Admin Arsenal Blog

Windows Server 2008 Server Core has always intrigued me and it's become one of those things that keeps simmering on my back burner waiting for me to find the time to dive in.  But I could never figure out where to dig my teeth in. I installed it once (just to see it and be able to say that I did) and I was left staring at a blinking cursor and the realization that it was as far as I was going to get.

The main problem was that as much of a keyboard jockey as I am, there's so much to manage in Windows that I fall back on the GUI most of the time. I just don't have the time to learn all of the command line administrative tools. (It's not entirely my fault, Windows has always had a GUI so its command line tools are not front and center they way they are in the UNIX world.)

But now, I don't need to stumble around in the dark because I stumbled on a new white paper that elucidates all of remote admin options for Server Core.  The paper is a joint project of Sander Burkouwer and Joachim Nässlander.

Server Core is now closer to coming off my back burner because I can chop hours off the learning curve. Thanks, guys!

Get the paper here.

Powdermonkey reports that the US Department of Defense has opened its arms to the idea of Open Source Software (OSS).

Having done a fair amount of consulting work for different agencies in the DoD this clarification is nice, though a tad late. To be fair, the DoD has long used OSS and even has an office to administer the policy. However the DoD is nothing if not gigantic, encapsulating agencies that are of themselves beyond enterprise in size & scope.

You can download the actual letter from the DoD CIO. As quoted by powdermonkey:

To effectively achieve its missions, the Department of Defense must develop and
update its software-based capabilities faster than ever, to anticipate new threats and respond to continuously changing requirements. The use of Open Source Software (OSS) can provide advantages in this regard.

As noted in our blog on the US Air Force setting the standard for the "Federal Desktop Core Configuration", the DoD is a market force to take note of.

It will be interesting to see what impact, if any, this announcement has. Many agencies in the US Federal Government have been focusing their acquisitions on COTS (Commercial Off-the-Shelf) products. Yet for agility in product enhancements and security threat response, the OSS has a great track record.

VMWware Fusion 3 has only been released for a few days, but I wanted to give a quick first impression. I downloaded it the day after it came out and am pleased that I did. This release, on the surface, doesn't appear to be worthy of a full major version number change, but it's still a worthwhile upgrade.

The big new features are support for Snow Leopard, Windows 7, and better Aero graphics. I was already running VMWare 2 on Snow Leopard with a Windows 7 guest (though not for very long) so I assume that this is only important if you've been experiencing problems. The Aero support, though, still seems sluggish even on one of the new 3 GHz 27-inch iMacs. It's better, definitely, but it still seems to be somewhat for show.

What I do like about it is that everything seems to work just a little better. Drag/drop and copy/paste seem to work more smoothly as does the resizing of the window. Unity, in particular, seems to be better integrated. Again, not in any astounding way, just tweaked for the better. I also like that you can now cancel an accidental resume, that's bitten me more than once in the past. The new full screen menu is a nice touch, too.

The  one problem I did have was with the VMWare tools. For some reason it was preventing me from left-clicking. I could right-click and the hover of the mouse worked correctly, but left-click did nothing. I fixed it by uninstalling the tools and reinstalling the tools, but it took me a couple of tries because the uninstall from within the Windows control panel didn't seem to actually uninstall. I had to use the uninstall option from the Virtual Machine menu in VMWare. This may be the normal way to uninstall the tools (I've never had to do it before) but it was still frustrating for a while.

All-in-all I say it's a good enough upgrade for the $40, even though it feels more like it's a 2.1 update. There are enough small things in there to add up to a better experience.

Now, if I can get enough time to play with the new Parallels 5 I can blog a comparison review, on paper it looks like a bigger update.

I've been travelling a bit more lately than I normally do and I've started to notice a new trend: Free WiFi at airports. It doesn't really surprise me, having recently read Free: The Future of a Radical Price. While it doesn't really surprise me, I'm not completely sure why they're doing it. Are competitive pressures between airports that strong? With the exception of a couple of large metropolitan airports, you never have much choice of where you're going. Perhaps it's because so few people were willing to pay that the airports just decided that it was cheaper to give it away and avoid the extra infrastructure. Maybe it's just that WiFi is so cheap it's worth the tiny PR gain. If you have an insight, please leave it in the comments.

Whatever the reason is, it's unlikely that this trend will slow down. We're only now starting to see the economies of scale that can be brought to bear in the digital world. And I for one welcome our new free overlords.

Christina Warren reports on Mashable that according to StatCounter, early adoption of Windows 7 is just under 3%. WinXP is holding at just under 50%, Vista at 37%, and Mac OSX flirting with 12%.

It appears that more users are moving from Vista to Win7 than are moving from XP, though XP did show a decline over the past two weeks. I think it highlights a huge advantage that Windows 7 had over Vista; namely it doesn't require hardware upgrades from Vista's requirements.

Over at the Train Signal Training blog, Brian Nelson has an excellent post on what lessons from Vista have been rolled into Windows 7.

Personally I would never say that I hated Vista, but I did choose to go back to XP after trying it for a few weeks. Was I being manipulated by the bad press? Possibly, but I doubt I would ever know for sure. What I do know, however, was that it just didn't "feel" right to me. The interface seemed sluggish and clunky, probably all my own perception (I know I felt that file copies were slower, even though they were demonstrably faster.) I was always of the opinion that Microsoft's missteps early in the development of Vista caused them to lose so much time that a bunch of corners had to be cut.

Well, Windows 7 feels to me like it has all of those corners filled in and the sharp edges rounded off. I clicked with it quite immediately. Again, it could have been from all the good press, but I don't think that's a complete explanation. I do believe that Windows 7 brings back a lot of goodwill that was spent on Vista, and it proves that Microsoft isn't quite as incompetent as the popular perception leads.

    Photo by Redvers

PowerShell, however, does have an equivalent. You can redirect to the built-in variable $null to get the same effect.

PS C:\> dir > $null

In addition to the $null variable you can also pipe output to the out-null cmdlet.

PS C:\> dir | out-null

This second version also has a little trick up its sleeve. Normally when running a GUI app from PowerShell, control is returned immediately to the command line and PowerShell doesn't wait for the GUI app to exit. This may not be what you want. For example, in my build scripts I have a program that generates the documentation, it's actually a GUI app that takes parameters and writes out the help files. I want my script to wait for this process to finish, so the normal behavior doesn't work for me. But, by piping the output of the GUI app to out-null then PowerShell will wait for the app to finish. You can see this yourself by running notepad.

PS C:\> notepad | out-null

My earlier post on Twitter for sys admins started the dialog. I'd like to continue.

System Administrators provide solutions. As such they need to know their craft. Challenge: The industry is in constant change. Focusing on providing services to our users often keeps us out of the loop on emerging technology.

Aliza Sherman from WebWorkerDaily posted a 15-minute per day Twitter regimen that is a good way to balance staying in touch and getting your real work done.

I highly recommend it. Among the thoughts:

• Listen, retweet (5 minutes)
• Listen, respond (5 minutes)
• Promote, with care (5 minutes)

With twitter it's not so much what you know, but what you share (and what you pass along).

Twitter will help you learn more about your job as a sys admin.

Photo by fdecomiteAs reported by Brad Abrams, Mozilla recently block-listed a highly used Microsoft WPF/ClickOnce add-on. While this may have caused some angst with some, perhaps fearing a turf-war, it turns out that this was a collaborative effort between the two companies to protect users from recent Microsoft security alert MS09-054.

Mr. Abrams references Mike Shaver, Mozilla Vice President for Engineering, who posted a blog discussing the decision to block the add-on.

Because of the difficulties some users have had entirely removing the add-on, and because of the severity of the risk it represents if not disabled, we contacted Microsoft today to indicate that we were looking to disable the extension and plugin for all users via our blocklisting mechanism. Microsoft agreed with the plan, and we put the blocklist entry live immediately.

This occurred on Oct 16. Two days later Mr. Shaver posted the following:

Microsoft has now confirmed that the Framework Assistant add-on is not a vector for this attack, and we have removed the entry from the blocklist. We are also working on a mechanism to allow Firefox users to re-enable the WPF plugin ahead of its eventual removal from the blocklist.

This type of communication (& collaboration) benefits the customers of both Microsoft and Mozilla. A problem was identified and cooler heads prevailed.

Thanks to Mr. Abrams for his post.

I'm horrible at predictions. The more that I think about something the worse my predictions become. Movies, sports, politics, even my personal life. During my wife's four pregnancies I failed to predict the gender each time.

One of my predictions made long ago (probably around '97-98) was that Microsoft would soon get into the anti-virus business. Microsoft was expanding it's core offerings with each release of Windows, be it Internet browsers or print drivers. But for some reason they were walking very gingerly around anti-virus.

When my prediction failed to come true I started wondering if Symantec and McAfee had members on the Microsoft's board. Even when some of the prolific virus' made headway (Mellisa, anyone?) Microsoft still was found in the periphery. They did make headway soon thereafter with regular patches specific to their core security, but all-in-all it became the users responsibility to purchase a 3rd party app to find any one of a gazillion viruses.

Enter MSE. Microsoft Security Essentials is working. No doubt it has the complete attention of its many competitors, as noted by The Windows Club blog.

Microsoft’s free antivirus offering, Microsoft Security Essentials downloads have crossed 2.6 million since its launch two weeks back.

And its doing well! Users of MSE are indeed very satisfied with its performance! Given this scenario, the security companies with a view to holding on to their existing users and getting new ones, have resorted to giving away free 6m/12m licenses of their paid versions.

The anti-virus community is going to watch MSE very closely. Interestingly it seems, to me at least, that AV has become a commodity. Users notice the resource requirements of daily scans more than they consider the quality of the signature base. If this is the case then MSE is in a very good position.

Still, many will be watching.

Microsoft continues to give its blessing (not to mention one year of OS support) to the idea of refurbished servers.

In the past if you purchased used or refurbished servers you had to hope that you had the necessary licenses or suck it up and purchase brand new ones. It added a layer of complexity that may have caused some to disregard using older hardware altogether.

Enter TechTurn. In 2007  Microsoft partnered with this company to fill a much needed gap in the industry. That partnership has continued to evolve and now TechTurn is legally selling Windows Server 2003 R2.

A server from TechTurn could cost 1/3 the price of the original server, and you're still getting hardware warranty and OS licenses with support. This is fantastic news  - not only to companies struggling to either start up or continue operating, but to any company looking to save capital.

Microsoft has learned a lot in the past few decades about piracy. First off, many people (and certainly most businesses) want to stay legal. But that desire doesn't withstand unending trials.

For instance, music listeners were more than happy to get their music for free against the requirement to purchase an entire album when they only cared about one song, not to mention the need to visit a brick 'n mortar and browse 1/1,000,000 of the music the world had to offer. Enter iTunes & Amazon. These companies have proven that many will still purchase when the terms are more favorable.

The ability to spend 1/3 the price for servers is simply too good to pass up. Processing power and storage are commodities. We don't need brand name. We just need solutions. And with this move Microsoft has shown, yet again, that they get the message.

Kudos to Microsoft and TechTurn for seeing and then filling a need. It's nice to see businesses getting out of the way so that their customers can pay them and move on.

Incidentally, my focus is on servers, but TechTurn fills the need on an endless number of gadgets. Check 'em out.

    Photo by Boston Public Library

What you want to look for is the Architecture type of the OS. Since a 64 bit OS cannot run on a 32 bit processor you know that if you identify the current OS type then you've accomplished your goal.

I prefer to look in WMI. One problem that you can run into is Windows versions prior to Vista. When looking at Windows XP and Windows 2003 you need to look in the Win32_ComputerSystem class. The property that I have found useful is SystemType. I extract the value from this property and apply a regular expression to extract the first three characters found. Here is a function in Visual Basic .NET that I use.

Dim OSArchitecture As Integer = 32
Dim objCS As New ManagementObjectSearcher("SELECT * FROM Win32_ComputerSystem")
For Each objMgmt As ManagementObject In objCS.Get
Dim TypeMatch As New Regex("(x64)")
Dim CSystemType As String= objMgmt("SystemType")).ToString
If TypeMatch.Match(CSystemType).Success Then
Return 64
End If
Next

For Vista or later I use the Win32_OperatingSystem class and extract the value of the OSArchitecture property. I use a regular expression to match the first two digits encountered.

Dim objOS As New ManagementObjectSearcher("SELECT * FROM Win32_OperatingSystem")
Dim OSArchMatch As New Regex("(^\d\d)")
For Each objMgmt As ManagementObject In objOS.Get
If OSArchitecture = 32 Then
Dim OSArchitectureString As String = GetWmiValue(objMgmt, "OSArchitecture").ToString
If Not OSArchitectureString = "" Then
If OSArchMatch.Match(OSArchitectureString).Success Then
OSArchitecture = AsInt(OSArchMatch.Group(0))
Return OSArchitecture
End If
End If
End If
Return 32
Next

I'm always interested in more efficient methods for extracting this type of information. If you know of other methods I can use then, by all means, let me know.