Windows Server 8: Microsoft Online Backup Service

What?  You’re kidding, right?  Nope: Microsoft is adding online backup to Windows Server 8.  From the guide:

Microsoft Online Backup Service is an installable service for Windows Server “8” Beta, which allows for file and folder backups to the cloud service

It’s basically an offsite backup solution to the cloud using a Microsoft Online Backup Service Agent.  It provides:

… file and folder backup capabilities for Windows Server “8” Beta computers

It cannot backup system state.  That’s OK.  I’ve worked in in online backup and when people backup everything and see the first invoice for space consumed, well, they quickly decide that business data backup/recovery will be enough.

Access to Microsoft Online Backup Service is limited at first to successful applicants.  The installation:

… is a two-part process, which requires the creation of an online Microsoft Online Services account (not required for BETA since ids are pre-provisioned) and installation of the client components (agent) for the Microsoft Online Backup Service feature. The Microsoft Online Backup Service Agent installer download is located on the Microsoft Connect Site

The backup can be configured via Computer Management or via PowerShell cmdlets:


Data is encrypted using a passphrase of your choosing or auto generated (minimum of 16 characters). I love that: passphrase.  MSFT has no record of the passphrase and therefore cannot restore your data for you if you lose the passphrase.

The following table lists the supported list of file and folder attributes/types and the expected behavior of the Microsoft Online Backup Service when it encounters these types:

Attribute/type Supported Expected Behavior
Encrypted Yes Changes in file cause full file transfer
Compressed Yes Change in file cause delta transfer
Sparse Yes Changes in file cause delta transfer
Hard Links No Skipped
Reparse Point No Skipped
Encrypted + Compressed No Skipped
Encrypted + Sparse No Skipped
Compressed + Sparse Yes Backed up as sparse file
Compressed Stream No Saved as uncompressed stream
Sparse Stream No Discarded stream

You pick and choose files/folders just as you would with a normal backup.  You can have X backups per day (3 during beta) and set a retention period for your data (longer = more space = higher cost).

You can restore data using a familiar interface to the original server or another one from a backup of your choosing from within the retention window.  This will require credentials to access and the passphrase to decrypt.

Notes: I don’t see anything about data de-duplication or compression before backup, but that does not mean they are not there, just that this document doesn’t mention them.  I do not see anything for seeding large backups using an out of band device, such as I used when managing an Iron Mountain based service.  There is no mention of backing up Hyper-V VMs.  I think this would price this solution out but it might be an option for some.  I’ll try too find out more.

Event for Microsoft Partners – An Introduction To Windows Intune

My employers, MicroWarehouse, is running a road show on Feb 20-22 in Cork, Dublin, and Belfast on Windows Intune, Microsoft’s cloud based remote support and management solution.

This event, for Microsoft partners only (strictly no exceptions), will be on at:

  • Cork, Monday Feb 20, Light Breakfast from 8.45am, Seminar: 9.30am, Q & A: 11am, Rochestown Park Hotel (Douglas).
  • Dublin, Tuesday Feb 21, Light Breakfast from 8.30am, Seminar: 9.15am, Q & A: 11am, Radisson Blu (Golden Lane)
  • Belfast, Wednesday Feb 22, Light Breakfast from 8.45am, Seminar: 9.30am, Q & A: 11am, Radisson Blue (Cromac Place)

There will be a 1 hour presentation introducing Intune, talking about the scenarios, the business case, and selling/operating it as a value added reseller.  I will be doing a 30 minute demonstration of the product in action.

It should be fun … the Cork event will be my first day back in work after spending next week up the side of a frozen mountain near the arctic circle in Norway.

Technorati Tags: ,,

Talking Microsoft Cloud Opportunities for a Small/Medium Business

I seem to be having the same design conversation every couple of weeks so I’ve decided to blog a little on it. 

Let’s take a company, Honest Joe’s Ovens or HJO, making specialty products, based in central Ireland.  HJO has 150 employees.  100 of those staff work in the office/factory.  Another 50 are sales/services people who work on the road.  These are specialty ovens that HJO makes, so they sell all around Ireland, the UK, continental Europe, Japan, Brazil, and the USA.  Collaboration and communications are critical.  Sales and services people need the latest information on marketing pushes, features, and product servicing.  Email by itself is just not cutting it and security is an issue because sales can carry sensitive customer information (the ovens are “specialty” Winking smile). 

Question: How do you solve this problem?

Answer: There is no one correct answer for every company.  You have to ask questions, understand the challenges, learn how they want to work, and figure out their strategy for the future.  Only then can you figure things out.

When Windows 7/Server 2008 R2 were launched, we might have suggested something like:

  • Windows 7 Enterprise on every PC and laptop.  Sales folks have Direct Access to get into the office easily, and BitLocker (To Go) for securing data.
  • Centralised Exchange with OST files would enable remote staff to send email back/forth securely via Direct Access.
  • Centralised SharePoint (also via Direct Access) would enable staff to collaborate and gain access to the latest information.
  • Centralised Lync to allow staff to have online meetings

Think about this one for a moment.  Benefits: roaming staff always have access to their local desktop and apps even if they don’t have Internet access … mobile Internet access is not pervasive, despite what telecoms sales/marketing might have you believe.  There’s a lot of stuff here … SharePoint, Exchange, Lync, SQL Server, Direct Access, IPv6, certificates, firewalls, load balancers, DMZs, edge servers, and on, and on, and on.  Consultants can deploy this and probably will enjoy the challenge.  But think about HJO.  Will their 1 or 2, probably low paid, admins be able to keep it running?  To do all this stuff reliably and securely, this 150 employee company has deployed quite a bit of infrastructure.

You could pitch the Remote Desktop Services/Citrix Gateway approach to share apps or desktops over the Internet.  Yeah, more stuff to manage and secure in the SME with limited experience admins.  To me, that seems like not a good way to go.

And those laptops on the road … what about them?  How do you support them?  How to you get new business apps onto a laptop in Japan that probably is not on the company network more than once a year … if ever?  How do you secure it with patches in a reliable manner?  Company procedures that tell users to do stuff do not work.  It’s been a while since I brought up the first 2 IT admin commandments:

  1. Users are stupid
  2. Users lie

So here’s what I’m considering as an option in the conversation:

  • Office 365: Dump Exchange.  Dump SharePoint.  Dump Lync.  Don’t be an accidental SQL DBA.  Don’t get messed up with firewalls, DMZs and load balancers.  Let Office 365 be the “server farm” in the cloud.  Heck, get the SKU with Office, and let users work together as one.  I know, Internet access is still a requirement, but unfortunately that’s always the case.  At least it doesn’t have to be 3G to sync your OST mailbox.
  • Windows Intune: Deploy the office desktops and roaming laptops with Windows 7 Enterprise.  Now you have BitLocker and BitLocker to Go for security.  Good news, if you have active Software Assurance on Windows desktop licensing then you get a discount on Intune.  With Intune, your admins can support (remote access), secure (patching and AV), and configure (policy settings and software distribution) local and roaming laptops.

Benefits?  An experienced consultant can deploy this environment with little if any infrastructural cost to HJO.  And let’s face it, with the market the way it is now, they make very little on h/w costs.  The consulting gig is more important.  The customer gets a better value solution that they can manage themselves.  Maybe HJO outsources some of their management to the consulting company because HJO’s admins are busy enough with the 100 desktops in the office, and the consultant adds to their managed services business, as well as value to the customer.  And this is scalable.  In my last two conversations, the topic of growing sales staffs came up.  Not a problem …change the subscription, get the user to buy a laptop, courier them a USB stick with a per-configured MDT build of Windows 7 Enterprise with Office Pro Plus, the Intune agent, etc, and that user is up and running in no time (lots of possible variations on this induction process).

Now you have roaming workers quickly accessing the same repository of information on the net as office workers, able to chat with each other easily, and the admins aren’t being asked to do more than they are able to.  HJO has a good business solution.

As for the internal office infrastructure … lots of possibilities: stay on PCs, go with RDS, go with VDI, you name it.  I’m still a PC guy, with RDS/XenApp second, pooled VDI a distant third, and assigned VDI waaay down in 4th place.  No one solution is perfect, just don’t buy the marketing crappola about reduced costs/management of VDI. 

Day 2 of Office 365

To follow up on yesterday’s Gmail migration issues:

  • Attempt 1 was to connect the email account: works nicely for Hotmail migration but Gmail is another story because it doesn’t have real folders (using tags).  My mails were coming into the inbox as unread.  I quickly stopped and backtracked that.
  • Attempt 2 was to use the recommended IMAP migration.  My Gmail was set up for IMAP already so all was good there. I created the required CSV and started the import.  Or I tried to.  O365 refused to connect to my Gmail account, no matter what I did.
  • Attempt 3 was manual.  Outlook was already connected to Gmail.  I connected it to O365.  I then manually copied all of my folders and mails from one account to another, all 1.5 GB of it.

With the pain over, I can move on.  I use the OWA interface of O365 from the office, so I can keep it separate from Outlook which is connected to the Office Exchange server and mail account.  OWA works nicely.

I had a play with the SharePoint Internet website.  That was nice and easy to reconfigure.  To be honest, I doubt I’ll ever use SharePoint for my own stuff.  I have a Home Server and I use Live Mesh, along with Carbonite backup.  I can always get at my files either by a local replica or by browsing one of a number of sites.

Lync … hmm.  The DNS records are “interesting”.  I believe I’ve got them set up correctly.  My domain is with an ISP and I’m not moving it to MSFT.  I use it for a number of things and I want to retain control.  Lync has been a ropey experience.  I can’t say it’s as good as Live Messenger for staying in contact with people.  I can hook up with anyone on Messenger without Federation.  But Lync isn’t built to be that way.  In fact, all the instructions I’ve seen imply that you can enable federation to specific domains.  Not in the Office365 that I have: I can enable it or disable it and nothing more.  I’ve connected successfully to my Messenger account so I know it works. 

What doesn’t work?  Well, audio is just a wee bit important to Lync.  And it cannot find my audio device.  That’s despite the fact that I listen to music, watch Silverlight and Flash webcasts, and so on with absolutely no issues.  The Realtek audio driver is up to date … turns out others in the office with this model of HP PC (8100 Elite Convertible Minitower) have the same issue.

Anyway, my main reason to get O365 was email, and that’s now working fine.

Technorati Tags: ,,

When Selling Office365 As A Partner Of Record …

According to Redmond Channel Partner:

As with BPOS and other Microsoft cloud offerings, the payouts are 12 percent for net-add seats and 6 percent in annual recurring fees. The 6 percent fee starts paying in the first year, making the first-year fees 18 percent.

As a partner you will only get those fees if your customer registers you as the partner of record when they sign up.  Unfortunately, that is optional and not a mandatory of the sign up process.  In fact, it’s a link that is tucked away off to the side.

The customer will be asked for the Partner ID of the partner of record.  That’s not public information.  So here’s what might happen.  A customer wants to sign up after you’ve sold the concept of cloud computing.  They go to the site.  They go through the process.  Even if they see the link and understand what it does, they won’t have your Partner ID, they’ll likely skip it, and pay Microsoft without you becoming the partner of record.

My suggestions for the people selling O365 (yes; I’m talking to you, sales people):

  1. Have your partner ID handy.  Don’t make it public, because it is used for a few different things in the partner programs.  Know what the ID is.  Most MSFT partners have no idea what their partner ID is.  You can find it when you log into the Microsoft Partner Network website.
  2. When your customer agrees to sign up, go out to them (or remote assist them) and walk through the sign up process.  Think of it as “value added reselling”.  You know what your partner ID is and you’ll know to hit that register partner link.  If you’re not there, the customer is sure to miss it, or they’ll not be able to find/read your email containing the ID.

A customer can add or change a partner of record using the instructions on O365 online help.  I’ve just done it for my subscription … giving one lucky partner in Galway all of a few cents per month.

Technorati Tags: ,,

Private Cloud & Company Politics

I was chatting with a friend earlier today about a big project he’s about to do.  It’ll bring a lot of change and some egos would be at risk of being bruised.  It reminded me of a job I once did when I worked for a new bank that was being formed from lots of branch offices of the former parent.  There were lots of little NT4 domains, and we “pixie Irish” were consolidating it into a single W2003 domain and upgrading all the NT4/Office95 PCs to XP.  How did that go?  To start with, this clip from The IT Crowd kinda reminds me of a Monday morning in Munich, after 10 days of work build that office IT from scratch:


Then there was the company politics.  The IT staff of half the branch offices fought.  1 guy in Paris stormed home one morning and had to be called back in by his boss.  A guy in Munich spent the next 2 years conspiring and scheming to get his way.  The London crew weren’t happy with being run by Dublin at all.  Managing our IT was easy compared to the company politics.

And this got me to thinking … deploying a private cloud is surely going to cause the same sort of kerfuffle?  Centralisation, the “emasculation” of big-ego IT staff, a shift in power and control, they’re the sorts of things that cause powder keg & flame situations.

A couple of ideas:

Visible & Enforced Management Buy-In

People will act up and fight you if they think they can.  If they think this is some sort of personal project then they’ll bitch and moan to their bosses to try get your deployment/migration stopped.  I’ve been there when a director said “I want XYZ” to us but wouldn’t share that vision with the company.  And 2 years of in-fighting was the result, long after the project was completed.

If there’s a big project that’s going to shake things up, then the business owner of it (the CEO, CIO, etc) has to communicate that vision to the company, clearly illustrating what it is, and that their will not be an opportunity for fighting it.

Get Buy-In From Your Colleagues

As a consultant I once worked a site where a deployment was rejected by the IT staff.  I was asked to come in and run workshops with them.  With that I could learn each problem, and resolve it, whether it was lack of understanding of the tech or some business/operations problem that the tech could solve.  After a series of documents and workshops, the staff felt like they’d learned the tech and that they’d contributed to the solution.

I’ve a funny feeling that over the coming years we’re going to hear some stories like those of failed over cost overrun SAP deployments.  Deploying private cloud will be complex, not just because of a change of tech but also because of the change to business operations and the company politics that might happen.

Technorati Tags: ,

Great Big Hyper-V Survey 2011 Is Now Closed

I closed the Great Big Hyper-V Survey of 2011 this morning at 10:05 (Dublin time, 11:05 CET, 5:05 EST).  Thank you to all who completed the survey.  Myself, Damian Flynn (another Hyper-V MVP), and Hans Vredevoort (Failover Clustering MVP) will be sharing the results on this Wednesday (7th September, 2011) at 10:00 Dublin time, 11:00 Amsterdam time (05:00 EST, 19:00 Sydney).

Progress of Third Party Azure

It’s quite a while since Bob Muglia & co announced that some Microsoft partners would be running a third party implementation of Azure in the form of the Azure Appliance.  Who cares?  Well, some want more than what Microsoft can offer – and some have a problem with the USA Patriot Act that affects all USA businesses no matter where their operations or subsidiaries are located/registered.

HP are said to be going VMware for their cloud but have also said they are deploying Azure Appliance.  HP can offer more than what Microsoft offers, no doubt, especially in the storage space.  They probably can do more in the 3rd party or open source space, even though MSFT has embraced things like PHP on Azure.  But HP is American so thumbs down for data protection.

Ebay is puzzling.  Are they going to auction CPU cycles?  I really don’t get it, other than they can run their own site on their own Azure appliances.  File under irrelevant.

Dell is going in another direction, possibly OpenStack.  IBM – Lotus Live (Lotus Dead is more like it).  IBM is doing a lot of consulting and making a lot of money from government and corporates in the cloud space.  Probably a lot of Z series hardware and VMware licensing being sold, with a lot of consultants on site sucking up budget.

Fujitsu is the one that interests me the most.  Fujitsu are Japanese (obviously) and can therefore operate independently of the USA Patriot Act.  A Fujitsu datacentre in the EU can comply completely with EU laws.  They’re allegedly unveiling their Azure Appliance public cloud in August, thus offering a 0% Patriot Act Azure public cloud the world.  If I’m Microsoft, I’m pushing that sucker big-time because it offers the power of their PaaS in a venue that resolves the legal issues with their own datacentre offering.

Technorati Tags: ,

Public/Private Cloud Thoughts for the Day

I haven’t figured the structure for presenting this yet.  This post is like I’m thinking out loud through my keyboard.

Every day, there seems to be a new story on my various feeds about “the cloud”.  Today is no different.  Another day, another survey that tells us that X% of business users feel like they have to bypass IT because they are a hindrance to flexibility, or Y% of CIOs plan to deploy cloud applications this week/month/year.  Cloud, cloud, cloud, cloud, cloud.

The hype is incredible.  And the talking heads that are in podcasts, radio shows, quoted in press interviews are no help.  Uneducated journalists are bringing in muppets who compare Flickr to a complex application in a complicated business environment.  I love Flickr – but there’s little that I’ve seen in the business world that compares to it’s simplicity.  And that lack of simplicity is not because of IT; it’s because the business requires features and integrations that do complicate things behind the scenes.

It’s clear that the business users have gotten hooked on the concept of consumerisation of IT.  Feeling empowered, they’re now buying SaaS applications for themselves.  App developers are buying PaaS and IaaS services for the solutions that they’re developing.  And this is eating into the very reason for IT being around at all.  We’ll all be gone soon, right?  Not so fast, my friend!

Not everything will go to the public cloud.  Concepts like industry/national regulations, the need for secrecy, the need to integrate various server applications, IT governance, and so on are going to hit home soon enough, and the hype will subside.  Some stuff will hit the cloud.  I can see the scenario where small branch offices use an integrated Office 365.  I can see the scenario where a business uses an elastic presence on the net for web servers, scaling out/in with the seasons.  And maybe a lot of people do want a non-customised CRM solution without buying the servers to run it on.

Interesting titbit: when you dig into the Google Apps numbers, the average deployment size is 10 seats. So much for all those huge corporations and government sites dumping file/SharePoint/Exchange servers and MS Office!

Let me qualify the “it won’t go public cloud” statement.  Less stuff will move to the public cloud if IT responds to the requirements of the business.  The end users (our customers) like the instant accessibility and flexibility of cloud computing.  Giving them that sort of environment to work with in the form of a private cloud that is managed by the business will solve the requirements for instant use, flexibility, elasticity, regulatory compliance, security, and IT governance.  But we cannot do things the same old way, where we lock down and say “no” way too often.  The user is a customer.  Whether you like it or not, they have changed the business relationship by finding a competitor for your services in the form of a public cloud.  You have to win back their business.  Showing your value, being solutions oriented, and treating them like a customer is the way forward.

Part of consumerisation of IT is empowering the user.  I don’t know how ready we are for lots of these concepts, either skills, business or technology-wise.  I think we’re getting there.  For example, SCVMM 2012 can be the central part of the private cloud for underlying IaaS.  It can deploy things like IIS, SQL, and applications (collectively forming a service) but I’ve rarely encountered an app developer who knows what their new service will require up front.  Maybe the new ConfigMgr 2012 user centric software deployment can be combined with the likes of Server App-V?  Maybe we need to be able to build VMM 2012 services on the fly, after the original VMs have been deployed?  DPM needs to adopt the cloud model, much like is found with the various online backup solutions, empowering the end user (on a server) to pick and choose what they want to backup (and potentially be billed for it).  And that’s just the technology.  I think the whole service-centric treating-the-user-like-a-customer will be totally alien for those of us who have been BOFHs for the last 15 years, enjoying those moments when we can torture our L-users.

Long story short – the business is moving away from the traditional internal IT service provider.  They’ve gone to the public cloud where there are legitimate issues for many applications.  We can win back that business with a change of direction comprised of private cloud and service attitude.  And that can give the business what they wanted originally and resolve some of those other issues.