LettersAnswers to Your Questions
In the article "Getting Started with Windows® PE" (September 2006), Wes Miller makes reference to mkimg.cmd. This command file doesn’t exist anywhere on my Windows Vista™ system, which has both the Windows Automated Installation Kit (WAIK) and the Business Desktop Deployment Solution Accelerator (BDD) 2007 installed. In the current distributions, I have mkimg_pe2004.cmd and mkimg_pe2005.cmd. However, they call to a bldini.cmd file that also doesn’t seem to exist. Where can I find these files?
The article was actually published prior to the release of Windows Vista and refers exclusively to the version of Windows PE available for Windows XP and Windows Server® 2003 (known as Windows PE 1.6). A subsequent article was published in our November 2006 issue discussing Windows PE 2.0, which is the version available for Windows Vista. You can find that article on our Web site.
You can build and customize Windows PE 2.0 images with the tools found in the WAIK—specifically, the "mkimg" command has been replaced by "peimg". You can find a walkthrough of building a Windows PE 2.0 image in the WAIK online documentation.
In response to the suggestion that long passwords are preferable to complex ones ("Deconstructing Common Security Myths," May/June 2006), what do you suggest is the best way to make these retrievable when needed? Long passwords may be difficult to dedicate to an individual’s memory. I’ve also heard the advice to use a different password for each system requiring access, but this can create similar problems with storage and retrieval.
— Ian R.
We asked our good friend and contributor Steve Riley, who quickly replied:
Interesting point about mental retrievability (yes, I just made up that word). I would argue that it’s easier to remember a sentence used as a pass phrase than to remember an arbitrary collection of characters in a complex password. And if you employ a mapping method, then you can remember a large number of pass phrases. For instance, say that your pass phrase for Hotmail® is "My dog and I got the mail." It’s easy to remember because there’s an association (getting the mail) with the destination (e-mail site). Employ the mapping method and you get "My dog and I went shopping." as your pass phrase for eBay, "My dog and I went to work." as your pass phrase for your domain account at the office, and even "My dog and I admired some art." as your pass phrase for your favorite, ah, picture site.
Sources for pass phrases are almost limitless. I know someone who uses only quotes from Monty Python movies. Another uses only five-word phrases where each word begins with consecutive letters on the keyboard ("Queen willie eats rancid turnips."—QWERT). With a little creativity, pass phrases can help eliminate most of the problems associated with passwords while strengthening the secret used to prove one’s identity.
"Deconstructing Common Security Myths" is a great article. It turned my assumptions right on their pointy little heads. But if software allowed the generation and use of unique character sets (not the ones you have in Webdings®, I mean ones never seen before) in an independent program, wouldn’t that shift the weighting towards complexity since nobody could ever have a complete set of all possible unique characters, and only the user knows which ones were generated and used? I’d rather recreate a short line of such characters than type in "War and Peace" if I lose my USB key.
Interesting idea, but we’re not sure exactly how you’d be able to remember a unique, never-before-seen character. Unless you’re The Artist Formerly Known As Prince.
In the article "Techniques for Simplifying Desktop Image Creation" (May/June 2006), Shelly Bird says that when you’re building a Sysprep folder, "The process starts with building the master image on a legacy system with basic hardware..." What exactly does she mean by this? I am currently looking at the BDD and still cannot find anything in there that would suggest deploying with a single image. How do I obtain this information?
— Jon S.
In the article you refer to, the author is talking about creating a standardized reference configuration that can be captured as an image and redeployed to other computers. In other words, you take the most simple hardware you have in your environment (as a lowest common denominator), install Windows and configure it with your basic specifications (any modifications you want to make that you want deployed throughout your organization), install any applications that you want included as well, and then prepare it for deployment using the Sysprep tool (which removes any hardware specific information, allowing the image to be redeployed to new hardware).
The best guidance for this process exists in the Computer Images System Feature Team Guide which is part of the BDD. The Computer Imaging System component of the BDD includes a downloadable tool to help you customize and prepare your image. See microsoft.com/technet/desktopdeployment/bdd/standard/ComImgFea.mspx for more information.
I use SQL Server™ 2005 at work. How can I change my authentication from Windows Authentication to SQL Server Authentication (with sa login)?
— Sara J.
This topic from the SQL Server Books Online should help you address your problem: msdn2.microsoft.com/ms188670.aspx. However, we strongly advise that you stick with Windows Authentication because of the security implications of using sa (especially without a password). We no longer use sa/nopass in our code samples for just this reason.
I very much enjoy reading TechNet Magazine each month. I enjoy it so much that I take a few copies with me in my backpack or in the car at all times wherever I happen to go: at work, at home, pretty much everywhere. I wish I could carry the entire magazine either on my Tablet PC or Pocket PC Phone. I would love to see an audio version of the content for my MP3 player. Overall, the magazine is AWESOME. I love it, I love it, I love it. I tell all my colleagues about it and I advertise it like a bible.
— Erasmo M.
You want audio content? You got it! We offer a TechNet Magazine podcast each month. Just go to the TechNet Magazine site (www.technetmagazine .com) and click the Podcast link on the left. We’d love you to hear from us!
The Active Directory® Component Jigsaw poster in your March/April 2006 issue was by far the best graphical representation I have ever seen of how Active Directory works in Windows Server 2003. I managed the project to get our world-wide org onto Windows 2000 and into Active Directory, and this type of poster would have made all our jobs a lot easier. Even now, our Enterprise Administrators don’t always agree on the components that are clearly outlined on this poster and access to this type of information would go a long way to enable them to work more cohesively and consistently. Is this poster available as a download?
— Mike C.
We can’t tell you how many requests we’ve received for this poster. It seems that lots of people out there have the same questions you do. We’ve made the poster available as a download at go.microsoft.com/fwlink/?LinkID= 80428, but don’t try to print it out on letter-sized paper. It’s much too big.
Setting Up Outlook E-Mail Signatures
I’m working as a System Administrator for my company and I am in the midst of writing a script to standardize the Outlook® Signature for all the users in my domain. I’ve been using the sample code in your column "Setting Up Outlook E-Mail Signatures" (October 2006). But I do have a small problem: when I try to customize and set the font colors of the signature using the following code, the font color remains black:
objSelection.Font.Color = wdRed
I can change the font and the font size, but not the font colors.
— Edison P.
We asked the Scripting Guys what’s up with that (we have a special red phone that connects directly to them), and they said:
We believe changing font colors requires you to use the wdColor enumerations. Try this:
- Define this constant in the script:
wdColorRed = 255
- Assign the color using this code:
objSelection.Font.Color = wdColorRed
That should do the trick.
Getting Windows PE
Our company has a Microsoft® Select licensing agreement; could you help me find out who I need to contact to obtain the fifth generation of Windows PE for use in our organization? In particular, we are seeking to utilize the ability to boot from USB flash drives.
— Thom S.
Windows PE is available as a benefit of Software Assurance. You can determine if your licensing program includes this benefit by viewing the Benefits Comparison Chart. If so, Windows PE will be available for download with your organization’s Microsoft Volume License Services account (you can log in at https://licensing.microsoft.com). If you need assistance in accessing this Web site, we suggest contacting your organization’s licensing coordinator or your Microsoft licensing representative.
© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.