Back to the root – simply tricks that works

There are many tips and tricks in Windows that we (administrator) are not familiar with. How can it be? It is too obvious that it will same us some time, so we simply ignore it 😉 I just “found out” that regedit supports Favorites – I knew about it, however never used it before and I dont have any excuse for it 🙂

And there are many similar tricks – for example you can use favorites just by typing its name (for example I have saved under name “G” – when I want to go to goole, I just press F4, G and Enter)…

Do you also know something so obvious? 🙂

Restore registry key with security settings

Reg format have two problems when you try to import file to registry:

  • doesnt contain security settings

  • it is using merge instead of replace

This can be sometimes really unwelcomed – for example you want to automatically recreate ODBC settings everytime user logs on. What do you do? You create odbc.reg and automatically import it every time… Wrong! The problem is that if users creates some additional odbc sources, they will stay. Ok, so how can you completely overwrite the key???

In fact it is quite simple – instead of using .reg, you should use hive keys (.hiv). You can do it from regedit or if you prefer console, use Reg.exe instead (with Save/Restore switches).

I used this few times and it is really useful! In hive file, there are also informations about security settings, so you can easily create them.

This is sometimes really useful – hope so that it could help someone fighting with registry 😉

Linuxers view of my Vista presentation…

Well, Vista presentation was quite fun for me – however this time I was quite disappointed by interaction with people 🙁

There were quite many people from Linux community – I knew about it before the presentation started. I hoped there will be a lot of discussion, like “Why is this missing in Vista when we have it for a long time” or “how does this exactly work” etc… In fact I really like when someone from Apple/Linux community attend my presentations, because they see the things from different perspective.

However this time I was really disappointed – there were just STUPID questions like “Why Microsoft dont distribute ONLY Windows Vista N and allow to install utilities as optional components” and similar.


Similar situation occured when I was presenting Monad on LinuxHall – there were no technical questions or comparison to advantages of another scripting languages. I really hoped I will be able to send mail to Jeffrey Snover with content like “These linux guys had these ideas, I think they are great, wouldnt you like to have a look and think about it?”.

If you have a look at forums all around the internet, it seems that linux community is really great and that having dialogue with them could bring many great ideas. If you look at the same guys when you meet them personally, you will find out it is really hard to get anything usefull from them.

Dont get me wrong – I like the idea of Linux and I know many people that have clever ideas. However the mass of linux “power” users seems useless to me 🙁

Windows Vista myths

I am thinking about writing article about Windows Vista – after spending some time trying to find useful resources, I can see that internet is FULL of Vista myths… I encountered this article about Windows XP myths: and I would like to write something similar dedicated to Windows Vista tips.

I think it is really great – next time you will argue with someone, just send him this link 😉

But back to my problem – Vista myths…

If you encounter any myth/web/forum post, PLEASE post it as comment – I would really like to create a list of myths for this great OS 🙂

1.) Vista requires high-end GPU (graphic card)
This is simply not true – Vista will even run on integrated GPU. What requires high-end GPU is Aero Glass – but if you dont have capable card, you can still use old fashioned GUI.

2.) USB SuperFetch/ReadyBoost technology will expand your RAM
Again one of the really popular myths – it will NOT expand your ram, it will be used for SuperFetching.

3.) Microsoft is going to rewrite 60% of Windows Vista code.
I am sure original posted didnt never tried to program – can you imagine rewriting such big amount of code??? But I think I know where did myth come from – Microsoft rewritten about 60% of KERNEL code – but this is NOT whole Windows and it IS already done.

4.) There are already viruses for Vista
One of my favourites – these “viruses” are simple Monad scripts… In fact they wont work by default, because of monad security. These viruses would work if they would be deployed AND launch on target machine – which is not achieved. It is the same as I would say that Del c:\*.* is one of the most powerfull viruses. Dont get me wrong – that scripts are interesting, but they are NOT viruses at all!

5.) There is DRM in Vista – MS is spying on us
Popular MS-Spy stories attacks again 🙂 As far as I understand, there is integrated DRM-client in Vista – same client you would need now with DRM server, which is not active if you domain administrator didnt select it to! About DRM(TPM) – there is only BitLocker, which is in fact really useful technology and not a spy

6.) Windows Vista is build on top of WinFX
Isnt that little bit hard if there isnt WinFX installed by default? 🙂

7.) Windows Vista can eat all of your memory even when it is idle!
Again – I remember similar messages with Windows XP. Really nice article describing this can be found here:

8.) Whole kernel was rewritten – it is similar like 9x -> NT
This is also incorrect information – Vista is still based on NT kernel, however to be honest, really big part of it was rewritten and it is the biggest NT-kernel change ever.

9.) You will never need to restart your Windows Vista.
Nope, this is not possible with *nix/Windows architecture – there were few atomic OSes that allow this, but Vista WONT. However with Restart Manager it will be possible to really reduce the required number of restarts.

10.) I hear Windows Vista is based on Windows Server 2003 – does it mean it will be less userfriendly?
Nope, this is absolutely wrong. Every new build is based on latest available kernel – right now it is Windows Server 2003 SP1. There was quite problem with understanding which OS build is Vista based on – it was because first it was build on XP, later they decided to change it, because they wanted to have more componentized OS.

11.) There are really big problems with drivers in Vista. (April 13, 2006)
Based on my personal experience – there WERE big problems, but we can see really HUGE improvements from build to build. Latest build I am using (5353) installed EVERY driver without problems – including my SATA disks during installation and drivers for Axim X5. First build didnt even installed Audio and Network driver. So this is not exactly myth, however it is currently out-of-date information.

Do you know about any other Vista myths? Share it! 🙂

New Microsoft tool from Strider family

Do you know Strider? I would be surprised – Strider family is VERY promising security-related tool set, however it is not really know, because it is under Microsoft Research… They released new tool called Strider URL Tracker:

When a user visits a Web site, her browser may be instructed to visit other third-party domains without her knowledge. Some of these third-party domains raise security, privacy, and safety concerns. The Strider URL Tracer, available for download, is a tool that reveals these third-party domains, and it includes a Typo-Patrol feature that generates and scans sites that capitalize on inadvertent URL misspellings, a process known as typo-squatting. The tool also enables parents to block typo-squatting domains that serve adult ads on typos of children’s Web sites.”

Sounds interesting? Try free download here:

One common question about AutoLogon

This is question I got quite often – when I enable autologon (for example for deployment purposes), even when I logoff and I want to change user, it will automatically logon back!

Answer is quite simple – if you check, you can find setting called ForceAutoLogon.

Many people dont understand this setting correctly – this wont just autologon you, it will FORCE autologon. Which is really usefull for kiosk mode computers etc, when you have remote administration capabilities, however you can run into problems (I even know few guys that reinstalled computer to get rid of it).

Vista review for administrators?

Well, this week I am going to have presentation about Vista – it will be however different from usual reviews (most usual can be found on It wont be focused on normal users, however on administrators.

I found just one problem – it is really hard to get any informations except TechNet site – it looks like there is no administrator interested in anything else except new flashy UI 🙁

Just to make a small list of things I would like to speak about:

  • new Group Policy settings – now you can deny installation of USB flash disks, specify which devices can be installed and which cannot, you can “push” printers using GP based on OU or location and you can fully configure IE (so you dont need IEAK anymore). But there are really important changes under hood – for example policy templates are now in XML format! (instead of ADM you will work with ADMX files). Also what is important is that there are two ADM groups – language independent (ADMX) and language specific (ADML). This is really great for me (or from any administrator from non-english native country)!!! Also there is ONE central store for these files – right now you have all adm files in all GPOs (approx. 4MB per GPO). There is also important thing that it will be much easier to troubleshoot GP problems, because there is Group Policy Service (GP is finally NOT bind to Winlogon)! Also what is great (right now I am Citrix guy) is that you can use multiple Local GPO. Also important is network awareness – if GP failed, it will be automatically reapplied next time DC is available, not after specified time limit! Also, it is not based on ICMP protocol.
  • NAP – looks really great, this is one of the features, where you can find many different informations. It is next version of NQAC from W2k3SP1.
  • Deployment – MANY available informations about really GREAT WIM format – if you dont know about it, I HIGHLY recommend to check it out.
  • Networking – MANY changes, the whole TCP/IP stack has been rewritten, there is Teredo, Windows Firewall and IPSec are in one console, WFW is inbound/outbound, IPv6 is native, etc etc….
  • WMI classes – there are many new WMI classes, however there is NO document at all 🙁 In next Scripting guy they promised to have a look on scripting in Vista – I am really looking forward!
  • Stealth modding – this is quite simple – you should be able to change motherboard, CPU, memory etc. without famous BSOD. Havent tried yet, so I will trust Microsoft this will work 😉
  • Windows PC Accelerator – there are three technologies under this name:

    • SuperFetch – improved fetching from Windows XP, it will try to check which applications you are using often and it will cache them, so it should be much faster next time.
    • ReadyBoost – you can use USB flash disk to speed up your computer. This is information you can find quite often, but what does it mean – this means that informations required for SuperFetch will be in fact cached on you USB drive. You want to see if it is working? Try to install Vista on machine with 512MB ram and enable ReadyBoost and you will see the difference!
    • ReadyDrive – MUCH faster boot when using hybrid HDD. What is hybrid HDD? I am sure you heard about it before, it is HDD combined with flash memory.

  • Transaction FS&registry – also no need to describe – something gone bad or your computer freezed? Nothing happens 🙂
  • BitLocker technology – this is really great! For LONG time I was complaining that it is really easy to break winbox security using Linux or something like Offline NT Editor when you have physical access to computer. BitLocker is in fact fulldrive encryption based on TPM module or USB flash key (you DONT need TPM to use it in fact… Another on of myths about Vista).
  • Power Management – improved – you can configure it using GP, there are different schemes and you can easily switch them. Also there is new term – Sleep. It is combination of standby and hibernation – computer first go to standby, later it will hibernate. This is really great mode, which allows you to have advantages of both modes – standby (fast resume) and hibernation (no power withdraw).
  • Windows Backup – finally real backup solution for home users – if you have small company with one server, you can setup that your clients will  automatically backup to you server, if you have company without server, you can setup backup that each computer will hold backup of another computer etc.!
  • Auto Recovery – this is really great feature, it consist of many different technologies. There is for example Restart Manager, which should decrease restarts by about 50% (I think they CAN achieve it) – for example you are patching running application using windows installer package – normally it would use PFR (pending file rename) and replace file in use next time. Now RM will wait for that application to finish and then replace the file – and there is no need to restart. There are many different technologies using RM – for example autoupdate, windows installed and so on… Also the error reporting for improved (and it IS really useful now). When you report bug, you will get reply and ability to fix the problem. What is really great is that there is not just support for MS product – any vendor could provide solutions to his own problems!
  • Highly improved scheduled tasks and event viewer – again, many informations available, so I would speak about this great improvements.
  • for me personally not so important informations: WMP11, new UI, IE7, DVD maker, Windows Mail (ex. Outlook Express)…
  • Windows Calendar – finally some integrated calendar with one really great feature – online. You can share your calendar, you can use it on many computers etc…
  • RSS everywhere – this is quite sympatic, however I will still use my RSS Bandir 😉
  • Windows Defender – also important, but for us professionals – we already use it 😀 However it is important that it is built-in, because finally it will be broadly applied. Same as with GPMC – it is installed by default. I know it is available for long time, but I know MANY administrators that dont even know about existence of this tool.
  • Gadgets – we will see – the usability depends on available gadgets, right now it is quite useless (for administrators).
  • Sidebar – you need compatible laptop – I dont have it, so I wasnt able to test it yet 🙁
  • Windows Collaboration – really great implementation of P2P technology! You can create session in pub, share files, share desktops AND applications etc. I am going to pub with my IT colleagues quite often and this is one tool we will use for sure! 🙂
  • Parental Control & UAC – FINALLY users are not administrators anymore. However there are many questions regarding this – will there be anything like new EPAL? How many administrators will really use it?
  • XML files everywhere – many “strange” formats were changed to XML – for example adm files, inf file for usmt etc…
  • Service hardening – permissions for services have been reviewed and changed (similar to XP SP2)
  • Alternative Authentication – there is API support for alternative authentication – for example biometrics, smartcards etc…
  • many drivers were moved from kernel mode to user mode = less BSOD 🙂
  • Vista looks more like component-based OS (inspiration by *nix systems?) – it reminds me of XPe
  • There is new Windows Vista Mobile – right now it is just new UI to ActiveSync 4.1, but I hope they will change more things
  • built-in memory and HDD diagnostic – Microsoft have memory diagnostic tool available for long time (just google ;)), however now it is built-in in similar way as ScanDisk. Great – this can save a lot of work for technicians trying to found out problem.
  • Build-in Performance diagnostic console – this have three main components:

    • Resource overview – CPU, HDD, Ram and network
    • Performance Monitor – similar to older PerfMon
    • Reliability Monitor – this looks really nice – you can see overall stability of your system and see the points when it changed (driver installation, application installation etc.)

  • Remote Assistance – it is faster, more reliable etc, however there are two features I am interested in:

    • multishadowing (allow two professionals connected to one computer)
    • Restart resistent – this means you will be autoconnected after restart

I will try to keep this list updated – if I forget to mention something (I surely did), please add comment about it and I will update this list.