For this edition there are the usual additions below but also a document outlining some of the features in Vista Firewall and managing Group Policy on a domain where you need to control Vista workstations. Please have a look through the document (yes I know it’s long) and please give me any comments you have. So far I haven’t jazzed it up with screenshots etc as I’ve been doing this in the evenings and need to know if it’s worth updating it further.

If there is demand I’ll happily run either lunchtime or after work sessions going over the details on a test environment.

Please send me any issues I can add to this list!

RED = Must read (I’ll publicly name and shame the next engineer to not try DOMAIN\USERNAME)

BUG = Vista fault

BLUE = New hints

(Some items are from MS's blog)

- NEW: Burning software for Vista ISO Recorder: http://isorecorder.alexfeinman.com/isorecorder.htm

- NEW: When installed on an unformatted HDD (or you repartition with the Vista installer) Vista uses a new partitioning format from previous windows versions. This means that many previous partitioning apps will no-longer work and may destroy any data if used. To get around this pre-partition your drive with XP/Linux/etc and then install Vista into these partitions. This will be of most importance with multiple boot systems.

- NEW: Wikipedia software compatibility list:

- NEW: To add an ’Open with right click’ for Notepad save the following text to file.reg and double click: (From AB)

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\Open with Notepad]

[HKEY_CLASSES_ROOT\*\shell\Open with Notepad\command]<br />@="notepad.exe %1"

- Vista Activation Error 0x8007232B. If you get this error while activating IGNORE MS’s advice about activation servers etc, just re-enter the product key you installed Vista with in the first place.

- To edit the HOSTS file, find the notepad/wordpad shortcut icon under accessories. Right-click and choose ’Run as administrator’. Now find and open the file.

- To access linux shares you’ll need to change the LAN manager authentication level. Open ’Local Security Policy’. Go to ’Local Policies>Security Options>Network Security: LAN Manager authentication level ’. Change to ’Send LM & NTLM – use NTLMv2 session security if negotiated’.

- NEW: If you have Vista Home Premium that does not have secpol.msc which is only found in Business an Ultimate. Try this: (change to) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LMCompatibilityLevel from a 3 to a 1. (From Andre)

- To run many ’normal’ DOS commands (route / ipconfig / etc) you are not allowed in a standard session (doesn’t matter if you’re admin!). To do this either run cmd.exe as administrator or type ’runas /user:administrator "route add mask metric 1"’.

- BUG: VPN’s.

ISSUE: When too many VPN connections are created in Vista the folder takes up to an hour to open (for 70 VPN connections). This happens with PBK connection imported from XP also.

RESOLUTION: Officially none, but Mano and James have found the following work-around:

"The problem is when we copy our Rasphone.pbk file which was created using XP to the C:\ProgramData\Microsoft\Network\Connections\Pbk, directory all our old VPN connections are made available via the Connect TO button from the start menu. The problem we are experiencing is the time it’s taking which is over 50 minutes to launch the Connect To interface for us to create a additional VPN connections.

The only fix we have come across is for us not to copy this file to ProgramData instead to copy the *.PBK file to our desktop and launch it directly which take 1 minute to load and from here we can click on NEW to create a new VPN connection. By using this work around when we have a VPN connected the only way to discount our connection is for us to Launch the PBK file again and find the client we are connected to and click on Hang Up.

James has raised a call with Microsoft regarding this issue as he did not copy his old *.PBK file to the ProgramData location instead he has created up to 40 VPN connections from fresh and after the 20th VPN creation the Load time for Connect TO has degraded to 35mins to launch."

- The following apps do not work:

o GAIM (Works from version 2.0.0 beta6)

o AnyPassword (PRO version works but this costs)

- To telnet from Vista you’ll have to install the client in control panel

- The following apps have some issues:

o NEW: VLC (media player). You may need to manually choose the playback settings: Settings>Preferences>Video>Output Modules. If found that ’DirectX video output’ worked best although DVD’s may need a different choice.

o NEW: Citrix. See http://www.citrix.com/English/SS/downloads/details.asp?dID=2755&downloadID=24001&pID=186

o WinRAR (right-click menus)

o Winamp (right-click menus) [FIXED – need to right–click an MP3 file and choose winamp as the default player (even though it already is!)]

- BitLocker – Installation: http://www.windowsecurity.com/articles/Best-practice-guide-how-configure-BitLocker-Part1.html

- ’Open Command Window Here’. To get this right click a folder while holding down the SHIFT key (as for ’Run as’).

- To get back the ’Run...’ command on the Start Menu, right-click the start menu and choose properties. Press the ’Customize’ button next to ’Start menu’ and tick the ’Run command’ box. This also allows you to re-add the admin tools etc as well.

- To change the function of the ’power’ button on the task bar go to ’Control Panel>Power Options’. Click on ’Change when my computer sleeps’ on the left. Click on ’Change advanced power settings’ and expand ’Power buttons and lid’.

- If you need the command prompt during Vista install (eg to run diskpart) press Shift+F10. This should work even after the first restart but not tried it yet.

- Pre DOS application still in windows Vista! ’Edlin’ is around a quarter of a century old and is one of the first text editors. To try type "Edlin filename>".

- Resize windows icons. To resize icons within explorer or even on the desktop simply press CTRL+Mouse Scroll Wheel! The item to change must have focus (eg desktop).

- In the search bar within the Start Menu type ’System Configuration’. This will give you a screen to change start up options, services etc.

- To launch an application as administrator with minimal effort press the Windows key, type the app in the search bar (eg CMD) and press CTRL+SHIFT+ENTER. This will run CMD as administrator! If you type ’color 4f’ in the CMD window you can then differentiate it from the regular permission screens.

- Delete undeletable files/folders. http://blogs.msdn.com/tims/archive/2006/11/10/windows-vista-secret-11-deleting-the-undeletable.aspx

- To turn off Windows Defender – open Windows Defender in control panel, choose ’Tools>Options’. Scroll down to ’Administrator options’ and un-tick ’Use Windows Defender’.

- Some programs have already been designed to work in conjunction with Vista’s UAC – and will not install if you have selected to turn UAC off. For Example Adobe Acrobat Reader version 8. You will receive an error similar to "The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the temp folder". Not even running the exe as a administrator will allow you to install. Don’t know of a reg hack yet – so just turn the UAC back on, meaning a reboot. All should run fine again.(Jodie)

- If an application refuses to install because it needs ’Admin rights’, even though you’re an admin, right click the exe and choose ’Run as Administrator’

- Vista appears to not like graphics cards from different manufacturers. Make sure any additional cards are from the same manufacturer if Vista gives you graphics issues. (So far nvidia seems better supported than ATI but this is only from a couple of cards)

- The local administrator account is disabled by default – don’t depend upon it being available later!

- Aero doesn’t appear to work over multiple screens by default. You have to right click the desktop and go to ’Appearance Settings’ to re-enable Aero.

- To get the old style toolbar press "ALT"

- If you get Aero working, press "windows key + TAB" for the card flipper effect

- My laptop running in power save mode doesn’t have Aero either.

- Your profile is now under "users", not "documents and settings"

- To disable User Account Control (UAC) go to "Control Panel>User Accounts"

- REMEMBER: many logons are in the style DOMAIN\USERNAME (So far 3 reasonably senior engineers have failed on this one!)

- When logging into Vista check that you have the correct domain/local PC name selected! (Bread & Butter... no names mentioned)

- The biggest difference between the firewall settings Home, Office and Public is that Public locks down your PC’s visibility on the network and Network discovery is turned off

