Admin Passwords
After reading your article "Understanding Shared Account Password Management" that is in the September 2008 issue, I was wondering if my company would need to manage passwords if we use two-factor authentication in our network and, if so, why?
—Alan M.
I have never come across a company that employs two-factor authentication for their built-in admin, service/process accounts, or firewall accounts, even when they have two-factor authentication configured. Simply put, they can't. Two-factor authentication does not work in a scenario where the user account can't manage its pin number and rotating key code.
Service accounts, for example, rarely if ever log on interactively, so they are never prompted for the pin number and key code. Furthermore, it's just not feasible to maintain an ID token for every built-in admin account in your network.
As a result of this, these accounts will always use passwords for authentication, and thus it is necessary that these passwords be managed. Some companies I have dealt with utilize two-factor authentication for their user base, but then they use a randomization tool to manage user passwords that would otherwise never be changed.
—Chris Stoneff, Product Manager, Lieberman Software
WIndows PE
I have enjoyed reading your articles on Windows PE, and I have a question. I want to know whether a Windows Vista driver will always install and work in Windows PE 2.0 (the version that comes with Windows Vista). Or is it the case that some drivers won't work just because it is Windows PE and not the full operating system?
—Karthika A.
A Windows Vista driver (or any Windows driver, actually) may not necessarily work in Windows PE, regardless of the version that you're using. The issue at hand here is whether that specific driver requires some operating system functionality in order to provide its own full functionality.
If the driver depends on a part of Windows that isn't there under Windows PE, the driver won't work. Or sometimes a driver will work, but not completely. For example, audio drivers can be installed under Windows PE, but because the audio stack isn't present in Windows PE, the functionality provided is generally limited to just installing the device itself and then determining if the device is working as well as possible.
—Wes Miller, Columnist, The Desktop Files
Missing Reference Document
I have recently been reviewing the August 2008 Inside SharePoint column titled "Troubleshooting Messaging Integration." However, I'm having some trouble locating a document referenced in the column.
In the SharePoint Messaging Integration.pdf in the companion download, there is a prerequisite of installing and configuring WSS 3.0, as outlined in the worksheets in the \TestLab folder. There is no TestLab folder available in the companion download.
—Mike D.
We are sorry for the miscommunication. The TestLab folder referenced in the August column is available in the download for the July 2008 SharePoint article "Integrating Office Applications."
That TestLab folder has information on how to set up the test environment. Because the author is using the same test environment, nothing has changed in terms of the documentation. If you download the July .exe file, you'll find what you need.
—Sharon Terdeman, Senior Editor, TechNet Magazine
Where Has Exchange Queue & A Gone?
What happened to the Exchange Queue & A column? I'm waist deep into a 22,000 user Groupwise-to-Exchange migration project, and that column always offered helpful information. I enjoyed reading it every month. Will it run again?
—Kirk L.
We're really glad to hear how much you enjoy the TechNet Magazine Exchange Queue & A column. Don't worry, it hasn't disappeared—the column now runs every other month, alternating with the SQL Q&A column. In case you missed any installments, you can find them on our Exchange Queue & A page.
—Sharon Terdeman
Got something to say? E-mail us at tnmag@microsoft.com, or visit our blog forum at blogs.technet.com/tnmag.