How to prevent users from using USB removable disks (USB flash drives)?

I have seen this question several times at different message boards, so I've decided to write an article about it. USB removable disks (also known as flash drives or "Disk on Key" and other variations) are quickly becoming an integral part of our electronic life, and now nearly everybody owns one device or another, in forms of small disks, external hard drives that come enclosed in cases, card readers, cameras, mobile phones, portable media players and more.

Portable USB flash drives are indeed very handy, but they can also be used to upload malicious code to your computer (either deliberately or by accident), or to copy confidential information from your computer and take it away. Whenever a new USB device is plugged-in to a USB port, the operating system checks the device and hardware id to determine if it's a storage device or not. If it determines that it is indeed a mass storage device it will load the appropriate driver, and will display the device as a drive in the Windows Explorer tree view. This is done by using the usbstor.sys driver. If the device does not have a drive letter, you will need to assign one to it by using the Disk Management snap-in found in the Computer Management tool. If you disable the ability of the usbstor.sys driver to run on the computer, you will in fact block the computer's means of discovering the flash drive and loading the appropriate driver.

Note that this will only prevent usage of newly plugged-in USB Removable Drives or flash drives, devices that were plugged-in while this option was not configured will continue to function normally. Also, devices that use the same device or hardware ID (for example - 2 identical flash drives made by the same manufacturer) will still function if one of them was plugged-in prior to the configuration of this setting. In order to successfully block them you will need to make sure no USB Removable Drive is plugged-in while you set this option. Note: This tip will allow you to block usage of USB removable disks, but will continue to allow usage of USB mice, keyboards or any other USB-based device that is NOT a portable disk. You should also read Disable USB Disks with GPO and Disable Writing to USB Disks with GPO. It's worth mentioning that in Windows Vista Microsoft has implemented a much more sophisticated method of controlling USB disks via GPO. If you have Windows Vista client computers in your organization you can use GPO settings edited from one of the Vista machines to control if users will be able to install and use USB disks, plus the ability to control exactly what device can or cannot be used on their machines.

Block usage of USB Removable Disks

To block your computer's ability to use USB Removable Disks follow these steps:

1. Open Registry Editor.
2. In Registry Editor, navigate to the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR

1. Locate the following value (DWORD):

Start and give it a value of 4. Note: As always, before making changes to your registry you should always make sure you have a valid backup. In cases where you're supposed to delete or modify keys or values from the registry it is possible to first export that key or value(s) to a .REG file before performing the changes.

1. Close Registry Editor. You do not need to reboot the computer for changes to apply.

Enable usage of USB Removable Disks

To return to the default configuration and enable your computer's ability to use USB Removable Disks follow these steps:

1. Go to the registry path found above.

1. Locate the following value:

Start and give it a value of 3. You can download a .REG file that configure this setting right HERE (1kb).

Adding New Administrative Templates to a GPO

In a previous article - Understanding Administrative Templates in GPO - I've described the purpose of the Administrative Templates section in the Windows 2000/XP/2003 GPO. Administrative Templates are a large repository of registry-based changes that can be found in any GPO on Windows 2000, Windows XP, and Windows Server 2003. The Administrative Templates are Unicode-formatted text files with the extension .ADM and are used to create the Administrative Templates portion of the user interface for the GPO Editor.

Although Administrative Templates have virtually hundreds of options within them, there may be times when an administrator will need to add more options to a new or existing GPO.

One method for an administrator to add such extensions to the GPO is by adding new settings to the Administrative Templates sections. This can be done by adding .ADM files to the existing Administrative Templates section in GPO.

Adding .ADM files to the Administrative Templates in a GPO

In order to add additional .ADM files to the existing Administrative Templates section in GPO please follow the next steps:

1. Open the Group Policy Management Console (or GPMC) from the Administrative Tools folder in the Stat menu, or by typing gpmc.msc in the Run command.

Note: GPMC is not a built-in part of Windows 2000/XP/2003, and needs to be separately installed. You can download GPMC from the following link (Download GPMC), yet remember it can only be used effectively on Windows Server 2003-based Active Directory.

If you do not have GPMC or cannot install it then you'll need to edit the GPO via the regular means, i.e. from Active Directory Users and Computers management tool (dsa.msc).

1. Right-click an existing GPO (or create an new GPO, then right-click on it) and select Edit.

1. Expand either the Computer settings or Users settings sections of the GPO. Go to the appropriate Administrative Templates section and right-click it. Select Add/Remove Templates.

1. In the Add/Remove Templates window click Add.

1. Browse to the location of the required .ADM file and click Open.

1. In the Add/Remove Templates window notice that the new .ADM file is listed, then click Close.

Now re-open the Administrative Templates section and browse to the new settings location.

Disabling GPO settings filtering

Many custom Administrative Templates require you to remove the requirement to show policy settings that can be fully managed in the GPO editor. To do so follow the next steps:

1. After completing the above procedure, browse to the newly added Administrative Template section.

Note that the section is indeed listed, however in the right-pane is empty.

1. Right-click an empty spot in the right pane and select View > Filtering.

1. In the Filtering window click to un-mark the "Only show policy settings that can be fully managed" option. Then click Ok.

1. Notice how the available options are now displayed in the right pane.

Replicating the added .ADM files across the domain

When adding new .ADM files to any GPO you actually place new features in the Administrative Templates section for that GPO. These settings should be accessible from any DC, and should apply to any computer that is affected by that GPO.

However, if the .ADM files were added, for example, when sitting on DC1, how do you make sure they are also replicated to DC2, DC3 and so on?

Well, luckily for us, in most cases there are no additional configuration steps involved. When adding the new .ADM file it is automatically uploaded to the following location on the DC that was used to edit the GPO (usually - the PDC Emulator, read more in the Understanding FSMO Roles in Active Directory article):

%SystemRoot%\SYSVOL\sysvol\domain name\Policies\{GPO GUID}\Adm

as seen clearly in the following screenshot:

Because all of the SYSVOL folder is shared and automatically replicated all over the domain, the uploaded .ADM file will automatically replicated to all the GPO instances on all DCs in the domain.

However this might cause a problem when using too many templates and too many GPOs, especially on slow WAN links.

In Windows Server 2003, the size of the Administrative Templates has grown when compared to the same .ADM files in Windows 2000. As a result, the entire set of Administrative Templates has grown to almost 1.75MB. When you multiply this size by each Policy that SYSVOL contains, you can see that much space is devoted to these templates.

For example, for a large corporation with 1200 GPOs in place, the entire SYSVOL folder (where the GPOs are located on each DC) can take up more than 1GB of hard disk space. Replicating such a folder over the WAN (especially when promoting a new DC) can be very problematic. Here is where the following article - Install DC from Media in Windows Server 2003 - comes in very handy.

Removing .ADM files from an existing GPO

Whenever you do not need the added feature anymore you can simply reverse the process and instead of adding new .ADM files - removing them.

Before removing an Administrative Template, make sure you modify its policy settings and wait for Group Policy to refresh on all the computers that were supposed to be effected by the GPO. This is because removing an Administrative Template that was previously installed does not change or remove any Registry settings that the GPO deployed when Group Policy was last processed.

You should also read KB 813338 for more info on removing .ADM files from GPOs.

Links

Create Custom Administrative Templates in Windows 2000 - 323639

Group Policy Template Behavior in Windows Server 2003 - 316977

How to minimize SYSVOL size by removing administrative templates (.adm files) - 813338

How to disable USB removable disks flash drives by using Group Policy (GPO)?

I have seen this question several times at different message boards, so I've decided to write an article about it.

USB removable disks (also known as flash drives or "Disk on Key" and other variations) are quickly becoming an integral part of our electronic life, and now nearly everybody owns one device or another, in forms of small disks, external hard drives that come enclosed in cases, card readers, cameras, mobile phones, portable media players and more.

Portable USB flash drives are indeed very handy, but they can also be used to upload malicious code to your computer (either deliberately or by accident), or to copy confidential information from your computer and take it away.

As a variation to Disable USB Disks, you can prevent users from using any portable USB removable disk or flash drive by using a custom .ADM file that can be imported into the Local Group Policy (thus effecting only the local computer) or by using Active Directory-based Group Policy Objects (also known as GPOs).

Follow the steps outlined in the Adding New Administrative Templates to a GPO article on general instructions on how to add or remove an .ADM file from the Administrative Templates section in GPO.

Note: This tip will allow you to block usage of USB removable disks, but will continue to allow usage of USB mice, keyboards or any other USB-based device that is NOT a portable disk.

It's worth mentioning that in Windows Vista Microsoft has implemented a much more sophisticated method of controlling USB disks via GPO. If you have Windows Vista client computers in your organization you can use GPO settings edited from one of the Vista machines to control if users will be able to install and use USB disks, plus the ability to control exactly what device can or cannot be used on their machines.

Needless to say, as with any GPO setting, this option will only work on Windows 2000 operating systems or higher.

In KB 555324 written by fellow MVP Simon Geary he has provided a nice sample .ADM file that can do just that, and also added other removable storage media to it. You can effectively block usage of any drives containing removable media, such as USB ports, CD-ROM drives, Floppy Disk drives and high capacity LS-120 floppy drives.

However, the original .ADM was pretty simple, so I added a must-have explanation and changed some of the wording in it. By using the file provided below you will also be able to understand the exact settings and scenarios in which the blocking will or will not be successful.

Download the USB_removable_drives_ADM file (2kb)

After downloading the .ADM file, read Adding New Administrative Templates to a GPO.

You might also be interested in reading Disable Writing to USB Disks with GPO.

Note: In order to successfully view and configure the new .ADM file settings you will need to change the default filtering view for the GPO Editor (or GPedit.msc). Unless you change these settings, the right pane will appear empty, even though it has the settings in it.

Follow these steps:

1. In GPEdit.msc (or any other GPO Editor window you're using) click on View > Filtering.

1. Click to un-select the "Only show policy settings that can be fully managed" check-box. Click Ok.

1. Now you will be able to see the new settings in the right pane:

1. You can now configure any of the above settings:

An additional step that needs to be performed before the above tip will work has to do with modifying the file access permissions for 2 files. You need to remove the SYSTEM access permissions from the usbstor.sys and usbstor.inf files.

You can do so by right clicking these files > Properties, then going to the Security tab. There you need to remove the line for the SYSTEM account.

Note: Under some circumstances, the SYSTEM should have write access to these files during Service Pack installation. For example, when the SP is installed via GPO or SMS, the installation runs under the SYSTEM Account.

Service Pack needs to replace the files to a new version and without proper write access to the file, installation will fail... Therefore, before each SP deployment we need to allow access to the SYSTEM account for these files.

Change or Redirect Favorites and Cookies folder using a Group Policy

When using roaming profiles we must understand that a lot of file copying is performed when logging on to and logging off from the workstation. For example, a user can have thousands of little cookie files on his or her user profile, and when copies to and from the profile's location to the user's workstation, they can really slow down your logon. That is why it’s good to redirect cookies to the user’s home folder, because it stops lots of files from being copied every time you logon into a new computer.

Favorites are more secure on home folder if you ever need to delete the user profile, and more easy to access, and backup.

Both redirections can be done via GPO using a custom ADM file, which I found on the Internet. When properly used, this GPO tattoos the registry and will not revert back when removed, so if you have to change the settings back, you will need to logon and only then it will revert back.

1. Copy the following text and paste it into a new file with the .ADM extension. Save this file on the server in the c:\windows\inf folder.



CLASS USER

CATEGORY !!WindowsComponents

CATEGORY !!InternetExplorer

CATEGORY !!IE_Favorites

KEYNAME "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"

POLICY !!IE_Favorites

#if version >= 4

SUPPORTED !!SUPPORTED_IE5

#endif

EXPLAIN !!IE_Favorites_Location_Explain

PART !!IE_Favorites_Location_Tip1 TEXT

END PART

PART !!IE_Favorites_Location EDITTEXT EXPANDABLETEXT

VALUENAME Favorites

DEFAULT %USERPROFILE%\Favorites

;; MAXLEN 120

REQUIRED

END PART

END POLICY

POLICY "Redirect Cookies"

PART "Cookies Folder" EDITTEXT REQUIRED EXPANDABLETEXT

DEFAULT "%USERPROFILE%\Cookies"

VALUENAME "Cookies"

END PART

END POLICY

END CATEGORY ;; IE_Favorites

END CATEGORY ;; Internet Explorer

END CATEGORY ;; WindowsComponents

[strings]

WindowsComponents="Windows Components"

IE_Favorites="Location of Internet Explorer Favorites"

IE_Favorites_Location="The path to the favorites folder"

IE_Favorites_Location_Explain="Specify the path to the location of favorites. You can use variables like %USERPROFILE%, %USERNAME%, etc... Both local and UNC path are valid."

IE_Favorites_Location_Tip1="Specify the UNC path to the favorites location"

InternetExplorer="Internet Explorer"

SUPPORTED_IE5="at least Internet Explorer v5.01"

2. Open Group Policy Management Console (or GPMC), select the appropriate GPO (or create a new one). Edit the appropriate GPO (right-click on the GPO and select Edit).



3. Expand the User Configuration part and add the new .ADM template to the Administrative Templates.



4. Click on Administrative Templates, then click on the View > Filtering menu option.



5. Remove the checkbox from “Only show policies that can be fully managed”.



6. Next go to Windows Components > Internet Explorer > Location of Internet Explorer Favorites



7. Enable the policy and change the path to %HOMESHARE%\Cookies or %HOMESHARE%\Favorites.

Note: If you ever need to change it back to what it used to be then use %USERPROFILE%\Favorites or %USERPROFILE%\Cookies, as needed.

Tip: Notice that now the cookies and favorites won’t stay with you if you are not connected to the network with a laptop for example, you may consider enabling usage of offline files for that folder.

Please note that by using the above tip, the context of Favorites or Cookies will NOT be automatically moved to the new location. You should either manually copy these files to the network location, or use a logon script to do it. Also cookies and favorites will stay on the server side profile and will be copied every time so you won’t benefit from quick logon until you move or delete them, so make sure your script also deletes them from the old place. Use Windows Explorer on the server and delete them. The cookies will be re created as the user uses the Internet.

Redirect Favorites special folder

Redirect Favorites special folder

I was looking for how you could redirect the Favorites folder along with "My Documents" via a gpo and found a very good explanation on Windowmaker's blog and also a dowloadable custom gpo. The full explanation can be found on the windowmaker´s blog.

Remember that it will not redirect current favorites in the local profile, rather create a new favorites folder where you must copy your current ones.

Stefan

"Redirecting IE Favorites via GPO
I have seen this question multiple times at different web forums and newsgroups. Sometimes you want to redirect user's favorites to a network share, letting user access his favorites when he logs on from different workstations (or just for the sakes of backups).

The location of the user's favorites is determined by the following registry value:
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell FoldersValue: FavoritesType: REG_EXPAND_SZDefault: %USERPROFILE%\Favorites

The fact that the registry value has a type of REG_EXPAND_SZ is actually very convenient - you can use environment variables when pointing to the location of the Favorites.

Now you can solve the issue of redirecting the folder using either logon script or something similar, but being GPO addict I decided to create an administrative template to handle the task.
Here is what I came up with: (you can download the ADM from here. No need to cut&paste)

CLASS USER CATEGORY !!WindowsComponentsCATEGORY !!InternetExplorerCATEGORY !!IE_Favorites KEYNAME "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" POLICY !!IE_Favorites #if version >= 4 SUPPORTED !!SUPPORTED_IE5 #endif EXPLAIN !!IE_Favorites_Location_Explain PART !!IE_Favorites_Location_Tip1 TEXT END PART PART !!IE_Favorites_Location EDITTEXT EXPANDABLETEXT VALUENAME Favorites DEFAULT "%USERPROFILE%\Favorites" REQUIRED END PART END POLICY END CATEGORY ;; IE_FavoritesEND CATEGORY ;; Internet ExplorerEND CATEGORY ;; WindowsComponents[strings]WindowsComponents="Windows Components"IE_Favorites="Favorites"IE_Favorites_Location="The path to the favorites folder"IE_Favorites_Location_Explain="Specify the path to the location of favorites. You can use variables like %USERPROFILE%, %USERNAME%, etc... Both local and UNC paths are valid."IE_Favorites_Location_Tip1="Specify the UNC path to the favorites location"InternetExplorer="Internet Explorer"SUPPORTED_IE5="at least Internet Explorer v5.01"

Removing End Users from the Local Administrators Group

However, the greatest risk in setting the end users as local administrators is information security. Here is a little scenario that demonstrates how easy it is to get hold of sensitive information when users are set as local administrators:

Imagine yourself an employee that was "planned" in your organization by a business competitor and was assigned the task of retrieving documents and Emails which belongs to the CFO. This employee has been accepted to work in a legitimate way and was given a user account and a workstation on which he is defined as local administrator.

Now, this employee performs the following simple tasks:

1. Creates a local account named 'Whatever'.
2. Make 'Whatever' a member of the local Administrators group.
3. Login using the new account.
4. Installs a Key-Logger application.
5. Deletes the account and empty the security log.

At this point, all he has to do is create some sort of problem in his workstation, open a support call, shut down the computer and go home.

Once the technician arrives to the workstation, he will log on using his account (which is probably defined as Administrator on all workstations). The key-logger will log his password and now our dear spy has Administrator privileges on all workstations in the organization.

From now on, the malicious user can install a key logger on any workstation he wants and retrieve the credentials of almost every user in the organization.

As you can see, there is no need for some master hacker that will break through your firewalls in order to perform this simple task.

The obvious cure to that weakness is to remove end users from the local Administrators group. It does sound pretty simple, but once you've done that you will discover that it is quite a challenge.

So what happens if I remove users from the Administrators group?

The most likely problems that will happen once you remove the users from the Administrators group are applications that stop function properly, login scripts that suddenly fail and angry users that will give you thousands of excuses why they must have administrative privileges.

Regarding the angry users, the solution is quite simple. Let the IT manager read the first part of this article and he will make sure he is backed up from the upper management.

Regarding the legacy applications that all of a sudden stop function properly, you can take the longest run, the long run and the easy way.

The longest run

The most proper way to deal with the described situation is to have the relevant software vendors upgrade their products and make them function properly for non-privileged users. However, this task can take a very long time to accomplish and might cost a great deal of money to the organization.

The long run

The most common way to overcome the described issue is to find exactly which permissions are required by the legacy applications (you can do it by using Microsoft's PROCMON - download). This process is quite frustrating and you'll probably find yourself spending long days on finding the exact permissions required. After you've done that, you would have to define it through Group Policy Security Settings and distribute the settings to users. Anyhow, assigning these privileges to end users might make those users too 'Strong'; allowing them to do stuff you wouldn't want them to do!

The easy way

MS Windows supports manual execution of processes using an alternative set of credentials. This means that you can take users out of the local Administrators group, let them log in to windows using their non-privileged account and then execute a specific application (or command) using a separate, privileged account. This can be done by right clicking a desktop shortcut and choosing 'Run As…'

You can also use the command line interface 'RunAs'. However, this is not very useful since you have to provide the password of the privileged user to all users (which takes you right back to square one…). If you are a bit more sophisticated, you can use the RunAs command to save the credentials of a privileged user, and then create a shortcut for the users that does not require them to enter the password.

This sounds like the perfect solution, BUT it does have some major disadvantages: First, there is no secure way to distribute the password to all users, meaning that you will have to enter the password yourself for each user (not very practical). Second, once you entered the password for each user, you pretty much stuck with this password and you probably won't be able to change it in the future.

Luckily for us, there are several tools that help us dealing with this situation. Some of the tools are simple CLI utilities that can pipe the password (but you would still have to expose it). Other tools are more advanced and allow you to create encrypted credentials file and use this file to execute the relevant software.

The most feature-rich tool available is a freeware tool I have recently come across called "RunAsGUI" by Smart-X (www.smart-x.com)

RunAsGUI comes with a very intuitive wizard-like configuration form that walks you through the steps of setting the encrypted configuration file and creating a desktop shortcut that would run a specific application with a specific user account.

Using RunAsGUI you can store the credentials of a domain or local account which is configured as Administrator in encrypted credentials file and store this file on the network.

In order to support laptop computers which are sometime used offline, RunAsGUI has a build-in cache mechanism that caches the credentials and uses them when the machine is offline. This allows you to easily change the privileged account's password at any time.

Another nice feature is creating a desktop shortcut for an application which once launched the user is prompted to enter alternative credentials. This is most useful in domain migration situations when users might have two accounts for a temporary period of time.

You can also use RunAsGUI to run scripts using a privileged account. RunAsGUI allows you to execute processes in a synchronic or a-synchronic manner, define a timeout and let you choose what to do when the timeout elapses. Using this feature you can easily execute specific commands through login script and make sure they don't take too much time to run when the machine is offline.

On the client side, you can choose to install the client-side RunAsGUI locally on each workstation or simply execute it through a network share without any installation on the client side.

You can download RunAsGUI HERE.

Backing Up Group Policy Objects

Backing Up Group Policy Objects

Fortunately, there is a way that you can backup your group policy settings separately from the rest of the Active Directory. Of course you have to do this before the need to restore your group policy settings arises.

Backing Up the Group Policy Objects

Begin the process by logging on to a Windows Server 2008 domain controller, and opening the Group Policy Management console. Now, navigate through the console tree to Group Policy Management | Forest: | Domains | | Group Policy Objects. When you do, the details pane should display all of the group policy objects that are associated with the domain. In Figure A there are only two group policy objects, but in a production environment you may have many more.

Figure A

The Group Policy Objects container stores all of the group policy objects for the domain.

Now, right-click on the Group Policy Objects container, and choose the Back Up All command from the shortcut menu. When you do, Windows will open the Back Up Group Policy Object dialog box. As you can see in Figure B, this dialog box requires you to provide the path to which you want to store the backup files. You can either store the backups in a dedicated folder on a local drive, or you can place them in a folder on a mapped network drive. The dialog box also contains a Description field that you can use to provide a description of the backup that you are creating.

Figure B

You must provide the path to which you want to store your backup of the group policy objects.

To initiate the backup process, just click the Back Up button. When the backup process completes, you should see a dialog box that tells you how many group policy objects were successfully backed up. Click OK to close the dialog box, and you're all done.

Backing Up Individual Group Policy Objects

In case you're wondering, Windows Server 2008 does allow you to backup individual group policy objects. The process for doing so is very similar to what I just showed you. The difference is that when you select the Group Policy Objects container, shown in Figure A, you would right-click on an individual Group Policy Object rather than on the Group Policy Objects container. From there, you would choose the Back Up command from the shortcut menu. The rest of the process is identical to what you have already seen.

The Anatomy Of The Back Up

When you create a backup, Windows creates individual folders within the target folder. Each of these individual folders bears the GUID of the Group Policy Object that contains. This is true whether you are backing up an individual Group Policy Object, or all of the Group Policy Objects in the entire domain. You can see what the backup folder looks like in Figure C.

Figure C

Windows creates a separate folder for each Group Policy Object.

The Restoration Process

When it comes to restoring a backup of any Group Policy Object, you have two options. The first option is to right-click on the Group Policy Object, and choose the Restore From Backup command from the shortcut menu. When you do this, Windows will remove all of the individual settings from the Group Policy Object, and then implement the settings found in the backup.

Your other option is to right-click on the Group Policy Object you want to restore, and choose the Import Settings option. This option works more like a merge than a restore. Any settings that presently reside within the Group Policy Object are retained unless there is a contradictory settings within the file that is being imported.

Conclusion

As you can see, it is pretty simple to backup your Group Policy Objects. Even so, a lot of administrators do not realize the importance of backing up group policy objects separate from backing up the Active Directory.

How to Find Your Uptime in Windows Server 2008

How to Find Your Uptime in Windows Server 2008

Method #1: By using the Task Manager

In Windows Vista and Windows Server 2008, the Task Manager has been beefed up to show additional information about the system. One of these pieces of info is the server’s running time.

1. Right-click on the Taskbar, and click Task Manager. You can also click CTRL+SHIFT+ESC to get to the Task Manager.

2. In Task Manager, select the Performance tab.

3. The current system uptime is shown under System.

Method #2: By Using the System Information Utility

Probably one of the easiest methods to accomplish this task. The Systeminfo command line utility checks and displays various system statistics such as installation date, installed hotfixes and more.

Open a Command Prompt and type the following command:

systeminfo

You can also narrow down the results to just the line you need:

systeminfo | find "System Boot Time:"

Method #3: By Using the Uptime Utility

Microsoft have published a tool called Uptime.exe. It is a simple command line tool that analyzes the computer's reliability and availability information. It can work locally or remotely. In its simple form, the tool will display the current system uptime. An advanced option allows you to access more detailed information such as shutdown, reboots, operating system crashes, and Service Pack installation.

Read the following KB for more info and for the download links:

Uptime.exe Tool Allows You to Estimate Server Availability with Windows NT 4.0 SP4 or Higher

http://support.microsoft.com/kb/232243

To use it, follow these steps:

1. Download uptime.exe from the above link, and save it to a folder, preferably in one that's in the system's path (such as SYSTEM32).

2. Open an elevated Command Prompt window. To open an elevated Command Prompt, click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. You can also type CMD in the search box of the Start menu, and when you see the Command Prompt icon click on it to select it, hold CTRL+SHIFT and press ENTER.

3. Navigate to where you've placed the uptime.exe utility.

4. Run the uptime.exe utility. You can add a /? to the command in order to get more options.

uptime.exe

Method #4: By Using the NET STATISTICS Utility

Another easy method, if you can remember it, is to use the approximate information found in the statistics displayed by the NET STATISTICS command.

Open a Command Prompt and type the following command:

net statistics workstation

The statistics should tell you how long it’s been running, although in some cases this information is not as accurate as other methods.

Method #5: By Using the Event Viewer

Probably the most accurate of them all, but it does require some clicking. It does not display an exact day or hour count since the last reboot, but it will display important information regarding why the computer was rebooted and when it did so. We need to look at Event ID 6005, which is an event that tells us that the computer has just finished booting, but you should be aware of the fact that there are virtually hundreds if not thousands of other event types that you could potentially learn from.Note: BTW, the 6006 Event ID is what tells us when the server has gone down, so if there’s much time difference between the 6006 and 6005 events, the server was down for a long time.

1. Open Server Manager tool by right-clicking the Computer icon on the start menu (or on the Desktop if you have it enabled) and select Manage. Navigate to the Event Viewer.

Note: You can also open the Event Viewer by typing eventvwr.msc in the Run command, and you might as well use the shortcut found in the Administrative tools folder.

2. Click on Event Viewer (Local) in the left navigation pane.

3. In the middle pane, click on the Information event type, and scroll down till you see Event ID 6005. Double-click the 6005 Event ID, or right-click it and select View All Instances of This Event.

4. A list of all instances of the 6005 Event ID will be displayed. You can examine this list, look at the dates and times of each reboot event, and so on.

Note: You can also easily create a Custom View to find all 6005 events. Please read my “Working with Filtering and Custom Views in the Vista Event Viewer” article for more information.

I will use the System Log and 6005 Event ID as the parameters for the custom view, and bingo, we can see all recent reboots of the system.

Method #6: By Using WMI

I found this nice article by the Microsoft Scripting Guy (read article for more details). I've changed the original suggestion a bit to make it more readable. Copy the following text into a text file and save it with a VBS extension. When done, double click on the file to get the system’s running time in minutes.

strComputer = "."

Set objWMIService = GetObject("winmgmts:\" & strComputer & "rootcimv2")
Set colOperatingSystems = objWMIService.ExecQuery _
  ("Select * From Win32_PerfFormattedData_PerfOS_System")

For Each objOS in colOperatingSystems
  intSystemUptime = Int(objOS.SystemUpTime / 60)
  strMessage = "System uptime is "  & intSystemUptime & " minutes"
 msgBox strMessage, 0, "System Uptime"
Next

Hey, Scripting Guy! How Can I Determine the Uptime for a Server?:

http://www.microsoft.com/technet/scriptcenter/resources/qanda/aug05/hey0802.mspx

Method #7: By Using PowerShell

I found this interesting article by the Microsoft Scripting guys. The logic and explanations are too long for me to include here. Read it for more information.

Use PowerShell and WMI to calculate server uptime:

http://technet.microsoft.com/en-us/magazine/2008.12.heyscriptingguy.aspx?pr=blog

How to retrieve CD Key of Windows 2000/XP/2003 or Office 2000/XP ?

Sometimes you might need to retrieve the CD Key used to install Windows in order to find out if it's legally purchased, or just for safe keeping. I usually find myself in that position whenever I'm at a client's location, trying to see if the copy of Windows 2000 he's using is indeed legally registered.

Luckily for us, some programs exist that can help you do just that - retrieve license information from the registry, and allow you to copy it for safekeeping or for documentation purposes.

Magical Jelly Bean Keyfinder

This is a small freeware utility that retrieves your Product Key (cd key) used to install windows from your registry. It has the options to copy the key to clipboard, save it to a text file, or print it for safekeeping. It works on Windows 95, 98, ME, NT4, 2000, XP, Server 2003, Office 97, and Office XP.

This version (v1.41) is a quick update to make it work with Windows Server 2003.

You can download it (kf141.zip, 251kb) or visit the author's website.

Note: This tool does not seem to be able retrieve the Office 2003 CD Key. However, a new version of this tool - v1.5B3 - does have the capability of seeing the Office 2003 CD Key, and also enables you to directly change the existing CD Key to another one.

You can download v1.5B3 from THERE or from HERE (254kb)

Note that this tool is NOT a cracking tool, and it does NOT generate a serial for you. All it does is to extract your existing CD Key.

CD Key Reader

CD Key Reader is another small tool that can find and display registration information for Microsoft tools and software that is installed on your computer (i.e. Windows, Office and so on).

You can download it from the author's website (43kb):

www.skaro.net/cd-keyreader

BTW, there are quite a few other tools that do the same trick. If you know of a good one please let me know and I'll update this page .

How to install Windows Vista without supplying the product key?

Well, you can, sort of.

You can configure Windows Vista to install without having to manually enter the product key during the setup process. This is quite useful if you find yourself in need to perform an installation of the OS but without having the (legal) product key with you at that very moment. Unlike previous Windows versions where you had to have a CD Key handy during the installation of the OS, the Windows Vista setup process only makes it appear as if you have to enter a product key to install it.

During the setup program's progress you will reach a dialog box that will ask you to enter a valid product key. Here is where the fun part starts. You can actually leave it blank!

Next click No in response to the "Are you sure" dialog box. You will now be presented with a list of all the different Windows Vista versions available on the DVD. Yes, the cool thing about the Windows Vista DVD is that every DVD has every version of Vista available for you to pick from, and the product key you own is the only thing that tells the setup process what version of Vista it should install.

You can now pick any one from that list and use it for up to 14 days without any having any issues. After 14 days you will need to enter a valid product key or do a fresh install from the beginning.

This "feature" will in fact help you if you'd like to test the different versions of Vista before deciding which one to buy.

Nice.

How to Setup a VLAN on a Cisco Switch

Have you ever wondered what a Virtual LAN (or VLAN) is or been unclear as to why you would want one? If so, I have been in your place at one time too. Since then, I have learned a lot about what a VLAN is and how it can help me. In this article, I will share that knowledge with you.

What is a LAN?

Okay, most of you already know what a LAN is but let’s give it a definition to make sure. We have to do this because, if you don’t know what a LAN is, you can’t understand what a VLAN is.

A LAN is a local area network and is defined as all devices in the same broadcast domain. If you remember, routers stop broadcasts, switches just forward them.

What is a VLAN?

As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain created by switches. Normally, it is a router creating that broadcast domain. With VLAN’s, a switch can create the broadcast domain.

This works by, you, the administrator, putting some switch ports in a VLAN other than 1, the default VLAN. All ports in a single VLAN are in a single broadcast domain.

Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. However, these devices can all communicate because they are on the same VLAN. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN.

Are VLANs required?

It is important to point out that you don’t have to configure a VLAN until your network gets so large and has so much traffic that you need one. Many times, people are simply using VLAN’s because the network they are working on was already using them.

Another important fact is that, on a Cisco switch, VLAN’s are enabled by default and ALL devices are already in a VLAN. The VLAN that all devices are already in is VLAN 1. So, by default, you can just use all the ports on a switch and all devices will be able to talk to one another.

When do I need a VLAN?

You need to consider using VLAN’s in any of the following situations:

• You have more than 200 devices on your LAN
• You have a lot of broadcast traffic on your LAN
• Groups of users need more security or are being slowed down by too many broadcasts?
• Groups of users need to be on the same broadcast domain because they are running the same applications. An example would be a company that has VoIP phones. The users using the phone could be on a different VLAN, not with the regular users.
• Or, just to make a single switch into multiple virtual switches.

Why not just subnet my network?

A common question is why not just subnet the network instead of using VLAN’s? Each VLAN should be in its own subnet. The benefit that a VLAN provides over a subnetted network is that devices in different physical locations, not going back to the same router, can be on the same network. The limitation of subnetting a network with a router is that all devices on that subnet must be connected to the same switch and that switch must be connected to a port on the router.

With a VLAN, one device can be connected to one switch, another device can be connected to another switch, and those devices can still be on the same VLAN (broadcast domain).

How can devices on different VLAN’s communicate?

Devices on different VLAN’s can communicate with a router or a Layer 3 switch. As each VLAN is its own subnet, a router or Layer 3 switch must be used to route between the subnets.

What is a trunk port?

When there is a link between two switches or a router and a switch that carries the traffic of more than one VLAN, that port is a trunk port.

A trunk port must run a special trunking protocol. The protocol used would be Cisco’s proprietary Inter-switch link (ISL) or the IEEE standard 802.1q.

How do I create a VLAN?

Configuring VLAN’s can vary even between different models of Cisco switches. Your goals, no matter what the commands are, is to:

• Create the new VLAN’s
• Put each port in the proper VLAN

Let’s say we wanted to create VLAN’s 5 and 10. We want to put ports 2 & 3 in VLAN 5 (Marketing) and ports 4 and 5 in VLAN 10 (Human Resources). On a Cisco 2950 switch, here is how you would do it:

At this point, only ports 2 and 3 should be able to communicate with each other and ports 4 & 5 should be able to communicate. That is because each of these is in its own VLAN. For the device on port 2 to communicate with the device on port 4, you would have to configure a trunk port to a router so that it can strip off the VLAN information, route the packet, and add back the VLAN information.

What do VLAN’s offer?

VLAN’s offer higher performance for medium and large LAN’s because they limit broadcasts. As the amount of traffic and the number of devices grow, so does the number of broadcast packets. By using VLAN’s you are containing broadcasts.

VLAN’s also provide security because you are essentially putting one group of devices, in one VLAN, on their own network.

Article Summary

Here is what we have learned:

• A VLAN is a broadcast domain formed by switches
• Administrators must create the VLAN’s then assign what port goes in what VLAN, manually.
• VLAN’s provide better performance for medium and large LAN’s.
• All devices, by default, are in VLAN 1.
• A trunk port is a special port that runs ISL or 802.1q so that it can carry traffic from more than one VLAN.
• For devices in different VLAN’s to communicate, you must use a router or Layer 3 switch.

How to change the volume licensing product key on a Windows XP SP1

For example, you may experience the symptoms that are described in the following Microsoft Knowledge Base article when you install SP1:

326904 Error Message: The Product Key Used to Install Windows Is Invalid

There are two (legal) methods that you can use to change the product key with volume licensing media after installation. You can use either the Windows Activation Wizard graphical user interface (GUI) or a Windows Management Instrumentation (WMI) script.

The easier method to use is the Use the Activation Wizard method. Use this method when you only have a few computers on which to change the product key. The Use a Script method is best when you have a number of computers on which you have to change the product key.

Legal Note: Make sure you understand that this method is indeed legal. This is NO crack, NO hack, there is nothing illegal with this article. I will not, however, encourage any reader to use an illegally obtained CD Key. What you do in your own house/office is your own business, and I cannot and will not be held responsible for your actions.

Method #1: Use the Activation Wizard

If you have only a few volume licensing product keys to change, you can use the Activation Wizard.

Warning!

This document contains instructions for editing the registry. If you make any error while editing the registry, you can potentially cause Windows to fail or be unable to boot, requiring you to reinstall Windows. Edit the registry at your own risk. Always back up the registry before making any changes. If you do not feel comfortable editing the registry, do not attempt these instructions. Instead, seek the help of a trained computer specialist.

Note: Microsoft recommends that you run System Restore to create a new restore point before you complete the following steps:

1. Click Start, and then click Run.
2. In the Open box, type Regedit, and then click OK.
3. In the left pane, locate and then click the following registry key:

   HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Current Version\WPAEvents

4. In the right pane, right-click OOBETimer, and then click Modify.
5. Change at least one digit of this value to deactivate Windows.
6. Click Start, and then click Run.
7. In the Open box, type the following command, and then click OK.

   %systemroot%\system32\oobe\msoobe.exe /a

8. Click Yes, I want to telephone a customer service representative to activate Windows, and then click Next.
9. Click Change Product key.
10. Type the new product key in the New key boxes, and then click Update. If you are returned to the previous window, click Remind me later, and then restart the computer.
11. Repeat steps 6 and 7 to verify that Windows is activated. You receive the following message:Windows is already activated. Click OK to exit.
12. Click OK.
13. Install SP1 for Windows XP.

If you cannot restart Windows after you install SP1, press F8 when you restart the computer, select Last Known Good Configuration, and then repeat this procedure.

Method #2: Use a Script

You can create a WMI script that changes the volume licensing product key, and then deploy this script in a startup script. The sample ChangeVLKey2600.vbs script and the sample ChangeVLKeySP1 script that are described in this section use the new volume licensing key that you want to enter, in its five-part alphanumeric form, as a single argument. Microsoft recommends that you use the ChangeVLKey2600.vbs script on Windows XP-based computers that are not running SP1 and that you use the ChangeVLKeySP1.vbs script on Windows XP-based computers that are running SP1. These scripts perform the following functions:

1. They remove the hyphen characters (-) from the five-part alphanumeric product key.
2. They create an instance of the win32_WindowsProductActivation class. They call the SetProductKey method with the new volume licensing product key.

You can create a batch file or a CMD file that uses either of the following sample scripts, together with the new product key as an argument, and either deploy it as part of a startup script or run it from the command line to change the product key on a single computer.

ChangeVLKeySP1.vbs

\
\WMI Script - ChangeVLKey.vbs
\
\ This script changes the product key on the computer
\
\***************************************************************************

[netshelter]ON ERROR RESUME NEXT

if Wscript.arguments.count<1 then
Wscript.echo "Script can't run without VolumeProductKey argument"
Wscript.echo "Correct usage: Cscript ChangeVLKey.vbs ABCDE-FGHIJ-KLMNO-PRSTU-WYQZX"
Wscript.quit
end if

Dim VOL_PROD_KEY
VOL_PROD_KEY = Wscript.arguments.Item(0)
VOL_PROD_KEY = Replace(VOL_PROD_KEY,"-","") \remove hyphens if any

for each Obj in GetObject("winmgmts:{impersonationLevel=impersonate}").InstancesOf ("win32_WindowsProductActivation")

result = Obj.SetProductKey (VOL_PROD_KEY)

if err <> 0 then
WScript.Echo Err.Description, "0x" & Hex(Err.Number)
Err.Clear
end if

Next

ChangeVLKey2600.vbs

\
\ WMI Script - ChangeVLKey.vbs
\
\This script changes the product key on the computer
\
\***************************************************************************

ON ERROR RESUME NEXT

if Wscript.arguments.count<1 then
Wscript.echo "Script can't run without VolumeProductKey argument"
Wscript.echo "Correct usage: Cscript ChangeVLKey.vbs ABCDE-FGHIJ-KLMNO-PRSTU-WYQZX"
Wscript.quit
end if

Dim VOL_PROD_KEY
VOL_PROD_KEY = Wscript.arguments.Item(0)
VOL_PROD_KEY = Replace(VOL_PROD_KEY,"-","") \remove hyphens if any
Dim WshShell
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents\OOBETimer" 'delete OOBETimer registry value
for each Obj in GetObject("winmgmts:{impersonationLevel=impersonate}").InstancesOf ("win32_WindowsProductActivation")

result = Obj.SetProductKey (VOL_PROD_KEY)

if err <> 0 then
WScript.Echo Err.Description, "0x" & Hex(Err.Number)
Err.Clear
end if

Next

Example

The following example describes how to use the ChangeVLKeySP1.vbs script from a command line:

1. Click Start, and then click Run.
2. In the Open box, type the following command,
   where AB123-123AB-AB123-123AB-AB123 is the new product key that you want to
   use, and then click OK:

c:\changevlkeysp1.vbs ab123-123ab-ab123-123ab-ab123

How to Partitioning Hard Drive

How to Partitioning Hard Drive

Hard disk partitioning tools will allow you to create additional partitions from existing ones by resizing the existing partitions and creating empty, un-used space on which you can create new partitions. The most important aspect of such tools is their ability to do this without losing your data that is currently on your existing partitions. Such tools allow you to create and format these new partitions.

Hard Drive Partitioning: Use Caution!

Most tools will let you convert a partition from one file type to another, i.e. from NTFS to FAT/FAT32 or vice versa. Needless to say that in most cases, such a conversion, especially from NTFS to FAT/FAT32 will cause the files to lose their NTFS permissions (ACLs), and in some cases where EFS was used to encrypt the files, it will actually cause you to lose access to these files. So beware!

Some of these tools may be able to help you recover deleted partitions, and if data on that disk was un-damaged, actually help you gain access to that data. Some, but not all of the tools may have the ability to move existing partitions from one location on the disk to another location, again, without losing data.

Note: We've tried to make this guide as definitive as possible, there are always changes in the software world that we're not aware of. We would gladly accept your feedback, comments and tool recommendations. Please limit your feedback to freeware utilities.

Disclaimer: The author of this article cannot be held responsible for any data loss or computer malfunction due to using any of the tools listed in this article. Please carefully read the software creators’ read-me files and manuals, and always test before using any tool on a computer or hard disk that holds critical information. Remember as well that free products rarely, if ever, provide any kind of end user support other than forum or community support. If you're unsure of what you're doing, or need technical support, it's best to go with a paid product.

10 Free Partition Tools

1 . Ultimate Boot CD

The Ultimate Boot CD is a bootable CD containing tools that allow you to:

• Run floppy-based diagnostic tools from CDROM drives. More and more PCs are shipped without floppy drives these days, and it is such a royal pain when you need to run diagnostic tools on them.
• Free yourself from the slow loading speed of the floppy drive. Even if you do have a floppy drive, it is still much much faster to run your diagnostic tools from the CDROM drive, rather than wait for the tool to load from the floppy drive.
• Consolidate as many diagnostic tools as possible into one bootable CD.
• Run Ultimate Boot CD from your USB memory stick. A script on the CD prepares your USB memory stick so that it can be used on newer machines that supports booting from USB devices. You can access the same tools as you would from the CD version.

When you boot up from the CD, a text-based menu will be displayed, and you will be able to select the tool you want to run. The selected tool actually boots off a virtual floppy disk created in memory.

UBCD contains a ton of tools including: CPU Tests, Memory Tests, Peripherals Tools, CPU Information, System Information, Benchmark Tools, BIOS Tools, Hard Disk Installation Tools, Hard Disk Diagnostic Tools, Hard Disk Device Management Tools, Hard Disk Wiping Tools, Hard Disk Cloning Tools, Hard Disk Low-Level Editing Tools, Partition Tools, Boot Managers, File Tools, NTFS Tools, Anti-Virus/Malware Tools, Network Tools, DOS Boot Disks and Linux Boot Disks.

Get your copy here

2. GParted Live

The purpose of GParted is to allow the individual to take a hard disk and change the partition organization therein, while preserving the partition contents. GParted is an industrial-strength package for creating, destroying, resizing, moving, checking and copying partitions, and the file systems on them. This is useful for creating space for new operating systems, reorganizing disk usage, copying data residing on hard disks and mirroring one partition with another (disk imaging). GParted Live is a small bootable GNU/Linux distribution for x86 machine. It enables you to use all the features of the latest versions of GParted. GParted Live can be installed on CD, USB, PXE server, and Hard Disk then run on an x86 machine.

Note: Take care when using GParted on Windows XP/Vista installations. Read here for more information:

Update to "resize-windows.txt" - Draft to discuss (Page 1) - Documentation - GParted forum

Using GParted to Resize Your Windows Vista Partition The How-To Geek

You can also get GParted on various distributions such as the SystemRescueCD, listed below.

Get your copy of GParted here

3. System RescueCD

SystemRescueCd is a Linux system on a bootable CD-ROM for repairing your system and recovering your data after a crash. It aims to provide an easy way to carry out admin tasks on your computer, such as creating and editing the partitions of the hard disk. It contains a lot of system tools (parted, partimage, fstools, ...) and basic tools (editors, midnight commander, network tools). It is very easy to use: just boot the CDROM. The kernel supports most of the important file systems (ext2/ext3/ext4, reiserfs, reiser4, btrfs, xfs, jfs, vfat, ntfs, iso9660), as well as network filesystems (samba and nfs).

System tools included with SystemRescueCd

• GNU Parted creates, resizes, moves, copies partitions, and filesystems (and more).
• GParted GUI implementation using the GNU Parted library (see previous post).
• Partimage saves / restores partitions to an image file on another partition or to another system.
• FSArchiver flexible tool to save/restore a filesystem to a compressed archive.
• File systems tools (for Linux and Windows filesystems): format, resize, and debug an existing partition of a hard disk
• Ntfs3g: enables read/write access to MS Windows NTFS partitions.
• sfdisk saves / restores partition table (and more).
• Test-disk tool to check and undelete partition, supports reiserfs, ntfs, fat32, ext2/3 and many others
• Memtest+ to test the memory of your computer (first thing to test when you have a crash or unexpected problems)
• Network tools (Samba, NFS, ping, nslookup, ...) to backup your data across the network

Get your copy SystemRescueCD

4. TestDisk

TestDisk is a powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software, certain types of viruses or human error (such as accidentally deleting a Partition Table). Partition table recovery using TestDisk is really easy. TestDisk has features for both novices and experts. For those who know little or nothing about data recovery techniques, TestDisk can be used to collect detailed information about a non-booting drive which can then be sent to a tech for further analysis. Those more familiar with such procedures should find TestDisk a handy tool in performing onsite recovery.

TestDisk can:

• Fix partition table, recover deleted partition
• Recover FAT32 boot sector from its backup
• Rebuild FAT12/FAT16/FAT32 boot sector
• Fix FAT tables
• Rebuild NTFS boot sector
• Recover NTFS boot sector from its backup
• Fix MFT using MFT mirror
• Locate ext2/ext3 Backup SuperBlock
• Undelete files from FAT, NTFS and ext2 filesystem
• Copy files from deleted FAT, NTFS and ext2/ext3 partitions.

Get your copy of TestDisk here.

5. Ranish Partition Manager

Ranish Partition Manager is a powerful hard disk partitioning tool. It gives users high level of control for running multiple operating systems, such as Linux, Windows 98/XP, FreeDOS, and FreeBSD on a single disk. Partition Manager can create, copy, and resize primary and extended partitions. It includes command line interface and simulation mode that works with large files so you can safely experiment before working on the real hard drive partition tables.

Get your copy of Ranish here.

6. Partition Logic

Partition Logic is a free hard disk partitioning and data management tool. It can create, delete, format, defragment, resize, and move partitions and modify their attributes. One cool feature about it is that it can copy entire hard disks from one to another. Partition Logic is free software, based on the Visopsys operating system. It boots from a CD or floppy disk and runs as a standalone system, independent of your regular operating system. It is intended to become a free alternative to such commercial programs.

It’s worth noting that the current (as of March 2009) version of Partition logic has the following limitations:

• Does not work with some SATA hard disks, no hardware support for non-USB SCSI hard disks
• Supports only DOS/Windows-style MBR partition tables (used on nearly all IBM PC-compatibles)
• No support for Sun or BSD disk labels, or EFI/GPT tables used on Itanium and Intel Mac platforms
• Most important: Cannot format partitions as NTFS (however, it can resize NTFS)
• Cannot resize FAT or EXT filesystems
• No hardware support for serial mice or for PCMCIA

Get Partition Logic here

7. SwissKnife

SwissKnife allows you to create, delete and format partitions on your hard disk drives in one smooth, simple process. While the product has been tested up to 400GB, it should support hard disks of up to 2048GB. SwissKnife allows creation of FAT32 & NTFS partitions. FAT16 option is provided for compatibility. Supports Internal interfaces such as IDE and SCSI and External interfaces such as Hi-Speed USB, Parallel port, PCMCIA, USB On-The-Go, Firewire, SATA interfaces etc. Creates Fixed and Removable Disk Format types. Latest version adds support for NTFS and features resizable windows. Upon completion, the drive icons will be dynamically updated on your computer.

Key Features:

• Formats faster than the OS (click on chart for details)
• Allows change of cluster size during Full format or Quick Format
• Divides a single hard drive into one or more partitions
• Supports Hi-Speed USB, PCMCIA, SATA, SCSI, USB 1.1, and FireWire® external drives
• Supports Fixed and Removable disk formats
• Supports FAT, FAT32 & NTFS systems
• Allows creation of a single partition of up to 2048GB of FAT32 or NTFS file systems.
• Full format or Quick Format of existing partitions
• Selective partitions can be modified for optimum flexibility

Get your copy of Swiss Knife here:

8. Cute Partition Manager (CPM)

Cute Partition Manager is a free advanced hard disk partition management utility that allows you to easily add, edit, delete and manage the partitions in your computer. Cute Partition Manager is very easy to use, and one of the best features about it is that It lets you preview the changes before you save them. It lets you edit the boot flag, partition type and other advanced parameters. It gives you total control of your system during the partition process. For example, it lets you edit all existing partitions. It even lets you install all the operating systems from scratch. It supports all versions of Windows (9x,ME,NT,2K,XP,Vista), DOS, Linux, etc.

Some features include:

• Lets you create more than 100 partitions per hard disk.
• Lets you preview changes before you can save them.
• Lets you edit advanced partition parameters such as boot flag, partition type, etc.
• Lets you remove every single partition in your system.
• Does not require an operating system to run (everything is built-in).
• Can be booted from CD, DVD, Blank Floppy, DOS Boot Floppy, etc.

Get your copy of CPM here.

9. EaseUs Partition Manager

EaseUs Partition Master Home Edition is a FREE disk partitioning utility that offers a powerful range of functions such as resizing partitions, formatting partitions, copying partitions, creating new partitions, deleting partitions, hiding partitions, changing drive letters, setting active partitions, and a handful other functions. Some of the main characteristics of EaseUs Partition Manager are:

• Material support for RAID
• Re-size and move partitions without losing data
• Create and delete partitions with a simple stage
• Allocated in a partition to make easier recognition
• Format of partitions by simple click
• Partition of ownership of every partition
• Conceal and to show partitions - to protect important data
• Specify a boot partition
• Outline of the effects of partitioning of a hard disk before applying
• Works on hard disks of 20GB to 800GB

Note: EaseUs Partition Master Home Edition ONLY supports 32 bit Windows systems. If your computer is running 64 bit Windows systems, please check the Professional or Server editions which are not free.

Get your copy here:.

10. eXtended FDisk

eXtended FDisk, or short XFDisk, is a free DOS FDISK replacement that offers more comfort and comes with a bootmanager that allows you to have more than one operating system installed on your hard disk. With XFDisk you can partition your hard disk or install and configure the bootmanager, which will be located in the first 17 sectors of your first hard disk. The bootmanager will not occupy an own partition, so you can fully use the four available primary partitions per hard disk. If you choose to have an extended partition with logical drives on your hard disk, XFDisk transparently manages the extended partition for you. So you don't need to worry about the size of the extended partition any more. Of course, XFDisk and the bootmanager support more than one hard disk and even booting from logical drives.

Get eXtended FDisk here.

Do you have other recommendations? Contact me and I’ll be happy to upload them to this page!