Month: October 2008

Administering Your Windows Internal Database

Windows Server 2008 includes the Windows Internal Database, a form of SQL 2005 that can be used for limited roles, e.g. ADAM and WSS 3.0 SP1.  Finding out how to manage the WID proved to be a nightmare until I stumbled upon this.  Watch out though, it is missing a backslash ( "" ) at the start of the connection string.  You’ll use the SQL Express Management Studio and that connection string to get a GUI for managing your databases, e.g. detach the Windows Sharepoint Services 3.0 SP1 databases, move them and reattach them.
 
EDIT: I though I should put this here, at least for my own notes.  The correct connection string is …
 
 
… if you are managing Windows Internal Database using Management Studio Express.

My First Hands-On With W2008 Terminal Services

I got to do some Windows Server 2008 Terminal Services work over the last few days.  In particular, I was focusing on:

  • RemoteApp: Applications can now be published like in Citrix’s old solution.  A shortcut pointing to a TS application is shared.
  • TS Web: A web interface for logging into TS.  You can publish your RemoteApp shortcuts or even a desktop to the web interface.
  • TS Gateway: This provides a secure way of sharing RemoteApp applications to the Internet, e.g. a RemoteApp shortcut can be shared on the Internet via TS Web.  The RDP session is encapsulated in HTTPS/SSL thus making it Internet and firewall friendly.
  • EasyPrint: The biggest failing of TS over the Internet was printing.  You just couldn’t print over the Internet or a Corporate WAN, e.g. a 2MB PDF can generate a 20MB stream of data that is sent to a printing device.  This is only available to Vista SP1 and XP SP3 clients.

The user experience is simple.  They sign onto the site and then either log into a desktop or an application that you’ve published.  Simple as that.

You then do your traditional TS stuff for the user experience and server lockdown, i.e. file permissions and loop back GPO processing.

I tried it out on my 3MB DSL from home connecting to a W2008 TS in our data centre at work.  The user experience was excellent.  I printed a doc to my photo printer with no driver messing (thank you Easy Print!) and my DSL wasn’t clogged for hours 🙂  Overall, two thumbs up!

Highly Available Hyper-V Virtual Disks

TONYSO talks about planning VHD strategies when setting up highly available Hyper-V VM’s (using Windows clustering services).

First off, MS only supports Pass Through disks and fixed size VHD’s in production so forget about using differencing disks.

The VM will usually be on a LUN of it’s own.  So you need to allocate a LUN from your cluster’s shared storage for each VM.  (Note: Shared storage will be used in Windows Server 7 Hyper-V thanks to a new cluster file system that allows simultaneous multiple host access).  You’ll want to save space on this LUN so you need to size it correctly.  Here’s how I size a dedicated LUN or volume for storing a VHD:

LUN Size = (VM RAM + VHD Size) * 1.1

This works out as:

  • VM RAM: The amount of RAM assigned to the virtual machine, e.g. 2GB RAM.  This is required to allow the VM to save state, e.g. during host shutdown or for quick migration.
  • VHD Size: The amount of disk assigned to the virtual machine, e.g. 40GB.
  • 1.1: This allows for 10% free space on the volume.  You need to allow free disk space for a healthy volume.

Given these numbers:

LUN Size = (2 + 40) * 1.1

LUN Size = 46.2GB

This figure will be rounded out as 47GB because your SAN management software probably won’t handle decimal points for the GB allocation.

The VM will probably not be able to do snapshots with this calculation.  Note that MS does not support snapshots in production – according to PSS.  They want you to use backup tools with Hyper-V VSS support instead for state saves.  If you do want to do snapshots then you need to allocate more disk.  How much … who knows!  Snapshots are done using differencing disks, e.g. anything done after the snapshot is saved in a differencing disk (hence the lack of production support from PSS?).  This differencing disk will grow as time passes so you need to allocate disk for this.  I’d recommend a central store for saved states.  You can configure this on a per VM basis.  This means the VM LUN doesn’t need to be expanded to allow for snapshots.  Forget shrinking the VM disk if you expand it for snapshots.  I’ve tested that with a HP EVA and it screwed up the file system/VM.

Credit: TONYSO.

EDIT:

You might want to add 5GB of disk space to the above if you want to leave room for an ISO image if using VMM 2008.  Remember that VMM 2008 cannot share ISO’s from the library so you have to copy them … that copies them to the VM’s LUN.  You’ll also need more space if you want to use snapshots.

Free Online Training: Hyper-V and VMM 2008

This is pretty handy.  Microsoft has launched a couple of free online training courses for their virtualisation platform:

Clinic 5935 – Introducing Hyper-V in Windows Server 2008

This 2-hour online clinic provides IT Professionals experienced in Windows 2000 Server or Windows Server 2003 with the knowledge and skills to implement and manage Hyper-V in an IT environment.

Topics covered in the clinic include:

  • Features of Hyper-V
  • Features of server consolidation
  • Hyper-V implementation
  • Creation of virtual machines
  • Dynamic datacenters
  • Clustering in virtual environments

Access it online at
http://www.microsoft.com/learning/elearning/course/5935.mspx

Clinic 6334: Exploring Microsoft System Center Virtual Machine Manager 2008

This 2-hour online clinic provides IT Professionals experienced in Windows 2000 Server or Windows Server 2003 with the knowledge to implement and manage Microsoft System Center Virtual Machine Manager 2008.

Topics covered in the clinic include:

  • Features and functionalities of VMM
  • Implementation and management of VMM
  • Management of VMM library
  • Management of hosts by using VMM
  • Implementation of virtual machine Self-Services

Access it online at
http://www.microsoft.com/learning/elearning/course/6334.mspx

Please note you will need to sign-in with a Live ID before accessing.

My Laptop’s Security Using Iron Mountain

My work laptop is configured with redirected folders and offline files so all my data primarily resides on our office server and is centrally backed up using the company’s Iron Mountain LiveVault account (which we host as a reseller in our data centre).

I work from home most of the time thanks to modern technology, e.g. VPN to the office, Remote Assistance, VPN to the data centre, HP ILO and Windows Remote Desktop.  I’m only in the office once a week or maybe even once every two weeks.  This means that business critical data that I’m generating resides on my laptop for possibly two weeks at a time without being backed up.  That’s not good.  I should really "do as I say" and resolve that issue.

I’ve installed an Iron Mountain Connected agent on my laptop.  It couldn’t have been easier; register the account, download the client, click-click-click installation and then select the files I want to back up.  The latter is usually easy, e.g. Desktop, Favourites, My Documents (if not redirected) and the Outlook PST file (which I’m not too worried about because we use a SaaS provider  with a central mailbox for that).  Then I let it run and I know my data is backed up … and secure thanks to AES encryption which starts and ends on my agent, i.e. the data remains encrypted and the data centre cannot even read it.  Connected can access open files thanks to the Volume Shadow Copy service (VSS) so files I’m working on can be backed up.  The solution requires an initial synchronisation to get the data into the vaults but only does block level (only what changes within a file) from then thus minimising Internet bandwidth usage.  We also keep Connected data on two independent but replicated stores.  So if one server dies my data is still safe.

And after that first backup I got nice news.  90+MB of data was backed up.  This was optimised to around 30MB, thus saving Internet bandwidth.

I then logged onto the central web console to view my account.  I get a summary of historical operations and my account’s storage allocation usage.  I can recover data via the console (handy if my laptop isn’t available but I need access to data).  I also have the option of ordering a CD or DVD with my data on it (still in it’s encrypted state for secure travel) in case my laptop was lost or destroyed.

The whole experience is as simple as can be.  I’m running Vista SP1 and Office 2007 which is a good test for the product.  It’s a whole lot easier and more resilient than using DVD-RW or external hard disks.  The company is also safer in knowing that business files I’m generating get backed up before I can replicate to the office server or upload them onto SharePoint.

Disk encryption is done using Iron Mountain DataDefence.  I don’t have much on my laptop but I still want to be sure that the data is secure against accidental loss or theft, thus protecting our business and our clients confidentiality.