Using the Keyboard with Remote Desktop Connection
When the Remote Desktop Connection window is active, almost every key you press is passed to the remote computer. Certain key combinations, however, can be processed by the client computer, depending on the setting you make in the Keyboard section of the Local Resources tab of the Remote Desktop Connection dialog box shown in Figure 18-13 . You can specify that the key combinations shown in the first column of Table 18-1 are sent to the remote computer all the time, only when the remote desktop...
CommandLine Tools
Windows 7 includes more than two hundred built-in command-line tools . Administrators can use these tools to perform various tasks ranging from configuring networking settings to performing backups . Examples of using some of these commands are found in various places throughout this resource kit Chapter 16, Managing Disks and File Systems, contains examples of using the Wbadmin. exe command-line tool to create and manage backups on Windows 7 computers Chapter 17, Managing Devices and Services,...
Ripping CDs
Windows Media Player can copy, or rip, tracks from audio CDs and store them as files on your hard disk. The copies you make are completely unrestricted you can listen to the saved tracks on your PC, burn a collection of tracks to a custom CD, or copy those tracks to another PC or to a portable device . Before you use Windows Media Player to rip your first CD, however, it's smart to answer the following questions At what bit rate should you copy Where should your files be stored What naming...
Troubleshooting Windows Firewall Using Firewall Logs
You can enable and configure firewall logging in Windows Firewall with Advanced Security to log success and failure events for firewall activity. Firewall logging can be configured on targeted computers using Group Policy and can be configured separately for each firewall profile on the targeted computers. To configure firewall logging on targeted computers using Group Policy, right-click the Connection Security Rules node under the firewall policy node in your GPO and select Properties . Then...
Dealing with UAC Prompts
At logon, Windows creates a token that is used to identify the privilege levels of your account. Standard users get a standard token, but administrators actually get two a standard token and an administrator token . The standard token is used to open Explorer, exe the Windows shell , from which all subsequent programs are launched. Child processes inherit the token of the process that launches them so that, by default, all applications run as a standard user even when you're logged on with an...
Blocking Potentially Unsafe Downloads
How does deceptive software end up on a computer The simplest route is the most direct you click a link on a webpage or in an e-mail message that leads directly to an executable file. For example, an advertisement might make extravagant or alarming claims about a free program, perhaps even embedding the link in a pop-up window that looks like a warning dialog box generated by Windows. When an unsophisticated computer user clicks the ad, the program offers to install as an ActiveX control via an...
Using Font Smoothing to Make Text Easier on the Eyes
ClearType is a font-smoothing technology that reduces jagged edges of characters, thus easing eye strain . Although it is optimized for LCD flat panel displays, ClearType is turned on by default on all systems, regardless of display type. Microsoft believes that ClearType improves readability on both cathode-ray tube CRT and LCD displays, but if you're a CRT user you should probably try turning ClearType off to see which works better for you. You can also turn font-smoothing off altogether by...
Using Aero Themes
Aero Themes is a formal combination of desktop background, Aero glass window color, sound scheme, and screen saver. Windows 7 comes with a number of built-in Aero Themes and users can create their own by building off of them. Aero Themes can be saved, of course, and they're also portable, meaning they can be packaged up and copied from machine to machine. Microsoft expects users and third-party partners to trade and perhaps even sell Aero Themes online when Windows 7 is finalized. Also,...
Mapping a Volume to an NTFS Folder
In addition to or in place of a drive letter, you can assign one or more paths to NTFS folders to a volume. Assigning a drive path creates a mounted volume. A mounted volume appears as a folder within an NTFS-formatted volume that has a drive letter assigned to it. Besides allowing you to sidestep the limitation of 26 drive letters, mounted volumes offer these advantages You can extend storage space on an existing volume that's running low on free space . For instance, if your digital music...
New PowerCfg energy Option
The Powercfg utility has been enhanced in Windows 7 with a new command-line option -energy to enable the detection of common energy-efficiency problems. These problems can include excessive processor utilization, increased timer resolution, inefficient power policy settings, ineffective use of suspend by USB devices, and battery capacity degradation. This new Powercfg option can help IT professionals validate a system prior to deployment, provide support to users who encounter battery life or...
Some Tricks of the Trade
For the most part, using WMC is intuitive. You might need a bit more information in some areas, however, to get the most out of WMC. In this section, we look at a few of these items, such as Playing DVDs and other video files Viewing TV shows on your HDTV or projector Broadcasting TV shows to your TV or projector Burning DVDs from recorded TV Setting Parental Control ratings After setting Windows Media Center as the default DVD player, simply inserting a DVD into a DVDROM drive should result in...
Configuring Your Network for Sharing
If you plan to share folders and files with other users on your network, you need to take a few preparatory steps . If you plan to share only with others who use your computer by logging on locally, you can skip these steps . 1. Be sure that all computers use the same workgroup name. If all computers on your network use Windows 7 or Windows Vista, this step isn't absolutely necessary, although it does improve network discovery performance. However, if you have a mixed network that includes some...
Configuring Desktop Icons
A fresh, cleanly installed Windows 7 desktop as opposed to one generated by an upgrade installation includes a single lonely icon Recycle Bin. If you want other system icons, right-click the desktop, choose Personalize, and click Change Desktop Icons in the left pane The Desktop Icon Settings dialog box, shown below, provides check boxes for five system folders Computer, the root folder of your own profile User's Files , Network, Recycle Bin, and Control Panel Desktop icons Computer User's...
HomeGroup How It Works
The simplicity of setting up and using HomeGroup belies its complexity. The basic sharing mechanism uses standard sharing protocols that have been part of Windows for many years. In short, HomeGroup grants share permissions and applies an access control entry ACE to each shared object allowing access to a group called HomeUsers . A password-protected account which is required for accessing shared objects over a network connection named HomeGroupUser is a member of HomeUsers, and acts as your...
Resource Monitor Auz
Windows 7 provides Resource Monitor so that you can view processor, disk, network, and memory utilization. Open Resource Monitor in one of two primary ways Click Start, All Programs, Accessories, System Tools, and Resource Monitor. Open Task Manager, click the Performance tab, and then click Resource Monitor. In the context of troubleshooting network issues, the Network section is the most interesting section of the Resource Monitor. The Network section displays bytes per minute that each...
Changing File Type Associations
The second item on the menu shown in Figure 5-10 approaches the matter of file-to-program associations from the perspective of the file type. Figure 5-14 shows a list of file types comparable to what you would see if you clicked this menu item . The file-type list is alphabetized by extension. For each extension, the list shows a description of the file and the program that is currently set as the default application for that file type. So, for example, in Figure 5-14, we see that the extension...
Help Tag Name Help Tag Description 1
.Notes Provides a place to list information that does not fit easily into the other sections. This can be special requirements required by the function, as well as author, title, version, and other information. The notes appear in the NOTES field only in the Full help view. .Link Provides links to other Help topics and Internet sites of interest . Because these links appear in a command window, they are not direct links . There is no limit to the number of links you may provide . The links...
Device Enhancements in Windows
The device experience in Windows 7 builds upon the many improvements previously made in this area in Windows Vista. The following list summarizes some of the changes to device management implemented in Windows Vista. Many of these changes are significant for IT professionals who manage computers in enterprise environments, and later sections of this chapter explain how many of these enhancements work. Driver store Provides a central and authoritative point from which device driver files are...
Allow If Secure Rules
A third action apart from allow or block that can be configured for a firewall rule is to Allow The Connection If It Is Secure. Selecting this option causes the rule to only permit the traffic to pass if it is being protected by IPsec . By default, selecting this option requires the traffic to be both authenticated and integrity protected but does not require that the traffic be encrypted see Figure 26-6 . Note that the actual IPsec settings for allowing secure traffic must be defined using...
Capturing a Disk Image for LTI
In MDT 2010, installing a build and capturing an image is essentially an LTI deployment that ends with the Windows Deployment Wizard capturing an image of the destination computer When you create a deployment share, Deployment Workbench provides the option of prompting to capture an image the Ask If An Image Should Be Captured check box . You must enable this option, as described in the section titled Creating and Configuring a Deployment Share earlier in this chapter. Then, when you install...
Customizing the Left Side of the Start Menu
Quite apart from which programs appear in the pinned programs section at the top of the left side of the Start menu see Adding and Removing Pinned Programs on page 107 for information about customizing that aspect of the menu , you have several choices that control the menu's left side. For starters, your choices under Privacy on the Start Menu tab of Taskbar And Start Menu Properties shown earlier in Figure 4-9 determine whether Windows keeps track of recently used programs and displays them...
Additional Group Policy Settings for Folder Redirection
You can configure additional behavior for Folder Redirection by using the following Group Policy settings Use Localized Subfolder Names When Redirecting Start And My Documents You can find this setting under Computer Configuration Policies Administrative Templates System Folder Redirection and User Configuration Policies Administrative Templates System Folder Redirection it applies only to computers running Windows Vista or later versions . Administrators can use this setting to specify whether...
BitLocker Drive Encryption
BitLocker Drive Encryption is a new Windows Vista and Windows 7 feature that improves data integrity and confidentiality by encrypting entire volumes. Windows Vista must have Service Pack 1 SP1 installed to encrypted non-system volumes . BitLocker can use Trusted Platform Module TPM security hardware to wrap and seal the keys used to encrypt the system volume, helping to protect the volumes from offline attacks . Alternatively, BitLocker can use a USB flash drive to store the startup key used...
Related Information Uxg
Chapter 24, Managing Client Protection, includes information about configuring the desktop . Chapter 26, Configuring Windows Firewall and IPsec, includes information about Windows Firewall and improvements to IPsec . Chapter 27, Connecting Remote Users and Networks, includes information about setting up dial-up connections and VPNs. Chapter 28, Deploying IPv6, includes information about IPv6 . Chapter 31, Troubleshooting Network Issues, includes information about solving networking problems ....
Windows Boot Loader phase
The Windows Boot Manager starts the Windows Boot Loader phase when the user chooses to load Windows Vista or Windows 7. The Windows Boot Loader does the following 1. Loads the operating system kernel, Ntoskrnl. exe, but does not yet run it . 2. Loads the Hardware Abstraction Layer HAL , Hal. dll. This will not be used until the kernel is run 3. Loads the system registry hive System32 Config System into memory. 4. Scans the HKEY_LOCAL_MACHINE SYSTEM Services key for device drivers and loads all...
Using System Restore
The quickest way to get to System Restore is to type rstrui at a command prompt. Here are a few alternatives Open the Start menu, click All Programs, click Accessories, click System Tools, and click System Restore . On the System Protection tab of the System Properties dialog box, click System Restore In the Start menu search box, type restore and then, in the list of search results, click the System Restore shortcut under the Programs heading. Open Control Panel, type system restore in the...
GETTING TO KNOW YOUR COMPl
Most new computers today are notebook models. A notebook or laptop PC differs from a desktop PC in that all the pieces and parts are combined into a single unit that you can take with you virtually anywhere. And since all components are built-in, you don't have to worry about making sure everything is connected Connecting Ports Because not all components you plug into your system have the same type of connectors, you end up with an assortment of different jacks called ports in the computer...
Using Roaming User Profiles with Folder Redirection
If you implement both Folder Redirection and RUP, do not store redirected folders within the user's roaming profiles . Instead, store them on the network share where Folder Redirection is targeted. This reduces the size of a user's roaming profile, speeds up its download time, and improves the user's logon experience . In general, the best practice is to configure Folder Redirection first, make sure it applies successfully, and then deploy roaming user profiles . Also, users should log off all...
How to Schedule Windows Memory Diagnostics
If Windows is running, you can schedule Windows Memory Diagnostics for the next startup by following these steps 1. Click Start, type mdsched.exe, and then press Enter. 2. Choose to restart the computer and run the tool immediately or schedule the tool to run at the next restart, as shown in Figure 30-5. Check your computer for memory problems Memory problems can cause your computer to lose information or stop working. How does Windows diagnose memory problems Restart now and check for problems...
Uninstalling a Driver
There are at least three circumstances under which you might want to completely remove a device driver from your system You're no longer using the device, and you want to prevent the previously installed drivers from loading or using any resources . You've determined that the drivers available for the device are not stable enough to use on your system The currently installed driver is not working correctly, and you want to reinstall it from scratch To remove a driver permanently, open Device...
Extending a Volume
Disk Management will be happy to make an NTFS volume larger for you, provided unallocated space is available on the same or another hard disk To accomplish the expansion, right-click the volume you want to expand, and choose Extend Volume from the shortcut menu. Click Next to move past the Extend Volume wizard's welcome page . The Select Disks page, shown in Figure 25-3, appears . Figure 25-3 The Extend Volume wizard lets you extend a volume into unallocated space on the same or another hard...
Living Without DRM
We recognize that copy protection and digital rights management schemes that restrict your right to use media files are controversial. If you're philosophically opposed to the idea of restricted usage rights, you have plenty of options to download music in DRM-free formats. These days, every major music store, including the 800-pound gorilla of the industry, the iTunes Music Store, sell their wares in unrestricted MP3 or AAC files . DRM in the music industry lives on in subscription services...
Info Fyu 1
Modifies the default prefix policy table to prefer IPv4 over IPv6 when attempting connections For more information concerning the IPv6 prefix policy table, see the Cable Guy article, Source and Destination Address Selection for IPv6, at For more information concerning the IPv6 prefix policy table, see the Cable Guy article, Source and Destination Address Selection for IPv6, at For example, by setting the value of DisabledComponents to 0xFF, you can simultaneously disable IPv6 on all your...
Installing Network Wiring
When your network adapters are installed, the next step is to get your computers connected. Installing wiring can be the most difficult task of setting up a network. How you proceed depends on the type of networking adapters you have If you're using wireless adapters, of course, you don't need to worry about wiring. Lucky you. You can just skip ahead to Installing a Wireless Network, later in this chapter. If you're using phoneline networking, plug a standard modular telephone cable into each...
Running a Console in Author Mode
MMC consoles can be run in Author mode or in three varieties of User mode. Author mode gives you full access to MMC's menus and options . In User modes, elements of MMC's functionality are removed. To run a console in Author mode, right-click its file in a Windows Explorer window and choose Author from the shortcut menu. Alternatively, you can run a console in Author mode using the following command-line syntax where name is the file name of the console file. If the console mode was set to...
Working at the Command Prompt
To get to the command prompt, click Command Prompt on the System Recovery Options menu. Note that this option is available only if you provided credentials for an administrator account when you started the Windows Recovery Environment. Depending on whether you launch the Windows Recovery Environment from Advanced Boot Options or from a Windows DVD, you will land in the Windows System32 or Sources subdirectory folder of a RAM disk identified by the drive letter X. From here, you have access to...
How To Analyze Boot Logs
Boot logging lists the files that successfully and unsuccessfully processed during startup . You use boot logging to log the Windows features that are processed when you start your computer in safe mode and also in normal mode. By comparing the differences between the two logs, you can determine which features are not required to start . Windows records the name and path of each file that runs during startup in a log, WinDir Ntbtlog.txt. The log marks each file as successful Loaded Driver or...
Windows Action Center
The easiest way to get a high-level security overview of your computer's own defense-in-depth strategy is to check the Control Panel's Action Center, shown in Figure 30.1. It monitors the state of the main security components on the system Network Firewall, Windows Update, Virus Protection, Spyware and Other Unwanted Software Protection, Internet Security Settings, User Account Control, and Network Access Protection. If there are any security concerns, a yellow or red vertical bar appears...
Generating a System Health Report
To obtain a more detailed, action-oriented report of your system's current state of well-being, open Performance Information And Tools from System in Control Panel, click Windows Experience Index , and then click Advanced Tools in the left pane. On the Advanced Tools page, click Generate A System Health Report. This task requires administrative credentials . When you initiate the test, Resource And Performance Monitor opens and begins collecting data for at least 60 seconds when it ends, it...
Running Disk Management
To run Disk Management, do any of the following At a command prompt, type diskmgmt.msc . Right-click Computer and choose Manage. The Computer Management console appears. In the console tree the left pane , select Disk Management. In Control Panel, choose System And Security. Then, under the heading Administrative Tools, choose Create And Format Hard Disk Partitions . Figure 25-1 illustrates the Disk Management console . Figure 25-1 illustrates the Disk Management console . Disk Management...
Accessing RSS Feeds
RSS compatibility in Microsoft Outlook and Windows Live Mail share another SeCl t similarity they both require you to be using Internet Explorer 8 provided as Vpart of Windows 7 . That's because IE is still the ideal way to discover new feeds but now you have a choice regarding where to enjoy that content, depending on your habits you can do so in the browser, using the IE features discussed in Chapter 20, or you can use your favorite e-mail client. Any RSS feeds to which you've subscribed in...
Adding Sites to a Zone
To change the zone in which a site resides or to reconfigure the security settings associated with a zone, you use the Security tab of the Internet Options dialog box click Tools, Internet Options, and then click the Security tab , which is shown in Figure 6-16. Figure 6-16 Use this dialog box to add sites to particular zones or modify the security settings associated with a zone. Figure 6-16 Use this dialog box to add sites to particular zones or modify the security settings associated with a...
Using Disk Defragmenter
The Disk Defragmenter utility improves performance by physically rearranging files so that they're stored in contiguous clusters . In addition to consolidating files and folders, the utility also consolidates free space, making it less likely that new files will be fragmented when you save them . The Disk Defragmenter process starts according to a schedule that you can adjust. To view the current settings, click the Disk Defragmenter shortcut in the System Tools subfolder of the Accessories...
Improved Peer Networking
Windows Peer-to-Peer Networking, originally introduced with the Advanced Networking Pack for Windows XP and later included in Windows XP SP2, is an operating system platform and API in Windows Vista and Windows 7 that allow the development of peer-to-peer P2P applications that do not require a server. Windows Vista and Windows 7 include the following enhancements to Windows Peer-to-Peer Networking New, easy-to-use API APIs to access Windows Peer-to-Peer Networking capabilities such as name...
Saving Sharing and Finding Theme Settings
If you've got all the visual and aural aspects of your profile set up just the way you want them, and you want to be able to experiment further but still return to the current settings, it's time to revisit Personalization right-click the desktop and choose Personalize , shown earlier in Figure 4-12 on page 125 . At the top of the themes list, in the My Themes category, you'll see Unsaved Theme if you have made changes to whatever theme was previously in effect. To make those changes reusable,...
UAC for Standard Users
Microsoft made many changes to the operating system so that standard users could perform almost any day-to-day task. Tasks that standard users can do without receiving a UAC prompt that requires administrative privileges in Windows XP include Viewing the system clock and calendar Connecting to wired or wireless networks Connecting to virtual private networks VPNs Changing display settings and the desktop background Changing their own passwords Installing critical Windows updates Installing...
The Costs of BitLocker
Most security features require a tradeoff. The benefit to any security feature is that it reduces risk and thus reduces the cost associated with a security compromise. Most security features also have a cost purchase price, increased maintenance, or decreased user productivity. The benefit of using BitLocker is reduced risk of loss of data confidentiality in the event of a stolen hard disk. Like most security features, BitLocker has costs aside from any software or hardware costs If a PIN or...
Resource Monitor 1
IT professionals need deep insight into a computer's inner workings to efficiently troubleshoot problems . The more complex the problem is, the more detailed the information must be . For example, although Task Manager is sufficient to identify the process that is using the most processor time, IT professionals need a more powerful tool to identify which process is generating the most disk or network input output I O . To give IT professionals detailed information about resource utilization on...
Why Disabling SSID Broadcasting Doesnt Improve Security
Wireless networks broadcast an SSID that specifies the network name to help users who have not connected to the network previously find it. However, disabling the SSID broadcast does not increase security, because the tools that a malicious attacker might use to find and connect to your wireless network do not rely on SSID broadcasts. The SSID broadcast does make it easier for legitimate users to find and connect to your wireless networks. So by disabling the broadcast of the SSID, you can...
Configuring Administrator Approval
An alternative to pre-staging computers or allowing unrestricted access to Windows Deployment Services images is to require administrator approval before allowing installation. You accomplish this on the PXE Response tab of each server. You can also configure this by setting the PXE Server Initial policy when you install Windows Deployment Services, as described in the section titled Installing Windows Deployment Services earlier in this chapter. To require administrative approval for unknown...
