Home » Computers » Windows (Page 2)

Category Archives: Windows

Cisco VPN on Windows 8

I have run across this issue when installing both the Cisco AnyConnect VPN client and the traditional Cisco VPN client. Once the client is installed and you attempt to establish the VPN connection you might get one of the following messages: “Unable to establish VPN” or “The VPN client driver encountered an error.”


The fix is you need to change the “Display Name” in the registry. Open the following registry key and take out the extra INF stuff at the front of the “Display Name” data. The different VPN clients use different Registry keys.




Create UEFI Installable Windows 7/8 USB Drive

Important: UEFI accepts boot loaders only from a FAT32 formatted boot volume.

You will need a 4GB+ USB drive:

  1. Open elevated command prompt
  2. Run diskpart
  3. Enter list disk
    Locate your USB drive number. Pay attention, identifying the wrong disk could wipe out your system.
  4. Enter select disk #     (where # is the disk number of your USB drive from the list above)
  5. Enter these commands: (Everything on the disk will be deleted!)
  • clean
  • create partition primary
  • select partition 1
  • active
  • format quick fs=fat32
  • assign
  • exit
  1. Mount or extract the Windows 7 or 8 ISO
  2. Copy the contents from the ISO to the USB drive
  • robocopy S:\\ D:\\ /e    (S = the ISO drive or contents, D = the USB device)
  1. Enter the BIOS setup by pressing one of the F keys. (F2 is the most common, but F12 may work also)
  2. Disable Legacy BIOS ROMS support. (May also be “UEFI only” or similar option.
  3. Save BIOS and Exit, boot from your USB stick to start the installation.
  4. When selecting the drive and partition configuration in Setup, I find it best to use the Advanced Options and delete all existing HDD partitions on the destination drive.

Then click New and then Apply to automatically create the four (4) partitions needed for UEFI/GPT/Dynamic Disk operation.

After Windows is installed run MSINFO32.exe and check the “BIOS Mode” in the system summary. It will show either “UEFI” or “Legacy”.  (If you followed these instruction then hope for “UEFI”.)

Building a Free Hyper-V Server 2012 Cluster

Step-by-Step: Building a FREE Hyper-V Server 2012 Cluster – Part 1 of 2

Step-by-Step: Building a FREE Hyper-V Server 2012 Cluster – Part 2 of 2

Keyboard shortcuts for Windows

Windows system key combinations

  • F1: Help
  • CTRL+ESC: Open Start menu
  • ALT+TAB: Switch between open programs
  • ALT+F4: Quit program
  • SHIFT+DELETE: Delete item permanently
  • Windows Logo+L: Lock the computer (without using CTRL+ALT+DELETE)

Windows program key combinations

  • CTRL+C: Copy
  • CTRL+X: Cut
  • CTRL+V: Paste
  • CTRL+Z: Undo
  • CTRL+B: Bold
  • CTRL+U: Underline
  • CTRL+I: Italic

Mouse click/keyboard modifier combinations for shell objects

  • SHIFT+right click: Displays a shortcut menu containing alternative commands
  • SHIFT+double click: Runs the alternate default command (the second item on the menu)
  • ALT+double click: Displays properties
  • SHIFT+DELETE: Deletes an item immediately without placing it in the Recycle Bin

General keyboard-only commands

  • F1: Starts Windows Help
  • F10: Activates menu bar options
  • SHIFT+F10 Opens a shortcut menu for the selected item (this is the same as right-clicking an object
  • CTRL+ESC: Opens the Start menu (use the ARROW keys to select an item)
  • CTRL+ESC or ESC: Selects the Start button (press TAB to select the taskbar, or press SHIFT+F10 for a context menu)
  • CTRL+SHIFT+ESC: Opens Windows Task Manager
  • ALT+DOWN ARROW: Opens a drop-down list box
  • ALT+TAB: Switch to another running program (hold down the ALT key and then press the TAB key to view the task-switching window)
  • SHIFT: Press and hold down the SHIFT key while you insert a CD-ROM to bypass the automatic-run feature
  • ALT+SPACE: Displays the main window’s System menu (from the System menu, you can restore, move, resize, minimize, maximize, or close the window)
  • ALT+- (ALT+hyphen): Displays the Multiple Document Interface (MDI) child window’s System menu (from the MDI child window’s System menu, you can restore, move, resize, minimize, maximize, or close the child window)
  • CTRL+TAB: Switch to the next child window of a Multiple Document Interface (MDI) program
  • ALT+underlined letter in menu: Opens the menu
  • ALT+F4: Closes the current window
  • CTRL+F4: Closes the current Multiple Document Interface (MDI) window
  • ALT+F6: Switch between multiple windows in the same program (for example, when the Notepad Find dialog box is displayed, ALT+F6 switches between the Find dialog box and the main Notepad window)

Shell objects and general folder/Windows Explorer shortcuts

For a selected object:

  • F2: Rename object
  • F3: Find all files
  • CTRL+X: Cut
  • CTRL+C: Copy
  • CTRL+V: Paste
  • SHIFT+DELETE: Delete selection immediately, without moving the item to the Recycle Bin
  • ALT+ENTER: Open the properties for the selected object

To copy a file

Press and hold down the CTRL key while you drag the file to another folder.

To create a shortcut

Press and hold down CTRL+SHIFT while you drag a file to the desktop or a folder.

General folder/shortcut control

  • F4: Selects the Go To A Different Folder box and moves down the entries in the box (if the toolbar is active in Windows Explorer)
  • F5: Refreshes the current window.
  • F6: Moves among panes in Windows Explorer
  • CTRL+G: Opens the Go To Folder tool (in Windows 95 Windows Explorer only)
  • CTRL+Z: Undo the last command
  • CTRL+A: Select all the items in the current window
  • BACKSPACE: Switch to the parent folder
  • SHIFT+click+Close button: For folders, close the current folder plus all parent folders

Windows Explorer tree control

  • Numeric Keypad *: Expands everything under the current selection
  • Numeric Keypad +: Expands the current selection
  • Numeric Keypad -: Collapses the current selection.
  • RIGHT ARROW: Expands the current selection if it is not expanded, otherwise goes to the first child
  • LEFT ARROW: Collapses the current selection if it is expanded, otherwise goes to the parent

Properties control

  • CTRL+TAB/CTRL+SHIFT+TAB: Move through the property tabs

Accessibility shortcuts

  • Press SHIFT five times: Toggles StickyKeys on and off
  • Press down and hold the right SHIFT key for eight seconds: Toggles FilterKeys on and off
  • Press down and hold the NUM LOCK key for five seconds: Toggles ToggleKeys on and off
  • Left ALT+left SHIFT+NUM LOCK: Toggles MouseKeys on and off
  • Left ALT+left SHIFT+PRINT SCREEN: Toggles high contrast on and off

Microsoft Natural Keyboard keys

  • Windows Logo: Start menu
  • Windows Logo+R: Run dialog box
  • Windows Logo+M: Minimize all
  • SHIFT+Windows Logo+M: Undo minimize all
  • Windows Logo+F1: Help
  • Windows Logo+E: Windows Explorer
  • Windows Logo+F: Find files or folders
  • Windows Logo+D: Minimizes all open windows and displays the desktop
  • CTRL+Windows Logo+F: Find computer
  • CTRL+Windows Logo+TAB: Moves focus from Start, to the Quick Launch toolbar, to the system tray (use RIGHT ARROW or LEFT ARROW to move focus to items on the Quick Launch toolbar and the system tray)
  • Windows Logo+TAB: Cycle through taskbar buttons
  • Windows Logo+Break: System Properties dialog box
  • Application key: Displays a shortcut menu for the selected item

Microsoft Natural Keyboard with IntelliType software installed

  • Windows Logo+L: Log off Windows
  • Windows Logo+P: Starts Print Manager
  • Windows Logo+C: Opens Control Panel
  • Windows Logo+V: Starts Clipboard
  • Windows Logo+K: Opens Keyboard Properties dialog box
  • Windows Logo+I: Opens Mouse Properties dialog box
  • Windows Logo+A: Starts Accessibility Options (if installed)
  • Windows Logo+SPACEBAR: Displays the list of Microsoft IntelliType shortcut keys
  • Windows Logo+S: Toggles CAPS LOCK on and off

Dialog box keyboard commands

  • TAB: Move to the next control in the dialog box
  • SHIFT+TAB: Move to the previous control in the dialog box
  • SPACEBAR: If the current control is a button, this clicks the button. If the current control is a check box, this toggles the check box. If the current control is an option, this selects the option.
  • ENTER: Equivalent to clicking the selected button (the button with the outline)
  • ESC: Equivalent to clicking the Cancel button
  • ALT+underlined letter in dialog box item: Move to the corresponding item

Free Virtual Machine backup

Veeam is offer a free virtual machine backup tool.  It works with both Hyper-V and VMware. Read about it it here.

Powershell: Rename Computer, Join Domain, and Reboot

From a “Hey, Scripting Guy! Blog” post.

An alternative to using the NETDOM command line program to rename and join computers to an Active Directory Domain is to use these Windows PowerShell 2.0 command:

(Get-WmiObject win32_computersystem).rename("newname")
add-computer -Credential iammred\administrator -DomainName iammred.net

In the first command, I use the Get-WmiObject cmdlet to retrieve the Win32_ComputerSystem Windows Management Instrumentation class. (The Get-WmiObject cmdlet has an alias of gwmi, and it will also take credentials if required.) Because this class returns only one instance, I can use my group and dot trick (see My Ten Favorite Windows PowerShell Tricks) to directly call the Rename method to rename the computer.

After I rename the computer, I use the Add-Computer cmdlet to join the computer to the domain. The Add-Computer cmdlet allows me to specify the credentials that have rights to add computers to the domain, in addition to the name of the domain to join. Although I did not do it in my example, there is also an ou parameter that allows you to specify the path to the OU that will contain the newly created computer account.

The last command, Restart-Computer, appears without any parameters. This means that the computer will restart within one minute, and it will attempt to cause processes to politely exit (generally a good thing). For emergency type of situations, there is the Force switch that will cause the computer to immediately restart, and not wait on processes to politely exit. The use of this optional parameter can lead to data loss in some situations.

MSI Installer Error Codes

Here is a list of error codes returned by the Windows Installer (msiexec.exe) program:

Value Description Error code
0 The action completed successfully. ERROR_SUCCESS
13 The data is invalid. ERROR_INVALID_DATA
87 One of the parameters was invalid. ERROR_INVALID_PARAMETER
120 This value is returned when a custom action attempts to call a function that cannot be called from custom actions. The function returns the value ERROR_CALL_NOT_IMPLEMENTED. Available beginning with Windows Installer version 3.0. ERROR_CALL_NOT_IMPLEMENTED
1259 If Windows Installer determines a product may be incompatible with the current operating system, it displays a dialog box informing the user and asking whether to try to install anyway. This error code is returned if the user chooses not to try the installation. ERROR_APPHELP_BLOCK
1601 The Windows Installer service could not be accessed. Contact your support personnel to verify that the Windows Installer service is properly registered. ERROR_INSTALL_SERVICE_FAILURE
1602 The user cancels installation. ERROR_INSTALL_USEREXIT
1603 A fatal error occurred during installation. ERROR_INSTALL_FAILURE
1604 Installation suspended, incomplete. ERROR_INSTALL_SUSPEND
1605 This action is only valid for products that are currently installed. ERROR_UNKNOWN_PRODUCT
1606 The feature identifier is not registered. ERROR_UNKNOWN_FEATURE
1607 The component identifier is not registered. ERROR_UNKNOWN_COMPONENT
1608 This is an unknown property. ERROR_UNKNOWN_PROPERTY
1609 The handle is in an invalid state. ERROR_INVALID_HANDLE_STATE
1610 The configuration data for this product is corrupt. Contact your support personnel. ERROR_BAD_CONFIGURATION
1611 The component qualifier not present. ERROR_INDEX_ABSENT
1612 The installation source for this product is not available. Verify that the source exists and that you can access it. ERROR_INSTALL_SOURCE_ABSENT
1613 This installation package cannot be installed by the Windows Installer service. You must install a Windows service pack that contains a newer version of the Windows Installer service. ERROR_INSTALL_PACKAGE_VERSION
1614 The product is uninstalled. ERROR_PRODUCT_UNINSTALLED
1615 The SQL query syntax is invalid or unsupported. ERROR_BAD_QUERY_SYNTAX
1616 The record field does not exist. ERROR_INVALID_FIELD
1618 Another installation is already in progress. Complete that installation before proceeding with this install. ERROR_INSTALL_ALREADY_RUNNING
For information about the mutex, see _MSIExecute Mutex.
1619 This installation package could not be opened. Verify that the package exists and is accessible, or contact the application vendor to verify that this is a valid Windows Installer package. ERROR_INSTALL_PACKAGE_OPEN_FAILED
1620 This installation package could not be opened. Contact the application vendor to verify that this is a valid Windows Installer package. ERROR_INSTALL_PACKAGE_INVALID
1621 There was an error starting the Windows Installer service user interface. Contact your support personnel. ERROR_INSTALL_UI_FAILURE
1622 There was an error opening installation log file. Verify that the specified log file location exists and is writable. ERROR_INSTALL_LOG_FAILURE
1623 This language of this installation package is not supported by your system. ERROR_INSTALL_LANGUAGE_UNSUPPORTED
1624 There was an error applying transforms. Verify that the specified transform paths are valid. ERROR_INSTALL_TRANSFORM_FAILURE
1625 This installation is forbidden by system policy. Contact your system administrator. ERROR_INSTALL_PACKAGE_REJECTED
1626 The function could not be executed. ERROR_FUNCTION_NOT_CALLED
1627 The function failed during execution. ERROR_FUNCTION_FAILED
1628 An invalid or unknown table was specified. ERROR_INVALID_TABLE
1629 The data supplied is the wrong type. ERROR_DATATYPE_MISMATCH
1630 Data of this type is not supported. ERROR_UNSUPPORTED_TYPE
1631 The Windows Installer service failed to start. Contact your support personnel. ERROR_CREATE_FAILED
1632 The Temp folder is either full or inaccessible. Verify that the Temp folder exists and that you can write to it. ERROR_INSTALL_TEMP_UNWRITABLE
1633 This installation package is not supported on this platform. Contact your application vendor. ERROR_INSTALL_PLATFORM_UNSUPPORTED
1634 Component is not used on this machine. ERROR_INSTALL_NOTUSED
1635 This patch package could not be opened. Verify that the patch package exists and is accessible, or contact the application vendor to verify that this is a valid Windows Installer patch package. ERROR_PATCH_PACKAGE_OPEN_FAILED
1636 This patch package could not be opened. Contact the application vendor to verify that this is a valid Windows Installer patch package. ERROR_PATCH_PACKAGE_INVALID
1637 This patch package cannot be processed by the Windows Installer service. You must install a Windows service pack that contains a newer version of the Windows Installer service. ERROR_PATCH_PACKAGE_UNSUPPORTED
1638 Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs in Control Panel. ERROR_PRODUCT_VERSION
1639 Invalid command line argument. Consult the Windows Installer SDK for detailed command-line help. ERROR_INVALID_COMMAND_LINE
1640 The current user is not permitted to perform installations from a client session of a server running the Terminal Server role service. ERROR_INSTALL_REMOTE_DISALLOWED
1641 The installer has initiated a restart. This message is indicative of a success. ERROR_SUCCESS_REBOOT_INITIATED
1642 The installer cannot install the upgrade patch because the program being upgraded may be missing or the upgrade patch updates a different version of the program. Verify that the program to be upgraded exists on your computer and that you have the correct upgrade patch. ERROR_PATCH_TARGET_NOT_FOUND
1643 The patch package is not permitted by system policy. ERROR_PATCH_PACKAGE_REJECTED
1644 One or more customizations are not permitted by system policy. ERROR_INSTALL_TRANSFORM_REJECTED
1645 Windows Installer does not permit installation from a Remote Desktop Connection. ERROR_INSTALL_REMOTE_PROHIBITED
1646 The patch package is not a removable patch package. Available beginning with Windows Installer version 3.0. ERROR_PATCH_REMOVAL_UNSUPPORTED
1647 The patch is not applied to this product. Available beginning with Windows Installer version 3.0. ERROR_UNKNOWN_PATCH
1648 No valid sequence could be found for the set of patches. Available beginning with Windows Installer version 3.0. ERROR_PATCH_NO_SEQUENCE
1649 Patch removal was disallowed by policy. Available beginning with Windows Installer version 3.0. ERROR_PATCH_REMOVAL_DISALLOWED
1650 The XML patch data is invalid. Available beginning with Windows Installer version 3.0. ERROR_INVALID_PATCH_XML
1651 Administrative user failed to apply patch for a per-user managed or a per-machine application that is in advertise state. Available beginning with Windows Installer version 3.0. ERROR_PATCH_MANAGED_ADVERTISED_PRODUCT
1652 Windows Installer is not accessible when the computer is in Safe Mode. Exit Safe Mode and try again or try using System Restore to return your computer to a previous state. Available beginning with Windows Installer version 4.0. ERROR_INSTALL_SERVICE_SAFEBOOT
1653 Could not perform a multiple-package transaction because rollback has been disabled. Multiple-Package Installations cannot run if rollback is disabled. Available beginning with Windows Installer version 4.5. ERROR_ROLLBACK_DISABLED
3010 A restart is required to complete the install. This message is indicative of a success. This does not include installs where the ForceReboot action is run. ERROR_SUCCESS_REBOOT_REQUIRED

SCCM Recognized Return Codes

Some System Center Configuration Manager (SCCM) recognized return codes:


Failed / Reboot:

Failed / Retry:

Reset Windows Offline Files Cache Database (CSC)

Use this command line to set the registry flag that controls flushing/reformatting of the Windows Offline Network Files Cache Database when Windows boots up:

REG ADD “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache” /v FormatDatabase /t REG_DWORD /d 1 /f

Cisco Unified Attendant Console Overflow

Since I keep forgetting where the settings are for changing the Cisco Receptionist/Auto-Attendant timers and overflow are I decided to post it here for future reference.

The Attendant Console is the Windows based server application that is part of the Cisco Call Manager v8.x system.

This is setting is on the Attendant Console server (web interface http://attcon/webadmin/) under “User Configuration -> Queue Management — Overflow — Wait time to overflow”.

Allow Anonymous Relay Through Exchange Hub Transport

Use this Exchange Management Shell command to allow anonymous relay to external domains. (This should not be done on external facing servers.)

Get-ReceiveConnector "<servername>\Receive Connector Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-Accept-Headers-Routing","Ms-Exch-SMTP-Accept-Any-Sender","Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender","Ms-Exch-SMTP-Submit","Ms-Exch-SMTP-Accept-Any-Recipient"

The last ExtendedRights permission is the one that can only be set through the shell.  (The other permissions can be set in the GUI console.)

Set Exchange 2010 Alias to samAccountName

Use these PowerShell commands to set a users Exchange mailbox Alias to their username (AKA samAccountName/samid):
$aliasname = Get-Mailbox -OrganizationalUnit "OUNameHere" -ResultSize Unlimited
$aliasname | Foreach-Object{
$_ | Set-mailbox -Alias $_.SamAccountName

Windows Server Multipath I/O

You can enable the Windows Server 2008 R2 Multipath I/O (MPIO) feature from the command line using this DISM command:

[sourcecode language=”bash” wraplines=”false” collapse=”false”]
dism /online /enable-feature:MultipathIo

To disable this feature use:

[sourcecode language=”bash” wraplines=”false” collapse=”false”]
dism /online /disable-feature:MultipathIo

To show the currently enabled/installed features use this DISM command:

[sourcecode language=”bash” wraplines=”false” collapse=”false”]
dism /online /get-features

Find Empty Active Directory Groups

Find Empty Active Directory Groups

Following one-liners will find Active Directory Groups that have no users.

** To find empty Global Security groups:
Click Start -> Run -> Cmd.exe -> OK -> Copy and Paste following statement
DSQuery * -Filter “(&(sAMAccountType=268435456)(!member=*))” -Limit 0

** You can save the output to a text file by using Dos redirection operator > with file name.

DSQuery * -Filter “(&(sAMAccountType=268435456)(!member=*))” -Limit 0 >C:\EmptyGroups.txt

Above statement will create EmptyGroups.txt file on C: drive root listing all empty security groups.

** To find empty Local Security groups:

DSQuery * -Filter “(&(sAMAccountType=536870912)(!member=*))” -Limit 0

** To find empty Distribution groups:

DSQuery * -Filter “(&(sAMAccountType=268435457)(!member=*))” -Limit 0

** To find ALL empty groups (either local, global Security or Distribution groups):

DSQuery * -Filter “(&(objectClass=group)(!member=*))” -Limit 0

Exchange Address List Segregation

An address list is a collection of recipient and other Active Directory objects. Each address list can contain one or more types of objects (for example, users, contacts, groups, public folders, conferencing, and other resources). You can use address lists to organize recipients and resources, making it easier to find the recipients and resources you want. Address lists are updated dynamically. Therefore, when new recipients are added to your organization, they’re automatically added to the appropriate address lists.


iTunes MSI Install Order

The order to install individual Apple iTunes’ MSIs is:

  • AppleApplicationSupport.msi – With iTunes Apple ships two ‘support’ MSI. The ‘Application Support’ msi has the core files for ‘Application Support’ within iTunes.
  • AppleMobileDeviceSupport.msi – With iTunes Apple ships two ‘support’ MSI. The ‘Mobile Device Support’ msi has the core files for device management of devices which can be connected to iTunes (iPhone, iPod, Ipad).
  • Bonjour.msi – Bonjour, also known as zero-configuration networking, enables automatic discovery of computers, devices, and services on IP networks. Bonjour uses industry standard IP protocols to allow devices to automatically discover each other without the need to enter IP addresses or configure DNS servers. Specifically, Bonjour enables automatic IP address assignment without a DHCP server, name to address translation without a DNS server, and service discovery without a directory server. Bonjour is an open protocol which Apple has submitted to the IETF as part of the ongoing standards-creation process. To learn more, check out the Bonjour Protocol Specifications which detail the technologies that make up Link-Local and Wide-Area Bonjour.
  • QuickTime.msi – Configuration and installation of QuickTime is covered here.
  • iTunes.msi – the Itunes.msi contains the core files needed to run Apple iTunes.
  • AppleSoftwareUpdate.msi* – The ‘AppleSoftwareUpdate.msi’ is optional and only needed if you want to use the Apple Auto Update feature and/or MobileMe

* = don’t install in corporate/enterprise environments

Command line switches(?):


Force user logoff after a period of inactivity – Windows XP/Server 2003

To logoff the user after a certain period of inactivity, you may use the Winexit screensaver which comes with Windows 2003 Resource Kit tools (free). Download Windows 2003 Resource Kit Tools from here. It contains the file Winexit.scr [Windows Exit Screen Saver]. Once installed, reboot the system.

  • Open C:\Program Files\Windows Resource Kits\Tools
  • Right-click winexit.scr and choose Install
  • The Display Properties dialog box appears with the Screen Saver tab active
  • The Logoff Screen Saver entry is automatically selected
  • Click Settings
  • Select the Force application termination check box to force programs to quit
  • In the Countdown for n seconds box, type the value accordingly
  • In the Logoff Message box, type the message that appears during the logoff countdown. Click OK.
  • In the Display Properties dialog box, click Preview.
  • You see the Auto Logoff dialog box. It displays the logoff message and the countdown timer.
  • Click Cancel. Click OK.

The Force application termination option forces programs to quit even if the programs contain unsaved data. If you do not use this option, programs that contain unsaved data do not quit and the user is not logged off.


User Profiles on Remote Desktop Servers

If you have Remote Desktop Servers (RDS) and use a central file share for your users’ roaming profiles the world is good. Some small bit of background information: you set a user’s RDS profile location on the “Remote Desktop Services Profile” tab of a domain user’s account properties dialog. (Active Directory Users and Computers.)

But happens when you need to deploy another Remote Desktop Server in a location/site that does not have network file share access to the user’s defined profile location?

Well if you don’t absolutely need to sync the users’ RDS profile across your servers, you can set the Local Group Policy on the Remote Desktop Servers:
Run... -> gpedit.msc -> Computer -> Administrative Templates -> System -> User Profiles -> Only Allow local user profiles -> Enabled
This will override the Profile Location Setting defined in a user’s account properties and force the use of a local profile on the server.

Better than nothing…

VMware Networking Issues with Windows 7

If you need a Firewall between the physical host and its guest virtual machines, this workaround is not for you.

The problem is that on Windows 7 (x86/x64) the VMware virtual adapters and subnets are found and reported as “Unidentified Network”. This means that the built-in Windows Firewall can only treat the VMware networks, and thus the guest VMs, as type Public.

When the network type is set to Public, the Windows Firewall by default blocks Microsoft File & Print, and other most other network traffic, which effectively prevents useful direct communication between the physical host and its VM guests. You might, if allowed, disable the Firewall or configure exception rules for the VMware virtual subnets and/or hosts. Disabling the Firewall for all public networks is a bad security practice and managing the Windows Firewall is a tedious task that still leaves potential security holes.

Below are the instructions from the VMware Knowledge Base Article 1004813 that I used to change the VMware virtual network adapters to be endpoints. Endpoints do not show up in the “Network and Sharing Center” are also excluded from control of the Windows Firewall. This makes it easier to manage the Firewall rules and Home, Work, and Public network types for real, physical adapters.

This work around solution can be used until VMware updates their networking technology to meet current operating systems standards.

# VMware KB Article: 1004813
# Updated: Apr 29, 2010

Redefine the VMware virtual NICs as endpoint devices

This procedure is permanent and allows for the continued use of Bridged, NAT, and Host Only networking. However, doing this causes the VMware virtual NICs to disappear from the Network and Sharing Center, even though they remain visible under Network Connections. This also causes the VMware virtual NICs to be exempt from all Windows Firewall access rules. When implemented, the control of virtual machine network access must be done from the guest operating system of each virtual machine. This bypasses the default security model of Windows Vista with respect to the the VMware virtual NICs, and the implications of using this procedure must be carefully considered.

To redefine the VMware virtual NICs as endpoint devices:

  1. Click Start > Run.
  2. Type regedit and click OK.
  3. Double-click HKEY_LOCAL_MACHINE>System>CurrentControlSet>Control>Class>{4D36E972-E325-11CE-BFC1-08002BE10318}.
    Caution: VMware recommends that you back up this registry key before proceeding:
    1. If {4D36E972-E325-11CE-BFC1-08002BE10318} is not still highlighted, click it.
    2. Click File > Export.
    3. Pick a location and name for the Registration File (*.reg).
    4. Click Save.
  4. Click 0000.
  5. Look at the content of the Data field associated with the DriverDesc entry.
  6. If you see VMware Virtual Ethernet Adapter for VMnetx , where x is replaced by a number, then:
    1. Right-click an empty space in the right content pane.
    2. Click New > Dword.
    3. Type *NdisDeviceType
      and press Enter.
      Note: Ensure to include the asterisk (*) at the beginning of the entry.
    4. Double-click *NdisDeviceType.
    5. Type 1 and press Enter.
  7. Repeat steps 4-6, replacing 0000 in step 4 with the next entry in numerical order, until you have reached the end of all numerical entries.
  8. Follow the Disable the VMware virtual NICs section of this article above.
  9. Repeat step 8 but click Enable this network device instead.

SQL Slipstreaming

By Perry Whittle, 2010/12/27

How to: SQL Slipstreaming SP\CU During Setup

Most of us by now have encountered the issues with the RTM SQL Server 2008 installation media, the issues are more apparent during the installation of a clustered SQL Server instance. There are various ways of coping with the installation issues, but it is far easier to update the SP\CU files during the setup process.

SQL Server 2008 has a new feature called “Slipstreaming”, this basically enables you to integrate the Service Pack and Cumulative Update installation during the RTM SQL Server setup process. There are various prerequisites depending upon the Operating System in use, they are covered further on in this article.

So, how do we slipstream the Service Pack and the Cumulative Update?

The first operation is to obtain the relevant SP and if required the relevant CU. At the time of writing SP1 and SP2 are available for SQL Server 2008 (this does not apply to SQL Server 2008 R2). I prefer to copy my update executable(s) onto the server and then extract locally onto a folder on the C drive.

Note: Extracting and then launching the SP from the C drive forces the SP to use a temporary folder on that drive, this can be very useful in clustered environments as clustered drives may offline and online during installation (an issue many have encountered).

For this article I am going to slipstream my SQL Server 2008 installation with SP1 and CU7 for SP1. I have the following executables which i have copied to the server

  • en_sql_server_2008_sp1_x64.exe
  • SQLServer2008-KB979065-x64.exe

To extract the updates, use the following syntax noting my chosen paths

  • C:\en_sql_server_2008_sp1_x64.exe /X:C:\SP1
  • C:\SQLServer2008-KB979065-x64.exe /X:C:\CU7

Two folders will be created on the C drive containing the update files. If you are using Windows 2003 server you must first install the following prerequisites. If the SQL Server 2008 DVD autoruns, cancel this and proceed manually.

  • Filestream Hotfix KB937444 (download from MS site)
  • Windows Installer update (this is on the SQL Server 2008 install DVD)
  • .NET 3 Framework (this is on the SQL Server 2008 install DVD)

For a Windows 2008 server simply go into server features and enable the .NET 3.51 feature

Once the prerequisites are installed you need to launch the SQLSupport.msi inside the C:\CU7\x64\setup\1033 folder. With the support files installed, launch the SQL Server setup process using the following from a command prompt.

Note: my DVD drive is drive D:

D:\setup /CUSource=C:\CU7 /PCUSource=C:\SP1

The SQL Server Installation Center opens, you may now install your SQL Server instance leaving the installation center and the command prompt open in the background. The following screenshots from the installation process, indicate that a slipstream action is being performed,

Login to the new SQL Server instance and a quick version check reveals 10.0.2766, SQL Server 2008 SP1 CU7! You may also create a “Merged Drop” media, this comprises of the original RTM media with the update files overlaid creating an updated install media. More on this can be found at the following Microsoft link: http://support.microsoft.com/kb/955392

By Perry Whittle, 2010/12/27