Scotty

Updating a Windows License Key

Earlier a friend asked if there was a supported way to change the license key on a server a colleague of his had lovingly spent the day building and configuring but had installed with the wrong license key. Have now found the link I saved the last time this came up which is http://support.microsoft.com/kb/328874 and although it talks about XP a lot also pertains to apply to 2003 although only mentioning the 32 bit version. Will update you once he has a chance to try this on the 64 bit version and let you know if it works.

gPLink Attribute Format

A friend asked me earlier about this attribute which is used on Sites, Domains and Organizational Unit objects to link them to Group Policy Objects.

The attribute is composed of a sorted list of aDSPath's and GPO Link Options. Each is delineated by square brackets with the aDSPath first and the options second divided by a semicolon. For example [LDAP://cn={B6BB700D-71C8-49F3-9CF9-0A0E65C1A8C1},cn=policies,cn=system,DC=example,DC=com;0].

In the example above the GPO link is enabled (bit 0=false) and not enforced (bit 1=false).

To disable a GPO link set bit 0 to true.

Likewise to force the settings in the GPO on subsequent Organizational Units set bit 1 to true.

While on the subject of the gPLink attribute the article over at http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/gpo.mspx among the mistakes lists the gPLink attribute as being on the GPO's themselves which it is not and I know has caused a number of people a fair amount of grief as they try to debug scripts.

Server Core and Drivers

Following on from my comments the other day about Core this entry will look at drivers which as you can imagine without a device driver GUI to install and inspect drivers can be a somewhat confusing endeavor.

Commands I would recommend you learn are

• pnputil
• driverquery

For example I will look at installing the VMware network driver which if like me you use VMware on a regular basis is an essential since Microsoft removed the driver capable of accessing the emulated interface in Vista and Server 2008.

First off choose the install VMware Tools from the VM menu which will connect the tools ISO to the CD drive of the guest VM. If you want to install the VMware Tools in total then all you need do is run D:\Setup.exe and the graphical installer will run just fine.

In many cases I just want the network to work and not have to deal with the occasional problems I am getting on subsequent reboots with the VMware Tools installed. In this case I want to add and install the relevant drivers to the system using pnputil and the -a and -i options  respectively pointing at the vmware-nic.inf on the tools CD.

 pnputil -i -a "D:\Program Files\VMware\VMware Tools\Drivers\vmxnet\win2k\vmware-nic.inf" 

Now if you run driverquery you will see the vmxnet driver listed at the end of the list.

The same basic principle applies to adding and installing other drivers.

I am very lucky and work with one of the best Windows 'builds' professionals I know and quite often take for granted the easy access to obscure knowledge on BDD 2007 that I have for some of the more annoying features that manifest on occasions but I would recommend it to anyone as the easiest way to deploy Vista or Server 2008 including Core for the GUI interface to adding drivers and additional software if nothing else. Check it out and setup a Windows Deployment Services for a much easier deployment story.

Learning Server Core

Mark mailed me last night to ask about my crib sheet for Core Server but as it was Friday evening was taking a rest from the digital world. A hour and a half later he mailed me back to say he had found all he needed.

Now this was from the mail Mark's first real go in anger at installing and configuring Core Server but we have to remember he is an great Windows professional and old enough to have used command lines for a significant proportion of his life with computers.

I don't think this experience will generally be unusual, although the speed will I guess be day and a half not not hour and a half, for server/operations teams with skilled individuals who will learn and teach others often by providing scripts and procedure sheets.

I can think of a couple of instances where Core Server is not going to be as easily picked up and used

• Small organisations where GUI is king and most likely the server team is also the 3rd line support for most things Windows including the desktops - almost invariably in these organisations anyone with 'advanced' skills advances their career elsewhere
• Dictat from an architecture team or management who fancy new technology or want to move to Windows 2008 and perhaps see Core as a way to deploy on lower spec equipment than the full server would require

Just like any operating system not sufficiently understood and managed Core Server could be a support and security problem unless planned for properly.

So what can you do for yourself and your organisation to prepare for it? Mark will be blogging on his journey of discovery and I will be following this posting up with further observations and suggestions.

For starters here are a couple of things that may be of immediate use

• Microsoft removed the driver to access the VMware virtual network interface from Vista and Server 2008 so you will at a minimum have to install the driver if not the full VMware Tools if using VMware for your testing - compatibility and reliability are sited as the reasons for this decision
• On the June CTP if you install the Virtual Machine Additions from Microsoft Virtual Server R2 SP1 and rename a Core Server it will in my experience 'blue screen' every time you reboot until you enter safe mode and remove the additions - install OS, rename computer, install additions seems to work fine but is a royal pain

Microsoft Industry Insiders Blog

One of my current projects is a PKI implementation for an old client so have been rereading various PKI, certificate sources and some of the most interesting are Adrian Beasley's on http://blogs.technet.com/industry_insiders/default.aspx which I would recommend for anyone looking at smartcard deployments in particular.