Windows Client UPDATE—brought to you by the Windows & .NET Magazine Network
http://www.winnetmag.net


THIS ISSUE SPONSORED BY

Microsoft Mobility Tour
http://www.winnetmag.com/seminars/mobility


SPONSOR: MICROSOFT MOBILITY TOUR

THE MICROSOFT MOBILITY TOUR IS COMING SOON TO A CITY NEAR YOU!
Brought to you by Windows & .NET Magazine, this outstanding seven-city event will help support your growing mobile workforce! Industry guru Paul Thurrott discusses the coolest mobility hardware solutions around, demonstrates how to increase the productivity of your "road warriors" with the unique features of Windows XP and Office XP, and much more. There is no charge for these live events, but space is limited so register today!
http://www.winnetmag.com/seminars/mobility


December 19, 2002—In this issue:

1. COMMENTARY

  • Identifying Artifacts from Earlier Installations

2. NEWS & VIEWS

  • Microsoft Releases Baseline Security Analyzer 1.1

3. ANNOUNCEMENTS

  • Planning on Getting Certified? Make Sure To Pick up Our New eBook!
  • Get the New Windows & .NET Magazine Network Super CD/VIP!

4. RESOURCES

  • Tip: Limiting the Ability to Add Printers to Windows 2000 Professional Clients
  • Featured Thread: Windows 2000 to NT 4.0 Trust Relationship

5. NEW AND IMPROVED

  • Allocate User Resources Securely

6. CONTACT US

  • See this section for a list of ways to contact us.

1. COMMENTARY
(David Chernicoff, News Editor, david@winnetmag.com)

  • IDENTIFYING ARTIFACTS FROM EARLIER INSTALLATIONS

  • Yet another email message arrived in my Inbox this week from a frustrated systems administrator at a Fortune 500 company. He had been tasked with cleaning up small problems that had occurred during his corporation's enterprisewide rollout of Windows XP as the company's client OS. Overall, he told me, the rollout was successful, with just less than 1 percent of the client computers requiring additional manual intervention. Dealing with those computers was his responsibility, and given the size of the company, he needed to work with computers scattered over a wide geographic area.

    The specific problem he contacted me about was an error message that appeared during the upgrade process on a couple dozen computers. The message reported that a previous application installation was incomplete and that the user should log off, reboot, and log back on to complete the installation. I did a little quick research and found an explanation for the problem. Artifacts from program installations had been left in one or more of four registry keys:

    HKEY_LOCAL_MACHINE\SOFTWARE\MicrosoftWindows\CurrentVersion\RunOnce,

    HKEY_LOCAL_MACHINE\SOFTWARE\MicrosoftWindows\CurrentVersion\RunOnceEx,

    HKEY_LOCAL_MACHINE\SOFTWARE\MicrosoftWindows\CurrentVersion\RunServicesOnce,and

    HKEY_CURRENT_USER\Software\MicrosoftWindows\CurrentVersion\RunOnce.

    Cleaning up the affected keys was a simple matter of making sure that all of the keys, if they existed, were empty.

    The systems administrator passed this advice to his various local administrators and found that clearing those keys solved his upgrade problems. He sent back a quick note of thanks, which included more than a little bit of concern. His IT organization was careful about what programs were installed on client computers in the company, and he didn't think his users had violated corporate IT policies regarding software installations. He was worried that the artifacts in the registry keys were symptoms of a virus that had attacked the computers that failed the upgrade.

    My first response to his concern was to ask him what his local administrators had cleared from the registry keys. I thought that knowing what had been in the keys might give us a clue about whatever application had caused the problem. Unfortunately, his local administrators had followed his directions to the letter and simply cleared the keys.

    I returned to researching the problem. We had the local administrators search the affected computers' temp directories for artifacts of earlier installations and instructed them to clean out the temp directories afterward. On a whim, I suggested that the administrators also look in the root directory of each of these computers for any unrecognized folders. The administrators reported that they found directories named $!$!$!$! in their root directories.

    At this point, the systems administrator was really worried, but I was able to ease his mind. Those oddly named directories are artifacts of a Microsoft Internet Explorer (IE) installation. In all likelihood, the original problem was caused by an earlier IE upgrade that hadn't cleaned up after itself correctly. Given the large number of computers that his organization had upgraded, the fact that such a small number of computers had this minor problem was encouraging. However, this incident demonstrates that administrators have one more thing to keep track of when they upgrade their current software. It also underscores the truth of the maxim "Things are not always what they seem."

    2. NEWS AND VIEWS
    (contributed by Mark Joseph Edwards, mje@winnetmag.com)

  • MICROSOFT RELEASES BASELINE SECURITY ANALYZER 1.1

  • Microsoft recently released a new version of its Microsoft Baseline Security Analyzer (MBSA), which Shavlik Technologies developed for Microsoft. New features in MBSA 1.1 include Microsoft Exchange and Windows Media Player (WMP) security update detection, full HFNetChk v3.81 support in the MBSA command-line interface, support for Microsoft Software Update Services (SUS) during security update scans, compatibility with Microsoft Systems Management Server (SMS) 2.0 SUS Feature Pack, and detection for multiple Microsoft SQL Server instances.

    A spokesperson for Microsoft said, "Version 1.1 is the second release of MBSA and includes a graphical and command-line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows 2000 and Windows XP systems and will scan for common system misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Internet Information Server (IIS) 4.0 and 5.0, SQL Server 7.0 and 2000, Internet Explorer (IE) 5.01 and later, and Office 2000 and 2002. MBSA will also scan for missing security updates for the following products: Windows NT 4.0, Windows 2000, Windows XP, IIS 4.0 and 5.0, SQL Server 7.0 and 2000, IE 5.01 and later, Exchange 5.5 and 2000, and Windows Media Player 6.4 and later."

    For more information about MBSA 1.1, including system requirements and a link to download the tool, visit Microsoft's TechNet Web site ( http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/MBSAhome.asp ). For more information about the new features and bug fixes in MBSA 1.1, read the Microsoft article "Microsoft Baseline Security Analyzer (MBSA) Version 1 Is Available" at http://support.microsoft.com/default.aspx?scid=kb;en-us;320454.

    3. ANNOUNCEMENTS

  • PLANNING ON GETTING CERTIFIED? MAKE SURE TO PICK UP OUR NEW eBOOK!

  • "The Insider's Guide to IT Certification" eBook is hot off the presses and contains everything you need to know to help you save time and money while preparing for certification exams from Microsoft, Cisco Systems, and CompTIA and have a successful career in IT. Get your copy of the Insider's Guide today!
    http://winnet.bookaisle.com/ebookcover.asp?ebookid=13475

  • GET THE NEW WINDOWS & .NET MAGAZINE NETWORK SUPER CD/VIP!

  • Everyone can appreciate a bargain in today's economy. That's why we've introduced the Windows & .NET Magazine Super CD/VIP Web site. You get exclusive subscriber-only access to all our publications through our new VIP Web site. Plus, you get Super CDs delivered twice a year, and we'll even throw in a 1-year print subscription to the magazine! The Super CD/VIP is a $545 value for just $279. Subscribe today!
    http://www.winnetmag.com/rd.cfm?code=wvei272lup

    4. RESOURCES

  • TIP: LIMITING THE ABILITY TO ADD PRINTERS TO WINDOWS 2000 PROFESSIONAL CLIENTS

  • (contributed by David Chernicoff, david@winnetmag.com)

    Recently, I was asked how to stop Windows 2000 Professional clients from automatically trying to install a new printer driver when connecting to a printer on the network. The administrator who asked this question was receiving complaints from his company's marketing department about users from elsewhere in his company who were connecting to the marketing department's color printer to print documents, leaving the marketing department to pay for printing large, multipage color presentations that other departments used.

    This situation seems to suggest that a lot of administrators leave printers visible to users. To make sure that only the Administrator and Power User groups have the ability to add printers to a Win2K client installation, take the following steps:

    1. Run regedit.
    2. Open HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers\LanMan Print Services\servers.
    3. Add an AddPrintersDrivers subkey of type REG_DWORD.
    4. Set the subkey's data value to 1.
    5. Exit the registry editor.

  • FEATURED THREAD: WINDOWS 2000 TO NT 4.0 TRUST RELATIONSHIP

  • Forum member "bmcatamney" is using the Microsoft Management Console (MMC) Active Directory Domains and Trusts snap-in to establish a trust between a Windows 2000 domain and a Windows NT 4.0 domain but keeps receiving the message "The NTDOMAIN domain cannot be contacted." He wonders whether the reason why he can't establish the trust has to do with the fact that one domain is on subnet 255.0.0.0 and the other domain is on subnet 255.255.255.0. If you can help, join the discussion at the following URL:
    http://www.winnetmag.com/forums/rd.cfm?cid=37&tid=51600

    5. NEW AND IMPROVED
    (contributed by Sue Cooper, products@winnetmag.com)

  • ALLOCATE USER RESOURCES SECURELY

  • Business Layers released eProvision Software 3.0, which lets you dynamically allocate physical and digital resources to your employees and securely deallocate those resources when employees leave. Resources that the software lets you allocate include email and network accounts, databases, groupware, VPNs, firewalls, telephone lines, ASP-based services, PCs, and cellular phones. In addition, eProvision Software 3.0 includes a wizard that lets you create connectors to homegrown and proprietary systems without having to write code. Other new features include audit capability, distributed security, and bidirectional synchronization. Pricing is according to resources managed per provisioned user. Contact Business Layers at 201-291-8999, 877-552-9377, or info@businesslayers.com.
    http://www.businesslayers.com

    6. CONTACT US
    Here's how to reach us with your comments and questions:

    • ABOUT THE COMMENTARY — david@winnetmag.com
    • ABOUT THE NEWSLETTER IN GENERAL — drussell@winnetmag.com

    (please mention the newsletter name in the subject line)

    • TECHNICAL QUESTIONS — http://www.winnetmag.net/forums
    • PRODUCT NEWS — products@winnetmag.com
    • QUESTIONS ABOUT YOUR WINDOWS CLIENT UPDATE SUBSCRIPTION?
      Customer Support — windowsclientupdate@winnetmag.com
    • WANT TO SPONSOR WINDOWS CLIENT UPDATE?
      emedia_opps@winnetmag.com

    Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
    http://www.winnetmag.net/email