Network Administration & Consulting Services

Few month ago I published an article "PXE, aka Pre-Execution Environment - Part 1". In this article, I talked about a problem to use boot disk which created at Windows XP for PXE boot. I'd like to say thanks to Michael Bridge. He found a way to make the Windows XP floppy image of the netbootdisk work.

Under \\pxelinux.cfg\default

append initrd=.IMA raw

(add "raw" after the image name)

According to this http://syslinux.zytor.com/memdisk.php it allows access to protected mode memory. Michael Bridge, told me that he managed to get the solution on this web site:
http://syslinux.zytor.com/archives/2007-July/008918.html 

There is a great post about how to create "split VHDs" (a VHD that is broken into multiple files on the physical computer) with arbitrary sizes here:

http://www.wirwar.com/blog/2007/10/26/splitting-a-virtual-pc-vhd/

NOTE: Be warned though - only Virtual PC supports split VHDs (Virtual Server does not). 

When you have Virtual Machine Additions installed on Virtual PC we will automatically synchronize the virtual machines time with that of the host operating system.  For most people this is a "good thing" - but if this is something you want to disable you need to:

1. Stop the virtual machine in question.
2. Locate the .VMC file for the virtual machine.
3. Open the .VMC file in notepad.
   
   You can use a different editor - but notepad is the safest as it is guaranteed to not change our file format to something that is incompatible with Virtual PC (which other editors have been known to do).
   
   
4. Find the section of the .VMC file that looks like this:
   

   <integration>
       <microsoft>         
   
           <mouse>         
   
               <allow type="boolean">true</allow>         
   
           </mouse>         
   
           
   
   Bunch of other stuff that I am skipping over to save space...         
   
           
   
       </microsoft>         
   
   </integration>
   

5. Change it to look like this:
   

   <integration>          
   
       <microsoft>           
   
           <mouse>           
   
               <allow type="boolean">true</allow>           
   
           </mouse>           
   
           <components>           
   
               <host_time_sync>           
   
                   <enabled type="boolean">false</enabled>           
   
               </host_time_sync>           
   
           </components>           
   
   
   Bunch of other stuff that I am skipping over to save space...           
   
   
   
       </microsoft>           
   
   </integration>   

6. Close notepad and save the .VMC file.
7. Start the virtual machine under Virtual PC.

Note that this will not only disable the time synchronization that happens while the virtual machine is running - it will also disable the time synchronization that occurs when you start the virtual machine.  This means that unless you are using some other method for time synchronization (network server, etc...) time inside the guest operating system will become very incorrect very quickly.

Microsoft Exchange Server 2007 Service Pack 1 (SP1) has been designed specifically to help meet the challenges of any business and the needs of all the different groups with a stake in the messaging system. Exchange Server 2007 SP1 is a mission-critical communications tool that enables employees to be more productive and access their information anywhere and anytime while providing a messaging system that enables rich, efficient access to e-mail, calendar items, voice mail, and contacts. For the administrator, Exchange Server 2007 SP1 provides advanced protection options against e-mail security threats, such as spam and viruses, as well as the tools to help manage internal compliance and high availability needs.

In Exchange Server 2007 SP1, several new features and improvements will extend the Anywhere Access capabilities of Exchange Server 2007 to help make employees more productive on whatever device they’re using, provide additional Operational Efficiency tools for administrators seeking a streamlined management and deployment experience, and enable advanced Built-in Protection for more robust high availability and compliance scenarios.

Improvements in Exchange Server 2007 SP1 include:
Anywhere Access
• Integrated Exchange Unified Messaging functionality with Microsoft Office Communicator 2007 and Microsoft Office Communications Server 2007.
• Outlook Web Access additions, including public folder access, S/MIME support, personal distribution lists, and mailbox rules editor.
• Webready document viewer supports Microsoft Office 2007 documents in addition to Microsoft Office 2003 documents.
• Extended language support in Outlook Web Access with Arabic and Korean spell checking.
Operational Efficiency
• Support for Windows Server 2008 deployments, including benefits in flexible clustering, native virtualization, advanced networking, and simplified management.
• Additional tools in the Exchange Management Console, including public folder management and configuration options for clustering and POP/IMAP access.
• Improvements to the Exchange Management Shell syntax and import-export PST in the move-mailbox command.
• Wider variety of web services for application development, including public folder access, delegate management, and folder level permissions.
Built-in Protection
• Addition of Standby Continuous Replication (SCR) for site resilient high availability deployments.
• Extended Exchange ActiveSync policies for mobile policy enforcement.
• Information rights management pre-licensing by the Hub Transport role.
• Secure Real Time Protocol (SRTP) support in the Unified Messaging role.
• Support for IPv6 when using Windows Server 2008.

Microsoft acquired DesktopStandard and obtained GPOVault and most of the PolicyMaker family.  GPOVault has been updated and released as Advanced Group Policy Management (AGPM), part of the Microsoft Desktop Optimization Pack for Software Assurance (MDOP).  PolicyMaker Standard Edition and PolicyMaker Share Manager will be available to Microsoft customers in two ways as "Group Policy Preferences" and will be integrated into the Group Policy Management Console (GPMC) in:

• Windows Server 2008 (starting with November CTP)
• Remote Server Administration Tools (RSAT) for Windows Vista SP1

Windows Server 2008 includes the new Group Policy Preferences built-in to the Group Policy Management Console (GPMC). Additionally, administrators can configure preferences by installing the Remote Server Administration Tools (RSAT) on a computer running Windows Vista Service Pack 1 (SP1).

"Group Policy Preferences" extend more than 20 Group Policy categories within a Group Policy Object (GPO) and enable IT professionals to configure, deploy, and manage operating system and application settings including mapped drives, scheduled tasks, power options, files and/or folders, printers, folder options and Start menu settings for Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP systems.

"Group Policy Preferences" do not require you to install any services or components onto your servers.  Windows Server 2008 includes Group Policy Preferences by default as part of the Group Policy Management Console (GPMC).  Administrators will also be able to configure and deploy Group Policy preferences in a Windows Server 2003 environment by installing the Remote Server Administration Tools (RSAT) on a computer running Windows Vista with SP1.  Both RSAT and Windows Vista SP1 will be available in the first quarter of 2008.

Although you don’t have to install any services to create GPOs (Group Policy Objects) that contain Group Policy Preferences, you must deploy the Group Policy Preferences client-side extension (CSE) to any client computer to which you want to deploy these preferences.  The CSE will be available as a separate download from Microsoft and will support the following Windows versions:

• Windows XP with SP2
• Windows Vista
• Windows Server 2003 with SP1
• Windows Server 2008 already includes the CSE.

Microsoft, exactly for me created a good white paper that I’d like to read:

System Center Virtual Machine Manager 2007 Scripting Guide

A very nice guide of useful script samples for SCVMM - which highlights common tasks:

Adding new Virtual Server hosts.
Configuring new Virtual Server hosts.
Deploying and configuration new virtual machines from the library.
Moving virtual machines between different hosts.

If you are working with Virtual Machine Manager, Must read!

Microsoft is looking to release the Release Candidate (RC) test build of Windows Vista Service Pack (SP) 1 to selected testers the week of December 1, according to sources close to the company.

Microsoft’s plan is to expand the SP1 RC test to the general public by making the build available to any interested parties in the second week of December, sources said. Microsoft is currently testing the escrow of the SP1 RC build internally. The build being tested internally is build number 17051, sources said.

Microsoft has said it is planning to deliver the final SP1 code in the first quarter of 2008. Microsoft made a preview build of the Vista SP1 RC available to 15,000 pre-selected testers on November 14.

It’s not clear if Microsoft is planning to make next week’s RC of Vista SP1 available to Microsoft Developer Network (MSDN) testers. Microsoft posted to the MSDN site on November 2 a note saying the company had made available for download a preview of the Vista SP1 code. But the note was posted in error.

Source: blogs.zdnet.com

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on November 13th, 2007. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such asWindows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.

Important:   Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

This DVD5 image contains the following updates:
KB943460 / (MS07-061)

• Windows 2000 - 24 languages
• Windows Server 2003 - 18 languages
• Windows Server 2003 for Itanium-based Systems - 4 languages
• Windows Server 2003 x64 Edition - 11 languages

I’ve a client that runs special program on about 100 servers. This program writes a log on central server every 3 minutes. So, when I checked main server, I found a directory Logs (C:\Logs). Log’s directory contains many log files (each log for each server).  On this server installed and runs a web server, Apache ;). So, I’d like to show a small AppsRuns.php file, which stored on web server. If we go to the http://server1/AppsRuns.php we will see a content of each log file on one web page. This web page refreshing every 10 sec. Here is a content of AppsRuns.php file: 

<?php
    $refresh_time = 10; // seconds
    $path = "C:\LOGS";

    header("Content-Type: text/plain");
    header("Refresh: $refresh_time");
    

    if($handle = opendir($path)) {
    while (false !== ($file = readdir($handle))) {
        $pi = pathinfo($path . '/' . $file);
        if($pi['extension'] === 'txt') {
        include($path . '/' . $file);
        }
    }
    }
?> 

How many Global Catalog Servers to have on your network? Where to place those servers? About this things Administrator should have thing at least once :). You could cause severe performance problems or possibly a single point of failure, If there are jast few Global Catalog Servers. At the same time, having too many Global Catalog Servers can also cause performance problems. In this article, you will see some techniques for determining how many global catalog servers you need.

Why Are Global Catalog Servers So Important? (BTW, about this question you could be asked on every Interview :))

Global Catalog Servers, they are simply domain controllers that have been designated to perform the Global Catalog server role. The first domain controller in the forest is automatically assigned the Global Catalog server roll, because every forest requires at least one Global Catalog server. The Global Catalog server performs a variety of tasks, both for Windows and for Exchange. If a Global Catalog server is not available, then nobody will be able to log into the domain except for the Administrator.

Global Catalog server performs some critical functions at the Active Directory level and in relation to Exchange Server it's also very critical.
In order for clients to be able to send and receive mail, both the Outlook client and the Exchange Server must be able to query a global
catalog server. Without access to a Global Catalog server, Outlook clients will not be able to open the Global Address List or resolve the e-mail addresses of message recipients within the forest.

Now let’s talk about placement. Any domain controller that’s running Windows 2000 or Windows Server 2003 can be designated to be a Global Catalog server. I saw networks, where every domain controller act as a Global Catalog server. Equally, this is a bad idea. Global Catalog servers produce quite a bit of traffic applied to the replication process.

Some Network Consultans or System Administrators says, that you should place a Global Catalog Server into any site that contains a server that’s running an application that makes use of port 3268 (Global Catalog lookup port). Exchange Server is such an application, so if you were to follow this rule, then you would want to place a Global Catalog server into any site that contains an Exchange Server.

You can find a Microsoft document that suggests placing a Global Catalog server into each site. I believe that this is the best idea. The fact that clients make use of the global catalog during the logon process. But, Microsoft also says, that a site doesn’t need a Global Catalog server if the site does not contain any servers running Global Catalog dependant applications, such as Exchange or contains fewer than 100 users.

In large organizations with lots of Exchange mailboxes, Global Catalog server could start working VERY hard. Microsoft recommends having one Global Catalog Server for every four mailbox servers.

If you have a single site, single domain network, then it is safe to designate all of your domain controllers to act as Global Catalog servers. Becouse all of the domain controllers contain full copies of the Active Directory you will not get any performance problems by having multiple Global Catalog servers will be minimal.

It is important to make sure that our system uses Global Catalog servers in an optimal manner. Global Catalog servers are so critically important to the Active Directory and to Exchange.

Recent Microsoft product releases which will be covered in detail during MMS 2008 include:

• System Center Operations Manager 2007
• System Center Configuration Manager 2007
• System Center Data Protection Manager 2007
• System Center Virtual Machine Manager 2007
• System Center Essentials 2007
• System Center Remote Operations Manager 2007
• System Center Capacity Planner 2007
• Desktop Optimization Pack for SA
• Windows Server Update Services 3.0

In addition during the event there will be early looks at some releases due to ship during the coming year, including:

• System Center Configuration Manager 2007 SP1
• System Center Configuration Manager 2007 R2
• System Center Operations Manager 2007 SP1
• System Center Mobile Device Manager

MMS 2008 is the ideal opportunity to come listen to the product teams describe these new releases, try out the new products and discuss real-world deployment experiences with leading industry experts and your peers within the IT industry.

Microsoft Forefront
Windows Server Update Services
Group Policy
WS-Management / WinRM
WMI
Microsoft Windows PowerShell

Windows Server 2008 Hyper-V is designed to provide a reliablevirtualization environment and integrated management solution that enables customers to virtualize their infrastructure and reduce costs. A great value, it will be available as a feature of Windows Server 2008 and will easily plug into your IT infrastructure, letting you take advantage of existing management tools and skill-sets with broad support from Microsoft and our partners.

With virtualization built into the operating system and with simpler, more flexible licensing policies, it's easier than ever to take advantage of all the benefits and cost savings of virtualization. Windows Server 2008 will provide the flexibility to create an agile and dynamic data center to meet your changing business needs. Four core scenarios are enabled by Hyper-V: server consolidation, business continuity, test and development, and dynamic data center. Combined with Microsoft System Center, this provides a complete and integrated server management solution that works with virtual machines and physical servers and helps extend the capabilities of Windows Server 2008 Hyper-V.

Key Hyper-V capabilities include:

1. New and improved architecture: New 64-bit microkernelized hypervisor architecture enables Windows Server virtualization to provide a broad array of device support and improved performance and security.

2. Broad operating system support: Broad support for simultaneously running different types of operating systems including 32-bit and 64-bit systems across different server environments, such as Windows, Linux, and others.

3. SMP support: Support up to four symmetric multiprocessing (SMP) processors in a virtual machine environment to take full advantage of multithreaded applications in a virtual machine.

4. Memory support: Support for large memory allocation per virtual machine enables you to virtualize most workloads, making Windows Server virtualization an ideal environment for enterprises and small to medium-size businesses.

5. New hardware sharing architecture: With the new virtual service provider/virtual service client (VSP/VSC) architecture, Windows Server 2008 Hyper-V provides improved access and utilization of core resources such as disk, networking, video, etc.

6. Quick migration: Rapidly migrate a running virtual machine from one physical host system to another with minimal downtime, capitalizing on familiar, high-availability capabilities of management tools in Windows Server and System Center.

7. Scalable: With support for multiple processors and cores at the host level and improved memory access within virtual machines, you can vertically scale your virtualization environment to support a large number of virtual machines within a particular host and continue to take advantage of quick migration for scalability across multiple hosts.

8. Extensible: Windows Server 2008 Hyper-V standards-based Windows Management Instrumentation (WMI) interfaces and application programming interfaces (APIs) enable independent software vendors (ISVs) and developers to quickly build custom tools, utilities, and enhancements for the virtualization environment.

A customer technology preview version of the Hyper-V feature is now available as a part of Windows Server 2008 Release Candidate (RC0) version. Evaluate this new platform and experience how it is easy to adopt, learn, and use, provides for easy migration from Virtual Server 2005 environments, and works with your existing IT infrastructure and management tools.

For more information on the Windows Server 2008 Hyper-V feature, please visit:http://www.microsoft.com /windowsserver2008/virtualizati on/default.mspx

I have made a small change in my "Free Deployment System", the set of script allows to deploy, install or run applications on any remote computer.
Equally, I just added a few new lines. In to Config.bat added a new line:

set DSRV= 192.168.211.1

%Tools%\psexec.exe \\%RCOMP% -u %USR% -p %PASS% -i cmd /c md C:\Updates

@echo set DSRV=%DSRV%> \\%RCOMP%\C$\updates\config.bat

@echo off
call c:\updates\config.bat
\\%DSRV%\packages\7ZIP\7z442.exe /S

For me and my clients I create many scripts to simplify daily Administration tasks. Many of this script should be running from a command line ( cmd. exe). It’s very easy to run any script and to get a result of it to the log file. But, if you would like to run script and watch the result on the screen and in same time you need a hard copied log, you can use a MTEE command line utility. Mtee is a commandline utility that sends any data it receives to the console and to any number of files. Useful if you want to watch and record the output from a batch file or program.

Mtee is an 11kb standalone executable. There is no installation procedure, just run it.
Mtee is simple to use and only has several options. To list them, type mtee/?

You can download Mtee from offisial web site by following to the http://www.commandline.co.uk/mtee/index.html