A chemist by education, an electrician by trade, a UNIX sysadmin and Oracle DBA because he raised his hand when he should have known better, an IT Manager and consultant by default, and a writer by choice, Charlie is a teacher at the University of British Columbia's Network Systems and Security Professional program, and the proud recipient of the Microsoft MVP Award from 2002-2016. He has written more than 3 dozen computer books on operating systems and enterprise environments, including Deploying and Managing Active Directory with Windows PowerShell (MS Press), ExamRef 70-411 (MSPress), Working with Windows Small Business Server 2011 Essentials (MS Press), and Windows Small Business Server 2011 Administrator's Companion (MS Press).


20 Responses to About

  • Hi Charlie,

    I just purchased your Administrator’s Companion – Windows SBS 2011 book from Amazon. Very helpful. I was hoping you could help me with a question…, I’m trying to implement SBS 2011 in our environment where we have a Server 2003 domain already established, we do not have SBS. I was hoping to do a migration install, but, after applying multiple patches to my 2003 PDC, the SBS 2011 install halted with a fatal error – DCPromo join domain failed. We have a BDC that is our Exchange server but it is not patched, not sure if it needs it. I was hoping you might have some tips or guidance.



    • Charlie Russel says:

      You must demote the existing backup domain controller before proceeding with a migration. As is clearly spelled out in the MS migration docs. You’re now in limbo, and frankly I think your best bet is to contact SBSMigration.com.

  • Jason Boyland says:

    Hi Charlie
    I have read your book ‘Working with Windows Small Business Server 2011 Essentials’ several times and found it fantastic. This has helped me move into the Server environment for my customers. I was wondering if there was going to be a book on Windows Multipoint Server 2011? This would be very helpful as I am wanting to have this running alongside Essentials for a Remote Desktop Host, etc. It was only covered in basic detail in the book.
    Do yourself or any of your colleagues feel like writing another book!!
    Thanks, Jason

    • Charlie Russel says:

      Thanks, Jason, for the kind words. As for a book on WMS? Well, I’ve suggested one, but I’m not at all sure Microsoft is interested. The real problem is that this would really require product group funding, since I don’t think the numbers are there, yet, for a book without it.

      • Jason Boyland says:

        Ok thanks Charlie. I might download the evaluation version and play with it first. But will still keep my eyes and ears open for it.
        Thanks very much.

  • Hi Charlie
    I have read your SBS 2011 Essentials book several times and was wondering if you were going to do a Windows Server 2012 Essentials book as well?
    Thanks, Jason

  • Jacob Graham says:

    I am really upset with the quality of the Exam Ref 70-411. I am sorry but I have purchased this book and will not be finishing it as I have never been more lost. You jump all over the place and in some cases ask to do things that assume I have a PKI in place. You need to tell them to setup cert services or say that we are not going to and hear is how to make a self signed cert on the same page not 4 pages later. Then you ask questions that are not even in the book and you only have 3 questions per section. Worst MS press book ever.
    I loved Exam Ref 70-410 but I gotta ask did you read what you wrote guy? I am at page 191 and I am going to start reading the free MS virt academy books as I have never struggled more reading a text book. I tried really hard to keep going with this book but this is garbage.

    • Charlie Russel says:

      Obvioulsy, you don’t understand the intent and purpose of ExamRefs, even though they are laid out clearly in the Introduction. This is NOT a text book. It is not intended to be a text book. An ExamRef book is organized exactly as the objective domain for the exam, that’s completely out of my control. And it isn’t supposed to teach you how to do things. But rather provide a reference for what to expect on the exam and what kinds of questions you might expect. Also, it is not any sort of Study Guide or Exam Prep Guide. It’s a short reference. If you already know the general subject, you should be able to use it to highlight areas you need to focus on where you might have some weakness. If you don’t know the subject, you need to be looking at a different sort of book entirely.

      I’m sorry it didn’t meet your needs, but honestly, I think it did exactly what it was intended to do. Perhaps the marketing material (again, not in my control) is not making it’s role or intended audience clear enough, and I’ll certainly pass that on to MS Press.

      Thank you for taking the time to comment.

      • Rik says:

        That explaines a lot indeed. Likewise, I was furious at the lack of depth in the book. Page after page of GUI screenshots on a topic, then one paragraph of warnings and hints of exam horrors. What’s the target audience for the ExamRef? People who don’t need certification? The Study Guide covers more indeed, but mostly stuff you don’t see in the exam. And they’re both poorly edited, with typo’s and PowerShell commands that don’t exist, like New-Addccloneconfig, which omits -file at the end. Also, you can’t clone a DC unless it has the PDC role, at least that was the warning my lab gave me(I use to check the claims in the books since they are so poor).

        Will there be a major revision of the study material for next generations of Windoes Server? I don’t see myself ever commiting to a course like this ever again.

        • Charlie Russel says:

          As was clear in the introduction to my book, and, I’m reasonably sure, to all the ExamRefs, the target audience is, indeed, people who are active Administrators, and who, for whatever reason, want to add MS certification to their resume. They already know many of the things they’ll need for the exam, but are unsure of where they may have areas that need work. The ExamRef is perfect for that audience. They can quickly work through a reasonably sized book (target is 400 pages) and brush up on their existing skills, while identifying areas that need work and more in depth study.

          As for any errors – no matter how careful the author and tech editor are, they do happen. For the command you’re complaining about, New-ADDCCloneConfigFile, you’re right, that was a typo that got past the Tech Editor and even my second pass review. For that, my apologies. However, you are incorrect about which DCs can be cloned. ANY virtualized DC can be cloned, so long as the PDC is reachable on the network, the virtual machine that hosts the source DC has no snapshots, and you don’t have any obstructing applications running. In fact, the most common use of cloned DCs is to create a cloned RODC.

          As for new versions for 2016. My understanding is that Pearson is writing them. There IS no Microsoft Press any more, Pearson bought the name out, and I have no interest in working for or with Pearson on any projects. I have not been impressed with my recent contacts with them.

          • Rik says:

            I am an active Administrator, thinking to get some basic certification up because the boss likes that. I didn’t pick the book myself. For 410 I started with the Study Guide, read everything, did the labs, answered all questions, scored good. Then did the exam. Failed misserably, even thought I had the wrong book or something, there was stuff in there I hadn’t heard off in the book AND stuff I studied that was never in the questions. So, thinking the Exam Ref was also necessary, worked through that too, seeing that was very close to the actual exam. Failed again, I never got near the actual score necessary to pass with the books. Sticking to the Exam Ref now, but I am having no fun studying this stuff what so ever, the books don’t hold up to the exam, or my real life job makes for a nextnextfinish approach. As for the audience, domain installs, upgrades or cloning is incidental googley stuff. And the guys who do this regularly snark at certification. As for the PDC role, you are right! The PDC could not be contacted because I switched it off(after playing with the role transfer earlier). I tried to clone my RODC, but haven’t got the resources to run everything at once. Not being a native english speaker I read the subtleties of this Powersell mudd wrong:

            PS C:\Users\fixer> Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

            InfrastructureMaster RIDMaster PDCEmulator
            ——————– ——— ———–
            DFS01.treyresearch.net DFS01.treyresearch.net DFS01.treyresearch.net

            PS C:\Users\fixer> New-ADDCCloneConfigFile
            Running in ‘Local’ mode.
            Starting PDC test: Verifying that the domain controller hosting the PDC FSMO role is running Windows Server 2012 or late
            WARNING: The domain controller hosting the PDC FSMO role either could not be located, or was not running Windows Server
            2012 or later. Virtual domain controller cloning requires the PDC FSMO role to be hosted on a domain controller
            running Windows Server 2012 or later.

            WARNING: One or more preliminary validation checks failed. The clone configuration file will not be generated.

          • Charlie Russel says:

            Yup. The requirements for cloning are very clear. The PDC must be reachable or it will fail.

  • Charlie, I have been a fan of your administrator’s companion series for years. I am not credentialed in computer networking or windows server in any way, shape, or form, but thanks to your writing in this series, I have successfully run my company’s Windows domain (5 office locations, 25 computers) myself for several years. I have only recently had to hire an IT service to take care of things, and that’s simply because I am busy growing my company. I do maintain a personal interest in the amazing developments in Windows Server, and I am curious if there is a Windows Server 2012 R2 or Windows Server 2015+ administrator’s companion in the works… And if not, is there a similar book that you would recommend that fulfills the same purpose and does so as well, or nearly as well as you have? Thanks again!

    • Charlie Russel says:

      We made a decision not to do an Administrator’s Companion for Windows Server 2012 and later versions, primarily because the product has gone beyond what can fit in a single book. But also because the cycle of changes has gotten too quick to allow a book of the size and complexity of the Administrator’s Companion to be written and pay off it’s costs before the next version is out. Frankly, if you care about quality, it’s just not economically feasible to write that big of a book with the current state of computer book sales and version churn.

      What I’ve focused on, of late, have been shorter projects where I can keep the entire project in my control. The latest book is Deploying and Managing Active Directory with Windows PowerShell. This is, in many ways, an Administrator’s Companion of PowerShell and AD. I don’t try to cover every possible thing you can do with PowerShell, but I do try to hit the 90% mark and even a bit more for some areas. All done with Windows PowerShell, and written with a relaxed and conversational style designed to enlighten rather than intimidate.

  • MikeH says:

    I just got your new book “Deploying and Managing Active Directory with Windows Powershell” and have some things to criticize:

    The titel includes “…With Windows Powershell but you also use ordinary command line executable like makecert.exe instead of New-SelfSignedCertificate. I wonder why? Are there any caveats using New-SelfSignedCertificate?

    But my main point is usage of SHA1! Because Microsoft will stop supporting SHA1 certificates or did I understand this topic wrong? https://support.globalsign.com/customer/portal/articles/1447169-sha-256-rollout

    Thanks for your reply


    • Charlie Russel says:

      Yes, in a very few cases, I chose to use an existing command line utility. In the case of MakeCert.exe it was because Microsoft Azure explicitly supports and documents exactly what is required for working with Azure. Yes, SHA1 will go away, but at this point it is still supported. If/when I write an update to the book, I’ll very likely extend that entire Azure chapter, including a good deal more about certificates.

  • Alexander Vitenas says:

    Hi Charlie,

    I have been working on a project for the last week that I am ready to put to bed. I found an archived article of yours from January 20, 2003 titled “Getting to Know Windows Journal for Tablet PC” as a linked reference to the Windows Journal Wikipedia page https://en.wikipedia.org/wiki/Windows_Journal#JNT_format. I actually think I first read that article about 10 years ago while working with my father to set up an Electronic Medical Records system for his medical practice which utilized Windows Journal to replace certain components of patients paper charts in his office. We purchased a practice management system which uses a Microsoft SQL Database as its back-end to facilitate functions like our appointment schedule, inventory, etc and allows for a windows file system to be used to attach documents to patients electronic charts. Everything has worked wonderfully for the last 10 years and the practice has grown considerably over that period of time. We now have 33,810 .jnt files on our server. As I am sure you probably know, Windows has decided to stop supporting Windows Journal and has encapsulated many of its features into OneNote. I have been attempting to script the conversion of all of the existing .jnt files on the server into .one files using Windows PowerShell, a technology I see you have written several books about. Excuse me for being so bold as to seek you out directly but I figure that you may be able to help or point me in the best direction to resolve my issue.

    So here it is…

    If I open any Windows Journal File from my PC I am able to File. Print. Send to OneNote 2013. and voila I have a perfect copy of the .jnt file but with a .one extension. I cannot use the Microsoft cloud because HIPPA stipulates that medical data must not be commingled on a shared server. So I am using OneNote 2013 to allow for local storage on my on premise server the way that the .jnt files are currently stored. The practice management software doesn’t care what file extension is attached as it allows for any attached file to be opened outside of the program in its own native environment and so long as you hit save you can always reload the same document from within the GUI of the practice management software with whatever changes were made at the last appointment.

    The problem is when I attempt to script the conversion using powershell I am attempting to ultimately do something like this:
    $a = gci \\ApplicationServer\PracticeManagementSoftware\Documents -include *.jnt -recurse -force
    foreach ($item in $a){
    get-content $item | Out-Printer -name “Send to OneNote2013”

    But to get proof of concept I have been playing with doing something more like:
    get-content $a[0] | Out-Printer -name “Send to OneNote2013”

    When I run this on my machine which is running PowerShell 5 on Windows 7 Professional with Office 2013 it outputs a bunch of gibberish into the OneNote file. When I do the same thing on a colleagues machine which is running Windows 10 with Office 2016 and PowerShell 5 with a test .jnt document which does not contain patient information I am able to output the file to OneNote in a way that looks just like if I had gone through the process manually. It is my understanding that I cannot default the storage of OneNote 2016 to a local server as opposed to the microsoft cloud so I am stuck trying to make this work in Office 2013. I assume that the key difference is in the Send to OneNote 2016 driver vs the Send to OneNote 2013 driver but I would be very curious to hear any insight you may be able to provide towards helping me solve this problem.

    Sorry for the bother but I could really use some help,

    • Charlie Russel says:

      Wow, that’s coming from the “wayback machine”. :) I don’t know of any reason why you need to use cloud storage on your Office 2016. Just because the default is to OneDrive for Business, that doesn’t mean it MUST be to OneDrive for Business. I certainly use local storage with my OneNote. What you need to do is first create the notebook in local storage, and then point to it as the only current notebook. That should force things to use local. Basically, don’t give it any other choice.

      Another option might be to go to PDF? But clearly, OneNote is a better place to be.

  • Luke says:

    Hi Charlie,

    I’m currently reading your book for 70-411 and I’ve just got a question about something.

    Chapter 5, page 309 reads “Another concern with authoritative restores is the domain trust relationships between
    workstations and the domain. Computer account passwords are changed automatically every
    seven days, and a restoration to a snapshot older than seven days can result in workstations
    being unable to connect to the domain.”

    I thought the computer account passwords are changed every 30 days?


    • Charlie Russel says:

      The actual time is variable, but you are correct that it is 30 days by default. Older NT systems used a 7 day default, but current OSs default to 30 days. That being said, the potential is still there for restores to invalidate existing workstation accounts.

Leave a Reply

Your email address will not be published. Required fields are marked *