Tuesday 31 March 2009

Intel® Server Board S5520UR Tested memory list

As mentioned by us already today, Intel is releasing a new 5500 series Xeon line along with the accompanying server building blocks.

One of the important things to do when it comes to researching new system builds at the beginning of a product life cycle like we are in now, is verify what components will work with what.

We used to need to search in the support pages for the various product components to find their respective compatibility lists.

Now, that no longer is the case. Intel has embedded all of the products that have passed compatibility tests in their Server Configurator tool.

Note that when it comes to populating the memory channels on the new 5500 series boards, there are some caveats:

09-03-31 Intel S5520UR Tested Memory List

DIMM Channel Population Rules

It seems that memory speed is a critical factor when it comes to the number of DIMMs one can install in each channel.

This caveat, and the others that we will discover once we start building the server systems, are the reason we need to spend the time doing the research. After the first build is under our belts, we can reference back to the various compatibility lists, or now the Server Configurator, to verify any product changes or updates required.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Intel Releasing New 5500 Series Xeons and Components

Intel is releasing a bunch of new technology for Intel branded servers over the next number of weeks.

Here is an overview of some of the new components coming down the pipe:

As always, when it comes time to put a server configuration together, there is the Intel Server Configurator tool.

One of our more eagerly anticipated models is this one:

The unit runs a passive midplane to allow us to install a high performance RAID controller to configure a RAID 5+0 or RAID 1+0 array for high load virualization needs. With the addition of a Quad Port Gigabit I/O module, the second power supply for redundancy, and a couple of 2.5” drive carriers to utilize the full 8 drive bays, we are set to rock! :)

It looks as though the Server Configurator has had a bit of a revamp too as it now includes compatible, which means properly tested, third party hard drives, memory and more.

Below is a screenshot of the new 1U’s configuration as we would put it together with the exception of the drives:

09-03-31 Intel 5500 1U 2.5in Series

SR1625UR Server System

Good things are coming down the pipe since we will receive a lot more bang for our power and cooling consumption dollars!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Monday 30 March 2009

SBS - PowerShell 1.0 now released via WSUS

Just recently Microsoft released PowerShell 1.0 via WSUS:

09-03-30 WSUS PowerShell Released

Windows PowerShell 1.0 KB926139

PowerShell is a command line interface that provides an ability to run various management commands or script and schedule them.

It is the basis for the new Exchange 2007 Management Shell.

09-03-30 SBS 2008 - Exchange Start Menu Folder

Microsoft Exchange Server 2007 Start Menu Folder

Windows 7 and Windows Server 2008 R2 will come with version 2 of PowerShell.

While getting to know PowerShell may not be for the feint of heart, getting to know the cmdlets and how to pipe them together to form a command structure to accomplish our needed administration tasks on servers and workstations will streamline our administration tasks in the long run.

Some links for further reading:

Anything that makes our time more efficient is good for us! :)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Thursday 26 March 2009

Out of commission...

Things may be quiet here for a few days.

I hit 103.64 (39.8C) last night and into today.

So, everything is on hold for the moment other than the needed file recovery, and a few other remote management tasks.

Stay well and thanks for reading the blog. :)

Philip

Sent from my SBS Integrated Windows Mobile® phone.

Wednesday 25 March 2009

A Rare Man of Principle: Nils @ Pwn2Own

The young fellow responsible for bringing down IE 8, Firefox, and Safari at Pwn2Own (previous blog post) sat down with Ryan Naraine of ZDNet to chat about his experiences:

Given the fact that there were others who were advocating payment for giving up vulnerabilities they have discovered at the same conference, Nils truly stands out as a rare man of principle.

Doing something for “goodness sake”, to help others, is one of the highest principles we can hold in our businesses and our own life.

Way to go Nils!

Link courtesy of Susan.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Windows Mobile Professional 6.1 Resets Sync Schedule to Manual Only

We have seen this behaviour on one client’s WM6.1 device and did not think much of it other than it happened twice in the last three months.

Today, the settings reset to Manual Updates only on my own personal WM6.1 device too. There are no behaviours associated with the reset other than perhaps the phone needing to be reset after it had locked up.

So, if a client calls stating their phone seemingly stopped receiving e-mail, the first thing to check before resetting it is the synchronization schedule and whether it has been reset recently.

It very well may have.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Tuesday 24 March 2009

Upgraded Recovery and Migration Test Server

One of the benefits of providing Intel based hardware is the ability to recycle their parts, or the entire box depending on our requirements for a server.

As part of most client server upgrades we remove any of the old hardware from the client’s site. Depending on the hardware configuration, the box will end up in our phenomenal Alberta Electronics Recycling Program, or put into some noncritical service needs such as our lab.

This screenshot is the result of combining components from two servers we recently upgraded at client sites:

09-03-24 Intel Pentium D Recovery and Migration Server

Intel Pentium D server with RAID and hot swap

The internals came from one server and the chassis from another.

This particular box will replace our older recovery test server that was used to provide our regional and remote clients with their quarterly backup recovery testing services.

Now, we will be able to use this particular box to recover not only our existing SBS 2003 clients using ShadowProtect, we will be able to use the Hardware Independent Restore capabilities in SP as well due to the newer hardware on this box.

This “new” unit will give us the ability to restore the larger server configurations that are running either SBS 2008 Backup or Windows Server 2008 x64 Backup without worrying about storage limitations (3TB in some cases) or hardware capacity problems. We will set the drives to a RAID 0 stripe to reach that level of data volume. The added benefit is a performance boost with striping the array across the six spindles.

Having this new box gives us the ability to run SBS 2003 to SBS 2008 migration tests for our client’s production SBS servers using their newly configured server box along side of this one. It is our preference to run the two SBS OSs on hardware when possible. Another benefit to the “new” lab box is the hardware is actually quite similar to our clients existing SBS 2003 server configurations!

And finally, the RAID controller in this box is an Intel SRCS16 PCI-X. We will be able to now start our Hardware Independent Restore testing using the built-in SBS 2008 Backup as well as the Windows Server 2008 Backup!

The box configuration:

An external USB DVDRW is used to provide optical media access for all of our lab based boxes.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

SBS 2008 – Terminal Services Gateway server is temporarily unavailable

Here is one of those cryptic error messages when connecting to an SBS server via RDP:

09-03-24 SBS 2008 - Gateway Temporarily Not Available

Remote Desktop Disconnected

This computer can’t connect to the remote computer because the Terminal Services Gateway server is temporarily unavailable. Try reconnecting later or contact your network administrator for assistance.

Now, since we are the network administrators, we now need to figure out just what is going on.

The first instinct is the Internet connection may be down. But, when we bring up the Remote Web Workplace (RWW), the site is there.

Try and log onto the RWW, and this is what we are greeted with:

09-03-24 SBS - RWW - Change Password Page

RWW: Password change needed

If we did not try and log onto RWW, the next logical step would have been to troubleshoot what was going on with the TS Gateway service in the logs.

Once into the server, the TS custom view in the Event Viewer had no errors whatsoever.

In our custom logon failure Event Viewer Custom View (SBS CodePlex) however, we found the following:

An account failed to log on.

Subject:
    Security ID:        NETWORK SERVICE
    Account Name:        SBS$
    Account Domain:        MySBSDomain
    Logon ID:        0x3e4

Logon Type:            3

Account For Which Logon Failed:
    Security ID:        NULL SID
    Account Name:        MyUserName
    Account Domain:       

Failure Information:
    Failure Reason:        The specified account's password has expired.
    Status:            0xc000006e
    Sub Status:        0xc0000071

A quick run through the logs produced the above. We made sure that all of the services were happy before accomplishing the folder recovery we needed to and then logged off.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

SBS 2008 – Using SBS Backup to Expand an Array and Partition

When we set up our SBS 2008 installs, we use a RAID 1+0 configuration with three partitions on the RAID array.

We do this because of the extra throughput we get for both reads and writes. RAID 5 takes a pretty good performance hit on writes, while reads are similar to a RAID 0 stripe.

Our partitioning is done as follows:

  • System C: 100GB
  • Swap File S: 25GB (2.5 * RAM)
  • Data Partition L: GB Balance

Now, since we do keep the Exchange databases on the system partition, the size of the organization is an important consideration when it comes to the size of it.

For some RAID controllers, there is the ability to add disks to the array on the fly. From there, we can open the Disk Manager and Extend the last partition on that array.

To resize, move, or modify any of the other partitions with the newly acquired space will require a third party utility that can work with server partitions.

In the case where the RAID array cannot be expanded on the fly, we have the built-in SBS backup to use as an intermediary. The catch is the need to delete the existing array and create a newer and larger one in the RAID controller’s BIOS.

The whole process is actually quite simple and will take a few hours depending on the size of the backup being used.

  1. We take a backup just prior to downing the server.
  2. Shut down the server.
  3. Insert the new drives.
  4. Reconfigure the RAID array by deleting the existing one and creating a new one incorporating the new disks.
  5. Boot from SBS 2008 DVD 1.
  6. Click the Repair link.
  7. Restore my PC.
  8. Choose the backup just made for the restore.
  9. Make sure to load the RAID drivers just in case during the backup restoration steps.
  10. Run the restore.
  11. Go have coffee, tea, or take on another short project.

The restore process is set to automatically reboot into the newly restored OS once it finishes.

From there, head into the Disk Manager in the SBS Native Tools Management Console and extend that Data partition.

The new SBS 2008 Backup is phenomenal. The more we experiment with its abilities, the more we grow in confidence using it as our default backup program.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

SBS 2008 – MPECS’ Default Group Policy Object Additions

We have a group of Group Policy Objects that we create by default with all of our SBS 2008 installations.

The following is the base SBS 2008 GPO map we keep in Visio 2007 Professional:

09-03-23 SBS 2008 - Default GPOs

SBS 2008 MPECS’ Default GPOs

We create and link the GPOs that are italicized:

  • Default Computers Policy
    • Security settings to apply to all systems connected to the domain.
    • Terminal Services specific settings for remote desktop users.
  • Default Printer Deployment Policy
    • Used to deploy printers to Windows Vista and XP Professional clients.
  • Windows SBSComputers Policy
    • Any settings that need to apply specifically to domain workstations.
  • Windows SBSUsers Policy
    • User specific settings such as publishing BGInfo (previous blog post), Screensaver lockdowns, and more.

When there is a need, we will add other OUs and create and link GPOs to them to make things a lot more granular. An example would be for systems that need specific security settings based on the department the systems reside in.

Using Group Policy Preferences, we are also able to fine tune the user experience with things like customized mapped drives, printer access, local admin user setup, and more.

In the case of SBS 2008, we leave the default GPOs alone, since there is a demonstrated impact on migrating an SBS 2008 domain from the existing SBS 2008 to a new SBS 2008: SBS 2008 to SBS 2008 Migration Fails When "Windows SBS User Policy" Edited.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Monday 23 March 2009

SBS 2003/8 - Publish BGInfo via Group Policy

BGInfo, or BackGround Information, is a utility that we use both inside our own network, in our lab environments, and anywhere else a quick system configuration glance is required.

For those uses where the utility is to run on all systems, we configure a BGI file using the BGInfo application.

Besides the default information the users will see on the screen, we set the following in the program itself:

  • Set the location for the BMP file to the user’s Temp folder to avoid permissions issues (under the Bitmap menu item).09-03-23 BGInfo - BMP Location
  • Position is set to the top right corner with an 8” limit.
  • Multiple monitor setting is to publish to all monitors.
  • We enable all logon types to receive the background.09-03-23 BGInfo - Desktops Setting
  • The information we have displayed is in the following screenshot.

09-03-23 BGInfo - Info Settings

BGInfo Settings

Now, once we have created and saved the BGI file, we need to publish them.

On SBS 2003, we put a copy of BGInfo.exe and BGInfo.BGI in the Scripts under the domain in SysVol. We then edit the default SBS_Login_script.bat file that is located in the same place with the below UNC based application call and switches.

We do this because the SysVol is Read Only for all users so we do not need to worry about users making changes to the defaults or incorporating scripts in the BGI file. If someone has write abilities on these files, we have other problems that need to be dealt with! ;)

The batch file will read:

Keep in mind that we are using the UNC path for both the application file and the applicable BGI file on the same line. There are a couple of switches in there to disable the default start-up pause and the EULA agreement window.

On SBS 2008, things are a little different. Because we no longer have the default SBS logon script in the SysVol, we place the three files in the User Logon Scripts location specific to the GPO we are using.

Since we always create and link a new GPO to the default SBSUsers OU called Windows SBSUsers Policy on our SBS 2008 installs, we will create a batch file called BGInfo.bat, and place it in the appropriate directory for the GPO also using the appropriate UNC for the .EXE and .BGI command line:

To find the correct location, open the GPO by right clicking on it and Editing it.

After opening the GPO, we find the proper location to place the BGInfo files and batch file under the GPO’s GUID as indicated in the above UNC path.

The GUID shows up when we click the Add button in the Logon Scripts properties window. After clicking the Browse button click on the Address Bar (just to the right of the Left and Right arrow buttons) to show the full SysVol UNC path. Leave this window open so as to pick up the batch file copied into the folder in the steps below.

Now, keep in mind that the location being shown is via the SysVol UNC so will be Read Only and your files will not be there yet! Take note of the GUID and open a Windows Explorer window and navigate to the appropriate location via the %WinDIR%\SysVol\…

  • TIP: Highlight the first part of the GUID and copy it, then paste it into the Search field in your Windows Explorer window after bringing up the Windows directory. The GPO’s GUID folder will show up pretty quick without having to follow the path through to it.

When it comes to the new security structures in Windows Server 2008, the BGInfo batch file and application files need to be at least on the local domain admin’s desktop before attempting to copy them into the User\Scripts\Logon\ folder. A couple of UAC prompts will be required when copying and pasting the files.

09-03-23 BGInfo - SBS 2008 Batch File

BGInfo.bat file in the GPO Scripts Folder

Once the files have been pasted into the correct location, the Logon Properties window that was left open from earlier will now have the three BGInfo files shown in that window. Click on the batch file and the Open button to add it. No parameters are needed since the switches are contained within the batch file itself.

Make sure to annotate the GPO change by right clicking on the GPO name in the editor and clicking on Properties. A comment tab is to be had there. We annotate all changes we make to any GPO within that comment tab as well as comment on the Administrative Templates settings that allow GPO setting comments.

The GPO comment format:

  • 09-03-23: Added the BGInfo batch to Users Logon Scripts. Philip
    • YY-MM-DD
    • Brief description of the change for both add/remove/changes.
    • Who did the change.

Once a GPUpdate /force [Enter] is run on the server, all users will receive the newly configured BGInfo background on their desktops when they logon or on any server an admin logs into.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

On Board RAID vs. Add-In RAID Controller and Drive Failure Behaviours

When it comes to balancing the abilities of a server versus its cost, one of the first things to go is the add-in RAID controller.

When it comes to the upfront cost for the add-in RAID controller, it is virtually paid for in improved performance.

The catch with that though is when the first drive failure happens. While not common, drives are mechanical in nature and do fail over time.

The behaviour we have seen on an array member failure when connected to the on board RAID is a server lock-up. Now, for SBS, we can catch it pretty quick when we do not receive a report on the server in the morning, or via phone call if the failure happens during the business day.

There is also the additional cost of having us come down in emergency mode to make sure everything comes back up okay if there was a lock-up.

The add-in RAID controller on the other hand does not flinch. It has the ability to work with an array member failure and transitions the array state accordingly without impact to the server.

While some of the newer on board RAID controllers have the ability to do hot spares, the rebuild of the hot spare into an existing array with a failed member will directly impact the server’s performance.

A hot spare that is dropped into a failed array member’s spot on an add-in RAID controller will not impact the server’s performance for the most part.

As a result of some of the drive failure situations that we have seen, we no longer forgo the add-in RAID controller in any of our client’s sites. It does not pay in the long run.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Friday 20 March 2009

One of those days! :|

Every once in a while, things just do not seem to go the way we planned and leave us seemingly spinning our tires.

Today was one of those days.

A client system with a RAID array failure, has an nForce on board RAID where the RAID BIOS refused to allow us to rebuild the array on the seemingly failed drives. The drives tested 100% okay. We had a ShadowProtect image of the Windows Vista x64 OS installation, but that failed to restore on a Winload.exe error after recreating the RAID array.

Another client system with a Hauppauge Win TV-HVR-1800 series PCI-E TV card in it keeps locking up Windows Vista on the AudioHG.exe driver. This one did not have the automatic updates enabled. When it was realized that the machine needed updates, all of them were allowed to download and install … including the MU drivers. The system choked with no hope of recovery. It was running fine until all of the updates happened.

Then, one of the Sapphire Radeon video cards on the system here has failed. There looks to be no way of bringing it back from the dead.

So, lots of troubleshooting with no real resolutions.

It is days like this one that really hone those rough personality edges. There is a need to take a deep breath before answering that thousandth phone call by the same person having an ongoing problem, to those crazy fog horn blasts in the ear because someone has a free cruise for me if I but, “sell my first born and give a pint of blood!” ;)

Yeah … one of those days. Tough on the professionalism to the Nth degree.

Leaves me thankful that I can go home to my wife and kids, after a number of really deep breaths, and enjoy a warm welcome from Monique and the fact that the kid’s screams of delight at my coming home act to separate work and home.

Refreshed, and repurposed, I will be able to approach things outside of the box and try again.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Thursday 19 March 2009

SBS 2003/8 Training or One-On-One Time Available

Do you need some dedicated time to ask SBS 2008 or SBS 2003 questions?

Or, how about running through the post SBS 2008 OS install steps required to take that fresh OS install to production readiness based on the steps found in our SBS 2008 Blueprint Book in a dedicated remotely accessible SBS 2008 lab?

We have some time that will be available near the end of this month as well as the beginning of next month.

This will be a fee based service, and the available time slots will go on a first come, first serve basis.

If this is something that sounds interesting to you, then please e-mail me to set up a time: SBS Training: Training@SBSTraining.ca.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

SBS 2008 – The New Admin Account Password Expires!

Out of the box, the SBS 2008 setup routine disables the default Administrator 500 account:

09-03-19 SBS 2008 - Disabled 500 Administrator Account

Disabled Administrator Account

Depending on the method that was used to set up SBS 2008, the domain administrator account’s username and password was defined during the OS set up steps or in the Answer File Generator tool.

Now, something else that is new to us on SBS 2008 is the fact that the newly created domain administrative account will have a password that will expire along with all of the other user accounts.

09-03-19 SBS - Expired Password Change Warning

Password Change Needed Soon

If the Answer File was used to install the SBS 2008 OS, it is a given that the password should be changed as an accidental loss of the USB flash drive would leave the SBS domain vulnerable.

The Answer File situation is mitigated by the fact that changing the default SBS domain password policies in the SBS Console will actually force a password change on all existing SBS users including the domain administrator account.

Keep the mandatory user password reset in mind when the policy is changed if the policy needs to be changed sometime after the server goes into production!

With the need to change that password comes the need to know which installed service accounts depend on the domain admin account too. Services.msc will show the LogOnAs setting for any installed service. To date, we have not seen any installed services that require the use of the domain admin account.

There is an exception to this rule though, as the Credentials used to dynamically update DNS in the DHCP manager will require the password to be reset at the same time or a warning will pop up in the logs indicating dynamic updates are not happening.

09-03-19 SBS 2008 - DHCP Credentials

DHCP Dynamic Updates Credentials

This same warning appears in the Event Logs on a fresh SBS install until the credentials are set in place too. So, part of the SBS setup routine must be to input the final SBS Domain Admin credentials just prior to delivering the box.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Exchange 2007 SP1 Rollup 7 Released for Download

The links:

There are a lot of Exchange 2007 as well as a number of Exchange/Entourage specific updates in this particular rollup.

Test this update on a lab box first, but given our experience installing the previous rollups, it should run fine.

If downloading and installing the update directly via Microsoft downloads, then this is how to do it: SBS 2008 – Exchange 2007 Update Error – Insufficient privileges to modify this file (previous blog post). The update will appear on MU/WSUS March 24.

Backup your SBS 2008 prior to install … just in case!

The Microsoft Exchange Team Blog: Update Roll-up 7 for Exchange Server 2007 Service Pack 1 has been released.

Thanks Susan!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Internet Explorer 8 is Now Released

You can get the new IE8 here: Internet Explorer 8 download site.

TippingPoint DVLabs has a good article on the recent Pwn2Own contest where Charlie Miller took down Safari on OS X with a zero day exploit in a couple of minutes.

A fellow by the name of Nils then proceeded to take down IE8, Safari, and finally Firefox with zero day exploits of his own. Quite the talented fellow! :)

Take a look at the Pwn2Own articles and some of the other related content on TippingPoint’s Digital Vaccine Labs Web site.

While no Web browser is perfect, we do need to keep an eye on their specific vulnerabilities and the patches available for them as the Web browser is one of the principle tools used on a daily basis by all users.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Wednesday 18 March 2009

Viewsonic 24” LCD Monitor – VX2433WM = Nice!

We replaced the broken LG monitor (previous blog post) today with a Viewsonic 24” VX2433WM wide screen LCD monitor. We ended up replacing both LG monitors with a pair of the Viewsonic ones as the difference between the LG and Viewsonic image wise was quite significant.

The one major complaint with the LG monitors was the inability to get them to sync up the colours with the 24” Acer X243w that is the primary display on this particular system. Compared to the Viewsonic, the LG’s display was quite poor.

The colours on the Viewsonic monitors are awesome. The text is crisp, and there is very little if any difference in the warmth of the display relative to the primary Acer monitor.

Other than a little bit of a struggle to get the video cards to sync the refresh and resolution properly for one of the monitors, the install was pretty straight forward.

For the money, these monitors will find their way onto our client’s desks as well. They give great value given how good the display is.

We have had great success with Viewsonic’s support in the past. So, hopefully if there is a need for support we will find that to be the case now too.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Tuesday 17 March 2009

SBS 2008 – Troubleshooting and the SBS POP3 Connector

We have a client situation where the POP3 Connector is required.

Once set up, the POP3 Connector did not start pulling e-mail in right away.

When we ran the POP3 Connector retrieve process manually, we received:

09-03-17 SBS 2008 - POP3 Connector - 2 - mail was retrieved with errors

Windows SBS POP3 Connector

POP3 e-mail was retrieved with errors.

The Windows SBS POP3 Connector service encountered one or more problems while retrieving your POP3 e-mail. View the event log for more information.

To check the status on any SBS 2008 component, there is a folder in the Event Viewer with an SBS specific log set in it:

09-03-17 SBS 2008 - POP3 Connector - 4 - Event Logs ID 207 Error

Microsoft-Windows-Small Business Server/Operational Log

So, we head into the log to find out just what is happening. It turns out that the error has to do with either the username or password.

When we brought up the user’s POP3 Connector properties, the username was correct, so there must have been two left thumbs typing in the password! :)

After making sure that the password was indeed correct, we ran a manual receive again and this time we received:

09-03-17 SBS 2008 - POP3 Connector - 3 - mail was retrieved successfully

Windows SBS POP3 Connector

The POP3 e-mail was retrieved successfully. 

Further POP3 Connector troubleshooting:

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Outlook Error – The name cannot be resolved and SBS 2008 with Vista Hosting

We had a user on our hosted SBS 2008 service accidentally copy a bunch of folders into the Outbox in Outlook 2007.

The call to us came in that they were unable to send anything and were not sure why.

Once we connected to the Vista VM, we found the folders nested in the Outbox.

We removed the folders from the Outbox but the Send/Receive dialogue was still stuck.

So, we deleted the Outlook profile, deleted the OST file, and attempted to reconnect to their mailbox, but were not able to do so:

09-03-17 Outlook - Name Cannot Be Resolved

Microsoft Office Outlook

The name cannot be resolved. The name cannot be matched to a name in the address list.

Currently, the SBS hosting services are low key for a few clients that do not have network infrastructure in place but need a secure desktop and data sharing experience for their Line of Business applications.

The Microsoft licensing is provided through SPLA.

When we initially run the SBS Add a new user account wizard, there were no problems with configuring the Outlook profile.

The problem came after the fact:

09-03-17 SBS 2008 - Exchange 2007 User Properties

Exchange 2007: Philip Elder Properties

Note the setting below the Alias: Hide from Exchange address lists. Once the user’s profile has been set up, we enable this setting to remove them from the GAL.

The error in this case was due to the Hide from Exchange address lists setting being enabled. Once we removed the check mark and clicked the Apply button, we were able to complete the Outlook profile set up.

SBS 2008 and Windows Vista Hosting

On the hosting side of the business, we have set up a custom User Role for new hosting users on the SBS 2008 server that tightens up the group membership and quota structures.

Access-based Enumeration is used for any needed shares to keep them hidden from users with no permissions to them and Standard User profiles are used on the Windows Vista VMs with no Network Discovery enabled to keep them isolated.

Customized GPOs are then used to tighten up the security settings on the desktops.

As this side of our business grows, we will look to incorporate another rung on the redundancy ladder by including OWN’s Hosted Exchange solution into the mix.

Scorpion Software’s AuthAnvil is also on the To Do list to incorporate another level of security for the hosting environment as we grow.

The key to making the SBS 2008 and Vista hosting viable for small business is catching the balance between the cost of installing a server setup for the client versus the low monthly cost of having someone else do it for them.

As a result, we need to partner up with key Cloud services providers to augment our own services to provide the best balance between cost and availability.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

SBS 2008 – New CodePlex URL and Backup Failure Filter Added

We just uploaded the XML to create a custom Event Viewer filter for failed backups onto the SBS CodePlex site. Once that XML has been set into a custom view in the Event Viewer we can attach a task to fire an e-mail off to us if the backup does indeed fail.

09-03-17 SBS 2008 CodePlex Site

SBS CodePlex 

Note that the previous URL to access the CodePlex site was:

The new URL is:

Have a look at the various SBS Console custom alerts as well as the custom Event Viewer filters that are to be found on the site.

The XML code on the site can be packaged up and become part of the SBS setup done for production SBS 2008 boxes by default.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

SBS 2008 – Who is Connected by RDP? TS Gateway Manager Knows

When it is time to install patches or software that may bring about the need for a server reboot, we need to know who is working on what on the server.

For files, the default place to check is in the Sessions node in the Computer Management console. Any open files, where they are located, and who has them open are there.

For remote connections, the VPN is managed by RRAS, so any connections can be found in the Routing and Remote Access node under the same Computer Management console.

For RDP though, we now have the ability to actually see who is connected to any server or desktop resources within the SBS network using the TS Gateway Manager:

09-03-17 SBS 2008 - TS Gateway Manager

TS Gateway Manager

We can see how long they have been connected, to what server or desktop they are connected to, and whether the connection has been idle.

The console can be opened by clicking on the Start button and typing the console name in the Search field. Otherwise it is under the Terminal Services folder nested in the Administrative Tools folder in the All Programs list.

Once we know who to get in touch with to let them know that there is a need to reboot, we can be assured that no one will lose any data.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Monday 16 March 2009

SBS 2003 – DNS Event IDs 4521 - Error 9002 attempting to load zone

One of our SBS 2003 boxes started throwing a series of Event ID 4521 errors in the DNS log on a very regular basis:

09-03-16 SBS 2003 - DNS 4521 Error

SBS 2003 – DNS Event ID 4521

The error was:

Event Type:	Warning
Event Source: DNS
Event Category: None
Event ID: 4521
Date: 3/12/2009
Time: 2:34:34 PM
User: N/A
Computer: ANSBS
Description:
The DNS server encountered error 9002 attempting to load zone . from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



The fix for the problem was actually quite simple. At the command line run the following:




  • dnscmd /config /BootMethod [Enter]



After recycling the DNS Server service, the errors, as shown in the above screenshot, stopped happening.



Thanks to Robert Premuz for the solution at the bottom of the forum post here: TechArena: DNS Event 4521 after SP2 on SBS 2003 Std.



Philip Elder

MPECS Inc.


Microsoft Small Business Specialists


Co-Author: SBS 2008 Blueprint Book



*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)



Windows Live Writer

LG Flatron 22” LCD L226WTX–BF --> Fail

Last March we did a review of the 22” LG Flatron L226WTX – BF (previous blog post) and gave it a not so good review.

By then, we had been using the 22” pair of monitors for over 7 months.

Lately, one of the pair of monitors would give off a loud buzzing noise. The noise would happen randomly and last a varying amount of time.

This morning, the buzzing monitor gave a mouse like squeak when the system it was attached to woke up. The power light came on, but the monitor did not.

Power cycle the monitor and a picture will briefly flash by and disappear.

Thus ends our foray back into LG’s monitor products. We did not care for them after allowing them to sit on one of our desks for a while, and with the death of one of the pair, we will not purchase another LG for ourselves or our clients.

The still good monitor will be put into the shop at one of the bench stations.

They will be replaced with a set of Viewsonic LCDs or we may have a look at some other possibilities depending on what our local guys have in stock.

Testing a product before purchasing them for our clients is something we do for all of our product lines. No product goes out the door without us first having tested it, burned it in, load tested it, and in the case of server products having used it in our labs or production environment for at least a good month under load.

We don’t use our clients as product testers or their production networks as labs for our tinkering.

If this dead monitor was sitting on a client’s desk someone would be at least 50% less productive in the case of those that have two monitors, or not working at all if it was their only one.

That down time costs them money as well as a service call.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Saturday 14 March 2009

AuthAnvil – Want to See a Neat Security Demo Video?

With the advent of the TS Gateway service on SBS 2008, the only thing protecting our production SBS 2008 networks is a password.

Even  with a passphrase in place, there are some pretty sophisticated password dictionaries out there.

We will be looking to providing another layer of protection to our SBS 2008 networks.

That protection will be provided by Dana Epp’s (Security MVP blog link) AuthAnvil security product.

Check out the video that demonstrates AuthAnvil in action:

09-03-14 AuthAnvil

Scorpion Software: AuthAnvil Demonstration Video

Something to keep in mind is that TSGrinder (Live Search) has been reworked to now be able to attack the new TS setup on Windows Server 2008.

The video link: Scorpion Software: AuthAnvil Demonstration Video

Scorpion Software also offers a partner program: Scorpion Software Partner Program.

Much like Vlad’s OwnWebNow, Scropion Software is another reputable product vendor that delivers on a great business relationship and a great product set that is well supported.

Do check out Dana’s blog. It is a good read!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Friday 13 March 2009

Outlook 2007 Error – The account you added is not fully configured…

While setting up a remote Outlook 2007 for Outlook Anywhere connectivity with Exchange back at the main office, the Internet connection went down.

Normally, this would not present too much of a problem, but in this case the connection died just after applying the RPC/HTTPS settings in the Connection tab but before the authentication dialogue popped up.

The Outlook connection dialogue hung at that point. After forcing a close, we tried to run the set up procedure again, but we would receive the following error as soon as we clicked on the More Settings button:

09-03-13 Outlook Error - Account not fully configured

Microsoft Office Outlook

The account you added is not fully configured. It might not work properly until re-configured correctly.

A bit of searching for the specific error turned up the following:

While the article does not have the above specific error, when we tried to fire Outlook up we did get one of the error messages contained in the KB article when Outlook was trying to start.

Method 2 in the KB was the solution to our problem:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate one of the following registry keys, as appropriate for the version of Microsoft Windows that you are using:

    HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem

  3. Delete the Profiles key under the Windows Messaging (Subsystem) key.
    To do this, right-click Profiles, and then click Delete. Click Yes to confirm the deletion.
  4. Exit Registry Editor, and then restart Outlook.

Once we deleted the above indicated registry key, we were not able to run the account creation process via the Mail icon due to the fact that there were no longer any Outlook profiles on the system.

There will be a prompt to create one:

09-03-13 Outlook Error - Post Registry - Outlook Profile Created

Outlook Profile Created

Once created, we could go on to put the SBS server FQDN in the Exchange server properties along with the user name and subsequently the Outlook Anywhere settings and have the user authenticate.

Once authenticated, the SBS server name and the proper user name were underlined as they should be and we were able to complete the setup process.

The user could then open their Outlook, authenticate and begin caching their mailbox locally.

When connecting via Outlook Anywhere (RPC/HTTPS), the logon credentials should be formatted:

  • SBSDomain\UserName
  • My very l0ng p@ssw0rd!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

SBS 2008 – During Setup Do Not Update

The setting in the Answer File Generator:

09-03-13 SBS 2008 Answer File

SBS Answer File – Get Installation Updates disabled

If the SBS setup is being run without an Answer File, then click:

09-03-13 SBS 2008 No Answer File

Install – Do not get the most recent installation updates

There are a lot of updates that have been released since SBS first RTMd. Some of them will cause the server install to choke.

Once the server has run through the setup routines successfully, we would run the available MU/WSUS updates after we have completed the server’s preliminary configuration steps.

We would update in the following order along with the requisite reboots:

  • Exchange Updates and the latest Rollup.
  • Windows Server 2008 x64 updates.
  • SharePoint, WSUS , server component specific updates.
  • SQL Server updates.

When it comes to SQL updates, there are some newly released service packs that may not get offered via MU/WSUS before the prior incremental updates do. Keeping the latest service pack level for the install SQL instance versions in mind and only choosing the needed updates will facilitate a more efficient update process.

One practice we have taken up since our struggles with the recent SQL updates causing issues with SharePoint v3 is to run the SBS Backup prior to running each update stage.

If an update causes the server to choke, we are only a restore away to the point we were prior to running the updates.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Thursday 12 March 2009

Adobe Releases Version 9 Patch for Acrobat Vulnerability

The security bulletin is here: Security Updates available for Adobe Reader 9 and Acrobat 9.

While there were ways to somewhat protect ourselves from this one, many of them were difficult to implement without impacting business processes such as disabling Java within Acrobat.

Update links are contained in the above bulletin. Adobe’s automatic updates may catch the update if set to check for them.

Given the high priority of this update, it is a good idea to get them down onto the Technician’s Thumb Drive as well as on all of our client’s servers and get those Acrobat products patched!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

Windows Live Writer

Wednesday 11 March 2009

Cloud Error – Now What?

The server is down, we have work to do, so now what do we do?

09-03-11 Google Error

Google Server Error

The one business aspect that, in our opinion, that is seemingly lost on all of the “promising” new Cloud Services initiatives is the loss of productivity when things do not work as they should.

Or: Quickbooks Online goes offline for several hours (Feb. 3, 2009 Webware Article).

Or, how about this one: TechCrunch: Google Privacy Blunder Shares Your Docs Without Permission.

When the server is down, any company employee impacted by the service outage can cost that company hundreds of dollars an hour or more to sit idle waiting for things to come back online.

If a Cloud Service server is compromised or an error is made, as in the Google example, consideration of the possible ramifications to the business if its data gets out to competitors is important.

As a business owner, we need to ask the difficult questions before jumping in on anything new.

One of the questions to ask is, “how much does it cost my business for every minute of Cloud service downtime?”

In the case of QuickBooks Online, what happens if the service goes offline just before we need to generate our payroll?

Short of a dedicated and managed fibre link at a business site, which is prohibitively expensive here in Canada, what happens if the ISP connection goes down for an extended period of time?

The difficult questions always have to do with balancing the risks with the rewards.

For us, it means having a good understanding of our client’s business needs along with the value they place on their daily productivity and data security among other business process requirements.

With this understanding we can go through all of the options with our client or potential client to help them understand and weigh the risks and rewards to any in-house, hybrid, or Cloud Services based solution.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!

Windows Live Writer

Tuesday 10 March 2009

StorageCraft ShadowProtect and SBS 2008 Lock Ups?

It seems that there may be a problem running ShadowProtect version 3.3 on SBS 2008.

We have not loaded SP up on any of our client production SBS 2008 systems at this time as it is untested for us.

Given our experience so far with the built-in SBS 2008 backup, we were comfortable with its recovery abilities at this time.

There is no conclusive evidence that the problem is with ShadowProtect or within the Win2K8 OS foundation of SBS 2008 as of yet (see page two of the forum).

However, there is a lock-up problem when the ShadowProtect starts up its backup process.

FYI: We have 100% of our SBS 2003 production environments, both SBS and Win2K3 servers, covered by ShadowProtect and it has been virtually flawless in its abilities to facilitate system recoveries.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!

Windows Live Writer

Small Business Server 2008 Blueprint Book Review

Our new SBS 2008 Blueprint book is receiving some very positive reviews:

A quote from the review:

The Small Business Server 2008 Blueprint, co-authored by Philip Elder and Harry Brelsford, offers real-world practical, tactical tips for upgrading and managing Windows SBS 2008, its applications including Windows Server 2008, Exchange Server 2007, SQL Server 2008, Windows SharePoint Services, Office Live as well as a wide variety of third party security solutions. It also delivers pro-active advice on how to centrally control and manage Windows Vista and Windows XP desktops.

Thank you to the WServerNews.com site for the positive review of the book!

And thank you to all of you that have been e-mailing us with your positive feedback too! It is great to hear from you, so keep the comments coming!

Thanks to for reading the blog. :)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!

Windows Live Writer

Monday 9 March 2009

An Opportunity for Passive Income with OWN

There is no silver bullet when it comes to generating income in a business so that we can pay our employees and ourselves a living wage.

To build a business, there is no other way than working very hard for our goals whatever they may be. One “catch phrase” that has stuck with me through the many ups and downs of running our business is Passive Income.

What is Passive Income?

It is cash flow that comes in whether we are working or not. One would hope that the retirement fund, if we have one, would represent a form of passive income. Though, with today’s economy along with the taxes we would pay on that income in the long run there really are questions about its viability as a retirement fund in the first place.

Now, obviously passive income does not grow on trees. Otherwise, the beaches in nice places like Fiji, Tahiti, and the like would be filled with umbrella drink sipping folks.

One thing to keep in mind is that once the garden is planted, that does not mean the work is over. It takes a lot of work to come through the growing season with a good yield of fruits and vegetables.

There is not a lot of difference between that garden and working a business in this industry or any other for that matter.

It takes a lot of hard work.

Many have jumped on the Managed Services delivery platform as a way to generate their passive income. The catch to MSP is to balance the value the client receives with the income we receive. That can be a tough balance to catch if we are not experienced enough in our business dealings, hardware support, software support, or have an experienced team around us to come up with some solid costs for the 12 month or longer MSP contract with the client.

So, once we came up with the magic number, the next step was to convince our clients that MSP was the best way to go. In our case, we focus our attentions on the professional accounting industry. It was not hard to see that calculator going in the partner’s heads when we first proposed the MSP model and fees to them.

Needless to say that in our case, we ended up doing a blended Managed Services model with a tiered structure that our accounting clients worked with us on to provide the best value for them and for us.
Not bad eh? :)

Now, we are slowly working our way through the various MSP and related products out there to augment our services offering to provide more value for that monthly fee.

The one gold mine we have fortunately come across is the service provider OWN or Own Web Now.
We have a partnership with OWN as a Services Provider. We are slowly moving our clients over to ExchangeDefender and now are talking to key clients about Hosted Exchange and SharePoint.

One key feature to OWN is the true partnership relationship they have with us. We will never find OWN in our client’s inbox direct selling their services.

They recognize and value us and what we do for their business.

The other very important feature to reselling OWN services is that passive income. We do the leg work to bring our clients on board, we get to invoice them monthly as part of our managed services offering, and Vlad and his crew get to do all of the hard work for us. ;)

Establishing business partnerships with service providers like OWN will be the butter to our Hybrid MSP services hardware and software bread as we move forward.

Ultimately, we get to offer a nice suite of services without having to spend the hundreds of thousands of dollars to provide our clients with some sort of SLA. It is a win-win situation to be in!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book
*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!
Windows Live Writer

Marco Shaw to be presenting for EMUG – Remotely :)

Our monthly Edmonton Microsoft User Group meeting is this coming Wednesday at NAIT at 18:30 (6:30PM).

Marco has a short introduction on his blog on the content we will receive:

PowerShell is the future of server management. While the management GUIs can provide us with most of the necessary management tasks, in many cases now only PowerShell gives us access to certain areas of the product being managed.

PowerShell also gives us the ability to script much of the routine tasks that would otherwise take up our valuable time clicking through the GUI management console.

This will be a worthwhile event to attend!

Bonus: Marco has a link on his blog to the LiveMeeting stream so that anyone can listen in!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!

Windows Live Writer

Thoughts on Supporting SBS and SBS 2008 Migrations

Up to now, a large part of the product focus for us has been learning the SBS 2008 product and its various components and abilities.

We are now in a position where we need to accomplish some SBS 2008 migrations from existing SBS 2003 domains for us and for some of our clients.

One of the most important aspects of gearing up for a migration is for us to run through the migration virtually first.

The general sentiment in the SBS community when it came to installing SBS 2003 and now SBS 2008 for anyone contemplating going on to support SBS was to install SBS at least three (3) times before embarking on that endeavour.

Why?

The simple answer is, how can we hope to support a product we know little or nothing about?

SBS is a pretty complicated product that Microsoft has taken great pains to bring all of the component parts together and make them play nicely in the same sandbox.

And they do play very nicely in the same sandbox! :)

Now, once we have run the practice installs a number of times, the next step in the process is to get familiar with how to bring SBS back from the dead.

Disaster Recovery skills are a prerequisite in our industry. We must take the time to get to know the backup and recovery processes that are built into the SBS products, but also get familiar with some third party products that can help us along the way too.

It is very disappointing to encounter a dead SBS situation where the individual, technician, or whomever has been supporting that small business’ network has not performed any kind of test recovery on the client’s backup solution previously.

OUCH!

There is simply no excuse for a “professional” I.T. services provider single man shop or organization with a number of technicians to have not tested their client’s backups.

The new SBS 2008 product comes with quite extensive migration documentation that Microsoft has put together for us. The documentation has room to grow yet, but it is still very good at providing the foundation we need to go forward and migrate an existing SBS 2003 network to a new SBS 2008 box.

Now that we have passed about 4 months since the SBS 2008 product’s release, there is a good foundation of knowledge out there on SBS 2008 along with some additional directions to take with regards to SBS 2008 migrations.

Ultimately, experience with both SBS 2008  and SBS 2003 products will be the single most important factor for performing a successful SBS 2003 to SBS 2008 migration.

We cannot emphasize enough that any SBS migration project should be tested virtually first.

Here are some suggestions based on how we are proceeding with our SBS 2003 to SBS 2008 migrations:

  • Snapshot the SBS 2003 box before touching it for the actual migration. Put that snapshot away. Have a fallback in place in case things go awry.
  • There are awesome imaging products available to get a snapshot of that existing client SBS server that can be used to swing into a VM.
  • On the SBS VM, reset the user account’s passwords and make sure the POP3Connector service is disabled if the VM will be given Internet access.
  • Test the user accounts for access to their mailboxes.
  • Optional step: Snapshot one of the local workstations and restore it to a VM on the same virtual network as the now virtualized SBS 2003 VM.
  • Once both VMs are confirmed to be communicating with each other properly and the user accounts are fully functional, shut them down and copy those VHDs to have a backup of the configuration. A snapshot will do, but having those VHDs is good insurance.
  • Install SBS 2008 in Migration Mode and run through the migration steps.
  • Install SBS 2008 in Migration Mode and run through the migration steps.
  • Install SBS 2008 in Migration Mode and run through the migration steps.

No, the last two steps are not a typo.

Run through the migration process at least three times for the first time through a migration attempt! It is very important to get at least remotely comfortable with the process as it is very complicated.

Having some familiarity with how the process works with the specific client servers and a workstation will improve the chances of a successful migration immensely.

After running through the process three times, and subsequently the actual migration, then the rule of thumb should be to virtualize a client’s SBS 2003 and at least one workstation to do a practice run through before running the actual process on the client’s production environment.

Perhaps after running through a dozen or two SBS 2003 to SBS 2008 migrations, the technician may be comfortable enough to run through the process without the trial run … maybe.

As soon as we introduce a Line of Business application or applications into the mix, we have a need for that practice run. Toss into the mix any number of third party AntiVirus, database, accounting, and other applications and we will soon discover that nothing will beat the knowledge gained in a run through.

The need for the practice run becomes all the more acute the longer the SBS 2003 box has been around, or if it was an in-place upgrade from SBS 2000 that was an in-place upgrade from SBS 4.x!

Don’t know the history of the SBS 2003 box? Client is not too sure either and the audit notes are few and far between if they exist at all? Then run through the process virtually first! Get to know that box’s behaviour during the migration process because there very well could be some problem what will not show itself until well into the process.

We used this rule of thumb when we were learning the Swing Migration developed by Jeff Middleton too. We ran through the process a number of times prior to running our first Swing to make sure we had a good grasp on the process.

Ultimately, there is no replacement for experience. None.

Further reading:

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!

Windows Live Writer