Friday 29 October 2010

BlackBerry Training – BlackBerry Express Installation Walk Through

The documentation for the BESX install is just okay.

Courtesy of fellow MVP Jason Miller the following training video provides _all_ of the required preparation steps and actual install steps that are required to install BESX on SBS 2008 or on a standalone server.

The above step-by-step helped us a lot in figuring out where things went sideways for us on our standalone BESX install.

We are still not all the way through reworking the BESX install as our client is in production. We will be working on the setup tomorrow.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Monday 25 October 2010

SBS 2008 Setup Guide 1.7.0 Released

We added the batch file for cleaning up the networking errors in the SBS 2008 BPA along with some clarifications on how to set up the local admin group restricted domain user we deploy to all workstations on the SBS domain.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

SBS 2008 Set Up Last Step – Networking Batch File

The following four networking settings get flagged consistently in the SBS 2008 Best Practices Analyzer on our SBS 2008 installs lately:

image

  • Add-On Congestion Control Provider
  • Receive Window Auto-Tuning Level
  • Receive-Side Scaling State
  • Task Offload

To fix the above, copy and paste the following commands into Notepad, clean up any blog inserted format characters, and save as a batch file. Run the batch file near the end of the SBS 2008 OS configuration found in our SBS 2008 Setup Guide.

netsh int tcp set global congestion=none

netsh int tcp set global autotuning=disabled

netsh int tcp set global rss=disabled

netsh int ip set global taskoffload=disabled

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Favorite Sync Now In Windows Live Essentials 2011

It has been a bit of a struggle to figure out what happened to the Live Toolbar ability to sync Internet Explorer’s Favorites.

After searching around we came upon Windows Live Mesh, now called Sync, that allows is to synchronize our Favorites folder across many different systems.

With the introduction of the Tega v2 we now have_a lot_ of devices to keep shared profile data synchronized across. The Live Toolbar helped to keep things sorted out when it came to IE Favorites.

image

Now that we have that worked out . . . for now . . . we have some addition profile tweaks to complete such as adding SharePoint libraries to Windows 7’s Favorites list (previous blog post) on the Tega v2.

Posted via Tega v2 entirely by touch. This will take some getting used to. A small Bluetooth keyboard is now on the To Do list for this week.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Saturday 23 October 2010

How To Connect The Tega v2 To SBS 2008/v7

One of the requirements for a machine to connect to an SBS 2008 or SBS v7 network is a physical network connection.

A wireless connection does not come up fast enough for the various tasks that the SBS Setup Wizard needs to accomplish when preparing a device.

In the case of the Tega v2, the wireless NIC does not come up until _after_ logging into the OS. So, our first attempt to join our SBS v7 domain failed. The SBS Setup Wizard requires a connection to SBS during the setup procedures.

Since we have two USB ports on the Tega v2 we dropped in on one of our local suppliers and picked up an USB to RJ45 network adapter that has no real indication of manufacturer other than SR1600 on the driver install.

Once the driver was installed we cleaned up the bits and pieces of the previous SBS Connect attempt and re-ran the wizard from the http://connect site.

We set the tablet up for the users that may need to use it and it ran through and configured everything without a hiccup.

A few things that should be a part of any Tega v2 setup on an SBS 2008/v7 domain:

  • USB to RJ45 NIC adapter for a physical connection to the network.
  • USB flash drive with the required install applications.

The second is due to the fact that while the built-in wireless is okay for day to day needs it is rather slow for throughput. So, we put our needed apps on a USB flash drive and ran them from there.

This device is _neat_!

Other than a bit of a learning curve to use it without a keyboard, it will be set up to do exactly the same things that we do with our workstations and laptops.

So, essentially out of the box with the same amount of configuration that goes into any other Windows 7 device we have a fully functional system that allows us to do pretty much anything we would need to do while on the road in an amazingly small form factor.

Too kewl! :D

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Friday 22 October 2010

ShadowProtect – Garbage In = Garbage Out

The situation we are in is not the fault of ShadowProtect specifically, but one that we have encountered before where the system’s disks were starting to fail and the backup was image based. Thus, any image backup software can be found to have bad data within the image.

image

We are in the process of finalizing an SBS 2008 server setup for a new client on-site. Their “server” system was experiencing spontaneous reboots with Check Disk running on each start up. This morning the system refused to come back up.

We had set up a ShadowProtect backup on that machine to help protect the data that was on it.

However, as the above screenshot of a BeyondCompare data copy out of the mounted ShadowProtect image shows us, if the data going in is bad the data coming out will be bad.

We experienced a situation like this at an unprecedented level a few years ago where a client’s very large RAID 5 array decided to start dropping sectors on the drives. We ended up recovering that SBS domain using the Swing method and the data through a combination of backup recoveries across the two servers at that site.

In this case we have no other fallback methods other than some of the users may have a copy of the corrupted files on the own systems since the central “server” has been behaving quite flaky for a while now.

So, we will be mounting the ShadowProtect backups that have been running on the flaky system for a couple of weeks now to see if we can find any of the now corrupted files that still may be in good shape.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Thursday 21 October 2010

Some Thoughts On Implementing ExchangeDefender

When it comes to implementing ExchangeDefender e-mail sanitation and continuity services there are a few steps that need to be taken to prepare the client for the forthcoming changes.

Keep a Report or Two

Keep a report or two in a folder in the e-mail client to show to the client’s users. It then becomes a one click process to show users how to gain access to their ExchangeDefender management portal.

We demonstrate how to whitelist an address or domain and how to set automatic encryption for e-mail recipients or the recipient’s domains.

We tend to run through a training process with key people in the organization a few days or a week before the actual implementation. Then when it comes time to demonstrate ExchangeDefender features to users a day or so before implementing ExchangeDefender services the key people will be a lot further along the learning curve and thus be a front line for many straight forward questions.

E-mail Volume

It is a good idea to go over with users how the volume of e-mail they are receiving will decrease quite substantially once the ExchangeDefender service is implemented.

It is also _very_ important to make sure that they know that once the services are online some of the folks that they normally correspond with may drop off the map so to speak. This may happen because the sender’s e-mail server IP may be on an RBL somewhere on the Internet. This explanation will tie into a discussion on whitelisting e-mail addresses and'/or domains.

Encrypt an E-mail

Encrypt an e-mail to a Hotmail or other e-mail account accessible while at the client’s site to demonstrate how to receive an ExchangeDefender encrypted e-mail. It is a good idea to do this ahead of time so that all we need to do is fire up our cell modem and retrieve the encrypted content.

We make sure to point out how HTML based signatures with images and code in a source e-mail will get distorted when the receiver goes to open the encrypted e-mail. A simple signature for encrypted e-mail is a recommendation that we make.

Camtasia Capture

Produce a few client specific Camtasia captures of the ExchangeDefender services being used by a test e-mail user on the client’s domain so that the names are familiar to users that will make reference to the videos at a later time.

Conclusion

In the end, we find that users have a great service experience when we take the time to make sure that users are prepared for the coming changes, have a good idea of how to use the system from get-go, and know that they have someone to turn to with any questions.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

TegaTech Tega v2 Has Arrived

We have had a very busy moment so there was not really any time to have a look at the tablet other than to pull it out of the box and plug it in to allow it to charge.

The unit looks and feels really good.

Windows 7 Professional is installed on this particular unit, so once the battery was charged we fired it up, ran through the OOBE, connected it to our shop wireless, and joined our SBS v7 domain.

The whole process was relatively painless with the touch keyboard being fairly straightforward in use.

After domain joining without a keyboard use the Ease of Access button near the bottom left hand corner of the screen to enable an on screen keyboard that will allow for the needed CTRL+ALT+DLTE key strokes to unlock the tablet.

A client project beckons, so there will be some additional thoughts on our experiences with the unit soon.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Wednesday 20 October 2010

TS RemoteApps – Disable Printer Redirection For Branch Offices

In most cases branch offices will have a site to site hardware based VPN. In some cases where the branch office is large enough there may be a local DC or RODC installed there.

In either case we are probably joining the remote PCs to the SBS 2008 domain so that we can manage them, their updates, their mapped drive letters, and more.

So, when the remote users are connecting to their needed application via TS RemoteApps they will not need to have printer redirection enabled. If they do, then they may end up with multiple copies of the local printer being served by the TS session thus causing confusion.

So, to eliminate any possibility of confusion for the user we edit the TS RemoteApp’s RDP file that we created to disable printer redirection.

  1. Create the RDP file in TS RemoteApps manager.
  2. Edit the RDP file by doing the following:
    1. Right click on the file and left click on Open With.
      • image
    2. Uncheck Always use the selected …
    3. Click the Browse button.
    4. Navigate to %windir%.
    5. Vista/Win7: Type Notepad in the Search Windows field
      • image
    6. Double click on Notepad.exe found in C:\Windows
      • image
    7. Make sure Notepad is highlighted and click OK.
      • image
      • Again, make sure that Always use the selected program … is not checked.
    8. Change the following setting from “1” to “0”:
      • OLD Setting: redirectprinters:i:1
      • NEW Setting: redirectprinters:i:0
      • image
    9. Save the file by clicking File –> Save.
    10. Close Notepad.
    11. Distribute the RDP file.

Once the above process has been done once, the Open with menu will show Notepad as an option:

image

We now have a RemoteApps session that will no longer show the Printer Name (Redirected) as their default printer along with (Redirected) copies all of the other standard Group Policy deployed printers that would be on their SBS 2008 domain.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

How To Highlight, Right Click, And Print More Than 15 Files

There seems to be a certain limitation in Windows that for some can be quite the burden.

For some folks there is a need to highlight a bunch of files and have them print to a printer right away. One would assume that the process would be simple:

  1. Highlight the files.
  2. Right click on the group and click on Print.

Here are our right click options when 15 files are highlighted:

image

Note the option to print is there.

When we go ahead and highlight 16 documents we see the following menu offered:

image

We have lost the ability to print those documents.

The answer came from this KB article:

Resolution

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer
Name : MultipleInvokePromptMinimum
Type : DWORD
Range: 1 - 16 (decimal)
Default : 15 (decimal)

For some, an actual decimal number like 128 may work where the number 16 may not actually allow for more than 15 files to be highlighted and printed.

image

Once we logged off and back on again we were able to highlight more than 15 documents:

image 

Caution Note: In testing this out on the above Word documents we encountered a huge system stall while Word fired itself up and subsequently started to print the documents. YMMV.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Monday 18 October 2010

v1.6.0 of Our SBS 2008 Setup Guide Released

Since we have been doing a number of SBS 2008 setups lately, we have updated and tweaked our SBS 2008 Setup Guide for some of the changes in product service packs and updates, restructured the order of some of the steps to be more in line with the actual workflows, and added some comments on things such as how to install a GoDaddy certificate.

Note that we use the Answer File method to install all of our SBS 2008 and up operating systems.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Installing BlackBerry Enterprise Server Express and Java

We are in the process of finishing up a rather large SBS 2008 Premium deployment. Part of the setup requires us to install BlackBerry Enterprise Server Express on the second server for this client.

Once we ran through the prerequisite BESX setup steps on SBS 2008 we ran the actual BESX install on the second server. BESX had the ability to install the needed Java software during the setup routine but the actual Java components setup kept failing on our Windows Server 2008 SP2 x64 system.

So, we downloaded the newest Java versions and installed them. We ran through the BESX install process again thinking (read assuming) that BESX would see the _newer_ versions as legitimate and move on. It did not and the install failed yet again.

The BESX install window indicates that it requires Java RE and SEDK version 6 update 18 in the install routine window just prior to running the component installs. There was no Java installed on this server prior to running BESX setup.

image 

So, we uninstalled all of the 32-bit and 64-bit versions of Java 6 Update 22, downloaded the earlier versions, installed them, and were finally able to install BESX on the standalone server.

There is a reference to the Holy Hand Grenade of Antioch’s usage instructions in here somewhere! :)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Friday 15 October 2010

Exchange Server 2007 SP3 Setup Time on SBS 2008 SP2 Fresh OS

We are running Exchange Server 2007 SP3 on our two new SBS 2008 SP2 integrated setups.

The first server to receive the service pack is an Intel Server System SR1630HGPRX with an Intel Xeon X3450 CPU and 16 GB of ECC Kingston RAM. Three 300 GB 15K RPM Seagate SAS drives are configured in a RAID 5 array via an Intel RS2BL040 RAID controller with a battery backup attached.

Note that this is a vanilla SBS install in that we have not yet run the Getting Started Tasks but do have SBS Backup configured and taking backups. So, no mailboxes on this one yet.

image

The MSIEXEC process has one of the cores on this server pinned with the process indicating 12% CPU utilization.

In the end, the entire process did not take that long at all:

image

  • Intel SR1630HGPRX with Intel Xeon X3450, 16 GB RAM, 600GB 15K SAS RAID 5:
    • Elapsed Time: 00:25:36

The second server is an Intel Server System SR1625URR dual Xeon E5620, 24 GB RAM, 146 GB 15K 2.5” SAS RAID 10 array consisting of 6 drives (438 GB usable storage) plus two hot spares attached to an Intel RS2BL080 RAID controller with battery backup.

Again, the MSIEXEC process had one core pinned:

image

And again the process did not take that long:

image

  • Intel SR1625URR with dual Intel Xeon E5620, 24 GB RAM, 438GB 15K SAS RAID 10:
    • Elapsed Time: 00:25:05

    Now that we have an idea of what a vanilla SBS/Exchange install time will be we will go on to service pack some of our smaller SBS 2008 installs. So far, the feedback we have been seeing on running the service pack 3 update on SBS 2008 has been pretty positive.

    Philip Elder
    MPECS Inc.
    Microsoft Small Business Specialists
    Co-Author: SBS 2008 Blueprint Book

    *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

    Windows Live Writer

    Thursday 14 October 2010

    SBS 2008 Setup Guide V1.7.0

    This will be our preliminary set up checklist for getting an SBS 2008 install configured once the base OS install has completed. This post will compliment what is in our SBS 2008 Blueprint book. It will also provide the foundation for a chapter in our upcoming SBS 2008 Advanced Blueprint book.

    There will be some minor tweaks and modifications to this list as we go along with our installs. If things change a lot, then we will run a new post and call it V2. :)

    For the most part, items in the list will be fleshed out in the SBS 2008 Blueprint book. Items that we have encountered beyond the book, will be addressed in existing or subsequent blog posts.

    The following assumes that the server manufacturer’s prep disk was used to update the BIOS, motherboard firmware, RAID controller firmware, backplane firmware, and any other device’s onboard firmware prior to installing the SBS 2008 OS. The firmware update step is an absolutely critical one for the stability of the server.

    Here is our list so far:

    1. Install the manufacturer’s drivers.
        1. RAID including RAID monitoring/status software.
        2. Chipset.
        3. Video.
        4. NIC (Do not team). Unplug or disable any extra NICs for now.
        5. Management suites from the hardware manufacturers will be installed later on in this process.
        6. We do not install System Center Essentials that is provided by Intel on our Intel based SBS 2008 servers.
      1. Desktop
          1. Set the desktop resolution for the monitor attached.
            • Keep in mind that some remote management modules such as Dell’s DRAC may not work if the monitor’s resolution is set too high.
          2. Enable desktop icons.
        1. GUI Customization
            1. Windows Explorer.
            2. Start Menu.
            3. Notification Area.
            4. Add a Desktop Toolbar to the Task Bar .
            5. Internet Explorer.
              1. Add http://download.microsoft.com to Trusted Sites.
            6. Task Manager Process Column Customization.
          1. Partitioning
              • RAID 1+0 is our default (4 disks) + hot spare. Name after the amount of storage is the drive label.
                • 640GB (4x 320GB SATA)
                • C: 100GB SS-SBS (Rename to SBS name)
                • S: 25GB SwapFile (8GB RAM * 1.5 with wiggle room)
                • L: 515GB NetworkData
            • Move the optical drive letter to Z:.
            • Move the Swap File (Reboot and use the above script to speed it up).
            • Copy and paste this services shutdown batch file onto the desktop (previous blog post).
              • Right click and Run as Administrator.
              • Batch file will improve reboot times by 50%-75%!
            • Install and configure Print Services Role: SBS 2008 Terminal Services and HP Printer Drivers (previous blog post).
            • Windows Native Tools Management Console modifications
                1. Add the Group Policy Management Console
                2. Add the Print Management snap-In (after adding the Print Server Role).
                3. Add the Share and Storage Management snap-in.
                4. Add the File Server Resource Manager snap-in.
                5. Add the TS Gateway Manager.
                6. Add the Windows Server Backup snap-in.
              1. Run MMC and add the local Computer Certificate store snap-in and save to the desktop for later use.
                  • Can be found in the SBS Native Tools console.
                • Configure an authoritative time source for the SBS OS.
                  1. Blog Post: SBS 2008 Physical And Hyper-V – Set Up the Domain Time Structure.
                  2. TechNet: Synchronize the Source Server time with an external time source for Windows SBS 2008 migration.
                  3. Once the commands have run, an error message or two may show in the Event Logs soon to be replaced by a successful connection to the authoritative time source.
                  4. Note Oliver Sommer’s comments in the above article.
                • Enable ShadowCopies on the NetworkData partition and set a schedule. We use before hours, coffee, lunch, coffee, and after hours for the schedule.
                • DHCP IPv4 Properties (DNS updates & credentials)
                  • Domain: SBSDomain.local
                    • Extension is required.
                • DHCP additional exclusions for printers (x.1-10) and servers (x.250-254).
                • DNS Settings for Scavenging at 7 days and AD integrated zones.
                • Create a 5GB Soft Quota (File Server Resource Manager).
                • Add Network Service to IIS WAMREG admin service to eliminate DCOM 10016 errors in the event logs (links to MS KB920783 article).
                  • Note that the BPA will pick up any previous log entries and claim that the problem still exists. The error is safe to ignore once the edit has been completed.
                • Enable firewall logging and pop-ups: SBS 2008 Windows Firewall with Advanced Security troubleshooting (previous blog post).
                • Create the default Company Shared Folder with required NTFS and share permissions on the L: NetworkData partition.
                    • Share Name: Company.
                    • Quota: 5GB Soft.
                    • Enable Access-based Enumeration.
                    • NTFS Permissions:
                      • Domain Admins = FULL.
                      • Domain Users = Modify.
                    • Share Permissions:
                      • Domain Admins = FULL.
                      • Domain Users = FULL.
                  • Create the ClientApps (previous blog post on GP and the ClientApps folder) on the L: NetworkData partition.
                      • Share Name: ClientApps.
                      • Quota: None.
                      • Enable Access-based Enumeration. Subfolders can have custom permissions at a later date to exclude users or groups and thus hide those subfolders at a later date.
                      • NTFS and Share Permissions:
                        • Domain Admins = FULL.
                        • Domain Users = FULL.
                        • Domain Controllers = FULL.
                        • Domain Computers = FULL
                    • Make changes to the WSUS Setup:
                      • WSUS Classifications: Enable all except Drivers.
                        • Driver delivery for Windows Vista and 7 has 
                      • WSUS Sync Schedule: Increase synchronization frequency schedule depending on what products are installed on the server.
                    • Getting Started Tasks – Out of Order
                      1. Configure and take a backup now.
                      2. Times: 12:30, 17:30, 23:00.
                        • Make sure that the backup times and the Volume Shadow Copy snapshots do not happen at the same time.
                      3. Backup Now by right clicking on the configured backup and running it.
                      4. Backup in between each batch of updates.
                    • Exchange Server 2007 Rollup Install (previous blog post). Microsoft Download site search for Exchange 2007 rollup (Microsoft Download Site Search). Check to make sure there are no newer rollups.
                    • Server Updates via WSUS/MU.
                    • Create a new User Role in the SBS Console.
                      • Name: Standard User – Restricted.
                      • Remove all Group Memberships.
                      • Add the Domain Users security group only.
                      • Remove OWA permission.
                      • No RWW or VPN.
                      • Verify permissions in the User Role after it is created.
                      • This role is used for the local admin account deployed via Group Policy later in this guide.
                    • Group Policy Configurations (previous blog post):
                        1. Default Computer Policy:
                          1. Local Policies: User Rights Assignment.
                          2. Local Policies: Security Options.
                            • Enable UAC by default in Group Policy (previous blog post).
                            • NOTE: The UAC structure can be split up between Computers, SBSComputers, and SBSServers GPOs so that domain admin accounts only get prompted on servers.
                          3. Remote Connectivity: Remove the Disconnect option from the Start Menu and add the Windows Security option.
                        2. Windows SBSUsers Policy:
                          1. Configure Screensaver Management. Our default is 45 minutes with logon.scr as the default SS. Password is always required.
                            • 2010-10-18: For Windows 7 we now use scrnsave.scr as the basis for all screensavers which is a blank screen.
                          2. Mapped Network Drive (M: = \\SS-SBS\Company) via Group Policy Preferences
                          3. Set the Companyweb as the default site in IE.
                          4. Add the RWW and OWA URLs to IE’s Favorites.
                        3. Windows SBSComputers Policy:
                          1. Deploy a restricted domain user to _all_ system’s Local Admin Group.
                            1. Create a new user using the Standard User – Restricted Role.
                            2. Deploy to workstation’s Local Admin Group via Group Policy Preferences.
                            3. Remove the user’s mailbox (previous blog post).
                        4. Default Printer Deployment Policy:
                          1. Deploy printers to XP Professional x86 (previous blog post).
                          2. Deploy printers to Windows Vista using the Printer Management snap-in.
                        5. Windows SBSComputers XP Pro Policy:
                          1. Deploy Windows Defender to Windows XP Professional (Optional).
                      1. Install the server hardware manufacturer’s management software suite.
                      2. Set the SBS Domain Password Polices (60-75 days, 10-12 characters minimum with complexity).
                        • Note that all user’s passwords will reset to request a new password!
                      3. Enable Folder Redirection.
                        • Changing the security settings in the default GPO for redirection will show FR as not enabled in the SBS Console.
                        • We remove the Exclusive Access setting on any folders redirected to remove complications when it comes time to migrate the client to a new server.
                      4. Remove the Public share in the SBS Console.
                      5. If using the self-issued certificate, copy the package to the Network Admin\SBS folder in the Company shared drive. (We create a Network Admin folder in the Company Shared Folder at all client sites).
                        • If using a GoDaddy certificate, make sure to install the GoDaddy Intermediate certificates (download page) into the Intermediate Certification Authorities store individually to avoid any issues later.
                          1.  gd_intermediate.crt
                          2. gd_cross_intermediate.crt
                          3. Disable All Uses for GoDaddy Class 2 root certificate in Trusted Root Certification Authorities.
                          4. Restart the IISAdmin service.
                          5. Install the GoDaddy certificate using the wizard.
                      6. Move the relevant data folders to the L: partition. We move all but the Exchange databases.
                          1. WSS (SharePoint) Data.
                          2. Users’ Shared Folders.
                            1. Re-enable Access-based Enumeration
                          3. Users’ Redirected Folders Data.
                            1. Re-enable Access-based Enumeration
                          4. WSUS Update Repository Data.
                        1. SBS Console Getting Started Tasks.
                            1. Connect to the Internet.
                            2. Customer Feedback options.
                            3. Set up your Internet address.
                            4. Configure a Smart Host for Internet e-mail.
                            5. Add a trusted certificate.
                            6. Configure server backup: Earlier in this checklist.
                            7. Add new users (use the multiple wizard under users if there are a lot of users to add).
                            8. Connect computers: http://connect.
                            9. Share Printers via Group Policy for Windows Vista and PushPrinterConnections.exe for Windows XP Pro SP3 (both links are previous blog posts).
                            10. Set up Office Live Small Business.
                          1. Configure the Reports e-mail addresses.
                          2. Copy Logon Failure XML code (CodePlex site) into a new Event ID Filter and set an e-mail to fire when a failed logon occurs.
                          3. Configure Workstations on the domain.
                          4. Create and configure the Group Policy Central Store.
                          5. Enable an MFP or Copier to Scan To E-mail Destined To A Companyweb SharePoint Library (previous blog post).
                          6. Enable and configure Windows Search Services on SBS 2008 or a Windows Server 2008 RTM/R2 file server and Libraries on Windows 7 (Official SBS Blog post).
                            1. Install the Search Service.
                            2. Add the share to Windows 7 Libraries.
                            3. Click start and start typing and watch those network files results flow!
                          7. Fix the SharePoint 2436 Search errors (Official SBS Blog post).
                          8. Fix the networking settings for Add-On Congestion Control Provider, Receive Window Auto-Tuning Level, Receive-Side Scaling State, Task Offload (previous blog post)
                          9. Download, install, and run the SBS 2008 Best Practices Analyzer.
                            1. The BPA will pick up a lot of the little things that need to be configured such as advanced OS networking features that should be disabled, the SharePoint 2436 error above, and others.
                          10. Change the initial domain administrator’s password if using an Answer File (remember to reset the DHCP credentials, and any Event Log event fired Task too). Note that if the admin account has not been logged off since changing the Password Policies, a log off and log on again will require a password change anyway.
                          11. Configure Custom Views and e-mail Task triggers for Event IDs (SBS Native Tools Management):
                          12. OPTIONS:
                          13. Customize the SBS Console Reports.
                          14. Run a backup. Crash the server. Restore the Backup. Deliver.

                          One thing to keep in mind when it comes to checklists is that they are never meant to be a replacement for the materials they summarize!

                          It is very important to understand why the various steps need to be accomplished, how those steps can change over time due to changes in the operating system, the hardware configurations underneath the OS, and the technician’s own growth in experience and understanding.

                          The “why” leads to an ability to understand how things are going wrong when they do. Note that we are saying, “when” and not “if” things go wrong.

                          Troubleshooting

                          UPDATES:

                          • 2009-05-11: V1.0.1 – Added a step and a few sub steps for Group Policy settings.
                          • 2009-05-14: V1.0.2 – Added the IE SBSUsers settings.
                          • 2009-05-19: V1.1.0 – Added some tweaks and changes to the existing steps.
                          • 2009-05-23: V1.1.1 – Added the option to map the Companyweb site to a network drive.
                          • 2009-05-29: V1.2.0 – Significant changes and adjustments made with some additional steps too.
                          • 2009-09-05: V1.2.1 – Added the option for allowing copiers and MFPs to relay e-mail through to users and a SharePoint library, the Troubleshooting section, and some formatting changes.
                          • 2010-01-14: Numerous updates including the Exchange 2007 SP2 mention.
                          • 2010-01-17: v1.4.1 – Added the need to set up time synchronization as well as cleaned up some HTML code.
                          • 2010-01-27: v1.4.2 – Added the blog post link for configuring the time service step.
                          • 2010-05-01: v1.5.0 – Numerous changes and updates to the process.
                          • 2010-10-18: v1.6.0 – Restructured some of the step’s order to better represent the work flow such as backing up SBS _before_ applying the Exchange service place. Numerous other changes.
                          • 2010-10-25: v1.7.0 – Added some steps and some clarifications for the steps.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac! (previous blog post)

                          Windows Live Writer

                          Intel Remote Management 3 A Must

                          Today, the cost of adding in the Intel Remote Management 3 (RMM3) module in most Intel Server Systems or server boards is very low. To our clients it is actually worth about one visit. So, why not have one installed where we can so that on-site time is reduced?

                          For Dell we have the DRAC i6 Enterprise, HP has the iLO with Advanced license, and there are others.

                          What these components do for us is provide a number of out-of-band management features. That means that we do not need an OS to work with the server.

                          • Console access to the OS, BIOS, firmware, and other server components.
                            • This is done by redirected KVM session over HTTPS.
                          • Ability to reset the server, power it up, or power it down.
                          • Check the server’s sensor logs for errors.

                          The initial setup of the RMM3 is done in the BIOS of the server. We enable USER3, rename the user, give it a password, and make sure that it has Administrator permissions.

                          When we first hit the IP address of the RMM3 we need to log on using the above created user:

                          image

                          The page that we will be greeted with will be a summary of the system.

                          From an RMM3 on an SR1625URR Server System:

                          image

                          From an RMM3 on an SR1630HGPRX Server System:

                          image

                          The FRU Information link gives us our server’s PBA (Part/Model Number), serial number, and other needed information if we are in need of support or warranty replacement.

                          The Server Health tab gives us a view of the server’s sensor status along with access to the server’s internal Event Log.

                          The SR1625URR’s sensor readings:

                          image

                          The SR1630HGPRX sensor readings:

                          image

                          Note the difference in the number of sensors between the server systems. The SR1625URR is a dual Intel Xeon Nehalem 5000 series 1U server while the SR1630HGPRX is an Intel Xeon Nehalem 3000 series 1U server.

                          While all of the above features are very helpful as far as keeping an eye on the server’s health and for troubleshooting purposes the key RMM3 feature is its ability to give us console access to the server’s OS.

                          image

                          Once we click the Launch Console button we will need to approve some Java security warnings before the redirected KVM session begins.

                          Once we do get our session we are “sitting in front of the server”.

                          This is a screenshot of the SR1625URR’s KVM session:

                          image

                          We currently have both 1U server’s RMM3 network ports connected to our own internal network. Once we have plugged in the needed optical disk for the OS install if needed and/or USB flash drives we no longer need to be standing at the workbench to run a fresh OS install as is the case in the above screenshot.

                          We can have a technician run several OS installs and post install configurations while working at their own station.

                          Once these servers are ready to go into production, the RMM3 Ethernet ports will be set with an ISP delivered static IP address and a GoDaddy certificate will be installed to eliminate the SSL warnings for the Web portal.

                          When it comes to a standard access method such as Terminal Services/Remote Desktop Services or TS/RDS via TS/RDS Gateway we are stuck if the underlying services get knocked out by an update or something breaks along the way.

                          Using the RMM3/DRAC/iLO to run those updates means that we do not need to be concerned about the underlying services plus we can watch the server reboot through its BIOS POST as well as RAID Controller POST status indicators.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Wednesday 13 October 2010

                          Camtasia Video Rendering On Intel Core i7-875K

                          This is what a one hour video being rendered to Web MP4 video looks like on our new Core i7-875K based system:

                          image

                          In the above screenshot the Camtasia process is running at 64% across all cores four cores plus HyperThreading.

                          image

                          The above CPU usage shows that Camtasia is quite capable of utilizing all of the cores and threads the Core i7-875K has to offer to run its rendering process.

                          image

                          Note that Intel TurboBoost shows that currently the CPU is running at 3.2GHz to try and keep up with everything.

                          Meanwhile, the system is still quite usable.

                          Start time for the process was 16:15Hrs (4:15PM) and is about half done. So, it looks as though the entire 1 hour video that was captured at about 1400x900 will take about 30 minutes to render.

                          image

                          Here we are a while later with the finished product being rendered at about 16:42Hrs.

                          image

                          The original Camtasia capture was just shy of 1 GB in size and resides on our storage server. So, the above rendering was being done by processing the original on the network with the finished product being dropped into a local temp folder on this machine.

                          If we have time, we may run the render again with the project source files on the local machine to see how much of a difference there is. The storage subsystem is using the on board Intel software RAID controller to run a RAID 0 stripe across to 80 GB X25-M Intel SSDs.

                          For folks that make a living where CPU intensive tasks are part of the process, the Core i7-875K may make a great compromise instead of an Intel Core i7 Extreme series CPU setup especially for those just starting out.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Vantec NexStar SuperSpeed USB 3.0 Hard Drive Dock Do Not Lock Up Intel Server Boards

                          We have been testing a number of different options to move forward with when it comes to hooking up a hard disk to an SBS 2008, SBS v7, or Windows Server 2008 box for backups.

                          We are finding that the new NexStar SuperSpeed USB 3.0 Hard Drive Docks (NST-D300S3) are not locking up our Intel server configurations on a warm boot.

                          image

                          Note that because we are handling the bare hard disk a little precaution is required to protect the sensitive electronics on the drive.

                          We make sure to touch ground before swapping out a hard disk. We also make sure that we _do not_ touch the drive’s electronics.

                          We store any hard disks in the backup rotation in a standard 3.5” plastic hard disk clamshell to protect them. All drives are appropriately labeled using a labeling device so that we can keep track of the drives.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Tuesday 12 October 2010

                          A Perfect Cup of Coffee Every Time

                          As mentioned in our Thanksgiving post we are pregnant with our fourth child. One of the adventures with each pregnancy has been the various cravings that Monique will have.

                          One of my favourite cravings was during our first pregnancy’s second trimester. We had Monique’s pancakes, whipped cream, maple syrup, and all of the fixings _every day_ for close to four months. I gained quite a few “sympathetic” pounds during that period! ;)

                          Lately, one of Monique’s cravings has been for a cup of coffee in the morning. Monique was normally a tea drinker up till then. Since we generally made coffee with a stove top percolator to “cook” the coffee grinds to our preferred strength, we needed a coffee maker that would make a decent single cup of coffee on short order.

                          We looked at a number of coffee makers that used a pre-packaged cup or disk with the coffee grounds in it. After evaluating the various machines we ended up purchasing a Cuisinart Keurig Single Server Brewing System (SS-700C) (Canadian product site).

                          image

                          We chose the Cuisinart model because it has the ability to use an included My K-Cup Reusable Coffee Filter which meant that we were not locked into purchasing the pre-packaged coffee cups. This feature was critical because we absolutely love Tim Hortons coffee with a close second for Starbuck’s Verona or Sumatra blends.

                          So, after working through the various water volumes (8oz, 10oz, and 12oz) and coffee grind scoops we have managed to come up with a near perfect cup of coffee every time:

                          • Keurig Settings
                            • Water Temp: 194 Degrees Fahrenheit
                            • Default cup size: 8oz
                          • Tim Hortons Fine Grind
                            • 2.5 scoops of coffee.
                            • 8oz water setting.
                            • Add the required cream and sugar to taste (or black).
                          • Starbucks Sumatra and Verona Espresso Grind (ultra-fine)
                            • 2 scoops of coffee
                            • 10oz water setting
                            • Add the required cream and sugar to taste (or black).

                          When we purchased the bag of Starbuck’s coffee the Keurig was new so we did not know what grind level would be best. When it comes time to replace the Starbuck’s coffee will will step back the grind setting so that the grind is not so fine.

                          We only use osmotic water for our coffee.

                          IT Professionalism

                          So, what does brewing a perfect cup of coffee have to do with our own IT business?

                          Drinking a lot of coffee to figure out the needed coffee to water configuration brought us to the point where we could _document_ the required process to make that coffee _every time_ a cup of coffee was required. Thus, our “client”, Monique, was able to enjoy her morning coffee consistently.

                          Not only do we need to take the time to work out the best process for configuring our IT Solutions, but we also need to take the time to consult with our fellow IT professionals to see if there are ways that we can improve our IT processes and/or IT Solutions.

                          In the end, when it comes to implementing an IT Solution we must have the right documentation in place, checklists to guide us through the set up procedures, and key vendor representatives on-call to help us out if we get into a pinch.

                          These processes are an absolute must to providing our clients with a Professional long term trouble free IT Solution.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          .CA Agency CIRA Is Down For Maintenance

                          We need to make some changes to one of our .CA domains and are looking to register one. When we went to our registrar of choice DomainsAtCost.ca to manage our domains we saw the following after logging in:

                          image

                          Please be informed that CIRA, the .CA registry, is currently closed for a 24 hour maintenance period from October 12, 2010 at 9 AM until October 13, 2010 at 9 AM Eastern.

                          So, it looks as though we are on hold for our .CA needs at the moment.

                          The Cloud

                          While Cloud vendors may be a little more conscious of their user’s needs and try to run maintenance at a time when their services use is at its lowest, this situation brings cause for pause when it comes to evaluating how a Cloud service can either benefit or hurt our client’s operations.

                          An honest evaluation of the Cloud service and the costs to our client’s business if the service is down must be taken so that our client can evaluate the risks to their business as clearly as possible.

                          Once those risks have been evaluated and approved we can move forward with setting them up with a hosted Exchange and SharePoint environment (we are partnered with Own Web Now for this service), or even go so far as to serve SBS 2008 and Windows 7 desktops to them via SPLA licensing on our servers.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Monday 11 October 2010

                          Happy Canadian Thanksgiving!

                          We have a lot to be thankful for this year!

                          Our family is growing by one, everyone is healthy, and our business has had a banner year.

                          Thanks to all of you too for your ongoing support!

                          Thanks for reading and enjoy those turkey sandwiches! :)

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Friday 8 October 2010

                          LaCie d2 Quadra 1 TB PC to Mac Fail

                          We performed a data recovery operation on an older PC that was successful. We were eventually able to create a ShadowProtect image of the original drive.

                          The customer brought in a LaCie d2 Quadra 1 TB USB hard disk for us to copy the recovered data onto. Once they dropped off the USB drive we set up a partition on it and copied the data over to the drive.

                          Our customer decided to purchase an iMac to replace the ageing PC that we had here in the shop.

                          Once we had the data copied onto the LaCie drive we got it back to them.

                          This was about a week ago.

                          Since then we have been in almost constant contact as the LaCie absolutely refused to show the partition we created on their iMac. When the drive was plugged into the iMac the LaCie Setup Assistant would pop up and ask them to format the LaCie drive.

                          We had them bring the d2 Quadra back to the shop and sure enough when we plugged the drive into any of our Windows machines the partition with the recovered data would show up.

                          So, we plugged the LaCie drive into our own MacBook Pro and up popped the LaCie Setup Assistant. We tried to close that, find the partition in Finder, and to see if the Mac’s disk management utility would see it which all failed.

                          There seems to be some sort of firmware/software intercept built into the LaCie drive that hides any existing partitions on the drive from any Mac based system even though those partitions show up just fine on a Windows machine.

                          We burned about half an hour trying to see if there were any other options to gain access to the partitions without having to run that Setup Assistant utility which would probably flatten the drive. There were none that we could see.

                          So, now we are copying the customer’s recovered data to one of our 2.5” USB drives formatted FAT32 and will loan it to them so that they can get their data onto the Mac.

                          The LaCie Setup Assistant needs to be tweaked to check for any existing partitions if plugged into a Mac for the first time and allow access to those partitions. We will not be recommending this product to anyone from now on.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          An iPad Killer From Down Under?

                          We are in the process of finalizing an order for a product that is just in the process of being released to the general public.

                          image

                          Yes, that is an iPad sized tablet running Windows 7. After a colleague dropped an iPad off at our shop for us to use for a week or so earlier this year we were not too impressed with the machine. The iPad has its purpose but that purpose did not suite us here.

                          image

                          The Tegatech TEGA v2 Touch Tablet was introduced to us by fellow MVP Wayne Small (his article on the TEGA v2).

                          With a Windows 7 operating system installed the TEGA v2 will do everything we need it to do _natively_ without any additional apps beyond Office 2010.

                          Running an Intel Atom N455 1.66GHz CPU with a 64GB SSD the TEGA v2 will run circles around some of the older Toshiba Tecra laptops with Pentium M series CPUs that we still use as shop systems. It should also run on par with the Intel Atom based netbooks that we use in our business that have had their spindle based drives replaced with Intel X25-M SSDs.

                          So, with the TEGA v2 coming with an SSD out of the box that is large enough to host the OS, Office 2010, and a few additional applications and utilities we will have ourselves a very portable and very usable little machine.

                          Time is Money

                          BTW, when it comes to deciding on the use of any new technologies we always weigh in on what it will cost us in time to figure the new tech out. With the iPad, there is a bit of a learning curve involved for those that are not part of the “iN” crowd.

                          That is one of the reasons that we are looking at the TEGA v2. There is no learning curve involved since we already know how to use Windows and Windows based devices.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Thursday 7 October 2010

                          Intel Server System SR1695GPRX 1U 1P 4x Hot Swap = Excellent SBS Virtualization Platform

                          The question was asked a while back in the comments section about the platform we would use to virtualize both servers included with SBS 2008 Premium.

                          It is our preference to set up and install rack mount server products so that everything can be mounted in a relatively inexpensive enclosure thus keeping them physically secured.

                          Standalone Virtualization Server

                          To date, we have been using the Intel Server System SR1630HGP outfitted with an Intel Xeon X3450 or X3460 CPU and 16 GB of RAM. The RAM would either be four 4 GB Kingston Intel tested DIMMs or recently we have been looking into the 8 GB Hynix Intel tested DIMMs that we can get branded as a SuperMicro product.

                          We then install an Intel RS2BL040 RAID controller with the battery backup and three 300 GB or larger Seagate 15K RPM SAS drives.

                          • Intel Server System SR1630HGP(NA) 1U 1P rack mount server system
                            • 3x hot swap bays for SAS/SATA
                            • 2x Intel Gigabit NICs
                          • Intel Xeon Processor X3450 or X3460
                          • 16 GB ECC RAM (4x 4GB Kingston Intel Approved)
                          • Intel RAID Controller RS2BL040 PCI-E 8x Gen 2.
                            • Intel RAID Smart Battery Backup
                          • 3x 300 GB Seagate 15K.6 or 15K.7 SAS drives
                          • Advanced rack mount rail kit for in-rack servicing (AXXHERAIL or AXXHERAIL2)

                          The newer Intel Server System SR1630HGPRX 1U 1P system is an “almost there” as far as needed product features in an entry level 1U server. We gain access to remote KVM over IP via the RMM3LITE add-in along with the five NICs on the server board. One NIC will be dedicated to the RMM3LITE while the other four are enterprise class Intel PRO/1000 EB NICs that support hardware acceleration for virtualization features.

                          Since they have become available here in Canada recently we have been using them as our base platform for all 1U 1P server systems.

                          Ideal Standalone Virtualization Server

                          As mentioned above, Intel has been moving towards providing us with Intel branded server systems that compete with Tier 1 systems that have had needed server features such as remote management and multiple NICs for years. This is a very welcome change in the rack mount product line.

                          The system we would configure for a client requiring a standalone server with the Hyper-V role set up on it and SBS 2008 along with Windows Server 2008 as guests would be as follows:

                          • Intel Server System SR1695GPRX2AC(NA)
                            • Dual power supply version of the server system.
                            • 5 Intel Gigabit NICs (4x EB series)
                          • Intel Xeon Processor X3460
                          • 16 GB Kingston ECC RAM (4x 4 GB Intel Approved)
                          • Intel RAID Controller RS2BL040
                            • We would option out the RAID battery.
                            • Cost wise it does not make sense to use the budget I/O Expansion Module RAID controllers.
                          • 4x 146 GB 15K Seagate SAS drives RAID 10
                            • Trays support both 3.5” and 2.5” drives so X25-M SSD would be an option to our clients.
                          • Intel Remote Management Module 3 (AXXRMM3LITE)
                            • Gives us out-of-band remote KDVM console access to the system whether the host OS is functional or not.
                          • Intel Tool-less Rail Kit (AXXHERAIL2)
                            • Quick and easy access to the chassis.

                          The Intel ServerConfigurator Site shows the new server system product but there are still some parts like the dual and quad port Gigabit I/O Expansion Modules (product site) that are missing.

                          image

                          Those missing components are important in that the SR1695GPRX provides an excellent platform for an inexpensive 2 node Hyper-V Server 2008 R2 cluster using iSCSI for SAN access.

                          We posted a base server configuration sheet similar to what our clients would get on our Web site:

                          The premium for this particular base 1U versus our SBS base pedestal is actually not that high. Since we are going to be running both the SBS 2008 OS and the Windows Server 2008 OS on this one box we provide power and cooling savings over the 36 month life of the system.

                          Hyper-V Features

                          Now, the one thing that we would miss with the SBS 2008 Premium setup would be the hot swap disk capabilities that we have in the R2 version of Hyper-V. Given that the cost of an Open Value License plus SA is not that expensive year over year we would discuss the option of running Windows Server 2008 R2 Standard x64 as our host OS. Having hot swap capabilities means no down-time when there is a need to swap out external USB/eSATA backup drives.

                          Once SBS v7 RTMs we will have a Premium SKU that adds a separate Windows 2008 R2 Standard license just as SBS 2008 Premium adds a Windows Server 2008 Standard license. When that happens then we can use the 1+1 licensing of the Windows Server 2008 R2 Standard to virtualize our SBS v7 “Premium” solution.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Wednesday 6 October 2010

                          Promise VTrak Performance Graphs Part II

                          We have brought our client’s Promise VTrak E310sD RAID storage online and are in the process of restructuring the IMS cluster’s storage to incorporate the new addition.

                          Our SBS 2008 VM is currently moving its WSUS content over to the new VTrak located storage while we are also in the process of moving Windows 7 desktop OS VHDs over to the VTrak as well.

                          image

                          image

                          image

                          We will continue to monitor the VTrak’s performance when our client’s facility comes online early tomorrow morning.

                          All user’s redirected data will be located on the VTrak as will a mapped Company folder that will hold all of their data.

                          The storage that we have freed up on the IMS SAN will be reallocated to their SQL server and to expand the SBS 2008 VM’s OS partition.

                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer

                          Tuesday 5 October 2010

                          SBS v7 Safe Mode and VM New Cluster Re-Attach Error

                          We had an SBS v7 server setup that we had initially set up on a Hyper-V cluster here in the shop. While we ended up flattening and rebuilding the cluster we left the logical disk containing the SBS v7 OS VHD alone to reattach to a new cluster.

                          We just finished booting that SBS v7 VM up and ended up with a strangely stalled OS after logging on. For some strange reason Windows Explorer and thus the desktop would not start.

                          So, we have booted into SBS v7’s Safe Mode:

                          image

                          To check on our network settings:

                          image

                          Which sent up the following when we set the correct IP address:

                          image

                          Microsoft TCP/IP

                          The IP address 192.168.40.254 you have entered for this network adapter is already assigned to another adapter (Microsoft Virtual Machine Bus Network Adapter) which is no longer present in the computer. . . Do you want to remove the static IP configuration for the absent adapter?

                          We clicked the Yes button.

                          So, as long as the new settings have taken the VM should boot into the OS and hopefully allow us to run the Fix My Network Wizard (FMNW) which will clean up the GUID associated with the previous vNIC.

                          When the server came up this is what we found in the NIC’s IPv4 properties:

                          image

                          Note the missing Gateway setting.

                          This is what the IPConfig /all looked like:

                          image

                          Note the 169.254.142.5 address for the IP instead of the 192.168.40.254 IP address indicated in IPv4 properties. So, we still had no network connectivity happening as we also have a Windows 7 Enterprise x64 VM sitting on the same isolated VLAN.

                          We ran the Internet Address Wizard to see if we could reseat the IP address configuration. Now, we do not have the appropriate VLAN settings in our Cisco SA520-K9 Security Appliance to allow for communication between the SBS v7 VM and the Internet yet but we will soon. So, we ignored the Router Not Found error and ended up with the correct IP address setup.

                          We also used our Hardware Independent Restore (previous blog post) methodology to clean up the previous NIC’s GUID.

                          Once we had completed the above and ran the FMNW we saw the following potential network issues:

                          image

                          The results were in:

                          image

                          Dive into the logs and we found:

                          image

                          So, we verified the settings once again for the vNIC and rebooted the server which came back with:

                          image

                          Another 169.254.142.5 IP address. :(

                          Yet, this is what we saw in the NIC’s IPv4 properties:

                          image

                          In the registry editor under the NIC’s GUID we see:

                          image

                          The IPAddress setting is blank yet our own SBS v7 IP address is not:

                          image

                          So, we set the IP address into the registry manually but the NIC’s IPv4 status still showed a 169 address. We then checked the IPv4 properties for the NIC and it had the wrong subnet setting (255.255.255.255). We reconfigured that one and ended up with the following:

                          image

                          Note that now we see both IP addresses!

                          We restarted the DHCP service to see if it would at least start. It did and we were able to receive an IP address for our Windows 7 Enterprise VM:

                          image

                          We rebooted the VM to see if the IPv4 settings would stick.

                          image

                          They seemingly did:

                          image

                          Somehow, this process did not turn out to be as simple as we had hoped.

                          Philip Elder
                          MPECS Inc.
                          Microsoft Small Business Specialists
                          Co-Author: SBS 2008 Blueprint Book

                          *Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

                          Windows Live Writer