What is Microsoft missing at deployment field?

As you maybe know, I am no longer deployment specialist – now I am specializing on SBC (Server Based Computing), however I hope so there are still few comments and I left and sounds reasonal 🙂

Linux environment got big advantage with rpm packages – installation is easy. However Microsoft got same technology – Windows Installer aka MSI. Why it is not broadly accepted?

 Because there is nothing like Windows Installer Express – studio to create MSI packages easily and for free. And I dont see any reason why not to have tool like this 🙁

 Second tool that was missing was Windows PE available publicly for free – finally they achieved this with Windows PE 2.0, hoooooraaaaaay 🙂

Last thing I am really missing (and again, I dont see any reason, specially with Microsoft focusing on WIM today) is per-demand PXE boot.

What do I mean? Standard deployment scenario is to have some techies running around with cds and installing OS using images. More advanced scenario (including RIS or WDS) is to use PXE – principle is the same, you have techies running around, this time without CDs, they boot target computer, select boot from network and select image to install.

Looks logical, right?

But we are talking about unattended installation and running around doesnt fit to this image.

Per-demand PXE is little different – EVERY PC boots automatically to network. It finds PXE server and doesnt have any image assigned, so it automatically continue with booting regular windows. However when you want to install something – you just assing correct image on PXE server, link it with you computer MAC address and reboot target server. After reboot it links with PXE server, detect one assigned image, boots it and install automatically.

That means that to reinstall computer, you just need to reboot it or wol it (wake on lan it).

Easy and powerfull. I had solution like this implemented using ftfpd32.

Hacking SAM database on offline Windows

Today I had presentation for my colleagues – they had to prepare few vmware machines for me to test some functionalities…

 However there was old local administrator password on these boxes – the one that no one was able to remember…

 So I tried to use one of my “oldies goldies” tools called Offline NT Password & Registry Editor. This utility (or should I say Linux distro? ;)) is using known security issues of windows with local SAM file (hope so it is fixed once and for all in Windows Vista).

 You can download it here: http://home.eunet.no/pnordahl/ntpasswd/

 You download CD image (you can burn it or mount it to virtual CD drive), boot from it, hit enter few times (default configuration) and voila – you local administrator password is empty – and you were able to do it in few minutes….

 I know that I shouldnt be happy about such security bug (specially if even SysKey is not able to protect you), however it helped me too many times… And hope so it will help you too 🙂


Managing multiple Terminal Servers

Whether you are terminal services expert or just casual administrator that needs to touch remote servers using TS, you should have a look at visionapp Remote Desktop.

 I really like new RDP 6.0, however I am missing centralized management of identities and credentials. If you need to support just few servers, its not really problem, however if you need to support tens or hundreds, lack of these management capabilities can be really horror.

 VRD (visionapp Remote Desktop) allows you to centralize this TS management. If you are like me (little bit paranoid), you have at least two accounts on your personal notebook (normal user & admin, or even better (my case) normal user, operator and admin), you would like to have option to connect to TS without specifying user credentials over and over again.

 You can find VRD here.

Configuration is per-user and you can find it in registry under location HKEY_CURRENT_USER\Software\visionapp\vRD, value Configuration.


This configuration is in XML format, so you can easily modify it (or create scripts for auto generation).