}"
Honestly, you can give any name instead of ‘GodMode’. Just provide any name, followed by a Period (.) and THE GUID. Here is the screenshot :
If you open the folder, it will have ALL the available settings:
Note: It works well on Windows 7 x86, x64 and Windows vista x86 but on Windows Vista x64, it is known to have issues like explorer and/or windows crash.
