Microsoft Second Shot is back again for 2010

After a very long wait (and some said it might never happen), Microsoft have reintroduced their Second Shot campaign so that you can register to take an exam and if you fail you get a second chance to do a free retake. You register with Prometric,  then they email you a code. You use this voucher code when you register online to take your chosen exam, for which you pay the normal fee (or reduced rate for students, if applicable). Last time round you could not use second shot and a discount voucher (eg one from a Self-paced training kit) since you can only put in one code. Once I actually get a breathing space to take an exam (things are pretty busy right now) I’ll update to let you know if this is still the case.

Offer details:
Dates: January 13, 2010 – June 30, 2010.

Details: You must register, obtain a voucher code, schedule, pay, and take the first and (if necessary) the retake exam before June 30, 2010.

Applicable exams: This offer applies to all Microsoft Learning IT professional, developer, project management, and Microsoft Dynamics exams, including academic exams. Visit the Learning Catalog and search for your next exam

Eligible countries and regions: This is a worldwide offer that is available at Prometric test centers only.

Note Only one Second Shot voucher is available per purchased exam.

Notice that the deadline for taking the first time and retake is the same – June 30th 2010. Previously the first exam had an earlier deadline and the retake had an extra month or so if you were taking one.

Read more about Second Shot »

Windows 7 RTM, Server 2008 R2 and IE8 group policy settings lists

Microsoft have updated their usual Group Policy settings lists following recent releases of new Windows versions. On one page you can now get 4 downloads to include pretty much all current versions of desktop and server OS, and v-1 (so Windows 7 and Vista, server 2008 and 2003 sp2).

Group policy settings for Windows Vista sp1, Windows 7, 2003 sp2 2008, 2008 R2

Group policy settings for Internet Explorer 8 are also available (on a different page).

Note that the latest files are all in Excel 2007 format so if you are not yet using Office 2007 or 2010TP you would need to install the Office compatibility pack to allow you to view these on a previous version of Office, or the Excel 2007 viewer (+ service pack 2 as well) to view them (but not be able to edit or save changes). Both of these downloads are free.

Hat tip to Jeremy Mosokowitz at

Microsoft Certified Application Specialist times five

MCAS logo I took five MCAS exams on Friday and passed them all. Some were easier than others, as always, but overall I found them a lot less stressful than when I took four on the same day to get the Microsoft Office Specialist:Master qualification.

Overall I like the way the Office exams work – the real application (minus the help!) running in the top half, and the questions at the bottom. Each question has a few tasks to complete, and you are measured on the end result, not how you got there.

This is a much better test of real-world ability to use the software than any multiple-choice questions can ever hope to be. Yes, it means that you could take a few wrong turns, and click on some irrelevant buttons before finding the thing you were looking for, but you can do that in real life too. The exam is limited to 50 minutes, so you can only afford to do this on a handful of questions, and you need to be able to make up the time on other questions by reading it once and going straight to the correct feature or function.

Read more of this post

How Vista file copy has improved with sp1

Mark Russinovich is very well known within the technical community as an authority on detailed information on the inner workings of Microsoft products. Author of several books including the Windows resource kit “Windows Internals” volume, and founder of Winternals and, he is now a Technical Fellow in the Platform and Services Division at Microsoft.

In a recent blog post, Mark explains in great detail the file copy process in Vista, why it changed radically from XP and how this impacted real and perceived performance of this basic function. He goes on to explain how some of this has been changed and remedied in Vista Service Pack 1. He makes it clear that some of the code design choices have to be compromises between making things faster in different situations, and that in most cases Vista <> Server 2008 filecopying will be faster using the chosen algorithms than they would be with different choices, or using XP or server 2003 for example.

Copying a file seems like a relatively straightforward operation: open the source file, create the destination, and then read from the source and write to the destination. In reality, however, the performance of copying files is measured along the dimensions of accurate progress indication, CPU usage, memory usage, and throughput. In general, optimizing one area causes degradation in others. Further, there is semantic information not available to copy engines that could help them make better tradeoffs. For example, if they knew that you weren’t planning on accessing the target of the copy operation they could avoid caching the file’s data in memory, but if it knew that the file was going to be immediately consumed by another application, or in the case of a file server, client systems sharing the files, it would aggressively cache the data on the destination system.

The article is also a useful working example of how Process Monitor can help you to see what your machine is really up to. On the same subject, Mark gave a great Tech Ed presentation in Barcelona with some real-world demonstrations of how to use a variety of Sysinternals tools and utilities to detect, find and fix all sorts of system issues. A video of that talk entitled “The Case of the Unexplained…Live!” can be viewed here (it’s just over an hour long).

Windows Server 2008 Group Policy settings reference

Now that Windows Server 2008 has been released to manufacture (RTM), MS have published the usual spreadsheet reference containing all the settings which are available through Group Policy for managing Server 2008, Vista and all prior versions.

Download the Group Policy Settings Reference for Server 2008 in Excel 2007 (.xlsx) or older version (.xls) format.

Interestingly, this also includes 9 settings which are only available for Windows Vista service pack 1 (which also RTM’d last week). All of these are to do with controlling security settings for terminal services (RDP) sessions, including a setting I will find particularly useful to control whether a session can be established when the server cannot be authenticated.

Read more of this post

Vista Service Pack 1 gets the green light

Vista’s much-awaited service pack 1 has had the go-ahead and is “released to manufacturing” (RTM). This means they can start pressing CD’s and get things moving through distribution channels, OEM and retail so people will soon be able to buy the product with sp1 built in (“slipstreamed”).

Read more about the release of Service Pack 1 for Vista here. The short version is that it won’t be available to actually download until mid-March

One of the benefits likely to get most press will be the changes to how Microsoft enforce their licencing through the “Windows Genuine Advantage” (WGA) programme which requires the software to be activated in order to continue using the full functionality. This has been held back from all the beta versions and will only take effect in the final released version. Paul Thurrott discusses this at his SuperSite for Windows:

First, Microsoft is disabling the two most common exploits that exist today for bypassing product activation in Vista … Pirate Windows users utilizing one of these hacks will see their systems return to the intended state–typically a grace period countdown–once SP1 is installed.

The second change is more dramatic. … If the product activation period expires, for example, Vista moves into Reduced Functionality Mode (RFM), where the user can only access the IE Web browser for 60 minutes at a time before being logged out; … Non-Genuine State (NGS), occurs when an activated copy of Vista fails a Web-based validation check, such as when you attempt to download software from the Microsoft Web site. In this case, certain features–like Windows Aero and ReadyBoost–are completely disabled, while others–like Windows Update and Windows Defender–work in limited ways only.

Beginning with SP1, RFM and NGS are a thing of the past.

Improvements to the software itself generally focus on performance and stability, but it does also improve on driver support and providing better APIs for third-party products such as anti-virus and desktop search (partly due to complaints that vendors were being “locked out” and could not develop products on an equal footing with Microsoft themselves).

One area which should be much better is the slow copying of files (even within a disk) which has plagued some systems. I will run some test copies of sets of large and small files and once I have the service pack installed I’ll post some results on how much performance gain I get.

GPMC will be removed if you install Vista Service Pack 1 (follow up post)

As I discussed in a previous post, I thought that the removal of the Group Policy Management Console from Vista when installing service pack 1 was a pretty bad idea. David Overton asked if anyone cared about GPMC being pulled out of Vista with sp1, while others claim it really is a good step for a variety of reasons, and I wanted to follow up on this.

There were various articles announcing Vista sp1, including one on the official Vista team blog which managed to say lots about all the good stuff and conveniently forget some things like the removal of the very useful GPMC, which is only mentioned in the whitepaper (and later reported on by various bloggers and journalists of varying degrees of credibility).
» Read the discussion about why GPMC should or should not be removed by Vista service pack 1 »

Use Bitlocker drive encryption for all your data volumes on Vista

Thanks to a comment by Steve Lamb on his blog, I now find out that you can already use Bitlocker to encrypt volumes other than the operating system partition, you just have to do it from the command line.

I was pleasantly surprised to learn this, and it means I don’t have to wait for sp1. »Read the rest of the article to find out how»

More bad news for Vista Service pack 1

Apart from the long wait for a service pack for Vista (over a year from initial release) and the hugely bloated size of the “stand-alone” option to apply the service pack to machines without connecting them to the internet, I just learned some bad news.

David Overton posted an article about what’s coming in the first service pack for Vista. In it he links to and quotes this BetaNews article which says:

the service pack will uninstall the Group Policy Management Console (GPMC) and GPEdit.msc will edit local Group Policy by default

Read more of this post

10 great features to use in Windows Vista – part 1

I am going to be very careful in introducing this article. This is my personal view of some features that have been included in Windows Vista and why I like them. I do not claim they are the best features. I have no opinion on whether these are better implemented than in some Linux build or Mac OS. This is simply about the things I have found added to my productivity over the last 6 months of using the RTM version of Vista Ultimate. This is the first 5 of 10 useful things which are right there, out of the box, no third party applications or tweaks required. Items 6 to 10 will follow in a second article very soon.

Note: I certainly do not think these are necessarily big enough to merit an upgrade to Vista on their own. They are probably good enough to choose to have Vista on your next machine rather than sticking to your old ways and asking for XP to be installed. In a follow-up article I may discuss more of the technical reasons why Vista is worth having (and potentially upgrading to if those factors are important to you). Today’s list is built around things the everyday user will benefit from in their daily interactions.

Read more of this post

Vista updates available for performance and compatibility

There are a couple of updates which have been released for Vista which are outside the WSUS infrastructure (or rather they don’t seem to show up as updates at the moment). KB938194 is a compatibility and reliability update and KB938979 is supposed to improve performance and reliability. Essentially the first one fixes a variety of seemingly unrelated things to do with stability and things which fail or stop completely, while the second is more about things which just take a lot longer than they should. There are 64 bit versions available as well here and here.

Windows Vista more secure after six months than XP

Some readers may have seen the report which was published by Jeff Jones three months after Vista was finally released in which he showed that the number and severity of flaws in Vista were far less of a risk than XP after an equivalent period.

He has now updated this report to show the vulnerabilities in Vista after 180 days. What is key is not only the distinctly fewer known vulnerabilities overall, but the number of disclosed holes that remain unpatched at the time of writing.

Note that the blog entry is only a summary and the only graph you get to see relates to high severity vulnerabilities. Also, it only looks at those which affect the core systems, not optional components. So, Vista looks like it is doing better than XP at this point with almost no unpatched holes, and many people will go away with that impression because visuals work well in getting messages into the brain.

The full 14 page report (pdf) is also available, in which the discussion is much more detailed (even patch by patch). It is here that it becomes clearer that while it is faring better than XP did, to me it is not doing so much better given how much hype there has been about trustworthy computing and Vista (and Longhorn / 2008) being secure by design, rewritten from the ground up to be more secure, yadayada more secure.

Windows updates for June

The advanced notification has been published for the updates which will be released on Patch Tuesday, the 12th June.

Patch Tuesday 12th June 2007 advance notification page

4 out of the 6 are critical for at least one affected system. 2 of these are critical patches for just about all operating systems. One is critical for various versions of Internet Explorer (including IE7 on Vista); the last is critical for Windows Mail (the Vista replacement for Outlook Express).

The remaining two include a moderate fix for Vista and an important fix for Visio. These would not be installed automatically with default Windows Update settings but would need the user to choose them. Of course, in a business environment the best way to roll these out is to use WSUS version 3 which is now available.

On the subject of June patches, there are some updates for SBS 2003 servers as well. These are designed to get Vista to integrate into your SBS environment as smoothly as XP does – using /connectcomputer to join the domain for example. Of course you can run Vista in an SBS 2003 environment without this, but you lose some of the rich management features by doing so.

Read the MS SBS Blog post about these updates for Vista.

Thanks to Susan Bradley, the SBS Diva for her great blog where I first spotted this (and David Overton’s follow up about half an hour after Susan!)

Updated ACL model in Vista improves on XP and 2003

There are various changes to the ACL model from XP/2003 to Windows Vista. Some are simple changes to defaults such as who has permission to create and modify files in the root of the boot volume, others are more complex regarding implicit permissions granted to the owner of an object and how this can be controlled even further.

Jesper Johansson has written an excellent and detailed Technet magazine article about Vista’s new ACL features  and how these improve security. Some of this is just “useful to know” but effectively just gets on with the job under the hood; other parts are more useful to understand in depth to leverage the new capabilities.

Read more of this post

Office 2007 group policy – error in Outlook ADM file

If you are using the Vista Group Policy console to edit GPOs for using the downloadable ADM files Office 2007, create a policy (with or without any Outlook settings) and then try to see the report of which settings are configured, you may get an error similar to this (including the bad grammar of “is in not in”):

The .adm file path\Outlk12.adm is in not in a valid format and must be replaced. Details: A value name is expected before line 2461

The fix is described in typically long-winded but easy to follow fashion in KB926537 (although that article refers to line 3304 which is a bit odd). This basically involves moving one line of the file up so that a name appears before the values to which it refers. but it is not clear why the files are still available for download with this error in them and with no reference on the download page to this bug report and simple fix.

Moving the offline files cache (CSC folder) in Vista

I have found, as many others may have, that my old partitioning scheme which worked great for XP is simply not sufficient for Vista.

A 20Gb boot partition does not go very far on my Vista Ultimate laptop, and this is made a lot worse by my habit of having loads of files synchronised to work offline, which uses up even more space on this critical C: drive.

Of course, it was possible to move the CSC folder under XP (although the caveat seems to be that you can’t put it back in the original location). Under Vista it is a slightly more long-winded process, but here is a great step-by-step procedure for moving Vista’s client-side cache by changing the appropriate registry keys and using the Windows Easy Transfer wizard (migwiz.exe) to help move the files themselves.

Owning Vista from the boot

An interesting article and interview about a proof-of-concept ‘bootkit’ which provides a means to run arbitrary code with raised privileges in Vista, despite all the protected mode security and inability to change the kernel

Vista Bootkit article on SecurityFocus

Fix Exchange 2003 to make sure OWA works for IE on Vista

Because of the way IE is implemented on Vista, you will find that the rich functionality of Outlook Web Access (OWA) no longer works as you are used to under XP.

As described in KB 911829 you may not be able to compose new or reply emails, create contacts or appointments, and other activities which are pretty essential. You can read your email, but you can do nothing else with them!

Read more of this post

Copying command-line results to the clipboard in Vista

In this month’s MCP magazine, Greg Shields wrote about using clip.exe to get command line output onto the clipboard where you can easily use it by pasting into your favourite app, such as Notepad, OneNote or Excel (if you need to parse the results down).

“Like you, I’ve struggled with the multistep process to get data from the results of a command into a text file. If you want to run the runme.bat script and capture the results, you’d launch the command and copy and paste the results into Notepad or another text editor. Or, you might pipe the results to a file using the > character. If you’re particularly skillful, you could redirect both stdout and stderr to a text file with the text string:

runme.bat 1> results.txt 2>&1

But what if you simply wanted to pipe the results to the clipboard?
Way back in the old days, the Windows NT and Windows 2000 Resource Kit had a tool called clip.exe that allowed for this. Just run:

runme.bat | clip

and use Ctrl+V to paste the results into your text file. With Windows 2003, the tool moved out of the Resource Kit and is now installed natively with the operating system. But there appeared to be nothing comparable for Windows XP, so I slowly forgot about it.
That is, until recently — when I realized that one could simply copy clip.exe from C:\Windows\Systems32 on any Windows 2003 Server to the same location on an XP workstation and rejoice for the happy return of Command Line Clippy!”

What Greg forgets to mention is that this functionality is also natively installed on Windows Vista, ready and available for easy use.

Free WiFi access for Vista users with The Cloud

Similar to the offer in the US for T-Mobile hotspots, The Cloud have signed a deal with Microsoft in the UK to give early adopters of Vista a free trial of their WiFi services.

The Cloud operate a network of over 7,500 hotspots across the UK, ranging from BT payphones to cafes and pubs. You should not have to give any payment details to sign up for a the free trial period, which finishes at the end of April 2007 Read more of this post