Aidan Finn, IT Pro

CCR may be the most interesting apsect of Exchange 2007 that I’ve come across so far.  The one aspect of MS solutions that I’ve had a big probelm with is their implementation (or lack thereof) of a a true Disaster Recovery solutoin, i.e. a geo-cluster.  What’s a geo-cluster?  Imagine your office burns down and you have a DR site.  If you are a big financial or government then you may only have X hours to invoke and get the business back up and running.  MS clustering for SQL 2000 and Exchange 2000/2003 just weren’t up to this.  Lotus Notes *choke* freaks loved to remind us that they had a true DR clustering solution and that Exchange didn’t.  They were right.  I hate saying that.

But the worm may have turned!  Exchange 2007 includes a function called Cluster Continuous Replication.  The concept is that the mailbox server can be configured to replicate mailbox databases to a "passive" node.  In the event of a DR invocation, you can failover and use the formerly "passive" node as your "active" node.  Here’s where things start to get nice.  You don’t need a shared SAN.  The two nodes can use their own locally attached disk.

I’ve not dug into CCR too much yet.  I’ve only speed read the above article.  This may be a solution that will finally allow us to rid ourselves of EMC Autostart, Neverfail and their ilk for Exchange DR.

The following updates will be available from Microsoft Update in the following few hours:

Critical

• MS06-072: This update resolves vulnerabilities in Internet Explorer that could allow remote code execution – Windows, Internet Explorer
• MS06-073: This update resolves a vulnerability in Visual Studio 2005 that could allow remote code execution – Visual Studio 2005
• MS06-078: This update resolves a vulnerability in Windows Media Player that could allow remote code execution – Windows

Important

• MS06-074: This update resolves a vulnerability in Simple Network Management Protocol (SNMP) that could allow remote code execution. The SNMP service is not installed by default in any supported version of Windows – Windows
• MS06-075: A vulnerability exists in Windows that could allow elevation of privilege on an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability – Windows
• MS06-076: This update resolves a vulnerability in Outlook Express that could allow remote code execution. User interaction is required for an attacker to exploit this vulnerability – Windows, Outlook Express
• MS06-077: This update resolves a vulnerability in Remote Installation Service (RIS) that could allow remote code execution. RIS is not installed by default – Windows

Interestingly, IE7 is not affected by the critical IE flaw.  You can get more details on the affected products on the Microsoft TechNet security site.  Also of note is that the recent (the last week or so) security holes found in Word 2003 have not been included in this batch of updates.

Remember that you can use technologies such as WSUS and SMS 2003/2003 R2 to deploy these updates in a completely automated manner.

As usual, you should test these updates before deploying onto a production environment. 

Microsoft really wants us to test SP2 RC1 for Windows 2003.  They’ve made it available on Windows Update.  Don’t worry, your servers will only install it if you prepare the machines with some registry updates that are available on the Microsoft website.

This update will make the following edits to your registry:

• [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateWS03SP2beta]
• [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateWS03SP2beta21124ad5-c8a4-4e4f-ac2d-95a6cb8fa72b]

Only when these updates are present will your server actually be able to see the service pack is available for download on Windows Update.

Some tips from MS:

• Do not install this RC on production systems.
• You will need to uninstall beta releases of the SP before installing the RC.
• You will not be able to install this RC if your test machine will built with an integrated build of SP2.

Remember that SP2 will also be applied to XP x64 which is currently only at SP1.  There’s no word yet on whether XP x64 will be able to download the SP2 RC from Windows Update.

If you are going to try out SP2 (and it’s worth checking out for WDS!) then make sure you do it in a test lab.  Make sure you also read my documents on WDS and on SP2.

The list of software not being supported on Virtual Server 2005 has recently been updated:

• Microsoft Speech Server: No hardware support.
• ISA Server 2000.
• ISA Server 2004.
• ISA Server 2006: It IS supported on Virtual Server 2005 R2.
• Sharepoint Portal Server:  Not currently supported.  Support is expected in a future release.  I’m wondering if they are talking about Sharepoint Portal Server 2007.
• MIIS.
• Microsoft Identity Integration Feature Pack.

Credit: Bink

I’m lucky enough to be registered as a Microsoft Partner so I get access to their partner training.  Today I was at a basic course on Exchange 2007 that introduced us to Exchange roles, requirements, powershell administration, compliance and local continuous replication.  Mostly it was hands on lab work.  It was pretty good but I would have preferred more architecture and migration material.  2 day is just not enough.

It runs out they are pretty receptive to suggestions for other subjects.  They’ve done some Vista deployment stuff using WDS, WAIK and BDD 2007.

If you work for a partner, I’d suggest you get your self on the mailing list for the announcements for these training courses.  Today’s one was just EUR80.  That’s a bargain and well worth the time spent.

Rightly or wrongly, Citrix is the dominant player in the SBC (Server Based Computing) market.  When you say "Thin Client" people automatically assume you’re talking about a Citrix product.  There are alternatives which are often cheaper and often sort out the biggest difficulty that Citrix has failed to even get close to resolving: printing.  I will give them credit for one thing, they’ve got the best MOM 2005 management pack that I’ve seen.

Anyway, Citrix has posted a number of training videos on their site for Presentation Server 4:

• Optimizing Printing in Presentation Server 4 environments
• Configuring Policies in Presentation Server 4
• Understanding and Designing Citrix Presentation Server 4 Farms
• Deep Dive into Citrix Presentation Server SpeedScreen Technologies
• Fundamentals of the Citrix Presentation Server Architecture
• Licensing Essentials
• Migrating your Microsoft Windows Terminal Servers to a Citrix Presentation Server Farm

This might help make up for the apparent lack of literature on this important infrastructure and business product.

1. Downloaded and install WAIK
2. Downloaded and install each storage driver for the DL380.  Extract the files so you can see the .INF and .SYS files.
3. Clicked on All Programs – Microsoft Windows AIK – Windows PE Tools Command Prompt.
4. Ran copype.cmd x86 c:winpe_x86
5. Ran imagex /mountrw c:winpe_x86winpe.wim 1 c:winpe_x86mount
6. Ran peimg /inf=d:<path to driver><name of inf file>.inf c:winpe_x86mountWindows
7. Repeat step 6 for each driver’s INF file
8. Ran imagex /unmount c:winpe_x86mount /commit
9. Ran copy c:winpe_x86winpe.wim c:winpe_x86ISOsourcesboot.wim
10. Ran oscdimg -n -bc:winpe_x86etfsboot.com c:winpe_x86ISO c:winpe_x86winpe_x86.iso
11. Burned the ISO to a CD.
12. Boot the server with the CD.  A command prompt will open and provides you with basic "DOS" functionality.  I copied the required files to a floppy.  I probably had USB access for a UFD.