We’re pleased to announce that Windows 7 Resource Kit, by Mitch Tulloch, Tony Northrup, Jerry Honeycutt, Ed Wilson, and the Windows 7 Team at Microsoft, is now available for purchase in bookstores (Microsoft Press, 2010; ISBN: 9780735627000; 1760 pages)!
To give you a taste of what you’ll find in the book, here are excerpts of the Introduction and two sample chapters.
Welcome to the Windows 7 Resource Kit from Microsoft Press! The Windows 7 Resource Kit is a comprehensive technical resource for deploying, maintaining, and troubleshooting Windows 7. The target audience for this resource kit is experienced IT professionals who work in medium-size and large organizations, but anyone who wants to learn how to deploy, configure, support, and troubleshoot Windows 7 in Active Directory Domain Services (AD DS) environments will find this resource kit invaluable.
Within this resource kit, you’ll find in-depth information and task-based guidance on managing all aspects of Windows 7, including automated deployment, desktop management, search and organization, software update management, client protection, networking, remote access, and systematic troubleshooting techniques. You’ll also find numerous sidebars contributed by members of the Windows team at Microsoft that provide deep insight into how Windows 7 works, best practices for managing the platform, and invaluable troubleshooting tips. Finally, the companion media includes the Windows 7 Resource Kit PowerShell Pack and sample Windows PowerShell scripts that you can customize to help you automate various aspects of managing Windows 7 clients in enterprise environments.
Overview of the Book
The six parts of this book cover the following topics:
- Part I—Overview Provides an introduction to the features of Windows 7 and an overview of security enhancements for the platform.
- Part II—Deployment Provides in-depth information and guidance on deploying Windows 7 in enterprise environments, with particular focus on using the Microsoft Deployment Toolkit 2010 (MDT 2010).
- Part III—Desktop Management Describes how to use Group Policy to manage the desktop environment for users of computers running Windows 7 and how to manage specific features such as disks and file systems, devices and services, printing, search, and Windows Internet Explorer.
- Part IV—Desktop Maintenance Describes how to maintain the health of computers running Windows 7 by using the eventing infrastructure, monitoring performance, managing software updates, managing client protection, and using Remote Assistance.
- Part V—Networking Provides in-depth information concerning core networking, wireless networking, Windows Firewall, Internet Protocol Security (IPsec), remote connectivity using virtual private networking (VPN), Remote Desktop, and Internet Protocol version 6 (IPv6).
- Part VI—Troubleshooting Describes how to troubleshoot startup, hardware, and networking issues, as well as how to interpret Stop messages.
Excerpt from Chapter 22
- Supporting Users with Remote Assistance
- Understanding Remote Assistance
- Implementing and Managing Remote Assistance
- Additional Resources
Remote Assistance (RA) in Windows Vista included improvements in connectivity, performance, usability, and security along with feature enhancements that make it even more useful than Remote Assistance in Windows XP was. The Windows 7 operating system builds on these earlier improvements with Easy Connect, a new feature of Remote Assistance that makes it easier than ever for novice users to request help from expert users and for experts to offer help to novices. With increased Group Policy support, command-line scripting capabilities, session logging, bandwidth optimization, and more, Remote Assistance is now an essential tool for enabling enterprises to support users in Help Desk scenarios. This chapter examines how Remote Assistance works in Windows 7, how to use it to support end users, and how to manage it using Group Policy and scripts.
Understanding Remote Assistance
Supporting end users is an essential function of IT departments and the corporate Help Desk. Unfortunately, conventional technical support provided over the telephone or using chat tools is generally cumbersome and inefficient. As a result, supporting users is often both time-consuming and costly for large enterprises to implement. For example, end users often have difficulty describing the exact nature of the problem they are having. Because of their general inexperience and lack of technical knowledge, end users may try to describe their problem using nontechnical, inexact language. As a result, Help Desk personnel are generally reduced to asking a series of simple questions to try to isolate the problem the user is having. The methodical nature of these questions sometimes causes users to feel as if Help Desk personnel are being condescending, and such misunderstandings can reduce the effectiveness of the support experience and can make users tend to avoid contacting support personnel when future problems arise.
End users also often have difficulty following instructions given to them by Help Desk personnel who are trying to assist them. Well-trained support personnel will try to avoid using technical jargon when communicating with end users, but although using plain language can improve the support experience, it may also mean that resolution steps become long and tiresome. For example, telling a user how to use Disk Cleanup from System Tools in Accessories can require several sentences or more, and this kind of communication can add time to support incidents, making them more costly to the company.
Remote Assistance solves these problems by enabling support personnel to view the user’s desktop in real time. The user seeking assistance can demonstrate the nature of the problem to the support person. This is a quicker and more efficient way to communicate a problem than using words or e-mail. If necessary, the user can also give the support person permission to assume shared interactive control of the user’s computer to show the user how to resolve the problem. The result of using Remote Assistance is faster problem resolution, an improved support experience, and a lower Total Cost of Ownership (TCO) for supporting end users in large, corporate environments.
Remote assistance vs. Remote Desktop
Remote Assistance and Remote Desktop are different features of Windows 7 that have entirely different uses. Remote Desktop is based on Microsoft Terminal Services and is a tool for logging on to remote computers. When you use Remote Desktop to connect to a remote computer, a new user session is established. Remote Desktop can also establish sessions with computers that have no interactive sessions running (no users logged on locally), such as headless servers. For more information on Remote Desktop, see Chapter 27, “Connecting Remote Users and networks.”
Remote Assistance, on the other hand, is a tool for interactively helping users troubleshoot problems with their computers. to use Remote Assistance, both the User (also called the novice) and the helper must be present on their computers. Unlike Remote Desktop, Remote Assistance does not create a new session. Instead, Remote Assistance allows the helper to work in the existing session of the User. the User’s desktop gets remoted to the helper, who can then view the User’s desktop and, with the User’s consent, share control of the desktop. here is another way to summarize the difference between these two features: In Remote Assistance, both users involved are looking at the same desktop using the same logon credentials (those of the interactively logged-on User) and can share control of that desktop; in Remote Desktop, when the remote person logs on, the interactively logged-on user (if one exists) is logged out.
Excerpt from Chapter 28
- Understanding IPv6
- IPv6 Enhancements in Windows 7
- Configuring and Troubleshooting IPv6 in Windows 7
- Planning for IPv6 Migration
- Additional Resources
Like the Windows Vista operating system before it, the Windows 7 operating system has a new Next Generation Transmission Control Protocol/Internet Protocol (TCP/IP) stack with enhanced support for Internet Protocol version 6 (IPv6). This chapter provides you with an understanding of why IPv6 is necessary and how it works. The chapter describes the IPv6 capabilities in Windows 7, Windows Vista, and Windows Server 2008 and outlines how to migrate the IPv4 network infrastructure of your enterprise to IPv6 using IPv6 transition technologies, such as Intra-Site Automatic Tunnel Addressing Protocol (ISATAP). Finally, the chapter describes how to configure and manage IPv6 settings in Windows 7 and how to troubleshoot IPv6 networking problems.
The need for migrating enterprise networks from IPv4 to IPv6 is driven by a number of different technological, business, and social factors. The most important of these are:
- The exponential growth of the Internet is rapidly exhausting the existing IPv4 public address space. A temporary solution to this problem has been found in Network Address Translation (NAT), a technology that maps multiple private (intranet) addresses to a (usually) single, public (Internet) address. Unfortunately, using NAT-enabled routers can introduce additional problems, such as breaking end-to-end connectivity and security for some network applications. In addition, the rapid proliferation of mobile IP devices is accelerating the depletion of the IPv4 public address space.
- The growing use of real-time communications (RTC) on the Internet, such as Voice over IP (VoIP) telephony, instant messaging (IM), and audio/video conferencing, exposes the limited support for Quality of Service (QoS) currently provided in IPv4. These new RTC technologies need improved QoS on IP networks to ensure reliable end-to-end communications. The design of IPv4 limits possible improvements.
- The growing threats faced by hosts on IPv4 networks connected to the Internet can be mitigated considerably by deploying Internet Protocol security (IPsec), both on private intranets and on tunneled connections across the public Internet. However, IPsec was designed as an afterthought to IPv4 and is complex and difficult to implement in many scenarios.
IPv6, developed by the Internet Engineering Task Force (IETF) to solve these problems, includes the following improvements and additions:
- IPv6 increases the theoretical address space of the Internet from 4.3 × 109 addresses (based on 32-bit IPv4 addresses) to 3.4 × 1038 possible addresses (based on 128-bit IPv6 addresses), which most experts agree should be more than sufficient for the foreseeable future.
- The IPv6 address space is designed to be hierarchical rather than flat in structure, which means that routing tables for IPv6 routers can be smaller and more efficient than for IPv4 routers.
- IPv6 has enhanced support for QoS that includes a Traffic Class field in the header to specify how traffic should be handled and a new Flow Label field in the header that enables routers to identify packets that belong to a traffic flow and handle them appropriately.
- IPv6 now requires IPsec support for standards-based, end-to-end security across the Internet. The new QoS enhancements work even when IPv6 traffic is encrypted using IPsec.
Understanding how IPv6 works is essential if you plan to benefit from IPv6 by deploying it in your enterprise. The following sections provide an overview of key IPv6 concepts, features, and terminology.
NOTE For more detailed information on IP concepts, features, and terminology, see the white paper titled “Introduction to IP Version 6” at http://www.microsoft.com/downloads /details.aspx?FamilyID=CBC0B8A3-B6A4-4952-BBE6-D976624C257C&displaylang=en. Another good reference for learning IPv6 is the book, Understanding IPv6, 2nd Edition, by Joseph Davies (Microsoft Press, 2008).
Understanding IPv6 terminology
The following terminology is used to define IPv6 concepts and describe IPv6 features:
- Node An IPv6-enabled network device that includes both hosts and routers.
- Host An IPv6-enabled network device that cannot forward IPv6 packets that are not explicitly addressed to itself. A host is an endpoint for IPv6 communications (either the source or destination) and drops all traffic not explicitly addressed to it.
- Router An IPv6-enabled network device that can forward IPv6 packets that are not explicitly addressed to itself. IPv6 routers also typically advertise their presence to IPv6 hosts on their attached links.
- Link One or more LAN (such as Ethernet) or wide area network (WAN, such as Point-to-Point Protocol [PPP]) network segments bounded by routers. Like interfaces, links may be either physical or logical.
- Neighbors Nodes that are connected to the same physical or logical link.
- Subnet One or more links having the same 64-bit IPv6 address prefix.
- Interface A representation of a node’s attachment to a link. This can be a physical interface (such as a network adapter) or a logical interface (such as a tunnel interface).
NOTE An IPv6 address identifies an interface, not a node. A node is identified by having one or more unicast IPv6 addresses assigned to one of its interfaces.
Be sure to visit the Microsoft Learning Windows 7 Training Portal, where you can download the free sample chapters (previews) as well as learning snacks and online clinics.