Group Policy Center

Lilia Gutnik from the Group Policy Team at Microsoft (a.k.a. @superlilia ) recently recorded some video’s with Adam Bomb from TechNet Edge. This video shows a cool new Group Policy troubleshooting tool called GPLogview which is a very useful to decipher those very long and complicated group policy event log’s that Windows give you out of the box.

For more information check out Group Policy Team Blog Article at GPLogView and you can download the tool from from Microsoft Download Center at GPLogView

Microsoft have now released hotfix (KB980356) to resolve an issues with configuring a scheduled task described as “Incorrect start dates are displayed for the scheduled tasks that are deployed by Group Policy preferences in Windows Server 2008 or in Windows Vista”. This issues results a problem with the schedule task being configured to run on the wrong date (e.g. a day early) due to the way “the Group Policy preferences engine handles the date incorrectly”.

For more information check on the issue and for a link to the download go to KB980356

Source Aug. 27 – Sep. 2 Hot-Fix KB articles Weekly Release – Windows 6/7 – The Hot Blog – Site Home – TechNet Blogs

I just discovered that mine and Jeremy’s session will be broadcasted live as a free silverlight streamed session. You can register for the live session at TechEd Live. So even if you are not in the country please logon to see how awesome Group Policy Preferences can be in your organisation.

You can also see what other session at TechEd this year will be streamed at http://australia.msteched.com/free-sessions

Group Policy Setting on the week will be taking a break for the next 2 weeks as I will be speaking at TechEd Australia and New Zealand.

If you are lucky enough to be coming to either event then please come to my one or both of Group Policy sessions.

I will also be randomly video interviewing people for their Windows 7 Deployment story… So if you have a story you want to share (or you just want to meet me) feel free to send me a message on twitter http://www.twitter.com/alanburchill to catch up…

Virtualization is currently a buzz word and it seems that Microsoft is falling over itself to brand as many products as possible with the “V” word (e.g. Hyper-V, App-V & Med-V). So “User State Virtualization” is the term that Microsoft now uses to describe what used to be call Roaming Profiles and/or Folder Redirection.

The idea is simple… a user can logon to any computer in an organisations and have all their personal files and setting apply to that computer as it was the last time they used a computer. This is really a Win/Win for Users and IT Pros as for a user this is a big time saver as they no longer need to waste time setting up their drives, printers and other personal settings when they have to use another computers. IT Pro’s also benefit when there is an un-expected failure or loss of a computer then they don’t have to go through what could be a lengthily, costly and if not impossible, process of recovering the users data.

Now theoretically User State Virtualization can be totally done with just a Roaming Profile, however this quickly becomes impractical as users often store a LOT of data which can make users profile impossibly large. To get around this Microsoft users folder redirection to essentially redirect parts of a users profile to a file share on a server where it is centrally access whenever they logon to a computer.

Reference: Managing Roaming User Data Deployment Guide

Folder Redirection provides a way for administrators to divide user data from profile data. This division of user data decreases user logon times, and Windows downloads less data. Windows redirects the local folder to a central location, giving the user immediate access to their data when they save it, regardless of the computer they are using. This immediate access removes the need to update the user profile.

By redirecting these folders to a server they are only access when needed and therefore very large files do not slow down the profile update process. The obvious disadvantage of doing this is that when a user cannot access the redirected folders (e.g. disconnected laptop users) they lose access to these files. However this restriction is also mitigated by ensuring that the user has a cached copy of these redirected folders.

Below I am going to go through a number of tips and tricks to make sure you get the most out of a User State Virtualization setup in your environment and to ensure that you don’t fall into some configuration traps.

Continue reading ‘Best Practice: Roaming Profiles and Folder Redirection (a.k.a. User State Virtualization)’ »

This week setting of the week allows you to prefer a custom logon background image in Windows 7. This setting is called “Always use custom logon background” and can be found under Computer Configuration > Policies > Administrative Templates > System > Logon.

Microsoft brought back the option to easily customise the logon background in Windows 7 as this was previously possible in Windows XP but it was removed with Windows Vista which left people with some pretty messy workarounds.

Once you have enabled this option all you have to do to create the “%windir%\system32\oobe\info\backgrounds” folder and populate it with a backgroundDefault.jpg image and your computer will then use that as the background image when logging on and off.

Note: Some sites will direct you to configured the OEMBackground or UseOEMBackground in the HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background however this setting will negate the need to set this key.

For more info on how to configure a custom background check out Windows 7 to officially support logon UI background customization

In the July 29 to August 12th Hot-fix release for Windows 6/7 there have been a number of Group Policy related hotfixes released. As far as I can tell none of these hotfixes are listed as being in Windows 7 Service Pack 1 that is currently in beta (see The complete list of Group Policy Hotfix’s in Windows 7/2008 R2 Service Pack 1) so if you are experiencing any of the above hotfixes it will be some time before you will be able to deploy them as part of a service pack.

• KB2250489 You cannot turn off the screen saver in the Windows Mobility Center when the "Prevent changing wallpaper" Group Policy setting is enabled on a computer that is running Windows Vista SP2
• KB2261826 You cannot find a network drive in the "Browse For Folder" dialog box in the GPMC MMC snap-in on a computer that is running Windows Server 2008 or Windows Vista
• KB2096902 Virtual machines in a VDI environment are not rolled back as expected if the disconnected Remote Desktop connections on the virtual machines are stopped by Group Policy
• KB2254754 You experience a GPO report-generation issue in the GPMC window when you try to generate the report in a localized version of Windows 7 or of Windows Server 2008 R2
• KB2258620 You cannot find the "Find Now," "Stop," and "Clear All" buttons in the GPMC snap-in on a computer that is running Windows 7 or Windows Server 2008 R2
• KB2275315 You cannot read the GPO in the SYSVOL directory in Windows 7 or in Windows Server 2008 R2 if you enable the "Deny write" permission of the GPO
• KB2284538 Apply once and do not reapply Group Policy setting is never applied after the first GPO deployment fails on a client computer that is running Windows 7 or Windows Server 2008 R2

Source: Jul. 29 – Aug. 12 Hot-Fix KB articles Weekly Release – Windows 6/7 – The Hot Blog – Site Home – TechNet Blogs