Virtual Router Wifi Hotspot for Windows 7

Microsoft’s CodePlex has released Virtual Router that turns a Windows 7 Computer into a Wifi Hotspot using Windows 7’s Wireless Hosted Network (Virtual Wifi) technology.

Virtuual Router turns any Windows 7 or Windows 2008 R2 Computer into a Wifi Hot Spot using Windows 7’s Wireless Hosted Network (Virtual Wifi) technology.

The Wireless Network create/shared with Virtual Router uses WPA2 Encryption, and there is not way to turn off that encryption. This is actually a feature of the Wireless Hosted Network API’s built into Windows 7 and 2008 R2 to ensure the best security possible.

You can give your “virtual” wireless network any name you want, and also set the password to anything. Just make sure the password is at least 8 characters.

Download : Virtual Router

Create bootable USB drive for Hyper-V Server 2008 R2

BootFromUSB is a simple application to automate the manual preparation process for booting Hyper-V Server 2008 R2 off of USB drives.

Description
A simple application to automate the preparation process for booting Hyper-V Server 2008 R2 off of USB drives.

The application automates the manual USB creation process detailed on the Microsoft website.

Requirements

* Copy the EXE locally
* You have the Windows AIK or Windows OPK installed.
* You are running as a local admin
* You have the INSTALL.WIM file for Hyper-v Server 2008 R2 available.
* You have .NET 3.5 or later installed.

Directly using a prepped Hyper-V Server 2008 R2 VHD file (instead of from a WIM):

One additional feature of BootFromUSB is you can leave the WIM field (step3) blank and
select a “Blank” VHD that is actually a pre-configured sysprepped VHD and it will directly
copy the VHD to the USB drive.

This is a quick way to prep USB drives since it skips the long VHD creation and WIM
extraction processes.

NOTE: The operating system will display a “Format disk?” dialog box a number of times while preparing the USB drive. You should ignore and just close those dialogs.

Download : http://code.msdn.microsoft.com/BootHVSR2FromUSB/Release/ProjectReleases.aspx?ReleaseId=3549

RDP 7 for Windows XP and Windows Vista

Remote Desktop Connection (RDC) 7.0 client available to Windows XP and Windows Vista.

For Windows XP :
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=72158b4e-b527-45e4-af24-d02938a95683

For Windows Vista :
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ac7e58f3-2fd4-4fec-abfd-8002d34476f4

For Windows Vista x64 :
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=11e7a081-22a8-4da7-a6c5-cdc1ac51a1a4

More details : http://support.microsoft.com/kb/969084

Windows 7 Compatibility Center

Do you own a old hardware (for example printer, scanner, or any other device) or software and want to check its compatibility with Windows 7? Apart from using the Windows 7 Upgrade Advisor, there is an excellent online resource which tells you whether a software or hardware is compatible with Windows 7 or not.It’s the Windows 7 Compatibility Center which list thousands of products and clearly label their compatibility status for Windows 7.

Click here : Windows 7 Compatibility Center

Microsoft Releases “Windows 7 USB/DVD Download Tool” for Installing Windows 7 from USB

Windows 7 USB/DVD Download Tool allows you to create a copy of your Windows 7 ISO file to USB flash drive or DVD. To create a bootable USB flash drive or DVD, download the ISO file and then run the Windows 7 USB/DVD Download tool. Once this is done, you can install Windows 7 directly from the USB flash drive or DVD.

Download: Windows 7 USB/DVD Download Tool or My Shared  Box

UPDATE 11/21:

Microsoft has confirmed their Windows 7 USB/DVD Download Tool does contains GPLv2 code (although they say it was not intentional). Microsoft will make the source code as well as binaries for this tool available next week under the terms of the General Public License v2.

Applications That Are Known to Work with RODCs

Overview of what applications are supported to run with a Read-Only Domain Controller (RODC) implementation.

1.Microsoft Internet Security and Acceleration (ISA) server
2.Microsoft Office Live Communications Server
3.Microsoft Systems Management Server (SMS)
4.Microsoft Office Outlook
5.Microsoft Operations Manager (MOM)
6.Windows SharePoint Services
7.Microsoft SQL Server 2005
8.Active Directory Certificate Services (AD CS)
9.Active Directory Rights Management Services (AD RMS)
10.Credential Roaming
11.Distributed File System (DFS)
12.Distributed File System Replication (DFSR) and File Replication Service (FRS)
13.Domain Name System (DNS)
14.Dynamic Host Configuration Protocol (DHCP)
15.Group Policy
16.Internet Authentication Service
17.Internet Information Services (IIS)
18.Network Access Protection (NAP)
19.Terminal Services (Users and Computers snap-in)
20.Terminal Services Licensing server

Note:Exchange isn’t on the list. In fact, you can’t run Exchange (2000, 2003, 2007) if there’s only a RODC it can connect to. Exchange needs a full-DC around to function correctly.
Reference:http://technet.microsoft.com/en-us/library/cc732790(WS.10).aspx

Disk2vhd v1.0

Sysinternals  offers a free P2V tool Called Disk2VHD that creates VHDs (Virtual Hard Disks) of physical disks for use in Microsoft Virtual PC and/or Hyper-V virtual machines (VMs).  You can run Disk2vhd on a system that’s online, since it uses Windows Volume Snapshot (VSS) capability, to create consistent point-in-time snapshots of the volumes you want to include.

To use VHDs produced by Disk2vhd, create a VM with the desired characteristics and add the VHDs to the VM configuration as IDE disk(s).
On first boot, a VM booting a captured copy of Windows will detect the VM’s hardware and automatically install drivers, if present in the image. If the required drivers are not present, install them via the Virtual PC or Hyper-V integration components.

You can also attach to VHDs using the Windows 7 or Windows Server 2008 R2 Disk Management or Diskpart utilities.

Download here

For more information: Sysinternals website

Microsoft Security Essentials Released

Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software. Microsoft Security Essentials is a free download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.

Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.

Download: Microsoft Security Essentials

LimitLogin: Step By Step

LimitLogin is an application that adds the ability to limit concurrent user logins in an Active Directory domain.
It can also keep track of all logins information in Active Directory domains.

LimitLogin capabilities include:

· Limiting the number of logins per user from any machine in the domain, including Terminal Server sessions.

· Displaying the logins information of any user in the domain according to a specific criterion (e.g. all the logged-on sessions to a specific client machine or Domain Controller, or all the machines a certain user is currently logged on to).

· Easy management and configuration by integrating to the Active Directory MMC snap-ins.

· Ability to delete and log off user session remotely straight from the Active Directory Users and Computers MMC snap-in.

· Generating Login information reports in CSV (Excel) and XML formats.

LimitLogin grants System Administrators, Help Desk staff or any other IT-related personnel the ability to quickly query for any user logged on to the domain and view the machines they’re currently logged on to, while enabling the above list of features and management tasks to be performed on those user sessions.

Download the LimitLogin:http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359cc0842/limitlogin.exe

Configuration:

PHASE 1:
=======

1) IIS must be installed along with ASP.NET – This does not have to be on DC

2) Make sure the following Web Extension are set to Allowed in IIS Services:

ASP.NET v1.1.4322

3) Install “LimitLoginIISSetup.msi” on the IIS server

NOTE: SSL can be used but it should be configured before proceeding with second phase of install. However, the configuration can be modified latter to use SSL. Just edit the 3 HTTP entries at the bottom of the “LimitLogin.wsdl file” to use HTTPS instead

4) Add WSLimitLogin.asmx to the top of list in the Documents tab of the website.

NOTE: If you did not install IIS on a DC then you will have to configure the IIS Server to be “Trusted for Delegation”. See the section titled, “Manually configuring ‘Trust for Delegation’ in the “LimitLogin Active Directory Setup” portion of the LimitLogin.chm help file for directions on configuring this.

5) Verify “Integrated Windows Authentication” is set on the “Directory Security” tab of the website under “Authentication and Access Control”.

NOTE: Web site must Integrated authentication not anonymous.

6) Attempt to connect to http:///WSLimitLogin.

NOTE: Reinstall SP1 if IIS returns “Service unavailable” and generates DCOM and W3SVC errors in the System log

7) Create a hidden share on a server that will eventually house the llogon.vbs and llogoff.vbs scripts and make sure authenticated users has Read access to the NTFS and Share permissions.

NOTE: You can placed these files in Netlogon if you want to distribute the load amongst all DCs in the domain.

PHASE 2:

=======

1) Logon to a Windows XP machine or a DC with Schema and Enterprise Admin rights and Install “LimitLoginADSetup.msi”

2) You will be presented with three boxes in the Setup Options:

Prepare your Active Directory Forest for LimitLogin
Prepare your Active Directory Domain for LimitLogin
Install LimitLogin AD MMC add-in tools on this machine

3) If you are going to run setup in phases extending the schema with the LimitLogin Classes and Attributes must be done first.

4) The scripts will be configured using the data you enter here:

- UNC path of the file share where the login scripts will go (\\domainname\Netlogon)
- Host name of the Web server
- Web Service Name (Default is WSLimitLogin)
* Optional SSL checkbox

5) You will be prompted to enter the host name of a Windows Server 2003 DC that will host the application partition that is dynamically created.

NOTE: Replicas of this application partition should be configured to avoid an outage if the one DC is offline.

6) The LimitLogin version of Active Directory Users and Computers MMC Snap-in will be installed.

7) You will get a pop-up telling you to copy the llogin.vbs, llogoff.vbs and limitlogin.wsdl files to your share. Copy the files at this time.

PHASE 3:
=======

1) Client machines must have .NET Framework version 1.1.4322 or higher to install the client.

2) At this time Windows Firewall must be completely Disabled to have the logoff feature function.

3) Configure a Computer GPO that installs the “LimitLoginClientSetup.msi” client application to all targeted workstations.

NOTE: Directions on how to configure this are located in the LimitLogin.chm help file under the section titled, “Setting up clients for LimitLogin”.

FYI: In Step 8 of the help file you are directed to check the “Install Application at logon” option but this feature is not available. I left mine set as Assign and did not check “Install Application at logon” and installation worked fine. If you want to make use of the “Install Application at logon” feature you must click the “Assign” radio button (even though it is already selected) and the check box for “Install Application at Logon” will appear.

4) Configure a User policy that applies to all monitored users in a top-level OU. The Logon and Logoff scripts will point to the UNC of the llogon.vbs and llogoff.vbs respectively.

5) Import the “Limit Logon Computer Logoff Options.adm” file to the User GPO where the scripts are defined. An empty “LimitLogon Remote Logoff Options” node will appear.

NOTE: This ADM file is located in the same install folder where the scripts were created. Just copy this to %systemroot%\inf and edit the GPO.

6) To make the settings configurable in the GPO click View > Filtering and UNCHECK “Only show policy settings that can be fully managed”

7) See if this user’s logon script GPO has to be applied to computers as well as users by linking just to the OU where the users are and not computers.

Enable – “Logoff sessions remotely” and check the option “Attempt to remotely logoff the selected sessions”
Enable – “Prompt and confirm every remote session logoff” and check the option “Prompt and confirm every selected session before attempting Remote Logoff”
Enable – “Wait for remote logoff attempts to complete and report status” and check the option “Wait for remote logoff attempts to complete and report status”

8 ) On the OU where the users are going to be managed, right-click and select LimitLogin Tasks…. Click Configure and set the limit to 100 (the highest that will apply) or limit the user to a smaller number of logons if you wish. This must be done to activate the Remote Logoff functionality.

Fix for File Replication System (NTFRS) replication problems (Event ID 13549)

This fix worked for me in resolving an issue where a additional domain controller was in a death cycle of starting/stopping/restarting the FRS service every few minutes.

Symptoms

If, after you run DCPROMO to add a domain controller to the existing domain, after reboot, you run into a problem where the NETLOGON and SYSVOL shares are not being created and you check the File Replication Service logs in the Event log to find the following error messages:

(Event ID 13549)
The File Replication Service is unable to replicate from a partner computer because the event time associated with the file to be replicated is too far into the future. It is 30 minutes greater than the current time. This can happen if the system time on the partner computer was set incorrectly when the file was created or updated. To preserve the integrity of the replica set this file update will not be performed or propagated further.

The file name is: “[YOUR_PROBLEM_FILE_HERE]“
The connection to the partner computer is:
“DOMAIN SYSTEM VOLUME (SYSVOL SHARE)\NEWDC_NAME\\\PDC_EMULATOR_NAME.domain.com <- \\ PDC_EMULATOR_NAME.domain.com RemoteCxt”

Resolution

Make sure and keep copies of all the folders and files.

Take these actions to resolve your problem:

On all Active Directory registered domain controllers:

1. Stop NETLOGON Service
2. Stop File Replication Service (NTFRS)

On the PDC Emulator:

1. Rename all files in the %systemroot%\ntfrs folder and subfolders (change their extension to .old).
2. Give an unlisted account full control of the directory %systemroot%\SYSVOL folder and reset permissions on all child objects.
3. Change the registry key:
HKLM\System\CurrentControlSet\Services\ntfrs\paramaters\Backup/Restore\Process at Startup\BurFlags (REG_DWORD) = D4
(The default on this is 0)
4. Start the NETLOGON Service
5. Start the NTFRS Service

On all non-PDC emulators:

1. Change the registry key:
HKLM\System\CurrentControlSet\Services\ntfrs\paramaters\Backup/Restore\Process at Startup\BurFlags (REG_DWORD) = D2
2. Start the NETLOGON Service
3. Start the File Replication Service (NTFRS)

At this point, the system in question should have recreated the SYSVOL share and the NETLOGON share. Check this by running ‘net share’ from a command prompt. You should also see the Group Policy Objects listed in the SYSVOL directory as:

%systemroot%\SYSVOL\domain_name\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}

%systemroot%\SYSVOL\domain_name\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}

There may be more directories listed here, but these are the Default Domain Policy and the Default Domain Controllers Policy that are installed by default when the Active Directory is created. If these are being replicated, then file replication is functioning.