Kevin Remde's IT Pro Weblog
I found this in Robert Scoble’s blog…
Scoble had arranged a dinner for several influential San Francisco area bloggers to meet and sup with Jim Allchin. The results have been, naturally, documented well in several blogs. This one by Thomas Hawk was a very interesting read with regard to the future OS Longhorn and in future Media Center ideas.
…just more of the fun stuff that makes me thrilled to work for Microsoft…
*** Warning *** The link below contains political opinion. Do NOT click it if you’re easily offended by political opinions. Thank you.
I had originally intended to post this here, but decided to keep the content here at this blog more professional, and save the private or opinionated stuff on my new MSN Spaces blog. I’ll just link to them from here instead. So…
CLICK HERE if you’re interested in seeing what I think of a recent WIRED article about what some idiots are accusing my Governor, Gov Tim Pawlenty, of.
Well… your wish is granted! Check out this new Security Tool:
Do you know the security status of your network? Get a visual. The Visio Connector for MBSA lets you view the results of a Microsoft Baseline Security Analyzer scan in a clear, comprehensive Microsoft Office Visio 2003 network diagram. You must have both Visio 2003 and the Microsoft Baseline Security Analyzer — a free security tool from Microsoft — for this connector to function.
And while you’re there, take a look at the Security Tools section to see other free utilities to help you secure and manage your PCs, Servers, and Network.
Here it is!
Here’s this week’s “best of” Q&A log from the webcast. Sincere thanks again to my teammates for doing such a great job helping to answer questions! I give them the credit for the information in this document. I couldn’t do this without’cha!
Also I want to make sure also have the link to the Session Resources I posted for Part 11, and the homework assignment also.
And I’ve also posted a “blogcast” recording of some demos from this session that I didn’t have a chance to get to today. Here it is.
—
Part 11 Questions and Answers:
“FYI: The last few times I have had serious problems joining these webcasts. I suspect it was because of MS AntiSpyware and/or PrevX Home. This time I powered up fresh and turned both of those app's off. And I connected successfully. You might want to pass this info on to the appropriate people.”
Thanks for the info! That’s worth passing along.
“KEVIN is @wsome!”
Th@nks! Back @tcha!
“Backup Status Operation: Backup Active backup destination: File Media name: "HOA-WS03-AD-01-041905.bkf created 4/19/2005 at 9:32 AM" Error returned while creating the volume shadow copy:800423f0 Reverting to non-shadow copy backup mode. Backup of "System State" Backup set #1 on media #1 Backup description: "Set created 4/19/2005 at 9:32 AM" Media name: "HOA-WS03-AD-01-041905.bkf created 4/19/2005 at 9:32 AM" Backup Type: Copy Backup started on 4/19/2005 at 9:33 AM. Warning: Unable to open "c:\windows\SYSVOL\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory" - skipped. Reason: The process cannot access the file because it is being used by another process. Any idea?”
Ah yes.. the old “Backup Status Operation: Backup Active backup destination: File Media name… “ Well, you get the idea. We’ve seen this one before. And here’s a KB article that describes it, too. http://support.microsoft.com/kb/822132.
“?”
?
“oops”
No problem.
“Hello, we're using SBS 2003 and we have SQL, Exchange and RAS... Isn't this dagerous because if the server goes down, Everything will go with it?? What do you recommend?”
The benefit of SBS is the cost structure for having all the applications. The downside is that they all must reside on the one server. If you want to configure your environment so that you avoid points of failure due to one server going down, you will need to implement multiple servers. To do this, you will also need to purchase the products separately and therefore the costs do go up.
“is the demo 2003 server has sp1? does sp1 change things in routing usage?”
I have not yet applied SP1 to the images. (Shame on me!) But either way, SP1 does not change the routing behavior of Server 2003. The only differences might be how it now uses the Windows Firewall (when enabled) as opposed to the older ICF (Internet Connection Firewall).
“Why is the broadcast address 192.168.16.255 and not 192.168.21.255 for this /20 network?”
Good question. I don’t know. Now that I think about it, you’re right. It should have been. I’ll have to investigate further.
“Any word on when is the SP1 for SBS 2003 coming out?”
I cannot give you an exact date. How about “Soon. Very soon.”
“Does SBS provide for the same routing capability as the full version?”
Yes, absolutely the same capabilities as the "full" version of Windows Server 2003.
“I think this should be 10.0.0.0/8 and 172.16-31.0.0/16”
Thanks. I’ll make that correction.
“Hi, is it possible for Windows 2003 router to send packets to one network (interface) with TCP ttl=1 and to others networks (interfaces) with standard ttl?”
I do not believe this is possible. The TTL setting is "shared" for all interfaces and there is no way to specify a different TTL for different interfaces.
“What is TechNet URL to view the Windows Server 2003 Administration Series from the beginning?”
http://www.microsoft.com/events/series/windowsserver2003admin.mspx
“I'm new... can I see who is on?”
Welcome! No.
“Can a windows 2k3 server be a NAT server? If so, how to configure it, any white paper?”
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/bd8a2548-25a8-4a4c-ad5c-c2719add9fd2.mspx
Even better – check out my blog, where I’ve posted a recording of a demo that I didn’t have time to get to today.
“When would you choose OSPF or RIP?”
OSPF:http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/5e40738f-7c26-4b25-aa4b-35f9605c44ea.mspx
and RIP:http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/intwork/inae_ips_nxtl.asp
“i know that 172.16.0.0-172.26.255.255 is private but what about 172.0.0.0-172.15.255.255. Is the second range private or public?”
172.16.0.0/12. The 172.16.0.0/12 private network can be interpreted either as a block of 16 Class B network IDs or as a 20-bit assignable address space (20 host bits) that can be used for any subnetting scheme within the private organization. The 172.16.0.0/12 private network supports the following range of valid IP addresses: 172.16.0.1 through 172.31.255.254. 172.0.0.0-172.15.255.255 is public.
“Just getting into ISA...would ISA handle most of this?”
ISA 2004 enhances some of the control over the routing between interfaces, but still depends on the underlying RRAS component of Windows Server 2003.
“Thanks Kevin!”
You're quite welcome!
And for those of you who liked the humor, here are the photos I used in the slides….
Have a great day!
Kevin
It’s true!
Word from the Microsoft Management Summit is that, with the improvements in coming SP1 for Microsoft Virtual Server 2005, we’re going to support running OS’s such as Linux and Solaris.
Yes.. you read that right.
My counterpart in the cold country just north of here (hint: ) Bruce Cowper was privileged to have attended Steve Ballmer’s keynote, and summarizes that, plus a couple of cool announcements made, in this blog entry.
And if you want the full story:
Read about Mr. Ballmer's keynote at the Microsoft Management Summit, where he highlights investments in virtualization and network access protection, enabling more cost-efficient and strategic IT management.
Yes, this is another somewhat cross-disciplinary, but this sounds like such a cool, geeky webcast series that I had to share it with you…
I saw this announced on the MSDN Webcasts blog. The series is targeted at answering your questions about how Microsoft came up with all the brilliant ideas behind creating .NET, CLR, Security frameworks, etc. So, to me, that says it’s all about big brains dreaming up elegant, cool tools to make your work easier and better.
The idea that someone could make a wireless access link-up over a 30 mile radius, and up to 70mbps speeds, has me (and many other people, apparently) pretty excited. It sounds like that’s where we’re headed with WiMax. According to this CNet Article, Intel has started shipping the chips for it now.
Heck.. I’d be able to use the wireless at Starbucks… from my home!
(Too bad they don’t deliver!)
“Here we come…walkin’ down the streeeeet…”
Next week I’m going to be in Muncie, Indiana, and Chicago (Shaumburg) Illinois, doing our free, live TechNet Briefings for IT Professionals at the following locations:
April 26 – Muncie, IN
Cornerstone Center for the Arts
520 East Main Street
Muncie, INDIANA 47305
Phone: 785-281-9503
April 28 – Chicago, IL
Theater-Loews Streets Of Woodfield
601 North Martingale Road
Schaumburg, ILLINOIS 60173
Phone: 847 330-0720
Microsoft Windows Server 2003 Is EvolvingWith the recent release of Windows Server 2003 SP1, now is the best time to see the benefits of these significant updates. Are you prepared for the changes this upgrade will have on your network system? This is a great opportunity to see how SP1 may change your entire network infrastructure for the better. Join our experts at this technical briefing.
Microsoft SQL Server 2005 is comingIt has been 5 years since a major Microsoft SQL Server release. In a technology timeline, that could be considered a lifetime! Attending this session is your first step in preparing for a change that could give you a technical knowledge advantage over all the other IT Professionals working with corporate data. Get prepared for the change coming soon.
Click the links above to register, or visit the TechNet Briefings site (www.technetbriefings.com) for session topics and links to registration and additional resources.
Tell your friends! Invite your user groups!
And please introduce yourself and tell me you saw this on the blog.
Yes.. a couple of days ago they officially closed registration on TechEd. There’s a waiting list you can get added to, and it’s worth a shot, but as popular as TechEd has become…well, you know what I mean.
However, our webcast production team, in cooperation with the TechEd team, are offering you a chance to win one of three FREE PASSES to TechEd – just for attending any ! And even if you don’t get to go, there are still opportunities to attend some of the sessions as they are simulcast as webcasts live from TechEd in Orlando. Here are the official details:
Microsoft Tech·Ed 2005 is sold out but you can still explore Microsoft technologies and solutions in this series of webcasts. Join us through the end of May for pre-Tech·Ed webcasts, then tune in for a special week of webcasts June 5-10, 2005, as we simulcast certain sessions live from Orlando, Florida. And, if you attend any live webcast in this series through April, you could win one of three available free passes to Tech·Ed 2005 in Orlando, Florida, (official rules).
Here’s the URL for the TechEd Series:http://www.microsoft.com/events/series/teched2005.mspx
Consortium to Invest in Time Travel
I’m so proud that Microsoft is firmly behind this effort.
Here, is this week’s “best of” Q&A log from the webcast. Sincere thanks again to my teammates for doing such a great job helping to answer questions! I give them the credit for the information in this document. You guys rock!
Also I want to make sure also have the link to the Session Resources I posted for Part 12, and the homework assignment also.
Part 12 Questions and Answers:
“Will the earlier sessions in this series be made available for download? I notice that only the last 4 or so had the option to download and watch later.”
We will be making all of these available for download; they should be available within the next few weeks. Thx!
“Hi! How long will the recorded web cast be available?”
It should be available for at least a year if not two. And of course I’ll have a copy of it forever if you want it after it’s gone from the events sites. J
“Will WSUS work with W2003 SBS?”
Yes. Although in general it is not recommended to install WSUS to a DC. If you have the option you would want it install it to a separate Server.
“Can WSUS run without Active Directory? If so, how?”
Yes. You simply install it to a server based machine. You then use Registry settings or Local Policy to allow clients to connect. The full instructions are of course a part of the setup docs included with WSUS.
“Is WSUS the merging of SUS and WUS??”
WSUS is the next version/evolution of SUS. SUS was going to named SUS 2.0, then Windows Update Services (WUS), and now the final and forevermore name is Windows Server Update Services (WSUS).
“Is BITS 2.0 installed by default on 2003 server standard, or do you have to download it?”
It is a separate download. See the following -- http://support.microsoft.com/kb/842773
“Should the SUS server be a standalone server, or can it be run from a server performing other functions. If so, what is the load requirements for determining which of my servers I should run it from?”
SUS / WSUS should ideally run on a server separate from other network services. System requirements are posted here -- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“Is WSUS still in RC? If so, when is it expected to be released?”
Yes it is - See the following for release dates as they get posted -- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“When is the anticipated release date for WSUS? I understand it's still a release candidate.”
You will have to monitor the site for the information -- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“Is this the final version or is it still in BETA?”
It is in Release Candidate Status -- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“Is WSUS available now, or is it still in beta?”
RC Status - http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“If you already have an SUS server, do you have to make any changes to the group policy if you deploy WSUS?”
No, however, the final product may have additional options you CAN configure.
“I just started getting this error on my WSUS server. There was an error adding updates to the database. Please try to synchronize again, or check your database configuration. 4/27/2005 The metadata for the update was invalid and could not be processed successfully by the database.”
You will need to check the WSUS site for support options since it is still not a released product. There is also information on the WSUS site for posting Bug Information -- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“If you select automatic updates on a SBS2003 what happens if an update needs to reboot?”
You should NOT set the Server itself to automatically update. However, if you do, it will perform as any other client does.
“Can the update files reside on a share pointed to by DFS taking advantage of site awareness of Windows XP to find the file share to pull the updates from? Or, do the updates have to come from a WSUS server?”
What we support is having them come from the WSUS Server at this time. This may change when the product releases.
“Does WSUS work with remote computers connecting for a small amount of time, or do you need to be connected for extended period to ensure updates are pushed to the client?”
1) Clients PULL the updates. 2) They have to stay connected long enough to PULL the file. How long this is depends upon the size of the files. 3) The benefit of BITS technology (Background Intelligent Transfer Services) is that an interrupted download will pick up where it left off the next time the computer starts up.
“When will WSUS be out for general availability?”
Please refer to the Main WSUS site for release dates -- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“Can these WSUS updates be deployed to Windows 2000 desktops, or only Windows XP?”
Windows 2000 is a supported Client also.
“Can the WSUS policy be used in a W2K environment?”
Yes. You can import the wuau.adm policy template file into the Group Policy object in the GP Editor.
“Can you use the SUS repository for getting the updates for WUS?”
If you are referring to chaining, you can set up a hub and spoke distribution method for deploying multiple update servers. Only one needs access to Windows Update where other WSUS server can point to another local update server for updates.
“Is there a way to use WSUS without policy and AD?”
Yes. Go to the WSUS Site and review the docs there. We have a deployment guide available that explains this. -- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
“Is WSUS a chargeable product?”
No. It is a free download now as a Release Candidate and will be a free download once finished.
“Is WSUS site aware? I.E. can updates be deployed based on what site a computer is in?”
No..or rather, somewhat. WSUS doesn’t natively detect or work with site boundaries. But it is Active Directory aware in that you can use Group Policy to define what group a computer is in. And that being the case, you could apply that group policy object at the site level.
“Does WSUS work with SQL Server 2005 Beta 3 Express?”
I don’t think it has been tested, so I can’t really speculate.
“With WSUS installed and configured what does a user see if they open IE and go to the internet update site? Can a laptop user get critical updates while traveling?”
A user can ALWAYS go directly to the Windows Update Site on the web to get updates. if you use Group Policy to configure clients to point to a WSUS server for Automatic Updates they will also check on the schedule you define with the WSUS Server.
“I missed it earlier... does WSUS come with its own SQL server, or do you have to supply that? If you have to supply it, can it run as a separate instance on another SQL server?”
It does install the MSDE for you if you want it to, or you can use your own instance of SQL on the local or another server.
“If others use port 80 - you need to change the port for WSUS?”
Correct
“I am referring to the fact that now we are using SUS for patching. Can I integrate WUS
Please refer to the Deployment guide for these types of configurations -- http://www.microsoft.com/windowsserversystem/updateservices/techinfo/deployment.mspx
“How does this affect update that require re-boot? Esp. In a Server patch.”
It depends on your Automatic Update settings. You can force a reboot or you can have it wait.
“Is there or will there be a MOM knowledge pack for WSUS & auto update clients?”
Hmmmm....good question...I am not sure. There isn’t one currently, but that doesn’t mean that there won’t be one.
“If I fill out will I win the drawing?? Can you make me win??.:o)”
Uh.....no. J If I can’t make ME win, why would I be able to make YOU win? (and why would I want to? <heh>)
“Will WSUS work without Active Directory? If so, how?”
Yes! And so does SUS, actually. You can configure the registry in SUS, but in WSUS you can set computer groups by NETBIOS name or IP
“Any documentation that I can refer to regarding WSUS work without AD?”
There is a deployment guide on the site now that discusses all deployment options -- http://www.microsoft.com/windowsserversystem/updateservices/techinfo/deployment.mspx
When will the full version of WSUS be available?
VERY soon, I believe. It’s already a release candidate.
“LM system is still very buggy (joining, PDF) - effectively missed this webcast also and wasted my time :-( Sorry!!!”
I hope you put that in the evaluation, too. I’m sorry this week was difficult for you. Heck.. even I had connection issues – but they were hotel-related. L
“I've been using WSUS for a few weeks, and it is a great tool. I highly recommend it.”
Thanks!
“Are there any white papers on the difference between SUS and WSUS?”
Not yet. But in a nutshell… Reporting, Bandwidth-savings, product updates, targeting, approval options (“detect only”, “install”, etc)… oh man… the list gets longer and longer!
“If you update office patches from an AIP installation, is it okay to use the SMS SUS until you patch the AIP?”
Yes.
“If the only server in our network is SBS2003 are there anything we need to watch out for?”
If you decide to load WSUS to the SBS Server you need to understand it will increase the lode further on that single server. And you want to make sure to use the OTHER port option when you install it (so it’s not stomping on your Port 80 web apps). It’s doable, but it is recommended to install WSUS to a member server if possible.
“Can WSUS be installed on a win2000 server and service XP clients?”
Yes. You must have Windows 2000 SP4 to install WSUS to the server and we would still support the same clients.
“Can it be installed on a XP Pro Workstation?
The WSUS product must be installed on a server. However, you can administer WSUS from your workstations.
“When is Part 7 available?”
Ah yes.. Part 7 is the one that they weren’t able to use the original recording on. It should be soon, though, if not already. I re-recorded it last Thursday, so it should be. Try re-registering for the on-demand one again.
“Thanks for all the great info!!!”
You are welcome!
“Thanks, Kevin! Really enjoyed the webcasts!”
You betcha!
“What is Kevin's next TechNet Series?”
Keep watching this space. J Seriously, I don’t have one scheduled yet, but I hope to do one again someday. In the meantime, I’m still doing the one-off webcasts and the live events. And you’ll find me at TechEd again this year, too! And if I get the nod to do another series, I’ll be sure to post it here.
Once again – thank you for making this series so enjoyable! I hope you learned some cool stuff!
…no one can hear you scream.
Or was that “In space..”? Oh well. I’m tired, and sitting in the Indianapolis Airport at gate D8 for my 6:09am flight to Chicago. I’m hoping to check-in to my hotel in Schaumburg a little early so I can set up for doing my last of the series of 12 Windows Server 2003 Administration webcasts. (Cool topic: Windows Server Update Services. It’s not too late to sign up! )
I’m geeking-out, a bit, because I figured out how to get my bluetooth in my laptop to use my PocketPC Phone and GPRS data services from T-Mobile to connect to the Internet. Love bluetooth these days, with my new bluetooth headset and GPS that both use my PDA. But why does it all have to be so complicated? Trying to get these things connected and communicating reminds me of the early days of dialup networking. Remember trying to get a dialup access to an ISP working on Windows 3.1 or Windows 95? That’s how bluetooth feels right now. So.. It can only get better.
Strange… the lights just flashed in the airport. The power went out for a split second. So now of course all of the gates are making announcements that their computers are rebooting, so they’ll have to proceed with the check-ins manually. Just a typical day in the life of a road warrior. <sigh>