Monthly Archives: November 2006

You are browsing the site archives by month.

The Easy Button


These step-by-step guides provide instructions for deploying or migrating to Windows Vista. These guides also describe how to configure security, monitor performance, and manage printers.


Today someone said to me something along the lines of “you know, Vista will have security flaws, but it’s more robust than prior operating systems”.  And I had to laugh because the person who said it to me was not a Linux or Mac user, but instead a very down to earth Security guy.  Given his honest opinion.. liking the progress he’d seen in Microsoft, but knowing that we’ll still have issues.  And he’s right.  It will.  And so will Linux. And so will Mac’s.  But before the religious arguments start in… let’s step back a bit.


Unlike the Staples store, there is no “Easy” button when it comes to technology.  Oh sure we can make it “easier” but the key to security is to make it reasonable so that your end users don’t end up trying to do end runs around the security you’ve set up.  There’s a balance out there.  Take the time to educate folks…. so that things like UAC are known.  The funny thing is most of the time when I’ve explained the security measures that we’ve put in place, people understand and accept it.  But if we don’t take the time to train folks… the security fails.


And most of the time, my best security measure is an educated end user.



But if you think Vista is the ‘easy button’ you’ve been looking for.. or Linux is.. or Mac is?  You have a rude awakening my friend.  As there are bugs and flaws in each.. and right now it just depends on where the ‘marketplace’ of bugs are is all.  Don’t get lulled into thinking the ‘easy button’ is right around the corner… it’s not.  Granted Vista does include the new reboot manager that if your application plugs into it, the system will reboot, and the app will be placed right back where it was.  Granted Vista does have more kernel protection…but remember a lot of that “blue pill” stuff is up in the 64bit platform.


Honestly, the best thing I like about Vista is the audit logs and the event viewer (yeah I know I’m a sick puppy), but no operating system will ever solve the world’s problems on security.  We will still get scam attacks, we will still have the risks of misconfiguations, of users that don’t know any better because WE haven’t taken the time to educate.


But if you are looking for an “Easy” button to take away your risks and threats… guess again.  There are some very talented bad guys out there.


We just need to ensure we stay one step ahead of them is all…..

Saving the password


So the comment was that the bad thing about the RDP version 6 is that you couldn’t save the credentials like you did before… but it’s been my experience you can?  All I do is click the checkbox that says “Remember my password” and it does.  So if you want to save it like before… just say “Remember my password”.


Now you may have to do Domain\User on occasion….but it can still be saved, nonetheless.


Yeah yeah and I’m using the true Administrator account but this is RDP ‘inside’ the firm and not externally…

Yes Mac’s will get a RDP update too

http://www.macworld.com/news/2006/08/07/msuniversal/index.php


Microsoft is also developing a new version of its Remote Desktop Connection (RDC) client software, which enables Mac users to access Windows PCs on their network. “The next version of RDC will be released as a fully supported free product and details on this release will be shared closer to launch,” stated Microsoft.


The answer is “YES” Microsoft is planning an upgrade/update to the Mac RDP client….not sure of the eta though but there is one coming…

Firewall communities

I was listening to a Community 2.0 webcast today on how companies are looking to embrace/expand communities and one thing that I don’t think I’ve identified is the communities of things that a lot of SBSers install… and that’s firewalls.  One of them is obviously ISAserver and the community can be found at http://www.isaserver.org but we need to be honest and say that there are other firewalls that people install… One is of course Linksys… but one major one in the more ‘business’ category is Sonicwall.


They have a moderated community at http://www.sonicwall.com/support/ and a third party community here http://www.sonicusers.com/forum/default.asp


Today in the Deloitte and Touche sponsored webcast on community they talked about that sometimes you do both… you start a corporate sponsored community and sometimes you go where the organic community has grown up.


So there you go… find a community!

Putting Companyweb back when you didn’t read the whitepaper

So if you didn’t read the real white paper to do the side by side WSS 3.0 install… ya might want to read this one:


edwalt’s – Things I Wish I’d known about Small Business Server…… : Removing WSS 3.0 Companyweb Upgrade – Restoring WSS 2.0 on SBS 2003:
http://blogs.technet.com/edwalt/archive/2006/11/29/removing-wss-3-0-companyweb-upgrade-restoring-wss-2-0-on-sbs-2003.aspx

A new RDP client on the download and WSUS sites

http://www.microsoft.com/downloads/details.aspx?familyid=26f11f0c-0d18-4306-abcf-d4f18c8f5df9&displaylang=en

Remote Desktop Connection (Terminal Services Client 6.0) provides a way to
use any new Terminal Services features introduced in Microsoft Windows Vista
and Microsoft Windows Server Code Name “Longhorn” from a computer running
Microsoft Windows XP with Service Pack 2 or Microsoft Windows Server 2003
with Service Pack 1.


So what is this and why is this cool? 


A couple of reasons…but it is the client you will need to better connect to Vista machines and Longhorn….but mainly this is cool because of this:


Monitor spanning


loadTOCNode(2, ‘moreinformation’); Remote Desktop Connection supports high-resolution displays that can be spanned across multiple monitors. However, the total resolution on all monitors must be under 4,096 x 2,048. The monitors must have the same resolution. Additionally, the monitors must be aligned side-by-side.

To have the desktop of the remote computer span multiple monitors, type Mstsc /span at a command prompt.


Visual improvements


loadTOCNode(2, ‘moreinformation’); Remote Desktop Connection now supports 32-bit color and font smoothing.

To enable 32-bit color, follow these steps:

1. Start Remote Desktop Connection.
2. Click Options, click the Display tab, and then click Highest Quality (32 bit) in the Colors list.
To enable font smoothing, follow these steps:
1. Start Remote Desktop Connection.
2. Click Options, click the Experience tab, and then click to select the Font smoothing check box

Houston … we have no backup….


11/29/2006 6:21 PM
——————————-
Date: 11/29/2006
Time: 6:21 PM
User: Administrator
——————————-


Backup Runner started.
Launching NTBackup: ntbackup.exe backup “@C:\Program Files\Microsoft Windows Small Business Server\Backup\Small Business Backup Script.bks” /d “SBS Backup created on 11/29/2006 at 6:21 PM” /v:yes /r:no /rs:no /hc:off /m normal /j “Small Business Server Backup Job” /l:s /f “G:\Backup Files\Small Business Server Backup (02).bkf” /UM
NTBACKUP LOG FILE: C:\Documents and Settings\SBS Backup User\Local Settings\Application Data\Microsoft\Windows NT\NTBackup\data\backup07.log
=====================<BEGIN NTBACKUP LOG FILE>=====================
Backup Status
Operation: Backup
Active backup destination: File
Media name: “Small Business Server Backup (02).bkf created 11/29/2006 at 6:21 PM”


Volume shadow copy creation: Attempt 1.
Timeout before function completed


Error returned while creating the volume shadow copy:0xffffffff.


Error returned while creating the volume shadow copy:ffffffff
Aborting Backup.


———————-


The operation did not successfully complete.


———————-


=======================<END NTBACKUP LOG FILE>=====================
NTBackup finished the backup with errors.


For more information about failed backups, see the article on troubleshooting your backup at the following Web page: http://go.microsoft.com/fwlink/?LinkId=18414


Backup ended at Wednesday, November 29, 2006 6:26 PM
Backup Runner finished.


So off we go to check the VSS writers…. 


Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.


C:\Documents and Settings\Administrator>vssadmin list writers
vssadmin 1.1 – Volume Shadow Copy Service administrative command-line tool
(C) Copyright 2001 Microsoft Corp.



C:\Documents and Settings\Administrator>


Okay… hmmm…That’s supposed to be a bit more filled up than that…so off we go to Stephanie’s blog to reregister the dll’s
http://blogs.technet.com/sdoakes/archive/2006/02/03/418722.aspx 


And now after registering all that.. we have:


Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.


C:\Documents and Settings\Administrator>vssadmin list writers
vssadmin 1.1 – Volume Shadow Copy Service administrative command-line tool
(C) Copyright 2001 Microsoft Corp.


Writer name: ‘System Writer’
   Writer Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Instance Id: {852d07a9-bbae-40b8-8214-10b78a8fedf9}
   State: [1] Stable
   Last error: No error


Writer name: ‘MSDEWriter’
   Writer Id: {f8544ac1-0611-4fa5-b04b-f7ee00b03277}
   Writer Instance Id: {069cc33d-ea51-4b1a-8185-697fc5743edb}
   State: [1] Stable
   Last error: No error


Writer name: ‘Dhcp Jet Writer’
   Writer Id: {be9ac81e-3619-421f-920f-4c6fea9e93ad}
   Writer Instance Id: {e8633ced-b964-4533-b3ed-ae4f99aa0ff2}
   State: [1] Stable
   Last error: No error


Writer name: ‘TermServLicensing’
   Writer Id: {5382579c-98df-47a7-ac6c-98a6d7106e09}
   Writer Instance Id: {04b74023-de0c-424f-ab44-fe0a0eb4f2c1}
   State: [1] Stable
   Last error: No error


Writer name: ‘FRS Writer’
   Writer Id: {d76f5a28-3092-4589-ba48-2958fb88ce29}
   Writer Instance Id: {f3fcefb4-ee91-4107-8646-d7f62652ce4c}
   State: [1] Stable
   Last error: No error


Writer name: ‘Registry Writer’
   Writer Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Instance Id: {f98048ac-04ff-4c05-a597-1250e4fde12e}
   State: [1] Stable
   Last error: No error


Writer name: ‘COM+ REGDB Writer’
   Writer Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Instance Id: {6a5f42ee-eea8-4de8-a03f-8c2126a5ab13}
   State: [1] Stable
   Last error: No error


Writer name: ‘WINS Jet Writer’
   Writer Id: {f08c1483-8407-4a26-8c26-6c267a629741}
   Writer Instance Id: {d36d82d5-0a2c-4207-9831-a5b483f7790d}
   State: [1] Stable
   Last error: No error


Writer name: ‘Event Log Writer’
   Writer Id: {eee8c692-67ed-4250-8d86-390603070d00}
   Writer Instance Id: {39d64be1-14f7-4ed9-8af1-38a9ca4a1281}
   State: [1] Stable
   Last error: No error


Writer name: ‘NTDS’
   Writer Id: {b2014c9e-8711-4c5c-a5a9-3cf384484757}
   Writer Instance Id: {59afdde9-5e4e-44c2-a205-4b58e437e9fa}
   State: [1] Stable
   Last error: No error


Writer name: ‘WMI Writer’
   Writer Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Instance Id: {3f164a79-8196-4381-827f-4c0d2042a0ff}
   State: [1] Stable
   Last error: No error


Writer name: ‘BITS Writer’
   Writer Id: {4969d978-be47-48b0-b100-f328f07ac1e0}
   Writer Instance Id: {ddfe61e1-7484-4a3d-b5de-ceb432f20f6a}
   State: [1] Stable
   Last error: No error


Writer name: ‘IIS Metabase Writer’
   Writer Id: {59b1f0cf-90ef-465f-9609-6ca8b2938366}
   Writer Instance Id: {fbb8ea58-4325-4f29-9eb8-bce127b2cb8c}
   State: [1] Stable
   Last error: No error



C:\Documents and Settings\Administrator>


…and we now have a functioning backup…. I know what did it… I installed an updated version of Policy Patrol last night and it mooshed my VSS writers…

Upgrading to R2

So you have a SBS 2003 sp1 box and you just got your Action pack…. how do you update it?  Do you


a.  Merely stick in the dvd and it will automagically update or


b.  Drill down to the R2 parts and run the individual cdroms?


The answer is b.


These disks make up the base:


 Windows Small Business Server 2003 R2 Premium Edition CD1

 Windows Small Business Server 2003 R2 Premium Edition CD2

 Windows Small Business Server 2003 R2 Premium Edition CD3

 Windows Small Business Server 2003 R2 Premium Edition CD4

 Windows Small Business Server 2003 R2 Premium Edition – Office Outlook 2003


So if you already have SBS 2003 sp1… you already have that.

 Windows Small Business Server 2003 R2 Premium Edition – Premium Technologies Disc 1

 Windows Small Business Server 2003 R2 Premium Edition – Premium Technologies Disc 2


These two disks are ISA 2004 sp1 and SQL 2005 workgroup.  If you have already applied ISA 2004 sp1 … or you decide to not install it, you can just skip over the ISA install.  If you already have SQL 2000 installed, you need to follow the upgrading steps at http://www.sbslinks.com/sql2005.htm .  If you don’t want to install SQL 2005, and instead just leave everything at MSDE, then you can skip these disks.  Remember that you can’t upgrade SBSmonitoring to SQL (2000 or 2005) and while WSUS ‘can’ be upgraded to SQL 2005… it runs just fine on MSDE.

 Windows Small Business Server 2003 R2 Premium Edition – R2 Technologies CD


This disk is Exchange 2003 sp2, Sharepoint sp2 and the SBSized WSUS.  If you’ve been a happy patcher, you will already have Exchange 2003 sp2 and Sharepoint sp2.  If you’ve already installed WSUS, you can install the R2 version over the top and it will/it may change any customizations you’ve done.  If you have never installed WSUS before.. now’s your chance to install it.  Once it’s done installing…while you can use the ‘normal’ WSUS interface.. it’s way way easier to just use the SBS ‘update services’ console in the home page.  And remember.. while this can be installed remotely.. you MUST use the built in admin account to install it.


P.S. If you don’t install the WSUS… you also won’t get the new Update services part…

SBSdiva.com

…well the redirect from SBSdiva.com to http://www.msmvps.com/bradley is still messed up and Network Solutions has the account tied to someone else and I need to fax over an change authorization to get it from their control to mine to ensure that the redirects are in place…


.. and here I thought the account was on auto renew and it STILL got screwed up….


<sigh>

The Action pack arrived

So my action pack for October (the replacement) finally arrived today and one of the things I wanted to check out for myself was the Action pack DVD.. as some folks had indicated problems with installing it… and I took my base install of SBS 2003 sp1 that I have in my virtual setup and installed the SQL 2005 from the R2 premium that I browsed to on the cdrom and… it installed just fine.  Now at the office where I had copied the contents of the cdrom up to the server and it sort of barfed a bit at the end and I had to start it over again…. but here at home on the dvd media it worked just fine.  The only funky thing about that SQL is that you have to fully expand all the nodes to install all the parts in reporting services. 


It just goes to show you that sometimes when one person reports and issue…that doesn’t mean you will see it too.  In fact there’s a guy in the Partner newsgroup having issues installing the WSUS/R2 and quite honestly… I’ve never ever had an issue with not being able to the install the R2 parts.. as long as you remember to install using the built in admin account that is.  (It does my heart good when all these folks are saying “it’s not installing” and then you see the log file and you can tell they are remoting/patching not using the “500” account.  Nice to know that more of you guys are getting away from using the true admin account.


It also goes to show “me” that I shouldn’t use a couple of folks reporting on one issue and connect the dots with an issue that “I” personally caused to myself.  The cause of one may not be the effect of the other… and it was my bad for making a connection that wasn’t there.


But remember ..when you build a box.. that dvd will boot..and when you are done, you will have built a SBS 2003 sp1 box and then you need to add the premium parts (SQL and ISA) and the R2 specific CDrom (Exchange sp2, Sharepoint sp2, and SBSized WSUS).  Remember that the WSUS is pre-done for you so there’s no need to customize or set up anything in WSUS.


In the action pack this time….


Microsoft Windows Small Business Server 2003 R2 Premium Edition consists of eight discs:

Discs 1-5 comprise Windows Small Business Server 2003 Standard Edition with Service Pack 1.

Installing the R2 Technologies CD and the additional Premium Technologies CDs will result in a complete install of Windows Small Business Server 2003 R2 Premium Edition.


Disc Contents

 Windows Small Business Server 2003 R2 Premium Edition CD1

 Windows Small Business Server 2003 R2 Premium Edition CD2

 Windows Small Business Server 2003 R2 Premium Edition CD3

 Windows Small Business Server 2003 R2 Premium Edition CD4

 Windows Small Business Server 2003 R2 Premium Edition – Office Outlook 2003

 Windows Small Business Server 2003 R2 Premium Edition – Premium Technologies Disc 1

 Windows Small Business Server 2003 R2 Premium Edition – Premium Technologies Disc 2

 Windows Small Business Server 2003 R2 Premium Edition – R2 Technologies CD