Friday 29 June 2007

Long Weekend Approaching - Happy Canada Day Eh!

We are going to take a bit of a break for this long weekend.

So, there will probably be no posting until early next week.

For us Canucks, have a happy Canada Day eh!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS - Backing up that laptop or workstation.

As mentioned yesterday, we have a client who used the built in Lenovo Rescue & Recovery utility (previous blog post) to make a backup image at the end of May.

The hard drive in that laptop crashed, with us able to recover the contents of the drive after much difficulty.

What are some of the ways to mitigate data loss in this kind of scenario?
  1. Exchange integrated Outlook.
  2. My Documents Redirection.
  3. User training to store all data in My Documents.
  4. When profiling a new laptop, default all client applications to save to My Documents .
  5. User will back up the data.
The first two plus the training are an integral part of an SBS environment.

A simple SBS wizard gets the My Documents redirection setup done.

The last one though, is a variable that can make or break an organization. Despite training, and even the client application setup, the user may have data all across their hard drive.

Some even forget to make their backups on a regular basis.

So, despite the ability presented to the user via the Lenovo Rescue & Recovery utility, it is dependent on the user actually using it!

As administrators of multiple SBS domains across many SMBs, we have a huge gamut of experience with various user skill levels.

Here is one very important lesson to be gained with all of that experience: We must have a centrally managed, full backup of the client desktops and laptops.

We believe that we have found it in StorageCraft's ShadowProtect Server & ShadowProtect Desktop software.

We filled out the Reseller Application and received the welcome package with the products as well as the ShadowProtect IT Edition in it.

If the product works as advertised, we will standardize all of our backup solutions on it. We will be installing it into our lab environment and tearing it apart to see how it works. If we are satisfied, we will install it on all of our servers and workstations in-house and go through some failsafe testing there. Only once we are satisfied with our experiences in-house will we begin selling the solution to our clients.

Look for more posts on ShadowProtect and our experiences with it.

Thanks to Susan Bradley for pointing us to StorageCraft: Mark Crall on StorageCraft and Mark Crall Live.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Banks ... Can't live with them ... Can't live without them?

We have a tightly regulated banking industry here in Canada.

We have several rather large banks, with the Royal Bank of Canada (RBC) topping out as number one.

I personally have been with the RBC for a long time. I opened my very first bank account with them, and presently will be closing my last.

Why?

Because they treat me like they are doing me a service for allowing me to bank with them. The focus of the business relationship is them and not me, their client, despite their ads saying the opposite.

They nickel and dime our business to death with their fees for everything.

They nickel and dime us to death with their fees for everything.

The banks seem to have forgotten that it was our money residing in accounts within their institution that enabled them to build their huge profit making machines.

So, now that their huge profit making machines are rolling, where exactly do those nickel and dime fees charged to us fall? Probably one one thousandth of a percent of their gross revenue. So, why exactly are we being charged banking fees again?

Client service my rear end! The client is number 1! Bullocks! :*Þ

No where have I been treated like I would treat my clients. This after close to 30 years with the bank!

As a result, we will be closing all of our accounts at the RBC and transferring them to an institution that is hungry for our business. This new institution has demonstrated to us recently that they may not have lost their perspective on who is number one: their client.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Thursday 28 June 2007

Lenovo Rescue & Recovery experience

One of our clients started purchasing Lenovo laptops a while back via a friend of one of the partners.

The laptop in question is a T60 1951-58U. Its 60 GB Toshiba manufactured hard drive, yes Toshiba makes them, crashed. No FAT/MFT, and our data mule took over an hour to boot up with the Toshiba drive slaved to the system. We did manage to get the data back!

Our client made a Rescue & Recovery image to an external USB hard drive over a month ago.

The laptop is under warranty, but we supplied a new Seagate Momentus to get them up and running quickly. Or so I thought.

Reading through the Lenovo Rescue & Recovery documentation, we booted the laptop up via the USB hard drive, ran the Rescue & Recovery utility and initiated a system restore via the image stored on the USB hard drive.

We ran that "restore my entire hard drive from the backup image" as many ways as we could to get it to work.

The Rescue partition happily made its way onto the new hard drive, as did the Windows partition, but it would not boot. There was no guarantee that everything was there either.

Reboot the system once the recovery was finished, and we were greeted with a blank screen and a cursor blinking in the top left corner - every time we tried to do a full restore from image on the system.

What part of simple did we miss here? There were absolutely no clues as to why the backup image would not take.

It is, after all, Lenovo's native restore utility. One who follows the instructions contained in it to restore the system should not have to sit there looking at a blank screen with a blinking cursor after mucking around with the system for an hour.

We called Lenovo's warranty support line and the person we spoke to didn't even know the Rescue & Restore utility could do that!?!?!

After telling us that it was not possible for 15 minutes, the "support technician" finally put us on hold for 10 minutes after which they came back and told us with utter lack of conviction that we needed to do a factory image restore from the CD/DVD disks first.

We were fortunate that our client had a few of these laptops in their office as we were able to generate the DVDs from one of them.

So, we are running the image based restore now, after running the "Restore to Factory Default Condition" three times. Yes, the first two times the Rescue & Recovery utility kept crashing during the factory restoration process. :(

A huge disappointment for us towards Lenovo.

The final run through the image restore portion has finished. And, guess what?

The laptop is back to where it was at when the image was made.

Given the amount of grief we had getting it there, it would have been quicker to rebuild the thing.

Lessons learned. :D

UPDATE 07-06-29: We found that the machine account was no longer in synch with the SBS server, so the SBS server would not allow the user to logon giving a "not connected to the domain" error message.

We had to break the domain relationship, create a new machine name with the SBS wizard, and reconnect the system to the domain via that SBS/connectcomputer site.

Always make sure you know the local admin password. If you don't or are not sure, change the password in Users & Groups on the local machine.

We were fortunate that the user's existing domain profile was actually picked up when they logged in to the SBS domain for the first time after breaking the domain relationship. Thus, no desktop preferences or domain profile settings were lost.

A couple of OST "Out of date" problem messages from Outlook were encountered. All the user needed to do was close and reopen Outlook and hit Send/Receive to fix it.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Wednesday 27 June 2007

Mac on SBS - Going to get a Mac!

Well, we need to buy a Mac.

So, we searched around for an Intel based Mac and found an iMac that is about a year old for a reasonable price. Hopefully it turns out to be reasonable after all! ;)

Why do we need to buy a Mac?

Because a new client we are doing a Technology Assessment for is pretty much 100% Mac based. Their business systems are so tied into the Mac platform that it would be too painful to try and migrate them over to a Windows based platform.

So, we are buying a Mac so we can tear it apart and put it back together over and over again on our SBS network.

We need to make sure that the information documenting connecting a Mac to an SBS infrastructure will work. That along with testing VPN & RDP setups for connecting to remote desktops bring us to the need to have one.

We will make sure to chronicle our adventures in MacLand here! ;)

We will head our Mac posts here with the "Mac on SBS" title as well as tag to make them easy to find.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Outlook Error Message - Office Outlook does not recognize...

When we first setup Outlook on our systems, and if there are a number of Contact sub-folders that users have sorted their contacts into, the following error could happen if a crucial setup step is missed:


Check Names: Microsoft Office Outlook does not recognize "My Name".
The required step is to enable Outlook to search those sub-folders as part of the name look-up routine.

To do this:
  1. Right click on the Contact sub-folder and click on Properties.
  2. Click on the "Outlook Address Book" tab.
  3. Put a tick mark beside "Show this folder as an e-mail Address Book".
  4. Apply
  5. OK
  6. Start a new e-mail.
  7. Click the TO button.
  8. Click the down arrow beside Global Address List in the "Show Names from the" list.
Your Contact sub-folder should now show up in the list below Outlook Address Book.

Any name now typed in the TO field in an e-mail that is contained in any of the Contacts sub-folders will now be found automatically.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Monday 25 June 2007

When in doubt ... err to your client.

We keep copious notes on pretty much everything we do that is client related.

We keep those notes on file for at least 6 months after the fact, then we scan (duplex) every document into our system. The paper documents themselves get shredded from there.

That is not always the case though, and sometimes that can come back to catch us.

We had a simple conversation with a long term client about recovering data from a crashed operating system on one of their personal computers.

When arrangements were made to recover the data, we just found out, our client was also under the impression that we were going to format and reload the data.

Given that data recovery happened over a month and a half ago and they just received their system back - they were not available during that time - they just found out that the machine was not up and running with a fresh operating system install.

This is one of those cases where we thought things were straight forward with a long standing client so guess what? No notes. :(

Fortunately, after discussing things with them, we were able to come to an agreement.

We gave them the benefit of the doubt and offered to pick the machine up, format it, install and update the OS as they thought we were supposed to.

Plain and simple isn't it?

Even though we may be right about a given situation, with no notes to back things up, and even with those notes, we must follow through with our client.

In this case the cost to us is a number of hours of labour to setup the machine.

The benefit to us though is a client who understands that things are not exactly clear but we went ahead and followed through with them anyway.

With our newer clients, we are strict about keeping notes and gaining job approval in writing. Obviously, we must build up the business relationship and the trust between us first.

We always make sure to have the job being done and their acceptance of that work in writing via e-mail, fax, or purchase order. It makes things simpler for the both of us at the beginning of the business relationship.

It also establishes a pattern of behaviour between us that facilitates a clear level of communication and a deepening of trust in us providing the requested products and services and our client following through on feedback and payment.

The Client/Solution Provider relationship is a two way street after all. Isn't it? ;)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Friday 22 June 2007

Product Review: Microsoft Wireless Laser Keyboard 6000 V2.0

A while back in March we did a product review: Microsoft Wireless Laser Keyboard 6000 V2.0.

After about 4 months of use, the keyboard is starting to drive me nuts! :(

Actually, it is not the keyboard, but the wireless radio that is giving me hassles.

I have since found out that one cannot run two Microsoft wireless (not Bluetooth) keyboards close to each other, or another wireless keyboard and/or mouse close by as the unit is quite finicky.

I keep getting signal quality warnings from the keyboard software and tons of lost keystrokes. It gets really bad when I am using my Logitech MX Laser mouse a lot . The more mousing, the more I have radio problems with the keyboard! :(

We will have to let it go and pick up a Bluetooth version of the keyboard.

Hopefully the newer 7000 or 8000 series keyboard has the same feel in the keystrokes as this one does because I really like that aspect of the keyboard.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Have a few minutes to spare? A Client Focus suggestion...

Have a few minutes to spare?

Call a client. Call one you haven't spoken with for a while.

Say hello, chat, ask them how things are. See if they need anything.

This kind of proactive contact with clients goes a long way towards building up a strong business relationship with them.

Have a little more than a few minutes to spare?

Then it is time for a "Client Focus" session.

We all can get very busy. Even with our PDAs, Outlook, CRM, and more we can let things fall through the cracks.

A Client Focus session is an opportunity to take anywhere from 10 to 30 minutes and discover what we have missed or new opportunities with our existing clients.

  1. Let the appropriate people know where you will be and to Do Not Disturb (DND) if at all possible.
  2. A decision must be made by us within to use the following time to focus on client needs.
    • That decision must be a committed one. No distractions!
    • That decision is an internal one and provides the foundation for a successful Client Focus session.
  3. An office or space where the DND time is possible.
  4. Sit down with a pad of paper and a couple of pens or a pencil with plenty of lead.
    • Nothing more annoying than a pen running out of ink during a critical moment.
    • Be comfortable as being relaxed is important.
  5. Relax for a couple of minutes and let the stresses of the day go.
  6. Take a couple of deep breaths to get the blood flowing in the brain and to deepen the relaxation.
  7. On the pad of paper:
    1. Draw one line down the middle of the page.
    2. Write "Client" at the top of the Left Column.
    3. Write "Needs" above the Right Column.
    4. Start listing your clients leaving a large space between each name.
    5. If a particular client need comes up while writing their name down, put it in the Right Column.
    6. Keep writing client names, but as soon as a Need presents itself, write it in the Needs Column beside their name immediately.
    7. Once the client names are filled out, continue thinking about each client's respective infrastructure. More Needs should present themselves.
      • Use different sheets of paper to diagram aspects of the client's infrastructure.
      • Look at the big picture: servers, workstations, switches, software, etc and their purposes.
This method of "stirring" the creative juices so to speak works really well, especially in this digital age.

It gets us to focus specifically on our client's current needs. It provides us with an opportunity to discover things that we may have missed, but also allow client specific ideas that have been sitting at the back of our minds to come forward.

Once one becomes comfortable with this methodology, or some derivative of it, another column can be added for Future Needs or any other aspect of client management.

One factor that is very important for the success of the Client Focus, is knowing our client's environments. That is, having first hand contact with our clients and not being just "someone on the other end of the phone" or e-mail to them.

Whether working remotely or locally, we need to spend time within our client's network infrastructure, but also within our client's business environment.

Clients love it when we ask them questions about what they are doing and how they are trying to do it. They appreciate us taking the time to get to know their given business environment. In most cases, they won't mind spending some time answering questions about their business and the environment they do business in.

In pretty much all cases, a client will be more likely to deal with us as a result of our getting to know their business and its needs first hand over the "other guy". This is especially true when the suggestions we make are based on our actually understanding their business.

We have all probably had the experience of the sales guy saying, "Oh yes Mr. Customer, this product won the Editor's Choice in the Reseller Reviews and it is a perfect fit!" And then turning to us and saying, "Okay guys, make it fit!"

I can hear the Tech department shuddering over that one! ;)

There is no excuse for the lack of knowledge and understanding of a client's infrastructure or the technology needed to make that infrastructure work. None. Period.

In the case of I.T. companies with separate Sales & Tech departments, that means that your Sales people and Tech people are getting together regularly to hash things out right?

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Thursday 21 June 2007

Even Mac software gets the blues ... or at least IE does

In our ongoing audit for one of our clients that has a very high Mac count in their organization, we are trying to learn as much as possible about them.

This error, captured by the screen capture software called Grab, happens every time Microsoft Explorer is opened on one particular iMac G5:


The application Explorer quit unexpectedly.
The details don't necessarily provide clues as to what was going on.

It took a few tries to figure out a way around it.

It seems that whatever page Explorer is trying to open is causing it to crash.

Hit the stop button and things seem to be okay. One could browse to another site with no issues.

The current MS E (IE) version for Mac does not support the SBS self signed certificate which is a pain. Mac users have to use Safari to get access to the RWW features with the exception of RDP.

A note to Microsoft: Get developing a browser for Mac that works with self signed certificates please.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Business Principles: How not to handle a mistake!?!

It is very important for our clients to know where we stand if we make a mistake. We must take responsibility for it. We must make every effort to make it right. They need to know that.

In the long run, it builds trust between us and our clients.

Yes, we may loose a couple. But, if the mistake we made costs them, do you blame them for leaving? No. Hopefully we are given another chance though.

For example, Toyota's newly released Tundra full sized trucks have had a cam failure problem on what looks like early production run versions of the vehicle with a certain cam supplier's product in the engine. The number of cam failures have been relatively minor compared to the volume of trucks produced, but Toyota has implemented a replace the whole thing for free policy.

Not just fix it, replace it.

An article on the subject: autoblog: Toyota expresses regret for Tundra camshaft failures on internet forums.

Ford on the other hand, has a different stance on a cam failure issue that affects the Ford Taurus SHO V8 engine co-produced with Yamaha. Around 20,000 of these hand built in Atlanta vehicles were sold across the 1996-99 life of the car. The 1997 year was the largest run of the vehicle.

Some would say that the number of cars produced warrants a "no response" attitude. Some would say that it isn't worth Ford's time to recognize and take responsibility for the issue.

The number of known affected vehicles is approaching 5% (1,000) of the entire product run.

This is not a statistical anomaly as the Tundra's failures will be over the entire production run of the Tundra.

Wikipedia: Ford Yamaha V8 engine.

V8SHO.com: Cam Failure Links.

Ford took the same stand with the vehicle fires due to a faulty seal in the break booster, and with the ~1997-2000 F-150 door latch failures.

As a result, owners of the affected vehicles have had to initiate class action lawsuits to get any recompense or recognition for their problems.

So I ask you:
  • Which company took the best approach with their clients? Ford or Toyota?
  • Which company will build long standing relationships with their clients? Ford or Toyota?
  • Which company took responsibility for the quality of their products? Ford or Toyota?
There are many of these types of questions that we can ask about the above similar situation between Ford and Toyota and how either company handled problems with their respective products.

Those questions in turn need to be asked towards our own companies and our own attitudes with regards to the products and services we provide our clients.

For whose best interest do we operate our business? That is a critical question, and the answer to it colours everything we say and do as representatives our company and the products and services provided by it.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Wednesday 20 June 2007

TechNet - Future of the Server Room Tour - Presenter's Post Posts!

We attended the Future of the Server Room Tour in Calgary a while back.

Our post conference take: TechNet: Future Of the Server Room - Longhorn/Server 2008, SBS, & SBS Cougar.

Rodney Buike has just posted information including the most popular questions (text messaged or e-mailed) and their answers, as well as some great resources on the Canadian IT Pro Blog: FoSR Interesting Q&A.

One thing he pointed out was a free PowerShell book that we can download from Microsoft: Free PowerShell Book (Zipped PDF with registration required).

There is also a link to the demo files: FoSR Demo Files (Zipped file).

And, a link to the Microsoft TechNet Command-line Reference.

The demonstrations on this tour were some of the most in depth into the new OS that we have seen to date. So, we suggest having a look into Rodney's post and the current Longhorn/Server 2008 beta. It will be well worth your while.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS 2K3 - Group Policy computer settings not applied

In the continuing saga of merging two FAT32 partitions on a set of TravelMate 8210 laptops we just delivered, we ran into a strange problem.

We have a set of GPOs set at the domain level for the various security needs of this particular firm.

We kept getting the following error when the policies from those GPOs were trying to be set:



Event ID 1202 - SceCli: Security policies were propagated with warning: 0x4b8: An extended error has occur ed.
Clicking on the link in the error brings up the Help & Support Center pointing to KB 324383: Troubleshooting SCECLI 1202 Events.

Scroll down to the 0x4b8 section and they ask you to change a registry setting to enable debug logging. Run a gpupdate /force instead of secedit BTW.

That didn't work for us, so, off to the next search that landed us on: KB 260715: Event ID 1000 and 1202 After Configuring Policies. Again, no help or at least the article couldn't help us, but it did bring up the following error when we went to check the local policy settings for the administrator:


Security Templates: The Group Policy security settings that apply to this machine could not be determined.
The error returned when trying to retrieve these settings from the local security policy database (%windir%\security\database\secedit.sdb) was: The parameter is incorrect.

All local security settings will be displayed, but no indication will be given as to whether or not a given security setting is defined by Group Policy.
Any local security setting modified through this User Interface may subsequently be overidden by domain-level policies.
Someone didn't have their spellcheck enabled on that last line - overridden! ;)

To check the local GP:
  1. Start-->Run
  2. gpedit.msc
  3. [Enter]
Therein we find the key! The local security database is somehow toast.

A quick search for the first line in the error error turned up the process we use to fix the database. Run the following command from the command line:

esentutl /p %windir%\security\database\secedit.sdb

And you will see the results will below:


Once that process finishes, run the following line from the same command line:

gpupdate /force

The system should ask to be rebooted once the domain GPOs have been processed. A successful SceCli should also now be in the App log.

Sure enough, once the system rebooted, all security policies were in place.

Buried about half way down (could have missed it) is the above command line fix: MCSE.MS: Re: Group Policy Security setting could not be determined.

Thanks to Doug Knox for sharing that fix!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Tuesday 19 June 2007

SBS 2K3 Premium - ISP changes the static IP, now what?

As was mentioned earlier, our clients affected by the extended Internet outage had their static IP changed during the upgrade to DSL 2.0.

With SBS 2K3 Standard, all one needs to do is change the IP, Subnet, and Gateway on the second adapter (if installed). Or, the same changes would need to be made on the Router/Gateway box protecting the SBS network. Obviously this would have to be done on-site by someone with admin access, or via a service call by us.

The second thing common to both versions is to update the client Internet domain name's DNS settings for e-mail if the client has their domain e-mail coming to the SBS box via SMTP. This involves updating the IP associated with the MX and A record pointing to the old IP:

  • MX 10 mail.mydomain.com
  • A mail.mydomain.com 24.62.26.42 (old IP)
Updated to:

  • A mail.mydomain.com 62.24.42.26 (new IP)
If any updates in WSUS were approved just before the connection went down and hadn't yet had a chance to synchronize and download, they will have errors beside them (shown by a red x in the WSUS Web console). One will need to approve them again in order to get them to download and install properly. In this case we were dealing with WSUS 2.0. Once should verify the WSUS 3.0 updates status as well.

Once the above steps have been completed, then on the Premium boxes, we need to make some changes to ISA as well.

  1. On the second NIC (WAN=ISA), the IP, Subnet, and Gateway need to be changed to the new settings. Note that DNS on this adapter always points to the SBS IP!
  2. ISA Services need to be rebooted:
    • Click on Restart the service
    • Click on "Yes" to the "Restart Other Services" warning dialogue:


  3. Verify the settings in ISA:
    1. Open the ISA Manager
    2. Click on Firewall Policy
    3. Double click any one of the SBS Rules: SharePoint, OWA, etc
    4. Click the Listener tab
    5. Click the Properties button
    6. Click on the Networks tab
    7. Double Click the "External " (or click the Address button)
    8. Note that the correct IP is now present: 62.24.42.26


  4. The server should be rebooted after hours.
The server reboot is a precaution. This is especially true for one of our client's servers since it was quite plugged up after not being connected to the Internet for 5 whole days.

One can log on later to reboot the server via remote connection, or one can schedule a reboot (previous blog post how-to).

As always, let your client know that the reboot will be happening later on in the evening, and check RRAS to verify that no clients are connected via VPN so that no files may be corrupted:


As a rule, if anyone was connected to their desktop via RWW/RDP at the time of the server reboot, they will be able to reconnect to their session after the server reboots. In the event that they are not able to, their workstation should remain locked with their work there for them in the morning. The exception to this rule is a workstation reboot forced by the overnight updates.

Thus the request for the server reboot in the first place! :D

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Just a quick post... That Phone Company, Acer Laptops, and more

Things are absolutely nuts around here right now...

The Phone Company finally got their poop together, as did the ISP riding on top of their equipment so we finally got our clients back up and running in the city burrow taken down by the Phone Company. They came back on a totally different segment, so DNS records and more needed to be updated accordingly.

We had another funky issue with the four Acer laptops we merged the two FAT32 partitions and converted to NTFS. That will be blogged about hopefully tomorrow morning. Basically, they were refusing to accept GP security setting updates. Took a while to figure out where the problem was and the fix.

We are doing a Tech Assessment for a client that is pretty much 100% Mac. It is providing a challenge, as we have only sporadically worked with Macs. So, we need to burn some serious midnight oil figuring out how we are going to integrate them into an SBS environment. To complicate things, they have 5 locations.

Anyone have Mac on SBS experience? Let me know, because we could use some help in that area!

Off to the races! ;)

UPDATE 2007-06-20: Macs and SBS: After some searching the following resources have come up for adding the Mac, or at least gaining access, to the SBS domain.

A blog post on the Windows Small Business Server Documentation Blog with a link to a draft document on adding OS X 10.3+ Macs to an SBS domain.

Document link: Connecting Mac OS X 10.3 and Higher Clients to a Windows Small Business Server 2003 Network (Word document).

Check the comments on the above blog post for errata. There are some things to note there.

Links came via Susan Bradley: Connecting a Macintosh to SBS 2003 Server via SMB.

Eriq Neal: Connecting a Macintosh to SBS 2003 Server via SMB has what looks like the original list of steps for connecting the Mac to SBS shared resources (via Susan's post).

Eriq's Mac related posts on his blog: Lessons Learned - Things I wish I had known...(Mac tagged)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Saturday 16 June 2007

SBS 2K3 - All Editions: Client Setup Wizard Error & Fix

When we receive Acer laptops, we normally pull the hard drives right away and at the minimum convert them to NTFS before booting the laptop for the first time. Acers come with one or sometimes two partitions formatted FAT32.

We missed one and this is what happened when we went to add it to the SBS domain:


Client Setup Wizard: Client Setup could not remove a special account created to migrate user settings from the previous user of this computer. Contact the person responsible for your network.
Heh, that person is me! ;)

These Acers were 8210 series laptops that had two FAT32 partitions on them. The 6460 series we were selling until we couldn't get any only had one FAT32 partition. Took it for granted that there would be a single FAT32 partition on these ones too.

I am not sure exactly why things go wonky on systems that were installed with two existing partitions with one eventually be eliminated. Things like desktop icons loose their images, and in some cases programs stop working altogether until they are reinstalled. A lot of grief with this particular scenario. Just try and uninstall an application after removing that second partition! :(

We were fortunate in this case as no apps were installed on the unit before heading down to the client site. We do have a cached image of all of their custom apps, but we decided to deliver and setup there due to timing.

So, how did we get rid of the error?

It is actually quite simple: go to the local Users & Groups and delete the _sbs_netsetup_ account from Users. You can then remove said user's directory from Documents and Settings.

Keep in mind that the setup did fail.

We have to remove the system from the domain, then rerun the mysbs/connectcomputer again to get it back on the domain. We would have to make sure the the Client Computer list on the SBS server reflects the needed changes before adding the system back to the domain too.

Or, as we chose to do, we continued setting up the system. It was added to the domain, but the SBS setup routine did not change the system name, add the appropriate users to the Local Admin group on the system, connect the domain profile to the existing profile in Documents & Settings, and run the client wizard after the final reboot.

After completing the missing tasks, we had a fully functional system on the SBS domain.

I do hope that Acer changes their system image setup to one NTFS partition soon!!!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS 2K3 - All Editions: Backing up to a USB external HDD

We have pretty much settled into backing up all of our SBS installations to a set of USB 2.0 external hard drives.

It works really well with a couple of caveats: One, it really labours the system, even the more powerful dual Dual Core Xeon 5100 series servers struggle with it. So, we start the backup when we are sure no one would be around.

It must have something to do with the USB bus being saturated! ;)

When running the backup configuration, it is important to exclude the entire USB hard drive from being backed up.

During the backup setup process, click on the Exclude Folders button then click on the (E:) - your USB drive letter may be different - drive and OK.

When the drive has been selected, you should see the following:


The drive being backed up to is greyed out.

When we first started with the USB drives, we were getting random lockups during the verify phase of the backup. We discovered that it was because we did not exclude the USB drive itself from the backups. Once we excluded the USB drive from the backups all together, the lockups disappeared.

The second caveat is to make sure that the person responsible for rotating the drives stops the drive via the "Safely Remove Hardware" icon in the system tray before switching them out.

Otherwise there will be drive space errors indicating that there is 0 MB on the drive arriving in your e-mail every once in a while. They can be troublesome to get rid of too.

Another minor caveat that may show up if you have mapped network folders to drive letters on the low side of the alphabet on your server: when you plug in the USB drive, the Drive Manager may assign a drive letter to it that is the same as the mapped drive letter.

You will not be able to access the drive if this is the case, and will have to manually set the drive letter via the Drive Manager. This can be painful because once the drive letters have been set for the first time, there is no guarantee that the drive will pickup the same drive letter when it is time to plug it back into the server.

One thing that can be done to mitigate this if there is a drive letter crunch and no applications are using the CD/DVDROM: Move it up to Z: or Y: or the like. Once you do this, the USB drives will take over the CD/DVDROM's previous drive letter without incident.

Besides being quick and easy, hard drive storage is so cheap now that tape no longer makes sense.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Business Principles: The other guy did it! Oh really?!?

We have an ongoing Internet outage here in an Edmonton burrow that is affecting some of our clients.

The Phone Company in their great wisdom has messed up an entire city burrow with an infrastructure upgrade. There is no Internet connectivity there. Period. This situation has been going on since last Thursday morning.

Some of our clients have an ISP that rides on top of the Phone Company's infrastructure. That ISP is in the midst of what can be called a PR disaster of epic proportions.

How is that? The only point of contact for many of their customers with crippled Internet connections is their support phone number. That phone number currently has a fast busy due to an entire city burrow phoning it at once.

So, where does that leave the ISP's customers? Presently, completely out of the loop.

What does that mean for the ISP's customer base? More than likely shrinkage! :*Þ

A simple phone call by the ISP to the radio stations here in town with a request to broadcast a message indicating that there are wide scale problems with the systems in the burrow and that the problems are being worked on would go a long way to helping ease their customer's pain.

Hearing from the ISP, "it is all the Phone Company's fault" via their front line phone people - when one does get through - does not go very far with most people today.

Take responsibility, apologize for the mess, and let your customers know that you care about their concerns.

What is our role in all this?

To keep calling into the ISP for status reports every 3 or 4 hours so we can in turn let our client's who are affected by this whole mess know what is happening.

This little service that we are providing goes a long way towards setting us apart from the "other guy".

Howz that?

We are taking the time to call into the ISP on our client's behalf and then let our clients know how things are progressing - or not.

It shows our clients that we care about them and their business livelihood.

Taking that Extra Step in our Customer Service pays huge dividends in our client relationships.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Friday 15 June 2007

SBS - POP3 Connector - Part 2 ...

Yesterday, I mentioned that we have had issues with the Phone Company in the past, and thus consider them close to incompetent.

Keep in mind that we have been battling to get one of our client's Internet connection up and running for two straight days now.

As a result, I am just a little bit more than cranky.

It turns out that someone in their great wisdom over at the Phone Company decided to start a hardware upgrade to what is being termed ADSL 2.0 which means twice the speeds. However, no warning was made to anyone. Someone just started pulling cables and rerouting static IPs in the CO by our client.

I have seen this type of behaviour on many different occasions by this particular Phone Company.

The attitude strikes me as, "I am big enough to do whatever the chicken I want, to whomever I want whenever I want. So what if we loose some customers, there is a lot more where they came from."

It is frustrating, because what alternative do we have? We have an excellent ADSL provider who has done really well by us by the name of Nucleus. However, they are at the mercy of the Phone Company too as Nucleus' equipment ties into the Phone Company's equipment.

With Shaw, the major cable ISP here, we are hit and miss. They have picked up their poop a bit in the last year or so, but they were almost unbearable at one point.

So, here we sit, our client still without an Internet connection, our primary ISP contact trying to figure out how to get things hooked up again, and the Phone Company blithely going about their bliss.

Once things settle out, we will need to reconfigure their DNS, their RWW access, ISA, and more for a new IP as it is almost guaranteed that they have lost their original one. Again, we received no warning whatsoever! :(

Can you imagine just how much time and money our client has lost on this situation? It hasn't been cheap! Can you also imagine being without your e-mail for two straight days? At least there is Webmail access outside of this neighbourhood (the whole area is without DSL right now!).

*sigh* :*Þ

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Thursday 14 June 2007

SBS - The POP3 Connector

We have a client that has had their ADSL connection killed by what seems to be a spike in the phone system.

Their systems are power isolated, so no equipment was harmed.

However, they have no Internet. We worked a good part of the day today trying to get the ISP to work it out. They are a second tier DSL provider, as the main phone company provides the infrastructure here.

We won't deal with the phone company due to way too many experiences of utter incompetence.

So, we need to be patient.

All of our SBS installations are setup in a primary/secondary mail structure. The SBS box is the primary e-mail server with the ISP's e-mail servers being the secondary ones.

We have e-mail directed to the SBS box via SMTP first. This is done by getting the ISP to point an MX record with the highest priority to the SBS box's static IP. An A record as well as a reverse DNS PTR record are also set to the SBS box.

If, as in this case, there is something that causes the SBS box's Internet connection to be non-functional, we have the ISP's e-mail servers setup with the client's e-mail domain too. This also provides a backup for those times where we need to reboot the server after updating it.

On the SBS box, the POP3 Connector is setup to pull e-mail from the user's e-mail account on the ISP's servers once an hour. This will generally cover any possible connection issues with the SBS box.

So, when we get the bugs worked out, the SBS box will pull all e-mail off of the ISP's servers and deliver them to the user's inbox. There will be no lost e-mail. Given that we will likely be there when this happens, a quick click on the "Retrieve Now" button in the POP3 Connector manager will have their e-mail down immediately.

It's not a perfect system, but it works.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Wednesday 13 June 2007

Windows Vista - Feature? Maybe... Pictures in disk found.

A bit of an odd-ball, but someone has looked close enough at the Windows Vista hologram disk to find what looks to be a picture of three fellows embedded in it.

Go figure!

You can see the images here on Sugiero's Blog: Windows Vista Virtual Easter Egg.

Thanks to Todd Bishop: Reports: Microscopic image hidden on Vista disc.

Got a microscope? :D

UPDATE 2007-06-14: Heh ... an anti-piracy technique eh? :D

The Windows Vista News blog has the low down on just what is really happening: Taking a detailed look at Windows Vista DVD hologram:
The real story is interesting, but conspiracy theorists will be disappointed to learn that it is not the result of a deliberate attempt to deceive. The photo displays members of the team who worked on the Windows Vista DVD hologram design. Microsoft’s Anti-Piracy Team designed a counterfeit-resistant digital "watermark" for the non-encoded surface of Windows Vista DVDs. The photo in question is only one of multiple images contained in the hologram design, all of whose inclusion serves to make it more difficult to replicate a Windows Vista DVD. The other images are of old master works of art that are in the public domain. These images are part of numerous other security measures that have been designed into our media, packaging and certificates of authenticity. Hence, even though this image has been reproduced on the Web, there are many other features providing further security.
And, head on back to Sugiero's blog to see a few more images embedded in the disk.

I think the feature is pretty kewl! :D

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Tuesday 12 June 2007

SBS 2K3 - RWW & Terminal Server Publishing

Once a Terminal Server is installed and configured on the SBS network, external access to the TS desktop is served via Remote Web Workplace:

Once the user clicks on "Connect to my company's application-sharing server" the user will be redirected to the TS desktop's logon screen via a TSWeb session.

Proxy for the session is handled in the same way as a Remote Desktop session to Windows XP Pro or Vista Business via port 4125.

A few years back with the advent of TSHammer TSGrinder, one should never expose a Terminal Server listener to the Internet. It does not matter what port either, whether 3389, or somewhere in the 10K+ range. TSHammer TSGrinder was adept at snooping TS listeners and subsequently hitting them with dictionary attacks.

With the advent of RDP version 6 and the restructuring of TS authentication, we may see a change in our ability to expose Terminal Services to the Internet.

These changes might explain why TSHammer TSGrinder is harder to find in Internet searches.

UPDATE 2008-10-07: TSHammer could not be found because the old gray matter had clouded over the name! It is TSGrinder.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS 2K3 R2 - Green Check of Health ... The best it is going to get?

Recently, one of our SBS 2K3 R2 Premium boxes came up with the following:



We see the green checks for the Auto-start services, Critical Alerts, and Critical Errors.

The Yellow Shield for Update Services is pretty much common place now.

We have updated this particular server to WSUS 3.0 so we have setup the Definition Update automatic allow rule that doesn't break the built-in R2 configured WSUS.

This means we are not seeing a Red Shield every time Windows Defender received an update. :*Þ

Given the fact that the Exchange IMF is updated sporadically as an Update Rollup, we almost always see the Yellow Shield because the SBS server is set to "Download and Notify" for updates.

None of our server installations are set to "Download and Install". That is just plain risky!

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Monday 11 June 2007

SBS - Online SBS installation survey.

Have a moment?

How about letting a fellow SBSer know what kind of SBS installations you are working with:

CIAOPS Supportweb: Your SBS Survey.

If we can get enough SBSers to fill out the quick form, we could get a fairly representative sample of our SBS installations.

Courtesy of Susan Bradley: Your SBS.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS 2K3 Premium - Setup a DB on SQL 2000 & test it

We received a request to setup a database on the default SQL 2000 instance and verify connectivity.

We went through the following steps (change italics to your own names):

  1. Server Management Console
  2. Advanced Management
  3. Computer Management
  4. Services and Applications
  5. Microsoft SQL Servers (local) (Windows NT)
  6. Databases
  7. Right click: New Database
  8. Name: mynewdb
    • Leave the defaults
  9. Down to: Security
  10. Logins
  11. Right click: New Login
  12. Name: newdbuser
  13. SQL Server Authentication with password: dbpassword01
  14. Database: mynewdb
  15. No Server Roles
  16. Database Access Tab: check mynewdb
  17. Check: db_owner
  18. OK
Your database should now be setup and ready to role. Or at least it should.

Next step, at the SBS server from the command line we test connectivity to the database:

osql -U newdbuser -P dbpassword01 -d mynewdb

Here is the result of that osql command:



Login failed for user 'newdbuser'. Reason: Not associated with a trusted SQL Server connection.
A search of the Microsoft KB turned up the following articles:

Microsoft KB 889615: You may receive a "Not associated with a trusted SQL Server connection" error message when you try to connect to SQL Server 2000 or SQL Server 2005.

and

Microsoft KB 555332: Login failed for user 'username'. The user is not associated with a trusted SQL Server connection. (Microsoft SQL Server, Error: 18452).

The second article contains the solution:

Switch the authentication mode to SQL Server and Windows:


Note that the change requires a restart of the SQL Server services. If there are any client databases online at the time, either everyone needs to shutdown their access, or we need to wait until later on when no connections to any databases on the server are happening.

Also note that we did not receive any indication as to why the database was not accepting connections via the SQL Enterprise Manager on another workstation. It just refused to connect which is why we went to the osql commands directly on the server.

Some links:

When looking for the commands we needed on the command line, it was a bit of a trial at first. We finally came up with: MSDN Forums - Command Line connect to SQL Server Database.

That in turn led us to:

The osql Utility and its commands on MSDN.

Lots of database fun on this one! :D

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Saturday 9 June 2007

System Builder Tip: Have dirty power? Will blow up!

The summer is a bad time for us in St. Albert. It is guaranteed that someone somewhere will be putting a shovel or something through our power lines at least twice or more.

When we build systems, we are responsible for the immediate warranty fulfilment. We must keep enough system parts around to support our warranties. This is especially important as various components within the system may not be available at a later time if we are supporting a two (2) or even a three (3) year warranty.

Ever have a piece of equipment blow up from power spikes? We have.

Ever have a database get so badly corrupted because one workstation went boom during a high intensity lightning storm and it wasn't properly protected? We have. It was a door through which A/C current could hit the network.

Any power bar that is does not have a Joule suppression (eP Joule) rating on it is NOT a surge suppressor. It don't matter if it says so on the box! No eP Joule suppression rating? Then it ain't no surge suppressor.

The higher the eP Joule suppression rate, the better the surge protection. An eP Joule rating of 2500 or more is where to start when protecting workstations. Preferably one with RJ45 and/or RJ11 connectors too. This provides another level of protection for the network.

Every avenue that power gets into the network infrastructure, that includes RJ45 Ethernet, RJ11 Phone, AC receptacles, and any other external power source must be protected.

Think network switches plugged into the wall. Think ADSL or cable modems plugged into the wall. Think of the cable Internet COAX plugged into the cable modem that heads outside! Think phone lines providing ADSL. All are paths through which sensitive network infrastructure equipment can be killed by A/C.

Here is what a typical summer day looks like in St. Albert as far as power is concerned:


The 20 minute power outage was very recent. Somehow a transformer got popped and that wiped out the power for an entire city burrow. Our client's offices were in that burrow.

Fortunately, all of their systems were protected by both surge protection for the workstations as well as UPS with line conditioners for the servers, switches, and Internet connectivity equipment.

The overages show just how dirty the power is here in town. We are a small city of about 60K bordering on Edmonton with around 800K.

We always highly recommend that any workstation where an employee is working on databases, whether SQL, Access, QuickBooks, Simply Accounting, CCH programs, and more must have a UPS with power conditioning capabilities attached to their system. The UPS must provide enough battery based up time to safely shut down the database application attached to their system.

Just to repeat: Working with databases? A UPS with line conditioning is mandatory on the workstation as well as the server and network infrastructure.

And yes, we only use APC UPS and Surge Protection products. We have had great success with their products and have never been given a reason to switch. We have no qualms with recommending them.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

System Builder Tip: Server processor/CPU caveats when Intel server system building.

Yesterday, I mentioned that we had a bit of a struggle getting some Xeon 5130s working on what turned out to be a pre-production S5000PSL server board back when the Xeon 5130s were newly released. Blog post here: System Builder Tip: Intel S3000AH Server Board Series BIOS Updates Available.

When we sell server product, one of the selling "features" should be future upgrades to the server to meet further growth of the company. Yet, in today's server world, this is not the case.

How is that?

Let's say that in the case of the above S5000PSL we only installed a single Xeon processor. Say, the Intel Xeon 5130 SL9RX. We note that the Core Stepping is B2.

So, a year and a half down the road we need to add a second processor. The Xeon 5130 processor may still be in production, but we can only install a CPU with the same stepping code as the existing one, that is B2. More than likely, the stepping code on the then in production Xeon 5130 would be B3 or B4 or even higher! So, we would need to comb the Internet looking for the right one. Or, we would have to buy two (2) processors from our supplier anyway.

And therein lies a very serious caveat: The earlier revision of the server board may not support the newer stepping code CPUs or more Cores even with a BIOS update!

Here is a practical example based on an experience we just had with a server upgrade:

Here is a picture of the PBA code on the existing S3000AH that we attempted to upgrade yesterday to a Xeon X3210 Quad Core processor:


Note that the last three digits in the PBA number are -204. This is the board's revision level.

Now, here is what Intel's Web site states for X3210 compatibility:


In the last column we have some Notes numbers.

Here they are:

Our Intel Xeon X3210 CPU in note 7 requires a server board revision of -206 or above.

Thus, our installed S3000AH board at revision -204 does not qualify. Even with a BIOS update, the -204 board will not support the X3210 or X3220 Xeon Quad Core processors as indicated in the above Notes. In every other way, they are essentially identical!

We were fortunate that we had an S3000AH with a newer revision level here in the shop:


Our in-shop server board was revision -207.

When doing a straight across upgrade like this, that is, one S3000AH -204 for one S3000AH -207 one must make sure to flash the -204 to the newest BIOS version FIRST. Then boot the system up into the BIOS to verify the settings, then boot into the OS, with the -204 board still in the system, to make sure the OS doesn't take a fit over the BIOS update. Everything should work out okay up to this point.

To rephrase: Before making any physical changes to the server:
  1. Update the BIOS.
  2. Boot into the BIOS and verify settings especially the RAID controller LSI vs. Intel Matrix, save, and reboot if any changes were made by the BIOS update.
  3. Boot into the OS to verify its acceptance of the new BIOS.
  4. Shutdown the system.
Begin the hardware swap after that.

As soon as the server board swap is complete, boot directly to your BIOS update thumb drive and update the -207 to the S3000AH BIOS version as above (revision 42 as of this post).

Once the BIOS update is complete verify your BIOS settings as above!

There are two (2) RAID controllers built into this server board: The LSI based one and the Intel Matrix Technology one. Your OS may choke and not boot if the wrong one is configured.

If you had RAID array(s) configured on the previous server board, they will be picked up by the newer server board RAID controller with no issues. At least, that is what happened here with us as we verified the RAID controller type beforehand. Take note, both RAID controller versions picked up the RAID arrays, but the OS may still choke on the wrong controller!

When explaining to the client what may happen, we qualify our quote with options as far as what may happen if we run into this situation. Best case scenario and worst case scenario. We get approval for both as we provide costs for both.

Due to the complexity of inter-CPU stepping compatibility along with CPU type to server board revision level compatibility we always build our dual processor servers with two processors installed.

If our client is planning on having a large influx of employees over the life of the server, then we will install faster CPUs and more RAM too. We will build a server that will meet our client's needs for a minimum of two years as best as we can based on their budget.

If we are dealing with a smaller client with a rather static employee pool that only needs a one processor based server, we will sell a uniprocessor server system.

Given the above S3000AH server board revision compatibility situation, as well as the S5000PSL revision compatibility situation we were in before, we are careful about adopting new server technology.

In the case of early adopting, there are no guarantees that the server board revision purchased will be compatible with future CPUs. Thus, virtually no future upgrade scenarios will exist.

Some S3000AH specific Intel links:

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Friday 8 June 2007

System Builder Tip: Intel S3000AH Server Board Series BIOS Updates Available

The Intel S3000AH series server board has received a recent BIOS update to version 42.

Product page can be found here: Intel S3000AH Server Board.

Gotta make sure that BIOS is up to date, especially in this case as we are installing a Xeon X3210 Quad Core processor into an existing server that had a Xeon 3050 installed.

Previous BIOS versions may not be compatible with Quad Core, so the BIOS should be updated before hand if possible.

For new system builds, having a Xeon 3000 series processor around can facilitate that.

That goes for any server board BTW.

A while back, we got caught with an early revision S5000PSL board that did not support the 5100 series processors we were installing into it. It was not a known issue at that time as the 5100 series Xeons were just released and we happened to get a couple of the early ones. It took a BIOS update to get things to spec, but we did not have a 5000 series processor to install in the board to update the BIOS!

It worked out in the end, as we were fortunate our supplier had later revision boards in stock, so we were no further behind on our build time! We had the replacement board next day.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS 2K3 - All Versions: SBS KB926505 RipCurl update available via WSUS

One of the first steps in the SBS RipCurl (previous blog post on our RipCurl experiences & a RipCurl checklist PDF download) is to apply the KB926505 Vista and Outlook 2007 compatibility update.

It is now coming down to us as a critical update on WSUS:


Keep that in mind when considering to RipCurl your SBS boxes.

If you have approved the update in WSUS, and let it run via the Yellow Shield update installation request, then there is one less step to getting your SBS network Vista and Outlook 2007 compliant.

Microsoft KB 926505: Windows Small Business Server 2003: Windows Vista and Outlook 2007 compatibility update.

UPDATE: Added the above URL to KB926505.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS 2K3 - All Versions: SBS RSS Update for W2K3 SP2 released via WSUS

For those who have been struggling with Windows Server 2003 Service Pack 2 on SBS, an update has been released via WSUS to deal with the Receive Side Scaling (RSS) network issue:


The update disables RSS!

The original Microsoft KB936594: You may experience network-related problems after you install Windows Server 2003 SP2 or the Scalable Networking Pack on a Windows Small Business Server 2003-based computer that has an advanced network adapter.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Thursday 7 June 2007

Bleeding Edge: One time we got bloody ...

Working on a couple of different projects brought me to stumble across something I haven't seen in a very long time (image is freely available on the Web):

The above is an image of the ATI Rage Fury MAXX. A dual GPU card with 32 MB of DDR RAM dedicated to each GPU. It was released in approximately 1999.

In its day, it was truly bleeding edge. It was competing with VooDoo (remember them?), and nVidia's high end cards. We had a client who insisted on having it in a box we put together for him. Bleeding edge is always expensive, so this box was no different.

We made sure to let him know in writing and verbally that the card was not returnable, and that the system may not perform as he expected. He understood what he was getting himself into! ;)

Guess what? It didn't perform as he expected! 8*O

Those were the days that ATI had a bad rap for their drivers. And this card was a prime example of that situation.

It took less than a week for him to come back with the system to show us some absolutely wacky artifacts, and strange video breaking - the game would all of a sudden be missing the bottom corner and you could see the desktop behind. Sometimes it would be the top right corner or any of the corners.

We were on the phone with ATI support quite a bit in those days, and we paid for it.

Subsequent driver releases helped, but in the end the product was essentially discontinued (read abandoned) by ATI. :(

Our client was pretty good about the whole situation knowing to some degree what he was getting into. We made good on the situation by providing hours of free support time in shop.

Why bring this up?

Because, even today, the Bleeding Edge can hurt us.

From driver immaturity, or even the lack of drivers for bleeding edge products, we sometimes cannot provide a requested product to a client. Sometimes initial manufacturing deficiencies will show up in the first products of a production line. There are many reasons why first generation can be painful. ;)

How do we find that out today?

We research other people's experience with the product via the Internet. If there is very little information out there due to the newness of the product, depending on our client, we would then purchase the product and test it.

We pay the price in time investigating the product. We try and take the risk for our client. If things don't work out as in the above situation, we try and make sure that we make it right as best as we can.

It is the part of client service that we deem the cost of doing business.

It also provides us with the knowledge we need to advise our clients on what products and solutions will work best for their given needs and network infrastructure.

If something doesn't work as advertised, then we avoid it! :D

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

SBS - Hard Drive Partitioning Schemes

There doesn't seem to be one guideline out there as far as how to partition a hard drive, or hard drives for Small Business Server.

Do we RAID our drives? Most certainly! We need that extra level of redundancy.

Surely no one puts together servers with only one hard disk or two hard disks without redundancy in it anymore?

Over the years, we have come up with a number of different hard drive setups depending on our client's business size and data volume needs.

A small client, say 5 to 15 seats, with a small volume of data would be setup as follows (physical disk properties & setup first with partitioning sub'd) :

  • 2 x 320 GB RAID 1 array (non-hot swap)
    • Primary System Partition: C: (310 GB)
    • Swap and URL Cache Partition S: (10 GB)
  • 2 x 320 GB RAID 1 array (non-hot swap)
    • Data Partition I: (320 GB)
In the above setup, VSS snapshot data would be stored on the C: partition leaving the I: partition totally to client data.

We have clients with higher data volume demands, some growing as fast as 15 GB per month during their peak seasons.

For some of them, and our larger firms in the 25-45 seat range we would configure the following:

  • 2 x 320 GB RAID 1 array (hot swap)
    • Primary System Partition: C: (310 GB)
    • Swap and URL Cache Partition S: (10 GB)
  • 3 x 320 GB RAID 5 array - 620 GB usable (hot swap)
    • Data Partition I: (620 GB)
  • 1 x 320 GB Global Hot Spare (hot swap)
We keep all of the drives the same size for the principle reason of having the hot spare available for either of the arrays. That is why it is considered Global, because it can be inserted into any array on the RAID controller. A hot spare can also be dedicated to any one of the specific arrays.

For the larger data volume clients:

  • 2 x 500 GB RAID 1 array (hot swap)
    • Primary System Partition: C: (480 GB)
    • Swap and URL Cache Partition S: (10 GB)
  • 5 x 500 GB RAID 5 array - 2.0 TB usable (hot swap)
    • Client Data Partition I: (500 GB)
  • 2 x 500 GB RAID 1 array (hot swap)
    • VSS & Server Data Partition J: (500 GB)
  • 1 x 500 GB Global Hot Spare (hot Swap)
We put the swap file and ISA's URL cache (99.9% Premium installs) on a separate partition to prevent them from being fragmented on the system C: partition. It facilitates increased system speed.

The same reason is used for setting up the VSS (Volume Shadow copy Service) snapshot files on a different drive/partition than the volume that is being shadow copied.

Relative to the other components that are being configured in a server, hard drive storage is cheap. Seagate's ES Series Enterprise SATA drives command a 10% premium over their desktop drives for extra reliability built in. That figure is a small price to pay for drives designed to be always on and serving huge chunks of data on a daily basis.

At this point, SCSI/SAS does not provide the cost/size ROI benefit for pretty much all of our clients that SATA does. There are a few exceptions to that rule though not many in our SMB environment.

Of course, your mileage will vary! ;)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Wednesday 6 June 2007

Outlook 2003 - The messaging interface has returned an unknown error

We have a client that was receiving the following error when trying to print a public calendar:

The messaging interface has returned an unknown error
Okay, a simple search turns up the following Microsoft KB articles, but they are not relevant: None of them applied.

Once, and only once did we get an error indicating permissions problems on the task list folder before the above mentioned error.

So, when printing the calendar view, we went to the Page Setup button, and disabled printing the tasks list.

It worked.

So far, we haven't been able to find out just where the permissions conflict is yet.

But, they are happy about being able to print out their calendar again.

Honourable mention to the following who provided the key to figuring out how to get things going again:

Experts-Exchange: The messaging interface has returned an unknown error.

MCSE.MS: The messaging interface has returned an unknown error.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Microsoft Partner - Promoting your business on the new Solution Profiler

Apparently, we will need to build a solutions profile for our companies in order for clients to find us soon.

From what I understand, the client types in a problem/solution they are looking at and those partners that have the right key solution words would be brought up in the results.

Hopefully it will eliminate the Resource Directory's promotion of Gold and Certified members over us Registered level Small Business Specialists. Hopefully, it will avoid the snafu of trying to get our company properly listed in the Resource Directory! 8*0

Why is this important? As Susan Bradley points out in her introduction in the book Advanced Small Business Server 2003 Best Practices, the Gold Certified partners tried to convince her and her firm to avoid SBS (pg. xxxvii)! When we Registered level partners tend to know that SBS is an awesome product that can meet a broad range of client I.T. needs for a very reasonable cost.

It is in our experience as well, that small business I.T. shops that have obtained their Microsoft Small Business Specialist designation, are a lot more understanding of a small business' needs. Howz that? Well, we run our own small businesses don't we?

We understand the need to juggle our business needs according to cash flow, productivity and knowledge of our employees, applications that can serve our business needs, the technology needed today and tomorrow to meet those needs, and more.

As a result, we smaller Microsoft Small Business Specialists have a particular ability to address our client's small business needs.

We also have the time to invest in getting to know our client's business, their business model, and the special software application needs they may have for their industry. By investing this time, we are better able to design an SBS based solution that will meet their very specific needs.

We could not justify that kind of time investment in our client's business I.T. needs if we worked for a larger I.T. support company.

This time investment pays off in the end, as we can foster business relationships that can last decades!

So, invest some time in setting up your Solution Profile. Log on to the Partner site: Microsoft Partners Site (Worldwide Portal). Once signed in, click on the View/Manage your membership account button and head over to the Membership Center (has your little graph status level). The Solution Finder is under the "Requirements & Assets" heading/button.

It will be time consuming, especially for us small shops, but in the end, it will hopefully be worth it.

Thanks to David Overton's Blog for pointing this out: So your profile info is on MS Partner site and partner finder, so now you MUST update your solution profiles to be found - here is why and how it takes 10 mins.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Tuesday 5 June 2007

Windows Vista - VHD Evaluation Version Available

A Windows Vista Enterprise Evaluation VHD (Virtual Hard Drive) version is now available for download.

You can get it here: Microsoft Windows Vista 30-Day Eval VHD (Registration is required).

Once we downloaded and set it up on one of our Virtual Server 2005 R2 servers, we were greeted with the following:


The Automatic Activation shows 2 days before its next try.

The VHD's download page indicates that it is good for 30 days and then it should be discarded after that time period. There is also mention that the VHD should not be activated. So, what will happen after the Automatic Activation deadline and the 30 days beyond today will be interesting to see.

We ran the Microsoft KB930955: Moveuser.exe is incompatible with Windows Vista and is replaced by the new Win32_UserProfile WMI functionality in anticipation of installing the Vista Eval VM on our SBS 2K3 R2 (RipCurled) virtual domain.

No matter what we did, the Vista VHD refused to allow the update. No indications were given as to what the problem was. If we have time, more effort will be put into the investigation.

We were able to run the Connect Computer Wizard and begin the install onto the SBS domain with no issues. Because of the above, if we had local accounts to migrate, they would have been left behind (Though there is a fix for that).

The _sbs_netsetup_ portion after the first reboot would not log off and reboot the system. We had to manually log the SBS setup user off, then log on as domain admin and reboot the VM.

After the second reboot and the subsequent logon with an SBS domain user account, the Client Install wizard ran without incident. Outlook 2003 was there and functional with the domain user's Exchange connection.

For those without a TechNet subscription, this will provide a means of configuring, installing software, and all around messing around with Windows Vista.

It is definitely a step in the right direction for those who need to test their network infrastructure and applications with Windows Vista.

Thanks to Susan Bradley for pointing out the download: Vista in a VHD.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

D5 - Video of an interview of Steve Jobs & Bill Gates

If you have some time to burn and are interested in a little computer history, as well seeing Bill Gates and Steve Jobs on a stage together for the first time in ages, then check out the following:

D5All Things Digital: Joint Interview with Steve Jobs & Bill Gates by Walt Mossberg and Kara Swisher.

There are seven parts to the interview plus the prologue.

The Prologue is initially quite funny as it is a parody on the Dating Game. And, it is pretty neat to see out of the three industry leaders introduced at the beginning, only Gates is standing today. We go on to see some bits of history in the relationship between Microsoft and Apple.

The Highlight Reel spotlights some dialogue where Jobs says some things that render Gates completely speechless. It was good for a laugh.

Check it out ... it is a little bit of history in the making for our industry as well as a good history lesson about our industry.

It is also really neat to get a glimpse of both Gates and Jobs' thoughts and personalities.

Thanks to Todd Bishop's Microsoft Blog: Steve Jobs, Bill Gates discuss their relationship for pointing this one out.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists

Monday 4 June 2007

SBS 2K3 - All Versions: Yet another issue with W2K3 Service Pack 2

It seems to be a fact on SBS that service packs break things. This fact has been around for a very long time.

It is one of the reasons we never apply service packs immediately, especially the OS ones, to our SBS boxes.

The SBS blog has pointed out another issue on SBS with Windows Server 2003 Service Pack 2: Unable to RDP/RWW into the SBS server after applying SP2.

The service pack breaks Terminal Services. The solution it seems, is to head over to the server console and reapply the service pack.

This can be especially painful for us SBSers, as we are generally RDPd into our SBS boxes for the updates. Sometimes, depending on the updates, we will need a fail safe scheduled reboot (previous blog post how-to) that would run an hour or so after starting the updates just in case the RDP connection is killed. Exchange and ISA updates are bad for that.

Susan Bradley has a current W2K3 SP2 install on SBS caveat page: Before You Install. And, there are LOTS of them!

As I see it, Service Packs are a throwback to a time when the Internet was in its infancy or even non-existent. We were required to either pay for the floppies, CD, or now DVD media, or after the coming of the Internet, download them from Microsoft's product page. Keep in mind we are talking about the SMB environment here. No SMS & MOM.

There was really no incremental updates until the advent of Windows Update. With Windows Update, we were able to patch and update our operating systems on an ongoing basis. We no longer had to wait for the service pack.

The same is true of our Microsoft Applications with the advent of the comprehensive update site for all Microsoft products: Microsoft Update.

A really huge portion of the current Service Pack 2 for Windows Server 2003 has already been delivered to us via WSUS/MSUpdate.

For us SBSers, the adoption of WSUS 2.0 was quite wide spread. Why else was WSUS 2.0 incorporated into the R2 release of SBS? Because it works, it facilitates an accurate picture of an organization's patch level status, and it gives the remote consultant full control over what patch is released and when.

Now, with the release of WSUS 3.0 and its ability to seamlessly be installed on SBS 2K3 SP1 and R2, we obtain the ability to manage Windows Vista patching as well. Here is a previous blog post on one particular WSUS 3.0 installation.

Given our current abilities to keep our patching levels current via WSUS, to test those incremental patches and publish our experiences with them, and to monitor our client's installations simply via the SBS R2 reports, we need to retire the Service Pack for the mainstream, but especially for SBSers.

Give us those incremental updates that were contained in the current Service Pack via WSUS. Give us the chance to test each component in our labs and on our own networks before having to chew on a chunky Service Pack that may, and does, break things on our client's SBS boxes.

Microsoft, our SBS boxes are as varied as any out there. Each client installation will be different. Hardware configurations are myriad, different critical corporate software installations on the SBS box are numerous, and no two SBS installations are identical.

We as Microsoft Small Business Specialists take great pains to try and configure servers based on one hardware platform to ease what can be a hardware support nightmare.

We also take great pains to make sure that our solutions meet our client's very specific needs.

And, our solutions need to be stable. It is tough to sell solutions based on SBS if we see a huge splattering of SBS pain on a Service Pack install. That, it seems, is what is happening now.

Think about the consultant or small I.T. support company that is not as experienced with SBS. Will the current debacle with W2K Service Pack 2 deter them from installing SBS based solutions? It sure may!

Also, keep in mind that the small business client, though not an I.T. Professional, may have at least a good grasp on the technologies used in their business, and know where to find information on products that a consultant may be recommending to them. The current Service Pack 2 issues on SBS may not show SBS in a good light at all.

Microsoft, having SBS pain expressed around Windows Server 2003 Service Pack 2 is definitely not a good way to sell a product.

All that being said, we still maintain that SBS 2K3 Premium R2 is the best server software product for our SMB clients. To date, SBS 2K3 is the best SBS version we have worked with. And, we plan on working with it as well as SBS Cougar into the future!

We will just continue to be very cautious around service packs! ;)

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists