Download the Index

Home , Powercfg, WBAdmin, Windows Imaging Format

32_0672329611_index.qxd 10/30/07 10:16 AM Page 605

Index

Numbers and Symbols

/? argument (chkdsk command), 92 802.11 specifications, 281-282 802.1x specifications, 283 /1394debug baudrate option (Windows setup), 488

a parameter (powercfg command), 241 accessibility, Ease of Access Center, 59 accessing Mobility Center, 235 offline files, 217 Print Management, 400-401 Windows Defender, 116 accounts (user) Administrator accounts, 165-167 built-in accounts, 168 creating, 379-381 critical accounts, isolating, 602 in domains, 378 Easy Transfer, 60-62 editing, 381-382 elevated privileges, 378 overview, 60, 375-377 32_0672329611_index.qxd 10/30/07 10:16 AM Page 606

606 accounts (user)

Power Users group, 164-165 Active X Opt In (Internet privileges, 26 Explorer 7), 458 roaming profiles, 385 ad hoc mode (wireless adapters), 285 security groups, 382-384 Add Item dialog box, 228 Standard user accounts, 167 ADD option (DiskPart), 348 UAC (User Account Control), 18, 25-26, 60 add-ons (Internet Explorer 7), 468-469 Administrator accounts, 165-167 Add/Remove Servers option (Print Management), 402 Application Compatibility Toolkit, 174-178 Additional Options category (Control Panel), 43 built-in accounts, 168 Address Bar, 43 consent and credential prompts, 169-172 addresses (IP) enabling/disabling DHCP (Dynamic Host components, 161-164 Configuration Protocol), 249 overview, 157-161 dynamic IP addresses, 248-249 Power Users group, 164-165 IPv4 addresses, 249-251 repackaging applications, IPv6 addresses, 249-251 179-180 static IP addresses, 249-251 security policies, 180-183 Administrative Tools, 50-52. Standard user See also specific utilities accounts, 167 Administrator accounts, 165-167 Standard User Analyzer administrator options (Windows Tool, 178 Defender), 119 virtualization, 174 Administration Server (NAP), 129 in workgroups, 378 .admx files, 571 Accounts database (NAP), 129 Advanced Encryption Standard ACT (Application Compatibility (AES), 284 Toolkit), 174-178, 553-554 Advanced Security (Windows activation status, checking in Firewall), 111-115 Welcome Center, 24-25 advanced system settings, 50 Active Directory Aero Group Policies, 183 Aero Transparency effect, 39 publishing printers to, 414-415 components, 35-36 ACTIVE option (DiskPart), 348, 522 enabling/disabling, 37-39 32_0672329611_index.qxd 10/30/07 10:16 AM Page 607

automatic network connections 607

overview, 35-36 GPResult.exe, 597 remote desktop performance settings, 79 connections, 37 repackaging, 179-180 AES (Advanced Encryption Works with Windows Vista Standard), 284 logo, 173 Agent (NAP), 128 /apply option (ImageX), 504 alarms applying GPOs (Group Policy critical battery alarms, 244 Objects), 588-589 low battery alarms, 243-244 ASLR (Data Redirection and overview, 242 Address Space Layout Randomization), 98 All Drivers filter (Print Management), 409 assessing system performance, 65-67 ALL option (Bootsect.exe), 521 ASSIGN option (DiskPart), All Printers filter (Print 348, 522 Management), 409 ATTRIBUTES option (DiskPart), 348 allocating disk space for Shadow Copy, 297-298 Audit mode (Windows Setup), 487-488 answer files /audit option (Sysprep), 509 creating, 490-491 AuditSystem configuration pass validating, 493 (Windows Setup), 486 answering Remote Assistance AuditUser configuration pass invitations, 440-441 (Windows Setup), 486 Appearance and Personalization auto-hiding taskbar, 32 category (Control Panel), 42 automatic backups /append option (ImageX), 504 best practices, 323-324 Application Compatibility Manager, 176 configuring, 314-317 Application Compatibility Toolkit to external drives or removable (ACT), 174-178, 553-554 media, 321-322 applications to local PCs, 320 adding to Master Installation, to network, 322-323 495-496 overview, 314 Certified for Windows updating existing backup Vista logo, 173 jobs, 317-320 default programs, automatic network connections, configuring, 49-50 270-272 32_0672329611_index.qxd 10/30/07 10:16 AM Page 608

608 automatic proxy configuration

automatic proxy configuration, 273 B automatic scanning (Windows Defender), 117 /b argument (chkdsk automatic synchronization, command), 92 219-220 Background Intelligence Transfer Automatic Updating Service (BITS), 138 checking for updates, 138-140 backups configuring, 101, 136-138 automatic backups downloading and installing best practices, 323-324 updates, 142 configuring, 314-317 Group Policy, 147-150 to external drives or hiding updates, 142-143 removable media, 321-322 Microsoft Update, 144-145 to local PCs, 320 NAP (Network Access to network, 322-323 Protection), 146-147 overview, 314 overview, 133-134 updating existing backup restoring hidden updates, jobs, 317-320 143-144 Complete PC Backup Utility reviewing update history, Complete PC Restore, 145-146 342-345 schedules, 141 creating system images, troubleshooting 335-337 Enterprise Scan Tool, definition, 333 153-154 DVD backups, 347 MBSA (Microsoft Baseline hard drive backups, 346 Security Analyzer), 153-154 operating system Microsoft Update, 150-152 requirements, 345 WSUS (Windows Software restoring system images, Update Services), 152-153 341-342 WSUS (Windows Software restoring to hard drive, Update Services), 147-153 347-349 AUTOMOUNT option (DiskPart), 348 tape device backups, 346 autounattend.xml files, 486 WBAdmin, 337-339 when to use, 333-334 configuring, 59 32_0672329611_index.qxd 10/30/07 10:16 AM Page 609

Big Endian 609

GPOs (Group Policy Objects), deployment points 329-330, 567 configuring, 541-542 restoring from, 325-328 creating, 539-540 Windows Backup, 17, 426 overview, 539 Balanced power plan, 238 updating, 542 base scores, 62 Deployment Workbench, 530 .bat files, 338 Distribution Shares, 533-536 batteries Information Center battery status, viewing in Components section, Mobility Center, 235 532-533 critical battery alarms, 244 Documentation section, 531 low battery alarms, 243-244 News section, 532 BCDEdit.exe utility, 520 Management Packs, 529 BDD (Business Desktop migrating systems to Windows Deployment Kit) 2007 Vista deploying Windows Vista with Application Compatibility Systems Management Server Toolkit (ACT), 553-554 deployment points, 548 LoadState, 557-558 Image Capture CDs, 550 Office Migration Planning image deployment Manager, 559-560 process, 550 overview, 551-552 overview, 547-548 ScanState, 555-556 deploying Windows Vista with User State Migration Tool Windows Deployment Services (USMT), 555-558 adding images to Windows Volume Activation DS, 545 Management tool, 558 image deployment Windows Vista Hardware process, 546-547 Assessment Tool, 552-553 operational modes, 545 overview, 527-529 overview, 542-543 system builds, 536-538 WDSUTIL utility, 545 system requirements, 529-530 Windows DS installation, Big Endian, 247 543-544 Windows Server 2008, 547 32_0672329611_index.qxd 10/30/07 10:16 AM Page 610

610 BitLocker Drive Encryption

BitLocker Drive Encryption brightness, adjusting in Mobility capabilities, 186 Center, 235 hardware requirements, broadband connections, 262-263, 187-188 267-269 help and online resources, Brower Security, 18 203-204 Browse for Folder dialog box, 215 overview, 19, 54, 185-186, 193 buildwinre.cmd script, 526 partitioning hard drives for, built-in accounts, 168 189-192 Built-in Diagnostics, 19, 426 recovering data with, 200-202 Business Desktop Deployment Kit reporting problems, 202-203 2007. See BDD 2007 software requirements, 188 business user features, 18-19 turning off, 202 button-press events (HotStart), turning on with startup key, 247-248 196-200 byte orders, 247 turning on with TPM (Trusted Platform Module), 193-196 C website, 204 when to use, 186-187 /c argument (chkdsk BITS (Background Intelligence command), 92 Transfer Service), 138 CAB files, extracting with -blocation option (Oscdimg), 524 Expand.exe, 510-511 blocking cache, 216 GPOs (Group Policy Objects) Calendar, 20 inheritance, 578-579 /capture option (ImageX), 504 group policy inheritance, 590 capturing Windows Vista pop-up ads (Internet Explorer images, 497 7), 469-471 Cascading Style Sheets (CSS), 460 boot configuration data, CDs, Image Capture CDs, 550 433-435, 520 Certified for Windows Vista bootable Windows PE media, logo, 173 517-519 Challenge Handshake Bootsect.exe utility, 521 Authentication Protocol /bootsequence option (CHAP), 278 (BCDEdit.exe), 521 -change option (Powercfg.exe), 512 BREAK option (DiskPart), 348 32_0672329611_index.qxd 10/30/07 10:16 AM Page 611

configuration 611

CHAP (Challenge Handshake restoring system images, Authentication Protocol), 278 341-342 check boxes in Windows Explorer, restoring to hard drive, 347-349 enabling, 44-46 tape device backups, 346 Check Disk, 91-92 WBAdmin, 337-339 checking for updates, 138-140 when to use, 333-334 chkdsk command, 91 Complete PC Restore, 342-345 CLEAN option (DiskPart), 348 Components section (BDD Click Keep Both Versions option Information Center), 532-533 (Resolve Conflict dialog box), 224 Computer Management console, Click the Version to Keep option 51, 70-71, 164, 420-422 (Resolve Conflict dialog box), 224 Config.xml file, 556 Clock, Language, and Region configdiskwinre.cmd script, 526 category (Control Panel), 42 configuration Code Red worm, 134 advanced system settings, 50 collaboration, 18 alarms color, high contrast, 59 critical battery alarms, 244 command-line utilities. See utilities low battery alarms, 243-244 commands (menu) automatic backups, 314-317 Localgroup, 381 Automatic Updating, 136-138 Organize menu, 43 backups, 59 Run, 31 BitLocker, 54 Search menu, 46 boot options, 433-435 command prompt, 47-48 Complete PC Backup Utility Compatibility Administrator, 176 Complete PC Restore, compatibility evaluators, 177 342-345 Complete PC Backup Utility creating system images, Complete PC Restore, 342-345 335-337 creating system images, DVD backups, 347 335-337 hard drive backups, 346 definition, 333 operating system DVD backups, 347 requirements, 345 hard drive backups, 346 restoring system images, operating system 341-342 requirements, 345 32_0672329611_index.qxd 10/30/07 10:16 AM Page 612

612 configuration

restoring to hard drive, security zones, 472-475 347-349 temporary files, 465-466 tape device backups, 346 networks WBAdmin, 337-339 Internet connections, 56 connection logon information managing, 288 (mobile computing), 275-277 network connections, 55-56, default programs, 49-50 270-272, 287-288 deployment points, 541-542 network information, 285 files/folders for offline access, network projectors, 255-256 210, 213-217 Network Policies, 256-257 GPOs (Group Policy overview, 270 Objects), 565 properties, 287 event logging, 597-599 protocols, 279-280 GPMC (Group Policy Management Console), Remote Assistance Policies, 566-567 257-258 offline files/folders, 226-230 resource sharing, 56-57 Group Policy Loopback, 591 VPN connections, 254-255 HotStart wireless adapters, 284-285 button-press events, wireless networking, 247-248 251-254 HotStart Button Agent offline synchronization, 221-222 and application launch, password policies, 104, 246-247 392-396 HotStart Buttons, 245-246 performance settings identity validation (mobile application performance, 79 computing), 277-279 Check Disk, 91-92 Internet Explorer 7 Data Execution Prevention default programs, 463-464 (DEP), 81-84 Internet Explorer Disk Cleanup, 87-88 Administration Kit Disk Defragmenter, 88-90 (IEAK), 475-477 overview, 77-78 Pop-Up Blocker, 469-471 ReadyBoost, 84-86 Protected mode, 466-467 ReadyDrive, 86 security options, 54 32_0672329611_index.qxd 10/30/07 10:16 AM Page 613

CREATE option (Diskpart) 613

SuperFetch, 86-87 Shadow Copy virtual memory, 79-81 Disk Cleanup, 298-299 power plans disk space allocation, Power Options screen, 297-298 239-240 startup applications, 435 Powercfg.exe, 241-242, startup services, 435-436 512-513 System Restore, 362-364 printers, 594-597 TPM (Trusted Platform proxy settings for mobile Module), 189 connections Windows Defender, 53-54 automatic proxy Windows Firewall, 53, 107-108 configuration, 273 Advanced Security, 111-115 manual proxy configuration, program exceptions, 273-275 109-110 overview, 272-273 restoring default remote access connections configurations, 115 broadband connections, TCP and UDP 268-269 exceptions, 110 dial-up Internet connections, Windows Update, 53 266-267 configuration sets, 516 dial-up to ISP Connect to a Network Projector connections, 266 Wizard, 255 dial-up to office connections, connections (network). 268-269 See networks overview, 265 consent prompts, 169-172 VPN connections, 269-270 consumer user features, 19-21 Remote Assistance, 437-438 Contacts folder, 22 Security Center, 98-100 Control Panel, 42-43, 67-68 Automatic Updating, 101 CONVERT option (DiskPart), 348 malware protection, 101-102 /copy option (BCDEdit.exe), 520 Restore Settings option, 102 /create option (BCDEdit.exe), 520 UAC (User Account Create a Shared Folder Control), 102 Wizard, 211 Windows Firewall CREATE option (DiskPart), settings, 101 348, 522 32_0672329611_index.qxd 10/30/07 10:16 AM Page 614

614 create pagefile option (Wpeutil.exe)

createpagefile option data protection, 309-310. See (Wpeutil.exe), 513 also backups createspannedshares.cmd file, 504 driver rollback, 312-314 /createstore option Internet Explorer 7, 458-460 (BCDEdit.exe), 520 overview, 19 credential prompts, 169-172 Safe Mode, 311-312 critical accounts, isolating, 602 WRP (Windows Resource critical battery alarms, 244 Protection), 310-311 Cross-Domain Scripting, 458 data recovery, 200-202 CSS (Cascading Style Sheets), 460 Data Redirection and Address Custom Filters option (Print Space Layout Randomization Management), 404, 409-411 (ASLR), 98 Custom Scan (Windows Data Sources (ODBC) utility, 51 Defender), 120-121 databases, Accounts (NAP), 129 Custom.xml file, 556 /debug baudrate option (Windows customizing setup), 489 desktop, 34-35 Default Cache Size policy, 230 power plans, 240-241 /default option (BCDEdit.exe), 521 Start menu, 31 default programs, configuring, 49-50 taskbar, 32 Defender. See Windows Defender defragmenting hard drives, D 88-90, 426 /delete option -d option BCDEdit.exe, 520 Expand.exe, 511 DiskPart, 348, 523 Oscdimg, 524 ImageX, 504 powercfg command, 241 deleted files, restoring, 302 Data Execution Prevention DEP (Data Execution (DEP), 81-84 Prevention), 81-84 Data Images, 496 Deployed Printers option (Print creating with ImageX, 503 Management), 405 definition, 502 data privacy. See privacy, BitLocker Drive Encryption 32_0672329611_index.qxd 10/30/07 10:16 AM Page 615

Dial-Up Connection Settings dialog box 615

deployment. See also deployment points BDD (Business Desktop configuring, 541-542, 548 Deployment Kit) 2007 creating, 539-540 deployment points overview, 539 configuring, 541-542 updating, 542 creating, 539-540 Deployment Services. See Windows overview, 539 DS (Deployment Services) updating, 542 Deployment Workbench (BDD), 530 Lite Touch, 542 desktop overview, 527 appearance and printers, 593-597 personalization, 34-35 Systems Management Server overview, 34 deployment points, 548 Windows Aero Image Capture CDs, 550 Aero Transparency effect, 39 image deployment components, 35-36 process, 550 enabling/disabling, 37-39 overview, 547-548 overview, 35-36 preparing and capturing remote desktop Windows Vista images, connections, 37 549-550 Desktop folder, 22 System Center Configuration destination option Manager 2007, 551 (Expand.exe), 511 Windows Deployment Services detail disk option adding images to Windows (DiskPart.exe), 523 DS, 545 DETAIL option (DiskPart), 348, 523 image deployment -deviceenablewake option process, 546-547 (Powercfg.exe), 513 operational modes, 545 Device Manager, 421 overview, 542-543 DHCP (Dynamic Host Configuration WDSUTIL utility, 545 Protocol), 249 Windows DS installation, diagnostics. See troubleshooting 543-544 and diagnostics Windows Server 2008, 547 Dial-Up Connection Settings dialog Zero Touch, 542 box, 273 32_0672329611_index.qxd 10/30/07 10:16 AM Page 616

616 dial-up connections

dial-up connections disabling dial-up Internet connections, BitLocker Drive Encryption, 202 266-267 Internet Explorer 7 Protected dial-up to ISP connections, 266 mode, 467 dial-up to office connections, Network Policies, 257 268-269 offline files/folders, 224-225 dialog boxes Remote Assistance Policies, Add Item, 228 257-258 Browse for Folder, 215 System Protection, 360 Dial-Up Connection UAC (User Account Control) Settings, 273 components, 161-164 Manage Add-Ons, 468-469 Welcome Center, 24 Map Network Drive, 215 Windows Aero, 37-39 Offline Settings, 213-214 Windows features, 506 Remote Computer, 74 Windows Firewall, 108-109 Resolve Conflict, 224 Disk Cleanup, 87-88, 298-299, Run, 427 426, 430-431 Save BitLocker Drive Encryption Disk Defragmenter, 88-90, 426 Password As, 194 Disk Management, 421 Show Contents, 228 disk space System Recovery Options, 190 allocating for Shadow Virtual Memory, 80 Copy, 297-298 /dir option (ImageX), 504 Internet Explorer 7, 465 direct-dial network System Restore configuration, connections, 262 362-364 directories System Restore requirements, 356 OOBE, 505 DiskPart, 347-349, 521-523 recovering with Shadow Copy, 303-305 /displayorder option (BCDEdit.exe), 521 Shadow Copy directory-level protection, 295 Distribution Shares, 515-516, 533-536 WindowsImageBackup, 337 Documentation section (BDD DirectX Diagnostics Tool, 426 Information Center), 531 disablefirewall option Documents folder, 22 (Wpeutil.exe), 514 32_0672329611_index.qxd 10/30/07 10:16 AM Page 617

enabling 617

domains Ease of Access Center, 59 advantages/ Easy Transfer, 21, 60-62 disadvantages, 377 editing user accounts, 381-382 moving GPOs (Group Policy editors, GPO Editor, 569 Objects) between, 599-601 elevated privileges, 378 replicating GPOs (Group Policy elevation of privileges, 26 Objects) throughout, 573-574 email notifications, sending with user accounts, 378 Print Management, 411-412 downloading updates, 142 enablefirewall option Downloads folder, 22 (Wpeutil.exe), 514 Drive Letter option enabling. See also configuration (Bootsect.exe), 521 Automatic Updating, 136-137 drives. See external drives, backing BitLocker Drive Encryption up to; hard drives with startup key, 196-200 drivers with TPM (Trusted Platform adding Module), 193-196 to Master Installation, 495 Network Policies, 257 with Drvload.exe, 510 Remote Assistance Policies, with Package Manager, 506 257-258 rolling back, 312-314 roaming profiles, 385 Drvload.exe, 510 Shadow Copy, 295-297 DS (Deployment Services). See System Protection, 361 Windows DS TPM (Trusted Platform /dudisable option (Windows Module), 189 setup), 488 UAC (User Account Control) DVDs, backing up to, 347 components, 161-164 Dynamic Host Configuration Welcome Center, 24 Protocol (DHCP), 249 Windows Aero, 37-39 dynamic IP addresses, 248-249 Windows Explorer check boxes, 44-46 E Windows Explorer classic Windows menu, 43 EAP (Extensible Authentication Windows features with Package Protocol), 283 Manager, 506 Ease of Access category (Control Windows Firewall, 108-109 Panel), 43 32_0672329611_index.qxd 10/30/07 10:16 AM Page 618

618 Encrypting File System

Encrypting File System, 19 severity levels, 441-442 encryption viewing, 442 AES (Advanced Encryption eSATA (external serial ATA), 346 Standard), 284 “An Essay on Endian Order,” 247 BitLocker Drive Encryption event logs capabilities, 186 administering, 442 hardware requirements, contents, 441-442 187-188 overview, 441 help and online resources, severity levels, 441-442 203-204 viewing, 442 overview, 19, 54, 185-186, 193 Event Viewer, 52, 71, 421 partitioning hard drives exceptions, configuring in for, 189-192 Windows Firewall recovering data with, program exceptions, 109-110 200-202 TCP and UDP exceptions, 110 reporting problems, 202-203 EXIT option (DiskPart), 348 software requirements, 188 Expand.exe, 510-511 turning off, 202 Explorer. See Internet Explorer 7; turning on with startup key, Windows Explorer 196-200 Export/Import Printers option (Print turning on with TPM (Trusted Management), 402-404 Platform Module), 193-196 Export List option (Print website, 204 Management), 405 when to use, 186-187 /export option (BCDEdit.exe), 520 Enterprise Scan Tool, 153-154 exporting ErrorHandler.cmd file, 487 GPO (Group Policy Object) settings into XML files, 603 errors printers, 402-404 synchronization conflicts/ errors, 223-224 EXTEND option (DiskPart), 348 system Stop errors, 443-444 Extended view option (Print Management), 405 tracking with event logs Extensible Authentication Protocol administering, 442 (EAP), 283 contents, 441-442 External Display (Mobility overview, 441 Center), 235 32_0672329611_index.qxd 10/30/07 10:16 AM Page 619

files 619

external drives, backing up to, Config.xml, 556 321-322 createspannedshares.cmd, 504 external serial ATA (eSATA), 346 Custom.xml, 556 extracting CAB files with ErrorHandler.cmd, 487 Expand.exe, 510-511 FRS (File Replication Service), 573-574 F ISO files, 523-524 MigApp.xml, 556 -f option (Expand.exe), 511 miglog.xml, 489 /f option MigSys.xml, 556 chkdsk command, 92 MigUser.xml, 556 Lpksetup.exe, 511 MSP files, packaging Office failures. See system failures, 2007 as, 559-560 recovering from offline files Family Safety Settings, 20 accessing, 217 FAT file system, 357 configuring, 210, 213-214 FAT32 file system, 357 disabling, 224-225 Favorites folder, 22 folder sharing, 211-213 Fax and Scan, 19 group policies, 225-230 File Replication Service (FRS), offline file cache, 216 573-574 overview, 209-210 File Signature Verification, 426, 431-432 specifying, 214-217 file systems synchronization, 217-224 FAT, 357 oobe.xml, 486, 504-505 FAT32, 357 recovering with Shadow Copy, 295, 300-302 NTFS, 357-359, 388-391 deleted files, 302 files previous versions of .admx files, 571 files, 300 answer files restoring creating, 490-491 deleted files, 302 validating, 493 previous file versions, 300 autounattend.xml, 486 searching for, 45-47 .bat files, 338 setupact.log, 489 CAB files, 510-511 32_0672329611_index.qxd 10/30/07 10:16 AM Page 620

620 files

setupapi*.log, 489 restoring default setupapi.app.log, 489 configurations, 115 SetupComplete.cmd, 487 Security Center settings, 101 setuperr.log, 489 TCP and UDP port system files, reinstalling with exceptions, 110 repair option, 447 folders temporary files (Internet Explorer 7), 465-466 Contacts, 22 unattend.xml, 486 Desktop, 22 .vhd files, 337 Documents, 22 WindowsUpdate.log, 145 Downloads, 22 winsat.log, 489 Favorites, 22 XML files, exporting GPO inheritance, 389 (Group Policy Object) Links, 22 settings into, 603 Music, 22 Files Not Cached policy, 230-231 permissions, 213 FILESYSTEMS option (DiskPart), Pictures, 23 348 redirected folders, 386-388 filtering Searches, 23 GPOs (Group Policy searching for, 45-47 Objects), 578 sharing, 211-213 Print Management filters, 409-411 Videos, 23 WMI Filters, 583-584 /force option (Bootsect.exe), 521 firewalls Forefront Client Security, 119 Windows Defender, 53-54 FORMAT option (DiskPart), 348, 523 Windows Firewall FQDN (fully qualified domain Advanced Security, 111-115 name), 211 configuring, 53, 107-108 frames, 452 enabling/disabling, 108-109 FRS (File Replication Service), network connections, 573-574 280-281 Full Scan overview, 106-107 MSRT, 124-125 program exceptions, Windows Defender, 120 109-110 fully qualified domain name (FQDN), 211 32_0672329611_index.qxd 10/30/07 10:16 AM Page 621

GPOs (Group Policy Objects) 621

G filtering, 578 GPMC (Group Policy -g option (Oscdimg), 524 Management Console), gadgets 566-567 adding to Sidebar, 40 backing up GPOs, 567 keeping on top of other creating GPOs, 568 windows, 41 GPO Editor, 569 overview, 39 restoring GPOs, 567 gaming, 21 GPO Editor, 107, 569 Generalize configuration pass Group Policy Loopback, 591 (Windows Setup), 486 history, 563 /generalize option (Sysprep), 508 inheritance GINA (Graphical Identification and blocking, 578-579 Authorization), 103 modifying, 589-590 GP (Group Policy), 197 overview, 582 gpedit.msc, 197 linking, 574-575, 583 GPMC (Group Policy Management Console), 566-567 Local Policies, 591-592 backing up GPOs, 567 modeling, 579 creating GPOs, 568 moving between domains, 599-601 GPO Editor, 569 NLA (Network Location restoring GPOs, 567 Awareness), 571-572 GPOs (Group Policy Objects), offline files/folders, 225 197, 587 configuring, 226-227 .admx format, 571 file availability, 227-229 advantages, 564-565 file cache policies, 230 backups, 329-330, 567 file synchronization capabilities, 570 policies, 229-230 configuration, 565 order of application, 588-589 creating, 568 OUs definition, 563-564 GPO pilot OUs, 602 deploying printers with, isolating critical 593-597 accounts, 602 event logging, 597-599 respecting OU exporting into XML files, 603 administrators, 602-603 32_0672329611_index.qxd 10/30/07 10:16 AM Page 622

622 GPOs (Group Policy Objects)

replicating throughout domains, H 573-574 resources, 603-604 -h option restoring, 567 Oscdimg, 524 reusing, 581-582 powercfg command, 241 reverting to previous /h option (OCSetup), 508 version, 584-585 hard drives rights, 575-576 backing up to, 346 security delegations, 576-577 checking for errors, 91-92 speeding up GPO defragmenting, 88-90, 426 processing, 581 Disk Cleanup, 87-88, storing, 572 298-299, 426 System Restore, 364 disk space troubleshooting allocating for Shadow Copy, GPResult, 580 297-298 GPUpdate, 580 Internet Explorer 7, 465 Resultant Set of Policies System Restore (RSoP), 579-580 configuration, 362-364 updates, 147-150 System Restore Vista-specific GPOs, 588 requirements, 356 Windows XP GPOs, 587 hybrid hard disks, 86 WMI Filters, 583-584 mapping, 215-216 GPResult, 580, 597 partitioning for BitLocker Drive Encryption, 189-192 GPT option (DiskPart), 348 restoring system images GPUpdate, 580 to, 347-349 Graphical Identification and hardware. See also hard drives Authorization (GINA), 103 adding/removing, 58 Group Policy Loopback, 591 drivers Group Policy Objects. See GPOs adding to Master Guest accounts, 168 Installation, 495 adding with Drvload.exe, 510 adding with Package Manager, 506 Power Options, 58 32_0672329611_index.qxd 10/30/07 10:16 AM Page 623

images (Window Vista) 623

Vista requirements I BitLocker Drive Encryption, 187-188 /i argument (chkdsk minimum hardware command), 92 specifications, 13-14 /I language-REGION option recommended hardware (Lpksetup.exe), 511 specifications, 15-16 identity validation (mobile Hardware and Sound category computing), 277-279 (Control Panel), 42 IDN (International Domain Health Policy, 127-129 Names), 460 Health Registration Authority IEAK (Internet Explorer (HRA), 129 Administration Kit), 475-477 help IEEE (Institute of Electrical and Electronics Engineers) 802.11 overview, 17 specifications, 281-282 Remote Assistance Image Capture CDs, 550 answering invitations, image_file option (Oscdimg), 524 440-441 images (Windows Vista). See also configuring, 437-438 imaging tools creating invitations, 439-440 adding to Windows DS, 545 offering assistance, 440 answer files overview, 436-437 creating, 490-491 HELP option (DiskPart), 348 validating, 493 hiding updates, 142-143 capturing, 497 high contrast colors, 59 Data Images High Performance power plan, 238 creating with IMageX, 503 history, update history, 145-146 definition, 502 HotStart, configuring deployment process, 546-547 button-press events, 247-248 Master Installations HotStart Button Agent and building, 494-495 application launch, 246-247 definition, 494 HotStart Buttons, 245-246 hardware drivers, 495 HotStart Buttons, verifying, 245–246 Microsoft Update packages, 496 HRA (Health Registration Authority), 129 programs, 495-496 hybrid hard disks, 86 32_0672329611_index.qxd 10/30/07 10:16 AM Page 624

624 images (Windows Vista)

service packs, 496 Powercfg.exe, 512-513 validating, 497 Sysprep, 508-509 modifying, 512 Windows PE (Preinstallation preparing for use with SMS Environment) (Systems Management BCDEdit.exe utility, 520 Server), 549-550 bootable Windows PE requirements and media, 517-519 preparation, 481-482 Bootsect.exe utility, 521 updating and maintaining, DiskPart.exe utility, 521-523 498-500 Oscdimg, 523-524 Windows Vista components overview, 517 and settings, 491-493 PEImg, 524-525 ImageX, 497-498 Wpeinit, 525 command-line options, 504 Windows RE (Recovery creating Data Images with, Environment), 525 502-503 Windows SIM (System definition, 502 Image Manager) imaging tools configuration sets, 516 Drvload.exe, 510 Distribution Shares, 515-516 Expand.exe, 510-511 overview, 514 ImageX user interface, 514-515 command-line options, 504 Winpeshl.ini, 513 creating Data Images with, Wpeutil, 513-514 502-503 /import option (BCDEdit.exe), 520 definition, 502 IMPORT option (DiskPart), 348 Lpksetup.exe, 511 /import=path_to_package option oobe.xml, 504-505 (PEImg.exe), 512, 524 overview, 501-502 importing Package Manager, 505-508 GPOs (Group Policy adding drivers with, 506 Objects), 599-601 command-line options, 507 printers, 402-404 enabling/disabling Windows INACTIVE option (DiskPart), 348 features with, 506 /inf=path_to_inf_file option OCSetup, 507-508 (PEImg.exe), 512, 525 PEImg.exe, 512 32_0672329611_index.qxd 10/30/07 10:16 AM Page 625

Internet Explorer 7 625

Information Bar (Internet International Organization for Explorer 7), 468 Standardization. See ISO Information Center (BDD) Internet Assigned Numbers Components section, 532-533 Authority, 505 Documentation section, 531 Internet connections News section, 532 configuring, 56 inheritance (GPOs), 389 dial-up connections, 266-267 blocking, 578-579 Internet Explorer 7, 17 modifying, 589-590 add-ons, 468-469 overview, 582 Compatibility Evaluator, 178 initializenetwork option Compatibility Tool, 176 (Wpeutil.exe), 514 Customization Wizard, 476 Innovate on Windows Vista data protection, 458-460 website, 173 default program configuration, /install=package_name option 463-464 (PEImg.exe), 512, 525 Information Bar, 468 installation Instant Search, 455 hardware, 58 Internet Explorer Administration language packs, 511 Kit (IEAK), 475-477 MSI packages, 507-508 malware protection, 457-458 reinstalling system files with minimum system requirements, repair option, 447 461-462 updates, 142 overview, 451-452 Windows DS (Deployment Pop-Up Blocker, 469-471 Services), 543-544 printing, 455 installwinre.cmd script, 526 Protected mode, 105-106, Instant Search (Internet 466-467 Explorer 7), 455 Quick Tabs, 454 Institute of Electrical and recommended system Electronics Engineers (IEEE) requirements, 462-463 802.11 specifications, 281-282 RSS feeds, 456 INTERACTIVE accounts, 168 security options, 54 International Domain Names security zones, 472-475 (IDN), 460 Internet zone, 473 Local Internet zone, 473-474 32_0672329611_index.qxd 10/30/07 10:16 AM Page 626

626 Internet Explorer 7

Restricted Sites zone, ISPs (Internet service 474-475 providers), 266 Trusted Sites zone, 474 /iu Windows feature option standards compliancy, 460-461 (Package Manager), 507 tabbed browsing, 453-455 IUSR accounts, 168 temporary files, 465-466 user interface J-K enhancements, 452 Internet Protocol. See IP addresses -j2 option (Oscdimg), 524 Internet zone (Internet -jl option (Oscdimg), 524 Explorer 7), 473 keyboard shortcuts, 237 Inventory Collector, 178 KMS (Key Management invitations (Remote Assistance) Service), 558 answering, 440-441 creating, 439-440 IP (Internet Protocol) addresses L DHCP (Dynamic Host /l argument (chkdsk Configuration Protocol), 249 command), 92 dynamic IP addresses, 248-249 l parameter (powercfg IPv4 addresses, 249-251 command), 242 IPv6 addresses, 249-251 L2TP (Layer 2 Tunneling static IP addresses, 249-251 Protocol), 264 /ip Package Name option language packs, installing with (Package Manager), 507 Lpksetup.exe, 511 IPv4 addresses, 249-251 laptops. See mobile computing IPv6 addresses, 249-251 -lastwake option iSCSI Initiator, 52 (Powercfg.exe), 513 ISO (International Organization Layer 2 Tunneling Protocol for Standardization) (L2TP), 264 ISO 3166 region codes, 505 least permissions, 390 ISO 639 language codes, 505 linking GPOs (Group Policy Objects), 574-575, 583 ISO files, creating, 523-524 Links folder, 22 isolating critical accounts, 602 list disk option (DiskPart.exe), 523 LIST option (DiskPart), 348, 523 32_0672329611_index.qxd 10/30/07 10:16 AM Page 627

manual proxy configuration 627

/list option (PEImg.exe), 512, 525 M -list option (Powercfg.exe), 512 Lite Touch, 542 /m Little Endian, 247 folder_name option (Windows setup), 488 -llabelname option (Oscdimg), 524 Package Directory option loading master boot record (Package Manager), 507 code, 521 Magnifier, 59 LoadState, 557-558 Mail, 20 Local Internet zone (Internet Explorer 7), 473-474 maintaining Windows Vista images, 498-500 Local Policies, 591-592 malware protection Local Security Policies configuring, 101-102 definition, 52 Internet Explorer 7, 457-458 UAC (User Account Control), 182-183 MSRT (Windows Malicious Software Removal Tool) Localgroup command, 381 Full Scan, 124-125 locking taskbar, 32 overview, 122-123 /log file option (OCSetup), 508 Quick Scan, 124 logon process, 21-22 reporting results, 125 logs Windows Defender. See event logs Windows Defender administering, 442 Windows Live OneCare Safety contents, 441-442 scanner, 126 GPOs, 597-599 Manage Add-Ons dialog box, overview, 441 468-469 severity levels, 441-442 Manage Wireless Networks, 253-254 viewing, 442 Management Packs (BDD), 529 restore process logs, 342 Mandatory Integrity Control (MIC), Windows Setup, 489 105, 466 loopback processing, 574 manual network connections, low battery alarms, 243-244 configuring, 272 Lpksetup.exe, 511 manual proxy configuration, 273-275 32_0672329611_index.qxd 10/30/07 10:16 AM Page 628

628 manual synchronization

manual synchronization, 219 Microsoft Business Desktop manual updating, 140-141 Deployment Kit 2007. See BDD 2007 Map Network Drive dialog box, 215 Microsoft Download Center, mapping hard drives, 215-216 142, 560 master boot record code, Microsoft Forefront Client loading, 521 Security, 119 Master Installations Microsoft Security Guidance for building, 494-495 Patch Management, 134 definition, 494 Microsoft TechNet Security hardware drivers, 495 Center, 135 Microsoft Update Microsoft Technical Security packages, 496 Bulletin Notification, 138 programs, 495-496 Microsoft Update, 144-145 service packs, 496 packages, adding to Master validating, 497 Installation, 496 MBSA (Microsoft Baseline Security troubleshooting, 150-152 Analyzer), 153 Microsoft Vista Product home Media Center, 20 page, 203 Media Player, 20 MigApp.xml file, 556 Meeting Space, 18 miglog.xml file, 489 memory Migrate Printers option (Print Management), 402 Memory Diagnostics, 52, 63 migrating to Windows Vista offline file cache, 216 Application Compatibility Toolkit virtual memory, 79-81 (ACT), 553-554 Memory Diagnostics, 52, 63 LoadState, 557-558 menus Office Migration Planning Organize, 43 Manager, 559-560 Search, 46 overview, 551-552 Start, 29-32 ScanState, 555-556 Windows Explorer classic User State Migration Tool Windows menu, enabling, 43 (USMT), 555-558 MIC (Mandatory Integrity capabilities, 557 Control), 105, 466 limitations, 557 Microsoft Baseline Security LoadState, 557-558 Analyzer (MBSA), 153 ScanState, 555-556 32_0672329611_index.qxd 10/30/07 10:16 AM Page 629

mobile computing 629

Volume Activation Management batteries tool, 558 battery status, viewing in Windows Vista Hardware Mobility Center, 235 Assessment Tool, 552-553 critical battery alarms, 244 MigSys.xml file, 556 low battery alarms, 243-244 MigUser.xml file, 556 broadband connections, minimum hardware 262-263, 267-269 specifications, 13-14 connection logon information, MMC snap-ins, Print Management 275, 277 accessing, 400-401 connections properties Add/Remove Servers automatic connections, option, 402 270-272 adding printers with, 407-409 manual connections, 272 Custom Filters option, overview, 270 404, 409-411 direct-dial connections, 262 Deployed Printers option, 405 HotStart configuration email notifications, 411-412 button-press events, Export List option, 405 247-248 Export/Import Printers HotStart Button Agent option, 402-404 and application launch, Extended view option, 405 246-247 FAQs, 416 HotStart Buttons, 245-246 filters, 409-411 identity validation, 277-279 Migrate Printers option, 402 Mobility Center overview, 399-400 accessing, 235 publishing printers to Active Battery Status, 235 Directory, 414-415 Brightness slider, 235 scripting, 413-414 External Display, 235 Taskpad view option, 405-407 keyboard shortcuts, 237 troubleshooting, 416 overview, 58, 234 mobile computing Presentation Settings, alarms 235-236 critical battery alarms, 244 Screen Rotation, 236 low battery alarms, 243-244 Sync Center, 236 overview, 242 Volume slider, 236 Wireless Network, 237 32_0672329611_index.qxd 10/30/07 10:16 AM Page 630

630 mobile computing

modem pools, 262 proxy settings networking automatic proxy DHCP (Dynamic Host configuration, 273 Configuration manual proxy configuration, Protocol), 249 273-275 dynamic IP addresses, overview, 272-273 248-249 RADIUS (Remote Authentication Network Policies, 256-257 Dial-In User Service), 264 network projectors, 255-256 remote access connections overview, 248 broadband connections, Remote Assistance 268-269 Policies, 257-258 dial-up Internet connections, static IP addresses, 266-267 249-251 dial-up to ISP VPN connections, 254-255 connections, 266 wireless networking, dial-up to office connections, 251-254 268-269 networking protocols, 279-280 overview, 265 overview, 18, 233-234, 261 VPN connections, 269-270 power plans thin and light computers, 234 advanced power settings, transportable computers, 234 238-239 Ultra-Mobile computers, 234 Balanced, 238 ultraportable computers, 234 basic power settings, 238 VPNs (virtual private networks), configuring, 239 263, 269-270 configuring through Power Windows Firewall, 280-281 Options screen, 239-240 wireless networks configuring through connecting to, 287-288 Powercfg.exe, 241-242 managing, 288 creating, 240-241 network information, 285 High Performance, 238 overview, 281-282 overview, 237 properties, 287 Power Saver, 238 security, 282-284 wireless adapter configuration, 284-285 32_0672329611_index.qxd 10/30/07 10:16 AM Page 631

networks 631

Mobile PC category (Control Quick Scan, 124 Panel), 43 reporting results, 125 Mobility Center Music folder, 22 accessing, 235 Battery Status, 235 N Brightness slider, 235 External Display, 235 /n Answer File option (Package keyboard shortcuts, 237 Manager), 507 overview, 18, 58, 234 NAP (Network Access Protection), Presentation Settings, 235-236 18, 146-147 Screen Rotation, 236 components, 128-131 Sync Center, 236 health policy compliance, 127 Volume slider, 236 health policy validation, 127 Wireless Network, 237 limited access, 127 modeling GPOs (Group Policy overview, 126 Objects), 579 Narrator, 59 modem pools, 262-263 NETSH utility, 107 modifying group policy Network Access Protection. inheritance, 589-590 See NAP /mountrw option (ImageX), 504 Network and Internet category Movie Maker, 20 (Control Panel), 42 moving GPOs (Group Policy Network and Sharing Center Objects) between domains, configuring Internet 599–601 connections, 56 MSBlaster worm, 82 configuring network MSI packages, installing with connections, 55-56 OCSetup, 507-508 configuring resource sharing, MSinfo32.exe (System 56-57 Information), 72-74 Network Location Awareness MSP files, packaging Office 2007 (NLA), 571-572 as, 559-560 Network Policies, 256-257 MSRT (Windows Malicious network projectors, 255-256 Software Removal Tool) networks Full Scan, 124-125 backing up to, 322-323 overview, 122-123 broadband connections, 262-263, 267-269 32_0672329611_index.qxd 10/30/07 10:16 AM Page 632

632 networks

connection logon information, limited access, 127 275-277 overview, 126 connections properties Network and Sharing Center, 55 automatic connections, network connections, 55-56 270-272 NLA (Network Location manual connections, 272 Awareness), 571-572 overview, 270 overview, 17 direct-dial connections, 262 protocols. See protocols identity validation, 277-279 proxy settings Internet connections automatic proxy configuring, 56 configuration, 273 dial-up connections, manual proxy configuration, 266-267 273-275 mobile computing overview, 272-273 DHCP (Dynamic RADIUS (Remote Authentication Host Configuration Dial-In User Service), 264 Protocol), 249 remote access connections dynamic IP addresses, broadband connections, 248-249 268-269 Network Policies, 256-257 dial-up Internet network projectors, 255-256 connections, 266-267 overview, 248 dial-up to ISP Remote Assistance Policies, connections, 266 257-258 dial-up to office connections, static IP addresses, 268-269 249-251 overview, 265 VPN connections, 254-255 VPN connections, 269-270 wireless networking, resource sharing, 56-57 251-254 VPNs (virtual private networks), NAP (Network Access 263, 269-270 Protection) Windows Firewall, 280-281 components, 128-131 wireless networks health policy connecting to, 287-288 compliance, 127 managing, 288 health policy validation, 127 network information, 285 32_0672329611_index.qxd 10/30/07 10:16 AM Page 633

/oobe option (Sysprep) 633

overview, 281-282 Office Setup Controller, 559 properties, 287 offline files security, 282-284 accessing, 217 wireless adapter configuring, 210, 213-214 configuration, 284-285 disabling, 224-225 New Build Wizard, 536-537 folder sharing, 211-213 New Simple Volume Wizard, 192 group policies, 225 New Task Wizard, 406 configuring, 226-227 News section (BDD Information file availability, 227-229 Center), 532 file cache policies, 230 Nimda worm, 134 file synchronization policies, NLA (Network Location Awareness), 229-230 571-572 offline file cache, 216 /noreboot option (Windows overview, 209-210 setup), 488 specifying, 214-217 /norestart option synchronization, 217-218 OCSetup, 508 automatic synchronization, Package Manager, 507 219-220 notebooks. See mobile computing configuring with notifications. See alarms actions/events, 221-222 /nt52 option (Bootsect.exe), 521 manual synchronization, 219 /nt60 option (Bootsect.exe), 521 resolving conflicts/errors, NTFS file system, 357-359, 223-224 388-391 scheduling, 220-221 synchronization O partnerships, 218-219 viewing results of, 223 objects, Group Policy. See GPOs Offline Settings dialog box, (Group Policy Objects) 213-214 OCSetup, 507-508 OfflineServicing configuration pass Office Customization tool, 559 (Windows Setup), 486 Office File Conversion tool, 559 ONLINE option (DiskPart), 348 Office Local Installation Onscreen Keyboard, 59 Source, 559 OOBE directory, 505 Office Migration Planning /oobe option (Sysprep), 509 Manager, 559-560 32_0672329611_index.qxd 10/30/07 10:16 AM Page 634

634 oobe.xml file

oobe.xml file, 486, 504-505 password protection, 103-105, OobeSystem configuration pass 391-396 (Windows Setup), 486 patch management, 133-134 optimizing performance. See PatchGuard, 82 performance optimization PE (Preinstallation Environment). Organizational Units. See OUs See Windows PE Organize menu, 43 PEImg.exe, 512, 524-525 Oscdimg utility, 523-524 Performance Information and Tools OUs (Organizational Units) console, 76-77 isolating critical accounts, 602 performance optimization linking GPOs (Group Policy assessing system Objects) to, 574-575 performance, 65-67 pilot OUs, 602 Computer Management console, 70-71 respecting OU administrators, 602-603 Control Panel, 67-68 out-of-the-box experience, GPOs (Group Policy configuring with oobe.xml, Objects), 581 504-505 Memory Diagnostics, 63 overview, 17, 62 P performance settings, configuring /p path option (Lpksetup.exe), 511 application performance, 79 Package Manager, 505-508 Check Disk, 91-92 adding drivers with, 506 Data Execution Prevention command-line options, 507 (DEP), 81-84 enabling/disabling Windows Disk Cleanup, 87-88 features with, 506 Disk Defragmenter, 88-90 OCSetup, 507-508 overview, 77-78 packages, MSI, 507-508 ReadyBoost, 84-86 partitioning hard drives for ReadyDrive, 86 BitLocker Drive Encryption, SuperFetch, 86-87 189-192 virtual memory, 79-81 partnerships (synchronization), Reliability and Performance 218-219 Monitor, 52, 63 /passive option (OCSetup), 508 System console, 72 32_0672329611_index.qxd 10/30/07 10:16 AM Page 635

/prep option (PEImg.exe) 635

System Information port exceptions, configuring in (MSinfo32.exe), 72-74 Windows Firewall, 110 Task Manager, 62 Portable Network Graphics Windows Experience Index (PNG), 461 (WEI), 66, 74-77 Power button, 27-28 permissions Power Configuration utility NTFS permissions, 388-391 (Powercfg.exe), 241-242 shared folder permissions, 213 power plans, 58 personalizing. See customizing advanced power settings, 238-239 Phishing Filter (Internet Explorer 7), 459 Balanced, 238 Photo Gallery, 20 basic power settings, 238 Pictures folder, 23 configuring, 239 PNG (Portable Network Power Options screen, Graphics), 461 239-240 Point to Point Tunneling Protocol Powercfg.exe, 241-242, (PPTP), 264 512-513 policies creating, 240-241 GPOs (Group Policy Objects). High Performance, 238 See GPOs overview, 237 Health Policy, 129 Power Saver, 238 Local Policies, 591-592 Power Users group, 164-165 Local Security Policies Powercfg.exe utility, 241-242, definition, 52 512-513 UAC (User Account powering down, 26-27 Control), 182-183 PowerShell Network Policies, 256-257 launching scripts from, 49 password policies, 104, online resources, 48 391-396 overview, 47-48 Remote Assistance Policies, running, 513 257-258 PPTP (Point to Point Tunneling security policies, 180-183 Protocol), 264 Policy Server (NAP), 129 Preinstallation Environment. Pop-Up Blocker (Internet Explorer See Windows PE 7), 469-471 /prep option (PEImg.exe), 512 32_0672329611_index.qxd 10/30/07 10:16 AM Page 636

636 Presentation Settings (Mobility Center)

Presentation Settings (Mobility Printers with Jobs filter (Print Center), 235-236 Management), 409 Previous Versions feature, 445-446 printing Print Management Internet Explorer 7, 455 accessing, 400-401 Print Management Add/Remove Servers accessing, 400-401 option, 402 Add/Remove Servers adding printers with, 407-409 option, 402 Custom Filters option, 404, adding printers with, 409-411 407-409 definition, 52 Custom Filters option, 404, Deployed Printers option, 405 409-411 email notifications, 411-412 definition, 52 Export List option, 405 Deployed Printers option, 405 Export/Import Printers option, 402-404 email notifications, 411-412 Extended view option, 405 Export List option, 405 FAQs, 416 Export/Import Printers option, 402-404 filters, 409-411 Extended view option, 405 Migrate Printers option, 402 FAQs, 416 overview, 399-400 filters, 409-411 publishing printers to Active Directory, 414-415 Migrate Printers option, 402 scripting, 413-414 overview, 399-400 Taskpad view option, 405-407 publishing printers to Active Directory, 414-415 troubleshooting, 416 scripting, 413-414 Printer Port Wizard, 594 Taskpad view option, printers 405-407 adding with Print Management, troubleshooting, 416 407-409 printers deploying with GPOs, 593-597 adding with Print importing/exporting, 402-404 Management, 407-409 publishing to Active Directory, deploying with GPOs, 414-415 593-597 Printers Not Ready filter (Print Management), 409 32_0672329611_index.qxd 10/30/07 10:16 AM Page 637

protocols 637

importing/exporting, prompts, consent and credential, 402-404 169-172 publishing to Active properties Directory, 414-415 network connection properties, privacy, BitLocker Drive Encryption 270-272 capabilities, 186 Sidebar, 40 hardware requirements, wireless networks, 287 187-188 Protected mode (Internet Explorer help and online resources, 7), 105-106, 466-467 203-204 protocols overview, 54, 185-186 BITS (Background Intelligence partitioning hard drives for, Transfer Service), 138 189-192 CHAP (Challenge Handshake recovering data with, 200-202 Authentication Protocol), 278 reporting problems, 202-203 DHCP (Dynamic Host software requirements, 188 Configuration Protocol), 249 turning off, 202 EAP (Extensible Authentication Protocol), 283 turning on IP (Internet Protocol) with startup key, 196-200 dynamic IP addresses, with TPM (Trusted Platform 248-249 Module), 193-196 static IP addresses, when to use, 186-187 249-251 privileges, elevation of, 26, 378 L2TP (Layer 2 Tunneling problems. See troubleshooting and Protocol), 264 diagnostics NAP (Network Access processes, 166 Protection), 146-147 Processor Scheduling panel, 79 PPTP (Point to Point Tunneling product keys, changing, 24-25 Protocol), 264 profiles, 22-23, 385 RDP (Remote Desktop Program Compatibility Wizard, 175 Protocol), 256 program exceptions, 109-110 TCP (Transmission Control Protocol), 110 Programs category (Control Panel), 43 UDP (User Datagram Protocol), 110 programs. See applications WEP (Wireless Equivalency projectors, 255-256 Protection), 283 32_0672329611_index.qxd 10/30/07 10:16 AM Page 638

638 protocols

WPA (Wi-Fi Protected Access), -r option (Expand.exe), 511 256, 283 RAM (random access memory). WSUS (Windows Software See memory Update Services), 147-153 RDP (Remote Desktop proxy settings (mobile connections) Protocol), 256 automatic proxy RE (Recovery Environment), 525 configuration, 273 ReadyBoost, 17, 84-86 manual proxy ReadyDrive, 17, 86 configuration, 273-275 Real-Time Protection (Windows overview, 272-273 Defender), 118 publishing printers to Active Really Simple Syndication Director, 414-415 (RSS), 456 /reboot option Q Sysprep, 509 Wpeutil.exe, 514 q [GUID] parameter (powercfg recommended hardware command), 242 specifications, 15-16 Quick Launch bar recovering adding items to, 33 data with BitLocker Drive overview, 32 Encryption, 200-202 Quick Scan, 120, 124 directories with Shadow Copy, Quick Tabs (Internet 303-305 Explorer 7), 454 files /quiet option from backups, 325-328 OCSetup, 508 with Shadow Copy, 300-302 Package Manager, 507 with Windows RE (Recovery peimg, 525 Environment), 525 Sysprep, 509 GPOs (Group Policy /quit option (Sysprep), 509 Objects), 567 hidden updates, 143-144 from system failures R failed resume operations, 447-448 /r option overview, 444 chkdsk command, 92 Previous Versions Lpksetup.exe, 511 feature, 445-446 32_0672329611_index.qxd 10/30/07 10:16 AM Page 639

REPAIR option (DiskPart) 639

reinstalling system files with reinstalling system files with repair repair option, 447 option, 447 System Restore, 445-446 Reliability and Performance system images, 341-342 Monitor, 52, 63 system to hard drive, 347-349 REM option (DiskPart), 348 systems with System Restore Remediation Server (NAP), 129 capabilities and limitations, remote access connections 356-357 broadband connections, disk space configuration, 268-269 362-364 dial-up Internet connections, disk space 266-267 requirements, 356 dial-up to ISP connections, 266 Group Policy, 364 dial-up to office connections, implementing, 366-368 268-269 implementing from overview, 265 installation DVD, 372 VPN connections, 269-270 implementing from Safe Remote Assistance Mode, 370-371 answering invitations, 440-441 implementing from Safe configuring, 437-438 Mode with command creating invitations, 439-440 prompt, 371 offering assistance, 440 NTFS file system, 357-359 overview, 436-437 overview, 351 Policies, 257-258 restore points, 352-356 Remote Authentication Dial-In User System Protection, 351-352, Service (RADIUS), 264 360-361 Remote Computer dialog box, 74 undoing, 369-370 remote desktop connections, 37 when to use, 365-366 Remote Desktop Protocol Windows Firewall default config- (RDP), 256 urations, 115 removable media, backing up to, Recovery Environment (RE), 525 321-322 redirected folders, 386-388 REMOVE option (DiskPart), 348 Reduced Functionality Mode removing hardware, 58 (RFM), 558 repackaging applications, 179-180 Registry settings, UserHIDBlock, 246 REPAIR option (DiskPart), 348 32_0672329611_index.qxd 10/30/07 10:16 AM Page 640

640 repair option

repair option, reinstalling system RFM (Reduced Functionality files with, 447 Mode), 558 replicating GPOs (Group Policy rights on GPOs (Group Policy Objects), 573-574 Objects), 575-576 reporting Rijndael, 284 BitLocker Drive Encryption roaming profiles, 385 problems, 202-203 rolling back drivers, 312-314 MSRT (Windows Malicious RSoP (Resultant Set of Software Removal Tool) Policies), 579-580 results, 125 RSS (Really Simple RESCAN option (DiskPart), 348 Syndication), 456 Resolve Conflict dialog box, 224 Run as Administrator feature, 378 resolving synchronization Run command, adding to Start conflicts/errors, 223-224 menu, 31 resource sharing, 56-57 Run dialog box, 427 Restore Group Policy Object Wizard, 584 restore points S

creating, 295, 355-356 /s option (Lpksetup.exe), 511 definition, 352 s [GUID] parameter (powercfg types, 353-354 command), 242 Restore Settings option (Security Safe Mode, 311-312, 449-450 Center), 102 implementing System Restore restoring. See recovering from, 370-371 Restricted Sites zone (Internet Safe Mode with Command Explorer 7), 474-475 Prompt, 312 Resultant Set of Policies (RSoP), Safe Mode with 579-580 Networking, 312 Resume Loader, 447 Save BitLocker Drive Encryption resume operations, recovering from Password As dialog box, 194 failures, 447-448 scanning for malware RETAIN option (DiskPart), 348 MSRT (Windows Malicious reusing GPOs (Group Policy Software Removal Tool) Objects), 581-582 Full Scan reverting to previous GPOs (Group overview, 122-123 Policy Objects), 584-585 32_0672329611_index.qxd 10/30/07 10:16 AM Page 641

security 641

Quick Scan, 124 security. See also backups reporting results, 125 BitLocker Drive Encryption overview, 19 capabilities, 186 Windows Defender hardware requirements, administrator options, 119 187-188 advanced options, 118 help and online resources, 203-204 automatic scanning, 117 overview, 54, 185-186 Custom Scan, 120-121 partitioning hard drives default actions, 118 for, 189-192 Full Scan, 120 recovering data with, Quick Scan, 120 200-202 Real-Time Protection, 118 reporting problems, 202-203 updating, 121-122 software requirements, 188 Windows Live OneCare Safety turning off, 202 scanner, 126 turning on with startup ScanState, 555-556 key, 196-200 scheduling offline turning on with TPM (Trusted synchronization, 220-221 Platform Module), 193-196 Screen Rotation (Mobility when to use, 186-187 Center), 236 bulletins, 139 scripts Code Red worm, 134 buildwinre.cmd, 526 data protection, 309-310 configdiskwinre.cmd, 526 driver rollback, 312-314 installwinre.cmd, 526 Safe Mode, 311-312 launching from Windows WRP (Windows Resource PowerShell, 49 Protection), 310-311 Print Management, 413-414 DEP (Data Execution running in Windows Setup, 487 Prevention), 81-84 setautofailover.cmd, 526 Family Safety Settings, 20 Search menu, 46 GPOs (Group Policy Objects) Searches folder, 23 GPO filtering, 578 searching, 17, 45-47, 455 rights, 575-576 secpol.msc, 104 security delegations, 576-577 32_0672329611_index.qxd 10/30/07 10:16 AM Page 642

642 security

Internet Explorer 7 Full Scan, 124-125 configuring, 54 overview, 122-123 data protection, 458-460 Quick Scan, 124 malware protection, 457-458 reporting results, 125 security zones, 472-475 NAP (Network Access Internet Explorer Protected Protection) mode, 105-106 components, 128-131 MIC (Mandatory Integrity health policy Control), 105 compliance, 127 Microsoft Forefront Client health policy validation, 127 Security, 119 limited access, 127 mobile computing overview, 126 broadband connections, Nimda worm, 134 262-263, 267-269 overview, 16-18, 97-98 connection logon password protection, information, 275-277 103-105, 391-396 connections properties, permissions, 213 270-272 Security Center, 135. See also direct-dial connections, 262 Automatic Updating identity validation, 277-279 Automatic Updating networking protocols, configuration, 136-138 279-280 configuring, 98-100 overview, 261 malware protection, 101-102 proxy settings, 272-275 Restore Settings option, 102 RADIUS (Remote UAC (User Account Authentication Dial-In User Control), 102 Service), 264 Windows Firewall remote access connections, settings, 101 265-270 security groups, 382-384 VPNs (virtual private networks), 263, 269-270 System Restore Windows Firewall, 280-281 capabilities and limitations, 356-357 wireless networks, 281-288 disk space configuration, MSBlaster worm, 82 362-364 MSRT (Windows Malicious Software Removal Tool) 32_0672329611_index.qxd 10/30/07 10:16 AM Page 643

security zones (Internet Explorer 7) 643

disk space Windows Firewall requirements, 356 Advanced Security, 111-115 Group Policy, 364 configuring, 53, 107-108 implementing, 366-372 enabling/disabling, 108-109 NTFS file system, 357-359 network connections, overview, 351 280-281 restore points, 352-356 overview, 106-107 System Protection, 351-352, program exceptions, 360-361 109-110 undoing, 369-370 restoring default when to use, 365-366 configurations, 115 UAC (User Account Control) Security Center settings, 101 Active Directory Group Policies, 183 TCP and UDP port exceptions, 110 configurable UAC items, 180-182 Security category (Control Panel), 42 Local Security Policies, 182-183 Security Center, 135. See also Automatic Updating Windows Defender Automatic Updating accessing, 116 configuration, 136-138 administrator options, 119 configuring, 98-100 advanced options, 118 malware protection, 101-102 automatic scanning, 117 Restore Settings option, 102 configuring, 53-54 UAC (User Account Custom Scan, 120-121 Control), 102 default actions, 118 Windows Firewall settings, 101 Full Scan, 120 security groups, 382-384 overview, 115-116 Security Guidance for Patch Quick Scan, 120 Management website, 134 Real-Time Protection, 118 security zones (Internet scanning options, 119 Explorer 7), 472-475 status information, 116 Internet zone, 473 updating, 121-122 Local Internet zone, 473-474 Restricted Sites zone, 474-475 Trusted Sites zone, 474 32_0672329611_index.qxd 10/30/07 10:16 AM Page 644

644 select disk= option (DiskPart.exe)

select disk= option severity levels (event logs), (DiskPart.exe), 522 441-442 SELECT option (DiskPart), 348, 522 sfc.exe (System Integrity Check self-healing mechanisms, 482 and Repair), 498-499 servers SHA (System Health Agent), 128 NAP Administration Server, 129 Shadow Copy Policy Server, 129 benefits, 293-294 RADIUS (Remote Authentication configuring Dial-In User Service), 264 Disk Cleanup, 298-299 Remediation Server, 129 disk space allocation, Systems Management Server. 297-298 See SMS definition, 293 Service Hardening, 18 directory-level protection, 295 service packs, adding to Master enabling, 295-297 Installation, 496 file-level protection, 295 services, startup services, 435-436 overview, 294-295 Services utility, 52 recovering items with Set Up a Connection or Network deleted directories, 303-305 Wizard, 253-254, 265 deleted files, 302 broadband connections, previous versions of 268-269 files, 300 dial-up Internet connections, troubleshooting, 305-307 266-267 volume-level protection, 295 dial-up to office connections, 268-269 sharing VPN connections, 269-270 configuring resource sharing, 56-57 Set-ExecutionPolicy command, 49 folders, 211-213 setautofailover.cmd script, 526 Sharing Wizard, 18 SETID option (DiskPart), 349 workstations Setup Analysis Tool, 176 NTFS permissions, 388-391 setupact.log file, 489 overview, 384 setupapi*.log file, 489 password policies, 391-396 SetupComplete.cmd file, 487 redirected folders, 386-388 setuperr.log file, 489 roaming profiles, 385 32_0672329611_index.qxd 10/30/07 10:16 AM Page 645

Standard user accounts 645

Sharing Wizard, 18 image deployment process, 550 Show Contents dialog box, 228 overview, 547-548 Show Windows Previews (thumb- preparing and capturing nails) option (Taskbar), 32 Windows Vista images, SHRINK option (DiskPart), 349 549-550 shutdown issues, System Center Configuration troubleshooting, 443 Manager 2007, 551 /shutdown option snap-ins, Print Management Sysprep, 509 accessing, 400-401 Wpeutil.exe, 514 Add/Remove Servers option, 402 SHV (System Health Validator), 129 adding printers with, 407-409 Sidebar Custom Filters option, 404, activating, 39 409-411 adding gadgets to, 40 Deployed Printers option, 405 keeping on top of other email notifications, 411-412 windows, 41 Export List option, 405 overview, 17, 39 Export/Import Printers option, properties, 40 402-404 SideShow, 17 Extended view option, 405 SIGVERIF.EXE, 431-432 FAQs, 416 SIM (System Image Manager) filters, 409-411 answer files Migrate Printers option, 402 creating, 490-491 overview, 399-400 validating, 493 publishing printers to Active configuration sets, 516 Directory, 414-415 Distribution Shares, 515-516 scripting, 413-414 overview, 514 Taskpad view option, 405-407 user interface, 514-515 troubleshooting, 416 Windows Vista components, sourceroot option (Oscdimg), 524 configuring, 492 Specialize configuration pass Sleep mode, 27 (Windows Setup), 486 SMS (Systems Management speech recognition, 17 Server) /split option (ImageX), 504 deployment points, 548 Standard user accounts, 167 Image Capture CDs, 550 32_0672329611_index.qxd 10/30/07 10:16 AM Page 646

646 Standard User Analyzer Tool

Standard User Analyzer Tool, scheduling synchronization, 176-178 220-221 Start menu, 29-32 viewing synchronization startup applications, partnerships, 218 configuring, 435 viewing synchronization startup keys, turning on BitLocker results, 223 Drive Encryption, 196-200 Sync Center (Mobility Center), 236 startup mode, changing, 432-433 synchronization startup problems, troubleshooting offline files/folders, 217-218 boot options, 433-435 automatic synchronization, overview, 443 219-220 Safe Mode, 449-450 configuring with actions/events, 221-222 startup applications, 435 manual synchronization, 219 startup mode, 432-433 resolving conflicts/errors, Startup Repair tool, 448-449 223-224 startup services, 435-436 scheduling, 220-221 Startup Repair tool, 448-449 synchronization startup services, configuring, partnerships, 218-219 435-436 viewing synchronization static IP addresses, 249-251 results, 223 status information (Windows Sync Center, 210, 217 Defender), 116 automatic synchronization, Stop errors, 443-444 219-220 /store option (BCDEdit.exe), 520 configuring synchronization storing GPOs (Group Policy with actions/events, Objects), 572 221-222 SuperFetch, 17, 86-87 manual synchronization, 219 Sync Center, 210, 217 resolving conflicts, 223-224 automatic synchronization, scheduling synchronization, 219-220 220-221 configuring synchronization with viewing synchronization actions/events, 221-222 partnerships, 218 manual synchronization, 219 viewing synchronization overview, 18 results, 223 resolving conflicts, 223-224 SYS option (Bootsect.exe), 521 32_0672329611_index.qxd 10/30/07 10:16 AM Page 647

System Restore 647

Sysprep, 508-509 System Integrity Check and Repair System accounts, 168 program, 498-499 System and Maintenance category system performance. See (Control Panel), 42 performance optimization system builds, 536-538 System Preparation Tool, 508-509 System Center Configuration System Protection Manager 2007, 551 definition, 351-352 System Configuration Utility, 52, disabling, 360 427-430 enabling, 361 System console, 72, 423-424 System Recovery Options system failures, recovering from dialog box, 190 failed resume operations, system requirements 447-448 BDD (Business Desktop overview, 444 Deployment Kit) 2007, 529- Previous Versions feature, 530 445-446 Internet Explorer 7, 461-463 reinstalling system files with System Restore, 427, 445-446 repair option, 447 capabilities and limitations, System Restore, 445-446 356-357 System Health Agent (SHA), disk space configuration, 128, 146 362-364 System Health Validates, 146 disk space requirements, 356 System Health Validator (SHV), 129 Group Policy, 364 System Image Manager. See SIM implementing, 366-368 system images from installation DVD, 372 creating, 335-337 from Safe Mode, 370-371 restoring, 341-342 from Safe Mode with system information command prompt, 371 MSinfo32.exe, 72-74 NTFS file system, 357-359 viewing overview, 351 Computer Management restore points console, 420-422 creating, 355-356 overview, 420 definition, 352 System console, 423-424 types, 353-354 Systeminfo utility, 424-426 32_0672329611_index.qxd 10/30/07 10:16 AM Page 648

648 System Restore

System Protection thin and light computers, 234 definition, 351-352 /timeout option (BCDEdit.exe), 521 disabling, 360 toolbars, creating, 33 enabling, 361 tools. See utilities undoing, 369-370 TPM (Trusted Platform Module) when to use, 365-366 enabling, 189 system Stop errors, 443-444 turning on BitLocker Drive System Tools, 421 Encryption, 193-196 Systeminfo, 424-426 tpm.msc, 201 Systems Management Server. Transparency effect (Aero), 39 See SMS transportable computers, 234 troubleshooting and diagnostics, 19 T Backup, 426 tabbed browsing (Internet Explorer Built-in Diagnostics, 426 7), 453-455 common problems, 419-420 tape devices, backing up to, 346 DirectX Diagnostics Tool, 426 Task Manager, 62 Disk Cleanup, 426, 430-431 Task Scheduler, 52, 70, 421 Disk Defragmenter, 426 taskbar event logs contents, 33 administering, 442 customizing, 32 contents, 441-442 overview, 32-34 overview, 441 Quick Launch bar, 32-33 severity levels, 441-442 Taskpad view option (Print viewing, 442 Management), 405-407 File Signature Verification, 426, TCP port exceptions, configuring in 431-432 Windows Firewall, 110 GPOs (Group Policy Objects) TechCenter, 204 GPResult, 580 TechNet Security Center, 135 GPUpdate, 580 Technicians Computer, 494 Resultant Set of Policies /tempdrive drive_letter option (RSoP), 579-580 (Windows setup), 488 Memory Diagnostics, 63 temporary files (Internet Explorer Print Management, 416 7), 465-466 32_0672329611_index.qxd 10/30/07 10:16 AM Page 649

UAC (User Account Control) 649

Reliability and Performance overview, 420 Monitor, 63 System console, 423-424 Remote Assistance Systeminfo utility, 424-426 answering invitations, System Restore, 427 440-441 system Stop errors, 443-444 configuring, 437-438 updates creating invitations, 439-440 Enterprise Scan Tool, offering assistance, 440 153-154 overview, 436-437 MBSA (Microsoft Baseline Shadow Copy, 305-307 Security Analyzer), 153-154 shutdown problems, 443 Microsoft Update, 150-152 startup problems WSUS (Windows Software boot options, 433-435 Update Services), 152-153 overview, 443 Trusted Platform Management. See TPM Safe Mode, 449-450 Trusted Sites zone (Internet startup applications, 435 Explorer 7), 474 startup mode, 432-433 turning off. See disabling Startup Repair tool, 448-449 turning on. See enabling startup services, 435-436 synchronization conflicts/errors, 223-224 U System Configuration Utility, 427-430 /U language-REGION option (Lpksetup.exe), 511 system failures, recovering from UAC (User Account Control), failed resume options, 60, 102 447-448 Administrator accounts, overview, 444 165-167 Previous Versions feature, Application Compatibility 445-446 Toolkit, 174-178 reinstalling system files with built-in accounts, 168 repair option, 447 Compatibility Evaluator, 177 System Restore, 445-446 consent and credential system information, viewing prompts, 169-172 Computer Management enabling/disabling components, console, 420-422 161-164 32_0672329611_index.qxd 10/30/07 10:16 AM Page 650

650 UAC (User Account Control)

overview, 18, 25-26, 157-158, updates 160-161 Automatic Updating Power Users group, 164-165 configuration, 101, 136-138 repackaging applications, checking for, 138-140 179-180 downloading, 142 security policies Group Policy, 147-150 Active Directory Group hiding, 142-143 Policies, 183 installing, 142 configurable UAC items, manual updating, 140-141 180-182 Microsoft Update, 144-145 Local Security Policies, 182-183 NAP (Network Access Protection), 146-147 Standard user accounts, 167 overview, 133-134 Standard User Analyzer Tool, 178 restoring, 143-144 virtualization, 174 schedules, 141 UDP port exceptions, configuring in troubleshooting Windows Firewall, 110 Enterprise Scan Tool, Ultra-Mobile computers, 234 153-154 ultraportable computers, 234 MBSA (Microsoft Baseline Security Analyzer), 153-154 /unattend answer_file option Microsoft Update, 150-152 Sysprep, 509 WSUS (Windows Software Windows setup, 488 Update Services), 152-153 /unattendfile filename option update history, reviewing, (OCSetup), 507 145-146 unattend.xml files, 486 Windows Defender, 121-122 undoing System Restore, 369-370 Windows Update Unicode Consortium website, 505 configuration, 53 /uninstall option (OCSetup), 508 WSUS (Windows Software /unmount option (ImageX), 504 Update Services), 147-153 /up Package Name option URL Handling Protection (Internet (Package Manager), 507 Explorer 7), 457 Update Compatibility /usbdebug hostname option Evaluator, 178 (Windows setup), 489 User Account Control. See UAC 32_0672329611_index.qxd 10/30/07 10:16 AM Page 651

utilities 651

user accounts User Accounts and Family Safety Administrator accounts, category (Control Panel), 42 165-167 user experience (UX), 11-13, 16 built-in accounts, 168 User State Migration Tool (USMT), creating, 379-381 555-558 Easy Transfer, 60-62 capabilities, 557 editing, 381-382 limitations, 557 elevated privileges, 378 LoadState, 557-558 in domains, 378 ScanState, 555-556 in workgroups, 378 UserHIDBlock value (Registry), 246 overview, 60, 375-377 users Power Users group, 164-165 elevation of privileges, 26 roaming profiles, 385 profiles, 22-23 security groups, 382-384 UAC (User Account Control), 18, 25-26 Standard user accounts, 167 USMT (User State Migration Tool), UAC (User Account Control), 60 555-558 Administrator accounts, capabilities, 557 165-167 limitations, 557 Application Compatibility Toolkit, 174-178 LoadState, 557-558 built-in accounts, 168 ScanState, 555-556 consent and credential utilities prompts, 169-172 ACT (Application Compatibility enabling/disabling Toolkit), 553-554 components, 161-164 Administrative Tools, 50-52 overview, 157-161 Application Compatibility Power Users group, 164-165 Toolkit, 174-178 repackaging applications, Backup, 426 179-180 BDD (Business Desktop security policies, 180-183 Deployment Kit) 2007 Standard user deploying Windows Vista accounts, 167 with Systems Management Server, 547-551 Standard User Analyzer Tool, 178 deploying Windows Vista with Windows Deployment virtualization, 174 Services, 542-547 32_0672329611_index.qxd 10/30/07 10:16 AM Page 652

652 utilities

deployment points, 539-542 DEP (Data Execution Deployment Workbench, 530 Prevention), 81-84 Distribution Shares, 533-536 DirectX Diagnostics Tool, 426 Information Center, 531-533 Disk Cleanup, 87-88, 298-299, 426, 430-431 Management Packs, 529 Disk Defragmenter, 88-90, 426 migrating systems to Windows Vista, 551-560 DiskPart, 347-349 overview, 527-529 Drvload.exe, 510 system builds, 536-538 Enterprise Scan Tool, 153-154 system requirements, Event Viewer, 52 529-530 Expand.exe, 510-511 Built-in Diagnostics, 426 File Signature Verification, Check Disk, 91-92 426, 431-432 Complete PC Backup Utility GPResult, 580 Complete PC Restore, GPUpdate, 580 342-345 ImageX, 497-498 creating system images, command-line options, 504 335-337 creating Data Images definition, 333 with, 502-503 DVD backups, 347 definition, 502 hard drive backups, 346 iSCSI Initiator, 52 operating system LoadState, 557 requirements, 345 Lpksetup.exe, 511 restoring system images, MBSA (Microsoft Baseline 341-342 Security Analyzer), 153 restoring to hard drive, Memory Diagnostics, 52 347-349 MSinfo32.exe (System tape device backups, 346 Information), 72-74 WBAdmin, 337-339 MSRT (Windows Malicious when to use, 333-334 Software Removal Tool) Computer Management, 51, Full Scan, 124-125 164, 420-422 overview, 122-123 Data Sources (ODBC) utility, 51 Quick Scan, 124 reporting results, 125 32_0672329611_index.qxd 10/30/07 10:16 AM Page 653

utilities 653

NAP (Network Access offering assistance, 440 Protection) overview, 436-437 components, 128-131 ScanState, 555-556 health policy Services utility, 52 compliance, 127 Set-ExecutionPolicy, 49 health policy validation, 127 Shadow Copy limited access, 127 benefits, 293-294 overview, 126 configuring, 297-299 NETSH, 107 definition, 293 Office Customization, 559 directory-level Office File Conversion, 559 protection, 295 Office Migration Planning enabling, 295-297 Manager, 559-560 file-level protection, 295 Office Setup Controller, 559 overview, 294-295 Package Manager, 505-508 recovering items with, adding drivers with, 506 300-305 command-line options, 507 troubleshooting, 305-307 enabling/disabling Windows volume-level protection, 295 features with, 506 Standard User Analyzer OCSetup, 507-508 Tool, 178 PEImg.exe, 512 Startup Repair, 448-449 Powercfg.exe, 241-242, SuperFetch, 86-87 512-513 Sysprep, 508-509 Print Management. See Print System Configuration Utility, Management 52, 427-430 ReadyBoost, 84-86 System console, 423-424 ReadyDrive, 86 System Integrity Check and Reliability and Performance Repair, 498-499 Monitor, 52 System Restore, 427, 445-446 Remote Assistance capabilities and limitations, answering invitations, 356-357 440-441 disk space configuration, configuring, 437-438 362-364 creating invitations, 439-440 disk space requirements, 356 32_0672329611_index.qxd 10/30/07 10:16 AM Page 654

654 utilities

Group Policy, 364 LoadState, 557-558 implementing, 366-372 ScanState, 555-556 NTFS file system, 357-359 Vista Backup and Restore, overview, 351 325-328 restore points, 352-356 Volume Activation Management tool, 558 System Protection, 351-352, 360-361 vssadmin.exe, 305-307 undoing, 369-370 WAIK (Windows Automated Installation Kit), 483-484 when to use, 365-366 WBAdmin, 337-339 Systeminfo, 424-426 WDSUTIL, 545 Task Scheduler, 52 Windows Defender. See UAC (User Account Control) Windows Defender Administrator accounts, Windows Firewall with Advanced 165-167 Security, 52 Application Compatibility Windows Live OneCare Safety Toolkit, 174-178 scanner, 126 built-in accounts, 168 Windows PE (Preinstallation consent and credential Environment) prompts, 169-172 BCDEdit.exe, 520 enabling/disabling bootable Windows PE components, 161-164 media, 517-519 overview, 157-161 Bootsect.exe, 521 Power Users group, 164-165 DiskPart.exe, 521-523 repackaging applications, Oscdimg, 523-524 179-180 overview, 517 security policies, 180-183 PEImg, 524-525 Standard user accounts, 167 Wpeinit, 525 Standard User Analyzer Windows RE (Recovery Tool, 178 Environment), 525 virtualization, 174 Windows Setup USMT (User State Migration Audit mode, 487-488 Tool), 555-558 command-line options, capabilities, 557 488-489 limitations, 557 configuration passes, 485-487 32_0672329611_index.qxd 10/30/07 10:16 AM Page 655

Welcome Center 655

log files, 489 Vista Backup and Restore overview, 484-485 tool, 325-328 running scripts in, 487 Vista Compatibility Evaluator, 177 Windows SIM (System Image Volume Activation Guide, 558 Manager), 491-493 Volume Activation Management configuration sets, 516 tool, 558 Distribution Shares, 515-516 volume argument (chkdsk command), 92 overview, 514 Volume slider (Mobility user interface, 514-515 Center), 236 Windows Vista Hardware volumes, Shadow Copy Assessment Tool, 552-553 volume-level protection, 295 Winpeshl.ini, 513 VPNs (virtual private networks), Wpeutil, 513-514 254-255, 263, 269-270 /uu Windows feature option vssadmin.exe utility, 305-307, (Package Manager), 507 362-364 UX (user experience), 11-13, 16 W V WAIK (Windows Automated /v argument (chkdsk Installation Kit), 483-484 command), 92 WBAdmin, 337-339 validating wbadmin start backup answer files, 493 command, 338 identity (mobile computing), WDSUTIL utility, 545 277-279 web browsers. See Internet Master Installations, 497 Explorer 7 versions of Windows Vista, 9-10 websites. See specific websites Verts, William T., 247 WEI (Windows Experience Index), .vhd files, 337 66, 74-77 Videos folder, 23 Welcome Center, 23 virtual memory, 79-81 activation status, 24-25 Virtual Memory dialog box, 80 enabling/disabling, 24 virtual private networks, 254-255, overview, 41-42 263, 269-270 product keys, changing, 24-25 virtualization, 174 32_0672329611_index.qxd 10/30/07 10:16 AM Page 656

656 WEP (Wireless Equivalency Protection)

WEP (Wireless Equivalency Windows DS (Deployment Services) Protection), 283 adding images to Windows Wi-Fi Protected Access (WPA), 283 DS, 545 WIM (Windows Imaging image deployment process, Format), 481. See also images 546-547 (Windows Vista) installing, 543-544 Windows Aero, 11 operational modes, 545 Aero Transparency effect, 39 overview, 542-543 components, 35-36 WDSUTIL utility, 545 enabling/disabling, 37-39 Windows Server 2008, 547 overview, 35-36 Windows Easy Transfer, 60-62 remote desktop Windows Experience Index (WEI), connections, 37 66, 74-77 Windows Automated Installation Windows Explorer Kit (WAIK), 483-484 Address Bar, 43 Windows Classic, 11 check boxes, enabling, 44-46 Windows Collaboration, 18 classic Windows menu, Windows Defender enabling, 43 accessing, 116 Organize menu, 43 administrator options, 119 overview, 43-45 advanced options, 118 Windows Firewall automatic scanning, 117 Advanced Security, 111-115 configuring, 53-54 configuring, 53, 107-108 Custom Scan, 120-121 enabling/disabling, 108-109 default actions, 118 network connections, 280-281 Full Scan, 120 overview, 106-107 overview, 115-116 program exceptions, 109-110 Quick Scan, 120 restoring default Real-Time Protection, 118 configurations, 115 scanning options, 119 Security Center settings, 101 status information, 116 TCP and UDP port updating, 121-122 exceptions, 110 Windows Firewall with Advanced Security, 52 32_0672329611_index.qxd 10/30/07 10:16 AM Page 657

WindowsImageBackup directory 657

Windows Imaging Format overview, 484-485 (WIM), 481. See also images running scripts in, 487 (Windows Vista) Windows Sidebar, 17 Windows Live OneCare Safety Windows SIM (System Image scanner, 126 Manager) Windows Malicious Software answer files Removal Tool. See MSRT creating, 490-491 Windows Management Instrumentation Control, 71 validating, 493 Windows Media Player, 20 configuration sets, 516 Windows PE (Preinstallation Distribution Shares, 515-516 Environment) overview, 514 BCDEdit.exe utility, 520 user interface, 514-515 bootable Windows PE media, Windows Vista components, 517-519 configuring, 492 Bootsect.exe utility, 521 Windows Software Update Services DiskPart.exe utility, 521-523 (WSUS), 147-153 Oscdimg, 523-524 Windows Standard, 11 overview, 517 Windows Update. See Microsoft Update, 140 PEImg, 524-525 Windows Vista Basic, 11 Wpeinit, 525 Windows Vista Business, 10 Windows PowerShell Windows Vista Enterprise, 10 launching scripts from, 49 Windows Vista Hardware online resources, 48 Assessment Tool, 552-553 overview, 47-48 Windows Vista Home Basic, 10 Windows RE (Recovery Windows Vista Home Premium, 10 Environment), 525 Windows Vista images. See images Windows Resource Protection (Windows Vista) (WRP), 310-311 Windows Vista Security TechNet Windows Server 2008, 547 Forum, 204 Windows Setup Windows Vista Starter, 10 Audit mode, 487-488 Windows Vista TechCenter, 204 command-line options, 488-489 Windows Vista Ultimate, 10 configuration passes, 485-487 Windows XP, 587 log files, 489 WindowsImageBackup directory, 337 32_0672329611_index.qxd 10/30/07 10:16 AM Page 658

658 WindowsPE configuration pass (Windows Setup)

WindowsPE configuration pass New Simple Volume (Windows Setup), 486 Wizard, 192 WindowsUpdate.log text file, 145 New Task Wizard, 406 %WINDIR% or /image=path to Printer Port Wizard, 594 image file option (peimg), 524 Program Compatibility Winpeshl.ini, 513 Wizard, 175 winsat.log file, 489 Restore Group Policy Object Wireless Equivalency Protection Wizard, 584 (WEP), 283 Set Up a Connection or wireless networks, 251-254 Network, 265 connecting to, 252-253, broadband connections, 287-288 268-269 managing, 288 dial-up Internet connections, 266-267 network information, 285 dial-up to office connections, overview, 281-282 268-269 properties, 287 VPN connections, 269-270 security, 282-284 Set Up a Connection or Network wireless adapter configuration, Wizard, 253-254 284-285 Sharing Wizard, 18 Wireless Network (Mobility WMI Control, 422 Center), 237 WMI Filters, 583-584 Wireless Protected Access (WPA), 256 workgroups wizards advantages, 377 BitLocker Drive Encryption logon process, 21 Wizard, 193 user accounts, 378 Connect to a Network Projector Works with Windows Vista Wizard, 255 logo, 173 Create a Shared Folder workstations, sharing Wizard, 211 NTFS permissions, 388-391 Internet Explorer 7 overview, 384 Customization Wizard, 476 password policies, 391-396 New Build Wizard, 536-537 redirected folders, 386-388 roaming profiles, 385 32_0672329611_index.qxd 10/30/07 10:16 AM Page 659

Zero Touch 659

worms Code Red, 134 MSBlaster worm, 82 Nimda, 134 WPA (Wi-Fi Protected Access), 256, 283 Wpeinit, 525 Wpeutil, 513-514 WRP (Windows Resource Protection), 310-311 wscui.cpl. See Security Center WSUS (Windows Software Update Services), 147-153

X-Y-Z

/x option chkdsk command, 92 OCSetup, 508 XML files, exporting GPO (Group Policy Object) settings into, 603

Zero Touch, 542