Category Archives: Weblog

Exchange 2010 SP1 gives Multi-Tenant support

Posted on by

Exchange 2010 SP1 has built-in multi-tenant support, which helps service providers to host multiple organizations in a single Active Directory environment. There are few features which are available only in hosting mode and few others which are not available, compared to a normal deployment of Exchange 2010 SP1. 2010 SP1 will form part of the suite of multi-tenant capable products that will replace the Hosted Messaging and Collaboration solution.

Few points to note about installing 2010 SP1 in hosting mode:

  • The installation can only be done in command line.
  • You need to use /InstallWindowsComponents while running the setup to install all windows components required for Exchange. This will not install the pre-requirements only the windows components! Always install the pre-requirements first.
  • You need to use /Hosting switch while running the setup to install Exchange in hosting mode.
  • 2010 SP1 is required.
  • Exchange Management Console will not be installed.

Exchange 2010 SP1 doesn’t support the following features in Hosting mode (from Technet):

  • Exchange Management Console
  • Public Folders
  • Unified Messaging Server role
  • GalSync
  • Federation
  • Business-to-Business features such as cross-premises message tracking and calendar sharing
  • IRM
  • Outlook 2003 support (EnableLegacyOutlook)
  • Edge Transport Server role
  • Same forest upgrade from Exchange 2007
  • Resource forest
  • Parent-child domains
  • Discontiguous namespace
  • Disjoint namespace

Here is based on the blogs zerohoursleep and howexchangeworks how its done! This step-by-step tutorial that will guide you to installing your first Exchange 2010 SP1 multi-tenant organization to a fully operational mode.

Lab setup

For this lab I am using 2 servers running Microsoft Windows 2008 R2 one of them acting as a domain controller for the lab domain lab.com and the other will be running all roles of Microsoft Exchange 2010 SP1 CAS,HUB and Mailbox.

Of course in a live environment exchange roles will be most probably split among multiple servers but the concept is pretty much the same.

I will assume that the Domain Controller is already installed and that the exchange server to be has already Windows 2008 R2 installed with all the required patches to deploy Exchange 2010 SP1.

Installing Exchange 2010 SP1 in hosting (or multi-tenant) mode

Installing Exchange prerequisites on Windows 2008R2

I am used to this script to automate installation of the prerequisites since I find it very clean.
We will start by running the powershell administrator “right click -> run as administrator” and allow the script execution using

Set-ExecutionPolicy unrestricted

Running the script will then offer you a menu, in my case I need to select option 6 since all roles will be installed on the same server and restart the machine after.

00

Installing Exchange

As you may already know Exchange 2010 multi-tenant can only be installed using the command line by adding the /hosting parameter, we will initiate the installation by running

setup.com /m:install /r:m,ca,ht /installwindowscomponents /hosting /on:ExchLab

01

Let me first explain the above command

  • /m stands for /mode and we are running the installation mode
  • /r stands for /roles and we want to install the m (mailbox) ca (client access) ht (hub transport) roles. Of course you will need to change this if you don’t want to install all roles
  • /hosting is required to tell the setup to run the hosting installation
  • /on stands for /OrganizationName and you will define here the name of your Exchange organization. I called mine ExchLab

We will now wait for the installation to finish
02

03

A few differences with Exchange not hosted

The first thing I have noticed after the installation is differences in Active Directory Users and Computers like the presence of a brand new Organizational Unit “Microsoft Exchange Hosted Organizations”
04

And the addition of new Exchange Security groups (plus the absence of the UM one)
04'

Now of course the absence of the Exchange Management Console should have been first however this I was expecting since it is all over the place so I was expecting this.

Continue reading

Firefox 4 final release on March 22!

Posted on by

After twelve betas, one release candidate and a year of development, Mozilla plans to release the final version of Firefox 4 on March 22 around 7AM PDT.

Tech blog ConceivablyTech spotted the date on Mozilla’s official release schedule yesterday and a message to developers from Mozilla senior engineering director Damon Sicore indicated the first and only Firefox 4 release candidate would likely ship as the final version of the browser. Firefox 4 RC1 was made available on March 9.

”As of now, there are no known issues that would stop us from shipping RC1 as final…March 22nd is the day we would ship.  Both IT and Marketing have indicated that March 22nd is an acceptable final launch date.  If at any time we discover issues that would block final release, we would issue an RC2 as soon as possible, reset the ship date, and communicate to everyone,” he said.

Despite Mr Sicore’s mention of the possibility of a second release candidate, Mozilla planning notes indicate the company would most likely push Firefox 4 out the door on March 22 and follow-up with an incremental update to fix any minor issues.

”Several issues have been identified as potential ridealongs, meaning we might do a 4.0.1 release,” the notes said.

The final version of Firefox 4 was originally scheduled to ship in November 2010, but repeated delays saw the release schedule revised on more than one occasion. Given that rather chequered history, it remains to be seen if Firefox 4 will actually ship on March 22 as planned.

Based on the Gecko 2.0 engine, Firefox 4 will bring an updated user interface, new ways to organize tabs, a revamped add-on manager, support for HTML5 video standards, multitouch support on Windows 7 and a range of performance and security enhancements.

Mozilla has indicated a desire to move to a faster release schedule following Firefox 4, with mozilla.org co-founder and Mozilla CTO Brendan Eich telling developers users could be running the fifth version of Firefox just months after Firefox 4 is released.

Windows 7 and Windows Server 2008 R2 Service Pack 1 (KB976932) and download

Posted on by

Service Pack 1 is now available on Technet for subscribers.

Consumer end-users can find general information about Windows 7 SP1 at the following Microsoft website:

http://windows.microsoft.com/windows7sp1

Public downloads will be here

Windows 7 Service Pack 1

To obtain Windows 7 SP1, visit the following Microsoft website:

http://windows.microsoft.com/installwindows7sp1 (http://windows.microsoft.com/installwindows7sp1)

Windows 2008 R2 Service Pack 1

To obtain Windows 2008 R2 SP1, visit the following Microsoft website:

http://go.microsoft.com/fwlink/?LinkID=199583

The following documentation for Windows 7 and Windows Server 2008 R2 Service Pack 1 is provided here.

Deployment Guide for Windows Server 2008 R2 with SP1 and Windows 7 with SP1.doc 213KB Download

Hotfixes and Security Updates included in Windows 7 and Windows Server 2008 R2 Service Pack 1.xls 465KB Download

Installing Windows Server 2008 R2 with SP1.doc 94KB Download

Release Notes for Windows 7 with Service Pack 1.doc 87KB Download

Release Notes for Windows Server 2008 R2 with Service Pack 1.doc 87KB Download

MS KB Information about Service Pack 1 for Windows 7 and for Windows Server 2008 R2

How to configure Citrix IMA to use a specified network Interface

Posted on by

source: http://www.doctor-citrix.com/

The purpose of these settings is to set up a specific NIC for IMA use when You have multi homed XenApp Servers.
Registry Values to Set;

Purpose(s) is specify if the server has several NICs or not;
Registry Hive : HKLM\Software\Citrix\IMA
Value : MultipleNICMySelf
Type : REG_DWORD
Data : 1 (1 = This Server has several NICs)

Purpose(s) is to specify the NIC to dedicate;
Registry Hive : HKLM\Software\Citrix\IMA
Value : NICToUse
Type : REG_SZ
Data : Mac adress of the desired NIC (example : 00-C0-4F-74-68-E5 )

If one of the previously specified reg values is set on any server you’llo have to set the following reg value to ALL SERVERS within the Farm.

Purpose(s) is to specify that IMA will try to communicate with all remote server NICs
Registry Hive : HKLM\Software\Citrix\IMA
Value : MultipleNICOtherServer
Type : REG_DWORD
Data : 1

15 great information recources for Application Virtualization from Microsoft

Posted on by

Source; http://www.marcoblijenberg.nl/
Let’s start sharing some great information on Microsoft Application Virtualization alias APP-V or the old name softgrid.
Below is an overview of links with all kind of great information on APP-V.

App-V general information

APP-V Techcenter, your starting point when you need more information about APP-V| Microsoft Technet
APP-V whitepapers, part of APP-V Techcenter | Microsoft Technet
Tech forum with all App-V related information, not only limited to APP-V | Appvirtguru.com
App-V information, clear overview on APP-V components | app-vsupport.com
App-V FAQ overview | http://blog.stealthpuppy.com/appv-faqs

App-V learning resources

Some App-V learning video’s | Blogcastrepository
Application Virtualization (App-V) Video Series | Microsoft Technet
TechNet Virtual Labs: System Center | Microsoft Technet
App-V certification, there’s no “stand alone” APP-V certification. Skills being measured are based on MDOP | Microsoft Learning

App-V sequencing & recipes

Application Virtualization message-board, not only limited to App-V | Appdeploy.com
The Microsoft App-V Sequencing Recipe Forum | Microsoft Technet
Stealthpuppy recipe/sequence resources | App-V recipes
TMUrgent recipe/sequence resources | App-V recipes

App-V related blogs

App-V team blog | Microsoft Technet Blog
The Official Microsoft Virtual World Blog | http://blogs.technet.com/virtualworld/
The Official Microsoft MDOP(where App-V for Desktop is part of) blog | http://blogs.technet.com/mdop/
Kirx.org | http://www.kirx.org/app-v/app-v-en.html
Aaron Parker’s Stealthpuppy on application virtualization and more | http://blog.stealthpuppy.com/
Confessions of a Guru | tmurgent.com
Kevin Kaminski’s blog at MyITforum| myitforum.com
Application Distribution Blog by Nicke Källen, Microsoft MVP on App-V | Viridisit website
German App-V website maintained by Microsoft employee Sebastian Gernert | blogs.msdn.com/sgern
Independent App-V Blog | http://www.softgridblog.com/
DesktopControl Blog |http://www.desktopcontrol.info/

App-V Tools

App-V Best Practice Analyzer | Microsoft Download Center
App-V ADM Templates, also check-out the ADM add-ons from Login Consultants| Microsoft Downloads
App-V Resource Kit tool, you will need this when using Dynamic Suite Composition | Microsoft Technet
Great resource with tools and instant apps for your demo’s | virtualapp.net
The App-V tools from Login Consultants, you need to register before you can download the tools | Login Consultants Tools
Application Virtualization Central, with tools, training videos and much more | tmurgent.com
Download sequenced applications free | http://www.instantapp.net/

App-V troubleshooting

General troubleshooting App-V | Microsoft Technet Blogs
The Microsoft Online Help for Application Virtualization | Microsoft Technet

Three Steps to a PXE-Free XenDesktop on Hyper-V

Posted on by

http://community.citrix.com/display/ocb/2010/04/13/Three+Steps+to+a+PXE-Free+XenDesktop+on+Hyper-V

I ran into an interesting situation last week while working with Tony Sanchez from our Global Microsoft Team. He was setting up XenDesktop 4 on Hyper-V 2008 R2. However, the lab he was at used a Windows Deployment Server (WDS) for image management and it relies extensively on PXE. Rather than modify the WDS to support the Provisioning Services PXE boot file, we decided the best solution was to make a boot ISO that will load the OS directly from the Provisioning Services host and then boot the guests from that ISO.

Background

Since not all my readers are familiar with using the Boot Device Manager, I will set the stage. When configuring a virtual machine to boot off of a CD-ROM image for PVS, you need to do three things:

  1. Add a Legacy network card on the host since the Synthetic network adapter is not created until the Operating System loads.
  2. Configure the BIOS boot order so that CD-ROM is first in the list.
  3. Assign a bootable ISO image to the CD-ROM/DVD drive.
Take Note
The PXE boot option is required in order for the NIC Option ROM to stay resident in memory during the pre-boot process. This way, UNDI will be available to the boot device to properly initialize the NIC. Otherwise, the “API not found” message would be displayed by the boot device.

In deployments of XenDesktop where you have more than about 15 machines, the XenDesktop Setup Wizard (XDSW) is normally used to create and link the XenDesktops with Hyper-V. Unfortunately, the XDSW does not support all the possible VM configuration options when duplicating the source virtual machine. One of the properties that is not transferred to the new virtual machine is the ISO in the DVD drive. Normally, this behavior is the preferred because Hyper-V needs a special configuration to support sharing an ISO across multiple guests simultaneously (See this Technet article), which if not configured correctly can cause startup issues.

If you do not want to configure ISO sharing, you can use the VMM server and VMM library to copy the boot ISO to each virtual machine’s folder. If the ISO was large, I would say spend time setting up the sharing configuration; however, in this case the file itself is only 300K and copying it will eliminate the possibility of file sharing/locking issues.

Now you understand some of the challenges, I can tell you the three steps to a PXE-free Hyper-V deployment.:

  1. Create a PVS Boot ISO using the Boot Device Manager
  2. Import that PVS Boot ISO into the VMM Library
  3. Execute a PowerShell script

Step 1: Create a PVS Boot ISO

The Provisioning Services Boot Device Manager is a three-dialog wizard that lets you pre-configure the boot environment just like a PXE server would, except you can then write that to a drive or CD-ROM media. The Boot Device Manager is found on the Start menu of any provisioning server at All Programs >> Citrix >> Provisioning Services >> Provisioning Services Boot Device Manager.

I do not want to spend a lot of time discussing the various options or provide a tutorial on this utility; however, I will provide a few pointers. First, be sure to enable the “Citrix PVS Two-Stage Boot Service” and set it to start automatically on any servers you will use as the targets for the ISO image. Second, if you are using Windows 7, be sure to enable the PAE Mode on the second page of the wizard, like this:

Third, be sure to select Citrix ISO Recorder as the boot device (shown below) before burning the ISO image, lest you accidentally wipe out your local hard disk. For a complete guide on using the Boot Disk Manager, see this Citrix Support Article CTX121331.

Step 2: Import the ISO into the SCVMM Library

Take the ISO you created in Step 1 and save it to the folder where the SCVMM library stores are located. I created a new folder called ISOs at the same level as VHDs and placed the ISO in that folder. Next start the SCVMM Administrative Console and go to the Library tab. Select the MSSCVMMLibrary node and click Refresh on the context-menu to add the ISOs to the library as shown here:

Step 3: Execute the PowerShell Script

Next, you can copy the contents of the PowerShell script below and save it to a file called AttachISO.PS1. I realize that I am not yet a PowerShell guru, so I am aware that several optimizations and error checks could be made to this script. Feel free to modify it for your own use. My goal was provide a working example to help with this issue. The PowerShell script below does the following:

  1. Sets the boot order to CD, PXE (Legacy NIC), IDE, Floppy
  2. Copies the ISO image from the library to the VM’s folder
  3. Creates a DVD drive object at the IDE bus 1:0 if no DVD drive is found
  4. Removes any existing ISO and sets the ISO image to the one specified on the command-line
  5. For larger environments, it lets you know how many VMs it has left to process
AttachISO PowerShell Script
# Purpose:      Attach ISO image from VMM Server Library to Guest Virtual Machine
# Date Written: 12 April 2010
# Author:       Paul Wilson (no implied or expressed warranties)
# Usage:        AttachISO [UNC Path to ISO in Library] [VM Name to Match Criteria]

# Check for the two required arguments and offer command-line assistance if not found

if ($args -eq $null -or $args.Count -lt 2)
{
   write-output "Usage: AttachISO.ps1 UNC_fileName_ISO_File VMNameMatches"
   write-output "Example: .\AttachISO.ps1 ""\\SCVMM\MSSCVMMLibrary\ISOs\pvbt.iso"" ""Desktop"" "
   exit 1
}

# Grab the arguments and store them for later use

$ISOPath = $args[0]
$VMNameMatches = $args[1]

# Get the name of the SCVMM server we are running this on.
# The VMM server could be passed as a parameter as well.

$VMMServer = Get-VMMServer -Computername "localhost"

# Get the ISO image reference object using the ISO path provided earlier.
# Using the full path guarantees the right object is found. 

$ISOImage = Get-ISO -VMMServer $VMMServer | where { $_.SharePath -eq "$ISOPath" }

if ($ISOImage -eq $null)
{
   write-output "Unable to find ISO: $ISOPath"
   exit 1
}

# Get the collection of VMs that match the name parameters supplied and output that information

$VMs = Get-VM | where { $_.Name -match "$VMNameMatches" }
if ($VMs -eq $null)
{
   write-output "No VMs match the pattern: $VMNameMatches"
   exit 1
}
else
{
   $LeftToGo = $VMs.Count
   if ($LeftToGo -eq $null)
   {
      $matchString = "Only one VM matched the pattern: {0}" -f $VMNameMatches
      $LeftToGo = 1
    }
    else
    {
      $matchString = "{0} VMs match the pattern: {1}" -f $VMs.Count, $VMNameMatches
    }
    write-output $matchString
}

# This loop goes through each VM found and does the following:
#   1. Sets the boot order to CD, PXE Nic, IDE, Floppy.
#   2. Gets the DVD/CD drive object.
#   3. The script will copy the ISO image from the library to the VM's folder.
#      The copy is part of the Set-VirtualDVDDrive and New-VirtualDVDDrive cmdlets.
#   4. Creates the DVD drive object if none found and sets it to the ISO.
#   5. Removes any existing ISO and sets the ISO image to the one specified.
#   6. Outputs the number of VMs remaining to process. Added for large deployments. 

foreach ($VM in $VMS)
{
   $LeftToGo = $LeftToGo - 1
   Set-VM -VM $VM -BootOrder CD,PXEBoot,IDEHardDrive,Floppy
   $current_dvd = get-VirtualDVDDrive -VM $VM

   if ($current_dvd -eq $null -or $current_dvd.count -eq 0)
   {
      $newDVD = New-VirtualDVDDrive -VM $VM -Bus 1 -LUN 0 -ISO $ISOImage
      $DVDResultMessage = "Created DVD Drive on {0}. {1} VMs left to go." -f $VM.Name, $LeftToGo
   }
   else
   {
      if ($current_dvd.Connection -ne "None")
      {
         set-VirtualDVDDrive -VirtualDVDDrive $current_dvd -noMedia
         set-VirtualDVDDrive -VirtualDVDDrive $current_dvd -ISO $ISOImage
         $DVDResultMessage = "Replaced existing media in DVD Drive on {0}. {1} VMs left to go." -f $VM.Name, $LeftToGo
       }
       else
       {
         set-VirtualDVDDrive -VirtualDVDDrive $current_dvd -ISO $ISOImage
         $DVDResultMessage = "Successfully attached ISO to the DVD Drive of {0}. {1} VMs left to go." -f $VM.Name, $LeftToGo
       }
    }
    write-output $DVDResultMessage
}

vSphere Client RDP Plug-in

Posted on by

Xtravirt has release another great tool; the vSphere Client RDP Plug-in.  It works like a charm, the installation is straight forward, after firing up the vSphere client the new RDP Plug–in is available at the vSphere Client plug-in manager.

When you jump to “Home” (I still have to get used to that) you’ll find the new RDP plug-in at the Solutions and Applications section.  Here you can configure the RDP behaviour like screen size, username, domain and port. When the setup of the global setting is done, it’s time to put the plug-in to test.

Just right click one of your virtual machines and check-out the context menu, you’ll see an extra option appears called Connect over RDP. Just select the new menu option and your RDP connection will initiate.

Password – you can now set a password to be used for all connections, allowing automatic logon.
Security Warning – Security Warnings can be disabled by ticking the relevant tick box.

Download is here;  http://xtravirt.com/vsphere-client-rdp-plug-in

They have created a little Jing movie which shows the new version of the Plug-in in action.

Microsoft confirms Internet Explorer vulnerability will be patched out of band

Posted on by

Microsoft has issued a statement confirming that it plans to release a patch for a security vulnerability in Internet Explorer which saw Google fall victim to some targeted and sophisticated attacks recently.

George Stathakopoulos, Microsoft Security, confirmed the news in a company blog posting. “Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability” said Stathakopoulos. He also added that Microsoft will share specific timing of the release tomorrow.

The vulnerability was unveiled when Google went public that they were targeted in a sophisticated cyber-attack. The breach, involving Internet Explorer 6, resulted in the theft of intellectual property. Due to the attack, and the background behind it, Google announced it will no longer be providing censored results for its Chinese Google search engine. Currently Google offers censored search results as part of an agreement with the Chinese government.

Since the news of the un-patched flaw broke, Microsoft has been on damage limitation. This week Microsoft began urging businesses and consumers to upgrade to Internet Explorer 8, explaining that the security benefits are far greater than that of Internet Explorer 6. Both the French and German governments warned their populations to cease using Internet Explorer due to the un-patched flaw. Currently the flaw exists in Internet Explorer versions 6, 7 and 8 but exploit code is only available for Internet Explorer 6. The patch, when released, will protect all affected versions of Internet Explorer.

Should you stop using Internet Explorer?

Microsoft has had a torrid time over the past week as governments and customers question the security of the popular web browser, Internet Explorer.

The issues began when Google went public that they were targeted in a sophisticated cyber-attack. The breach, involving Internet Explorer 6, resulted in the theft of intellectual property. Due to the attack, and the background behind it, Google announced it will no longer be providing censored results for its Chinese Google search engine. Currently Google offers censored search results as part of an agreement with the Chinese government.

The news created waves across the world and last week Microsoft admitted that an un-patched Internet Explorer 6 vulnerability was one of the vectors used in the targeted attacks against Google. To many the news wasn’t surprising. Internet Explorer 6, released in August 2001, is over eight years old. It has been subject to a number of high profile vulnerabilities over the years. The alternatives that exist in the marketplace today are not only much more improved in terms of features and standards support, but crucially, offer a greater safety net for online browsing. If you’re still using Internet Explorer 6 then quite frankly, you’re mad.

Ed Bott wrote, shortly after the admission by Microsoft, that any IT pro allowing IE6 use in a corporate setting is “guilty of malpractice” and I couldn’t agree more. However, unfortunately in a corporate setting it’s not always as easy as hitting an upgrade button. Most corporate infrastructure is based on a global directory, email and intranet websites as the core ways of communication between employees. Updating and maintaining internal only (intranet) websites is always a challenge for corporations as many will have been left untouched for years with code specific to aged Internet Explorer versions. Websites is only the beginning; there are also custom applications and systems that utilize Internet Explorer that could be incompatible with Microsoft’s latest versions.

This week Microsoft began urging businesses and consumers to upgrade to Internet Explorer 8, explaining that the security benefits are far greater than that of Internet Explorer 6. However, for corporations and web designers there’s a continued reminder that for many years Microsoft ignored emerging and defined web standards in Internet Explorer, especially in version 6. Developers originally griped about the lack of standards support for Cascading Style Sheets (CSS) after the introduction of Internet Explorer 6 in 2001. At the time the software giant dominated the browser marketplace and many would argue its actions slowed down web development. Flash forward to 2010 and it’s a whole different ball game. Microsoft’s market share is slowly ebbing away thanks to competitive and promising offerings from both Mozilla and Google. Microsoft improved its web standards support in Internet Explorer 7 and 8 and now it plans to extend that with 9, due later this year. But is it too little too late?

The question of whether to stop using Internet Explorer is one that many businesses and consumers are likely asking this week. Both the French and German governments warned their populations to cease using Internet Explorer due to the un-patched flaw. Currently the flaw exists in Internet Explorer versions 6, 7 and 8 but exploit code is only available for Internet Explorer 6. The reason IE 7 and 8 are both unaffected for now is due to the increased security of the software. Internet Explorer 7 introduced a phishing filter, protected mode to run the browser in a sandbox at low level security rights (vista only) and improved management of ActiveX controls. Microsoft improved security in IE8 by running the browser frame and tabs in separate processes and per-site ActiveX controls. Both IE 7 and 8 also include support for Data Execution Prevention (DEP) that prevents buffer overflow attacks.

So do these attacks mean you should stop using Internet Explorer? Simply put, no. Although it’s true that a vulnerability exists, Microsoft is currently working on a patch to resolve this as soon as possible. If you’re still running Internet Explorer 6 then it’s definitely time to upgrade. Neowin spoke to Cliff Evans, head of security and privacy for Microsoft in the UK yesterday. Evans urged consumers and businesses to “look at this vulnerability in a broader context and think about what the risk is.” He argued that although the vulnerability exists, it’s highly unlikely that the average business or consumer would be targeted by the type of attack Google experienced. Evans insisted that “normal organisations have little to fear” over the recent attacks and that Microsoft recommends all businesses and consumers upgrade to Internet Explorer 8, especially if they are currently using 6. I questioned Evans over corporations who may be stuck on Internet Explorer 6 for compatibility reasons but he urged them to look at their upgrade plans again. According to data from Net Applications (December 09), as a percentage of Internet Explorer use, IE6 maintains 36.57% and IE8 36.27%. Internet Explorer 7 lags behind with 27.11%. With Internet Explorer 6 still the most popular of all Internet Explorer variants, Microsoft is going to have a tough time convincing people to upgrade. Evans would not commit to a release date for the fix but said it was more likely that it would be distributed as an out of band patch shortly or as part of Microsoft’s monthly “patch Tuesday” which is due on February 9.

Source: http://www.neowin.net/

Beta Office 2010 & Sharepoint 2010 on MSDN & Technet Plus!

Posted on by

Microsoft has release the beta versions of Office & Sharepoint 2010 on technet and MSDN

Microsoft Office 2010 will become available in a x86 and x64 version. Sharepoint 2010 will only be available in x64 version only.

Microsoft is planning to release the  Microsoft Office 2010 products in Q1 next year (2010).

More information about the Office 2010 products on http://www.microsoft.com/office/2010/

See What Applications Need an Update with CNET’s TechTracker

Posted on by

Here’s a handy little app that I just stumbled across thanks to MakeUseOf: CNET’s TechTracker. If you use a lot of desktop applications, you may have trouble keeping up with which programs are in need of an update. Not only do updates deliver critical bug fixes and security patches, they often deliver great new features and improvements, too. But keeping up with tons of apps – especially if they’re shareware or freeware programs – can be difficult. That’s where TechTracker comes in.

The application will automatically scan your computer for all installed software and determine whether or not it’s up-to-date. When it’s finished scanning, you can view the program updates you need and easily access the download link for the new version. Of course, this link directs you over to CNET’s own online repository of applications, but that’s fine with me – the executables there are just as good as any.

TechTracker also features an alerts option which is off by default, but can be turned on to alert you when a software program has a new version available.

The TechTracker program is a free download from CNET and can be accessed from here.

Complete Video of Steve Ballmers Keynote at Technet live

Posted on by

Source: http://www.ngn.nl/ngn/STEVEKEYNOTE

On the 8th of October Technet_live was being held in The Hague, this included the Windows 7 introduction in the Netherlands. Steve Ballmer, CEO of Microsoft presented the Keynote. NGN-member Alex Warmerdam filmed the whole keynote with his mobile phone, and got to ask Steve Ballmer a question as well.

Enable Active Directory Object Restore With Windows Server 2008 R2

Posted on by

The Active Directory Recycle Bin in Windows Server 2008 R2 by Jonathan Medd : http://www.simple-talk.com/sysadmin/exchange/the-active-directory-recycle-bin-in-windows-server-2008-r2/

Since Active Directory was included as part of Window Server 2000, administrators have often asked for  a simple way to roll back mistakes, whether that is the incorrect deletion of the wrong user account to the accidental removal of thousands of objects by deleting an OU. Before the release of Windows Server 2008 R2 there were a number of ways using built-in or third-party methods to restore Active Directory objects, but typically they were not as quick or complete as say retrieving a deleted email or file.

Microsoft has included with their release of Windows Server 2008 R2 the facility, under the correct conditions, to enable a Recycle Bin for Active Directory and allow simple restoration of objects which have been erroneously removed. In this article we will briefly cover some of the options prior to 2008 R2 and then examine how to enable the new Recycle Bin and restore objects from it.

Pre-Windows Server 2008 R2

The 2008 R2 Recycle Bin for Active Directory is a great motivating point for upgrading your forest and domain(s) to the latest version, but this is not always a quick process in many enterprises so it is worth knowing what options are available prior to this version. Like many things it’s a lot better to examine and plan for possible resolutions before a significant mistake happens that you need to deal with. Retrieving Active Directory objects typically falls into two available categories, authoritative restore from a backup or tombstone reanimation.

Authoritative Restore

The Microsoft KB article 840001(http://support.microsoft.com/kb/840001) details how to perform the restoration of a user account using a system state backup of a domain controller. Typically, you would use a global catalog so that you can also restore all group membership information.

Tombstone Reanimation

The above article also details how to recover an account when you don’t have a system state backup by using tombstone reanimation which was introduced with Windows Server 2003 – you can retrieve objects from the Deleted Objects container where they are kept after deletion until their tombstone period expires. Obviously regular system state backups of Active Directory are critical for your full disaster recovery procedures, but taking advantage of tombstone reanimation means you can get objects back quicker than having to go through the full authoritative restore process.

You could use the procedure in the article which utilises the ldp.exe tool, but there are other methods around which you may find simpler.

The drawback with tombstone reanimation is that because most of the object’s attributes are removed at the time of the object’s deletion, a restored object using this method requires many properties of the account, such as address fields and group membership, to be manually repopulated. Whilst this is obviously preferable to re-creating an account from scratch it does not make for a quick overall process. However, you will at least get back the objectGUID and objectSid attributes which means there would be no need to re-configure a user’s workstation profile.

The original release of Windows Server 2008 introduced snapshot backups for Active Directory. You can take point-in-time snapshots of your Active Directory with the NTDSUTIL command line utility which utilizes Volume Shadow Copy to provide a snapshot. It is then possible to mount this snapshot using different ports on the same domain controller as the live Active Directory database and use standard tools to compare the two. This could really make the tombstone reanimation a lot simpler because after restoring the object you could view two versions of Active Directory Users and Computers side by side and view the properties of the restored object from a previous time, so making it simpler to repopulate properties.

The Directory Service Comparison Tool (http://lindstrom.nullsession.com/?page_id=11) takes advantage of these snapshots and makes the repopulation process more streamlined.

For those with Microsoft Exchange messaging environments, once you have the Active Directory account back, you can use the Reconnect Mailbox feature within Exchange to tie the restored account back up with the mailbox. This is of course providing you have a similar tombstone retention period for mailboxes that you do for AD accounts.

Active Directory Recycle Bin

The real reason you decided to read this article though was not so that we could spend time going over all the possible options for how you can piece together restored AD objects, but rather to find out how the Recycle Bin is going to make your life as an Active Directory administrator easier without necessarily the need for these different tools. The key differences from previous versions of Windows Server are that by default you get all of the attributes back and the tools to use are PowerShell cmdlets, which are quickly becoming a more essential part of every Windows administrator’s standard toolkit.

Firstly though the Active Directory Recycle Bin is not enabled by default and has certain domain and forest wide requirements before it can be enabled.

  • Firstly, all domain controllers within the Active Directory forest must be running Windows Server 2008 R2.
  • Secondly, the functional level of the Active Directory forest must be Windows Server 2008 R2.

Naturally organizations are typically cautious when upgrading Active Directory and these types of infrastructure projects don’t tend to happen quickly, but the Recycle Bin could be one of the features which gives you more weight behind a decision. You should also be aware though that enabling the Recycle Bin is a onetime only move, there’s no easy way to disable it again, so careful consideration of this decision must be taken.

It’s worth noting that if you are making a fresh forest install of Windows Server 2008 R2 the Active Directory schema will already include all of the necessary attributes for the Recycle Bin to function. If however you are upgrading your domain controllers from previous versions of Windows Server then you will need to run the well known procedure of adprep /forestprep and adprep /domainprep (for each domain) and possibly adprep /domainprep /gpprep (for Group Policy preparation)

before you can introduce Windows Server 2008 R2 domain controllers into the environment.

So let’s go ahead and run through all the steps we need to get the Recycle Bin enabled. Firstly, ensure that all of your domain controllers are running Windows Server 2008 R2 and then we need to use PowerShell; the great news with Windows Server 2008 R2 is that version 2 of PowerShell is installed by default and is placed directly on your taskbar.

After you have installed Active Directory Domain Services the Active Directory specific cmdlets are available to use via a module; modules essentially are the evolution of snapins from version 1 of PowerShell. To access these cmdlets you can either open the Active Directory specific version of the PowerShell console from the Administrative Programs menu, or the method I would prefer, use the Import-Module cmdlet. (Tip: You could add the below expression to your PowerShell profile so that the cmdlets are available every time you open PowerShell)

PS> Import-Module activedirectory

Once complete all of the Active Directory cmdlets will be at your fingertips. As previously discussed we now need to get the functional level of the forest up to the level of Windows Server 2008 R2. The most common way to do this previously was through Active Directory Domains and Trusts.

Now though we can do this through PowerShell. The Get-ADForest cmdlet will return information about your forest and the Set-ADForestMode cmdlet will enable you to raise the current functional level – since it is such a significant change to your environment you will be prompted to confirm that you wish to go ahead.

PS> Get-ADForest | Set-ADForestMode –ForestMode Windows2008R2Forest

Now that our forest is at the correct functional level we can enable the Recycle Bin, to do so we use the Enable-ADOptionalFeature cmdlet. This must be either run on the DC with the Domain Naming Master FSMO role or directed at that server with the –server parameter. Again you will be prompted to confirm your command since the action is irreversible.

PS> Enable-ADOptionalFeature ‘Recycle Bin Feature’ -Scope ForestOrConfigurationSet -target ‘test.local’

Continue reading

Unified Access Gateway (Forefront – UAG) RC0

Posted on by

Forefront UAG Release Candidate 0 (RC0) is here! : http://blogs.technet.com/edgeaccessblog/archive/2009/09/25/forefront-uag-release-candidate-0-rc0-is-here.aspx

Microsoft Forefront Unified Access Gateway (UAG) is a secure application gateway, to manage, control, and optimize remote access for managed and non-managed endpoints, to corporate applications and resources. Forefront UAG RC0 provides a number of new features, including support for migration from Forefront UAG Beta 2.

Forefront UAG provides the following:

  • Remote access: Using Forefront UAG you can allow and control access to internal resources and applications from a range of managed and unmanaged client endpoints.
  • Application support: Forefront UAG provides broad application support for a wide range of Microsoft and third-party applications. Application optimizers, consisting of predefined settings and values, provide optimum settings for accessing a specific application via Forefront UAG.
  • Access control: Forefront UAG provides granular access control, to ensure that only client endpoints complying with corporate health guidelines can access internal applications and resources.
  • Authentication: Forefront UAG provides frontend and backend authentication mechanisms. Frontend authentication allows you to pre-authenticate users using a wide range of authentication mechanisms, ensuring that only authenticated traffic reaches published application servers. In addition, Forefront UAG provides a single sign-on experience for authentication to backend applications.

For additional questions visit our TechNet forum. Follow us on our blog too; we’re planning on providing you with lots more information on features and how to get it up and running.

Find more information about Forefront UAG as follows:

Download here: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a3f5729a-3989-4f60-980f-1b87dd198988

Google releases Chrome 3

Posted on by

image

Google has released its third major revision of Chrome. The updated browser boasts a 150% (25% over its most recent stable release) increase in javascript performance since the launch of version 1. Other new features include a redesigned “new tab” page, an improved omnibox, themes capability, and HTML5 features.

Since Google has released Chrome it has taken a 2.8% market share. It is expected that the market share will continue to grow as more people become aware of the browser. Also, Google has been marketing its browser heavily to users who also use other Google products such as Gmail or Google search.
The browser marketplace is packed with heavy hitters from Microsoft, Apple, and Google. All of which are backed by massive corporations with seemingly unlimited resources. Other well known browsers that also provide serious competition to Chrome are Firefox and Opera.
The competition in the browser market place keeps all the competitors on their toes as they try to gain or maintain their current market share. With Google releasing an updated browser you can be sure that their competitors are watching closely.

Download Google Chrome 3 here: http://dl.google.com/chrome/install/195.21/chrome_installer.exe

Source : http://www.neowin.net

Bing launches Cool new feature: Visual Search (powered by Silverlight)

Posted on by

Microsoft has now unveiled its next version of their decision engine, Bing Visual Search. The new Visual Search, powered by Silverlight, lets users scroll through galleries of images using specific keywords.

Users can browse in the visual search by products, sports, consumer electronics, famous people, entertainment, reference and many more categories. The updated search makes it easier for users to find what they are looking for through the stylish 3D flip image layout.

Bing now helps users sort through their choices by “Most popular on Bing”, eliminating choices for you to help decide on what to buy. The decision engine can now help expand your search by taking your queries and turning out wider results. Bing will take queries such as “NFL Players” or “MLB Players” and locate as many results of player’s images by face. Bing can also help narrow down user’s queries by sorting players by position, team, salaries and more.

Bing Visual Search requires Microsoft Silverlight to be installed to use the newest version of Bing.

Test out the new beta of Bing at http://www.bing.com/visualsearch