Windows 7 Enterprise
Activate Windows
Activate:
cscript C:\Windows\System32\Slmgr.vbs /ato
Show infos:
cscript C:\Windows\System32\Slmgr.vbs /dlv
Adding Language Packs
see http://technet.microsoft.com/en-us/library/cc766472%28v=ws.10%29.aspx
Copy a Language Pack to the Windows Distribution
from http://technet.microsoft.com/en-us/library/cc765987%28v=ws.10%29.aspx
Important: start cmd as Administrator. From the Startmenu, select cmd by right mouse button and select: "Run as Administrator"
Network shares are not available in this environment, so better copy all required files to c:\ before hand.
From Linux:
# /mnt: mount ISO with Language Packs (SP1) # $WORK/installfiles: contents of a Win7 SP1 installation DVD WORK=/tmp/win7 cd $WORK mkdir langpacks-extracted cd langpacks-extracted cabextract /mnt/langpacks/de-de/lp.cab mkdir -p installfiles/langpacks rsync -av /mnt/langpacks/de-de installfiles/langpacks/ rsync -av langpacks/de-de/sp1/sources/license/. installfiles/sources/license/. rsync -av langpacks/de-de/sp1/setup/sources/. installfiles/sources/.
Steps 5-8 must be performed on a Windows System with WAIK tools.
why-doesnt-local-administrator-group-have-full-administrator-rights
Test:
net localgroup users /delete localadmin
System error 5 has occurred. Access is denied.
This is not a bug, it is a feature of Windows 7, named UAC (User Account Control).
By default, an application that is started by a user who is a member of the Administrator group, is executed with normal (Users) priviliges. The user has the oppurtinuty to start that application by right-click and "Run as Administrator" without further password queries.
See http://technet.microsoft.com/en-us/library/cc709691%28WS.10%29.aspx
.Net Framework 3.5
is part of the Windows 7 base installation.
Proxy
netsh.exe winhttp set proxy proxy:3128 "<local>;*.dass-it.de"
winlogon
when a system has joind a domain, local users are no longer displayed, nor are the domains displayed as select-box.
So, if the users tries to logon as a local user, he has to select "other user" and type NETBIOSNAME\USERNAME.
However, he can also type
.\USERNAME
("." is taken as local system)
The settings from
hkey_local_machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\winlogon
are only partly evaluated.
Last user is now stored at:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI] "LastLoggedOnProvider"="" "LastLoggedOnSAMUser"="" "LastLoggedOnUser"=""
Bitlocker
Harddisk encryption, included in in Windows 7.
It uses TPM.
No Passwort is required to boot the system (eg. passwords are read from TPM).
However, in case changes are made to the BIOS or boot files, the system requires a recovery key.
see http://www.msxfaq.de/verschiedenes/bitlocker.htm
Command-line tools
manage-bde -status # get password information manage-bde -protectors -get c: # write recovery password to drive d: manage-bde -protectors -add c: -RecoveryPassword d: # activate # # The batch file should enable the TMP chip (and set the password): manage-bde –tpm –TurnOn # %ERRORLEVEL% # 0 success: reboot is required # -1: already on # -2147217406: TPM not detected # reboot # Requires manual BIOS intenvention, at bootup, press F10 to enable TPM manage-bde –tpm –TakeOwnerShip <password> # 0: success # -1: if TPM has already an owner manage-bde -on c: -RecoveryPassword $RecoveryPassword$ # reboot # password: 8x6 digits, divisible by 11, less than 720896 manage-bde –protectors c: -add -rp "110000-000066-..." # BitLocker Drive Preparation Tool BdeHdCfg.exe
Bitlocker for Windows 7 requires TPM. There are workarounds to use it without TPM, but then the key is stored on an USB-Drive, and the system requires that this USB-Drive is inserted on every boot, see http://www.vistaclues.com/enable-bitlocker-without-a-tpm/
