There have been many times while working on a problem that I have found files that look suspicious, or are not part of the standard windows install. Microsoft has provided an excellent resource for researching executable files within windows.

It is called the DLL Help Database Search

So for example…you are working on your server, trying to diagnose a problem…and you see a process running called MAD.EXE

On the surface this really looks like a nefarious program. What legitimate application could be called MAD.exe?

If we do a search on the DLL help database we find that it is part of Microsoft Exchange:

Even better, you can see the version history of the file, what product it belongs to, and even the path of the file on the original install disk by clicking on the “More Info” link:

If that was not enough information for you, each file has a link to more details. Click on it, and there is even more:

This is an invaluable tool for IT Administrators, I suggest adding it to your list of bookmarks:

http://support.microsoft.com/dllhelp/

VMWare has announced the release of Beta 2 of their server product.

It is supposed to have improved performance, and include these new key features:

- Update VMWare Infrastructure (VI) Web Access management interface

- Independent virtual machine console

- Support for USB 2.0 devices

- Multi-Tiered permissions

- New Hardware editors

- Automatically start your virtual machines

This is the next generation of their free server product. I am downloading this beta right now to see how far along they are.

Visit their website, and Get your own copy today

We have a support contract with one of our software vendors. From time to time they need to login via Remote Desktop and make changes or updates for us.

I setup a special account that will notify me when they login to our server – that way I always know when they are on our system. They always work on it during business hours, and in the past they have always called us before doing any work.

This morning I see a notification email that they had logged in after 6pm last night. Grrr. I like them having their own account and password, and I don’t want to disable and enable their account each time they need to do work…so I decided to see if I could limit their allowed times for logging in.

It is actually much easier than I imagined. To do it you need to get on the domain controller, open up Active Directory Users and Computers, and double click on the user you want to limit (In this case I will use our support account)

Then move over to the accounts tab, and click on the button that says “Logon Hours”

Once you click on that button, a window will appear that allows you to select the hours the user can logon.

Simply make your choice, and now the user is limited to logon the hours you selected. If they try to logon during a restricted time, they will be greeted with this message:

Now you don’t have to worry about users sneaking in when they shouldn’t

Service Pack 1 for Vista was released a few weeks ago. For now, it is an optional update. Beginning mid April, SP1 will start automatically downloading to PCs – Only on machines that have automatic updates turned on. Not to fear, it will download but not install automatically.

If you are not familiar with the new layout of Automatic updates, you can see if it is available for downloading by opening Internet Explorer, click on tools, then Automatic updates. It will bring up the Automatic Update application. Click on the link that says “View Available Updates”

If SP1 is available, it will look something like this:

If you want to try it out now, but you still do not see it in your list of optional updates there are a few things you need to check:

-You have a pre-release version of Vista. If you do, you need to uninstall windows, and install a fresh full release.

-You already have it. To check, simply go to the start menu, and right click on computer and go to properties

-SP1 is only available in these languages: English, French, Spanish, German, and Japanese. If you have another language version of Windows installed, it is not available yet

-Windows update has detected that you have drivers that are problematic with SP1. If this is the case, SP1 will not show up in your list of updates (No way we know yet to determine if this is the case)

-You are missing pre-requisite patches needed. Simply keep running automatic update until you are fully patched.

We are still testing it out here ourselves…we can’t recommend for or against it yet. I think many of the fixes will be invisible to most – since their major focus for SP1 was driver incompatibilities.