Windows Vista SP2 baulks if SP1 is not present

For as long as I can remember, Windows service packs have been cumulative – i.e. if you install the most recent service pack, it includes the earlier ones. Unfortunately, Microsoft has broken that model with Windows Vista and Server 2008 service pack 2 and it won’t install on a Vista computer until you have installed service pack 1.

Windows Vista SP2 baulks if SP1 is not presentWhether this is a technicality from the single service pack being applicable to both client and server editions of Windows or because Microsoft has a new approach to service packs is yet to be seen.

At least Windows Server 2008 administrators will find life a little easier as service pack 1 was integrated into the RTM release of that operating system.

Windows Vista and Server 2008 SP2 goes RTM… but you can’t get it yet

Not to be confused with Windows Server 2008 R2, Windows Vista and Server 2008 service pack 2 (SP2) was released to manufacturing yesterday, the same day the the blocker tool for Windows Vista SP1 was removed (Windows Server 2008 shipped with SP1 included).

Full details of the service pack may be found in Microsoft knowledge base article 948465 and there’s also a notable changes page on the Windows Client TechCenter. In addition, Microsoft knowledge base article 969707 gives details of some of the applications that might have problems after installing the service pack.

[Update 30 April 2009: There’s no download link yet – the official line is that public availability is expected later this quarter. TechNet and MSDN subscribers can now download SP2 and I’d expect to see a public download link at the Windows Client TechCenter soon.]

Connecting to an iSCSI target using the Microsoft iSCSI Initiator

I’ve spent a good chunk of today trying to prepare a clustered virtual machine demonstration using the Microsoft iSCSI Initiator and Target.

I’ve done this before but only on training courses and I was more than a little bit rusty when it came to configuring iSCSI. It’s actually quite straightforward and I found Jose Barreto’s blog post on using the Microsoft iSCSI software target with Hyper-V a very useful guide (even though the Hyper-V part was irrelevant to me, the iSCSI configuration is useful).

The basic steps are:

  • Install the iSCSI Target (server) and Initiator (client) software (the Initiator is already supplied with Windows Vista and Server 2008).
  • Set up a separate network for iSCSI traffic (this step is optional – I didn’t do this in my demo environment – but it is recommended).
  • On the client(s):
    • Load the iSCSI Initiator, and answer yes to the questions about starting the iSCSI Service automatically and about allowing iSCSI traffic through the firewall.
    • Examine the iSCSI Initiator properties and make a note of the initiator name on the General page (it should be something like
    • On the Discovery page, add a target portal, using the DNS name or IP address of the iSCSI Target and the appropriate port number (default is 3260).
  • On the iSCSI server:
    • Create a new target, supplying a target name and the identifiers of all the clients that will require access. This is where the IQNs from the initiators will be required (you can also use DNS name, IP or MAC address but IQN is the normal configuration method).
    • Add one or more LUN(s) to the target (the Microsoft implementation uses the virtual hard disk format for this, so the method is to create a virtual disk within the iSCSI Target console).
    • Make a note of the IQN for the target on the Target properties and ensure that it is enabled (checkbox on the General page).
  • Back on the client(s):
    • Move to the Target properties page and refresh to see the details of the new target.
    • Click the Log on button and select the checkbox to automatically restore the connection when the computer starts.
    • Bring the disk online and initialise it in Disk Management, before creating one or more volume(s) as required.

After completing these steps, the iSCSI storage should be available for access as though it were a local disk.

It’s worth noting that the Microsoft iSCSI Target is not easy to come by (unless you have access to a Windows Storage Server). It is possible to get hold of an evaluation copy of Storage Server though and Jose explains how to install this in another blog post. Alternatively, you can use a third party iSCSI software target (it must support persistent reservations) or, even better, use a hardware solution.

Joint user group meeting (Windows Server UK User Group/Active Directory UK User Group)

After lying dormant for some time, the Windows Server UK User Group (and the associated LinkedIn group) and the Active Directory UK User Group are pleased to announce a joint user group meeting on 11 March 2009 at Microsoft’s offices in London (Victoria) (map and directions).

The draft agenda is:

  • 18:00 for 18:25 arrival and registration
  • 18:25-18:30 Welcome and introductions
  • 18:30-19:45 James O’Neill takes a quick tour through the new features in Windows Server 2008 R2 (just to whet your appetite).
  • 19:45-20:00 Refreshments
  • 20:00-21:15 Amish Lukka (from Microsoft PFE) will be presenting an insight into new Active Directory features in Windows Server 2008 R2.
  • 21:15-21:30 Wrap-up.
  • 21:30 Adjourn to a nearby public house where Mark Parris will be happy to share his experiences of the Microsoft Certified Masters: Windows Server 2008: Directory class that he attended last November.

If you are interested in attending the meeting – please send an email to with your name and we’ll see you there. For those who can’t make it in person, we will set up a Live Meeting session (which will be recorded) and details will be made available closer to the event.

One more “How Do I?” video on the Microsoft TechNet website

Last month I mentioned that I’d produced a video for Microsoft TechNet on preparing for and deploying Windows Server 2008 Read Only Domain Controllers (RODCs) and I’ve just seen that the follow-up video which looks at RODC password replication policies went live a few days ago.

I plan to record some more videos soon (the next few that I do should be on virtualisation) but if you want to keep up to date on these (and there are many other people producing videos on a variety of topics), subscribe to the TechNet How-to Videos RSS feed.

Did SpinRite actually save my data?

This morning, I shut down the notebook PC that I use for work and set off to meet a colleague. Upon returning, I tried to boot the system but nothing happened. Technically, something happened – but not what I expected – basically Windows would not boot and sometimes it reached the startup screen, sometimes it didn’t. Once or twice I’m sure I saw the once-familiar blue screen of death flash up for a fraction of a second before the PC reset itself. I tried a normal startup as well as last known good configuration, before finally I gave up and tried to recover the system using the Windows Server 2008 DVD but this couldn’t locate an installed copy of Windows to recover. What it would let me do though was get to a command prompt, where attempting to access drive C: returned:

The request could not be performed because of an I/O device error.

That didn’t sound good but I managed to run diskpart.exe and list disk told me that disk 0 was online. Moving on to try list partition told me that the two partitions I expected to see were there but it was list volume that really helped shine a light on the problem – the DVD drive and WinRE volumes showed as healthy but drive C: was reported as being a 110GB Healthy partition of type raw (i.e. not NTFS). At this point, I began to panic. Something had happened to the NTFS and that could mean lost data. I have a reasonably recent backup but the last couple of weeks at work have been mayhem and there was some stuff that I know I don’t have a second copy of.

I could call my company’s IT support number but it normally takes at least a day for a callback; I’d have to take the laptop to a “local” office (a 100 mile round trip); if a system won’t boot, the standard approach is to spend a very limited amount of time trying to fix it (probably none at all for people like me who run a non-standard operating system) before simply wiping the system and installing a new corporate build. That means going back to Windows XP and Office 2003 (which is painful when you are used to Windows Vista/Server 2008/7 and Office 2007), the loss of an activated copy of Windows Server 2008 Enterprise Edition (which is not exactly inexpensive) and also losing my data (the standard build has separate system and data partitions and my build does not… although now I’m starting to reconsider that choice).

I’m pretty sure that the root of this problem is a failing hard disk (after all, it is a “Western Dodgital“) but, without the tools to prove it, I’ve got a snowball’s chance in hell of getting a new one) and, to cut a long story short, when it comes to supporting my non-standard build, I’m on my own (at least unless I can prove that the hardware is faulty).

One of the podcasts that I listen to is “Security Now” and the hosts (Steve Gibson and Leo Laporte) spend far to much time plugging Steve’s SpinRite product. I’ve often wondered if it was any good but was not prepared to spend $89 for speculative purposes – this afternoon I decided that it was time to give it a try.

After paying up, downloading the software, extracting the ISO and creating a bootable CD, I ran SpinRite and performed what is referred to as a “level 2” scan. For the first 20 minutes, SpinRite ran through my disk finding nothing untoward but at the 50% mark it switched into “DynaStat” mode and started trying to identify lost data on one particular sector, slowly narrowing down the unrecoverable bits of the sector. Just this one sector took almost 5 hours and around 2000 samples but all of a sudden SpinRite took off again and finished up the rest of the drive in another 20 minutes. Even though the sector was marked as unrecoverable, a technical support conversation by e-mail confirms that this relates to the data, not the sector. With some trepidation, I restarted the computer, waited with baited breath and have never been so glad to see Windows start checking its disk(s). After a short while, chkdsk was complete and I was presented with a logon screen.

There’s nothing in the Windows event logs to indicate why my system failed to boot so many times this afternoon so it’s difficult to say what the problem was and whether it really was SpinRite that fixed it (although SpinRite did report the SMART data for the drive and there were a number of seek errors, backing up my theory that the hard disk is on its way out). What’s important though is that, as I write this post, Windows Server 2008 is 63% of its way through a backup and all seems to be well. I’m not quite ready to wholeheartedly endorse SpinRite – it does almost sound too good to be true – but, on the face of it, it seems to have recovered enough data on my disk to let Windows boot and for me to gain access to my system. That’s worth my $89 – although somehow I don’t see me getting that particular item through on my expenses…

Windows 7 beta is available for download

There’s been a lot of speculation over the last year or so about when Windows 7 will ship and those who are expecting a 2009 release could well get what they are asking for as the Windows 7 beta has now been released.

Starting today, Microsoft Connect beta testers and TechNet subscribers have access to the beta build (build 7000) and on Friday it will become available to a broader audience via the Windows 7 website although this is still a limited beta – Microsoft’s Windows Blog reports that the beta will be restricted to the first 2.5 million downloaders and will expire on 1 August 2009.  For most testers, Ultimate Edition is the only version of the client OS that’s available although it does come in both 32-bit and 64-bit versions. 

For those who are tracking the server release, a beta of Windows Server 2008 R2 will also be available from Friday at the Windows Server 2008 R2 website and I’ve written previously about some of the new features to expect in Windows Server 2008 R2.

This is a beta – there will be things that are not quite right – and it might break things so it’s definitely not recommended for use on a production system.  Having said that, I’ve been running Windows 7 for a couple of months now and it seems pretty solid to me – it should be, as it’s based on Windows Vista.  If you do run into problems, there is limited support available via the Technet Forums (where I’m one of the moderators for Windows 7).

For me, this is great news – many of the NDA restrictions that were imposed on me whilst I was using the M3 build have now been lifted and I can start to write about the new features – indeed I’m just putting the finishing touches on a post about my experiences of running 7 on a netbook.

As for that 2009 release, at the time of writing this post I have no information on product packaging, pricing, or ship dates (Microsoft is sticking to the line that it will ship when it reaches the required quality, rather than on a pre-planned date) but, with an API-complete milestone build released to developers in Autumn 2008 and a feature-complete beta released in January 2009, I see no reason why the final product would not be ready for Christmas.  The August expiry of the beta also provides some hints although there is likely to be at least one release candidate post-beta and pre-RTM.  It may be that we see OEMs and volume license customers get a copy in late 2009 but full retail release will follow a few weeks later (as with Vista).  Also, don’t be fooled by the fact that Windows Server 2008 R2 is being jointly developed with the Windows client operating system – I’d expect the server product to ship in early 2010.  All of that is pure speculation though… for now, it’s time for organisations to start installing the Windows 7 and Windows Server 2008 R2 betas in labs, to familiarise themselves with new features, to test applications and to provide feedback to Microsoft.

Steve Ballmer announces Windows 7 and Windows Server 2008 R2 public betas

Just about now (18:30 PST on 7 January 2008), Steve Ballmer should be delivering his pre-CES keynote, during which he will announce the public release of the betas for Windows 7 and Windows Server 2008 R2.

As 18:30 PST is 02:30 GMT, I’ll be asleep when this post goes live (ah, the wonders of modern technology) but I’ll post more in the morning (once I’ve checked exactly what information has been made public).  There is so much I’ve been waiting to say about Windows 7 but have been unable to do so because of non-disclosure agreements and hopefully now that has changed. Watch this space.

Another “How Do I?” video on the Microsoft TechNet website

I was just catching up with my RSS backlog and noticed that another one of my videos has made it onto the TechNet website. In this one, I take a look at preparing for and deploying Windows Server 2008 Read Only Domain Controllers (RODCs).

There’s more to come too as, a couple of hours ago, I submitted a follow-up video on RODC password replication policies (I’ll write another post when that goes live but for more videos on a variety of topics, subscribe to the TechNet How-to Videos RSS feed).

Managing stored credentials from the Windows command prompt using cmdkey

I’ve been meaning to blog about a command which is a reasonably recent addition to Windows for a few weeks now – cmdkey.exe (thanks to John Craddock for highlighting this at a recent XTSeminars event).

Basically Microsoft’s cmdkey, introduced with Windows Server 2003 (and which should not be confused with Jason Hood’s companion for cmd.exe), is used to create, list and delete stored security credentials.

For example, I back up the notebook PC that I use for work to my Netgear ReadyNAS using SyncToy. My ReadyNAS does not support Active Directory but it does provide SMB/CIFS access. This means that I can authenticate directly against a share but the username and password do not match the cached domain credentials on the notebook PC.

Supplying credentials each time I need to connect (or forgetting to before attempting a sync) is inconvenient, so I used cmdkey to store the username and password that I use to connect to the share:

cmdkey /add:computername /user:username /pass:password

In this case cmdkey responded as follows:

CMDKEY: Credential added successfully.


cmdkey /list


Currently stored credentials:

Target: computername
Type: Domain Password

and I can connect to a share without supplying any credentials:

net use h: \\computername\sharename

The command completed successfully.

Furthermore this drive mapping (and stored credentials) persists on reboot – when the computer is restarted, H: is visible as a disconnected drive in Windows Explorer but as soon as I double-click it I connect without a prompt to supply credentials.