Free e-book: Windows 7 troubleshooting tips

Originally found on the Microsoft Press blog…

Free e-book: Windows 7 troubleshooting tips

Mitch Tulloch, a Microsoft Most Valuable Professional and lead author of the just-published (and hot-selling) Windows 7 Resource Kit (Microsoft Press, 2010; ISBN: 9780735627000; 1760 pages), has created a short e-book called “What You Can Do Before You Call Tech Support.” Here are the opening paragraphs:

Your sound card has stopped working, your computer seems sluggish, the network is down, your hard drive is clicking, you can’t view a website, your monitor is hard to read, your new webcam isn’t working, your favorite program won’t run, and a funny burning smell is coming from your computer. What can you do on your own to try to troubleshoot the issue before you pick up the phone to call tech support?

If you’re running Windows 7, quite a lot. Microsoft has included a lot of self-support tools in Windows 7 that you can try using before you seek the help of others, and we’ll examine these in a moment. Then there are the tools you were born with—your five senses (see, hear, smell, taste, touch) and most importantly your brain. And by brain I’m including your memory, experience, and capacity for logical reasoning. Finally, there is ancient and sacred lore passed on in secret from Master to Disciple over the millennia. We’ll see shortly how your brain, your senses, and the secrets of the Wise Ones can be very helpful for troubleshooting computer problems. But first let’s look at what troubleshooting tools are built into Windows 7.

You can download the e-book in XPS format here and in PDF format here. Enjoy!

How UAC Actually Works

This post has had a few false starts.  It’s a tough topic to cover, as it’s a very controversial subject for most people still.  Hopefully we can enlighten some people along the way.

From a high level perspective, the UAC was developed to protect the user without necessarily removing administrative privileges.  Any change to the system required a second validation.  On older versions of Windows, an application running with administrative credentials could change any setting on the box.  Viruses and malware became rampant because of this openness, given that the average user had administrative credentials.  Most average users balked at the idea of having a limited user account, so Microsoft came up with an alternative for the new OS, Vista – a second form of validation.  You told the computer you wanted to make a change, it asked “are you sure?” 

Logically it makes sense.  Consider an instance where a devious application wanted to change some setting, and because Windows wanted to verify it’s ok to make this change it asked “are you sure?”  If you responded no, the change didn’t happen.  Simple enough.  However, here we start running into issues.  There are three perspectives to look at. 

First, the end user.  Simple changes to basic settings required validation.  This annoyed most of them, if not all of them.  They didn’t care why it was asking, they just wanted to delete shortcuts from their start menu.  Their reaction: turn off UAC.  Bad idea, but security loses when it comes to usability in the case of the end user.

Second, the irate IT Pro/Developer.  Most people working in IT make changes to system settings constantly.  Given that, the UAC would be seen many times in a day and it would, for lack of a better word, piss that person off.  They didn’t care what security it provided, it was a “stupid-useless-design” that shouldn’t have been created.  Their reaction: turn off UAC.  Once again security loses when it comes to usability.

Third, the knowledgeable IT Pro/Developer.  Not a lot of people fell into this category.  However, these tended to be the same type of people who fit into the Lazy Admin category as well.  When managed properly UAC wasn’t all that annoying because it wasn’t seen all that often.  Set-it-and-forget-it and you don’t ever see the prompt.  If you created the system image properly, you don’t have to constantly keep changing settings.  It’s a simple enough idea.

But…

Application compatibility is a pain.  Most applications didn’t understand the UAC, so they weren’t running with a validation and generally broke when they tried to do things they really shouldn’t be doing in the first place.  These are things like manipulating registry keys that don’t belong to them, writing to system folders, reading data from low-level system API’s etc.  This was reason #1 for disabling UAC.

And now…

With the general availability of Windows 7 in about 2.5 hours from now, it seems like a good time to discuss certain changes to UAC in the latest version of Windows.  The biggest of course being when Windows decides to check for validation.

Windows 7 introduces two new levels of the UAC.  In Vista there was Validate Everything or Off.  Windows 7 added “Do Not Notify Me When I Make Changes to Windows Settings”.  This comes into effect when the user makes a change to a Windows setting like display resolution.  Windows is smart enough to realize it’s the user making the change, and allows it.  It’s second additional level is the same as the first, except it doesn’t hide the desktop.

Now we get into some fun questions. 

  • How does Window’s know to not show the prompt?  It’s fairly straightforward.  All Window’s executables that were released as part of the OS are signed with a certificate.  All executables signed with this certificate are allowed to run if user started.  This is only true for Window’s settings though.  You cannot implement this with 3rd party applications.  There is no auto-allow list.
  • How does Window’s know it’s a user starting the application?  Lots of applications can mimic mouse movements or keyboard commands, but they occur at a higher application level than an actual mouse move.  Input devices like mice and keyboards have an extremely low level driver, and only commands coming from these drivers are interpreted as user input.  You cannot spoof these commands.
  • Can you spoof mouse/keyboard input to accept the UAC request?  No.  The UAC prompt is created in a separate Windows desktop.  Other well known desktops include the Locked screen, login screen, and the Cardspace admin application.  No application can cross these desktops, so an application running in your personal desktop cannot push commands into the UAC desktop.

Mark Russinovich has an excellent article in TechNet Magazine that goes into more detail about changes to the UAC.  Hopefully this post at least covered all sides of the UAC debate.

Ultimate Windows 7 Keyboard Shortcuts List

Got this list in an email earlier today.  Not sure the original source, as it was a copy/paste job, but holy crap what a list.  If someone can point out where it originated I will attribute it as necessary.

Ease of Access keyboard shortcuts

  • Right Shift for eight seconds: Turn Filter Keys on and off
  • Left Alt + Left Shift + PrtScn (or PrtScn): Turn High Contrast on or off
  • Left Alt + Left Shift + Num Lock: Turn Mouse Keys on or off
  • Shift five times: Turn Sticky Keys on or off
  • Num Lock for five seconds: Turn Toggle Keys on or off
  • Windows logo key + U: Open the Ease of Access Center

General keyboard shortcuts

  • F1: Display Help
  • Ctrl + C (or Ctrl + Insert): Copy the selected item
  • Ctrl + X: Cut the selected item
  • Ctrl + V (or Shift + Insert): Paste the selected item
  • Ctrl + Z: Undo an action
  • Ctrl + Y: Redo an action
  • Delete (or Ctrl + D): Delete the selected item and move it to the Recycle Bin
  • Shift + Delete: Delete the selected item without moving it to the Recycle Bin first
  • F2: Rename the selected item
  • Ctrl + Right Arrow: Move the cursor to the beginning of the next word
  • Ctrl + Left Arrow: Move the cursor to the beginning of the previous word
  • Ctrl + Down Arrow: Move the cursor to the beginning of the next paragraph
  • Ctrl + Up Arrow: Move the cursor to the beginning of the previous paragraph
  • Ctrl + Shift with an arrow key: Select a block of text
  • Shift + any arrow key: Select more than one item in a window or on the desktop, or select text within a document
  • Ctrl + any arrow key + Spacebar: Select multiple individual items in a window or on the desktop
  • Ctrl + A: Select all items in a document or window
  • F3: Search for a file or folder
  • Alt + Enter: Display properties for the selected item
  • Alt + F4: Close the active item, or exit the active program
  • Alt + Spacebar: Open the shortcut menu for the active window
  • Ctrl + F4: Close the active document (in programs that allow you to have multiple documents open simultaneously)
  • Alt + Tab: Switch between open items
  • Ctrl + Alt + Tab: Use the arrow keys to switch between open items
  • Ctrl + Mouse scroll wheel: Change the size of icons on the desktop
  • Windows logo key + Tab: Cycle through programs on the taskbar by using Aero Flip 3-D
  • Ctrl+ Windows logo key + Tab: Use the arrow keys to cycle through programs on the taskbar by using Aero Flip 3-D
  • Alt + Esc: Cycle through items in the order in which they were opened
  • F6: Cycle through screen elements in a window or on the desktop
  • F4: Display the address bar list in Windows Explorer
  • Shift + F10: Display the shortcut menu for the selected item
  • Ctrl + Esc: Open the Start menu
  • Alt + underlined letter: Display the corresponding menu
  • Alt + underlined letter: Perform the menu command (or other underlined command)
  • F10: Activate the menu bar in the active program
  • Right Arrow: Open the next menu to the right, or open a submenu
  • Left Arrow: Open the next menu to the left, or close a submenu
  • F5 (or Ctrl + R): Refresh the active window
  • Alt + Up Arrow: View the folder one level up in Windows Explorer
  • Esc: Cancel the current task
  • Ctrl + Shift + Esc: Open Task Manager
  • Shift when you insert a CD: Prevent the CD from automatically playing
  • Left Alt + Shift: Switch the input language when multiple input languages are enabled
  • Ctrl + ShiftL: Switch the keyboard layout when multiple keyboard layouts are enabled
  • Right or Left Ctrl + Shift: Change the reading direction of text in right-to-left reading languages

Dialog box keyboard shortcuts

  • Ctrl + Tab: Move forward through tabs
  • Ctrl + Shift + Tab: Move back through tabs
  • Tab: Move forward through options
  • Shift + Tab: Move back through options
  • Alt + underlined letter: Perform the command (or select the option) that goes with that letter
  • Enter: Replaces clicking the mouse for many selected commands
  • Spacebar: Select or clear the check box if the active option is a check box
  • Arrow keys: Select a button if the active option is a group of option buttons
  • F1: Display Help
  • F4: Display the items in the active list
  • Backspace: Open a folder one level up if a folder is selected in the Save As or Open dialog box

Windows logo key keyboard shortcuts

  • Windows logo key: Open or close the Start menu.
  • Windows logo key + Pause: Display the System Properties dialog box.
  • Windows logo key + D: Display the desktop.
  • Windows logo key + M: Minimize all windows.
  • Windows logo key + Shift + M: Restore minimized windows to the desktop.
  • Windows logo key + E: Open Computer.
  • Windows logo key + F: Search for a file or folder.
  • Ctrl + Windows logo key + F: Search for computers (if you’re on a network).
  • Windows logo key + L: Lock your computer or switch users.
  • Windows logo key + R: Open the Run dialog box.
  • Windows logo key + T: Cycle through programs on the taskbar.
  • Windows logo key + number: Start the program pinned to the taskbar in the position indicated by the number. If the program is already running, switch to that program.
  • Shift + Windows logo key + number: Start a new instance of the program pinned to the taskbar in the position indicated by the number.
  • Ctrl + Windows logo key + number: Switch to the last active window of the program pinned to the taskbar in the position indicated by the number.
  • Alt + Windows logo key + number: Open the Jump List for the program pinned to the taskbar in the position indicated by the number.
  • Windows logo key + Tab: Cycle through programs on the taskbar by using Aero Flip 3-D.
  • Ctrl+Windows logo key + Tab: Use the arrow keys to cycle through programs on the taskbar by using Aero Flip 3-D.
  • Ctrl+Windows logo key + B: Switch to the program that displayed a message in the notification area.
  • Windows logo key + Spacebar: Preview the desktop.
  • Windows logo key + Up Arrow: Maximize the window.
  • Windows logo key + Left Arrow: Maximize the window to the left side of the screen.
  • Windows logo key + Right Arrow: Maximize the window to the right side of the screen.
  • Windows logo key + Down Arrow: Minimize the window.
  • Windows logo key + Home: Minimize all but the active window.
  • Windows logo key + Shift + Up Arrow: Stretch the window to the top and bottom of the screen.
  • Windows logo key + Shift+ Left Arrow or Right Arrow: Move a window from one monitor to another.
  • Windows logo key + P: Choose a presentation display mode.
  • Windows logo key + G: Cycle through gadgets.
  • Windows logo key + U: Open Ease of Access Center.
  • Windows logo key + X: Open Windows Mobility Center.

Windows Explorer keyboard shortcuts

  • Ctrl + N: Open a new window
  • Ctrl + W: Close the current window
  • Ctrl + Shift + N: Create a new folder
  • End: Display the bottom of the active window
  • Home: Display the top of the active window
  • F11: Maximize or minimize the active window
  • Ctrl + Period (.): Rotate a picture clockwise
  • Ctrl + Comma (,): Rotate a picture counter-clockwise
  • Num Lock + Asterisk (*) on numeric keypad: Display all subfolders under the selected folder
  • Num Lock + Plus Sign (+) on numeric keypad: Display the contents of the selected folder
  • Num Lock + Minus Sign (-) on numeric keypad: Collapse the selected folder
  • Left Arrow: Collapse the current selection (if it’s expanded), or select the parent folder
  • Alt + Enter: Open the Properties dialog box for the selected item
  • Alt + P: Display the preview pane
  • Alt + Left Arrow: View the previous folder
  • Backspace: View the previous folder
  • Right Arrow: Display the current selection (if it’s collapsed), or select the first subfolder
  • Alt + Right Arrow: View the next folder
  • Alt + Up Arrow: View the parent folder
  • Ctrl + Shift + E: Display all folders above the selected folder
  • Ctrl + Mouse scroll wheel: Change the size and appearance of file and folder icons
  • Alt + D: Select the address bar
  • Ctrl + E: Select the search box
  • Ctrl + F: Select the search box

Taskbar keyboard shortcuts

  • Shift + Click on a taskbar button: Open a program or quickly open another instance of a program
  • Ctrl + Shift + Click on a taskbar button: Open a program as an administrator
  • Shift + Right-click on a taskbar button: Show the window menu for the program
  • Shift + Right-click on a grouped taskbar button: Show the window menu for the group
  • Ctrl + Click on a grouped taskbar button: Cycle through the windows of the group

Magnifier keyboard shortcuts

  • Windows logo key + Plus Sign or Minus Sign: Zoom in or out
  • Ctrl + Alt + Spacebar: Preview the desktop in full-screen mode
  • Ctrl + Alt + F: Switch to full-screen mode
  • Ctrl + Alt + L: Switch to lens mode
  • Ctrl + Alt + D: Switch to docked mode
  • Ctrl + Alt + I: Invert colors
  • Ctrl + Alt + arrow keys: Pan in the direction of the arrow keys
  • Ctrl + Alt + R: Resize the lens
  • Windows logo key + Esc: Exit Magnifier

Remote Desktop Connection keyboard shortcuts

  • Alt + Page Up: Move between programs from left to right.
  • Alt + Page Down: Move between programs from right to left.
  • Alt + Insert: Cycle through programs in the order that they were started in.
  • Alt + Home: Display the Start menu.
  • Ctrl + Alt + Break: Switch between a window and full screen.
  • Ctrl + Alt + End: Display the Windows Security dialog box.
  • Alt + Delete: Display the system menu.
  • Ctrl + Alt + Minus Sign (-) on the numeric keypad: Place a copy of the active window, within the client, on the Terminal server clipboard (provides the same functionality as pressing Alt + PrtScn on a local computer).
  • Ctrl + Alt + Plus Sign (+) on the numeric keypad: Place a copy of the entire client window area on the Terminal server clipboard (provides the same functionality as pressing PrtScn on a local computer).
  • Ctrl + Alt + Right Arrow: Tab out of the Remote Desktop controls to a control in the host program (for example, a button or a text box). Useful when the Remote Desktop controls are embedded in another (host) program.
  • Ctrl + Alt + Left Arrow: Tab out of the Remote Desktop controls to a control in the host program (for example, a button or a text box). Useful when the Remote Desktop controls are embedded in another (host) program.

Paint keyboard shortcuts

  • Ctrl + N: Create a new picture
  • Ctrl + O: Open an existing picture
  • Ctrl + S: Save changes to a picture
  • F12: Save the picture as a new file
  • Ctrl + P: Print a picture
  • Alt + F4: Close a picture and its Paint window
  • Ctrl + Z: Undo a change
  • Ctrl + Y: Redo a change
  • Ctrl + A: Select the entire picture
  • Ctrl + X: Cut a selection
  • Ctrl + C: Copy a selection to the Clipboard
  • Ctrl + V: Paste a selection from the Clipboard
  • Right Arrow: Move the selection or active shape right by one pixel
  • Left Arrow: Move the selection or active shape left by one pixel
  • Down Arrow: Move the selection or active shape down by one pixel
  • Up Arrow: Move the selection or active shape up by one pixel
  • Esc: Cancel a selection
  • Delete: Delete a selection
  • Ctrl + B: Bold selected text
  • Ctrl + +: Increase the width of a brush, line, or shape outline by one pixel
  • Ctrl + -: Decrease the width of a brush, line, or shape outline by one pixel
  • Ctrl + I: Italicize selected text
  • Ctrl + U: Underline selected text
  • Ctrl + E: Open the Properties dialog box
  • Ctrl + W: Open the Resize and Skew dialog box
  • Ctrl + Page Up: Zoom in
  • Ctrl + Page Down: Zoom out
  • F11: View a picture in full-screen mode
  • Ctrl + R: Show or hide the ruler
  • Ctrl + G: Show or hide gridlines
  • F10 or Alt: Display keytips
  • Shift + F10: Show the current shortcut menu
  • F1: Open Paint Help

WordPad keyboard shortcuts

  • Ctrl + N: Create a new document
  • Ctrl + O: Open an existing document
  • Ctrl + S: Save changes to a document
  • F12: Save the document as a new file
  • Ctrl + P: Print a document
  • Alt + F4: Close WordPad
  • Ctrl + Z: Undo a change
  • Ctrl + Y: Redo a change
  • Ctrl + A: Select the entire document
  • Ctrl + X: Cut a selection
  • Ctrl + C: Copy a selection to the Clipboard
  • Ctrl + V: Paste a selection from the Clipboard
  • Ctrl + B: Make selected text bold
  • Ctrl + I: Italicize selected text
  • Ctrl + U: Underline selected text
  • Ctrl + =: Make selected text subscript
  • Ctrl + Shift + =: Make selected text superscript
  • Ctrl + L: Align text left
  • Ctrl + E Align text center
  • Ctrl + R:: Align text right
  • Ctrl + J: Justify text
  • Ctrl + 1: Set single line spacing
  • Ctrl + 2: Set double line spacing
  • Ctrl + 5: Set line spacing to 1.5
  • Ctrl + Shift + >: Increase the font size
  • Ctrl + Shift + <: Decrease the font size
  • Ctrl + Shift + A: Change characters to all capitals
  • Ctrl + Shift + L: Change the bullet style
  • Ctrl + D: Insert a Microsoft Paint drawing
  • Ctrl + F: Find text in a document
  • F3: Find the next instance of the text in the Find dialog box
  • Ctrl + H: Replace text in a document
  • Ctrl + Left Arrow: Move the cursor one word to the left
  • Ctrl + Right Arrow: Move the cursor one word to the right
  • Ctrl + Up Arrow: Move the cursor to the line above
  • Ctrl + Down Arrow: Move the cursor to the line below
  • Ctrl + Home: Move to the beginning of the document
  • Ctrl + End: Move to the end of the document
  • Ctrl + Page Up: Move up one page
  • Ctrl + Page Down: Move down one page
  • Ctrl + Delete: Delete the next word
  • F10: Display keytips
  • Shift + F10: Show the current shortcut menu
  • F1: Open WordPad Help

Calculator keyboard shortcuts

  • Alt + 1: Switch to Standard mode
  • Alt + 2: Switch to Scientific mode
  • Alt + 3: Switch to Programmer mode
  • Alt + 4: Switch to Statistics mode
  • Ctrl + E: Open date calculations
  • Ctrl + H: Turn calculation history on or off
  • Ctrl + U: Open unit conversion
  • Alt + C: Calculate or solve date calculations and worksheets
  • F1: Open Calculator Help
  • Ctrl + Q: Press the M- button
  • Ctrl + P: Press the M+ button
  • Ctrl + M: Press the MS button
  • Ctrl + R: Press the MR button
  • Ctrl + L: Press the MC button
  • %: Press the % button
  • F9: Press the +/’“ button
  • /: Press the / button
  • *: Press the * button
  • +: Press the + button
  • -: Press the ‘“ button
  • R: Press the 1/x— button
  • @: Press the square root button
  • 0-9: Press the number buttons (0-9)
  • =: Press the = button
  • .: Press the . (decimal point) button
  • Backspace: Press the backspace button
  • Esc: Press the C button
  • Del: Press the CE button
  • Ctrl + Shift + D: Clear the calculation history
  • F2: Edit the calculation history
  • Up Arrow key: Navigate up in the calculation history
  • Down Arrow key: Navigate down in the calculation history
  • Esc: Cancel editing the calculation history
  • Enter: Recalculate the calculation history after editing
  • F3: Select Degrees in Scientific mode
  • F4: Select Radians in Scientific mode
  • F5: Select Grads in Scientific mode
  • I: Press the Inv button in Scientific mode
  • D: Press the Mod button in Scientific mode
  • Ctrl + S: Press the sinh button in Scientific mode
  • Ctrl + O: Press the cosh button in Scientific mode
  • Ctrl + T: Press the tanh button in Scientific mode
  • (: Press the ( button in Scientific mode
  • ): Press the ) button in Scientific mode
  • N: Press the ln button in Scientific mode
  • ;: Press the Int button in Scientific mode
  • S: Press the sin button in Scientific mode
  • O: Press the cos button in Scientific mode
  • T: Press the tan button in Scientific mode
  • M: Press the dms button in Scientific mode
  • P: Press the pi button in Scientific mode
  • V: Press the F-E button in Scientific mode
  • X: Press the Exp button in Scientific mode
  • Q: Press the x^2 button in Scientific mode
  • Y: Press the x^y button in Scientific mode
  • #: Press the x^3 button in Scientific mode
  • L: Press the log button in Scientific mode
  • !: Press the n! button in Scientific mode
  • Ctrl + Y: Press the y√x button in Scientific mode
  • Ctrl + B: Press the 3√x button in Scientific mode
  • Ctrl + G: Press the 10x button in Scientific mode
  • F5: Select Hex in Programmer mode
  • F6: Select Dec in Programmer mode
  • F7: Select Oct in Programmer mode
  • F8: Select Bin in Programmer mode
  • F12: Select Qword in Programmer mode
  • F2: Select Dword in Programmer mode
  • F3: Select Word in Programmer mode
  • F4: Select Byte in Programmer mode
  • K: Press the RoR button in Programmer mode
  • J: Press the RoL button in Programmer mode
  • <: Press the Lsh button in Programmer mode
  • >: Press the Rsh button in Programmer mode
  • %: Press the Mod button in Programmer mode
  • (: Press the ( button in Programmer mode
  • ): Press the ) button in Programmer mode
  • |: Press the Or button in Programmer mode
  • ^: Press the Xor button in Programmer mode
  • ~: Press the Not button in Programmer mode
  • &: Press the And button in Programmer mode
  • A-F: Press the A-F buttons in Programmer mode
  • Spacebar: Toggles the bit value in Programmer mode
  • A: Press the Average button in Statistics mode
  • Ctrl + A: Press the Average Sq button in Statistics mode
  • S: Press the Sum button in Statistics mode
  • Ctrl + S: Press the Sum Sq button in Statistics mode
  • T: Press the S.D. button in Statistics mode
  • Ctrl + T: Press the Inv S.D. button in Statistics mode
  • D: Press the CAD button in Statistics mode

Windows Journal keyboard shortcuts

  • Ctrl + N: Start a new note
  • Ctrl + O: Open a recently used note
  • Ctrl + S: Save changes to a note
  • Ctrl + Shift + V: Move a note to a specific folder
  • Ctrl + P: Print a note
  • Alt + F4: Close a note and its Journal window
  • Ctrl + Z: Undo a change
  • Ctrl + Y: Redo a change
  • Ctrl + A: Select all items on a page
  • Ctrl + X: Cut a selection
  • Ctrl + C: Copy a selection to the Clipboard
  • Ctrl + V: Paste a selection from the Clipboard
  • Esc: Cancel a selection
  • Delete: Delete a selection
  • Ctrl + F: Start a basic find
  • Ctrl + G: Go to a page
  • F5: Refresh find results
  • F5: Refresh the note list
  • F6: Toggle between a note list and a note
  • Ctrl + Shift + C: Display a shortcut menu for column headings in a note list
  • F11: View a note in full-screen mode
  • F1: Open Journal Help

Windows Help viewer keyboard shortcuts

  • Alt + C: Display the Table of Contents
  • Alt + N: Display the Connection Settings menu
  • F10: Display the Options menu
  • Alt + Left Arrow: Move back to the previously viewed topic
  • Alt + Right Arrow: Move forward to the next (previously viewed) topic
  • Alt + A: Display the customer support page
  • Alt + Home: Display the Help and Support home page
  • Home: Move to the beginning of a topic
  • End: Move to the end of a topic
  • Ctrl + F: Search the current topic
  • Ctrl + P: Print a topic
  • F3: Move the cursor to the search box

Creating a new Forest and Domain on Server Core

Over the weekend, good friend, Mitch Garvis decided it was necessary to rebuild his home network.  Now, most home networks don’t have a $25,000 Server at the core.  This one did.  Given that, we decided to do it right.    The network architecture called for Virtualization, so we decided to use Hyper-V.  The network called for management, so we decided to install SCCM and Ops Manager.  The network called for simplicity so we used Active Directory.

However, we decided to up the ante and install this all on Server Core.  Now, the tricky part is that we needed to install Active Directory.  The reason this became tricky was because there is no documented procedure out there on how to install a new Forest on Core.  There are lots of very smart people on the internet that described how to install new domains part of existing forests, but not new forests.  So we got to work.

After running dcpromo a few times we realized we couldn’t create the Forest by throwing commands at it.  It occurred to one of us that we should try creating an unattend.txt install file.  After a few tries, we figured out the proper structure of the file, and after 10 minutes of watching the CLI spit out random sentences, we had a new domain. 

The structure of the file is fairly simple, but you need the correct variable data.  We used the following unattend.txt file to create the new domain:

[DCInstall]
InstallDNS=yes
NewDomain=forest
NewDomainDNSName=swmi.ca
DomainNetBiosName=SWMI
SiteName=Default-First-Site-Name
ReplicaOrNewDomain=domain
ForestLevel=3
DomainLevel=3
DatabasePath="%systemroot%\ntds"
LogPath="%systemroot%\ntds"
RebootOnCompletion=yes
SYSVOLPath="%systemroot%\sysvol"
SafeModeAdminPassword=Pa$$w0rd

Now: Once the file was created we put it in the root of C: on the server core machine, and typed the following command:

dcpromo /unattend:c:\unattend.txt

Surprisingly it worked.  After checking with Microsoft, this is a supported option, and it’s not a hack in any way.  It’s just undocumented.

Until now.

Reference: Mitch Garvis, SWMI, http://garvis.ca/blogs/mitch/archive/2009/10/12/creating-a-new-domain-forest-on-server-core.aspx

October 15th Evening SQL Server DBA Event: Disaster Recovery &amp;ndash; Edwin Sarmiento, MVP for SQL Server

OttawaSQL.net

October 15th Evening SQL Server DBA Event: Disaster Recovery – Edwin Sarmiento, MVP for SQL Server

Speaker: Edwin M. Sarmiento, MVP for SQL Server

Date: Thursday, October 15th, 2009

Time: 6:00 PM to 8:30 PM

Venue: Microsoft Ottawa Office

RSVP: http://www.clicktoattend.com/?id=142063

Session 1 (6:00 PM to 7:10 PM):  Understanding and communicating business-orientated disaster recovery  concepts and objectives

So you have a database maintenance plan that does a backup of your databases and you’re pretty sure that it works fine. But is that really enough? Are you sure that you will be able to meet your service level agreements if and when disaster strikes? This session will explain the need for understanding and communicating business-orientated disaster recovery concepts and objectives to the business stakeholders. This will include defining your RPO and RTO and how it affects your disaster recovery plan.

Session 2 (7:20 to 8:30 PM):  Disaster Recovery for the Paranoid DBA

In the first session, much have been said about disaster recovery in general. In this session, we will look at bringing the concepts down to SQL Server. This session will focus on dealing with a recovery situation for a SQL Server 2005/2008 database, an instance or an entire server. Topics covered will be backup schemes, partial backups and piecemeal restores, page-level recovery and a thorough understanding of how to troubleshoot a "Suspect" database.

Edwin M. Sarmiento

Speaker Bio:

Edwin M. Sarmiento (MVP for SQL Server) works as a Senior SQL Server DBA/Systems Engineer for The Pythian Group in Ottawa, Canada. He is very passionate about technology but has interests in music, professional and organizational development, leadership and management matters when not working with databases. He lives up to his primary mission statement – "To help people grow and develop their full potential as God has planned for them.".

Refreshments:

Pizza and pop will be provided.

Note: No one will be admitted by building security after 5:55 PM, and the event will start promptly at 6:00 PM.

OttawaSQL.net is a community group of Ottawa area developers and IT professionals.  We share an interest in Microsoft’s data technologies especially:  SQL Server, SharePoint, PerformancePoint, Workflow Foundations, LINQ, ADO.NET and Entity Framework.

Pictures from Techdays and FailCamp in Toronto

After getting my camera back from Mitch Garvis after Techdays and FailCamp in Toronto, I decided to upload photos from the events, and to my surprise there were some pretty good shots.  Here is what I came back with:

4007417044

4006643533

4007406358

4006631995

4007393754

4006623627

4006616273

4007373722

4006582013

4006587385

4007358462

4006597103

4007340130

ASP.NET WebForms are NOT Being Overthrown by MVC

It’s always a fun day when the man himself, ScottGu responds to my email.  Basically it all started last week at Techdays in Toronto (pictures to follow, I promise). 

Quite a few people asked me about MVC, and whether or not it will replace Web Forms.  My response was that it wouldn’t, but I didn’t have any tangible proof.  I discussed new features in .NET 4.0, and how the development is still going strong for future releases.  Some didn’t buy it.

So, earlier today I emailed Scott and asked him for proof.  This was his response:

Hi Steve,

Web Forms is definitely not going away – we are making substantial improvements to it with ASP.NET 4.0 (I’m doing a blog series on some of the improvements now).  ASP.NET MVC provides another option people can use for their UI layer – but it is simply an option, not a replacement.

In terms of the dev team size, the number of people on the ASP.NET team working on WebForms and MVC is actually about equal.  All of the core infrastructure investments (security, caching, config, deployment, etc) also apply equally to both.

Now, MVC is new.  MVC is powerful.  MVC is pretty freakin cool in what it can do.  But it won’t replace WebForms.  Frankly, I like WebForms.  MVC does have it’s place though.  I can see a lot benefits to using it.  It alleviates a lot of boilerplate code in certain development architectures, and that is never a bad thing.

Long Live WebForms!

The RACI Model

Definition: a model used to help define who is responsible / accountable; The RACI model is built around a simple 2-dimensional matrix which shows the 'involvement' of Functional Roles in a set of Activities. 'Involvement' can be of different kinds: Responsibility, Accountability, Consultancy or Informational (hence the RACI acronym). The model is used during analysis and documentation efforts in all types of Service Management, Quality Management, Process- or Project Management. A resulting RACI chart is a simple and powerful vehicle for communication. Defining and documenting responsibility is one of the fundamental principles in all types of Governance (Corporate-, IT-Governance).

What does that mean?  All projects require management.  Simple enough.  This model is designed to define each level of management and required interaction on a project or application.  The four core levels of involvement attempt to define who should know what about the project/application/system.  Each level has more direct interaction than the previous level.

The levels are defined as:

Responsible

Those who do the work to achieve the task. There is typically one role with a participation type of Responsible, although others can be delegated to assist in the work required (see also RASCI below for separately identifying those who participate in a supporting role).

Accountable (also Approver or final Approving authority)

Those who are ultimately accountable for the correct and thorough completion of the deliverable or task, and the one to whom Responsible is accountable. In other words, an Accountable must sign off (Approve) on work that Responsible provides. There must be only one Accountable specified for each task or deliverable.

Consulted

Those whose opinions are sought; and with whom there is two-way communication.

Informed

Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there is just one-way communication.

Very often the role that is Accountable for a task or deliverable may also be Responsible for completing it (indicated on the matrix by the task or deliverable having a role Accountable for it, but no role Responsible for its completion, i.e. it is implied). Outside of this exception, it is generally recommended that each role in the project or process for each task receive, at most, just one of the participation types. Where more than one participation type is shown, this generally implies that participation has not yet been fully resolved, which can impede the value of this technique in clarifying the participation of each role on each task.

Note: I stole most of that from Wikipedia.

Roles and Responsibilities for Managing an Enterprise Web Site

The intent of this post is to create a summary definition of roles required to adequately manage an enterprise website. It is designed to be used in tandem with a RACI (Responsibility, Accountability, Consultable, and Informed) document to provide a unified management model for the web Infrastructure developed.

Each role is neither inclusive nor exclusive in that any one person can qualify for more than one role, and more than one person can qualify for the same role, as long as each role has been fulfilled adequately.

In a future post I will discuss the creation of a RACI document.

Roles

  • Database Administrator

Database administrators are charged with controlling website data resources, and use repeatable practices to ensure data availability, integrity and security, recover corrupted data and eliminate data redundancy, as well as leverages tools to improve database performance and efficiency.

  • Application Administrator

Application Administrators are charged with installing, supporting, and maintaining applications, and planning for and responding to service outages and other problems including, but not limited to, troubleshooting end-user issues at the application level.

  • Server/Operating System Administrator

Server Administrators are charged with installing, supporting, and maintaining servers and other systems, as well planning for and responding to server outages and other problems including, but not limited to, troubleshooting Application Administration issues at the Operating System level.

  • User Account/Permissions Administrator

Account Administrators are charged with managing user accounts as well as permissions for users within the system. This includes, but is not limited to, locking and unlocking user accounts, as well as resetting passwords.

  • Hardware Administrator

Hardware Administrators are charged with managing server hardware and resources. This includes, but is not limited to, deployment of servers as well as troubleshooting issues such as faulty hardware.

  • Network Administrator

Network Administrators are charged with managing physical network resources such as routers and switches and logical network resources such as firewall rules and IP settings. This includes, but is not limited to, managing routing rules as well as troubleshooting connectivity issues.

These roles were created in an attempt to define job responsibilities at an executive level.  A RACI document is then suggested as the next step to define what each role entails at the management level.

ASP.NET Application Deployment Best Practices &amp;ndash; Part 2

In my previous post I started a list of best practices that should be followed for deploying applications to production systems.  This is continuation of that post.

  • Create new Virtual Application in IIS

Right-click [website app will live in] > Create Application

Creating a new application provides each ASP.NET application its own sandbox environment. The benefit to this is that site resources do not get shared between applications. It is a requirement for all new web applications written in ASP.NET.

  • Create a new application pool for Virtual App
    • Right click on Application Pools and select Add Application Pool
    • Define name: “apAppName” - ‘ap’ followed by the Application Name
    • Set Framework version to 2.0
    • Set the Managed Pipeline mode: Most applications should use the default setting

An application pool is a distinct process running on the web server. It segregates processes and system resources in an attempt to prevent errant web applications from allocating all system resources. It also prevents any nasty application crashes from taking the entire website down. It is also necessary for creating distinct security contexts for applications. Setting this up is essential for high availability.

  • Set the memory limit for application pool

There is a finite amount of available resources on the web servers. We do not want any one application to allocate them all. Setting a reasonable max per application lets the core website run comfortably and allows for many applications to run at any given time. If it is a small lightweight application, the max limit could be set lower.

  • Create and appropriately use an app_Offline.htm file

Friendlier than an ASP.NET exception screen (aka the Yellow Screen of Death)

If this file exists it will automatically stop all traffic into a web application. Aptly named, it is best used when server updates occur that might take the application down for an extended period of time. It should be stylized to conform to the application style. Best practice is to keep the file in the root directory of the application renamed to app_Online.htm, that way it can easily be found if an emergency update were to occur.

  • Don’t use the Default Website instance
    • This should be disabled by default
    • Either create a new website instance or create a Virtual Application under existing website instance

Numerous vulnerabilities in the wild make certain assumptions that the default website instance is used, which creates reasonably predictable attack vectors given that default properties exist. If we disable this instance and create new instances it will mitigate a number of attacks immediately.

  • Create two Build Profiles
    • One for development/testing
    • One for production

Using two build profiles is very handy for managing configuration settings such as connection strings and application keys. It lessens the manageability issues associated with developing web applications remotely. This is not a necessity, though it does make development easier.

  • Don’t use the wwwroot folder to host web apps

Define a root folder for all web applications other than wwwroot

As with the previous comment, there are vulnerabilities that use the default wwwroot folder as an attack vector. A simple mitigation to this is to move the root folders for websites to another location, preferably on a different disk than the Operating System.

These two lists sum up what I believe to be a substantial set of best practices for application deployments.  The intent was not to create a list of best development best practices, or which development model to follow, but as an aid in strictly deployment.  It should be left to you or your department to define development models.