Archive for June, 2011

Microsoft Support Lifecycle Links

Microsoft Support Lifecycle http://support.microsoft.com/lifecycle/

Microsoft Product Lifecycle Search http://support.microsoft.com/lifecycle/search/

Advertisements

Leave a comment

SCOM 2007 R2 ACS links

  1. Additional Reports:
    1. Some Custom ACS Reports http://blogs.technet.com/b/jimmyharper/archive/2009/12/10/some-custom-acs-reports.aspx
    2. ACS Database Dashboard Report http://blogs.technet.com/b/jimmyharper/archive/2010/11/02/acs-database-dashboard-report.aspx
  2. Audit Collection Services (ACS) http://technet.microsoft.com/en-us/library/bb381258.aspx
  3. Managing Audit Collection Services in Operations Manager 2007 http://technet.microsoft.com/en-us/library/cc974475.aspx
  4. Audit Collection Services for Cross Platform Operating Systems http://technet.microsoft.com/ru-ru/library/ee873221.aspx .
  5. Windows 2008 R2 What’s New in Windows Security Auditing http://technet.microsoft.com/en-us/library/dd560628%28WS.10%29.aspx
  6. Security Audit Events for Windows
    1. Security Audit Events for Windows 7 and Windows Server 2008 R2 http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3A15B562-4650-4298-9745-D9B261F35814
    2. Security audit events for Microsoft Windows Server 2008 and Microsoft Windows Vista http://www.microsoft.com/downloads/en/details.aspx?FamilyID=82E6D48F-E843-40ED-8B10-B3B716F6B51B&displaylang=en
    3. Description of security events in Windows Vista and in Windows Server 2008 http://support.microsoft.com/kb/947226
    4. If you want a complete list of WS03 security events, then I suggest you look at chapter 4 of the Windows Server 2003 Security Guide. http://technet.microsoft.com/en-us/library/cc163121.aspx#EKH
    5. Windows 2000 Security Event Descriptions (Part 1 of 2) http://support.microsoft.com/kb/299475
    6. A list of all possible security events in the Windows Security Event Log http://blogs.technet.com/b/kevinholman/archive/2011/08/05/a-list-of-all-possible-security-events-in-the-windows-security-event-log.aspx
  7. Catch-22: Securing ACS Reports AND scheduling them. Part I: How Catch-22 was born… http://thoughtsonopsmgr.blogspot.com/2010/01/catch-22-securing-acs-reports-and.html
  8. Audit Collection Services WIKI http://www.systemcentercentral.com/WIKI/WIKIDetails/tabid/146/IndexID/20526/Default.aspx
  9. Security Monitoring and Attack Detection http://technet.microsoft.com/en-us/library/cc875806.aspx
  10. Windows Security Logging and Other Esoterica http://blogs.msdn.com/b/ericfitz/
    1. Mapping pre-Vista Security Event IDs to Security Event IDs in Vista+ http://blogs.msdn.com/b/ericfitz/archive/2009/06/10/mapping-pre-vista-security-event-ids-to-security-event-ids-in-vista.aspx
  11. User Logon report – strange logon events with “Logon Process: Authz”
    1. Logon Audit Events Seen After Installing Service Pack on Windows Server 2003 http://support.microsoft.com/kb/2002335
    2. service stopps/started Event ID 540 Logon/Logoff by %username% http://techblog.wanierke.de/2009/09/23/service-stoppsstarted-event-id-540-logonlogoff-by-username/print/

Leave a comment

How to generate alert when network device is unavailable?

  • Create “Generates Alert” override for the “Device Status Check Monitor” for the “SNMP Network Device” Class

SCOM

Leave a comment

SCOM 2007 and SNMP

Leave a comment

Useful SNMP (Simple Network Management Protocol) links

Leave a comment

Windows 2008 R2 SP1 Remote Desktop Services – DPI change issue

Hotfix for this issue is available “You cannot change the DPI setting through a Remote Desktop session on a computer that is running Windows 7 or Windows Server 2008 R2“ http://support.microsoft.com/kb/2726399

Article how to create several Themes for users “The DPI adjustment is not available in a Remote Session (RDP)“ http://support.microsoft.com/kb/2544872

—————————————-

Background information:

  1. Windows 2008 Terminal Services allows changing displayed font size by modifying DPI value. To increase font size you can log on locally with admin rights and increase DPI till 120 DPI. It is system wide settings in Windows 2008 and is active in full Remote Desktop session as well as in RemoteApp session.
  2. Windows 2008 R2 SP1 Remote Desktop Services DPI value is not systemwide anymore and is ignored in full Remote Desktop session as well as in RemoteApp session.
  3. When using monitors with high resolution (1280 x 1024 and above) users often complain that there is a small font size.
  4. I have searched the Internet and discovered that this issue is known but there is no accepted solution:

5. Microsoft acknowledges that Windows 2008 R2 doesn’t allow DPI (Font Size / Scaling) changes on Remote and this is the issue on Windows Server 2008 R2.

My research for Windows 2008 R2 SP1 Remote Desktop Services:

1. When DPI value is changed in “Control Panel\All Control Panel Items\Display” the “[HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics]” registry key parameters are affected (additional information “Windows Server 2003 Resource Kit Registry Reference http://technet.microsoft.com/ru-ru/library/cc780212%28WS.10%29.aspx”:

  • AppliedDPI – current DPI value.
  • CaptionFont, IconFont, MenuFont, MessageFont, SmCaptionFont, StatusFont – binary values representing font name and font size used.
  • c. …

2. With the same “AppliedDPI” value but different resolutions – you can get different font and other values in “[HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics]”.

3. If “AppliedDPI” value is changed and not equals to the default “96 (decimal)”:

  • It is identified using Sysinternals Process Monitor, that most of „HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics” registry key values are changed by explorer.exe process during user logon when using full RDP Session. “AppliedDPI” value is reverted back to “96 (decimal)” and other settings are changed accordingly.
  • When using RemoteApp mode – there is no explorer.exe and all settings become unchanged but “AppliedDPI” value is ignored.

4. If “AppliedDPI” value leaved unchanged and equals to the default “96 (decimal)”, than it is possible to change other values under „HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics” and those values will not be modified by explorer.exe process.

I would like to recommend the following procedure to mitigate font size issue for applications that use Windows font settings.

  1. Log on to Windows 2008 R2 SP1 server using local console.
  2. Change display resolution to be identical that is used by your users widely.
  3. Logoff / logon.
  4. Change DPI value using “Control Panel\All Control Panel Items\Display”.
  5. Logoff / logon.
  6. To distribute settings using exported registry file:
  • Export “[HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics]” registry key.
  • Edit exported registry key and delete “AppliedDPI=…” string.
  • Distribute the *.reg file to users using your favorite method (log on script for example).

7. To distribute setting using Group Policy preferences:

  • On the same Windows 2008 R2 SP1 server lunch “Group Policy Management”.
  • Create GPO and go to “User Configuration – Preferences – Windows Settings – Registry”. Lunch “Registry Wizard” and import all “[HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics]” parameters from “Local Computer” excluding “(Default)” and “AppliedDPI”. For each imported parameter enable “Run in logged-on user’s security context (user policy option)”
  • Edit GPO “Security Filtering” if needed.
  • Distribute GPO to users.

Some applications (for example 1C:Enterprise 8 accounting application) do not use Windows font settings but have embedded font configuration (size for example). For those applications the above recommendations do not help. I would like to advise to do one of the following:

  • Replace monitor to lower resolution.
  • Execute application locally on workstation and increase DPI value.

33 Comments

Take a rest

Leave a comment