This documentation is archived and is not being maintained.
Letters Readers Speak Out
© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.
Windows Vista Complete PC Backup
Thank you for your great article in the September 2007 issue on Windows Vista® Complete PC Backup ("A Guide to Windows Vista Backup Technologies," technetmagazine.com/issues/2007/09/Backup). I can't get myself to actually try it, however, because when it asks me where to put the backup image, it says it will put the image on my external hard drive (which is what I would like to do). But it does not give me a choice of putting the file into a specific folder on my external hard drive, which makes me worry that it will overwrite all my other files already on that drive. Is this something that I need to be concerned about?
We passed your question along to the author, Christine Fok, who said that Complete PC Backup will actually create a folder on the target for storing the image, so no need to worry—no data will be overwritten.
Mistaken Registry Key Reference
The December 2007 article "Track Down Elusive Network Problems" (technetmagazine.com/issues/2007/12/Network) contains a minor mistake when referencing a registry key to adjust the TCP/IP Stack in Windows®. On page 70, the author, Christopher Stoneff, mentions that you can adjust values in the HKLM\System\CurrentControlSet\Services\TCPIP key, when the correct key is, in fact, HKLM\System\CurrentControlSet\Services\TCPIP\ Parameters (he must have forgotten to add "Parameters").
Christopher Stoneff confirmed that you are indeed correct. The key does include \Parameters at the end. Our apologies that the required portion of the registry path was omitted. We have corrected this in the online version of the article.
I'm very interested in learning more about the Encrypting File System (EFS) and I read your March 2007 Security Watch column "Deploying EFS: Part 2" (technetmagazine.com/issues/2007/03/SecurityWatch). I have a domain environment and some users are encrypting some files already. I then introduced certificate authority (CA) and EFS templates. My question is this: if those users who already had encrypted files using their own self-sign certificates need to encrypt new files, should they encrypt them using the old self-sign certificate or should they enroll for a new certificate from my CA? Also, if all my users have roaming profiles, where will the private keys of users be stored?
John Morello, who wrote the column on deploying EFS, sent an answer to your question:
Once the users enroll for the new EFS certificate, they'll start using it for new operations. However, any existing encrypted files will continue to be encrypted with the old keypair until they're updated. So, after the users have enrolled, you can run cipher /u, which will update all of those files with the new keypair.
If using roaming profiles, the keypairs will be roamed in the profiles. I recommend using Credential Roaming instead, which is more lightweight than roaming profiles. Look here for more information: go.microsoft.com/fwlink/?LinkId=107469.
Mistaken Regular Expression
Concerning the January 2008 Hey, Scripting Guy! column "There's No Mistaking Regular Expressions" (technetmagazine.com/issues/2008/01/HeyScriptingGuy), the example usingmay not be what was intended. It was intended to find any character that was not a lowercase or uppercase letter. This pattern, however, is for an uppercase followed by a lowercase letter. It fails with a string such as "aBcde". Perhaps it should be this instead:
objRegEx.Pattern = "[^A-Z][^a-z]"
objRegEx.Pattern = "[^A-Z^a-z]"
We passed your question along to The Scripting Guys, and here's what they had to say:
Hey, Roger. Thanks for pointing this out. It looks like we made a change to the column at some point and didn't catch this. In the original draft (which I still have lying around on my computer somewhere), we did say that this was intended to find an uppercase letter followed by a lowercase letter. We must have decided afterward that this wasn't as useful as finding characters that weren't letters, and while we changed the text, we forgot to change the sample code as well. We'll get this fixed in the online version. Sorry about that.