Turn Verify Off SBS 2003 Backup

SBS 2003 is really a great product. It is slick, extremely easy to manage, and cheap enough for any small business. One feature in particular that small business owners continue to praise is the SBS 2003 backup wizard. It is so simple to use that “anyone” can work their way through the prompts and end up with a server that is going to magically back itself up and be error free.

You see, SBS Backup goes through each backup after creating the .bkf file and verifies it. For the most part this is great, but it unfortunately starts to break down when backup sizes start approaching 300 GBs.

Recently I was dealing with a client, and their backup had hit 276 GB. It was taking over 18 hours to complete and was becoming an unmanageable nightmare. Server performance was abysmal. How was I to cope?

Well, by default, the SBS 2003 backup utility doesn’t give you the option to turn verification off. It is simply not built into the wizard. But I wasn’t willing to give up the slick reporting features of SBS and the automatically generated and emailed server performance report…so I went in search of an answer. I needed to turn verify off to speed things up!

The SBS 2003 backup utility is based on NT Backup, but unfortunately, you cannot simply go in and change the options in the launch string as you would normally. This string is actually created on the fly before each backup by a little .exe file called bkprunner, which is located in %system root%\programs files\windows small business server\backup. This file is the key to getting the verification turned off. So, here’s the deal.

Create a folder and copy this file into the folder. Do not touch this. This will be your backup should the modified file become corrupt while making changes. Then, place another copy on your desktop.

Go onto the internet and find yourself a good, free, hex editor. There are a kazillion of them out there, and they all accomplish the same task.

Now open this file in your hex editor and go to the hex address $113a. It is at this location that the word yes is coded into the file in hex and you will see the word yes in the unicode section. This is the “yes” which turns verification on.  So, all we need to do now, is simply enter the word no…so starting at this location simply enter the following HEX string.

6E 00 6F 00 20

Save the file and you are done.

Now, if you still need more performance improvements, there are lots of other switches that can be modified in this same fashion. I would recommend giving Google a go and seeing what else you come up with.

Cheers

UAC and Your Application, for VB Developers

Last time, I showed you how to adjust the application manifest to customize your application’s UAC behavior.  Well, as it turns out, there’s a slight difference in this procedure if you’re using VB instead of C#.  God forbid things work the same way between languages built on the same framework…

Anyway, if you’re using VB, you won’t see an option for adding an Application Manifest File.  Rather than trying to add this new item, here’s what you need to do:

  1. Go to your project’s properties (double-click My Project in Solution Explorer).
  2. Click on the Application tab.
  3. Click View UAC Settings.

You’ll now be looking at your application’s manifest, and you can carry on as I originally described.

Wondering where these settings are saved?  Well, they’re still in a manifest file, but you’ll have to do a bit more work to find it.  In Solution Explorer, turn on Show All Files.  Then, expand the My Project folder.  You should see a file called app.manifest there.  This file is created automatically the first time you click View UAC Settings, even if you don’t make any changes.

Managing Mail in Exchange 2007

Publicity isn’t everything. Or at least that’s what one of the greatest innovations ever to come out of the Microsoft camp has taught us.  PowerShell, by far one of the most powerful tools ever put into the computing public’s hands and the recipient of nothing but “stellar” press, seems to be nothing but a mere curiosity to most techs out there.  In fact, along with admitting that I myself rarely get a chance to jump in and use it, I do not know one single server administrator who regularly uses PowerShell in an any useful capacity whatsoever. It is a real shame!

But, this article isn’t on PowerShell itself if you will, rather it is just an introduction to one of the many uses of PowerShell which are wrapped into a tool called the Exchange Management Shell.  What a lot of people don’t realize is that the Exchange Management Shell itself is fully based on PowerShell and any of the methods called from within it, can also be accessed in almost exactly the same fashion from within PowerShell itself.

Obviously, this blog post cannot be exhaustive. But I will provide you with one very common and useful example of this utility and give you the links needed to go out and tailor this to your own unique Exchange environment. Literally, this tool opens up unlimited possibilities to managing mail and can be tailored to do anything you can dream of.

So, I know the one thing I face very often as an Exchange administrator is questions and requests about exporting mail. In the past, we might have used a tool like Exmerge to export these mailboxes – which actually worked well and was more than adequate – but there was always something that it couldn’t quite do that would have made your job easier.

Well, PowerShell and the Exchange Management Shell can now do exactly this.

So, let’s take a real life example. You want to export all of the mailboxes in exchange into some PST files that can be archived and kept for future use.

So, the simplest of commands that could be run would be as follows:

get-mailbox | Export-Mailbox -PSTFolderPath C:\PSTFiles\

 

This, as can be easily inferred from the command itself, simply exports everything as PST into the directory specified.  Now, to do more with this, simply add to the above parameters as necessary, for example you could run:

get-mailbox | Export-Mailbox –ContentKeywords “litigation” -PSTFolderPath C:\PSTFiles\

So now, we have refined the export a bit and it will only export those items that have the Keyword “litigation” somwhere within the body of the mesage.

The list of options and the ability to pipe output from one cmdlet into input in another is staggering. Mastering this tool, will definitely put you in the ranks of the top-paid excchange administrators.

Now, I think I have whetted your curiosity, so here are some links to allow you to start to master this tool.

http://technet.microsoft.com/en-us/library/aa998579.aspx – This is specific to the export command we looked at in our example.

http://technet.microsoft.com/en-us/library/aa998225.aspx – This is a general overview of all of the cmdlets available fpr the Exchange Management tools.

Now, hope you have fun with this. The more you get into it, the more fun it all becomes.

Cheers!!!

UAC and Your Application

Okay, so there’s this snarky little asshole who thinks he can tell me what to write.  “Go write a UAC Manifest article”, he says.

FINE!

There won’t be much too it, of course, which is a good thing – it’s easy to understand, easy to implement, and works as intended.  Of course, this is all assuming you’re using Visual Studio 2008.  If not: time to upgrade, chump!

So, you’ve written this wonderful little application does that wonderful little things.  You’ve tried it on XP, and it works perfectly.  Ditto for Windows 2000.  It crashes horribly on Windows ME, but that’s okay – so does everything else.  But on modern versions of Windows – Vista, 7, Server 2008 – things get weird.  Luckily, you’re a bad-ass hardcore cowboy coder who instantly knew you were running into UAC issues.  Solution: “Run as Administrator”.  Done!

But wait a minute… look at some of those fancy Microsoft programs like mmc.exe that automatically ask to run as an administrator.  How’d they do that?  Well, as a loyal Slick IT reader, you no doubt already read our article on UAC and Application Run Levels, right?  So you already know that you can configure your application to run in one of three ways:

RunAsInvoker: Runs as a standard user (unless the user has UAC turned off or chooses Run As Administrator somewhere along the line).  You’ll never get a UAC prompt.  Consider this “Never Elevate”.

RunAsHighest: Runs with the highest privileges the current user has.  For Standard users, the program will just run.  For Administrators, the program will run elevated, with a UAC prompt if needed.  Consider this “Elevate If Possible”.

RunAsAdmin: Always runs elevated.  A UAC prompt will be shown (unless the user is already elevated), and Standard users will be asked for Administrator credentials.  Consider this “Always Elevate”.

There’s actually a third option, and this is what’s used for running older programs.  If you don’t specify any of the above, Windows assumes your program doesn’t know about UAC and handles everything for you.  This includes File and Registry Virtualization.  Meaning, if your program tries to write to an area like C:\Program Files, it will appear to succeed.  In actuality, Windows virtualizes these changes under the current user’s account but keeps the actual Program Files folder unchanged.  I’ll write more on this virtualization later.

Here’s how you configure your application to use one of these run levels:

  1. From Visual Studio, choose Project, Add New Item:
    image
    Keep the default name and just click Add.
  2. Replace the blue “asInvoker” (towards the end of the file) with “requireAdministrator” or “highesetAvailable” if you really think you need to.
  3. Save, run, celebrate.

Fine, fine.  But how do you make your application elevate when the user clicks your snazzy Options button with the UAC Shield icon?  Simple: you don’t!  That is to say, your application is either elevated, or it isn’t.  This is determined before a single line of code is executed.  The only ways to get around this are to either launch a separate .exe that contains your options dialog and has “requireAdministrator” set, or restart your main .exe as an administrator.

Pain in the ass?  You bet!  Life would be so much easier if everybody just ran everything as Administrator all the time.  And while we’re at it, let’s abolish passwords, too… those can also be a pain in the ass.

Blackberry Controller Service Won’t Restart

 

So, today at work I finally came across this beast.  I had actually heard of the issue before, but had never actually come face-to-face with it and stared it in the eye. Error 5003…..

The Blackberry Controller Service, the service that is supposed to monitor and restart other failed Blackberry services, wouldn’t start no matter how many  times I tried to manually start it.  Useful, isn’t it.

Fortunately, the fix is extremely simple.  Simply go to your DNS Server service and stop it. Go to your Blackberry Controller Service and restart it and then head back to DNS and restart it. Voila….all better.

But, here’s the kicker. This issue is actually caused by a MS Patch and will resurface on every reboot. Apparently DNS will block some ports that the controller needs to function and these will always be closed upon the service restarting, so port reservations actually have to be made in the DNS Server service to prevent this.

This can be done by referencing

http://blogs.technet.com/sbs/archive/2008/07/17/some-services-may-fail-to-start-or-may-not-work-properly-after-installing-ms08-037-951746-and-951748.aspx

Simply add ports 4070 and 4071 to the reserved list and your problem is gone forever.

Now if only we could get RIM to take responsibility for its crappy coding to begin with start making software that just worked instead of the buggy amateurish shit that they force upon us now.

That’s my rant and fix for the day!

Cheers!

IE8 Slow – An addendum to tweaking IE8

As an additional item to the tweaking IE8 blog post, one tweak that has become increasingly popular on  the net involves downloading and installing a package often referred to as the DelDomains package.

While this fix likely won’t do anything for those of you with a fresh install of IE8 on Windows 7 and probably with Windows Vista, it is very likely to help people that have upgraded to IE8 on a crusty old XP box. The reason for this is simple – spyware.

Being that XP was so prone to so many types of malware, most people at one time or another installed programs such as Spybot or Adaware. These programs actually worked very well at controlling and removing spyware and part of this was through the clever use of IE7s security zones. These programs would literally add hundreds of rogue domains to the “blocked” list in IE7 effectively stopping further infection.

When upgrading to IE8, Microsoft, as it rightly should, leaves these browser specific settings alone and imports them into the new IE8 install. However, IE8 seems to deal with these entries in a different fashion than its predecessor which results in a long delay for some – especially while launching the browser. Further to this, the browser doesn’t actually need these sites listed in this fashion anymore as IE8 has an enhanced security regime, which renders this method of blocking unnecessary.

To download the tool, right click here and save the tool to your desktop. Then right click on the file to install.

This tool will delete all of the sites listed in your trusted, enhanced security configuration and restricted zones. Any trusted zones that you have set up yourself will have to be re-added.

This tool has been shown to greatly improve launch time for many.

While on the same topic….there is one tweak that likely won’t help you if your Internet Explorer is working but slow.

Some people have reported that re-registering actxprxy.dll gave their browser a speed increase. Unfortunately, there can be no truth to this.

actxprxy.dll is a file that is automatically registered during the IE8 install and without it IE8 will not even open. Re-registering an already registered file, while doing no harm, will do nothing to your system. This tweak is unfortunately not legitimate. However, if your IE8 install is not opening at all, you could try running regsvr32 actxprxy.dll from an elevated command prompt and this may fix the issue.

Anyway, hope this tip helps.

Cheers

Microsoft’s Last Chance

The last few years have been brutal for Microsoft. With ad campaigns from that other company openly slashing Microsoft in a virtual flurry of half-truths, misinformation and innuendo, and its flagship OS almost universally loathed despite its obvious technical superiority to Windows XP, Microsoft needs a win.

But Microsoft’s biggest competitor isn’t Linux, Mac or any other operating system on the verge of becoming mainstream. Nope, it is Windows XP and Microsoft needs to convince those running the 8-year-old operating that the time has finally come to replace it. In fact, an estimated 71 per cent of businesses still use XP to conduct business and a large portion of these have openly stated that they have no plans to upgrade to Vista. But, then again, why would they?

Just two weeks ago, Bill Veghte, Microsoft’s senior vp for Windows business, told enterprise class businesses that if they have just started testing Vista for deployment, they should instead switch to the Windows 7 release candidate and skip Vista entirely.

Clearly, Microsoft has started to understand the position they are in. Let’s face it – Windows Vista, with all of the negative press it received in its infancy, can never recover despite the “thousands of improvements” its service packs have provided.  Truthfully, Windows 7 isn’t so different from its predecessor architecturally, but its fit, finish, and polish, and the manner in which it is being rolled out, seems to point to it being a winner.  The addition of Windows XP virtual mode is a nice addition too, just to bring those sitting on the fence onboard.

Should Windows 7 not workout for Microsoft, their future would appear to be fairly bleak. One has to ask the question – where are those 71 per cent of businesses to go? No Vista? No Windows 7? No additional revenue from Windows XP??

Unfortuantely, no one has the answer here, but with the increasing strength of companies like Google and their cloud computing initiatives, aggressive advertising by Mac, and the aura of strength radiating out of the Ubuntu camp….I would say Microsoft only has one last go at the game!

UAC – Configuring Run Levels

 

As promised, here is the second and what I hope to be the most useful part of my series on UAC. A lot of this control is in fact on the development end of the application and good programming techniques actually help eliminate the need for UAC to even prompt for elevation. But, there are, of course, a certain number of operations that will need to be elevated no matter how well they are written. The following should help[ you manage these.

Applications running with an administrator access token will run in elevated mode by default, but often you will want to run an application with a standard user token in elevated mode. One of the most common uses of this would be to run and/or test scripts in a command prompt window.

To do this only once, simply right click on the programs shortcut icon or on the executable directly and select run as administrator.  You will be prompted for consent before continuing. As mentioned, this is a one time deal and windows will not remember this action.

image

Should you need an application to always run with administrator privileges, Server 2008 also allows users to mark a program to always run as an administrator.  To do this, simply right click on the program, choose properties, select the compatibility tab and under the privilege level section select “Run this program as an administrator.”  You will find that this is extremely useful for legacy applications that need administrative privileges to run and is also a good place to start troubleshooting when trying to figure out why legacy programs aren’t behaving properly in the Windows Server 2008 environment.

image

 

Anyway, these little tips help those of you just embarking on the Windows 7, Server 2008, and Windows Vista experience.

I believe Paul is planning on writing a blog post on creating UAC application manifests, so stay tuned for that.

UAC and Application Run Levels

Whelp, here I again find myself having to apologize for the lack of updates on the site recently. Unfortunately, last week I actually broke my ankle and really broke it good. Generally, one should try and stay out of the path of deer jumping onto the road when riding a motorcycle, but I unfortunately decided to occupy the same space in time and place as Bambi  and am now hobbling around on crutches. Anyway, I am fine now and ready to start knocking some updates out for everyone!

With Windows Vista, Windows Server 2008, and now Windows 7 we have seen the introduction of User Access Control (UAC). While this may be the source of a lot of disdain, causing some people to even go so far as outright shutting it off, its importance in the new Windows security regime and architecture cannot be understated. Frankly, shutting it off is silly and will greatly reduce the ability off the OS to fend off malware, spyware,  viruses and worms.  

The whole concept, however, has been muddled by misinformation and is widely misunderstood leaving users completely bewildered when programs mysteriously refuse to work and produce cryptic error messages. For administrators of the `New`OSes (hereinafter referred to collectively as Server 2008,) a thorough understanding of this system is absolutely crucial to keep everything up and running.

In legacy versions of windows, all security functions were encompassed by the user groups themselves and access levels were determined by membership in these groups. Should a person want to slightly reduce administrative authority, the Power Users group was often chosen for this purpose.  In Server 2008, the use of this group is completely unnecessary and it is only kept around for maintaining legacy application compatibility.

Server 2008 is a very different animal. Now, at least in Server 2008 compliant applications, the application manifest itself will define the applications access privileges as RunAsInvoker, RunAsHighest, and RunAsAdmin.

RunAsInvoker: This level results in the application running with the same privileges as the user.  In fact, any user can run the application, but no matter what group they belong to, even if they are in the Administrators group, the program will only run with a standard access token. This concept becomes really important when you get into the windows integrity levels as this fact can cause a program not to function as intended even if run by an administrator. In fact, the only way to get programs that are of the RunAsInvoker type to run as an administrator is to get the parent process running the program to have and administrator access token. This generally means opening up a right clicking on and opening a command prompt window as an administrator. I have heard many people proclaim, when they are told this little fact, that they are “already an administrator” and have watched them click and run a program endlessly without success until they actually run it in an elevated command prompt at which point it magically works.

RunAsHighest: As the name suggests, this runs the application with the highest privileges of the user. Boith standard users and administrators alike, may run the program, but certain program features may not be available based on access privileges. For example, members of the Backup Operators group will be granted fewer rights that an Administrator. Obviously, those who are part of the administrators group will run the program with a full access token.

RunAsAdmin: Only administrators can run programs that have been defined in their manifest as RunAsAdmin type. However, if users can provide Administrator credentials to allow the program to be elevated, or if the program is started from a previously elevated process such as the command prompt it will still run.  This type of program will always run with and Administrator access token.

As well as these run levels, Windows Server 2008 also protects application processes by using integrity levels. All processes in the OS are assigned an integrity level and process with a lower integrity are not allowed to modify those of higher integrity. Internet Explorer, for example, is assigned a fairly low integrity level making it a lot more difficult for it to compromise the OS. As well, the OS will identify the publisher of any program that tried to RunAsAdmin and the OS will flag the potential risk using Red and Yellow colour codes.  Red indicates that the program is from a blocked publisher and there is very likely danger associated with the install.  Yellow signifies “unknown” and Blue/Green are for administrative elevation for server maintenance.

A lot of people ask me how UAC stops malware from entering a system. They seem to feel that malware can easily circumvent this feature. While it is entirely possible that there are ways around it, all of the newer OSes that have UAC are much more difficult to penetrate.  The elevation prompt itself cannot be spoofed and Windows has some very sophisticated algorithms in place to detect any kind of software install in process, which would then trip the UAC elevation prompt. Only Windows Core services is able to bring the elevation prompt up -which, as I have stated, makes it extremely difficult to get around.  UAC is a good thing and I hope that after reading this you will agree.

For all of you developers out there, here is a good little power point on UAC from Microsoft and it outlines some of the design considerations in making a nice UAC compliant app. Give it a whirl, it is obviously in much greater detail than what I have here and an interesting read.

User Account Control- How to Make a Good UAC Application

Next post, I will go over some easy ways of controlling the run levels for all of you server admins out there, and little tricks that can make your life easier.  I hope that all of you are now migrating back into your OS and re-enabling UAC now……

Cheers……

Windows 7 Virtual PC Management

Last time, I wrote a walkthrough of installing Virtual PC and XP Mode under the Windows 7 RC.  If all you want to do is get XPM up and running, and maybe play with one or two basic VMs, you should be away to the races.  But if you’re a more advanced user, you’re going to have a hell of a time finding certain basic settings and functionality.  I’m going to show you where you can find most of these settings.

First, it’s important to understand the general architecture of the new Virtual PC.  Before, it was pretty simple.  You started Virtual PC, which gave you a small window with a list of registered Virtual PCs.  It included controls to create, edit, and manage virtual PCs, as well as access to general program options and virtual disk tools.  Each running VM had its own window.  Simple.

Under Windows 7, things have been completely revamped.  I’m guessing this was done to make virtualization feel like part of the OS rather than a stand-alone program.  Unfortunately, it has had the effect of taking a nice, simple, centralized virtualization solution and scattering it all over the place.  Now, each VM runs in its own process, and there are additional stand-alone applications for performing various management tasks.  And to tie everything together, there’s shell integration – although this is currently woefully inadequate.  So, to get you started with this new architecture, I’m going to describe how it all fits together, and then I’m going to show you a few commands to help you find some of the features you might be missing.

The ‘core’ of Virtual PC under Windows 7 from a UI perspective is the Virtual Machines folder.  This will be found under your home folder (such as C:\Users\<Username>\Virtual Machines), and you should see a link to it on your Start Menu.  Consider this a replacement for the Virtual PC Console of days gone by.  You’ll see an entry for each known VM, and although it’s a standard Windows Explorer folder, you’ll see details on the machine’s status, memory, disk, and so on:

image

  Right-clicking an entry exposes a ‘Settings’ command which lets you configure the VM:

image

What’s actually happening here?  Well, the Virtual Machines folder is a list of .vmcx files, which are actually just shortcuts to .vmc files.  These .vmc files haven’t changed; they still contain the definition and settings of the VM in question.  By default, Windows 7 places the .vmc files under the hidden AppData folder, but they can be anywhere.  In fact, if you open a .vmc file you have saved elsewhere, Windows will automatically create the .vmcx shortcut under the Virtual Machines folder for you.  Deleting an entry from this window will NOT remove the VM, just like deleting a shortcut to a file won’t delete the target file itself.

VMWindow.exe: So, if the Virtual Machines folder is just a list of shortcuts displayed in Explorer, what happens when you start a VM?  Actually, this is simple.  Under Windows 7, .vmc (and .vmcx) files are associated with a program called VMWindow.exe, just like .txt files are associated with Notepad.exe.  This is the process that the VM actually runs under.  Technically, there’s a bit more wizardry going on here, involving services and the vpc.exe process, but let’s ignore that for now, it’s not really relevent for management purposes.

VPCSettings.exe: What about editing the settings of a VM?  Well, that’s what this standalone application does.  Each time you edit a VM’s settings (by right-clicking it under Virtual Machines and choosing Settings), this application is launched.  Of course, you can still just edit the XML of the .vmc file if you really know what you’re doing.

VPCWizard.exe: Finally, there’s this little application, used for creating new VMs, as well as managing disks of existing VMs.  When you click “Create virtual machine” on the Virtual Machines toolbar, this is what’s launched.  It’s also used when you click Create or Modify under the Hard Disk portion of a VM’s Settings window.

VMCPropertyHandler.dll: Here’s another file you should be aware of.  This isn’t a standalone executable, but it is responsible for some magic, including making Explorer understand details like Machine Status and Memory for .vmcx files.  It also handles the launching of seamless applications, as we’ll soon see.

So, how can you use all this?  Well, here are some tricks:

To do this: Run this command:
Launch an existing VM VMWindow.exe –file <vpcfile>
Open the Virtual Machines folder VMWindow.exe
Edit a VM’s settings VPCSettings.exe <vpcfile>
Start the wizard for creating new VMs VPCWizard.exe
Edit an existing .VHD hard drive image VPCWizard.exe /type evhd /filepath <vhdfile>
Create a new .VHD image VPCWizard.exe /type vhd

There’s one other trick you might want to play with: launching seamless applications.  However, I don’t really recommend you do this any way than through the built-in UI; it’s just too complicated and fragile.  But, to launch a seamless application, you just need to call the LaunchVMSal function of VMCPropertyHandler.dll.  You can do this through rundll32.exe.  For example, here’s the command used to start IE6 in seamless mode on the Windows 7 desktop as shown in my earlier post:

rundll32.exe VMCPropertyHandler.dll,LaunchVMSal "Virtual Windows XP" "||c0a9b641" "Internet Explorer"

If it breaks, don’t say I didn’t warn you.  If anyone knows what the weird hex code is for, please let me know.

So, hopefully this helps you understand how the new Virtual PC works a bit better.  Clearly, Microsoft has a lot of work to do before this product is ready for launch, but I must say, I do like the direction they’re taking.

UPDATE: It looks like the ‘weird hex code’ I mentioned actually corresponds to a key under HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\TsAppAllowList.  Virutal Windows XP uses Remove Desktop Services to expose XP applications to Windows 7, which means there’s a fully-documented API (and a WMI provider) if you want more details.  Thank you, anonymous tipster!

Installing Virtual PC and XP Mode in Windows 7 RC

The Windows 7 RC is a great release – and for once, the release candidate moniker is accurate.  It’s stable, compatible, fast, and polished enough that it could be released as the final version.  It could be, but it won’t: Microsoft will let everyone from royalty OEMs to nerds in basements play with it and see how it works, so that one last round of polishing and bug fixes can be applied.

Virtual PC, on the other hand, is a beta.  Again, the moniker is appropriate: it’s a work in progress.  It’s far enough along that you can sort of see how it’s supposed to work, but it’s a long way from done.  I really hope Microsoft realizes this and takes the time to get it right, but they’ll be under enormous pressure to ship this along with Windows 7.  So, I thought I’d share my experiences and drop a few hints on dealing with changes and finding lost functionality.  Today, I’ll talk about the installation and how to get started using it as Microsoft intended.

First, let me be clear: This version of Virtual PC is for Windows 7 RC only.  Don’t try it on XP, or Vista.  Don’t try it on the Windows 7 beta or other leaked builds.  There are enough issues using it with the platform it’s intended; whether you succeed or not, you’ll just be wasting your time.

Second, make sure your system will support this new version.  In particular, your CPU must support virtualization, and not all do – not even all Core 2 Duos.  You’ll need either Intel VT or AMD-V available and turned on.  Also understand that installing this new version will replace Virtual PC 2007, and you may not be able to go back.  Finally, review the new and missing features here – you may choose to skip this beta for now.

What’s changed since Virtual PC 2007:

  • Emulated video is gone.  Video is now supported through an RDP display device.  This brings benefits as well as problems.  Performance isn’t as good, but it’s still beta.  Most users won’t even notice this change, but it does matter.
  • Support for non-Microsoft operating systems probably isn’t as good as VPC2007, although this is a mixed bag.
  • USB support has been added – and very well, too.
  • The management UI is very lacking.  Very lacking.
  • Applications in the VM can be launched seamlessly onto the host’s desktop.
  • For XP and Vista guests, the boot process can be reduced to a simple progress bar rather than a large flickering window.  Boot seems somewhat faster.
  • Drag and drop between the host and the guest has disappeared.
  • No more Host key support.

So, assuming you have Windows 7 RC up and running, the first thing to do is to download and install the Virtual PC package from http://www.microsoft.com/windows/virtual-pc/download.aspx. There are x86 and x64 versions available, and the download is around 5 MB, and the install is quick and easy.

If you don’t care about Virtual Windows XP (also known as Windows XP Mode, or XPM), you’re done.  You can now launch your saved VPCs and get down to work.  But unless you’re really tight on hard drive space, I really recommend you install Virtual Windows XP.  If nothing else, it’s certainly the easiest way of getting an XP VM set up.

You can download XPM from the same URL, but be prepared: it’s about 450 MB.  Why?  Well, you’re actually downloading a full install of Windows XP SP3.  There are two parts to setup: installing the XPM files, and setting up the XPM virtual machine.  The first part is dead simple (if not particularly fast): just run the file you downloaded.  The second part is a bit more complicated, but if you consider that you’re actually performing a full install of Windows XP, you’ll be amazed at how streamlined it actually is.

Accept the license terms:

image

Specify a new logon password (saving credentials here is highly recommended; it will make your life much easier when it comes to launching programs under XPM):

image

Choose whether or not you want Automatic Updates to run (remember, this is a full installation of XP, with all that goes with that):

image

XPM will then perform some magic, which might take a while:

image

When it’s done, you’ll be at your XP desktop:

image

If you’ve used Virtual PC before, you’ll be right at home.  If not, just think of this window as a monitor for a completely separate computer running Windows XP.  You use the same keyboard and mouse, of course, and most hardware resources are shared as well.  The hard drive of this virtual computer is really just a file on the real computer.

You’ll notice a couple improvements from the last version here.  The toolbar has changed a bit, and now includes a USB menu.  This is used for attaching and sharing USB devices with the VM – a huge new feature!  You can also change the machine’s settings and shut it down or restart it from this menu.  Finally, there’s a (somewhat) improved full screen mode that includes a title bar similar to Remote Desktop.

WARNING: Don’t unpin this title bar when using full screen mode.  It doesn’t seem to re-appear once it auto-hides.  You’ll be stuck!  If I’ve missed something here, or if you have figured out how to fix this, please let me know.

Here’s the beauty of this XP Mode thing, though: seamless mode.  Any program that you install to the All Users Start Menu will also appear in the host’s Start Menu.  By default, none of the built-in Windows XP programs are included here – and why would they be, since they’re already in Windows 7, too – but if you specifically add an icon, it works.  Here, I’ve added a shortcut for IE by dragging the icon from the desktop:

 image

As you can see, IE now appears on the Windows 7 Start Menu:

image

Let’s close the XPM window – you can’t launch seamless applications when the VM is running in its own window.  When you close the window, the VM will enter hibernation:

image

Now, let’s launch this XP version of IE from the Windows 7 Start Menu.  You might see this window:

image

To avoid this, always log off before closing the VM.  Since we don’t have anything we need to save, though, let’s just click on Open Virtual Application.  And behold:

 image

IE6 is running, under Windows XP SP3, in its own window on the Windows 7 desktop!  Now THAT is cool.

To manage your virtual machines, you’ll find an item in your Start Menu called Virtual Machines:

image

The absolute basics can be done here – viewing your VMs, editing their configuration (right-click a VM and choose Settings), or adding a new VM (click “Create virtual machine” from the toolbar).  In the days to come, I’ll write on how to manage things in a bit more depth, and how this stuff all works under the hood.

I have a long, long list of complaints about this new version.  Rather than beak off right now, though, I’ll acknowledge that this is still a beta, focus on the improvements (there are many), and pray to Odin that Microsoft fixes all the outstanding issues and - let’s be frank – gaping holes in this new release before RTM.

Tweaking IE8

With all of the fuss surrounding the recent release of IE8, I have decided that going over some of the great new technical tools available for diagnosing performance issues and tweaking the browser itself would be a good idea.

Historically, Microsoft has kind of left both end-users and developers alike fending for themselves when it came to diagnosing performance related issues within the IE framework. There was very little offered in terms of managing the browser and getting information from it. A lot of fixes came from a “gut feeling” and from the IT community’s own empirical testing.

IE8, has greatly changed that. Managing add-ons, monitoring their performance and disabling crapware is a simple process that has eliminated a lot of the guesswork.

By simply clicking on the TOOLS menu and then on the Manage Add-ONS, one can get a very accurate overview of how these are affecting the overall browsing experience. There are a plethora of columns that can be added and all of these display information that may be of use for us technically curious folk.

Ostensibly, the column that would be of particular interest to most of our readership is the LOAD TIME column. I really have to give Microsoft a standing ovation for this – we have been waiting for something that gives us this kind of performance metric for a long time and now we have it. YAAAAAY

This is all great…but, as you can see from the picture, not all load times are posted. I am not actually certain of why that is, but when I have an answer for that I will append it to the end of the blog. Unfortunately, a couple of the add-ons that I am most leery of, do not have load times posted as well…but I am going to go out on a bit of a limb here. My own tests, and some of the evidence I have ran across on other forums, suggests that the Microsoft’s own Research add-on is responsible for some slowness – especially on older machines.

I am going to go ahead and suggest that our readership disable these and hopefully this will put pressure on the MS Office team to follow the IE8 development teams recommendations for building robust and speedy add-ons. I realize that a lot of you reading this are developers and may actually find this of great interest. Here’s a link to it: http://blogs.msdn.com/ie/archive/2008/04/04/designing-for-add-on-performance.aspx

Also, since we are on the topic of developers, IE8 also has a great new feature for you. Simply pushing F12 will bring up the developer tools menu, which instantly displays a huge amount of information about the current rendered page. There is no need to open a separate window anymore.

Pretty spiffy, I would say.

Also, for those of you who are deploying IE8 in a larger setting, or for those that just want to play, the IE8 team has also provided an administration pack that allows you to easily tweak and customize the browser for deployment. This toolkit is available here: http://technet.microsoft.com/de-de/ie/cc889349(en-us).aspx

Anyway, this post is by no means exhaustive on any aspect of the browser, but I hope I have piqued your curiosity enough to dive into the menus and see what new features lie within. Overall, Microsoft finally appears to be on the right track with the browser – at least in terms of usability.


Copyright © 2010 Paul Guenette and Matthew Sleno.