Windows Tips & Tricks UPDATE, August 2, 2004, —brought to you by the Windows & .NET Magazine Network and the Windows 2000 FAQ site
Make sure your copy of Windows Tips & Tricks UPDATE isn't mistakenly blocked by antispam software! Be sure to add XPandWin2K-TipsandTricks_UPDATE@list.winnetmag.com to your list of allowed senders and contacts.
This Issue Sponsored By
Windows Scripting Solutions
Sponsor: Argent Software
Free Download: Monitor Your Entire Infrastructure with ONE Solution
The Argent Guardian monitors servers, applications, any and all SNMP-compliant devices as well as the overall health of the entire network at a fraction of the cost of "framework" solutions. Network Testing Labs states that "The Argent Guardian will cost far less than MOM and yet provide significantly more functionality." Using a patented Agent-Optional architecture, the Argent Guardian is easily installed and monitoring your infrastructure in a matter of hours. Download a fully-functioning copy of the Argent Guardian at:
- Q. How can I use the PQIDeploy tool to capture an image?
- Q. How can I use the PQIDeploy tool to restore an image?
- Q. Why do I receive the message "Not Associated with a trusted SQL Server Connection" when I try to connect to an SQL database and use a valid SQL username?
- Q. How can I use the Sysprep utility to create a "clean" PC to use for an image-based Windows deployment?
- Q. What's Group Policy Management Console (GPMC)?
by John Savill, FAQ Editor, firstname.lastname@example.org
This week, I tell you how to use the PQIDeploy tool to capture and restore a disk image and explain what causes a Microsoft SQL Server authentication error and how to resolve it. I also describe how to use the Sysprep utility to create a "clean" PC to use for an image-based Windows deployment and explain Group Policy Management Console (GPMC).
Correction: In the FAQ, "How can I determine the location of an executable file on my Windows Server 2003 system?" (Windows Tips & Tricks UPDATE, July 26, 2004), the following statement is incorrect:
... you can start the program simply by typing the executable's filename (e.g., dcdiag.exe); you don't have to precede the executable name with the full pathname. (The Windows 2003 Support Tools must be installed on your Windows 2003 system for the PATH variable to work.)
The correct statement is as follows:
... you can start the program simply by typing the executable's filename--for example, dcdiag.exe (assuming the Windows 2003 Support Tools--which include dcdiag.exe--are installed on your Windows 2003 system); you don't have to precede the executable name with the full pathname if the pathname is part of the PATH variable.
Sponsor: Windows Scripting Solutions
Try a Sample Issue of Windows Scripting Solutions
Windows Scripting Solutions is the monthly newsletter from Windows & .NET Magazine that shows you how to automate time-consuming, administrative tasks by using our simple downloadable code and scripting techniques. Sign up for a sample issue right now, and find out how you can save both time and money. Click here!
Q. How can I use the PQIDeploy tool to capture an image?
A. The PQIDeploy tool (originally provided by PowerQuest, which was acquired by Symantec in late 2003) lets you capture and restore disk images from the command line--a capability that's a core part of Microsoft's new zero-touch deployment initiative. (Microsoft elaborated on this initiative at its 2004 Worldwide Partner Conference in mid-July.)
To create a new image file that you can deploy in a zero-touch deployment scenario, you need to run the pqideploy.exe utility and a short PowerQuest script that contains the following lines:
// Capture first partition on first disk // diskcapture1.pqs Select Drive 1 Select Partition 1 Store
After you've created the script, boot Windows from a medium other than that which contains the OS you want to capture--for example, a Windows Preinstallation Environment (WinPE) boot CD-ROM or WinPE through Remote Installation Services (RIS). Connect to a share that contains the .pqs file (diskcapture1.pqs in our example) and the pqideploy.exe program, then run the command
pqideploy /img=m:\images\winxppro.pqi /log=diskcapture.log /cmd=diskcapture1.pqs /cmp=high
(The command wraps to two lines here because of space constraints.) The command creates an image file called winxppro.pqi in the m:\images folder, creates a log file of the capture's progress in diskcapture.log, and runs the diskcapture1.pqs script. The /cmp=high parameter tells the capture process to use high compression to conserve disk space.
Q. How can I use the PQIDeploy tool to restore an image?
A. When you use PQIDeploy to restore an image, you must create a script file in the PowerQuest format, just as you do when you create an image, as explained in the FAQ "How can I use the PQIDeploy tool to capture an image?" To restore an image, create a script file that contains the following lines:
// Restore to first disk // diskimagenew1.pqs Select Drive 1 Delete All Select Freespace First Select Image 1 Resize Image No Restore //Select Freespace Last //Create /FS=ntfs /Label="Data"
The script deletes everything from the first disk, selects the free space at the start of the disk, then restores the image that you'll specify from the command line. The two lines that I've commented out here at the end of the file (by preceding the lines with slashes) use the remaining space on the disk to create an NTFS partition with the label "Data." If you want to create this partition, simply omit the first two slashes from the last two lines.
To restore the actual image, you run the following command:
pqideploy /img=m:\images\winxppro.pqi /log=diskrestore.log /cmd=diskimagenew1.pqs
(The command wraps to two lines here because of space constraints.) The command restores the m:\images\winxppro.pqi image file, creates a log file of the capture's progress in diskcapture.log, and runs the diskimagenew1.pqs script.
Q. Why do I receive the message "Not Associated with a trusted SQL Server Connection" when I try to connect to an SQL database and use a valid SQL username?
A. The problem you describe typically occurs when a Microsoft SQL Server installation is configured to use only Windows authentication and not SQL Server authentication. To solve the problem, perform the following steps:
- Start SQL Server Enterprise Manager (Start, Programs, Microsoft SQL Server, Enterprise Manager).
- Navigate to the SQL Server system in the Microsoft Management Console (MMC) treeview pane by selecting Console Root, Microsoft SQL Servers, SQL Server Group, <sql server> (or <local>); right-click the server; and select Properties from the context menu.
- In the SQL Server Properties dialog box, select the Security tab.
- In the Security section, make sure that Authentication is set to "SQL Server and Windows" and not "Windows only," as the figure at http://www.winnetmag.com/content/content/43424/sqlauthmode.gif shows. If necessary, change the selection and click OK.
Q. How can I use the Sysprep utility to create a "clean" PC to use for an image-based Windows deployment?
A. After you've created a Windows installation that you want to image and distribute to other PCs, your first task is to create the Sysprep folder on the C drive. Copy the sysprep.exe and setupcl.exe files into this folder. You can find these files in support/tools/deploy.cab on the Windows installation medium.
In the same Sysprep folder, create an answer file called sysprep.inf--a text file that gives the OS setup program the responses it needs during the setup process. The easiest way to create sysprep.inf is to use Setup Manager (setupmgr.exe), which is also in the deployment tools on the Windows installation media. Your sysprep.inf file will look similar to the following example:
;SetupMgrTag \[Unattended\] OemSkipEula=Yes InstallFilesPath=C:\sysprep\i386 \[GuiUnattended\] AdminPassword="Pa55word" EncryptedAdminPassword=NO OEMSkipRegional=1 TimeZone=20 OemSkipWelcome=1 \[UserData\] ProductKey=HAHAY-OUWIS-HIDPU-TAKEY-HERE! FullName="Demo" OrgName="Demo Company" ComputerName=* \[SetupMgr\] DistFolder=C:\sysprep\i386 DistShare=windiest \[Identification\] JoinDomain=DOMAIN.LOCAL \[Networking\] InstallDefaultComponents=Yes
Your next task is to ready the PC for imaging. To do so, open a command prompt in the C:\sysprep folder and type the command
sysprep -reseal -mini -shutdown
The -reseal switch deletes the machine-specific information from the PC. The -mini switch sets the PC so that it starts a mini-wizard the next time it boots. The -shutdown switch tells the PC to shut down after the Sysprep command has completed. After the PC shuts down, it's ready to be imaged.
Q. What's Group Policy Management Console (GPMC)?
A. Group Policy offers many advantages over the old Windows NT 4.0 system policies; however, managing Group Policy Objects (GPOs) is often cumbersome. To view or modify GPOs, you can either create a custom Microsoft Management Console (MMC) snap-in that has a particular group policy loaded or, in the MMC Active Directory Users and Computers snap-in, right-click an organizational unit (OU) or a domain, select Properties, then select the Group Policy tab.
Group Policy Management Console (GPMC) significantly improves upon Microsoft's traditional methods for GPO management by providing a simple view of the environment that shows how OUs are linked to GPOs and the options associated with the OU or container to which a particular GPO applies. GPMC also provides the following useful features:
- ability to back up and restore GPOs
- easy backup and restore of filters
- ability to create HTML-based reports that show all the settings in a GPO
- ability to script certain Group Policy management actions
You must install GPMC on a Windows Server 2003 or Windows XP Service Pack 1 (SP1) system, although you can use GPMC to manage Windows 2003 and Windows 2000 Server domains. You can download the latest version of GPMC--GPMC with SP1--at http://www.microsoft.com/downloads/details.aspx?familyid=0a6d4c24-8cbd-4b35-9272-dd3cbfc81887&displaylang=en.
If you attempt to access a container's Group Policy tab from the Active Directory Users and Computers snap-in after you install GPMC, you'll see a button that you click to start GPMC. The figure at http://www.winnetmag.com/articles/images/gpmcmain.gif shows the GPMC interface and some of the information it provides. You can't edit GPOs from within GPMC. Instead, to edit a GPO when you're in GPMC, right-click the GPO and select Edit; a new MMC instance will open in which the GPO editor snap-in is loaded and the selected GPO is open and ready to be edited.
Hot Release: Hands-on Windows 2000/XP/2003 Internals & Advanced Troubleshooting class
Dig into the internals of Windows 2000/XP/2003 with Mark Russinovich and David Solomon, authors of Inside Windows 2000, in their hands-on (bring your own laptop) 5-day Windows internals and advanced troubleshooting class, September 27-October 1 in San Francisco, featuring the Sysinternals tools.
(from Windows & .NET Magazine and its partners)
If you are a SQL Server user, SQL Server Magazine is a must-read. Each issue offers a treasury of relevant articles, savvy tips, endless code listings, and expertise that will give you the answers you are looking for. Chose from a library of hot topic discussions relating to reporting services, security, high availability and much more. Order now:
In this free Web seminar, learn how to implement a "holistic" approach to email security that eliminates spam, minimizes risk from viruses, saves money, and reduces the administrative burden on IT staff. And, you'll find out the benefits of the "preemptive" email security approach compared with more traditional approaches. Register now!
Are you "getting by" using fax machines or relying on a less savvy solution that doesn't offer truly integrated faxing from within user applications? Attend this free Web seminar and learn what questions to ask when selecting an integrated fax solution, discover how an integrated fax solution is more efficient than traditional faxing methods, and learn how to select the fax technology that's right for your organization. Register now!
(A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )
In this free Roadshow, you'll discover trends in the wireless and mobility industry and come away with a better understanding of wireless and mobility solutions. And, talk first hand about your wireless projects with leaders in the industry. See proven wireless and mobile solutions in action. Register now!
Comparison Paper: The Argent Guardian Easily Beats Out MOM
Free Download--New - Launch NetOp Remote Control from a USB Drive
Here's how to reach us with your comments and questions:
- About the newsletter — email@example.com
- About technical questions — http://www.winnetmag.com/forums
- About product news — firstname.lastname@example.org
- About your subscription — email@example.com
- About sponsoring UPDATE — firstname.lastname@example.org
Contact Our Sponsors
Argent Software -- http://www.Argent.com -- 1-860-674-1700
This weekly email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.