Network Administration & Consulting Services

Sysinternals Tools have been updated. PSExec v1.90 improves handling of arguments, BgInfo v4.12 offers improved reporting, Process Explorer v11.04 fixes a memory leak, ADExplorer v1.01, DebugView v4.72 and Process Monitor v1.26 fix some minor bugs.

I've asked by one of companies, where i provide an IT consulting services, how to install directx on client's computers unattended?

By going to the http://msdn2.microsoft.com/en-us/library/bb219742.aspx you can find, black on white, how to install directx in unattended mode. All you have to do, is to add the switch "/silent"!

Admins, I'm also VERY lazy admin, but reading a HELP save your time, remember the RTFM rule ;)

These technical overviews provide IT Professionals with information about how a Windows Server 2008 technology works. They may also cover design and planning considerations and basic setup and operating instructions. 

The download contains the following documents:

• DNS Server Global Query  Block List
• Installing and Configuring and Troubleshooting the Microsoft Online Responder
• What's New in Failover Clusters
• What's New in Terminal Services for Windows Server 2008

Download: WS2008 Technical Overviews

If the primary Windows NT account for a mailbox is changed, the new primary Windows NT account does not have immediate access to the mailbox and the previous primary Windows NT account still maintains access for some period of time.  This problem may also occur after a move mailbox operation.

It's because of the information store caches information contained in the directory store and, by default, it re-reads it every 120 minutes. Therefore, any change to a directory object (for example, a primary Windows NT account change) is not reflected in the information store for two hours.

To have changes to directory objects picked up immediately by the information store, follow these steps:

1. Run Registry Editor (Regedt32.exe).
2. Locate the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
3. On the Edit menu, click Add Value.
4. Enter Mailbox Cache Age Limit for the Value name.
5. Type REG_DWORD for the Data type.
6. Type 1 for the Data of type DECIMAL, and then click OK.
   
   NOTE: This registry entry is not a switch, it is a setting. If it is set to 1 the server rereads the cache every minute; if it is set to 2 the server rereads the cache every 2 minutes, and so forth.
   
   
7. Stop the information store service.
8. Restart the information store service.

The information store now updates its mailbox cache frequently by rereading the directory every minute. 

Microsoft internal IT: 

600k connected devices
10,000 Servers
3 Datacenters 1 operations center
11% is virtualized in Microsoft Datacenters
330 of 385 servers run Windows Server 2008 (RC0) plus all 85 Microsoft.com servers
11 clustered systems
30,000 users in redmond domain (50,000 with vendors)
NAP reporting 140K clients, 90 clients deferred mode

The Redmond Active Directory domain is running in Windows Server 2008 mode since last thursday (Nov 1st)

Microsoft Email: 

6 million internal emails per day
20 Million emails from Internet
97% rejected as spam
99,999 uptime

Worldwide: 

140,000 end users
550 buildings
98 countries
1/3 of the sites are connected over Internet only

2300 Line of business applications
1 single SAP instance (5 Terrabyte database)
Dynamics/MSCRM

Windows Live Services: 

130,000 servers online
435 Million unique users
280 Billion pageviews daily
12 Billion emails daily
6 billion Instant Messages daily

Remote connect
1 million VPN sessions per month
80,000 unique OWA users
Remote app portal
TS gateway 20,000 users
Direct Connect pilot

Microsoft.com figures
55,7 million unique users, #4 overall site in US
280,5 Unique users wordwide #6 site worldwide
15,000 request a sec

The Redmond Active Directory domain is running in Windows Server 2008 mode since last thursday (Nov 1st)

Source: Bink.nu

Server Message Block (SMB), also known as CIFS (Common Internet File System) is the file sharing protocol used by default on Windows based computers.  Windows includes an SMB client component (Client for Microsoft Windows) and an SMB server component (File and Printer Sharing for Microsoft Windows).

SMB in Windows Server 2008 and Windows Vista support the new SMB version 2.0 that has been redesigned for today’s networking environments (wireless, possible high loss, timeouts, high latency, …) and for the needs of the next generation of file servers (EFS over the wire, Offline Files and Folders enhancements, …).

Machines running Windows Server 2008 and Windows Vista support both SMB v1.0 and SMB v2.0.  However SMB 2.0 can only be used if both client and server support it!!  So, the SMB protocol revision to be used for file operations is decided during the negotiation phase.

A Vista client advertises to the server that it can understand the new SMB 2.0 protocol.  If the server (Windows Server 2008 or otherwise) understands SMB 2.0, then SMB 2.0 is chosen for subsequent communication, otherwise they fall back to SMB 1.0.

This preserves “downwards” compatibility so that deploying Vista clients or Windows Server 2008 servers should be simple and straightforward.   The following list below describes what protocol will be used when communicating between different types of client and servers.

• Vista client <> Vista client or Windows Server 2008 – SMB 2.0
• Non-Vista client <> Vista client or Windows Server 2008 – SMB 1.0
• Vista client <> Non-Vista client or Non-Windows Server 2008 – SMB 1.0
• Non-Vista client <> Non-Vista client or Non-Windows Server 2008 – SMB 1.0

For an overview of the impact on network throughput, have to look at the white paper of a third-party benchmark study done by The Tolly Group which compares network throughput and time-to-completion of several tasks when using Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008 .

Source: http://trycatch.be/blogs/roggenk 

Microsoft has posted download links to Windows Vista SP1 RC Preview on the MSDN homepage for MSDN subcribers. "Get the latest preview of Windows Vista SP1 on MSDN Subscriber Downloads. This new release of SP1 addresses reliability and performance issues, and provides support for new hardware and several emerging standards." Windows Vista SP1 is slated for an early 2008 release but beta testers can get their hands on early preview builds. Users have reported that the service pack not only includes many bug fixes but several performance enhancements as well.

 This is BETA software!, please use caution when installing it on your system
 Download: Vista SP1 RC Preview (MSDN Subscription Required)

Source: www.neowin.net

Anyone who has used Virtual PC / Virtual Server for a while will have got their head around the fact that you cannot access physical hardware directly from the virtual machine - with the exception of devices connected to a serial or parallel port.  Well, as a number of people have discovered there is an interesting exception for 'internal modems'.  These are modems that are usually on a PCI card in the physical computer - or on a PCMCIA card in a laptop.

The trick here as that internal modems almost always implement a hidden serial port - to which the modem is hardwired.  This is true even of WinModems.

As such - all you need to do is to figure out which COM port is used by the internal modem (poking around under Device Manager will usually get you the answer quickly) and map that to COM1 in the virtual machine.  You can then just use a 'generic modem' configuration in the virtual machine to get this to work.

Source: http://blogs.msdn.com/virtual_pc_guy 

Secure Socket Tunneling Protocol (SSTP) is a new form of (SSL-based) VPN tunnel with features that allow traffic to pass through firewalls that block PPTP and L2TP/IPsec traffic. 

SSTP provides a mechanism to encapsulate PPP traffic over the SSL channel of the HTTPS protocol.  The use of PPP allows support for strong authentication methods such as EAP-TLS.  The use of HTTPS means traffic will flow through TCP port 443.  Secure Sockets Layer (SSL) provides transport-level security with enhanced key negotiation, encryption, and integrity checking. 

SSTP supports multiple authentication methods such as passwords, smart cards, certificate-based and "One Time Password" authentication.

SSTP has integrated NAP support for client health check, by using the NPS (Network Policy Server - ex-IAS) for authentication and authorization.  

Client/Server Requirements

SSTP is available through the Windows Server 2008 Routing and Remote Access VPN Server.  IIS is not required for running SSTP, since RRAS listens to HTTPS connections directly over HTTP.SYS.

Only clients running Windows Vista SP1 are able to create SSTP-based VPN tunnels.

Additional reading:

• Step by Step Guide: Deploying SSTP Remote Access 
• Screencast: Deploying SSTP Remote Access
• Technet June 2007 Cable Guy SSTP article

Source:http://trycatch.be/blogs/roggenk

Microsoft Exchange Server 2007 Service Pack 1 introduces many new features for each server role. Lets

• New deployment options: You can now install Exchange 2007 SP1 on a server that is running Windows Server 2008
  
• Client Access Server Role Improvements: We’ve added an UI to manage POP3 / IMAP4, OWA improvements, Active sync improvements with the addition of for example remote wipe information and much more
  
• Transport: Enhancements to message processing and routing functionality on the Hub Transport role.
  
• Mailbox Server Role Improvements: Public folder management in the Exchange Management console, mailbox management improvements, etc...
  
• High Availability: In SP1 we will introduce the Standby Continuous Replication in addition to LCR and CCR, further more we support the WS2008 Failover clustering and we improved the Exchange management console.
  
• Unified Messaging Server Role: Unified Messaging has been improved and has added new features in Exchange 2007 SP1. To use some of these features, you must correctly deploy Microsoft Office Communications Server 2007 in your environment.
  

As you can see we have made a lot of improvements onto Exchange Server 2007 with this Service Pack and especially for the Unified Communication Role.

Exchange Server 2007 Unified Messaging combines voice messaging, fax, and e-mail into one Inbox, which can be accessed from the telephone and the computer. Unified Messaging integrates Exchange Server 2007 with the telephony network in your organization and brings the features found in Unified Messaging to the core of the Exchange Server product line.

• For more information about Unified Messaging, see Unified Messaging.
• For more information about how to plan for Unified Messaging, see Planning for Unified Messaging Servers.
• For more information about how to deploy Unified Messaging, see Deploying Server Roles.
• For more information about how to manage Unified Messaging, see Managing Unified Messaging 

DNS provides the name resolution services required by Active Directory.  The DNS server in Windows Server 2008 complies with the set of Requests for Comments (RFCs) that define and standardize the DNS protocol.
Because the DNS Server service is RFC compliant and it can use standard DNS data file and resource record formats, it can work successfully with most other DNS server implementations, such as DNS implementations that use the Berkeley Internet Name Domain (BIND) software.

The DNS Server service in Windows Server 2008 includes some new and enhanced features described below.

1. Background zone loading

A DNS server running Windows Server 2008 now loads zone data stored in AD DS in the background while it (re)starts, so that it can respond immediately to requests for data from other zones.  Because the task of loading zones is performed by separate threads, the DNS server is able to respond to queries while zone loading is in progress.  Let's have a look at the startup sequence:

• The DNS server starts, it first enumerates all zones to be loaded.
• It loads root hints from files or AD DS storage. 
• All file-based zones (stored in files rather than in AD DS-integrated) are loaded.
• The DNS server begins responding to queries and remote procedure calls (RPCs).
• All AD DS-based zones are loaded afterwards, by one or more threads spawned.

Because the task of loading zones is performed by separate threads, the DNS server is able to respond to queries while zone loading is in progress.

2. GlobalNames Zone

This new feature provides single-label name resolution for large enterprise networks that do not deploy Windows Internet Name Service (WINS) and where using DNS name suffixes to provide single-label name resolution is not practical.

When the GlobalNames zone is deployed, single-label name resolution by clients works as follows:

1. The client's primary DNS suffix is appended to the single-label name and the query is submitted to the DNS server.
2. If that FQDN does not resolve, the client requests resolution using its DNS suffix search lists .
3. If none of those names resolve, the client requests resolution using the single-label name.
4. If the single-label name appears in the GlobalNames zone, the DNS server hosting the zone resolves the name. Otherwise, the query fails over to WINS.

The GlobalNames zone provides single-label name resolution only when all authoritative DNS servers are running Windows Server 2008.  No changes to client software are required to enable single-label name with this feature.

How to setup GlobalNamesZones (GNZ) in 3 steps:

1. To get GNZ functionality for a given domain or forest, all authoritative DNS servers must be running Windows Server 2008.
   
2. Create an Active Directory integrated zone called GlobalNamesZone. 
   
   Don't forget to choose the appropriate storage method and replication scope for this zone.
   Recommendation: Create the new "GlobalNames" zone as AD DS‑integrated zone, stored in the forest-wide DNS application partition (replicating to all domain controllers that are DNS servers in the forest).
   
   dnscmd ServerName /ZoneAdd GlobalNames /DsPrimary /DP /forest
   
3. Enable the GlobalNames Zone functionality on the DNS Server.
   
   Ensure that the GlobalNamesSupport registry setting has been enabled on all DNS servers, using dnscmd as follows:
   
   dnscmd ServerName /config /EnableGlobalnamesSupport 1

For more information: DNS Server GlobalNames Zone Deployment white paper

Continue on source: http://trycatch.be/blogs/roggenk 

The Infrastructure Planning and Design series is the next version of Windows Server System Reference Architecture. The guides in this series help clarify and streamline design processes for Microsoft infrastructure technologies; each guide addresses a unique infrastructure technology or scenario. All guides share a common structure including:

• Definition of the technical decision flow through the planning process.
• Listing of decisions to be made and the commonly available options and considerations.
• Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.
• Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.
• These guides complement product documentation by exposing and focusing on infrastructure design options.

Guides Available in This Release

SoftGrid Application Virtualization Guide

Microsoft SoftGrid® Application Virtualization is the only virtualization solution on the market to deliver applications that are never installed, yet securely follow users anywhere, on demand. It dramatically improves IT efficiencies, enables much greater business agility, and provides a superior end-user desktop experience. The Infrastructure Planning and Design Series: SoftGrid Application Virtualization assists designers in the infrastructure planning process for SoftGrid by providing a clear and concise workflow of the decisions and tasks required for each method. This guide enables you to plan the infrastructure required for meeting your application virtualization service goals.

Windows Server Virtualization Guide

A virtualized computing environment can improve the efficiency of your computing resources by utilizing more of your hardware resources. Windows Server virtualization enables you to create a virtualized server computing environment using a technology that is part of Windows Server 2008. The Infrastructure Planning and Design Series: Windows Server Virtualization guide discusses Microsoft virtualization options using Windows Server virtualization in Windows Server 2008 and Microsoft Virtual Server 2005 R2 SP1. The guide explains design considerations at critical decision points and helps with plans for an optimized server virtualization architecture to meet organizational goals for performance and consolidation.

Where to Find the Beta Program

The Infrastructure Planning and Design Series beta releases for SoftGrid Application Virtualization and Windows Server Virtualization are available as open beta downloads.

To join the Infrastructure Planning and Design beta, follow these steps:

1) Visit the Microsoft Connect Web site (http://connect.microsoft.com).

2) Click Invitations on the Connect menu.

3) Sign in using a valid Windows Live ID to continue to the Invitations page.

4) Enter your Invitation ID in the box. Your invitation ID is: IPDM-QX6H-7TTV

5) Click Go.

If you have not previously registered with Microsoft Connect, you might be required to register before continuing with the invitation process.

If the link in step 1 does not work for you, copy the full link and paste it into the Web browser address bar.

There has been quite some noise around the talk that Eric Traut (Distinguished Engineer) give at the University of Illinois. During his talk Eric showed something is called MinWin which is a stripped kernel of Windows 7 that will be the basis of our future products. Not just the Windows OS but it's also the OS used for media centers, for servers, for small embedded devices . However MinWin is internal-only and won’t be productized as such.

MinWin is 25 MB on disk; Vista is 4 GB, Traut said.  The MinWin kernel does not include a graphics subsystem in its current build, but does incorporate a very simple HTTP server. The MinWin core is 100 files total, while all of Windows is 5,000 files in size.  This is something big, the kernel is so small that there is no graphical subsystem, in the screenshot below you see that when booting the Logo is build from ASCII characters. Pretty cool.

If you only want to see the MinWin demo, istartedsomething.com has an 8-minute excerpt

Further Eric also explains that in the Windows Server Virtualization technology we expose Hypercall's which can be compared to kernel calls and earlier this week we announced that those Hypercall API's will be available viaOpen Specification Promise. Read more about that at the Windows Virtualization Team Blog

I encourage you to watch the full video of Eric Traut’s talk ,because he explains our Virtualization technology more in depth.