Windows Explorer As It Should Be

There’s no question that using Windows Explorer is way easier today than it was a decade ago.  Particularly with Windows 7, everything just seems to be right where you need it, and there are very few annoyances.  Even better for us technical folk, there are more and more helpful tools and features tucked away, just waiting for you to find them.

There is one little oddity, though, that’s remained with Windows – and indeed, pretty much every other OS out there – since the dawn of time.  Double-clicking.  Now, let’s think about this for a moment.  Clearly, a single click is far easier, faster, and friendlier.  When you’re working with files, generally you either double-click them (to open) or right-click (to bring up the context menu).  Yeah, sure, occasionally you single-click them to select, but let’s set that aside for now, because it’s a far distant third to opening and right-clicking.

Think of browsing the Internet.  Every link is a simple click.  Just because of that, it’s a far easier thing to work with.  Lots of people find Explorer very intimidating, though: left click to select, right click for a menu, click and drag to move (or sometimes copy), right-click and drag to copy (or move or create a shortcut), click and drag in a slightly different way to select files, Control + click or Shift + click to select files in other ways, double click to open, click / wait / click to rename… it goes on and on. People get confused.  Hell, I get confused.  And yeah, the power is great.  I’m not suggesting this functionality be removed.  But shouldn’t the most basic operation – a single left click – perform the obvious and usually desired action?

Well, you can make this happen.  I’m going to show you a couple of things that have been in Windows for a long, long time, but are pretty much unknown to most people.  The first goes all the way back to Windows 95 and the Active Desktop introduced by IE4.  Go into Folder Options (ALT + T, O in any Explorer window), and look what we have here:

image

That’s right… somebody in Microsoft feels the same way I do!  Select the ‘Single-click’ option, and choose to underline only when you point at icons (unless you really, really like underlined text all over the place).  Click OK, and try browsing files a bit.  You’ll notice you can now get around Explorer way faster and way easier.  Double-clicking is now a thing of the past!

Of course, there’s one flaw in this change: selecting files.  But I have you covered.  Go back to Folder Options, click the View tab, and check this out:

image

Check boxes?  Huh?

Well, it works about as you’d expect.  Every icon in Explorer will now have a checkbox.  Check to select, uncheck to deselect.  Of course, you can select the old way at the same time if you prefer.  To avoid clutter, checkboxes won’t appear unless they’re checked or until you mouse over them.  Here’s how it looks:

image

As you can see, I have the ‘temp’ and ‘wwwroot’ folders selected, and I have my mouse over ‘history’.  I can quickly and easily select a bunch of random files in a list just by clicking the checkboxes.  I can still drag-select and use all the other old tricks.  There’s even a ‘Select All’ checkbox in the column header.

This works on any view – even the giant thumbnails – and throughout all of Windows.  Even the Desktop.  Even File Open dialogs.  Whether you’re sold on single-click or not, this is very handy.  And let’s face it: once you have this, there’s no reason not to use single-click.

Changing Explorer like this will definitely take some getting used to.  After all, you’re retraining yourself on one of the most basic parts of using your computer, and changing something very fundamental that has remained unchanged for decades.  But I highly recommend you give it a try for a week or two.  Once you get used to it, you’ll never go back.

Microsoft Product Names

We all know Microsoft has a thing for dumb product names.  You need look no further than Windows for this:

  • Microsoft Windows 3: Fair enough.  Nice, simple, easy to understand.
  • Microsoft Windows 3.1: A bit technical, but hey, computers were only for geeks back then, so this is fine, too.
  • Microsoft Windows 95: Huh?  A model year?  What version is this, anyway?  Do I have to buy this every year now?
  • Microsoft Windows 98: And no Office 98?  What happened to Windows 97?  And what version is this, still 4? (Yes.)
  • Microsoft Windows 98 Second Edition: Second Edition?  Really?  Why not just ‘Windows 99’?  Is this really a completely new product?
  • Microsoft Windows 2000: Huh?  Incompatible with earlier versions?  We were just getting used to these regular, trivial updates.  So this regular, trivial name change actually implies a completely different version of Windows?  Okay.  By the way, internally, this is now Windows 5.
  • Microsoft Windows ME: Yup.  The name makes no sense at all.  Is this older?  Newer?  What does ‘ME’ mean?  Me?  Millennium Edition? And would someone explain to me just why exactly we’ve gone back to version 4?  Also, why was this piece of shit even released, now that Microsoft had the vastly superior version 5 to work with?
  • Microsoft Windows XP: Oh, good, another two random letters.  I’m assuming this is alphabetical, so XP must be newer than ME.  This is also about the time Microsoft decided to experiment with a bit of market segmentation.  Home, Professional, Media Center, Embedded, N editions… what fun!
  • Microsoft Windows Vista: Sweet, a random word!  And hey, what better random time to bump the version number up to 6!  And hell, let’s triple the number of editions we offer; this stuff is nowhere near as confusing as it could be.
  • Microsoft Windows 7: Oh, back to versions, are we?  Thank god, at least the confusion will end.  What a minute, though… there were 7 versions between 3 and 7?  Oh well, we all know computers suck at math.  The real problem, of course, is that Windows 7 is actually version 6.1.  And if you think that’s annoying now, just wait until there actually is a version 7 and it’s called Windows 9.3.

The market segmentation thing is a bit over the top, too.  For Windows 7, we’ll have:

  • Starter
  • Home Basic
  • Home Premium
  • Professional
  • Enterprise
  • Ultimate

Each of these editions is available in both x86 and x64 versions (except Starter), so now we’re up to 11 editions.  Think we’re about done?  Hah!  We also have the ‘E’ editions, which don’t include a web browser.  Don’t even get me started on that one… Oh, and we still have the ‘N’ versions, which cut out Media Player, as well.  Each of those editions is available for all of the other releases.  My math might be out, but I believe that means we’re now up to 33 editions of Windows 7 – and that’s before you start to look at language and region options, service packs, and add-ons!

And how about awkward marketing bastardizations?  Did you know there’s no such thing as Microsoft Office 2007?  In fact, it’s called “2007 Microsoft Office System”.  System?  Where’d that come from?  Word is called “Microsoft Office Word 2007”.  Even a simple mouse can’t have a simple name: “Microsoft Natural Wireless Laser Mouse 6000”.

And if you think the consumers have it tough, just try being a developer.  Then you get to deal with products like these:

  • Microosft Visual Studio® Team System 2008 Team Foundation Server with SQL Server 2005 Technology
  • Microsoft® WinFX™ Software Development Kit for Microsoft® Pre-Release Windows Operating System Code-Named "Longhorn", Beta 1 Web Setup

The IT folks are no better off:

  • Microsoft Office Live Communications Server Public Instant Messaging Connectivity
  • Microsfot Forefront Client Security Management Console with SQL Server 2005 Technology
  • Microosft Web Antimalware Subscription for Forefront Threat Management Gateway Medium Business Edition

And then we have what is perhaps the longest product name ever used by anyone for anything in the history of human civilization.  This product name is so long that by the time you get to the end of it, you can’t even remember what you read anymore:

  • Microsoft Office Communications Server Public Instant Messaging Connectivity with Yahoo Instant Messaging service and America Online (AOL) Instant Messaging Service

That’s 165 characters long!  We’re now into database-breaking territory.  I’m sure there were developers out there who said “Product.Name?  Surely 128 characters is long enough for this one!”.  Format this as a title using Microsoft Office Word 2007 and it’s five lines long.  Even the Onion couldn’t do a better job of mocking Microsoft here.

Please, Microsoft, fix this.  Fix it now.  Stick to this format:

Microsoft <Product> <Version> [<Edition>]

Let <Product> and <Edition> be one word, and let <Version> be a number.

And please, people, just because Microsoft does it does NOT mean you should do it.

Alternate Port for RDP

This is going to be short and sweet!

Often, smaller networks use RDP as their primary method of remote administration. This is really great if you are using one of Microsoft’s SBS servers because the Remote Web Workplace wizard will automatically add all clients and allow easy access through a website harnessing the power of TSWEB.

But what if you just have a few machines behind a firewall and would like to be able to RDP into all of them? The answer is simple – change the port that RDP listens on on the client OS.

RDP by default listens on 3389. I find 3390 and 3391 are always good alternate choices that are almost never used by any other applications. You can use any port you like if it is free, however.

Simply open regedit32 (this is accomplished by typing regedit on the command prompt or in the run box).

Migrate to the following key:

HKEY_LOCAL_MACHINE\ System\ CurrentControlSet\ Control\ TerminalServer\ WinStations\ RDP-Tcp\ PortNumber

image

On the Edit menu, click Modify, click Decimal, type the new port number, and
then click OK.

image

Exit out of the registry editor.

Now, go ahead and forward your firewall to pass that port through to the IP address of the client you have modified.   (Note:often routers will enable you to port forward external ports to different internal ports – this is equally effective and means that these registry changes would be unnecessary. There are many reasons for changing ports – use your best judgement)

Test it by using telnet.

For example: telnet mail.examplecompany.com:3391

You will know if it has connected if your cursor just starts blinking in a blank window and doesn’t display any error message.

Now, when you want to connect, use your RDP client and append your new port number to the address like below.

image

It’s that simple.  I know a lot of you out there will find this extraordinarily useful…and oh yeah, by the way…standard disclaimer applies when working with the registry: back it up first, we bear no responsibility in you making a mess of it.

Cheers….

Troubleshooting Windows Firewall

Firewall: The name says it all – this little piece of software (or hardware as it may be) is designed to keep your computer and the fires outside at some distance from each other.  It is an essential service, yet the eagerness of some to let the fires inside and burn their houses down is not unappreciated.

Let’s face it – firewalls can be a real pain in the butt and the one that comes with windows is sometimes nearly unbearable. I know a lot of you out there are tempted to live with this particular warning message forever…..

image

I know I certainly have, but actually the windows firewall is very easy to work with. Let’s discuss some ways that we can make this work for you.

Now first and foremost, any configuration you do to Windows firewall should be done through the firewall wizard itself. This often grabs any exceptions that are needed and most of the time will actually pre-emptively warn you when Windows firewall is blocking out something important. Don’t ignore these messages when they pop up – think about what they mean and either allow or ignore as you see fit.  This will save you a lot of time.

Now, after you have tried forwardding ports as they appeared in the wizard/notification area and have failed in making the troublesome service or application work, the second step is to enable logging on the Windows firewall. Far too many people take a non-logical approach to troubleshooting firewall issues and basically just start clicking randomly allowing and denying until their issue is magically solved. Unfortunately, they have also magically opened up numerous attack surfaces on their machine and by two am the next day an army of botnets has already been able to compromise their machine and they are inadvertently relaying thousands of Cialis ads per day…this definitely puts one in between a rock and a hard place.  The moral of the story here is simple: AVOID THE IMPULSE TO RANDOMLY DISABLE/FORWARD PORTS IN WINDOWS FIREWALL. Troubleshoot these systematically.

Here’s how to enable logging:

1. Open the Windows Firewall with Advance Security snap-in, right click on the firewall and choose properties.

image

2. Select the profile you wish to troubleshoot.

3. In the logging group, click on customize.

4. More often than not, you will be looking for dropped packets as these are the data packets that windows firewall has rejected and are probably the reason why that undocumented and proprietary software package you are trying to make work is failing. Click on yes for the dropped packets. Or, conversely, click on Yes to monitor which packets windows firewall is allowing through.

image

5. Click OK to apply the settings. As you can see above, the log files are kept in the system32\logFiles directory.

Now try to recreate the problem and see if Windows firewall is in fact the culprit. You will want to disable the logging after you are done with it though, as there is a considerable performance hit associated with this as the log only stores the last 4 KB of data.

Now there is one other tool that is often overlooked in tracking down port forwarding issues.

The simple netstat command when used with the –a and –b switches is a powerful tool in tracking down applications that require access to the machine or in the case of spyware blocked.

Netstat when used in this fashion will allow you to see what services and/or processes are listening for incoming packets.  This, combined with a tool like process explorer by Sysinternals, is extremely useful in quickly figuring out access requirements.

image

With all of these tools at your disposal, there is no reason to completely disable a firewall again nor will you be forced to just click aimlessly and randomly in the firewall configuration.

Enjoy!

Self-Healing NTFS

In the past, inconsistencies on disks could mean hours of trouble. Usually, the disk would have to be taken offline and a tool such as check disk would have to be run to correct the errors.

While check disk actually works very well at marking sectors as bad, it is slow and inconvenient. Windows engineers recognized this limitation and came up with a fairly robust solution: Self-healing NTFS.

Windows Vista, Server 2008 and Windows 7 all utilize this new feature. The process is actually very similar to how check disk itself works, but with a difference. Most disk corruption will tend to occur in one area of a file and is not generally endemic to the disk. That being the case, self-healing NTFS systems will actually detect corrupt areas on the disk, prevent access to it, and spawn a worker process that will take check-disk like corrective actions on the disk.  This greatly minimizes disruption to end users especially on a particularly busy file server.

This tool is not a black box, luckily and we can actually get in and control its behaviour.

The fsutil repair set command can be used to both view the status of the self healing feature and to set its parameters.

image 

Note, you will have to run this as an administrator to get it to function.

Some useful flags that can be set on the volume are:

 

SET_REPAIR_ENABLED – This simply enables self healing on the volume in its default state.

SET_REPAIR_WARN_ABOUT_DATA_LOSS – If the self healing option is unable to fully recover a file, it will visually warn the user about the potential data loss.

SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPTION – This option would mainly be used by system engineers trying to pin point when corruption is occurring. This flag will actually create a 0X24 stop error which will be cleared during reboot.

Should you wish to initiate a manual self-healing operation, this is available too. Simply run:

fsutil repair initiate  - to start the process and fsutil repair wait commands.  After you are done, go ahead and query the status of the volume by running

fsutil repair query <volume name>

Pretty neat stuff here. I suspect that this will be used often as an alternative to running check disk as more and more people learn about the powerful features of this tool.

Cheers…….

Running NT Backup under Windows 7

Windows 7 (and Server 2008 R2) have great new backup tools.  These improvements were sorely needed, though: the widely-used, well-known NT Backup was getting pretty long in the tooth. Unfortunately, “in with the new” always seems to imply “out with the old”, and if “the old”, in your scenario, happens to be the format in which all your precious backups are saved, “the new” becomes pretty useless pretty quick.  That’s right: NT Backup files (*.bkf files) are officially obsolete and cannot be opened with Windows 7.

What’s worse is that the Extensible Storage Manager – one of the Windows services NT Backup is built on – is no longer included with Windows 7, so it doesn’t seem too likely that simply copying ntbackup.exe from an XP machine would fix anything.

But it does!

That’s right: running ntbackup.exe under Windows 7 is entirely possible, easy to do, and generally works well – although tape drives and other odd storage devices won’t be supported.  If you have the .bkf files, though, you’re in luck.  Just find these files from the system32 folder on any Windows XP machine (or Virtual Windows XP, if you have it installed):

  • ntbackup.exe
  • ntmsapi.dll
  • vssapi.dll

Copy them on to the Windows 7 machine and then run ntbackup.exe.  You’ll get an error:

image

Just ignore it.  Now run NT Backup as usual.  Since .BKF files won’t be registered with this application, you’ll have to point NT Backup to the .BKF files yourself.  Right-click the Files tree in recovery mode and click Catalog File.  Select your backup file, and click okay.  You’ll then be able to catalog and restore your files as needed.

For the most part, NT Backup works just fine under Windows 7.  It might not be ideal to continue using NT Backup as your daily backup solution, but it’s good to know those .bkf files you have lying around are still worth something, after all.

(If you are looking for NTBackup for Server 2008 to backup your exchange store click here)

Rearm Server 2008

Today’s topic will be brief, but it is of interest lot of IT professionals out there that need to work with evaluation versions of Server 2008 for testing and self-learning.

As most of us know, when we download an evaluation version of Windows Server 2008 off of Microsoft’s site, we are given a 60 trial version that functions wholly intact.  If you have received an evaluation DVD with an MS Press book, chances are you will be granted 120 days on the first activation. But this actually isn’t the end of the road for these. They can be, as Microsoft has coined it, rearmed.

The tool you need is the Soft Licence Manager, and it can be invoked by typing in slmgr.vbs in an elevated command prompt. Using this tool, you will actually be able to rearm the activation 3 times, bringing your total evaluation period to 240 days – quite a generous allowance really. Let’s look at some of the switches.

So, slmmgr.vbs /dli

This first switch will display all of the licence information.

slmgr.vbs /ato

This switch can be used to activate windows.

slmgr.vbs /rearm

As the switch implies, this will rearm the OS allowing you another 60 days.

slmgr /ipk <product key>

This may in fact be one of the handies switches if you are switching between versions of server 2008. It can be used to replace the current product key with the new one inputted.

slmgr /xpr

Is used to find out the expiration of the current licence information.

There are also a plethora of advanced commands available, and I suggest that you check these out by running the standard /? switch to view these. Also, as with most things, all of these switches will work with Windows 7.

Enjoy your extended evaluation period!

WebDAV on Windows 7

WebDAV is a great way of accessing files over the Internet.  It’s essentially FTP, but not so archaic and fragile.  It works well through firewalls, can be encrypted, and is just generally a nice, modern, useful protocol.

I’ll show you a couple WebDAV tricks in a moment, but first, I’m going to show you how to set up WebDAV on your own Windows machine.  It’s one of the best ways of accessing files remotely – free, easy, and highly compatible.  I’ll assume you’re using Windows 7, because if you’re a tech enthusiast, there’s no reason you should be using anything else at this point.  WebDAV works under pretty much everywhere, but it’s not always this easy to set up.

So, the first thing to do is to install IIS, if you haven’t already done so.  IIS is included in all versions of Windows 7, although it’s not turned on by default.  Click Start, type “Windows features”, and click enter.  This will get you to the Windows Features dialog (which you can also access through Add/Remove Programs):

image

Turn on IIS, and make sure you select at least the following:

  • Internet Information Services
  • IIS Management Console
  • WebDAV Publishing
  • Windows Authentication

You might want to read through everything else there and make your own decisions about what you’d like to install.  If you don’t know what something is, just leave it off – it’s easy to change later.  Then, you’ll need to open port 80 on your router and firewall (assuming you want to access this server from elsewhere on the Internet).

Now, start IIS Manager.  You’ll need to configure authentication, so select Default Web Site and double-click the Authentication icon:

image

Depending on what options you chose earlier, you might have other types of authentication available here (such as basic, Kerberos, or certificate-based). I’d suggest you disable Anonymous and enable Windows authentication.

Next, go to WebDAV Authoring Rules, and click Enable on the right:

image

This turns on WebDAV for this web.  Now, you’ll need to add an authoring rule (essentially, permissions for WebDAV).  Click ‘Add Authoring Rule’ from the right, and you’ll see this:

image

The easiest thing to do here is to select all content, all users, and all permissions.  Clearly, you may want to change this to suit your requirements.

Once you click OK, your server will be running WebDAV!  This is great if you just want access to the files on your Default web site, but if you want general access to other places on your computer, you’ll want to add some virtual directories.  To do this, right-click the Default Web Site, and choose ‘Add New Virtual Directory’:

image

Type an alias and provide a path to the folder you’d like to share.  Then click OK.  Just like that, you’ve set up a ‘Share’ under WebDAV.

Now, I’ll show you a great trick for using WebDAV.  This will also let us test to see if everything is working properly.  Open a command prompt, and type something like this:

net use * http://mobile1/projects

That should map a network drive to your WebDAV folder:

image

As you can see, it’s a pretty easy way of accessing your files remotely.  You get all the rich tools of working with files straight through Windows, and since WebDAV works over simple HTTP, this will work through all but the strictest of firewalls.  As this is running through IIS, you can also take full advantage of the rich security and administration tools IIS provides – including HTTPS, if you’re worried about encrypting your transfers (while your password will be encrypted if you use Windows Authentication, the rest of your session is sent in the clear if you choose to use normal HTTP).

By the way… if you have Directory Browsing turned on, you can type that same URL into a browser, authenticate as required, and you’ll see a listing of your files that you can download directly.  This might not be as slick as WebDAV, but it’s guaranteed to work everywhere.

Here are some things you may run into trouble with:

  • You can’t use Basic authentication with HTTP.  This is a good thing: in such a scenario, your password would be sent in plain text.  Either use HTTPS or turn on Windows Authentication.
  • Don’t forget that IIS runs under an account that won’t have access to certain places (like your desktop) by default, so you may have to adjust file permissions accordingly.
  • To use WebDAV, three permission checks will all have to succeed: the WebDAV authoring rule, your IIS permission settings, and your Windows permission settings.  If you’re having trouble, start at the bottom and work your way up.  Can you access the file through IIS using a browser?  If not, you won’t be able to get at the file through WebDAV, either.

Because of the flexibility offered through IIS, you can use this for much more than simply accessing your documents remotely:

  • Let others edit a web site you’re hosting.
  • Set up a public read only ‘tools’ folder where you can easily get at common tools and documents you find yourself wishing were available on other people’s machines.
  • Create a web-accessible team folder, granting read-only access to some users and full access to others.
  • Publish web pages from within Microsoft Office!  Just choose ‘web page’ as the file type when you click Save, and save the document to a public WebDAV folder.

There’s a tremendous amount of helpful information on WebDAV under IIS 7 at http://learn.iis.net/page.aspx/357/webdav-for-iis-70/ if you want to learn more.

WebDAV: Use it, love it.  It doesn’t get much better than this, folks!


Copyright © 2010 Paul Guenette and Matthew Sleno.