Jim Allchin on Longhorn, Winfs, 64-Bit and Beyond Page 34 Jim
0805red_cover.v5 7/19/05 2:57 PM Page 1
4 Scripting Solutions to Simplify Your Life Page 28
AUGUST 2005 WWW.REDMONDMAG.COM
MrMr WindowsWindows Jim Allchin on Longhorn, WinFS, 64-Bit and Beyond Page 34 > $5.95 05 • AUGUST
Make Room for Linux Apps Page 43
25274 867 27 Active Directory Design Disasters Page 49 71 Project1 6/16/05 12:36 PM Page 1
Exchange Server stores & PSTs driving you crazy?
Only $399 for 50$ mailboxes;1499 for unlimited mailboxes!
Archive all mail to SQL and save 80% storage space!
Email archiving solution for internal and external email
Download your FREE trial from www.gfi.com/rma Project1 6/16/05 12:37 PM Page 2
Get your FREE trial version of GFI MailArchiver for Exchange today!
GFI MailArchiver for Exchange is an easy-to-use email archiving solution that enables you to archive all internal and external mail into a single SQL database. Now you can provide users with easy, centralized access to past email via a web-based search interface and easily fulfill regulatory requirements (such as the Sarbanes-Oxley Act). GFI MailArchiver leverages the journaling feature of Exchange Server 2000/2003, providing unparalleled scalability and reliability at a competitive cost.
GFI MailArchiver for Exchange features Provide end-users with a single web-based location in which to search all their past email Increase Exchange performance and ease backup and restoration End PST hell by storing email in SQL format Significantly reduce storage requirements for email by up to 80%
Comply with Sarbanes-Oxley, SEC and other regulations. General configuration options Searching for an email
tel: +1888 243 4329 / +919 379 3397 | email: [email protected] | url: www.gfi.com/rma Project2 6/14/05 2:48 PM Page 1
Do you know who's inside your network?
Beyond Scan and Remove - Think Spyware Prevention Are Spyware and other Internet threats clowning around on your network? SurfControl Enterprise Threat Shield™ gives you the last laugh. If the threat is already on a user's machine, SurfControl Enterprise Threat Shield stops it from running and removes it. What is more, SurfControl Enterprise Threat Shield prevents reinfection, is enterprise-ready, gives you centralized management, and is user tamper-proof. Put the kibosh on spyware, key-loggers, instant messaging, P2P and games before they jeopardize security or productivity.
FREE 30-day trial www.surfcontrol.com/go/threatshield 1 800.368.3366
© 2005 SurfControl plc. 0805red_TOC_1.v5 7/14/05 12:05 PM Page 1
AUGUST 2005 WWW.REDMONDMAG.COM
Winner for Best Computer/Software Magazine 2005 RedmondTHE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITY
COVER STORY REDMOND REPORT 8 News Analysis Mr. Windows Longhorn Lite Jim Allchin, considered 10 Event Log by many as the father of Google Earth debuts in beta NT and the brains behind form; System Center Data Longhorn, talks about the Protection Manager releases future of rich clients and ahead of schedule; staggered why you should trust rollout planned for Microsoft Microsoft to power your CRM 3.0. next PC.
Page 34
PHOTO BY GEOFF MANASSE
FEATURES 40 Longhorn: Is Allchin’s Baby Worth the Wait? 12 TechWatch Don Jones takes a look at the new features that will be included in the Microsoft feeds RSS to Longhorn. new Windows operating system, slated for release in late 2006.
43 Make Room for Linux COLUMNS As Linux applications grow in 4 Chief Concerns: popularity, Windows admins Doug Barney will need to start incorporating Why I Bought them into their networks. Here a Mac are five ways to do that. Page 43 23 Beta Man: Don Jones 49 How NOT to Design Active Directory At Long Last: SQL Server 2005 Learn how to do Active Directory design right from these Page 49 real-world case studies of those who have done it wrong. 55 Windows Insider: Bill Boswell Data Protection Manager REVIEWS 60 Security Advisor: 15 Virtual Idol 25 Your Turn Joern Wettern VMware puts on a stellar LCS 2005: Business- The State of Biometric virtualization performance with its Authentication latest version of Workstation. Grade Messaging with All the Extras 64 Ten: Paul Desmond 17 Get to Know Your Network Microsoft’s instant messaging Useful Microsoft Blogs How well do you know your environment matures into an network? NetSupport DNA will enterprise-class tool. give you the complete picture. ALSO IN THIS ISSUE 28 Redmond Roundup 19 Administration En Masse Write the Perfect Script 2 Redmond magazine online User Manager Pro helps you keep Need to go deep and seize control 6 Letters to Redmond tabs on your admin tasks. of your Windows systems? One of these tools can help you perfect the 63 Ad and Editorial Indexes art of scripting. COVER PHOTO BY GEOFF MANASSE 0805red_OnlineTOC_2.v4 7/14/05 12:41 PM Page 2
RedmondAUGUST 2005 mag.com
REDMOND COMMUNITY REDMONDMAG.COM Redmond Newsletters Exclusive August Issue Content Only on Redmondmag.com • Redmond Report: Our weekly e-mail There’s a lot going on in this month’s print issue of Redmond—so much, in fact, that newsletter featuring news analysis, we’ve had to move some of our regularly scheduled articles online, alongside the context and laughs. By Redmond’s extra information we always offer on the topics we cover. Editor in Chief Doug Barney. Because of this overflow, this month our FindIT codes FindIT code: Newsletters are more important than ever. When you see them in • Security Watch: Keep current on the the magazine, be sure to enter them at the top-right latest Windows network security topics. corner of any Redmondmag.com page to jump directly This newsletter features exclusive, to content like: online columns by Contributing Editor • Chris Brooke’s August Mr. Script column on using Russ Cooper of NTBugTraq fame. Devcon.exe to disable dirty connections when the FindIT code: Newsletters computer is connected to a private network. (FindIT Code: CleanUp). Discussion and Forums This month’s Mr. Script • A detailed feature comparison chart of the scripting Post your thoughts and opinions under column by Chris Brooke tools featured in this month’s Redmond Roundup on is available online using our articles, or stop by the forums for FindIT Code: CleanUp more in-depth discussions. p. 28. (FindIT Code: PerfScript) FindIT code: Forum • Extra information on deploying and using Microsoft Live Communications Server 2005. (FindIT Code: LCSExtras) Your Turn And much more. As always, FindIT codes are one word and are NOT case sensitive. If The interactivity center of the you have any feedback regarding our FindIT code system, or anything regarding Redmond universe, where you get to Redmondmag.com, be sure to let our Web editors know at [email protected]. express your views. FindIT code: YourTurn MCPMAG.COM • MCP Radio: Interviews with DesktopStandard’s Eric Voskuil and OTHER 101COMMUNICATIONS SITES Microsoft Changes Special Operations Software’s Magnus MCP Program ENTmag.com Lindegren on how their companies MCPmag.com Editor Special Report: “A Look at the Microsoft simplify the management of GPOs. Michael Domingo Security Response Center’s Playbook” • SBS Live!: Microsoft MVP and SBS looks at the changing Scott Bekker takes you inside the expert Andy Goodman heads a landscape of the Microsoft Security Response one-hour live chat with fans of Microsoft Certified Center process. Microsoft’s Small Business Server; Program and what it FindIT Code: ENTSecCenter Tuesday, Aug. 16, 7 p.m. EDT. means to the MCP MCPmag.com Editor CertCities.com community today. Michael Domingo Also this month: News: “CompTIA Raises Exam Prices 5 • Need answers for your Windows, FindITCodes Percent Worldwide” CompTIA raises prices for its A+, Exchange, security or troubleshooting Throughout Redmond magazine, Network+, Security+ and other problems? Send your questions to you’ll discover some stories contain FindIT codes. Key in those codes at exams worldwide. [email protected] to get help from troubleshooting expert Chris Wolf in a Redmondmag.com to quickly access FindIT Code: CCExamPrice expanded content for the articles new column, Tech Line. Chris is also a containing those codes. TCPMag.com virtualization guru and welcomes your Just enter the code (note that all questions on that topic. FindIT codes are one word, and are Pop Quiz: CCNA Pop Quizzes • In this month’s Scripting Answers, NOT case sensitive) in the box at Check out free practice questions from Don Jones offers a few ideas for effi- the top-right corner of any page Transcender, Measure Up and more. on Redmondmag.com. FindIT Code: TCPquiz ciently debugging your scripts.
2 | August 2005 | Redmond | redmondmag.com | Project6 4/1/05 2:50 PM Page 1
YOUR INFRASTRUCTURE MAY PROTECT EMPLOYEES INSIDE. What protects employees outside?
She works from home. She works from the road. And she endangers the network everywhere she goes. That’s why you need Websense software—to provide security protection at the desktop and beyond. Close the security gap. Download your free evaluation today. www.websense.com/mobile3
© 2005 Websense, Inc. All rights reserved. Websense is a registered trademark of Websense, Inc. in the United States and certain international markets. 0805red_Chief_4.v5 7/15/05 9:06 AM Page 4
ChiefConcerns Doug Barney
Why I Bought a Mac RedmondTHE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITY AUGUST 2005 ■ VOL. 11 ■ NO. 8 have six PCs and laptops running everything from DOS Editor in Chief Doug Barney and Windows 95 to Windows XP.That is exactly why I [email protected] Editor Paul Desmond bought my son an iBook for his twelfth birthday. [email protected] I Executive Editor, Reviews Lafe Low Faithful readers know the stress my The Mac has none of these short- [email protected] Managing Editor Keith Ward family’s PCs have caused. Viruses, spy- comings. What it does have is a [email protected] ware and other inexplicable phenomenon Ferrari-like price tag. That’s easy to News Editor Scott Bekker have hit us hard. Troubleshooting my justify for the occasional birthday [email protected] Assistant Managing Editor, Wendy Gonchar own machines is bad enough. I don’t present, but it would make me gag if I Web Editor [email protected] want the burden of keeping my kids’ was running a 10,000-seat enterprise. Editor, Redmondmag.com, Becky Nagel boxes running as well. Those hassles led It’s going to take more than a few CertCities.com [email protected] Editor, MCPmag.com Michael Domingo me to shell out $1,075 for a low-end Mac television commercials touting XP to [email protected] laptop. That’s roughly double the best keep the Mac and Linux forces at bay. Editor, ENTmag.com Scott Bekker deals you can get from HP and Toshiba. Redmond desperately needs a new OS [email protected] Associate Editor, Web Dan Hong Frustration is only one reason I to keep its rivals from nipping at its [email protected] bought the Mac for my son. Exposing monstrous market share. Contributing Editors Bill Boswell him to new things is another. David Longhorn will have to be insanely Chris Brooke already has a pretty slick, late-model great, remarkably stable and better at Don Jones HP desktop with all the bells and defending against viruses and other Joern Wettern some of the whistles. He’s using it to hacks than XP and IE—the Swiss Art Director Brad Zerbel learn about encryption, scripting and cheese of software. Despite its Senior Graphic Designer Alan Tao programming—and to play lots of problems, I happen to like XP a lot. If games. He’s already embarrassing me by the rivals keep getting better, though, Publisher Henry Allain asking technical questions I can’t I might just have to buy another Associate Publisher Matt N. Morollo Director of Marketing Michele Imgrund answer. Why get him another XP non-Microsoft box. Director of Audience Marketing Janice Martin machine so he can lug it around on Senior Web Developer Rita Zurcher vacation and over to friends’ houses? What Would Make You Switch? Marketing Programs Associate Videssa Djucich Besides, the Mac—loaded with Tiger, For the enterprise, moving from Director of Print Production Mary Ann Paniccia the latest OS—is new and very cool. Windows clients is a tall order. For one, Manufacturing & Carlos Gonzalez This experience has shown me that you have to be Distribution Director Microsoft’s desktop monopoly, while able to handle incredibly solid, may not last common file formats forever. There are alternatives. Linux will like .DOC and .XLS, eventually get there—although and continue working with I’m certainly not eager to Active Directory and other Enabling Technology Professionals to Succeed replace my XP frustra- common tools. President & CEO Jeffrey S. Klein tions with what could All the Linux Executive VP & CFO Stuart K. Coppens be a bigger dose of companies are eating Executive VP Gordon Haight Linux headaches. I’m their own desktop Senior VP & Sheryl L. Katz also not too keen on dog food, and Sun General Counsel Senior VP, Human Michael J. Valenti the Scott McNealy seems to be doing Resources terminal style of com- fine running SunRay Redmondmag.com puting in which you’re terminals, but Windows The opinions expressed within the articles and other contents dead in the water with- is woven deeply into herein do not necessarily express those of the publisher. Postmaster: Send address changes to out a high-speed connec- the fabric of corporate Redmond, 2104 Harvell Circle, Bellevue, NE 68005 tion. (However, I’ve got to computing. So what would admit that having a single iden- it really take for you and tity and set of files I can easily get to your shop to switch? Tell me at from a number of devices is pretty neat.) [email protected].—
4 | August 2005 | Redmond | redmondmag.com | Project6 5/10/05 3:22 PM Page 1
:PVSXFBQPO $PVOUFS4QZ&OUFSQSJTF $FOUSBMJ[FETQZXBSFFSBEJDBUJPO
4QZXBSF UIF OFX OVNCFS POF FOFNZ GPS *5 3FBMUJNF QSPUFDUJPO !CTIVE 2ECENT SURVEYS OF )4 SPECIALISTS SHOW THAT SPYWARE 0ROTECTION4- -ONITORS DELIVER REAL TIME INFECTIONS HAVE REACHED EPIDEMIC PROPORTIONS PROTECTION TO WORKSTATIONS TO REDUCE THE CHANCE 3PYWARE IS ONE OF THE MOST SERIOUS SECURITY THREATS AND PRODUCTIVITY OF SPYWARE INFECTION &ROM THE !DMIN #ONSOLE YOU HAVE THE ABILITY TO KILLERS TODAY )TS INSIDIOUS )TS CREATORS ARE WELL lNANCED RELENTLESS AND CENTRALLY CONTROL WHAT ACTIONS ARE TAKEN WHEN THESE MONITORS DETECT REMORSELESS &OR THE CHANGE ON THE DESKTOPS 5IF CFTU TQZXBSF EBUBCBTF JO UIF ENTERPRISE COMMON JOEVTUSZ 1FSJPE 4HE DATABASE BEHIND #OUNTER3PY %NTERPRISE HAS BEEN ANTISPYWARE CANT CUT IT INDEPENDENTLY VALIDATED AS THE BEST ANTISPYWARE DATABASE IN THE INDUSTRY $PVOUFS4QZ &OUFSQSJTF 7HY #OUNTER3PY %NTERPRISE BENElTS FROM MULTIPLE SOURCES FOR ITS ,OPDL PVU TQZXBSF SPYWARE DElNITION UPDATES INCLUDING 3UNBELTS 2ESEARCH 4EAM -ICROSOFT GSPN POF DFOUSBMJ[FE AND INFORMATION COLLECTED FROM CONSUMER USERS THROUGH 3UNBELTS MPDBUJPO #OMPANY WIDE 4HREAT.ET4- 3PYWARE DOESNT STAND A CHANCE 'SFF USJBM 'JOE PVU IPX SPYWARE MANAGEMENT NBOZ NBDIJOFT JO ZPVS PSHBOJ[BUJPO BSF JOGFDUFE /08 3CAN THE REQUIRES A REAL ENTERPRISE PRODUCT WITH CENTRALIZED MANAGEMENT MACHINES IN YOUR ENTERPRISE FOR FREE $OWNLOAD THE TRIAL AT #OUNTER3PY %NTERPRISE IS JUST THAT A SCALABLE POLICY BASED WWWSUNBELT SOFTWARECOMCSERED SECOND GENERATION ANTISPYWARE TOOL BUILT FROM THE GROUND UP FOR SYSTEM AND NETWORK ADMINISTRATORS TO KILL SPYWARE QUICKLY AND EASILY
-ÕLiÌ -vÌÜ>Ài /i\ £nnn /1/- Ènnn{xÇ® À £ÇÓÇxÈÓä£ä£ >Ý\ £ÇÓÇxÈÓx£ ÜÜÜ°ÃÕLiÌÃvÌÜ>Ài°V Ã>iÃJÃÕLiÌÃvÌÜ>Ài°V
^ÊÓääxÊ-ÕLiÌÊ-vÌÜ>Ài°ÊÊÀ} ÌÃÊÀiÃiÀÛi`°Ê ÕÌiÀ-«Þ >`Ê/ Ài>Ì iÌ >ÀiÊÌÀ>`i>ÀÃÊvÊ-ÕLiÌÊ-vÌÜ>Ài°ÊÊÌÀ>`i>ÀÃÊÕÃi`Ê>ÀiÊÜi`ÊLÞÊÌ iÀÊÀiëiVÌÛiÊV«>iÃ°Ê 0805red_Letters_6.v3 7/14/05 11:46 AM Page 6
Letters to Redmond
Compare, Learn, Improve Nice to see such a good article (from a purely objective point of view) about Linux desktops on a “Redmond” site [Redmond Roundup, June 2005, “Desktop Linux: Ready for Prime Time?”]. That’s just how it should be: compare, learn and make better desktops. A happy Debian Linux user, Thomas van Oostveen Amstelveen, The Netherlands
Climbing the Food Chain blamed the DMZ for issues that related The Ray Ozzie interview was excellent more to server placement and configura- One of my solutions—to what I consider the [“It’s Groove Baby!” July 2005]. You tion (network-design issues) than the main shortcomings of DMZs—is better gave him a chance to talk, and his shortcomings of the DMZ. Also, any content inspection (which could be done in insights were fascinating. Way back time you give public access to some part conjunction with a DMZ). The other actually when in the early days of Exchange, I of your network, there are going to be takes the original idea of a DMZ one step suspected that some of the development risks. A DMZ helps mitigate, but does further to provide enhanced traffic control. By delays were due to trying to incorporate not completely negate, these risks. There using IPsec mutual authentication between Notes-like features in the product. And is only so much a DMZ can do if you hosts (but not necessarily for encryption), a it seemed at the time there were some design your network poorly. computer can actually confirm that network Ray Ozzie/Notes admirers at Microsoft, As someone with a Security+ certifi- traffic really originates from the host from which turned out to be true! cation, he should know that a firewall which it claims to come. And, because you can It is great to be climbing up the food and/or DMZ should not, by itself, be use IPsec to block all traffic that doesn’t orig- chain on interviews. The fact that Red- the sole means of securing your net- inate from specific trusted hosts and uses mond magazine gives these folks some work. But, condemning the concept of a allowed ports, you can create more effective air time and not just a few chopped up DMZ as a valuable security component network isolation than what is provided by a sound bites might encourage others is absolutely ludicrous. traditional DMZ. In other words, I certainly (like the rest of the CTO team) to Jon Banks, MCSE, Security+ don’t oppose network isolation, but I believe spend some time with you. If I ran Network Security Engineer that what traditional DMZs provide in this Microsoft’s PR Department, I would Marietta, GA respect is insufficient. always be trying to put more of a I understand your initial reaction to my human face on the company, and show- Thank you for taking the time to reply to my column, but I hope you can think about the case some of the other bright folks they article. I realized that my column would be issue again and come to a more charitable have on the payroll. controversial, and it is certainly turning out assessment. Either way, I do appreciate your Also, the Art Department gets that way. feedback and I hope you will continue to points—the layout, cover shot and use The reason I question the idea of a DMZ is provide feedback about my column and other of green and the type treatment—the that I regularly review network designs and I articles in Redmond magazine. issue looks fabulous! see DMZs being used in ways that don’t Contributing Editor and Security Erik Westgard increase security. They often provide a false Advisor Columnist Joern Wettern St. Paul, Minn. sense of security and represent wide open doors into a corporate network. I see these DMZ DMZ Shortcomings design problems in small companies, as well as Whaddya Think In reading Dr. Wettern’s article [July in large, multinational enterprises. 2005 Security Advisor, “Dump Your In my opinion, there are only a few Send your rants and raves DMZ”], I found that his criticism of protocols that lend themselves to using a about stories in this issue to ?! DMZs was flawed for many reasons. The DMZ. The prime example is an SMTP [email protected]. biggest criticism that stood out as I read relay server, but SMTP is a protocol that has Please include your first and last the article was that numerous times he changed little since DMZs were invented. name, city and state.
6 | August 2005 | Redmond | redmondmag.com | Project5 7/6/05 12:42 PM Page 1
ADVERTISEMENT A bigger threat than viruses? Why disk fragmentation is poised to outpace the virus as the biggest threat to productivity
What’s really at stake drive is the performance Why do we protect against viruses? bottleneck, and anything that Think about it. A virus causes a computer to slows down disk access slows slow down or stop, rendering the system down the entire system. less usable or unusable. That impacts productivity and costs you and your Protect now or wait organization time and money. When a until it breaks? computer is infected by a virus, someone How do you handle has to clean and repair it. That too costs viruses? Do you wait until a time and money. system is infected and the Fragmentation can have a disastrous effect on system reliability. From a productivity standpoint, disk damage is done, and then fragmentation causes the same damage as a clean and repair it? Of course not. Yet that’s The industry-leading solution virus. A buildup of fragmentation will cause how many computer users and system Diskeeper®, The Number One a computer to slow down or even crash, administrators handle disk fragmentation. Automatic Defragmenter™, is designed resulting in lost productivity. And someone They wait until fragmentation has already specifically to handle fragmentation proactively has to spend time fixing it. affected productivity, then manually . Diskeeper is a true “Set It and ® defragment the system. But as with a virus Forget It” utility. Like good real-time Disk fragmentation: infection, the damage has already been antivirus software, it works in the The enemy within done. (And as soon as they finish manually background, virtually unnoticed by the users. It can be centrally managed, reducing There is one major difference: Viruses defragmenting, fragmentation begins to re- administration time to bare minimums. come from outside. Disk fragmentation accumulate.) And like good antivirus software, comes from inside. Even a newly-formatted Conscientious computer users address Diskeeper pays for itself by eliminating PC with a fresh installation of Windows the virus issue proactively by installing fragmentation-related productivity losses will be moderately fragmented. (It’s true. antivirus software and updating it regularly. and the need to repair them. Try it yourself and see.) In a corporate environment, installation and Compounding the problem is the fact updates are usually automated so as to You’re already under attack that today’s drives, as well as the files we reduce the amount of administration time. Here’s the clincher: Your systems may store on them, are larger than ever and In order to avoid productivity losses, never face the threat of a virus. Antivirus growing rapidly. As a result, disk fragmentation must be handled the software is insurance, just in case. fragmentation is a bigger threat than ever. same way—automatically. Like antivirus But your systems do face the threat of Viruses work by attacking the weakest software, an automatic defragmenter fragmentation—every day, every hour, link—the unprotected computer or the protects a system’s integrity by detecting even as you read this. before careless user. Likewise, disk fragmentation fragmentation and eliminating it it attacks the weakest link: The disk drive. impacts productivity. Are you protected? Disk drives and disk arrays, fast as they may be, cannot transfer data anywhere near Protect your systems against the threat of fragmentation. as quickly as the CPU or memory. The disk Try Diskeeper free for 30 days www.diskeeper.com/redmond4 For volume license pricing and government or educational discounts, contact your favorite reseller or call 800-829-6468 reference number 4327
The Number One Automatic Defragmenter
OVER 17 MILLION LICENSES SOLD
©2005 Diskeeper Corporation. All Rights Reserved. Diskeeper, The Number One Automatic Defragmenter, Set It and Forget It, the Executive Software logo and the Diskeeper Corporation logo are registered trademarks or trademarks of Diskeeper Corporation in the United States and/or other countries. Microsoft and Windows are either registered trademarks or trademarks owned by Microsoft Corporation in the United States and/or other countries. Diskeeper Corporation • 7590 N. Glenoaks Blvd. Burbank, CA 91504 • 800-829-6468 • www.diskeeper.com 0805red_Report_8-13.v5 7/14/05 1:56 PM Page 8
August 2005 INSIDE: Microsoft feeds RSS to Longhorn. RedmondReport Page 12. Longhorn Lite Who says you have to wait for Longhorn to get those features?
BY SCOTT BEKKER awhile, even if Longhorn doesn’t miss nally planned for Longhorn that Mainstream support ran out for more deadlines. Microsoft later decided to pull into Windows 2000 Professional at the Faced with the long lead time to Long- Windows XP include the Avalon beginning of last month. So the clock horn, Microsoft is under pressure to keep presentation subsystem, the Indigo must be ticking for Windows XP the aging Windows XP operating system communications subsystem and IE 7.0, Professional, which shipped a mere 20 improving or it’ll leave a crack for eager with its further security enhancements months later, right? Nope. competitors to slip through. It’s very sim- and tabbed browsing. There’s even talk Windows XP’s mainstream support ilar to the situation the company faced of the WinFS storage subsystem, if it will last much longer under a clause in with SQL Server 2000 during the long actually ships, being made available Microsoft’s current support lifecycle wait for Yukon. To keep SQL Server for Windows XP. policy. Main- 2000 fresh, Microsoft dribbled out new With the subsystems, given the sup- NewsAnalysis stream sup- features—items like Reporting Services port horizon for Windows XP, port lasts for and Notification Services that added Microsoft has little choice. Windows five years, or two years beyond the valuable functionality, even if they XP is going to have a larger installed release of the latest version, whichever weren’t the full-featured versions that base than Longhorn for years. Devel- is longer. XP’s mainstream support is would appear in Yukon. opers won’t target the new technologies currently slated to run until Dec. 31, The approach has been the same on for a tiny portion of the installed base. 2006—just about when Windows the Windows client side, and all indica- Search is another area of focus for Longhorn is supposed to ship. That tions are that the trend will continue. Longhorn that Microsoft is bringing to translates to a two-year grace period on Windows XP Service Pack 2 was the XP. MSN Desktop Search adds a lot of Windows XP mainstream support until most obvious example, with its Win- the kinds of functionality promised for very late in 2008. dows Firewall, new version of Internet Longhorn. (Competitive downloads Not all support cuts off at that Explorer, general security overhaul and from Google and Yahoo! provide great date; that’s just when the extended Group Policy enhancements, among searching of Windows systems right phase begins. New feature requests other things. now, too.) won’t be considered after 2008, but Plenty of things are working their way There are places that Longhorn will you’re still entitled to new security back into the Windows XP code-base go where Windows XP can’t follow. patches until late 2013. So Windows from the Longhorn development team as The Aero interfaces and the new folder XP is officially going to be around optional downloads. Other items origi- Continued on page 13 BytheNumbers
As Microsoft attempts to expand its midmarket presence with a new three-server/50 CAL package for Windows How Big Am I Now? Server System, the company is talking about its internal model for classifying customers. Check the chart below to see where you fit. Individual metrics are rough and vary depending on vertical industry and other factors, so an otherwise small company may have a midsize IT staff and an enterprise level of servers. PCs Employees IT staff Servers Organizations fitting this description worldwide Small 1-25 1-50 0 0-2 41 million (includes home offices) Midsize 26-500 51-1000 0-7 3-9 1.2 million Enterprise 501+ 1001+ 8+ 10+ 18,000
Source: Interviews with Microsoft
8 | August 2005 | Redmond | redmondmag.com | Project2 7/11/05 4:41 PM Page 1
FREE 30 DAY EVALUATION www.scriptlogic.com/missing
...can really hurt. Unless everything is patched, you’re vulnerable.
Trust the dependability and security of Patch Authority Plus™ from ScriptLogic - your prescription for comprehensive, enterprise-class patch management
Simplify the process of updating Windows desktops and servers from a central location Deploy patch updates in just two simple steps Deliver patches with greater security and less down time Protect your network with interactive or scheduled patching
> www.scriptlogic.com/missing
Evaluate a fully-functional, 30-day trial version of Patch Authority Plus and Get a FREE T-Shirt* Call 1-800-424-9411
© 2005 ScriptLogic Corporation. All rights reserved. ScriptLogic, Patch Authority Plus and the ScriptLogic logo are trademarks or registered trademarks of ScriptLogic Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademark of their respective owners. * Offer good while supplies last. Allow 4-6 weeks for delivery. Document 1 7/7/05 3:05 PM Page 1
> www.scriptlogic.com/usbdrive
Receive a 256MB USB drive, compliments of ScriptLogic!
You're just two steps away from getting your USB drive: 1 Be one of the first 200 people to download and install one of ScriptLogic's* award-winning network administration solutions. Download now at www.scriptlogic.com/usbdrive 2 Then call 1-800-424-9411 and speak with your ScriptLogic Account Executive – and we'll send you a FREE 256MB Portable USB drive!*
– Point, Click, Done.
www.scriptlogic.com/usbdrive – Call 1-800-424-9411
* Offer good on any ScriptLogic solution except for AutoShare. USB drive available to first 200 respondents that download trial version and call a ScriptLogic Account Executive. Document 1 7/7/05 3:05 PM Page 2
Don’t miss out on improved Security... Compliance... and Productivity...
You’re covered with ScriptLogic’s innovative software solutions. Our solutions not only meet your security and compliance requirements – they increase productivity at the same time!
Our leading products, including Desktop Authority®, Enterprise Security Reporter™ and Active Administrator™ empower you to: • enforce desktop, server and Active Directory security • facilitate both regulatory and standards compliance • increase productivity of the administrator and the user
Find out for yourself... visit www.scriptlogic/usbdrive and download a FREE fully functional, 30-day trial version of any ScriptLogic solution* today! And, if you’re one of the first 200 to download a trial and call us, we’ll send you a 256MB Portable USB drive – absolutely FREE!**
www.scriptlogic.com/usbdrive – Point, Click, Done. 1-800-424-9411 © 2005 ScriptLogic Corporation. All rights reserved. ScriptLogic, Desktop Authority, Enterprise Security Reporter, Active Administrator, and the ScriptLogic logo are trademarks or registered trademarks of ScriptLogic Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. ** Allow 4 to 6 weeks for delivery of USB drive. 0805red_Report_8-13.v5 7/14/05 1:56 PM Page 10
RedmondReport
A roundup of Windows- EventLog related happenings The Battle for Virtual Earth is On Every so often a PC application comes along that harnesses all the power of the latest technologies in a way that makes you sit up and take notice. The most recent of these is Google Earth, which posted as a beta last month. The 10MB download from http://earth.google.com offers aerial maps in breathtaking detail of rooftops, roads and trees. The real magic comes in the marriage of the images with street maps and databases of restaurants, hotels, gas stations and other location information. (The smooth flyover effects are pretty nifty, too). Looking down from Mt. Everest in Google Earth.
As with desktop search, it’s not date to late in the second half. integration capabilities. A new yet clear where the money is, but Now the software giant is back on Small Business Edition is also on Microsoft is hot on Google’s trail. the original timetable. Release to tap specifically for users of Our Himalayan screenshot (this manufacturing is set for Aug. 8 or Microsoft Small Business Server page) notwithstanding, most of sooner, with general availability 2003 Premium Edition. the maps are not 3-D, but rather within 60 days. give an overhead view. Microsoft Professional Developers plans a version this summer Staggered Rollout for Conference called Virtual Earth with a 45- Microsoft CRM The schedule calls for Longhorn, degree angle view of the world. You can get your hands on Longhorn, Longhorn—and a little Google says it’s working on 45- Microsoft CRM 3.0 in the fourth Office 12—at the Microsoft Pro- degree views, too. So sit back quarter—if you’re one of the fessional Developers Conference and be wowed by the benefits of 4,000 organizations already next month in Los Angeles. You competition. using it, that is. Microsoft elected may recall that the 2003 version to pursue a staggered rollout for of this show was the official Data Protection Manager the next version of its customer unveiling of Longhorn and the Fake-Out relationship management product, introduction of such OS pillars as Microsoft is pulling the rare which has skipped directly from Indigo, Avalon and WinFS. Now, ahead-of-schedule release—sort version 1.2 to 3.0. Expected to be with the operating system closer of—with its new System Center released to manufacturing in to release, the details unveiled at Data Protection Manager server October, the product will be PDC 2005 will, hopefully, be a for disk-based backup and generally available throughout little more solid. With the first recovery. Originally billed as a the fourth quarter to existing Longhorn beta scheduled to be second half 2005 deliverable, customers. Widespread availability out the door well before the Microsoft narrowly missed the of 3.0 is slated for 2006. Key show, expect a lot of detail on beta delivery target this spring areas of focus in the upgrade are subsequent features. and revised its final delivery configuration, customization and — SCOTT BEKKER
10 | August 2005 | Redmond | redmondmag.com | Project1 6/30/05 10:17 AM Page 1
- 9"1, 7, -- -- "" /" "¶
iÌÊÌÊÊÌ iÊ>ÌiÃÌÊ >` i`ÃÊ>`ÊÃÌÊ««Õ>ÀÊ iÌÜÀÃp>ÊÜÌ Ê>ÊÌÕÌÛiÊ"ÕÌiÊÌiÀv>Vi°
'OOD,INK» ENTERPRISE SOFTWARE DOES WHAT NO OTHER WIRELESS MESSAGING SOLUTION CAN )T PUTS THE FAMILIAR LOOK FEEL AND FUNCTIONS OF -ICROSOFT¸ /UTLOOK¸ ON A VARIETY OF PALM/3 AND 0OCKET 0# HANDHELDSUSING ALL THE MOST POPULAR NETWORKS
7ITH 'OOD YOU CAN ALSO WIRELESSLY ENABLE #2- %20 3&! AND OTHER BUSINESS APPLICATIONS !LL WITH ENTERPRISE CLASS SECURITY ROLE BASED ADMINISTRATION AND TRUE OVER THE AIR PROVISIONING AND MANAGEMENT
iÌ Ì i v>VÌÃ Ü ÜÌ > , Li ÜÀiiÃà vÀ>Ì Ì° > nÇÇÎ{ÈÈÎäÈ À ÛÃÌ ÜÜÜ°}`°VÉvÀiiÌ
^ÓääxÊ`Ê/iV }Þ]ÊV°Ê`]Ê`Ê/iV }Þ]ÊÌ iÊ`Ê}]Ê>`Ê`Ê>ÀiÊÌÀ>`i>ÀÃÊÀÊÀi}ÃÌiÀi`ÊÌÀ>`i>ÀÃÊvÊ`Ê/iV }Þ]ÊV°ÊÊÌ iÀÊÌÀ>`i>ÀÃÊ >ÀiÊÌ iÊ«À«iÀÌÞÊvÊÌ iÀÊÀiëiVÌÛiÊÜiÀðÊ-VÀiiÊ>}iÊÃÕ>Ìi`°Ê«>"i]Ê/ÀiÊ>`ÊÌ iÊ}ÃÊ>ÀiÊ>}ÊÌ iÊÌÀ>`i>ÀÃÊÀÊÀi}ÃÌiÀi`ÊÌÀ>`i>ÀÃÊÜi`ÊLÞÊÀÊViÃi`ÊÌÊ «>"i]ÊV°ÊI/ À`Ê«>ÀÌÞÊÃvÌÜ>ÀiÊÃ`ÊÃi«>À>ÌiÞ°Ê,iµÕÀiÃÊÜÀiiÃÃÊ`>Ì>ÊÃiÀÛViÃÊ>`Ê-*ÊÃ`ÊÃi«>À>ÌiÞ°Ê7ÀiiÃÃÊVÛiÀ>}iÊ>ÞÊÌÊLiÊ>Û>>LiÊÊ>Ê>Ài>ð 0805red_Report_8-13.v5 7/14/05 1:56 PM Page 12
RedmondReport Microsoft Feeds RSS to Longhorn Microsoft is changing IE, the OS and RSS itself to change the way users interact with the Web.
BY SCOTT BEKKER browsing, the little technology over favorite conspiracy theory for the Microsoft took a hard look at Really which Microsoft went to the mat with moment. The company produced Simple Syndication and concluded the U.S. Department of Justice. something called Simple List that RSS is good for a lot more “RSS is key to how people will use the Extensions; and so far RSS 2.0 spec than notifying readers of a favorite Internet in the future by automatically author Dave Winer and legal delivering the information that is scholar/outspoken copyright opponent important to them,” Hachamovitch Lawrence Lessig have offered qualified said. Wearing a “Longhorn (heart sym- support. Microsoft made the extensions TECHWatch bol) RSS” T-shirt, Hachamovitch available through Lessig’s Creative Tracking the Technology Lifecycle demonstrated that Longhorn’s version Commons, which offers flexible of IE will have an RSS icon that lights copyright arrangements for creative blogger’s latest post or as a venue for up when it reaches a page that offers an work. What the Simple List Extensions news sites’ latest headlines. opportunity to subscribe to a feed. bring to RSS is freedom from the To be sure,the big unveiling of Users will be able to view the RSS feed time-ordered nature of RSS feeds. Microsoft’s new plans for RSS in the directly in the browser, and Microsoft is The current system presents the most Windows Longhorn operating system designing the process of adding RSS recent items first, with older items at the Gnomedex 5.0 conference this feeds to be as simple from within IE as fading away after awhile. What summer wasn’t the first time Microsoft adding “favorite” Web sites. promised RSS for Longhorn. Back in Those are the user interface changes, 2003, Microsoft talked about putting and they are significant. As it stands, to FunFact RSS feeds in a Longhorn desktop UI take advantage of RSS, a user has to be feature called the Sidebar. RSS, however, aware of the technology; actively seek There are an estimated 60 million was literally relegated to the side of the out an RSS aggregator; select an blogs worldwide, and the majority are screen. (At WinHEC this spring, aggregator from the dizzying array of available via RSS or similar formats. Microsoft indicated the Sidebar feature choices; and (in most cases) remember to probably won’t be in Longhorn.) launch the aggregator on a daily basis. Microsoft’s extensions do is create a way Now Microsoft has an RSS team. The Making RSS trivial to use from the for items to persist, such as Top 10 lists. Gnomedex announcement of Microsoft’s world’s most widely used browser has the Under the extensions, users might only new RSS strategy came from Dean potential to ignite end-user adoption of receive RSS notifications when an item Hachamovitch, Microsoft general man- the technology—no mean feat. None of has moved a few places in the ordered ager for Longhorn browsing and RSS. that, however, expands RSS beyond the list, or a new item has come in. The Think about that title for a second. It current paradigm, in which users extensions also add a standard place to puts RSS on nearly equal footing with subscribe to a blog or news feed and add properties, giving publishers a place receive the most recent items. to embed useful information about the Things get interesting on the back feed, item or enclosure. end. RSS 2.0 includes an extension At the same time, Microsoft is mechanism that allows publishers integrating RSS into the Longhorn and clients to define additional platform via three components. A elements. Microsoft never met an Common RSS Feed List and Common opportunity to make extensions RSS Data Store will be available to all to a standard that it didn’t applications. A user who subscribes to embrace, but put down your an RSS feed in IE can also view the same feed—without resubscribing— TechWatch Meter: RSS in Windows and the data from that feed in an RSS
12 | August 2005 | Redmond | redmondmag.com | 0805red_Report_8-13.v5 7/14/05 1:56 PM Page 13
RedmondReport
Continued from page 8 structure aren’t likely candidates for emulation. Other exclusive end-user Red Hat Directory Plays features will probably emerge in the Beta 1 and Beta 2 stages of Longhorn Nice with NT & AD testing. As with SQL Server 2005, ed Hat released its directory Red Hat Directory Server has an Longhorn should also make major service this summer, and .MSI package that can be loaded on a strides in the fundamentals (See our this old dog knows a few domain controller to allow cross- interview with Jim Allchin on p. 34) R that the older products can’t touch. new Windows tricks. It’s an old synchronization between NT or AD Administrators who ripped out their dog because it has its roots in and Red Hat Directory Server. This Windows 2000 Professional infra- Netscape’s Directory Service, means you can create an AD user and structures the day Windows XP came which went to AOL then Red Hat. have it automatically show up in out will be doing the same when In true Red Hat spirit, the Linux RHDS. Or, on Linux, change a user’s Longhorn arrives. But if you keep cur- distributor open sourced the product password, and have it automatically rent with your Windows XP updates, in two free flavors. Fedora Directory synchronize to AD. In short, this your users will wind up with a func- Server is supported only through commitment to “playing nice” with tionally much-improved operating the Fedora community. Red Hat Microsoft appears truly genuine. system over the gold code version— Directory Server (RHDS) enjoys full While the Red Hat/Fedora Directory practically a Longhorn Lite. When Red Hat support if the Red Hat server Server is a nice addition to the Red Longhorn does finally roll off the pro- it’s loaded on is under a Red Hat Hat lineup, it’s not quite as capable as duction lines, you can take your sweet time to deploy it. support contract. AD. While Red Hat Directory Server, Even if your internal PC replacement When it comes to Windows, like AD, is now multi-master for schedule calls for new PCs this year, the major new addition since the writes, Red Hat only supports writing consider this: Windows XP Profession- directory’s Netscape days is native to four nodes at once. al loaded on new PCs bought this year compatibility with Windows NT 4.0 — Jeremy Moskowitz, could ride out an entire three-year life- and Active Directory. Specifically, the Moskowitz-inc.com. cycle on mainstream support.—
aggregator, media player, photo item in a list of most popular items can time a new picture of the grandkids is software or other applications. (RSS embed such information as price or posted to a photo blog. 2.0 adds support for “enclosures,” files average customer rating. There are a lot of challenges to such as photos or audio included in the Calendaring scenarios are a major implementing RSS well. Microsoft is RSS feed.) Microsoft is also building focus for Microsoft. An attendee of a promising some of the end-user focused in an RSS Platform Sync Engine to use business conference might be able to get aspects in Longhorn Beta 1 this summer, idle network bandwidth when possible a feed of conference calendar data— and it will be interesting to see how to automatically download subscribed- receiving updates to the overall schedule, intuitive they can make the RSS parts. to RSS data and enclosures for use by other events or session location changes. The company is promising more detail any application. Without going to a site to check, the about the back-end at its Professional As an example of how broadly session location could be updated in Developers Conference in September. Microsoft is thinking about RSS, the attendee’s calendar program, such If Microsoft can keep the developer consider the scenarios the company is as Microsoft Outlook. Microsoft is community excited, the company is in a promoting. There are generic lists, also thinking about digital photo strong position to change the way the such as Top 10 songs from a music site, management scenarios, using the majority of users interact with the Web. a wish list from an online retailer enclosures for photos. For example, Instead of always driving our browsers (Amazon is on board already) or a grandparents might subscribe to a feed out to the places we want to go, our user’s ranking of favorite restaurants. that automatically downloads photos to browsers and RSS could really start In the online retailer example, each their photo viewing software every fetching what we need for us.—
| redmondmag.com | Redmond | August 2005 | 13 Project1 3/31/05 12:48 PM Page 1
Are You Preventing Exchange Server Failure, or Just Preparing for It?
Reactive measures won’t prevent a disaster, repair problems or accelerate performance.
As an administrator, you understand the mission-critical nature of the collaborative information that flows through your Exchange servers. In today's dynamic business environment, your servers are strained to the limit, and failure is not an option.
Prepared for the Worst? To protect the information flow and minimize the cost of unplanned Exchange server downtime and data loss, organizations devote enormous resources to reactive solutions such as continuous back-up, monitoring, and high-availability systems. Many organizations also implement Exchange archive solutions to comply with legal and other regulations such as HIPAA and Sarbanes – Oxley.
Reactive vs. Proactive Solutions Reactive and archive solutions only protect you if your Exchange Exchange Database Before databases are healthy. But the Exchange database is the Achilles • Degraded performance heel of the entire operation. Therefore, the key to preventing • Questionable stability • Bloated message store server failure is to implement a proactive solution that ensures • Erratic and strange behavior the health, stability, and optimization of the Exchange databases. • Multiple errors and warnings • Deleted items still intact Protect Yourself with GOexchange GOexchange, from Lucid8, is the only automated preventative Exchange Database After maintenance solution for Microsoft Exchange 5.5, 2000, and • Optimized message stores • Reduced store size by 38% 2003 that prevents disasters, repairs problems and improves • 1557 errors removed performance. GOexchange minimizes unplanned downtime, checks • 232 warnings corrected • Increased performance & stability and corrects errors, and increases performance and stability • Deleted items completely removed by rebuilding indices and reducing the size of your Exchange information stores by 30 to 55%.
See for yourself why organizations worldwide are implementing GOexchange. Download your FREE demo now at www.Lucid8.com, Go to www.Lucid8.com/GOexchange or call 425.451.2595. – review the Whitepapers and Case Studies, then evaluate GOexchange, and get a FREE t-shirt.* *see website for details 0805red_ProdRev15-20.v8 7/14/05 4:01 PM Page 15 ProductReview Virtual Idol VMware puts on a stellar virtualization performance with its latest version of Workstation.
VMware Workstation 5.0 $189 (download version), $199 (packaged version) VMware Inc. 650-475-5000 www.vmware.com
BY JEREMY MOSKOWITZ nearly the same performance as Figure 1. You can specify how much bandwidth the WAN link will I couldn’t stop watching last time. simulate (including a percentage of packet loss) between your “American Idol” this year, If VMware Workstation “teamed” virtual machines. not because I was enamored 5.0 was a contestant on of any particular contestant. “American Idol,” any one of mouse control got “stuck” and restore” feature. It takes a I watched to hear the these responses would be in the Task Manager. little longer to get going, but judges’ comments about equally valid. Let’s take a Also, I tried to rename a I haven’t encountered the each contestant. Here’s a closer look at this new tool guest while it was running. same sluggishness since I breakdown of the judges’ and see where it earns its I did this from within the deactivated this new feature. typical responses: cheers and jeers. VMware Workstation 5.0 • Randy: I don’t know. It hit console. Again, something Issue No. 3: The “team the mark in some places but it What Randy Would Say strange happened to the thumbnail” view is didn’t work for me in others. I hit a few snags as I mouse. When I pressed the unacceptable when my • Paula: That was fabulous! was testing VMware first key to rename the host’s resolution is at Your performance this round Workstation 5.0. There guest, the mouse was 1024x768 mode was better than the last! were three main issues that snapped back into the When machines are teamed, • Simon: Honestly, I don’t know hampered my experience, so guest. To successfully there’s a snazzy new thumb- what Randy and Paula see. It’s I asked other users if they rename the guest, I had to nail view of what’s going on in had similar experiences. suspend the guest, rename the other guest machines. REDMONDRATING Some had these issues it and resume. While this is a nice feature, it Documentation: 20% ____ 9 and others didn’t. Your takes up too much screen real Installation 20%______10 experience may vary. Issue No. 2: Guests com- estate when I’m presenting at ______Feature Set: 20% 9 ing out of suspension can a 1024x768 resolution. I can’t Performance: 10%______9 Issue No. 1: Occasional have sluggish performance find any way to turn it off, Management: 30% ______9 erratic mouse and Once Workstation 5.0 guests other than not to use teams. Overall Rating: 9.2 keyboard support were out of suspension, I These issues would be ______During my testing, mouse found their performance a enough to make Randy say, Key: 1: Virtually inoperable or nonexistent control became inexplicably bit sluggish. I thought it was “Yo dog, I liked it, but it 5: Average, performs adequately non-responsive. Doing the just me, but a colleague expe- didn’t always work for me.” 10: Exceptional Ctrl-Alt-Delete combo rienced the same thing. So,
With an overall rating of would snap mouse control when I’m using guests with What Paula Would Say 9.0 or higher, this product earns a Redmond Most back to my real machine, Workstation 5.0, I disable the VMware Workstation 4.5 Valuable Product award. but strangely enough, the new “background suspend was already excellent. It was
| redmondmag.com | Redmond | August 2005 | 15 0805red_ProdRev15-20.v8 7/14/05 4:01 PM Page 16
ProductReview
fast, solid and had all the with a certain percentage of is great, because it means Multiple Snapshots features I needed to get the packet loss (see Figure 1, that new guests only use the Workstation 5.0 also lets job done. Version 5.0 comes p.15). Before, you needed an space they need. Virtual PC you “fork” an installation to replete with a gaggle of expensive WAN simulator. does this well, and with a create an image. It then essential new tools and some little elbow grease, you takes that idea to the next whiz-bang features. Templates and Clones could accomplish the same logical level by letting you Microsoft’s Virtual PC has a thing with VMware take multiple snapshots Teams feature called “differencing Workstation 4.0 and 4.5. of the same image. In I have several “sets” of guests drives.” The idea is that you However, the problem short, you can “fork” an I use for demonstrations and create a baseline machine with differencing drives is underlying guest at any testing purposes. Worksta- with Windows Server 2003, twofold. First, if you inad- time, load different tion 5.0 makes it easy to start for example, then “fork” the vertently start up (and software, then do it again. therefore change) the For example, if I wanted to underlying baseline image, demonstrate how a custom- you’ll have to re-establish written Visual Basic script the guests that were linked reacted to each version of to this baseline because Office (2000, XP and 2003), their reference point will I could simply create three have changed. Workstation snapshots of the same system, 5.0 fixes this problem by then load the script and easily using templates. Once switch between each snapshot you’ve set up your baseline to repeat the demonstrations. guest, you make a template In my estimation, this is of that guest. That process one of the biggest new marks the underlying features for Workstation 5.0. baseline as read only, and It will forever change the lets you clone it. way I use VMware to Figure 2. Workstation 5.0 lets you take multiple snapshots from You can create two types conduct demonstrations. the same original baseline image. of clones. A “linked clone” makes a fork from the Odds and Ends up one bunch of guests to installation. You could then underlying baseline image There are numerous run a group of tests and use one server image to and lets you install the other odds and ends in another bunch for another demonstrate Exchange and software you need, but runs Workstation 5.0 that are group of testing. In other another to demonstrate it based on the original tremendous improvements words, you can suspend and SQL, for example. baseline image. A “full over its predecessor—and its unsuspend each group (or Instead of loading two clone” is a complete new competition. Some highlights “team” in VMware parlance) specific guest machines— image, including the include better USB support with a single click. If that one with Windows Server baseline and a specific for guest machines; a better was the extent of how Work- command-line interface to station 5.0 handles teams, it VMware’s performance in this round outshines start, stop and suspend would still be a cool feature, its previous performances. machines; a way to make but there is a lot more to it. AVI-style movie files (to Specifically, when demonstrate tasks); and an machines are “teamed,” 2003 and Exchange and guest. This gives you the add-on tool that can import Workstation 5.0 lets you another with Windows best of both worlds. It existing Microsoft Virtual PC specify how much band- Server 2003 and SQL makes it easy to use guests guest machines and spit them width to simulate between Server—you could have a that take up minimal out as ready-to-use VMware the machines in the team. baseline machine with amounts of hard drive Workstation 5.0 guest This is a fantastic way to Windows Server 2003, and space, but if the need arises machines—leaving the simulate how applications simply have two, much to move those guests to original Virtual PC guest react over WAN links, smaller guests for SQL another machine, it’s a alone and intact. including what happens Server and Exchange. This simple process. Continued on page 20
16 | August 2005 | Redmond | redmondmag.com | 0805TMSanJoseFinal.qxd 7/12/05 3:29 PM Page 1
Network and Certification Training for Windows Professionals San Jose, CA October 17-21, 2005
Over 90 sessions categorized into tracks:
Cisco Certified Microsoft Certified Microsoft Certified Network Associate Systems Administrator Systems Engineer (CCNA)/Infrastructure (MCSA) (MCSE)
Security System and Network Scripting Troubleshooting Windows/Linux Integration
PRESENTED BY:
TechMentorEvents.com 0805TMSanJoseFinal.qxd 7/12/05 3:29 PM Page 2
TechMentor Why Choose TechMentor? When you attend a TechMentor conference, you San Jose: have personal access to the most respected instruc- tors in the industry. Since 1998, TechMentor has pro- Spread vided in-depth, technical training from world-class instructors for thousands of Windows networking Your Wings professionals. Our attendees leave fully capable to manage their networks smarter, faster and more his fall’s TechMentor goes beyond the basics— effectively. Did you know that… even beyond Windows! The premiere conference > More than 90% of TechMentor attendees say they for IT pros is expanding its offerings to cover more would attend again. T of what you do in your job every day, adding > Our instructors are also authors, giving attendees coursework on Linux and Cisco. Windows, of course, real-world information. remains at the core of what we do; but you’ve got more > The same networking experts that write for on your network than just Windows; you need to know Redmond magazine and MCPmag.com produce how to manage and secure Linux servers, routers and the content of TechMentor. your entire network infrastructure. > TechMentor is an independent organization provid- Another unique aspect of TechMentor is its certification ing objective assessments of products and vendor- preparation, offering courses to get you ready to take the neutral advice. MCSA and MCSE exams. For our San Jose show, we’ve added training for another certification essential for any administrator: the Cisco Certified Network Administrator (CCNA). If you have networking, routing or firewall Who Should Attend responsibilities, this is where you need to be. So what else is new at TechMentor? Security! Well, > Systems Administrators security isn’t new; we’ve had great security content all > Network Administrators and Managers along. The difference is that now we’ve added it to our > Network/Systems Engineers track style of training, building step-by-step to cover the > MCPs, MCSAs and MCSEs basics and working up to more advanced coverage of > IS/IT Managers and Directors higher level issues. > Security Specialists You’ll also be glad to know we’ve retained the best > Help Desk / Tech Support Professionals content from previous shows. Along with our MCSA and > IT/Network/Systems Analysts MCSE training tracks, we’ve kept the Scripting and the > Consultants Troubleshooting track, helping you resolve the thorniest problems you face in running your network. All this information and training is served up by some of Exhibit Hall the best names in the business, including Mark Minasi, Don Jones, Steve Riley, Roger Grimes, Todd Lammle, Derek Melber, Bruce Rougeau and more. All the knowl- Tuesday, October 18 edge in the world does no good if the instructor can’t Exhibit Hall Open 11:45am - 2:30pm explain it to you in a clear and entertaining way; that’s Exhibit Hall Open & Reception 4:30 - 7:00pm where our speakers shine. Consulting Hour 4:30 - 5:30pm It all adds up to the best technical conference any- where: thorough and deep Windows information, network Wednesday, October 19 infrastructure coverage, saturation bombing of security Exhibit Hall Open 11:45am - 2:00pm topics and hard-core Linux instruction to make your net- work hum. If you’re ready to soar beyond the boundaries of what you thought you could do, set your sights on San Jose and join us for a week of learning that will give you a new perspective on your future. Table of Contents Instructors ...... 3 Best, Program-At-A-Glance ...... 4-5 Course Descriptions ...... 6-17 Registration and Travel ...... 18-19
Keith Ward Chairman, TechMentor Conference
2 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 3
INSTRUCTORS
Dan Aguilera, V.P. at GlobalNet Training, Inc, is a CCNP/CCSP and Jeremy Moskowitz, MVP, MCSE founder of Cisco Certified Voice Professional (CCVP), as well as a Certified Ethical Moskowitz, Inc. (Moskowitz-inc.com), is an independent Hacker (CEH) and Computer Hacking Forensic Investigator (CHFI), with consultant and trainer for Windows technologies. He over 15 years of networking experience. runs GPanswers.com, and WinLinAnswers.com com- munity forums to answer tough Group Policy and Windows/Linux Integration questions. His latest book is Roger A. Grimes, CPA, MCSE:Security Practical Windows & Linux Integration: Hands-on Solutions (NT/2000/2003/MVP), CISSP, CEH, CHFI, TICSA is for a Mixed Environment (SYBEX). Jeremy frequently contributes to the author of over 150 magazine articles and 5 books Redmond magazine and is the Linux track manager at TechMentor. on Windows security. He’s a consulting favorite for some of the world’s largest companies, including Gary Olsen, MCSE, is a consultant with Hewlett- Microsoft, McAfee, Navy, Army, Verisign, and Packard’s Americas Escalation Team, which provides Bridgestone/Firestone. His sessions are highly ranked for customer support for Windows (NT/2000/2003) and all their useful advice, technical detail, and humor. other Microsoft products. Gary worked in the Windows 2000 and 2003 Rapid Deployment Programs Jeff Hicks MCSE, MCT, is a Senior Network Engineer at Microsoft. He helped develop and teach Windows with Visory Group, as well as principal consultant of 2003 AD readiness training. He has written several JDH Information Technology Solutions. He has been in Microsoft Knowledge Base articles, numerous articles and writes occa- the IT industry for over 14 years, doing everything from sionally for Redmond magazine. He authored the book Windows 2000: help desk support to project management. He is cur- Active Directory Design and Deployment (New Riders). rently a contributing editor to ScriptingAnswers.com. Steve Riley is a senior program manager in Microsoft’s Don Jones is the owner of ScriptingAnswers.com, a Security Business and Technology Unit. Steve special- contributing editor to Redmond magazine, and a colum- izes in network and host security, communication pro- nist on CertCities.com and MCPmag.com. Don has tocols, network design, and information security poli- written more than a dozen I.T. books, including cies and process. His customers include various ISPs Managing Windows with VBScript and WMI (Addison- and ASPs as well as traditional enterprise IT customers, Wesley). Don is also an independent technology consult- for whom he has conducted security assessments and risk ant, with a focus on security and automation in Microsoft- analyses, deployed technologies for prevention and detection, and centric environments. designed highly-available network architectures. Steve is a frequent and popular speaker. Todd Lammle, CCNA/CCNP/CEH/CEFI/FCC RF Licensed, popular Sybex author and trainer, has been Bruce Rougeau, MCSE, MCP+I, MCT, Citrix Certified involved in computers and networking with Fortune 500 MetaFrame Administrator, began designing and imple- companies for over two decades. He has worked for menting a three-tier architecture for an automated med- companies such as Hughes Aircraft, Xerox, Texaco, ical record system in 1998. The most recent thin-client Toshiba, Cisco, AAA, and IBM to consult on both bound- implementation was deployed using Citrix’s WinFrame ed and unbounded media technologies. Todd has shared his utilizing 1,000 Windows-based terminals and fewer than knowledge and experience in more than 40 Sybex study guides. Todd 20 PCs. Currently he works for EDS as an infrastructure Lammle is President of GlobalNet Training and CEO of RouterSim, LLC. architect focusing on networks, Web servers, thin-client computing and 32-way Intel Data Center solutions. Darren Mar-Elia is Quest Software’s CTO for Windows Management and a Microsoft MVP. Darren Greg Shields, MCSE: Security, CCEA, is a senior sys- has more than 19 years of experience in systems tems engineer with Raytheon Company. A regular con- and network administration design and architecture. tributor to Redmond magazine, Greg has developed His expertise is on large-scale enterprise implemen- extensive experience with architecting and administer- tations of Windows infrastructures in distributed and ing enterprise collaboration systems using Microsoft, data center environments. Darren has been a contribut- Citrix, and VMWare technologies. His recent projects ing editor for Windows IT Pro Magazine since 1997. He has written include architecting a multi-company, multi-site collaborative and contributed to eleven books on Windows including the Windows software development environment, deployment of an enterprise patch Group Policy Guide (Microsoft Press). He is a frequent speaker on management system using SMS, and authoring associated best practices Windows infrastructure topics. with its use. Greg is a dynamic speaker and experienced technical trainer.
Derek Melber, MCSE, CISM, MVP, is the Director of Richard Taylor is a speaker, consultant, and trainer. He Education and Certification at DesktopStandard. Derek has worked as an instructor for numerous training cen- is a nationally known speaker, trainer and author, focus- ters, a consultant for firms such as Honeywell, MCI, ing on Active Directory, Security, and Group Policy. Lockheed Martin and is an Intel systems engineer Derek’s latest works include The Group Policy Guide where he developed and implemented programs to (Microsoft Press) and his Auditing Windows Security improve factory automation systems. Rick also worked series (The Institute of Internal Auditors). for Nestlé supporting one of the largest single AD domains worldwide. He was responsible for maintaining the functionality of servers Mark Minasi is author of Mastering Windows Server in South America, the U.S. and Canada. 2003, the latest in a series of books on Microsoft net- working that have sold over a million copies. He has Chris Wolf, MCSE, MCT, CCNA, is an instructor with been a columnist for several industry magazines. Mark is ECPI Technical College and a consultant with a frequent conference keynote and breakout speaker CommVault Systems, specializing in enterprise stor- and regularly garners those conferences’ highest attendee age, virtualization solutions and network troubleshoot- evaluation scores. He recently won CertCities.com’s ing. Chris is the author of Troubleshooting Microsoft “Favorite Technical Author” reader poll for the third year running. Mark is an Technologies (Addison Wesley) and co-author and con- MCSE and an MVP. tributor to a number of other books.
October 17-21 | San Jose, California | TechMentorEvents.com 3 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 4
P ROGRAM- AT- A -GLANCE
CCNA/Infrastructure MCSA MCSE Monday, October 17 12:30 - 2:00pm Attended and Unattended Introduction to TCP/IP Introduction to MCSE Track and Subnetting Installs and Upgrades Derek Melber M1 Todd Lammle M2 Bruce Rougeau M3
2:15 - 3:45pm Data Access, File System, Introduction to the Cisco IOS Resource Access Todd Lammle and Printing Derek Melber M7 M8 Bruce Rougeau M9
4:00 - 5:30pm System Configuration Introduction to Cisco Switching Physical and Logical Devices Todd Lammle and Backup Strategies Richard Taylor M13 M14 Bruce Rougeau M15 Tuesday, October 18 8:30 - 10:00am Introduction to Routing Protocols Network Troubleshooting Manage Users, Computers, Dan Aguilera and Remote Access and Groups T1 T2 Bruce Rougeau T3 Derek Melber
10:15am - 11:45am Advanced Routing Protocols, Disk Management RAS and Remote Administration Part I Bruce Rougeau Richard Taylor T7 Dan Aguilera T8 T9
2:30 - 4:30pm Advanced Routing Protocols, User Management and AD Networking Concepts and Part II Troubleshooting Principles T13 Dan Aguilera T14 Bruce Rougeau T15 Derek Melber Wednesday, October 19 8:30 - 10:00am Introduction to Cisco Terminal Services and Network Security Access Lists Remote Troubleshooting Richard Taylor W1 Todd Lammle W2 Bruce Rougeau W3 10:15am - 11:45am Advanced Cisco Access Lists Performance Monitoring and Name Resolution Todd Lammle System Recovery Strategies Derek Melber W7 W8 Bruce Rougeau W9 2:15 - 3:45pm Cisco Switching TCP/IP Configuration Active Directory, Part 1 Todd Lammle and DHCP Issues Derek Melber W13 W14 Bruce Rougeau W15 4:00 - 6:00pm Managing the Router DNS Configuration and Active Directory, Part 2 Configurations and the IOS Troubleshooting Derek Melber W19 Dan Aguilera W20 Bruce Rougeau W21 Thursday, October 20 8:30 - 10:00am Introduction to Wide Area Routing and Remote Access Issues Managing and Monitoring Networks (WAN) Bruce Rougeau Performance Th1 Dan Aguilera Th2 Th3 Richard Taylor 10:15am - 11:45am Wide Area Networks Continued Network Monitor Operations Disaster Recovery and Backups Dan Aguilera and Exploring Services Derek Melber Th7 Th8 Bruce Rougeau Th9
1:00 - 3:00pm Role-Based Security and CCNA Study Session, Part I Introduction to GPOs Todd Lammle Security Templates Derek Melber Th13 Th14 Bruce Rougeau Th15
3:15 - 5:15pm Service Pack and Hotfix CCNA Study Session, Part II Advanced GPOs Todd Lammle Assessment and Deployment Derek Melber Th19 Th20 Bruce Rougeau Th21 Friday, October 21 8:30am - 10:00am The Future of VoIP IPSec Security Principles PKI and Certificates F1 Dan Aguilera F2 Bruce Rougeau F3 Richard Taylor 10:15am - 12:15pm Penetration and Forensics Certificate Strategy and Planning IIS and IIS Security F7 Dan Aguilera F8 Bruce Rougeau F9 Richard Taylor
4 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 5
Scripting Security Windows/Linux Integration System Network & Troubleshooting
Windows Passwords: Everything Reliability in the Real World: Building VBScript Fundamentals, Part I Don Jones You Need to Know a World-Class Windows Cluster M4 M5 Steve Riley M6 Chris Wolf
Defending Layer 8: How to Recognize VBScript Fundamentals, Part II DNS Troubleshooting: Step-by-Step Don Jones and Combat Social Engineering Chris Wolf M10 M11 Steve Riley M12
Administrative Scripting Windows Logins Revealed Tips, Tricks, and Tools for Windows Best Practices and Design Mark Minasi Server Troubleshooting M16 Jeff Hicks M17 M18 Greg Shields
Scripting with Windows Manage- Hardening Systems with SP1/SP2: Move, Recover and Repair Windows ment Instrumentation: The Basics The Best Stuff You Don’t Use Utility Databases - DHCP, WINS, T4 Don Jones T5 Mark Minasi T6 DNS, IIS and More Chris Wolf
Scripting with Windows Manage- From Reactive to Proactive: Gain Wireless Security Secrets ment Instrumentation: Advanced Todd Lammle Control Through Enterprise Process T10 Jeff Hicks T11 T12 Greg Shields
Scripting: Top Tasks for the Ethical Hacking and Forensics Patch Management Strategies That Windows Administrator Made Easy Won’t Fail: SUS, SMS, and Beyond T16 Don Jones T17 Todd Lammle T18 Greg Shields
Scripting with Active Directory Turning Over the Rocks: Where Be Gone Ye’ SpyWare: Ridding Services Interface: The Basics Viruses, Worms, and Trojans Hide IE of Spyware for Good W4 Don Jones W5 Roger A. Grimes W6 Greg Shields
Scripting with Active Directory Practical PKI Cookbook: Recipes for When WSUS Goes Bad: Services Interface: Advanced PKI Wannabees (or Needtobees) Troubleshooting Windows Update W10 Don Jones W11 Roger A. Grimes W12 Greg Shields
Scripting Tools and Utilities Debunking Security Myths Tips, Tricks, and Tools for Windows Jeff Hicks Steve Riley Network Troubleshooting W16 W17 W18 Greg Shields
Understand & Protect Your Network VBScript Debugging Death of the DMZ Don Jones Steve Riley with the Security Configuration W22 W23 W24 Wizard Greg Shields
The Art of Network Troubleshooting: Scripting with Databases and Linux Basics for Windows Admins ActiveX Data Objects Jeremy Moskowitz How to Fix Any Network Problem Th4 Don Jones Th5 Th6 Mark Minasi
Advanced VBScript Tips, Bringing Up Your First Top Terminal Services Troubles Techniques, and Security Linux Server (and How to Treat Them) Th10 Don Jones Th11 TBA Th12 Greg Shields
Creating Graphical Scripts Windows/Linux Integration: Understanding and Troubleshooting with HTAs: The Basics The Art of the Possible User Profiles Th16 Jeff Hicks Th17 Jeremy Moskowitz Th18 Darren Mar-Elia
Creating Graphical Scripts Windows/Linux Integration: Getting Down and Dirty with Group with HTAs: Advanced Authentication Services Policy Functionality Th22 Jeff Hicks Th23 Jeremy Moskowitz Th24 Darren Mar-Elia
Web Scripting for Windows Windows/Linux File/Print Troubleshooting Group Policy and Administration Integration Active Directory Replication: Secrets F4 Jeff Hicks F5 TBA F6 from the Experts Gary Olsen
Administrative Scripting Hands-On Windows/Linux Email Integration When it All Goes South: Active Workshop TBA Directory Disaster Recovery F10 Don Jones & Jeff Hicks F11 F12 Gary Olsen
October 17-21 | San Jose, California | TechMentorEvents.com 5 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 6
CCNA/INFRASTRUCTURE TRACK
he CCNA (Cisco Certified Network Associate) / Introduction to Routing Protocols Infrastructure track will prepare you to take Cisco’s T1 Dan Aguilera Tuesday, 8:30 – 10:00am T entry-level networking exam. Nearly every administra- tor has network-related duties, whether it’s firewall config- This session will discuss the basic routing protocols in uration, managing IP traffic or setting up a VPN. The use today, and how Cisco uses them in small, medium CCNA track will teach you what you need to know with and large networks. The protocols covered include static, four days of intense training. This track is led by popular default, RIP, RIPv2, IGRP, EIGRP and OSPF. Cisco trainers Todd Lammle and Dan Aguilera. Advanced Routing Protocols, Part I *TechMentor does NOT guarantee that you will obtain a certification after completing the certification tracks. You will be taught the test objectives, T7 Dan Aguilera Tuesday, 10:15 – 11:45am but successfully passing the tests involves more than just your training. This session digs deeper in the routing protocols RIP, Introduction to TCP/IP and Subnetting RIPv2 and IGRP. M1 Todd Lammle Monday, 12:30 – 2:00pm Advanced Routing Protocols, Part II This session will show you, simply and easily, how to sub- T13 Dan Aguilera Tuesday, 2:30 – 4:30pm net IP in your head in less than 5 seconds! You will learn IP shortcuts that will allow you to subnet efficiently and This session goes in-depth on the routing protocols correctly. The TCP/IP stack is the fundamental technology EIGPR and OSPF. around which the Cisco CCNA is built; this is a can’t-miss session. Introduction to Cisco Access Lists W1 Todd Lammle Wednesday, 8:30 – 10:00am Introduction to the Cisco IOS This session introduces Cisco access lists, or what is M7 Todd Lammle Monday, 2:15 – 3:45pm sometimes referred to as the “poor man’s firewall”. This session introduces you to the Cisco Internetworking Operating System and how the IOS is used to configure a Advanced Cisco Access Lists Cisco router and set IP address on interfaces, as well as W7 Todd Lammle Wednesday, 10:15 – 11:45am explain the differences between the various Cisco devices. This session builds on the introductory access list course by discussing extended and named Cisco access lists. Introduction to Cisco Switching Cisco Switching M13 Todd Lammle Monday, 4:00 – 5:30pm W13 Todd Lammle Wednesday, 2:15 – 3:45pm This session discusses switching fundamentals, including VLANS, and the basic configuration of the Switch IOS. This session picks up where the “Intro to Cisco Switching” session leaves off and discusses how VLANs, VTP and STP are configured in a network.
While all of the instructors are extremely knowledge- able; Shields, Lammle and Minasi have the talent of making dry technical info—exciting! Their enthusiasm and speaking style really helped me to get everything from the information presented. — B. Baker, WHSCC
6 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 7
Managing the Router Configurations and the IOS W19 Dan Aguilera Wednesday, 4:00 – 6:00pm Top Reasons to Attend This session will discuss and show you how to back up and restore Cisco IOS on a router, as well as save the configuration of a router and switch to a TFTP host. Trusted Source Redmond magazine is a trusted source of Introduction to Wide Area Networks (WAN) information on Microsoft Windows server sys- Th1 Dan Aguilera Thursday, 8:30 – 10:00am tems, along with related third-party products, This session covers the basics of Wide Area Networks technologies, and certifications. The same net- (WANs) and the various types of WANs that Cisco sup- working experts that write for Redmond maga- ports. zine produce the content of this conference. Wide Area Networks Continued No Sales Pitch! Th7 Dan Aguilera Thursday, 10:15 – 11:45am Because we’re independent and not behold- This session discusses more advanced WAN topics, en to anybody, you get to hear the other side building on the introduction to WANs class. of the technology you’re working to implement CCNA Study Session, Part I and manage—the hidden gotchas, the way it really is in deployment, the minutia the big soft- Th13 Todd Lammle Thursday, 1:00 – 3:00pm ware companies won’t tell you (unless you This session discusses various CCNA exam questions have access to their high-priced technical sup- and how to approach the difficult subnet and VLSM tech- nologies you’ll encounter on the tests. port programs and consultants).
CCNA Study Session, Part II One-on-One Consulting Th19 Todd Lammle Thursday, 3:15 – 5:15pm Know of an expert you’d like to spend some This session will discuss various CCNA exam questions time with? No prima donnas here! Our expert and how to approach the IOS, switching, Access Lists instructors make themselves available between and WAN objectives. sessions, at lunch, and during the official Consulting Hour—your chance to get specific The Future of VoIP answers to specific questions. F1 Dan Aguilera Friday, 8:30 – 10:00am The future of Voice over Internet Protocol (VoIP) technolo- Positive Learning Environment gy is promising. When VoIP technology was first devel- Attendees don’t come to TechMentor look- oped, many were skeptical, mainly because it sounded too good to be true. Now that time has passed and the ing to mix with thousands of attendees on a technology has proven itself, it’s clear the future of VoIP is junket from work. You can expect to be among solid. You will learn the basics of VoIP and data networks, a serious, dedicated group of IT professionals VoIP deployment strategies and VoIP management and looking to expand their knowledge base, fur- security. ther their careers and add value to their organi- Penetration and Forensics zations. It’s a big reason more than 90% of our F7 Dan Aguilera Friday, 10:15am – 12:15pm attendees say they’d attend another TechMentor conference. Computer forensic investigation is the process of detect- ing hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Penetration testing is the process of actively eval- uating your information security measures. This session will impart the necessary skills to identify an intruder’s footprints and to properly gather the necessary evidence for prosecution.
October 17-21 | San Jose, California | TechMentorEvents.com 7 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 8
MCSA - MICROSOFT CERTIFIED SYSTEMS ADMINISTRATOR TRACK
CSAs are the front-lines, in-the-trenches workers Network Troubleshooting and Remote Access in most organizations. They’re the systems admin- T2 Bruce Rougeau Tuesday, 8:30 – 10:00am M istrators, the ones who keep the servers humming along, who manage users and groups. If you do this work, This session includes instruction on configuring and trou- and don’t have the MCSA, it’s time to get to work on bleshooting TCP/IP, utilizing ICS, VPN, and dial-up con- obtaining it, to give you a leg up on your peers, and nections. Also covered: configuring multiple languages demonstrate your expertise to the boss. The TechMentor and utilizing the language bar. MCSA track is fast-paced, presenting all the vital informa- tion necessary to prepare you for the MCSA exams. The Disk Management instruction removes all redundancy in the exam curriculum and accelerates the learning process by providing only the T8 Bruce Rougeau Tuesday, 10:15 – 11:45am information needed, without any sales propaganda. This Hardware management is the theme for this session, track is led by popular “certification slam session” instruc- including: managing basic and dynamic disks; monitoring tor Bruce Rougeau. hardware devices with Device Manager and Control Panel; optimizing server disk performance with RAID and TechMentor does NOT guarantee that you will obtain a certification after defragmentation; and monitoring disk quotas. completing the certification tracks. You will be taught the test objectives, but successfully passing the tests involves more than just your training. User Management and AD Troubleshooting Attended and Unattended Installs and Upgrades T14 Bruce Rougeau Tuesday, 2:30 – 4:30pm M2 Bruce Rougeau Monday, 12:30 – 2:00pm Learn how to manage users via local, roaming and It starts with a course overview. Then you move into per- mandatory profiles. Also on the agenda: create, modify forming and troubleshooting an attended or unattended and troubleshoot users and groups in AD via GUIs, install/upgrade of Windows XP, utilizing tools such as scripts, and tools such as LDIFDE and CSVDE. Finally, Remote Installation Services, Sysprep and Setup Manger. learn techniques for creating, modifying, resetting and Next, you’ll learn how to install and configure Internet troubleshooting computer accounts in AD. Information Services (IIS). Then you’ll move to migrating user settings and files using the Files and Setting Transfer Terminal Services and Remote Troubleshooting Wizard, ScanState and LoadState. W2 Bruce Rougeau Wednesday, 8:30 – 10:00am Data Access, File System, and Printing This session starts with configuring and troubleshooting Remote Desktop, then moves on to other areas of remote M8 Bruce Rougeau Monday, 2:15 – 3:45pm management, including Terminal Services. Other topics Learn techniques for planning, creating and monitoring a covered include usage of Terminal Services Administrative data access strategy for access to files, folders, and tools and managing and troubleshooting print queues. shares, including NTFS permissions, Share permissions, WebDav, compression and encryption. Next up: creating Performance Monitoring and System Recovery Strategies and managing printers and print jobs for local printers, W8 Bruce Rougeau Wednesday, 10:15 – 11:45am remote printers and printer sharing, and Internet printers. Other topics covered include working with file system par- Learn how to monitor your most critical resources, includ- titions using the GUI and command-line tools; configuring ing the CPU, disks, network, processes and the pagefile. and providing access to Offline files; synchronization. Other items include IIS management; automated system recovery (ASR) procedures; restoring data from shadow System Configuration and Backup Strategies copies; planning, deploying and monitoring system back- ups; and restoring a failed system. M14 Bruce Rougeau Monday, 4:00 – 5:30pm Learn how to install, configure, remove, troubleshoot and TCP/IP Configuration and DHCP Issues monitor devices and configure driver options for signing. W14 Bruce Rougeau Wednesday, 2:15 – 3:45pm Other topics covered include configuring hardware pro- files and power management for mobile users; backing up Learn how to configure TCP/IP; manage and troubleshoot and restoring an operating system using Windows back- DHCP leases, Relay Agents, databases, scope options, up, safe mode, system restore and recovery console. Also server options, and reservations; and troubleshoot APIPA learn how to use Scheduled Tasks to schedule backups addressing and TCP/IP configuration issues. or other routine tasks.
8 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 9
DNS Configuration and Troubleshooting Service Pack and Hotfix Assessment and Deployment W20 Bruce Rougeau Wednesday, 4:00 – 6:00pm Th20 Bruce Rougeau Thursday, 3:15 – 5:15pm You can’t be an effective administrator if you don’t under- Another critical aspect of security is to make sure your stand name resolution, specifically DNS. Learn the ins servers and desktops are patched. This session teaches and outs of DNS, including configuration of DNS server you how to plan the deployment of service packs and hot- options, zone options, DNS forwarding, and the monitor- fixes; assess the service packs and hotfixes applied; and ing and troubleshooting of DNS. deploy service packs and hotfixes via slipstreaming, scripts and selected third-party tools. Routing and Remote Access Issues IPSec Security Principles Th2 Bruce Rougeau Thursday, 8:30 – 10:00am F2 Bruce Rougeau Friday, 8:30 – 10:00am Secure, efficient remote access is becoming more critical in these days of telecommuting. This session is all about Learn how to increase security through the use of IPSec. configuring and troubleshooting remote access, including Find out which IPSec mode to use, how to select an routing and remote access. authentication method, and how to configure IPSec authentication, encryption level and the appropriate IPSec Network Monitor Operations and Exploring Services protocol. You’ll also discover how to troubleshoot IPSec with IP Security Monitor and IPSec logging, and learn Th8 Bruce Rougeau Thursday, 10:15 – 11:45am how to plan and implement security for wireless networks. Network Monitor, Microsoft’s built-in “watcher”, can be your best friend, if you know how to use it. Learn how it Certificate Strategy and Planning works, including how to monitor and troubleshoot network F8 Bruce Rougeau Friday, 10:15am – 12:15pm issues with Network Monitor. Also: troubleshooting con- nectivity to the Internet, followed by an exploration of serv- Your week’s training finishes up with a discussion of plan- ice errors based on service dependency. ning, implementing and managing certificates. Learn how to deploy, manage, and configure SSL certificates for Role-Based Security and Security Templates wireless networks; plan and configure authentication; plan for digital signatures; install and configure Certificate Th14 Bruce Rougeau Thursday, 1:00 – 3:00pm Services; plan a multi-level certificate authority (CA) hier- It’s a dangerous world, both within and outside your net- archy; archive and recover keys and revoked certificates. work. To that end, learn how to plan security templates Also learn how to back up and restore your CA. based on computer role. Then use those templates to configure Registry and file permissions, account policies, audit policies, user rights, security options and system services. The next part is to deploy the templates, with GPOs and scripting. Also covered: software restriction policies; planning and implementing auditing; analyzing security configuration using the Microsoft Baseline Security Analyzer (MBSA) and Security Configuration and Analysis.
I only go to one conference a year, that one conference is always the TechMentor conference. Thank you for staying true to what this conference has always been about—a training intensive, non-vendor specific opportunity. — R. Grogan, Deloitte
October 17-21 | San Jose, California | TechMentorEvents.com 9 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 10
MCSE - MICROSOFT CERTIFIED SYSTEMS ENGINEER TRACK
he MCSE track is aimed at administrators or system change from one computer to another, there is the File architects with substantial (at least a year or more) and Settings Transfer Wizard, as well as the User State T Windows 2000 Server or Windows Server 2003 Migration Tool (USMT). Other topics include the new experience. This intense course will prepare you to take types of groups available in Active Directory, and how the tests necessary to obtain Microsoft’s highest-level those groups are handled by Active Directory. administrative certification. Led by well-known book author, Redmond magazine columnist and trainer Derek RAS and Remote Administration Melber, the course offers a sequential path through the test objectives you’ll be required to know. Come prepared T9 Richard Taylor Tuesday, 10:15 – 11:45am with your laptop and goggles: this course flies! This session digs deep into remote access services, cov- ering protocols, security, RAS clients, and permissions. TechMentor does NOT guarantee that you will obtain a certification after The heart of RAS security is the RAS policy, which will be completing the certification tracks. You will be taught the test objectives, but successfully passing the tests involves more than just your training. demystified so you fully understand how to create and manage them. Other remote access topics include remote Introduction to MCSE Track administration features such as Remote Desktop and Remote Assistance. Then there’s Terminal Services for M3 Derek Melber Monday, 12:30 – 2:00pm administration, which has new names and interfaces for Windows Server 2003. Finally, you’ll delve into tools such This session will introduce the exams in a way you’ve as the MMC and adminpak. never thought of before. We will go over the exam ques- tion types, as well as strategies that you can use to help you gain the upper edge on the exams. We will also go Networking Concepts and Principles over the key study methods that have worked for so many T15 Derek Melber Tuesday, 2:30 – 4:30pm others that have successfully obtained their credentials. This session starts off with thorough coverage of IP and Resource Access subnetting. Topics include supernetting, CIDR, and sub- net masking to the nth degree. Next on deck are all areas M9 Derek Melber Monday, 2:15 – 3:45pm of DHCP and DHCP design criteria, including the DHCP relay agent and DHCP scope options. Then you’ll move Permissions have gone through a radical transformation onto NAT, demand-dial routing and wireless connections, from Windows NT to Windows 2000/2003. Changes to ending with a discussion of network monitor and IP trou- how ownership is handled (or given away) and default bleshooting. share permissions give a brand new face to how resources are handled in Windows Server 2003. If you miss the key changes with the encrypting file system Network Security (EFS), you have missed one of the best improvements in W3 Richard Taylor Wednesday, 8:30 – 10:00am Windows Server 2003. When it comes to network security, there are plenty of Physical and Logical Devices options within Windows Server 2003. You’ll start off dis- cussing old friends such as SMB signing and port filter- M15 Richard Taylor Monday, 4:00 – 5:30pm ing, which are still around. Learn how to secure authenti- cation, as well as how to use certificates to increase net- The most important aspects of the physical and logical work communication security. The lesson then moves onto devices on a Windows computer are the hard drives. IPSec, an abyss of settings and options you’ll learn With basic disks, dynamic disks, volumes, partitions and decrypt. The new and improved Windows Firewall is also troubleshooting of disks, there’s a lot of information to on the menu. know. Don’t forget about handling drivers, driver signing, and driver rollback. Finally, we will cover disk quotas and disk defragmentation, which can help control how the Name Resolution disks are being utilized. W9 Derek Melber Wednesday, 10:15 – 11:45am Manage Users, Computers, and Groups You may have heard the rumor that WINS is no longer needed with Active Directory. Unfortunately, that isn’t the T3 Derek Melber Tuesday, 8:30 – 10:00am case. Not only is WINS still needed, DNS is a require- ment with Active Directory, too. With new features and There are the standard user, computer and group creation options in Windows Server 2003, DNS is sure to have requirements, but there is so much more. User profiles you scratching your head. You’ll be presented with all the come in many flavors and control points. Roaming pro- DNS options, requirements, and recommended configura- files, mandatory profiles, controlling what’s included in a tions with Active Directory. profile; the list is rather long. Then, if you want a user to
10 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 11
Active Directory, Part 1 Introduction to GPOs W15 Derek Melber Wednesday, 2:15 – 3:45pm Th15 Derek Melber Thursday, 1:00 – 3:00pm To the newbie, Active Directory is first a quest to under- Group Policy Objects can be complex to understand, stand the terminology and the structural components. design, and implement. This session will cover the key Both will be covered in this session, starting with the key aspects of Group Policy Objects, including GPO prece- concepts, then move on to discussing the structural com- dence, delegation, no override, block policy inheritance, ponents of Active Directory and how they work together. filtering, and more. You’ll look at almost every aspect of Nothing will be left untouched, including domains, trees, control, including: desktop folders, desktop icons, menu forests, sites, trusts, organizational units (OUs) and more. options, control panel features, logon and authentication components, and even software distribution. Active Directory, Part 2 Advanced GPOs W21 Derek Melber Wednesday, 4:00 – 6:00pm Derek Melber Thursday, 3:15 – 5:15pm Active Directory’s too big a topic to fit into one session. Th21 The second part will present the more difficult topics, Welcome to the next level! Take a tour of advanced GPO including FSMOs, universal group caching, replication techniques and tasks in this session. You’ll create and design and organizational unit (OU) design. Next up is incorporate custom GPO settings, both with ADM tem- Active Directory security, with a discussion of delegation plates and new security settings, from the ground up. of administrative control, a benefit to anyone moving to You’ll use security templates to secure a group of comput- Active Directory. Also highlighted is how to secure domain ers, then ensure the computers always get these settings. controllers, account policies, and ensuring all authentica- Also learn how to delegate control to all aspects of GPO tions are secure. management, using the new features of the GPMC.
Managing and Monitoring Performance PKI and Certificates Th3 Richard Taylor Thursday, 8:30 – 10:00am F3 Richard Taylor Friday, 8:30 – 10:00am Although Task Manager has been around a long time, Windows Server 2003 PKI can deploy an enterprise pub- there are new features to learn. There is also the System lic key infrastructure fairly simply, but understanding the Monitor (a.k.a. Performance Monitor), ideal for baselining correct hierarchy for your Certificate Authorities (CAs) is and troubleshooting network, application or system prob- essential. Learn the correct design of PKI and your CAs, lems. You’ll also learn the ins and outs of software update as well as how to issue and manage the certificates services (SUS), and how it should work with GPOs. required for the multitude of certificate-using applications. Event Viewer is still essential for monitoring, but the audit There are plenty of new enhancements with Windows policy needs to be set up to fill the security logs. Finally, Server 2003 PKI as well, including certificate enrollment, you’ll be exposed to the Microsoft Baseline Security qualified subordination, custom certificate templates and Analyzer (MBSA), which is constantly being upgraded and more. changed to add new features. IIS and IIS Security Disaster Recovery and Backups F9 Richard Taylor Friday, 10:15am – 12:15pm Th9 Derek Melber Thursday, 10:15 – 11:45am Windows Server 2003 now has a distinct product for run- Learn how to navigate the myriad options available to trou- ning a Web server. This session will cover the new fea- bleshoot, backup, and recover from a Windows issue. tures of IIS including overlapping recycling, real-time edit- Familiar tools such as Last Known Good and NTbackup ing of the XML metabase, Application Pools, and Web are still available, as are new options and features such as Service Extensions. Also reviewed will be the key archi- Automated System Recovery and Shadow copies. For tectural changes that improve stability, security and per- Active Directory, there are the System State and authorita- formance for your Web servers. tive restores, along with other topics like the Recovery Console, tombstoning, and emergency management.
Finally able to provide immediate ROI to the company for what I learned—Thanks. — B. Seaman, Union Central
October 17-21 | San Jose, California | TechMentorEvents.com 11 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 12
SCRIPTING TRACK
he Scripting track will provide you with the founda- Scripting with Windows Management Instrumentation: tion necessary to administer your servers and desk- Advanced T tops more efficiently using scripts. You will start out with basic scripts that require no previous knowledge of T10 Jeff Hicks Tuesday, 10:15 – 11:45am scripting. Building on that foundation, you will work your Take your WMI scripting skills to the next level and learn way through more advanced concepts, with hundreds of about advanced WMI security topics, WMI configuration, examples and lots of opportunities to get your hands dirty WMI associator classes, and more. You’ll learn practical, building your own scripts. When you finish this track, advanced techniques such as scripting file permissions, you’ll have all the tools you need to replace those time- using alternate credentials, using WMI to manage consuming manual processes that take up so much of Exchange, SQL Server, DNS, IIS, and other products, your work day. This track is led by scripting guru, and much more. Prior scripting and WMI experience (or Redmond magazine columnist and instructor Don Jones. “Scripting with WMI: The Basics” session) strongly rec- ommended. VBScript Fundamentals, Part I M4 Don Jones Monday, 12:30 – 2:00pm Scripting: Top Tasks for the Windows Administrator Learn the basics of managing Windows with VBScript, T16 Don Jones Tuesday, 2:30 – 4:30pm including scripting essentials, the VBScript language ele- You’ll learn how to write scripts which accomplish key ments, key VBScript functions and statements, working tasks suitable for use in logon scripts, security administra- with objects, and much more. You’ll also learn about sev- tion and auditing scripts, desktop management scripts, eral intrinsic scripting objects which allow you to manipu- domain management scripts, and more. Each sample late the Windows shell, work with files and folders, and comes with a checklist of ways in which the script can be access key network functionality. This is the ideal place to easily modified to perform related administration tasks. start your scripting education, with absolutely no prior Recommended for attendees with basic prior scripting, experience required. All other scripting sessions build WMI, and ADSI experience (or attendance in the upon the foundations learned in this session. “Fundamentals” and “WMI: The Basics” sessions).
VBScript Fundamentals, Part II Scripting with Active Directory Services Interface: M10 Don Jones Monday, 2:15 – 3:45pm The Basics See M4 description. W4 Don Jones Wednesday, 8:30 – 10:00am Learn to use ADSI to perform core, basic administration Administrative Scripting Best Practices and Design tasks such as Active Directory and local user account M16 Jeff Hicks Monday, 4:00 – 5:30pm management, bulk domain object management, local service management, and much more. Includes several Learn key best practices that make scripting more accept- scripts which use ADSI to accomplish practical adminis- able in an enterprise environment, including naming conven- trative tasks more efficiently and effectively. Prior script- tions, modular script design, source and change control, ing experience (or the “Fundamentals” sessions) strongly and much more. You’ll also learn valuable script design tech- recommended. niques that help answer the age-old question “where do I begin?” when you’re writing a new script. The session Scripting with Active Directory Services Interface: wraps up with an interactive script design workshop, allow- ing you to put your new design skills to work. Prior scripting Advanced experience (or the “Fundamentals” sessions) recommended. W10 Don Jones Wednesday, 10:15 – 11:45am Learn to write scripts which leverage ADSI to perform Scripting with Windows Management Instrumentation: advanced functions, including scripts which target multiple The Basics domain objects (such as computers) for other administra- T4 Don Jones Tuesday, 8:30 – 10:00am tive tasks, use alternate credentials with ADSI, modify advanced domain objects and properties, and perform Learn the essentials of scripting with WMI, the best way advance local management tasks such as file and print to retrieve and modify configuration information on remote server management. Prior scripting and ADSI experience computers. You’ll learn how WMI is built, learn about (or “Scripting with ADSI: The Basics” session) strongly tools that make WMI scripting easier and more efficient, recommended. and see several scripts that make practical administrative use of WMI. Prior scripting experience (or the “Fundamentals” sessions) strongly recommended.
12 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 13
Scripting Tools and Utilities Creating Graphical Scripts with HTAs: The Basics W16 Jeff Hicks Wednesday, 2:15 – 3:45pm Th16 Jeff Hicks Thursday, 1:00 – 3:00pm Learn to utilize both commercial and freely-available tools Learn to make script-based HTML Applications(HTAs) to make scripting faster, easier, and more efficient. You’ll that feature a complete, robust GUI. You’ll learn to use a explore script editors and see how they can make script- WYSIWYG HTML editor to create an effective GUI, and ing easier, and you’ll use a variety of script “wizards” that to leverage your VBScript skills to make your new applica- produce script code with no effort on your part. You’ll also tion completely functional. Learn to make end-user appli- learn about script encoders, script compilers, and “script cations, graphical monitoring tools, and scripts which are assistant” utilities which can help meet a variety of needs more easily used by junior administrators. Session in almost any network environment. Finally, you’ll see how includes a complete walkthrough of creating an HTA from to use IE as a tool to display highly-formatted script out- scratch. Prior scripting experience (or the “Fundamentals” put, ideal for reports and for scripts which are used by sessions) strongly recommended; prior WMI and ADSI end-users. Prior scripting experience (or the experience recommended. “Fundamentals” sessions) recommended. Creating Graphical Scripts with HTAs: Advanced VBScript Debugging Th22 Jeff Hicks Thursday, 3:15 – 5:15pm W22 Don Jones Wednesday, 4:00 – 6:00pm Learn to make your HTAs more functional and capable Learn key techniques and tips for debugging VBScripts through advanced HTA tips and techniques. Learn and making scripting a more efficient process. You’ll learn advanced formatting, how to script dynamic effects like to add debugging code to your scripts, use trace tools to tooltips, tree views, and drop-down menus, and learn how follow your script’s progress, and learn an infallible to dynamically manipulate an HTAs graphical user inter- methodology for squashing script bugs quickly, every face in response to user actions and other conditions. time. You’ll also review script creation techniques to learn You’ll learn to make more effective graphical scripts in no about methods that can help prevent bugs in the first time. Prior HTA experience (or “HTAs: The Basics” ses- place. Prior scripting experience (or the “Fundamentals” sion) strongly recommended. sessions) strongly recommended. Web Scripting for Windows Administration Scripting with Databases and ActiveX Data Objects F4 Jeff Hicks Friday, 8:30 – 10:00am Th4 Don Jones Thursday, 8:30 – 10:00am Learn how your scripting skills can be leveraged to create Learn to use databases with your scripts, making it possi- Web-based scripts for Windows administration and user ble to record information to SQL Server, Access, Excel, self-service Web sites. You’ll learn all about Microsoft text files, and other data stores, as well as read informa- Active Server Pages (ASP), and see plenty of examples of tion from any database in the enterprise. You’ll see how practical, Web-based administrative scripts. You’ll learn ActiveX Data Objects (ADO) works in a number of practi- about Web scripting security. Prior scripting experience cal administrative examples. Prior scripting experience (or (or the “Fundamentals” sessions) strongly recommended; the “Fundamentals” sessions) strongly recommended; prior WMI and ADSI experience (or appropriate sessions) prior WMI experience (or “WMI: The Basics” session) recommended. recommended. Administrative Scripting Hands-On Workshop Advanced VBScript Tips, Techniques, and Security F10 Don Jones & Jeff Hicks Friday, 10:15am – 12:15pm Th10 Don Jones Thursday, 10:15 – 11:45am Your laptop is a must for this hands-on session, where You’ll see how to make your own script-based command- you’ll put everything you’ve learned about scripting to use line tools, securely deal with passwords in scripts, learn in a series of practical script-writing exercises. With your about remote scripting and remote security issues, and instructor on-hand, you’ll apply your new scripting skills learn how to create an environment which allows adminis- and ensure that you’re ready to hit the ground running trative scripts to run while restricting potentially harmful when you get home. A virtual machine (VMWare or Virtual scripts (like script-based viruses). You’ll learn to encapsu- PC) running a domain controller is highly recommended, late your best scripts in Windows Script Components, as is a commercial script editor (evaluation versions will making them easier to use and re-use in future scripts. be provided on CD-ROM in class). Prior scripting, WMI, You’ll also learn how to easily integrate external tools and and ADSI experience is a must; this session is recom- applications (such as command-line utilities) into your mended only for those who have attended the majority of scripts. Prior scripting experience (or the “Fundamentals” the sessions in this track (or who have equivalent past sessions) strongly recommended. experience).
October 17-21 | San Jose, California | TechMentorEvents.com 13 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 14
SECURITY TRACK
he Security mini-track offers three days of in-depth Service Pack 1—have been out for a while, and most instruction on all aspects of Windows security. It admins have deployed them for their fixes and greater T starts off with the basics and builds in a step-by-step security. But are you using everything that SP1/SP2 fashion to more advanced topics. Learn security from offers? Well, unless “IPsec bypass,” “auditusr.exe,” “bina- three of the biggest names in the Windows security ry behaviors” and “mime sniffing” have a place in your world: Windows author and speaker Mark Minasi, security vocabulary, you’re not getting the most out of Microsoft Corp. security guru Steve Riley, and prolific your service packs. This session provides the step-by-step author and speaker Roger Grimes. ways to squeeze all of the security juice out of the SPs!
Windows Passwords: Everything You Need to Know Wireless Security Secrets M5 Steve Riley Monday, 12:30 – 2:00pm T11 Todd Lammle Tuesday, 10:15 – 11:45am Since early computing, passwords have protected user Learn how to secure your wireless LAN (WLAN) and accounts and sensitive data. Undoubtedly, your company Metropolitan Mobile Network (MMN) in both your corpo- has a password policy and some enforcement of that poli- rate and home networks. This session shows you the cy. However, most people have no idea what happens beginnings of WLAN security and benefits and drawbacks once a password is provided to the system or how strong of each security method in use today as well as the up- a given password is against a specific attack. In this ses- and-coming security versions, so you can make informed sion, how you’ll learn in depth Windows uses passwords, decisions in your WLAN security policies. Whether you including Windows password architecture, password work in a large or small—even a mobile office—this is hashing, password length and complexity analysis, pass- truly a critical course if you want to support your wireless word storage and retrieval, and the Stored User Names applications with both corporate policies and security. and Passwords feature. You’ll also explore common pass- word guessing attacks and countermeasures. Ethical Hacking and Forensics Made Easy
Defending Layer 8: How to Recognize and Combat Social T17 Todd Lammle Tuesday, 2:30 – 4:30pm Engineering With the growth of the Internet, computer security has become a major concern for businesses, governments M11 Steve Riley Monday, 2:15 – 3:45pm and consumers. The best way to evaluate a threat in your The human element is often ignored in security. People- environment is to have an independent computer security the eighth layer of the OSI stack-can often blow a gaping professional attempt to break into your computer systems. hole in the most well-planned defense infrastructure. Learn how these “tiger teams” or “ethical hackers” employ Organizations will spend fortunes on technology and are the same tools and techniques as the intruders, but nei- still vulnerable to old-fashioned manipulation! This session ther damage the target systems nor steal information. takes you through the issues that are present when peo- ple, computers, and networks meet. In an example-filled Turning Over the Rocks: Where Viruses, Worms, and session you’ll delve into the depths of user psychology Trojans Hide and how it’s at layer 8 where all security succeeds or fails. Bonus: learn how to do it yourself! W5 Roger Grimes Wednesday, 8:30 – 10:00am Did you know there are over 30 different Registry keys Windows Logins Revealed where viruses, worms, and trojans can hide to exploit a Windows system? Roger has collected the most extensive M17 Mark Minasi Monday, 4:00 – 5:30pm list of files, folders, Registry entries, and techniques that Every day you log into our Windows systems. But what malware can use to compromise your computer. Attend really happens when you do? How DO your workstations this session and learn how to defend your systems against and domain controllers exchange logon information with- the most popular attacks. out revealing your passwords? For that matter, how are your workstations able to find DCs even on days when Practical PKI Cookbook: Recipes for PKI Wannabees the local DC’s sick? Learn how logins work, how they can (or Needtobees) not work (and how you can fix them) as well as how to better secure them. W11 Roger Grimes Wednesday, 10:15 – 11:45am Want to use encrypted e-mails with digital signatures in Hardening Systems with SP1/SP2: The Best Stuff You Exchange? Want to use PKI for Wireless authentication Don’t Use and IPSec? Attend this session to learn how to put PKI to work for you. T5 Mark Minasi Tuesday, 8:30 – 10:00am The SP Twins—XP’s Service Pack 2 and 2003 Server’s
14 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:30 PM Page 15
Debunking Security Myths Bringing Up Your First Linux Server W17 Steve Riley Wednesday, 2:15 – 3:45pm Th11 Speaker TBA Thursday, 10:15 – 11:45am “Let’s see now, if we just tweak this setting here and that If you're ready to bring up your first Linux server, this is setting over there and the other setting...um, where was the session for you. You will set up some of the key com- that setting again?” Sounds familiar, huh? Security tweaks ponents of Linux, including simple DNS, simple DHCP often make you feel good because, after all, you’ve done and simple file sharing. something! Alas, tweaks are usually nothing more than pure “security theater,” designed more to satisfy poorly- Windows/Linux Integration: The Art of the Possible written auditing requirements than really making a system more difficult to attack. This session will expose 10 com- Th17 Jeremy Moskowitz Thursday, 1:00 – 3:00pm mon security myths and explain why they provide little (if What does Linux do best? And what does Windows do any) value. best? In this session, Jeremy Moskowitz presents the ins and outs of how Linux can be useful inside your Windows Death of the DMZ environment. Learn what's possible with Linux and where it fits in with your existing Windows infrastructure. W23 Steve Riley Wednesday, 4:00 – 6:00pm New business needs demand new network design think- Windows/Linux Integration: Authentication Services ing. For too long now the network has been the place where we lodge nearly all our security defenses. “We Th23 Jeremy Moskowitz Thursday, 3:15 – 5:15pm have a firewall, we’re protected” is simply no longer You're starting to get Linux desktops, and you want single true—if indeed it ever was. Attacks are getting more sign-on, but you're committed to leveraging Active sophisticated. It’s time to get smarter, to become mature, Directory to do it. If you have existing Unix or Linux, you to move beyond “best practices”—to improve the resilien- might have a tough time getting to AD unless you know a cy of our computers, our applications, and even our peo- few tricks. In this session, we'll describe and demonstrate ple. Join Steve as he pronounces, without a single how AD can be the focal point of your authentication net- PowerPoint slide, the death of traditional network design work, some tips on how to configure Linux clients, and and advocates for a new, better, and stronger way. how the SAMBA (an application which makes Linux play nicely with Windows) fits in to the picture. If you've got Linux and Windows authentication headaches, this is the Windows/Linux Integration Track session for you. Windows/Linux File / Print Integration he Windows/Linux Integration mini-track is geared to admins who are experimenting with, or using, Linux F5 Speaker TBA Friday, 8:30 – 10:00am T in their day-to-day Windows environments. The track You've heard of SAMBA, but you may have never seen it. begins with an overview of the basics of Linux, then Or, maybe you've heard of NFS, and heard it's got more moves into the Windows realm, detailing how to get Linux holes than Swiss cheese. Is it true that Windows' version and Windows to play nice with each other. Noted author of NFS is actually more secure than a plain-vanilla UNIX and speaker Jeremy Moskowitz, currently writing a book implementation? What is IPP, the Internet Printing on Linux-Windows interoperability, leads this track. Protocol, and how can it unify your printing environment? Come to this session to find out about all these file and Linux Basics for Windows Admins print integration issues. Th5 Jeremy Moskowitz Thursday, 8:30 – 10:00am Windows/Linux Email Integration Get a head start on Linux fundamentals. Meant for the beginner in Linux, this session will help you understand F11 Speaker TBA Friday, 10:15am – 12:15pm the new vocabulary of the Linux world, where things are, Today, you likely have Exchange. Great, but you might and how to perform key tasks. A special emphasis will be also have departmental servers with Linux running on describing Linux attributes in Windows terms, making Sendmail. You need a way to unify your mail structure. If it a gentle introduction to the world of Linux. your company relies on Outlook, is there a way for your Linux users to get that Outlook feel, even on Linux? In this session, you'll get a handle on how to take your existing e- mail services and make them better interoperate.
October 17-21 | San Jose, California | TechMentorEvents.com 15 0805TMSanJoseFinal.qxd 7/12/05 3:31 PM Page 16
SYSTEM AND NETWORK TROUBLESHOOTING TRACK
he Troubleshooting Track is your source for the very ly how to migrate to a new server or repair a failing one best tips, tricks, and tools to diagnose problems and while retaining full functionality for all support databases. T keep your machines humming. Bringing together world class instructors you know and trust, you will take From Reactive to Proactive: Gain Control through away real world solutions that you can immediately imple- Enterprise Process SECURITY FOCUS ment in your home network. Divided into 5 mini-tracks on Server, Security, Network, Terminal Services, and Active T12 Greg Shields Tuesday, 10:15 – 11:45am Directory troubleshooting, you’ll pick up more in every 90 Non-stop firefighting gets the adrenaline rushing, but it’s a minute session than in a full day of research. This track is primary cause of lack of sleep, lack of vacation, and lack led by popular instructor and Redmond magazine contrib- of life outside work. If you’re constantly firefighting to utor Greg Shields. keep your network up and operational, you might have more than a technical problem. In this session, we’ll Reliability in the Real World: Building a World-Class douse those flames by showing you how to set up change Windows Cluster SERVER FOCUS control and IT policy in your environment. You’ll leave with proven practices and fill-in-the-blank documents that will M6 Chris Wolf Monday, 12:30 – 2:00pm stabilize your network and give your life back. Building a shared disk cluster out of relatively inexpensive Windows servers seems like a way to get high availability at Patch Management Strategies That Won’t Fail: SUS, SMS, a reasonable price. But your good intentions might not pay and Beyond SECURITY FOCUS off in actual, measurable improvement in availability if you don’t do some planning. Learn how to do clusters the right T18 Greg Shields Tuesday, 2:30 – 4:30pm way. You don’t need a Fortune 500 budget to build a world Two years after Bill Gates declared security to be the class cluster, but you do need some practical guidance. number one priority at Microsoft, we’re still dealing with patch after patch to correct newly-discovered vulnerabili- DNS Troubleshooting: Step-by-Step SERVER FOCUS ties. This growing problem isn’t focused strictly on the M12 Chris Wolf Monday, 2:15 – 3:45pm operating system, either—nearly all Microsoft products have required some patching. With the sheer number of For many administrators, DNS annoyances have become Microsoft patches growing every year, keeping them all as common as calls from telemarketers. With Active straight is growing into an administrative nightmare. Directory’s firm reliance on DNS, compounded with count- Focusing on Microsoft’s SMS and WSUS tools, you will less network-based applications living and dying by name learn the tools appropriate for the size of your company resolution, DNS is considered by many the most critical and the methods and reporting mechanisms you need to service on the network. In this session, you’ll learn the keep your network safe. methodical approaches for diagnosing and solving DNS problems, best practices for DNS deployment, and how to Be Gone Ye’ SpyWare: Ridding IE of SpyWare for Good automate the backup and recovery of DNS servers. SECURITY FOCUS Tips, Tricks, and Tools for Windows Server Troubleshooting W6 Greg Shields Wednesday, 8:30 – 10:00am SERVER FOCUS Passwords going where? Give money to whom? M18 Greg Shields Monday, 4:00 – 5:30pm Prescriptions for how much? Who writes this stuff any- way? You don’t have to care who writes it, but you do Being a successful Windows admin is all about learning have to get it out of your network. SpyWare, AdWare and the million little “aha’s”, “gotcha’s”, and “don’t forget’s” MalWare are a growing threat to the Internet, and the you need to keep your servers happy. Being successful tools to get rid of it are immature at best. In this session, when a server’s on the blink involves even more. In this we’ll look at what’s available for exorcising it, as well as first of three tips and tricks classes, we’ll discuss the examining the mechanics of a SpyWare infection. In the details you need to diagnose a troubled server and bring it end, you’ll have learned the tricks to make yourself your back to health. own SpyWare scanner.
Move, Recover, and Repair Windows Utility Databases — When WSUS Goes Bad: Troubleshooting Windows Update DHCP, WINS, DNS, IIS, and More SERVER FOCUS SECURITY FOCUS T6 Chris Wolf Tuesday, 8:30 – 10:00am W12 Greg Shields Wednesday, 10:15 – 11:45am Why is it that setting up Windows network services can It’s the new kid on the block, but it can be downright brat- be so easy and yet moving, repairing, and recovering ty sometimes. Tame that little rug rat with this ground- them can be so difficult? Well, they don’t have to be if you breaking session on WSUS troubles and fixes. This ses- know the right way to do it. This session shows you exact- sion will go over some of the initial feedback on Windows
16 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:31 PM Page 17
Update and detail the do’s and the don’ts for getting it Understanding and Troubleshooting User Profiles working properly on your network. This session will save GROUP POLICY & AD FOCUS you headaches and get your network patched…fast. Th18 Darren Mar-Elia Thursday, 1:00 – 3:00pm Tips, Tricks, and Tools for Windows Network Has there ever been a Microsoft technology more prob- Troubleshooting NETWORK FOCUS lematic than user profiles? How about roaming user pro- files? This session will look in depth at the different types Greg Shields Wednesday, 2:15 – 3:45pm W18 of profiles, how user profiles work, the challenges of Sometimes the troubleshooting process gets easier as we using roaming profiles, and how you can troubleshoot and go further down the network protocol stack. Expose the resolve common profile issues. We’ll look at tools and network underbelly of the Windows operating system with techniques for troubleshooting remote profile problems this tips and tricks session. We’ll analyze and correct and best practices for ensuring a minimum of profile prob- DNS issues, client/server communication problems, rout- lems within your environment. ing foul-ups and troubles with WAN links. You’ll be sur- prised how easy it is to do the work with the right tools. Getting Down and Dirty with Group Policy Functionality GROUP POLICY & AD FOCUS Understand & Protect Your Network with the Security Th24 Darren Mar-Elia Thursday, 3:15 – 5:15pm Configuration Wizard NETWORK FOCUS There are a lot of moving parts in Group Policy. Ensuring Greg Shields Wednesday, 4:00 – 6:00pm W24 a functional Group Policy deployment means learning how Your network is under constant threat of impending attack, Group Policy is structured, how it’s processed, and where so you’ve gotta’ be smart about how you secure your things can go wrong. This session will focus on increasing servers. Released with Windows 2003 Service Pack 1, the your understanding of Group Policy internals and process- Security Configuration Wizard is a comprehensive tool for ing. You’ll get inside knowledge on the most problematic taking the guesswork out of this task. An XML-based tool areas of policy and learn how to deal with them should that can scan and lock down your server, this tool is soon they arise in your environment using the logs and tools to be your most valuable weapon against the baddies. In that are provided in the box. this session we’ll discuss how and when to use the wizard and how to extend it to keep your network safe. Troubleshooting Group Policy and Active Directory Replication: Secrets from the Experts GROUP POLICY & AD FOCUS The Art of Network Troubleshooting: How to Fix any F6 Gary Olsen Friday, 8:30 – 10:00am Network Problem NETWORK FOCUS One becomes an Active Directory expert by managing a Mark Minasi Thursday, 8:30 – 10:00am Th6 world-wide domain with dozens of sites, hundreds of Network software and hardware comes and goes, proto- domain controllers, and thousands of interconnected sys- cols grow and change, and what we do with networks tems. Think you got it bad? Try administering a domain that expands all of the time, but one thing doesn’t change: crosses all 24 time zones. In this session you’ll learn untold how often we use the words “network” and “not work” in AD secrets from HP Consultant and AD guru Gary Olsen. the same sentence. One day we’ll just plug it all in and it’ll You’ll leave with replication and Group Policy techniques just work, but for now, “to network is to troubleshoot.” In the big networks use that’ll keep your domain running. this session Mark shares the 12 immutable laws of trou- bleshooting any network problem. When It All Goes South: Active Directory Disaster Recovery GROUP POLICY & AD FOCUS Top Terminal Services Troubles (and How to Treat Them!) Gary Olsen Friday, 10:15am – 12:15pm TERMINAL SERVICES FOCUS F12 Every administrator has faced a DR situation in one form Greg Shields Thursday, 10:15 – 11:45am Th12 or another, ranging from recovering a single object to Since way back in 1998, Terminal Services has been an restoring an entire forest. In this session you’ll learn how integral part of the Windows operating system. We’ve had to use the “Lag Site” replication method to provide a a lot of time to play with it and a lot of time to see it break. quick online DR option and how a janitor can use In this session, we’ll look at some of the top support calls Authoritative Restore to bring down an entire forest with- from Microsoft and Citrix and work through their solutions. out a domain account. Gary will also show you the latest We’ll discuss proven practices for setting up Terminal techniques in AD Disaster Recovery to help you proac- Services in both big and small environments. Best of all, tively prevent disasters and what to do if they do happen. you’ll learn the details of how systems change when All participants in this session will receive a copy of Terminal Services is installed. Gary’s Active Directory Troubleshooting CD.
October 17-21 | San Jose, California | TechMentorEvents.com 17 0805TMSanJoseFinal.qxd 7/12/05 3:31 PM Page 18
REGISTRATION AND TRAVEL INFORMATION
Hotel and Travel Information Conference Registration
San Jose Marriott Each attendee will have access to: Conference Venue 301 South Market Street > All Courses Monday – Friday > San Jose, CA 95113 Keynote > Cocktail Reception Phone: 408.280.1300 > Improv Night at TechMentor > Peer Networking Events > Exhibit Hall > Consulting Hour with Instructors > Lunches and Morning Pastries TechMentor has negotiated a special room rate of $159 > Printed Course Notes (for registered courses only) single/double for conference attendees. Attendees must > All Course Notes Available Online book their accommodations by September 19, 2005, to > T-shirt with Completed Survey receive the discount. After that date regular room rates > Conference Bag will apply. Rooms at the special rate are available from > Demo Copy of VMware October 12 through October 24, based on availability. Early Bird Price (By September 9, 2005): $1,495 To make reservations, call 1-800-314-0935 and mention Regular Price (After September 9, 2005): $1,695 the TechMentor conference to receive your discount or enter this code TM1A online. Group Discounts American Airlines is offering discounts from any pub- lished domestic fare for travel to San Jose or surrounding When you register 4-9 colleagues from the same airports for the TechMentor Conference. Mileage mem- company at the same time, each attendee pays only bers can receive full credit for all American miles flown to $1,295 per person. Register 10 or more colleagues attend this conference. To take advantage of these dis- for only $1,195 per person. For more information on counts, please call toll-free, or have your travel agent call: group registration, please call Sara Ross at 972- American Airlines: 1-800-433-1790, reference number 506-9027 or email at [email protected]. #26H5AO. (Reservations must be made by phone to receive the discount.). Alumni Discount AVIS Rent-a-Car is offering TechMentor attendees a dis- We value our alumni! Attendees of any TechMentor Event count from October 10 to October 28, 2005 . To receive from 2001 – 2005 will qualify for an additional $100 dis- the discounted daily and weekly rates, simply call Avis at count off the registration fee (a total savings of $300 when 1-800-331-1600 and use Avis Worldwide Discount num- you register by September 9). To qualify for the discount ber D005872. please include which conference or summit you attended. This discount may not be combined with any other offer. HOW TO REGISTER Attendee Networking Forum Network with your peers before the conference begins. Online: TechMentorEvents.com Check the “Attendee Networking Forum” box when you Phone: 1-800-280-6218 (8:00am – 5:00pm PST) register and we’ll send you an email with attendee contact Fax: 1-541-346-3545 information about a week before the event. It’s a great Mail: TechMentor Registration 1277 University of Oregon way to start networking before you arrive in San Jose. Eugene, OR 97403-1277 Additionally, there will be many opportunities onsite to net- Onsite: You may register for the conference onsite. work. However space is limited and admission cannot be guaranteed. Refund and Cancellation Policy Registration is transferable with written authorization. Questions? Cancellations must be in writing and postmarked before Phone: 1-800-280-6218 (8:00am – 5:00pm PST) the cancellation deadline. Cancellations must be made by Email: [email protected] September 16, 2005 and will be subject to a $250 can- Web: TechMentorEvents.com cellation fee. Cancellations made after September 16,
TechMentor’s Federal Tax I.D. Number is 95-4758348 2005 as well as “no shows” are liable for the full registra- TechMentor Conferences are a division of 101communications LLC. tion fee.
18 TechMentor | Networking and Certification Training for Windows Professionals 0805TMSanJoseFinal.qxd 7/12/05 3:31 PM Page 19
REGISTRATION FORM
Select your desired track.
Cisco Certified Microsoft Certified Microsoft Certified Network Associate Systems Administrator Systems Engineer Scripting 1 (CCNA)/Infrastructure (MCSA) (MCSE) System and Network Security Windows/Linux Integration Troubleshooting
You will be automatically registered for each session in your selected track. However, you are able to attend ANY session offered at TechMentor. After registration, you will receive a confirmation email with instructions to go online and select the sessions you are interested in attending.
Type or print your name and address. *Required! Your email address is used to communicate with you about confer- ence registration. You will also receive information about future TechMentor Events. Refer to our privacy policy at 101com.com/privacy.asp for additional First Name for Badge information. 2 Last Name Which certification titles do you currently hold? Please check all that apply: Title ❍ MCP ❍ MCDST ❍ MCSA ❍ MCSE ❍ MCSD ❍ ❍ ❍ ❍ Company MCDBA MCT Other None
Address Alumni Discount Previous TechMentor event attended in 2001-2005:
City State/Province City Date
Zip/Postal Code Country Attendee Networking Forum ❍ Yes, I want to participate. See page 18 for details. Phone Fax Vendor Marketing Code Promo Code BRORED Email *
Calculate your payment. ❍ Check enclosed (payable to 101communications, in U.S. dollars drawn on a US bank) Early Bird (Through September 9) $1,495 ❍ Visa ❍ MasterCard ❍ American Express ❍ Discover Regular (After September 9) $1,695 3 Alumni Discount Less $100 Card # Groups of 4 or more, please call Sara Ross at 972.506.9027 to register. Expiration Date
Cardholder Name Total Fee $ Signature To confirm your registration, a guarantee of payment is required. Remit with a check or credit card. If you need Cardholder Address (if different than above) an invoice, please call 800-280-6218 or email [email protected]. State/Province Zip/Postal Code
If you would like to use a Purchase Order to register, please contact Dena Fisher, Conference Services Coordinator at 800.280.6218 or 541.346.3537 or via email at [email protected] to make arrangements.
Send in your registration. PHONE 800.280.6218
MAIL with full payment: ONLINE TechMentorEvents.com 4 TechMentor Registration 1277 University of Oregon After October 14 please register onsite. Eugene, OR 97403-1277 Registration will be limited to space available.
FAX with credit card payment: 541.346.3545 Photocopy this form for additional registrations. 0805TMSanJoseFinal.qxd 7/12/05 4:09 PM Page 20
Network and Certification Training for Windows Professionals San Jose, CA October 17-21, 2005
Attend TechMentor and in a Week of Training You Will: > Learn how to integrate Linux into your Windows environment > Upgrade your skills to Windows Server 2003 > Improve your network security > Learn to diagnose and repair common network problems > Script like a professional > Make long-lasting professional contacts
TechMentorEvents.com
Sponsors and Exhibitors 0805red_ProdRev15-20.v8 7/14/05 4:01 PM Page 17
ProductReview Get to Know Your Network How well do you know your network? NetSupport DNA will give you the complete picture.
NetSupport DNA Pricing ranges from $26.88 (for basic inventory module) to $80.64 per user (for all optional modules) for 100 users NetSupport Inc. 770-205-4456 www.netsupport-inc.com
BY CHAD TODD pushed remotely from the Most of the time, it seems server. The installation like IT pros have too many process is very easy—I had responsibilities. We have to the server software installed handle day-to-day activities and the client piece added to like troubleshooting desktop 15 machines in about 20 and server problems. We minutes (including reboots). Figure 1. DNA tracks information on monitored computers, including also have project work like You manage DNA with what applications have been opened and how long they’ve been used. rolling out a new server farm the NetSupport DNA or updating desktops coming Console, which runs inside ment, seeing them all DNA collects an impres- off their leases. a java virtual machine (see grouped together may make sive amount of data. Each I don’t know about you, Figure 1). It will run on any them harder to manage. of the tabs in the DNA but my least favorite task of machine with Windows NT DNA supports separating Console details pane shows all is tracking software and 4.0 or higher and IE 6.0. I them into static or dynamic numerous statistics about hardware. Unless you’re in a found the DNA Console groups. You manage the the selected machine. DNA small environment and have extremely easy to use—after static group membership reports on: a lot of time on your hands, about 20 minutes, I was zip- by manually adding and • Operating system version this task can be completely ping around like an old pro. removing machines. In and serial number overwhelming. Thankfully, There are two ways to Figure 1, I created two static • Total RAM NetSupport DNA makes the discover clients. DNA can groups, Sales and Support. • DirectX version process a snap. search a range of IP You can build your dynamic • Domain or workgroup DNA not only gives you addresses or use the browse groups on the fly. DNA membership full hardware and software list for a given domain or can track the following types inventory, but also applica- workgroup. Once you’ve of computers in dynamic REDMONDRATING tion and Internet metering installed the client on all groups: Documentation: 15% ____ 8 and software distribution. machines, each one will • Windows 2000 Installation 10% ______9 ______You can also add a Web- report back to the server • Windows XP Feature Set: 35% 8 ______based help desk and and register itself under its • Machines running IE 6.0 Performance: 30% 8 Management: 10% ______9 remote-control client with domain name. You can see or higher add-on modules that you in Figure 1 that there are • Machines using Intel Overall Rating: 8.2 purchase separately. five machines registered in CPUs ______You’ll need to install both the TC domain. • Machines with more than Key: 1: Virtually inoperable or nonexistent server and client components. If there are a lot of 128MB RAM 5: Average, performs adequately You can have the client machines in your environ- • Machines with XP SP2 10: Exceptional
| redmondmag.com | Redmond | August 2005 | 17 0805red_ProdRev15-20.v8 7/14/05 4:01 PM Page 18
ProductReview
• Service pack level You can configure each • Currently logged on user package to check the • Processor and clock speed Pricing Details hardware and software • Motherboard manufac- inventory already collected You can purchase NetSupport DNA and any its related turer and model number for the target machine to modules a la carte. The ultimate price per user depends on • Availability of PCI, AGP make sure the package is how many modules you’ll need. and ISA slots compatible. This ensures • The basic inventory module starts at $26.88 each for •All installed software that you don’t install soft- 100 users The User Details tab has ware on a machine that • The inventory module and DNA remote control is $53.76 fields to enter information won’t support it or be able each for 100 users about the person to whom to run it properly. • The inventory module and NetSupport Manager is the machine is allocated for When pushing packages $69.89 each for 100 users tracking purposes. These out to an entire enterprise, • The inventory, metering and distribution modules are fields include: you may overwhelm your $53.76 each for 100 users • Employee name DNA server. To alleviate this • The above modules and DNA remote control are $69.89 • Employee phone situation, DNA lets each for 100 users numbers you assign other computers • The above modules and NetSupport Manager remote • Employee e-mail address as “warehouse” machines. control are $80.64 each for 100 users • Asset tag number The DNA server pushes • Machine serial number the application to the • Lease start and end dates shows how much time is you may want to let your warehouse machines. Those • Maintenance start and spent on each given Web employees play games machines, in turn, push it to end dates site. This is a great way to during lunch only or before the clients. This reduces the track employee productivity. and after production hours. load on the DNA server. Keeping Watch In addition to tracking I was impressed with DNA’s Besides giving you an Internet usage, DNA lets you Pushing Packages feature set. If you need a elaborate inventory of your restrict which Web sites your DNA also lets you distrib- utility to take a thorough hardware and software assets, users can visit. This is good ute software. You define inventory of your software DNA also provides Internet for blocking an occasional packages that include a and hardware assets, down- and application metering. Web site or two, but I don’t collection of files to be load DNA and give it a try. Internet metering is a great see it as an efficient method deployed. After creating a The application and way to see where your of controlling Internet traffic. package, you can have it Internet metering are employees are spending their You have to manually enter automatically pushed to nice features to help track time on the Web. For exam- each URL, which adds quite a machines or advertised for and manage employee ple, a user playing pinball on bit of labor and overhead to users to access and install productivity. All in all, his lunch break may not be the process. when needed (this is NetSupport has done a great job with this version Besides giving you an elaborate inventory of your hardware and software of DNA.— assets, DNA also provides Internet and application metering. Chad Todd, MCSE: Messaging, MCSE: Security, is the co- breaking company policy, Application metering similar to assigning and author of MCSA/MCSE but someone who plays five reports on which applica- publishing applications with Managing and Maintaining a hours of pinball is definitely tions were used during the Group Policy). Windows Server 2003 Envi- crossing the line. day and how long each was You can include action ronment: Exam 70-290 Study DNA’s Internet metering used. DNA’s application parameters in the package Guide & DVD Training Sys- reports on Web sites visited metering function also lets to automatically answer any tem (Syngress Publishing). He’s with a particular machine. you restrict which applica- user prompts required dur- the co-owner of Training Con- Although the Internet is tions can be used. You can ing installation. This lets cepts, which specializes in Win- required for a lot of busi- block an application all of you deploy software pack- dows, Exchange, ISA and Cisco nesses, employees can waste the time or only during ages without requiring any training and consulting. Reach a lot of time surfing; DNA certain times. For example, user intervention. him at [email protected].
18 | August 2005 | Redmond | redmondmag.com | 0805red_ProdRev15-20.v8 7/14/05 4:01 PM Page 19
ProductReview Administration En Masse User Manager Pro helps you keep tabs on your admin tasks.
User Manager Pro $499 for five seats ($19 for each seat after five) Lieberman Software Corp. 800-829-6263 www.liebsoft.com
BY RICK A. BUTLER those who love the Ask a hundred IT magi convenience of a single what sort of wizardry they dashboard: User Manager use to get their jobs done Pro. So, enough talk of and you will undoubtedly magi and spells. Let’s talk get a hundred different about the tool. answers. Most of those same administrators Jump in to Setup probably have countless You can get User Manager spells and incantations at Pro set up very quickly. Install their disposal to handle the software on a server and everything from mass begin a discovery—whether Figure 1. User Manager Pro gives you a single dashboard from which to manage your systems. password changes to you run that through AD or importing and exporting NetBIOS—and pull in your not correspond to how you track down in a sea of data in Active Directory machine list. have your network laid out, cubicles and computers. by the way. You’re not User Manager Pro’s strength comes from its bound to your physical net- Reporting and Add-Ons ability to slice up administration tasks based work topology for adminis- User Manager Pro also trative processes. Once you has some great reporting on the groups of machines you have defined define your groups, you can capabilities. Two of the with the tool. begin managing them en reporting features I liked masse as you need to. were file reporting, where to aligning policies on a You select the nodes from Ever lose a machine? You you could locate versioned thousand or more machines the list that corresponds to know it’s on the network files all across your man- at once. the number of licenses you and you can talk to it, aged group, and automating Personally, I’m the type have, and you’re ready to but you have no earthly reports through the tool’s of admin who likes a tool- go. There are no client idea where it is physically scheduling capability. box full of single-use tools components or agents to located in the building. and scripts for my day-to- install on the machines (You mean I’m the only one REDMONDRATING day work. There are other you’re going to manage. on the planet to ever lose a Documentation: 20% ____ 8 administrators who prefer machine? Right.) Installation 20% ______9 ______the monolithic approach. Go with the Groups One feature of User Feature Set: 20% 7 Performance: 20%______8 They’d rather have one User Manager Pro’s Manager Pro that I Management: 20% ______7 tool and one interface to strength comes from its especially liked was physical help them do all their ability to slice up adminis- identification. Simply Overall Rating: 7.8 day-to-day administration tration tasks based on the turn it on and the machine ______tasks from one über station. groups of machines you will sing you a little tune Key: 1: Virtually inoperable or nonexistent Lieberman Software Corp. have defined with the tool. through its PC speaker, 5: Average, performs adequately 10: Exceptional has just the solution for Those groups may or may making it a lot easier to
| redmondmag.com | Redmond | August 2005 | 19 0805red_ProdRev15-20.v8 7/14/05 4:01 PM Page 20
ProductReview
User Manager Pro has you can really see what this (For all you script hounds script. That makes some- an add-on feature called versatile tool can do. out there, and you know who thing like User Manager the Random Password you are, you should all be Pro even more attractive. It Generator that helps you Something About familiar with Dr. Scripto. If simplifies complex processes, generate and apply unique Scripting not, stop by Microsoft’s which can also help you passwords. You could use Realistically, there is little TechNet Script Center standardize those processes. this, for example, to lock that this product can do that where the good doctor will In short, Lieberman down all your local admin a nice collection of VBS be roaming about: http:// Software’s User Manager microsoft.com/technet/ Pro is a pretty powerful tool [User Manager Pro] simplifies complex scriptcenter/default.mspx.) for those looking for a processes, which can also help you standardize However, not every admin monolithic administration has the time and the control station. Functionally, those processes. inclination to become a there isn’t much to this tool scripting mage. That means that couldn’t get done accounts. This is nice scripts couldn’t get done. if you need to get things through some good solid because it mitigates risk of In fact, you can change all done en masse, a tool like scripting, but having it all exposure though a compro- the Local Administrator User Manager Pro is a right in front of you makes mised password, which is a passwords for all machines tremendous help. What if, life that much simpler.— feat in of itself when your in an Organizational Unit for example, you had to password is something like with just six lines of Visual slice up an OU or weren’t Rick A. Butler, MCSE+I, 7d#45!1Be89. Basic code. You can batch allowed to monkey with is the Director of Information I did find the interface for script changes to any Group Policy Objects for Services for the United States User Manager Pro a bit number of machines and the domain? Scripting Hang Gliding Association. tough and chewy at first. orchestrate your changes will still work, but it will You can hit him up at It’s not particularly elegant, in ways limited only by be much harder to define [email protected] but once you get past that, your imagination. the common element in the once he lands.
Continued from page 16 operating systems. You not know is that many Machine Software for One fact of life—and a would run them contained VMware Workstation 4.5 the Technical Professional.” minor caveat—with within older guest operating owners are eligible for a free The new features VMware Workstation 5.0 is that systems. For that task, upgrade. And who wouldn’t has added to version 5.0 the guests have a slightly dif- VMware has always want to do that? certainly support that ferent format than those in performed exceptionally billing. VMware Worksta- Workstation 4.5. In other well. If that’s all you’re The Final Vote tion 5.0 is a rising superstar words, guests created on doing—using VMware to VMware Workstation has in the virtualization world, Workstation 5.0 aren’t support a legacy NT 4.0 or evolved beyond its originally and the one to beat on the compatible with Workstation road to virtual stardom.— 4.5 (or GSX Server 3.2) VMware Workstation has evolved beyond its unless you create the guest in Jeremy Moskowitz, MCSE, “legacy mode.” Then, of originally conceived use. MCSA, founder of Moskowitz course, you won’t have access Inc. (Moskowitz-inc.com), is to all the snazzy new features. Windows 95 application on conceived use. It isn’t just an an independent consultant Overall, though, considering an end user’s machine— application compatibility and trainer for Windows its new and enhanced fea- there might not be any tool for end users’ desktops technologies. He runs GPO- tures, VMware’s performance immediate benefit to anymore. It is hands down answers.com, a community in this round outshines its upgrade to the new version. the best tool for performing forum to answer tough Group previous performances. This is where Simon live presentations, testing Policy questions. His latest book shrugs his shoulders and software compatibility issues is Group Policy, Profiles, and What Simon Would Say thinks out loud, “Well, I or running multiple (and IntelliMirror for Windows The original reason to knew you could do that. A different) operating systems 2003, Windows XP, and use VMware was to run solid performance as always, for any reason. Windows 2000 (Sybex). applications that had com- but what else would I VMware bills Workstation You can contact him at patibility issues with modern expect?” What Simon may 5.0 as “Powerful Virtual [email protected].
20 | August 2005 | Redmond | redmondmag.com | Project2DESKTOP3TANDARD?2EDM%&PDF 6/7/05 11:12 AM Page 1 0-
,%!34 02)6),%'% #/-0,)!.#% )3 ./7 ). 9/52 (!.$3
)N TODAYS CORPORATE ENVIRONMENT ITS NOT AN OPTION $ESKTOP3TANDARDS 'ROUP 0OLICY SOLUTIONS TAKE YOU BEYOND BUILT IN 7INDOWS SECURITY MANAGEMENT GIVING YOU THE POWER TO LIMIT RIGHTS AND PRIVILEGES TO THE LEAST REQUIRED FOR AUTHORIZED TASKS 2EDUCE THE COMPLEXITY OF MANAGING YOUR DISTRIBUTED DESKTOP ENVIRON MENT WHILE INCREASING SECURITY AND COMPLIANCE &IND