Upgrading to Windows 7

If you want to do an upgrade instead of a clean installation, then review the upgrade options in Table 16.3 (it is worth noting that a “No” does not mean that you can’t buy the upgrade version of Windows 7 but rather that you can’t keep your files, programs, and settings).

There are additional versions of Windows Vista that are not shown in Table 16.3 because they do not offer an upgrade to Windows 7; that is, you must buy the full version of Windows 7. It should be noted that an easy way to remember the upgrade options for the exam is that you must have at least Windows Vista in order to be able to upgrade to Windows 7. In the real world, the Windows Vista machine should be running Service Pack 1 at a minimum, and you can always take an earlier OS and upgrade it to Vista SP1 and then upgrade to Windows 7.

Microsoft created the Windows 7 Upgrade Advisor to help with the upgrade to this operating system. You can download the advisor from www.microsoft.com/downloads. It will scan your hardware, devices, and installed programs for any known compatibility issues. Once it is finished, it will give you advice on how to resolve the issues found and recommendations on what to do before you upgrade. The reports are divided into three categories: System Requirements, Devices, and Programs. Figure 16.4 shows the opening screen.

Figure 16.5 shows an example of a report generated by the Windows 7 Upgrade Advisor.

After all incompatibilities have been addressed, the upgrade can be started from an installation disc or from a download (preferably to a USB drive). If the setup routine does not begin immediately on boot, look for the SETUP.EXE file and run it. When the Install Windows page appears, click Install Now.

You’ll be asked if you want to get any updates (recommended) and to accept the license agreement. After you’ve done so, choose Upgrade for the installation type and follow the steps to walk through the remainder of the installation. It is highly recommended that after the installation is complete, you run Windows Update to get the latest drivers.

Microsoft Windows User State Migration Tool (USMT) allows you to migrate user file settings related to the applications, Desktop configuration, and accounts. Version 4.0 works with Windows 7, but it is currently only available as part of the Windows Automated Installation Kit (WAIK). USMT 5.0 works with all of the migrations that CompTIA’s exam covers, and more discussion of it can be found at the following location:

https://technet.microsoft.com/en-us/library/hh824913.aspx

If all you are doing is a simple migration from one OS to another, you do not need this tool, but it is invaluable during large deployments. Of course, you also don’t need to use this tool if you chose the Upgrade option and are doing an in-place upgrade because user files and applications are preserved.

If you are migrating only a few accounts, Microsoft recommends Windows Easy Transfer (WET) instead of USMT. When you’re transferring to Windows 7, a version of Windows Easy Transfer can be downloaded in either 32-bit or 64-bit versions for Windows Vista from www.microsoft.com/downloads.

Upgrading Editions of Windows 7

Like Windows Vista, Windows 7 has the ability to upgrade at any time from one edition of the operating system to a higher one (for example, from Home Premium to Professional) using the Windows Anytime Upgrade utility in Control Panel (it can also be accessed by clicking the Start button and choosing All Programs. Scroll down the list and choose Windows Anytime Upgrade). Figure 16.6 shows the opening screen of this utility.

Installation/Upgrade Boot Options

You can begin the installation or upgrade process by booting from a number of sources. There are four in particular with which CompTIA wants you to be familiar: CD-ROM, DVD, USB, and PXE. The one most commonly used for an attended installation is the CD-ROM/DVD boot (they are identical). Because Windows 7 only comes on DVD, though, the CD-ROM option applies to older operating systems and not this one. You can boot a PC over the network (rather than from a DVD, USB, or hard disk) with Windows Preinstallation Environment (WinPE), which is a stub operating system that creates a Pre-boot Execution Environment (PXE).

WinPE can be installed onto a bootable CD, USB, or network drive using the COPYPE .CMD command. This can be used in conjunction with a Windows deployment from a server for unattended installations and also to host the Windows Recovery Environment (WinRE).

As was discussed with other operating systems, you want to make certain that you use the latest driver software and Windows updates that are applicable for the operating system you are running. This can solve a great many problems with security holes as well as solve compatibility issues. Make certain, as well, that the boot drive is properly formatted and partitions are correct for your desired setup. Remember that a recovery partition, factory or otherwise, can be used to recover the operating system in the event of a failure.

Key Boot Files

Windows 7 requires only a few files, each of which performs specific tasks. These mirror the files required for Windows Vista and differ significantly from the files required for previous Windows operating systems. They are discussed next in the order in which they load:

BOOTMGR The Windows Boot Manager (BOOTMGR) bootstraps the system. In other words, this file starts the loading of an OS on the computer.

BCD The Boot Configuration Data (BCD) holds information about OSs installed on the computer, such as the location of the OS files.

WINLOAD.EXE The program used to boot Windows 7. It loads the operating system kernel (NTOSKRNL.EXE).

WINRESUME.EXE If the system is not starting fresh but resuming a previous session, then WINRESUME.EXE is called by the BOOTMGR.

NTOSKRNL.EXE The Windows OS kernel.

System files In addition to the previously listed files, Windows needs a number of files from its system directories (for example, SYSTEM and SYSTEM32), such as the hardware abstraction layer (HAL.DLL), session manager (SMSS.EXE), user session (WINLOGON.EXE), and security subsystem (LSASS.EXE).

Tools in Windows 7

The tools that stand out in Windows 7, and that CompTIA expects you to know for the exam, include System Restore, Windows Defender, Windows Firewall, and Action Center. Each of these are discussed in the sections that follow.

System Restore

Chapter 13, “Operating System Basics,” explored System Restore as it appears in all three versions of Windows. It allows you to restore the system to a previous point in time. This feature is accessed from Start ➢ All Programs ➢ Accessories ➢ System Tools ➢ System Restore, and it can be used to roll back as well as to create a restore point. Figure 16.7 shows the opening dialog box.

After clicking Next, pick a restore point to return to, as shown in Figure 16.8.

Windows Firewall

Windows Firewall (with small/large icons, choose Start ➢ Control Panel ➢ Windows Firewall) is used to block access from the network, and in Windows 7, it is divided into separate settings for private networks and public networks as well as domain networks if you’re connected to a domain (see Figure 16.9). If you are using Category view (instead of small/large icons), you have to click System and Security before getting to the Firewall.

While host-based firewalls are not as secure as other types of firewalls, Windows Firewall provides much better protection than in previous versions of Windows and it is turned on by default. It is also included in the Security component of the Action Center (discussed in the next section) and can be tweaked significantly using the advanced settings. Once you click Advanced Settings, Windows Firewall with Advanced Security opens (see Figure 16.10).

Here you can configure inbound and outbound rules as well as import and export policies and monitor the security of your system. Monitoring is not confined to the firewall; you can also monitor security associations and connection security rules. In short, Windows Firewall with Advanced Security is an incredibly powerful tool that builds upon what Windows Vista started. Not only can this MMC snap-in do simple configuration, but it can also configure remote computers and work with Group Policy.

Firewall logging is not on by default in Windows 7. In Exercise 16.1, we will look at the firewall log settings in Windows 7 and turn them on.

Exceptions

Exceptions are configured as variations from the rules. Windows Firewall will block incoming network connections except for the programs and services that you choose to allow through. For example, you can make an exception for Remote Assistance to allow communication from other computers when you need help (the scope of the exception can be set to allow any computer, only those on the network, or computers from a custom list of allowed addresses that you create). Exceptions can include programs as well as individual ports.

Configuration

Most of the configuration is done as network connection settings. You can configure both ICMP and Services settings. Examples of ICMP settings include allowing incoming echo requests, allowing incoming router requests and redirects. Examples of services often configured include FTP Server, Post Office Protocol Version 3 (POP3), and Web Server (HTTP).

Enabling/Disabling Windows Firewall

In Windows 7, clicking Turn Windows Firewall on or off gives you control over the firewall for each location. While it is possible to choose to turn it off, it is not recommended: as the name implies, this turns Windows Firewall completely off. You can also toggle to block all incoming connections and to be notified when Windows Firewall blocks a new program.

Action Center

What was previously known as the Security Center has been modified in Windows 7 to become the Action Center (Start ➢ Control Panel ➢ Action Center). This interface (shown in Figure 16.12) still includes security, but it has been expanded to include such maintenance issues as problem reports and backup settings.

The Security settings show the status of, and allow you to configure, the firewall, Windows Update, virus protection, spyware and unwanted software protection, Internet security settings, UAC, and network access protection. The solutions portion of Maintenance rolls in the problem reporting features from earlier versions of Windows. In Windows 7, there are four options for error reporting settings that can be chosen:

• Automatically check for solutions (recommended)
• Automatically check for solutions and send additional data, if needed
• Each time a problem occurs, ask me before checking for solutions
• Never check for solutions (not recommended)

The setting that you want can be configured in Problem Report Settings (under Maintenance, click Settings). The administrator may choose to set one universal setting for the machine (not the default) or allow each user to make their own setting (the default), as shown in Figure 16.13.

Local Users and Groups

You can use Computer Management to access Users and Groups. As an administrator, you can also configure the users and groups on a system in the Microsoft Management Console (MMC). Click Start, type MMC in the Search box, and press Enter. If Local Users And Groups is not visible in the left pane, choose File ➢ Add/Remove Snap-in, and then select Local Users And Groups from the list of possible snap-ins and click Add (or double-click on it). You can choose to manage the local computer or another computer (requiring you to provide its address). Figure 16.14 shows the default groups and explanations for each. The built-in groups for a domain are a superset of this set.

Local Users And Groups is not available for Windows 7 editions lower than Professional. In all other editions, you must manage user accounts using the User Accounts applet in Control Panel, and you cannot create or manage groups. The default users created are Administrator, Guest, and the administrative account created during the install.

Local Security Policy

Local Security Policy (choose Start ➢ Run and then enter secpol.msc) allows you to set the default security settings for the system. This feature is not available for Windows 7 in any editions other than Windows 7 Professional, Windows 7 Ultimate, and Windows 7 Enterprise. Figure 16.15 shows the utility. A scenario in which you would use this tool is when you want to change the default system settings for many security-related features hidden deep within the Registry.

The following sections examine some of the Security Settings choices.

System Configuration

The System Configuration tool (MSCONFIG.EXE) in Windows 7 is unchanged from Windows Vista. The five tabs it offers are General, Boot, Services, Startup, and Tools. The tools, and the executables associated with them, are as follows:

• About Windows: WINVER.EXE
• Change UAC Settings: USERACCOUNTCONTROLSETTINGS.EXE
• Action Center: WSCUI.CPL
• Windows Troubleshooting: CONTROL.EXE /NAME MICROSOFT.TROUBLESHOOTING
• Computer Management: COMPMGMT.MSC
• System Information: MSINFO32.EXE
• Event Viewer: EVENTVWR.EXE
• Programs: APPWIZ.CPL
• System Properties: CONTROL.EXE SYSTEM
• Internet Options: INETCPL.CPL
• Internet Protocol Configuration: IPCONFIG.EXE
• Performance Monitor: PERFMON.EXE
• Resource Monitor: RESMON.EXE
• Task Manager: TASKMGR.EXE
• Command Prompt: CMD.EXE
• Registry Editor: REGEDT32.EXE
• Remote Assistance: MSRA.EXE
• System Restore: RSTRUI.EXE

Each of these should be considered troubleshooting utilities that you can use to solve system problems. Know what they do and the executable associated with each to solve the majority of problems that you will encounter when working with Windows 7.

Component Services

Component Services is an MMC snap-in in Windows 7 that allows you to administer, as well as deploy, component services and configure behavior like security. Figure 16.16 shows an example of the interface (Start ➢ Control Panel ➢ Administrative Tools ➢ Component Services).

Data Sources

ODBC Data Source Administrator—Start ➢ Control Panel ➢ Administrative Tools ➢ Data Sources (ODBC)—allows you to interact with database management systems. Figure 16.17 shows an example of the screen.

Database drivers that are added to the system will show up here and can be shared between applications.

Print Management

Carrying over from Windows Vista, Print Management (Start ➢ Control Panel ➢ Administrative Tools ➢ Print Management) allows you to manage multiple printers and print servers from a single interface (see Figure 16.18).

Print Management is not available for Windows 7 in any edition lower than Windows 7 Professional. In all other editions, you must manage individual printers using the Printers applet in Control Panel, and you are very limited in what you can manage.

Windows Memory Diagnostics

The Windows Memory Diagnostics Tool (Start ➢ Control Panel ➢ Administrative Tools ➢ Windows Memory Diagnostics) can be used to check a system for memory problems. For the tool to work, the system must be restarted. The two options that it offers are to restart the computer now and check for problems or to wait and check for problems on the next restart.

When the computer reboots, the test will take several minutes and the display screen will show which pass number is being run and the overall status of the test (percent complete). When the memory test concludes, the system will restart again and nothing related to it is apparent until you log in. If the test is without error, you’ll see a message that no errors were found. If any issues have been detected, the results will be displayed.

HomeGroup

The purpose behind HomeGroup (Start ➢ Control Panel ➢ HomeGroup) is to simplify home networking and, more specifically, the sharing of files and printers. Windows 7 Starter can only join a HomeGroup, while all other editions of Windows 7 can both join and create a HomeGroup. The location from which you network must be set to Home.

Shared files can include libraries (a big feature of Windows 7). All computers participating in the HomeGroup must be running Windows 7 or Windows 8/8.1 (but not Vista), and the network cannot extend outside of the small group.

RemoteApp and Desktop Connections

This applet (Start ➢ Control Panel ➢ RemoteApp And Desktop Connections) in Windows 7 is used, as the name implies, to access remote computers and virtual machines made available over the network through port 3389 can run a remote application as if it were installed on the local machine. RemoteApp can be used directly to the host, and it can also be used through Remote Desktop Web Access, which uses HTTPS as a transport at the client end. The applications and virtual machines are hosted on Windows 2008 and 2008 R2 servers.

For the exam, remember that all versions of Windows 7 support outgoing connections but only Professional, Enterprise, and Ultimate can be used for hosting. To enable a remote connection, click Start, right-click Computer, click Properties, and then choose Remote Settings. You can now turn on Remote Assistance and/or Remote Desktop.

Remote Assistance is either on or off, while Remote Desktop offers three options:

• Don’t allow connections to this computer
• Allow connections from computers running any version of Remote Desktop (less secure)
• Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)

Troubleshooting

This applet (Start ➢ Control Panel ➢ Troubleshooting) in Windows 7 is used, as the name implies, to provide a simple interface to use to attack many common problems. Figure 16.19 shows the opening screen.

All links preceded by a shield require administrator permissions to run, and they are often tied to UAC prompts before they will continue. Most of the problems found will be “automatically fixed” without any prompts. For example, clicking the link Improve Power Usage on the machine shown in Figure 16.19 started the Power troubleshooter, which then fixed problems. Clicking to see the detailed report of what was done brings up the screen shown in Figure 16.20.

Note in Figure 16.17 the link Get Help From A Friend. Selecting this brings up Remote Assistance, allowing someone to connect to this computer. You can also offer to be the one helping another, as shown in Figure 16.21.

Configuring an Alternative IP Address in Windows

Windows 7, Windows Vista, and Windows 8/8.1 all allow the use of an alternate IP address. This is an address that is configured for the system to use in the event the first choice is not available. For an alternate configuration to be set, the first choice has to be dynamic—the tab becomes visible only when the General configuration is set to Obtain An IP Address Automatically, and the alternate is used only if the primary address cannot be found/used, such as when the DHCP server is down.

The Properties dialog box for each instance of IPv4, on any of the Windows operating systems on which this exam is focused, contains an Alternate Configuration tab. To make changes, you must click on it.

Network Card Properties

Like other devices, network cards can be configured to optimize performance. Configuration is done through the Properties dialog box for each card.

Configuring Windows Networking

Given a scenario of configuring Windows networking on a client/desktop, many of the networking features and settings we’ve been discussing will apply. There are, however, a few more to be cognizant of:

HomeGroup vs. WorkGroup As mentioned in Chapter 13, there are three types of networks to choose from: Workgroup, HomeGroup, and Domain. HomeGroups have been covered, but workgroups are those that utilize a peer-based model: there is no central controller and every computer has a set of user accounts. All computers are on the same subnet and there are typically very few computers (20 or less).

Domain Setup As opposed to a HomeGroup or workgroup, with a domain one (or more) computer(s) act as a server and controls the security for the network. There can be many (think thousands) of computers on a domain and a user can access it from any machine as long as they have the credentials to do so whether or not they have an account on that individual workstation or not.