No "Logon Using Dial-up Connections" in Windows Vista?

In most IT departments it is quite common to setup a fleet of laptops as members of the domain and then have users logon to the domain using cached credentials when they are not connected to the corporate network. This works great except that since the laptop cannot contact a domain controller it cannot download the latest applicable Group Policy. Therefore the policy that is used is the one that was effective last time the laptop successfully contacted the domain controller during the logon process, which is probably not the most up-to-date Group Policy.

The way this is resolved in Windows 2000/XP is that a user checks the "Logon Using Dial-up Connections" checkbox at the logon screen. This forces Windows to dial a remote connection before attempting to logon to the domain. Since a remote connection now exists between the laptop and the domain when the logon attempt is taking place, Windows will download the current applicable Group Policy.

Now that's great and everything, but Vista poses a new situation - mainly, where the heck is that checkbox? It's not there, but it's feature is - here is how to accomplish the same thing that checkbox does in XP in Windows Vista:

Create a system dial-up connection in Windows Vista

1. Open Control Panel. Click Network and Sharing Center.
2. Click Set up a connection or network, and then click Connect to a workplace.
3. Click Use my Internet connection (VPN).
4. Type the Internet address or FQDN of your VPN server in the Internet address box. Type a suitable name of the connection in the Destination name box.
5. Select the Allow other people to use this connection check box. It is important that you select this box. Doing so allows Windows to display the connection before logon. Optionally, you can select Don't connect now; just set it up so I can connect later.
6. Complete the wizard and save the connection. Restart the computer.

Finding the equivalent of "Log on using dial-up connections"

1. Press CTRL+ALT+DELETE.
2. Windows displays the logon screen for the user that last logged on. Press ESC or click Switch User to view other logon choices.
3. A blue button appears to the left of the red Shutdown button. Click the blue button. Windows displays a list of system-owned dial-up connections for you to choose, if there is more than one. Otherwise, Windows uses the single system-owned connection.
4. If prompted, type the user name and password for the dial-up connection and click the round blue button to connect.
5. Windows then establishes a connection to the remote network using the provided credentials. It uses these same credentials when logging on to the domain.

Now your users will be able to logon to the domain with the Vista laptop using a remote connection and the current Group Policy, not cached credentials. While the solution here is interesting, it would also be nice to know why this change was made.

Special Thanks to Mike Stevens at the Microsoft Group Policy Blog.

Log on automatically in Windows Vista

If you have a single-user PC and would rather have it automatically log on than display the Welcome Screen, this post is for you. Obviously do not do this on a computer that contains secure or confidential information. Also, don't follow the instructions for some older versions of Windows that involve editing the registry and adding your username & password to it. Those methods leave your username and password in unencrypted plaintext, and while having your computer automatically log on isn't the safest thing, there is no reason to store your password in plaintext when you can avoid it. Best of all, this way is much easier than editing the registry and stores your password as an encrypted LSA secret.


From the search/run box in the Start Menu, type netplwiz. Clear the check box for 'Users must enter a username and password to use this computer.' The 'Automatically Log On' dialog box will appear, enter your username and password here and click 'OK'. This is the username and password Vista will use to automatically log on with every time it starts. Next time you start your PC it should load directly to the desktop!

If you want a little bit more control over the autologon process download the autologon command-line utility. This utility was created by Microsoft developer Andrew Jennings and allows you to setup autologon for a limited number of sessions, among other things. Usage instructions are available from this post on Andrew's blog.

Credit to Ed Bott at ZDNet for making me think about this and find a good solution.

Today is System Administrator Appreciation Day

Today is the 8th annual System Administrator Appreciation Day. It is always the last Friday in July and is the one day that SysAdmins are supposed to get the respect they deserve to be getting the other 364 days of the year.

Today is the day that we wish everyone would considering the daunting tasks, small budgets, and ridiculous timelines that many SysAdmins face all year. Please thank them for everything they do for you and for your business. If you think you have a great SysAdmin today would be the day to nominate them for SysAdmin of the Year.

The idea for System Administrator Day was inspired by a print ad for a Hewlett-Packard laser jet printer. The ad showed lines of employees bringing gifts for the IT guy who made the purchase.

System Administrator Appreciation Day has, over the years, garnered support from many organizations, such as the League of Professional System Administrators (LOPSA), Friends In Tech (FIT), Sunbelt Software, and 'In The Trenches', a podcast for SysAdmins. Many geek-inspired websites, such as ThinkGeek.com (also a sponsor) designed special gift guides devoted to the new day of appreciation.

Please post a comment of what your workplace or co-workers did for you this System Administrator Appreciation Day!

Improvements to DFS in Windows Server 2008

Jill over at The Filing Cabinet has a great post this week outlining some new changes coming to DFS (Distributed File System) in Windows Server 2008 (Longhorn). This news comes straight from the DFS Namespaces team at Microsoft, so I'm confident that these features will actually be there in the RTM version of Windows Server 2008.

The biggest new improvement is support for more than 5,000 targets in a domain-based DFS namespace. In Windows Server 2008 you will be able to use the DFS Management snap-in to create a new domain-based namespace in one of two modes:

• Windows 2000 Server Mode: This provides the same DFS functionality and scalability that is currently available in Windows 2000 Server and Windows Server 2003, but running on Windows Server 2008.
• Windows Server 2008 Mode: This new mode provides functionality and scalability, along with support for access-based enumeration (users do not see folders/content that they cannot access).

So far it looks as if these new options in Windows Server 2008 Mode will only be accessible or configurable with Dfsutil, not through the DFS Management snap-in. But the new Windows Server 2008 Mode removes any hard limits that were there from Windows 2000, like the 5,000 target limit. The DFS Namespaces team is currently running performance tests to determine the guidelines and sizing requirements for this new mode.

To be able to create a new domain-based namespace in Windows Server 2008 Mode your servers and domain must have a functional level of Windows Server 2008 (only Windows Server 2008 Domain Controllers). The only other requirement is that all servers hosting the namespace must be running Windows Server 2008, so it looks like you'll need to upgrade all those DFS servers.

One final update to DFS that will probably affect a lot more smaller networks is that stand-alone namespaces hosted on Windows Server 2008 will now support access-based enumeration.

New Ethernet standard both 40Gbps and 100Gbps

When Ethernet was originally created in 1974 it was a 3Mbps technology from Bob Metcalfe at Xerox PARC that few thought would beat out technologies such as Token Ring from the big boys like IBM. But Metcalfe left Xerox to found 3com and promote Ethernet, while also boosting the speed from 3Mbps to 10Mbps, compared to Token Rings 6Mbps [Edit: Token Ring was originally 4Mbps and later upgraded to 16Mbps]. Now a days 1Gbps networks are becoming standard and 10Gbps networks are creeping in to specialized situations. But the Higher Speed Study Group (HSSG) is not satisfied. They have approved a Project Authorization Request (PAR) for a new standard, IEEE 802.3ba, which will give Ethernet speeds of up to 100Gbps.

When IEEE 802.3ba was originally proposed their were multiple possible speeds that were being discussed, including 40, 80, 100, and 120Gbps. While there options were eventually narrowed down to just two, 40 and 100Gbps, the HSSG had difficulties decided on the one specific speed they wanted to become the new standard. HSSG chair John D'Ambrosia told PC World that although he "wouldn't say there was a fight, I would say their was an education going on, and it got heated at times." During the discussions two different groups formed, one which wanted faster server-to-switch connections at 40Gbps and one which wanted a more robust network backbone at 100Gbps. The higher speed required more expensive and power-hungry equipment, you can find out more about it from this presentation [PDF].

Unable to come up with a consensus the HSSG decided to standardize both 40Gbps and 100Gbps speeds as the IEEE 803.23ba standard. Each speed will use different connection equipment. 40Gbps can be 1 meter long on the backplane, 10 meters for copper cable and 100 meters for fiber-optics. The 100Gbps standard includes specifications for 10 kilometer and 40 kilometer connections over single-mode fiber.

According to D'Ambrosia this is the first time the specification group has approved two different speeds in the same specification. If IEEE approves the specification it could be completed by 2010 with devices that support is soon thereafter.

Minimize apps to the System Tray with RBTray

Here is another great little utility that adds some functionality that I wish was already built in to Windows. RBTray is a very small (111 KB) GPL/Open Source program that lets you minimize any application to the System Tray by simply right-clicking the applications Minimize button or pressing Windows+T.

RBTray's site is hosted at SourceForge, you can download either the installer version or the binary-only version. Absolutely no configuration is necessary. The source code is also available for anyone who would like to contribute.

Reorder your Task Bar and System Tray

One of the most annoying things about Windows is that Microsoft does not include any functionality for reordering the task bar, its order is solely based on the order in which you started your programs. The system tray also works the same way. But now you can finally achieve these two things with the help of Taskbar Shuffle from the Home of the Nerd Cave. It is a freeware program for all 32-bit versions of Windows (a 64-bit version is on its way).

I was hesitant to recommend this program initially because of its larger memory footprint, but the latest release has seen a dramatic reduction in memory usage - it now uses about 6MB of memory while running. Taskbar Shuffle requires no hot keys or extra steps, after you install it you simply drag and drop the programs on your task bar to rearrange them. If the order of your programs on the task bar is sometime that concerns you, download Taskbar Shuffle over at the Home of the Nerd Cave.

Nested Labels in Gmail - Folders4Gmail

Kyle over at Lifehacker has a new post about a great new user script called Folders4Gmail. This script turns Gmail's labels into a pseudo-folder system by making the view hierarchical. This is a great script for all of you how are annoyed by Gmail's lack of folders, as Google espouses tags/labels instead. But some things just need to be in a hierarchy, even Google seems to have realized this with the latest update to Google Docs & Spreadsheets.

Folders4Gmail is a user script and requires either Greasemonkey (Firefox), Turnabout Advanced (Internet Explorer 7), or Opera 9. You can download the user script at the Folders4Gmail website.

Google - The reason behind the "We're Sorry..." message

Neils Provos, from the Anti-Malware team over at Google has a post on the Google Security Blog with the reasoning behind the "We're Sorry..." messages and CAPTCHA you may sometimes see while using Google.

Some of you may have noticed that sometimes Google will display a page like this instead of the search results. Neils says this pages is displayed when Google detects anomalous queries from your network. As a human it is possible to answer the CAPTCHA (a reverse Turing test) and continue your search, but it is much harder for a bot, script, or worm to answer the CAPTCHA. This page is often trigged by a malware infested PC(s) behind a router , it can also be trigged by overly aggressive SEO (Search Engine Optimization) tools. Self-propagating server worms can also trigger the page by searching Google for various URL strings, looking for other vulnerable servers to infect.

The post also talks a little bit about ACM WORM 2006, where Google published a paper on Search Worms - including the Santy search worm, which infects phpBB2.

2000 uses for WD-40

The Tacoma Wheelman's Bicycle Club (TWBC) has compiled a list of 2000 unofficial uses for WD-40. Here are their Top 10:

1. Use to loosen rusty nuts and screws, clean garden tools
2. Cleans piano keys
3. Keeps wicker chairs from squeaking
4. Lubricates small rolling toys
5. Keeps garden tools rust-free
6. Cleans patio door glide strip
7. Removes crayon from clothes dryer (make sure to unplug dryer first)
8. Removes scuff marks from ceramic tile floor
9. Keeps metal wind chimes rust-free
10. Removes crayon from walls

Post of a comment if you can think of a 2001st use!

Dangerous Abbreviations

Will over at Think Before You Send has another helpful post up about email etiquette. His posts are almost always helpful in keeping you from embarrassing yourself in an email. This post deals with abbreviations in emails:

Abbreviations are part of email — FYI, LOL, CC, BCC, etc…But you need to be careful that the abbreviations and acronyms you use are known and agreed upon. A classic is IRA, which to some is Individual Retirement Account. To others…the Irish Republican Army.

Just today I heard a story from a top manager who was in the habit of using “FU” to mean “Follow Up.” Well, it seems a member of her staff became irate when he thought it meant something very different indeed.

Please post a comment if you have any of your own additional dangerous abbreviations.

Share your iTunes library with Simplify Media

Adam over at LifeHacker features Simplify Media as their download today.

Freeware application SimplyMedia shares iTunes libraries over the internet, giving you access to shared libraries no matter where you are. That means you can install Simplify Media at home and work to get access to your entire home music library from work (assuming both ends have a fast enough connection to stream your MP3s). If you've got a few friends with libraries you want to access, you can add up to 30 shared libraries. If the allure of accessing your music from anywhere overrides that annoyance, Simplify Media is a free download, works on Windows and Mac.

Check it out if you're looking for an easy and free way to share out iTunes library over the Internet.

Resize Windows apps with Sizer

Sizer is a freeware Windows utility which lets you take advantage of your wide-screen or high resolution monitor. It allows you to resize windows to pixel-specific sizes with just a right-click on its maximize button, rather than maximizing your windows or manually resizing them. You can also resize windows whenever a resize cursor is showing or by right-clicking the Sizer system tray icon.

It can also be handy for web designers when testing the layout of their pages. Sizer will also show you the size of a window as a tooltip while you are resizing it. You can configure Sizer with any number of custom sizes.

Oil, Oil, Oil

via The Economist

Microsoft announces release date for Windows Server, SQL Server, and Visual Studio

Tuesday at the Worldwide Partner Conference in San Francisco, Microsoft Chief Operating Officer, Kevin Turner, announced that Windows Server 2008 (Longhorn), Microsoft SQL Server 2008 and Visual Studio 2008 will be officially launched on February 27, 2008. This comes as a surprise to many who have been following Server 2008, since most were expecting a release in December 2007.

With the lackluster sales of Vista, Microsoft has had to rely on Office 2007 to make their sales numbers. In 2008 Microsoft is hoping that the release of these three products, along with the rumored Service Pack 1 for Vista will spur adoption across the board. One possible downside to this announcement is that now that a hard release date is available many companies may delay their adoption dates so that they can do them simultaneously.

So far Windows Server 2008 is looking like it's going to be a great product. It builds in Server 2003's emphasis on security, ease-of-management, and stability while also greatly expanding the functionality of Terminal Services and virtualization. Microsoft is also planning to release an update to Virtual Server shortly after these releases.

Terminal Services will be expanded to include lots of functionality which used to require third-party software, such as Citrix. This is great for IT departments with small budgets who could never afford the high costs of Citrix. Now these departments will be able to use features like application publishing via Terminal Services.

Windows Server 2008 is shaping up to be a great release. Obviously it will not sell as many copies as a desktop OS like Vista, but Microsoft is hoping that it will spur adoption of their other products, and I believe it will. This is looking like a must-have upgrade for all but the very smallest companies.

Google aquires anti-spam and data security firm Postini

It looks like Google's acquisition train just keeps going. Yesterday they announced the purchase of Postini, a major corporate security and spam filtering company, for $625 million. The press release says that Google is looking to include this in their Google Apps strategy with Gmail, Calendar, Talk, and Docs and Spreadsheets. Google plans to use Postini's expertise to add security, archiving, policy enforcement to their apps.

Postini is well known for providing spam filtering, anti-virus, encryption, archival and compliance services for email. They also provide instant messaging and web security services.

"With this transaction, we're reinforcing our commitment to delivering compelling hosted applications to businesses of all sizes," said Chairman Eric Schmidt, Google CEO, in a statement.

Google and Postini are both heavy believers in SaaS (Software as a Service) and that IT shops are wanting to outsource as much as they can if the price is right. Postini currently has over 11 million users and has been profitable since 2004.

Windows Stats in Firefox with StatusbarEx

StatusbarEx is a plug-in for Firefox which adds Windows statistics in the Firefox statusbar. These stats include things like Firefox's memory usage, your total CPU usage, network speed, power status, and the time the page you are visiting was last updated. So if you still have the Firefox statusbar turned on (in which case read my auto-hide post) then download StatusbarEx and put it to a better use! StatusbarEx requires the Microsoft Visual C++ Runtime.

Enable dictionary, thesaurus and encyclopedia in Google Docs & Spreadsheets

As the development of Google Docs and Spreadsheets continues I find myself using it more and more often. Another new (BETA) feature that is being added to Google Docs and Spreadsheets (I wish they would call it Google Office) is the inclusion of a dictionary, thesaurus, and encyclopedia lookup, provided by Merriam Webster and Encyclopedia Britannica.

To enable these features simply paste the following code into your address bar when using Google Docs and Spreadsheets.

javascript:void(INCLUDE_BRITANNICA_INTEGRATION=true);

After doing this you will notice some new options when you right-click on highlighted text.

"Shift Happens"

Google Docs & Spreadsheets - Keyboard Shortcuts

WebWorkerDaily has composed a list of useful keyboard shortcuts for Google Docs and Spreadsheets.

• Ctrl-J: Full justify
• Ctrl-Shift-L: Bulleted list
• Ctrl-L: Left alignment
• Ctrl-E: Center alignment
• Ctrl-M: Insert comment
• Ctrl-Space: Remove formatting
• Ctrl-1, 2, or 3: Header style 1, 2, or 3
• F2: Edit active cell (spreadsheets)
• Ctrl-Spacebar: Select entire column (spreadsheets)
• Shift-Spacebar: Select entire row (spreadsheets)

If you have any other useful Google Docs & Spreadsheets shortcuts, please leave them in the comments.

Five things you probably didn't know about Google Docs and Spreadsheets

Josh Lowensohn over at WebWare has a new article outlining five fairly unknown yet useful features in Google Docs and Spreadsheets.

1. Live lookup via Google and Google Finance. This is only available for Spreadsheets, but it's one of the neater advanced tidbits that makes use of Internet connectivity. Using two special formulas, users can create cells that will update constantly with data or information gleaned from Web searches or Google's finance service. This works for things such as stock symbols, sports statistics, or any other piece of information you want to source and keep up to date automatically. Spreadsheets users can have up to 250 of these live-updating cells per spreadsheet. You can read more about this here and here.

2. Google search inside a spreadsheet. If you come across a word or phrase that's unfamiliar, or you want to find out more about it, you can search for it without leaving the page. Just highlight it, right click and choose "Search the Web." The results will open in a new browser window (Note: This doesn't work in Google Docs, just Spreadsheets.)

3. Color-coded live comments. Microsoft Word junkies are probably well in tune with the program's pop-up commenting system. Google's approach in Documents is similar, allowing users to annotate wherever they please, as well as color-code comments. If the author or another contributor finds a comment useful, they can add it into the document by right clicking on it and then choosing that option from the contextual menu. Collaborators can also change their comment coloring on the fly, or create their own custom coloring scheme to denote things such as priority.

4. Revisioning. Like an entry on Wikipedia, both Google Docs and Spreadsheets offer the option to keep track of changes that have been made over the course of a document's or spreadsheet's lifespan. You can jump back and forth between edits you or your collaborators have made on a drop-down timeline menu, or by clicking the "older" and "newer" buttons. The slightly more advanced version of this that's only available in Google Docs (not Spreadsheets) is the ability to look at two versions of the same document side by side. The application will highlight the differences, and each revision gets its own color code. In any case, if there's been a snag somewhere, or you find an addition you don't like, you can nix it on the spot.

5. There are many copies. And they have a plan. The first thought in most people's minds when they're working with online apps is, "Where is this file being stored, and what if something bad happens?" Any document or spreadsheet created on the service is constantly being backed up in several places at once. Google uses the same file system for all of their Web apps, called GFS (Google File System), that's been designed so even if the server in which your file is hosted bursts into flames, the system will automatically switch over to the backup copy. The team says if this were to happen, users wouldn't even notice. Don't try this with your computer at home--that is, unless it's not your fault.