Thursday 31 May 2007

Windows Vista - Intel Matrix Storage Console

We are now getting into the habit of configuring all of our workstations with RAID 1 mirroring.

We have also managed to convince our clients that the small additional cost of the extra hard disk is worth it. So, most of our client desktops are also configured with RAID 1.

We just finished configuring a Vista Ultimate system on an Intel DQ965GFEKR with two 320 GB hard disks configured as a RAID 1 array.

Here is what we see after installing the Intel Matrix Storage Console in basic mode:

And, a shot of the Advanced Mode:

The Intel Matrix Storage also pops a message up just after logging into the system indicating that the hard disks are healthy. That little message can provide reassurance that our client's data is as safe as it can be. ;)

Of course, no data storage solution is complete without backups and folder redirection for redundancy! :D

Philip Elder
Microsoft Small Business Specialists

SBS 2K3 - All Versions: Scheduling a reboot as a "just in case" when patching

Susan Bradley just wrote a post that is perhaps one of the best pearls of wisdom I have come across in a very long time: Brilliant idea regarding patching.

The following is the methodology for that idea.

I can't count the number of times that we have been patching Exchange, ISA, or even the server OS itself and we have been kicked off. No RWW access, no access via VPN.

The only respite in that case was, up until this point, to have someone log in and reboot the server, head down to the client site, or have a back door into the system.

So, how do we schedule a reboot?

It is actually very simple.

  1. Log on to the server as admin.
  2. Right click on the desktop and create a new text document.

  3. Call the new file something like, "Schedule Server Reboot.bat". Note the extension change to a batch file!
  4. Answer Yes to the warning that comes up.

  5. Right click on the new batch file and Edit it.
  6. Type the following in the batch file:
    • shutdown -r -t 30 -f
      • The -r is for Restart, the -t is the time delay for the restart with the amount of time expressed in seconds after it, the -f forces the shutdown no matter what service tries to deny it. This last one is VERY important.
      • You can change the time delay to whatever you want to. We suggest 30 to 90 seconds. This time setting is not the way to "schedule" the reboot by the way. Continue on for that.
  7. Go to Control Panel and then Scheduled Tasks.
  8. Double click "Add Scheduled Task".
  9. Click Next.
  10. On the "Click the program..." click on the Browse button.

  11. Navigate to the desktop, and click on your batch file, then the Open button.
  12. Perform this task: "One Time Only"
  13. Set the task to run an hour or more ahead depending on the updates you are running. To be on the safe side, add 50% more time to the time you come up with. Scotty's rule you know! ;)
  14. Enter your admin log on credentials.
  15. You will be greeted with the following:

  16. Click Finish.
If you get disconnected during the updates, wait for about 10 or so minutes after the prescribed time depending on how long your server takes to reboot, and you will be good to go! Hopefully that is. :*D

Susan, awesome tip! Thank you very much for sharing it as it solves a dilemma many of us would never even have come close to figuring out.

Kudos to the person who shared the tip with Susan!

UPDATE 2007-06-05: One thing that I missed with regards to the remote reboot!

Make sure to leave the Scheduled Tasks window open so that you can delete that scheduled task if you do NOT get kicked off your RDP session!

Otherwise, you will get a surprise when the scheduled reboot kicks in if you are still working on the server!

Philip Elder
Microsoft Small Business Specialists

Wednesday 30 May 2007

Business Principles: Our personal health and our responsibility to our clients

As a small business ourselves, we tend to get really caught up in our client's needs and sometimes forget that we and our families also have needs.

When it comes down to it, our family should come first. Period!

Our responsibility as perhaps the sole I.T. infrastructure contact for our SMB clients is to keep in mind that we essentially hold their livelihood in our hands.

If we fail to provide a well planned infrastructure that can stand a catastrophic failure and bad things happen, how long can their business survive? One day? Two days? Maybe a week?

After said failure, how long will we survive? Probably not too long at all. Who would trust an I.T. company responsible for the demise of one of their clients?

Part of that responsibility is also in keeping ourselves healthy. If we are married and have kids, keeping healthy should be a given. Right?

If we don't keep ourselves healthy and something bad happens to us, where does that leave our families, employees, or clients? In a pretty bad place in my opinion. If we have employees, what about their livelihood?

Do we have a personal disaster plan in place that protects our families, employees, and our clients?

Do our clients have their network notes containing an audit of all of their equipment, serial numbers, software, licensing, and passwords in place? Could someone come into our client's location for the first time, pick up those notes, and know the essence of what was going on at the client site?

Do we have copies of those network audits in a safe place accessible to our lawyer if we happen to die?

Are we prepared? If we are not, then how can our clients expect us to prepare them?

It is very important to never take for granted that tomorrow will come! Our responsibility to our families, employees, and clients dictate that.

Philip Elder
Microsoft Small Business Specialists

Tuesday 29 May 2007

SBS 2K3 - All Versions: When setting up Remote Desktop Servers - a couple of important GP settings

We have a number of clients that we have setup remote desktops on dedicated rack mount and pedestal servers.

In some cases, we have just a 1U with XP Pro installed on. In others, we have a dedicated Microsoft Virtual Server 2005 R2 box serving three or more XP Pro or Vista Business desktops.

Whenever we need to setup the remote desktop environment at the client site, a couple of very important GP settings need to be implemented.

The first, is to remove the Disconnect button from the Start Menu:

This policy setting is implemented in the SBS Client Computer GPO.

In a multi-user scenario, if one user disconnects it leaves the remote desktop machine in a Locked state. If another user tries to log into the machine, they get a message warning them that someone is already logged on even though the previous user already disconnected.

As part of the user training, we let them know that they cannot log on to the remote desktop machine if they get that warning. We also train them to log off the system the same way they would at the end of the day on their laptops.

The second is to only allow the domain admin, and a test account if you use one, to have the ability to remotely shutdown the system.

This policy is implemented in a GPO we create and link at the domain level called, "Default Domain Security Policy" since the settings fall under the Security Options section in the GPO.

It would be very awkward if users who were used to shutting their system down when done did so with the remote desktop server system. Even with the warning that the system would not be available for other users, it would still be turned off accidentally by someone.

This would mean either a trip down to the client's location to fire the remote desktop machine up again, or having someone go into the server closet/room to hit the power button on the unit. Remote power cycling PDUs are not necessarily an option.

This also presents a bit of a predicament because all of our clients with the Remote Desktop setup are locked down with limited access to certain individuals within the company.

Our clients that use this solution are quite happy with it. For those with close to 100% laptop saturation, it presents a viable way to securely access their corporate data, as well as their proprietary network applications simply and conveniently from virtually anywhere.

If you need to provide close to 100% anywhere Internet access to the laptop user, EVDO PCMCIA modems work excellently with this particular setup in North America. EVDO provides great speed and coverage versus the alternatives.

Philip Elder
Microsoft Small Business Specialists

System Builder Tip: Boot from USB drive on Toshiba Satellite P100

It seems that the Toshiba Satellite P100 requires a bit of work to boot from a USB flash drive.

Essentially, you do not see a USB option after hitting F12 on the laptop to get the boot options screen.

From Toshiba:

Attach the Bootable USB Memory Stick and Enter the BIOS Menu (2 ways to enter the BIOS Menu)

1. Press and hold F2 immediately after powering on the unit
2. From the Boot Menu highlight "" and press Enter.

- Use the side arrows to select the "Boot" section.
- Expand the HDD title
- Select the "USB Drive" (name may vary) and move it to the top (F5 and F6 Key)
- Exit Saving Changes
From Toshiba's site: How to boot from a bootable USB memory stick on a Satellite P100.

Keep in mind that other models may also require this methodology.

Philip Elder
Microsoft Small Business Specialists

Friday 25 May 2007

Microsoft File Transfer Manager - Puzzle

We are TechNet Plus subscribers.

Anything we download via TechNet uses the Microsoft File Transfer Manager.

We had started a download for "Longhorn" server and had to suspend it until after a reboot of the system.

When we came back, there was no way to start up the transfer manager.

A quick search of the Internet that brought us to the Microsoft File Transfer Manager page, pointed to the following folder:

%SystemRoot%\Downloaded Program Files\
But, it isn't there? Or is it?

We don't have a shortcut for it on the desktop, so we went back to the TechNet site and started the download over again.

We were greeted with the MS File Transfer Manager:

There it is, the first download suspended, and the new download. So, cancelled the new download to allow the first one to finish and then followed through on Microsoft's instructions to put a shortcut on the desktop.

Click on the options button and you get:

Click on the, "Place application shortcut on the desktop", Apply and OK.

After the desktop shortcut appears, right click on it and left click on properties.

You will be greeted with:

Okay, click on the Find Target button and low and behold there it is:

What the chicken?!?

Here is a side by side shot of the two "folders" showing the same path:

There is a little puzzle for a Friday afternoon! ;)

Philip Elder
Microsoft Small Business Specialists

Microsoft SBS Community Survey

If you are involved with the SBS community in any way, take the SBS WW Community Survey.

From the Survey site:
The Windows Small Business Server Product Team would like to hear from the Windows SBS Community. This direct anonymous survey of the Windows SBS Community is brought to you by the Windows SBS Product Team. We want to know how valuable your experience is with the community resources and information that is available to you today as a member of the Windows SBS Community. We also want to know what you think could be done to improve your Windows SBS Community Experience. Please take a couple of minutes to provide us your candid feedback via this survey and let us know what you think.
It will only take a minute or two, and is worthwhile.

Philip Elder
Microsoft Small Business Specialists

SBS 2K3 Premium - Get SP1 Now ... Last Chance...

Between now and December 31, 2007 you have the ability to order your SBS SP1 CD 3 (ISA 2004) to update SBS RTM to SP1.

Those CDs are not available anywhere else. They were not available via Microsoft's site for the last while either.

Perhaps this was a wake-up call?

With SBS Cougar around the corner, SP1 should be the minimum install on our SBS boxes.

ISA 2004 is a lot easier to manage and work with than ISA 2000. The network perspective that ISA 2004 uses is different than ISA 2000 but the live logging feature is worth it alone. We can see in real time what is passing through our SBS box NICs. Rule creation and management are relatively easy too.

SBS SP 1 Web Page.

SBS 2K3 Standard SP1 component downloads. There is no longer a CD 1 or CD 2, so we need to download the components via the site.

SBS 2K3 Premium RTM must order the SP1 CD:
North America SBS SP1 CD 3.
Europe, Middle East, Africa SBS SP1 CD 3 (Both link to the same page?!?).

Courtesy of the Official SBS Blog and Susan Bradley.

Philip Elder
Microsoft Small Business Specialists

Thursday 24 May 2007

Windows Vista - Opening Component Services

There is no direct shortcut or icon to open Component Services in Windows Vista.

To do so, run the following:


Found via the MSDN Forums: Component Services.

Philip Elder
Microsoft Small Business Specialists

Windows Vista - Activation issue after 30 day period expires

We ran into an Activation problem on Windows Vista, or at least we thought it was a problem. ;)

The issue turned out to be a situation where a machine that is being used to test various hardware and software components on Vista hadn't been used in a while.

It was installed with no product key as it wasn't expected to be used beyond a couple of weeks.

When the machine was turned on, we received the following message:
This copy of Microsoft Windows is not genuine.
The online resolution installed the Genuine Advantage tool which also had an error:

The validation service is unable to determine whether this copy of Windows Vista is Genuine.
Of course it isn't, we hadn't inputted a product key when the OS was installed. At least, that was what we figured out as this machine has been sitting for quite a while. It wasn't supposed to be in service anymore as it is one of our Vista test mules.

So, if you get the above errors, then more than likely a product key was not used on the initial installation of the OS and the Activate over the Internet option was unchecked.

You will need to wait for Windows to prompt you for Activation:

As things like the Control Panel will be disabled or very hard to get to. At least in this case, that is what happened. It was tough to get around.

But we did it, and yes ... it was one of those days! ;*)

Philip Elder
Microsoft Small Business Specialists

System Builder Tip: Keep that PS/2 Keyboard Around

We had an interesting situation come up recently.

When we slaved up a failing WD hard drive to our data mule machine running Windows XP Pro SP2, we were not able to cancel out the default disk scan Windows wants to run on the WD.

We had to reboot the system a number of times due to the poor condition of the drive.

The only way we could bypass the scan was to have a PS/2 keyboard plugged in so we could hit the "any key". Right at that point, Windows had disconnected the USB and thus the USB keyboard.

We have seen this on servers as well right at the 34 minute mark of a Windows Server 2003, 2003 SP1, and 2003 R2 install. The USB would get knocked out, and the system would ask for the RAID driver to be accepted right after it. With no PS/2 keyboard, we would have been stuck. The same would be true for the Disk 1 install of SBS.

Philip Elder
Microsoft Small Business Specialists

Tuesday 22 May 2007

System Builder Tip: Order Intel Xeon 3000 server products!!!

Caution, slightly cranky post ahead...

Can anyone tell me why the heck Canadian distribution seemingly has an aversion to Intel's new 3000 series Xeon product?!?


Man, this is getting really frustrating for us System Builders who want to quote and build solutions that have more horsepower for less power consumption along with great product longevity for our clients!

Here is a screen shot of one distributors stock status:

Shows stock right? Click on it for "Real Time Availability" and this is what we get:

Nada, nothing, zippo, zilch... you get the picture.

And then, on to the next distributor:

Again, absolutely nothing!

And, lastly on the next one:

Wow! One! In Toronto. That means that it is a week away and an additional charge for those of us in the West due to it not being stored at our "Default" warehouse that is out West.

Now, on to the 3000 series Xeon CPUs.

These guys show stock on a couple of them. Notice that they are not carrying the full line?

We have been burned by this particular supplier. Once bitten, twice shy right? Well, we do have a three strike rule. So, a long time after the first fiasco, we tried them again. Guess what? "Oops, we did it again". :( Thus, do we risk it for our third try? Not too sure if we are willing to go there yet.

On to the next disti:

Virtually no stock, and none on the way! One in Vancouver though ... so a little bit better as that is our default warehouse with these guys.

And, lastly:

In a country of over 33 million people whose economy is driven in a good part by small business, there has to be some sort of demand for the newer Intel 3000 series products?

As I see it, distribution is trying to keep us buying Pentium D and the SE7230NH1 server board as they all have lots of stock on them. The SE7230NH1 is very dangerously close to the end of the product cycle.

The Pentium D is okay for small server setups. The Xeon 3000 series, which is essentially a rebranded Core 2 Duo, gives us a CPU that has way more capabilities for less power consumption.

On that note, Canadian System Builders: Buy Intel Xeon 3000 Series server product!

The more we buy, the more it forces Distribution to stock the product. When we are in situations where we can provide a 3 to 6 week lead time, back order that product!

Also, talk to your Intel Rep. Let them know how difficult it can be to get 3000 series Intel server products.

Make sure to talk to your distribution contacts as well. Let them know that you are frustrated with the lack of stock. We have mentioned it on many occasions to our primary distribution point.

How can we sell that which we do not have?

Deep breath. ;)

Philip Elder
Microsoft Small Business Specialists

SBS - NTFS Error Event ID 55

One problem we ran into on one of our more data intensive SBS boxes was this:
Event Type: Error
Event Source: Ntfs
Event Category: Disk
Event ID: 55
Date: X/X/XXXX
Time: 7:11:25 AM
User: N/A
Computer: MY-SBS01
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume NetworkData.

For more information, see Help and Support Center at
The error was on a 1.2 TB RAID 5 array with six 300 GB PATA disks. The sixth drive was a hot spare.

On this particular array, no S.M.A.R.T. errors were thrown. The RAID controller threw no codes before the NTFS error started to show up.

We had to dismount the array and scan it via the following: chkdsk /x /f

The scan took a long time. Once it was finished, the data seemed to be okay.

We did find some corrupted files later on, and found out the hard way that the NTFS failure wiped out the Shadow Copies on the SBS server!

We were fortunate in that we had a live data mirror on a backup server that we were able to recover some of the files from. Some had to be pulled from that server's VSS as the file corruption was passed to it from the SBS server. Anything we couldn't get from the backup server was pulled from tape.

We were at the end of the life cycle of this particular SBS box, so we replaced it with a new Intel SR2400 2U.

When we dismantled the array, a physical scan of each drive in the failed array turned up one with some bad sectors.

It was strange to us that we never saw any signs of the failure coming.

Another reason why multiple levels of redundancy for your client's networks is so very important.

UPDATE: My bad, they were 300 GB drives, not 400 GB. Off to Tims to get all cylinders firing! ;)

Philip Elder
Microsoft Small Business Specialists

Monday 21 May 2007

One of the greatest marketing strategies ever...

The following is somewhat satirical, but describes my thought on what is, in my opinion, one of the most brilliant marketing strategies ever.

A certain Company has a product that is quite popular. It can be seen around the world on people.

The company has great cash flow. They want to diversify, spread into other market types.

They have had a few bumps in the road too, and want to get people's minds off of them.

The first step in their strategy is to hire some guy who hits balls for living. But what a guy! He is the best of the best, the most amazing ball hitter this side of the century.

People like this guy, thus they will like their product even more!

Then the clincher: Get him to wear their Logo on his head and elsewhere they say, and the rest will follow!

And sure enough, people ask, "Where can I get that Logo Melon Protector?" "Where can I get that Logo Trunk Warmer?"

The Company, seeing that their strategy is working, starts introducing new products with their now quite famous Logo on it.

A Logo Melon Protector in several styles and colours that costs ten times over any other melon protector! And guess what!?! The people are buying them. The same is true for the Logo Trunk Warmer and any other product the Company people decide to put the Logo on!

The grins in the Head Office are huge by now.

"We did it", the Head Office people say, "we not only branched out into other markets, but, we got the people to pay for our marketing and product expansion!"

"We see our Logo everywhere. Market saturation is huge!"


A company that manages to win the support of the consumer to the point of having that consumer buy their branded products at a huge premium is brilliant.

That huge premium on their branded products did and is paying off for the company.

It is also the reason why we are very careful about the clothing we wear in business and personally.

The branding and symbols we wear says a lot about our company, as well as the individual that we are.

Philip Elder
Microsoft Small Business Specialists

SBS - POP3 Connector not pulling e-mail

Every once in a while the POP3 Connector service stops responding.

To date, we have not found any indication of what failed in the service in the logs, even when the logging level was set to Maximum.

When troubleshooting the Connector, make sure to have the ISP credentials for one of your users so you can monitor their inbox.

Restart the service to see if this fixes the problem. Generally it doesn't.

Consistently, we have to reboot the box.

As a rule, we see if we can have an MX record with the highest priority for the client's domain pointing to the SBS static IP to mitigate this problem as well as eliminate the 15 minute lag the client experiences when all e-mail comes in via the ISP.

To complete the MX process, if the ISP is willing, one will need to have the reverse DNS record set for the IP of the SBS box too. This eliminates the possibility that the e-mail will get stopped by spam filters that do a reverse DNS lookup against the sending SMTP server.

Philip Elder
Microsoft Small Business Specialists

Saturday 19 May 2007

SBS, WSUS 2, Windows XP & the SVCHost Issue

We have been fortunate in that a lot of our clients have not been hit by the WSUS-MSI-SVCHost issue. Essentially, the CPU hits 100% because of the SVCHost process and doesn't seem to relax at all.

The client computer is seemingly locked up with no way to end it other than rebooting. This had a deeper impact on companies with older hardware.

It eventually became apparent that there was a problem in the WSUS 2.x update system on XP clients.

A series of patches were released that did not fix the problem for most clients.

The last patch, Microsoft KB927891: You receive an access violation error when you try to install an update from Windows Update or from Microsoft Update after you apply hotfix package KB916089 does fix the problem to some degree. The system should no longer "freeze" after this patch is applied.

Note, that the system may still hit a high CPU usage amount, but the machine should still be usable.

If there are still issues, then install the following Microsoft KB932494: When you use Automatic Updates to scan for updates or to apply updates to applications that use Windows Installer, you experience issues that involve the Svchost.exe process.

This last update is actually the new WSUS 3.0 client. It should in fact fix the problem.

For SBSers, one should patch KB927891 on all XP Pro SP2 clients. Then one can install WSUS 3.0 on the server and the client will be delivered automatically. This way will save some time for you and your clients.

One of the original errors that came up: Application popup: svchost.exe - Application Error : The instruction at "0x745f2780" referenced memory at "0x00000070". The memory could not be "read". And, the original Microsoft KB916089: FIX: When you run Windows Update to scan for updates that use Windows Installer, including Office updates, CPU utilization may reach 100 percent for prolonged periods.

It would be nice if Microsoft would deliver KB927891 via WSUS so we can go ahead and update our SBS WSUS to 3.0.

We just finished trying to update an XP client with KB927891 and it didn't work. The system kept locking up with SVCHost at 100%. We set the Automatic Updates to manual, rebooted, reapplied the update, rebooted, and ran the WSUS 3.0 client update.

The WSUS 3.0 client install resets the service start from Manual to Automatic BTW.

Everything worked from there!

Hurray! :D

UPDATE 2007-05-22: Looks like the above wish for KB927891 being distributed via WSUS has become a reality:

So, after all of your workstations are confirmed to have received the update, backup your SBS servers, and go for WSUS 3.0!

WSUS 3.0 is available as an Update via WSUS too:

WSUS 3.0 can be manually downloaded here: Windows Server Update Services 3.0 which is the preferable method of install for us SBSers!

Remember, test these updates on virtual installations if you can first!

Thanks to Susan Bradly: So why isn't SBS 2003 R2 getting WSUS 3.0 as a critical update?.

Her article pointed to the WSUS Blog: Updates for WSUS available today.

Philip Elder
Microsoft Small Business Specialists

Windows Vista - Elevate Permissions on the Command Prompt

We keep an eye on the various key words used by searchers that land people on our blog.

This one caught my eye:
Vista how do i raise level to ipconfig /release
There are times where we need to elevate our permission level to accomplish some sort of administration task.

To elevate your command prompt in Windows Vista do the following:
  1. Click Start
  2. Type: "cmd" in the Start Search
  3. Right click on cmd.exe at the top of the list
  4. Click on "Run as administrator"
  5. Authenticate and go on to your task.
A screen shot of the above:

The same rule can be applied for the need of an elevated mmc.msc or other programs or management consoles.

Philip Elder
Microsoft Small Business Specialists

Friday 18 May 2007

Get Windows Server 2008 Beta 3 Evaluation

Not on the Beta crew for Longhorn/Server 2008 yet?

Go here: Windows Server 2008 Get Beta 3 Site.

Get your copy, install it, and get to know it.

It is role/feature/tool packed. It represents the next frontier for all of us who support W2K3 and SBS servers!

And, it looks amazing.

BTW, SBSers ... we should be proud! Why? Many of the management features like our ToDo list and Server Management Console of been incorporated into Windows Server 2008. May not look exactly the same, but they are modelled on them, and our TechNet presenter, Rodney Buike, mentioned SBS as the foundation for them!

Philip Elder
Microsoft Small Business Specialists

Wednesday 16 May 2007

TechNet: Future Of the Server Room - Longhorn/Server 2008, SBS, & SBS Cougar

We do not have a computer where we are staying, so I am posting via my UTstarcom connected via wireless. [At least I thought I was. IE on the UT did not allow me to hit the Blogger Post button! :(]

The TechNet - Future of the Server Room tour was jam packed with Longhorn/Server 2008 roles, features, tools, and demos.

I can see a lot of potential in Microsoft's new server OS. While Microsoft has been touting Longhorn for quite a while, from what I was hearing yesterday at the conference,it is only in the new Beta 3 that we are seeing what will be close to the final form.

Look to the new version of Terminal Services with TS hosted applications to be a "killer app". One will not need to log onto a dedicated TS desktop in this case. One will be able to run, say, a TS hosted Word session on the local desktop client with minimal fuss. Talk about potential for recycling old systems as dumb terminals.

Us SBSers will be familiar with the new method of connecting to the TS App server too: RPC over HTTPS. Talk about removing a bandwidth bottleneck by eliminating the VPN connection.


Another set of Longhorn features that will be totally relevant to us SBSers is Server Core - a command line only extremely small footprint version of the OS that can run on very low end hardware like say a P IV 1.6 GHz with 512 MB of RAM. And, it will handle all of the local network Active Directory, file sharing, and more without breaking a sweat.

As far as that Branch Office Active Directory is concerned, it can be Read Only with cached credentials. Set everything up in the main office, and send the box over to the branch to be plugged in and turned on. Local users will then authenticate against the already cached credentials hosted on the Core box.

Talk about an important step for the Branch Office scenario.

Branch box get stolen? There are management features in Active Directory to immediately reset all of the relevant accounts along with the now gone Core server.

I am hoping that our application to be on the SBS Cougar beta test will be accepted. Based on what I Have been seeing, SBS Cougar is going to really ROCK!

We received a DVD of Beta 3 which is nice as it will save us somewhere north of 4 GB of download bandwidth.

As soon as I have a bit of time, I will be installing LH/W2K8 Beta 3!

Philip Elder
Microsoft Small Business Specialists

Monday 14 May 2007

TechNet - Future of the Server Room Tour

We are off this afternoon to the Microsoft TechNet Future of the Server Room Tour '07 in Calgary tomorrow.

We are going to stay down in Calgary, as the Microsoft/AMD Tech Tour is on Thursday afternoon/evening.

Probably pick up a couple of the AMD specials listed on the AMD site as we are listed as AMD OEMs.

Posting may be light this week as a result.

Philip Elder
Microsoft Small Business Specialists

Saturday 12 May 2007

SBS 2K3 - Desktop Technology Compatibility Chart

As we search about the Internet looking for various things, we can stumble across a number of different neat things.

One is this:

The Desktop Technology Compatibility Chart for Windows Small Business Server 2003.

It provides a quick overview of what Microsoft desktop OSs, Office Suites, and Outlook versions work with SBS 2K3, what may work with limited features, and what will not work with it (none on the list!).

The site can be found here: Desktop Technology Compatibility Chart for Windows Small Business Server 2003.

Philip Elder
Microsoft Small Business Specialists

Windows Vista - HP Driver not available?

I am just a little more than baffled as to how hardware manufacturers do not have drivers for at least the 32 bit version of Vista available.

This is what HP's site says for the very common LaserJet 1022 printer:

Currently, there is no Windows Vista driver available for your HP product. Therefore your product will not work with Windows Vista at this time.
Hmmmm ... What does that mean for people who have no idea as to how to get their product working in other ways? :(

I like the note below that indicating that HP wants us to have the latest information on drivers and software for our HP products.

Heh ... right. How about the latest drivers for our HP products instead?

Windows Vista in some form or other has been available to product manufacturers for how many months or years now? Especially to a valued Microsoft partner like HP.

Needless to say, we forced the XP driver in for the time being. But, that can turn around and bite us as we have had some issues with some HP products when installing HP's XP driver on Vista.

I am willing to bet that people's "Vista Experience" could be rather jaded due to the above experience which we are finding quite common at this time.

It's actually quite sad, because Vista as an operating system rocks!

Philip Elder
Microsoft Small Business Specialists

Friday 11 May 2007

SBS and Intel's Driver & Management Software

I am currently quite choked. As in, cranky, upset, frustrated, angry.

Keep that in mind for this post. ;)

Here is a screen shot that will clearly show why:

This last spate of WSUS based SBS updates took one of our most stable SBS servers into a fit of WMI based errors. Event ID 1000, Event ID 10, Event ID (100) are prevalent in the event logs every 5 minutes.

One of the errors contains a clue: IANet_Event.

Apparently, the 0x80041010 error indicates that the IANet_Event doesn't even exist in the namespace. I am no WMI expert here! Huh?!?

The Microsoft TechNet Script Center: I'm getting an 0x80041010 ("Invalid Class") error.

Okay as per their suggestion, download the Scriptomatic 2.0 Tool (Validation Required).

And, guess what? Yes, that particular thing is missing:

And, as the Scripting Guys suggest: look around for other possible locations. Well, looking further into Intel's own entries we see:

Nothing ... absolutely nothing ... it ain't there ... *grrrr *

I am not a programmer here... The article on the TechNet site goes on to describe that in the case of a missing class one must, "recompile the MOF file for the class in question." HUH?!?

Intel, are you getting this? I certainly am not. And, can I expect you to fix it? At this point, I am not too sure.

To boot, we still don't know if we are even looking in the right place for the source of the errors and the subsequent fix. What update triggered this mess in the first place? Don't know at this point.

I suspected Intel Server Manager being the source of the problem and shut it down. Since the errors kept appearing, we now believe that it is actually the NIC ProSet software that is causing the errors. This strikes me as strange because the version of ProSet on this server is which is relatively new.

While I understand that Intel is not a software company, when they write software that has either been a fight to get running stable, or less than stable at best, in my experience, then there is a problem.

In the above server's case, we had managed to get Intel Server Manager 8.40 (ISM) to cooperate within the SBS environment when we installed SBS.

This screen shot shows what happens when we try and uninstall ISM on an SBS server where ISM did not cooperate:

The WMI information that is supposed to be deposited into the reports is missing. The reports generate with blanks in the information fields because the Intel software has somehow killed something between WMI and the Reports & Monitoring service. That is my best guess at this point.

This particular SBS installation is different than the SBS server spewing the Event IDs at this time. It would not allow ISM to run properly no matter how many times we tried to get it to. ISM eventually refused to uninstall, or reinstall period. The install/uninstall routine would hang on the Java portion. Nothing we tried would get it working again.

So, what do we do on a production server? Do we perform a Swing Migration to get the server back online again? That is such a huge expense for us. We cannot go back to our client and say, "btw, we need to charge you xx hours to reinstall your SBS server due to a bad Intel software install."

Ain't gonna fly people.

So, we have removed the registry entry that starts the ISM:

We set the Intel services to Manual, and shut them down. No more ISM.

In both cases, we are currently at a loss as to the ability to fix the errors in the first case, and the lack of information in the reports in the second.

The server spewing the WMI based Event IDs is due to be replaced this summer. We will Swing Migrate the existing box out for a new 5100 series Xeon box.

BTW, both boxes are Intel based. The one spewing the errors is a 2U SR2400 series with dual 3.0 GHz Xeons and 4 GB of RAM. The second is an SC5400LX based dual 3.4 GHz Xeons with 4 GB of RAM.

And further to the new generation of 5000 and 3000 series Xeon based servers, the new Intel System Management Software that replaced ISM seems to be a lot more stable. So far, we have quite a number of newer generation servers running the software with little or no installation or ongoing problems.

Perhaps Intel has learned from their previous ISM experiences? ;)

Microsoft MSDN: WMI Error Constants.

Philip Elder
Microsoft Small Business Specialists

System Builder Tip: When intalling Vista 32 or 64 bit on Intel D945G, D975XBX, DQ965GF boards with 4 GB+

You may encounter Windows Vista installation issues on systems being built with 4 GB or more RAM installed on the motherboard.

If installing the OS with a pair or more of 2 GB sticks of RAM, you may experience STOP errors.

Have a pair of 1 GB or even 512 MB sticks around for the install. Use that pair for the OS and post OS installation driver updates. When Vista has booted up into the installed and updated OS, shut down the system and swap out that pair for the 2 GB sticks.

Boot the system up, and Vista should recognize the 4 GB , 6 GB, or more RAM in the system.

Oh, and make sure your BIOS is the most recent before starting the install! Early board BIOS versions were also prone to killing Windows Vista installs.

Philip Elder
Microsoft Small Business Specialists

Thursday 10 May 2007

SBS 2K3 R2 - Windows Vista RipCurl (KB926505) experiences

We have been testing the SBS RipCurl - KB296505: Windows Small Business Server 2003: Vista and Outlook 2007 compatibility update - for quite a while now.

We have a number of SBS SP1 and R2 networks with Vista Business, Ultimate, or Enterprise running on them with no issues whatsoever, other than Ultimate updates via WSUS 2.0 SP1, on the SBS box or the Vista boxes. Now that WSUS 3.0 is here, any Ultimate updates will be available.

That ended yesterday. :(

The box in question is relatively new within the last 4 months. It is an Intel Pentium D based box with 3 GB of RAM running a couple of RAID 1 arrays for OS and data. SBS 2K3 R2 Premium is running on it with all recent updates applied.

In this particular case, our client had decided they wanted Vista Business on their new machines. Given our current positive experiences with Vista on SBS networks, we supported that decision. They are already running Office 2007 Enterprise OLP on their XP Pro systems.

Needless to say, a budgeted four hours for two Windows Vista workstation installs including a RipCurl of the SBS box, and an update to WSUS 3.0 went to pot. We ended up spending a whole day in there getting things working on the SBS box again, and are still dealing with some of the RipCurl aftermath on the SBS box itself. The Vista client systems are installed and running happily along.

Fortunately, no impact on employee productivity happened due to My Documents redirection, Offline Files for the Company shared folder (yes we set this up manually), and the Outlook/Exchange integration!

First, the methods for applying the RipCurl to the SBS box and then Vista:
  1. The Microsoft Document to read first: Using Windows Vista and Outlook 2007 in a Windows Small Business Server 2003 Network (Word document download). Please read it.
  2. Download and install: Update for Windows Small Business Server 2003: Windows Vista and Outlook 2007 compatibility (KB 926505).
  3. Download and install KB911829: You receive an error message when you try to perform any editing tasks, or you must click to enable the compose frame in Outlook Web Access.
  4. Download and install KB930955: Moveuser.exe is incompatible with Windows Vista and is replaced by the new Win32_UserProfile WMI functionality.
  5. ISA service Pack 2 if not installed
  6. Download and install KB930414: An update rollup is available for computers that are running ISA Server 2004, Standard Edition and Windows Small Business Server 2003, Premium Edition
  7. Download and install Firewall Client for ISA Server (Windows Vista compatibility).
  8. Proceed to manually configure certain SBS features on the Windows Vista workstation as per the above document.
The following is a screen shot of the table identifying changes to Client Application Deployment for Windows Vista on SBS:

Further to the Windows Vista client configuration: SBS Group Policy for Windows Vista

This is what the Vista GP looks like from the SBS server:

The settings look like registry entries and a lot are missing.

This is what the same GP settings look like from Vista:

But first, a warning:

Then, what GPMC looks like from Vista:

And the actual SBS - Windows Vista policy being edited for the firewall settings as per the instructions contained in the above image:

From the Using Windows Vista and Outlook 2007 ... document for editing the SBS Vista GPO from Vista:
  1. From a client computer that is running Windows Vista, log on as a domain administrator, click Start, and then type gpmc.msc in the search box.
  2. In Group Policy Management Console, click Forest:DomainName, click Domains, click DomainName, and then click Group Policy Objects.
  3. Right-click Small Business Server – Windows Vista policy, and then click Edit.
  4. In Group Policy Object Editor, browse to the appropriate GPO, and then modify the settings as needed.
  5. Click Apply, and then click OK
  6. Close Group Policy Object Editor, and then close Group Policy Management Console.
  7. To force the Group Policy settings to be applied, either run gpupdate /force from a command prompt with elevated privileges or restart the client computer.
To configure the fax service from within Windows Vista to connect to the SBS based fax service:
  1. From a computer that is running Windows Vista, open Windows Fax and Scan.
  2. Click New Fax.
  3. Click Connect to a fax server on my network.
  4. Type the name of the server that is running Windows SBS, for example \\servername. If you do not know the name of the server, click Start, type cmd, and then type set sbsserver.
  5. Type a name for the fax account, such as Server.
I tried the instruction in line 4, cmd set sbsserver in the Start Search with no results? Not too sure about that one.

And finally, there are a few caveats for the 64 bit version of Vista and shared printers. The SBS setup will not install a shared printer on Vista 64 bit along with a couple of others. It is in the document. ;0)

And finally, a Remote Assistance caveat: Remote assistance when initiated by the admin will only work Vista to Vista. If managing from an XP Pro box, it ain't gonna happen. If the user initiates a Remote Assistance request to the admin on an XP Pro box, it will work though.

I will leave the server issues to another post as it is the end of the day, and they should get more attention via an individual post.

Here is a short list of what broke:
  • MMC crashed and the wizards would not work for add/remove users, add/remove client machines, and others.
  • XP boxes can no longer be added via the mysbsserver/connectcomputer site.
  • Reports and Monitoring no longer work.
  • RWW only had Connect to my computer at work available as an option to users
  • RWW only had the above and servers available to admins.
There are a couple of other things, but I don't remember at the moment.

When doing a fairly complicated procedure, we like to make up checklists. Even if it means making up a hand drawn grid when it comes to something seemingly simple like software installation and configuration for multiple workstations. It keeps things organized and clean.

Here is a screen shot of our RipCurl checklist:

If that is something that will help you out, you can download it here: MPECS Inc. SBS-Vista RipCurl Checklist (pdf document link). Please feel free to use it for your RipCurl projects, or as a template to build your own.

Also, please let us know if there are any changes or omissions, and we will update it accordingly.

UPDATE 07-05-11: Updated the checklist to include room for client data.

Philip Elder
Microsoft Small Business Specialists

Wednesday 9 May 2007

System Builder Tips: Windows Vista - OEM Branding how to

I finally found the way (not that I was looking too hard ;)) to brand a Windows Vista OEM based system like so:

Note our logo, our support info, and a link ot our Web site.

Windows XP was basically an oeminfo.ini with the company support information and an oemlogo.bmp of the logo copied into %windir%\system32.

On Windows Vista, one needs to follow these steps:
  1. modify a registry entry
  2. Copy the bitmap into %windir%\system32\oobe
An easy way to edit the registry is to copy and paste the following (in italics)into a text file that you name "OEMBranding.reg". Make sure the extension is .reg so that when you double click on it you will be asked whether you want to merge the registry information contained therein.

Windows Registry Editor Version 5.00

"SupportHours"="Monday to Friday 08:30 to 17:00"
"Manufacturer"="MPECS Inc."

Change the above entries to your own company's information and away you go.

The OEM logo is bitmap and must be named OEMLogo as per the registry setting. You can experiment with names and types to see what works best for you.

Our bitmap logo is 88 pixels by 88 pixels in size and is 24 bits in depth.

Philip Elder
Microsoft Small Business Specialists

Tuesday 8 May 2007

System Builder Tip: Intel SR1530AH/S3000AH BIOS Updates

When integrating any system, the first thing that should happen is a BIOS update.

Intel recently released BIOS version 41 for the SR1530AH/S3000AH server board.

The simplest method of updating the BIOS is to have a bootable USB Flash Drive (link to previous blog post) on hand with the BIOS updates and flash utility on it.

Once the system has booted and you are about to run the iFlash32 utility, the proper command line syntax is as follows:

iflash32 ah86041.cap /u [Enter]
Replace the current BIOS file name with the appropriate one for your situation. The U switch updates the BIOS automatically.

Answer Yes, and away you go.

Reboot and F2 back into the BIOS settings to verify that they are correct, then install your OS of choice.

Please note that the iFlash32 utility will error out of you use the .ROM file ... at least in this case.

Philip Elder
Microsoft Small Business Specialists

Information Security: What to do with those Trojans?!?

What do we do when a client brings in a system that has multiple infections? How do we know for sure when the system was infected or whether anyone still has any kind of control over the system?

We always advise a flattening of the system. Only non-active data such as documents and images would be recovered before the system is flattened by a system we have setup for this task.

What about the TJX security breach? The Wall Street Journal has an up to date article on where the initial breach has come from: How Credit-Card Data Went Out Wireless Door.

Ouch! *wince*

So, can the forensic experts guarantee that TJX's systems are now free of any further Trojans or Rootkits? I mean 100% free? As in, totally secure?

I don't think so.

Think about this for a minute. You have free access to a treasure of immeasurable proportions. You can come and go as you please. You can do this for months at a time, with no one none the wiser.

So, what do you do? Build a couple of back doors? Maybe. Build a large number of backdoors? Likely. Build time released back doors? Very likely. Hide those backdoors in the maze of locations on a network? Extremely likely.

Imagine if you will, that the folks who were on the up and up as to their credit card and debit card statements were not paying attention. Thus, there would have been no calls to their banks or credit card institutions questioning their statements and mysterious charges on them.

Where would we be now? Surely further along than the crooks in Florida and else where that have been fingered with credit card and debit card numbers procured via TJX.

Kudos to those people who vigilantly monitor their credit and debit card statements. It is solely due to your vigilance that more pain and sorrow, financial and identity losses have not taken place.

From the article:
The problems first surfaced at credit-card issuers such as Fidelity Homestead, the Louisiana savings bank. Its customers were dealing with the aftermath of Hurricane Katrina when they began seeing strange transactions on their credit-card bills in November 2005, says Richard Fahr, Fidelity's security officer. First there were unauthorized transactions from Wal-Mart stores in Mexico, and then fraud started surfacing in Southern California, Mr. Fahr says.
Gives a whole new meaning to, "An ounce of prevention can prevent a pound of pain".

Monitor your statements folks. Even better, get online with your financial institutions and check those online statements regularly. Question any seemingly benign transaction that you know doesn't fit your spending habits or purchase locations.

Sometimes the crooks will put through a small $2 or $3 transaction to test whether people are paying attention. If the credit/debit card number is still good in a couple of weeks, that person is likely not checking their statements.

Again, from the article:
Lobbying by banking associations since disclosure of the TJX breach has helped persuade lawmakers in several states and in Congress to consider new legislation. One bill in Massachusetts would impose full financial responsibility for any fraud-related losses, including costs of reissuing of cards, on companies whose security systems are breached. Another bill, in Minnesota, would bar any company from storing any consumer data after a transaction is authorized and completed.

Massachusetts Rep. Barney Frank, chairman of the House Financial Services Committee, said in March he believes Congress will move to require a company responsible for allowing a breach to bear the costs of notifying customers and reissuing cards.
Um, TJX, you messed up. You messed up real bad. This is beyond a mistake. This is a critical no turning back error. You are responsible for all costs of this breach. Not the banks, not the credit card institutions.

Governments should not have to institute laws to protect their citizens from companies that do not do due diligence.

I do believe that the lawsuits that stem from this incident will teach other companies that it a lot more expensive to deal with a breach than to protect their client's data from a breach in the first place.

UPDATE: Just made some minor grammatical changes.

Philip Elder
Microsoft Small Business Specialists

Monday 7 May 2007

SBS 2K3 R2 - WSUS 3.0 install experience with some caveats

I took to installing WSUS 3.0 on the SBS 2K3 R2 Premium server that was having the most problems with client updates.

First, one has to make sure to install KB 927891 You receive an access violation error when you try to install an update from Windows Update or from Microsoft Update after you apply hotfix package KB916089a on all of your XP WSUS clients.

Windows XP KB927891 download link (Note, validation required before download).

Note, you may experience the following error:

You do not have permission to update Windows XP.
You will need to be signed into the workstations as the domain admin, even if your user has local admin rights.

Once all of your XP clients are up to date, download the WSUS 3.0 files.

If you are using the R2 integrated version of WSUS 2.0 you will need to leave the settings in their stock form in order for WSUS 3.0 to utilize the R2 integrated features. Essentially, there is no difference in the WSUS setting requirements between versions for R2 integration.

Download the WSUS Server 3.0 files here. Note the separate files for 32 bit and 64 bit architectures.

Microsoft has a dedicated document for installing WSUS 3.0 on the various flavours of SBS: Installing Microsoft Windows Server Update Services 3.0 on Windows Small Business Server 2003 (Page link to download Word document).

Give the above document a read to make sure there are no specific caveats for your relevant server setups.

As always, there may be caveats for installing or upgrading any software product.

From the Microsoft TechNet WSUS: Deployment site on 2.0 to 3.0 upgrades:

Before upgrading from WSUS 2.0 to WSUS 3.0

You should make sure that your WSUS 2.0 installation is in good working order before upgrading.
  1. Check for recent errors in the event logs, problems with synchronization between downstream servers and upstream servers, or problems with clients not reporting. Make sure that these issues have been resolved before continuing.
  2. You may want to run DBCC CHECKDB to ensure that the WSUS database is correctly indexed. For more information about CHECKDB, see DBCC CHECKDB (
  3. Back up the WSUS database.
Um, note that the link in number two above points to a search of Not too sure why that is the case? Just in case, I ran the search on DBCC CHECKDB.

Results of a search for "DBCC CHECKDB" from the above search.

After the download had completed, I ran the install. It ran without errors and required a reboot. Once the server came back up and running, things were seemingly OK.

An observation or two about the SBS 2K3 R2 WSUS 3.0 post install/uprade environment:
  • The Reports & Monitoring page and Update Services pages both would no longer come up instantly.
  • The new WSUS db instance (original MSDE is converted to SQL 2K5 internal) runs one core at 100% when bringing up the Update Services page
  • The time to bring up the Update Services page is quite long - expect a long wait on older servers.
  • The new WSUS db instance takes up a large chunk of memory.
  • We received an MMC error on our first trip into the Server Management Console (only happened once):

The box we installed WSUS 3.0 on is an upper end Pentium D based server. My thought is, given the running of one core at 100% until the Update Services page comes up, older systems will be laboured to run WSUS 3.0. One may receive complaints from clients that things are dogging quite bad on the network if one is managing WSUS during business hours.

To tame the memory issue one needs to run through the osql commands for the SQL2K5 instance WSUS 3.0 creates (from the command line - assume Enter after each line):
  1. osql -E -S mysbsserver\Microsoft##SSEE
  2. sp_configure 'show advanced options',1
  3. reconfigure with override
  4. go
  5. sp_configure 'max server memory',128
  6. reconfigure with override
  7. go
  8. quit.
I like to have the Task Manager on the server showing the running processes sorted by memory used when I run the above commands. The SQL instance will literally drop memory before your eyes if it is already using more than your intended maximum memory setting.

The amount of memory set to the WSUS db instance is arbitrary. Most of our SBS servers have a minimum of 3 GB installed, with the newer ones running 4 GB. Anything less than 3 GB would probably mean a need to curtail memory usage to 96 MB, or even 72 MB depending on server speed and actual physical memory installed. The above 128 MB would be for servers running 2 GB to 3 GB of RAM.

As always, it is important to assess the impact that the changes made by installing WSUS 3.0 will have on our client's particular SBS infrastructure beforehand! And, your mileage will very. :D

The WSUS 3.0 Microsoft Site.

Microsoft TechNet WSUS 3.0 Deployment Introduction.

Previous blog posts on this subject: Philip Elder
Microsoft Small Business Specialists

Friday 4 May 2007

System Builder Tips: Vista Aero Performance Rating - Intel 945GM on Toshiba Portégé

A client brought in a brand new Toshiba Portégé M500 laptop to fix some driver related issues after he did an in-place upgrade to Windows Vista.

After booting up the laptop, we ran the Windows System Assessment Tool and achieved the following scores:

Desktop performance for Windows Aero scored 2.0 while the 3D business and gaming graphics performance scored 2.8.

The Intel on board D945GTP (points to the D945GTP assessment) based graphics scored 2.1 and 3.0 respectively.

We updated the graphics driver to Intel's drivers dated late March and the score did not change.

Other than perhaps demonstrating that there is a bit of a restriction in performance due to the laptop chipset, the performance is as expected.

The 945GM based graphics runs Aero.

Philip Elder
Microsoft Small Business Specialists

Thursday 3 May 2007

System Builder Tip: Intel SR1530AH - Heat sink installation warning

When integrating the SR1530AH 1U chassis, the 1U heat sink is attached to a plate installed in one of the fixed hard drive bays.

Once the plate is removed from the chassis, the heat sink can be detached. Turn the heat sink over and you will find that Intel has placed a protective tape over the heat sink compound:

When integrating the processor and heat sink into this particular chassis, make sure to remove the protective tape over the heat sink compound on the bottom of the heat sink before installing it on the CPU.

Otherwise, there will be heat related stability issues and possibly subsequent processor or motherboard failure!

Philip Elder
Microsoft Small Business Specialists

Hobbies: Home Theatre - LCD TVs

I have been rather fanatical about audio fidelity and the visual quality in any of my own home theatre (HT) setups.

One of the neat little aspects of working in the I.T. industry is how it has parallelled the retail side of the HT, only on a smaller scale.

Once Klipsch released their ProMedia and eventually their ProMedia Ultra THX series of speakers, one could setup a phenomenal sounding surround system for sub CA$1,500 that would compete with $10K systems easily. One only needed a DTS/Dolby Digital sound processor (not integrated into a receiver), some fancy wiring, and a couple of the ProMedia speaker setups strategically placed to have excellent sound positioning, those jet engines and explosions requiring ear plugs on me, and the neighbours pounding on the ceiling! :D

Lately, we have seen the demise of the CRT based televisions. LCD TVs have taken hold of the market, and with the successful opening of newer generation LCD production facilities, bigger and better is forthcoming.

With that in mind, watch out for current technology LCD TVs with a rated 1366 x 768 native resolution. The last number is important, as the LCD TV will not be able to Progressively refresh 1080 lines (1080P). Progressive is one line being refreshed after the other.

Right now, the lower end of the LCD TV product offerings are pretty much all at that native resolution.

True 1080P LCD TVs will have a native resolution of at least 1920 x 1080. This resolution will take advantage of the winner of the HD-DVD/Blu-Ray wars (hybrids are on their way), or even the hopefully forthcoming holographic disc players.

It is possible to notice the visual difference between the two native resolutions! Especially in the typical home theatre room that is darkened for viewing. A retail store's open area and high lighting will not bring out the unit's lower resolution deficiencies.

An excellent, well illustrated article on the importance of High Definition 1080P TV: High Definition 1080p TV: Why You Should Be Concerned.

The Klipsch ProMedia Ultra 5.1 THX Speaker System site. Now discontinued. :(

As with anything, it is Buyer Beware.

Philip Elder
Microsoft Small Business Specialists