Windows Server 2008 Default Group Changes

With the introduction of Microsoft Windows Server 2008, ALL users are required to be a member of the Domain Users group (this includes domain admin accounts). If an account does not include the Domain Users membership, you may still get authenticated, however you will NOT receive a desktop when logging into the server. Altering the default user profile to allow the EVERYONE group full control and the the EVERONE group full control of the default registry hive makes no difference. I have confirmed this with a Microsoft Support Representative today. This implies that if security rules exist that Deny Domain Users access to an object, but you still wish the Domain Administrators to have access the implementation will need to be altered. In this case, create a new group and explicitly deny access to the object by the group, then add all domain users to the group.

Running HyperVisor on a Proliant DL 380 G5

When installing the Hypervisor Role on a Windows 2008 server running on an HP Proliant DL G5 platform, the virtual machines will not start. You will receive a message indicating that the configured client machines cannot start because Hypervisor is not running. This is because, by default the "No Execute Memory Protection" and "Intel Virtualization Technologies" options are disabled on this server make and model. To enable these options, strike F9 during system boot to enter BIOS options. Under the "Advanced Options" menu, select the "Processor Options" sub-menu. From this sub-menu, the option to enable "No-Execute Memory Protection" and "Intel Virtualization" will be available. Turn these on, then save and exit the BIOS setting. The server will then restart and Hypervisor will now run.