Kick Starting Your Windows 7 Deployments With Mastering Windows 7 Deployment

Posted on by
Reply

I have to hand it to Aidan Finn, he doesn’t stop at sharing information via his blogs or the community. He joined forces with Darril Gibson & Kenneth van Surksum went the extra mile. The wrote a readable, useful book Mastering Windows 7 Deployment about a subject on which consolidated documentation is scarce, scattered around the internet or written badly so you still can’t figure it out or is to boring you just don’t read it. If I need to define the goal of this book: get people a good head start for Windows 7 deployments in a planned and organized fashion.

This is not a book for the absolute newbie who doesn’t know the difference between a local and a domain account. It isn’t targeted at the WDS/MDT experts who’ve solved, fixed and worked around any and all PXE boot, network errors, cryptic WDS or MDT deployment errors & configuration challenges known to man kind. In that case this stuff is known to you (or should be). The point is those experts have already learnt a lot the hard way and they put in a considerable effort to do so. But knowledge needs to be transferred and spread around and to do that you need to cover the basics and work up from there, showing progress and results. The progress and results motivate people.

In that respect, this books get’s you started on that path from chapter one and by page 5 you’re already being guided into auditing & reporting via MAPS to prepare a roll out proposal. The effort put into discussing the Application Compatibility Toolkit (ACT) is important. I remember the work that we needed to do for Vista x64 bit and how that paid off when deploying Windows 7. What surprises me it that a lot of IT Pro’s don’t even know about the ACT, file and registry virtualization or shims. I recommend another blog on this subject http://blogs.msdn.com/b/cjacks/ , Chris Jackson, the “App Compat Guy” and a very good conference speaker on the subject. The scenarios with the User State Migration Tool will benefit system administrators who dread touching end users their PC and the precious data it might contain. If so, I hope you are backing up the data on those workstations, if not than that is really scary.

Perhaps some readers will already be using certain tools touched upon in the book but not others. In that case this is a great way to start with them and see where they fit in and what they can do for you. We did Vista x64 bit deployments in 2008 with WDS; rolled out Windows 7 x64 in 2010 using WDS/MDT and I still found this book interesting enough to buy some copies and add it to the toolkit of my team. What I’d like to add as a useful hint: look into disable rearming by using <SkipRearm>1</SkipRearm> in the unattended XML file you can pass to sysprep as in “/generalize /quiet /unattend:<file_name.xml” so you don’t run into a when you do it more than 4 times on the same image (An error message occurs when you run "Sysprep /generalize" in Windows Vista or Windows 7: "A fatal error occurred while trying to Sysprep the machine").

The Microsoft Deployment Toolkit (MDT) sections point you directly to some gems we found very useful in our deployments. That you can pre stage computers in the MDT database to help make the roll outs as “light touch” as possible is cool, but that you can automate that with the MDT PowerShell module makes it really very valuable. See http://blogs.technet.com/b/mniehaus/archive/2009/05/15/manipulating-the-microsoft-deployment-toolkit-database-using-powershell.aspx for more details. Michael Niehaus is to MDT what Chris Jason is to ACT. As identifier we use the MAC address as we get that on a label on the PC and we can easily get a list of those to mass import them together with creating the computer objects in Active Directory. We also added driver profiles depending on the client make & model. When you combine this with boot from PXE provided by WDS to boot to an MDT WinPE, and remember WDS also gives you multicast, you have a real sweet solution going. This is the route we went last year and has served us well (we came from a pure WDS solutions, and RIS before that when we still did XP rollouts but that was more than 4 years ago Open-mouthed smile … time flies.

Task sequencer is a gem that we indeed also use to roll out certain default software like 7zip, a pdf reader, ISO burner, anti malware, etc. The fact that these are not in the image makes it very easy to deploy newer versions as they come available.

The chapter on KMS, VAMT, volume licensing will be of use to people who have never dealt with it coming from Windows 2003/XP

This book will come into its own for any SME or enterprise departmental system administrator with who needs to be launched swiftly and on his or her way to their targets, which are smooth Windows 7 deployments. A lot of production system administrators are in the progress of looking at Windows 7 and might have a lot of experience with Windows XP and Windows 2003 but not with Windows 2008(R2) and Vista/Windows 7. If you’re in that bracket you’re definitely going to get a kick start with this book and it contains some neat tips and tricks to get over some initial gotchas. Don’t think that this is for big enterprises only. Apart from the system center products most tools are free downloads or a part of the Windows server license you already own.

As always, the only way to understand technologies is to work with them, use them. That’s the way to gain insight, experience, and context. So play with this stuff in a lab. Run into a bunch issues and fix them. If you need to get up to speed with all this stuff then you should dig into this book with a hands on approach. The book will also help you make more sense of other information out there and you’ll be able to put that into context better. As a bonus, I’m pretty sure that anything you learn from it will help you with deploying Windows vNext as well.

Key Value Pair Exchange WMI Component Property GuestIntrinsicExchangeItems & Assumptions

Posted on by
1

Now that Windows 2008 R2 SP1 is being deployed some scripts to check whether the Integration Components (IC) in Hyper-V VM guests are upgraded came back on the radar screen. Host are being upgraded and thus the clients need upgraded IC as well. Now to check this for hundreds or thousands of guest we need some automation. PowerShell comes in handy for this and some neat scripts can be found around the internet. The most concise PowerShell code to do this, that I know of, is the one Peter Noorderijk (great Dutch IT Pro)  uses in his  PowerShell function Get-IntegrationServicesVersion on his blog How to check the version of the Integration Components.  As he provided this script just when I needed one I used it. This worked fine until I ran into an issue with it on some clusters. On two test clusters and two production clusters, it did the job as expected. On one test cluster and one production cluster, we ran into the situation where the output seemed wrong. The screenshot below is an example of this.

The red arrows indicate wrong data for the VMname and ICVersion. What happened here?  Well, when we read out the  GuestIntrinsicExchangeItems property from the WMI object Msvm_KvpExchangeComponent we get back XML. That XML needs to be parsed to display it for human consumption. The function depends on fixed positions containing the correct data. I’ve marked the relevant portions with a red arrow above, they come from$vmkvp[0] en $vmkvp[14] in the script below.

function Get-Integ.rationServicesVersion ($HVhost = $(throw “HVHost required”))
    {
    $kvps = Get-WmiObject -Namespace rootvirtualization -ComputerName $HVHost -Query “Select GuestIntrinsicExchangeItems From Msvm_KvpExchangeComponent”
        foreach ($kvp in $kvps)
         {
         $vmkvp = $Kvp.GuestIntrinsicExchangeItems
         $vmkvp | select-object @{Label=”VMHost”;Expression={$hvhost}},
                                @{Label=”VMName”;Expression={([xml]$vmkvp[0]).instance.property[1].value}},        
                                @{Label=”ICVersion”;Expression={([xml]$vmkvp[14]).instance.property[1].value}} -first 1
         }    
    }
  
foreach ($hvhost in get-content servers.txt) {Get-IntegrationServicesVersion $hvhost}

And indeed, when we dump the XML for two of the affected servers out to text files you can see the order is indeed different so counting on the exact location in an array is what tripped us up here.

Should this ever happen? Am I making a scripting mistake somewhere? Running a check with a VBScript that parses the XML  using XDOM (just in case my PowerShell skills are the cause of this) confirms the order is different but that the key pairs match up and are correct

D:SysAdminPowerShellScripts>cscript.exe test.vbs

Microsoft (R) Windows Script Host Version 5.8

Copyright (C) Microsoft Corporation. All rights reserved.

Guest OS information for server01

CSDVersion : Service Pack 1

FullyQualifiedDomainName : server01.lab.test

IntegrationServicesVersion : 6.1.7601.17514

NetworkAddressIPv4 : 10.10.100.118

NetworkAddressIPv6 : fe80::a177:729:8840:250%9

OSBuildNumber : 7601

OSEditionId : 7

OSMajorVersion : 6

OSMinorVersion : 1

OSName : Windows Server 2008 R2 Standard

OSPlatformId : 2

OSVersion : 6.1.7601

ProcessorArchitecture : 9

ProductType : 3

RDPAddressIPv4 : 10.10.100.118

RDPAddressIPv6 : fe80::a177:729:8840:250%9

ServicePackMajor : 1

ServicePackMinor : 0

SuiteMask : 272

 D:SysAdminPowerShellScripts>cscript.exe test.vbs

Microsoft (R) Windows Script Host Version 5.8

Copyright (C) Microsoft Corporation. All rights reserved.

Guest OS information for server13

FullyQualifiedDomainName : server13.lab.test

OSName : Windows Server 2008 R2 Standard

OSVersion : 6.1.7601

CSDVersion : Service Pack 1

OSMajorVersion : 6

OSMinorVersion : 1

OSBuildNumber : 7601

OSPlatformId : 2

ServicePackMajor : 1

ServicePackMinor : 0

SuiteMask : 272

ProductType : 3

OSEditionId : 7

ProcessorArchitecture : 9

IntegrationServicesVersion : 6.1.7601.17514

NetworkAddressIPv4 : 10.10.100.112

NetworkAddressIPv6 : fe80::c18b:e3f2:7f05:31e4%12

RDPAddressIPv4 : 10.10.100.112

RDPAddressIPv6 : fe80::c18b:e3f2:7f05:31e4%12

When I look at where that data lives in the registry on those servers it all looks exactly the same, neatly ordered buy the RegEdit GUI:

So when getting that data from the Key-Value Pair Exchange WMI component with the property GuestIntrinsicExchangeItems you get a bunch of XML. That has to be parsed to be displayed in a readable fashion. The problem we are seeing is due to the fact that the items in the XML file are not in the same order. Peter’s function assumes it is. However this does not happen to be the case for most virtual machines, the majority is in the expected order. I don’t know why that is or if this is supposed to happen but it doesn’t seem to cause any harm. All is fully functional and operational in Hyper-V Manager, SCVMM 2008R2 … etc. Perhaps an MVP or Microsoft guru can shed some light on this. It seems like a bug waiting to happen if a developer of Hyper-V management software makes the same assumption. Of is this never suppose to happen and do I need to worry? I don’t know Smile I reinstalled the IC on the guests that have a different ordering and live migrated them, but that didn’t change anything

Anyway if you want to make sure you get the correct output we’ll need another approach that doesn’t make assumptions. You can roll your own and get the output customized to your needs but you need to parse the XML using a filter.  An example of this is listed below.

# Filter for parsing XML data
filter Import-CimXml 
{    
# Create new XML object from input  
$CimXml = [Xml]$_    
$CimObj = New-Object -TypeName System.Object     

# Iterate over the data and pull out just the value name and data for each entry   
foreach ($CimProperty in $CimXml.SelectNodes("/INSTANCE/PROPERTY[@NAME='Name']"))      
 {          
     $CimObj | Add-Member -MemberType NoteProperty -Name $CimProperty.NAME -Value $CimProperty.VALUE       
 }  
    
 foreach ($CimProperty in $CimXml.SelectNodes("/INSTANCE/PROPERTY[@NAME='Data']"))     
   
 {         
     $CimObj | Add-Member -MemberType NoteProperty -Name $CimProperty.NAME -Value $CimProperty.VALUE      
 }    


# you send the output from the property to the filter via a pipe
$KvpComponentVMGuest.GuestIntrinsicExchangeItems $vmkvp |Import-CimXml

Maarten Wijsman (a fellow blogger at http://www.hyper-v.nu like Peter)  has a nice example script here that also uses a filter Import-CimXML. Do note that there are variants on this filter depending on what output you desire that explains the difference between the filters.

Exchange 2010 SP1 Rollup 3 Pulled – BlackBerrys sending duplicate messages

Posted on by
1

Just a quick notification. Due to the duplicate message issue with RIM Blackberry devices and Exchange 2010 Sp1 Rollup 3 Microsoft is temporarily pulling RU3. If you don’t use BES and have no other issues, don’t sweat it. If you wanted RU for UDP support with Outlook 2003 or to fix the DAG Copies GUI bug you’ll have to wait especially if you have Blackberry devices. More the the Exchange Team Blog here.

Exchange 2010 SP1 Rollup 3 Released: Fixes Bug since SP1 in EMC & Brings Back UDP Support

Posted on by
2

UPDATE March 9th 2011: I have installed Exchange 2010 SP1 Rollup 3 at one site and this did indeed fix this issue finally.

The Microsoft Exchange Team Blog just announced the release here Released: Update Rollup 3 for Exchange 2010 SP1 and Exchange 2007 SP3. This is good news for all the folks out there that got bitten by the Exchange 2010 SP1 bug that causes the Exchange Management Shell (EMC) not to show all database copies after upgrading to exchange 2010 SP1. I’ve blogged about this in EMC Does Not Show All Database Copies After Upgrade To Exchange 2010 SP1 and chimed in to the discussion at Database copies are not all showing up in EMC after SP1 upgrade on the Exchange forums. So apart from cheers for the UDP notifications returning in support of Outlook 2003 let’s hear it for a the EMC case sensitivity bug getting fixed Smile

After while Microsoft also blogged about this Database copies fail to display after upgrading to Exchange 2010 Service Pack 1

We got notified around October 13th that they would included the fix in Exchange 2010 SP1 Roll Up 3 but that they where working on an interim update. They dropped the ball there because communication died about the latter and we were left to conclude we would have to wait for Rollup 3. Well that took it’s time. It’s now march 2011. One of the reasons I think it took so long for Rollup 3 to arrive is the decision for to re-add UDP support for Exchange 2010 for use with Outlook 2003 as blogged about in Microsoft Listens To Customers & Adds UDP Notification Support Back to Exchange 2010

In the ends we will have silly and long unaddressed bug fixed and a welcome aid in migrating customers to Exchange 2010 that are running Outlook 2003. I do wonder however if the bug had been with  PowerShell in the EMS and not in the EMC if Microsoft would have fixed this sooner.  Sure it wasn’t an issue as you could manage everything perfectly using PowerShell and it was only a GUI bug but for some users/customers this is not as obvious  and it made ‘m feel a bit like 2nd class citizens so we had to do some extra “damage” control on that front as well.