Security vulnerabilities could arise for which no protection is possible. Attackers who exploit these openings could gain control of systems based on Windows Server 2003. Then use the compromised system to launch attacks from within the data center against other, newer systems to capture and relay data from the network to the attacker outside and introduce false transactions or tamper with legitimate business activities. If such an attack were to take place, it may be impossible or impractical to stop it from succeeding and from being repeated, since the code vulnerability inside the OS will not be patched. Business functions dependent upon the system running under Windows Server 2003 may be unexpectedly subject to complete loss of access to the functionality of the system if it has to be shut down due to compromise. Alternatively, lack of viable alternatives for the business function may dictate that the system remain in operation despite compromises, thus endangering other systems that are not based on Windows Server 2003.
If you have NOT decommissioned your Windows Server 2003 Servers then you should purchase an Extended Sup[port agreement for these servers and actively be in the process of moving to new Hardware and Software… You can use the Windows Server 2003 Migration Planning Assistant which will walk you through a migration assessment and help you choose a Microsoft partner if you need help in the migration and decommissioning of your old hardware.
This is something that IT Pros and Devs should readily understand. However, it can save all users time and money..
As an example: I sometimes run Windows Server 2012 R2 on my Laptop where I have 2 1tb SSD drives (they are a lot cheaper now) so I can natively run SharePoint instead of having to use several VMs. When I have Windows Server 2012 R2 Installed I run a feature called DeDuplication and it enables me to save 436GB of disk space by keeping a single version of the file on the data drive while creating pointers to the file in every location where a duplicate exists. If you do a lot of SharePoint development you end up with a lot of Hives so that you can easily start up a replica of your clients environment. Since I can only have two hard drives on my laptop and I am swapping out the DVD player to so. De-Duplication is a life saver, it allows me to store twice the amount of data as the disk would normally hold. if I then install a Desktop OS on my laptop all of the files that have been deduplicated I will be able to open until I have copied the files from Windows server 2012, run a PowerShell script to install the features, then activate de-duplication
The Server community has enjoyed DeDuplication since Windows Server 2012 in an Operating System but all SANs have this feature build in (too bad they don’t fit in your laptop bag). This is a hard drive storage technology that should be made available in every OS not just Server OSs. The really stupid part is that we can copy the features from the Windows Server OS and enable them on Windows 8, 8.1, and now 10. However, I really like to keep my systems as pristine as possible which is difficult enough when developing software..
If your running Windows 10 like me your probably running build 10130, then complete the following steps to ask Microsoft to include this feature in Windows 10 Client OS
1. Open Search or hit the Windows key and type feedback, then click on Windows feedback to Open the feedback app
2. Click on Files, Folders, and Online Storage. and type in dedup into the search bar
3. You will find 5/6 of people requesting de-duplication to be added to the Windows !0 Client OS, please Click UpVote at the bottom of each request
It is NOT a luxury to have De-Duplication on Windows 10 Client OS but very necessary as we can only fit 2 drives in as laptop and when you run multiple VMs to help people learn software development skills. I cant really imagine why it would not be added to the Windows 10 Client OS.
I came across a client the other day who had began implementing a new domain about 6 months ago with with 4 Hosts Windows Server 2012 Data Center Edition 2 XEON PROCS, with 12 Cores 24 Threads, 256GB RAM, along with 32TB Sata3 6GB Drives Internally RAID5, and 2 Internal Disks 1TB RAID0. However, they had used the Windows Server 2012 Data Center Evaluation Edition and were somewhat stuck.
What I found through friends and Google was though you couldn’t just add the Datacenter Edition Key using the GUI and we were unable to find a solution to resolve a group of Servers that hosted the AD-DS Feature,
1. DISM /online /Get-CurrentEdition
The GUI doesn’t not work For Converting from Evaluation to FULL License
Make note of the Current Edition : In our case since we know its Data Center Edition the Current Edition : ServerDatacenter
Now that we know the Current Edition ID, its simple to run the next command
2. DISM /online /Set-Edition:ServerDatacenter /ProductKey:1234-5678-9876-5432-1234 /AcceptEula
Note: Obviously you will need to use your own product Key as the one I have provided will not work.
Once you modify the PID to use your own licensed version. You will notice that the process will update components, then Install PID, Remove the Evaluation Components and ask you to reboot..
Once the server has rebooted, the bottom of your screen will no longer have the Evaluation Count Down
Happy Holidays happy Holidays Happy Holidays Happy Holidays
Don’t forget to check Microsoft 12 Days of Deals with Surface RTs as low as $$99 dollars HAVE FUN…
I ran into an interesting problem after using terabyte unlimited image for Windows to transfer my installation from a 1TB drive to a 2TB Drive and I have used it many times without any issues. When I opened Office I received a notification that I had 3 days to Activate Microsoft Office 2010 Professional Plus and when I attempted to activate over the internet I received another notification that I had exceeded the number of licenses available, which luckily for me was wrong. So I logged in retrieved another Product Key (PID) and followed the instructions below to resolve the issue.
On Microsoft Windows 7 Click Start > Control Panel > Programs > and from the list of installed programs, find Microsoft Office Professional Plus 2010 (or your installed version of Office) > select the correct version and click Change.
A recent, isolated issue was discovered in the SharePoint 2010 Products April 2012 Cumulative Update that could result in an HTTP 500 error when users delete objects to include documents, lists, and Webs and a new object is created using the same path where the original object remains in the Recycle Bin.
The following packages were affected:
KB2598151 – SharePoint Server Package
KB2598152 – Project Server Package
KB2598321 – SharePoint Foundation Package
KB2598304 – Wss-x-none.msp
This issue has been resolved in the revised packages. The revised packages include support for resolving issues related to the originally published updates.
SharePoint Foundation 2010
SharePoint Server 2010
We recommend that you test hotfixes before you deploy them in a production environment. Because the builds are cumulative, each new release contains all the hotfixes and security updates that were included in the previous SharePoint Server 2010 update package releases.
Description of the SharePoint Server 2010 cumulative update package (SharePoint server-package): April 24, 2012 http://support.microsoft.com/kb/2598151
REPOST of Joelo based on info from Todd Klindt and Facebook
Do NOT Install the April 2012 SharePoint CU, an update or re-release is underway. It surprised me a little bit when I was browsing facebook and I happened onto the update in the SharePoint Updates FB group, and saw a post that said. Do not install the April 2012 CU, as a rerelease is underway. I didn’t recognize the name of the person posting the update, so I clicked on their name. He was a Microsoft PFE. So I tweeted the recommendation not to install the April 2012 SharePoint CU (both Foundation & Server). The group is a pretty obscure group with only 236 members: https://www.facebook.com/#!/groups/sharepointupdates/ and not something I check regularly. No update from the MS SharePoint team blog.
This morning the Facebook message has been deleted, but both the SharePoint 2010 Foundation and SharePoint Server CU articles reflect that the bits have been taken down. Last night I tweeted that you shouldn’t install it based on a MS PFE Facebook update, and Todd Klindt pointed out that the KB had been updated. Thanks Todd. I guess that’s the message we get. They have taken them down for a technical issue.
Beeeeeeep. Your bits will be returned to their regular station after they fix a little issue. Do not look at the man behind the curtain. If you haven’t installed it yet. Don’t.
If you were testing it and getting ready to apply it. Stop testing it an update is on its way. I’m sure MS is really putting a lot of effort in a really quick turn around. Now none of this changes the fact that you should really only be installing these CUs unless they apply to something you need, especially now. Early in the product cycle there were some really critical things being fixed. SharePoint is pretty solid these days, so really the recommendation which hasn’t changed is to only install the CU if you were being impacted by something and need it.
SharePoint Foundation 2010 April 2012 CU
SharePoint Server 2010 April 2012 CU
"Article ID: 2598151 – Last Review: May 24, 2012 – Revision: 3.0
Description of the SharePoint Server 2010 cumulative update package (SharePoint server-package): April 24, 2012
Notice: This hotfix package is no longer available due to a technical problem."
So I believe the product team wants the message to get out, but doesn’t want a bad taste out there. Don’t freak out. If you haven’t installed it, just don’t. If you have, no worries the issue was something that they thought was an important enough regression that they wanted to fix and re-release. No big deal. You will be able to install the update over the top, once it comes out.
On twitter there is speculation about incoming email quota as the related regression. I’m not sure what it is. The twittersphere is not lit up from problems, so I wouldn’t complain. Let’s just let MS do the right thing and let this one get chalked up as they are doing this in our best interest, and it’s better that they handle it this way.
One of the frustrating experiences I have had recently due to using ADFS2, DirSync or SSO is the Public Certificate used for ADFS2 and SSO expires 20 days early (more about this in an additional post). However this shouldn’t be an issue since my Partner Account / The Partner of Record should be able to reset Passwords and mange my Client Office 365 environment. However, as you can see from the screenshot below. There isn’t anywhere to manage your clients, like there was in BPOS. Though if you login to http://Partner.Microsoft.com you can find many users and clients that you have being managed.
The Partner overview allows you to view additional marketing material or Build Your Business, Send Invitations, and Confirm Purchase Orders. While I still have less than 500 Client Users with only a handful of clients including my own company.
Though as you can see from the next screen shot I am logged in as the Global Admin of my Partner Account and been granted Assign Administrative Access to Companies I support
Global Admin Settings
There doesn’t appear to be any way to manage your clients. This wouldn’t have been an issue if I hadn’t deprecated my Companies Global Admin Account by associating the email address with the ASDFS Service Account which is a domain user without certain privileges in my domain. Also, there isn’t any documentation that the companies Global Admin Account would be deprecated. The reason I did so was so that any issue with DirSync would be emailed to this account and it would be monitored. Interestingly, all DirSync failures go to your alternate email address in my case this is an unmanaged domain like yahoo.com.
There will be a more complete post where I walk through the steps of restoring SSO when your certificate expires 20 days prior to its Expiration.. The moral of the story is to use a Password LockBox Like the Lenovo Client Security Solution and create more than one Global Admin Account prior to implementing SS and don’t add the Global Admin Account to any of your Domain Users especially a service account.