Nxl67170 - Windows: Difference between revisions
(150 intermediate revisions by 2 users not shown) | |||
Line 2: | Line 2: | ||
This is the configuration page for the '''Windows 7''' partition on '''[[Configuration NXP Dell Latitude E5430|NXL67170]]'''. |
This is the configuration page for the '''Windows 7''' partition on '''[[Configuration NXP Dell Latitude E5430|NXL67170]]'''. |
||
''' |
'''Available Images''' |
||
* (1st image as-of 2012-02-19 deleted) |
|||
* {{green|'''Image 1'''}} (ntfsclone) — 2013-03-20 — Native, as received from IT with some additional software (''Visio'', ''Euroglot''...), but '''without''' any virtualization . |
|||
* {{blue|'''Image 2'''}} (ntfsclone) — Last backup image. Contains additional software, custom settings and virtualization. |
|||
* {{blue|'''Image 3'''}} (vbox snapshot) — 1st virtualbox snapshot, state as on harddrive image. Content of the next backup image. Last known good version, VM is reverted to that image if ''Candidate'' image is broken |
|||
** Next images are named {{blue|'''Image 4'''}}, {{blue|'''Image 5'''}}... |
|||
* {{red|'''Candidate'''}} (vbox snapshot) — Last permanent image, VM is reverted to that image regularly to get SW updates, and apply last changes from ''new''. All services enabled. Merged into ''Image 3'' if proven stable. |
|||
* {{red|'''Lightweight'''}} (vbox snapshot) — Lightweight version of candidate (many serviced and AV disabled). Contains last bleeding-edge changes. VM already started. VM is reverted to that image on a daily basis. |
|||
{{red|'''Before Deleting Snapshots'''}} |
|||
To do before creating a new image: |
|||
* Backup Personal certificates (save them to {{file|~/Documents/archive.noidx/backup_and_log/nxl67170-latitude_e5430/certificates}}, see {{file|README.TXT}} for instructions) |
|||
* Disable Windows Restore (will delete restore points) |
|||
* Backup Office templates (from {{file|C:\Users\beq06659\AppData\Roaming\Microsoft\Templates}} to {{file|~/Documents/archive.noidx/backup_and_log/nxl67170-latitude_e5430}}) |
|||
* Disable page file |
|||
* Disable hibernation (will delete hibernat.sys). |
|||
* Perform disk clean up (will empty recycle bin, etc) |
|||
* Go to Outlook local data, and delete all cache .OST file<br/>better delete, then restart outlook once so that the .OST are recreated once for all (but quit before send & receive starts) |
|||
''' |
'''Daily process''' |
||
* Boot ''lightweight'' snapshot. |
|||
* Apply last changes during last session (marked ''new''), and update ''lightweight'' snapshot (replace previous one). |
|||
* Enjoy |
|||
'''Weekly process''' |
|||
To do after restoring an image: |
|||
* Merge ''candidate'' snapshot into ''image 3''. |
|||
* Set up a new page file |
|||
* Boot the new ''image 3'' |
|||
* Apply last changes applied in image ''lightweight'', and download last SW update, etc. |
|||
* Create new ''candidate'' snapshot |
|||
* Apply non-permanent changes (lightweight, see below), and create new ''lightweight'' snapshot. |
|||
'''How to create a ''Lightweight'' image from a standard one''' |
|||
'''Available Images''' |
|||
* Boot image using Windows recovery DVD and start {{file|regedit.exe}} |
|||
* '''Image 1''' (ntfsclone) — 2013-02-19 — Almost as received from IT (i.e. no install, no virtualization...). |
|||
* Mount {{file|SYSTEM}} hive as <code>remote_SYSTEM</code> |
|||
* {{green|'''Image 2'''}} (ntfsclone) — 2013-03-14 — After virtualization, contains ''Visio'', ''Euroglot''. |
|||
* Mount {{file|SOFTWARE}} hive as <code>remote_SOFTWARE</code> |
|||
* {{blue|'''Image 3'''}} (vbox snapshot) — Last permanent image. VM is reverted to that image after each shutdown |
|||
* Import registry files {{file|c:\temp\custom_config\*_On_Remote.reg}}. |
|||
* {{red|'''New'''}} — changes not yet committed into an image (to redo at each new VM start-up) |
|||
* Edit {{file|hosts}} file, and add / uncomment line |
|||
127.0.0.1 wbi.nxp.com |
|||
* Restart, and run asap the file {{file|c:\temp\custom_config\Customize_config.bat}} as administrator. |
|||
* Make sure that the network interface is set to ''NAT'', and that the CD-ROM is removed before making the snapshot. |
|||
* In Outlook, disable de ''McAfee Add-in''. |
|||
'''Monthly process''' |
|||
* Backup ''image 3'' |
|||
== Configuration Files == |
== Configuration Files == |
||
Line 26: | Line 45: | ||
== Installed Applications == |
== Installed Applications == |
||
List of applications installed, by order of first appearance, and their configuration settings. |
List of applications installed in each image, by order of first appearance, and their configuration settings. |
||
''' |
'''Note:''' {{green|1st}}, {{blue|2nd}}, {{red|new}}, etc. indicate that the settings was applied in the given image, and not in the image under which the application is listed (to track settings changed after image was taken). |
||
=== 1st |
=== {{green|Installed in 1st Image}} === |
||
{| class="install_simple_log" |
{| class="install_simple_log" |
||
|- |
|- |
||
|'''Outlook 2010'''|| |
|'''Outlook 2010/2013 (Office 365)'''|| |
||
* {{green| |
* {{green|1st}} Deleted .OST file in user profile, and boot once outlook to recreate it (but quit before send & receive) |
||
* {{blue| |
* {{blue|2nd}} Set value <tt>HKCU\Software\Policies\Microsoft\Office\14.0\Outlook\options\DisableIMAP</tt> to '''0''' |
||
* {{blue| |
* {{blue|2nd}} Add account, your name '''Michael Peeters''', e-mail address '''michael.peeters@nxp.com''', type '''IMAP''', incoming server '''localserver''', outgoing '''localserver''', user name '''beq06659''', password (see keepassx) — (more settings) Account '''_archives_''', root folder path '''INBOX''' |
||
** {{blue|2nd}} ''Options'' → ''Advanced'' → ''Send/Receive...'' → ''Edit...'' → select ''Archives'', and click ''Download headers for subscribed folders''. |
|||
* {{blue|3rd}} Add account, your name '''Michael Peeters''', e-mail address '''michael.peeters@noekeon.org''', type '''IMAP''', incoming server '''nxl67170ux''', outgoing '''nxl67170ux''', user name '''mip@noekeon.org''', password (see keepassx) — (more settings) Account '''_noekeon.org_''', incoming server '''9143''', outgoing server '''9025''', root folder path '''INBOX''' |
|||
** {{blue|2nd}} Right click on IMAP folder account → ''IMAP folders...'' → uncheck ''When displaying hierarchy in Outlook, show only subscribed folders''. Then right click again → ''Update Folder List''. |
|||
* {{blue|3rd}} Add account, your name '''Michael Peeters''', e-mail address '''michael.peeters@immie.org''', type '''IMAP''', incoming server '''nxl67170ux''', outgoing '''nxl67170ux''', user name '''mpe@immie.org''', password (see keepassx) — (more settings) Account '''mpe@immie.org''', Outgoing server '''requires authentication''', incoming server '''9993''' using '''SSL''', outgoing server '''9465''' using '''SSL''', root folder path '''INBOX''' |
|||
** {{blue|2nd}} For each IMAP account, select '''Mark items for deletion but do not move them automatically''' (→ ''Folder'' menu → ''Purge'' → ''Purge Options...'') (from [http://productforums.google.com/forum/#!msg/gmail/GHOq7TKZJeY/iGZ4GJQSRgw]).<br/>This fix the error message <tt>The operation cannot be performed because the object has been deleted</tt>. |
|||
* {{blue|3rd}} Add account, your name '''Michael Peeters''', e-mail address '''michael.peeters@immie.org''', type '''IMAP''', incoming server '''nxl67170ux''', outgoing '''nxl67170ux''', user name '''mpe@immie.org''', password (see keepassx) — (more settings) Account '''mpe@immie.org''', Outgoing server '''requires authentication''', incoming server '''9993''' using '''SSL''', outgoing server '''9465''' using '''SSL''', root folder path '''INBOX''' |
|||
* {{blue|2nd}} Add account, your name '''Michael Peeters''', e-mail address '''michael.peeters@noekeon.org''', type '''IMAP''', incoming server '''localserver''', outgoing '''localserver''', user name '''mip@noekeon.org''', password (see keepassx) — (more settings) Account '''_noekeon.org_''', incoming server '''9143''', outgoing server '''9025''', root folder path '''INBOX''' |
|||
* {{blue|3rd}} ''Options'' → ''Advanced'' → ''Send/Receive...'' → ''Edit...'' → select ''Archives'', and click ''Download headers for subscribed folders''. Idem for other IMAP account |
|||
* {{red|new}} Do not set root folder path (or Android / Outlook will use different ''sent'' folder). |
|||
* {{blue|3rd}} Right click on IMAP folder account → ''IMAP folders...'' → uncheck ''When displaying hierarchy in Outlook, show only subscribed folders''. Then right click again → ''Update Folder List''. Repeat for all IMAP account. |
|||
** Setup ''Send & Receive...'', ''subscribed folders'' and ''purge'' settings. |
|||
* {{blue|3rd}} Select favorite folders |
|||
* {{blue|2nd}} Add account, your name '''Michael Peeters''', e-mail address '''michael.peeters@immie.org''', type '''IMAP''', incoming server '''mail.gandi.net''', outgoing '''mail.gandi.net''', user name '''mpe@immie.org''', password (see keepassx) — (more settings) Account '''michael.peeters@immie.org''', Outgoing server '''requires authentication''', incoming server '''9993''' using '''SSL''', outgoing server '''9465''' using '''SSL''', root folder path '''INBOX''' |
|||
* {{blue|3rd}} Change count from ''show number of unread items'' to ''show total number of items'' (for ''sent'' folders) |
|||
* {{red|new}} Do not set root folder path (or Android / Outlook will use different ''sent'' folder). |
|||
* {{blue|3rd}} Refresh rules (and target folders) (see rules in text install log for nxl67002) |
|||
** Setup ''Send & Receive...'', ''subscribed folders'' and ''purge'' settings. |
|||
* {{blue|3rd}} ''Options'' → ''Mail'' |
|||
** Use '''mail.gandi.net''' for server to avoid 'The target principal name is incorrect'. For this, add to ''hosts'' file: |
|||
<source lang=text> |
|||
10.0.2.2 mail.gandi.net |
|||
</source> |
|||
* {{blue|2nd}} Add account, your name '''Ismael Peeters''', e-mail address '''ismael.peeters@immie.org''', type '''IMAP''', incoming server '''mail.gandi.net''', outgoing '''mail.gandi.net''', user name '''ipe@immie.org''', password (see keepassx) — (more settings) Account '''ismael''', Outgoing server '''requires authentication''', incoming server '''9993''' using '''SSL''', outgoing server '''9465''' using '''SSL''', root folder path '''INBOX''' |
|||
** Setup ''Send & Receive...'', ''subscribed folders'' and ''purge'' settings. |
|||
** Use '''mail.gandi.net''' for server to avoid 'The target principal name is incorrect'. For this, add to ''hosts'' file: |
|||
<source lang=text> |
|||
10.0.2.2 mail.gandi.net |
|||
</source> |
|||
* {{blue|2nd}} Select favorite folders |
|||
* {{blue|2nd}} Change count from ''show number of unread items'' to ''show total number of items'' (for ''sent'' folders) |
|||
* {{blue|2nd}} Refresh rules (and target folders) (see rules in text install log for nxl67002) |
|||
* {{blue|2nd}} ''Options'' → ''Mail'' |
|||
** → ''Reading Pane...'' → '''uncheck''' both '''Mark items as read...'' |
** → ''Reading Pane...'' → '''uncheck''' both '''Mark items as read...'' |
||
** → When replying to a message → ''Prefix each line of the original message'' |
** → When replying to a message → ''Prefix each line of the original message'' |
||
* {{blue| |
* {{blue|2nd}} ''Options'' → ''Calendar'' |
||
** → First day of week '''Monday''' |
** → First day of week '''Monday''' |
||
** → ''Show week numbers in the month view and in the Date Navigator'' |
** → ''Show week numbers in the month view and in the Date Navigator'' |
||
* {{blue| |
* {{blue|2nd}} Select an IMAP folder, then ''Change view'' → ''Manage Views'' → ''Modify...'' → ''Conditional Formatting...''. Add 2 new formatting as follows: |
||
** '''To me only''', color '''maroon''', condition (advanced panel): |
** '''To me only''', color '''maroon''', condition (advanced panel): |
||
<source lang=text> |
<source lang=text> |
||
Line 70: | Line 103: | ||
To contains peeters-ml1@noekeon.org |
To contains peeters-ml1@noekeon.org |
||
</source> |
</source> |
||
* {{blue| |
* {{blue|2nd}} Apply this view on all other IMAP folders |
||
* {{ |
* {{blue|2nd}} Install '''[[Outlook#Send & Save|Send & Save]]''' macro, and ''File → Options Trust Center → Macro Settings'' → '''Enable all macros''' |
||
* {{ |
* {{blue|2nd}} Import old signatures to <tt>C:\Users\beq06659\AppData\Roaming\Microsoft\Signatures</tt>, then ''Options → Mail → Signatures...''', select '''(graphic)''' for new messages, '''(short)''' for replies/forwards. |
||
* {{blue|5th}} Select default signatures for account ''_archives_'' as well. |
|||
* {{red|new}} For each IMAP account, select '''Mark items for deletion but do not move them automatically''' (→ ''Folder'' menu → ''Purge'' → ''Purge Options...'').<br/>This fix the error message <tt>The operation cannot be performed because the object has been deleted</tt>. |
|||
* {{blue|3rd}} Update rules! |
|||
* {{red|new}} Use '''mail.gandi.net''' for IMAP account on gandi.net to avoid 'The target principal name is incorrect', and add name in <tt>hosts</tt> file to point to local server. |
|||
* {{blue|3rd}} Repair IMAP account (delete & create again PST)! |
|||
* {{blue|3rd}} Add Alias accounts (regular alias, but disable ''receive mail'' in ''Send & Receive'' settings) |
|||
* {{blue|3rd}} '''Import''' mail security certificate from nxl67002. |
|||
* {{blue|5th}} send one encrypted mail to enable automatic encryption/sign on forward |
|||
* {{blue|5th}} move exchange .OST file to <tt>d:/nxp/outlook</tt> (see [[Outlook#Move .pst to another location|Outlook page]]) |
|||
* {{blue|7th}} configure '''dialing rules''' (in '''Control Panel''' → '''Phone and Modem'''), so that outlook accepts pluses ('+') in phone numbers. |
|||
* {{blue|7th}} renew ''User Encryption'' certificate and select new certificate for email encryption (see mail ''PKI NXP'' dd 20140120) |
|||
* {{blue|7th}} disable all Auto-Correct features |
|||
* {{blue|8th}} Fix up rules on noekeon + fixup collabnet rules |
|||
* {{blue|9th}} Migration to '''Office 365''' |
|||
* {{blue|9th}} Again, move exchange .OST file to <tt>d:/nxp/outlook</tt> (see [[Outlook#Move .pst to another location|Outlook page]]). Created new profile ''Outlook_on_d'' (set as default). |
|||
* {{red|lightweight only}} disable ''mc-afee addin'' |
|||
|- |
|- |
||
|'''Windows Explorer'''|| |
|'''Windows Explorer'''|| |
||
* ''Folder Options'' → Show '''hidden files''', '''DO NOT hide''' extensions for known file types, '''DO NOT hide''' protected OS files |
* {{green|1st}} ''Folder Options'' → Show '''hidden files''', '''DO NOT hide''' extensions for known file types, '''DO NOT hide''' protected OS files |
||
* {{green| |
* {{green|1st}} Taskbar — Use '''small icons''' |
||
* {{green| |
* {{green|1st}} Pin '''Windows Command Processor (cmd.exe)''' to ''Start Menu'' |
||
* {{ |
* {{green|1st}} Unpin '''Internet Explorer''', '''Windows Explorer''', '''Window Media Player''' |
||
* {{ |
* {{green|1st}} '''Folder options''' — ''Automatically expand to current folder'' |
||
* {{green|1st}} '''Tray''' — Lync 2010 → ''show icon and notifications'' for '''Lync 2010''', '''Sysinternals Process Explorer''' |
|||
* {{blue|3rd}} '''Folder options''' — ''Automatically expand to current folder'' |
|||
* {{blue| |
* {{blue|2nd}} '''Wallpaper''' — ''Pirate Mac.jpg'' (fill) |
||
|- |
|- |
||
|'''Office Lync 2010'''|| |
|'''Office Lync 2010'''|| |
||
* {{ |
* {{green|1st}} Minimize to notification area |
||
* {{ |
* {{green|1st}} ''Display options'' → '''Name View''' |
||
* {{green|1st}} Migration Office 365 completed (via corporate update) + imported old contacts |
|||
* {{red|new}} Fix very slow typing in Lync (maybe due to update 7/7/2014): |
|||
** Either reset audio settings (see [http://social.technet.microsoft.com/Forums/windows/en-US/126c0a0e-0014-4ad9-b81b-ea0765ebef09/lync-2013-with-windows-81-unusably-slow?forum=w8itproappcompat]). Go to ''Control Panel'', then IDT Audio, and reset things everywhere, including in Windows devices. |
|||
** Installed Dell drivers [http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=C6HVR&fileId=3327984030&osCode=&productCode=latitude-6430u-ultrabook&languageCode=&categoryId=AU] {{file|3330_Audio_Driver_C6HVR_WN_1.0.6491.0_A08.EXE}} (although crashed) |
|||
|- |
|- |
||
|'''Windows Command Processor (cmd.exe)'''|| |
|'''Windows Command Processor (cmd.exe)'''|| |
||
* {{green|1st}} '''Pin''' to Start Menu |
|||
* {{blue|3rd}} ''Defaults'' → Buffer size '''500''', Font '''Lucida Console''', layout '''132 x 5000''' '''132 x 50''', '''black on white''' |
|||
* {{green|1st}} ''Defaults'' → Buffer size '''500''', Font '''Lucida Console''', layout '''132 x 5000''' '''132 x 50''', '''black on white''' |
|||
|} |
|||
* {{blue|3rd}} Set shortcut to ''run as administrator'' |
|||
=== {{green|2nd image}} === |
|||
{| class="install_simple_log" |
|||
|- |
|- |
||
|''' |
|'''7-zip'''|| |
||
* {{green|1st}} v9.20, '''no''' localization files, for '''all''' users |
|||
|- |
|||
|'''7-zip'''||v9.20, '''no''' localization files, for '''all''' users |
|||
|- |
|- |
||
|'''Launchy'''|| |
|'''Launchy'''|| |
||
* v2.6 Beta 2 |
* {{green|1st}} v2.6 Beta 2 |
||
* '''Hide''' when it loses focus, '''Always on top''', '''DO NOT''' auto update catalog, '''DO NOT''' check for new versions |
* {{green|1st}} '''Hide''' when it loses focus, '''Always on top''', '''DO NOT''' auto update catalog, '''DO NOT''' check for new versions |
||
* Plugin '''pathy''' (access apps in system path) |
* {{green|1st}} Plugin '''pathy''' (access apps in system path) |
||
|- |
|- |
||
|'''Sysinternals Process Explorer'''|| |
|'''Sysinternals Process Explorer'''|| |
||
* Installed in <tt>C:\Windows</tt> |
* {{green|1st}} Installed in <tt>C:\Windows</tt> |
||
* Select ''Replace Task Manager'', ''Hide When Minimized'', ''Allow Only One Instance''. |
* {{green|1st}} Select ''Replace Task Manager'', ''Hide When Minimized'', ''Allow Only One Instance''. |
||
* Select columns ''IO Read Byte'', ''IO Write Byte'', ''IO Other Byte'', ''IO Delta Read Byte'', ''IO Delta Write Byte'', ''IO Delta Other Byte''. |
* {{green|1st}} Select columns ''IO Read Byte'', ''IO Write Byte'', ''IO Other Byte'', ''IO Delta Read Byte'', ''IO Delta Write Byte'', ''IO Delta Other Byte''. |
||
|- |
|- |
||
|'''Sysinternals Autoruns'''|| |
|'''Sysinternals Autoruns'''|| |
||
* Installed in <tt>C:\Windows</tt> |
* {{green|1st}} Installed in <tt>C:\Windows</tt> |
||
* v9.20, '''no''' localization files. |
* {{green|1st}} v9.20, '''no''' localization files. |
||
|- |
|- |
||
|'''MS Office Visio Professional 2010 SP1 EN'''|| |
|'''MS Office Visio Professional 2010 SP1 EN'''|| |
||
* {{green|1st}} Via NXP Advertised program (requested via wbi portal) |
|||
* {{blue|7th}} Install UML 2.2 stencils from [http://www.softwarestencils.com/index.html softwarestencils] into {{file|\data\My Shapes\Software and Database\UML 2.2}} (+ edit stencils / templates path in visio). |
|||
* {{blue|7th}} Enable ''Developer Mode'' |
|||
* {{blue|7th}} Add styles button in ribbon |
|||
* {{blue|7th}} In ''View'' ribbon → ''Visual Aids'' (small arrow) → Enable '''Snap to shape vertices''' and '''Glue to shape vertices''' |
|||
* {{blue|7th}} disable all Auto-Correct features |
|||
|- |
|- |
||
|'''MS Office Word 2010 SP1 EN'''|| |
|||
|'''Euroglot Professional 7.6.3 EN'''||Via NXP Advertised program (requested via wbi portal) |
|||
* {{blue|7th}} New shortcut, {{kb|A-S-s}} for ''apply Body text style'' |
|||
|} |
|||
* {{blue|7th}} Add ''Style combo box'' in ''Quick Access Toolbar'' |
|||
* {{blue|7th}} Show measurements in units of ''point'' |
|||
* {{blue|7th}} Style area pane width in Draft and Outline view ''45pt'' |
|||
* {{blue|7th}} Show [http://msdn.microsoft.com/en-us/library/bb608625.aspx ''developer tab''] in the ribbon |
|||
* {{blue|7th}} Enable all macro (because NXP signed macros do not work!) |
|||
* {{blue|7th}} Install [http://nww.nxp.com/smo/tds/html/Reference/Downloads_templates.html NXP TDM templates] in <tt>C:\Users\beq06659\AppData\Roaming\Microsoft\Templates\NXP TDM</tt> (as explained in ''How_to_use_TDM_Word_templates_v2.9.x_20110512'')<br/>(from <tt>D:\documents\nxp\templates\nxp_customer_documentation_templates</tt>) |
|||
** {{blue|7th}} Fixed [[Word#Fixing_Bullets_in_Words|list bullet style]] |
|||
* {{blue|7th}} disable all Auto-Correct features |
|||
* {{red|new}} Uncheck option ''Remove Personal Information from File Properties on Save'' |
|||
* {{red|new}} Disable AutoFormat As You Type option''"Straight quotes" with ``smart quotes,,'' (equation editor work-around) |
|||
* {{red|new}} Update NXP TDM Templates (for user beq06659) |
|||
* {{red|to do}} Plugin [http://www.viemu.com/ ViEmu for Word & Outlook] |
|||
|- |
|||
|'''Euroglot Professional 7.6.3 EN'''|| |
|||
* {{green|1st}} Via NXP Advertised program (requested via wbi portal) |
|||
|- |
|||
|'''Opera'''|| |
|||
* {{blue|7th}} Upgrade to v17 |
|||
* {{blue|2nd}} Set <tt>http://nxl67170ux:8118</tt> as proxy (all protocol) |
|||
* {{blue|2nd}} Add Collabnet client-side authentication certificate |
|||
* {{blue|2nd}} Recover opera profile from WinXP image (keyboard/, sessions/, skin/, styles/user.css, toolbar/, bookmarks.adr, notes.adr, search.ini, speeddial.ini, operaprefs.ini (merged)) |
|||
* {{blue|2nd}} Set master password, and ''use it to protect saved passwords'' |
|||
* {{blue|3rd}} Remove old sessions (incl. <tt>autosave.win</tt>) |
|||
* {{red|to do}} Add exceptions for proxy: |
|||
leu-phil1.be-leu01.nxp.com |
|||
leu-phil2.be-leu01.nxp.com |
|||
|- |
|||
|'''PDF X-Change Vewer'''|| |
|||
* {{green|1st}} v2.5.210 |
|||
* {{green|1st}} '''NO''' live update, '''NO''' addins |
|||
* {{red|to do}} New review styles (green highlight) |
|||
|- |
|||
|'''Vim'''|| |
|||
* {{green|1st}} v7.3-789 (from [http://sourceforge.net/projects/cream/files/ Cream sourceforge]) (32-bit version) |
|||
* {{blue|2nd}} Import basic config from Linux, but far from perfect |
|||
* {{blue|3rd}} '''ISSUE''' no context menu !!! — '''{{green|FIXED}}''' Copy 64-bit version of [http://code.google.com/p/vim-win3264/wiki/Win64Binaries <tt>gvimext.dll</tt>] to <tt>C:\Program Files\vim\vim73\gvimext.dll</tt> (create directory first), and import: |
|||
<source lang=reg> |
|||
Windows Registry Editor Version 5.00 |
|||
[HKEY_CLASSES_ROOT\CLSID\{51EEE242-AD87-11d3-9C1E-0090278BBD99}] |
|||
@="Vim Shell Extension" |
|||
[HKEY_CLASSES_ROOT\CLSID\{51EEE242-AD87-11d3-9C1E-0090278BBD99}\InProcServer32] |
|||
=== {{blue|3rd image}} === |
|||
@="C:\\Program Files\\vim\\vim73\\gvimext.dll" |
|||
"ThreadingModel"="Apartment" |
|||
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] |
|||
"{51EEE242-AD87-11d3-9C1E-0090278BBD99}"="Vim Shell Extension" |
|||
[HKEY_LOCAL_MACHINE\SOFTWARE\Vim\Gvim] |
|||
"path"="C:\\Program Files (x86)\\vim\\vim73\\gvim.exe" |
|||
</source> |
|||
Note that we tell <tt>gvimext.dll</tt> to use 32-bit version of <tt>gvim.exe</tt>. More solutions at [http://superuser.com/questions/37495/wheres-my-open-with-gvim-context-menu-option-in-windows-7], [http://davidvielmetter.com/tricks/context-menu-issues-with-gvim-in-windows-7-x64/], but the shellex DLL offers more flexibility. |
|||
* {{blue|5th}} Share configuration with cygwin (see [[Vim#Windows]]) |
|||
|- |
|||
|'''Internet Explorer'''|| |
|||
* {{blue|3rd}} Use custom '''proxy.pac''' at <tt>C:\Users\beq06659\proxy.pac</tt> |
|||
* {{blue|7th}} Do '''NOT''' ''Automatically detect settings'' (Local Area Network (LAN) Settings) |
|||
|- |
|||
|'''Windows Update'''|| |
|||
* {{blue|4th}} Update as of 2013-04-15 |
|||
|} |
|||
=== {{blue|Installed in 2nd Image}} === |
|||
{| class="install_simple_log" |
{| class="install_simple_log" |
||
|- |
|- |
||
|''' |
|'''Nokia PC Suite'''|| |
||
* {{blue|2nd}} v7.1 — Tried on native image, or on a clean VM Windows 7 Pro, works flawless |
|||
* Set <tt>http://nxl67170ux:8118</tt> as proxy (all protocol) |
|||
* {{red|new}} Add Collabnet client-side authentication certificate |
|||
* {{red|new}} Recover opera profile from WinXP image (skin/, toolbar/, keyboard/, styles/user.css, sessions/, bookmarks.adr, speeddial.ini, notes.adr, search.ini, merge operaprefs.ini |
|||
|- |
|- |
||
|''' |
|'''Virtualbox Additions'''|| |
||
* {{blue|2nd}} v4.2.10 |
|||
v2.5.210 |
|||
* {{blue|4th}} v4.2.12 |
|||
* '''NO''' live update, '''NO''' addins |
|||
* {{blue|7th}} v4.10 (still no direct3d) |
|||
|- |
|- |
||
|'''PrimoPDF'''|| |
|'''PrimoPDF'''|| |
||
* {{blue|2nd}} v5.1.0.2 — '''DO NOT''' install '''Nitro PDF Reader'''! try it? |
|||
v5.1.0.2 |
|||
* {{blue|8th}} Set paper size = '''A4''' in the default printing preference (control panel) |
|||
* '''{{red|bloat}}''' automatically installed '''Nitro PDF Reader'''! try it? |
|||
|} |
|||
=== {{blue|Installed in 3rd and upcoming Images}} === |
|||
{| class="install_simple_log" |
|||
|- |
|- |
||
|''' |
|'''WinDirStat'''|| |
||
* {{blue|3rd}} installed |
|||
v7.3-789 (from [http://sourceforge.net/projects/cream/files/ Cream sourceforge]) |
|||
|- |
|||
* Import basic config from Linux, but far from perfect |
|||
|'''Flash player plugin'''|| |
|||
* '''{{red|issue}}''' no context menu !!! |
|||
* {{blue|5th}} flash player plugin (for opera) |
|||
|- |
|||
|'''Cygwin'''|| |
|||
* {{blue|5th}} See [[#Cygwin]] section below |
|||
* {{blue|7th}} See [[#Cygwin]] <code>git pull origin</code> in home folder |
|||
|- |
|||
|'''QPST'''||{{blue|(NXP Telematics ATOP dev)}} |
|||
* {{blue|5th}} v2.7.399 |
|||
|- |
|||
|'''QXDM'''||{{blue|(NXP Telematics ATOP dev)}} |
|||
* {{blue|5th}} v. 03.14.474 — From <tt>\\beqleunxp1ms233.be-leu01.nxp.com\PRO-NXP\_Automotive\13555.Telematics_Roadtolling\QC tools & docs</tt> (also <tt>atop35_B/Tools/QXDM</tt>) |
|||
* Check README at <tt>atop_35g/docs/Option/readme.txt</tt>. |
|||
* '''Start''' QXDM, and close all sub windows. |
|||
* '''Set''' ''option→communication→Target Port'' to your ''diagnostics port'' (needs to be enabled in QPST configuration), then '''click''' ''OK''. |
|||
* '''Press''' {{kb|C-F5}} (message view configuration), '''unselect''' all messages, then in ''log packets → discovered items'', '''select''' ''0x0001'' (this is the J9 trace log messages). |
|||
* '''Press''' {{kb|F3}} (message view). After a while you should see the J9 messages. |
|||
* Copy ''ATOPDB'' folder to Qualcomm QXDM data directory (on win7, copy it to <tt>%PUBLIC%\Documents\Qualcomm\QXDM\Database\ATOPDB</tt>) |
|||
|- |
|||
|'''QC USB Drivers'''||{{blue|(NXP Telematics ATOP dev)}} |
|||
* {{blue|5th}} {{green|''atop 35G_B only''}} — Unpack file HK11-NA430-2.zip (or check atop tree at <tt>./Tools/USBDrivers</tt>). Plug the atop board, wait for windows pop-up, and select <tt>.\fre\XP-Vista</tt> as location for the driver. If there is no pop ud, open up ''device manager'', and right-click on each new devices, and select ''update driver software...''. |
|||
|} |
|} |
||
=== {{red|New}} === |
=== {{red|Installed in New / Candidate Image}} === |
||
{| class="install_simple_log" |
{| class="install_simple_log" |
||
|- |
|- |
||
|'''tbc'''|| |
|||
|'''Flash Player'''||v11.32 (64bit) — no automatic updates |
|||
* {{red|candidate}} tbc |
|||
|} |
|} |
||
== |
=== Not Yet Installed === |
||
{| class="install_simple_log" |
|||
=== 1st image === |
|||
|- |
|||
* Got PC from IT |
|||
|'''Picasa 3'''|| |
|||
* Disabled BitLocker |
|||
* Was installed on NXL67002 |
|||
* Removed restore points, hibernat.sys, cache file, etc. |
|||
|} |
|||
* Shrink partition (1st via DISKPART.EXE then ntfsresize) |
|||
* ntfsclone |
|||
== P2V == |
|||
* {{green|1st}} Got PC from IT (2013-02-19) |
|||
* {{green|1st}} Disabled BitLocker |
|||
* {{green|1st}} Removed restore points, hibernat.sys, cache file, etc. |
|||
* {{green|1st}} Shrink partition (1st via DISKPART.EXE then ntfsresize) |
|||
* {{green|1st}} ntfsclone |
|||
* {{blue|2nd}} Fix bad BCD (Windows Boot Manager Error) — Boot once with Windows Recovery CD, and let auto-repair run |
|||
* {{blue|2nd}} Fix bad BCD (BSOD 0x0000007B) — Boot again with Windows Recovery CD, go to command prompt: |
|||
<source lang=winbatch> |
|||
bcdedit /export C:\BCD_Backup |
|||
ren c:\boot/BCD bcd2.old |
|||
bootrec /rebuildbcd |
|||
</source> |
|||
* {{blue|2nd}} Fix missing drivers (BSOD 0x0000007B) — Still within Windows Recovery CD, start '''regedit''': |
|||
<source lang=reg> |
|||
Windows Registry Editor Version 5.00 |
|||
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000] |
|||
"InfPath"="mshdc.inf" |
|||
"InfSection"="msahci_Inst" |
|||
"ProviderName"="Microsoft" |
|||
"DriverDateData"=hex:00,80,8c,a3,c5,94,c6,01 |
|||
"DriverDate"="6-21-2006" |
|||
"DriverVersion"="6.1.7600.16385" |
|||
"MatchingDeviceId"="pci\\cc_010601" |
|||
"DriverDesc"="Standard AHCI 1.0 Serial ATA Controller" |
|||
"Migrated"=dword:00000001 |
|||
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\Control\PnP] |
|||
"DisableCDDB"=- |
|||
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\services\atapi] |
|||
"Start"=dword:00000000 |
|||
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\services\msahci] |
|||
"Start"=dword:00000000 |
|||
</source> |
|||
* {{blue|2nd}} Boot virtual box, and ***wait*** for all devices to be detected. |
|||
* {{blue|2nd}} '''DO NOT''' reboot when prompted, but instead start '''regedit''' again: |
|||
<source lang=reg> |
|||
Windows Registry Editor Version 5.00 |
|||
[HKEY_LOCAL_MACHINE\nxl_SYSTEM\ControlSet001\Control\PnP] |
|||
"DisableCDDB"=- |
|||
</source> |
|||
== System Settings == |
|||
=== {{green|2nd image}} === |
|||
{| class="install_simple_log" |
{| class="install_simple_log" |
||
|- |
|- |
||
|Tuning|| |
|||
|Registry - SYSTEM|| |
|||
* {{green|1st}} Disable '''Windows Search'''<br/>via ''Control Panel'' → ''Programs and Features'' → ''Turn Windows features on or off'' → ''Windows Search'' |
|||
* Import registry from another virtual machine |
|||
* {{blue|2nd}} Disable '''McAfee''' (drivers, services, start app)<br/>Easiest way is to attach drive to another Win7 vbox, and use '''autoruns''' to edit remote system. |
|||
* Disable services (match virgin win 7 config) — TBC |
|||
* {{blue|3rd}} '''Delete''' C:\Users\Administrator\AppData\Local\Temp |
|||
* TBC |
|||
* {{blue|5th}} Update <tt>screensaver-disable.reg</tt> on C: |
|||
* {{blue|7th}} Update disable*_ and enable_* scripts on C:\Temp\Custom Config |
|||
* {{red|lightweight only}} '''Disable''' McAfee services (see <tt>C:\Temp\Custom config\Disable_McAfee_On_Remote.reg</tt>) |
|||
* {{red|lightweight only}} '''Disable''' various services (see <tt>C:\Temp\Custom config\Disable_Services_On_Remote.reg</tt>) |
|||
* {{red|lightweight only}} '''Disable''' screensaver: |
|||
<source lang=reg> |
|||
Windows Registry Editor Version 5.00 |
|||
[HKEY_CURRENT_USER\Control Panel\Desktop] |
|||
"ScreenSaverIsSecure"="0" |
|||
"ScreenSaveTimeOut"="1200" |
|||
"ScreenSaveActive"="1" |
|||
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop] |
|||
"ScreenSaveActive"=- |
|||
"ScreenSaverIsSecure"=- |
|||
"ScreenSaveTimeOut"=- |
|||
</source> |
|||
* {{blue|8th}} Update tuning scripts at {{file|C:\Temp\custom-config}}. |
|||
* {{blue|9th}} Update tuning scripts at {{file|C:\Temp\custom-config}}. |
|||
|- |
|- |
||
|Misc|| |
|||
|Tuning||Disable '''Windows Search'''<br/>via ''Control Panel'' → ''Programs and Features'' → ''Turn Windows features on or off'' → ''Windows Search'' |
|||
* {{blue|2nd}} Open all ''office apps, and check activation is ok |
|||
* {{blue|3rd}} Enable '''[[Windows Administration#Enable Login Verbose Status|VerboseStatus]]''' |
|||
* {{blue|5th}} Add shortcut to <tt>C:\Users\beq06659\AppData\Local\Microsoft\Outlook</tt> on Desktop (for quick delete of .ost file) |
|||
* {{blue|7th}} Move ''Desktop'' shell folders to <tt>D:\documents\desktop</tt> (via registry, see [[Windows 7]]) |
|||
* {{blue|7th}} Install script [[Windows 7|<tt>remount-admin.vbs</tt>]] (remount mapped drives for admin) |
|||
* {{blue|7th}} Set ''Primo PDF'' as default printer (to avoid long timeout when Office starts) |
|||
|- |
|- |
||
|Fonts|| |
|||
|Misc||Open all ''office apps, and check activation is ok |
|||
* {{blue|2nd}} {{blue|2nd}} Installed '''Bitstream Vera''', '''Fontin''', '''Diavlo''', '''Signika''' fonts |
|||
* {{red|to do}} Installed '''jsMath fonts''' ([http://www.math.union.edu/~dpvc/jsMath/download/TeX-fonts-20.zip Windows-darkness 20 file], see [http://www.math.union.edu/~dpvc/jsMath/download/jsMath-fonts.html here]) |
|||
* {{red|to do}} Added all '''jsMath extra fonts''' ([http://www.math.union.edu/~dpvc/jsmath/download/extra-fonts/welcome.html dark version from this page]) |
|||
|- |
|||
|Network|| |
|||
* {{blue|7th}} Add to <tt>hosts</tt> file: |
|||
<source lang=text> |
|||
10.0.2.2 localproxy |
|||
10.0.2.2 localserver |
|||
10.0.2.2 nxl67170ux |
|||
10.0.2.2 mail.gandi.net # To avoid 'The target principal name is incorrect' error msg in Outlook |
|||
92.120.126.14 caprica # Telematics QNAP Server |
|||
92.120.126.15 marmaduke # Telematics QNAP Server |
|||
127.0.0.1 wbi.nxp.com |
|||
92.120.126.24 leu-phil1.be-leu01.nxp.com |
|||
92.120.126.25 leu-phil2.be-leu01.nxp.com |
|||
</source> |
|||
* {{blue|7th}} Install ProNet certificates (see {{file|ASPEX_CA.pfx}} or mail Chris Erven, dd. 2014/2/24). |
|||
* {{red|new}} Prevent creation of <tt>Zone.Identifier:$DATA</tt> files. Start ''gpedit.msc'', User configuration → Administrative templates → Windows component → Attachment manager → Do not preserve zone information in file attachment = Enabled [http://askubuntu.com/questions/65101/what-are-these-files-like-zone-identifierdata-and-how-to-prevent-them] |
|||
|- |
|||
|Update|| |
|||
* {{blue|2nd}} Restore corporate env. to get latest updates (incl. Office 365 migration for Lync) |
|||
|- |
|||
|Region and Language|| |
|||
* {{blue|3rd}} '''Uninstall''' Chinese (Simplified), Chinese (Tradional), Japanese, Korean (free 2.3GB) |
|||
* {{blue|3rd}} '''Copy''' current locale settings to startup screen |
|||
* {{blue|9th}} Update keyboard Belgian on US keyboard (<tt>befrusgr</tt>), including {{kb|AltGr-,}} and {{kb|mu}} for {{kb|\}}. |
|||
* {{red|new}} Use '''Caps Lock''' as another '''Escape''' key (see [http://vim.wikia.com/wiki/Map_caps_lock_to_escape_in_Windows Map caps lock to escape in Windows]). Import the registry file (Win7/Win8): |
|||
<source lang=reg> |
|||
Windows Registry Editor Version 5.00 |
|||
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout] |
|||
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,3a,00,46,00,01,00,3a,00,00,00,00,00 |
|||
</source> |
|||
|} |
|} |
||
== Cygwin == |
|||
See [[Nxl67063]] for reference configuration. |
|||
TBC |
|||
{| class="install_simple_log" |
|||
=== {{red|New}} === |
|||
|- |
|||
* Add to <tt>hosts</tt> file: |
|||
|'''Base system''' (<tt>vim</tt>)|| |
|||
<source lang=text> |
|||
* {{blue|5th}} Cygwin 1.7.20-1 |
|||
10.0.2.2 localproxy |
|||
* {{blue|5th}} Set group and passwd: |
|||
10.0.2.2 localserver |
|||
<source lang="bash"> |
|||
10.0.2.2 nxl67170ux |
|||
mkgroup -l > /etc/group |
|||
10.0.2.2 mail.gandi.net # To avoid 'The target principal name is incorrect' error msg in Outlook |
|||
mkgroup -d -g "Domain Users" >> /etc/group |
|||
mkpasswd -l > /etc/passwd |
|||
mkpasswd -d -u beq06659 >> /etc/passwd |
|||
</source> |
|||
* {{blue|5th}} Define environment variable in system properties |
|||
* {{blue|5th}} Import home configuration with git |
|||
* {{blue|5th}} Create symlinks to drives (we do not use the fstab or --change-cygdrive-prefix trick because there is no way for scripts to get the cygdrive prefix. Moreover even if it was possible, there is a big chance that scripts would still hardcode ''<tt>/cygdrive</tt>'' as the default prefix. A better and more portable solution is to leave the default prefix to ''<tt>/cygdrive</tt>'', and create symbolic links in root dir) |
|||
<source lang="bash"> |
|||
for i in c d h; do ln -sf /cygdrive/$i /$i; done |
|||
</source> |
</source> |
||
|- |
|||
|'''Git''' (<tt>git git-svn git-completion</tt>)|| |
|||
* {{blue|5th}} |
|||
|- |
|||
|'''SSH''' (<tt>openssh</tt>)|| |
|||
* {{blue|5th}} |
|||
|- |
|||
|'''Midnight commander''' (<tt>mc</tt>)|| |
|||
* {{blue|5th}} |
|||
|} |
|||
== VirtualBox settings == |
|||
;Shared folders |
|||
* {{green|1st}} <tt>/home/beq06659</tt>, auto-mount, read-only |
|||
* {{green|1st}} <tt>/data/d</tt>, '''NO''' auto-mount (auto by windows), full |
|||
;USB Device Filters |
|||
* {{blue|5th}} {{blue|(NXP Telematics ATOP dev)}} Add filter for ''NXP Semiconductors NXP ATOP USB'' |
|||
;Firewall |
|||
* Input filter — Netword card attached to '''NAT''' |
|||
* Output filter — Done on Linux host. Add at the end of {{file|/etc/ufw/before.rules}} (before <code>COMMIT</code> line) |
|||
<source lang=bash> |
|||
# VIRTUALBOX - Block output connection for user vbox |
|||
# Don't create chains with -N, but use this syntax: |
|||
:vbox-output - [0:0] |
|||
:vbox-output-logging-deny - [0:0] |
|||
:vbox-output-logging-allow - [0:0] |
|||
-A ufw-before-output -m owner --uid-owner 7000 -j vbox-output |
|||
# We accept everything going to ports DNS/Kerberos/Netbios/LDAP |
|||
# We reject all connections to intranet (with logging), but allow 92.120.124.210 (online) and 92.120.124.197, port 1025 (for Lync?) |
|||
# And by default, we allow |
|||
# 92.120.124.197 = beqleunxp1dc100.wbi.nxp.com. |
|||
# 92.120.124.210 = online.be-leu01.nxp.com |
|||
-A vbox-output -p tcp -m multiport --dports 88,135,139,445 -j ACCEPT |
|||
-A vbox-output -p udp -m multiport --dports 53,137,138 -j ACCEPT |
|||
-A vbox-output -p tcp -d 92.120.124.210 -j vbox-output-logging-allow |
|||
-A vbox-output -p tcp -d 92.120.124.197 --dport 1025 -j vbox-output-logging-allow |
|||
-A vbox-output -d 92.120.0.0/16 -j vbox-output-logging-deny |
|||
-A vbox-output -j ACCEPT |
|||
-A vbox-output-logging-deny -j LOG --log-prefix "[UFW BLOCK] [VBOX] " |
|||
-A vbox-output-logging-deny -j REJECT |
|||
-A vbox-output-logging-allow -j LOG --log-prefix "[UFW ALLOW] [VBOX] " |
|||
-A vbox-output-logging-allow -j ACCEPT |
|||
</source> |
|||
:*Summary on how these rules where generated: |
|||
::* Boot virtual image while watching ufw log (<code>tail -f /var/log/ufw.log|grep "\[VBOX\]"</code>) |
|||
::* Many connections to DNS / LDAP (port 53,389) and NetBIOS (135,137,138,139 and 445) |
|||
::* Many Kerberos authentication requests - blocking these considerably slow down login sequence |
|||
::* For now, we are just blocking intranet (92.120.*.*), except some sites. |
|||
== Remarks == |
== Remarks == |
||
* '''Install advertised program'''<br/>This works even if policy deleted (winlogon was running though), network interface set to ''NAT'', and with most service disabled ( |
* '''Install advertised program'''<br/>This works even if policy deleted (winlogon was running though), network interface set to ''NAT'', and with most service disabled (but ''smshost'' and ''ccmexec'' services must be running). |
||
== To Do == |
== To Do == |
||
Line 191: | Line 496: | ||
net use D: \\vboxsrv\d |
net use D: \\vboxsrv\d |
||
</source> |
</source> |
||
* '''{{red| |
* '''{{red|Issue}}''' — Opera does not work with custom proxy.pac file. |
||
* '''{{red|Issue}}''' — '''Nokia PC Suite''', only detect & connect if I detach then reattach USB BCM20702A0 |
|||
** Setup nokia - outlook sync via bluetooth |
|||
* '''{{red|Issue}}''' — ''HOMEDRIVE'' and ''HOMEPATH'' always pointing at network share, causing lags when disconnected. |
|||
** import old nxp signatures |
|||
:See [http://superuser.com/questions/255776/overriding-homedrive-and-homepath-as-a-windows-7-user] for potential workarounds |
|||
** move .ost to d: drive (or find a solution that outlook always complaining .ost is old) |
|||
* '''{{red|Issue}}''' — Tuning settings reverted every 10 min or so (like ''CcmExec'' or ''wuauserv'' re-enabled) |
|||
** sent mail macro + File --> Options Trust Center --> Macro Settings --> Enable all macros |
|||
** Add firewall rules to filter vbox output connection - to no avail so far |
|||
** find a f*cking rss reader that can save into IMAP (check rss2email or feed2imap) |
|||
** Check process {{file|taskeng.exe}} and {{file|wscript.exe}} |
|||
* '''{{blue|Doing}}''' |
|||
** This task executes a file at {{file|\\wbi\sysvol\wbi.nxp.com\Policies\{916532D9-BDF8-46FE-A77B-F84124C54878}\Machine\Scripts\Startup}}. How come it is accessible despites the firewall? offline storage / access outside intranet / using one of the allowed port? |
|||
** regedit, set DisableManaualArchive to 0 (trying to archive calendar manually) -- useless |
|||
** Found reference to this script in registry at {{file|HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy}} and {{file|HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Group Policy}}. |
|||
** exported calendar to separate .ST |
|||
** Fixed? In lightweight image, add a command to disable the scheduled task, and purge registry from policy settings (see {{file|Customize_config.bat}}) |
|||
'''{{red|To Do}}''' |
|||
'''{{blue|Questions}}''' |
|||
* '''Outlook''' — macro always enabled. Any better solution? |
|||
* '''Outlook''' — move .ost to d: drive (or find a solution that outlook always complaining .ost is old) |
|||
* '''Outlook''' — find a rss reader that can save into IMAP (check rss2email or feed2imap) |
|||
* '''System''' — Enable '''page file'''? |
|||
* Merge history from file win7_P2V_links.txt, and written notes. |
|||
* Recover application settings from old profile |
|||
=== Done & Fixed === |
=== Done & Fixed === |
||
* '''{{green|Fixed}}''' |
* '''{{green|Fixed}}''' — ''Office Lync 2010'''— Fix very slow typing in Lync (maybe due to update 7/7/2014): |
||
** Either reset audio settings (see [http://social.technet.microsoft.com/Forums/windows/en-US/126c0a0e-0014-4ad9-b81b-ea0765ebef09/lync-2013-with-windows-81-unusably-slow?forum=w8itproappcompat]). Go to ''Control Panel'', then IDT Audio, and reset things everywhere, including in Windows devices. |
|||
* '''{{green|Done}}''' — Description |
|||
** Installed Dell drivers [http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=C6HVR&fileId=3327984030&osCode=&productCode=latitude-6430u-ultrabook&languageCode=&categoryId=AU] {{file|3330_Audio_Driver_C6HVR_WN_1.0.6491.0_A08.EXE}} (although crashed) |
Latest revision as of 08:57, 7 July 2016
Introduction
This is the configuration page for the Windows 7 partition on NXL67170.
Available Images
- (1st image as-of 2012-02-19 deleted)
- Image 1 (ntfsclone) — 2013-03-20 — Native, as received from IT with some additional software (Visio, Euroglot...), but without any virtualization .
- Image 2 (ntfsclone) — Last backup image. Contains additional software, custom settings and virtualization.
- Image 3 (vbox snapshot) — 1st virtualbox snapshot, state as on harddrive image. Content of the next backup image. Last known good version, VM is reverted to that image if Candidate image is broken
- Next images are named Image 4, Image 5...
- Candidate (vbox snapshot) — Last permanent image, VM is reverted to that image regularly to get SW updates, and apply last changes from new. All services enabled. Merged into Image 3 if proven stable.
- Lightweight (vbox snapshot) — Lightweight version of candidate (many serviced and AV disabled). Contains last bleeding-edge changes. VM already started. VM is reverted to that image on a daily basis.
Before Deleting Snapshots
- Backup Personal certificates (save them to ~/Documents/archive.noidx/backup_and_log/nxl67170-latitude_e5430/certificates, see README.TXT for instructions)
- Backup Office templates (from C:\Users\beq06659\AppData\Roaming\Microsoft\Templates to ~/Documents/archive.noidx/backup_and_log/nxl67170-latitude_e5430)
Daily process
- Boot lightweight snapshot.
- Apply last changes during last session (marked new), and update lightweight snapshot (replace previous one).
- Enjoy
Weekly process
- Merge candidate snapshot into image 3.
- Boot the new image 3
- Apply last changes applied in image lightweight, and download last SW update, etc.
- Create new candidate snapshot
- Apply non-permanent changes (lightweight, see below), and create new lightweight snapshot.
How to create a Lightweight image from a standard one
- Boot image using Windows recovery DVD and start regedit.exe
- Mount SYSTEM hive as
remote_SYSTEM
- Mount SOFTWARE hive as
remote_SOFTWARE
- Import registry files c:\temp\custom_config\*_On_Remote.reg.
- Edit hosts file, and add / uncomment line
127.0.0.1 wbi.nxp.com
- Restart, and run asap the file c:\temp\custom_config\Customize_config.bat as administrator.
- Make sure that the network interface is set to NAT, and that the CD-ROM is removed before making the snapshot.
- In Outlook, disable de McAfee Add-in.
Monthly process
- Backup image 3
Configuration Files
All configuration files can be found here.
Installed Applications
List of applications installed in each image, by order of first appearance, and their configuration settings.
Note: 1st, 2nd, new, etc. indicate that the settings was applied in the given image, and not in the image under which the application is listed (to track settings changed after image was taken).
Installed in 1st Image
Outlook 2010/2013 (Office 365) |
10.0.2.2 mail.gandi.net
10.0.2.2 mail.gandi.net
To is (exactly) Michael Peeters
To is (exactly) Michaël Peeters
To is (exactly) michael.peeters@nxp.com
To is (exactly) michael.peeters@noekeon.org
To is (exactly) michael.peeters@immie.org
To is (exactly) peeters-ml1@noekeon.org
To contains Michael Peeters
To contains Michaël Peeters
To contains michael.peeters@nxp.com
To contains michael.peeters@noekeon.org
To contains michael.peeters@immie.org
To contains peeters-ml1@noekeon.org
|
Windows Explorer |
|
Office Lync 2010 |
|
Windows Command Processor (cmd.exe) |
|
7-zip |
|
Launchy |
|
Sysinternals Process Explorer |
|
Sysinternals Autoruns |
|
MS Office Visio Professional 2010 SP1 EN |
|
MS Office Word 2010 SP1 EN |
|
Euroglot Professional 7.6.3 EN |
|
Opera |
leu-phil1.be-leu01.nxp.com leu-phil2.be-leu01.nxp.com |
PDF X-Change Vewer |
|
Vim |
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{51EEE242-AD87-11d3-9C1E-0090278BBD99}]
@="Vim Shell Extension"
[HKEY_CLASSES_ROOT\CLSID\{51EEE242-AD87-11d3-9C1E-0090278BBD99}\InProcServer32]
@="C:\\Program Files\\vim\\vim73\\gvimext.dll"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{51EEE242-AD87-11d3-9C1E-0090278BBD99}"="Vim Shell Extension"
[HKEY_LOCAL_MACHINE\SOFTWARE\Vim\Gvim]
"path"="C:\\Program Files (x86)\\vim\\vim73\\gvim.exe"
Note that we tell gvimext.dll to use 32-bit version of gvim.exe. More solutions at [4], [5], but the shellex DLL offers more flexibility.
|
Internet Explorer |
|
Windows Update |
|
Installed in 2nd Image
Nokia PC Suite |
|
Virtualbox Additions |
|
PrimoPDF |
|
Installed in 3rd and upcoming Images
WinDirStat |
|
Flash player plugin |
|
Cygwin | |
QPST | (NXP Telematics ATOP dev)
|
QXDM | (NXP Telematics ATOP dev)
|
QC USB Drivers | (NXP Telematics ATOP dev)
|
Installed in New / Candidate Image
tbc |
|
Not Yet Installed
Picasa 3 |
|
P2V
- 1st Got PC from IT (2013-02-19)
- 1st Disabled BitLocker
- 1st Removed restore points, hibernat.sys, cache file, etc.
- 1st Shrink partition (1st via DISKPART.EXE then ntfsresize)
- 1st ntfsclone
- 2nd Fix bad BCD (Windows Boot Manager Error) — Boot once with Windows Recovery CD, and let auto-repair run
- 2nd Fix bad BCD (BSOD 0x0000007B) — Boot again with Windows Recovery CD, go to command prompt:
bcdedit /export C:\BCD_Backup
ren c:\boot/BCD bcd2.old
bootrec /rebuildbcd
- 2nd Fix missing drivers (BSOD 0x0000007B) — Still within Windows Recovery CD, start regedit:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000]
"InfPath"="mshdc.inf"
"InfSection"="msahci_Inst"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,8c,a3,c5,94,c6,01
"DriverDate"="6-21-2006"
"DriverVersion"="6.1.7600.16385"
"MatchingDeviceId"="pci\\cc_010601"
"DriverDesc"="Standard AHCI 1.0 Serial ATA Controller"
"Migrated"=dword:00000001
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\Control\PnP]
"DisableCDDB"=-
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\services\atapi]
"Start"=dword:00000000
[HKEY_LOCAL_MACHINE\remote_SYSTEM\ControlSet001\services\msahci]
"Start"=dword:00000000
- 2nd Boot virtual box, and ***wait*** for all devices to be detected.
- 2nd DO NOT reboot when prompted, but instead start regedit again:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\nxl_SYSTEM\ControlSet001\Control\PnP]
"DisableCDDB"=-
System Settings
Tuning |
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Control Panel\Desktop]
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="1200"
"ScreenSaveActive"="1"
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop]
"ScreenSaveActive"=-
"ScreenSaverIsSecure"=-
"ScreenSaveTimeOut"=-
|
Misc |
|
Fonts |
|
Network |
10.0.2.2 localproxy
10.0.2.2 localserver
10.0.2.2 nxl67170ux
10.0.2.2 mail.gandi.net # To avoid 'The target principal name is incorrect' error msg in Outlook
92.120.126.14 caprica # Telematics QNAP Server
92.120.126.15 marmaduke # Telematics QNAP Server
127.0.0.1 wbi.nxp.com
92.120.126.24 leu-phil1.be-leu01.nxp.com
92.120.126.25 leu-phil2.be-leu01.nxp.com
|
Update |
|
Region and Language |
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,3a,00,46,00,01,00,3a,00,00,00,00,00
|
Cygwin
See Nxl67063 for reference configuration.
Base system (vim) |
mkgroup -l > /etc/group
mkgroup -d -g "Domain Users" >> /etc/group
mkpasswd -l > /etc/passwd
mkpasswd -d -u beq06659 >> /etc/passwd
for i in c d h; do ln -sf /cygdrive/$i /$i; done
|
Git (git git-svn git-completion) |
|
SSH (openssh) |
|
Midnight commander (mc) |
|
VirtualBox settings
- Shared folders
- 1st /home/beq06659, auto-mount, read-only
- 1st /data/d, NO auto-mount (auto by windows), full
- USB Device Filters
- 5th (NXP Telematics ATOP dev) Add filter for NXP Semiconductors NXP ATOP USB
- Firewall
- Input filter — Netword card attached to NAT
- Output filter — Done on Linux host. Add at the end of /etc/ufw/before.rules (before
COMMIT
line)
# VIRTUALBOX - Block output connection for user vbox
# Don't create chains with -N, but use this syntax:
:vbox-output - [0:0]
:vbox-output-logging-deny - [0:0]
:vbox-output-logging-allow - [0:0]
-A ufw-before-output -m owner --uid-owner 7000 -j vbox-output
# We accept everything going to ports DNS/Kerberos/Netbios/LDAP
# We reject all connections to intranet (with logging), but allow 92.120.124.210 (online) and 92.120.124.197, port 1025 (for Lync?)
# And by default, we allow
# 92.120.124.197 = beqleunxp1dc100.wbi.nxp.com.
# 92.120.124.210 = online.be-leu01.nxp.com
-A vbox-output -p tcp -m multiport --dports 88,135,139,445 -j ACCEPT
-A vbox-output -p udp -m multiport --dports 53,137,138 -j ACCEPT
-A vbox-output -p tcp -d 92.120.124.210 -j vbox-output-logging-allow
-A vbox-output -p tcp -d 92.120.124.197 --dport 1025 -j vbox-output-logging-allow
-A vbox-output -d 92.120.0.0/16 -j vbox-output-logging-deny
-A vbox-output -j ACCEPT
-A vbox-output-logging-deny -j LOG --log-prefix "[UFW BLOCK] [VBOX] "
-A vbox-output-logging-deny -j REJECT
-A vbox-output-logging-allow -j LOG --log-prefix "[UFW ALLOW] [VBOX] "
-A vbox-output-logging-allow -j ACCEPT
- Summary on how these rules where generated:
- Boot virtual image while watching ufw log (
tail -f /var/log/ufw.log|grep "\[VBOX\]"
) - Many connections to DNS / LDAP (port 53,389) and NetBIOS (135,137,138,139 and 445)
- Many Kerberos authentication requests - blocking these considerably slow down login sequence
- For now, we are just blocking intranet (92.120.*.*), except some sites.
- Boot virtual image while watching ufw log (
Remarks
- Install advertised program
This works even if policy deleted (winlogon was running though), network interface set to NAT, and with most service disabled (but smshost and ccmexec services must be running).
To Do
Issues
- Issue — virtualbox shared folder \\vboxsrv\d is not visible from Administrator account. Very annoying when copying files to system32 for instance (because source won't be visible anymore).
Temp. workaround, launch cmd as administrator:
net use D: \\vboxsrv\d
- Issue — Opera does not work with custom proxy.pac file.
- Issue — Nokia PC Suite, only detect & connect if I detach then reattach USB BCM20702A0
- Issue — HOMEDRIVE and HOMEPATH always pointing at network share, causing lags when disconnected.
- See [7] for potential workarounds
- Issue — Tuning settings reverted every 10 min or so (like CcmExec or wuauserv re-enabled)
- Add firewall rules to filter vbox output connection - to no avail so far
- Check process taskeng.exe and wscript.exe
- This task executes a file at \\wbi\sysvol\wbi.nxp.com\Policies\{916532D9-BDF8-46FE-A77B-F84124C54878}\Machine\Scripts\Startup. How come it is accessible despites the firewall? offline storage / access outside intranet / using one of the allowed port?
- Found reference to this script in registry at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy and HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Group Policy.
- Fixed? In lightweight image, add a command to disable the scheduled task, and purge registry from policy settings (see Customize_config.bat)
To Do
Questions
- Outlook — macro always enabled. Any better solution?
- Outlook — move .ost to d: drive (or find a solution that outlook always complaining .ost is old)
- Outlook — find a rss reader that can save into IMAP (check rss2email or feed2imap)
- System — Enable page file?
- Merge history from file win7_P2V_links.txt, and written notes.
- Recover application settings from old profile
Done & Fixed
- Fixed' — Office Lync 2010— Fix very slow typing in Lync (maybe due to update 7/7/2014):