IT

Internet Explorer Administration Kit (IEAK) for Internet Explorer 8

Posted on December 8, 2010January 1, 2014 by Adam Fowler

Today I thought it would be worth having a look at this utility!

For starters, here’s where you can download it: http://technet.microsoft.com/en-us/ie/bb219517

Why download it? What does it do?

The IEAK is used for settings in Internet Explorer 8, and can either be as part of the IE8 deployment, or after initial deployment. If you’re on Windows 7 then you’d really need to use it after since it’s built into the OS already. There are some painful ways to do a lot of this with importing registry keys etc, so this is a much neater and nicer way. There are 100’s of settings in Group Policy and Group Policy preferences for IE8, but IEAK is better for the newer features. Here’s what IEAK does (shamelessly stolen from Microsoft here http://technet.microsoft.com/en-us/ie/cc889351.aspx).:

Accelerators. You can include custom defaults for Accelerators in Internet Explorer 8.
Web Slices. You can add Web Slices to your custom Internet Explorer 8 package.
First Run Wizard and Welcome Page options. You can configure the First Run Experience for Internet Explorer 8.
Compatibility View. You can choose if content is rendered in Internet Explorer 8 standards mode or Internet Explorer 7 mode. NoteBy default all sites in the Intranet Zone are rendered in Internet Explorer 7 mode.
Search Enhancements. Internet Explorer 8 supports search providers which offer rich text and image suggestions. Through IEAK 8 you can add and configure these providers for your installer.

The main reason I am interested in this is for Accelerators. We don’t want to use Bing, and that’s probably a whole other blog as to why, but we feel Google search is superior. This will also be for Windows 7, so I’ll be looking at the Configuration-only package (after deployment of IE8).

Installing IEAK

Once you’ve downloaded the program, you’ll get the options of which license mode you want to use. The options are (stolen from here this time, Microsoft doco is really good for this! http://technet.microsoft.com/en-us/ie/ff383944)

1. External Distribution – ISPThis mode is available to Internet Service Providers, to help them create a customized browser for the users of their Internet Service.

2. External Distribution – ICP (Content Provider or Developer)This mode is available to anyone who wants to create a customized browser for distribution outside their company (e.g., Web sites, ISVs, etc).

3. Internal Distribution – Corporate IntranetThis mode is available to companies for the creation and distribution of a customized browser to their employees ONLY.

We’ll be choosing the last one of course.

You’ll then be prompted for an Organization (Americans!) Name, which is mandatory and used inside your packages.

The rest is basic – and there you go, it’s installed!

Using IEAK

Run the ‘Internet Explorer Customization Wizard 8 program’ , and it will ask you where you’d like to put your builds. You will then be prompted for what OS version you’re building this for. There’s no option for Windows 7, but you can choose the Windows Vista option for that.

Next, you’ll be asked for the Media Selection. As I’m only doing this after IE8 is installed, I’ll be choosing ‘Configuration-only package’.

The Feature Selection will then ask which features you want to configure. You can remove some if you don’t need them, but I’ve left them all ticked so I can check out all the options.

Next is a nice addition to the wizard – Automatic Version Synchronization. The setup will force you to make sure you have the latest install files for IE8 from the web. At the time of writing, it is only 12.7MB so you won’t have to wait long.

Continuing on, you’ll then get prompted for the User Experience. You can have the user pick lots of options, or just have them see the progress, or silent. I’ll pick silent as my users aren’t interested :) Also there are restart options – Prompt, No Restart or Force Restart. I’ll pick No restart because this will only be used for new machines, which will get rebooted before a user uses them. It’s not critical stuff, but also I can use SCCM to deploy and force a restart if I really wanted to.

Customize Title Bars is next, if you’d like your company name in the IE8 Title Bar. There’s also an option to adjust the amount of additional buttons that appear on the toolbar. Not touching that option…

Search Providers – the one I’ve been waiting for! You can manually specify the settings for your search provider, or go the easy option of just clicking ‘Import’ and it’ll pull whatever you have set up locally on IE8. I’ve got Google and Bing there already, so it’s imported them the way I want it.

Important URLs – Home Page and Support. This gives you the option of forcing IE to open up multiple tabs on execution – could work in some environments but not here. Passing on this one too.

Accelerators – same as Search Providers really, can import or add via XML file.

Favorites, Favorites Bar and Feeds – push out default favorites if you like. Probably not the method I’d use to do this, I’d rather have it in Group Policy Preferences.

…A bunch of other basic stuff continues from here – I didn’t configure any of it as it can all be done via GPP.

Once you’re done, it will crate the package and tell you where it is.

Deploying your settings

Now that you’ve packaged up the settings the way you like, there will be an exe and msi file in the directory specified earlier then under BrndOnly\AMD64_VISTA\EN called IE8-Setup-Branding.*

This is the file you’ll need to deploy (.msi is easy via Group Policy, run once) which you can manually run on a PC or three to test.

All done!

Conclusion

It’s a very straight forward, very customisable and easy to deploy method of pushing out your company’s IE settings. Microsoft have done well on this, so I highly recommend you give it a try.

Systems Center Service Manager (SCSM) – Initial Experiences

Posted on September 8, 2010January 1, 2014 by Adam Fowler

For the last few weeks, I’ve been working on Microsoft’s latest addition to the Systems Center suite, Systems Center Service Manager (Yes I’m spelling Center the American way, because it’s the product name :))

For those who haven’t been keeping up, here’s what products come under the suite so far: http://technet.microsoft.com/en-us/systemcenter/default.aspx

It ends up being a lot of initialisms and acronyms (learn the difference, SCOM is an acronym, SCSM is an initialism) that are all similar and confusing. So today, we are discussing SCSM.

SCSM http://www.microsoft.com/systemcenter/en/us/service-manager.aspx is Microsoft’s offering for a helpdesk which follows ITIL and MOS (acronyms ;) ). It will also integrate with SCCM for your assets and software, and SCOM for alerts and monitoring. It’s more of a framework than an out of the box working helpdesk system.

You want some docs? Here you go http://blogs.technet.com/b/servicemanager/archive/2010/04/25/where-s-the-docs.aspx

My environment is all virtual, running on Hyper-V. One server for the SQL backend (2008 minimum required) and two for SCSM, one for the Management Server and one for the Database Warehouse components.

Getting it installed and up and running isn’t too difficult, and if you’ve done something like SCCM before, it’s at that stage you stare at your lovely new console and wonder where to even start. I poured through guides, how to do this and that and started to get a few pieces working. It was very difficult getting any support on this, as Microsoft couldn’t find me anyone in Australia with any knowledge on it, nor could all the companies I could think of. I finally managed to track someone down, who gave me more of a run through of how it worked and what I needed to configure for it to be a working Helpdesk system.

Anyway, it’s very much a v1 product. It can do a lot, and is very customisable… but there’s also a lot it can’t do.

At the time of writing this post, officially the only way of getting emails into SCSM is via a maildrop and IIS, meaning you need to instal IIS6 on your shiny new 2008 R2 server. On top of this, if a technician sends out an email to someone about a job, the end user can’t reply and have the reply added to the job! The recommended way is to have a second mailbox set up, which your technicians use to monitor for replies and copy/paste the information over. I was very disappointed when I got to this step. A lot of searching around found a way to add some powershell 3rd party bits and pieces, and run a script – this was far from ideal though, I don’t want to go through headaches with each update due to using 3rd party scripts unsupported (although suggested) by Microsoft.

I was in luck though, I had sent a few tweets to Travis Wright http://blogs.technet.com/members/twright/ – the Senior Program Manager for SCSM. He’s the man when it comes to SCSM (and a nice guy!) and timing worked out that I could test an extra component (called a Management Pack in SCSM land) which would enable Exchange Mailbox integration, as well as allow jobs to append when replied to! A bit of mucking around and tweaking, finding a bug or two and we got it up and working. This was a huge step-up for SCSM as I was about to go live with it, because our previous software was about to expire and I was trying to avoid us paying several thousand dollars to renew for a while.

Anyway, that’s now up and running and we are live with SCSM. It’s been a decent shift from what we were using before – and there are a few bits and pieces that are missing but coming soon from Microsoft (such as the ability to just email someone with an update – Travis has shown me briefly what he’s got planned and looks like a perfect solution… so that might only be a few weeks away).

Conclusion:

SCSM is a v1 product. It does some things very well, but it’s also missing some features you may expect to be there in a v1 product. It’s highly flexible in that almost everything is customisable one way or another. You can add your own links and commands (launch vnc to connect to the affected computer of a job for example). It even has a nice portal you can get your users to log jobs and see how they’re going through.

If you were looking at a new helpdesk solution, it’s worth investigating – but unless your current software is a disaster, there’s no reason to jump ship. This product is already in use by several internal Microsoft departments, as well as other large companies (heavily customised I’m sure) so development will continue.

Keep an eye on this one if you’re a Microsoft house too because you should be able to save a lot of money by avoiding other costly Helpdesk solutions.

iPhone 4 Review

Posted on August 16, 2010January 1, 2014 by Adam Fowler

Good %timeofday%,

I’ll start by voicing my opinions on what I expected: a 3GS with a ‘torch’ and a slightly nicer screen, and a waste of money for anyone with an existing 3GS. Was this the case? Read on!

My new iPhone 4 (again provided by my lovely workplace) arrived. Packed in a rather small box, I removed the clear plastic and eagerly slid off the lid. Why was I getting excited again? It’s hard to avoid all the hype, and even though this is not a device I would pay for (I’d love an Android!), I still do enjoy the iPhone experience.

The phone is, of course, boxier looking than previous models, but I must say I prefer it. It looks cleaner and neater – the volume buttons, being separate, are nicer to press too. Apart from that, there’s not much difference apart from needing a micro-sim. It’s a bit of an annoyance to have to swap sims over, but I’m sure that extra several millimetres of space saved is utilised somehow. *cough*

Anyway, as I was moving on from my 3GS – I used iTunes *shudder* to back it up. After activating the iPhone 4, the restore process worked first time. This was possibly my first good experience with iTunes, as any other function I try to do with it ends up being a complicated and confusing process. Surprisingly, my iPhone 4 is then up and running, looking exactly the same as my 3GS. I throw away the 3GS in disgust, looking towards the future in a non-pixelated world.

That is really the first thing I notice after having a look. The screen is a big improvement. “Retina Display”, as it’s been called by the Apple marketing department, makes everything (especially text) much nicer to read. It’s also easier to see the icons inside the folders on the main screen, which is handy when you’ve managed to reduce your 12 pages of apps down to one.

It’s at around this stage that I wonder what else is different. Poking around, I don’t see much. I then decide to head to the App store and do a search for iPhone 4 to see if there are any new apps designed for my shiny new phone. Immediately, I find 3 in 1, which includes the one feature I was looking forward to – using the flash as a torch! Oh how I missed using my old BlackBerry Bold 9000 as a torch! Finally, I’ll never be afraid of the dark again. I’m sure there are a bunch of free torch apps that all do the same, but really it’s such a simple and useful app.

Then, of course, is the fabled “Death Grip”. I’ve done some brief tests of holding the phone the “wrong way”, but it didn’t seem to have much impact. Sometimes the bars would drop, and sometimes they wouldn’t. Regardless, I wear a bumper on my fruit, as it was provided free. On top of that, you can currently get a free case by downloading an Apple app and putting your details in. (Info here: http://www.apple.com/au/iphone/case-program/.) Then wait 6-8 weeks if you want one of the better free cases :)

Fast forward a week or so, and not much else has changed. I still haven’t used FaceTime, because I really don’t care about it. We had video calling a few years ago and nobody used it then, and at least it would work over 3G. Now I have to be connected to Wi-Fi and be calling someone else with an iPhone 4 and want to see their face.

Speed was never an issue for me on the 3GS and still isn’t on the 4. Everything is quick and responsive. At one stage, I was listening to an audiobook and the iPhone decided to reboot itself. Very strange, but only happened once with about 24 hours of playing audio so far.

I’ll mention that during the time with my new iPhone 4, I also had the chance to play with some Android devices. I really wish I had the opportunity to own one for a month and have a good play-around, but the best feature I saw was the Swype technology. Have a look at it in use here: http://www.youtube.com/watch?v=XCWwuIXxBuI – it’s just typing without having to lift your finger off and on the touchscreen, but really nice and quick to use. I’m hoping Apple keep up with the advances Android is coming out with.

Lastly the camera is a big improvement, at 5MP it takes pictures good enough that you don’t think it’s from a crappy phone. That’s all I need!

Summary: More impressed with the screen than I thought I would be, the rest are things they should have done a long time ago. Definitely not innovative, and really seems to be the minimum to keep them in the game. Plus I have a torch!

It really comes down to this: If you want something you can heavily play around with, get an Android. If you want a basic smartphone where you don’t want to do anything except get apps to play with and sync with your iTunes, then get an iPhone. I don’t see anyone regretting getting an iPhone, but at the same time, if you have a 3GS I see no compelling reason to upgrade (unless you can do it for free/cheap!).

Bonus extra opinion: I really don’t like iTunes, but to go into detail would double the length of this post. Keep in mind you’ll need iTunes to activate your phone (which, again, I really don’t know why this is a necessary one-second step).

iPad Review – is it an iFad?

Posted on June 7, 2010April 15, 2020 by Adam Fowler

This review is about the new Apple iPad. I am lucky enough to have one from my place of work for testing purposes (thats what IT professionals call it when they get new toys to play with). I have been testing the 64gb 3G version. The six different models are:

16gb, 32gb and 64gb all with and without 3G.

The 3G model requires a micro sim, which is a normal sim card but Less plastic around it. As our provider Optus was unable to get any, they unofficially advised us just to cut up a regular sim down to size. I did this, and it worked first time! I have no idea why Apple decided to go against the current standard, it’s not like normal sims are very large anyway.

So, I opened up my sparkly new iPad and powered it up. I am immediately told to connect it to iTunes… Great. Another thing that I’m not sure why Apple forces, but it only takes a few seconds and then starts up properly. I am then greeted with an eerie desktop with some pretty mountains and stars. I look at the shortcuts that come with it by default, and become unimpressed.

Rather uninspiring. I start by setting up my Exchange email account which is very easy to do, same process as an iPhone using ActiveSync. After this, I realise for some good functionality I’ll have to check out the App Store. In my opinion, this is the one thing that separated the iPhone from any other phone at the time – any easily accessible central store with free and very cheap apps. For the iPad, the first half of the same statement is true. Apps aren’t as cheap for the iPad, and the free options are currently rather limited.

An example of this is a highly popular game called Angry Birds. On the iPhone it is a cheap $1.19 but the iPad $5.99. Of course the iPad version is HD but why such a markup? Oh, you CAN run iphone apps on the iPad, and reinstall previously bought ones, but they either run at the same size as they would on an iPhone, or at 2x zoom, which looks rather hideous. Just think of running your screen back at the old 640 x 480 resolution and you’ll get the idea.

Anyway, I did find a few free apps. There are a few new innovative ones, such as browse4two which allows two people, one at each end of the iPad, to simultaneously browse separate web pages. The keyboard is shared, but a button will switch it from one end of the screen to the other.

An interesting free game was Racecar, a top down view racing game, similar to a very old Slicks. The quirk with this one, is that it is up to 4 players at once, each using a corner of the iPad to control their car. So it looks like developers are making more use of the multiple touch screen and I hope to see some other new apps.

There are also other apps which can extend your Mac desktop onto your iPad – which is a rather cool idea, but apparently slow. I haven’t tested this as I don’t have a Mac, and there’s no Windows version yet.

Since Apple changed their policies, you can now download free apps that charge you once you’re inside it. Some of the magazine apps do this and a lot of the ‘lite’ apps let you upgrade to the full version inside.

What I don’t get is the absolute basic functionality that comes with the iPad. You are paying up to $1000 for a device that does very little out of the box. Compare it to a $200 net book and I see it as a hard sell. But, people have gone crazy over this device. Why? I think some of it is the Apple hype, which Apple really do well. Yes, I was excited opening up the fresh new box – but personally it really didn’t last long.

Pros: It is a pretty device with a pretty interface. You do want to pick one up and play with it to see what it’s about. The battery life is great – it can easily survive a working day, and that’s because almost all the inside is a giant battery. You have access to a store with now over 200,000 applications which you’ll never get through. It always sits there waiting to go, you just pick it up and start using it. It is also relatively compact. It does make a great document reader, and a lot of papers and magazines are releasing apps for this purpose. You can even get a Kindle app! The iPad is very responsive to commands, and handles screen rotation incredibly well. You never feel like the device is running slow.

Cons: Price. The iPad isn’t cheap for what it does. Nor are the apps. There is no multitasking currently (this is claimed to be an addition when OS 4 comes out in August) which makes doing more than one thing tedious. If you want to find a bunch of apps in the app store you have to do it one by one, and each time you download one, you’ll be booted back to your desktop. In a business environment, you have no control over the iPad. You can lock down acme things when you first get one before deploying to a used, but that’s it. Everyone needs this paid app? Well they will all need an iTunes account with a credit card and manually download the app. Updates are also user controlled only. Then there’s the whole Adobe Flash support which is non-existant. I also tried to open a Quicktime video which I had been emailed – after downloading the 3.6mb file, it told me it couldn’t play it. Thanks for letting me know AFTER I’ve wasted my bandwidth. Some websites don’t work properly either – Safari support needs to improve. Also, there’s no USB port. You can buy an official Apple adapter to convert the normal plug to usb for only $39, of which I would guess $38 is profit.

The Rest: The onscreen keyboard is good, but still doesn’t match a real one. You can connect a keyboard via Bluetooth but to me that seems to defeat the purpose. The iPad is touted as a brilliant web browsing device. I’ll agree it’s the best touch screen experience, but it doesn’t have absolute basic functionality like text searching a webpage. You can buy a 3rd party add-on to do that for $2.49 though!

Summary: The iPad is a good start to making these devices more common, but if you have a good mobile and a good laptop, why bother? It doesn’t give you any more functionality, and is only slightly more convenient. It’s too large to carry around, you might as well have a laptop with you. It is a nice lounge room device, but to me just seems lacking. What it can do, it does very well. For the right person, this device will be good. The basic use who does a bit of browsing may like this rather than a laptop, and more so when things like Web Office are more common. It’s slightly awkward to use too being completely flat. I have typed this whole article from the iPad, and the spelling correction is great, but going back and fixing mistakes is painful. Watch out for some good Android touch devices for competition and more open access to the device.

NB: From my personal experience, I had 14 guests over who all had a look at the iPad. They all thought it was an interesting device, but nobody actually wanted to buy one.

I did something stupid – deleted myself!

Posted on May 26, 2010June 20, 2014 by Adam Fowler

This is my first blog post, so be gentle on me :) Yes it’s a long one… hopefully someone does read this to the end.

So the title of this is a bit of a giveaway. I admit it, I did something I really should have double checked before doing. Sit down in front of the glow of your computer screen, and read a tale of sorrow, pain, and frustration… all caused by a small oversight.

It was a sunny morning, or so the desktop widget told me (for I have no windows in my office.. no not Windows, I do have that). As my Windows 7 testing progressed, I decided it was time to clean up AD a little. I moved all my shiny new GPO’s into the root of the domain, and set them to apply to Windows 7 computers only. Rather safe, nobody would get any wacky new settings. So it was also time to clean up that Windows 7 OU I’d created to do some testing. I had a look, and there were 2 users listed. My boss, and a test account. I moved both accounts into a general ‘IT’ OU, and being the good Sys Admin that I am, also decided to delete the OU.

Now, this is where it all goes wrong. I get a very informative popup saying the OU is protected from accidental deletion. That was good of me to set that (or does it just do it by default? I’ll take credit for now). So I go in and remove that pesky tickbox, stopping me from taking out the trash. I then try to delete the OU a second time – this time, another informative popup. I’ll paraphrase here: “Stuff in this OU will be friggen DELETED so you better want this gone, punk”. I think for a second, and yes I removed the accounts visible, so I click the “No worries” button and it’s a job well done.

That is, until I start to realise something’s wrong. My Communicator dropped offline. My Outlook is offline. I can’t click on other OU’s in AD. That feeling when you lean too far back on your chair had hit me. What’s wrong with my account? A quick search of AD by RDPing to a DC and searching for my username confirms the worst. GONE!

Tip 1. Always know of another domain admin account in case yours gets screwed somehow. Maybe just expired, disabled, whatever.

At this stage, I can’t work out how I missed my own account. The OU was empty??

Tip 2. Always refresh your view in AD Users & Computers before you delete an OU

After thinking about this for a minute, I remember that AD accounts are just tombstoned. So why don’t I just recover it? Google FU! Good news, Microsoft’s KB about what to do in this exact situation is the first hit, so I eagerly open the linkhttp://support.microsoft.com/kb/840001 and my eagerness turns to dread.

Seriously, all that just to recover an AD account? A few minutes and a few commands, and I decide there must be a better way than this giant process. I could go to backup tape, but no lets stick with trying to get it back without that first. Thanks for the detail Microsoft :(

Google FU! Attempt two gets a much better result: http://www.petri.co.il/recovering-deleted-items-active-directory.htm – now this is much better, giving me a nice little program called ADRestore.net with simple instructions on restoration. I somehow manage to restore the OU and my AD account… somewhat.

Tip 3. You can’t restore an account from a deleted OU which has been Tombstoned, unless you restore the OU first.

So, there’s my old account back in AD. Sweet…. except hang on, all the details are missing, almost every field is blank and my pants are feeling a little damp. What’s going on?

According to the article, I ‘should’ have had all the settings back. At this stage, I just deal with it and start setting myself up again – no biggie. A few groups here, a few phone numbers there and tada! It looks like it’s old self. Oh, don’t forget to put email back on it!

At this stage, my brain had not just fizzled out by stupidity, but had turned off the lights, gone out, left the door open for a stray cat to wander in and went to watch a 3D movie. For SOME reason, I had the memory that in Exchange 2007, if you remove someone’s email account, just recreate a new one and it’ll link up the old and new.

Tip 4. Don’t just recreate a new email account if you want to link a user back up to their old email account on Exchange 2007.

I don’t realise this yet, so I launch Outlook. Strange, it is saying “Offline”. OK fine, I’ll just export everything, recreate my profile and then import it. Minutes pass of many progression bars for exporting and importing. But I get to the end, and think surely that’s the end of it?

I also ‘should’ have gone to the deleted mailboxes, and just rejoined my mailbox to my AD account. That would have saved so much time. But then I wouldn’t have spent the next few hours working pulling my hair out, which is actually a bad thing, so I’m not sure why I’m pointing this out.

All is quiet for a while, and everything works. Then, I get a call. “How come your email is bouncing, I wondered if you were fired?” Hmm maybe I should have been for the above stupidity, but no that wasn’t the case. A few test emails later and I couldn’t work out what was wrong. I got the person to delete the cached entry for me in Outlook, and great it worked. A few other people called, and I sorted them out too.

Case closed.

Tip 5: Cases normally aren’t closed when you expect them to be.

That is, until the next day. Another call from the same person as the day before “I’m still getting bouncebacks, what’s going on? Where am I? Are you my daddy?” I might be remembering the conversation differently, but it’s probably not too far off the truth. For some reason, the same people were getting bouncebacks again? What THE!? Other testing shows it’s OK. The bouncebacks they were getting was that my email address didn’t exist. But it did, and I quadruple checked that it was all set up correct.

It then takes me a few hours of research to eventually discover a few people saying ‘Make sure your account has an entry for “legacyExchangeDN” by using ADSI edit. I look, and yeah I can see my details there so it can’t be that. A few circles are followed, often taking me back to that field. I check again, and this time I scroll all the way to the end. And then I see it, that moment of grasping the situation by the dangly bits, and realising THAT THERE IS THE PROBLEM MISTER! It has my full email address, with a 1 on the end. A little 1. Nowhere could I see this 1, because it was never referenced by anything. The bouncebacks, my email address in Exchange console and so on, were all correct. But this field wasn’t. I deleted that naughty numeral, and got those confused users to try emailing me again…

Success!

Tip 6: Check fields even if you think they are correct, they could be 1 character wrong (or one character extra on the end!)

So, that’s the end of my tale. Sometimes it’s good to go through these things to remind you why you normally double check things before taking action. And I’m really glad it was my own account and nobody else’s.

I hope you enjoyed reading this, and pointed and laughed at me because I deserve it.

Share this:

Share this:

Share this:

Share this:

Share this: