From the Lego-R-Us dept. Today, May 8th I’ve posted a bunch of small Wisdom buildingblocks for your convenience. There’s one to install the Desktop Sampler, theres modules for some generic mucking-about with SQL databases (size query and shrink operations) and I’ve also thrown in one to help shut down an exchange server nicely. As always, if you feel like contributing some cool stuff you’ve made yourself, feel free to poste it over in the forum.
In the meantime go have a look at the new stuff in the Wisdom BuildingBlock Library
From the spring cleaning dept. Ever got frustrated with having a Global Authorized File list which is a mile long? Been wanting to break down your appguard and read-only blanketing security into more manageable chunks? Then this article is for you. It will show you a very slick way of organizing security authorizations using blank/empty applications as placeholders and how you can easily move security settings inbetween them. Note the moving is a PowerFuse 2010 feature.
The article contains a nice buildingblock for you to try out also.
Click here to view the RG026 article.
From the we-work-harder-so-you-don’t-have-to dept. As an administrator or integrator, you may often find yourself in the situation you need to offer certain Controlpanel applets to the users. Unfortunatly PowerFuse doesn’t (yet) offer the ability to import Control Panels as easily as it does regular applications.
To address this, I’ve created a set of buildingblocks which includes every single applet to be found in the standard Windows XP and Windows 7 control panels. On top of that there’s a set of Extras which includes some other nice control panel applets often found. Have a look at what’s inside below: (click to enlarge).
Click here to view the article and download buildingblocks.
A new article has been posted in the Technote Library. The subject is an obscure little executable, called PWRGATE.EXE, which is part of PowerFuse. In the 2010 release, you are able to do many interesting things with this program, such as launching many of the PowerFuse components directly. You are now also able to lauch the User Installed Applications (formerly known as Partially Managed Workstations) wizard directly, so users don’t have to go through the old PowerPanel. Of course they are still able to do that if enabled, that is. As a part of this article, I have created buildingblocks which you can import into your own environment to get access to these apps.
Click here to view the article.
A technote was published in the technote library in late March. This one will help you clean up any embarrasing log entries, which you need to clean out for one reason or another. Suppose you are running PowerTrace with WebTrace enabled in your environment and you or somebody else manage to surf to a webpage which everybody just rather forget about, then you need to find a way to surgically remove the skeletons from the closet, as you may want to retain the remainer of your PowerTrace logs.
In order to do this, you need to have the proper credentials for the PowerFuse datastore.
The article available here, will show you how to deal with this problem. A nifty buildingblock for Wisdom has also been included in the article.
Over the last couple of months, two nice Wisdom buildingblocks have been posted by users on the RES Forum. The latest BB will help you install Windows Deployment services on a Windows 2003 server. The other available buildingblock is able to turn off those pesky Cached Offline Folders. This buildingblock is designed for target computers running Windows XP.
Great work chaps, thanks for sharing!
Click here to see the postings and download the Buildingblocks
This little blurb was inspired by an email to a partner, explaning the differences between PoweFuse’s PowerLaunch and the UserPreferences. This lead to an example on how you can combine these two parts of PowerFuse. The goal is to be able to provide the user with preconfigured, voluntary settings – in a mandatory profile environment. Let’s take a real-world example on this:
We have some users which share a mandatory profile, where the default webpage for IE has been set to about:blank or something else long ago. This setting coded into the .man profile and we don’t want to bother hacking into it since our goal would be to have it changed dynamically, according to group membership.
For example: We want to have users in group1 initially having www.batman.com as their homepage and group2 should have www.superman.com as their homepage. To make the entire thing a bit more interesting, we want to provide the user with the option to change their homepage to something else if they prefer to do so.
To summarize we are talking about creating a dynamic, group assigned voulentary user registry setting on top of a mandatory profile. Sounds iffy? Not at all. This example is easy to follow, but you can of course just download the PowerFuse buildingblock at the end of the article. The registry key we use for this example is HKCUSoftwareMicrosoftInternet ExplorerMainStart Page (REG_SZ)
- If you haven’t already done so, create a PowerFuse application for Internet Explorer (other browsers can be used, but you’ll have to figure out the registrysettings then for yourself)
- Edit the IE app and go to the Configuration | PowerLaunch tab, click Add.
Create a powerlaunch user registry setting for the IE startup page www.batman.com. using the HKCU registry path above. Make sure to mark the reghack with the Run-Once checkmark.
Go to the Access Control tab of the reghack, assign it to group1.- Export the newly created reghack to a temporary file. This done in the “Registry|Export registry file…” menu inside the PowerFuse
registry buffer editor. We are going to use this export one steap further ahead.
- Save the reghack and return to the PowerLaunch tab of the application
- Repeat step 2 above, then go to the Registry|Import registry file… and pull the temporary regfile in again (it can safely be deleted after this btw). In the new reghack, change the startup page to www.superman.com and assign this one to group2. Notice that the name and any comments you added before was preserved in the regfile. Once you’ve configured the reghacks for both groups it should look like this:
- Let’s setup the User Preferences. Go to Properties|User Preferences, while still editing the app. Here we can specify one or more seperate items which should be saved before the logoff destroys the mandatory profle. Using the Add button, you can choose to add:
- A single registry value (like we are using here)
- A registry key (containing multiple values)
- A registry tree (a branch containing multiple registry keys)
- A single file in the profile (such as normal.dot for office)
- A folder in the profile (such as cookies or favorites)
- Fashion the user preference so it looks something like this (remember, you can download the buildingblock below if you want to make sure you build it right). Click on the image to zoom.
When the app has been saved and the user sessions refreshed, PowerFuse will write the correct IE startup page to the registry uppon first time user launch of IE. During the session, the user may perhaps change the homepage of IE to something completely different. Regardless of this, User Preferences will capture the current value of the IE startpage key at logoff and save it, just before the mandatory profile is tossed into Mount Doom. To try all this out for yourself, download the BuildingBlock:
Rightclick and save-target-as here:
This is a handfull of nice buildingblocks for both PowerFuse and Wisdom. These are not insanely advanced or anything, just some handy tools that every RES admin out there ought to have in his toolbelt. An up-to-date list of all available buildingblocks on this site, can be found respectively in the PowerFuse and Wisdom Buildingblock archives. Click on the RAR files below to download the buildingblocks:
PowerFuse BuildingBlock: Default Global authorizations. This buildingblock will help you get from pilot to production much faster, by implementing some best practices for authorizations. The buildingblock contains a set of Global Authorized files which will enable the most common authorisations for Windows XP and VMware workstation. This will enable you to switch both Application Security and Read-Only Blanketing into Blocking mode much faster. For those of you out there using Vista, a seperate buildingblock will be made available later, as there are loads more stuff that Vista wants to pull up at logon. Besides, XP/2003 administrators will probably be happy not having to weed out a ton of unnecessary authorizations. If you want to have a look what’s in the box :), check out this nifty PowerFuse Instant-Report: 
PowerFuse BuildingBlock: Best Practice Registry settings. This is another buildingblock which will help you speed up initial deployment by implementing some of the most common HKCU registry settings. These cover a lot of common stuff, best practices, etc. For example you can redirect shell folders, disable the XP tour, configure the explorer windows properly and much more. You can preview the contens of the buildingblock by having a look at an Instant-Report for the module here:
Wisdom BuildingBlock: Add a computer to the domain. This is a simple module, however it ought to be in the toolbox of every Wisdom admin out there. It simply enters a computer into a domain, but also modifies the DefaultDomain registry key, so the user logging on afterwards does not have to change the domain dropdown. Believe it or not, this is a frequent item which helpdesks have to deal with, so why not eliminate it all together? The module should need no editing at all. When you import it into your Wisdom 2009 environment, it will prompt you for all necessary information.
Wisdom BuildingBlock: Super Security Audit (21MB). With this module you will quickly get an overview of any outstanding security issues, related to missing updates, vunerabilities etc. The module installs MBSA 2.1 + the security cab files and report everything back to the Wisdom console. Also the module will report you MS product keys and do a WGA check on the machines you schedule the job on. There are several cool things worth mentioning about this module.
The module contains all the components ready to go. No extra downloads are necessary.- Just download, import and execute.
- It can operate offline, which makes it great for those kinds of datacenters where allowing the servers to access the Internet is not an option
- The module supports execution on both 32 and 64 bit OS’s. Wisdom will make sure the right bit-version of MBSA is executed on the righ platform
If you would like a sneak-peak of what this module can do look here:
A brand new article has been posted to the Technote Library. This time we’re diving into the PowerTrace tables. Being new to PowerFuse, some will be inclined to switch on everything, including PowerTrace turned to the Maxx, resulting in a potentially very unwanted huge heap of logdata and perhaps even a slow performing DBMS too.
This article explains how to both cure that situation if things have gone megabad, but also how to prevent it from happening in the future.
Click here to read the full article.
A new technote has been added to the library. This one takes you through how to set up the RES Workspace Extender, so you can play around with it in you own test/lab environment. The article offers usefull info into how the technology works and takes you step-by-step through setting up a really cool demo on either Terminal Services or citrix, using either a videoclip or an application.
The net result is that you now can run heavy, graphic-intensive apps as part of a centrally managed remote desktop, regardles of the underlying delivery technology.
A buildingblock is available at the end of the article so you can get started quickly using the RES Workspace extender. Read all about it here
Enjoy! /TRG
BuildingBlocks, Wisdom | RESguru | 
2010/05/08 09:57 | 
Comments (0) 
Subscribe