Nixadmins.net

I’ve seen this question come up on discussion forums and other support resources a lot since the release of Vista. Many organizations still use Windows Server 2003 to serve users print services. And the need to upgrade isn’t really behind the corner yet. I know, I feel the same. We still use a Windows Server 2003 R2 as a print server and it it 32-bit, not 64-bit.

Can a 32-bit server handle 64-bit drivers

Short answer, yes. The server uses it’s own 32-bit driver as a interpreter between the spooler and the printer but it can serve clients with the drivers they need. The server really doesn’t care if the drivers it serves to clients are 32 or 64 bit. It can store all of them on the filesystem.

How do I install the drivers?

I’ve been using Windows 7 RSAT(Remote Server Administration tools) to add the drivers to our print server. The important step is to upgrade your current 32-bit drivers. If the driver versions of the 32 and 64 bit differ the server wont recognize them as the same driver. So if you’re using old drivers on your server I’m sorry to say you’ll have to start by upgrading the 32-bit ones first. I suggest you download both the 32-bit and the 64-bit version of the driver when you’re out driver hunting. First upgrade the 32-bit drivers you want to add 64-bit drivers for. I did this directly on the print server and I removed any old versions of the driver. Next add the 64-bit driver. Adding drivers from RSAT is really simple so I won’t go trough it in any detail. Just open Print Manager

Right click drivers and select add driver, add your 64-bit driver. As you can see in the image booth Toshiba drivers have the same version number, the difference is only the Environment.

Group policy edits for Windows 7

Next we’re going to create a group policy to allow restricted users to install their drivers, and we don’t want UAC to disturb or scare them. Side note: if you’re thinking of disabling UAC take a look at a previous article here http://www.nixadmins.net/2009/12/04/why-uac-is-the-best-thing-that-ever-happened-to-windows/ .

Open your Group policy management console and create a new / or add these settings to an old policy. You’ll find the setting under Computer Configuration \ Policies \ Administrative templates \ Printers \ Point and Print Restrictions.

Set the policy to Enabled and set the Security prompts Do not show warning or elevation prompt.

Push the group policy setting to your clients, point to your printer and you’ll be able to install it as a normal user.

You’ve probably heard, countless times, why the Windows UAC (User Access Control) is the worst function ever introduced in a Windows operating system. Today we’ll look at it from another point of view. I’m saying it’s the best function introduced in Vista and later. Why? Because it makes it easy to elevate your privileges without holding down the right CTRL button or looking for it in any menu. How? I’ll show you in a minute.

Using any operating system with administrative privileges is a bad idea. It doesn’t matter if your running OS X, Windows, Linux or something else. If you’re running your day to day tasks as an administrator(root) you’re not thinking straight. You should be using as little privileges as possible to get the job done, and here UAC does a beautiful job stepping in as a bridge into administrator land.

I run my Windows 7 as a ordinary user and have two separate administrator account for any admin work I need done. I haven’t had any problems running as a user since I started using Windows 7(never really used Vista that much). I can work efficiently as a user and elevate my privileges at any time if I need to.

UAC isn’t really there for the ordinary user it’s there to protect you as an administrator so you won’t make mistakes you might regret later. It makes you think about what you are doing, even if you are running as an administrator, touch something that’s crucial for the OS it will hit you with an prompt to remind you that this could have consequences. Find it annoying? Don’t. Use it, bend it to your will.

Using UAC to elevate privileges.

A typical situation is you start an installer and it asks you for the name and password for an administrative account. This worked long before Vista or Windows 7. But the great part with Windows 7 is that you can ask for elevated privileges REALLY easily.

Let’s take Active directory Users and Computers as an example. You can run it and browse your organizational units and you can se users without administrative privileges. If you need to open an account or reset a password you will have to elevate your privileges OR you can delegate the tasks to your restricted user or maybe even a co-worker who normally doesn’t work in IT(by creating custom MMC:s).

Anyway to elevate just hit the Windows Logo button, type Active Directory move to Active directory users and computers AND hit SHIFT+CTRL+ENTER. Instead of the program starting with your user privileges Windows tries to elevate and sees that your access token doesn’t have the required rights for this. So it shows you the prompt. Easy as 1,2,3.

This is something most corporate administrators are used to BUT I would like to see home users adapt to this workflow as well. In the example I used the builtin Windows search, but you can start up any program like this. Now that you have read how easy this is, PLEASE create an administrative user to use and remove administrative privileges from your normal account. I promise it will feel natural in a few days and you’ll be a lot safer using your computer.

Yesterday we setup our server to be able to handle the remote access requests. If you haven’t read the first part of this guide you can find it here. Today we will be taking a look at the next step.

(continue reading…)

I’m using Windows Vista 64-bit on my Windows desktop and launching Ciscos management software ADSM 6.0 I got an error saying

“ASDM is unable to continue loading. Click OK to exit from ASDM.
Unconnected sockets not implemented.”

ADSM was however launching on my Windows 7 64-bit laptop so I started looking for any other difference than the OS. ADSM is a Java application so starting there was only reasonable. I ran Java JRE 1.6 update 13 in the Vista machine and 1.6 update 7 in the Windows 7 laptop.

Downgrading the Java JRE to 1.6 update 7 solved the issue and ADSM is now launching without any problems. So if you’re having trouble getting the Cisco ADSM to launch, check and possibly downgrade your Java Runtime Environment.

I got my Lenovo X200s in January, it’s a small and great laptop and easy to carry in server rooms etc. But since I got it I’ve never got the Ericsson F3507g HSDPA module working properly. I can’t even get it to initialize and it’s driving me mad. So today after a power outage here at home I thought  I’d really dig in to the problem and try to get it solved. So first of I head over to Lenovo to find drivers, click support and downloads and drivers.  WTF!!

This is not the way a site should look from one of the largest laptop manufacturers. And believe me this is not the first time. It probably won’t be the last either.

So I get annoyed but think what the heck, I’ll find the drivers to the Ericsson module somewhere else. Well dream on. I can’t find any drivers for this god forsaken thing.

Access connections tell me nicely that the system contains incompatible drivers and I need to get the latest drivers and install them on my system. WELL I WOULD GOD DAMMIT! If I could get them somewhere.

So now I think I can get something from Thinkvantage System Update, but no. There are no updates available for this machine.

If you are reading this and you are considering a Lenovo ThinkPad X200, think twice. I can’t say the laptop itself, it’s a nice piece of machinery but Lenovo has THE worst website I ever had to use. Of the 50+ times I’ve had to visit them the error rate has been well over 60% and that’s just not acceptable these days.

I even remember when I was trying to decide on my next laptop and doing research I couldn’t get specifications on the X200 from their site(to make it even more ridiculous it doesn’t work today either). I guess that should have sounded a few warning bells.

I used to be mad at HP:s download site because the download speed was really low but at least their site works.  If you’ve read this then I thank you and you are really welcome to comment to ease my pain. And if you have found a solution for the Ericsson module then PLEASE let me know.