Month: February 2009

Azure Services Training Kit

MS has released a training kit for Azure services:

“The Azure Services Training Kit includes a comprehensive set of technical content including hands-on labs, presentations, and demos that are designed to help you learn how to use the Azure Services Platform. The February release includes the following updates:

  • 19 demo scripts that walkthrough several of the services
  • 10 presentations covering the entire Azure Services Platform
  • 3 additional hands-on labs for Live Services

This technical content covers services including: Windows Azure, .NET Services, SQL Services, and Live Services”.

Microsoft Office Labs

I was browsing through some MVP only areas (and activating my free TechNet/MSDN subscriptions) when I saw a link to something called Office Labs

The software that’s on there is purely experimental.  MS are trying out ideas and trying to get feedback from users to see if this stuff merits further development.  There’s obviously no support for this stuff in production.  Some of the tools look pretty cool, e.g. an SDK for touchscreen-like functionality using a webcam and a normal non-touch screen.  I’ve just installed an email prioritisation tool to see what it does. 

Note: it only works with Exchange connected Outlook.

Windows 7 So Far So Good

I installed Windows 7 Beta 1 as my primary operating system last week.  Due to some glitch on TechNet I had an x86 named ISO image that installed an x64 edition of Windows 7.  I only noticed once the installation was done.  That stopped me getting two drivers I needed for my Vaio – Sony only have x86 drivers for my model.  That only annoyed me because I lost the scroll function on the scratch pad.

Everything I pulled down from MS for the installation worked well.  Office 2007 Pro and Visio were OK.  Live was fine.  There was a link to 3 AV companies participating in the program.  I ran AVG free (as usual at home) and it was fine. 

My only hassle was with the wifi NIC driver.  It didn’t like that my wifi network was set to channel 13 – an unlicensed channel in Ireland.  Everything was fine once I reset to 11.  I don’t know if I can blame MS or the vendors of the NIC for that one.  I didn’t like that I didn’t get any explanation for the failure to connect.  I’m a techie; I want information to diagnose the problem and not to be left guessing/shooting in the dark.

The performance has been superb.  Battery life was good.

I had PhotoShop CS3 (the most important app on my personal laptop) running and it was fine.

I’m reinstalling now with and x86 installation of Windows 7 Beta 1 so I can get all of my drivers up.

Now, I really hope 3rd parties don’t act like Windows 7 is a surprise.  It’s a public beta.  It’s available with unrestricted downloads to TechNet and MSDN subscribers.  There are no excuses not to work on compatibility and verification – other than economic pressures 🙁

My Online Backup

We sell secure online backup and data protection services at work based on the Iron Mountain technologies.  I’ve got the Connected laptop/PC backup product on my work laptop.  It uses VSS to grab the file blocks that have changed, encrypts them using AES128, compressed the data and sends it up to a vault in our physically secure data centre where we replicated it onto another independent store.  Of course, that’s all managed using MS System Center 🙂

It’s easy to talk all the marketing stuff and sell the story but it’s another thing to put it to test.  I work from home quite a lot thanks to technology like VM’s, VPN, ILO, RDP, IM, etc.  I’ve a simple policy set up for my Connected agent to backup once a day Monday to Friday – we can do it much more frequently but I don’t need it.  I generated a lot of data over the last 24 hours, 355.1MB to be precise.  This is what happened when today’s backup took place just recently:

image

Connected identified the new blocks on my file system that were unique, i.e. not backed up already as parts of other files.  It then compressed the data and encrypted it.  I may have generated over 355MB of data but only 23.6MB was actually transmitted over my small domestic ADSL line and I didn’t even notice it while working.  That’s sweet … and my data is securely and reliably backed up.

I do what I preach so my laptop is configured with redirected folders and offline files.  When I go back to the office on Monday my “My Documents” folder will synchronise with our SBS box.  And there, LiveVault will backup my data once to triplicate independent stores in our Dublin-based tier IV physically secure data centre … after de-duplicating, compressing and encrypting it with AES256.

The important thing is that I’m effectively a road warrior generating files that are valuable to the business.  The business cannot afford to lose data while I’m away from the office.  So Connected takes care of that by securely backing up the folders I want it to back up (or are set by policy).  If the laptop is lost then my data is safely encrypted and can be remotely destroyed thanks to DataDefense.  I can safely restore my laptop data onto either a new laptop or our server in the office using the Connected web portal.

How is this solution different to the myriad of offerings out there?  Firstly it is secure.  I mean really secure.  Security starts at the front door and unlike some computer room service providers the Tier IV facility we use has 24 * 7 security with at least 2 people on site.  You do not get in there without them expecting or authorising you.  I know of one place where people have been known to walk in off the street and into the computer room without meeting anyone.  The level of encryption and compression is excellent – we can’t even read customer data unless they give us their key which they can store in escrow with Iron Mountain outside of our access.  Data for laptops/PC’s is duplicated on independent stores while data for servers is stored in triplicate on independent stores.  The technology is reliable.  Iron Mountain claim a 99.999% recoverability rate and we’ve yet to have a failure *touch wood*.  The software is easy to use … it is “backup as a service” so you can access a secure web portal to manage backups and restore data.  It’s reseller friendly.  Most of all, if you’re worried about the Data Protection Act or regulatory compliance (IFSRA, SOX, HIPAA, etc) then this is the solution for you.  For Irish companies, a big question is, “where is your data?”.  You’ll probably be contravening one of the above regulations if it’s gone outside of Ireland so when looking at online backup you should ask “where will my data be?”.  Our backups never leave Ireland.

That’s my story on that.  Back to regularly scheduled programming.

Windows Server 2008 R2 Beta Evaluation VHD Images

Microsoft has released Hyper-V VHD images of the beta releases for Windows Server 2008 R2 Core and Full installations.  Strangely, they are RAR files.

These VHD’s will only run on Hyper-V.  Don’t worry, you can always install them on a Full installation of an MSDN or TechNet Hyper-V server (to use the local console) or on the free Hyper-V Server 2008.  Be sure your host hardware is Hyper-V compliant.

Again, Do They Lie?

Silicon Republic has a couple of interesting stories yesterday.  First up is HP claiming that things are good, despite the recession – oooh he said the “R” word!!!  A few hours later we read that HP are cutting salaries across the corporation.  I wonder what will come next?

 

I’ve heard rumours from reliable sources that a certain h/w company’s Irish division is considering letting go their senior engineers because they don’t have enough work to justify their salaries.

Updated: Microsoft Ireland Community TechDays for IT Pros 2009

The details for the TechDays events in Galway, Cork, Dublin and Belfast are being locked in.  Places are disappearing fast.  If this is something you want to go to then register now.  The venues are large but early registration took up lots of the places.

I’ll be doing 3 of the sessions over the 4 days:

  • The Accidental DBA:  (Galway and Belfast) I’ll introduce the subject.  It’s a common scenario.  You’re an IT Pro that looks after SharePoint and has some things like WSUS, ConfigMgr, OpsMgr, etc.  Do you know how to take care of the security, backup/recovery, fault tolerance, etc, of your SQL?  It’s based on a concept and a term used by Mark Minasi back in 2004 for admins who had to deal with lots of MSDE installations on their network.  SQL MVP Niall Flanagan will present the meat of this one.
  • Windows 7 & Windows Server 2008 R2 working Great Together and WS 2008 R2 Virtualisation (Cork, Dublin and Belfast): I’ll be doing the presentations and Dave Northey from MS Ireland will be doing the demos.  Yes, you will get to see Hyper-V Live Migration in action.  I’ll also be explaining how it works behind the scenes.  MS and a sponsor are making a great deal of effort to make these demonstrations something special.
  • Windows 7 and Digital Photography: (Dublin and Belfast) This is part of the “IT Pro Microsoft @ Home” sessions that have separate schedules and registrations.  When I’m not in front of a computer bashing away at servers with my ample forehead, I’m out an about with my camera, playing at being a photographer.  I’ll be showing how you can use Windows 7 to assist with your digital photography.  I used it last night at the photography club that I help run and it impressed people.

The range of speakers at the events is impressive.  And it isn’t just the “usual” names and faces.

The session “An Introduction to Windows 7 and Quick Overview of Client Deployment Tools” will be presented by Rhonda Layfield, author, journalist, trainer, speaker, deployment MVP, hostess extraordinaire … known by some of us as the Queen of Deployment.  What Rhonda doesn’t know about deploying operating systems doesn’t need to be known.  She’s always ahead of the pack and has worked in some huge organisations.  This will be an excellent session that will give you the foundation to start looking at how to deploy Windows 7 when it is released.

You Know, I’m Not Perfect!

I wasn’t always an IT pro.  When I was in college I pretty much wanted to be on the development side of things.  I coded in Cobol, Pascal, C and C++ on Unix, VMS and Windows.  Very early on I learned an important lesson.  When were doing complex work we can often get so used to what we’re doing.  I would write a long piece of code, go to compile and get some unhelpful syntax or logic error that I just couldn’t find.  A great example was when I left college and started work.  Our new team leader wanted to test us so he gave us a network coding challenge.  I got done early so I decided to get fancy with my code.  I had this mad Boolean calculation to determine if I should spin off a new listener or not … I was trying to put an entire function worth of logic into the IF statement!  I got one tiny little thing wrong but didn’t notice.  The thing compiled, linked and I ran it.  Everyone’s session onto the Solaris box died.  It came back a few minutes later and I ran it again.  Boom!  10 minutes later a very angry sys admin came storming down wanting to know who was consuming every available TCP port on his server. 

I went through my code and couldn’t find what was wrong.  I called in some of the others and immediately the saw it.  Sometimes a fresh pair of eyes can identify the simplest of issues when you’re looking for the complex one.

I had an issue with a pair of new OpsMgr agents.  The machines were Windows 2008 x64 and are in a firewalled workgroup.  This means I need to use certificates.  I installed the certs and used MOMCERTIMPORT /SUBJECTNAME <CERTFILENAME> to get the cert loaded.  The cert was in the computer’s personal store and the CA cert was in the trusted root certificate authorities store.  The certification path was fine.  I checked that the cert was copied into the operations manager store by MOMCERTIMPORT and it was.  I restarted the agent and it couldn’t find a cert to load.  The agent does not appear in Pending Management in the Operations Manager 2007 console.  The following alerts appear in the agent computer’s Operations Manager event log:

"SOURCE: OpgMgrConnector
EVENT ID: 21022
No certificate was specified.  This Health Service will not be able to communicate with other health services unless those health services are in a domain that has a trust relationship with this domain.  If this health service needs to communicate with health services in untrusted domains, please configure a certificate."

This is quickly followed by:

"SOURCE: HealthService
EVENT ID: 7006
The Health Service has published the public key [1E 48 38 90 8A 46 11 B2 43 17 DC 64 0D 5A F4 A5 ] used to send it secure messages to management group CInfinity.   This message only indicates that the key is scheduled for delivery, not that delivery has been confirmed."

"SOURCE: OpsMgr Connector
EVENT ID: 21007
The OpsMgr Connector cannot create a mutually authenticated connection to cinwsvr003.cinfinity.ie because it is not in a trusted domain."

"SOURCE: OpsMgr Connector
EVENT ID: 21016
OpsMgr was unable to set up a communications channel to cinwsvr003.cinfinity.ie and there are no failover hosts.  Communication will resume when cinwsvr003.cinfinity.ie is both available and allows communication from this computer."

I did everything I could think of to fix this.  Eventually I gave up and called in Microsoft PSS.  One quick call with a very helpful engineer from India and we identified the issue.  I think he’d already figured it out before he called me because he zeroed in on the diagnostic immediately … it helps if you give them EVERYTHING you can think of when logging the call.  My ticket was probably two A4 pages long.

We fire up REGEDIT and went to HKLMSoftwareMicrosoftMicrosoft Operations Manager3.0Machine Settings.  There should be a key in there called ChannelCertificateSerialNumber and it should have the serial number of the agent certificate.  I didn’t have one there at all, hence the agent didn’t know to load the cert in the Operations Manager store.  I’d used UAC to raise my CMD prompt to administrator so it wasn’t a permissions thing.

We then looked at MOMCERTIMPORT.EXE.  Mine was around 44KB in size. The engineer knew what was wrong.  I keep the installation media for servers on the servers (for troubleshooting reasons) on my servers.  I opened the OpsMgr SP1 media and in Support ToolsAMD64 I could see that MOMCERTIMPORT.EXE was 51KB.  I had used the 32bit version of MOMCERTIMPORT on a 64bit installation.  It fails to create the registry key and does not log an error.

I copied the correct version onto the agent server, re-ran the command and restarted the OpsMgr Health service.  Almost immediately the agent appeared in Pending Management on the OpsMgr console and I approved it.  10 minutes later it was being monitored.

So the lesson is relearned.  If you are bashing your head against the wall with a problem, get a fresh “pair of eyes” to analyse the issue and you might get lucky and they’ll spot the simple cause straight away.  Oh … and make sure you only use the 64 bit version of MOMCERTIMPORT.EXE on 64 bit Windows 🙂

Citrix To Offer Free XenServer Virtualization

This is huge news.  It’s not official yet, just a blog post about rumours.  If it’s true then it will shake up the market.  Citrix will offer their full blown product, XenServer, for free.  You’ll have to pay (a sizeable sum) for their Essentials management product.  Citrix will offer management for Hyper-V and Microsoft System Center will offer support for Xen.  Check out the story for full details.

We’ve seen that MS is adding the essential Live/Quick migration functionality to the free Hyper-V Server 2008 R2.  I wonder if they’ll make it manageable using System Center?  That’ll help compete against Xen.  I’ve tried to manage Hyper-V Server 2008 with VMM (agent keep crashing) and with OpsMgr (the agent refuses to install because it’s an unknown operating system).

Credit: Dave Bisson.