Microsoft’s patch woes continue. A September update for Lync was pulled this week. Please: do not approve updates immediately; wait 1 month and let some other mug find the bugs for Microsoft.
- Announcing the Message Analyzer 1.1 Release: The completely indecipherable replacement for Network Monitor has just been upgraded to v1.1. I find this replacement for NetMon to be a complete mystery and the UI looks like something Symantec would come up with (random). It’s no wonder WireShark remains the #1 choice.
- Introduction to Message Analyzer 1.1: A YouTube video to give you a high-level introduction to Message Analyzer 1.1. Includes a run-through of the UI and an overview of general features.
More Azure changes. Keeping up with this is difficult!
- More changes announced: VPN Support for Azure Websites, Scalable CMS in the app gallery, role-based access control, and more stuff were announced yesterday.
- Update for Azure Backup for Microsoft Azure Recovery Services Agent: The agent now supports weekly backups with 120 retention points, and 9 years of retention (one recovery point every 4 weeks). You can use this version of the agent together with the Microsoft Azure Site Recovery service to protect virtual machines that are running on Windows Server 2012 R2 CORE SKU and Microsoft Hyper V Server 2012 R2 into Azure.
Here’s the latest news from the Microsoft wires. More new services have popped up on Azure, mostly for devs, but the SQL AlwaysOn template should be a massive time saver.
The headline news from yesterday is that Steve Ballmer has resigned his new position from the Microsoft board to focus on “teaching” and his duties as the new owner of the Los Angeles Clippers NBA basketball franchise. He’s still the largest independent owner of MSFT stock.
Virtual Machine Manager
- VMM 2012 Self-Service users cannot open a console session to a virtual machine: When you try to connect to the console session of a virtual machine (VM) that is running in Windows Server 2012 by using Microsoft System Center 2012 R2 Virtual Machine Manager or Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 (SP1), the connection fails, and you receive the following error message – Virtual Machine Manager lost the connection to the virtual machine for one of the following reasons.
Technorati Tags: Microsoft
Does “fail fast” = “fail predictably often”? Automated testing of software for cloud services needs to be investigated and questioned. First we had the clusterfrak August updates for Windows. Then a significant chunk of Azure went offline.
I’ve recently started doing lots of presentation on Azure thanks to the release of Azure via Open licensing. People wonder what the scenarios ate where an SME would deploy machines in Azure and on premises. Here’s one I came up with this morning (an evolution of one I’d looked at before).
I was chatting with one of my colleagues about a scenario where a customer was looking deploying ADFS to provide Office 365 authentication for a medium-sized multinational company. I wondered why they didn’t look at using Azure. Here’s what I came up with.
Note: I know SFA about ADFS. My searches make me believe that deploying a stretch ADFS cluster with a mirrored SQL backend is supported.
The company has two on-premises networks, one in Ireland and one in the USA. We’ll assume that there is some WAN connection between the two networks with a single AD domain. They have users in Ireland, the USA, and roaming. They want ADFS for single sign-on and they need it to be HA.
This is where companies normally think about deploying ADFS on-premises. Two issues here:
- You need local infrastructure: Not so bad if you have spare license and hardware capacity on your hosts, but that’s not a given in an SME.
- Your ISP becomes a risk: You will place ADFS on premises. Your office has a single Internet connection. A stray digger or ISP issue can put the entire business (not just that office) out of action because ADFS won’t be there for roaming/remote users to authenticate with O365.
So my original design was to stretch the network into Azure. Create a virtual network in an Azure region that is local to your Office 365 account (for example, an Irish O365 customer would deploy a virtual network in Azure Europe North). Create a site-to-site VPN network to connect the on-premises network to the Azure VNet. Then deploy an additional DC, in the same domain as on-premises, in the Azure VNet. And now you can create an ADFS cluster in that site. All good … but what about the above multi-national scenario? I want HA and DR.
Deploy an Azure VNet for Ireland office (Azure Europe North) and for the USA office (Azure USA East) and place virtual DCs in both. Connect both VNets using a VPN. And connect both on-premises networks to both VNets via site-to-site VPNs. Then create an ADFS stretch cluster (mirrored SQL cluster) that resides in both VNets. Now the company’s users (local, roaming and remote) have the ability to authenticate against O365 using ADFS if:
- Any or both local on-premises networks go offline
- Either Azure region goes offline
As I said, I am not an ADFS person, so I’ll be interested in hearing what those how know ADFS think of this potential solution.
Talk about crappy timing. A federal court in the USA has determined that emails are not actually emails, and therefore Microsoft must turn over
emails business records stored on Email servers in the Dublin region to the FBI. One must wonder why the FBI didn’t contact the Irish authorities who would have jumped at once if the case was legitimate and issued an order locally. Maybe the case is not actually legitimate?
On the eve of Azure going big through Open licensing, a federal judge has stuck a stake through the heart of the American IT industry – this is much bigger than Microsoft, affecting Google, Apple, Oracle, IBM, HP, Dell, and more. Microsoft has already lodged an appeal.
Very quiet 24 hours in the Microsoft world. The only bit of news I have for you is Microsoft’s newest (48 hours old) statements regarding the US government trying to spy on non-USA located emails.
The big news here for MSFT techies are the releases of update rollups for SysCtr 2012 SP1 and SysCtr 2012 R2. Please wait 1 month before deploying to avoid the inevitable issues (history indicates that I am probably right) and use that time to carefully review the installation instructions.
Technorati Tags: PowerShell
The end of support for Windows Server 2003 (W2003) and Windows Server 2003 R2 (W2003 R2) is July 14, 2015. This includes Small Business Server (SBS) 2003 R2. That gives you one year to get off of these server operating systems before all security updates stop. This date will NOT be extended.
Why won’t it be extended? Microsoft wants you to do one of three things:
- Upgrade to Windows Server 2012 R2
- Upgrade via deploying Hyper-V
- Upgrade/migrate to Microsoft Azure
And to be honest, you’re using a server operating system that is currently 11 years old. The features you’ve been asking for are probably in newer versions of Windows Server.
Upgrading will not be easy. You have AD’s to upgrade, LOB applications that are dependent on server resources. And most W2003 installs were 32-bit, there are no more 32-bit server operating systems, and you cannot upgrade x86 to x64. You will have to perform migrations.
So NOW is the time to start planning.
For Microsoft partners that are service providers:
- We estimate that over 50% of servers in Ireland are of the W2003/R2 generation
- 92% of Irish business are SME’s and a large percentage of those were SBS customers. Consider deploying Office 365 to replace SBS, and maybe put in Server Essentials if they still require a local server for bulk data/printer sharing.
- Microsoft (WPC 2014) said that there are 22,000,000 W2003/R2 servers worldwide. That equates to an estimated $6,000,000,000 of business.
Start having the conversations now. Start planning now. Waiting until 2015 will be a fools errand. BTW, there are no stupid questions, only stupid people.