uberAgent for Splunk monitors Windows machines. It does not try to display as much data as possible but focuses on visualizing what is actually going on instead. In the last post we gave you a glimpse of the information it can display about user sessions and logon times. Today we are going to talk about machines, processes and applications.

Client Hyper-V was one of the things I was most looking forward to when I upgraded to Windows 8. I immediately added the Hyper-V feature and went to installing Server 2008 R2 in the first virtual machine. That went well enough and nothing extraordinary happened until I tried to run Windows Update in the new VM. Try as I might, Windows Update would always fail with the error code 80072EFE. Sometimes it chose to fail with 80072EE2, though.

uberAgent for Splunk takes Windows monitoring a step further. uberAgent does not just collect data - it gives you the information that matters. Other monitoring products rely on the performance counters built into Windows. uberAgent has its own metrics, covering key aspects of user experience and system performance.

Due to the strict permissions on the System Volume Information directory finding out its true size is not easy. Explorer is really bad at such things. It definitely was not made for administrative tasks. It displays the directory size as zero bytes:

This article is part of a mini-series. You can find the other articles here. In the previous articles in this series we saw how to calculate a farm’s capacity and then how to determine its load. With that information and knowledge of our methodology we can go about calculating the capacity of the new farm, in other words doing the actual sizing. Which is dead simple, by the way.

What do I do for a living? I travel to community conferences, of course. In 2012 I spent 44 days going to 10 different conferences - err, wait, that is I would love to earn a living that way, but of course I have to work like everybody else. Nevertheless, having my own company I can be flexible as to how and where I spend my time off. Apart from being with my family there is little else more compelling than meeting my peers, talking to thought leaders in the industry and hanging out with overall great guys. In 2012 I have been doing that a lot. I spent a whopping 44 days travelling. I went to 10 different conferences, 3 in the US and another 7 in Europe. And I presented at 7 of them.

Sony Vaio laptops are rumored to suffer from two defects: the preloaded OS image being full of crapware, and being extremely difficult to clean install. The former is true for nearly every laptop vendor. I do not care about it because I reinstall anyway - I know from first-hand experience how much can go wrong building an OS image. The latter is bad since it obviously jeopardizes my remedy for defect #1.

Udamin.exe is a handy tool for managing Citrix user/device licenses. To get a list of currently issued licenses run it like this: C:\Program Files\Citrix\Licensing\LS>udadmin.exe -list Usage data is 15 minutes old. Next update in 1 minutes. Users: username1 XDT_PLT_UD 2013.0815 username2 XDT_PLT_UD 2013.0815 Devices: computername1 XDT_PLT_UD 2013.0815 computername2 XDT_PLT_UD 2013.0815 You can delete individual license assignments like this:

Contrary to what Lenovo wants to make you believe, the T520 laptop is not limited to 8 GB of RAM. I own this reliable workhorse and made the mistake of buying another laptop because I wanted something more elegant, but mainly because I need more than 8 GB of RAM. As it turned out, the other machine was not as business-proof as I thought.

Ron Kuper asked in a comment why the architecture of Citrix Profile Management was changed from being based on mandatory profiles to capturing the entire profile content by default. This change happened between versions 1 and 2.

This kept us occupied quite a bit: after having worked with HP’s G7 line of servers for a long time, we ordered our first DL380 G8 for use with VDI. According to HP’s documentation the same custom image can (and must be) used when installing ESXi as with the G7. With that information, setting up the G8 sounded like an easy job: provision it via the existing automation mechanism and be done.

This article is part of a mini-series. You can find the other articles here. In the previous part of this series we saw how to determine the capacity of a server farm. This time we will look at how that capacity is utilized, in other words at farm load. As before we will do that for the four main components of a XenApp server separately: CPU, memory, storage and network.

I encountered a strange error when I moved my laptop’s hard drive to another computer to make room for an SSD. When I tried to install Windows 8 on the repurposed drive I could not see any partitions. Neither could I install Windows on the drive. I kept getting the error Windows cannot be installed to this disk. In addition, the setup process was extremely slow.

The software industry in general is a very fast moving business, but even in this sector there are niches that allow species to survive that should, by normal means, have been dead a very long time ago. One such species is the web forum.

I have been using Lenovo laptops for more than seven years. They never failed me - not a single hardware fault or software instability in all those years. OK, not everything was great - I distinctly remember the R60 which had an atrociously bad screen - but apart from a few glitches here and there IBM come Lenovo delivered great quality again and again. And yet here I am ordering my first laptop from an entirely different manufacturer. How come?

A Windows 7 start menu tells a lot about the user that, indirectly, created it. This is what mine looks like: Helge’s Start MenuSo what does that say about me?

This article is part of a mini-series. You can find the other articles here. As we have seen in part 1 of this series, when sizing a new farm the first thing we need to know is the capacity of the existing farm. Armed with data on capacity and additionally load, we can easily calculate the capacity of a new farm. In this article I describe how to determine capacity of the four relevant hardware components of a XenApp server: CPU, memory, storage and network.

While I am generally satisfied with the quality of Microsoft Knowledge Base articles (many other vendors’ KBs are far worse), from time to time I encounter articles that either lack even the tiniest bits of information or are unintentionally funny. Today I found one that fits into both categories: Unexpectedly slow startup or logon process in Windows Server 2008 R2 or in Windows 7.

This article is part of a mini-series. You can find the other articles here. One of the first things you need to do after starting a XenApp farm upgrade project is to answer the obvious question from management: how much will it cost? In order to be able to answer, you need to have a good understanding of the resources required. In other words, you need to size the farm.

What could be geekier than a t-shirt imprinted with actual source code from a tool that helps administrators around the world tame one of the most dreaded beasts in IT: permissions?

On my quest for a decent PowerShell development tool I first tried out PowerGUI, but was not very happy with it. When the RTM version of PowerShell 3.0 along with a revamped ISE was released a few days ago, I decided to give it a try. Here is what I found.

This is a complete listing of all Windows 7 HKEY_CURRENT_USER registry permissions. The list was generated on a 32-bit installation with SetACL. More default permission listings can be found here.

This article is part of my small series about AppLocker, a technology built into Windows that enables administrators to audit and optionally block application execution. AppLocker and UAC One of the default rules allows unrestricted application execution for administrators. That is only sensible. After all, someone needs to be able to troubleshoot and perform maintenance. However, if UAC is enabled, that rule is not very useful. Remember: UAC filters the SID for the group Administrators from the access token during normal operation. With the Administrators’ SID gone, AppLocker is active for administrators in the same way it is for all other users. Administrators wishing to bypass AppLocker need to start executables from an elevated command prompt (or right-click and select run as administrator), which is often impractical.

This is a complete listing of all Windows 7 file system permissions. The list was generated on a 32-bit installation with SetACL. More default permission listings can be found here.