I used to have a nice Dell workstation at work, XP Pro, a GB of RAM, a 7200 RPM SATA hard drive, and some kind of P4 2.x GHz processor and it worked quite smoothly and briskly. (these are important and very technical terms, take note: smooth and brisk). I then let my boss convince me into an ultra-portable laptop with a docking station. That HP nc2400 was real slow due to it’s 4200 RPM hard drive (the same one used in the Apple iPod).

I managed to tweak that HP into submission so it worked pretty well on XP Pro; but when a new opportunity came up for an Intel Dual Core 2 processor HP 6910p laptop I jumped at it. A little more weight, but the full size/speed hard drive, the bigger screen, and opportunity to run 64 bit OS’s were more than enough to motivate me.

 The laptop came with Vista, of course. There was a choice between 64 and 32 bit versions. Normally, I wipe all of that off the laptop, repartition and install everything myself from scratch, just the way I want it. But in this case, we don’t have Vista 64, or a volume license - and there are all these little features on the laptop I decided to go ahead and give it a go. Time to jump in and get the feet wet and all of that. What the hell, Vista x64 here we come.

As I expected, I ran into a lot of walls. I’ve spent the past 72 hours fussing about and figured out the following. I may not have it all quite exactly right, but I believe you will find solutions to most Vista issues can be solved by researching around the issues mentioned below.

Most of my issues involve networking and permissions which are fairly different from anything prior. In many ways it seems they have tried to incorporate linux or Mac-like features; but it is such a hybrid atmosphere that it becomes totally non intuitive. I’m constantly second guessing: could this be a Mac type solution, could this be a Linux type solution, is this plain old Windows, or is this some new Vista ‘feature’.

A few things I’ve come across:

1. UAC - user account control: similar to linux or Mac, the logged on user (even one with administrative rights) operates with reduced rights. Access to any settings, features, and many applications must be confirmed by clicking ‘OK’. A great idea in theory, but presents ALL kinds of issues since older management tools were not designed with this in mind. Example: this feature seemed to cause issues opening management tools in an mmc console. I ended up turning it off, which solved a lot of issues. In linux you run as root, and everything underneath (any processes run) runs as root automatically. It works quite well - but this has been a ‘feature’ of Unix/linux forever and so my theory is that it just doesn’t really work in Vista. Not if you’re in a mixed  environment, and who isn’t?

2. Authentication - Vista forces the highest level of authentication which is NTLM v.2 - unfortunately many non Microsoft systems, older Microsoft systems, and XP based shares (even on a domain) do not support it. The result is you can’t access shares or printers on many linux/samba systems or Microsoft workstations. The solution is to edit the local system policy on Vista to fail back to the older authentication methods. This will likely come up as an issue in some of our field offices.

3. Accessing shares on an XP Pro domain workstation required creating a local user on the workstation with the same username - userxyz - as the username I am logged onto my Vista workstation with. This is common in peer to peer environments but not domain environments where you would be prompted for a username and password. Accessing my Windows servers does result in a prompt to authenticate.

4. Exchange 2007 and 2003 management tools are not supported on Vista

5. Cisco does not have a VPN client for Vista x64 and does not plan to release one.

6. Adding Vista to a domain that has GPO’s enabled can result in issues not seen on XP or 2000 workstations. This primarily centers around the LOCAL SERVICE and NETWORK SERVICE accounts on the Vista workstation. If security rights like “adjust memory quotas” or anything related to “process level tokens” are set in GPO, they will defeat the local rights of service accounts on the workstation. The fix is to add these two accounts into your domain group policy objects so they get applied (and there are a number of new entries for Vista)

All in all, I’m not seeing the WHY of Vista, except that it is kind of pretty… One guy described it as a “pig with lipstick” but I won’t go so far. The potential exists for some real security improvements, but mostly I’ve had to defeat all of them to be compatible in my existing environments.

As for x64 - most of my 32bit apps work, with the exception of apps that involve any direct type of hardware/network involvement (here it is 50/50). More apps work on XP-64 than work on Vista-64. There are a number of 64bit solutions for many applications, but it is very spotty. I find the lack of management tools for Microsoft’s flagship Exchange 2007 to be quite puzzling.