Tech-ed Berlin 2009: Day 4

Today I will go shopping for presents for my wife and kids. The last session ends at 18:15 and the store I want to go to is open till 21:00. There is a train station right next to the ‘spielmax’, and I feel confident that I will be able to get there in 1 go.

CLI312: Group Policy changes for Windows 7 and 2008R2

This session is hosted by Michael Kleef.

There are 2 reasons for me to attend this session. First of all, this is the only remotely interesting session at this hour of the day, and Group policy is something interesting which I actually use.

Secondly, this session is in the same room as CLI401, which it THE talk by Mark Russinovich. This means I don’t have to travel half a mile to get there in time.

The most important thing I took away from this talk was that in ‘7’, group policy is no longer just a logon action, but a hardened service to apply policy in the background. That sure is nice and would have solved a lot of my problems, if we actually ran something other than XP on my network. Still it is good to know for future reference.

This new service is network aware, so it will try to haul in group policy when it detects a domain controller, and not blindly wait until it is triggered by its default schedule. This is a boon for mobile users, or rather, the admins in charge of the machines of mobile users.

Then there was a word on group policy replication and how FRS (the file replication) sucks really bad. DFRs is supposed to be much , much better and solve a lot of issues. In particular, if FRS breaks (and it does), it doesn’t tell you. DFRs logs things in the windows event log for you.

Preferences were also mentioned, and how they can be used to help you configure computers with much more options, like printers, drive mappings, and other things. These are not real policies though.

Some part of the talk also covered the difference between adm files and admx files (the new file format for policies) and how they make your life easier.

I was impressed by the group policy abilities, though sadly I won’t be able to use them for a while, since we are still running 2003/XP.

CLI401: Windows 7 and 2008R2 kernel changes

This talk is hosted by Mark Russinovich.

This is amazing. I left the previous talk 5 minutes early to go to the bathroom and then returned immediately to make sure I got a good seat. For me, this is the most anticipated talk at tech-ed. The amazing thing is that the previous talk has ended slightly early, and yet the room is filling up already! There is another half hour to go, and most of the front half of the room is already occupied. And this is the largest room of the event!

2 years ago I was talking with a new programmer. You know the type: wearing a suit, having a slick haircut, carrying books about ‘patterns’… We ended up talking about programming, and I mentioned I was a C++ MVP and that I was currently reading Windows System Internals 4th edition because I really wanted to know how things work under the hood. He said he didn’t care about that level of understanding. He cared about managed languages, patterns, and ‘agile’ programming. No offense to the agile people, but it just fit with the rest of the picture.

At that point we had a bit of a disconnect. I am of the opinion that if you want to be a –real– programmer, then it is your duty to understand what you are doing, and not just doing things to get results.

At this point we are still 5 minutes away from the start of the talk, and the back of the room is getting packed as well. There are still some seats available, but pretty soon they’ll have to start turning people away.

As the talk is beginning, there is one moron in front of me using his cell phone. Personally, I would not presume to think that what I am saying is more interesting than what Mark is saying. And this is where Marks status among the audience shone through, because the guy with the phone was prodded from several sides and told bluntly to shut his yap. He stubbornly kept talking on, and I was glad he quit half a minute later, because there is a good chance that bad things would have happened.

Mark’s talk was very good. He has an easy way of talking to an audience, and he connected immediately. The talk started with an explanation of the various ways in which the memory footprint of Windows 7 and 2008R2 (they’re based off the same kernel version) has been decreased, so that it’s the first OS release ever to use significantly less resources than its predecessor. And not only has the memory footprint been reduced, but there have been other changes that prevent runaway processes to stomp over the working set of other components or applications.

In the realm of power efficiency, Mark talked mostly about core parking, triggered services and timer coalescence. One of the major investments in ‘7’ development  was to make sure that the kernel was doing ‘nothing’ as much as possible. J Incidentally, the kernel version for ‘7’ is 6.1, for no better reason than app compatibility and the morons who implement OS version checking the wrong way.

After that he briefly touched on the new virtual service accounts and managed service accounts, which are almost identical to normal service accounts, except that they managed their passwords like computer accounts.

The final part of the talk was about scalability, the number of CPUs Windows can use properly, and what was done to decrease the amount of lock contention in the kernel. It was pretty impressive. The biggest single improvement in scalability was the removal of the Dispatcher lock, which was apparently a very surgical process to do, and quite an achievement.

The talk zoomed past and was very interesting.

Afterwards I managed to ask Mark about his recent Newsid blog post, because I manage a complex software infrastructure in which the machine SID is used by the application, and I wanted to ask him about it. Mark asked if that software also runs on our DCs, and when I said yes, he then told me that it is not using the machine SID to communicate.

After first I was a bit skeptical, but then I remembered that in the past, we had 2 machines in our system which were both active in the software system AND fulfilling a domain controller role. So Mark was probably right. The reason I thougth it did use the SIDs, was that they are displayed, and sometimes referred to in documents or procedures.

Mark’s talk was top notch.


Mashed potatos with onion, Brussels sprouts, and pommes gratin with carrot and corn. It was good.

You may notice the absence of meat here. Quite unusual for me, and I haven’t turned vegetarian overnight. The meat was a good looking beef stew, but the description included mushrooms. I can eat regular plain mushrooms just fine. I like them. But if they used forest mushrooms (the weird looking ones) even in small amount, then that would be the end of tech-ed for me.

On the same note, I skipped desert, since all the cakes and muffins had red blotches, and I religiously stay away from red fruit, on the assumption that it may contain strawberry. The chances may be small, but strawberry could indeed cause a religious experience for me, or at least allow me to find out whether there is an afterlife or not.

For the same reason I skipped the sandwiches during the event party on Tuesday. I nearly picked up a cheese sandwich when I noticed they had slices of strawberry in between. I’ll never understand why on earth someone would put strawberry in a cheese sandwich, but it sure kept me on my toes.

DEV313: Architecture discovery and Validation with VS2010

This talk is hosted by Peter Provost.

The talk centered around the new architect tools in VS, and how they can be used by developers and architects to get an overview of large and complex applications, by creating hierarchies of namespaces and assemblies, and perform analysis on those various diagrams.

Related to this was the layering of code and classes, and how it could be used.

He also showed the UML modeling that can be done of existing code, to get a better understanding of what actual code is doing, and whether it is looking good (understandable) or not. The flip side of this was the ability to generate code from UML diagrams. What was also very interesting was being able to define validation diagrams which are checked against the code during compilation. This allows architects to detect violations of the various layer interfaces that were defined. The violations messages would take you to the violations themselves, so that you could easily see what the issue was, and you could fix it there and then.

This is something that is generally only useful for large projects, like for example the last project I did for a satellite test bench. With over 20 projects, a handful of developers and 50000 lines of code, it would have been very useful. Especially since we had to document everything with UML in detailed design documents. This would have saved me many months of work, both in documentation and design.

The first question of course was: does this support unmanaged C++. And the answer was no, it did not… yet.

This is apparently the number 1 asked question. Even people within Microsoft would really like to use this for the unmanaged codebases of the various projects which are unmanaged, and can be classified as ‘complex’, like Windows, Office, …

It will not happen in the VS2010 timeframe, but they are actively working on that feature. Judging by the effort required to make Intellisense run decently (not super, just ok) doing this for unmanaged C++ is a task of herculean proportions.

DEV410: Building high performance parallel software

This session is hosted by Steve Teixeira, who is generally a good guy despite having left the C++ team. The contender for this session slot was SIA313 about how attackers target the Windows stack, and how to protect against that. That seemed interesting too, but this is probably more practically useful to me.

Btw, as much as I would like, I am not going to hang around after his talk, because I will have to RUN (not walk) to hall 7-2C if I want to be in time to have a good seat for Mark Russinovich’s next talk CLI402 about the limits of Windows 7: another talk any self respecting geek just has to see if he or she is here this week.

I told Steve I’d drop by tomorrow morning at his other talk so that we could chat for a bit longer. He was glad he didn’t have to compete with Mark in the same session slot though J

Steve’s talk was basically a rollercoaster ride of demos with only a handful of slides, where he showed off the capabilities of the new concurrency analyzer tool (I forgot the actual name) for analyzing concurrency scenarios. I have to say it was pretty impressive.

After that part of the talk he also showed lock contention scenarios and how you recognize them. Btw, locks do not contend with Chuck Norris. For the rest of us it can be a real pain to deal with. The new analyzer even has runtime deadlock detection, which was sweet to see.

I didn’t write down much of the details, since these were demos and I was paying attention to those. This was a very nice talk and the new concurrency / parallelism features in VS2010 are definitely worth checking out.

CLI402: Pushing the limits of Windows

As I already mentioned, this is another talk by Mark Russinovich. The limits of windows are like the price of clothes in the ‘better’ boutiques: If you have to ask, you can’t afford it. But despite that fact it is really interesting to know the limits and know where they come from.

Steve’s talk ran slightly over time, so I hurried to get here. I didn’t quite run though. It was more like the speedwalk where you don’t trot and don’t quite shove people out of the way to get through. There is still 25 minutes to go and I have one of the last ‘really good’ seats where one has an un-obstructed view of the screen at about the right distance. There is a ton of people milling around and the front half of the room is packed; the back half is filling up as well. Really. They should have used the keynote hall for Mark’s talk.

10 minutes to go and the room is almost packed.

5 minutes and there is an announcement asking people to put up their hand if they are next to an empty seat. People are still queueing up, but too bad for them.

Mark held a captivating talk about the different types of memory (virtual, physical, …) the paged and non paged pool, processes, threads, object and handles. It was really an interesting talk. But the very best thing was when the talk ended, and I was able to walk out, been able to say to myself: I already knew –ALL– of that. That was a proud geek moment. J

I am not going to go into detail here because that would take too much time, and it would be incomplete as well. If you care about that, buy Windows System Internals, 5th edition.

The 6th edition is coming out somewhere in spring next year, and will cover ‘7’ and 2008R2. Still, 5th edition is definitely not a waste of time to read, because Vista/2008 is what we will be running next year if all goes well, and it is always good to know the gory details, even if I’ll never use it as anything else but a reference for understanding what the system is doing or for troubleshooting.

Wrap-up day 4

Whew, day 4 is at an end. I have to admit that I feel the strain of having to pay attention all week. Despite that, it is sooo worth it.

I learned a lot of great stuff today, and this is really the only place in Europe where you can get it. It was the first time I saw Mark Russinovich speak, and it was definitely something worth repeating.

After his talk I went went shopping for some toys for my kids. I can proudly announce that I took the correct train, and found it at the first try (after asking for help). Next I’ll be finishing this report, catch up with my mail, and then pack my stuff so that I can check out early tomorrow. I’m already looking forward to tomorrow evening when I can finally sleep in my own bed again.

Leave a Reply

Your email address will not be published. Required fields are marked *