Wednesday, April 28, 2010

Storagecraft Shadowprotect 4


Shadowprotect 4 has been released. I was beginning to loose faith in Shadow Protect in terms of their development cycle in comparison to Acronis. Both products are very similar.

The reason I love Shadowprotect is because it has never let me down in the past and it's simple GUI and speed of recovery.

Anyway there are a lot of really cool features in version 4 in particular head start restore and you can take a look at Storagecraft's Webinar on Shadowprotect.

https://www1.gotomeeting.com/register/214409881

Sunday, April 25, 2010

Which Version of MS 2008R2 to use for Hyper-V


Apart from server consolidation some of the other areas where you can use HYPER-V are,

* Test and Development
* Server Consolidation
* Branch Office Consolidation
* Hosted Desktop Virtualization (VDI)

Microsoft free HYPER Visor is good option for testing and R&D. If you are planning to consolidate more than 4 servers in one physical server then moving to Data center version will do huge cost saving to you.

Setting a Domain Controller to Sync with External NTP Server


1. Modify Registry settings on the PDC Emulator for the forest root domain:
In this key:
HKLM\System\CurrentControlSet\Services\W32Time\Parameters\Type
• Change the Type REG_SZ value from NT5DS to NTP.
This determines from which peers W32Time will accept synchronization. When the REG_SZ value is changed from NT5DS to NTP, the PDC Emulator synchronizes from the list of
reliable time servers specified in the NtpServer registry key.
HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer
• Change the NtpServer value from time.windows.com,0x1 to ie.pool.ntp.org,0x1

This entry specifies a space-delimited list of stratum 1 timeservers from which the local computer can obtain reliable time stamps. The list can use either fully-qualified domain
names or IP addresses. (If DNS names are used, you must append ,0x1 to the end of each DNS name.) In this key:
HKLM\System\CurrentControlSet\Services\W32Time\Config
• Change AnnounceFlags REG_DWORD from 10 to 5. This entry controls whether the local computer is marked as a reliable time server (which is only possible if the previous registry entry is set to NTP as described above). Change the REG_DWORD value from 10 to 5 here.
2. Stop and restart the time service:
net stop w32time
net start w32time
3. Manually force an update:
w32tm /resync /rediscover
(Microsoft KB article # 816042 provides detailed instructions for this process.) Apart from that you can refer to this link as well.

As a thumb rule test this before applying for the production network. This is recommend if your organization preparing to move to 100% virtualization environment. If not at all cost try to have one DC in a physical server :)

Update: I found out Microsoft has already released an article about running Domain controller in HYPER-V. You can download the document from here.

Thursday, April 22, 2010

Microsoft on What's Next for Managing Datacenters and the Cloud

View this video on Microsoft's vision for the future of Managing Datacenters and the Cloud.

http://edge.technet.com/Media/Microsoft-on-Whats-Next-for-Managing-Datacenters-and-the-Cloud/

Friday, April 16, 2010

V 2 P Conversion

I recently had to convert a Server 2008 R2 Virtual Primary Domain Controller to a Physical Server.

I scratched my head for a while and wondered how best to do it. I was thinking of using storagecraft, then thinking of installing a new server , running dcpromo and then transferring AD Roles.

But I used Windows 2008 Server Backup and backed up my Virtual Primary Domain Controller to a Bufallo Linkstation Pro. The Virtual DC was installed on a dynamic disk. I then restored it via bootup repair options from a Server 2008R2 USB Drive.

It took 15 mins!

Sean

Thursday, April 15, 2010

Microsoft Enterprise Desktop Virtualisation


I recently completed a network where my customer connected to a multi national companies corporate network via Juniper End Point Protection.

The company I installed the network for uses this multi national companies infrastructure to perform computer programming on their equipment and connects to multiple servers within the infrastructure via a customised Citrix ICA Connection.

The multi national refused Windows 7 & Refused Sophos Anti Virus as they said it was incompatible with their end point protection policies. But the endpoint protection was very happy with Windows 7 and Sophos as were the users.

But there was one massive problem!!!! Once the endpoint protection established a connection there was no split tunnel so the users could not access their local drives outlook client, VOIP Softphones etc...

So the customer purchased HP Pro Book laptops with Intel i3 Processors which have Intel VT on the chip.So you have probably been wondering where does MED-V come into all this. I installed MED-V SP1 onto a Virtualised Windows Server 2008R2 Server, Prepared my virtual pc 2007 sp1 image and deployed it to the laptops.The programmers all have docking stations as well as 24" Wide Screen flat panel monitors. So they use their laptop screen for communication to their own lan and Virtual PC on the big screen for their LOB work on a multi nationals corporate network and the virtual pc communicates directly to the Intel i3 processor via Intel VT Technology.

Once in a blue moon you would come across a situation like this but when you do. This is a really cool solution!

Download the administration videos here
http://www.microsoft.com/downloads/details.aspx?FamilyID=1f0d3e54-25d1-4ec1-a844-3b508bd63ffa&displaylang=en


Sean

Tuesday, April 13, 2010

Print Spooler Failures


We have been having trouble with print spooler failures with a Terminal Server Farm recently and I recently discovered a cool feature of the 2008R2 Printer Manager.

You can select a driver and set it to isolate which means the driver will have it's own isolated virtual print spooler , This means it wont share the common print spooler and in the event of a buggy driver it wont pull the whole print spooler down , only the printer using that particular driver.

Remote Desktop Easy Print and a HP Universal Print Driver can act in similar ways and therefore can clash, witch would make sense to isolate each driver.

Its a really cool feature that not many people know about and can really help troubleshoot print spooler problems.

If your having trouble with a driver which is isolated , it will then have its own process and you can use Process Explorer from sysinternals to analyse that process.
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

Friday, April 2, 2010

Exchange 2010 Quick Setup Guide


Exchange 2010 Quick Setup Guide R1

1. If installing on Hyper-V R2 , Have the following config
C:\40gb Fixed Disk, D:\100gb Fixed Disk Database, E:\20gb,2008R2 Enterprise , 4 processors , As much ram as possible, Patch OS prior to install.

2. Run this command from command prompt

ServerManagerCmd -i RSAT-ADDS Web-Server Web-Metabase Web-Lgcy-Mgmt-Console Web-ISAPI-Ext NET-HTTP-Activation Web-Basic-Auth Web-Digest-Auth Web-Windows-Auth Web-Dyn-Compression RPC-over-HTTP-proxy Web-Net-Ext -Restart

3. Install Feature “Desktop Expierience” if you wish to install the unified messaging role.

4. Install Exchange 2010, It will sysprep active directory for you.

5. During install it will ask you for external name for owa . I chose mail.domainname eg. mail.cdsoft.ie

6. When setup is complete re-boot server and then install Exchange 2010 Rollup2 Update kb9796711 and reboot.

7. Move Database and log files to relevant drives.

8. Add in accepted external domain, add to default email policy. (I normally like to define firstname.secondname

9. Create an internet send connector via Organisation/Hubtransport/new send connector wizard.



10. Edit the default receive connector permission group to allow anonymous users

11. Edit Organisation/Hub Transport/Global Settings/Transport Settings and change max send & receive size to 30720

12. Run this command in exchange system shell

13. Set-OWAVirtualDirectory -Identity "owa (default web site)" -LogonFormat username -DefaultDomain INTERNALDOMAINNAME (eg.cdsoft.local)

14. Buy a trusted cert for exchange

15. Add users via new mailbox wizard and create new user this way and select AD OU that the user belongs to.

16. Disable Windows Firewall and Allow Main Firewall to allow external ports 25 & 443 access to server.

17. Implement correct backup procedure.
Sean