Windows & .NET Magazine UPDATE, brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies.
http://www.winnetmag.com


THIS ISSUE SPONSORED BY

ZeroIMPACT Exchange 2000 Migration Aelita EMW!
http://www.aelita.com/w2k718

Windows & .NET Magazine Mobile Edition
http://www.winnetmag.com/mobile
(Below COMMENTARY)


SPONSOR: ZEROIMPACT EXCHANGE 2000 MIGRATION AELITA EMW!

Migration to Exchange 2000 is a high-pressure project. That's why we developed Aelita Exchange Migration Wizard, a ZeroIMPACT migration solution that allows you to transition from Exchange 5.5 to Exchange 2000 faster, and with no impact on users and business operations. But don't believe us. Put us in the lab! Register for a free testlab guide today!
http://www.aelita.com/w2k718


July 16, 2002—In this issue:

1. COMMENTARY

  • The Evolution of Change and Configuration Management

2. HOT OFF THE PRESS

  • Microsoft to Exit Mac Market If Sales Continue to Lag

3. KEEPING UP WITH WIN2K AND NT

  • It's a Buggy World Out There

4. ANNOUNCEMENTS

  • Register Today for Our Win2K Migration Web Seminar!
  • Real-World Tips and Solutions Here for You
  • Submit Top Product Ideas

5. INSIDE WINDOWS SCRIPTING SOLUTIONS

  • August 2002 Issue
  • Secure Script Execution with WSH 5.6

6. INSTANT POLL

  • Results of Previous Poll: The 64-Bit Market
  • New Instant Poll: Change and Configuration Management Software

7. RESOURCES

  • Featured Thread: Unable to Locate a Global Catalog
  • Tip: Machine-Specific Group Policy

8. NEW AND IMPROVED

  • Simplify IP Telephony Management
  • Use Windows Syntax to Access Non-Windows Servers

9. CONTACT US

  • See this section for a list of ways to contact us.

1. COMMENTARY
(contributed by Paul Thurrott, thurrott@winnetmag.com)

  • THE EVOLUTION OF CHANGE AND CONFIGURATION MANAGEMENT

  • In the pre-Windows enterprise, client management was easy—you didn't have anything to manage. Back then, most clients were dumb terminals or, at best, X terminals that didn't have many local resources. With the proliferation of Windows desktops, however, client change and configuration management has become a major problem, especially in large enterprises. And because most PCs are extremely versatile, ready to be melded and extended with new software and hardware, this management task is exponentially more difficult. Short-lived attempts to overcome these problems—such as the Windows-based Terminals that Microsoft was touting a few years ago—suggest that we're going to have to learn to deal with the PC. Thankfully, software solutions are available, and some are amazingly full featured.

    To tackle change and configuration management, Microsoft is expanding its Systems Management Server (SMS) product line, historically used for software and patch deployment, into new areas. For example, SMS 2.0 provides simple asset tracking and security distribution, which identifies systems on the network that lack certain hotfixes and patches and distributes the correct updates accordingly. In fact, in recent conversations with Microsoft, I discovered that SMS users liked the security-patching capabilities so much that Microsoft decided to ship an SMS Value Pack this summer that integrates SMS 2.0 with Windows Update to make rolling out the Windows Update patches easier.

    Some change and configuration management tools are strictly report oriented. For example, Ecora Software ships a line of Configuration Auditor products, including versions for Windows workstations and Windows 2000 and Windows NT servers. Configuration Auditor tracks and identifies configuration changes so you can more easily enforce corporate standards or align PCs with Ecora's built-in baseline configurations.

    However, report-oriented tools lack the ability to act on the information you obtain. BindView offers a line of bv-Admin products that combine basic change and configuration report functionality (with an emphasis on auditing and security configuration) with scripting capabilities that let you automate certain tasks, such as resetting passwords and configuring security options.

    For total control over change and configuration management, however, a proactive tool, such as Configuresoft's upcoming Enterprise Configuration Manager (ECM) 4.0, lets you configure workstations across the enterprise from one administrative console. So, if you want to bring your desktops in line with the guidance in Microsoft's Security Operations Guide, for example, ECM 4.0 can tell you which machines aren't in compliance and make changes to those machines to ensure they're in compliance.

    ECM's functionality is compelling for a variety of reasons, including its granular, roles-based management model that lets administrators delegate management responsibilities logically and fine-tune the report and action views based on need and job requirements. The full-featured and automated change management aspects of this product set it apart from the report-oriented products I mentioned earlier. ECM 4.0 lets you automatically take corrective action on any PC in your enterprise, select configuration templates and apply them en masse to multiple PCs, and prevent unauthorized PC configuration changes. "There are viewers and there are doers," said Randy Streu, Configuresoft's vice president of Product Marketing. Indeed, these automation capabilities are so necessary and desirable to large enterprises that I'm surprised Microsoft hasn't yet licensed the technology in a deal similar to the one the company struck with NetIQ that resulted in Microsoft Operations Manager (MOM). A free preview of ECM 4.0 is available online ( http://www.configuresoft.com ).

    Speaking of Microsoft, the fact that the company isn't more aggressively targeting this increasingly important management problem is curious. SMS 2003, due next year, will include better mobile support (both laptops and Pocket PC devices) and better Active Directory (AD) integration, but my discussions with Microsoft uncovered little in the way of change and configuration management improvements. The company's long-term plans—which include some as yet unknown restructuring of its current management server lineup—are still vague. As Microsoft Senior Vice President Brian Valentine put it, "The next generation of management solutions from Microsoft will deliver leadership and vision in this critical area for customers."

    Unfortunately for Microsoft, many of its customers need leadership and vision today; I recommend that they check out some of the products mentioned above. However, I'm interested in hearing about how you're tackling change and configuration management today, and what other management hurdles you face.

    References:

    BindView
    http://www.bindview.com

    Configuresoft
    http://www.configuresoft.com

    Ecora Software
    http://www.ecora.com/ecora

    Microsoft Systems Management Server 2.0
    http://www.microsoft.com/smserver


    SPONSOR: WINDOWS & .NET MAGAZINE MOBILE EDITION

    ON THE GO?
    Introducing Windows & .NET Magazine Network Mobile Edition! Now you can get the latest news from WinInfo Daily UPDATE, commentary from respected sources like Windows & .NET Magazine UPDATE, and important security discoveries and alerts from Security UPDATE—delivered right to your handheld device. Sign up today!
    http://www.winnetmag.com/mobile


    2. HOT OFF THE PRESS
    (contributed by Paul Thurrott, thurrott@winnetmag.com)

  • MICROSOFT TO EXIT MAC MARKET IF SALES CONTINUE TO LAG

  • On the eve of Apple Computer's semiannual MacWorld event, Microsoft dropped a bombshell on the company: Work harder to accelerate Mac OS X sales or Microsoft will exit the Mac market forever. Many Mac developers share this sentiment; Mac OS X has not sold well, as reported recently in WinInfo Daily UPDATE. Currently, Apple estimates that as few as 1 to 2 million people have switched to its most recent OS, despite the fact that OS X has shipped for free on several million computers. But a more telling figure from Microsoft might put things in perspective: Sales of Microsoft's OS X-specific Office version, Office v. X, have been just 300,000 units since the suite went on sale last year. Microsoft had expected to sell more than 750,000 copies in the first year. To read the complete story, visit the following URL:
    http://www.wininformant.com/articles/index.cfm?articleid=25871

    3. KEEPING UP WITH WIN2K AND NT
    (contributed by Paula Sharick, paula@winnetmag.com)

  • IT'S A BUGGY WORLD OUT THERE

  • I'm continually amazed at the number of bugs I encounter in the software that I install, configure, and maintain. Recently, I read about a Carnegie Mellon University research study that attempted to analyze why software contains so many problems. After analyzing software products for 5 years, researchers concluded that an average of 100 to 150 errors exists in every 1000 lines of code. Thus, an OS containing 20 million lines of code presents a potential 200,000 to 300,000 coding errors, many of which can negatively affect form, function, security, and reliability. The study attributed this high number of errors to complexity, poor design, and insufficient testing. For more about software bugs and Windows 2000 post-Service Pack 2 (SP2) hotfixes, visit the following URL:
    http://www.winnetmag.com/articles/index.cfm?articleid=25896

    4. ANNOUNCEMENTS
    (brought to you by Windows & .NET Magazine and its partners)

  • REGISTER TODAY FOR OUR WIN2K MIGRATION WEB SEMINAR!

  • You can make the Windows 2000 road less bumpy—if you know how. Hear Jeremy Moskowitz talk about what to do before your Win2K migration actually begins, and what to be on the lookout for during the migration process. This special online event is scheduled for Thursday, July 18, so sign up today!
    http://www.winnetmag.com/seminars/epresence

  • REAL-WORLD TIPS AND SOLUTIONS HERE FOR YOU

  • Windows & .NET Magazine LIVE!'s full-conference schedule is now online. Don't miss this chance to network with the finest gathering of Windows gurus on the planet. This conference is chock full of "been there, done that" knowledge from people who use Microsoft products in the real world. Register now and access concurrently run XML Web Services Connections for FREE.
    http://events.pentontech.com/windows/register.asp

  • SUBMIT TOP PRODUCT IDEAS

  • Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future What's Hot column. Send your product suggestions to whatshot@winnetmag.com.

    5. INSIDE WINDOWS SCRIPTING SOLUTIONS

    Windows Scripting Solutions is a monthly, paid, print newsletter loaded with news and tips to help you manage, optimize, and secure your Web-enabled enterprise. NONSUBSCRIBERS can access all the newsletter content in the online article archive from the premiere issue of Windows Scripting Solutions (December 1998) through the print issue released 1 year ago and featured below.

    In addition to receiving the monthly print newsletter, SUBSCRIBERS can access all the newsletter content, including the most recent issue, at the Windows Web Solutions Web site. Subscribe today and access all the 2002 issues online!

  • AUGUST 2002 ISSUE

  • To access this issue of Windows Web Solutions, go to this URL.

    FOCUS: Two Approaches to Capturing a Script's Output
    Learn how to capture a script's output, programmatically change local Administrator passwords on multiple computers, build complex forms with Gooey Script, use WSH 5.6's code security mechanisms, and generate uptime reports and post them to the Web.

    The following article is available for free to nonsubscribers for a limited time.

  • SECURE SCRIPT EXECUTION WITH WSH 5.6

  • WSH 5.6 offers a new security model that lets you digitally sign and verify scripts to prevent users from running unauthorized code.
    —Alain Lissoir
    http://www.winscriptingsolutions.com/articles/index.cfm?articleid=25644

    6. INSTANT POLL

  • RESULTS OF PREVIOUS POLL: THE 64-BIT MARKET

  • The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "Do you think Intel's Itanium 2 will offer a compelling solution in the 64-bit microprocessor market?" Here are the results (+/-2 percent) from the 189 votes:
    31% Yes, the Itanium 2 will outsell AMD's and Sun's 64-bit chips
    27% No, AMD and Sun 64-bit chips will capture the 64-bit market
    30% The Itanium 2 will do as well, but no better than, its AMD and Sun competition
    12% I don't know

  • NEW INSTANT POLL: CHANGE AND CONFIGURATION MANAGEMENT SOFTWARE

  • The next Instant Poll question is, "Does your organization use any type of change and configuration management software?" Go to the Windows & .NET Magazine home page and submit your vote for a) Yes, we use change and configuration management software, b) Not yet, but we plan to use change and configuration management software, c) No, we have no plans to use change and configuration management software, or d) I don't know.
    http://www.winnetmag.com/magazine

    7. RESOURCES

  • FEATURED THREAD: UNABLE TO LOCATE A GLOBAL CATALOG

  • This user has two member servers that he made Active Directory (AD) servers. Now, he's receiving the error message "Unable to locate the Global Catalog server." Can you help? Join the discussion at the following URL:
    http://www.winnetmag.com/forums/rd.cfm?app=70&id=109320

  • TIP: MACHINE-SPECIFIC GROUP POLICY

  • (contributed by John Savill, http://www.windows2000faq.com)

    Q. How can I force a user to use a machine-specific Group Policy rather than a user-specific Group Policy?

    A. Typically, the settings that the OS applies when a user logs on are based on the user's account container (e.g., a domain, a site, an organizational unit—OU), regardless of which container the user's machine belongs to. In some instances, you might want to forgo using this default behavior and instead associate a user's settings with the location of the user's computer within Active Directory (AD). For example, you might want to set a strict, defined set of policies for a publicly accessible computer, regardless of who logs on to that computer.

    To establish machine-specific settings, use Group Policy to set the computer's container to "loopback" mode—so that the computer's client settings take precedence—by performing the following steps:

    1. Start Group Policy Editor (GPE) and load the policy that affects the computer whose behavior you want to modify (alternatively, you can start the Microsoft Management Console—MMC—Active Directory Users and Computers snap-in, right-click the container, select Properties, then select the Group Policy tab).
    2. Expand the Computer Configuration, Administrative Templates, System, Group Policy branches.
    3. Double-click the "Loopback Policy" option (or "User Group Policy loopback processing mode" in Windows .NET Server—Win.NET Server).
    4. Select the Enabled option, then select the Mode:
      Merge Mode—loads a user's usual settings first, then loads any settings based on the computer's location, thus overwriting any conflicting user settings

      Replace Mode—loads only settings based on the computer's location
    5. Click OK.

    8. NEW AND IMPROVED
    (contributed by Bob Kretschman, products@winnetmag.com)

  • SIMPLIFY IP TELEPHONY MANAGEMENT

  • NetIQ announced NetIQ VoIP Manager Suite 2.0, which helps simplify the management of Cisco Systems' IP telephony solutions. The product includes automated monitoring and problem-management functions that let network administrators take full control of their Voice over IP (VoIP) environments, minimize downtime, reduce the time they spend tracking performance problems, and resolve problems before end users are affected. The product also contains new management modules for Cisco Unity and Cisco Personal Assistant. For pricing and other information, contact NetIQ at 408-856-3000.
    http://www.netiq.com

  • USE WINDOWS SYNTAX TO ACCESS NON-WINDOWS SERVERS

  • Shaffer Solutions released DiskAccess Lite, software that lets you use familiar Windows syntax for accessing NFS resources on non-Windows servers within your network. The product also lets you use command-line tools for easy access to configuration options. DiskAccess Lite includes NFS client access through Windows Explorer and the command shell, configurable file locking, and NFS support over TCP/IP and UDP. For pricing and other information, contact Shaffer Solutions at 256-890-0077 or by email at nfs-info@ssc-corp.com.
    http://www.accessnfs.com

    9. CONTACT US
    Here's how to reach us with your comments and questions:

    • ABOUT THE COMMENTARY — thurrott@winnetmag.com
    • ABOUT KEEPING UP WITH WIN2K AND NT — paula@winnetmag.com
    • ABOUT THE NEWSLETTER IN GENERAL — gayle@winnetmag.com
      (please mention the newsletter name in the subject line)
    • TECHNICAL QUESTIONS — http://www.winnetmag.net/forums
    • PRODUCT NEWS — products@winnetmag.com
    • QUESTIONS ABOUT YOUR WINDOWS & .NET MAGAZINE UPDATE SUBSCRIPTION?
      Customer Support — winnetmagupdate@winnetmag.com

    This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
    http://www.winnetmag.com/sub.cfm?code=wswi201x1z

    Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
    http://www.winnetmag.net/email