Key Features of Windows Server 2012

Windows Server 2003 reaches end of life on July 14 2015. We are suggesting all of our clients running Windows Server 2003 migrate to Windows Server 2012.  This list includes some of the key features provided by Windows Server 2012.

 IIS 8

 IIS 8 brings Internet Information Services up to feature parity with the rest of the world, and surpasses it in places. IIS 8 sports script pre-compilation, granular process throttling, SNI support and centralized certificate management

 

PowerShell

 PowerShell 3.0 is an evolution rather than a revolution. The 2012 line of products marks a revolution in Microsoft’s approach to server management.

 Every element of the operating system and virtually every other companion server, such as SQL, Exchange or Lync, are completely manageable through PowerShell. This is so ingrained that the GUIs are just buttons that call PowerShell scripts underneath.

 

DirectAccess

 DirectAccess was a neat idea but it was poorly implemented in previous versions of Windows. Server 2012 makes it easier to use, with SSL as the default configuration and IPSec as an option. The rigid dependence on IPv6 has also been removed.

 DirectAccess has evolved into a reasonable, reliable and easy-to-use replacement for virtual private networks.

 

Cluster Shared Volumes

 With Server 2012 Cluster Shared Volumes are officially supported for use beyond hosting virtual hard disks for Hyper-V. You may now roll your own highly available multi-node replicated storage cluster and do so with a proper fistful of best-practice documentation.

 

Deduplication

 For years now, storage demand has been growing faster than hard drive density. Meeting our voracious appetite for data storage has meant more and more spindles, and more controllers, chassis, power supplies, electricity and cooling to keep those spindles spinning.

Deduplication has moved from nice to have to absolute must in recent years and Microsoft has taken notice. Server 2012 supports deduplication on NTFS volumes – though tragically it does not work with CSV – and deeply integrates it with BranchCache to save on WAN bandwidth.

 

Hyper-V 3.0

 Server 2012 sees Hyper-V catch up with VMware’s mainstream. Microsoft’s Hyper-V Server – a free Windows Core version of Hyper-V – is feature complete. If you have a yen to dive into PowerShell then you can run a complete 64-node, 8,000 virtual machine Hyper-V cluster without paying Microsoft a dime.Microsoft is betting you will spend the money on System Center 2012 and it is probably right. System Center 2012 is amazing, even more so with the newly launched Service Pack 1.

 

Hyper-V Replica

 Hyper-V Replica is a storage technology designed to continuously replicate your virtual machines across to a backup cluster. It ensures that snapshots no more than 15 minutes old of your critical virtual machines are available over any network link, including the internet.

 It replicates the initial snapshot in full – after that it sends only change blocks – and it fully supports versioning of your virtual machines.

 

iSCSI

With Windows Storage Server 2008, Microsoft first made an iSCSI target available. It eventually became an optional download from Microsoft’s website for Server 2008 R2 and is now finally integrated into Server 2012 as a core component.

 

NFS 4.1

 Microsoft’s NFS 4.1 server is good code. Designed from the ground up it is is fast, stable and reliable. It makes a great storage system for heterogenous environments and a wonderful network storage point for VMware servers.

 

SMB 3.0

 SMB 3.0 is the crown jewel of Server 2012. It supports multiple simultaneous network interfaces – including the ability to hot-plug new interfaces on the fly to increase bandwidth for large or complex transfers – and supports MPIO, thin provisioning of volumes and deduplication (assuming the underlying storage is NTFS).

 SMB 3.0 also supports SMB Direct and remote direct memory access, the ability for appropriately kitted systems to move SMB data directly from one system’s memory to the other, bypassing the SMB stack. This has enabled Microsoft to hit 16GBps transfer rates for SMB 3.0, a weighty gauntlet for any potential challenger to raise.

 Source: Microsoft

 

How to test Office 365 SMTP server using PowerShell

Office 365 supports SMTP relay for authenticated accounts using TLS encryption.

Testing SMTP access is traditionally done using Telnet, but that’s not always an option when using Office 365 due to the authentication requirement.

Fortunately it’s easy to use PowerShell to accomplish the same thing.


How to test SMTP server using PowerShell:

Capture and store the Office 365 credentials for the account you intend to use for SMTP auth:

$msolcred = get-credential | save the credential of from address

Use the stored credentials to send a test message from user@domain.com to user@example.com, over port 587 (Encrypted w/ SSL):

Send-MailMessage –From user@domain.com –To user@example.com –Subject “Test Email” –Body “Test SMTP Relay Service” -SmtpServer smtp.office365.com -Credential $msolcred -UseSsl -Port 587

Use Command Prompt to return the logged in user of a remote computer

If you need to determine the user account that is logged into a computer with a known IP address or computer name you may use the following command. This command is confirmed to work with Windows 7 but should also work the same on Windows 8 +.

You will need to make sure the Windows Firewall on the remote computer is configured to allow access inbound for “Remote Administration (RPC)” and/or “Remote Service Management (RPC)”

Open the Command Prompt and run:

“wmic.exe /node:(computer name or IP address) computersystem get username”

If you are returned an error of RPC server unavailable make sure the Firewall is open as described above.

Disable Flash in IE

To disable Flash completely, click the gear icon in the upper right corner of the IE 10 window and then click Manage add-ons from the menu:
Addons

 

 

 

 

 

 

 

 

That opens the Manage Add-ons dialog box, shown below. Select the Shockwave Flash Object add-on and note that it is identified as a Microsoft Windows 3rd party Component. Also note the file date, which is a month before the relevant security fixes were available:

 Flash_addon

 

 

 

 

 

 

 

 

 

 

 

 Click Disable, and then click Close. You are now safe from any exploits that rely on vulnerabilities in Flash. Any Flash-based code, legitimate or otherwise, will not run in Internet Explorer 10 when this add-on is disabled.

Preload Office 2013 on new computers for distribution to end users

This is a technique you can use to preload the Office 2013 installation media on a system, bypassing the need to download the installation files during activation.

You will require a qualified Microsoft Partner account in order to download the media from the following link:

http://www.microsoft.com/OEM/en/installation/downloads/Pages/office-single-image-v15-opk.aspx

  • Download the disk image appropriate for your language.
  • Extract the disk image using a utility like 7zip to a folder.
  • Copy the Office 2013 Single image source folder to local PC. (Folder contains installation data and batch files for prep)
  • Uninstall the already installed Office 2013 installer  from Programs and Features (if it already exists).
  • Run as administrator the script oemsetup.en-us inside the single image source folder, this preps the system to use the local source for Office 2013 instead of downloading.
  • Open the Microsoft Office app following script completion, and select Buy online.
  • Purchase the office software using a Microsoft account affiliated with the client or user.
  • Go through the purchase process until you have confirmed, and are presented with a product key. Make sure to document what key will be assigned to each user  if preparing multiple systems.
  • Copy the Product Key to your clipboard and go back to the Office installer and now select Activate.
  • Enter the Product Key you copied.
  • Select the Redeem Online button.
  • Sign in with the same Microsoft Account used to purchase the software.
  • Select the region and language.
  • Once the key has been associated with your account you will be taken to a web page that displays all keys tied to the account.
  • Minimize the browser window and go back to the Office installer.
  • Select Activate, on the enter product key screen select the option to “sign in with an active account instead”.
  • Sign in with the Microsoft account.
  • Once signed in, you should be presented with the ‘Choose your product window’.
  • The most recent purchase is a the bottom of this list,  select it and Continue.
  • Office Click-to-run will now complete the install using the local installation source instead of downloading the software. 

This is especially helpful when dealing with multiple systems at a site with poor download speed.

Connect Windows Explorer to an Office 365 Sharepoint Library

This post will outline the authentication process and configuration necessary to access an Office 365 SharePoint Library via a mapped drive in Windows Explorer.

This information was originally posted on Spiceworks.com at http://community.spiceworks.com/how_to/show/4133-office-365-sharepoint-map-network-drive

1.

Login to the Portal http://portal.microsoftonline.com

Sign in to the SharePoint Online site by using your Office 365 credentials. Make sure that you click to select the Keep me signed in check box. This is important because you need to be (and stay) authenticated via the web portal to access the SharePoint document library via a mapped drive.

 
2.

Click Start, Right-click Computer, and then click Map Network Drive

 

 
3.

Click the “Connect to a Web site that you can store your documents and pictures” link, and then click Next two times.

 

 
4.

Type the site URL, click Next, and then follow the instructions in the wizard.

Depending on your permissions level you may need to map to a document library level

 
5.

Remove the tick from “automatically detect settings” in your proxy settings page (found in the connections tab in Internet options).

This Really makes a big difference to folder traversal in explorer.

Troubleshooting

If you encounter issues with the mapped drive disconnecting follow these steps

Make sure that you are authenticated to Office 365. To do this, follow these steps: 
1. Sign in to the SharePoint Online site by using your Office 365 credentials, and make sure that you click to select the Keep me signed in check box. 
2. Open a document library in Explorer View. 
3. Try to access the mapped network drive.

If you are authenticated to Office 365 and the issue persists, make sure that the entries for SharePoint are added to the Trusted sites zone in Windows Internet Explorer. To do this, follow these steps: 
1. On the Tools menu In Internet Explorer, click Internet options. 
2. Click the Security tab, click the Trusted sites zone, and then click Sites. 
3. Verify that the following entries are listed in the Websites list:

https://*.outlook.com  
https://*.sharepoint.com
https://*.microsoftonline.com
https://*.lync.com   

 If these entries are not present, add them to the Trusted sites list of websites. 

Make sure that the entries for SharePoint are added to the Local Intranet Zone in Windows Internet Explorer. To do this, follow these steps: 
1. On the Tools menu In Internet Explorer, click Internet options. 
2. Click the Security tab.
3. Click the Local intranet zone, click Sites, and then click Advanced. 
4. Verify that the following entries are listed in the Websites list:

*.microsoftonline.com
*.sharepoint.com
*.outlook.com
*.lync.com

If the above entries are not present, add them to the Local intranet zone list of websites.

You should now be able to map a drive to a SharePoint Library

You may also use the Open with Explorer feature in SharePoint while you have a Library open by clicking the Library tab and selecting the Open with Explorer button located in the Connect and Export section:

Open with Explorer

Open with Explorer

Connecting a Mobile device to Microsoft Exchange Online

Had some trouble recently getting clients setup with Microsoft Exchange Online services on a mobile device. Here’s the settings that worked for me.

IPhone
——
Email: user@domain.com
Server: red001.mail.microsoftonline.com (Do no included the HTTPS:\ portion of address)
Domain: Should be left blank
Username: user@domain.com
Password: ******** (The users BPOS/Exchange Online password)

Blackberry
——
Email account: user@domain.com
Web Access URL: https://red001.mail.microsoftonline.com/owa (be sure to include the https:// and trailing /owa)
Username: user@domain.com
Password: ******** (The users BPOS/Exchange Online password)
Mailbox Name: user (just the prefix of their email address)

Explorer.exe won’t load following a reboot

Recently encountered problems getting Windows Explorer shell to load in Windows XP after cleaning a spyware infection.  I found there are two registry keys that are critical in relation to loading explorer on boot,  you should check them first if you even encounter a problem getting Explorer.exe to load.

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon


shell=”explorer.exe”


HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon

userinit=C:windowssystem32userinit.exe

Watch out for trailing comma’s on userinit.exe  (userinit.exe, ) as this is where malware likes to insert itself to load during windows startup.

Windows Small Business Server – TS Gateway Authentication issue

We recently implemented a new SBS 2008 server for one of our clients.  A user was going to be working from home and wanted to utilize thier corporate office desktop to get some tasks done.  They were able to authenticate to the Remote Web Workplace webpage successfully,  but were unable to connect to their Windows 7 desktop computer.  Every time they attempted to do so, their account was rejected with an error message: “The logon attempt failed”

I discovered the problem was due to an incorrect setting within IIS.

Here’s what I did to correct the problem:
I went to IIS Manager → Sites → SBS Web Applications → Rpc → Authentication.  There I found only “Basic Authentication” was enabled.

Enabled “Windows Authentication” then ran an IIS reset. When IIS came back online, I was able to connect via TS Gateway to the server and at least one workstation. I connected and disconnected multiple times and it had no problems. The end user verified they were also able to authenticate without error, and gained remote control of their Windows 7 computer.

UBCD4WIN Bootable USB drive

It’s possible to create a USB pen drive that you can use as a boot device. This can be useful when you have a Windows computer that refuses to boot correctly, or when a system is infected with malicious software that you’re unable to remove from Windows.

I prefer to use the Ultimate Boot CD for Windows (UBCD4WIN) for this purpose,  it includes a Windows XP PE environment with lots of useful system utilities and applications.  You can find out more information about UBCD4WIN at their website

Here are some links that cover the process of using UBCD4WIN to create a bootable USB drive in detail:
http://foribb.blogspot.com/2009/01/make-your-pen-drive-bootable-install.html
http://www.dedoimedo.com/computers/livecd.html