Archive for the 'Microsoft' Category

Migrating away (up!) from SBS2008 – licensing alerts

Published 24 February 2010 EBS 2008 , Microsoft , SBS 2008 , Windows Server 2008 R2 Leave a Comment
Tags: , , ,

Recently replied to an old EBS2008 TAP friend and good mucker re: his plans to migrate away from EBS2008 and thought this post might help someone out there…

I’ll start by saying – no we haven’t done this with EBS!

But concur I’d be cautious on licensing.  We did something similar with our own production environment with that other license limited server product.. SBS2008.

With SBS2008 upgrading the domain/forest, and schema to R2 didn’t appear to be an issue but transferring the FSMO roles was.  SBS was soon (e.g. 24hrs) sending alerts stating “The FSMO role does not comply with the license policy“ – I’m pretty sure eventually seizing them back!!??!!

e.g.

-----Original Message-----
From: SBSMonAcct@thefullcircle.com [mailto:SBSMonAcct@thefullcircle.com]
Sent: 10 December 2009 19:37
To: +sysadmin
Subject: Windows Small Business Server 2008: Critical Event Notification

An alert was detected on your network. Further investigation into the issue is recommended.

Computer: SBSSRV01
Date/Time generated: 10/12/2009 15:50:24
Title: The FSMO role does not comply with the license policy
Source: License Compliance service
Description:
The FSMO Role Check detected a condition in your environment that is out of compliance with the licensing policy. The Management Server must hold the primary domain controller and domain naming master Active Directory roles. Please move the Active Directory roles to the Management Server now.

 

I found very little info on this last year, and in between adding R2 DC’s, Exchange 2010 (fun with mail routing), and adding SCE2010 Beta then RC into the network we ended up leaving the virtualised SBS2008 box in play – other priorities (customers!) have been more important.

Somewhat useless with helping find the cause – http://technet.microsoft.com/en-us/library/dd443466%28WS.10%29.aspx

very little info on it too -

http://www.google.co.uk/#hl=en&source=hp&q=The+FSMO+role+does+not+comply+with+the+license+policy&btnG=Google+Search&meta=&aq=f&oq=&fp=b432878984070c8a

Hope this helps, if just a little!

Training – Updating Your Technology Knowledge of Microsoft Windows XP to Windows 7

Published 14 December 2009 Microsoft , Training , Windows 7 Leave a Comment

 

Activity description: 44CO135 – Updating Your Technology Knowledge of Microsoft Windows XP to Windows 7 (M6291)

Summary:

This two-day instructor-led course provides students with the knowledge and skills to work with the new technologies in Windows Vista and Windows 7. This course is intended for individuals who already have experience with Windows XP to upgrade their skills to Windows 7.

Objectives:

After completing this course, students will be able to:

•Manage the desktop settings that personalize the computing experience.
•Describe how Windows 7 Beta Search enhancements improve productivity.
•Implement Search Federation to search remote data sources within the enterprise infrastructure.
•Describe the new Group Policy Preferences and Administrative Templates that are available to IT professionals who manage Group Policy Objects.
•Describe how IT professionals use the Group Policy Management Console to create scripts that manage Group Policy Objects.
•Identify and use the improvements made to the latest version of PowerShell.
•Describe how DirectAccess enables IT professionals to remotely manage and update user PCs.
•Describe the platform and network requirements necessary to implement DirectAccess.
•Describe the VPN reconnection features and the platform and network requirements.
•Illustrate how to use Group Policy to prevent specific types of files from being synchronized to the server.
•Describe how BranchCache improves user productivity in branch offices by caching content from remote file and Web servers in branch locations.
•Administer new User Account Control security settings to improve the end-user computing experience.
•Describe how AppLocker enables IT Professionals to specify the programs that are allowed to run on user desktops.
•Describe how Windows 7 Beta improves upon the firewall policy by allowing IT professionals to identify multiple active firewall profiles.
•Describe new Windows 7 Beta features as they relate to Windows Deployment Services and virtualization.
•Explain how the Problem Steps Recorder can be used to reproduce and record experiences with an application failure.
•Summarize key components of the Windows Troubleshooting Platform and run the troubleshooting wizard from the Start menu for a specific problem.
•Identify how unified tracing provides IT professionals with a single tool for troubleshooting issues in the Windows 7 Beta networking stack.
•Describe how Windows Management Instrumentation provides IT professionals with programmatic access to reliability data, enabling them to check stability status and review recent events remotely.
•Describe how to use the Device Manager and Devices and Printers to manage devices

Top tips & resources picked up during the course…

- Windows 7 is the last O/S from Microsoft available in a 32-bit sku, the reason still available on x86/32-bit is due to global economic conditions, to extend the life of older hardware (and not limiting the deployment of 7).

- Group Policy Preferences brought in with Server 2008 and allows user changes after the policy has been deployed.
Group Policy Audit Tool – auditpol.exe
AD DS Auditing Step-by-Step Guide – http://technet.microsoft.com/en-us/library/cc731607(WS.10).aspx

- Deployment accelerators at www.microsoft.com/springboard (‘Quickly access resources designed to ease the deployment and management of your Windows client infrastructure’), also check Stephen Rose at http://blogs.technet.com/stephenrose/

- DirectAccess & SBS… wait for SBS 2008 R2

- Windows 7 & Windows Server 2008 R2 is DoD Suite B compliant
Use BitLocker and BitLocker to go on all your mobile devices

- Google hacking… Andy showed us the interesting stuff that can be done with Google Hacking e.g. goto www.google.com and type in the search bar site:mil filetype:pdf “top secret”
also the use of the ’similar’ button to get around site logon

Training – Updating Your Windows Server 2008 Technology Specialist Skills to R2

Published 9 December 2009 Microsoft , Training , Virtualisation , Windows Server 2008 R2 Leave a Comment
Tags: ,

This week I have another couple of days out of the office (or our clients office) for yet more Microsoft Partner training - 2 days of updating your Technology Specialist skills Windows Server 2008 R2.

Updating Your Windows Server 2008 Technology Specialist Skills to R2

This course is so hot off the press that the materials were only delivered last Thursday… e.g. buggy labs – fun to fix! ;-) , no course DVD cut as yet, and a speaker that doesn’t know the materials, and fortunately doesn’t need too… as it’s being delivered by  Andy Mallone (www.quality-training.co.uk/blog/ & http://www.divedeeperevents.com/)

Andy is an MVP in Windows Server, has been an MCT for 15 years (had a 4-digit MCP id), is a speaker at various events inc. just back from TechEd delivering , and will be in Redmond in 2 months time as an external member of the Windows 8 product team… likely to be the first x64 only client OS from Microsoft.

Global Knowledge use the strap line ‘Experts teaching Experts’ – they have nailed it on this one. :-)

Anyway, on to the course (Top tips as usual at the end..):

Activity name: 44CO149 – Updating Your Windows Server 2008 Technology Specialist Skills to R2

Facility: Global Knowledge, London, 83 Baker Street, W1U 6AG

Who: Andy Mallone (www.quality-training.co.uk/blog/)
MVP Windows Server, MCT for 15 years, speaker at various events inc. just back from TechEd, and will be in Redmond in 2 months time as an external member of the Windows 8 product team!

Andy Malone has a deep and broad understanding so far beyond the subject (and that your average instructor) that allowed him to easily fill in the gaps in the somewhat lacking and already outdated course materials.  The result was ‘quality training’ that has made a real difference to our long term understanding and ability to work with Windows 7 and the supporting technologies.

Activity Link (URL): https://training.partner.microsoft.com/learning/app/SYS_Login.aspx?lang=en-gb&RU=https%3A//training.partner.microsoft.com/learning/app/management/LMS_ActDetails.aspx%3FActivityId%3D549434%26UserMode%3D0

Activity description: 44CO149 – Updating Your Windows Server 2008 Technology Specialist Skills to R2

Summary:

This two day intensive course is aimed at fast tracking Windows Server Technical Specialists and IT professionals onto the new technology of Windows Server 2008 R2. This course will also provide enough knowledge and skills for Partners to pass the new WS08R2 exam, due out later this year.

Prerequisites:

Students who attend this 2-day ILT should have the following prerequisite knowledge:
• Possess core Windows Server 2008 Technology Specialist skills.

• Familiarity and experience with batch scripting or another scripting language.

• Experience with Windows deployment technologies and implementation.

• Experience with Windows networking technologies and implementation.

• Experience with Active Directory technologies and implementation.

• Experience with Windows Server 2008 server virtualization technologies and implementation.

• Experience with Windows Server 2008 Web application server technologies and implementation.

Objectives:

Students who attend this 2-day ILT should have the following prerequisite knowledge:
• Possess core Windows Server 2008 Technology Specialist skills.

• Familiarity and experience with batch scripting or another scripting language.

• Experience with Windows deployment technologies and implementation.

• Experience with Windows networking technologies and implementation.

• Experience with Active Directory technologies and implementation.

• Experience with Windows Server 2008 server virtualization technologies and implementation.

• Experience with Windows Server 2008 Web application server technologies and implementation.

Top tips & links picked up during the course…

- Using VHD’s created in disk management for storage whatever you need, whereever you need it, appearing as local storage (disk, volume, etc.) - helping towards the goal of ’elastic enterprise solutions’ & cloud computing

Demo on how to use a VHD to support native OS boot for Windows 7 or Windows Server 2008 R2 – more at Keith Combes excellent blahg at http://blogs.technet.com/keithcombs/archive/2009/05/22/dual-boot-from-vhd-using-windows-7-and-windows-server-2008-r2.aspx

- AD Administration Center… the shape of AD admin to come..?
(an R2 RSAT feature..)

- Technologies you need to embrace to succeed in this industry in the next few years… Virtualisation, Cloud, IPv6

- http://en.wikipedia.org/wiki/MinWin

- http://technet.microsoft.com/en-us/library/cc730985.aspx

- Encryption types, data at rest (e.g. encrypting on the disk with bitlocker) vs. data in transit (e.g. encryption on the network with IPsec)

- MSAT (Microsoft Security Assessment Toolkit) – is gold!

-

Hyper-V Server R2 build on ProLiant hardware step-by-step

Published 7 December 2009 Hyper-V , Microsoft , Virtualisation , Windows Server 2008 R2 Leave a Comment
Tags: , , , , ,

This is a step-by-step guide to installing Windows Hyper-V Server 2008 R2 on HP ProLiant hardware and is written with reference to my server core commands post back in April 2008 – in fact this should have been written at least 6 months ago so apologies if you’ve only just found this now.

Before you start, go to your vendor’s (in this case HP) support site to check for latest downloads), namely firmware, drivers, and system management software.

For my development box, the cheap and cherful HP ProLiant ML110 (not really a ProLiant as in 3xx series upwards that take SmartStart) this means going to:

http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareIndex.jsp?lang=en&cc=us&prodNameId=3577715&prodTypeId=15351&prodSeriesId=3577708&swLang=8&taskId=135&swEnvOID=4064
(at last R2 drivers! :-) , but also suppliemented by Windows Server 2008 x64 drivers at:

http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareIndex.jsp?lang=en&cc=us&prodNameId=3577715&prodTypeId=15351&prodSeriesId=3577708&swLang=8&taskId=135&swEnvOID=4024

Matrox Video Driver for HP ProLiant 100-series Servers 5.96.6.6
10 Apr 2008
HP Embedded G5 SATA RAID Controller Driver for Microsoft Windows Server 2008 x64 Editions 1.5.17020.0
11 Aug 2008
HP NC-Series Broadcom 1Gb Driver for Windows Server 2008 x64 Editions 12.2.2.1
10 Nov 2009
HP NC-Series Intel E1E Driver for Windows Server 2008 R2 9.13.12.0
18 Aug 2009

 

  1. H/W config – unplug all but onboard NIC
  2. Boot from Hyper-V Server R2 installation media
  3. Language selection
  4. Regional Settings (Language, Time & Currency, Keyboard)
  5. Accept license terms
  6. Chose Custom installation
  7. Where do you want to install Windows?
    Select Load Driver to load h/w specific raid/disk drivers
    (For ML110 G5 PoC this is ‘G5 SATA RAID Driver 1.5.17’ from a USB key)
  8. Where do you want to install Windows?
    Delete any existing partitions so the target disk is all ‘Unallocated Space’
    Drive options (advance), New, Size is 32768 + 100 (32868 MB)
    (WS2008 R2 will create a partition called ‘System Reserved of 100MB), the remainder will become your target/intended size partition (32GB)
    Create a partition in the unallocated space and format it so the disk drives are contiguous
    Select the 32GB partition and select Next to start installation (Copying Windows files, etc.)
  9. The system will restart during installation (approximately 20mins from copying), and after c.30 mins the console screen will report ‘preparing the system for first time use’ before prompting ‘The user’s password must be changed before logging on the first time.’
  10. Install vendor specific hardware drivers
    1. Video drivers (ML110 G5 – Matrox G200e v.5.96.006)
    2. Network drivers (HP NC-Series Broadcom 1Gb Driver for Windows Server 2008 x64 Editions v12.2.2.1, HP NC-Series Intel E1E Driver for Windows Server 2008 R2)
  11. Hyper-V Configuration (sconfig.exe, formerly hvconfig.exe)
    1. Domain/Workgroup
      Workgroup: leave as WORKGROUP as domain join later
    2. Computer Name: HVNODEnn
      (DO NOT restart, resume Initial Configuration tasks)
    3. Add Local Administrator
      (add any local service accounts, etc.)
    4. Add Features
      Use script (sc-enableSNMP.cmd, sc-enableBackup.cmd) to add:
      SNMP Services (pre-req for most vendor systems management  tools)
      Windows Server Backup Features
    5. Configure Networking:
      Use script (sc-renameNICs.cmd) to rename adapters per:
      Local Area Connection – Onboard
      Local Area Connection – DualPort #1
      Local Area Connection – DualPort #2Assign static addresses per local site IP addressing allocation / standards
      Plug in any additional NICs e.g. iSCSI SAN, additional switches, etc.
    6. Configure Remote Management
      Enable all features (MMC RM, PS)
      (DO NOT restart, resume Initial Configuration tasks – Network Settings)
    7. Remote Desktop
      (E)nable with option 2) Allow clients running any version of Remote Desktop
      (needs review in production)
    8. Windows Update Settings (leave as manual)
    9. Download and install updates
      Search for (A)ll updates, select (A)ll updates
      (DO NOT restart, resume Configuration tasks – domain join)
    10. Change Domain/Workgroup membership
      Join (D)omain – yourdomain.local
      (domain\administrative account)
      RESTART THE COMPUTER
    11. Logon as domain administrator and resume configuration
    12. Complete ‘Configure Remote Management’ (enable SM RM)
    13. Failover Clustering Feature – Enable
    14. Configure Microsoft iSCSI (start iscsicpl.exe)
      Agree to starting iSCSI services automatically
      Quick Connect (IP address of iSCSI Target)
      Connect the Quorum volume first, then configure Volumes and Devices (auto-configure)
      Configure as drive letter Q: in Disk Management then make offline
      Connect other Shared Storage volumes
  12. Server Manager (Connect to another computer…)  – configuration task
    1. SNMP Service Configuration (Configuration, Services, SNMP Service)
      Agent Contact: IT sysadmin – sysadmin@fqdn.com
      Agent Location: Test Lab, Rack, Site, Country
      Agent Service: enable all services
      Security: Add community names
        READ ONLY: snmp_read
        READ WRITE:  snmp_read_write
      Restart the service
    2. Disk Management
      Change CD-ROM 0 to drive letter F
      Create ‘New Simple Volume’ for D: Data, 64K Allocation unit size
      (Convert to Dynamic Disk..?)
  13. Hyper-V Configuration
    1. Hyper-V Server Settings (set paths to D:\Hyper-V\)
    2. Hyper-V Network Manager – add External ‘Virtual Network – External’

Training – Implementing and Administering Windows Small Business Server 2008

Published 30 November 2009 Microsoft , SBS , SBS 2008 , Tech , Training Comments
Tags: , , , , , , ,

This week is another out of the office on Microsoft partner training – 4 days of SBS 2008…

Course code: 44CO120 – M6445 – Implementing and Administering Windows Small Business Server 2008

Where: QA Tabernacle Street, London, EC2A 4DT

Who: Mark Cresswell (mark.cresswell@qa.com)

44CO120 – M6445 – Implementing and Administering Windows Small Business Server 2008

Summary:
This four-day instructor-led course provides students with the knowledge and skills to plan, implement, and manage Windows Small Business Server 2008
This course is intended for technology consultants, system integrators, and in-house technology staff that serve small and medium- sized businesses

Prerequisites:
In addition to their professional experience, students who attend this training should have technical knowledge and skills equivalent to the following courses:
  Course 6420: Fundamentals of a Windows Sever 2008 Network and Applications Infrastructure
  Course 6424: Fundamentals of Windows Server 2008 Active Directory
  Course 5115: Installing and Configuring the Windows Vista Operating
  System
  Course 5116: Configuring Windows Vista Mobile Computing and Applications

Objectives:
Delegates will learn how to Install Microsoft Windows Small Business Server 2008.
Migrate to Microsoft Windows Small Business Server 2008.
Configure Windows Small Business Server 2008 using the Windows Small Business Server 2008 Console.
Manage users and groups in Windows Small Business Server 2008.
Manage messaging and collaboration in Windows Small Business Server 2008.
Manage and monitor Windows Small Business Server 2008.
Secure a Windows Small Business Server 2008 network.
Expand a Windows Small Business Server 2008 network

Top tips & links picked up during the course…

Microsoft SBS docs – http://tinyurl.com/sbs-docs

Known Post Installation Event Errors from SBS 2008 - http://support.microsoft.com/default.aspx/kb/957713

Microsoft blog guide to WSS3/MOSS alternate access mappings – http://tinyurl.com/wss-aam

more tiny urls..  /sbs-rsg,  /sbs-docs, /sbs-grp

Microsoft OEM site – http://oem.microsoft.com

Top 100 public SharePoint sites – http://www.wssdemo.com/Pages/topwebsites.aspx

Free Block List provider – http://www.spamhaus.org/zen
This is gold!  add zen.spamhaus.org to your Block List Providers and switch on connection filtering.
One caveat to note, every time an email is processed by your server it performs a lookup to zen.spamhaus.org – if they receive too many lookups they will suggest that you take up their paid service.  The threshold for this is huge (100,000 SMTP connections per day or 300,000 lookups), and you must not be using it commercially i.e. providing a managed service incorporating their service.

Why disable or rename the Administrator account… because it has a well-known SID! (… -500).

Use child domains for all external domain records just like the default remote.yourdomain.com so to get round duplicate maintainence of internal and external resources (and prevent confusion when vpn’d in!)

SBS default groups have an attribute that mark them as created by the SBS setup process or management console.. so be mindful if creating outside of the console!
Fool it by opening AD Users & Computers, open the attribute editor for the group and edit the msSBSCreatedState to ‘Created’

Roaming profiles – SBS has not been designed to support roaming profiles and Microsoft will not support issues with them (in this context), e.g. production of a SBS specific hotfix to address an issue.
Advised not to use roaming profiles bar controlled environments such as standard build, lack of local admins, quotas, group policy lockdown, etc.

Client migration – above half a dozen client machines consider using the User State Migration Toolkit (USMT) to script the process,  ROI should be worthwhile in configuration time vs time saved at the desktop.

Segway! – the BBC iPlayer program is a P2P service that shares out content, based on Ch4 4oD package – remove it!

Need to inject drivers into WinRE or WinPE boot environments..?  don’t be scared!  use drvload and PEImage, more on TechNet Edge – http://edge.technet.com/Media/WinRE-and-free-stuff-with-Sean-Kearney/

SSL certs for SBS – don’t buy single certs unless you have to.   Host headers and ssl is tricky, has to be a ucc cert or wildcard cert to support.
Default cert purchase from now on will be a wildcard cert, unless a bloody good reason (or lots of small ones… read $’s) not to!

Security cost triangle – you can have any two but not all 3!
low cost, usability, security

Relability and Performance monitor – what a gem!

migration to SBS2008..

My recommendation is to start with Philip Elder’s great posts at http://blog.mpecsinc.ca/
SBS 2008 deployment checklist – http://blog.mpecsinc.ca/2009/05/sbs-2008-setup-checklist-v111.html
SBS2003 to 2008 migration guide – http://blog.mpecsinc.ca/2009/06/sbs-2003-to-sbs-2008-migration-guide.html

Exchange & Circular Logging…
A potential for lots of debate, but I’d agree with Mark that whilst migrating mailboxes, if circluar logging is not enabled, enable it otherwise run the risk of filling up disks with log files!

Disable circular logging post event and let the Exchange aware backups submit the log clear down.  However, if the store data and logs are on the same spindle you may as well leave circular logging on as you get little or no recovery benefits.

How to remove the last legacy Exchange server from an organisation – http://technet.microsoft.com/en-us/library/bb288905.aspx (http://tinyurl.com/sbs-exmig)

Common mistakes when upgrading Exchange 2000/2003 to 2007 – http://support.microsoft.com/kb/555854/en-us

ipconfig /displaydns

Microsoft Desktop Optimization Pack
http://technet.microsoft.com/en-gb/windows/bb899442.aspx
Advanced Group Policy Management – http://technet.microsoft.com/en-us/library/cc749396(WS.10).aspx
Asset Inventory Service – http://www.microsoft.com/windows/enterprise/products/mdop/ais.aspx
Microsoft Diagnostics and Recovery Toolset (DaRT)
System Center Desktop Error Monitoring (DEM)
Microsoft Asset Inventory Service (AIS)

Training – Accelerated Implementing & Managing Windows Server 2008 Hyper-V and SCVMM

Published 24 November 2009 Hyper-V , Microsoft , System Center , Systems Management , Training , Virtualisation Leave a Comment
Tags: , ,

44CO134 – Server Virtualisation Competency Fast Track: Implementing and Managing Windows Server 2008 Hyper-V and SCVMM

Summary:
This course combines the syllabus of Microsoft courses 6422 and 6331 providing delegates with the knowledge to take Exams 70-652 and 70-403 which can lead to the new Server Virtualisation Competency.

This combined four day course teaches students how to implement and manage Windows Server 2008 Hyper-V. It also teaches students how to manage Hyper-V with System Center Virtual Machine Manager (VMM) and with PowerShell. The course then goes on to teach students how to implement a Microsoft System Center Virtual Machine Manager V2 solution in an organization. The course also discusses how to install, configure, and deploy VMM.

Prerequisites:
Windows Server 2000/2003 System Administration

Basic understanding of System Center Virtual Machine Manager (VMM) (optional)

Server Virtualization using Virtual Server 2005, Virtual PC, or VMWare

Operating knowledge of System Center Operations Manager 2007

Objectives:
Delegates will learn how to
Install and configure Windows Server 2008 Hyper-V.
Understand Hyper-V Virtual Networking.
Understand the types of Virtual Hard Drives and their benefits.
Create and manage Virtual Machines on the Hyper-V server.
Understand how to configure the Hyper-V server to ensure high availability.
Monitor the performance of the Hyper-V server.
Understand how to use existing virtual machines in the Hyper-V server.
Understand the issues with migrating existing Virtual Machines to Hyper-V.
Understand how System Center Virtual Machine Manager (VMM) can be used to manage Hyper-V servers throughout the enterprise.
Use PowerShell to manage the Hyper-V server and the virtual machines hosted on the Hyper-V server.
Implement a disaster recovery plan for Virtual Machines on Hyper-V.
Identify installation prerequisites and requirements for VMM, select secure settings for VMM installations; and install VMM management packs.
Describe prerequisites for installing the Administrator Console; configure the Windows Firewall for the VMM Administrator Console; and configure managed hosts.
Describe prerequisites for the VMM Self-Service Portal; configure IIS to support the Self-Service Portal; and install the Self-Service Portal.
Configure host server hardware to support VMs.
Add VM hosts to VMM; install the VMM agent; add VMWare servers to VMM; and create filters.
Configure delegated administration; set host or group permissions; and configure VMM settings to support a test environment.
Configure access to the VMM Self-Service Portal; configure quotas on the VMM Self-Service Portal; and self-provision VMs using the VMM Self-Service Portal.
Add a VMM library including library shares and library servers and manage the contents of VMM library shares.
Deploy VMs using multiple methods; and use Intelligent Placement to deploy VMs.
Identify considerations for SAN VM migrations; perform a Quick Migration; and use Intelligent Placement to move a VM.
Convert a physical computer to a VM.
Convert other VM formats to Hyper-V VMs using VMM.
Describe considerations for configuring host clustering and describe procedures for configuring host clustering.
Describe considerations for configuring guest clustering and describe procedures for configuring guest clustering.
Identify scenarios where VMM Checkpoints may be used to meet operational requirements and create a VM Checkpoint.
Describe considerations for patch management using System Center Configuration Manager (SCCM) and deploy patches using WSUS.
Describe and configure SCOM reporting.
Use SCOM to select potential virtualization targets based on workload and performance characteristics.
Describe considerations for monitoring host server utilization; measure and analyze host server utilization; and identify important considerations in growth planning.
Monitor and manage the progress of VMM jobs.
Locate failed jobs and recover failed jobs.

Agenda:
Course outline
M6422
Module 1: Introduction to Windows Server 2008 Hyper-V
This module introduces the concepts related to and the history of server virtualization. Through this module, the student will understand the business need for virtualization and how virtualization fits into their existing environment. Selecting the required hardware and basic installation and configuration are also covered.
Introducing Windows Server 2008 Hyper-V
Hyper-V Requirements
Installing the Hyper-V Server Role
Configure Hyper-V to Be Highly Available
Lab : Install Hyper-V and Perform Initial Configuration (Install Hyper-V; Explore the Hyper-V Management Console)
Module 2: Configure Hyper-V Settings and Virtual Networks
This module provides information on the configuration options available on the Hyper-V server and the Hyper-V Virtual Networks.
Configuring Hyper-V Options
Configuring the Virtual Network
Lab : Configuring Hyper-V and Virtual Networks (Configure Hyper-V Server Settings; Configure Hyper-V Virtual Networks)
Module 3: Hyper-V Remote Administration
This module explores the requirements for remote management of the Hyper-V Server and the tools available for remote management.
Configuring Hyper-V Remote Administration
Connecting to Hyper-V Remotely
Lab : Accessing and Managing Hyper-V Remotely (Configure the Windows Firewall; Install the Hyper-V Manager on Windows Vista; Connect to the Hyper-V Server Remotely)
Module 4: Creation of Virtual Hard Drives and Virtual Machines
This module explores the creation of the Hyper-V Virtual Machines and their associated Virtual Hard Drives. The options available for the Virtual Machines and the types of Virtual Hard Drives will be covered. This module also covers the importance of Hyper-V Integration Services and Hypervisor.
Creating Virtual Hard Drives
Creating Virtual Machines
Lab : Creating Virtual Hard Drives and Virtual Machines (Creating New Virtual Hard Disks; Creating New Virtual Machines)
Module 5: Virtual Machine Settings, Snapshots, and High Availability
This module explores the settings available on each Virtual Machines hosted on the Hyper-V server and how to use and manage Virtual Machine snapshots. The module will also cover configuring Hyper-V for high availability and performance monitoring on the Hyper-V server.
Managing Virtual Machine Settings
Using Virtual Machine Snapshots
Configuring Hyper-V for High Availability
Monitoring Hyper-V Performance
Lab : Managing Virtual Machine Settings (Configure Virtual Machine Settings; Monitor Hyper-V Performance)
Module 6: Migration of Virtual Machines to Hyper-V
This module provides instruction on how to migrate virtual machines hosted on earlier virtualization technologies to the Hyper-V server.
Migrating Legacy Virtual Machines
Understanding the Impact of Migrated VMs
Lab : Migrating Legacy Virtual Machines to Hyper-V (Migrate Existing Virtual Machines to Hyper-V; Troubleshoot Issues on the Migrated VMs)
M6331
Module 1: Installing System Center Virtual Machine Manager
Module 1 describes the installation prerequisites for VMM and describes the procedure for installing VMM. In addition, Module 1 describes the procedure to install the VMM Administrator Console and the VMM Self-Service Portal.
Installing System Center Virtual Machine Manager Server Components
Installing the VMM Administrator Console
Installing the VMM Self-Service Portal
Lab : Installing System Center Virtual Machine Manager (Installing VMM Server; Installing the VMM Administrator Console; Installing the VMM Self-Service Portal and Configuring a DNS Record)
Module 2: Configuring VM Hardware, Hosts, and User Roles
Module 2 describes host server hardware configuration considerations. In addition, Module 2 describes general host server configuration procedures including security configuration procedures.
Adding Hosts to VMM
Configuring Hardware
Configuring VMM Settings
Managing VMM Security
Lab : Configuring VM Hardware, Hosts, and User Roles (Configuring Hosts; Configuring VM Hardware; Configuring User Roles)
Module 3: Configuring the VMM Self-Service Portal and Library
Module 3 describes considerations and procedures for configuring the VMM Self-Service Portal and Library. This includes enabling user- or group-level access to the Self-Service Portal, configuring quotas, and using the Self-Service Portal to self-provision VMs. In addition, Module 3 describes procedures for maintaining VMM library servers and shares and the contents of library shares.
Configuring the VMM Self-Service Portal
Maintaining a VMM Library
Managing Library Files
Lab : Configuring the VMM Self-Service Portal and Library (Configuring the VMM Self-Service Portal; Maintaining a VMM Library)
Module 4: Deploying and Managing VMs
Module 4 describes VM deployment and management tasks. This includes using VMM Intelligent Placement, VM Templates, and other automated VM deployment tools. In addition, Module 4 describes using VMM to move VMs between available hosts.
Deploying VMs
Moving VMs Between Hosts
Lab : Deploying and Managing VMs (Deploying VMs; Using Intelligent Placement)
Module 5: Converting from Physical or Virtual Platforms
Module 5 describes important considerations for converting physical and virtual computers to Microsoft VMs. This includes procedures for using deployment agents to execute conversions to Microsoft VMs as well as converting from third-party formats.
Converting Physical Computers to Virtual Machines
Migrating Virtual Machines to Hyper-V
Lab : Converting Virtual Machines Using VMM (Converting a Microsoft Virtual Server VM; Converting a VMWare Virtual Machine)
Module 6: Deploying Highly Available VMs
Module 6 describes considerations and procedures for deploying clustered VMs.
Introducing Virtual Machine High Availability
Deploying Host Clustering
Deploying Guest Clustering
Lab : Planning for Highly Available Virtual Machines (Designing Host Clustering Hardware; Selecting Guest Clustering Type)
Module 7: Managing Virtual Machine Checkpoints and Updates
Module 7 describes procedures for managing VMs using checkpoints and updates. This includes identifying scenarios for using VMM VM Checkpoints and procedures for creating VM Checkpoints. In addition, Module 7 describes update deployment using WSUS and SCCM tools.
Managing Virtual Machine Checkpoints
Managing Virtual Machine Updates
Lab : Managing Virtual Machine Checkpoints and Updates (Managing Virtual Machine Checkpoints; Managing Virtual Machine Updates)
Module 8: Implementing Monitoring and Reporting
Module 8 describes procedures for integrating System Center Operations Manager with VMM to extend the capabilities of VMM. This includes using SCOM reporting with VMM. In addition, Module 8 describes using SCOM to select potential virtualization targets and to monitor and plan host server utilization.
Integrating System Center Operations Manager
Performance and Resource Optimization
Planning and Managing Hyper-V
Lab : Configuring VMM and Operations Manager for Reporting (Setting Up VMM for Reporting and PRO; Enabling PRO; Viewing Reports)
Module 9: Monitoring and Troubleshooting Jobs
Module 9 describes procedures for monitoring and troubleshooting VMM jobs. This includes monitoring and verifying multiple job types as well as recovering from failed jobs.
Monitoring Jobs
Troubleshooting and Repairing Jobs
Lab : Troubleshooting Jobs (Using PowerShell to View Jobs; Running PowerShell Script to Generate Jobs; Managing Jobs; Troubleshooting Failed Jobs)

SCE 2010 installation… cleaning up afterwards (deleting wasted space, moving dBs)

Published 15 November 2009 Microsoft , SCE 2010 , System Center , Tech Leave a Comment
Tags: , , , , , ,

We installed the current beta of System Center Essentials 2010 on our production infrastructure server, an HP DL380-G4 running Windows Server 2008 R2 to find that we consumed a huge amount of disk space – so much so the server ran out of space on its C:System partition… oh and SCE didn’t report on this in its daily summary!

So a clean-up is required…

1st thing to delete was several hundred megabytes of files taken up with various language versions of MS Virtual Server 2005 binaries in:
C:\Program Files\System Center Essentials\SCVMM 2008\vs\  i386 & amd64
the ‘1033′ folders contain the english versions, the rest deleted

Next on the list is the SQL database files used by SCE, by default (no installation choices given, hopefully better by RTM!), these are installed into:
C:\Program Files\Microsoft SQL Server\MSSQL10.ESSENTIALS\MSSQL
C:\Program Files\Microsoft SQL Server\MSRS10.ESSENTIALS
each currently taking after about a week of SCE2010 running, some 748 & 580MB respectively!

in our case we also found another 417MB in C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack – will come back on this one, but have moved in the meantime…

and another 641MB in C:\Program Files\System Center Essentials\Health Service State\Health Service Store (one in particular, the HealthServiceStore.edb at 598MB!)

Microsoft tech•ed Europe 2009, Berlin, 13 November 2009

Published 13 November 2009 Microsoft , Tech , Training Leave a Comment
Tags: , , , ,

Going home very early this morning, but as a TechEd newbie I made a few notes & tips to self:

 

Microsoft tech•ed Europe 2009, Berlin, 12 November 2009

Published 12 November 2009 Data Protection Manager , Exchange 2010 , Hyper-V , IPv6 , Microsoft , Networking , SharePoint , System Center , Systems Management , Tech , Training , Virtualisation , Windows 7 , Windows Server 2008 R2 Leave a Comment
Tags: , , , , , ,

Slighty shabby and a late start to Thursday following the Windows Server 2008 R2 EAP dinner followed by the 1E TechEd party – a heavy night! 

For the dinner, the UK team chose a fabulous Italian restaurant called Bacco (www.bacco.de/english/restaurant/restaurant.html) which I’d definately go back to and hosted a great evening… many thanks to Stuart, Gareth, Neil, Alex, etc. from Microsoft UK. 

We were also joined by Allen Stewart & Rajesh Dave from corp.  Allen is Principal PM for Windows Server and Raj is a PM for Windows Hyper-V.  Both very interesting & incredibly knowledgable guys with deep understanding across a wide range of topics (and not just Microsoft!).
I pestered them for info on Hyper-V thin provisioning of memory and whilst they couldn’t confirm anything as we all said ‘we live in hope!’ ;-) 

…as for the  night, I’d been invited to the 1E TechEd Europe party at Spindler & Klatt www.spindlerklatt.de - an uuber trendy restaurant/club in East Berlin frequented by the likes of Angelina, Clooney, and now Cook! 

What a great party and many many thanks to the team at 1E (www.1e.com).  Did I mention I was the 4th member of the business in the founding year?  (yes I probably did & several times.. lots to drunk! ;-) ) We went our separate ways in 1999, oh for a slice of that now… anyway, moving on! 

Seriously though hats off to Samir, Mark, and Phil – they have built a company that knows how to throw a great party (regarded as the best at TechEd), and a team of very bright, talented people who have a lot of respect for the company and its founders. 

Ouch my head is pounding!  time to go to sessions, starting with… 

ITS211 Keeping Your CIO Happy: Microsoft Office SharePoint Server 2007 SLA Scorecarding with Operations Manager 2007 and SQL Server 2008

Gordon McKenna & Sean Roberts speaking at TechEd
Presenters: Gordon McKenna, Sean Roberts, www.inframon.com
Thu 11/12 | 10:45-12:00 | London 2 – Hall 7-1b
Learn how you can create CIO level SLA scorecards in SharePoint Server 2007 for Microsoft System Center Operations Manager 2007 using some of the new features in Microsoft SQL Server 2008 Reporting Services and to create Executive SLA views of your Operational Environment. The session looks at why these types of views are important to many companies, what impact this can have on your business, and what simple steps you can take to achieve very effective, high-level executive views of everything from performance and availability of your key LOB services and applications, whether important SLAs and KPIs are being achieved and whether your IT department is meeting the day-to-day needs of your business. The key demos in this session take you through the steps you need to implement effective business scorecarding in SharePoint Server 2007 using key metrics collected in the Operations Manager 2007 Datawarehouse based on “real-world” experiences gained from the field. After attending this presentation you will have a good insight into how CIO Scorecards can help you add value to your Operations Manager deployments, helping you to show real value to your executives.
Tip – to remove parameter data from Ops Mgr reports imported into a SharePoint webpart, suffix the url with &rc:Parameters=collapsed
Cracking session from Gordon & Sean on how to try and keep your CIO happy (if that’s possible! ;-) )
blog Daniel Savage

Service Level dashboard – free solution accelerator dashboard on Microsoft 

SVR401 & 402 DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and Transition Technologies + Part 2 of 2: Putting It All Together

John Cradock presents DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and Transition Technologies 

Presenter: John Craddock (www.xtseminars.co.uk)
Thu 11/12 | 13:30-14:45 | Helsinki – Hall 7-2a
Take a sprinkling of Windows 7, add Windows Server 2008 R2, IPv6 and IPsec and you have a solution that will allow direct access to your corporate network without the need for VPNs. Come to these demo-rich sessions and learn how to integrate DirectAccess into your environment. In Part 1 learn about IPv6 addressing, host configuration and transitioning technologies including 6to4, ISATAP, Teredo and IPHTTPS. Through a series of demos learn how to build an IPv6 Network and interoperate with IPv4 networks and hosts. In Part 2 we add the details of IPSec, and components that are only available with Windows 7 and Windows Server 2008 R2 to build the DirectAccess infrastructure. Learn how to control access to corporate resources and manage Internet connected PCs through group policy. Part 1 is highly recommended as a prerequisite for Part 2.
John Craddock is an extremely talented AD/identity expert, and deeply technical across many other fields – in this case IPv6 & DA.
I was also lucky enough to have a drink with John and my old Microsoft PSS chum Paul Duffy on Monday night at the cleverly named hotel ‘Berlin Berlin’.
John is a genuine international industry expert and a thoroughly nice bloke with it!   Paul, another ‘genie-I’ went on to become PM for Office Communicator and knows a thing or ten about OCS amongst other subjects to a deep level.  This probably explains why these two know each other!
Anyway, back to the session plus my own notes, links, etc.
Gems & Tips
- be careful, not all apps will be compatible – test!
- to be native will likely mean new network gear, is new network layer (layer 2 unchanged)
- hex is back!  use of double colon notation, but can only be used once per address
- cannot mix with ipV4 mask bit notation
- host derived with mac address which has privacy issues, Win7 & R2 generate random based on interface, can be disabled (revert to mac based) with netsh interface ipv6 set global randomizeidentifiers=disabled
- route print -6 will show IPv6 route table
- ::1 is IPv6 loopback
- if you have a registered IPv4 address then you automatically have an IPv6 address on the 6to4 network
6to4 http://en.wikipedia.org/wiki/6to4 states 6to4 performs three functions:
  1. Assigns a block of IPv6 address space to any host or network that has a global IPv4 address.
  2. Encapsulates IPv6 packets inside IPv4 packets for transmission over an IPv4 network using 6in4.
  3. Routes traffic between 6to4 and “native” IPv6 networks.

- you need to manually unblock ISATAP entry in DNS which can be done via the registry or command line, e.g. 

C:\>dnscmd /config /globalqueryblocklist wpad 

Registry property globalqueryblocklist successfully reset.
Command completed successfully. 

ISATAP is a huge subject in it’s own right, the Intra-site Automatic Tunnel Addressing Protocol Deployment Guide is available at http://www.microsoft.com/downloads/details.aspx?familyid=0f3a8868-e337-43d1-b271-b8c8702344cd&displaylang=en 

Putting it all together..

- Check tunnel endpoint authentication using ‘klist’ to list Kerberos data
- Use NRTP to direct DNS queries to a specific server for a particular names space (view using ‘netsh namespace show effectivepolicy’)
- PKI needs to be right as certificates are the foundations
- you must publish the revocation list
- NLS (Nework Location Server) is just a https website accessible from the DA server, e.g. nls.corp.example.com
- if it doesn’t work, it could be a couple of days troubleshooting! 

If you’re thinking of setting this up in a virtual lab, I also took note from Allen Stewart’s blog at http://blogs.technet.com/wincat/

…if you’re planning to virtualize your lab environment on Hyper-V, you should ensure you’re using Legacy Network Adapters for the child partition where you’re running the DAS. Using the default synthetic NICs is OK for all the other resources in the test lab, but for the DAS itself, it’s important to have both the Internet and Corpnet NICs as legacy ones, to ensure proper passing of traffic between both sides of the DAS. If you use the default synthetic adapters, you may end up in a situation where traffic doesn’t properly flow from the outside to the inside, even though all your IPsec, 6to4, Teredo, and IP-HTTPS settings are correct. Basically, you’ll be in a situation where connectivity will fail at a basic level, with you not even being to successfully ping the internal DNS server using its ISATAP address.If you’ve already built your lab on Hyper-V using the synthetic adapters, the fix is pretty simple. Just replace them with legacy ones, reconfigure the IP addressing as specified in the guide and rerun the DirectAccess wizard, again supplying all the information specified in the guide. After doing so, all your traffic should flow properly.

- Thanks Allen!

DAT312 All You Needed to Know about Microsoft SQL Server 2008 Failover Clustering

Presenter: Gopal Ashok
Thu 11/12 | 17:00-18:15 | London 3 – Hall 7-1b
There are major architectural changes in SQL Server 2008 for failover cluster setup and management, geared towards increased reliability and high-availability. To learn all the benefits and changes, attend this session for a comprehensive overview direct from the product development group. We cover SQL Server 2008 failover clustering setup, underlying Windows Server cluster and how SQL Server uses it, what’s new in SQL Server 2008 for failover clustering, differences from previous versions of SQL Server and future directions. This includes details of SQL Server 2008 failover clustering setup operations together with demos to illustrate the new setup.

- new features
- applications need retry mechanisms built in to provide seamless failover
- no longer have to take down the cluster to upgrade, supports rolling upgrades 

Want to deploy stretched clusters?  lots do.  As in separate geo-redundant clusters, not separate nodes e.g. 

Stretched SQL Clusters or the doodles of an artist?

Stretched SQL Clusters or the doodles of an artist?

- sql 2008 failover clustering install breaks on windows server 2008 R2 and needs to be slipstreamed with SP1 (If only we knew this last weekend!)
(slipstreaming is incorporating patches into the installation media to effect a higher level of install base over RTM – Microsoft tend to do this but not always quickly!)
see http://blogs.msdn.com/psssql/archive/2009/03/17/how-to-fix-your-sql-server-2008-setup-before-you-run-setup-part-ii.aspx for more info
- during upgrades to a 2-node cluster there will be a period of time when you are exposed to node failure, and must not have a failover attempt for fear of corruption.  removing the node from the cluster owners will stop premature attempted failover. 

Further Microsoft resources.. (will add others also) 

      SQL Server ® 2008 Failover Clustering White Paper: http://sqlcat.com/whitepapers/archive/2009/07/08/sql-server-2008-failover-clustering.aspx 

      Recommended  Books Online  Doc Refresh #7 (May, 2009), or later: http://msdn.microsoft.com/en-us/library/ms130214.aspx 

      Failover Clusters – Getting Started: http://msdn.microsoft.com/en-us/library/ms189134.aspx 

      Rolling upgrade process and best practice: http://msdn.microsoft.com/en-us/library/ms191295.aspx 

      Maintaining a Failover Cluster: http://msdn.microsoft.com/en-us/library/ms178061.aspx 

      Setup command line usage: http://msdn.microsoft.com/en-us/library/ms144259.aspx 

      Configuration.ini file usage: http://msdn.microsoft.com/en-us/library/dd239405.aspx 

Microsoft tech•ed Europe 2009, Berlin, 11 November 2009

Published 11 November 2009 Data Protection Manager , Exchange 2010 , Hyper-V , Microsoft , SharePoint , System Center , Systems Management , Tech , Training , Virtualisation , Windows 7 , Windows Server 2008 R2 Leave a Comment
Tags: , , , ,

A daily update from Microsoft tech•ed Europe 2009, Berlin, 8-13 November 2009

Not the best day for me in terms of TechEd objectives (i.e. attending learning sessions, etc.) with the first post of the day saying ‘decisions decisions… for sessions just 09:00-10:15′ as struggled to choose between:

DAT302 Top 10 Best Practices for Microsoft SQL Server 2008 Analysis Services
or
MGT11-IS Get Virtualized with Microsoft System Center Essentials!
or
OFS322 Overview of Social Computing in SharePoint 2010
or
SVR207 Windows Server 2008 R2 File Classification Infrastructure: Managing your file data more effectively.
or
SVR319 Multi-Site Clustering with Windows Server 2008 R2

Ended up doing none of the above, but did have a productive breakfast meeting with Stuart Leddy, UK Windows Server Product Marketing Manager.  Stuart has been heading up the Windows Server 2008 R2 UK EAP activities that we have been involved in with Ascom Network Testing (http://blog.thefullcircle.com/2009/11/05/the-full-circle-secures-ascom-network-testing-for-windows-server-2008-r2-early-adopter-program/)

The day turned into going from one full session to the next, and walking back and forth for what seemed like miles in between!
my TechEd tip for the day - for popular sessions get there 10 minutes before they start!

Eventually did get into a 1st choice session I wanted at 12:20…

MGT03-DEMO Introduction to Microsoft System Center Essentials 2010

Presenters: Ravikiran Chintalapudi, David Mills, Eamon O’Reilly, Jeremy Winter
 
Come see the new customer-driven enhancements and fully integrated virtual management capabilities in the next release of Microsoft’s unified IT Management solution for medium-sized businesses, System Center Essentials 2010!
 
- great product, can manage 50 servers and 200 clients
 
 

SVR307 Security Best Practices for Hyper-V and Server Virtualisation

Jeff Woolsey, Senior Program Manager, Microsoft Virtualization
http://blogs.technet.com/virtualization/

Virtualisation is one of the hottest topics in IT today and security is a top priory for IT staff. In this session we cover security best practices for Hyper-V and introduce the Hyper-V Security Guide. This guide is Microsoft’s reference for hardening servers running Windows Server 2008 with Hyper-V enabled.

- Use of BitLocker
- AV scanning of offline VHD images… stale/dormant VMs that get reintroduced to the corporate network then can wreak havoc to new vulnerability exploits.  first product to do this is McAfee VirusScan Enterprise for Offline Virtual Images (rolls off the toungue!)
- AV configuration… added benefit of passthrough disks – host AV will scan these disks.  install AV on the guests!
- VHD performance, 2nd most popular VM workload in Microsoft is SQL! fixed disk performance is now on par with raw/real disk!  but remember spindles still count!
- Dynamic VHDs are now up to 15x faster with R2 – still a 10-15% performance hit over fixed, and the risk of disk over commit
- Multipath I/O (MPIO) in R2 & Win7 is soo much easier with iSCSI Quick Connect
- Advanced Storage Capabilities… storage dedupe and replication, if it is block based it will work
Hyper-V Networking – don’t forget the parent is a VM too!  the Hypervisor slides in beneath the O/S once enabled.  More NICs the better, min 2, min 3 with iSCSI
Jumbo Frames… Significant performance increases, but the infrastructure must support it.  also needs to be end-to-end.  confirm test with ping host -l 4000 -f – if you get a response you have jumbo frames
Virtual Machine Queues - Hyper-V R2 supports processing offloading to newer network adaptors (Intel, Broadcom, etc.), most benefit with 10Gb/E
- more tips… turn off screen savers in guests, in Windows Server 2003 create using 2-way to ensure MP HAL

more of a best practise and walkthrough of some basic tasks like not forgetting to install Intergration Component, good session and great blogger (not me – Jeff! ;-) )

 

DAT301 Building and Implementing a High Availability Strategy for Your Enterprise

Presenter: Gopal Ashok
Wed 11/11 | 17:30-18:45 | London 3 – Hall 7-1b
Every business has mission-critical applications running on Microsoft SQL Server that require maximum uptime. Some application data is more critical than others and requires strict guarantees with regard to data loss. Depending on the application requirements and IT constraints, the availability strategy and corresponding technology choices will vary. As an architect, DBA, or IT admin it is important to develop the right HA strategy and corresponding solution which meets the availability requirement and at the same time provides the cost benefit for your organisation. Microsoft SQL Server 2008 Always On Technologies provide a full range of options to minimise downtime and maintain appropriate levels of application availability. Come to this session to learn how to develop a comprehensive HA solution using the Always On technologies. The session walks you through the various technologies and features, providing a cost-benefit analysis and comparison, talks about the key decision points to consider when choosing a technology, and showcases real-world examples of how these technologies are currently used to provide a High Availability solution for various customer environments around the world.

Next Page »