Configuring the Quest Free/Busy Connector for Lotus Notes and Exchange – Part 3

In Part 1 we took at look at the architecture of the Quest Free/Busy (F/B) Connector in Coexistence Manager for Notes (CMN) as well as how Exchange interfaces with it. We also configured the F/B Connector web services and the Domino Free Busy Connector Service. In Part 2, we configured the Exchange Free Busy Connector Service, the Domino QCALCON task, and the Exchange organization. In this post, we’ll complete the configuration by configuring Lotus Notes as well as building a test user in Exchange and Lotus Notes to validate the configuration. At the end of this post you should have working Free/Busy coexistence between Exchange and Notes.

As a reminder, here’s a copy of our sample environment that will be referenced:

image_thumb[12]

Configuring the Lotus Notes Domain

All of the configuration tasks in this section will be performed in the Domino Administrator tool.

  1. Browse to Configuration > Messaging > Domains.
  2. Select Add Domain on the toolbar.
  3. Populate the Basics tab with the following data:
    • Domain type: Foreign Domain
    • Foreign domain name: Exchange

image

  1. Populate the Mail Information tab with the following data:
    • Gateway server name: LN-ADM01/CONTOSO.
    • Gateway mail file name: mail.box.

image

  1. Populate the Calendar Information tab with the following data:
    • Calendar system name: LN-ADM01/CONTOSO.
    • Calendar system: mail.box.

image

  1. Click Save & Close.

At this point, Domino should begin routing Exchange calendar requests to the QCALCON task and over to Exchange. To test this, we’ll need to configure a couple test users.

Testing the Configuration

We’ll create two test users for this exercise. User George Washington will have mail on Lotus Notes, while user Abraham Lincoln will have mail on Exchange. First, let’s configure Exchange.

  1. Create a Contact in Exchange for George Washington. Specify an External Email Address (targetAddress) of gwashington@lotus.contoso.com.
  2. Create a Mailbox in Exchange for Abraham Lincoln. Ensure the primary email address for Abraham Lincoln is alincoln@contoso.com.

In step 1, we’ve created an object which will be used for routing mail as well as for ensuring that the availability service redirects free/busy information to the Quest components. Next, let’s add these users to Lotus Notes.

  1. Switch to the People & Groups tab in Domino Administrator.
  2. Browse to Domino Directories > CONTOSO’s Directory > People.
  3. Click Add Person.
  4. Populate the Basics tab as shown below:

image

  1. Populate the Miscellaneous tab as shown:

image

  1. Click Save & Close.

Next, we need to register George Washington with Notes.

  1. In People & Groups, expand People on the right under Tools, and click Register….
  2. Populate the Basics tab as shown. Be sure to select LN-SRV01 by clicking Registration Server….

image

  1. Check Advanced in the lower left
  2. Switch to the Address tab.
  3. Populate the Address tab as shown:

image

  1. Click Register.
  2. Press F9 to refresh the People view.

What we’ve done is created a Person document for Abraham Lincoln which forward to Exchange and specifies the Foreign Domain created earlier for calendaring. We’ve also created a full fledged mailbox enabled user for George Washington in Lotus Notes.

Testing

Populate Abraham Lincoln’s calendar with a few appointments in Exchange. In Lotus Notes, populate George Washington’s calendar with a few appointments as well.

  1. Open George Washington’s person document from the People view in the NAB.
  2. Click Open Mail File… on the toolbar.
  3. Click Mail and then Switch to Calendar in the upper left of George Washington’s mail file to open the calendar.
  4. Create a few appointments.

In Exchange, invite George Washington to a meeting using Outlook. Verify the free/busy information is displayed (e.g. no hash marks). In Lotus Notes, invite Abraham Lincoln to a meeting. verify that the Find Available Times tab shows free/busy information. Be advised that in both cases it may take a few moments for data to become available.

Troubleshooting

There are a number of places you can look to for troubleshooting information depending on where you think the problem lies. All of the Quest components log useful information to a file:

  • QCALCON (Domino to Exchange lookups) – c:\lotus\domino\qcalcon.exe.log.
  • Exchange Free/Busy Connector Service (Domino to Exchange lookups) – C:\Program Files (x86)\Quest Software\Quest Coexistence Manager for Notes\Free Busy Connector\ExchangeFreeBusyService.exe.log.
  • Domino Free/Busy Connector Service (Exchange to Domino lookups) – C:\Program Files (x86)\Quest Software\Quest Coexistence Manager for Notes\Free Busy Connector\DominoFreeBusyService.exe.log.

The Outlook availability service logging is also quite useful. You can enable that by going to Options>Advanced>Other>Enable Troubleshooting Logging. Restart Outlook and create a new meeting request. You’ll find logging information in %temp%\olkas which will include the exact errors and XML returned by the Quest components.

Configuring the Quest Free/Busy Connector for Lotus Notes and Exchange – Part 2

In Part 1 we took at look at the architecture of the Quest Free/Busy (F/B) Connector in Coexistence Manager for Notes (CMN) as well as how Exchange interfaces with it. We also configured the F/B Connector web services and the Domino Free Busy Connector Service. In this post, we’ll configure the Exchange Free Busy Connector Service, the Domino QCALCON task, and the Exchange organization. As a reminder, here’s a copy of our sample environment that will be referenced:

image_thumb[12]

Configuring the Exchange Free Busy Connector

  1. Create a standard mailbox enabled user (e.g. svc_xch_cmn_fb) in Exchange. This will be used by CMN to query Exchange F/B information.
  2. Launch PowerGUI on Q-EXFBC01.
  3. Browse to PowerGUI\CMN Free/Busy Connector Management\Configure Domino Server and Exchange Components.
  4. Launch the Configuration Wizard from the task pane.
    • Preferred Exchange server: mail.contoso.com.
Note: This is generally the URL which end users would access your CAS servers with internally such as for OWA. While the PowerGUI UI suggests you should enter a specific CAS server, it is better to enter a load balanced URL or at least the friendly URL listed on your SSL certificate. In this example we will use mail.contoso.com but you should substitute the value most appropriate for your environment.
    • Domain\Username: CONTOSO\svc_xch_cmn_fb.
    • Password: (service account password).

image

  1. Complete the wizard.
  2. Start the Quest CMN Exchange Free/Busy Connector Service service.

Configuring the Exchange Organization

Configuring your Exchange organization is perhaps the easiest part of this project. You’ll simply need to configure an Availability Address Space for lotus.contoso.com. If you’re not familiar with this, take a moment to review this post.

  1. Launch the Exchange Management Shell (EMS).
  2. Run the following PowerShell command:
Add-AvailabilityAddressSpace -ForestName "lotus.contoso.com" -AccessMethod OrgWideFB -UseServiceAccount:$true


Configuring the QCALCON Task



The final server component you’ll need to configure is the QCALCON task. Tasks are background processes of sort in Domino at least to the extent I understand them. You can configure them to either run at startup or at a specific time. For this step, install PowerGUI and the CMN Domino Server Components on LN-ADM01. The task and its configuration files are installed directly in the Domino server folder (e.g. c:\lotus\domino).



Configuring the QCALCON task is quite straight-forward.



  1. Launch PowerGUI.
  2. Browse to PowerGUI\CMN Free/Busy Connector Management\Configure Domino Server and Exchange Components\Advanced\Domino Server Task (QCALCON)
  3. If prompted to browse for the Config File, you’ll find it under your Domino installation folder (e.g. c:\lotus\domino\qcalcon.exe.config).
  4. Select Set Foreign Domain Name in the task pane. Enter mail.box when prompted.
  5. Select Set Exchange Free/Busy Connector host name in the task pane. Enter Q-EXFBC01.
  6. Open your notes.ini file (likely in c:\lotus\domino\notes.ini), and verify that the ServerTask= line includes qcalcon. If it doesn’t, add it to the end of the list.


Note: You may need to provide a fully qualified hostname in step 4.



Once you’ve configured QCALCON, you can start the task.



  1. Launch the Lotus Domino Console (or connect remotely via Domino Administrator)
  2. Run “load qcalcon”. You should see output like this if it’s succesful:


06/26/2011 03:08:55.25 PM [08F4:0005-060C] SchMsgQHandles_New> Opening queues for LWPSCHEDGATEWAY
06/26/2011 03:08:55.25 PM [08F4:0005-060C] SchMsgQHandles_New> InputQ: 121D0h, error = 0h: No error
06/26/2011 03:08:55.25 PM [08F4:0005-060C] SchMsgQHandles_New> OutputQ: 122A8h, error = 0h: No error
06/26/2011 03:08:55.25 PM [08F4:0004-00F0] SchMsgQHandles_New> Opening queues for MAIL.BOX
06/26/2011 03:08:55.25 PM [08F4:0004-00F0] SchMsgQHandles_New> InputQ: 12380h, error = 0h: No error
06/26/2011 03:08:55.25 PM [08F4:0004-00F0] SchMsgQHandles_New> OutputQ: 12450h, error = 0h: No error
06/26/2011 03:08:55 PM  QCalCon Server: Starting
06/26/2011 03:08:55 PM  QCalCon Server: Version 1.0.3.10
06/26/2011 03:08:55 PM  QCalCon Server: Creating queue for mail.box
06/26/2011 03:08:55 PM  QCalCon Server: Creating queue for LWPSCHEDGATEWAY
06/26/2011 03:08:55 PM  QCalCon Server: Started



Note: If you need to change any of the values in the QCalCon config file, you’ll need to restart the task. To do this, you can issue a “tell qcalcon quit” command in the Lotus Domino Console.


In the next post in this series, we’ll look at configuring the proper documents in the Notes configuration as well as configuring test users in Exchange.

Configuring the Quest Free/Busy Connector for Lotus Notes and Exchange – Part 1

The goal of this post is to introduce the Quest Free/Busy (F/B) connector that comes with Coexistence Manager for Notes (CMN), discuss how it works, and discuss the interface with Exchange. In this post we’ll also configure the Quest Web Services and Domino Free Busy Connector Service. Future posts in this series will discuss configuring the remaining components of the CMN F/B Connector. First, let’s take a look at the sample environment we’ll be using for this discussion:

image

There are three components of the F/B Connector which you’ll need to deploy:

  • Domino Free/Busy Service – This component is responsible for accepting F/B requests from Exchange users, retrieving, and processing the data from Domino, and returning it to Exchange. This component also includes two web services which run inside IIS:
    • Autodiscover implementation
    • Exchange Web Services (EWS) implementation
  • Exchange Free/Busy Service – This component is responsible for accepting F/B requests from Lotus Notes (via QCALCON) for Exchange users, retrieving and processing the data, and returning it to QCALCON.
  • QCALCON Task – This is a Domino server tasks from Quest which handles requests for Exchange user F/B information. These requests are sent to the Quest Exchange Free/Busy Service.

Quest recommends that you separate the first two components on to two separate servers for performance reasons. They don’t make any data readily available as to when this is necessary, so you’ll need to make a judgment call and do some testing in the lab as to whether or not this is necessary. In a large environment, it’s possible to scale some of the components out behind a load balancer as well. In addition, Quest also recommends physical hardware in lieu of Virtual Machines, although my personal opinion is that given proper resource allocation, this guidance is stuck somewhere in the era of the Notes UI design.

The way Quest integrates Notes F/B data with Exchange is clever, and to understand it, you’ll need to have a bit of background on how Outlook clients (and others) get F/B info. Prior to Exchange 2007, Exchange stored F/B information in Public Folders, and Outlook clients knew where to go in the Public Folder store to find the data. With the desire to move away from Public Folders, this information became available via Exchange Web Services (EWS), also sometimes called the Availability Service (AS). This is a SOAP based web service hosted on the CAS server and accessible via HTTPS. Outlook 2007 and newer knows how to access this endpoint as does Outlook for Mac and various other EWS clients. Exchange 2007 also introduced the ability to provide a means for cross-organization F/B info without any complex public folder replication. The way this works is you define an “availability address space” in Exchange which tells Exchange for a given subdomain, send those F/B requests over to a different AS endpoint. If you’re not familiar, take a look at this post before reading further. This functionality is what Quest leverages.

What Quest has done is re-implement the Autodiscover service as well as the Availability Service such that Exchange thinks it’s talking to another Exchange organization, when in fact it’s actually talking to the Quest Domino F/B server. In Exchange, we define an availability address space for lotus.contoso.com which will resolve (via Autodiscover) to Q-LNFBC01.

Implementation

With the background information out of the way, let’s go ahead and start setting this up. You’re going to need a number of resources:

  • One to two servers to install the Quest components. For this example, I’ll use the two pictured above.
  • A Lotus Notes server to install the QCALCON task.
  • Administrative access to Lotus Notes
  • Exchange Organization Management level access to Exchange
  • A standard Domino user ID file and password with mail file.
  • A standard Exchange mailbox enabled user and password

Install PowerGUI on Q-EXFBC01 and Q-LNFBC01, and then Free/Busy coexistence components. The installers are quite self explanatory, so I won’t walk through those. Be sure to only install “Web Server Components” and “Lotus Notes Components” on the Domino F/B server and the “Exchange Components” on the Exchange F/B server.

Note:  It’s possible to separate the Web Server components on to a separate server or set of load balanced servers if you have sufficient demand. For this walk through, I will assume they’re installed on Q-LNFBC01, though.

Configuring the Web Services and Domino Free Busy Connector Service

Once the installations are complete, we’ll use PowerGUI to configure the web services and Domino Free/Busy service.

  1. Launch PowerGUI on Q-LNFBC01.
  2. Browse to PowerGUI\CMN Free/Busy Connector Management\Configure Web Services and Lotus Notes Components in the Navigation Tree.
  3. Select Configuration Wizard from the task pane on the right.
  4. Configure an SMTP domain of lotus.contoso.com. Select autodiscover.lotus.contoso.com.

image

  1. Configure the following values for Domino:
    • Domino Server Name: LN-ADM01/CONTOSO.
    • Domino ID File Path: (browse to the ID file)
    • Domino Password: (password to the ID file)

image

  1. Complete the wizard.
  2. Start the “Quest CMN Domino Free/Busy Connector Service” service.
Note: The domain specified in Step 4 needs to match the Internet address field in your Notes person documents. Chances are your Notes environment is configured to accept mail for *@lotus.contoso.com for mail routing coexistence, but your users have Internet addresses in the form of *@contoso.com. To work around this in CMN, you need to add an SMTP Domain Mapping. To do this, you’ll need to work in PowerShell directly:
  1. Launch the Free Busy Connector Management Shell (Start>All Programs>Quest Software>Quest Coexistence Manager for Notes>Free Busy Connector).
  2. Run this command:
Set-CmnDominoFreeBusyConfig -SmtpDomainMappings "lotus.contoso.com=contoso.com"
  1. Restart the Quest CMN Domino Free/Busy Connector Service


Next, you’ll need to obtain an SSL certificate for the web services. While it’s possible to use a self signed certificate, your troubleshooting overhead will be substantially minimized if you obtain a proper trusted certificate. To obtain a certificate, you’ll need to generate a Certificate Signing Request (CSR).



  1. Launch Internet Information Services (IIS) Manager (start>run>inetmgr).
  2. Select Q-LNFBC01 in the COnnections tree.
  3. Double click Server Certificates in the center pane.
  4. Select Create Certificate Request in the task pane on the right.
  5. Enter a Common name of autodiscover.lotus.contoso.com and populate the request of the screen as appropriate.
  6. Upload the resultant CSR to your Certificate Authority (I recommend DigiCert if you don’t have a preference).


Once you receive the certificate back from your CA, return to the Server Certificates view in IIS Manager.



  1. Select Complete Certificate Request in the task pane on the right.
  2. Browse to the file you received from your CA and complete the wizard.
  3. Browse to Q-LNFBC01\Sites\Default Web Site in the Connections pane.
  4. Select Bindings in the task pane at right.
  5. Click Add.
  6. Select type https.
  7. Find your SSL certificate in the SSL certificate drop-down.


In the

Cross-Forest Availability with Exchange 2007 and Exchange 2010

Prior to Exchange 2007, Exchange stored F/B information in Public Folders, and Outlook clients knew where to go in the Public Folder store to find the data. With the desire to move away from Public Folders, this information became available via Exchange Web Services (EWS), also sometimes called the Availability Service (AS). This is a SOAP based web service hosted on the CAS server and accessible via HTTPS. Outlook 2007 and newer knows how to access this endpoint as does Outlook for Mac and various other EWS clients. Exchange 2007 also introduced the ability to provide a means for cross-organization F/B info without any complex public folder replication. The way this works is you define an “availability address space” in Exchange which tells Exchange for a given subdomain, send those F/B requests over to a different AS endpoint. This is a very common scenario particularly with mergers and acquisitions. Let’s consider one such scenario and see how to set this up (as well as how it works).

In an effort to become Santa’s sole source cargo supplier, your employer, Wing Tip Toys (wingtiptoys.com), acquires the Fabrikam Coal Company (fabrikam.com). You manage the Exchange 2010 organization for Wing Tip Toys, and Fabrikam Coal runs Exchange 2007. Later in the merger process, you’ll consolidate Fabrikam into your organization, but, as soon as the merger closes, you’ll need to make it possible for Wing Tip Toys users to view F/B information for Fabrikam users. To do this, you need to configure an Availability Address Space in your Exchange organization for fabrikam.com. You can do this using these PowerShell commands:

# These credentials are a standard mailbox enabled user in the Fabrikam organization
$credentials = Get-Credential

Add-AvailabilityAddressSpace -ForestName "fabrikam.com" -AccessMethod OrgWideFB -Credentials $credentials


This tells Exchange to route F/B requests for *@fabrikam.com to a CAS in the fabrikam.com organization. In order to find Fabrikam’s CAS servers, your CAS servers will use Autodiscover. One important thing to note is that your CAS will ONLY use this route we’ve defined if the Fabrikam user we’re trying to retrieve F/B info for has a Contact or Mail Enabled User (MEU) in the Wing Tip Toys Active Directory environment. That contact or MEU must have a targetAddress which ends with @fabrikam.com.



Note: targetAddress is the name of the attribute in Active Directory. The *-MailContact and *-MailUser cmdlets as well as the Exchange Management Console refer to this attribute as the ExternalEmailAddress.


Here’s a quick (simplified) diagram of what happens:



image_thumb[10]



  1. WTT user looks up F/B info for john@fabrikam.com.
  2. WTT CAS searches Active Directory for a contact or MEU with a targetAddress of john@fabrikam.com.
  3. Active Directory returns a match.
  4. WTT CAS performs an Autodiscover search for Fabrikam.com (this includes all of the usual Autodiscover mechanisms).
  5. Fabrikam returns Autodiscover results.
  6. WTT contacts Fabrikam’s availability service (authenticating with the credentials provided earlier) and asks for information pertaining to john@fabrikam.com.
  7. Fabrikam’s AS returns information to WTT’s CAS.
  8. The WTT CAS returns the information to the user.


Warning: This behavior is different for Outlook 2003 clients. Outlook 2003 clients have no knowledge of the Availability Service and as such they only obtain F/B info from Public Folders. Exchange 2010 SP1 introduced a change in behavior whereby F/B requests to Public Folders for users which are in a different forest are intercepted. The mailbox server intercepts these Public Folder requests and performs steps 4 – 7, contacting the remote CAS directly. If you’ve made firewall rules on the basis that only CAS servers perform cross-forest availability lookups, you’ll need to adjust those rules accordingly.


When testing cross-forest F/B lookups, you may need some extra logging to sort things out. The best place to collect this data without engaging PSS is actually in the Outlook client. You can enable this logging by opening Outlook’s Options (either via the Tools menu in Outlook 2007 or backstage in Outlook 2010), and then going to Advanced. Check the “Enable troubleshooting logging” box and restart Outlook. When you make future Free/Busy requests, you’ll find those logged under %temp%\olkas.

Getting Started with a Lotus Notes to Exchange Mail Migration

I’m a reformed Lotus Notes user and from time to time, as a consultant, I work on projects that lead up to the liberation (err migration) of Lotus Notes users. As luck has it, I’ve invested quite a few cycles the past few weeks teeing one of these projects off. There’s quite a bit involved in planning one of these projects, and that’s not my goal for this discussion. What I thought would be useful, though is to give a quick overview of the coexistence and migration components as well as a couple links I’ve come across that are pretty useful. I’ll put some info on configuring the various coexistence pieces in a separate post later.

My assumption if you’re reading this is that you’re familiar with Exchange but not with Lotus Notes. It’s very helpful to have skilled and knowledgeable Lotus administrators at your disposal, but, sometimes this doesn’t work out in your favor. With that in mind, I’ll do what I can to help you navigate the components of Lotus Notes that are going to be relevant. The first thing you’re going to need is a copy of the Domino Administrator and Lotus Notes client on your machine. This often comes as a single package – just be sure to select “single user mode” during the install if you’re prompted. First, though, the Domino Administrator end user experience, in case you aren’t yet familiar:

image

At some point you’re going to need to do something that’s only available in the Domino server’s command line interface. If you’re running Domino on Windows, you can Remote Desktop to the server and launch the Lotus Domino Console. If you’re running Domino on something else, or you don’t have Remote Desktop access, the console pictured below is also available inside the Domino Administrator program. To get to the console via Domino Administrator, switch to the Server tab and then the Status tab inside there, and finally, select Server Console. Pictured below is the Lotus Domino Console application available on Windows:

image

The Help file in the Domino Administrator console is really pretty useful. Unfortunately it’s a bit of a clique thing, because IBM seems to primarily make the help file available in the form of a Notes database. Some places seem to have it indexed on the Internet, but, Google isn’t real good at finding this it seems. If you simply go to Help>Help Topics on the menu bar of Domino Administrator, the database will open up.

The Global Address List (GAL) equivalent in Notes is the Notes Address Book, usually called the “NAB”. It’s possible to have more than one of these, but, for simplicity we’ll assume you’ve only got one. The NAB is usually stored inside a database called names.nsf. Inside the NAB are person documents for all your users. The person document is the rough equivalent of the Active Directory user object. Users with a proper mailbox in Notes will have the “mail file” field populated in their person document. Mail files are what Notes calls mailboxes. Everyone gets a separate file on the file system. You’ll be spending a good amount of time in the NAB, so hop over to the People & Groups tab in the Domino Administrator program and take a look. You can double click in any field to edit it.

If you’d like to create a new user and mailbox for them, switch over to the Configuration tab and then drill down to Registration> Person on the right. Fill in the form and check Advanced in the bottom left. On the Mail tab, pick where you want to create their mail file using the Mail Server button. On the ID Info tab, check the In File” button and browse to a folder to store the Notes ID you’ll need to access this user’s mail file. Finally, click Register to make things happen. If you go back to the NAB, you should see your new user.

That’s the quick tour. As painful as the tool looks, it’s moderately intuitive once you start poking around. If nothing else, the contextual help in the document editors can be amusing:

image

The actual migration of data and the coexistence period are two problems you’ll need to tackle. There are a couple companies that make tools in this space – Quest and BinaryTree. I’m familiar with the Quest offerings in this space and I’ve used them successfully at a number of customers, so, that’s what I’ll focus on going forward. That said, BinaryTree is a reputable ISV and you should certainly do your homework. On the Quest side, there are two products which can be purchased individually:

  • Notes Migrator for Exchange (NME)
  • Coexistence Manager for Notes (CMN)

NME is the product which is primarily responsible for the actual data migration. It can do some limited directory sync task, but, it’s really geared towards migrating data. CMN on the other hand has three components:

  • Free/Busy Connector
  • Mail Connector
  • Directory Connector

The Free/Busy (F/B) connector enables Lotus Notes users to view calendar information for Exchange users and vice-versa. This component is the most complex to setup, but also quite likely the most important. The Mail Connector serves as an SMTP gateway between Notes and Exchange. The service adjusts the contents of messages so that they work and display correctly in the opposing clients. It also can handle some of the nuances of Lotus Notes email such as Doc Links and Active Mail. Finally, the Directory connector will ensure that users or contacts in Exchange and person documents in Notes are in sync and the address books for end users are functionally identical regardless of which system they’re on.

HP E5000 Videos Posted

Earlier in the year I got to spend two days at HP in Cupertino with Tony Redmond and Paul Robichaux talking to HP and Microsoft about HP’s new E5000 messaging appliance for Exchange 2010. In a nutshell, the E5000 is a complete out-of-the-box highly available Exchange 2010 solution which includes a 2 mailbox server DAG with pre-designed storage as well as redundant Client Access (CAS) and Hub Transport servers. HP wrapped the Exchange setup and configuration steps you’d often hire a consultant for with a number of easy to use wizards that will take you from a rather large ~170 pound box to a running Exchange 2010 solution in the course of a day or so.

While in Cupertino, Tony, Paul, and I spent two days inside a TV studio learning about the new appliance, evaluating it, and discussing our take on it. HP has over the course of a few months cut our discussions down to half a dozen 5 – 10 minute videos about the product. It was a really interesting experience to do this on camera even after the numerous reshoots as someone said something comical and the whole thing broke down.

In any case, if you’re interested in the new solution, check out the videos below, with descriptions I poached from Paul’s blog.

  • Introduction to HP E5000 Hardware, featuring lots of oohing and aahing over the E5000′s chassis. Although HP’s Dean Steadman is in this video, I don’t think you can see the bandage he had to put on after an unlucky encounter with a sharp edge on the E5000 prototype. Too bad; we had great fun mocking him because of it.
  • HP E5000: Complete and Optimized: a roundtable discussion of why HP designed the E5000 the way they did, and what they were attempting to accomplish with it.
  • HP E5000: Simple and Cost Efficient, in which we explore the thorny question of how you get support for something that combines an operating system and application from Microsoft with HP’s hardware.
  • HP E5000: Resilient/Highly Available, in which we explore whether you can safely use the word “appliance” to describe the E5000 (I voted that yes, we in fact could.)
  • HP E5000: Large Low Cost Mailboxes. Do you want to go back to 100MB mailboxes? Neither do Microsoft’s Jeff Mealiffe or HP’s Karl Robinson, both of whom join our roundtable discussion of ways to deliver large, cheap mailboxes to sate users’ unceasing demands.
  • HP E5000: Installation & Startup, in which HP’s Karl Robinson and Paul Robichaux walk through the out-of-the-box setup process. (Hint: we skip the boring parts, like installing Exchange.)

If you’re looking for a ready to go Exchange solution for somewhere in the neighborhood of 1,000 to 3,000 mailboxes, I’d really encourage you to check this solution out. I was certainly impressed by the appliance.

Managing Local Backups with Windows Server Backup

One of the strategies I often employ when deploying Active Directory (AD) for customers is to use the local Windows Server Backup (WSB, previously NTBackup) tool to make system state backups on the local machine. I’ll also often place backups on neighboring Domain Controllers (DCs) to provide for redundancy if there is a failure. This strategy ensures that a backup is available in the same site and it also removes the dependency on an external backup team. Many third party backup applications can backup a file share without needing to install an agent on the server as well which is a better all around situation for DC backup at many customers. Note that you’ll want to tightly secure the shares that backups are placed on given they include full copies of your AD database (ntds.dit) which has all of the password hashes in it.

The script below implements this strategy of backing up DCs to neighboring DCs and it also will implement retention and aging of backups. You’ll need to configure the age, log location, and backup table at the top. Note that the DC names in the table are case sensitive. In the example, DC01 backs up to a share on DC02 and vice versa.

'==========================================================================
' NAME: WS08 DC Backup
'
' AUTHOR: Brian Desmond, brian@briandesmond.com
' DATE  : 7/10/2009
'
' COMMENT: 
'    Version        Date        Author            Note
'    -----------------------------------------------------------------
'    1.0            10Jul09        Brian Desmond    Initial VERSION
'    1.1            05Feb11        Brian Desmond    Bug fixes, documentation
'==========================================================================

Option Explicit

Const VERSION = "1.0"

' How many days to keep the backup for
Const MAX_BACKUP_AGE = 7

' Where to store the log file
Const LOG_FILE = "C:\Scripts\Backups\DCBackupLog.txt"

Dim backupLocation
Set backupLocation = WScript.CreateObject("Scripting.Dictionary")

' List of DCs and the shares to store their backups in
backupLocation.Add "DC01", "\\DC02.green.briandesmond.net\adbackup$\dc01" 
backupLocation.Add "DC02", "\\DC01.green.briandesmond.net\adbackup$\dc02" 

'==========================================================================

Dim fso
Set fso = WScript.CreateObject("Scripting.FileSystemObject")

Dim shl
Set shl = WScript.CreateObject("Wscript.Shell")

Dim net
Set net = WScript.CreateObject("WScript.Network")

Dim logFile
Set logFile = fso.OpenTextFile(LOG_FILE, 8, True) ' 8 = ForAppending

If Not backupLocation.Exists(net.ComputerName) Then 
    WriteLogLine "Server not found in backup location table."
    WScript.Echo "Server not found in backup location table."
    
    WScript.Quit 1
End If 

Dim backupRoot
backupRoot = backupLocation(net.ComputerName)

CleanOldBackups MAX_BACKUP_AGE, backupRoot

Dim wbAdminCmd
wbAdminCmd = "wbadmin start backup -AllCritical -Quiet -BackupTarget:"

wbAdminCmd = wbAdminCmd & GetBackupPath(backupRoot)
wbAdminCmd = wbAdminCmd & """"

WScript.Echo wbAdminCmd
WriteLogLine "Launching " & wbAdminCmd

Dim execObj
Set execObj = shl.Exec(wbAdminCmd)

While execObj.Status = 0
    WScript.Sleep(1000)
Wend 

Dim wbAdminOutput
wbAdminOutput = execObj.StdOut.ReadAll

WScript.Echo wbAdminOutput
WriteLogLine wbAdminOutput

Sub CleanOldBackups(MaxAge, SearchLocation)
    WriteLogLine "Beginning CleanOldBackups; MaxAge=" & MaxAge
    
    Dim foldersToDelete()
    ReDim Preserve foldersToDelete(0)
    Dim doDeleteFolder
    doDeleteFolder = False 
    
    If fso.FolderExists(SearchLocation) Then 
        Dim folder
        For Each folder In fso.GetFolder(SearchLocation).SubFolders
            If IsDate(folder.Name) Then 
                Dim age
                age = DateDiff("d", Now(), CDate(folder.name), vbSunday, vbFirstJan1)
                
                If age > MaxAge Then 
                    foldersToDelete(UBound(foldersToDelete)) = folder.Path
                    doDeleteFolder = True 
                End If 
            Else
                WScript.Echo "Skipping " & folder.name & ", invalid name"
            End If 
        Next
    End If 
    
    If doDeleteFolder Then 
        Dim i
        For i = 0 To UBound(foldersToDelete)
            WScript.Echo "Deleting " & foldersToDelete(i)
            WriteLogLine "Deleting " & foldersToDelete(i)
            
            fso.DeleteFolder foldersToDelete(i), True    
        Next 
    End If 
    
    WriteLogLine "Ending CleanOldBackups"
End Sub 

Sub WriteLogLine(line)
    logFile.WriteLine Date & " " & Time & ": " & line 
End Sub 

Sub SafeCreateFolder(path)
    If Not fso.FolderExists(path) Then 
        fso.CreateFolder(path)
    End If 
End Sub 

Function GetBackupPath(RootPath)
    Dim cleanDate
    cleanDate = Replace(FormatDateTime(Date, vbShortDate), "/", "-")
    
    Dim cleanHour
    cleanHour = CStr(DatePart("h", Now, vbSunday, vbFirstJan1))
    
    Dim backupPath
    
    backupPath = RootPath
    SafeCreateFolder backupPath 
    
    backupPath = fso.BuildPath(backupPath, cleanDate)
    SafeCreateFolder backupPath
    
    backupPath = fso.BuildPath(backupPath, cleanHour)
    SafeCreateFolder backupPath

    GetBackupPath = backupPath
End Function 

Save 50% on Active Directory, 4th Ed E-Book and Help Japan – Tues 3/22 Only!

Starting at 12:01 AM Pacific (GMT –7), O’Reilly will be offering the eBook version of my book, Active Directory, 4th Edition at 50% off. What’s more is they’ll be donating nearly all of the revenue to the Japanese Red Cross Society. If you don’t already own a copy, this is a great opportunity to get an easily searchable (and portable) DRM free version of my book. Here’s the page to order from.

The full text of the O’Reilly announcement:

O’Reilly, No Starch Press, and Tidbits will donate all revenues, less author royalties, from "Deal of the Day" sales to the Japanese Red Cross Society.

Thanks to the Internet, we understand more deeply than ever that everyone on the planet is connected. The disasters that have hit Japan feel close to home, and those of us at O’Reilly, No Starch, and Tidbits want to do something to help the Japanese people recover and rebuild. We know many of you do, too. Working with the O’Reilly Tokyo office, we will ensure that your valued contribution goes to the relief of those most in need. We’ll update the total amount donated throughout the day, as well as the final amount.

Take a look!

Managing the Spice Cabinet with Word and Excel

Cooking is one of my things to do when I’m home and have the time. As a result I’ve got a pretty good selection of spice jars in one of the cabinets in my kitchen. I’ve had a spreadsheet of all the spices I have for a while now which I keep posted inside the cabinet door. This is useful for figuring out if I need to get something or if I have an extra when I run out of something. Unfortunately the problem this doesn’t solve is actually finding the jar in the cabinet. I’ve got everything lined up on a couple shelves in a cabinet and it usually requires emptying half the cabinet if I need something I don’t use too often.

I finally decided to deal with this tonight by labeling the top of each jar so I can look from the top and pick out the jars I need. Pretty much all of the jars I have are the same “McCormick Gourmet Collection” jars like this one. The caps on all these jars have a circular inset on top which is just shy of 7/8” in diameter. I walked over to Office Depot and found some round Laser Labels which were 3/4” in diameter. Unfortunately these are removable as the didn’t have any permanent ones in stock. Since I already had an Excel worksheet with all my spices in it, I was able to use this to mail merge my stickers.

My spreadsheet looks like this:

SNAGHTML3f73139c

Note: If you’re going to do something like the image above, and you have a bunch of spices (I’ve got 51 total), you’re not going to be able to fit everything onto one page. What I did was paste my list into Word and set the page to Landscape orientation. I then configured Word to have two columns (Columns button on the Page Layout tab) on the page and I was able to wrap my paste from Excel into the second column so it fit on one page.

To make my labels, I went in Word and went to Mailings>Start Mail Merge (2) and selected the labels I bought. I added the Spice column (3) to the first label in the template, and copied that to all my labels using the Update Labels (4) button. Finally, I used Preview Results (5) so I could tweak the values so they fit properly in the cells.

image

Printed labels In hand I pulled everything out of the cabinet and labeled the top of each jar. Make sure the tops of the jars are reasonably clean if you want these stickers to stick properly. Total time end-to-end on this little project was all of an hour and the time savings should be substantial.