Windows

It always happens on a Sunday.

Whilst working on a rollout on the outskirts of Rio, I discovered that the ?/ᴏ key was not working on the laptops I was deploying.

Keyboard

The machine did not have an OEM installation of Windows 7, but a customised image with the Brazilian MUI installed.

To resolve I had to add this registry key and reboot.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
“Scancode Map”=hex:00,00,00,00,00,00,00,00,02,00,00,00,73,00,1d,e0,00,00,00,00

This issue occurs with ABNT and ABNT2 keyboards.

Today I was presented with a Windows 7 Home Premium laptop, that until a couple of days ago had sound and LAN connectivity.

The sound worked when diagnostics were run, but would not run when Windows 7 was loaded. So I knew it was not defective hardware.

The solution which was relatively easy to implement took a while to discover and I will update this post at a later date with the troubleshooting steps.

The solution was to add to the local administrators group the networkservice and the localservice

This can be done by running these two commands from an elevated command prompt:

net localgroup Administrators /add networkservice

net localgroup Administrators /add localservice

Once these two commands are run, restart the laptop and if your issue was the same as mine, sound (and LAN) should now be working.

 

82141_d6 MMS Email

Just picked up on this from Microsoft, The Best of MMS 2012 in the UK, looks interesting.

Learn about 2012’s exciting wave of Microsoft Private Cloud product launches and announcements – starting with the release of System Center 2012.
Get the latest insights into the Microsoft Private Cloud and learn what’s new in System Center 2012. The Best of MMS 2012 brings you the highlights from MMS 2012 conference in a choice of UK-wide one-day or virtual events.

Understand the Microsoft Private Cloud vision, strategy and roadmap, with deep dive sessions on managing your applications, infrastructure, desktops and devices plus sessions on service delivery and automation – opportunities you won’t want to miss.

Experience how System Center 2012 lets you manage your virtual, physical and cloud environments from a single console using common and consistent management experiences that give you full control of your datacentre.

The Best of MMS 2012 is the best possible opportunity to interact with Microsoft, key strategic partners and customers at ONE of THREE events.

Register now:

8th May 2012, Hilton Deansgate, Manchester

clip_image002[6]

10th May 2012, Thames Valley Park, Reading

clip_image002[7]

17th May 2012, Cardinal Place, London

clip_image002[8]

 

TIME

clip_image001

AGENDA

clip_image001[1]

clip_image001[2]

08.30-09.30

Registration

clip_image001[3]

clip_image001[4]

09.30-10.00

Microsoft’s Private Cloud: Built For The Future, Ready Now

clip_image001[5]

clip_image001[6]

10.00-10.30

What’s New in System Center 2012

clip_image001[7]

clip_image001[8]

10.30-11.00

BREAK

clip_image001[9]

clip_image001[10]

11.00-12.00

Infrastructure and Fabric Management

clip_image001[11]

clip_image001[12]

12.00-13.00

LUNCH

clip_image001[13]

clip_image001[14]

13.00-14.00

Service Delivery and Automation

clip_image001[15]

clip_image001[16]

14.00-15.00

Application Management

clip_image001[17]

clip_image001[18]

15.00-15.30

BREAK

clip_image001[19]

clip_image001[20]

15.30-16.30

Desktop and Device Management

clip_image001[21]

clip_image001[22]

16.30-17.00

Networking and Close

 

Microsoft have published an excellent document on Single-Label-Domains in Active Directory Domain Services (AD DS) – Considerations, Migration, and Co-existence. It is well worth a read, even if you are not impacted by this issue.

Management Summary

An Active Directory domain name that contains one or more labels separated by a dot is referred to as a fully qualified domain name with two or more names and it will be referred as FQDN in this document. In contrast there is the concept of single-label domain (SLD), which refers to Active Directory domain names with only one label.

Given that SLD is not a commonly deployed configuration and that many Microsoft and third-party applications have not been tested under an SLD configuration, Microsoft recommends FQDN Active Directory deployments. For companies who have deployed SLD, they should transition to an FQDN Active Directory deployment. This will ensure that they get the most value out of their deployed applications.

For companies that will be evaluating transition to FQDN from SLD configurations, this document describes the options and considerations that they will need to take into account. In particular it describes Domain Migration and Domain Rename operations and explains the different considerations of these two options, so that companies can build a transition plan that makes sense to them.

Long-term, the goal of Microsoft is to have customer infrastructures using common, tested configurations to minimize costs and effort to administrate the Active Directory (AD) and DNS environment. The use of multi-label names is Microsoft’s recommended naming configuration.

Organizations that have SLD configurations should begin by analyzing their current environment to find out the best mitigation option.

Domain rename operations might be feasible in certain scenarios, mainly for smaller organizations or those that can tolerate some outage while removing and reinstalling applications that are incompatible with domain rename.

The migration into a non-SLD forest and domain structure should be well aligned with the product lifecycle and the future IT infrastructure roadmap of the organization.

The transition from a single label to a fully qualified Active Directory domain namespace puts your clients, servers, domain controllers, the operating systems and applications in a namespace configuration that can deliver the following benefits:

  • Provides the broadest application support, including the ability to deploy applications on day 1 after release without fear that support will be deprecated in a future release, will be deferred until a future release, or will never support forests configured with SLDs, possibly even blocking installation in SLDs.
  • Receives the highest number of test passes by Microsoft and third-party application developers
  • Requires the least additional configuration to register and resolve DNS names of interest
  • Delivers the lowest total cost of ownership (TCO) by reducing complex configurations and by consolidating forest and domain structures
  • Enables enhanced security capabilities of new versions of AD DS
  • Aligns the namespace assigned to your forest with same type of namespace assigned to the top thousands of domains deployed and operated by other customers over the last decade or more
  • Receive Microsoft cloud support, because only domains with fully qualified DNS names are supported by Microsoft cloud services such as BPOS and Office 365

Download: Single-Label-Domains in Active Directory Domain Services (AD DS) – Considerations, Migration, and Co-existence

 

If you are looking to understand what the security policies in Windows 7 and 2008 R2 mean and how they can impact your environment, then this guide is a must read.

Threats and Countermeasures Guide: Security Settings in Windows 7 and Windows Server 2008 R2

The document is covers the following categories in some depth:

Account Policies

This section discusses the Group Policy settings that are applied at the domain level: password policies, account lockout policies, and Kerberos protocol authentication policies.

Advanced Security Audit Policy

This section discusses the use of advanced audit policy settings, which are now integrated with Group Policy to monitor and enforce your security measures. It describes the various settings, and it provides examples of how audit information is modified when the settings are changed.

User Rights

This section discusses the various logon rights and privileges that are provided by the Windows 7 and Windows Server 2008 R2 operating systems, and it provides guidance about which accounts should be assigned these rights.

Security Options

This section provides guidance about security settings for digital data signatures, Administrator and Guest account names, drive access, driver installation behaviour, and logon prompts.

Event Log

This section provides guidance about how to configure the settings that relate to the various event logs on computers running Windows Server 2008 R2 or Windows 7.

System Services

Windows Server 2008 R2 and Windows 7 include a variety of system services. Many of these services are configured to run by default, but others are not present unless you install specific components. This section describes the various services included with the operating systems so that you can best decide which ones to leave enabled and which ones can be safely disabled.

Software Restriction Policies

This section provides a brief overview of the Software Restriction Policy feature that is available in Windows Server 2008 R2 and Windows 7. It provides links to additional resources about how to design and use policy settings to control which applications can be used in your organization.

Application Control Policies

This section provides a brief overview of the AppLocker™ feature that is available in Windows Server 2008 R2 and Windows 7. It provides links to additional resources about how to design and use policy settings to control which applications can be used in your organization.

External Storage Devices

This section describes Group Policy settings that can be used to limit, prevent, or allow the use of external storage devices in networked computers.

Additional Resources

This section provides links to additional information sources about Windows security topics from Microsoft that you may find useful.

Threats and Countermeasures Guide: Security Settings in Windows 7 and Windows Server 2008 R2

THIS EVENT HAS BEEN CANCELLED.

ad_EW_EXC_728x90_LONDON

How does eliminating the costs of 3rd party solutions sound?

Join experts Tony Redmond and Paul Robichaux at this 3-day Essentials workshop and take a practical approach to mastering Exchange 2010 – one that is immediately useful, easy to learn, and enables smooth and graceful deployments of Exchange.

This event is worth your time and budget:

  • You’ll learn the key "gotchas" and hurdles that others have faced so that you don’t have to!
  • You’ll leave knowing how to plan and execute your Exchange migration.
  • You’ll spend time with and learn from the most popular and experienced Exchange instructors, Tony Redmond and Paul Robichaux.
  • You’ll acquire skills that will reduce, or even eliminate, the costs associated with purchasing 3rd party solutions.
  • You’ll walk away with 500 GB external hard drive with an electronic toolkit full of labs and examples covered in class so your expertise will continue to grow after you leave.
  • You’ll be part of a small class, allowing for one-on-one interaction and feedback from the instructors.

Early bird registration now ends 7th May! Register now and save £250! (Contact me for the additional Windows Server User Group Discount Code).

About Tony and Paul:

Tony Redmond is a contributing editor for Windows IT Pro, Microsoft MVP, and the author of ten books on Exchange including Microsoft Exchange 2010 Inside Out (Microsoft Press). Tony has been writing about electronic mail since 1992 and is one of world’s foremost commentators on and influencers of Microsoft collaboration technology, chiefly focusing on Microsoft Exchange Server.

Paul Robichaux has been a senior contributing editor at Windows IT Pro for over 10 years. A Microsoft Exchange MVP and MCSE, Paul specializes in helping people understand how to get the most from Exchange.

Note: There is nothing in this for me, just passing on the information.  Also for all you Active Directory buffs out there, Brian Desmond will also be in attendance.

MSW_Tour_AllupBanner

May 2 – Toronto | May 4 – Detroit | May 6 – Chicago | May 9 – Indianapolis | May 11 – Dallas | May 13 – Columbus

The Springboard Series Tour is back! This 6 city tour brings the top product teams from Microsoft to you. We understand the questions and issues that IT pros deal with every day. How do I manage end users bringing consumer devices into the office? Should we look to the cloud for key solutions? Should I virtualize? What are the best tools to manage application compatibility and deployment? The Springboard Series Tour brings the experts and the answers.

Join us for a full day’s deep dive into the tools, solutions and options to help you do more with less. We will cover managing the flexible workspace, a first look at Windows Intune and Office 365. We’ll also show you some of the new Windows Slates and give you details around Microsoft’s strategy for Slate devices. We will preview  the new tools in the MDOP 2011 suite, a deep dive into managing and deploying Office 2010 and great tips and tricks to help you deploy Windows 7 and move your users from Windows XP with speed and ease.

REGISTER NOW and save your seat for this free day of technical demos, Q&A sessions, and real-world guidance from Microsoft experts.