Kevin Remde's IT Pro Weblog
IT Pro Resources
TechNet EventsMicrosoft Security Response CenterTechNet IT Manager Community HubMicrosoft Virtual AcademyKevin’s Evaluation Download Center
IT Pro Evangelist Blogs
Blain Barton Blain Barton's Blog@BlainBar
Brian LewisMy Thoughts on IT...@BrianLewis_
Dan Stolts IT Pro Guru Blog@ITProGuru
Jennelle Crothers TechBunny@jkc137
Keith MayerIT Pros ROCK!@KeithMayer
Kevin Remde Full of I.T.@KevinRemde
Matt Hester Matthew Hester's WebLog@MatthewHester
Tommy PattersonVirtually Cloud 9@Tommy_Patterson
Yung Chou Yung Chou on Hybrid Cloud@YungChou
This just struck me as geeky-cool (a term I use far too often, but that’s because I thrive on geeky-cool things). I just saw a blog post on the DHCP Team Blog about a new little improvement called “DHCP Network Hint” coming in Windows 7 and Windows Server 2008 R2.
“Wait a sec.. DHCP has been around for over a dozen years now. Microsoft still has a TEAM of people working on DHCP?”
Yeah.. that part has me scratching my head as well. It’s such a solid, taken-for-granted service that I couldn’t believe we’d have a need to change or improve it. But sure enough, some smart people on the “team” (for all I know it’s just two guys) found a way to improve the connection experience when you’re bringing a wirelessly connected machine from one network to another.
Apparently, and by default, DHCP in Windows 7 (and Server 2008 R2) will be more “opportunistic” when it recognizes an SSID for a network that it’s used before.
DHCP on wired stationary network connections has always done this thing where it says, “I already have an address lease, and it’s not expired, so I’m going to have a shorter conversation with the server to allow me to keep this address I already have". That’s much more efficient than starting the whole request process over again. Of course, for wireless connections, you always have to do the entire process; even if you’ve been on that network before and may have been able to lease an address that would not otherwise have expired.
“Ah! So.. if my computer can remember where it’s been, and keep that lease information for multiple networks I regularly visit, then the connection time will improve?”
You got it. And I think it’s geeky-cool.
Anyway.. that’s my long paraphrase of the DHCP Team’s post on their blog. They also have posts describing how it works, and how to disable it if you want/need to.
(RTW = Released to Web)
If you’re already managing the protection of your data with System Center Data Protection Manager 2007, you’ll definitely want to know that SP1 for DPM 2007 is out and available for download TODAY. (see below if you just want the download links)
And you probably also want to know that if you’ve been looking at DPM, and would be able to use some of the new functionality to your advantage.
“So.. what’s new?”
Here’s the text from an e-mail I received from Jason Buffington, the Senior Technical Program Manager for DPM:
Service Pack 1 for Microsoft System Center Data Protection Manager (DPM) 2007 provides continuous data protection for Windows application and file servers using seamlessly integrated disk and tape media and includes the following expanded capabilities: Protection of Hyper-V™ virtualization platforms, including both Windows Server 2008 Hyper-V and the Microsoft Hyper-V Server, has been added to the existing set of protected workloads, building on the virtualization protection originally delivered for Virtual Server 2005. Enhanced SQL Server 2008 protection, including the addition of new protection capabilities for mirrored databases, support for parallel backups of databases within a single instance, and the ability to move data from SQL Server 2005 to SQL Server 2008 for migration scenarios. Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 receive index protection, significant catalog optimization, and support for mirrored content databases. Added protection for Exchange Server 2007 Standby Cluster Replication (SCR), enabling a complete disaster recovery solution that leverages SCR failover alongside DPM point-in-time restores. In addition to enhancing the protection of each of the core Microsoft application workloads, additional capabilities have also been introduced with the release of DPM 2007 SP1, such as: Local Data Source Protection enabling the DPM 2007 SP1 server to act as a branch office server offering self-protecting File Services and Virtualization hosting within one platform. Cross-Forest Protection allowing large enterprise customers with multiple Active Directory® forests to now have even more flexibility in their DPM deployments. Provision for a Client DPML answers customer demand for a more cost-effective way to protect Windows XP and Windows Vista clients using the same DPM 2007 infrastructure that protects their servers Disaster Recovery capabilities within DPM 2007 SP1 now include the ability to leverage a third-party vaulting partner via the cloud (SaaS) All of this new functionality builds on the features released in the DPM 2007 ‘Rollup Update’ in June 2008, which provided protection of Windows Server 2008, including Windows Server 2008, Windows Server 2008 core, Windows Server 2008 System State and BitLocker™ support – as well as new tape media capabilities around tape sharing and media library sharing. Between ‘Rollup Update’ and Service Pack 1, most of the core features of DPM 2007 have seen incremental capabilities or workload advancements which promises to keep Data Protection Manager on a trajectory toward improving how Microsoft customers protect and recover their Windows application and file servers with the Microsoft backup and recovery solution.
Service Pack 1 for Microsoft System Center Data Protection Manager (DPM) 2007 provides continuous data protection for Windows application and file servers using seamlessly integrated disk and tape media and includes the following expanded capabilities:
In addition to enhancing the protection of each of the core Microsoft application workloads, additional capabilities have also been introduced with the release of DPM 2007 SP1, such as:
All of this new functionality builds on the features released in the DPM 2007 ‘Rollup Update’ in June 2008, which provided protection of Windows Server 2008, including Windows Server 2008, Windows Server 2008 core, Windows Server 2008 System State and BitLocker™ support – as well as new tape media capabilities around tape sharing and media library sharing.
Between ‘Rollup Update’ and Service Pack 1, most of the core features of DPM 2007 have seen incremental capabilities or workload advancements which promises to keep Data Protection Manager on a trajectory toward improving how Microsoft customers protect and recover their Windows application and file servers with the Microsoft backup and recovery solution.
“Where do I go for more information? Where’s the download?”
Here are the links for you:
Mike Neil is the General Manager of Virtualization at Microsoft. He’s the guy with the job of overseeing where Microsoft is going with Virtualization; looking at the big-picture and how Microsoft can contribute to and lead in the area of Virtualization.
He recently contributed this very good summary of where it’s all headed, with predictions for the coming year. Check it out. It’s well worth the read if you’re at all curious about why Virtualization was big news in the past year, and will be even bigger news in 2009.
“What do YOU think, Kevin?”
You’d have to be living under a rock to have missed the fact that the benefits of Virtualization are something every organization needs to consider, and for so many reasons. Is saving money by reducing power consumption a big deal? Absolutely. Are we all trying to “go green”? You bet. Do we all want the flexibility of being able to easily move workloads around based on changing demand or business needs? Are we wishing we had a way to back an entire server up as easily as copying a few files to a safe location? I think you know where I’m going with this.
“Will it be VMWare or Microsoft?”
Well.. if you know me at all, you know I’m going to say Microsoft. But it’s not just because they write my paycheck. It’s not even because I’m a huge fan of their stuff. But if you simply take a look at the bigger picture.. not just the virtualization of servers.. I’m talking about how you MANAGE servers and services; whether they’re virtual or not. System Center has all the right tools for all of this. Even if we ignore the price difference**, it’s obvious to me that Microsoft has the right idea: Management is where it’s at. Even the former Microsoftie-turned-VMWare-CEO Paul Maritz says that management is key. (Check out how many times the topic of management comes up in this VMWorld 2008 Keynote “Live Blog” summary of his keynote.) I’d much rather have a well-integrated suite of tools for managing and maintaining the resources and services I’m responsible for providing; not just the tools to move virtualized servers around.
Oh.. and did you know that the new System Center Virtual Machine Manager 2008 also manages VMWare workloads right along-side Hyper-V and Virtual Server?
So what do I think? I think I’m glad I work for Microsoft.
What do you think? Am I right? Am I “Full of I.T.”, or simply “full if it”?
**And in case you’re wondering, a Microsoft solution using Hyper-V on Windows Server 2008 and buying the System Center Server Management Suite Enterprise (SMSE) costs less than 1/3 of what the virtualization platform and management offerings from VMWare cost.. and that’s without the added management benefit of what the System Center tools like System Center Operations Manager, System Center Configuration Manager, and System Center Data Protection Manager bring to the mix.
“Hey Kevin.. what are the specs on that there demo computer?”
Funny you should ask. I get that a lot. And so I thought I’d share with you my dream configuration. It is my hope that some of you will take these steps and use them to build your own test environment, so you can kick the tires on these technologies; how to configure and use them to your advantage.
And your question is especially timely as I’m currently building out a demo environment consisting of a good chunk of Microsoft System Center tools for the sake of our upcoming series of TechNet Events.
Absolutely. Hyper-V is the way to go. So naturally, I have a foundation of Windows Server 2008, 64-bit. I’m running Server 2008 Enterprise, and have 8GB of memory installed on a Lenovo T61p (my current favorite laptop of all-time). That’s the current workhorse laptop for our entire team.
'”How did you configure it?”
Well.. that’s what this blog post, and several up-coming posts are going to be about. (Hence the “Part 1” in the subject line.) I want to document for you in sufficient detail all of what I had to do to get my demos configured for this quarter of TechNet events. So in this and future blog posts, I’m going to describe for you:
and perhaps some other installations as well, as we build out the environment to show of things such as using System Center Configuration Manager and NAP.
“Okay.. so give us some more detail on what the foundation is.”
As I said earlier, it’s Windows Server 2008 Enterprise Edition, 64-bit. I’ve only got the basics installed as roles. Of course I added the Hyper-V role. And I also added basic routing from the Network Policy and Access role installation.
“Huh? Why Routing?”
I’ll explain the details of why I added that in a future post in this series. But for now, let’s just say it comes in handy for allowing my demo subnet-connected machines to access the Internet without having additional virtual NICs installed in each one. It makes my demo environment more realistic, and has some additional flexibility benefits.
But I digress. The benefit of keeping the host (or Parent Partition) foundation simple is that it is easy to build and re-build if needed. The bulk of the work from here on out should always be in virtual machines that can be easily added or removed, exported or imported, and can have snapshots maintained through various stages of the configuration, as well as through iterations of demo steps.
Besides those basics, I installed Office 2007. I also installed the “Desktop Experience” feature, so that I could play media files. (Here’s a good recipe for doing this. I didn’t bother with the theme service.) I also enabled the audio service. While not typical things you would do on a server, they come in handy when you might be driving PowerPoint presentations and playing videos for people.
“What about networking?”
Nothing special just yet. I do have a physical NIC, plus I enabled the Wireless LAN Service (it’s another “feature” to be added) for times when I can’t be wired.
And that’s pretty much it. Any questions?
“Yeah.. this all sounds cool.. but I don’t work for Microsoft. I can’t just download software and install it to my heart’s content.”
How about the next best thing: A TechNet Plus Subscription. To build this environment, I’m only using the evaluation software (that is to say – NON-TIMEBOMBED evaluation software) that can be downloaded or received as a part of a TechNet Plus Subscription. (See this link for better description of what you get with the subscription, plus a nice discount offer we have going on right now.)
In part 2, I’ll describe how I configured Hyper-V for my purposes.
If you’ve been hearing the news over the past couple of days, you’ve heard about the exploit that was discovered, and has been taken advantage of, in Internet Explorer.
“'IE? What version?”
All versions. It is documented in these two articles:
This issue is categorized as CRITICAL, because it is actively being exploited. In the case of this one, there are web sites that have been compromised, or have deliberately been configured, to cause remote execution of code in Internet Explorer. And as most of you know – any code that is running as YOU, which you didn’t intend to run, is a potential hole into doing something nasty to your systems or to your information.
“What other resources are out there?”
There are some webcasts scheduled for getting questions answered. In fact, one of these is happening even as I type this blog post.
If you’re interested in seeing Thursday’s, you’d better register quickly. They do have a limit.
But if you missed them, you may still be able to use these links to view the recordings of these webcasts on-demand. Usually it takes a day or two to make the recording available, so check back.
** UPDATE: These are now indeed available to watch on-demand. **
“Okay, Kevin.. I don’t need to know any more. How do I get the patch?”
If you have set your systems to update automatically, they’ll get it very soon. (My Vista Ultimate computer I run as my family’s Media Center computer actually already sees the update and is asking if I want to install it.) My corporately managed PC also already has the fix available (no surprise there).
If you want to download it or deploy it some other way, you should look at the Security Bulletin.
Otherwise, the easiest way to install it if it hasn’t shown up automatically is to use Windows Update or Microsoft Update. Scan for new updates, and install any outstanding updates.
Also - now would be a good opportunity to send a reminder out to the people you support, reminding them to be aware of where they’re browsing. Watch for any unsolicited or unexpected pop-ups that are trying to get you to install or run something. And until your system is up-to-date, be particularly mindful of your policies of the acceptable use of corporate resources. Now is not the time to be going to some new gaming site or other non-business related browsing.
Breaking News: The IT Manager Community Hub is LIVE!
Spread the word!
For several months now, I’ve been working with people in the Microsoft BMO on this project, which started because of a recognition that IT Managers – people who lead IT people and run IT organizations – haven’t been served as well as they could be from Microsoft.
We’ve heard you loud and clear!
If you’re an IT Manager, or even if you’re simply looking for a good starting place for answers to questions such as:
..then this hub is worth looking into, and returning to often.
We’ve pulled together relevant news and blog feeds. We’ve got a launching pad for researching platform solutions for your organizations. We help you with your licensing questions. We’ve got some of the top minds in security at Microsoft providing the security perspective. Newsletters, event news, training resources, support and consulting services… It’s all there!
Check it out and let me know what you think. Is there something more you’d like to see?
Participate. This will become your community only if you find it useful. And it can become MORE useful only if we get your feedback.
See you there!
TechEd North America 2009 is happening a little earlier this year: May 11-15, 2009 in Los Angeles, California.
And this year Microsoft is offering the biggest early-bird discount they’ve ever done: $300 off the registration if you register by December 31st, 2008.
“Have you ever been to TechEd, Kevin?”
Does the bear [live] in the woods? Are you kidding?! I love TechEd! I’ve only missed three of the North American TechEds in their 16-or-so year history. (1993 was the first one, right? I missed that, plus ‘96 and ‘97) I’m the biggest fan of TechEd around.
Go to the TechEd 2009 home page for all the details.
(I love this: We even have a “convince my boss” option for you. I could have seriously used that back in ‘96 and ‘97. )
“Hey.. are they doing a separate TechEd for Developers and IT Pros this year again?”
No.. this year they’re going back to the one-week, one unified conference format. Personally, I saw both benefits and drawbacks to the way we did it last year. On the one hand it was nice to know that pretty much everything I went to and participated in had something for IT Pros specifically. But on the other hand I felt we were missing out on doing things together. And since I started as a developer some [text representing a very large number deleted] years ago, I still have a lot of interest in that side of the world.
“Are you going to be there?”
I’m going to do everything I can to get there. I hope to work there again in some capacity. But it might be fun to go as a non-employee again sometime, too; which means paying my own way. (No.. I’m not at all interested in or planning on leaving Microsoft. That was NOT an announcement.)
(NOTE: I didn’t write this blog post. It was sent to me in hopes that I would post it. It’s geared more towards developers, some of whom do read my blog now and then – so I thought it was worth sharing. -Kevin)
Register today and you’ll get the best of the PDC in your own backyard and hear all of the exciting announcements around the Azure Services Platform and Windows 7.
The Cost? Just $99. And, did we mention that attendees will get some cool giveaways?
Check out the session line up…
Register for a city near you…
The MSDN Developer Conference will not only WOW you with the coolest sessions from the PDC but you will also be in the running to win one of 3 Lego NXT Robotics Kits and the WROX Microsoft Robotics Developer Studio book. Other giveaways include a Gamer Backpack filled with the latest XBox games and a Mobility Backpack full of cool hardware.
As good as the sessions are, there's always more to explore and discuss. At MDC, you'll have a chance to step into the Community Courtyard and choose what to talk about, based on your interest and passion for the subject.
Running in tandem with the presentations is an open discussion area where you will choose the subjects and the participants. Whether you want to mingle with the presenters, talk about an MDC session, a related subject or something else you have the opportunity. Borrowing from Open Space Technology and other forms of open, community-driven discussion, using fishbowls and free-for-alls, this area is yours.
Find our tag cloud under #MSDNDevCon. Join the buzz!
Facebook - Join the group Twitter - follow the feed Flickr - post your MDC pictures del.icio.us - share your bookmarks Twemes - global twitter tags
Facebook - Join the group
Twitter - follow the feed
Flickr - post your MDC pictures
del.icio.us - share your bookmarks
Twemes - global twitter tags