September, 2007

  • Windows Server 2008: Access Based Enumeration

    Last week during a community meeting I was talking to Kurt Roggen about all the cool new features  in Windows Server 2008. While talking we came to the discussion if Access Based Enumeration (ABE) was still implemented and if we had a GUI to enable it.

    Before we start talking about ABE in Windows Server 2008 I would like to set the stage and explain very briefly what ABE does.

    ABE filters shared folders visible to a user based on that individual user’s access rights, preventing the display of folders or other shared resources that the user does not have rights to access.

    End users see only what files and folders they need for their responsibilities rather than spending time looking through lists of inaccessible folders and files. Administrators can be more productive because they do not have to help less-skilled users navigate through dense shared folders. Administrative inefficiencies can consume resources as surely as technical problems, and minimizing time-consuming problems help make any IT organization more productive.

    ABE was introduced in Windows Server 2003 SP1 as an additional install, once installed you could manage ABE through a GUI, cmd-line tool or using the API's.

    Check out the details for Windows Server 2003 ABE:

    Now the good news is yes we still have ABE in Windows Server 2008 and we have a GUI where you can enable this. Let me explain to you how you do it:


    1. Open the "Share and Storage Management" MMC and Provision a new share.


    2. Follow all steps to create a share and when are at the SMB Settings window, which is shown below, click on the Advanced button.


    3. In the Advanced window you are able to Enable or Disable ABE, by default it's enabled.


    So basically you don't have to do anything to enable ABE on you shares.  The screenshots above show you how you can create/provision a new share using the GUI. The ABE is also enabled if you create the share through the folder directly by right clicking onto the folder and select share. However if you create a share through the command prompt using the "net share" command it won't be enabled by default.

    You can always enable / disable the ABE after you created the share by using the "Share and Storage Management" MMC just right click onto a share and hit the advanced button. So far I didn't found any cmd-line tool to enable or disable ABE.



  • Deployment 4 Beta 3 Released

    Deployment 4 is the code name for the next version of Business Desktop Deployment (BDD) 2007 and unifies the tools and processes required for desktop and server deployment into a common deployment console and collection of guidance. For the thousands of IT professionals already trained on BDD 2007, Deployment 4 requires minimal extra training to perform large-scale Windows Server 2008 and Windows Server 2003 deployments, while offering a further enhanced desktop deployment experience. Deployment 4 adds integration with recently released Microsoft deployment technologies to create a single path for image creation and deployment, including:

    • System Center Configuration Manager 2007 Operating System Deployment
    • Windows Automated Installation Kit
    • Windows Deployment Services with new multicast technology
    • Application Compatibility Toolkit 5.0
    • User State Migration Tool 3.0.1
    • Windows Server 2008 Server Manager for automated server role definition (coming soon)

    Deployment 4 Beta 3 combines the guidance and toolset from previous releases of Business Desktop Deployment and Beta releases of Windows Server Deployment. This release continues to support Zero Touch Installation (ZTI) of desktop operating systems using Systems Management Server (SMS) 2003 with the Operating System Deployment Feature Pack and adds new deployment and task sequencing capabilities for desktops and servers using System Center Configuration Manager 2007. Deployment 4 also continues to provide Lite Touch Installation (LTI) support without infrastructure requirements and adds capabilities for Windows Server 2003 and pre-release versions of Windows Server 2008.

    New features in Deployment 4 Beta 3

    • Microsoft System Center Configuration Manager 2007 support, with the following features:
      • Full support for Windows Vista, Windows XP, and Windows Server 2003 deployments with Deployment 4 and Configuration Manager 2007.
      • Complete integration into the Configuration Manager 2007 admin console and task sequencing capabilities.
        • Quick start Configuration Manager 2007 operating system deployments using one wizard to create needed task sequences and packages.
        • Extends the Configuration Manager 2007 task sequencing capabilities with new actions.
      • Feature parity with BDD 2007 and SMS 2003, including dynamic package installation, automatic determination of state store location, computer backup, database settings.
    • Lite Touch Installation (LTI) support for Windows Server 2008:
      • Support for deploying Windows Server 2008 Beta 3 and potentially RC0 (to be verified after RC0 release), including support for Server Core installation options. (Windows Server 2008 TAP customers only.)
    • Lite Touch Installation (LTI) enhancements:
      • Enhanced disk and network interface cards (NICs) configuration options, including support for static TCP/IP configuration.
      • Design changes to ease the migration from LTI to Configuration Manager 2007.
      • Support for multiple task sequence templates. New sample templates include:
        • Client template: Windows Vista, Windows XP
        • Server template: Windows Server 2003, Windows Server 2008
        • Replace scenario template
      • Ability to invoke web service calls Support for web service calls from rules
        • Web services can be invoked as part of the rules processing performed by Deployment 4, using new rules that can be defined in CustomSettings.ini.
      • Support for side-by-side installation with Deployment 4 and BDD 2007 installed on the same machine.
    • Lite Touch Installation (LTI) multicast support:
      • Deployment Workbench supports multicast transmission of operating system images when performing LTI deployments from Windows Server 2008 servers that are running Windows Deployment Services.

    Where to Find Deployment 4 Beta 3

    Deployment 4 Beta 3 is part of the Windows Server 2008 Beta and TAP Programs. It is also available as an open beta download.

    To join Deployment 4 beta 3 program, follow these steps:

    1. Visit the Microsoft Connect Web site (
    2. Click Invitations on the Connect menu.
    3. You will need to sign in using a valid Windows Live ID before you can continue to the Invitations page.
    4. Enter your Invitation ID in the box. Your invitation ID is: BDDP-QMYH-VWTH
    5. Click Go.
    6. If you have not previously registered with Microsoft Connect, you might be required to register before you continue with the invitation process.

    To download Deployment 4, click Download Now.

  • Fine-Grained Password Policies

    Remember a previous blog post where I talked about the fact that with Windows Server 2008 you will now be able to define different password account lockout policies within the same domain. Previously this was not possible and this was also one of the reasons many of our customers implemented multiple domains in their forest. With Fine-Grained Password Policies you can assign different policies to users, groups, inter-org-persons.

    This will ship with Windows Server 2008 but without a GUI to configure this and you need to use the ADSIedit to create, manage and set the password policies. This isn't a big issue for most of us but if you are not that familiar or confident with ADSIedit it can be hassle to use it. If you're interested to know how you can configure this through ADSIedit I recommend you to read Kurt Roggen his blogpost about Fine-Grained Password policies.

    Don't worry for those of you who don't want to make the changes through ADSIedit there is also a solution. Some members of our community released nifty tools where you can manage the policies through a GUI, command-line or even by using PowerShell.


    Christoffer Andersson created the Fine Grained Password Policy Tool.


    He also created a PowerShell snap-in so that you can manage the setting through PowerShell.

    Here is a list of the PowerShell Cmdlets you can use:

      • Create new Password Policies : New-PasswordPolicy
      • Modify existing Password Policies : Modify-PasswordPolicy
      • Delete Password Policies : Delete-PasswordPolicy
      • Rename Password Policies : Rename-PasswordPolicy
      • Add users and global groups to an existing Password Policy : Add-PasswordPolicy
      • Remove users and global groups to an existing Password Policy : Remove-PasswordPolicy


    Dmitry Sotnikov created the PowerGUI  which is a console for managing Fine Grained Password Policies.

    What's nice about this tool is that it uses the PowerShell cmdlets from Quest. In the GUI you can define the policies and once final you can click on the PowerShell Code tab. This tab contains the PowerShell script you need to execute, so just copy and paste it into the console and you're done.

    Check out Dmitry his post about how to manage Fine-Grained Policies with Powershell


    Last but not least Joe Richards one of our MVP's created PSOMgr. PSOMgr is a command-line tool to create and manage PSOs.
    Here is an example on how you can create a new policy with PSOMGR:

    psomgr /add newpso10::1 /lockout 99:99:99 /pwdage 100:100 /pwdcomplex TRUE /pwdreverse true /pwdlen 101 Add PSO newpso10 with precedence of 1 and other specified values. Will NOT create since /forreal is not specified.

    After reading this post I hope you will now have the knowledge, tools to manage the password policies in your environment.


    Note: None of these tools are officially supported by Microsoft, use at own risks.

  • How to Install Windows Server Virtualization?

    Ok now that you have the RC0 bits you definitely want to start playing with Windows Server Virtualization. I'll explain the installation steps through different screenshots I took.

    Before you begin the installation you have to install two updates that are located into the systemdrive\windows\wsv directory. First install the Windows6.0-KB939854-X64.MSU which will install the WSV Management tools, next install the Windows6.0-KB939853-X64.MSU this will make your server ready to install the WSV bits. Reboot the server.

    Whenever the patches are installed and the server is rebooted you need to fire off the Server Manager MMC console and right click onto the Server Roles and finally select add role.


    Select the Windows Server Virtualization Role and hit next.

    Note: If you don't see the WSV Role just close the server roles window and select the Server Manager and Hit F5 to refresh the console. This is a known issue.


    The Windows Server Virtualization Wizard starts and informs you that you might have to make some changes into the BIOS of the machine to support virtualization. Note that WSV runs only on the 64 bit versions of Windows Server 2008 and that Hardware Assisted Virtualization Technology is required. 



    Select the Network adaptor that you want to use in the Virtual environment, in my case I only had one adaptor. Now that we will create a separate Virtual Network for each adapter within your box. We also recommend that you reserve one NIC for remote accessing the server, this way you will separate the production traffic with the administration traffic.


    You are now ready to start the actual installation of WSV by hitting the install button. Installation will start and after a few minutes you will hit the screen below which states that you need restart the server to be able to finish the Windows Server Virtualization installation.



    I advise you to immediately restart the server. After the reboot the WSV installation procedure will continue and a few minutes later you get the installation results window.



    You are now ready to start configuring your first VM's with the Microsoft Hypervisor based virtualization technology. The WSV role will now be added to the Server Manager console and the WSV management snap-in has been added as well.



    This is how the new management console looks like. We now integrate with MMC 3.0 and don't rely onto the WebAdmin tool anymore :) Nice!

    Start creating you VM's, Virtual Switches, Snaphots, etc... Enjoy!


    Note: This is still beta code and nothing has been optimized so be aware of the performance issues there still can be.

  • Windows Server Virtualization will be included in RC0 Release

    This week at VMWorld we made some announcement around Windows Server Virtualization (codename Viridian). The Community Technology Preview (CTP) of Windows Server virtualization is coming soon with the initial release candidate of Windows Server 2008. You will finally be able to test out our newest hypervisor based Virtualization Technology. I've been playing around with this for a while now but couldn't share a lot with you that will change once the CTP has been released.


    Read the full press release and interview with Larry Orecklin, General Manager of marketing for System Center at Microsoft, to learn more about our Virtualization Strategy.


    Furthermore we made some other announcements about the strategic alliances with Citrix. Basically we announced that Microsoft and Citrix will standardize the format as a common runtime environment for both virtualized operating systems and applications. This collaboration will result in future versions of Citrix’s Desktop Server and virtual application solutions adopting the Microsoft VHD format. At the same time, Microsoft plans to adapt a future version of Microsoft SoftGrid Application Virtualization for both the desktop and Terminal Services to the VHD format. Microsoft and Citrix will also collaborate on emerging virtualization technologies and virtual infrastructure management tools to help ensure interoperability and simplified administration for end users.

    This is great news not only about the fact that Citrix is following is with the VHD format but also that our own products will adopt the same technology which will make deployment, supportability, backup and management of those products much easier

    Full Press Release:


  • Virtualization Cookbooks

    If you are looking to Virtualize your physical servers, applications than you will find valuable information in the cookbooks we've created for you.

    You will find information about Virtual Server 2005 R2 SP1, Data Protection Manager, System Center Virtual Machine Manager and Terminal Servers.




    Microsoft Virtual Server 2005 R2 Service Pack 1 and Microsoft System Center Virtual Machine Manager

    The goal of this cookbook is to provide the steps and guidance necessary for you to successfully install and configure Virtual Server 2005 R2 SP1 and System Center Virtual Machine Manager. You may then create and manage virtual machines, and perform P2V migration.

    Backup and Recovery using Microsoft Virtual Server 2005 R2 Service Pack 1 and Acronis True Image 9.1 Enterprise Edition

    The goal of this cookbook is to guide you through installing Acronis server imaging solutions for workgroups and installing Microsoft Virtual Server 2005 R2 SP1. The cookbook covers creating a virtual machine (to serve as a standby for recovery) and restoring the contents of a server representing your production workload to the waiting virtual machine.

    Microsoft System Center Data Protection Manager 2007, Microsoft Virtual Server 2005 R2 Service Pack 1, and Microsoft System Center Virtual Machine Manager

    The scenario presented in this cookbook will take you through the steps necessary to install Virtual Server and SCVMM, and then convert a workload to a virtual machine. This cookbook also includes the steps necessary to install DPM and to back up a running virtual machine, as well as information about monitoring and reporting using DPM.

    Quick Migration with Virtual Server Host Clustering Windows Server 2003 Enterprise Edition & Microsoft Virtual Server 2005 R2 Service Pack 1

    This cookbook describes a simple configuration in which you use Virtual Server 2005 R2 to configure one guest operating system, and configure a server cluster that has two servers (nodes). With this configuration, you can migrate workloads easily from one node to the other

    Mobile User Access of Applications. Terminal Server running on virtual machines using Microsoft Virtual Server 2005 R2 Service Pack 1

    In this cookbook we will install Terminal Server on a virtual machine and access the terminal server remotely. We will also show how to install Remote Desktop Web Connection and how to configure Windows® Firewall to allow remote clients to access the terminal server. Services Presentation Virtualization_Final.doc

    Hosted Backup and Recovery Solutions for Service Providers using Data Protection Manager (DPM) and Virtual Server (VS)

    This cookbook will provide procedural, step-by-step guidance to an IT Generalist audience providing data backup and recovery to customers as a hosted solution using Virtual Server and System Center Data Protection Manager 2007

    Simple Offsite Backup and Recovery of virtual machines using DPM and VS

    This cookbook will provide procedural, step-by-step guidance to an IT Generalist audience for backing up and restoring virtual machines running in an offsite location using Virtual Server and System Center Data Protection Manager 2007

    Simple Onsite Backup and Recovery of virtual machines using DPM and VS

    This cookbook will provide procedural, step-by-step guidance to an IT Generalist audience for backing up and restoring running virtual machines using Virtual Server and System Center Data Protection Manager 2007

    High Availability with VS and WS03R2 Enterprise Server Clustering

    This cookbook will provide procedural, step-by-step guidance to an IT Generalist audience for implementing high availability of server workloads using Windows Server 2003 Server Clustering and Virtual Server using Intel-based hardware.

    Application Isolation and Operation in BO Using VS

    This cookbook will provide procedural, step-by-step guidance to an IT Generalist audience for isolating and operating applications on separate virtual machines in branch offices using Microsoft Virtual Server 2005 R2 SP1, in an Intel-based hardware environment for regulatory compliance and improved legacy workload performance.




  • TechNet Magazine Goes Green

    The October edition of TechNet Magazine goes Green. Green is a hot topic and I think that we as an IT community don't do enough to make sure we don't waste energy. How many of you shutdowns his PC or has a server running constantly at home? I have to admit I don't do it every time. I am wasting money, resources and energy. We should all be more concerned about this and that is exactly the reason why I am trying to organize a Green IT Panel discussion at IT Forum 2007 in Barcelona. I want to have some of the major vendors in the Market like Intel, AMD, Dell, .... and beside the hardware manufacturers I want to have one of our Data Center Managers, MSIT and other IT Managers from major companies.

    What I would like to know from them is how the hardware will change in the future to reduce the energy consumption even more. Secondly I want to know what we Microsoft are going to do with our software, management tools to support the Green IT initiatives. What can we do as an IT Pro to reduce the needed energy, where do we have to look when we buy hardware?

    What are you thinking about Green IT, is it something we should care about or not? Send me your comments I want to open up the discussion here, I am really interested to know what you think about or what you are doing for it.

    If I find all the speakers this will be a session not to miss at IT Forum this year, keep my finger crossed.

    Read the preview article about Green IT:

    TechNet Magazine October 2007

    OCTOBER 2007

    Green Computing

    Green is hot. Green computing is the next frontier, and building a green, ecologically friendly data center has surprising rewards. Learn about the benefits, the costs, the savings, and how to plan, right now.

    Windows Administration

    The Active Directory replication model defines the ways in which updates are communicated to all domain controllers within an environment, as well as how to handle any conflicts that arise as a result of the ability to make changes from practically anywhere.

    System Center

    In the past, update status was reported via hardware inventory. SCCM 2007 uses a new mechanism, the state message, to ensure better compliance and update enforcement on each client. See how the new approach to update management in SCCM 2007 represents a significant improvement.


    Blocking nearly 10.5 million articles of spam on a typical day, Microsoft represents a perfect example of the spam landscape today. Here the architecture and features of anti-spam and antivirus agents in Exchange Server 2007 and Forefront Security for Exchange Server are discussed as a solution to this growing problem.

    SQL Server

    A number of things can sap SQL Server performance including recompilation of SQL statements, missing indexes, multithreaded operations, disk bottlenecks, memory bottlenecks, routine maintenance, and more. Find out where to begin your search when encountering performance issues.

  • Are you planning for IT Forum 2007 but didn't register yet?

    Just wanted to inform you that we are in the last week of the early bird which ends on September 28th. Do you want to go but you're still busy convincing your manager. Act fast, it's likely that IT Forum 2007 will sell out at the end of the early bird period. According to Gerd (the event owner) it will sell out at the end of the week because we are ahead of last years registration trends and during this period we had like 1000 registrations.  And that's exactly the number of seats we still have. My advise for you ACT FAST!

    It's my first year as a co-track owner for the Windows Server track and I must say it have been busy times, organizing all those different sessions, talking to a lot of speakers and product teams to make sure you get the best content. Now Kevin Sangwell and I we are sure we will have the best track amongst our team (they all think they have the best track) because we have been able to allocate top speakers like John Craddock, Mark Russinovich, Mark Minasi, Rafal Lukawiecki, Michael Niehaus and many more just stay tuned for the top 5 sessions from our track.

    If you are eager to learn new things about Windows Server 2008 and Windows Virtualization than you are at the right address within our track. Last week we reached the 100% content  milestone and now another team is ready to start with the scheduling.

    If you're at IT Forum and you want to meet me there for a coffee or chat send me a mail:


    Meet your HostsCheck out this year's Virtual Side Agents.
    There mission interview a lot of key people, wonder if they would interview me?
    Check out the Virtual Side regularly for updates.

    Check out their
    first video :)


    See you in Barcelona.

  • System Center Operations Manager and Vista better together

    This week we released a Vista gadget that allows the IT admins to monitor specific alerts coming into the Ops Manager console.

    A Vista Gadget that enables you to view the active alerts and health states for a specified set of objects from a computer running Windows Vista.
    Feature Bullet Summary:

    1. Allows selection of object types.
    2. Displays alert counts for each severity level.
    3. Color-coded alert levels.
    4. Color-coded summary of health states

    I am pretty sure that we'll have more IT admins oriented gadgets developed over time, either by Microsoft or the community.

    You can download the gadget there:

    This gadget will be part of the Ops Manager 2007 resource kit that should be released anytime soon on the Microsoft Download website ( keep an eye onto the System Center Operations Manager 2007 web site for the upcoming announcement )

  • Upcoming BIWUG session Sept 25: Guidelines and Best Practices for SharePoint deployment


    The BIWUG user group organizes another get together event. Here is the agenda for the Sept 25th meeting:

    18:00 – 18:30 Registration and Welcome

    18:30 – 20:15 Session 1: Guidelines and Best Practices for a Successful SharePoint Deployment within Your Organization

    Join this session if you are looking for answers to questions like ‘When is it appropriate to use SharePoint within the organization?’, ‘What are the weak and strong points of SharePoint?’, ‘What are the pitfalls?’, ‘What kind of resources do I need the level of infrastructure but also people (both admins as well as designers and devs)?’, ‘What are the options to make SharePoint do what why business wants it to do? And what effort is that going to take?’. There are of course plenty of other related questions that can be discussed during this session. Patrick Tisseghem and other BIWUG board members will be more than happy to share their experience during an interactive discussion. The session is planned to be high-level and especially interesting for project managers, technical sales, architect and design folks.

    20:15 – 20:30 Break

    20:30 – 21:15 Session 2: Overview of Microsoft PerformancePoint Server 2007 - (Speaker: Nico Verheire, Dolmen)

    This session will give you an overview of how Microsoft PerformancePoint Server 2007 can help you in your organization to help improve performance by integrating monitoring, analysis, and planning into a single application (of course based on WSS 3.0 and integrated with MOSS 2007). As with the first session, the level will be 100-200 with plenty of demonstrations of the product capabilities.

    Register for this event


  • System Center Virtual Machine Manager 2007 is RTM

    I'm very pleased we announced that System Center Virtual Machine Manager 2007 is RTM. This is a key product in the Virtualization world, now you will be able to manage your Virtual Server environment with a top class Management product. Think about it if today you have to manage multiple Physical hosts that on their side each hosts multiple guests. How would you do it to move a guest from one physical box to another. Which tasks are you executing to give your developers, testers, etc ... their Virtual Dev/Test environment. Did you create scripts? Do you have automatic placement of VM onto the most appropriate box. How do you manage your offline VM's.


    To all those questions their is one answer now "System Center Virtual Machine Manager 2007". This will do all of the above and much more.

    What exactly did we announce today?

    1. That SCVMM 2007 has been released

    2. We are announcing the pricing for the different versions

    3. We will deliver a SCVMM 2007 Workgroup edition to manage up to 5 physical boxes and unlimited number of Virtual Machines.

    4. SCVMM is going forward.

    Let's discuss the last announcement a bit further. This is a HUGE announcement not only we are making the commitment to be ready to manage Windows Server Virtualization (codename Viridian) but the team also announced that with the next set of releases of SCVMM we will add support for NON Windows Server Virtualization environments with a focus onto VMWare and Xen. So our customers will be able to manage from a single console different Virtual Environments.


    Check out Chris his blogpost onto the Windows Virtualization team blog for detailed information about the announcement(s).


    For more information about System Center Virtual Machine Manager 2007 visit this site

    Do you want to see SCVMM in action? Watch this screencast created by my colleague Keith Combs.

  • SoftGrid Application Virtualization Trial Guide

    This trial guide will help you to quickly setup a Microsoft SoftGrid Application virtualization environment.

    This guide outlines steps necessary to:

    • Install System Center Virtual Application Server components
    • Install SoftGrid Client for Windows Desktops and Terminal Servers
    • Publish the shortcuts of sequenced applications, and then stream and run these virtual applications on SoftGrid clients.

      You will also be able to virtualize a select set of applications using SoftGrid Sequencer.

    Very Recommended if you want to try out SotfGrid.

  • Another Major Milestone - Windows Server 2008 RC0 is Here

    I'm really excited by this one because Windows Server 2008 RC0 has been Released to Web. And for the first time YOU will be able to start learn and test Windows Server Virtualization (WSV). WSV has been added as a Server Role so now YOU will be able use our Hypervisor based virtualization technology built-in into the product.

    Do YOU want to know more about what's new and what has been improved in Windows Server 2008? I recommend to read my blogpost about what the Belgian Community is blogging about Windows Server 2008

    If you have a TechNet subscription you will be able to download the bits very soon, if you don't have one I recommend you to get one, TechNet Plus Direct is really cheap and you get a lot of value into it.  Another way to get the bits is through the Community Technology Preview


    Are you already testing Windows Server 2008 and you're part of the Belgian IT Pro Community? Drop me a mail and find out what I have for you in return.


  • Windows Server Virtualization Screencast

    Last week Keith Combs published his 10 Min of Windows Server Virtualization (WSV) screencast. In this screencast Keith shows you a quick technical overview of what and how Windows Server Virtualization can be used.

    As I mentioned earlier WSV will be included as a Server Role in Windows Server 2008 RC0.


    Read Keith's blogpost that set's the stage for this screencast:


    Have a look at the screencast:

    Streaming - mms://

    Save Local -


  • Tafiti with the Halo 3 theme

    If you are a Halo fan you will definitely like this.

    It's the live search engine with a Silverlight front-end. Check it out I think it's really cool!


    tags: , ,

  • HP Interex UG meeting Sept 26th: Windows Server 2008 Overview and Security


    September 26th I will be presenting at the HP Interex User Group meeting about Windows Server 2008 and there is also a second session planned about Security technologies in Windows Server 2008. This session will be delivered by Jan De Clercq from HP. Jan has been a speaker at several Microsoft and security-focused conferences. If you're interested have a look at the agenda and register, this is a free event.



    Presentation 1: Overview of What’s New in Windows Server 2008

    Speaker: Arlindo Alves (IT Pro Evangelist, Microsoft Belgium 

    Abstract: In this session we focus on key Windows Server 2008 Beta 3 features and the development philosophy behind these features. We will take a close look at Server Manager, Windows Firewall, Networking, Security, Failover Clustering, Server Core, Internet Information Services (IIS) 7.0, Terminal Services (TS), and more! If you don't know what Windows Server 2008 is all about – than you should come and have a look yourself.

    Presentation 2: Security Technologies in Windows Server 2008

    Speaker: Jan De Clercq (Security Advisor, HP Belgium 

    Abstract: This session will present an overview of the new security technologies that Microsoft includes in Windows Server 2008. It discusses the new Windows Server 2008 security features in the areas of isolation and resilience, security management and access control. Among the topics covered are: BitLocker Drive Encryption (BDE), User Account Control, new Active Directory (AD) security features (Read-Only DC, fine-grain password policies and Server Core), and the enhancements in Windows PKI. Special attention is paid to how these new technologies can be turned into a real customer added-value and arguments that can motivate the upgrade to Windows Server 2008.

    Jan De Clercq is a member of the HP Security Office, where he focuses on identity management (IDM) and security for Microsoft platforms. Jan has been a speaker at several security-focused conferences and has been involved in Windows, security and IDM-, PKI-, SSO- related projects for large HP accounts.

    Over the last year he has been a trusted advisor on security topics for several large Windows designs and deployments, and large IDM, PKI and SSO designs.

    Jan holds has recently co-published a book on Microsoft Windows Security Fundamentals 


    Timing and Registration

    Please register via e-mail to Mention your name, first name and company name.

    When: September 26, 2007 - Doors open at 16:00, Session starts at 16:30

    Where: Microsoft Diegem


  • Free E-learning: Introduction to Microsoft Exchange Server 2007 Unified Messaging

    In this online clinic, you are introduced to the new Unified Messaging features and functionalities in Exchange Server 2007. In addition, you learn how telephony and Unified Messaging can be integrated in Exchange Server 2007. This online clinic is composed of a rich multimedia experience. It is intended for IT Professionals who are interested in telephony or Unified Messaging.



  • Dev & IT Pro Days: Building End-to-End Infrastructure Security

    During the Dev & IT Pro days we had the opportunity to host the following sessions from John Craddock and Sally. Note that the recordings where not done during our event but the content was the same.

    Is Your IT Infrastructure Secure?

    John Craddock, Principle Infrastructure & Security Architect, Kimberry Associates

    Sally Storey, Senior Consultant, Kimberry Associates

    In this session we step back from the infrastructure and provide a methodology for classifying your business requirements and identifying business assets. Armed with this knowledge you can create a threat model and categorize risks. You will learn how to create a design that will truly support your organization. Topics covered include: Identifying business assets; Threat modeling; Security policy and response planning; Patch management and compliance testing; Least privileged access.


    Securing Your Network


    Network connectivity is the life blood of your infrastructure but the TCP/IP stack, listening services and applications provide many entry points through which systems can be discovered and attacked. In this session we show you how to assess your systems through the use of network scanners, provide maximum protection through the use of host based firewalls and implement IPSec. Topics covered include: Firewall configurations, troubleshooting connectivity; Identifying protocol and port requirements; Network scanners and monitors; Deploying IPSec for domain and server isolation

    Building rules, filters and filter actions


    Locking Down Servers and Workstations


    Server and workstation security is normally managed through the use of group policy, but what are the options? In this session you will learn about best practice solutions for lockdown. We will also show you how to manage security templates, use the Security Configuration Wizard and implement Software Restriction Policies. Topics covered include:  Managing server roles and lockdown policies; Using security templates; The Security Configuration Wizard; Delegating group policy management; Creating Software Restriction Policies (SRP)


    Vista Technologies


    In this session we look at the key Vista security enhancements that impact our overall look at end-to end security framework. We explore User Account Control and the Secure Desktop. Examine how Vista can virtualize file and registry access and how solutions can be provided for Windows XP. You will learn about new core features including the enhanced stack, firewall and group policy. Topics covered include: Core security and networking enhancements; User Account Control (UAC); Application compatibility; Vista group policy; Network Access Protection (NAP)

    List of all links to End to End Infrastructure Security Sessions: