Moving DHCP from Windows Server 2003 to Windows Server 2008

Microsoft Support KB article on moving your DHCP scope(s) using netsh – link

Move WSUS SQL database to another location

When running WSUS on a Small Business Server, the default location is the C: drive, when that drive gets full you need to move the content and the SQL database. Below are the steps to move the SQL database to another location.

1. Open command prompt and type: net stop “update services”

2. Next, at the command promt type: net stop w3svc (if it is SBS 2008 it will also stop the Terminal Services Gateway, remember to restart)

3. Open Microsoft SQL Express Management Studio (if you don’t have this, go to http://tinyurl.com/ynl9tv to download) and connect to the MICROSOFT##SSEE database, which is the WSUS database and the SharePoint databases in SBS 2008. You can’t just connect to the database normally, you need to type this in server name area:   \.pipeMSSQL$MICROSOFT##SSEEsqlquery

1577_1

 4. Detach the SUSDB database, move the SUSDB folder to the new location and attach the database again with Management Studio

5. Restart the services: “update services”, “w3svc”, and “Terminal Services Gateway”

 

 

Disable SSL v2.0 in IIS

While going through a vulnerability scan for PCI compliancy, the report noted that IIS 7 on a Small Business Server 2008 was still using SSL v2.0 instead of SSL 3.0 or TLS 1.0. To disable SSL v2.0:

  1. Click Start, click Run, type regedt32 or type regedit, and then click OK.
  2. In Registry Editor, locate the following registry key:HKey_Local_MachineSystemCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0Server
  3. On the Edit menu, click Add Value.
  4. In the Data Type list, click DWORD.
  5. In the Value Name box, type Enabled, and then click OK.Note If this value is present, double-click the value to edit its current value.
  6. Type 00000000 in Binary Editor to set the value of the new key equal to “0”.
  7. Click OK. Restart the computer.

IIS negotiates the encryption with the client browser. An attacker could use a tool that tells the server it has only sslv2 (which is weaker) available. If you disable sslv2 it only uses v3 or tls, as requested by browser. A browser only supporting sslv2 would fail.

 This applies to Windows Server 2003, and Windows Server 2008, and both versions of SBS.

http://support.microsoft.com/default.aspx?scid=kb;en-us;187498

Product Spotlight: Windows SharePoint Services

SharePoint Services is a versatile technology included with Microsoft Windows Server 2008 that enables organizations of all sizes to increase the efficiency of business processes and improve team productivity. With tools for collaboration that help people stay connected across organizational and geographic boundaries, Windows SharePoint Services gives people access to documents and information they need.

wss1

Chief among the advantages of Windows SharePoint Services:

  • Provides a single workspace for teams to coordinate schedules, organize documents, and participate in discussions—within the organization and over the extranet.
  • Easily author and manage documents. SharePoint Services helps to ensure document integrity with the option to require document checkout before editing, provides the ability to view past revisions and restore to previous versions, and has the ability to set document-specific security.
  • Helps people and teams stay on task with a variety of communication features that let users know when actions are required or important changes are made to existing information or documentation, including announcements, sophisticated alerts, surveys, and discussion boards.
  • Provides creative forums for brainstorming ideas, building knowledge bases, or simply gathering information in an easy-to-edit format with new templates for implementing blogs and wikis (Web sites that can be quickly and easily edited by team members).
  • Increases productivity while mobile with enhanced support for synchronization; using Microsoft Office Outlook 2007 to manage document libraries, lists, calendars, contacts, tasks, and discussion board—even offline.

Built on Microsoft Windows Server 2008, Windows SharePoint Services also provides a foundation platform for building Web-based business applications that can flex and scale easily to meet the changing and growing needs of your business.  With a familiar, Web-based interface and close integration with everyday tools including the Microsoft Office system, Windows SharePoint Services is easy to use and can be deployed rapidly. Users can create workspaces and then publish, store, share, and keep track of information, workflow, and documents.

Windows SharePoint Services helps teams stay connected and productive by providing easy access to the people, documents, and information they need to make more informed decisions and get the job done. Enhancements in Windows SharePoint Services 3.0 make it easier than ever to share documents, track tasks, use e-mail efficiently and effectively, and share ideas and information.

Contact KTS today for additional details on how your business can benefit from Windows SharePoint Services!

See the rest of our latest newsletter here.

Troubleshooting SVCHost.exe

The Microsoft Performance Team posted a great article on how to troubleshoot svchost.exe, here is the link

 http://blogs.technet.com/askperf/archive/2008/01/11/getting-started-with-svchost-exe-troubleshooting.aspx

The part of the registry where the services load into the generic process is:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSvchost

Small Business Server 2003 Transition Pack

With SBS 2003 there is a ‘Transition Pack’ to grow out of the 75 user cap or move your servers (ie. Exchange or SQL Workgroup) to other dedicated servers. Here are links for the SBS Transition Pack. When installing the Transition Pack, make sure that the media is newer than the version you are upgrading to (ie. if the media is Transition Pack R2, then you must uninstall Windows Server 2003 SP2 before installing).

Microsoft Documentation – link

Moloy’s Blog on the Transition Pack – link

SBS page – link

How to Move WSUS Content (Update Files)

You can use WSUSUtil.exe (found in Program FilesUpdate ServicesTools) to move the downloaded update files (if you are storing them locally) and reconfigure WSUS to use that location for future updates.  The procedure is this:

 wsusutil.exe movecontent [path to new location] [name of log file]

If you so desire, you can also add the -skipcopy switch to reconfigure WSUS without physically moving the existing files. 
To see the full information on the WSUSUtil, visit the TechNet page for it here

Manage Power Settings with Group Policy

With Windows XP there isn’t a native way to manage power settings via a group policy setting. With Vista and Longhorn server this is now managable. Here is a link to the Energy Star website for a downloadable tool with an .adm file and a client application.

 http://www.energystar.gov/index.cfm?c=power_mgt.pr_pm_ez_gpo

Connect to and Shadow the Console Session with Windows Server 2003 Terminal Services

mstsc -v:servername /F -console

Control Panel Applets or MMC’s from run command

Here are some examples of  shortcuts to type from Start –> run

control userpasswords2 
user accounts 
devmgmt.msc
windows hardware device manager
services.msc
windows services
regedit
registry editor
appwiz.cpl
add/remove programs
dfrg.msc
disk defragmenter
diskmgmt.msc
disk management panel
eventvwr.msc
event viewer
ncpa.cpl
network connections panel
printers
printers and faxes panel
msconfig
system configuration and startup options
nusrmgr.cpl
user management panel
control
opens the control panel
secpol.msc 
opens Local Security Policy Settings
gpedit.msc 
opens Group Policy