Windows 7 | Aidan Finn, IT Pro

Windows 7 Support Has Ended

You will have to be hiding under an “IT rock” to not know this: today, on January 14^th, Microsoft is releasing their very last updates for Windows 7 to the public. Yes, after over 10 years of support, Windows 7 is now end-of-life.

Disclaimer: businesses can extend security fix availability for Windows 7 in one of two ways:

Run Windows 7 in Azure with appropriate RDS licensing for a VDI solution, with security fix availability for 3 years from today.
Subscribe to a year-by-year (maximum three years from today) security fix program, where the price will probably double each year.

It’s hard to believe that Windows 7 became generally available 10 years and 3 months ago. It was still early in my active-in-the-community days. This was a time when Microsoft used to run public events, and technical people would promote their products. I was asked by the DPE/partner teams in Dublin to work with them on their Windows 7 “community launch” roadshow in 4 cities around Ireland: Belfast, Galway, Cork, and Dublin. Each event featured 1 or 2 business-focused shows during the day, and 1 consumer-focused show in the evening. I honestly don’t remember what Windows 7 stuff I talked about back then – it could have been MDT, I don’t recall. But I remember each event had a huge attendance – the free copy of Windows 7 Ultimate (it should have been a Home version but accidentally was announced and supplied as Ultimate at great cost to MS Ireland!) helped. But despite the big freebie, the interest was genuine and there was lots of interaction.

Windows 7 was a great OS. From the first time I used it, either Beta or Release Candidate, it was stable. I logged a bug with the wi-fi config assuming you were in the USA, which was acknowledged and resulted in a free copy of Windows 7 for me (along with one from the roadshow!). Uptake with businesses was slow – the eventual end-of-life for Windows XP resulted in lots of rushed deployments. Then along came the deeply unpopular Windows 8/8.1 and that meant that people stuck with Windows 7. Even today, businesses have held on tight, fearing the forever-frequently-upgrading model and different management of Windows 10.

I’m actually feeling a little weird. It doesn’t feel like 10 years. On one hand, it feels like yesterday that I was hanging with the Windows 7 & Windows Server 2008 R2 launch team at a hotel in Galway, Belfast, or Cork. That’s us in the blue/black rugby jersey’s above, which had a 7 on the back. Dave moved into an enterprise role in Microsoft and has since left in recent years – he’s the one that got me involved in community stuff after I had been blogging for a while. Enda left Microsoft and emigrated with his family to live a great life in Norway. Wilbour moved to Microsoft in his native Canada and has since left the company. There’s me … And Patrick has since passed on. We literally presented that show on the seat of our pants. The demo lab build stated the night before in a hotel room in Galway, and I remember Patrick finishing his build behind the curtain while Dave was presenting! And that curry in the Indian Princess in Cork … Wilbour and I dared each other to eat the Chicken Phal. I think I needed 3-4 pints of beer to down it, and maybe some loo roll in the fridge. On the other hand, it feels like life has moved at lightspeed and so much has happened since then.

EDIT:

How could I forget … actually my work in Azure has me rarely signing into a customer’s OS anymore … but today is also the end of support for Windows Server 2008 and Windows Server 2008 R2. Wow! My first community involvement with Microsoft was the launch of W2008. Dave (above) ran a series of events during the beta/RC time period to bring IT pros up to speed on the new server OS. I was working with a “large” Irish hosting company as the senior Microsoft engineer, maintaining what was there and building a new VMware hosting platform – yeah, you read that right. I was invited to attend the sessions. Towards the end, Dave asked if anyone was interested in doing some community work. I volunteered and next thing I know, I was standing on the main stage with Dave and Mark (who now runs the Microsoft data centre tours in Dublin) for the launch of W2008. That was a mad day in the Pod nightclub in Dublin. There were three launch events in 1 day. Each had 3 session slots – a keynote presented by an Irish guy working in Redmond in Server marketing, and then two slots where you could attend different sessions. We were in the main hall and presented W2008 in slots 2 and 3, 3 times that day. I remember we had to time it perfectly … music would literally drown us out after 25 minutes so we had to be quick. That, and the fear of the crashes that plagued the local Vista launch, meant that all demos were recorded and editing was done to make the videos quicker. I think I talked about Server Core. I remember the install demo and saying how quick it was, and getting some laughs when I explained that it wasn’t as quick as the obviously edited video. And the following night was the first time that I hosted/presented at a user group community event in Dublin.

My big memory of the W2008 R2 launch was the roadshow we did in Dublin while it was still beta/RC to build up interest. By now, I was working for a different hosting company and was building a new hosting platform that would be based on W2008 R2 Hyper-V and System Center. It as another roadshow in Belfast, Galway, Cork, and Dublin, with the same gang as the previous Windows 7 one. I remember Dave build a Hyper-V lab using a couple of laptops and a 1 Gbps switch. He was so proud that he had a demo lab that didn’t rely on dodgy hotel wi-fi or phone signals. It worked fine in rehearsals, but Live Migration failed in every live demo, which Dave insisted on fixing in front of each audience. I was co-presenting with him. The Dublin event, in the Hilton by the Grand Canal, was crazy. Dave put his head down, waved at the audience and said “I’ll fix this”. Time was passing, so I decided to do “a dance” to entertain the crowd. When I say “dance” imagine the Umpalumpas dancing in Charlie & The Chocolate Factory.

Yes, time has moved on … 10+ years of it! And now Windows 7 is breathing its last hours as a fully supported OS. I sure hope that your desktop OS has moved on too.

KB2990170 – MPIO Identifies Different Disks As The Same Disk

Microsoft posted a fix for Windows Server 2012, Windows 8, Windows Server 2012 R2, Windows 8.1, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 for when multipath I/O identifies different disks as the same disk in Windows.

Symptoms

The code in Microsoft Windows that converts a hexadecimal device ID to an ASCII string may drop the most significant nibble in each byte if the byte is less than 0x10. (The most significant nibble is 0.) This causes different disks to be identified as the same disk by Multipath I/O (MPIO). At the very least, this may cause problems in mounting affected disks. And architecturally, this could cause data corruption.

Resolution

When you apply this hotfix, the conversion algorithm is fixed. Disks that were masked by this issue before you installed the hotfix may be raw disks that still have to be partitioned and formatted for use. After you apply this hotfix, check in Disk Management or Diskpart for previously hidden disks.

A supported hotfix is available from Microsoft Support.

Technorati Tags: Storage,Windows Server 2008,Windows Server 2008 R2,Windows Server 2012,Windows Server 2012 R2,Windows Vista,Windows 7,Windows 8,Windows 8.1

Microsoft Fraks Up Patches AGAIN

I’m sick of this BS.

Microsoft is investigating behavior in which systems may crash with a 0x50 Stop error message (bugcheck) after any of the following updates are installed:

2982791 MS14-045: Description of the security update for kernel-mode drivers: August 12, 2014
2970228 Update to support the new currency symbol for the Russian ruble in Windows
2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
2975331 August 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012

This condition may be persistent and may prevent the system from starting correctly.

If you are affected by any of the above then the repair process (see Known Issue 3) is an ungodly nightmare.

This is exactly why I tell people to delay deploying updates for 1 month. That’s easy using SCCM (an approval rule will do the delaying and supersede for you). WSUS – not so easy and that requires manual approval, which sadly we know almost never works.

Feedback, private and public from MVPs hasn’t worked. Negative press from the tech media hasn’t worked. What will, Microsoft? Nadella oversaw this clusterfrak of un-testing before he was promoted. Is sh1te quality the rule from now on across all of Microsoft? Should we tell our customers to remain un-patched, because catching malware is cheaper than being secure and up-to-date? Really? Does Microsoft need to be the defendant of a class action suit to wake up and smell the coffee? Microsoft has already lost the consumer war to Android. They’re doing their damndest to lose the cloud and enterprise market to their competition with this bolloxology.

Technorati Tags: Windows Server 2012 R2,Windows Server 2012,Windows Server 2008 R2,Windows Server 2008,Windows 7,Windows 8,Windows 8.1

Microsoft News Summary – 14 August 2014

There’s a new craze out there with famous people called the Ice Bucket Challenge. A person is dared to take a bucket of ice water over the head (and post the video online) or donate to charity, in in of of “raising awareness” of a disease called ALS. Nadella and Zuckerberg have done it. Gates has been challenged.

How to install DSC Providers for Linux on CentOS 6.2: This tutorial is streamlined by combining multiple commands together where applicable.
Migrate On-Premise Virtualized Workloads to Azure using Azure Site Recovery: ASR can also help you quickly and easily spin-off additional development and testing environments or migrate on-premise virtual machines to Microsoft Azure.
Gartner – Plan Now to Avoid Windows XP Deja Vu With Windows 7: Only morons fails to learn lessons from before. Use your new-found deployment tools/expertise and start preparing to get off of Windows 7.
It’s a bird…it’s a plane…it’s VDI and SPLA!!! In summary, you cannot sell/use Windows client OS in a multi-tenant hosted VDI environment. That’s not new – it’s how it has always been. Anyone selling it is either obfuscating that they’re really skinning Windows Server, or they are breaching Microsoft’s licensing terms.
Enable Multi-Factor Authentication in Azure: Azure MFA helps safeguard access to data and applications while meeting user demand for a simple sign-in process. It delivers strong authentication via a range of easy verification options—phone call, text message, or mobile app notification—allowing users to choose the method they prefer, this post will show you how to setup the phone call method.
Bare Metal Post-Deployment – Constructing the Post Deployment Automation (continued) Part 4: Here is part 4, a continuation on the topic of Constructing the Post-Deployment automation.
Microsoft CEO Takes Ice Bucket Challenge, Then Passes it on to Google, Amazon CEOs: Satya Nadella takes the dare to have a bucket of ice water poured over him to raise awareness of ALS. The Mark Zuckerberg video is quite funny – he looks STUNNED .. And he dared Bill Gates to do it in the next 24 hours.

Technorati Tags: Linux,Azure,Cloud,Cloud Computing,DR,Windows 7,Licensing,VDI,Security,Deployment,System Center,VMM,Virtualisation,Hyper-V

Microsoft News Summary-28 April 2014

And here’s the news from over the weekend:

Tips for applying Update Rollup 2 to System Center 2012 R2 and Windows Azure Pack: By MVP Stanislav Zhelyazkov.
Work Folders is now available for Windows 7: For x86 and x64
Microsoft quarterly results: Azure grew by 150% and Office 365 grew by 100%.
Microsoft officially welcomes Nokia Devices and Services business: It’s official; Microsoft completed the acquisition of the Nokia phone business and just grew by 30,000 employees … for the moment.
Automation–Microsoft Azure Automation–The Evolution of Cloud Automation: Here are a few other links and references about this new Microsoft Azure Service, to help you get started with Azure Automation.
Desired State Configuration Blog Series – Part 1, Information about DSC: A “curated list” of links that would be valuable to anyone looking for a starting reference.
Microsoft Warns of Attacks on IE Zero-Day: Microsoft is warning Internet Explorer users about active attacks that attempt to exploit a previously unknown security flaw in every supported version of IE.

Technorati Tags: System Center,Windows 7,Windows Server 2012 R2,Hardware,Security,Internet Explorer,PowerShell

KB2908783 – Data Corruption Occurs On iSCSI LUNs In Windows

Another niche scenario bug is fixed in this update by Microsoft, affecting the following Windows versions/editions:

Windows 8 & Windows Server 2012
Windows 7 & Windows Server 2008 R2

Symptoms

Consider the following scenario:

You have a computer that is running Windows 8, Windows Server 2012, Windows 7 Service Pack 1 (SP1), or Windows Server 2008 R2 SP1.

You create iSCSI connections to multiple iSCSI targets which are storage arrays.

There are frequent iSCSI session connections and disconnections, such as logical unit number (LUN) arrivals and removals.

In this scenario, a silent read/write data corruption can occur on an iSCSI LUN.

There is a bunch of links for downloading updates to resolve the issue, depending on your OS and architecture. See the original post by Microsoft for links.

Technorati Tags: Windows 7,Windows 8,Windows Server 2008 R2,Windows Server 2012

End Of Life Coming To Old Microsoft Virtualization Products

Windows XP gets all the headlines, but some old Microsoft virtualization products are going end of life in the coming months too.

Virtual PC 2004 gave us a desktop-based virtualization product from Microsoft. VPC came from the Connectix acquisition. It was a paid product at first and then went free. I ordered 3 copies of it for my team on the day it was released! I doubt many are using VPC 2004 any more, but extended support is ending on 8th April, 2014, the same day that Windows XP goes bye-bye. Something tells me there’ll be a few shots of whiskey consumed in a certain quiet corner in Redmond Smile

Virtual Server 2005 was Microsoft’s first server-based virtualization product. VS2005 was also a paid-for product, and I also bought it on the first day of release to help the company I worked for at the time reduce the physical server count. VS2005 and VS2005R2 became free products, and were eventually replaced by Hyper-V, a true type 1 hypervisor. If you are still using Virtual Server (2005 or 2005 R2) then you need to plan for extended support ending on 13th January 2015.

In case you might be wondering, XP Mode is also going end of life. This Windows 7 “hack” for Windows XP compatibility runs Windows XP, and therefore it is also going EOL on April 8th 2014.

Technorati Tags: Virtualisation,Microsoft,Windows 7,Windows XP

KB2846340 – Duplicate Friendly Names Of NICs Displayed In Windows

This KB applies to Windows Vista and Windows Server 2008 up to Windows 8 and Windows Server 2012. There’s no mention of Hyper-V, but considering that hosts have lots of NICs, it seemed relevant to me. The scenario is when duplicate friendly names of network adapters are displayed in Windows.

Symptoms

Consider the following scenario:

You have one or more network adapters installed on a computer that is running one of the following operating systems:

Windows Vista

Windows Server 2008

Windows 7

Windows Server 2008 R2

Windows 8

Windows Server 2012

The display names of the network adapters are changed. For example, the device driver is updated.

You add new network adapters to the computer. The new network adapters are of the same make and model as the original network adapters.

In this scenario, duplicate friendly names of the original network adapters are displayed in Device Manager.
For example, you have two network adapters installed on a computer. Before you update the driver, Device Manager shows the following:

<Network adapter name>

<Network adapter name> #2

After the driver is updated, the names of the network adapters are changed to the following in Device Manager:

<Network adapter new name>

<Network adapter new name> #2

After you add new network adapters that are of the same make and model, Device Manager shows the following:

<Network adapter new name>

<Network adapter new name> #2

<Network adapter new name> #3

<Network adapter new name> #4

<Network adapter new name> #5

<Network adapter new name> #6

<Network adapter new name>

<Network adapter new name> #2

In this scenario, Device Manager displays duplicate friendly names of the original network adapters.

A hotfix is available to resolve this issue.

Technorati Tags: Windows Server 2008,Windows Server 2008 R2,Windows Server 2012,Windows Vista,Windows 7,Windows 8,Networking

Tip: Legally Deploying Images Windows To OEM Licensed PCs

As usual, I will not be answering licensing questions. All emails and comments will be deleted without a response. Please ask your reseller these questions instead – that’s why they add a margin to the license when they sell it to you, so make them work for it.

You cannot legally deploy an image of an OEM media installation of Windows. According to a Microsoft licensing brief:

Organizations do not have the right to reimage by using OEM media.

An OEM image can only be preloaded on a PC by the OEM during manufacturing. An image can be individually recovered by the organization (or a service provider it chooses) by using the recovery media. The OEM recovery media should match the product version originally preinstalled on the system; no other image can be used to restore the system to its original state

That means a company that buys hundreds or thousands of PCs, intent on using the OEM license, cannot create a custom image from OEM media (assuming OEM media can even be acquired!). Businesses hate OEM builds because they are full of crap-ware and unmanaged security vulnerabilities. So what can you do to re-image these PCs? Do you need to buy a VL for every single machine? There are benefits to doing that, especially with SA attached, but that’s not for everyone.

There is a little known legal trick that you can apply. According to Microsoft:

Reimaging is the copying of software onto multiple devices from one standard image. Reimaging rights are granted to all Microsoft Volume Licensing customers. Under these rights, customers may reimage original equipment manufacturer (OEM) or full packaged product (FPP) licensed copies using media provided under their Volume Licensing agreement.

These finer points are detailed in the licensing brief.

Basically:

Say you buy 2,000 PCs and want to use their OEM licensing for Windows 7/8 Pro
You want to deploy a custom build/image to these machines
You buy a single volume license for Windows 8 Pro (includes downgrade rights)
You use the MAK/KMS key to create and deploy an image of Windows 7/8 Pro
You’re legit!

You must be sure that you understand:

The OEM and the VL license must be the same edition, e.g. you cannot deploy a Pro VL image to Home OEM licensed PCs using this licensing technique.
You must ensure that the versions are matched, e.g. the OEM license entitles you to Windows 7 (including downgrades) if deploying Windows 7 images. For example, you can’t deploy a Windows 7 VL image to a PC with a Windows Vista OEM sticker/license using this licensing technique.
The languages must be matched as well.

What if you company does not have a VL agreement? You need to 5 products to start one. You can buy a single copy of Windows (to get the ISO download and MAK/KMS keys) and 4 cheap dummy CALs – now you have a VL at minimum cost, and you can re-image your OEM-licensed PCs with an image made from your VL media.

Technorati Tags: Windows 7,Windows 8,Windows XP,Licensing,Deployment

Huge Patch Rollup (KB2775511) Released For Windows 7 SP1 and Windows Server 2008 R2 SP1

I just saw a post on the Dude where’s my PFE? blog that mentions a new hotfix rollup for for Windows 7 SP1 and W2008 R2 SP1 that:

Includes lots of patches
It could, according to the post, shave a minute from the boot time and improve performance for some customers.

You can out more information about the rollup on the Support site. You can find the download here.

– Improves the Windows Client Remote File System components. These components include the following: Web-based Distributed Authoring and Versioning (WebDAV), DFSN client, Folder Redirection, Offline Files and Folders (CSC), SMB client, Redirected Drive Buffering Subsystem (RDB), Multiple UNC Provider (MUP)

– Improves the SMB Service and TCP protocol components. These improvements work together with other improvements to help improve the overall networking performance on Windows 7 SP1-based and Windows Server 2008 R2 SP1-based computers.

– Improves the processing of Group Policies and Group Policy preferences. The performance of computers is improved after you install this rollup update on Windows 7-based computers that have several Group Policy preferences configured. Additionally, the network load and the domain controller usage may be reduced. We recommend that you install this hotfix rollup on every Windows 7 computer that has Group Policy preferences configured.

– Improves the Windows Management Instrumentation (WMI) components to reduce the CPU usage and to improve the repository verification performance.

On the the SMB and TCP improvements:

– To take full advantage of this improvement for Windows 7 clients that log on to Windows Server 2008 R2 servers, install this rollup update on Windows 7 clients. Additionally, install this rollup update on the Windows Server 2008 R2 servers that clients authenticate and retrieve user profiles, policies and script data from during the startup and logon process. You can update your environment by installing this hotfix rollup on both clients and servers in no particular order.

– Network improvements can be installed on the client or server. You may not notice any changes in performance until this update is installed on both client and server computers

Two of the hotfixes are not enabled by default:

KB2581608: Logon scripts take a long time to run in Windows Vista, in Windows Server 2008, in Windows 7 or in Windows Server 2008 R2
KB2752259: An update that improves the performance of the Printbrm.exe command-line tool in Windows 7 or in Windows Server 2008 R2 is available

According to KB2775511 you can enable them via the registry:

– To enable update KB2581608, configure a REG_DWORD type registry key named RunLogonScriptsNormally under the following path, and set the value to a decimal value of 1:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon
– To enable update KB2752259, configure a REG_DWORD type registry key named BrmDisableOpc under the following path, and set the value to a decimal value of 1:
HKEY_LOCAL_MACHINE SYSTEMCurrentControlSetControlPrint

You might create a custom GPO template or use a startup script to deploy those settings.

EDIT#1:

Microsoft’s Michael Griswold has posted an article on how to deploy this rollup using System Center Configuration Manager (SCCM/ConfigMgr).

Technorati Tags: Windows 7,Windows Server 2008 R2