Home

Wiley Windows 7 Desktop Support and Administration

image

Contents

1. hardlink is used for in place migrations to retrieve the data from the Windows old folder It requires the use of the nocompress switch nocompress specifies that data is not compressed efs hardlink specifies that encrypted file system EFS files will be moved using hardlink migration The hardlink switch must be used for this to succeed i MigApp xm1 specifies that the MigApp xm1 file which is included in the USMT folder will be used to identify application settings to migrate i MigDocs xm specifies that the MigDocs xm1 file which is included in the USMT folder will be used to identify document types to migrate offlineWinDir c windows o1d windows is used to specify the location of the files from the original installation After the ScanState command is executed to capture the migration data the LoadState command is executed to restore the migration data to the current installation When performing in place migrations you can enter the LoadState command with the following switches Just as the ScanState command should be entered as a single line the following LoadState command should be entered as a single line even though it spans more than one line in this book LoadState exe c store v 13 c lac P sswOrd lae i MigApp xml i MigDocs xml sf hardlink nocompress LoadState exe is the command _c store is the location of the migration store created by ScanState v 13 indicates the h
2. EXERCISE 1 6 continued 8 10 11 12 13 14 15 16 Click Windows 7 and select Start gt All Programs gt Windows Virtual PC gt Windows XP Mode Applications You ll see that the program that you installed in Windows XP Mode is now available on the Windows 7 menu as shown in the following graphic I Windows Live Default Programs I Windows Virtual PC E Windows Virtual PC Administrative Tools gt E Windows XP Mode jy Windows XP Mode Applications Foe a ee ae IrfanView Windows XP Mode IrfanView Thumbnails Windows 4 Back While this shows how applications published from Windows XP Mode will appear you can also publish applications from other Windows VPC programs For example if you install a virtual instance of Windows 7 and published an application from there the published application will appear in a folder named Windows 7 Applications Try to launch the application by selecting Start gt All Programs gt Windows Virtual PC gt Windows XP Mode Applications gt IrfanView Windows XP Mode It will fail and inform you that you must close Windows XP Mode first Return to Windows XP Mode and select Start gt Log Off After you are logged off select Action gt Close This will cause Windows XP Mode to go into Hibernate mode Once the system finishes hibernating try to start the program from the Windows 7 Start menu by selecting Start gt All Programs gt Windows Virtual PC gt Window
3. ScanState exe c store v 13 o c hardlink nocompress efs hardlink i MigApp xml i MigDocs xml offlineWinDir c windows old windows rem LoadState exe c store v 13 c lac P sswOrd lae i MigApp xml i MigDocs xml sf hardlink nocompress The first command changes the directory to the USMT x86 folder on the C drive If you are running a 64 bit system you can substitute this with USMT amd64 instead The rem lines are remark or comment lines added to separate the ScanState and LoadState commands for easier readability Select File gt Save As Type in usmt bat and click Save By adding the bat extension you tell Notepad to save the file as a batch file with a bat extension that can be executed instead of a text file with a txt extension Close the file Click Start gt Accessories right click the command prompt and select Run As Admin istrator If prompted by User Account Control click Yes to continue Type in the following command to change the directory to the C MyUSMT directory you created earlier Cd MyUSMT Type in usmt and press Enter to run your batch file This will take several minutes to complete and the output will appear on the screen When you ve finished the migra tion is complete Using Windows Explorer browse to the C Program Files Windows AIK Tools USMT x86 folder or the C Program Files Windows AIK Tools USMT amd64 if you used that folder in your batch file Locate a
4. s version is the most recent version BranchCache then redirects Joe s computer to retrieve the file from Sally s computer instead of over the slow WAN link Users in remote offices can experience much greater speed when accessing commonly used files over the WAN link However only Windows 7 computers can take advantage of BranchCache BranchCache will be explained in greater depth in Chapter 12 Windows XP Mode Windows XP Mode is a virtualization application that allows users to run a completely separate instance of Windows XP within Windows 7 This can be especially useful for applications that aren t compatible with Windows 7 but will run in Windows XP Applications installed in Windows XP Mode will appear on the user s Windows 7 Start menu While they appear to run on the Windows 7 desktop they are actually running in the virtual Windows XP Mode environment Windows XP Mode is covered in more depth later in this chapter including how to install it Software Assurance Windows 7 Enterprise is available only to businesses that have purchased the Software Assurance program so you may be interested in knowing a little about it It s a Microsoft program offered to organizations that purchase licenses through a volume licensing pro gram Volume licensing allows a company to purchase licenses in bulk at a discount instead of purchasing multiple individual copies Organizations that can purchase Software Assurance include businesses
5. Figure 1 3 shows a side by side migration FIGURE 1 3 Side by side migration Original File New Computer Server Computer Designing User State Migration 21 In both scenarios the process is similar 1 Run ScanState on the original computer and store the files and settings externally such as on a network share or an external USB drive The ScanState version that comes with the Windows AIK for Windows 7 can be run on Windows XP Windows Vista and Windows 7 operating systems 2 Install Windows 7 A wipe and load installation will install Windows 7 on the same computer whereas a side by side installation will install Windows 7 on a separate computer 3 Run LoadState on the Windows 7 system using the externally stored files and settings When ScanState is run for wipe and load and side by side migrations the offlineWinDir c windows old windows switch is omitted Instead of capturing the files and settings from the Windows old folder ScanState will retrieve the migration data from the actual system In addition instead of storing the results in the C Store folder you could map a Universal Naming Convention UNC path to a share on a server or connect an external USB drive As an example imagine that you have connected an external USB drive and it is assigned the letter G The following ScanState command could be used ScanState exe g store v 13 o c hardlink nocompress efs hardlink i MigApp xml i MigDocs xml Th
6. Most PCs will have only a single network interface card NIC This NIC will be shared with the VDI machines If the virtual machines are con nected to the network and have a lot of network activity you may want to consider upgrad ing the NIC Disk space Windows XP Mode requires a minimum of 1 6 GB of disk space If you start adding additional virtual machines you ll find that they take significantly more For example a Windows Server 2008 virtual hard disk takes about 6 GB with an initial installation and Windows 7 takes about the same These are dynamically expanding disks so as more is installed or added to the virtual systems they will take more and more space This can be critical if the virtual hard disks are stored on the boot or system partition If they are stored on one of these partitions you should monitor disk space usage closely Real World Scenario Using Virtual PC for Mini Labs I ve been using Virtual PC VPC for many years to create virtual desktops and even vir tual networks where could test and learn different technologies As a simple example when first learning Windows Server 2008 and Windows Vista was running Windows XP as my desktop operating system created two VPC images one of Windows Server 2008 and another of Windows Vista was able to load these two sys tems configure the server as a domain controller in a domain and configure Windows Vista to join the domain now had a mini ne
7. SRV records must be manually created on DNS cpri This will reduce the priority of host processes Use this if the KMS host needs more processing power for other server roles spri This returns the priority of host processes to normal on the KMS server sai You can use this to change how often a KMS client tries to connect to a KMS if activation fails The number is provided in minutes and the default is 120 two hours sri This will change how often a KMS client contacts the KMS host to renew the activation The number is provided in minutes and the default is 10080 seven days dli When executed on the KMS server this provides the current activation count on the KMS server skms You can use this to set the name and the port of the KMS server for non domain computers 54 Chapter 1 Planning for the Installation of Windows 7 Virtualization Licensing If your company is considering a Virtual Desktop Infrastructure VDI solution you ll need to understand the licensing requirements It s important to realize that licenses are needed for the virtual machines just as they are needed for a regular installation Virtual computers can be activated using MAK keys or KMS servers In addition Microsoft recently announced the Virtual Enterprise Centralized Desktop VECD which can be used specifically for VDI licensing VECD allows an organization to license virtual copies of Windows client operating systems at a lower cost t
8. Windows XP Mode for Windows 7 Analyzing Your Existing Hardware Environment Windows XP Mode originally required a processor that supports virtualization that needed to be enabled in the BIOS However Microsoft later released an update with KB 977206 that allows Windows XP Mode to work without hardware assisted virtualization HAV Intel refers to HAV as Intel VT and AMD calls it AMD V Both companies include utilities you can download and run to determine if your processor has this capability Windows XP Mode works best if your processor supports virtualization P TE However if the processor doesn t support virtualization or it isn t enabled in the BIOS you can still use Windows XP Mode Check out KB article 977206 at http support microsoft com kb 977206 30 Chapter 1 Planning for the Installation of Windows 7 Figure 1 4 shows the Intel Processor Identification Utility with the middle tab selected Notice that the Intel R Virtualization Technology is listed as Yes verifying that Windows XP Mode can be used on this system This utility can be downloaded from Intel s website here http www intel com support processors tools piu FIGURE 1 4 Intel Processor Identification Utility File Processor View Help Frequency Test CPU Technologies CPUID Data Intel Processor Identification Utility Intel R Core TM 2 Duo CPU P8600 2 40GHz Supporting Advanced Intel Processor Technologies Inte Virtualization Tech
9. XCopy e v y C Windows USMT If exist H USMT XCopy e v y C Windows USMT If exist I USMT XCopy e v y C Windows USMT rem Cd c Windows USMT x86 ScanState exe c store v 13 o c hardlink nocompress efs hardlink i MigApp xml i MigDocs xml offlineWinDir c windows old windows LoadState exe c store v 13 c lac P sswOrd lae i MigApp xml i MigDocs xml sf hardlink nocompress This batch file checks to see if the USB drive has been assigned letters D through I but if you want to check for all possible drive letters just copy an If exist line paste it and modify the letter in the new line You can check for all drive letters up to Z if desired You could save this file as usmt32 bat However if you needed to run the migration on a 64 bit system you could replace x86 with amd64 in the change directory line and save the file as usmt64 bat Cd c Windows USMT amd64 20 Chapter 1 Planning for the Installation of Windows 7 Wipe and Load Migration vs Side by Side Migration The majority of this section has covered an in place migration A common scenario is where a Windows XP system has the hardware to support Windows 7 Windows 7 is installed and the user s data and settings are then migrated from the Windows old folder However there are some scenarios where the existing system needs to be wiped clean or completely replaced In these scenarios you can still use the USMT commands to capture the files a
10. able to migrate your older systems to Windows 7 Using Windows XP Mode allows you to run legacy applications on a Windows 7 system easily However you can also use VPC to run other desktops that you create Running Applications from Other VPCs The previous example showed you how to install applications in Windows XP Mode and make them available from the Windows 7 Start menu but you aren t restricted to doing this with only Windows XP Mode Developers are notorious for crashing their systems They develop applications and during the test and debugging process things sometimes go wrong For example an oper ating system that once worked now no longer works Not only is the developer unable to continue the development of the application but they can t even access email or do other day to day work While you can t prevent a developer from crashing a development envi ronment you can isolate the problem by creating a virtual environment for development work You start with a regular Windows 7 desktop You can then install another instance of Windows 7 in a virtual machine and install applications within the virtual machine As long as the Auto Publish settings are set to Enabled the applications will automatically appear on the host machine s Start menu for that PC once the shortcuts are copied to the Start menu on the virtual machine Hibernate the VPC and you can then launch the pro grams in the same manner as you did with Windows XP
11. activation to work The KMS host tracks this threshold and if the threshold isn t reached or the number of clients falls below this threshold it will no longer activate the clients KMS clients that aren t activated because the activation threshold is not met will request activation every two hours 52 Chapter 1 Planning for the Installation of Windows 7 Activation validity interval After activation by a KMS host KMS clients will remain acti vated for 180 days If the KMS client has not connected to a KMS server within 180 days the activation will be invalidated Clients attempt to connect every seven days and when they connect this 180 day counter is reset Activation count The current number of clients that are being activated by KMS is tracked using unique client machine identification designation CMID records Clients attempt to contact the KMS server every seven days and the KMS server renews this CMID when the client activates or reactivates If the client doesn t renew within 30 days the CMID is dis carded and is no longer counted toward the activation threshold This is an important concept Your network may have reached the threshold of 25 and then two systems are decommissioned or taken on the road by sales people Within 30 days the CMID for these two systems will be removed from the KMS host and the count will be at 23 Clients will no longer be activated and within seven days all 23 remaining sys tems will be t
12. can run an instance of Windows 7 as the host operating system Then within the Windows 7 host you can run other operating systems such as Windows XP another virtual machine running Windows 7 and a third running Windows Server 2008 With the cheap but abundant processing power built into desktop PCs using VDI is now being seriously considered an alternative to Remote Desktop Services RDS Desktop PCs rarely use much of their processing power and VDI applications and operating systems can provide distinct isolation from the host operating system _ Remote Desktop Services previously known as Terminal Services in Win A dows can be configured on a server to allow users to run individual appli cations or entire desktops over a network From the users perspective the application or desktop appears to be running on their individual system but is actually running on a server Microsoft introduced Windows Virtual PC VPC with Windows 7 This was previously known as Microsoft Virtual PC and was often used by administrators technical trainers and students It s been available as a free download for years If you ve used Microsoft Virtual PC you ll notice similarities with Windows Virtual PC but the underlying tech nology provides some significant improvements VPC is not just for techies anymore It can be installed and configured for regular users to run applications in virtual isolated environments using Windows XP Mode It can be
13. e v y C Windows USMT Designing User State Migration 19 The e switch specifies that all directories should be copied even empty ones The v switch is used to verify the files and the y switch is used to suppress prompting if any files are overwritten lt Chapter 3 covers the XCopy command and other elements of the command P prompt in more depth Unfortunately this works only if the USB flash drive is assigned the letter D It could be assigned other letters such as E F and so on You can add multiple lines to your batch file to check for which letter is actually assigned to the USB flash drive Simply copy and paste the following line changing only the letter of the drive If exist E USMT XCopy e v y C Windows USMT If exist F USMT XCopy e v y C Windows USMT Once you have added the extra lines the rest of the batch file becomes a little easier You now know your USMT files exist in the C Windows USMT x86 and the C Windows USMT AMD64 folders You simply change to the appropriate directory and run the ScanState and LoadState commands For example if you were migrating data to a 32 bit installation of Windows 7 you d use the following batch file shown in Listing 1 1 Listing 1 1 Batch file for 32 bit data migration If exist D USMT XCopy e v y C Windows USMT If exist E USMT XCopy e v y C Windows USMT If exist F USMT XCopy e v y C Windows USMT If exist G USMT
14. for that OS 38 Chapter 1 Planning for the Installation of Windows 7 Installing Integration Components After installing an operating system using Virtual PC you may notice that things aren t running as smoothly as you d like them to be For one thing every time you click within a Virtual PC environment your mouse gets trapped there You can press Ctrl Alt left arrow to get it out but it d be a lot easier if your mouse moved in and out of this window just as it can do with other windows You can install the Integration Components after the operating system has been installed on the VPC In addition to helping your mouse work a little better they ll also give access to the following resources Clipboard You will be able to copy and paste data back and forth from the host operating system to the virtual machine Data copied in one environment is available on the clipboard in the other environment Hard drives You ll have access to all of the hard drives on the host system from within the virtual machine The drives appear as shares within Windows Explorer in the format of X on ComputerName where X is the actual drive letter and ComputerName is the name of the host computer For example if the host computer is named Client1 the C drive would appear in Windows Explorer on the virtual machine as C on Client1 Printers Printers available to the host system are available to the virtual machine This allows you to print to a printer
15. in BIOS Enable AMD V in BIOS Re run this utility to further verify your system is compatible with Hyper v Virtualization Considerations 31 Next you ll need to enable the virtualization option in the BIOS My experience is that this is not enabled by default so you ll need to reboot your system read the screen to see what key to use to enter BIOS and then search for the virtualization option Many versions of BIOS are available and there s no standard of how to access BIOS Sometimes you re prompted to press F10 sometimes the Delete key and at other times yow re prompted just to press any key at the appropriate time The only thing that is consis tent is that a message will appear telling you what key to press to enter the setup mode that allows access to the system BIOS The virtualization setting can be called AMD V or Intel VT or simply Virtualization Technology Find the setting and enable it If the processor is capable but the BIOS doesn t have the Virtualization Technology set ting it s possible you ll need to upgrade or flash the BIOS Access the command prompt and enter SystemInfo This takes a minute to complete but it will list a significant amount of information about your system including the BIOS version You can search the Internet using this information for a possible upgrade Follow the manufacturer s instructions to complete this process Downloading the Software Once you ve verified you
16. restored Sensitive data contained in the migration store could include the following Classified information such as secret data Company secrets such as financial data future product details or plans for mergers Personally identifiable information PH on customers and employees including names addresses phone numbers social security numbers and credit card information At the very least migration stores should be treated with the same level of protection as the original data For example if a user has secret data on her system the migration store obtained from this system should be treated with the same level of protection used to pro tect the source data This becomes especially important when storing the data on external USB drives Because these drives are highly portable it s possible for an administrator to migrate secret data to an external USB drive and then use this migration store to restore the files and settings on a new computer If the administrator stops there the USB drive will still hold the secret data If an educated user later comes across this USB drive and sees the migration store he could run the LoadState command and restore all the data to his computer Destruction of the migration store can take several different forms depending on the type of data used Some programs will erase the data and overwrite random patterns of 1s and Os to ensure there isn t any data remaining on the drive that can be reco
17. with as few as five employees government entities schools and campuses It is actually purchased through Microsoft partners and the benefits are coordinated through Microsoft once they are acti vated Benefits differ based on how many clients and licenses are purchased The benefits may include Free upgrades to newer versions of the software during the licensing period The option to spread payments over a longer period of time as opposed to the initial cost of purchasing all the licenses Training vouchers for Microsoft courses taught by Microsoft partners Access to e learning courses 24x7 telephone and web support Local Installation 7 Local Installation It s possible that you ll need to install Windows 7 from the installation media at some point You ll learn about Lite Touch Installation LTI and Zero Touch Installation ZT1 in Chapter 2 Automating the Deployment of Windows 7 but you may occasionally need to do a heavy touch installation No there s no acronym for heavy touch installation mostly because you don t want to be doing it that often Installing one or two systems manually is no big deal but if you have to install 5 50 or more you ll want to automate the process For the most part the installation of Windows 7 is straightforward with few surprises The biggest challenge may come if you have to change partitions on the hard disk or add additional disk drivers Exercise 1 1 will w
18. 1 7 is a virtual instance of Windows 7 running within Windows Virtual PC As you can see there are four menu choices Each one is explained in the following section 40 Chapter 1 Planning for the Installation of Windows 7 FIGURE 1 7 Windows 7 launched within a Virtual PC machine 7 z El Client Windows Virtual PC Action USB Tools Ctri Alt Del Action The Action menu includes four choices View Full Screen No surprise here Selecting this option maximizes the VPC window to full screen When set to full screen a Title tab is pinned to the top of the window This tab includes many of the same choices as the full menu To the far right are icons reminiscent of minimize maximize and close icons but labeled as Switch To Your Computer Desktop Exit Full Screen and Close Sleep Selecting Sleep puts the VPC into a power saving sleep mode Once Sleep is selected the menu item changes to Wake Up If you select Wake Up the VPC will exit the sleep mode Restart Selecting Restart forces a system restart If you have programs running you will be prompted that they are open and you may lose work if you continue You can click Force Restart or click Cancel to return to the desktop Close The Close menu gives the choices Hibernate Shut Down or Turn Off Hibernate will cause the current state to be saved open windows and files remain open and when you launch this VPC image again everything is returned to the exact same state Sh
19. Chapter Planning for the Installation of Windows 7 TOPICS COVERED IN THIS CHAPTER INCLUDE y Choosing a Windows 7 edition v Performing a local installation of Windows 7 v Designing User State Migration v Considering virtualization v Planning and managing client licensing and activation One of the first steps you need to take when planning a migra tion to Windows 7 is choosing which edition of Windows 7 to deploy For an enterprise your choice is limited to Windows 7 Professional Windows 7 Enterprise or Windows 7 Ultimate To make the right choice you ll need to know what features are available in each edition Once you identify the edition you ll use you need to come up with a migration plan Because many organizations will be upgrading existing Windows XP computers to Windows 7 having a solid plan to migrate users data is very important The User State Migration Tool USMT can simplify this process for you with the use of ScanState and LoadState Although virtualization wasn t common on end users desktops in the past the new Windows XP Mode available in Windows 7 is sure to change this for many users It s now possible for end users to run applications on a Windows 7 system in a transparent virtual instance of Windows XP Activation of Windows 7 can be done individually with a Multiple Activation Key or with a Key Management Service server Whereas home users will always use individual activation you may nee
20. K is the ability to inventory your licenses and help with licensing audits A license audit is accomplished by identifying what software is installed and then comparing it to what software has been purchased Once you add MAKs to VAMT you can access the Refresh Remaining Count command to query the Microsoft licensing site and identify exactly how many remaining activations exist for the MAK This tells you both how many licenses are purchased for any MAK you add to VAMT and how many remain In large organizations license audits will often be accomplished using advanced tools such as System Center Configuration Manager SCCM Using a MAK Proxy Although you can use VAMT to activate clients with a MAK you may have noticed a prob lem for the computers working in an isolated network By definition the isolated network wouldn t have access to the Internet On one hand you would use VAMT for activation of computers in isolated networks but on the other hand the VAMT computer accesses both the network and the Internet which would violate the security rules of ensuring the iso lated network remains isolated Instead you can use VAMT as a MAK proxy One instance of VAMT is in the secure network and captures data from the secure computers Another instance of VAMT is installed on a computer with access to the Internet It acts as a proxy to connect to the 50 Chapter 1 Planning for the Installation of Windows 7 Microsoft licensing site pres
21. Mode The only pieces that are missing from this puzzle are the steps you need to take to cre ate a Virtual PC image Exercise 1 7 shows you the steps needed to create a virtual PC machine You can then install an operating system within this virtual machine EXERCISE 1 7 Creating Other Virtual PC Machines 1 Launch the Virtual PC console by clicking Start gt All Programs gt Windows Virtual PC gt Windows Virtual PC 2 Click Create Virtual Machine in the title bar 3 Enter a name for your VPC in the Name text box You can either accept the default location for the VPC or select another location Your display will look similar to the following graphic Click Next Virtualization Considerations 37 EXERCISE 1 7 continued GU E gt Daril Virtual Machines 4 f Search Virtual Machines pl File Edit View Tools Help Organize Include in library Share with Burn Create virtual machine New folder e i Name Machine status Memory Primary disk SY Favorites I Public desktop ini 3 Recently Changed Windows XP Modevma Hibernated 512 MB C A WindowsXPMode W E Desktop i Downloads F Recent Places Ww IE Create a virtual machine z Libraries r cee E Documents Specify a name and location for this virtual machine cume d Music E Pictures Name Clienti amp SharedDocsLaptop x You can choose a name that helps you identify the virtual machine For example f Videos you can use
22. Service KMS servers could be used for activation or a combination of the two can be used MAK and KMS require a more complex license infrastructure and will be explored in greater depth later in this chapter Activation will ultimately be paired with the product key and your computer The acti vation process collects information on the computer to uniquely identify it but it does not collect any information on the user When installing Windows you ll receive the prompt Automatically Activate Windows When I m Online If this box is checked activation will be attempted three days after the user logs on the first time If it is not checked the user will be prompted to activate before the grace period expires Windows 7 Activation Grace Period Windows 7 has a grace period of 30 days before it needs to be activated During this time users will see a pop up reminding them they need to activate This starts as a once a day pop up four days after the installation and increases to as often as once an hour on day 30 On day 31 a message will appear indicating that you must activate Windows to con tinue using all Windows features A logical question is What features can t be used In past versions of Windows Microsoft introduced a reduced functionality mode where users can browse the Internet for one hour before having to log off and back on again 44 Chapter 1 Planning for the Installation of Windows 7 At this writing it appear
23. ad of going through the Software Assurance program Home users can upgrade to Windows 7 Ultimate from either Windows 7 Home Premium or Windows 7 Professional PP Windows 7 Ultimate doesn t include any ultimate extras as Windows ga Vista Ultimate did These extras in Windows Vista were advertised to entice some users to purchase Windows Vista Ultimate Instead of get ting extras not available elsewhere the reason to purchase Windows 7 Ultimate is to have the features found in the Enterprise edition such as BitLocker AppLocker and BranchCache Table 1 1 shows a comparison of many of the features included in Windows 7 Professional Windows 7 Enterprise and Windows 7 Ultimate Since there is very little difference between Enterprise and Ultimate they are shown in the same column Some of the features that are more relevant for desktop administrators working in an enterprise environment are covered after the table 4 Chapter 1 Planning for the Installation of Windows 7 TABLE 1 1 Windows 7 versions and features Feature Windows 7 Professional Windows 7 Enterprise and Ultimate 32 bit and 64 bit versions AppLocker Backup and Restore center BitLocker Drive Encryption BranchCache Distributed Cache DirectAccess Fast user switching File and printer sharing connections Home Group Subsystem for UNIX based applications Virtual hard disk booting Volume licensing keys Windows Aero Windows Media Cente
24. ailable for this Display Computer name domain and workgroup settings Computer name Client1 PC Change settings Full computer name Client1 PC F Sen alse Computer description Py Workgroup WORKGROUP Windows Update Windows activation ee Information and A 27 days to activate Activate Windows now ols Product ID 00426 065 0543977 86401 Change product key If your system is connected to the Internet you can simply click this link Your system will connect to Microsoft s servers some information on your computer will be trans ferred back and forth and a moment later you ll be notified that activation was successful Microsoft stresses that the information transferred during the activation process can be used to identify your computer but it does not include any information on the user Once the system is activated the countdown to activate will be replaced with a message saying Windows is Activated Windows activation is considered permanent although Windows does periodically check to ensure that the system is the same Planning and Managing Client Licensing and Activation 45 Detecting Changes Periodically Windows 7 will verify that the copy of Windows is valid and is operating on the same system where it was originally installed If significant changes are detected the activation will be reversed and the system will need to be reactivated The most common scenario where this occurs is when imaging software suc
25. alk you through the steps needed to install Windows 7 from the installation DVD Installing Windows 7 from the Installation DVD 1 Place the Windows 7 installation DVD in the DVD drive and boot the system After a moment the Install Windows screen will appear as shown in the following graphic t Install Windows a E Windows 7 Language to instal POOLE OCES ER English United States Keyboard or input method Enter your language and other preferences and click Nad tog Although it looks like you have minimal choices here you can press Shift F10 to access the command line from this menu In the Creating a Bootable VHD exercise later in this chapter you ll access the command line to create and configure a VHD file Chapter 1 Planning for the Installation of Windows 7 EXERCISE 1 1 continued 2 Select the appropriate Language To Install Time And Currency Format and Keyboard Or Input Method and click Next Click Install Now Review the license terms and select Accept The License Terms Click Next Select Custom Advanced to install a new copy of Windows If an existing version exists that can be upgraded to Windows 7 you can select Upgrade Select the partition where you want to install Windows Notice that you can create additional partitions from this screen However if you start with anything other than a single precreated partition Windows will create a partition labeled System Reserved
26. all Windows 7 from the DVD and know what to do with issues that may appear Designing User State Migration Be familiar with the User State Migration Tools USMT ScanState and LoadState The USMT are part of the Windows Automated Installation Kit Windows AIK for Windows 7 The two most important tools are ScanState and LoadState ScanState can collect user state data including files and settings and put it in a migration store LoadState can then read the migration store and apply it to a new instal lation of Windows 7 USMT can be used to migrate data using in place migrations wipe and load migrations and side by side migrations In place migrations can be automated with a batch file that will retrieve data from the Windows old folder created when Windows 7 is installed on a computer with a previous version of Windows Considering virtualization Know how to use Windows XP Mode and Windows Virtual PC Windows 7 introduces Windows Virtual PC Entire operating systems can be hosted in Windows Virtual PC and you can use Windows XP Mode to host specific applications Applications hosted in Windows XP Mode can be launched from the Windows 7 Start menu or configured to start from shortcuts Windows XP Mode works best when processor virtualization technologies are used and virtualization is enabled in the BIOS KB 977206 provides a workaround Intel calls this Intel VT and AMD calls this AMD V 56 Chapter 1 Planning for the Installation of Wi
27. and and press Enter to create a 40GB expandable virtual disk file Create vdisk file c Windows7 vhd maximum 40960 type expandable You can name the vhd file anything you want enter a different maximum size or omit the type expandable statement to create a fixed size file If you choose a fixed size it will take several minutes to complete and will show the progress After the file is created Diskpart will display the message Diskpart successfully created the virtual disk file 28 Chapter 1 Planning for the Installation of Windows 7 EXERCISE 1 4 continued 5 10 11 12 13 Type the following command and press Enter Select vdisk file c Windows7 vhd Diskpart will indicate it has successfully selected the virtual disk file Type the following command and press Enter Attach vdisk Diskpart will indicate it has successfully attached the virtual disk file Type Exit and press Enter to exit Diskpart Type Exit and press Enter to exit the command prompt window You will now see the Install Windows screen you saw before pressing Shift F10 Make sure the correct language time and currency and keyboard or input method are selected and click Next Click the Install Now button Review the license terms select the check box Accept The License Terms and click Next Click the Custom Advanced type of installation The Where Do You Want To Install Windows screen will appear with at least two disks show
28. anning for the Installation of Windows 7 Installing Windows AIK Including the USMT 1 If prompted after inserting the DVD select Run The StartCD exe If not prompted browse to the StartCD exe file using Windows Explorer and double click it to start Windows AIK The installation screen appears as shown in the following graphic 75 Welcome to Windows Automated Windows 7 Welcome to Windows Automated Installation Kit The Windows Automated Installation Kit Windows AIX helps you to customize configure and deploy the Windows 7 and Windows Server 2008 R2 operating systems To run the Windows AIK your technician computer must use the Windows Server 2003 SP 1 Windows Vista SP 1 Windows Server 2008 Windows 7 or Windows Server 2008 R2 operating system Select the Windows AIK Setup link on the left On the Welcome screen click Next Review the license agreement select Agree and click Next og fF YW DN Accept the default installation folder of C Program Files Windows AIK and the choice Install This For Everyone Click Next D On the Confirm Installation screen click Next 7 When the installation completes click Close 8 The Microsoft Windows AIK folder is available in the All Programs menu Once the Windows AIK is installed you ll have several program links on the Start menu within the Microsoft Windows AIK Start menu folder These include Deployment Tools Command Prompt This launches a c
29. count is deleted on the KMS server If the activation count falls below the activation threshold the KMS host will stop activating clients c If clients can t connect for 180 days client activation expires Planning and Managing Client Licensing and Activation 53 3 If the client succeeds in reaching the KMS host the activation will be renewed a Once the client is activated the seven day counter will be reset on the KMS client b The 180 day counter for the KMS client activation is renewed c The KMS host creates a new record for this client for the activation count which is kept for 30 days The original record is deleted 4 Seven days after the client is temporarily activated the process starts again Working with KMS In order for the KMS to respond to activation requests the firewall needs to be properly con figured on the KMS server If the Windows firewall is being used the KMS Traffic exception can be enabled If a third party firewall is being used you ll need to open port 1688 In addition you can use the Software Licensing Management Tool sImgr vbs to con figure and manage specific settings on the KMS server Table 1 3 shows some of the common switches used with KMS TABLE 1 3 Simgr switches used with KMS Switch Description sprt H Use this switch to change the default port number if necessary The default port number is 1688 cdns This will disable automatic DNS publishing by a KMS host The
30. d to use one of the other methods in larger or isolated enterprises Choosing a Windows 7 Edition When planning a migration or tech refresh a simple question to ask is what Windows 7 edition is needed Windows 7 offers six editions but you ll quickly whittle down the choice to just three for an enterprise because the first three are too basic for a work environment P Microsoft lists this topic in some documentation as Choosing a SKU A Stock Keeping Unit An SKU is the number associated with the bar code you see on just about any product these days These are the three basic editions that you won t see in an enterprise Windows 7 Starter Some original equipment manufacturers OEMs preinstall this edi tion on specialized computers It includes the fewest features and it will not be available in 64 bit versions Choosing a Windows 7 Edition 3 Windows 7 Home Basic This is available only in certain countries referred to as emerging markets and it includes very limited capabilities It will not be available in the United States Windows 7 Home Premium Windows 7 Home Premium is designed for home users It includes the Windows Media Center which can be used to record and play back TV shows or other media It can also easily integrate on a home network with other devices such as Xbox gaming systems Systems running this edition can t join a domain If you re a desktop support technician or desktop administrator working i
31. e captured files and settings can be restored to the Windows 7 operating system with the following command The only thing that will change is the letter of the drive where the store folder is stored For example it may be G on the original installation that had mul tiple partitions but the external drive may be E on a system that has Windows installed with only a single partition and a single DVD drive LoadState exe e store v 13 c lac P sswOrd lae i MigApp xml i MigDocs xml sf hardlink nocompress Determining Which User Data and Settings to Preserve When running ScanState you have some choices for which data and settings to preserve The easiest choice is to accept the defaults as we ve done in this chapter If your environ ment is typical and doesn t include any critical one of a kind applications this choice will meet most if not all of your needs You can modify the defaults with the following files MigDocs xm1 This file includes rules used to find user documents on a computer Some of the common file types identified in this document are accdb ch3 csv dif doc dot dqy iqy mcw mdb mpp one oqy or6 pot ppa pps ppt pre pst pub qdf qel qph qsd rqy rtf scd sh3 slk txt vl vsd wk wod wps wql wri x1 xla x1b and x1s 22 Chapter 1 Planning for the Installation of Windows 7 MigApps xm1 This file includes the rules used to migrate a
32. ents the data from the secure computers and receives acti vation data This activation data is then copied to the instance of VAMT in the secure environment not being used This would be common in secure networks with fewer than A MAK proxy is used to activate clients in a secure network when KMS is P 5 servers or fewer than 25 clients The following steps outline the process of using VAMT as a MAK proxy 1 Install VAMT on a computer in the secure network and in a network that has access to the Internet 2 Perform the following steps on the computer hosting VAMT in the secure network a Collect the status of the computers in the secure network using VAMT This data is referred to as a Computer Information List CIL and can be exported as a file b Copy the CIL to removable media such as a CD 3 Transfer the removable media to the computer hosting VAMT with access to the Inter net and complete the following steps a Import the CIL using VAMT b Use VAMT to connect to Microsoft and request Computer Identification numbers CIDs using this CIL c Export the CIL with the CIDs from Microsoft Copy the new CIL to removable media 4 Transfer the removable media holding the new CIL to the computer hosting the VAMT in the secure network and complete the following steps a Import the new CIL b Apply the new CIDs using MAK Proxy Activate While this process will work for networks of any size there is an easier and more auto mated
33. expand as data is added to the file The fixed size is quicker since it doesn t need to expand dynami cally while the expandable size consumes only the space needed Exercise 1 4 shows how you can configure a system to boot to a virtual hard drive host ing Windows 7 In the exercise the host system is running 64 bit Windows Vista and the installation DVD is 64 bit Windows 7 Virtualization Considerations 27 Creating a Bootable VHD 1 Turn onthe Windows Vista system and place the Windows 7 installation DVD in the system When the system starts select the option to boot from the DVD 2 When the initial installation screen appears prompting you to select a language time and currency format and keyboard or input method press Shift F10 This will launch a command prompt window with the prompt X Sources gt X is mapped to the DVD drive and it is pointed to the Sources folder in the drive 3 Atthe command prompt type diskpart and press Enter After a moment the com mand prompt will change to DISKPART gt and your display will look similar to the fol lowing graphic Install Windows E Windows 7 Ue Case C English United States Keyboard or input method US Ex Administrator X windows system Ae jicrosoft Windows Version 6 1 7680 amp Sources gt Diskpart jicrosoft DiskPart version 6 1 7600 opyright lt C gt 1999 2088 Microsoft Corporation computer MINWINPC DISKPART gt 4 Type the following comm
34. from the virtual machine USB devices USB devices plugged into the host system can be accessed from the virtual machine You can install the Integration Components by following the steps in Exercise 1 8 Installing Integration Components 1 With a Windows Virtual PC console open click the Tools drop down menu and select Install Integration Components An AutoPlay box will pop up 2 Click Run Setup exe within the AutoPlay dialog box 3 A Welcome page will appear Click Next on the Welcome page and click Yes when prompted by User Account Control After a moment the installation will complete 4 Click Finish and then click Yes to restart your computer After you reboot and log onto the system you ll find that your mouse now treats the VPC environment just like any other window but you re not finished yet Virtualization Considerations 39 EXERCISE 1 8 continued 5 Select the Tools drop down menu and select Enable Integration Features You ll be prompted to provide credentials that will be used on your system Enter the user name and password you used when creating the VPC image and click OK Windows Virtual PC Menu The Windows Virtual PC interface is different from the Microsoft Virtual PC interface As a matter of fact it doesn t look like an interface at all Instead it looks like Windows Explorer with a couple extra menu items Figure 1 6 shows the Windows Virtual Machines console It shows the virtual machine
35. h as Symantec s Ghost is used It is possible to make an image copy or clone of a system and then use this cloned copy on other computers The license for the original system wasn t purchased for the other computers and Windows 7 will detect that the operating system that was activated on the original system is now located on a different computer Once the change is detected activation will be revoked and the client will need to be reactivated This can also occur if too many changes are made to the hardware of a system For example if the motherboard of a system is replaced Windows 7 may assume it s been moved to a dif ferent computer This can usually be resolved with a phone call to a Microsoft help center to obtain a new key P Cloning systems can also result in duplicate security identifiers SIDs To Si prevent duplicate SIDs on a network the Sysprep program is run before capturing the image Sysprep sanitizes the system by removing unique information such as the computer name and SIDs It also resets the licens ing information used for activation requiring computers receiving the image to be activated separately Software Manager Licensing Manager Tool The Software Licensing Management Tool is a built in Visual Basic script sImgr vbs pro gram that can be used for licensing and activation tasks It includes several options that are entered as a switch Some of the options directly relate to the clients and are covered in
36. han a full version of the oper ating system VECD uses a device based subscription license and is available with two configurations VECD for Software Assurance SA currently priced at 23 year VECD currently priced at 110 device year Once VECD is purchased you can deploy as many as four virtual desktops on any single system This doesn t include the cost of the host operating system The host operat ing system could be Windows 7 Windows Server 2008 Windows Server 2008 R2 or other operating systems VECD offers many benefits including these Rights to move virtual machines between systems for increased reliability Unlimited backup of virtual machines Ability to access up to four running VM instances per device Rights to access corporate desktops from home for a user who has already been licensed at work Licensing of Microsoft products can easily get complicated and pricing often changes When you re looking at purchasing licenses you should locate a Microsoft Licensing Specialist through a Microsoft partner Remember these two key points however No additional licenses are needed to use Windows XP Mode with the built in Windows XP client VECD includes licenses for up to four virtual machines Summary In this chapter you learned about the different editions of Windows 7 that will be used in an enterprise including many of their different features and capabilities Once Windows 7 is installed yo
37. ide by side migration Remotely means you re storing the migration data in a shared folder on a server in your network Storing data on a network share can be very convenient but it can also result in a sig nificantly slower migration process A migration store can hold a large amount of data With the size of files and the abundance of hard drive space it would be easy for a user to accumulate 10 GB of data or more If you re saving this to a network share over a 10OMbps or even a 100Mbps network connection you ll be waiting awhile Not only will you be waiting but users on the network may also find themselves waiting longer than normal You should consider how storing the data on network shares affects the rest of the network If the network is already busy and you begin moving gigabytes of storage over it things may slow to a crawl and users will start complaining If your network infrastructure is reliably running with GB network interface cards rout ers and switches you will probably be able to use network storage without any problem Designing User State Migration 23 Securing Migrated Data The amount of data included in a migration store can be considerable and depending on the user s job responsibilities the data can be sensitive Any migration stores with sensitive data should be protected until they are used to restore the user s files and settings They should be destroyed after the user s files and settings have been
38. ighest level of verbosity It will provide a significant amount of output to the log that can be viewed later The lowest level is 0 which logs only errors and warnings a c tells ScanState to continue to run even if errors are encountered 16 Chapter 1 Planning for the Installation of Windows 7 a 1ac P sswOrd specifies that local accounts should be created if they don t already exist If the lac switch is not used local accounts will not be migrated The same password will be used for all migrated accounts and if a password is not specified the password will be empty You should use caution if using the password in a batch file because it will be stored in clear text and anyone with access to the batch file can read the password lae specifies that local accounts should be enabled The lac switch must be used to migrate the accounts When it is used all migrated accounts will be enabled i MigApp xm1specifies that the MigApp xm file which is included in the USMT folder will be used to identify application settings to migrate i MigDocs xm1 specifies that the MigDocs xml1 file which is included in the USMT folder will be used to identify document types to migrate sf restores shell folder redirection if a user had previously used folder redirection on any of their user folders For example a user may have redirected the My Documents folder to be stored on a server share or on a different partition hardli
39. ing Below the physical disks and partitions you will see the virtual disk file represented as a disk with a total size of 40 GB and free space of 40 GB unless you created it as a different size In my test system it has one physical disk shown as Disk 0 and the vhd disk as Disk 1 Unallocated Space Select the virtual disk and click Next At this point the installation of Windows will progress as would a normal Windows 7 installation You can follow the exercise earlier in this chapter to install Windows 7 from the DVD if desired When it completes and reboots you ll see a dual boot screen The Windows 7 choice will be first and if you don t take any action it will boot to the Windows 7 VHD file in 30 seconds You can modify this behavior with bcdedit which is covered in more depth in Chapter 5 Maintaining and Troubleshooting Windows 7 A A warning may appear saying Windows cannot be installed to this disk P Show Details indicating the hardware is not compatible Don t believe it Continue on I ve seen that message on two different systems but the installation and operation worked without any problems could identify Virtualization Considerations 29 Windows XP Mode Windows XP Mode is a virtualization technology that addresses a specific problem that prevented many people from moving from Windows XP to Windows Vista Many applica tions worked well in Windows XP but would not work in Windows Vista I
40. irable access is not possible and manual activa tion via the phone is not desirable Can be used for any number of clients Requires a minimum of 5 servers 25 clients or a combination of 25 servers and clients Volume Activation Management Tool Although a KMS server is used it s not VAMT can be used with a MAK proxy referred to as a proxy Supports clients duplicated from a single Supports clients duplicated from a single image image 48 Chapter 1 Planning for the Installation of Windows 7 JTE and Windows 2008 R2 It includes some great explanations and a lot more detail on both the KMS and MAK processes You can access it here http technet microsoft com library dd878528 aspx jM Microsoft has published the Volume Activation Planning Guide for Windows 7 Multiple Activation Key Large enterprises can purchase a Multiple Activation Key MAK which is a single key that can be used to activate many clients For example a company could purchase 100 licenses using a MAK This single key is used for the image and activation over the Internet is automatic A common method used to deploy the operating system to multiple computers is the use of imaging technologies Chapter 2 will cover different imaging technologies including Windows Deployment Services WDS in more depth A single MAK is used and doesn t need to be reentered for each installation MAKs are purchased from Microsoft partners for a specific number of clie
41. isolated environment without Internet access you can use this command to force activation right away Display License Information The slmgr d1i command can be used to display information on the license used for this system When executed it will show the name description a partial product key and the license status of the current license As an example Figure 1 12 shows what it looks like on one of my systems FIGURE 1 12 Displaying license information Windows Script Host Z Name Windows R 7 Ultimate edition Description Windows Operating System Windows R 7 RETAIL channel Partial Product Key 8V6MQ License Status Licensed OK You can also execute it as sImgr d1i all to display information on all licenses on the system Other licenses will indicate they are not in use and the status is Unlicensed Install Product Key The slmgr ipk lt Product Key gt command can be used to install a new product key This can be useful if the system is configured to use a KMS but you want to switch it to use a MAK Display Detailed License Information You can use the slmgr d1v command to get more detailed information on the license The result includes several identification numbers and certificate URLs It will also show the status of the license and the remaining rearm count Planning and Managing Client Licensing and Activation 47 Expiration Data for Current License The command slmgr xpr can be used to indica
42. m previous operating systems you may not have been overjoyed by the performance I know I wasn t However you ll find significant improvements in the USMT on Windows 7 In addition the time required to perform a migration has been substantially reduced The User State Migration Toolkit is a part of the Windows Automated Installation Kit AIK for Windows 7 Older versions of the AIK exist so you need to ensure you have the version specifically designed for Windows 7 You can use the USMT to migrate data from Windows XP Windows Vista or Windows 7 It supports the following migration paths Windows XP to Windows Vista Windows XP to Windows 7 Windows Vista to Windows 7 Windows 7 32 bit to Windows 7 64 bit The Windows AIK is available as a free download from Microsoft s download site www microsoft com downloads by searching for Windows Automated Installation Kit AIK for Windows 7 This download is an iso file so you ll need to burn it to a DVD _ Burning a CD or a DVD from an iso file is built into Windows 7 Place the gr disk in the drive and then use Windows Explorer to browse to the iso file Right click the file and select Burn Disc Image Windows 7 will do the rest Once you download the Windows AIK for Windows 7 and burn the image to a DVD insert the DVD into your computer s drive You can then follow the steps in Exercise 1 2 to install the Windows AIK which includes the USMT 12 Chapter 1 Pl
43. method for larger networks In any isolated network with more than 5 servers more than 25 clients or a combination of more than 25 clients and servers you can use the Key Management Service MAK keys cannot be used with the Key Management Service but instead KMS keys are used Key Management Service and Licensing Infrastructure The Key Management Service is used for enterprises with a large number of clients in secure networks Clients will access the KMS server for temporary activation instead of connecting to Microsoft s activation servers for permanent activation Planning and Managing Client Licensing and Activation 51 Two important concepts are worth repeating with KMS Activation is temporary Clients are not permanently activated Instead they must peri odically connect to the KMS server to be reactivated Temporary activation will last for 180 days KMS is used for a large number of clients Specifically KMS can be used only if there are five or more servers or 25 or more clients and servers that need to be activated by KMS If the numbers fall below this threshold KMS will stop reactivating clients You can download KMS for free Go to ww microsoft com downloads and search for Key Management Service You can install it on Windows Server 2003 Windows Server 2008 or Windows Server 2008 R2 If you re running a KMS server on a Windows Server 2008 server you can update it to provide activation for Windows 7 and Wind
44. n an enter prise you ll focus on the following three editions used in work environments Windows 7 Professional Windows 7 Professional is intended for high end home users and small business users It can join a domain support a remote desktop and run applications in a virtual environment using Windows XP Mode It does lack some of the more advanced features Windows 7 Enterprise The Windows 7 Enterprise edition is available only to organiza tions that have a Software Assurance contract with Microsoft and is purchased through a volume license Home users won t have access to this but businesses with as few as five PCs can purchase Software Assurance Some key features included in this edition are BitLocker AppLocker and BranchCache Each of these will be explored in greater depth in later chapters BitLocker covered in Chapter 11 Managing Security in Windows 7 can be used to protect data on both internal and external drives including USB flash drives AppLocker covered in Chapter 6 Configuring and Troubleshooting Application Issues can be used to prevent unauthor ized software from running BranchCache covered in Chapter 12 Supporting Mobile Windows 7 Users allows clients in remote locations to cache data used by others in the same location Windows 7 Ultimate The Windows 7 Ultimate edition includes all of the features found in the Enterprise edition and home users using a single license can purchase it inste
45. nd open the loadstate 1log file and the scanstate log file With a verbosity level of 13 used in the commands you ll see that a lot of data has been logged and can be reviewed to view the activity of both commands 18 Chapter 1 Planning for the Installation of Windows 7 While the previous exercise had you create a batch file with the ScanState and LoadState commands it is possible just to execute the commands at the command prompt However if you have created the batch file you can create your own portable tool that can be easily executed on any system to perform an in place migration Creating a Portable USMT Batch File If desired you can make your batch file a little more portable Instead of installing the Windows AIK for Windows 7 on every computer that you are migrating you can copy the appropriate files to a USB flash drive or CD These files consume only about 50 MB You can then bring your USB flash drive or CD to any computer that has had an in place migration run the batch file and the migration will be done in minutes PP For more on this process check out the TechNet article Building a USB i Drive to Store USMT 4 0 Files and Simple Commands You can read it here http technet microsoft com library dd940094 aspx You ll still need to install the Windows AIK onto a Windows 7 computer Once it s installed on any Windows 7 computer you can use Windows Explorer to copy the USMT folder onto the portable media
46. nd settings and then later restore them but the process is a little different The two possible scenarios are a wipe and load migration or a side by side migration Wipe and load migration A wipe and load migration uses the same hardware but removes all data on the partitions A simple example would be a system that has multiple partitions that aren t needed in Windows 7 so the drive is reconfigured as a single parti tion Repartitioning the disk will result in the loss of all the data so before this is done ScanState is run to capture all the files and settings The ScanState data can be stored on a server as shown in Figure 1 2 stored on an external USB drive or even stored on a USB flash drive if the user doesn t have much data After Windows 7 is installed LoadState is executed to restore these settings from the server or the external USB or flash drive Figure 1 2 shows a wipe and load migration FIGURE 1 2 Wipe and load migration Original File Computer Server Side by side migration Ina side by side migration a user has an older computer system that will be replaced ScanState is run on the older system and this older system is then decommissioned The ScanState data can be stored on a server as shown in Figure 1 2 stored on an external USB drive or stored on a USB flash drive if the user doesn t have much data A newer system with Windows 7 is provided and LoadState is executed on it to restore the files and settings
47. ndows 7 Planning and managing client licensing and activation Be familiar with different licensing and activation methods used in an enterprise Windows clients should be activated within 30 days of installation If access to the Internet is available activation can be configured to occur automatically and will normally occur three days after the install Large organiza tions can use a Multiple Activation Key MAK which is a single key that includes licenses for multiple clients If clients will never have access to the Internet a Key Management Service KMS server can be used to activate clients KMS requires a minimum of 5 servers or any combination of 25 clients and servers Clients will periodically contact the KMS server to renew their activation If you have fewer than 25 clients you can use the Volume Activation Management Tool VAMT with a MAK proxy to activate the clients The VAMT can also be used to identify how many licenses remain on a MAK
48. ned off FIGURE 1 9 Windows Virtual PC Settings Setting LJ Name Current Value D Networking Number of network adapters Windows7 BE Memory 1 512 MB Ga Hard Disk 1 Windows7 vhd ig Hard Disk 2 None Ga Hard Disk3 None ig Undo Disks Disabled DVD Drive G COML None FP com2 None Adapter 1 Adapter 2 Not connected Shared Networking NAT Adapter 3 Realtek PCle GSE Family Controller Cd Networking W integration Features S keyboard Logon Credentials E Auto Publish x Close Network adapters 2 Auto Enable Full screen None Enabled Show message Adapter 4 Intel R WiFi Link 5100 AGN PANTECH UM175 WWAN Driver 3 The virtual machine must be shut down before you can add or remove a network adapter How do shut down You can use Shared Networking NAT or a network adapter to access an external network Use Internal Network to communicate with other virtual machines on this computer More about networking and virtual machines 42 Chapter 1 Planning for the Installation of Windows 7 As an example the network adapters will start as being configured to use the network adapters on your system In the figure the VPC network adapter is currently configured to share the WiFi network adapter connected to my system It will have access to my system on a simulated network and can access the Internet However if I select Not Connected it will be completely isolated If
49. nish g Review the Windows XP Mode License Agreement Click the check box Accept The License Terms and click Next h You will be prompted to identify the installation folder and enter credentials for an XP Mode user account as shown in the following graphic Accept the default installation folder and enter a password in the Password and Confirm Password text boxes Make sure that the Remember Credentials Recommended check box is checked Click Next Virtualization Considerations 33 EXERCISE 1 5 continued Installation folder and credentials Installation folder C Users Darril AppData Local Microsoft Windows Virtual PO Virtual Browse Create credentials User name XPMUser Password eeeeeeee Confirm password eeeeeeee W Remember credentials Recommended More about credentials for Windows XP Mode With Remember Credentials checked users won t be prompted to enter credentials when using Windows XP Mode i Enable automatic updates by selecting Help Protect My Computer By Turning On Automatic Updates Now and click Start Setup It will take several minutes for the setup to complete Once it completes a window will open with the Windows XP Mode desktop Windows XP Mode is now installed on your system However it won t be of much use until you install some applications and configure them to run within your Windows 7 sys tem The next section leads you through this process Running Applications from Wind
50. nk is used for in place migrations to retrieve the data from the Windows old folder It requires the use of the nocompress switch nocompress specifies that data is not compressed P ing a full listing of all the switches are included in the USMT chm help file included with the Windows AIK You can access this help file in the C Program Files Windows AIK Docs CHMs folder w More details on both the ScanState and LoadState commands includ Exercise 1 3 will lead you through the process of creating a batch file and running it to migrate user data for in place migrations This assumes that the computer was running Windows XP Windows Vista or Windows 7 and that a clean installation of Windows 7 was then performed on the system Data from the previous installation is stored in the Windows old folder of the C drive Last the Windows AIK for Windows 7 is also assumed to have been installed on this system Running USMT in a Batch File 1 Launch Windows Explorer and browse to the C drive Create a folder called MyUSMT 2 Right click within the folder and select New gt Text Document Press Enter to open the text document Designing User State Migration 17 EXERCISE 1 3 continued 3 Type the following lines in the text document Note that the ScanState and LoadState commands span two lines in this book but they should be entered as a single com mand in the document Cd c Program Files Windows AIK Tools USMT x86 rem
51. nology Intel R Hyper Threading Technology Intel R 64 Architecture Other Intel Technologies Supported Enhanced Intel SpeedStep R Technology Intel SSE Yes keel SSE2 Yes Irtel R SSE3 Yes Intel SSE4 Yes Information Inte processor numbers are not a measure of perform appeal CL ere famly not across dfferent processor families See Ae Z freon intel com products processor_number or details I have an older AMD system that doesn t support virtualization After running the AMD Virtualization Compatibility Check Utility the screen shown in Figure 1 5 appeared This utility can be downloaded from AMD s support site at this address http support amd com us Processor_TechDownloads AMD V_Hyper V_ Compatibility_Check_Utility_V2 zip FIGURE 1 5 AMD Virtualization Compatibility Check Utility Test Results from Microsoft Hyper V compatibility check for systems with AMD processors This system is not compatible with Hyper V This utility detected that a necessary BIOS patch is not installed Please contact your system vendor to determine whether a BIOS upgrade is available If so upgrade your BIOS and re run the utility AMD7Z1 If not consider upgrading to a new AMD64 system to get the latest in virtualization capabilities performance and power efficiency AMD s most current processors do not require a BIOS patch to run Hyper Vv This utility detected that AMD Virtualization AMD V Technology is not enabled
52. nterestingly this problem prevented people from moving to Windows XP from Windows 2000 in the early XP days It seems to be a common problem but Windows XP Mode may be a definitive solution for those considering Windows 7 Microsoft spent a lot of time and effort on Windows XP Mode and from P everything I ve seen it looks like it ll be a success It s not uncommon for Microsoft to use test topics to amplify the importance of features they ve added If you re preparing for the 70 685 and 70 686 Windows 7 exams make sure you understand the benefits and requirements for Windows XP Mode Windows XP Mode is a virtual instance of Windows XP running within Windows 7 Applications that won t run in Windows 7 can be installed in this instance of Windows XP However Microsoft has engineered a great solution that doesn t require the user to launch Windows XP When Windows XP Mode is configured the user simply launches the legacy application from their Start menu and it appears as though it s running just as any other application would run Although Windows XP Mode is free with Windows 7 there are some requirements you need to worry about These include the following The processor must be capable of hardware virtualization Virtualization must be enabled in the BIOS At least 1 6GB free hard drive space must be available If your system will support it you can download and install Virtual PC for Windows 7 and then download and install
53. nts They should be used only for these clients and no others If your clients cannot access the Internet you can use a KMS server as will be explained later in this chapter You can also use the Volume Activation Management Tool with a MAK proxy to activate clients that can t access the Internet The most common scenario where clients can t access the Internet is when they host or access sensitive data and com pany policy specifically restricts them from accessing the Internet Volume Activation Management Tool The Volume Activation Management Tool VAMT version 1 2 is part of the Microsoft Windows Automated Installation Kit for Windows 7 covered earlier in this chapter It can be used to manage activation of Windows Vista Windows 7 Windows Server 2008 and Windows Server 2008 R2 You would use the VAMT if clients can t access the Internet or to manage MAK keys The overall process to use VAMT is as follows 1 Install VAMT on a host computer which can be any Windows Vista Windows 7 Windows Server 2008 or Windows Server 2008 R2 computer 2 Configure the Windows Management Instrumentation WMI firewall exception on all clients if not already configured and if the firewall is running Create a Computer Information List CIL as a group within VAMT Have VAMT collect license status information for clients in the CIL using WMI Add a MAK to the VAMT The number of computers activated with the MAK is tracked by Microsoft and yo
54. o unsuspecting users while also making the process smooth for users who have purchased valid versions With this in mind administrators have a responsibility to their company to help it develop sound licensing strategies and ensure they remain compliant with license agreements You should understand the basics of client activation that can be implemented in an organization Licensing Strategy and Compliance Windows 7 uses a product key and an activation process to help thwart counterfeiting Figure 1 10 shows the product key screen from the installation process You can still install Windows 7 without the product key by clicking Next on the installation screen but it won t successfully activate without the key Planning and Managing Client Licensing and Activation 43 FIGURE 1 10 Entering the product key E al Set Up Windows Type your Windows product key You can find your Windows product key on a label included with the package that came with your copy of Windows The label might also be on your computer case Activation pairs your product key with your computer The product key looks similar to this dashes will be added automatically E Automatically activate Windows when I m online Some product keys are designed for a single product and some product keys are designed for multiple products A Multiple Activation Key MAK uses a single key pur chased for many clients In larger organizations MAKs or Key Management
55. of about 100 MB as shown in the following graphic This partition includes the Windows Recovery Environment WinRE and ensures that all Windows features can work correctly Also once it s created you can t get rid of the partition without reinstalling the OS If you don t want this partition added you must format the entire drive as a single partition before starting the installation You can do so by accessing the command prompt by pressing Alt F10 at the Install Now page and using DiskPart You can later shrink the volume to create additional partitions Where do you want to install Windows Disk 0 Partition 1 System Reserved gt e Disk 0 Partition 2 399GB Primary wy Disk 0 Unallocated Space 87 0 GB fp Refresh A Delete P Format Load Driver Extend Notice that you can also delete extend and format partitions from this page You can also load a driver from this page if your hard drive isn t recognized Beware though if you repartition the drive you ll lose access to data that would normally be stored Local Installation 9 EXERCISE 1 1 continued 10 11 in the Windows old folder after the installation Once you have selected the partition click Next The installation will take several minutes to complete but it will be automated from this point When the installation completes and reboots you will be prompted to type a user name as shown in the following graphic As you enter the
56. ommand prompt at the C Program Files Windows AIK Tools PETools folder which gives you access to many of the files used when creating a Windows Preinstallation Environment Windows PE or WinPE Designing User State Migration 13 Windows System Image Manager This is used to create an unattend txt text file that can be used to automate an installation and to open images Documentation This provides links to several help files including the Unattended Windows Setup Reference the Windows Automated Installation Kit and the Windows PE User s Guide Not all help files are available here Notably for this chapter the help file for the USMT isn t accessible here even though it was installed The USMT help file is available in the C Program Files Windows AIK Docs CHMs folder and is named WAIK chm VAMT 1 2 The VAMT 1 2 folder includes a help file for the Volume Activation Management Tool VAMT and a link to launch the Volume Activation Management Tool You ll use more of these tools later in this chapter and in Chapter 2 For now the focus is on the USMT tools ScanState and LoadState Performing In Place Migration When you do the installation of Windows on a computer running Windows XP Windows Vista or Windows 7 you can do a Custom Advanced installation A message will appear similar to Figure 1 1 informing you that you can access files from the previous installation in a folder named Windows old FIGURE 1 1 Windows installation no
57. ow it s deliv ered to the user Brokered connections are easier for end users Determining a VHD Strategy A cool feature available with Windows 7 is the ability to boot to a virtual hard drive VHD The VHD format has been used with Virtual PC for many years but the abilities have been expanded significantly This can be done only with Windows 7 or Windows Server 2008 R2 but it can be a useful feature Dual boot environments allow you to boot to different operating systems One of the challenges with traditional dual boot environments is that you needed to ensure each operat ing system was installed on its own partition If not one OS could and usually did corrupt the other OS Now you can have multiple operating systems available on a single machine with a single partition When you ve finished with the operating system simply delete the VHD file You ll see how to create a bootable VHD later in this chapter The process creates a VHD file with an extension of vhd at the root of C You can name the file whatever you want the following exercise names it Windows7 vhd The size of the file should be at least 20 GB and is expressed in MB You can make it larger to accom modate more data and files 10 GB is 10240 so 20 GB would be 20480 30 GB 30720 and so on You can have the vhd file either fixed or expandable A 20GB fixed size will always take up 20 GB of space while a 20GB expandable file will start at less than 100 MB and
58. ows Server 2008 R2 Knowledge Base article 968915 http support microsoft com kb 968915 provides the information on this extension and links for the download and Server 2008 R2 You must install the earlier version and then extend it using KB 968915 However expect it s just a matter of time before Micro soft releases a single version download lt a At this writing there isn t a single download for KMS to support Windows 7 A TE KMS Activation Terms When discussing the Key Management Service KMS it helps first to understand the dif ferent terms associated with KMS Once you grasp the terms the process is much easier to understand I ve outlined many of the basic terms here KMS host The server hosting the KMS service is commonly referred to as the KMS host KMS client Clients configured to contact the KMS host are referred to as KMS clients DNS publication A KMS host can publish Domain Name System DNS SRV records server records to the DNS server using dynamic DNS within a Microsoft domain If DNS isn t configured to allow dynamic updates the SRV records must be manually configured on the DNS server so that KMS clients can locate the KMS host Activation threshold The minimum number of clients a network must have for KMS activation to work is referred to as the activation threshold A network must have at least 5 servers for server activation to work or a combination of at least 25 servers and clients for client
59. ows XP Mode Although the previous exercise showed you how to install Windows XP Mode the real value comes in using this to run applications in a virtual environment As an example imagine that a user has a program she uses quite a bit works well in Windows XP but does not work at all in Windows 7 You can add Windows XP Mode to her Windows 7 desktop and then install the legacy application in the Windows XP Mode virtual environment This feature is most valuable for applications that work in Windows XP but me not in Windows 7 However you can install any application in Windows XP Mode that will work in Windows XP The point of the exercise is not what you install but instead how it s accessed after it is installed 34 Chapter 1 Planning for the Installation of Windows 7 Exercise 1 6 will lead you through the steps to make an application available to end users As preparation for this exercise I downloaded IrfanView a freeware image viewer created by Irfan Skiljan However you can use any program and if you want to install another program substitute your program where I refer to IrfanView in the exercise Publishing Applications from Windows XP Mode 1 From the Windows 7 host machine click Start gt All Programs gt Windows Virtual PC gt Windows Virtual PC This will launch the Windows Virtual PC console 2 Right click the Windows XP Mode vmcx file and select Settings 3 Select Auto Publish and verify that Auto Publi
60. pplication settings It will migrate many common applications published by Apple Google IBM Intuit Microsoft and others MigUser xm1 This file includes rules that can be used to identify different elements of user profiles to include or exclude from the migration By default all users are migrated This file is not used to specify which users to migrate Config xml The Config xml file is optional and is created using the genconfig switch with ScanState It can be used specifically to exclude certain components or operating sys tem settings from the migration M If you want to limit the users who are migrated you can do so only from P the command line The ui switch user include can be used to specify accounts with both ScanState and LoadState When used only the speci fied accounts will be migrated You can t specify which users are migrated using any xml files The User State Migration Tool USMT 4 0 User s Guide includes the article What Does USMT Migrate which includes all the details of exactly what is migrated by default This user guide is in the form of a help file named USMT chm located in the C Program Files Windows AIK Docs CHMs folder when the Windows AIK is installed Local vs Remote Storage Considerations When creating the migration store you can use ScanState to store it locally or remotely Locally means you re storing the migration store on a removable USB drive or on an inter nal drive for a s
61. r Windows XP Mode x86 vs x64 Yes No Yes No No No Yes 20 Yes No No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes 20 Yes Yes Yes Enterprise only Yes Yes Yes Windows 7 comes in both 32 bit x86 and 64 bit x64 editions Let me state the obvious you must have 64 bit hardware in order to install the 64 bit edition It is also possible to install the 32 bit edition on 64 bit hardware The biggest benefit of using a 64 bit edition over a 32 bit edition is RAM random access memory With a 32 bit system you re limited to addressing and using no more than 4 GB of RAM But even that is limited Because of the way that RAM is addressed and used in Windows operating systems only about 3 3 GB of RAM is actually available when 4 GB is installed the rest of the RAM is unused because of how address space is reserved Choosing a Windows 7 Edition 5 However Windows 7 Professional Enterprise and Ultimate all support as much as 192 GB of RAM on 64 bit systems This gives you enough RAM to support multiple virtual environments hosted on a single system and also to support even the most demanding applications Years ago many applications didn t run effectively on 64 bit editions of Windows because of various compatibility issues However the era of 64 bit systems has arrived Many programs have both 32 bit and 64 bit versions and those that don t have a separate 64 bit edi
62. r processor is capable and you ve configured the BIOS you can begin downloading the software needed for Windows XP Mode You ll need at least 1 6 GB of free space The space can be on any available partition The two files you ll need to download and install are as follows Windows Virtual PC This is actually a Windows Update labeled as KB 958559 Both an x86 version for 32 bit systems and an x64 version for 64 bit systems exist Make sure you install the one that s right for your system This will require rebooting your system Windows XP Mode This file is about 480 MB It s a self extracting executable that will add Windows XP Mode to your system and install the instance of Windows XP that can be used to run legacy applications There is only one version of this file and it will work for both 32 bit and 64 bit systems You can find both Windows Virtual PC and Windows XP Mode at Microsoft s download site at ww download Microsoft com Search for Windows Virtual PC and Windows XP Mode and Windows XP Mode If you have an older version of Virtual PC you ll need to uninstall it first An easy way to see if you have a compatible ver sion is by the name if you re running a version called Windows Virtual PC it ll work because Windows Virtual PC was released with Windows 7 If you re running a version named Microsoft Virtual PC you ll need to unin stall it first i You ll need the version of Virtual PC designed to wo
63. rk with Windows 7 P 32 Chapter 1 Planning for the Installation of Windows 7 Exercise 1 5 will walk you through the steps to install Windows Virtual PC and Windows XP Mode Installing Windows Virtual PC and Windows XP Mode 1 Install Windows Virtual PC with the following steps a Launch Windows Explorer Browse to where you downloaded Windows Virtual PC and double click the executable This actually installs update KB958559 If it is already installed it will inform you that it is installed and you can continue with step 2 b At the prompt to install the Windows software update click Yes c Review the license terms and click Accept The installation will start and take a few minutes to complete d When the installation is complete you ll be prompted to restart the computer Click Restart Now 2 Install Windows XP Mode with the following steps a Launch Windows Explorer Browse to where you downloaded the Windows XP Mode file and double click it b When prompted by the Security Warning to run the file click Run c On the Welcome screen click Next d If your C drive has at 1 6 GB of free space you can accept the default location of C Program Files Windows XP Mode and click Next Otherwise choose another location e When prompted by User Account Control to continue click Yes f The installation will complete and the Setup Completed screen will appear Leave Launch Windows XP Mode checked and click Fi
64. rying to activate every two hours Even though the clients will stay activated for 180 days these failures will result in errors in the event logs Once two new clients are added to the network everything will normalize KMS Activation Process The KMS activation process is ongoing requiring the KMS clients to connect to the KMS host periodically Before the process can start an SRV record must exist in DNS so the clients can reach the KMS server Normally dynamic update will be configured in DNS which allows the KMS service on a KMS host to publish SRV records automatically to DNS Once this is configured no fur ther steps are required KMS clients then query DNS to locate the KMS host can t locate the KMS host because the SRV records aren t published in DNS activation won t occur If KMS was working and has stopped DNS should be checked to ensure the KMS host record exists These records will be in the _VLMCS _TCP folder on the DNS server i DNS is a critical component of the KMS activation process If KMS clients P Once the KMS client has located the KMS host the following process is used to tempo rarily activate the client 1 Every seven days KMS clients query DNS for the IP of a KMS host 2 KMS clients then try to renew their activation with KMS a If the activation fails clients continue to try every two hours b If clients can t connect to the KMS host for 30 days the record for the client in the activation
65. s I have added to my system one for Windows XP Mode one Windows 7 client named Client1 and one Server 2008 system I m using as a domain controller in the virtual environment FIGURE 1 6 Windows Virtual Machines console ole amp a T TA OW gt Daril Virtual Machines 4g Search Virtual Machines P File Edit View Tools Help Organize E Open Share with Burn Settings Create virtual machine New folder zoe Oh Favorites e Name Machine status Memory Primary disk Comments Ai J Public E Clientl vmex Hibernated 1 512 MB CAWindowsXPMode Clientt vhd Recently Changed 5 desktop ini W Desktop P Server2008 vmex Hibernated 1 512 MB indowsXPMode DC1 vhd l Downloads Windows XP Modevma _Hibernated 512 MB C dowsXPMode Windows X 2 Recent Places oa Ubrana ai z wr Server2008 vmex Filename Server2008 vmex Configuration file C WindowsXPMode S Memory 1 512 MB L a Maene AE EA Primary disk C WindowsXPMode D Size 930 bytes You can launch any virtual machine console from here by double clicking it You can also access the settings for any of the virtual machines by selecting the virtual machine and click ing Settings Some settings can be manipulated while the system is running or hibernated Other settings require you to shut down the virtual machine before you can modify them Once the virtual machine is launched yov ll see that it has a menu across the top as shown in Figure 1 7 Figure
66. s XP Mode Applications gt IrfanView Windows XP Mode Windows XP Mode will awaken from Hibernate mode and the application will launch in its own window Note that the full Windows XP desktop does not launch but only the application Browse to the Virtual PC console by clicking Start gt All Programs gt Windows Virtual PC gt Windows Virtual PC You ll see that the Windows XP Mode VPC has a status of Running Close the IrfanView application Click Start gt All Programs gt Windows Virtual PC gt Windows XP Mode Applications Right click IrfanView PC and select Copy to copy the shortcut to this program Access the Windows 7 desktop Right click and select Paste Shortcut to paste the program shortcut Double click the shortcut on the desktop to launch it You ll see that it launches the application just the same as it did from the Start menu 36 Chapter 1 Planning for the Installation of Windows 7 This exercise shows you how easily you can integrate virtual applications into a user s desktop Users don t have to know all the details of how the virtual applications are installed or how they work and many end users don t want to know They just want to be able to access an application when it s needed If an administrator configured the virtual application to run from a shortcut like this the user will have very little indication that anything is different They can still run their legacy application and you are still
67. s as though everything in Windows 7 still works in this reduced functionality mode The desktop background goes black with text indicating the copy of Windows is not genuine You can change the background but it will change back within about an hour Periodically an Activation window appears informing you the acti vation period has expired and prompting you to activate buy a new product key online retype your product key or view other ways to activate On Windows Server 2008 R2 the server companion to Windows 7 the server shuts down hourly after the activation period expires All of this can be frustrating when you use a system that isn t activated but there is a simple solution ensure the software is genuine and activate it You can activate Windows from the System page Click Start right click Computer and select Properties If you scroll down to the bottom of the page you ll see a Windows Activation menu similar to Figure 1 11 FIGURE 1 11 Viewing the Windows Activation status lt n ma Search Control Panel p gO pa gt Control Panel System and Security System Control Panel Home Device Manager System E Remote settings Rating System rating is not available E System protection Processor Intel R Core TM 2 Duo CPU P8600 2 40GHz 3 MHz Advanced system settings Installed memory RAM 148 GB System type 32 bit Operating System Pen and Touch No Pen or Touch Input is av
68. s can be significant if you re dealing with several GB of data It s fairly easy to put the ScanState and LoadState commands into a batch file that you can use to automate the migration of files and settings for multiple computers in your net work However before automating ScanState and LoadState it s good to know what the commands are doing The ScanState command is executed first The following line shows how it may be exe cuted to retrieve the migration data from the Windows old folder Note that even though it shows on more than one line in this book you should enter it as a single command without any returns ScanState exe c store v 13 o c hardlink nocompress efs hardlink i MigApp xml i MigDocs xml offlineWinDir c windows old windows Designing User State Migration 15 I realize it s long but the good news is that you don t need to modify it at all Just copy it from the book and it ll work for many common migrations The following bullets break down the command ScanState is the name of the command _c store is the location where the migration data will be stored v 13 indicates the highest level of verbosity It will provide a significant amount of output to the log that can be viewed later The lowest level is 0 which logs only errors and warnings o causes it to overwrite an existing migration store if one exists c tells ScanState to continue to run even if errors are encountered
69. sers enter a passphrase to unlock access to the drive The BitLocker to Go feature is new to Windows 7 BitLocker to Go can be used to encrypt and lock removable drives including USB flash drives Both BitLocker and BitLocker to Go will be explored in greater depth in Chapter 11 BranchCache BranchCache is useful for clients in remote offices that access data over virtual private network VPN links When data is stored on a Windows Server 2008 R2 server at the main office and BranchCache has been enabled users in the remote office are able to store a cached copy of the data on their local computers This is similar to Offline Folders which has been available for many versions of Windows but has a distinct difference Data cached on one Windows 7 computer can now be shared with other Windows 7 users 6 Chapter 1 Planning for the Installation of Windows 7 As an example consider several users connected in a remote office over a very slow 56KB wide area network WAN link to the corporate office Sally and Joe are users in the remote office and their computers are connected to each other using 100MB network inter face cards NICs Sally downloads an 8MB file from a Windows Server 2008 R2 server Later Joe wants to view the file and tries to access it from the same Windows Server 2008 R2 server BranchCache verifies that Joe has permission to access the file recognizes that the file is cached on Sally s computer and recognizes that Sally
70. sh is set to Automatically Publish Virtual Applications as shown in the following graphic Bi Windows XP Mode Windows Virtual BC Setangs oni ie Setting Current Value F I Auto Publish Name Windows XP Mode BE Memory 512 MB piara Dek Windows XP Mode 7 Automatically publish virtual applications ag Hard Disk 2 None cea Hard Disk3 None Gia Undo Disks Disabled eb ovo Drive G P com None FP com2 None Networking Network adapters L WY Integration Features Auto Enable Si Keyboard Full screen Logon Credentials Saved fT Auto Publish Enabled Close Hibernate You can add shortcuts to programs installed in the virtual machine to the Start menu More about virtual applications and Auto Publish 4 Click OK to close the Settings page and then double click the Windows XP Mode vmcx file to start the Windows XP Mode VPC 5 After Windows XP Mode starts install the application you downloaded Copy a shortcut for this program many applications including IrfanView place a shortcut on the desktop that you can copy 6 Right click the Start menu within Windows XP and select Explore All Users This will open Windows Explorer in this folder C Documents and Settings All Users Start Menu 7 Double click Programs and then paste the shortcut for the program that you installed into this folder After a moment this application will be available on your host system Virtualization Considerations 35
71. such as a USB flash drive Browse to the C Program Files Windows AIK Tools USMT folder Right click the USMT folder and select Copy Insert a USB flash drive Browse to the USB flash drive using Windows Explorer right click and select Paste At this point you ll have the entire contents of the USMT folder on the flash drive This includes the USMT folder used for 64 bit systems USMT amd64 and the folder used for 32 bit systems USMT x86 Now you ll need to create a batch file that can be used on any system The batch file used in the previous exercise can be used as a starting point but it will need to be slightly modified The USMT files need to be copied to the C drive on the system that is being migrated so the first step in the batch file is to copy these files This sounds simple enough but it s impossible to tell what the letter of the USB drive will be when it s plugged in on any given system That is when you plug the USB into Sally s computer the USB disk may be assigned the letter E but when you plug it into Joe s computer it might be assigned the letter F You can use the following If exist statement in the batch file to check to see if the USB flash drive is assigned the letter D It checks for the USMT folder at the root of D If it exists it assumes this is the USB flash drive and copies the USMT folder from the flash drive to the Windows folder on the C drive If exist D USMT XCopy
72. te the expiration date for the current license If the system has not been activated this will indicate the date and time when the 30 day grace period expires If the license has been permanently activated it will say The Machine is Permanently Activated If the system has been activated by KMS it will indicate the expiration of the KMS activation Volume Activation Methods For smaller businesses Windows 7 is purchased on an individual basis and the clients are automatically activated three days after the installation For larger enterprises volume activation methods are used to activate multiple clients with a single key There are two methods of volume activation Multiple Activation Key MAK Key Management Service KMS KMS is used when the clients can t access the Internet and require the use of a KMS server KMS requires significantly more administration than other methods of activation As an overview Table 1 2 shows some of the comparisons between MAK activation and KMS server activation It s important to realize that MAK keys and KMS keys are differ ent A MAK key can t be activated with a KMS server and a KMS key won t be activated over the Internet TABLE 1 2 Comparing MAK and KMS MAK KMS Activation is permanent Clients must connect to a KMS server peri odically to renew activation Used when access to the Internet is possible Used in isolated networks where Internet or manual phone method is des
73. the VPC isn t fully protected with anti malware software this is one way to isolate it In addition I could select Internal Network The VPC would be able to communicate with other VPCs that are active on my system but not the host machine or any systems external to the host machine Ctrl Alt Del You can t press the Ctrl Alt Del keys on a virtual system because this key combination is always trapped by the host system Windows Virtual PC provides the Ctrl Alt Del menu item that can be used to simulate pressing the Ctrl Alt Del keys on the virtual machine Figure 1 7 and Figure 1 8 shown earlier both show the Ctrl Alt Del menu item to the right of the Tools menu Clicking this item on a virtual system is the same as pressing the keys on a nonvirtual system DP Windows Virtual PC does not support 64 bit operating systems Since Windows i Server 2008 R2 only comes in 64 bit versions it won t run in VPC Planning and Managing Client Licensing and Activation Software developers have been battling software counterfeiting often called pirating or software piracy since the very first operating system or application was sold When it s easy to copy the software without paying for it some people do just that Client licenses product keys and activation work together to help ensure that a software program that is being used is a valid copy The goal is to make it more difficult for software counterfeiters to copy and sell the software t
74. the name of the virtual operating system amp Homegroup Location C WindowsxPMode Browse i Computer Select a location to store the virtual machine file BE neal Nick Cd 2 items i Cag 4 Adjust the size of memory for the PC For Windows XP you can get away with 512 MB but if you re running more applications add more RAM Similarly you can start with 1 GB of RAM for Windows 7 and add more depending on the applications you re running You can always adjust the RAM later when the virtual machine is turned off Leave the networking check box enabled to Use Computer Network Connections unless you specifically don t want the VPC to have access to the network Click Next 5 The Add A Virtual Hard Disk page appears Since this is a new VPC accept the default of Create A Dynamically Expanding Virtual Hard Disk Leave Enable Undo Disks unchecked and click Create You ll be returned to the Virtual PC console At this point you have a Virtual PC image although it s empty The next step is to load an operating system into it 6 Load the Windows installation DVD into the host system DVD drive 7 Double click the VPC image you just created to start it It will boot from the DVD At this point follow the procedure to install the operating system If you re installing Windows 7 you can use the installation steps from the exercise earlier in this chap ter If it s another operating system use the steps
75. this section and some of the options directly relate to KMS and are covered later in this chapter The slmgr tool must be run from an elevated command prompt Click Start gt All Programs gt Accessories right click Command Prompt and select Run As Administrator Many of the common sImgr switches are shown in the following sections Some s1mgr switches are more commonly used with the KMS server and are mentioned later in this chapter Reset Grace Period You can extend the initial 30 day grace period using the sImgr rearm command In other words if the 30 day grace period has expired the background has gone black and the reminder screens are coming up hourly you can execute this command at the command prompt to give yourself another 30 days This command can be executed three times 46 Chapter 1 Planning for the Installation of Windows 7 When the 30 day limit is reached you can run sImgr rearm from an administrator command prompt which resets the activation limit for another 30 days This command can be executed three times Thus if it is run at the end of each 30 day period you ll get a total of 120 days w The Windows 7 activation limit can be extended to a total of 120 days P Activate Windows You can use slmgr ato command to cause the system to activate right away As a reminder activation won t normally be done until three days after the user first logs on If you are building computers that you ll move to an
76. tification Install Windows exe The partition you selected might contain files from a previous Windows Dy installation If it does these files and folders will be moved to a folder named Windows old You will be able to access the information in Windows old but you will not be able to use your previous version of Windows OK Cancel gmi Files from the previous installation will be gone if you do any advanced nc repartitioning of the existing hard drive The Windows old folder will be created only if you use the partition as it exists when the install is started Now all you have to do is get the data out of the Windows o1d folder and back to the original location You can spend hours cutting pasting and adjusting permissions or you can automate the process with the User State Migration Tool 14 Chapter 1 Planning for the Installation of Windows 7 Running ScanState and LoadState Two important files that are added to your system with USMT are ScanState and LoadState You can use these two files from the command prompt or in batch files to automatically examine your system and restore user accounts files and settings in a very short time ScanState ScanState will collect files and settings from a previous installation or from the Windows old folder It will store these files and settings in a migration store LoadState LoadState can read the files and settings from the migration store and restore them to the current comp
77. tion usually work on a 64 bit system without any problems AppLocker AppLocker is a new feature in Windows 7 that can be used to control what software is allowed to run on individual PCs using either Local Security Policy nondomain computer or Group Policy in Active Directory It can be used to restrict unauthorized software from running on systems Although software restriction policies existed in previous versions of Windows AppLocker provides improvements that solve many of the problems with these software restriction poli cies For example a software restriction policy could be used to prevent an application from running However when some applications were updated the software restriction policy no longer recognized the application and no longer restricted the application AppLocker uses a rule based structure that an administrator can build to ensure that the policy doesn t need to be rewritten each time an application is updated Group Policy and AppLocker will be covered in greater depth in Chapter 10 Managing Windows 7 with Group Policy BitLocker BitLocker Drive Encryption allows you to protect entire drives by encrypting them This can be especially useful on disks in mobile computers when the data needs to be protected When BitLocker is implemented the entire drive is encrypted It can be configured to unlock the drive automatically after the system verifies the drive is in the same computer or config ured so that u
78. twork with a server and a client One of the greatest benefits of this virtual setup is that if crashed the system could easily rebuild it and start over Similarly that s what I ve created for this book While I m running Windows 7 on my PCs also have a virtual network consisting of a virtual Windows Server 2008 server and another of a virtual Windows 7 client With the knowledge you gain from this chapter you can do the same thing 26 Chapter 1 Planning for the Installation of Windows 7 Direct Connection vs Brokered Connection In the context of VDI connections can either be direct or brokered Direct would be directly within a virtual machine and brokered would be indirectly through the virtual machine Direct connection The user launches the virtual machine from within the host system logs on to the virtual machine and starts the application within the virtual machine Brokered connection The user launches the application directly from the host machine Even though it s running within the virtual machine this is transparent to the user Windows XP Mode shown later in this chapter uses a brokered connection and this can be used with other virtual machines Imagine a user needs to launch an instance of an older application named LegacyApp She can launch this in a direct connection or a brokered connection In both instances the application would be installed on a virtual machine but the difference is in h
79. types of migrations Each one assumes that you have files and settings from a Windows XP Windows Vista or Windows 7 installation that you want to restore to a new installation of Windows 7 In place migration An in place migration uses the same hardware for the old and new installations of Windows Hard drive partitions are not modified and files and settings from the previous installation are automatically retained in the Windows o1d folder Designing User State Migration 11 Wipe and load migration A wipe and load migration uses the same hardware However partitions on the hard drive holding the original operating system need to be modified which will prevent the Windows o1d folder from being created during the new installation Instead you must use USMT before the installation to save the files and settings to a migra tion store from the previous installation This migration store can then be restored to the new installation of Windows 7 Side by side migration A side by side migration uses two computers You can use USMT to save the files and settings to a migration store from the original computer before it s decommissioned You can then use USMT to restore the migration store to Windows 7 on the new computer In this section you ll learn where to get the USMT how to install it and how to use it in each of the different types of migration User State Migration Toolkit If you used the User State Migration Toolkit USMT fro
80. u ll often have to migrate users files and settings using an in place wipe and load or side by side migration USMT can help with all types of migrations Chapter Essentials 55 Windows 7 supports a rich virtual desktop infrastructure including Windows XP Mode Windows XP Mode can be used to run applications transparently in a virtual isolated Windows XP environment You can also run full blown operating systems in a virtual envi ronment using Windows Virtual PC Finally you learned about the different tools used for activation and managing licensing Windows 7 licenses can be purchased individually or in bulk using either MAK or KMS The VAMT provides additional tools that can be used to manage licenses and activation Chapter Essentials Choosing a Windows 7 edition Know the features available in the different Windows 7 editions used in the enterprise The three Windows 7 editions you ll see in an enterprise are Windows 7 Professional Windows 7 Enterprise and Windows 7 Ultimate Windows 7 Enterprise is available only to organizations that purchase Software Assurance and includes additional features beyond Windows 7 Professional Windows 7 Ultimate has all of the fea tures of Windows 7 Enterprise but can be purchased without Software Assurance Performing a Local Windows 7 Installation Know how to install Windows 7 from the DVD While most of the deployments in large organizations will use automated methods you should be able to inst
81. u can query Microsoft to determine how many operating system activations are left using the MAK 6 Install the MAK on the client computers and then activate them Planning and Managing Client Licensing and Activation 49 Figure 1 13 shows the VAMT with several computers added to a group named SecureNetwork In the figure one computer has already been activated with a retail non MAK key The other computers have not been activated yet FIGURE 1 13 Using VAMT to manage activation amp Volume Activation Management Tool C Users Dar Documents Untitled Collection CIL coje 3 File Action Options Help S P All Computers 10 Status Unknown 9 B E All Volume Activation Computers 0 Name Key Type License Status Grace expiratio Darril PC lt not available gt lt not available gt lt not available Initial Out of Box O08 G 0 orc Retail Licensed a pi Box 008 Grace 0 1 joe PC lt notavailable gt lt not available gt lt not icenset Non Genuine Grace 0 Maria PC lt not available gt lt not available gt lt not available Out of Tolerance OOT Grace 0 Sally PC lt not available gt lt not available gt lt not available Unlicensed 0 A Notification 0 Non Volume Computers 1 6 H User Defined Groups Lo Group 5 le SecureNetwork 5 Inventory and Licensing Compliance Audits The biggest benefit of using VAMT with MA
82. urate and click Next 13 Select Work Network as the computer s current location 14 The Windows 7 desktop will appear The installation is complete Designing User State Migration The majority of Microsoft installed clients are Windows XP Thus if you re considering adding Windows 7 you probably have many Windows XP clients Unfortunately there isn t a direct upgrade path from Windows XP to Windows 7 Po If you can do a direct upgrade you won t need to worry about migration OTE An upgrade will retain all of the installed applications and all of the user s data An upgrade is still considered a risky operation and it s possible that things can go wrong so you should always have a backup of the user s data in case the worst happens If you ve looked at the upgrade paths from earlier versions of Windows to Windows 7 you may have been a little surprised There are very few upgrade choices Some of the pos sible upgrade paths to versions likely to be used in the Enterprise are Vista Business to Windows 7 Professional Enterprise and Ultimate Vista Enterprise to Windows 7 Enterprise Vista Ultimate to Windows 7 Ultimate If you re migrating other existing Windows clients you probably won t be able to do an upgrade This doesn t have to be as painful as it sounds The User State Migration Toolkit has undergone significant changes and improvements and will make your job a lot easier USMT can be used in three
83. used to host applications running on other operating systems It can even be used to host a dual boot system using virtual hard disk files You ll see all of this in this section Considering a VDI Environment The choice between a complete physical environment and a hybrid physical and VDI envi ronment requires considering several different elements related to how the VDI environ ment will be used These include the following Existing hardware There are several things to consider with existing hardware First if it s 32 bit you re limited to no more than 4 GB of RAM as discussed earlier You re much better off if the hardware is 64 bit and has more than 4 GB of RAM Virtualization Considerations 25 Second if the processor doesn t support virtualization or the BIOS doesn t support virtu alization you won t be able to use Windows XP Mode However you can still use virtual machines Tradeoffs between physical and VDI environments VDI environments require more resources These include newer processors and more RAM However if the PC supports it the environment may allow you to remove another PC I ve worked in some environments where users had to maintain two PCs one to do most of their work and another for legacy applications Two PCs cost more to maintain than one this includes more electricity and more cooling power Many companies consider VDI environments a greener alternative Network load considerations
84. user name the computer name will be created by appending the user name with PC You can accept this com puter name or type in a different computer name Click Next once you re satisfied with the user name and computer name W a Set Up Windows ke Windows 7 ultimate Choose a user name for your account and name your computer to distinguish it on the network Type a user name for example John Darril Type a computer name Darril PC Copyright 2009 Microsoft Corporation All rights reserved The Set A Password For Your Account page screen prompt will appear This password is for the account you created in the previous step You need to type in a password retype the same password for confirmation and type a password hint Once you ve entered this information click Next Enter the product key for your edition of Windows on the Type Your Windows Prod uct Key screen The check box Automatically Activate Windows When I m Online is checked by default Leave it checked and click Next You ll be prompted to configure the computer for automatic updates The Use Recommended Settings selection will automate the download and installation of updates but you can choose Only Install Important Updates or set it to ask you later Select one of the choices 10 Chapter 1 Planning for the Installation of Windows 7 EXERCISE 1 1 continued 12 Choose your time zone on the time zone and clock screen Make sure the time and date are acc
85. ut Down performs a logical shut down and Turn Off simulates pressing the power button on the PC Virtualization Considerations 4 USB The USB drop down menu shows all the USB devices attached to your host system As devices are added or removed from the host system they will be added or removed from this menu Devices aren t automatically available in the VPC though If you want the device to be available you need to select it from the menu as shown in Figure 1 8 Devices that are attached to the VPC are removed from the host system FIGURE 1 8 Selecting USB devices in the Virtual PC Ctrl Alt Del Unidentified Device DataTraveler 2 0 PANTECH USB MODEM Once a device is attached to the VPC you can release it by selecting it from the menu and choosing Release Tools The Tools drop down menu includes two choices Integration Components and Settings Once you add and enable the Integration Components you ll be able to work with VPC images in a more seamless manner The mouse will easily move in and out of the VPC win dow and you can easily cut and paste data from your host system into the VPC window If you select Settings the VPC will launch a window similar to the one shown in Figure 1 9 that you can use to modify many of the environment settings for the VPC Some settings such as the Networking setting can be configured while the VPC is running Other settings such as Memory can be configured only when the VPC is tur
86. uter P x86 and USMT AMD64 The x86 folder is for 32 bit systems and the AMD64 folder is for 64 bit systems While the AMD64 folder implies it s only for AMD 64 bit processors you also use files within this folder for 64 bit Intel processors A When you install the Windows AIK it includes two folders for USMT USMT User profiles include a significant amount of data including the desktop document folders Registry settings and much more When you use USMT for an in place migration it uses a hardlink migration store when the data is migrated from the Windows o1d folder This significantly reduces the time and space required to migrate all of this data Instead of actually copying the data from one place to another on the hard drive it just changes the links to where the data is located This is similar to what happens when you move a file from one location to another using drag and drop in Windows Explorer For example imagine a project on which you are working includes several files so you decide to create a folder named Project and drag and drop all the files into that folder The system doesn t create a brand new copy of these files and then delete the originals Instead it just changes the file system links to these files so that they are now located in the Project folder Similarly the hardlink migration feature in ScanState and LoadState will change the location of these files without having to copy all of the data Thi
87. vered Testing Designed Strategy Once you ve identified what strategy you ll use to migrate the user s data in place migra tion wipe and load migration or side by side migration you should do some testing Except for the wipe and load migration you ll have the original data that can be used to try to save the migration data over and over again The in place migration retains the original files and settings in the Windows old folder so if you re not happy with the results of either ScanState or LoadState you can simply rerun the commands Similarly as long as you keep the original computer in a side by side migration you can rerun both of the commands However you have only one chance to run ScanState with a wipe and load migration After testing and determining the best method it s worth your time to document the procedure in a batch file that can easily be run without your having to struggle to remem ber the exact commands and the specific switches 24 Chapter 1 Planning for the Installation of Windows 7 Virtualization Considerations Virtual Desktop Infrastructure VDI has come a long way in the past few years In short VDI is the practice of hosting one or more virtual desktop operating systems on a desktop operating system The desktop operating system is referred to as the host and the virtual systems are referred to as virtual machines virtual images and sometimes just virtual applications As an example you

Download Pdf Manuals

image

Related Search

Related Contents

Yard Machines 540 Lawn Mower User Manual  programme_FAEP2014 (PDF  Dell Latitude Cpi Deployment Guide  User manual Manuel d`utilisation Manual del usuario  GRIMOIRE EN FORME DE SORT - Magick      Ergotron Neo-Flex Tilting Wall Mount, UHD  

Copyright © All rights reserved.
Failed to retrieve file