Mark Minasi's Windows Networking Tech Page
Issue #71 July 2008

Document copyright 2008 Mark Minasi; please see below for info on subscribing, unsubscribing or copying portions of this text.

What's Inside

• News
• Join Me At a Seminar!
• Tech Section
• IT Expert Don Jones Tells You About "Your IT Resume in 2018"
• You Can Sysprep More Than Three Times... Here's How
• Conferences
• Bring a Seminar to Your Site
• To Subscribe, Unsubscribe, Read Old Newsletters or Change Your Email Address

News

Hi all —

At our Forum meeting earlier this year, Don Jones did a nice talk on what you need to do to stay employed for the next ten years.  He's kindly summarized that here in a short piece that I think you'll enjoy.  You'll also read about a pernicious myth that Vista can only be Sysprepped three times.  It ain't true, but it's quite hard to figure out how to avoid the dread Sysprep Fatal Error... until you read this newsletter.  But first, a word from our sponsor...

Tech Section

In this issue, I'm pleased to have a guest piece from Don Jones, a smart guy with some thoughts about how you can find yourself still employed in the IT business ten years from now.  Then I can't wait to tell you about some things I found out about Sysprep.  Have you heard the rumor that you can only Sysprep a Vista image three times?  Turns out it's not true, as you'll see later.

IT Expert Don Jones Tells You About "Your IT Resume in 2018"

Don Jones is an old friend and one of the smartest guys I know.  One of Don's greatest strengths is that he can attack a topic, assimilate it and explain it wonderfully well in very short order.  I'm posting something that he wrote because... ah, well, let me just hand it over to Don:

"At this past April’s Minasi Forum Meeting in Virginia Beach, Mark asked me to do a somewhat ad-hoc keynote address to help kick things off. I decided to briefly discuss something that’s been on my mind a lot lately: Keeping up with the competition. Specifically, making sure your resume has the right things to make you a valuable member of a company – whether it’s your current one or not – and to help ensure continued promotion through the years. The talk went over pretty well, and so Mark asked me to write up some of the salient points for your perusal. I therefore give you..."

Your IT Resume in 2018:
A look at what the best IT professional resumes will contain in ten years’ time

In the coming years we’re going to see a polarization of IT job roles within the Microsoft space. We’ll see entry level jobs which pay less than they often do today, higher-end jobs which tend to pay more, and a gradual elimination of middle-level jobs. High-end jobs will become more efficient, and that’s what will drive the mid-levels out of business; low-end jobs will primarily be manual labor (desktop config) and customer-facing (help desk) positions where you need a body, but not necessarily a very skilled one. We’ve already seen this sort of polarization in other IT spaces, including Unix (where it’s been going on for years), AS/400, Cisco, and so forth. There are eight specific things you can do now to keep yourself on the top of the food chain in the coming years.

1: Be Business Savvy
You can’t be a pure geek forever. IT pros will be expected to take more responsibility for aligning business needs and IT resources. Don’t just implement technology – learn to analyze what the business needs, how to speak CxO-talk, and make recommendations appropriately. Sure, what you recommend might not be the best technical solution – but technology is useless unless it aligns perfectly to what the business needs that technology to do. Learn to make business justifications for your actions and requests.

2: Manage
Learn an IT management framework – ITIL, COBIT, whatever you like. High-end IT pros will be able to develop and work within framework-based management processes, which help increase stability, lower costs, and improve efficiency. You’ll also need to focus on third-party solutions that lend themselves to framework-based management. The latest tool cool doesn’t support an ITIL process workflow? Then don’t buy it – find a tool that fits better into your processes.

3: Automate
Learn Windows PowerShell, and do it now. Microsoft has never had anything like this – don’t kid yourself into thinking it’s just a replacement for VBScript. PowerShell is Microsoft’s way of finally giving you an operating system and suite of related products that can be automated; take advantage. Higher-end IT pros will do most of their work from the command-line, and they’ll love it. They’ll write scripts that perform management tasks in accordance with corporate policies and processes – reducing human error, increasing consistency, stability, security, and their paychecks. Do not kid yourself and think that you can skip this trend – 30 years of Unix administration ain’t wrong.

4: Stay Ahead
Keep on top of the newest product version. Yeah, I know, this is tough – but don’t fall behind. You can’t afford to. You need to be the go-to person for information on why to implement something new, why not to implement it, and when, if ever, to actually do so. And your answers need to be based on reason and reality, not religion and fear of change. Be neither an advocate nor opponent of change; simply be ready to implement what’s best for the business.

5: Go Hetero
The days of the homogeneous environment are gone. Companies are looking for the best tool for the best job, and that means environments with a mix of Windows, *nix, Mac, abacuses, slide rules, and whatever else works. Don’t be known as the “Windows guy (or gal)” who has to toss a problem over the wall if it isn’t on “your” operating system. Get the skills you need to perform at least basic tasks in your field on a variety of operating systems. Be the one who advocates a heterogeneous environment, either in the data center or on the desktop – when it’s right for the business. The added cost of supporting multiple operating systems is not necessarily higher than the cost of making an operating system do something it’s not well-suited for – remember that.

6: Become a Expert in Some Domain
Individual systems within your environment will become more complex – messaging, directory services, systems management, health management, and more. Don’t try to become an expert in all of them: Become a guru in one. Sure, you may need deep ancillary knowledge – Exchange gurus know a bit about Active Directory, for example – but carve a niche for yourself and own it.

7: Branch Out
That said, don’t ignore every other technology and product in the world. Have secondary expertise in related and connected systems. Nobody wants the Exchange admin to have no clue what’s going on simply because “it’s an AD problem” – businesspeople want a person who can fix the dang problem. And don’t ever let “your” niche be product-based! You might work with Exchange most of the time, but make yourself a messaging expert, with secondary knowledge in competing and connected systems (Lotus Notes). You never know when integration, migration, or some other need will come along that calls for a business-level expert.

8: Outsource
I’m not talking about outsourcing your help desk to a foreign country – I’m talking about “Software as a Service,” meaning outsourcing bits of your IT infrastructure – such as messaging, since I’ve used that work a dozen times already – to hosting companies. This is especially relevant for the small-to-medium business sector, but also for enterprises. I’m not saying you should outsource major parts of your infrastructure; I’m saying you need to understand if you should do so. Know the pros. Know the cons. Know what can be outsourced, what can’t, and what the tradeoffs are.

9: A Bonus
Here’s an extra point I didn’t bring out at the Forum Meeting, but should have: Get Smart. One thing that’s always distressed me about Windows admins is how many of them know so little about what’s going on inside the product that pays their salaries. I realize Windows came from the world of “just double-click Setup,” but that world is gone, gone, gone. Start to learn why Windows works the way it does. How it does what it does. Get fascinated by it. Read Mark Russinovich’s books, Bill Boswell’s books, Greg Shields’ books and magazine columns – devour the “insider” stuff. Doing so makes troubleshooting easier, but also makes planning, deploying, monitoring, optimizing, automating – heck, everything is easier to do more intelligently when you know what’s going on under the hood.

So there you have it – you’ve got a lot of work lined up. IT is moving fast, though, so don’t take the full ten years to get this stuff under your belt; start now. Pick your head up from the daily firefighting routine. Yeah, you may have to spend some non-work hours improving yourself, but I promise, it’ll pay off. Take on new projects at work, to help expose yourself not only to new technologies and products, but to new business processes and needs. Read books. Take a class. Participate in a community – yes, IT needs to be a hobby as well as a profession. Attend conferences whenever you can. Treat IT as a career – you think doctors earn the big bucks because they sit home all night? No, they work long hours, attend conferences, read journals, take classes, and more – it’s a lifestyle and a career! And you can do it.

 Don Jones is a Windows PowerShell MVP Award recipient and a co-founder of Concentrated Technology. Read his PowerShellblog, Tech Arguments with Greg Shields, and contact him at www.ConcentratedTech.com.

You Can Sysprep More Than Three Times... Here's How

Back in 2005, I started hearing that Sysprep had changed in some irritating way.  Ever since XP's SP2, I'd heard, you could only run Sysprep three times on an image.  If you tried to run Sysprep more than three times, you'd get a "fatal error," and Sysprep would work no more.  I have heard this refrain more and more loudly since Vista has appeared, and so I figured hey, it must be true.

As it turns out, it's not, on two counts.

First, I am told that this only happened on the retail copies of XP and Vista, and never happened on the copy of Vista that volume license customers get.  I've not verified this, but it makes sense given Microsoft's normal stance vis-a-vis non-volume customers. And even if I'm wrong on this one, it won't matter, because I'll show you how non-volume license customers can avoid the "three Syspreps and you're out" problem.

Second... well, thereby hangs the tale.  Yes, Sysprep will emit a fatal error and refuse to work after three times if you do this:

1. Build a Vista box.
2. Do not activate it.
3. Install a few apps.
4. Sysprep the Vista box.
5. Boot the box up.
6. Sysprep it again.
7. Boot it again.
8. Sysprep it again.
9. Boot it again.
10. Try to Sysprep it again, and get the fatal error.

What's really happened is this:  you built the Vista box, and ran Sysprep on it.  That had the side-effect of "rearming" your Windows activation, resetting the 30 day grace period on your Vista installation.  Vista doesn't let you rearm more than three times.  (Yes, I know, there are plenty of Web pages out there about how you might be able to get your Vista box to give you more rearms, but I'm interested in this article on how to avoid the three-Syspreps-and-you're-out problem, not how to enable pirates.)

Thus, three Syspreps causes three rearms, which causes the error.

If there were only a way to get Sysprep not to rearm your Windows grace period/activation; they we could Sysprep to our heart's content.

Well, a bit of Googling kept pointing me to the Help file for Windows unattended installations in the Windows Automated Installation Kit, and that kept talking about how to set "Rearm" to "1" in an automated installation script with Windows System Image Manager (which we discussed in Newsletters 60 and 62), and to set a setting I'd not noticed before named "SkipRearm" in x86_Microsoft-Windows-Security-Licensing-SLC_6.0.6001.18000_neutral.  SkipRearm was to be set to 1.  That, the docs said, would let me Sysprep as many times as I liked.

The only problem was that WSIM showed that this SkipRearm setting only made sense in Pass 3 -- "Generalize" -- and I had no idea how to stuff a Pass 3 WSIM XML script into Sysprep.  (I didn't then, but I know now; stay tuned.) But that SkipRearm setting rang a bell, as there's a REG_DWORD value entry by that name in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SL, a Registry key related to software licensing.

(Windows 7 note (August 2009):  The Win 7 key seems to be HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform.)

So I just opened up Regedit, navigated to that location in the Registry, set SkipRearm to 1, did not reboot, ran Sysprep, booted up the Sysprepped system... and found that my grace period / activation status had not been changed.  In explicit steps, here's how to safely Sysprep a system:

1. Open an elevated command prompt on the system.
2. Start Regedit.
3. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SL
4. Locate the REG_DWORD entry "SkipRearm."  If it's not there, just create it.
5. Set SkipRearm to 1.
6. Close Regedit.
7. Now Sysprep the box (this assumes that you actually intend to Sysprep your system -- if you do not fully understand that Sysprep resets a ton of things on your system and would make a personal system that you've been working on for quite some time fairly useless, then please don't do this) by typing c:\windows\system\sysprep\sysprep /generalize /oobe /shutdown and press Enter.
8. The system will do the Sysprep processing and shut down.

You can verify that Sysprep has not touched your Windows activation status by turning on the system, logging in, going to the System applet in the Control Panel (Windows key+Pause is the fastest way) and you'll see that your system's grace period has not reset to 30 days. I've verified this on a retail copy of Vista Ultimate by Sysprepping it eight times in a row with no change in my remaining grace period.

So what was all that WSIM stuff all about -- how could I make use of a WSIM script with "Pass 3" commands in it?  A quick look back to Newsletter 62 provides the clue.  WSIM lets me run Sysprep without rearming Windows Activation and without running Regedit like so:

1. Open up WSIM.
2. Create a setup script with just one setting -- the SkipRearm option set to 1.
3. Save the script.  For the sake of example, call it norearm.xml and that you stored it in c:\wsimscripts.
4. Invoke Sysprep as before, but this time invoke it like sysprep /generalize /oobe /shutdown /unattend:c:\wsimscripts\norearm.xml

Once it shuts down, you've got a system that's been Sysprepped... but not rearmed.  How's that an easier way?  Well, if I had to do a lot of Sysprepping, I'd keep norearm.xml on a USB stick, and save myself the trouble of having to poke around the Registry.

If you don't want to have to fire up WSIM, just cut and paste this into Notepad and save it as norearm.xml:

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="generalize">
        <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipRearm>1</SkipRearm>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:c:/mystuff/install.wim#Windows Vista ULTIMATE" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

I hope this helps someone!

Conferences

Besides my public classes, I'm presenting at

• TechTarget's Vista Roadshow in DC, Atlanta and Minneapolis -- info at http://events.techtarget.com/vista/.  I mentioned a 2008 road show in my mailing to subscribers but unfortunately it's not going to happen -- the events need sponsors and we couldn't put together enough to cover the road show's costs. Sorry!
• TechMentor in New York September 7-10.  Note that 1105 is running two events in the fall, the New York event and a show in Las Vegas.  I will be speaking in New York but not in Vegas -- so if you're planning to attend TechMentor in the fall and would like to see me speak then please plan for the New York show!  http://techmentorevents.com/2008/newyork/ for info.
• Windows Connections Vegas November 10-13:  can't avoid Vegas in the fall, it seems!  Back to the Mandalay Bay -- how can you not love a hotel with its own aquarium? -- to keynote and more.   http://www.devconnections.com/shows/FALL2008WIN/default.asp?s=125 for more info.

Bring Mark to Your Site to Teach

I'm keeping busy doing 2008 and Vista seminars and writing the 2008 books, but I've still got time to visit your firm.  In just two days, I'll make your current NT techies into 2008, Vista, security, XP, Active Directory or 2003 experts.  (And better yet, they won't have to sit through any Redmondian propaganda.)  To join the large educational, pharmaceutical, agricultural, aerospace, utility, banking, government, telecommunication, law enforcement, publishing, transportation, military and other organizations that I've assisted, either take a peek at the course outlines at www.minasi.com/presentations.htm, mail our assistant Jean Snead at Assistant@Minasi.com, or call her at (757) 426-1431 (only between noon-5 Eastern time, weekdays, please).

Special European Discount for On-Site Clients!

Well, sort of,.  Since the dollar's currently so weak against the euro, why not hire me now, before things change?<g>

Until Next Month...

Have a quiet and safe month. 

Please share this newsletter; I hope that it is a useful source of Windows technical information.  Please forward it to any associates who might find it helpful, and accept my thanks.  We are now at over 48,000 subscribers and I hope to use this to get information to every one of my readers. Many, many thanks to the readers who have mailed me to offer suggestions, errata, and those kind reviews.  As always, I'm at http://www.minasi.com/gethelp and please join us at the Forum with technical questions at www.minasi.com/forum.  Thanks for letting me visit with you, and take care. 

To Subscribe/Unsubscribe, Read Old Newsletters or Change Your Email Address

To subscribe, visit http://www.minasi.com/nwsreg.htm. To change e-mail or other info, link to http://www.minasi.com/edit-newsletter-record.htm.  To unsubscribe, link to http://www.minasi.com/unsubs.htm. See a unified table of contents of old newsletters at www.minasi.com/nwstoc.htm. Visit the newsletter archives and search for topics at http://www.minasi.com/archive.htm. Please do not reply to this mail; for comments, please link to http://www.minasi.com/gethelp.

All contents copyright 2008 Mark Minasi. You are encouraged to quote this material, SO LONG as you include this entire document; thanks.