Add Google search provider to IE

Has anyone else noticed that Microsoft have made it really difficult to add Google as a search provider in IE?  It really should be (and did used to be) a simple case of clicking the little down arrow next to the address bar search providers (only Bing on a new install of Windows), then clicking find more providers and clicking Google from the page this opens and clicking install.  NO MORE; Google does not even seem to be in the add search providers page.  Whats all that about?

I found that by going direct to the Microsoft add search providers to Internet Explorer page http://www.microsoft.com/windows/ie/searchguide/en-en/default.mspx Google is there and I can easily add it.  Thanks for making it simple Bill.

Configuring IE Enhanced Security in 2008R2 Server

How annoying is a ‘feature’ from a software provider which blocks access to all features unless you basically disable it?  Microsoft provide Internet Explorer Enhanced Security on their server versions of Windows, unfortunately while this feature is in use it may as well be called; ‘Internet Explorer Completely Unusable’.  It is impossible to browse the internet without accepting endless warnings and if you run Windows Update it will fail (with a spurious security error)!

I could advise that you install a different browser, like Firefox for instance.  Whilst this is a good idea it will not make Windows Update work.

In 2003 server the first thing you would do would be to go to control panel and uninstall this useless feature. In Windows 2008 server the process is not the same.  You will need to open Server Manager (which opens every time you log on until you ask it not to), click on the root folder and scroll down to the security information section and click on configure IE ESC.  Disable it, it is USELESS (a little like Windows Firewall).

Creating addusers CSV file

Addusers CSV file can be created using the following simple instructions (well they can if you’re an IT GEEK)

To run the addusers process it is necessary to have an addusers CSV (Comma Separated Value) text file for the program to read the user information from.  The simplest way to create this file is to use Excel.

To start the process of creating the addusers CSV file you will need a list in xls format from SIMS which contains the following information:

• Name (Forename, Surname)
• Address line 1
• Date of birth

The first thing you will need to do is sort the data by address, this is done to randomise the student usernames; this is the only reason this field is necessary and it can be discarded after the sort (right click the column letter [B] > delete).  Once the data is sorted you will need the following information in the file:

• User name
• Name (Forename Surname)
• Date of birth
• Description (as; ‘Name Intake Year’ e.g. John Smith Intake 11)
• Home drive letter (N:)
• Home drive path (as; \\userfileserver\Username$ e.g. \\studentdata\09001JSmi$)
• Profile path (\\studentdata\Student$\Profiles\All_Students)
• Login script name (login.vbs)

To create the username you will first need to break the ‘Name’ field you have into separate values using data > text to columns.  Before you do this it is advisable to ensure that you have enough free columns after the name column you are splitting (any columns with data in them will be over written).

To achieve this it is best to copy and paste the Name column [A] to column J, that way all of the columns which the data will expand into are blank, plus you will still have the Name column [A] intact for later use, then; select column J > data > text to columns.

After the data has been split it will be necessary to remove any hyphens from names and to manually cut and paste any double barrelled names which had spaces into the relevant column.

At the end of this part of the process you need to end up with 2 columns (Forename and Surname, [column J and column K]) with NO SPACES and NO HYPHENS and no SINGLE QUOTES (‘) plus you will still have the original Name column [A].

At this point cut and paste the Name column [A] into column I and cut and paste the Date of Birth column [B] into column L

You will now need to create a column [M] of numbers from 001 (put 001 in row 1 002 in row 2 > select the two populated cells and drag [flood fill] down) to however many users you are adding (this column [M] will need to be formatted as text, exel may show this as an error, ignore this ‘error’).

It is now possible to start to create all of the fields you will need for the addusers CSV file to import the new users.

Within your addusers CSV you should now have columns A – M with data in columns I – M (provided you deleted the column with the address data in it).

In cell A1 you will need to type:

=CONCATENATE(“11”,M1,LEFT(J1,1),LEFT(K1,3))

This will create a username which consists of intake year (11) 3 random numbers (generated from the address sort) the first initial of the First Name and the first 3 letters of the Surname e.g. 11001JSmi

In column B cut and paste the contents of column I (the name column)

In column C cut and paste the contents of column L (the date of birth column).

In cell D1 you will need to type:

=CONCATENATE(B1, ” Intake 11″)

where 11 is the current year, don’t miss the space before Intake.

In cell E1 type:

N:

In cell F1 type:

=CONCATENATE(“\\studentdata\”,A1,”$”)

where studentdata is the file server containing the users home folders this will resolve to e.g. \\studentdata\11001JSmi$ as will be created in Bulk Adding AD Users

In cell G1 type:

\\studentdata\Student$\Profiles\All_Students

This path needs to be valid as the path to the student profile you will also need to right click and remove hyperlink on this cell.

In cell H1 type login.vbs

This is assuming the login script is available in \\[domain]etlogon as login.vbs

Row 1 will now be complete with data you will need to drag (flood fill) columns A,D,E,F,G and H.

At this point there will still be data in columns J,K and M DO NOT DELETE this data yet.

Save the addusers CSV file as a CSV e.g. intake11.csv accept any warnings about format and close the file.  Open the newly created addusers CSV file e.g, intake09.csv using Excel, delete the contents of columns J,K and M and format column C as date 00/00/00 this is because the initial student passwords need to be formatted in this manner.  Once again save and close the file.

From Windows Explorer right click the addusers CSV file e.g. intake11.csv and select open with > notepad.  The final step to make the file useable with addusers.exe is to insert a new line at the beginning of the document and type; [users] with the square brackets, then save and close the file.

DO NOT USE EXCEL TO REOPEN THE ADDUSERS CSV FILE FROM THIS POINT ON:

if you do so you will need to ensure you reformat column C as date 00/00/00 before closing it.  You will also need to open the file in notepad and remove the 7 commas (,) from the file after the [users] entry.

written by Nate Allen

addusers CSV creation instructions (ALLFacilities)

Bulk add AD users in Active Directory

Bulk add AD users in Active Directory

As September draws around again I need to bulk add AD users (210 new users) to the school Active Directory, this is a pretty simple process, but if you have never done a bulk add before it may seem daunting.

Creating new users on a bulk basis is an 8 step process.  Simply put:

1. Create CSV list of users and properties.
2. Create users using addusers.exe.
3. Create an OU for the users and move them into it.
4. Create intake Security Group
5. Add users to Security Groups using AD
6. Create user home directories.
7. Create a share for each user
8. Test login for new users

In more detail the process is as follows:

Step 1 Create CSV list of users and properties

The [CSV Fields names] required for entering data using addusers are (in this order):

User Name
Full Name
Password
User Description
Home Drive (letter:)
Home Drive Path
Profile Path
Login Script name

The easiest way to create this file is to use Excel, by taking a simple list of the names for import use built in Excel functions i.e CONCATENATE to create the necessary fields then save the file as a CSV see creating an addusers csv file.  The file should for ease of reference be called [intake year].CSV e.g. intake11.CSV

Step 2 Create users using addusers.exe

Addusers.exe is NOT part of Windows Server as a default.  It is however part of the resource kit and so freely available.  Check the file addusers.exe is installed on the machine you are using (look in the Windows system root e.g c:\winnt).  If the file is not there it can be found on Microsoft FTP server (save it to windows system root).
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40/i386/addusers_x86.exe

More info on using addusers.exe can be found on the Microsoft support site:
http://support.microsoft.com/default.aspx?scid=kb;en-us;199878

To run the user CSV import, open command prompt and navigate to the folder where the CSV file is saved then run addusers.

Example usage:

C:\>AddUsers domain_name /c intake11.csv /p:e

This is based on the CSV file being called intake11.CSV and saved in the root of C:.  This will create all the users on the AD for [whatever domain_name you use] in the ‘Users’ OU of the domain.  If you do not include the domain name in the above command you will create lots of new users on your local PC!

Step 3 Create an OU for new users and move them into it

From a workstation or server with Admin Pack installed see installing admin pack.  Open AD (Start > Programs > Administrative Tools > Active Directory Users and Computers).  Expand domain view, right click students, click new, Organizational Unit.  Name the OU as year of intake e.g 11.  This will create the new OU.

To move the users:

Select ‘users’ OU > bulk select the new users in the right hand pane > right click > click move > navigate to the OU ([11], just created) select this OU > OK.
Note by default there are some objects in the “users” OU that need to stay there so make sure only the new users just created are moved (sort them first).

Step 4 Create intake Security Group

Each user needs to be added to 2 security groups for Group Policy to function correctly, these are ‘students and intake[yearnn].  You will need to create the security group intake[yearnn].

In AD right click OU ‘Groups’ > click new > Group.  Select type’global’ and ‘security’; name the group as intake[yearnn] e.g intake11.

Step 5 Add new users to Security Groups using AD

Expand OU students and select the new OU e.g. 11.  In the right hand pane select all users > right click > click add to group > in the search window type students;intake11 click OK.

Step 6 Create User Home Directories

Navigate to the studentusers share on the network e.g \\studentdata\student$.  Create a new parent level folder name it as intake year e.g. 11.  Right click the folder and select security tab > deselect the ‘inherit permissions from parent’ (copy permissions) and remove ‘students’ from the permissions list.  Add the intake Security Group e.g. intake11 with ‘list folder contents’ permission only.  Click advanced > double click intake Security Group e.g. intake11 > set the permissions to ‘This folder only’.  Apply > OK.  This assumes that the parent folder (\\studentdata\student$) has full control access for domain admins, read / write permissions for staff and read access for students.

Create the individual homefolders

Create a list of usernames (use Excel and the CSV file used to add users) save the list as 2011users.txt ensuring this file only contains the username column (without the header row).

Open a command prompt and navigate to the folder where you saved 2011users.txt and run a for command:

C:\>for /f %u in (2011users.txt) do md \\studentdata\student$\11\%u

This will create a directory for each user in the list (2011users.txt) in the 11 folder on the  student$ share of the studentdata server.  Obviously if any of these parameters are not correct the command would need to be amended appropriately.

You will need to set the security on the folders you have created this is also an automated task see Managing user home drives (using security.bat) for instructions on this part of the process.

Step 7 Create a SHARE for each user

This step is required as the users may wish to connect to an AD connected Mac or MacBook and this will enable the Mac to (more easily) mount the home folder on login.

Creating shares can be completed from any network connected workstation using the tool RMTSHARE.exe available from Microsoft FTP (save to system root).
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40/i386/RMTSHAR.EXE

These instructions are based on a new intake of 11.

Open a command prompt and navigate to the folder where you saved 2011users.txt and run a for command:

For /f %u in (users.txt) do rmtshare \\studentdata\%u$=e:\students\11\%u /GRANT %u:full /GRANT domain\staff:full /REMARK:”Share for %u”

This will create a hidden share (ending in $) for each user in the 2011users.txt file on the studentdata server using the server’s e: drive folder you created in step 6.  Obviously if your student data is not stored on the server e: drive or the root folder for students is not ‘students’ you will need to amend the command appropriately.  This command will also REMOVE access to the everyone group in share permissions ACL (a VERY good idea) and GRANT full access to both staff and the user in the share permissions tab (without this neither the user nor any staff member will be able to browse to the contents of the folder).  The /REMARK is simply to add a descriptive name for the share which is visible in computer management window (right click My Computer).

Step 8 Test login for new intake

It will not be possible to fully test the functionality of logins for a bulk add users until the folder security has updated, as the users will not have access to their home folders until security.bat has run; see Managing user home drives (using security.bat) to manually set security on these folders before logging in as any selected (new) student and testing the functionality of the login.

Within my school network I have created a scheduled task to ensure file security is correct for all users, so it is possible to wait until the next day to test the login.  This also tests the scheduled task is running and functioning as expected.

bulk add AD users - Nate Allen

V-Shpere Server Virtualisation

Next week I will be involved in the (commencement of) server virtualisation of a 10 Server 700 client 1600 user school network. 

The hardware has arrived; 3 HP servers with 32GB RAM and 2*8 core Zeon processors 4 + 4 GB NICs and 14.4TB of HP SAN will form the basis of the environment.

Cotham School plans to build a V-Sphere VM environment onto this hardware then transfer the server roles into the virtual world, god I hope the hardware installation team KNOW what they are doing 😕  Once they are finished its over to us to configure the Windows environment.

To complicate matters somewhat we need to take the opportunity here to update the server OS to Windows Server 2008 R2, update to Exchange Server 2010 (from 2003) plus we plan to roll out Windows 7 sitewide as soon as we have been able to test stability and ensure programs and services will continue to run.

As much as I plan to write about the experiences the IT Support Team at Cotham School have doing this (good and bad), I think the current question on my mind is this; is V-Sphere server virtualisation easy (or what)?

I have a couple of words of advice for myself:

  1. Make sure those system state backups are SOLID.
  2. Don’t throw everything in
  3. Retain the existing DCs as long as possible.

The initial aim will have to be to see the new (VM) environment and enable a simple file share from the SAN which can be accessed from the client(s) and go from there.  Once we are there I will feel much more comfortable.

If you happened across this page and have any advice or benefit of experience you can offer I will be grateful to hear from you.