Thursday 31 July 2008

SBS - Exchange Information Store is Corrupt? Recreating the Store

A while back we dealt with a catastrophic failure where our backup images were also toast. Links to the relevant posts are at the end of this one.

The Exchange databases managed to be recovered, and they actually mounted on the new SBS box we used the SwingIT method to replace the failed box with.

The databases would mount initially, but later on, they would not mount without a manual start of the Information Store service.

It was clear that we managed to get things back, but not back to 100% on the Exchange side of things.

Given that all of these events occured during the client's peak season, we left well enough alone until the time was right for us to start working on clearing up the issue.

That time was yesterday. Total time into this project based on 15 user mailboxes at about 2.5GB was 12-14 hours. Note that a good portion of this time was in testing things before going ahead with the proceedure. A good ShadowProtect backup was created just before beginning the process.

So, we attempt an integrity check on the offline store:

ESEUtil /G - Database is CORRUPTED!

Then, we try to run ESEUtil in defragment mode:

ESEUtil Error -613

Things are not looking too good by this point.

One pair of last ditch efforts:
  • C:\Program Files\Exchsrvr\bin>isinteg -fix -t "c:\program files\exchsrvr\mdbdata\priv1.edb" -test alltests
    • Once this utility finished, no errors were found! Huh?!?
  • eseutil /mh "c:\program files\exchsrvr\mdbdata\priv1.edb"
    • Results with no errors, but current databases are in Clean Shutdown state.
Where to next? We need to get rid of the bad databases while preserving all of the client Exchange data.

Enter Exmerge: The key instruction set that is particularly applicable to SBS: KB313184: How to recover the information store on Exchange 2000 Server or Exchange Server 2003 in a single site. After reading the ExMerge Manual, the other resources above, and following this Knowledgebase article, we were good to go through the process successfully.

We made sure to shutdown both the POP3Connector and the SMTP service before going any further. We did not unplug the DSL modem as Internet access may have been needed at some point through the process.

Note that when it comes time to begin the import process, the SMTP service needs to be running. At that point we unplugged the DSL modem and started the service.

We extracted ExMerge and its .ini file to the Exchange bin folder (C:\Program Files\Exchsrvr\bin), once the above temporary permissions are set, we were required to log off then on again for them to take, we were able to successfully run the Exmerge GUI by double clicking on the application and initiating the Two Step Export.

We chose to export all mailbox related items but the folder permissions as no Outlook user was sharing anything from their profile. Note that in our case ExMerge choked on the Dumpster during the export for all 15 mailboxes.

Critical step: Make sure to manually export all Outlook clients to PST before beginning the Import Steps!

Once we had the ExMerge and Outlook PST files in hand, we made a backup copy of the Exchange MDBDATA folder contents. We then proceeded to rename the two .edb files and delete the rest of the files as per the instructions.

A broadcast email was sent via our test account to the organization caused the new store to fire up everyone's mailboxes just as the instructions state. This step is critical to getting ExMerge to recognize the mailboxes we want to import into.

Run ExMerge in import mode and we were eventually greeted with:

ExMerge Import succeeds with some errors

Most of the export and import errors were around the Dumpster, Deleted Items, and some Inbox issues.

The total volume of the stores increased by about 300MB once the process was finished.

A rebuild of the Offline Address Book will be required once the dust settles: KB 905813: You receive an error message when you try to synchronize the offline address list on an Exchange Server 2007 or Exchange Server 2003 server while you are using Outlook 2003: "0x8004010F".

For the Outlook clients themselves, once the process has completed, we need to kill the original Exchange Profile and reestablish it. There are keys associated with the user's Outlook OST and thus the existing OST will not work. Starting Outlook will only generate errors:

Outlook: Exchange is currently in recovery mode.

We made sure Outlook was not running, then via the Mail icon on both XP Pro and Vista we removed the default Exchange profile. In the case of those Outlook profiles that have not created an Archives.PST file yet, we created a Temp.PST file to point all new items to. The Outlook Profiles will complain if Mailbox - User Name is the only option.

Once an Exchange connection has been established by Outlook, and the post recovery email test message is in the user's inbox, we know that we are in the right place. For larger profiles the OST generation process will take some time, so be prepared to move onto another user profile while waiting.

If a Temp.PST file was created above, use the Data Files button to remove it once Outlook is happy.

One thing to keep in mind: When doing the manual PST creation from the Outlook clients, make sure to put those files somewhere on the network in one place. Once the entire organization's PST files are created, move those PST files, or rename the folder that they are in so that Outlook is not able to find them ... just in case.

The exported PST files will be needed ... that is almost 100% guaranteed.

Further blog posts related to this server crash: Further Exchange related reading and resources: This post is put together in what little time we have ... so it is not meant to be an exact step-by-step. It does flow according to the process, but the indicated documentation will facilitate the necessary deep dive that is required to get a complete grasp of what needs to happen.

So far so good, our client's users are happy. And, hopefully, we will no longer be hearing about strange Outlook behaviours!

This is one of the biggest recovery situations in the history of our company, and, also hopefully, it is now closed! :D

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Intel SRCSAS18E Drive Failure

One of our clients with a rather large SBS installation had a drive failure.

Between the phone call about the beeping in the server closet and our monitoring we were aware of it quite quickly.

This particular SBS box has a 10 drive hot swap setup in an Intel SC5400LX series chassis. The RAID controller behind everything is an Intel SRCSAS18E PCI-E 8x.

The data RAID 5 array had a dedicated hot spare. However, the drive failure was on the OS RAID 1 mirror.

So, we dropped out the dedicated hot spare and allocated it to become a global hot spare. Once this happened, it automatically dropped into the degraded RAID 1 array and began to rebuild.

Now, the last time we had this happen, we were dealing with a 750GB Seagate ES.2 on a RAID 1 array (previous blog post). In that particular instance the rebuild took all of 4-5 hours.

So, since we were dealing with a 250GB drive, the assumption was that the rebuild would take no more than a couple of hours.

This assumption was based on the fact that the two controllers were similar in their configuration, with the SRCSAS18E PCI-E 8x connector providing more bandwidth capability than the SRCSASRB's PCI-E 4x.

This was not the case. Apparently the on board processor may have a lot to do with it as the rebuild took 24 hours.

Given that experience, the 750GB drive that failed on the other system would have taken 3 days to rebuild!

We are fortunate that this client is due for a refresh. The above box will receive a newer S5000PSLSATAR, dual E5440 Xeon Quad Cores, 16GB ECC RAM, and an SRCSASRB RAID controller. All of the drives will be renewed and a slightly different RAID array setup will be put in place. We are looking for data throughput, so the large array will be a RAID 0+1 setup.

It will be then provisioned as a backup data mirror for the main company shares as well as a Hyper-V box for some desktop OS VMs.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Tuesday 29 July 2008

Windows Vista Service Pack 1 Retail Part Numbers

Finding the Windows Vista fully packaged product (retail) part numbers can be a bit of a struggle via the Internet or even our supplier's Web sites.

Different key words for different folks.

Here are the Windows Vista SP1 retail edition part numbers:
  • 66G-02689 Windows Vista Home Basic SP1
  • 66I-02387 Windows Vista Home Premium SP1
  • 66J-06353 Windows Vista Business SP1
  • 66R-02261 Windows Vista Ultimate SP1
All full retail editions come with both the x86 (32bit) and x64 (64bit) DVDs.

We sell retail into client locations as the foundation for our desktop OS virtualization setups. We then add on Windows Vista Software Assurance (>$75/Yr) and the Microsoft Desktop Optimization Pack for Software Assurance (>$20/Yr) for each required desktop VM on an Open Value Agreement with 3 year spread payment option.

For virtualization where we require a fine tuned desktop via Group Policy, or Line of Business Application compatibility across a number of remote client users, we have a good thing going with this setup.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

DNS Update is an absolute requirement

Lately, we have seen a lot of news on the wire and in the blogosphere about vulnerabilities in our DNS setup.

The news is such that Microsoft has reissued a Microsoft Security Advisory (956187).

The threat is immanent, and we should be patching all of our client systems.

From the above Security Advisory:
Microsoft released Microsoft Security Bulletin MS08-037 on July 8, 2008, offering security updates to protect customers against Windows Domain Name System (DNS) spoofing attacks. Microsoft released this update in coordination with other DNS vendors who were also similarly impacted. Since the coordinated release of these updates, the threat to DNS systems has increased due to a greater public understanding of the attacks, as well as detailed exploit code being published on the Internet.Microsoft is not currently aware of active attacks utilizing this exploit code or of customer impact at this time. However, attacks are likely imminent due to the publicly posted proof of concept and Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.

Microsoft’s investigation of this exploit code has verified that it does not affect Microsoft customers who have installed the updates detailed in Microsoft Security Bulletin MS08-037. Microsoft continues to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows.
Threat Level has some good background information on the who/what/where/when: A little work is in store for those of us who have not patched yet. :)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Monday 28 July 2008

Trend Email Hosted Reputation Services now InterScan Messaging Hosted Security

While we have been implementing Trend Micro's AntiVirus solution at our client sites, a few of them have also expressed an interest in the spam filtering offered by Trend.

Our first client was setup using the Email Hosted Reputation Services (EHRS). The service did help to reduce spam over the Exchange IMF setup.

Recently, Trend went through an update of their antivirus products and the hosted spam filtering. The new filtering is called InterScan Messaging Hosted Security (IMHS).

We switched one of our existing clients over to the new IMHS service and unfortunately have been having nothing but grief since. Spam that was not coming through before is now coming through in spades.

We waited the obligatory 48-72 hours to make sure the MX record changes had taken, and still things have not improved.

The straw that broke the camel's back: A bounce message forwarded by one of their clients saying that the attachment size was too large ... at 4MB ... with Trend's server name listed as the culprit.

Since this client is one of our key clients, we are not about to go any further with the service.

Since the previous EHRS services will no longer be in effect, we will default back to the Exchange IMF for now.

For the most part, things were working fine before EHRS, worked a bit better with EHRS, but have taken a big step back with IMHS.

While we are relatively happy with Trend's A/V, we will no longer be selling what is now the Worry-Free Business Security Advanced which includes IMHS. We will stick with the Worry-Free Business Security product for now.

The other side to this pickle: With the advent of SBS 2008, which will include ForeFront and Windows Live OneCare 120 day trials out of the box, if we choose to install them, we may look at going Microsoft on the entire platform. This reduces our install and configuration time too.

Since we are selling 100% Open Value Agreements to all of our clients, and have been for quite a while now, adding ForeFront and OneCare to our client's Open Value Agreements when it comes time to upgrade their refreshed hardware will be a small step.

We shall see ...

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

SBS - Companyweb and Office 2007 Documents

When there is a need to setup document libraries for Office 2007 documents, the current SBS SharePoint V2 Companyweb site does not know what to do with them.

To get that fixed, David Overton has an excellent post: How to get Companyweb (Windows SharePoint Services v2) to work with Office 2007.

Take note that one will need to run the following on each workstation, XP or Vista, that will access the Office 2007 documents on Companyweb:
reg add HKCU\Software\Microsoft\Office\12.0\Common\Internet /v OpenDocumentsReadWriteWhileBrowsing /t REG_DWORD /d 01
This command is via David's post, but must be emphasized as the Office 2007 documents will always open in Read Only mode without it.

As per David's post which links to the following Knowledgebase article: KB 870853: Office 2003 and 2007 Office documents open read-only in Internet Explorer.

David, thanks for sharing that. It has come in very handy!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Friday 25 July 2008

Payment for services - Honour and our Word

A while back we were brought in to help a fellow IT company owner by one of our local suppliers that we have been dealing with for years.

The IT shop had an older SBS setup that had a choked SMTP queue.

As we do with all drop-in situations, we outlined our hourly charges, resolution or not, and made sure that the business owner agreed to them ... which he did. We also have the local admin person create a user and password with domain admin privileges as a precautionary measure. That way they can delete that user when the job was finished.

Well, it is now almost four months later, and they are refusing to pay us for our time.

The SBS box was not setup properly. The wizards were not used and the Exchange box was an open relay. While we worked hard to get things right, the plugged queue just kept growing ... so the suggestion was made to swing to new hardware ... to which the business owner indicated they wanted things worked out instead.

Eventually, the owner decided to take over themselves, wipe the box, and let us go. We set our invoice and indicated we would reduced our time billed (bad mistake - never devalue our own time), and he agreed.

Where does the perception come from in our industry that if the task at hand could not be accomplished that our time is worth nothing?

Take a car into a shop to be worked on and try to get it back without paying ... even if the shop did not find a resolution to the problem. That just will not happen.

Then why is it an acceptable practice to not pay us for our time on the job no matter what the problem status at the end of the day?

We are professionals, and just as mechanics we know that some situations cannot be resolved at the drop of a hat. Usually, that means that after a half an hour to an hour of scoping out the situation we are already providing feedback to the client or customer (they are different) that we may not be able to "fix" the problem.

We begin to offer options to either work out the problem, with no guarantees, or we are saying it may be a lot more expedient to move on to other options.

It is a sad day when we encounter a situation where a handshake is not honoured. It is even sadder one when the person we shook hands with is in our own industry. Not honouring one's commitments says a lot about the character of the business owner and their employees who may be shaking hands on their behalf.

One of the key ways that we establish long term client relationships, in our case we have some spanning 10 years now, is by honouring our word. Our commitments are our gold. If we cannot honour our commitments with our clients and with others in our respective industry, we cannot expect to build our business up.

We are in the relationship building business ... I.T. just happens to be the vehicle we are using to get there.

When we have realized that, then we will be hiring people on who will be open to fostering those business relationships and to being formed into the type of I.T. Professional that can be counted on to follow through on their commitments.

The customer may always be right, but the client knows their options and our professional opinion on the direction they should proceed in. That is the difference between them.

Working together, we the I.T. support firm and our clients, along with the strong supplier and vendor relationships we have built, create and maintain a long term technology infrastructure and user skills vision. Along the way, we make sure to form our employees in that vision.

So, now we are in the awkward position of needing to collect on the aforementioned debt. In our five+ years of business, we have only had one payment situation go bad. It is unfortunate that this situation is turning out to be our second. :(

UPDATE 2008-08-11: It seems that paying a personal visit to the I.T. company in question did the trick. A technician appeared from the back, acknowleged my request, and called the owner to indicate that I was there. A cheque soon followed.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Thursday 24 July 2008

SBS 2003 to EBS 2008 Migration Guide

A new migration guide has been released for those who support clients that have grown close to the transition phase of the SBS lifecycle and are looking at EBS as the possible direction: Migrating from Windows Small Business Server 2003 to Windows Essential Business Server.

The document comes in three flavours: The methodology looks to be similar to the process we would use to insert a new SBS server into an existing Windows domain.

The document gives a good overview with the required steps to complete for the migration.

Courtesy of the MS Download Center RSS Feed.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Wednesday 23 July 2008

Royal Bank of Canada - Banner Ads while online banking?!?

Recently, it seems that the Royal Bank of Canada has decided that they need to banner ad some of their products and services while we are doing our online banking:

RBC Product Banner Ad

The above banner ad appeared after completing a bill payment online. That banner ad was also present when completing a personal transaction. Note the banner's URL it is pointing to is outside the RBC secure online environment.

This practice is just plain wrong in so many ways.

It took the banking industry a long time to overcome the overwhelmingly negative psychology of doing our banking online. In my case, it took one of my former employers over a year to convince me just to try it.

Yes, once online, I was hooked. However, for the right or wrong reasons, it was very difficult to get me to that point.

To me, this is like depositing a product salesman into my living room without my permission to sell me something.

That "living room" experience for my online banking was one of the keys to getting comfortable with doing my banking online.

Perhaps for many that are used to having banner ads in their lives in virtually any online experience this may not be a problem.

But, our online banking is tied to our entire livelihoods. Any mistake on the part of the bank or a flaw in a browser that allows someone to somehow compromise my online session should be avoided.

And, for Pete's sake, I see banner ads everywhere! Do I have to see them while I conduct my personal and business online banking?!?

Again, I may be totally off base since I am not a browser coder or Internet security guru. However, perception is 80% of the battle...

The other aspect of this that really gets me: We are paying for our online banking service.

To put it another way: We are now paying the bank to advertise to us ... much in the way the movie theaters realized that they could get away with 10 minute mini commercials prior to the movie starting.

We pay for the online banking service through our business. We pay a flat fee to the bank for our personal online service.

If the bank wants to sell us something, do so through the company's regular Web site.

Next stop: Letter to RBC's President and CEO Gordon M. Nixon, Barbara Stymiest COO, and the RBC Office of the Ombudsman.

There are some things in life that should be left alone ... and our online banking experience is one of them.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

SBS - Trend Worry Free Business Security Event ID 537

Over all, we have been quite happy with the Trend Micro Client/Server/Messaging SMB product.

It installs fairly smooth on the server and relatively smooth to the clients.

In one case, we have upgraded our client's SBS server and the client machines to the new version of the product called Worry Free Business Security.

This is the first SBS box that we have done this on with others to follow.

Since the upgrade, we are seeing the following in the morning reports:

Security Event ID 537: An error occurred during logon.

Notice that there are a lot of them.

The only indication that we are dealing with a Trend problem is from the Microsoft SBS newsgroup here: Failure Audit 537 in Event Log. Our circumstances are identical to the newsgroup poster.

So, we too have opened a trouble ticket with Trend to further investigate the problem.

For now, we will not be upgrading any further SBS boxes.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Tuesday 22 July 2008

The General Gets Our Vote - HHR SS Panel Arrives in 6-8 Weeks!

I love cars. :D

I started working on them in my late teens, and grew attached to the smells, sounds, and speed of 350 horsepower small blocks, 400-500 big blocks, and later the multi-valve small displacement engines pulling all sorts of cars into all sorts of crazy speeds.

For the last 6 years or more, I have owned a 1997 Ford Taurus V8 SHO.

It has been a very reliable, very fast, and very maneuverable mode of transport. For both street and track I could ask for nothing better for my money.

But, at 10 years, the reliability ratio to the age of the car is starting to equalize. No serious repairs done to date ... yet. So, do we want to spend any money on a 10 year old car versus putting that money into a new one?

From a business perspective the answer is a resounding no!

On the hunt for a replacement in the last year or so, there were many contenders to replace the SHO. But, none really stood out from the pack.

The key elements that needed to carry forward from the SHO:
  • Reasonable power (200bhp+).
    • Too many times in this city the power is required to escape others concentrating on other things.
    • The power is important for highway travelling which we do a fair amount of for our business.
  • Reasonable fuel consumption (when not into the throttle).
    • SHO gets 340KM on 60 litres consistently for years in the city.
  • Handling must be on par or vary close to the SHO's Semi Active Ride Control.
  • Better product carrying capabilities than the trunk or back seat of the SHO.
While doing an install at a client site, the phone system technician was in working on setting up the phone system integration into the SBS network with me. He had an Chevrolet HHR Panel as his company transport.

What caught my eye was the lack of glass in the rear passenger doors. Right away, the element of security came to mind for any system or component contents that may be in the vehicle while parked.

The other thing that struck me were the lines. On the Wikipedia entry for the HHR (Heritage High Roof), the styling cues pull from the 1940's era Chevy Suburban 2 door. Neat.

This last weekend the dealer provided an HHR SS that was the standard 4 door layout for me to scoot about with on errands and to take Monique for a spin.

What a lot of fun that drive was. The vehicle is stable at any speed, in corners, into twists and turns, and flat out a blast from "not to 60" in a shade over 6 seconds.

GM's quality, fit, and finish have come a long way over the last couple of decades ... and that really shows through in the HHR I got to play with.

So, we signed on the dotted line for one. We should see it in about 6 to 8 weeks.

Anyone looking for an excellent second car, or primary get-about, that has power to spare, the Taurus SHO is now available. ;)

Any suggestions for logos and the like for the sides and back? The HHR SS Panel will be black with an ebony interior.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Monday 21 July 2008

Time to walk away ...

When is it that time?

We hear many different ways of describing our clients.

The main categorization that seems to stick in our minds here:
  1. Class A: Trusted Advisor Relationship.
    • Do what needs to be done.
  2. Class B: Consultant building towards Trusted Advisor.
    • Let's talk about what needs to be done and then do it.
  3. Class C: Other.
    • New prospects, occasional clients, others.
So, when we come across a situation where the prospective client, or even a relatively new client, does not seek to build a business relationship with us, what do we do?

We take the time to fully evaluate our communications and prospective relationship building with that new client.

If the "spider sense" is tingling (this is where really good communication with the techs and others in contact with that client pays off), or there is a clear "expecting something for nothing" flag, or anything along those lines, then it is fairly clear where we need to go:
Mr./Ms. Client,

Thank you very much for taking the time to approach MPECS Inc. with your current SBS and I.T. infrastructure needs.

However, due to a number of new and ongoing I.T. infrastructure projects, our technicians are now booked well into the late Fall time frame.

Thus, we will not be able to help you out at this time.

Thank you again for approaching us.

Philip Elder President & CEO
MPECS Inc.
Maintaining a simple and polite brevity is of import here. An apology is not needed as we have done nothing to offend by politely declining their business.

No matter what the financial status of our own company is, whether we are in Feast or Famine mode (not so applicable for us anymore due to our hybrid managed services setup), we must always keep in mind that our business' integrity comes before our need for cash flow.

Allowing a company, or person, to take advantage of us for our skills and abilities in order to make some cash flow happen benefits no one. And, in the long run it can establish a pattern of business behaviour in us that may end up destroying us and our company.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Friday 18 July 2008

Hyper-V Gadget for Windows Vista Sidebar

We manage a number of internal Server Core Hyper-V servers as well as client based Hyper-V servers.

Up to now, we have been using the Remote Server Administrator Tools (RSAT x86 and RSAT x64) on Windows Vista SP1 to manage them.

One of the things that was missing with RSAT was an at-a-glance setup for our Hyper-V systems.

We now have one: the Hyper-V Monitor Gadget for Windows Sidebar by Tore Lervik.

Windows Vista Hyper-v Monitor

We have the ability to add all of our Hyper-V instances to the monitor, configure the user that will authenticate to them, as well as perform some basic VM management like turning them on and off.

This is an excellent little gadget to have.

Thanks to the Virtual PC Guy for the tip: Hyper-V Sidebar Gadget.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

SBS on Dell with PERC5i drive failure and DIY

We were invited into one of our neighbour's office to have a look at an SBS box that was not doing too good.

The setup was put together by the business owner with a little assistance from Dell.

By the time we were done, we had spent 10 hours at the location to get things setup correctly.

The server was headless, so we needed to walk back to the shop and pick up a small LCD monitor, a keyboard, and a mouse.

The business owner took care of plugging in the keyboard and mouse on the front of the server while we worked at connecting the monitor at the back.

Once logged into the server, we began the process of bringing the setup online.

The straw that broke the proverbial camels back: The owner had purchased a Linksys wireless N router and could not get it to setup properly. So, they called Linksys. Apparently Linksys had them disable DHCP on the server manually, enable it on the router, and get the wireless setup for access.

Keep in mind that none of the SBS 2003 R2 Standard key features were being used. Remote Web Workplace was not being used, SharePoint, and more. The R2 Technologies disk had not been installed as well, so no WSUS or integrated WSUS management or Exchange SP2.

The owner was connecting to the server via 3389 along with anyone else who needed bookkeeping and other application access. Do we all know what permission levels those users had?!? Yep: domain admin rights.

We essentially needed to run through our SBS 2003 R2 Setup Checklist (previous blog post) to make sure we made the necessary changes.

Once we had the server running stable, we needed to go to the client computers and work on getting them correctly connected to the SBS network. The ConnectComputer wizard was not used.

While working on the Setup Checklist, a trip back into the shop area where the little server cabinet held the 2650 caused a bit of a panic: Both the status light and the activity light were blinking yellow in unison on one of the two drives in the RAID 1 array.

Eriq Neale blogged about this situation last year:
The PERC 5/i has no audible alarm on it.

The business owner in this case, had no backups in place!

So, for who knows how long, their business was hanging by a thread ... their whole livelihood was on one hard disk that could have followed its partner.

Once this situation was discovered, we immediately grabbed our ShadowProtect I.T. Edition disk and a USB hard drive, rebooted the server into the ShadowProtect Recovery Environment, and created a full system snapshot.

Dell had us download a utility to run tests on the system which turned up all positive. This was a bit on the strange side. So, the technician had us pull the "defective" drive and reseat it. Sure enough, the array started to rebuild.

The Dell technician assured us that this was a "common" support call problem that they deal with. Apparently things like power outages, as explained by our Dell technician, can knock one of the drives, or even both, out of the RAID array.

This particular SBS server had an APC ES series 750VA for a UPS, but no protection on the ADSL telephone or Ethernet setup. The UPS was not tested while we were there.

This explanation by the Dell technician came as quite a surprise as the drive failures we have experienced have been extremely rare relative to the number of servers we have at production sites. And, those drive failures tended to be just that: Drive failures.

By the end of the day, we had a fully functionally SBS 2003 R2 Standard box, DNS and DHCP on a proper IP range and functional, Remote Web Workplace and all its features, desktops reasonably connected to the SBS network, and email Exchange integrated.

Some further training will be required to get the users up to the task of utilizing the full compliment of SBS features.

This situation really causes us to pause when it comes to the Do It Yourself (DIY) type of setup. We have encountered so many situations where the SBS setup was done by the business owner or a friend of the business owner where things were precariously close to total loss or there was no security on the Internet facing services.

There is a reason why a certified professional with actual experience with the SBS product should be driving it. And this example is but one where things are very clear that a Small Business Specialist company with experienced SBS technicians should be on the job.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Thursday 17 July 2008

Intel SR1560SFHS + SRCSASRB USB HDD lockup

One of the last things we do before putting a server into production is blow it away and restore it from the backup we create just before.

In this case, we are dealing with the ShadowProtect image of the new server that served as a replacement for this crashed server (previous blog post).

There are two particular purposes for this recovery:
  1. Test restore of the production server. We provide this service on a quarterly basis for most of our clients with some opting in on a monthly recovery test.
  2. Work with an exact replica of the production Exchange Information Store database as it is not behaving.
Since we managed to salvage the Exchange store from the somewhat corrupted ShadowProtect image, the store will mount, but it will not do so on its own. After a reboot, the store needs to be manually mounted via the Services.msc console.

We ran into a bit of a peculiarity in that the server we are restoring is the soon to be production server at another client that is identically configured.

After booting the ShadowProtect Windows Vista Recovery Environment, loading the SRCSASRB drivers and running the first volume's recovery the system was locking up. No matter what we tried, even going so far as to remove the hard drive from the Thermaltake Silver River Duo enclosure and connecting it via a Thermaltake BlacX SE USB hard drive connector, the system still locked up.

A couple presses of the Num Lock key on the keyboard would bring about a red trouble light on the front of the SR1560SFHS chassis.

The firmware on the motherboard, FRU, and SDR were up to date. But, as it turns out the firmware on the SRCSASRB RAID controller has a new update this last week.

After running the update for the RAID controller and rebooting back into the ShadowProtect Vista Recovery Environment, we were able to initiate a successful series of recoveries for the three volumes on this array.

Links to previous posts on the above crashed server: More to come on the Exchange issue.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Wednesday 16 July 2008

My very first magazine article is published! :D

One of the neat things to come out of my trip to Toronto for the SMB Nation event there was an invitation from Harry Brelsford of SMB Nation to write a technical article for the SMB Nation Magazine: SMB Partner Community Magazine.

The article is focused on Small Business Server 2008 and is now available at the above link!

If you register on the SMB Nation site, if you have not done so already, you can receive a free mailed copy of the magazine anywhere in North America.

Thanks again for all of your support and encouragement folks! :)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Some thoughts on Microsoft's new SBS Support Policy

There have been a number of articles written by various SMB or key technology folks over the last while indicating that the solo shop or fly by the seat of the pants consultant should see the writing on the wall.

Some links:
With the upcoming changes that Microsoft is implementing for business critical support for SBS products, the consultant calls in for that support creates an incident and will receive a call-back from Microsoft Product Support Services to work on the problem.

When Microsoft announced the changes to the Business Critical Support (BCS) policy, there was a lot comments on the "fact" that charging for BCS was a bad idea.

This begs the question: Why is it a bad idea?

We operate an I.T. business that generates its revenues via providing implementation and support services for a variety of manufacturer's products. In most cases, we may have a FAQ, forum, or knowledgebase (Live search), or other such support mechanism provided by the manufacturer.

The key here is that we provide products and services for a fee. We do not provide them for free. We may make small allowances for our clients that spend a good portion of their I.T. budget with us, but we ultimately charge for our services.

While there are manufacturers that do provide some sort of free technical support for their partners, things can get out of hand. Just ask Vlad here: Things that piss Vlad off: SMB Enterprise White Paper, and here: Hacking OWN Support: DRaaS Encyclopedia, and here: Should free content creators be commercially compensated for giving away things for free? Check out his blog for more: Vladville.com (Live search for RTFM).

Microsoft is no different than us as far as providing products and services for a fee.

Yes, we are supporting Microsoft products ... but with the understanding from our client's perspective that we are trained on those products.

This bears repeating: We are supposed to be Professionals. Essentially that means that we are thoroughly knowledgeable in the intricacies of the solutions we design, implement, and support.

We have taken the time to pay for training, certification, technical books, technical mentorship, and business mentorship to build up our product and business knowledge as well as the product and business knowledge of those that work for us.

Coming back to Microsoft and their support policy for those of us that support the SMB with a specific focus on SBS: It is in Microsoft's best interest to charge for that service.

While the $8,000 a year support policy that enables one to get front line support might be a little high for those of us with a one or two person shop, we can certainly pay $4-5,000 a year for the service.

That $4-5K a year is an insurance policy for those times where there is absolutely nowhere to turn when things go sideways. That fee would weed out most of the calls that have absolutely no right to be in the BCS queue. Having that fee would eliminate the need to outsource ... giving us the assurance that the person on the other end of the phone will indeed know their stuff.

Ultimately, it would give Microsoft the opportunity to recognize those Partners that were willing to invest in their own and Microsoft's business presence ... and perhaps focus their partner building with them.

If Microsoft does offer such a support policy oriented to the SMB/SBS Partners, we would be first in line to sign up.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

SBS 2003 Premium - KB948110 SQL2K MS08-040 Caveat

One of our SBS 2K3 Premium servers stalled while running the security update for SQL 2000 KB948110: MS08-040: Description of the security update for SQL Server 2000 GDR and MSDE 2000: July 8, 2008.

We made sure to run the server updates first, then the Exchange ones, then we went to the SQL 2005 update for Service Pack 2.

After that, we ran the above update leaving WSUS V3 SP1 for last.

Susan makes a good point about SQL patching in her blog post: The Mess of SQL Patches. Essentially we can leave them lie for the most part.

Since we were here at the client site to talk about their upcoming server refresh, we also brought their backup drives to rotate out too.

Both servers needed updates so we ran them incrementally on both. We have the SBS 2K3 Premium SP1 with Windows Server 2003 SP2 installed and a Windows Server 2003 R2 Standard acting as a data mirror and second DC.

The Server 2003 R2 box took its updates with no issues.

The SBS 2K3 box hung up during the SQL 2000 update at the point of extracting the files. At least, that is the file process that came up when we tried to cancel the task and subsequently End Task on MSIEXEC when things had not changed 10 minutes later.

We ran an update to ShadowProtect to version 3.2 which also requires a reboot.

So, we rebooted the box and ran the WSUS SP1 update successfully.

For those running SBS 2K3 Premium and Standard there are caveats for this particular SQL 2000 update:
  • SharePoint users who upgraded from SQL Server 2000 Desktop Engine (WMSDE) to any other edition of SQL Server 2000 (for example, SQL Server 2000 Standard Edition) may be incorrectly offered a WMSDE update for this security release. This problem can occur if the SQL Server 2000 edition is not patched correctly with SQL Server 2000 Service Pack 4 after the upgrade from WMSDE. The WMSDE update may cause SharePoint to stop working. To resolve this problem if this occurs, follow these steps to restore SharePoint functionality...
  • Microsoft Internet Security and Acceleration (ISA) Server 2004 and ISA Server 2006 could be affected by this update in the following ways:
    • The MSSQL$MSFW service is stopped and then restarted when the associated database instances are updated. This action occurs if Microsoft SQL Server 2000 or Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) is installed on the computer that is running ISA Server. This action also stops the Microsoft Firewall service. Therefore, the SQL Server installer tries to return the Microsoft Firewall service to the same state that it was in before the update was started. Because the update installer cannot control services on a remote server, you must monitor and possibly restart the Microsoft Firewall service and the dependent services if ISA Server is configured for remote SQL Server logging.
  • ISA Server 2006 installs MSDE 2000 together with SQL Server 2000 SP4.
Take note of these issues prior to installing. Make sure to have a good backup ... just in case.

Links: Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Tuesday 15 July 2008

SBS 2008 and SPLA

We have not been pushing too hard to get things rolling in our SPLA program with an SBS focus as of yet.

The primary reason is that SBS 2008 will actually fit a lot better into a multiple user/company hosting setup.

The reasons:
  1. Remote Web Workplace has the ability to setup the resource links on a per user basis.
  2. SharePoint can be configured with a subsite that is linked in RWW for a given user only. This gives exclusivity to the sub site to specific users or groups of users.
  3. Terminal Services Applications (formerly SoftGrid) can be published to the RWW site via a link.
  4. Users can be assigned a specific desktop for RDC only ... so no more full list of computers.
Enrolled in the SBS 2008 beta yet?

If not, we suggest heading into it soon as it will have a direct impact on your SMB/SBS SPLA business.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Office for Mac 2008 Service Pack 1

We just received a disk for our Open Value Licensing Office 2008 for Mac with service pack 1 integrated.

A download on the MVLS site for the service pack 1 integrated version is not available yet.

The Microsoft Office 2008 for Mac Service Pack 1 (12.1.0) download link. The download is approximately 180MB.

We have not applied this update yet, though Office 2008 for Mac is installed on our iMac with Mac OS X Tiger.

It looks as though the next step for us is to flatten the iMac and run through setting it up on SBS 2008. The new SBS 2008 WSUS management features actually allow us to exclude it from being monitored by WSUS and thus eliminates the "This computer has not registered with Update Services yet" errors we get here.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Monday 14 July 2008

Outlook - inserting HTML code snippets into an email

Sometimes there is a need to insert some HTML code or scripting into an email for a signature or to send some externally resident content to someone.

To do this in the body of an email:
  1. In Notepad paste the required code and save as an HTML file.
  2. Open Outlook
  3. Start a new email
  4. Click on Insert
  5. Find the HTML file that contains the needed code.
  6. Click the down arrow beside the Insert button.
  7. Click on "Insert as Text".

    • Insert as Text

  8. The finished code rendering will show up:

Note that Outlook 2007 no longer allows code snippets inserted into the signature. There are ways to get around this, but given the nature of many spam filters out there ... the risk of losing that email may be too high.

Outlook 2003 provides a "Use HTML as Template" option that we can insert into a signature though. Keep in mind that the email may never reach its destination as a result.

Tip source: SitePoint Forums: Inserting simple HTML into Outlook.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Friday 11 July 2008

Systems are down ... our technicians like to "tinker" with the server

How many of us are running our shops solo? I am sure that there are many out there who are.

How many of us are running a solo shop with a couple of contract technicians that are on call for busy times? This is the category we fall in right now.

And, how many of us are running a shop with at least one to three dedicated part or full time technicians? This is the direction we are going to step into very soon.

Why the questions?

Here is a paraphrase of a conversation I just had with one of our high volume ultra low margin local computer stores when they were called to check stock on a QX9770 that we may need today:
Computer Store (CS), how can I help you?

ME: I need to know your price and ETA on the QX9770 please?

CS: I think it is around $1,200 and I don't think we have any right now.

ME: You don't know?

CS: Our systems are down right now, so I am not able to get that information.

ME: What happened?

CS: Our technicians like to tinker with the server, so we end up without our systems.
"Tinkering" with the in-house server or servers or a client's server should be anathema (#3 in the definition) for us. In other words: An absolute NO-NO.

If we don't have a couple of systems setup for the techs to get their creative juices flowing, then we are in a vary precarious position indeed.

We all know what happens when a technician gets curious, right? ;) We gotta try it out or it drives us bonkers.

By having some decent hardware, not some client throwaways, that the technicians can use for direct OS installs, configuration testing, and "Project Blowup" we are facilitating our technician's abilities to augment their skill set without killing our in-house or client systems.

By having some decent hardware, think at least Quad Core with 6-8GB RAM and RAID, to host virtual machines on that are not sitting there waiting for CPU cycles ... thus causing extreme boredom to set in ... we can have our techs setup some pretty complicated network infrastructure based on client setups. Or, we can base the setup on client's restored to VM or hardware ShadowProtect images (with permission) to facilitate the technician's ability to test that GP or patch or update change based on actual production servers and workstations.

Given the size of the above mentioned computer store, having their systems down for the hour or two during business hours could probably pay for a very decent lab setup.

And that is the mindset we need to have: Having $5-10K worth of hardware sitting on a dedicated lab bench is not an unnecessary expense. It is absolutely imperative to have that lab setup today.

We have so many new products coming down the pipe all the time. We need to invest the money and the time in getting to know these new products.

We also have client systems we can swing into the virtual environment to test patches on. It is not difficult to obtain permission to use their images on our lab systems as they realize that we are testing for their own good. We need only keep in mind the security of the data in their images which are encrypted, and the VMs or hardware those images will be installed on.

Think Windows XP Service Pack 3: We were able to swing a client's XP Pro setup into a VM and test their Line of Business applications with the service pack. Things seemed to run as they should, so after a week of using the VM as a regular desktop, the service pack was released to that client.

As an example for a small I.T. business lab setup:
  • Intel Xeon X3220 server:
    • Intel S3210SHLX
    • Intel Xeon X3220 2.4GHz Quad Core
    • 8GB ECC Kingston
    • 320GB RAID 1
    • SC5299DP
    • $1,500
  • Add a RAID controller such as the SRCSASRB and a couple more drives to enable RAID 10 to reduce the storage bottleneck: $700
There you have it. $4,000 and we have two decent rigs to run 4-6 VMs on that will not cause the techs to loose interest due to VM performance issues. Remember, we can probably count on our techs having a system, or systems, at home worth the cost of a small car. Developing and keeping a technician's interest in being trained or learning to properly utilize the technology our clients use is critical for our I.T. businesses! We need to have that small car technology sitting in our labs!

TechNet Plus ($349 for download only and $599 for DVD - we are on the DVD subscription) can provide an unlimited access to the software needed to run the lab setup.

Having the lab setup in place, the software licensing, and any other elements needed to keep the lab properly equipped, such as a ShadowProtect I.T. Edition subscription, should be considered a part of the Cost of Doing Business today.

If not, "The writing is on the wall folks".

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Thursday 10 July 2008

Time is at a premium...

We have had a rather large influx of business this week due to a local supplier of ours inviting us into their SBS accounts!

It seems that finding technicians that work with SBS, or be trained on it is a pretty difficult thing in our neck of the woods right now.

So, time pressures may not allow for much in the way of posts for a bit.

Thanks for reading!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Tuesday 8 July 2008

Neat News: Co-Authoring an SBS 2008 Book with Harry Brelsford!

Just a quick note ...

This blog was started as a small effort on my part to share a little of the knowledge gained over the years working with SBS and within the SBS community.

I must admit, that I have not had any thoughts of receiving any compensation for writing it. Note the absence of any ads or plugs for products.

So, the invitation from Harry Brelsford to attend SMB Nation Toronto (previous blog post) was a pleasant surprise. I really enjoyed myself at the conference (previous blog post).

While at the conference, Harry invited me to write an article on Small Business Server 2008 for the upcoming SMB Partner Community Magazine.

The writing experience, the collaboration with both Harry Brelsford and Sean Daniel who is on the SBS team was an awesome experience! :D

It was also a very humbling one because the rough edges of my SBS 2008 knowledge base were honed by the very constructive criticisms of Sean. What an great learning experience that was.

So, where is this all leading to?

A co-authorship with Harry to write a new edition of the existing SBS 2003 Best Practices volume (about half way down the page)!

The invitation from Harry to work with him on the new book was received in late June and we are just now beginning to work on the project.

Wow! What a neat turn of events. :)

To you our readers, thank you for all of your support, comments, and encouragement. Without you I surely would have given it up a long time ago. Keep up the great work! ;)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Monday 7 July 2008

SBS - Installing an ACCPAC Database on SQL2005

This process will work for both new and existing MS SQL database setups on ACCPAC.

Note that the methodology is pretty straight foward for a new setup: The process finishes after one has run the ACCPAC Setup Wizard to configure the company.

Our primary focus in this post is a very long struggle to get an existing ACCPAC client migrated to a new SBS installation that upgraded a peer to peer setup.
  1. Create SQLUser in ADUC with a static password and no Exchange attributes
  2. Create SQLUser2 in ADUC with a static password and no Exchange attributes
    • Make sure to follow the SBS password security guidlines for the client's setup when creating the user passwords for these accounts.
    • Note that their passwords must be set to not expire.
    • Depending on the client configuration, further restrictions on these users can be initiated via OU and Group Policy Objects.
  3. Create SQLUser in SQL Server Management Studio --> MySBS --> Security--> Logins and tie it to MySBSDomain\SQLUser
  4. Create blank MYCSYS ACCPAC system Db in SQL2K5 with SQLUser as owner
  5. Double click on the above created SQLUser in SQL2K5 manager and set MYCSYS as the default Database
  6. Create blank MYCDAT ACCPAC data Db ini SQL2K5 with SQLUser as owner
  7. Create SQLUser2 in SQL Server Management Studio --> MySBS --> Security--> Logins
  8. Right click MYCSYS database and Properties
    1. Permissions
    2. Click on MySBSDomain\SQLUser
    3. Verify "Connect" is checked
  9. Click + MYCDAT (repeated for MYCSYS too) --> Security --> Users --> Right Click in the white space under the user list on the right and "New User"
  10. User name: SQLUser2
  11. Login name: MySBSDomain\SQLUser2
  12. Set the Default schema to "dbo"
  13. Leave Schemas owned by this user blank
  14. Set "db_owner" under Database role membership
  15. Click OK (just to repeat: do this for both MYCSYS & MYCDAT database Users)
    • We now have two blank databases to work with that are ready for the ACCPAC setup wizard.
    • If a mistake is made, all we need to do to start over is delete any tables under MYCSYS and MYCDAT --> Tables (click on the first table - NOT THE SYSTEM TABLES FOLDER - then SHIFT + the last table entry, right click and Delete.
  16. For new installations, run the ACCPAC setup wizard and input all of the relevant dates, data, permissions, and users with their passwords.
    • Note that there will be other setup steps that will need to be accomplished such as setting up security on the ACCPAC Database Setup console that are beyond the scope of this post.
  17. For existing installations, keep things relatively simple: set the date as 1/1/200x, currency type, and then Next repeatedly until the process runs through creating the database tables.
  18. Click on ACCPAC Database setup and both MYCSYS & MYCDAT will show up.
  19. Run the ACCPAC Database Load utility to recreate the company data from the last backup made before the last server was downed.
  20. If the Database Load utility somehow does not get all of the up to date data installed, the fix is very simple: Stop the default SQL server instance and copy the following files out of the old ACCPAC data directory:
    • MYCDAT.mdf
    • MYCDAT_log.ldf
    • MYCSYS.mdf
    • MYCSYS_log.ldf
  21. Restart the default SQL instance service
  22. Logon to ACCPAC on the server as the data's admin.
  23. All should be good to go from there to install the software on the workstations and connect to the server.
    • Note that the ACCPAC Database Setup utility on any workstation will muck up the server settings if the MYCSYS and MYCDAT entries are modified/deleted!
  24. ODBC System DSN settings should be taken care of by the ACCPAC install.
After we were finished the above setup steps, we had our client's ACCPAC installation fully functional on the SBS 2003 Premium server with MS SQL 2005 SP1 installed.

If need be, for larger firms, we can initiate the SQL 2K5 install routine to install a dedicated SQL2K5 instance for ACCPAC's purposes prior to performing the above steps.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Saturday 5 July 2008

SBS - Dragged email to my Mailbox - Philip Elder folder ... where did it go?!?

This was probably one of the more interesting predicaments that we needed to research today.

A user accidentally drags their email onto the Mailbox - User Name root in Outlook that is Exchange integrated.

There is no real way to get to that email using any Outlook folder hierarchy.

So, what do we do?

Well, if we are running Windows Vista, we can click the start button and type a few of the email's details to bring it up in the search results. From there, it is a matter of right clicking on the email in the search results and clicking on "Move to Folder" to place it back into a regular email folder.

If we are not running Windows Vista, and the Desktop Search feature does not find it on Windows XP, then we need to build an Advanced Find in Outlook. The neat thing about the Advanced Find is that we don't need to know any keywords. We need only click the Browse button and select the Mailbox - User Name folder along and not Search Subfolders. The search will happen quite quickly and we will be able to highlight them all and right click on them to move them to another folder.

This is the search result with a keyword:

Found Email in IPM_SUBTREE Folder

Note that they are found in a folder called the IPM_SUBTREE.

Ultimately, what lead us to the solution was having all email in Outlook read, right clicking on one and marking it as Unread, then dragging it over the Mailbox - User Name and letting go.

The Search Folder for Unread Mail showed one! Click on the Unread Mail Search Folder and voila: We have our missing email in the above IPM_SUBTREE folder. We realized after the fact that the Windows Vista method also reveals this folder ... if we have the Folder column enabled in the search results!

With that information in hand we were able to find Gilg's Weblog post: Finding lost mail in your top level Outlook/Exchange root that pointed us to creating the Advanced Find in Outlook. We restructured the find with no keywords and having it point only to the Mailbox root to discover any items there.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Friday 4 July 2008

Reduce some workbench zip tie clutter with a Viewtainer

This is a kewl little storage device addition to our workbench setup:

Viewtainer holding 4" zip ties

I happened to stumble onto this product in one of our local hardware stores. The sizes they had were more oriented towards nails and small nuts and bolts.

So, a quick search turned up the product manufacturer's Web site: Viewtainer.com.

We purchased enough Viewtainers via their Web site to cover each workbench station and our technician's tech cases for 4" and 6" zip ties. A few extra small ones were put in use as common chassis screw carriers.

On top of the Viewtainers we find a closed slit that opens when one squeezes that end. They make zip tie access quick and easy without the subsequent mess. The Viewtainers have eliminated virtually all zip tie and chassis screw spills and work bench messes during system builds, system rebuilds, and system maintenance.

We have a company policy that on all of the systems that pass by our workbench, we make sure that all cables are appropriately zip tied to eliminate clutter within the chassis and improve air flow. Over time, with enough systems passing over the workbench at peak busy times, prior to having the Viewtainers, things could get quite messy. These little gems have helped to make cleanup in between jobs that much easier for our technicians.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Adobe releases Acrobat Reader 9

Adobe has released a new version of Adobe Acrobat Professional and Acrobat Reader.

From the Adobe Acrobat Reader release email:
Adobe is pleased to announce the release of Adobe Reader 9 for our Tier 1 languages of English, French, German and Japanese. Other major languages will follow next month.

Highlights of Reader 9 release
This latest version adds new functionality for sharing ideas, creating PDF files, protecting information, and enhancing users’ overall experience. Take a look at just some of our new features:
  • Improved launch speeds: Experience enhanced general performance and reduced launch times.
  • PDF Portfolios: Easily navigate through diverse collections such as drawings, e-mails, spreadsheets, and videos—all in a single file.
  • Adobe Flash® software support: View rich media content such as Shockwave®, Flash, and streaming video files.
  • Acrobat.com: Create PDF files online, coauthor documents with others, upload and store files, including hosting live web meetings. (English version only)
Once a major new version such as this comes out, you have 6 months to update from your older Reader 8.
Current 9.0 file FTP download links (right click and save as): The above public links bypass the need to install the Adobe Download Manager for a Web browser and an optional toolbar.

This is one set of downloads that we will add to our Technician's Thumb Drive and also to our application install points on our managed networks.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Thursday 3 July 2008

SBS - Quick Companyweb Internet Access Link

When we have published the Companyweb site to the Internet via the CEICW and the Remote Web Workplace, there is a very quick way to gain access: Create an Internet shortcut.

Here are the quick links to the Companyweb root site:
  • SBS 2003
    • https://rww.mysbsdomain.com:444
  • SBS 2008:
    • https://rww.mysbsdomain.com:987
With this knowledge in hand, we can setup a number of interesting data sharing scenarios based on the built-in SharePoint setup in both versions of SBS.

We could create a document library that only a particular set of domain and non-domain (Extranet) restricted users have access to such as ExternalCompany.

In the above example, we would have the following links:
  • SBS 2003
    • https://rww.mysbsdomain.com:444/ExternalCompany
  • SBS 2008:
    • https://rww.mysbsdomain.com:987/ExternalCompany
One could also go so far as to create a SharePoint site that uses the above URL or another set by the domain admin with the appropriate permissions set for that site.

Depending on the situation, an Active Directory OU, Group Policy, and NTFS ACL setups could be utilized to restrict a particular group to the SharePoint site only.

For those that require a distinct separation from their Active Directory domain, the External Collaboration Toolkit for SharePoint would work well. The setup in this case would require us to have a second server setup with IIS6/7 and SharePoint V3 installed.

If the extranet business relationship and data security warrants it, a second level authentication setup could be utilized in the form of AuthAnvil from Scorpion Software. This method of security would completely restrict access to any Internet facing resources to those who hold an AuthAnvil hardware token and a valid user name and password. The cost for the product is very inexpensive relative to the extra level of security it provides.

Some SharePoint related links: Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Intel Channel Product Discount Info Site

Intel maintains a site that is dedicated to informing the channel on any promotions on their products.

The site: Intel Channel Promotions.

This particular link gives those in the U.S. or Canada a quick overview of any product promotions by product category such as server, mobile, storage, etc.

For those outside the U.S. or Canada, there should be a site dedicated to your geographical area. If you happen to know the site URL for your region, please feel free to post it in the comments and thanks for that in advance.

BTW, a reseller account is not needed to have a look at the current promotions. Promo pricing is available through authorized Intel distribution centres.

Promotions are added and removed weekly, so have a look on a regular basis. The information there could help improve the profit margins when it comes to configuring server and desktop products.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Wednesday 2 July 2008

750GB Seagate ES.2 failure on SR1530AH plus SRCSASRB

Our Server Core system running Hyper-V on Server Core has had a drive failure.

The culprit:
  • 750GB Seagate Barracuda ES.2
    • ST3750330NS
    • Firmware: SN04
    • Date Code: 08277
    • Site Code: KRATSG
The failed drive is in the same batch as the last one: Seagate 750GB ES.2 Failure on SR1530AHLX swap experience. The replacement drive is also in this batch. This is the third 750GB ES.2 drive failure we have had in recent weeks. Given our volume of drives, this may not be indicative of a general batch problem, but, if we keep experiencing drive failures out of this batch then it may be safe to assume that we are probably dealing with a batch problem.

This particular server setup is in an Intel SR1530AH 1U with an Intel SRCSASRB add-in RAID controller installed. The drives were setup in a RAID 1 mirror in a fixed hard drive install. The 1U was installed in one of our rack enclosures in our shop data centre setup. The air is properly conditioned, so heat would not be a factor in this failure.

Due to the nature of Server Core and the fact that Intel's RAID Web Console Utility for Windows does not support being installed on Server Core installations, we were in a position where we needed to reboot the server into the RAID controller's BIOS in order to remove the now dead drive and configure its replacement.

With the inability to run the RAID Web Console on Server Core, the server will remain down until the RAID array rebuild completes. It does not look as though the array rebuild requires the server to be down during the rebuild process, but given the disk intensive nature of Hyper-V with multiple VMs running, we will let it alone for now.

The RAID Web Console does install on our full Windows Server 2008 installations, so, for those clients that require the least amount of downtime, a hot swap setup would require the full version of Server 2008 versus Server Core for their Hyper-V needs. This may involve a slight adjustment in server configurations to accommodate the additional resource requirements of the full Windows Server 2008 OS.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

SBS - DCDiag produces IsmServ Error

When checking the AD setup on a client's multi DC SBS setup, we had the following error in the DCDiag tests:
Starting test: Services
IsmServ Service is stopped on [My-SBS]
A quick search turned up the following on the TechArena forums: Failed DCdiag Test.

That in turn lead us to: MS KB829623: Default Services That Are Installed in Windows Small Business Server 2003.

Note that the ISMServ shows up in the "Disabled" services list.

Thus, there was no cause for concern.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

Hyper-V goes Gold

Hyper-V has been officially released. There are relatively few known issues with this update. One thing to keep in mind though: Make sure none of the VMs have the Integration Components ISO mounted when running the update or it will fail.

Our own Server Core Hyper-V machine is down for a hard drive change out due to a failed drive. IIRC, the drive setup in our Core box is using 750GB Seagate ES.2 drives. More to come on that ...

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.