Adventures with Intel Virtualization Technology (VT)

A couple of weeks ago, David Saxon and I ran a Windows 7 Skills Update workshop for some of our colleagues, based on a course obtained from the Microsoft Partner Training and Readiness Resource Center.  My plan was to use David’s excellent training skills to deliver the course (which I recorded), before he left the organisation to take up a new challenge.  Ironically, working for an IT company means that it’s not always easy to get hold of kit for labs and David called in a number of favours in order to get hold of 8 brand new PCs and monitors for us to run the labs.  Each machine was supplied with a quad core CPU and 8GB of RAM but, when we tried to enable the Hyper-V role in Windows Server 2008 R2, it failed because these computers didn’t support Intel’s Virtualization Technology (VT).

“No VT?”, I said “But these are Intel Core2Quad processors… ah…” – I remembered seeing something about how some Core2Quads don’t provide Intel VT support, even though the Core2Duos do.  These were the Q8300 2.5GHz chips and, according to an Intel document, the specification was changed in June to correct this and enable the VT.

I should have known better – after all, I’m an MVP in Virtual Machine technology – but I put my hands up, I didn’t check the specifications of the machines that David had ordered (and anyway, I would have expected modern CPUs to include VT).  Mea Culpa.

As the PCs had been manufactured in August, I thought there was a chance that they used the new CPUs but did not have BIOS support for VT.  If that was the case, it may have been possible to enable it (more on that in a moment) but running both CPU-Z and Securable confirmed that these processors definitely didn’t support VT.

In this case, it really was a case of the CPU not providing the necessary features but there are also documented cases of PCs with VT not allowing it to be enabled in the BIOS.  Typically the OEM (most notably Sony) claims that they are consumer models and that VT is an enterprise feature but with Windows 7’s XP Mode relying on Virtual PC 7, which has a dependency on Intel VT or AMD-v, that argument no longer holds water (XP Mode is definitely a consumer feature – as it’s certainly not suitable for enterprise deployment, regardless of Microsoft’s Windows 7 marketing message around application compatibility).

However, with a little bit of perseverance, it may be possible to force VT support on PCs where the functionality is there but not exposed in the BIOS.  Another friend and colleague, Garry Martin, alerted me to a forum post he found where a utility was posted to enable VT on certain Fujitsu machines that have been restricted in this way.  I should say that if you try this, then you do so at your own risk and I will not accept any responsibility for the consequences.  Indeed, I decided not to try it on my problem machines because they were a different model and also, I didn’t fancy explaining to our Equipment Management team how the brand new PCs that we’d borrowed for a couple of days had been “bricked”.  In fact, I’d think it highly unlikely that this tool works on anything other than the model described in the forum post (and almost certainly not with a different OEM’s equipment or with a different BIOS).

Incidentally, Ed Bott has reasearched which Intel desktop and mobile CPUs support VT and which do not.  As far as I know, all recent server CPUs (i.e. Xeon processors) support VT.

A quick guide to Microsoft .NET Framework versions

Microsoft .NET logoI’ve never really understood why certain applications require installation of the Microsoft .NET Framework, even though there’s already a version included within the operating system. Surely each version of the framework includes previous versions? Well, it seems not – as David Allen from the Microsoft UK ISV Developer Evangelism Team explained to me recently:

  • The original version of the Microsoft .NET Framework (v1.0.3705.0) was released in 2002. Version 1.1.4322.573 updated both the framework and the common language runtime (CLR) and was included within Windows Server 2003.
  • With version 2.0.50727.42, Microsoft again updated both the framework (classes) and the CLR but this version was incompatible with v1.x and the two could be run side by side on the same system.
  • It’s logical to think that v3.x (a major release) would also include a new CLR but 3.0.4506.30 (which shipped with Windows Vista and Windows Server 2008) and 3.5.21022.8 (shipping with Windows 7 and Windows Server 2008 R2) add new framework classes but use the existing v2.0 CLR.
  • The next version will be 4.0 and is currently in beta. This will include a new CLR and will run side by side with v1.x and v2.x/3.x installations on the same system.

It’s no wonder I was confused – it’s a complete mess! A .NET Framework application that requires v2.0 will happily run on a system with v3.5 but a v1.x application needs v1.1 to be installed, and a v4.x application will require v4.0. It’s entirely feasible that, in the near future, a Windows 7 machine may need v1.1, v3.5 SP1 and v4.0 to all be installed to support different applications.

To find out which versions are installed on a given system, take a look in the %systemroot%\Microsoft.NET\Framework folder. Futher information on the various releases of the Microsoft .NET Framework (including service packs) is available on MSDN.

pzizz on the iPhone

I’ve had a pretty mad few weeks, as indicated by a relatively low number of blog posts of late – and a major part of this has been as a result of some changes at work, where I’ve picked up a new position as Client Devices Lead Architect whilst retaining my previous role as Microsoft Technology Lead. The exact details are probably best kept within our organisation (to avoid any blog/work conflicts of interest) but it does mean I’m going have to work hard on my time management… and in the short term, it sometimes means working some very long hours!

Some time ago, I mentioned an application, called pzizz, that I sometimes use to provide short focused, periods of relaxation. I was sceptical at first but I’ve really found pzizz useful on long drives across France (on family holidays) or, more recently, before setting out from the Thames Valley on the rush-hour drive back to my home a couple of hours away.

Using pzizz got a whole load easier recently because a version has been created for the iPhone and iPod Touch. pzizz relax is a cut-down version of the full desktop application but priced at a very reasonable £1.79. Like its grown up sibling, pzizz relax can be used to generate custom naps, including altering the soundtrack length and the voice/music split. Furthermore, each time pzizz is run, the soundtrack changes and there is an update planned with a few more tweaks.

pzizz is very difficult to describe without sounding a little “odd” so all I can say is to try it out (there are some MP3 samples on the website) and you may just find it helps you to get through the day with a little more energy.

Windows 8 predictions

Just in case you were wondering if the Windows client has a future after Windows 7 (it does), several Internet news sites are reporting that a Microsoft employee accidentally leaked details of his work on future Windows versions on his LinkedIn profile.  According to Gizmodo, Microsoft Research employee Robert Morgan carelessly left the following details in full public view:

“Working in high security department for research and development involving strategic planning for medium and longterm projects. Research & Development projects including 128bit architecture compatibility with the Windows 8 kernel and Windows 9 project plan. Forming relationships with major partners: Intel, AMD, HP, and IBM.

Robert Morgan is working to get IA-128 working backwards with full binary compatibility on the existing IA-64 instructions in the hardware simulation to work for Windows 8 and definitely Windows 9.”

It’s no secret that there will be a Windows 8 – Microsoft has already publicly committed to a new release in 3 years’ time; however anyone working in a “high security” role would be unwise to leave details of their work on a social networking site!

For what it’s worth (I know nothing at this time… but when I do, I’m sure it will be under NDA so I should write it down now!), I would expect 64-bit computing to be mainstream on the client in the Windows 8 timeframe (and if you’re not considering it for Windows 7, then you should), and would only expect 128-bit to be relevant for high-end server versions (note that the quote above refers to IA-64 and IA-128 – so that’s Itanium rather than some new “x128” desktop hardware).  I’d also expect tighter integration with the cloud, and further developments in the area of boot from VHD, to further decouple the operating system from the hardware.

Of course, all of this is pure speculation on my part.

A handy tip for presenting technology demonstrations

After spending much of my day straining to read PowerShell command prompts, GUI interfaces at high resolution on screens that were not large enough for the audience to see and, in one case, a slide deck that looked like it used 14 point text (!), I thought it was worth blogging about a Windows tool that can really help out in technical demonstrations (and which should really be part of every presenter’s toolkit).

Windows Magnifier can be invoked using a variety of methods but the quickest way is probably using the Windows and + or - keys together. As its name suggests, it magnifies a portion of the screen around the current mouse cursor. To switch it off again, press Windows+0 and exit the Magnifier application.

For those who require a little more functionality (e.g. annotation features), there is a SysInternals tool called Zoomit that is available from the Microsoft TechNet website.

Microsoft’s New Efficency comes to Wembley

As I opened the curtains in my hotel room this morning, I was greeted with a very wet and grey view of North London. Wembley Stadium looks far less impressive on a day like today than it did in the night-time shot that graced the front page of Bing here in the UK yesterday but still it’s hard not to be in awe of this place.

I’ve been to a couple of events at the new Wembley Stadium before: last year’s Google Developer Day (sadly there was no UK event this year); and the recent U2 concert – but this time I’m here courtesy of Microsoft for their UK Technical Launch event and the main products on show are Windows 7, Windows Server 2008 R2 and Exchange Server 2010 in what Microsoft is calling “The New Efficiency”.

I was twittering throughout the event @markwilsonit but this post highlights some of the key messages from the main sessions today, although I’ve skipped over the details of the standard technical product demonstrations as I hope to cover these in future posts:

  • There are more than 7100 applications tested and working on Windows 7 today and there should be more than 8000 certified by the time that the product hits general availability.
  • Windows 7 was beta tested by more than 8 million people, with 700,000 in the UK.
  • The Windows Optimised Desktop is represented by a layered model of products including:
    • Management infrastructure: System Center and Forefront for deployment, application management, PC monitoring and security management.
    • Server infrastructure: Windows Server 2008 R2 for Active Directory, Group Policy, network services and server-based client infrastructure.
    • Client infrastructure: Windows 7 and the Microsoft Desktop Optimisation Pack for the Asset Inventory Service, AppLocker and BitLocker.
  • Windows is easier than ever to deploy, using freely available tools such as the Microsoft Deployment Toolkit (MDT) 2010 to engineer, service and deploy images – whether they are thin, thick or a hybrid.
  • System Center Configuration Manager (SCCM) 2007 provides a deployment engine for zero-touch installations, hooking into standard tools such as MDT, the User State Migration Tool (USMT), WinPE, etc.
  • PowerShell is becoming central to Windows IT administration.
  • Windows Server 2008 R2’s new brokering capability presents new opportunities for server based computing.

For me, the highlight of the event was Ward Ralston’s appearance for the closing keynote. Ward used to implement Microsoft infrastructure but these days he is a Product Manager for Windows Server 2008 R2 (I’ve spoken to him previously, although today was my first chance to meet him face to face). Whilst some delegates were critical of the customer interviews, his New Efficiency presentation nicely summarised the day as he explained that:

  • Many organisations are struggling with decreasing IT budgets.
  • Meanwhile IT departments are trying to meet the demands of: IT consumerisation (as a generation that has grown up with computers enters the workforce); security and compliance (the last few years have brought a huge surge in compliance regulations – and the global “economic reset” is sure to bring more); and an ever-more mobile and distributed workforce (where we need to ensure confidentiality and non-repudiation wherever the users are).
  • IT departments have to cut costs – but that’s only part of the solution as productivity and innovation are just as important to increase efficiency.
  • In short (productivity + innovation)/cost = doing more with less
  • Managing more with less is about: reducing IT complexity; improving control and reducing helpdesk costs; increasing automation; and consolidating server resources.
    Doing more is about: enabling new services, efficiently connecting people to information, optimising business processes, and allowing employees to securely work from anywhere
  • Microsoft’s New Efficiency is where cost savings, productivity and innovation come together.

It would be easy to criticise today’s event, for instance to pick out certain presenters who that could have benefited from the use of Windows Magnifier, but I know just how much work went into making today’s event run as smoothly as it did and, on balance, I felt it was a good day. For those who have never been to a Microsoft launch, they may have expected something more but I’ve been to more of these events than I care to remember and so this was exactly what I expected: lots of marketing rhetoric delivered via PowerPoint; some demos, most of which worked; and, I think, something for everyone to take away and consider as their organisation looks at meeting the challenges that we all face in our day jobs – even if that was just the free copy of Windows 7 Ultimate Edition… (full disclosure: I accepted this offer and it in no way influences the contents of this blog post).

I’ll be back at Wembley again tomorrow, this time for the Microsoft Partner Network 2009 – and expect to see more Windows 7 and Server 2008 R2 related posts on this site over the coming weeks and months.

Windows 7 application compatibility: Part 1 (introduction)

At the Windows Server 2008 launch event last year, I spent some time in David Allen’s (not the GTD guy – and not the Irish Comedian either) Windows Vista application compatibility session and I meant to blog some of the stuff I learned about making legacy applications work with on modern versions of Windows. Time passed by and that became just one of the many blog posts that never made it to completion but today I spent a whole day on one of David’s workshops and I intend to write a series of posts looking at some of the “appcompat” issues around Windows 7.

Whilst the UK launch of Windows 7 is tomorrow, and general availability is later this month, many of Microsoft’s partners and corporate customers already have access to release versions of Windows 7 (after a wide public beta programme) and, if you’re looking a Windows 7 deployment, then the process of application remediation should already have begun. For those who are already on Vista, life should be a little easier as you already went through the pain – 90% of applications that run on Vista should run on 7 and the only real problem applications I’ve seen have been those that interact with the operating system at a low level, such as the Zone Alarm firewall product and the Cisco VPN client. In both these cases my remediation method was to select another product.

You may ask why Microsoft has created this complex scenario where applications no longer work on new operating system releases but Windows today has to cope with new threats that were simply not present when Windows NT was first brought to market. Then there’s new functionality to meet the demands of our changing world (increased mobility, new methods of communication, etc.). Whilst competing operating systems (e.g. Apple’s Mac OS X) can drop support for technology perhaps only one or two versions after announcing that it would be deprecated, many of Microsoft’s customers are still wrestling with 16-bit applications from the days of MS-DOS and Windows 3.x or with applications that were written for Windows 95, where security was almost non-existent and Microsoft had yet to acknowledge the potential of the world wide web.

So, if you’re looking at rolling out Windows 7 (and you should be, if you’re on Windows XP or earlier), what are the main steps:

  • Perform an inventory of your applications and separate them into core (bought-in), core (in-house developed) and non-core applications.
  • For the core (bought-in) applications, check if they are certified for Windows 7. If they are, then you have no worries, if they’re not then is there a version available for Windows 7 that the ISV will support? If the ISV doesn’t support Windows 7, then do they plan to provide support soon (many will within 90 days of Windows 7 general availability, although with the widespread availability of pre-release versions of Windows 7, I’d have to question why they are taking so long…). If you can’t achieve a satisfactory response to this question, start to think about migrating to another application that does run on Windows 7. The basic premise here is not to end up with any core applications that are out of support. Even if the applications can be made to run on Windows 7, support should be a concern.
  • For line of business applications developed in house, test them on Windows 7. Automated tools such as those from ChangeBASE may help here, identifying known problem areas and possibly even performing automated remediation. This should leave a list of applications that work, and some that do not. For the in-house applications that don’t work on Windows 7 and where the source code is available, fix the application (more on that later) and issue a new release. If the source is unavailable, or the product is no longer being actively developed, consider a shim.
    If the application can’t run locally, consider whether this application is critical to business operation or not. If it’s not, then you have two options: replace it; or, if there is no suitable replacement, remove it from the estate (remember, this application is not business critical). If the application is essential to the business then ask yourself why a critical application is based on legacy technology and cannot be updated. That sounds like a risk to me.
  • At this stage, you may have a few “problem” applications and there are a few options: you could consider managed diversity – i.e. deliberately leaving a few Windows XP PCs in place for these applications until the application can be replaced (and it should be); you could look at options such as terminal services, or maybe MED-V (if you have software assurance) but these solutions may not help you in the long term if they still rely on Windows XP or Server 2003, both of which are in their twilight years.
  • Finally there is Windows 7’s XP Mode. Let me be clear about this: from an appcompat perspective, XP Mode is a last resort. It’s great for consumers but for businesses it has some significant drawbacks: it still involves a legacy operating system; it involves managing multiple operating system environments and lacks any management toolsets; it may impose additional application licensing costs on the desktop; it requires specific hardware capabilities (that will not be present in legacy PC hardware); it’s only available with certain product editions; and it may be withdrawn at a future date. You may think that this point that I have a problem with XP Mode but the truth is, it’s fine for use on my own, self-supported, IT but I’d never recommend it to a customer – at least not one with more than a handful of PCs. Quoting Microsoft’s Dave Allen: “I think XP Mode is basically there to keep the boys in Computer Weekly happy” (and he’s right – it’s purely sticking plaster to ensure that applications work and to ensure that Windows 7 receives positive press, unlike Vista, which suffered unfairly, even after Microsoft had fixed it).

By now, you should have managed to identify options for just about every application, so what are the sort of issues that are really likely to present themselves? Well, this is the list of topics that David covered in the workshop today:

  • User Account Control (UAC).
  • New folder locations.
  • Windows Resource Protection (WRP).
  • Mandatory Integrity Control (MIC).
  • User Interface Privilege Isolation (UIPI).
  • Internet Explorer Protected Mode.
  • Operating System and Internet Explorer versioning.
  • Session 0 isolation.
  • Shims and the Microsoft Application Compatibility Toolkit.

Over the next few weeks, I’ll try and cover most of these topics in a way that IT admins like myself can understand with the intention of helping everyone understand common Windows application compatibility issues and what to do about them, rather than just thinking of appcompat as “a developer issue”.

Credit

The contents of this blog post were heavily influenced by David Allen’s Windows 7 Application Compatibility workshop. Read more about David’s work on the Microsoft ISV developer evangelism team’s blog.

iPhone Wi-Fi connectivity via BT Openzone

Last year I wrote about O2 giving UK-based iPhone users free access to BT Openzone Wi-Fi hotspots but the last few times I’ve tried to connect all I’ve managed to hook up to is a login page.

I’ll be spending most of the next couple of days at Microsoft’s customer and partner launches for Windows 7 and, even though I have the option of Vodafone 3G access from my netbook, I thought I’d investigate further and at least give myself another connectivity option via the iPhone (at another recent event I found that O2’s 3G coverage is virtually non-existent inside the hospitality suite at Wembley Stadium so Wi-Fi would be a major step forward and I know it works in the Hilton a couple of hundred yards away…).

This is what you need to do in order to get an iPhone hooked up to BT Openzone if you’re presented with the BT Openzone login screen:

  1. Select a service provider of O2 from the Openzone login prompt (no need to enter a username).
  2. When prompted, enter your phone number and wait for registration to complete.
  3. If, like me, you’ve had multiple iPhones on your account (i.e. you have upgraded or had warranty replacements), then you may need to send an SMS message to 2121 containing the word WiFi and wait up to an hour (although, in practice, I didn’t find that it took that long).

After this, you should be able to connect to the ‘net from your iPhone over Wi-Fi. Right, let’s hope Steve Ballmer doesn’t spot me using the iPhone

Windows+P is the presenters’ friend

I’ve spent most of today working with my friend and (soon to be ex-) colleague, David Saxon, as he delivered a Windows 7 Skills Update course to a selection of IT Professionals from within the company that we work for, with a small amount of support from me. Watching Dave present reminded me of something I meant to blog about last week when I was delivering a Windows 7 presentation to around 40 senior architects from our company at Microsoft’s UK Campus in Reading – the Windows 7 shortcut for Presenter Mode, Windows+P.

Back in the days of XP (and even Vista), setting a notebook PC up with a projector required lots of jiggerypokery with function keys and display driver settings. In the world of Windows 7, I just plug in the cable to connect to the presenter, press and hold down the Windows key whilst pressing P, and I’m given four simple options to chose from: computer only; duplicate; extend; and projector only.

Windows+P

Simple! My preference is always extend, as it allows me to use Presenter View in PowerPoint to view my notes and the upcoming slides on one screen, with the slide show on the projector (and that seemed to work as I’m pretty pleased with the feedback I got for my presentation, only being beaten by the Microsoft presenters who spend far more time in front of an audience than I do).

Of course, Windows+P is just one of many useful combinations and Clinton Garbutt mentions Windows+X (for the Windows Mobility Center) in his post on the subject (Clinton also highlights that you can get to the same interface by running displayswitch.exe). If that’s whetted your appetite then there are a few more Windows shortcuts referenced in the recent 77 Windows 7 tips TechNet article too.