[THIN] Re: Office apps show my user having documents locked
- From: "Nick Smith" <nick@xxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Sat, 25 Mar 2006 14:42:29 -0000
Wow! Some answer!
Thanks for taking the time on that. *very* helpful!
Nick
_____
From: Rick Mack [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Rick
Mack
Sent: 25 March 2006 08:05
To: thin@xxxxxxxxxxxxx
Subject: RE: [THIN] Re: Office apps show my user having documents locked
Hi Nick,
You've got a few alternatives:
1) Don't do anything and watch for interesting changes to appear in your
environment. Since interesting means helpdesk calls by annoyed users,
this isn't a good option.
2) Manage the shadow key. Your idea of using the shadow key and
propagating it isn't a bad one, but you have to make a point of making
sure you know what's being propagated or you're back to option 1. There
are 2 utilities (RDT/SDT read date time, set date time from
http://www.brianmadden.com/attachments/rdt-sdt.zip) available to help
you query and set shadow key timestamps.
3) Delete the shadow key and manage application settings some other way.
This is really the preferred path. It takes a bit more work, but you
then know exactly what you're dealing with. You can use scripting, group
policies (with custom policy templates) or desktop management software
from Appsense, Triceart, Scriptlogic etc.
Scripting includes:
- using the legacy application compatibility scripts that come with TS
- applying reg files or using regini on logon or custom Kix or VB
scripts. This lets you manage settings basd on groups etc
The "easiest" way to manage application settings is with a produc like
Appsense Environment Manager (or the Tricerat etc equivalent). Sorry if
I've missed anyone but there are quite a few good products out there.
If you can't go that way, then custom group policies are a good
alternative. Use regtoadm (NUTS http://vizhar.mvps.org/files/nuts.exe,
freeware) to get a basic skeleton of the custom policy just by exporting
and converting a registry key. Then use regshot (http://
<http://www.majorgeeks.com/downloadload965.html>
www.majorgeeks.com/downloadload965.html, freeware) to find out what
really matters (find out what you can keep and more importantly delete)
and if you're serious about improving on the custom policy, get a copy
of the ADM template editor (http://www.sysprosoft.com, costs about $60).
regards,
Rick
Ulrich Mack
Volante Systems
_____
From: thin-bounce@xxxxxxxxxxxxx on behalf of Nick Smith
Sent: Sat 25/03/2006 17:31
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Office apps show my user having documents locked
Rick,
Thanks for this very clear explanation. I've got away recently with
single servers but am now planning for multiple TSes. Presumably I
therefore need to export the Shadow Key to any new servers. How does the
time-stamp on this work? Presumably it takes the time of the import of
the key and compares it to the user (roaming profile) settings? How do I
prevent the Shadow key overwriting user settings in this scenario?
Nick
If a software installation is done in "install" mode and it updates any
keys under HKCU\Software, the values will be copied to
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal
Server\Install\Software (otherwise known as the shadow key). If an admin
session is in "install" mode when the admin runs up an changes any app
settings, these settings will also be copied to the shadow key.
When a user runs up an application, if the appropriate registry
values aren't already there or they are older than the values in the
shadow key, they'll get populated from the shadow key. In single server
scenarios, this is can be a really usefull way to propagate application
settings. However if the shadow key isn't identical on all your servers
and has a different timestamp on each server, then things can get
interesting.
########################################################################
#############
This e-mail, including all attachments, may be confidential or
privileged. Confidentiality or privilege is not waived or lost because
this e-mail has been sent to you in error. If you are not the intended
recipient any use, disclosure or copying of this e-mail is prohibited.
If you have received it in error please notify the sender immediately by
reply e-mail and destroy all copies of this e-mail and any attachments.
All liability for direct and indirect loss arising from this e-mail and
any attachments is hereby disclaimed to the extent permitted by law.
########################################################################
#############
Other related posts:
