When Microsoft announced the Server Core functionality of Windows Server 2008 a lot of people got very excited. Server Core is essentially the functionality of a server OS without any of the bloat of either a regular server or workstation OS. There is no graphical user interface (GUI) and it requires much fewer resources than the full installation. You are limited to what roles you can install, but Server Core is perfect for any of the following:
- Active Directory (AD)
- AD Lightweight Directory Services (LDS)
- Hyper-v (virtualization parent)
- DHCP Server
- DNS Server
- File Server
- Media Services
- Print Server
Of course most of these roles would be best administered using their appropriate MMC (Microsoft Management Console) consoles, but for actually running the services Server Core might be your best bet.
In this article I am going to outline six commands that I feel are required knowledge for anyone starting out with Server Core. In later articles I will discuss enabling and managing roles, but today I will cover the following:
- Changing your server name
- Changing your IP address (including Subnet Mask, Default Gateway, and DNS Server)
- Setting a password
- Joining a domain
- Activating Windows
- Enabling Automatic Updates
When you boot into Server Core (after providing credentials) you are given a Command Prompt… and that’s all. There is no Start menu, no desktop shortcuts; the only indication that you are not in an old MS-DOS system is that the Command Prompt is itself in a window. As such a lot of people do not seem to know where to start; here are a few tips to set you on your way:
1) Change your computer’s name to something manageable. Unlike any other edition of Windows when you first start out the name is assigned automatically, without a choice. It will be something like WIN-CE4SRY8Q. Most admins like their server names to mean something to them, but more importantly there are a few commands where you have to type in the system name in a command line… so change it, for our purposes to Core1:
netdom renamecomputer WIN-CE4SRY8Q /NewName:Core1
Of course after renaming your system you have to reboot, so:
shutdown /r /t 0
Note: The /r switch means you are restarting; the /t 0 cuts the time delay to 0 seconds (otherwise you would have to wait a minute before the reboot).
2) Change your IP settings. If you are satisfied with the default settings (like any version of Windows it will try to obtain an address from a DHCP Server) then you can skip this step. Use the ipconfig command as you would normally to verify these settings. To change them:
netsh interface ipv4 show interfaces.
This will show the relevant information about all Network Interface Cards (NICs). For our purposes the NIC will be called Local Area Connection and have an index of 1.
netsh interface ipv4 set address name="Local Area Connection" source=static address=172.16.0.15 mask=255.255.0.0 gateway=172.16.0.1
This assumes a Class B network where the gateway is at 172.16.0.1. Make sure you know your environment before assigning the wrong information or worse, addresses that are already assigned.
netsh interface ipv4 add dnsserver name="Local Area Connection" address=172.16.0.10 index=1
Here our primary DNS server is at 172.16.0.10. At this point you should be able to ping other systems on the network by IP address, Fully Qualified Domain Name (FQDN), or NetBIOS name. If you cannot then verify your settings and connections and then try again.
3) Set the password. Of course this should be done according to your corporate policy but make sure you do not forget:
net user administrator *
You will be prompted to enter and re-enter a new password.
4) Join a Domain. Depending on your needs this may not be necessary, but if you must:
netdom join Core1 /domain:swmi.ca /userd:Administrator /passwordd:*
Note that the switch /passwordd has two Ds at the end; this is not a typo, and corresponds to the /userd. We use the asterix for the password because otherwise it is in clear text, and anyone looking over our shoulder could see our password. However if you are alone in a secure room with no hidden cameras you could simply type /passwordd:P@ssw0rd.
5) Activate Windows Server. Remember that your Server Core installation is a full license of Windows Server, and as such must be activated. Once you have an Internet connection:
slmgr.vbs –ato
A successful activation will not return any message following this command, and you will be returned to the prompt.
6) Enable automatic updates. Although Server Core has a much smaller footprint than a full install, patch management is still important. To enable automatic updates:
cscript c:\windows\system32\scregedit.wsf /au 4
The book that is essentially my bible for Windows Server 2008, Windows Server® 2008 Administrator’s Companion by Charlie Russel and Sharon Crawford, goes into more detail about all of these commands and more. Trust me, it is worth the investment!
There are a couple of interesting slogans I have heard used to refer to Server Core… my favourites are Windows without Windows or, playing on the ad campaign for Windows Vista, The Wow Stops Now. Any way you look at it, the flashiest aspect of Server Core is the lack of flash; it is what admins have been looking for, the ultimate bloatware-free server. Try it out and see what it can do for you!
I was looking for an e-mail from years ago when I came across this letter I wrote to the Senior Editor (Careers) for TechRepublic.com nearly six years ago. Although the circumstances hardly apply to me anymore it may be interesting for IT Professionals just starting out, weighing the pros and cons of leaving their cozy and safe day jobs for the wild world of independence… or combining both!
It should be noted that I wrote this letter six weeks before leaving my day job; I did not have any certifications yet (I would get my first within two months). The economic climate was probably much safer then than now, so that was not a concern at the time. As well in Canada I was safe if I got sick – socialized Medicare and such.
I have spent the past three years as the M.I.S. Director of a local security company. Along the way I made a lot of good contacts, and people started (as they will) seeking free advice. From time to time 'they' would ask for help with a problem, and if I could accommodate them without interfering with my day job, I would. The occasional jobs started to supplement my income nicely, and I was exposed to a lot of systems and software that I had either forgotten or would not otherwise have been exposed to.
Well one of these clients was so pleased with my work that they mentioned me to a colleague of theirs, who happened to be a long-lost friend from high school. Ron and I had grown into computers together, and now he ran a computer consulting firm. We met up again at a party, and he asked me if I would be interested in doing some sub-contracting. We discussed it the next week and he gave me the name of a client whose company ran a small local area network. Before I could even meet the client, she called and asked if I could do a favour by visiting a client of theirs whose computerized cash registers were down.
I fixed up the client's client's problem by eliminating the virus from their system, and all of a sudden what had once been an occasional after-work job had turned into an every-lunch and every-evening job. I had established a steady client base of small businesses who were frustrated by a long string of consultants and technicians who charged big bucks but were either unqualified, unreliable, hard-to-reach, or dishonest. After listening to what each had to say, I examined who I was: I was certainly qualified and definitely honest. So by making sure I was reliable and easy to get in touch with I could probably make some good extra spending money.
Though I still have my day job, I am billing on average fifteen hours per week. My clients are extremely happy, and I am earning more money consulting than I do at my day job. I know that many of my clients would be very happy to see me quit my day job to be more available, and that is in the long term plan. I am also studying for a number of certifications, which will open even more doors to companies who may be sitting on the fence about hiring someone like myself.
My two greatest concerns about going at it as an independent were that clients would not want to pay for my services, or worse that the clients would not be knocking on my door. However most business owners and managers that I have come across are not afraid to pay the hefty hourly rates that I charge, if that is what it takes to know that their systems will be working, and if they go down that I will be straight with them about what it will take to get them up again. As long as I maintain my reputation and good name by offering those four points - qualified, reliable, accessible, and honest - I would be in good shape.
In a day and age when anyone can print up business cards and call themselves a computer consultant, businesspeople have to be able to separate the wheat from the chaff. I tell my clients that there are consultants who charge twenty dollars per hour - and are worth every penny of it, and there are consultants who charge one hundred and twenty dollars per hour - and are worth every penny of it. When your business relies on its computers to work right this time and every time, which do you think is your best bet to get you there?
New Years Eve… December 31st, 2008. We left our hotel at 1pm and did not stop having an incredible time for over twelve hours! I started to blog when we came home last night, but it was a lost cause. It is now New Years Day, and I have a lot to remember from last night.
We had tickets to see Jersey Boys, which was by far the best of the shows that we have seen this trip. The star of the show – Dominic Scaglione Jr. – had an incredible voice, and was a really nice guy… he and his entourage happened to walk into the bar where Theresa and I were sitting after the show, and spent a few minutes talking to us. We had already gotten a picture of him with Theresa, but took this opportunity to get an autograph.
Drinks were at the bar in Gallagher's, across the street on 52nd Street West. Max was pouring the drinks, and he did not seem to be measuring his pours. Around 6:00 I asked for a table, and we had an excellent steak dinner… not Berns’ or Moishe’s, but definitely a great steak!
We walked along 8th Avenue to 42nd Street where we had concert tickets… what a madhouse! Theresa and I made sure to stick together, and with a little effort we got to the 42nd Street Checkpoint in one piece. We showed our tickets to no fewer than three NYPD cops, and then got to B.B. King’s. We were all bundled up because we figured we would have to wait in line outside, but as luck would have it they were letting people wait in the bar, where we met a really nice couple from Tennessee. Tom and Charlene were the nicest people, on their first vacation in several years and loving New York City.
When they started letting people into the lounge we were near the front of the line, and got a great table… and the drinks kept coming. All I can say is it is a good thing that we were not driving!
Chuck Berry was incredible… at his age (he has to be seventy years old!) he isn’t duck-walking anymore, but he sure has the voice, and can play the guitar like nobody’s business! He played all of our favourite songs, and then some… Maybelline, Oh Carol, My Ding-a-Ling (an interesting audience participation sing-a-long!), and Sweet Sixteen. Leading into midnight he brought a couple of girls from the audience on stage, and broke into Johnny B. Goode… WOW! He really knows how to make people move!
Somehow for the last couple of songs Charlene ended up on stage with Chuck and the band… and she did not disappoint the drunken entourage that she left behind! Just look at her in this picture, dancing with the man himself. Theresa stayed behind, and Tom and I were just taking as many pictures as we could, while dancing along.
Sadly the show had to come to an end, as all good things must. As we made our way to the door Theresa opined that it was definitely her greatest New Years Eve ever… and I spent a minute trying to think of a better one. I have spent them with friends, I have spent them with family… I spent two in the army. None that I can think of can hold a candle to what we did last night (sorry Brad… at least you got your award!). Great shows, great food, great people, and the woman I love. What more could a man ask for? I hope you all had a great time too… and wish you and yours the best for an incredible 2009!
Actually it was our first full day in the city to be sure… but that’s just a technicality. We drove in yesterday – after sitting in traffic waiting for 
the Lincoln Tunnel for two full hours; boy are we glad that we drive a hybrid! It took another 45 minutes to get to the hotel at 45th and 7th Avenue – we were able to park the car, and plan to leave it thusly until we leave!
Once we were here though… all of the stress of travel dissipated in the quaintness of our modern European-style hotel. I have been in a lot of hotel rooms and can honestly say that this one (Room Mate Grace) is unique. It has everything we need, and is extremely efficient in its design. We cleaned up and hit the town!
Theresa and I love the theatre, although we understood that Broadway was dark on Sundays and Mondays. We quickly discovered that we were wrong, and walked to the new TKTS in Times Square to see what we could get… forget about it! The line was ridiculous, and we decided to just go to the box office. The first show Theresa really wanted to see was Mamma Mia, and who am I to say no? We made reservations at a little Chinese joint next to the Winter Garden Theatre, and lucked out with seats in the Orchestra :) The show was good… I do not love the music, but everything else about it was excellent.
This morning wee decided to walk to Macy’s… a ten block walk would give us some exercise, and lord knows I need it! Theresa needed a couple of things, and a friend recommended that we eat at the Cellar at Macy’s… and he has not yet led me wrong.
For some reason everywhere we have gone – with the exception of TKTS – we have magically avoided any significant waiting. We walked into the Cellar and were seated right away… 12:45pm, Monday between Christmas and New Years, in the largest department store in the world. When we finished our very agreeable lunch there were no fewer than thirty people lined up waiting for our table!
From the cellar we rode the escalator up to the top – ten floors up – only to discover that what we were looking for was on the balcony over the first floor. No matter, it was an adventure… not our first and likely not our last of the day!!
Theresa is there to keep me in line when I tell cashiers that the <fill in the blank> that we are buying was on a shelf marked 50% Off… 
and she did it again today, only to find out (much to hers and the cashier’s amazement) that this time I was telling the truth! There really are bargains to be had after Christmas… even at Macy’s!
We walked back from 34th Street to the movie theatre on 42nd. It was a beautiful warm day and we really enjoyed the walk. We saw a movie to kill a couple of hours, and then came back to the hotel.
We decided that lunch was such a success that we would try Jay’s second restaurant recommendation – the Carnegie Deli. We took a bicycle-powered rickshaw along Avenue of the Americas driven by a young man from West Africa… what a hoot! I had never done that before, and aside from being much easier to manoeuvre through traffic, it was also a lot of fun!
Carnegie’s is certainly not Schwartz’s but it was good… and holy Hanna do they put a lot on your plate! As Jay suggested we shared a sandwich and a knish, and were FULL! The place itself was a great experience that everyone should try at least once… though I sympathize with your arteries if you go overboard.
Walking back we realized that not all theatres are dark on Mondays anymore… we couldn’t get tickets for Jersey Boys for a reasonable amount, and Wicked was sold out. The third theatre we came across was the Ambassador which had Chicago playing. I walked up to the box office and the teller liked me… Again he had Orchestra seats (second row!) but only charged me the lowest Balcony rates. Who says you can’t get anything for a smile and a kind word!?
Chicago was a great show. I had seen the movie, but Theresa knew nothing but the name. At intermission she admitted to me that she was enjoying it more than Mamma Mia… even though the seats were not as comfortable… though I promised Eagle One that I would not complain!
We walked back to the hotel and realized what a full day it had been. We took some pictures as we walked along Broadway into Times Square, and got back to the room in time for us to realize how tired we were. Tomorrow is another day, and Theresa and I cannot wait to see what it has in store for us… who knows? We might even get to see Jersey Boys!
Until last year I had spent most of my life living in apartments, condominiums, and warmer climates. Couple that with my travels and it is not so surprising that I had never really shovelled a driveway before. Now that I am married and own my own home in the suburbs I have two choices – pay someone to do it (what I did last year) or do it myself.
Friday was (we hope!) the heaviest blizzard of 2008. I took Aaron to school and Theresa to work, and despite the reports on the radio of mayhem and destruction I did not find the roads that bad (Toronto has always been known to exaggerate their weather, even going to the extreme of calling in the Army to plough them out a few years ago… ha ha!). I went about my morning but when I left my meeting in Brampton I could tell that the snow was getting heavier, and decided to pick the family up and take them home, lest they be stranded at the end of the day.
Getting home was slow but passable, but when we got within blocks of our little cul-de-sac I realized that until the city ploughed we would be stuck inside. Worse still, when I pulled into the driveway I could not get all the way in. I was going to have to bundle up and do some shovelling! It was still coming down pretty hard, and I resolved to clearing just enough to get my car into the garage. That took me about 45 minutes of hard work!
Yesterday (Saturday) was a gorgeous, sunny day. My muscles felt good from the previous day’s exercise, and I decided to clear the driveway our completely. One of the downsides to being a two-car family (and having a two car garage) is having to shovel a two-car driveway. I pulled out my Zune, bundled up in my ski jacket, tuque, scarf, and gloves, and pulled out the shovels.
Initially I had resolved to simply clearing enough to get in and out easily, but as I went on I realized it was not only great exercise, it was one of those tasks that a homeowner in Canada should be proud of. I made up my mind to clear it as perfectly as I could… even though we were expecting more snow that evening.
This morning (Sunday) we awoke to another 10cm of snow… about 5”, light and fluffy – it’s too bad I didn’t have a ski hill handy! :) Following breakfast I again got all bundled up and went to work – it would still be long, but much easier than yesterday. About halfway through I had a great idea, and called Theresa and Aaron out to record a couple of videos. I got the entire family into the act, and they helped me with the lines, the photography, and even a couple of the videos! I hope you enjoy them.
I cannot remember exactly when I started using Microsoft Office Outlook over the free Outlook Express product, but I do remember preferring it over OE, at least when I got used to it… and when I really started using it.
I do remember that when I installed my original Small Business Server 2003 server at home – with Exchange Server 2003 included and integral to that experience – I was an independent consultant, and spent several hours (days?) collating the information I had in several sources – Outlook Express, PDA, and especially my DayTimer – into Outlook. That meant that every appointment going forward, every contact, every e-mail, and every task would be in Outlook, and has been ever since (probably mid-2003).
So all of a sudden I had this single repository of information where everything went… and quickly understood the concept of drinking from a fire hose. At first dozens and eventually hundreds of e-mails would come in every day.
When I discovered Outlook Rules I fell in love, and have been using them ever since. Admittedly I do not use them to their fullest extent… mostly to just sort e-mail into folders (and I have nearly a hundred of those, if not more).
At some point I noticed that a lot of e-mails would fall under a number of rules… for example, I have a rule that any e-mail from someone whose address includes the text @microsoft.com is sorted into a file called Microsoft; however I also have several rules for people or groups at Microsoft… so an e-mail from Richard Claus would be delivered to two locations. Never mind that this would take extra storage space, it would also look like I have two (or often THREE) unread messages for a single message.
There is a simple solution for that… there is a rule called ‘Stop Processing More Rules’. On the Select Actions window you can select Move it to the specified folder, which will do just that. However you can select multiple actions here, and the Stop Processing More Rules action will do just that, rather than letting the engine process the next rule… thus preventing other rules from being applied to it.
Of course you may ask why isn’t this the default action for all rules? I did mention that I, like most of the people in the world who use Outlook, do not use it to its fullest extent. However there are rules that apply only within Outlook, and cannot be ported over to Exchange Server, such as assign it to a category. By applying this action to a rule it is automatically converted to a ‘Client Only’ rule, and will be removed from the Exchange Server. If a user only checks his e-mail from the single Microsoft Office Outlook client where the rule is configured then there is no problem… but imagine a user who uses Outlook Web Access as well as Outlook Mobile Access… rules would not be processed on the fly, and the whole benefit to the organization would be lost. Instead of doing that, we can create two rules… one that files the incoming e-mail into the proper folder (Server-side rule), and then one that assigns a category to the same e-mail (client-side rule). The e-mail would be filed properly on the fly, and as soon as the user connected to his Outlook client it would then be categorized.
Bill Jowett of Exclaimer Inc. (http://www.exclaimer.com) has given me a sneak preview of a new product that they are currently beta-testing a new product that will extend the functionality of Outlook (beyond what their current Exclaimer Mail Utilities offering does, which only works with a back-end Exchange Server) with some great new features. As their previous offering used a powerful rules engine as the core back-end tool, I look forward to seeing what the new Outlook product will offer… but for now the standard Outlook rules does what I need, and with a little ingenuity helps me to keep my mailbox clean! He will be presenting his session ‘Outlook 2007: What’s NOT in the Box’ tomorrow evening (Tuesday, December 9th, 2008) at the IT Professionals Community of Greater Toronto where he will be demonstrating the new tool… come on out and get a sneak peak before it is actually launched!
For the past few months I have been using Windows Home Server (WHS) to backup my workstations at home… two laptops, one desktop workstation and my Media Center PC. The WHS box has 650 GB of hard disk space, about half of which is dedicated to file storage, and the other half is for backup storage. It does a great job of it too… I know that all of my PCs are safe!
I also have a server at home. It runs my production infrastructure in a virtual environment (three Essential Business Server 2008 servers), as well as several other VMs – mostly machines I use as tests (Server Core, Server 2003 R2, etc…). It also holds my ISO store for all of the source disks I need from time to time. All told it has six hard disks which, in its current configuration, combines for about 750 GB of storage space, which is probably 60% used. For both the parent partition and the virtual machines I have a completely separate backup strategy in place.
A few weeks ago I was at a client demonstrating a number of technologies, and they asked to see WHS in action. I didn’t really have a presentation deck for them, but I did have a connection to my home network so I was able to demonstrate it for them. I showed them a lot of the functionalities, and then in order to show them how easy it was to connect a new machine, I installed the WHS connector onto my server. Wow, that was easy!
At the end of that presentation my client had a ton of questions, after which they took me for lunch and then golfing, following which they rushed me to the airport to catch an evening flight.
I never uninstalled the WHS client from my server.
When i got home the next day I plugged my laptop in… I had been away for a week, and I wanted to run a backup. Unfortunately when I clicked the WHS icon in my Vista’s Notification Area it was red… never a good sign. The message was that I had completely run out of storage space on the WHS server, and that I should add more drives.
It did not take long to figure out the issue was the 400GB of information that the server was trying to back up. I uninstalled the WHS Connector from the server, and then from the server removed its stored backups. The WHS Icon turned from Red to Yellow immediately (the warning was that my laptop had not been backed up in 9 days), and I was able to perform the backup (which turns the icon blue).
The moral of the story: Make sure you have enough storage space for your backups… but only join the machines you want backed up to your WHS network!
This is an oldie but a goodie… thanks to my man in Dallas Larry Lentz for reminding me of it!
Tech Support: "Sir, something has burned within your power supply."
Customer: "I bet that there is some command that I can put into the AUTOEXEC.BAT that will take care of this."
Tech Support: "There is nothing that software can do to help you with this problem."
Customer: "I know that there is something that I can put in...some command...maybe it should go into the CONFIG.SYS."
Minutes later:
Tech Support: "Ok, I am not supposed to tell anyone this but there is a hidden command in some versions of DOS that you can use. I want you to edit your AUTOEXEC.BAT and add the last line as C:\DOS\NOSMOKE.EXE and reboot your computer."
Pause.
Customer: "It is still smoking."
Tech Support: "I guess you'll need to call Microsoft and ask them for a patch for the NOSMOKE.EXE."
Four hours later, he calls back.
Tech Support: "Hello sir, how is your computer?"
Customer: "I called Microsoft and they said that my power supply is incompatible with their NOSMOKE.EXE and that I need to get a new one. I was wondering when I can have that done?"
Over the past few weeks I have been in front of a number of audiences discussing Essential Business Server. As promised, here are the scripts I discussed to create your WindowsPE to deploy the OS portion of the EBS servers over the network:
call copype.cmd amd64 C:\winpe
imagex /mountrw C:\winpe\winpe.wim 1 C:\winpe\mount
peimg /inf=C:\drivers\nic\amd64\*.inf C:\winpe\mount\windows
peimg /prep C:\winpe\mount\Windows /f
imagex /unmount /commit C:\winpe\mount
copy C:\winpe\winpe.wim C:\winpe\ISO\sources\boot.wim
oscdimg -n -bC:\winpe\etfsboot.com C:\winpe\ISO C:\winpe\winpe.iso
Here is the script to create your bootable USB key:
Diskpart
Sel disk 2
Clean
Cre part pri
Active
Assign
Format fs=ntfs quick
Copy the content from the .ISO image to the USB stick
I should point out that these are NOT my scripts… To the best of my ability they can be traced to a presentation by Michael Nytrom and Greg Starks at TechEd. I am indebted to both of them for helping to pave the way!
Although it is not something I am proud of, I have failed a number (the exact number is quite secret!) of certification exams. I am not proud of this fact, but the reality is I have taken a number of exams that I have been unprepared for, and that is a sure-fire way to come up short. I have always (not true… since becoming more enlightened, maybe!) felt that if I was going to shell out USD$125 to fail an exam (Actually, the first two were at USD$100) I should at least walk away with something… the consolation prize should not simply be a sheet of paper telling us that we failed.
So then what can we gain from failing? We can learn what we need to concentrate on in order to actually pass the exam. Let’s say you are a desktop deployment specialist for his company. You are responsible for the deployment of systems across the country, which you do using the Microsoft Deployment Toolkit 2008 and System Center Configuration Manager 2007. Your manager informs you that there is a new deployment exam available (70-635) and that the new department policy is that all deployment specialists must obtain the MCTS: Business Desktop Deployment to be eligible for promotions or bonuses. You schedule the exam, and as you sit there taking the test you realize that you do not know a lot about Windows Deployment Services, managing images for multiple languages, driver groups, and MDOP. Crud, that makes up about forty percent of the exam, and lo and behold you fail.
You could hang your head in shame as you walk away from the testing centre… or you can go back to your office and learn what you are missing; you can set up a lab environment to deploy images in French with Windows Deployment Services; you can implement driver groups, and learn everything you need to know about MDOP, and you can go back to the testing centre a few days or weeks later and retake the exam… and pass.
I am ashamed to say that there are a couple of exams that I have failed and have not yet gone back to rewrite… with an emphasis on the word yet. Most of the titles I have failed I have gone home, brushed up, and retaken successfully a few days (or weeks) later. They are all things that do not apply to what I have been doing… but don’t worry, I’ll get to them!
It is simply a matter of attitude… ‘Why the heck would I have to know that?’ is the wrong attitude; if for no other reason, then you have to know whatever that is in order to pass the exam. I know someone who failed an exam by fewer than twenty points – often a sign that he missed it by a single question. He came out and said ‘I know what I got wrong… I’ll just retake the exam tomorrow and change that one question that I got wrong!’ He did… and failed by fewer than forty points – probably two questions.
Don’t waste it… if you find an exam tough, then you should be taking notes on the sheet they give you. 1) Windows Deployment Services. 2) Multiple Languages… and so forth. Of course you have to surrender that sheet when you are finished the exam… but if at the very end you reread your notes, you should remember a lot of what you are missing when it comes time to study.
With Microsoft’s Second Shot Free promotion you can actually fail the first time for free… though I do not recommend this as a goal. When you are prepared for the exam, register for it using the promotion, and then do your best. If you fail, it costs you nothing to go home and study some more, and then rewrite it. If you pass, then you get a pleasant surprise, a new certification, and a discount on your next exam.
Thomas Edison was once interviewed about the electric light bulb. He did not get it right on the first shot… in fact it took him over two thousand tries and when asked he said ‘I never failed… I just learned two thousand ways how not to make a light bulb!’ Use that attitude when taking your next test.
… and good luck!
I really should be more careful of what I say to who… but in conversation with Friday Funny Guy I mentioned a possible song lyric (he writes parodies, you see) and this is the result:
http://landofsilly.mypodcast.com/2008/11/Dead_Cisco_Sketch_Im_and_IT_PRo_Song-155931.html
If you are a Monty Python fan then you should be sitting down for this!
Theresa and I bought a new car recently. It's Green. To be specific, it is actually a colour called Aloe Green Metallic, which to me sounds like a pretentious way of saying it's green.
The car was actually available in one of seven colours, but it did not really matter, because no matter what colour we chose (Desert Sand Mica... Barcelona Red Metallic... SHEESH!) the car would still be green.
We decided to buy a hybrid, or to be more more specific, we went to the dealership to look at hybrid cars with the intention that if we could do so without too much of an increase in our monthly expenses we would do it, and we did.
Don't get me wrong... I am not a conservationist, but I am very practical; with the price of gas being what it is (when we bought the car it was $1.30/litre… now it is down to $.90/litre), we can either decide to drive less (not a viable option with our lifestyle, as well as where we live) or we can look for a more fuel efficient car.
Our car is not the only change we have made recently as a nod to the green 
movement. As an independent IT consultant, trainer, and courseware designer I need several servers running at any given time; this week it is Essential Business Server 2008 (three servers), last week it was a complete deployment infrastructure (including Active Directory, System Center Configuration Manager, System Center Operations Manager, and Microsoft Deployment Toolkit – three servers plus three workstations), and a few weeks before that it was migrating from an SBS 2003 Premium infrastructure to an EBS 2008 Premium infrastructure (six servers, three workstations). Of course I do not need to keep all of these configurations when I was finished, so all I really need is six servers and a few desktop computers and I’m set.
Of course, there are a couple of issues to consider here:
- Six servers with the minimum requirements for these projects would be prohibitively expensive;
- None of the servers in question would ever utilize more than 15% of their resources, but they were necessary nonetheless;
- Nine machines would increase my monthly electricity bill by $200/month; and
- I do not have a home office big enough to store these all if it was the best way.
There was a green solution to this conundrum: a single server that is powerful enough to virtualize all of these servers simultaneously. It is not widely appreciated that most servers do not use all of their resources… especially in a smaller environment without excessive use. Moore’s Law promised us that processing power would skyrocket, and indeed it has… well past the basic needs of most individuals. A result of this is that there are huge numbers of computers and servers whose CPU are never taxed beyond 15%. Of course we can’t purchase 20% of a CPU… but we can share the resources between servers.
The server that I decided on is a HP ProLiant DL585 G2, with four dual-core CPUs, sixteen gigabytes of RAM and six high-speed SAS hard disks - admittedly more machine than any individual server I would ever have purchased for my home… and is the single most expensive piece of equipment in the house. It consumes more electricity than any other item (including our central air conditioner). It generates enough heat to make a noticeable difference in the room where it resides… and it is loud. Having stated all of that it is also the smartest purchase I have made in years. With all of the resources that it does consume, it is less by far than the six machines I would have needed to do the same work… as much as 75% less electricity; it generates 20% of the heat that those servers would have; it takes much less space than a physical server farm would have; and as far as return on investment (ROI) the eight CPU cores average between 40 and 80% usage at any given time (when running hot). It has more hard drives than any server I would have bought… and yet they are all being used (efficiently).
Admittedly it is bigger than any server I would have bought (My old PowerEdge 4300 was bigger and if not heavier then close) for myself, but it still took less materials to make than what I would have bought… and when the time comes (years from now) to dispose of it, aside from the fact that so much of it is recyclable, it would take up much less space in a landfill than would six machines.
I’ll say it again… I am not an environmentalist, but there are times when going green just makes sense… cars and servers are just two examples where I saved money while being planet-friendly. How about you?
In September I gave a lecture at the Toronto IT Professionals Community on different deployment technologies available to small and medium business – specifically Microsoft Deployment Toolkit (MDT) 4.1, Windows Automated Installation Kit (Windows AIK), and Windows Deployment Services (Windows DS). Essentially I was showing them how easy it is to create and maintain a deployment infrastructure to deploy their desktops and applications without having to purchase additional software. I had verified that the venue had a stable Internet connection, and was simply going to log into my server at home for all of my demos.
The day of the presentation I had a very simple schedule. After dropping Theresa and Aaron off I would come home, do a complete run-through of my demos, then reset them all so that they would be ready that evening. I would then have a leisurely lunch and spend the afternoon relaxing before driving into Toronto around 4pm.
One of the demos involved creating a ‘Gold Image’ in a virtual machine based on Windows Vista… install the OS and any patches, applications, anti-virus, and policies. I would then run the System Preparation Tool (SysPrep.exe) in that machine to generalize the image, strip the Security Identifiers (SIDs), so that it could then be captured into Windows DS and deployed to multiple systems.
The phone rang as I was getting this demo ready. It was a call that was not very important, but it was deep enough that I should have stopped what I was doing until the call was over. I always tell my son to pay attention to what he does, and simply put I should have followed my own advice.
The SysPrep.exe tool looks the same in every current version of Windows. it sits in the same directory (<systemdrive>\Windows\System32\SysPrep). It gives you the same warning, and then does the same thing. If it didn’t I might have noticed that I was not running it from the virtual Vista box, but rather from the physical Server 2008 box. It did not take me more than a second to realize what I had just done… and how much damage I had caused.
For those of you who are not familiar with the System Preparation Tool, it essentially takes your installed operating system and reverts it into a not-yet-installed operating system… it strips licenses, security identifiers, and any other globally unique IDs… so when you boot into it you are starting from what is called the Out-of-Box-Experience (OOBE)… and go through setup essentially from scratch.
I was fortunate in that most of my workload – including anything that I was doing for various client projects – was being done in virtual machines which were untouched… but needless to say I did not get to have my leisurely lunch and relaxing afternoon that day.
By the time the server was installed, patched, updated, tweaked, and accessible externally it was 4:30 and I was late… I would get to the venue on time, not forty-five minutes early. Most unfortunately I did not have opportunity to do the complete run-through of all of my demos, so I was working without a net. Most of them worked fortunately, but it could easily have gone either way.
In my old life we were always told that it is better to lose a minute in life than our life in a minute, and they were right… take the extra time to do things right, and focus!
So now that I have a day or two to play (and need it up already!), I decided to start installing my Essential Business Server environment today. This is not my first kick at this can (I have installed eight or nine previous iterations in either beta or RTM Escrow) so I know there are a number of challenges that I can run into. I am going to diary the entire process from soup to nuts, and hopefully help you avoid some potential stumbling blocks.
Diagram 1: Physical Hardware
The first thing I should call out is my environment. The Physical Hardware diagram is the layout of the devices that I have to contend with. In the grand scheme of things it is an extremely simple layout with fewer devices than an average EBS environment would have. Nevertheless because I wanted to implement the network properly, I still took the time to plan things out.
The Network Plan diagram shows the relevant portion of the new network infrastructure. All of the EBS servers are virtualized within the MDG-Server box. I want to remind you at this point that this EBS network is essentially supporting a single user; For a production network I do NOT recommend virtualizing the three servers in a single box; one of the disadvantages of housing all servers in a single box is that, like with Windows Small Business Server (SBS), you have a single point of failure (SPF) – if your hardware goes down (and even the best servers are prone to do so) so does your entire network. I have known businesses running SBS on the best servers that were brought down by a defective fan.
| | Diagram 2: Network plan  | |
I give my virtual machines domain names that start with v- so that should my organization grow I will still be able to easily tell which machines are physical and which are virtual. As well I decide to switch to a Class-B address design for the internal network – the connection between the Internet router and the Security Server will keep their Class C addresses. My reasons for this are because eventually I will add a virtual SBS box for demonstrations, and the different addressing will be easier to distinguish. Remember that this is not a scenario that is licensed for production use, and my SBS box will remain completely segregated from the network. I am leaving my physical server on the external address range because I still want to be able to log on remotely using Remote Desktop directly to that box, and not to the EBS infrastructure (which I can still access remotely using Remote Web Workplace (RWW), or by logging onto the parent partition and then accessing the Hyper-V Manager.
A New Error…
I have installed Windows in its various incarnations literally thousands of times without exaggerating. This is the first time that I have ever gotten a warning (when selecting the volume to install to) that Windows requires a system volume on the partition to install. I got a warning, then a STOP error. Weird, and it happened on both the Management and Messaging systems (for those of you who thought I wrote sequentially without going back). The solution is to create a new volume on the Un-partitioned space before proceeding. I do this for both the C and D drives… I don’t know why. The EBS Installation will (when selecting the Data store) give us the option of opening the Drive Management tool to create that partition when the time comes.
EBS Preparation & Planning Wizards
On the parent partition I ran the EBS Preparation Wizard and then the EBS Planning Tool – I was not joining EBS to an existing Active Directory infrastructure, so I could run this from anywhere. These two wizards (on disk 1 of EBS) must be run prior to deploying your EBS infrastructure, and they make sense – they make us think about the questions we might otherwise forget. The wizards create an XML file called PlanningWizardData.xml which is saved to your Documents folder, and can then be copied to a USB key to be imported into the EBS installation process. The problem is if you are installing to a new virtual machine you can’t simply plug in a USB key. Here is my workaround for that problem:
- Store the data on the parent partition;
- Before starting the virtual Management Server add a second NIC to it, and configure it on the same network as your parent partition;
- After the operating system has installed and the Management Server Installation prompts you for the file:
- Press F10 to temporarily break out of the installation process into a Command Prompt window;
- Press Ctrl-Alt-Del and set a password;
- From the Command Prompt window run explorer.exe;
- Create a new directory in the C drive, and share it;
- (From the parent partition) navigate to the share on the Management Server (\\172.16.0.10\<sharename>) and authenticate with Administrator and the password you set;
- Copy the file PlanningWizardData.xml from the parent to the share;
- (From the child partition) reset the Administrator password to <blank>; and
- Exit all windows except the EBS Management Server Installation.
- Navigate to the directory where the file was and select PlanningWizardData.xml.
The Management Server will take quite some time to install – it is creating a domain, installing System Center Essentials (SCE), and other other important tasks. Plan from start to finish two hours for the Management Server. If you want to save a little time you can kick off the deployment of the OS for the Security Server; you can’t install the EBS components, but you can get a head start here.
So once you see the Continue Installation screen in Management Server Installation you can proceed with the Security Server Installation. As you can see on the screen shot the EBS installation process gives you a lot of visual feedback… in a very nice ‘graphical progress bar’ we see each step, and the ‘Good job, boy!’ Green as I have taken to calling it. You should have seen screens like this in the Preparation and Planning Wizards as well.
My security server – the only one with a single hard disk, though again not the recommended setting – has multiple NICs… one connected to my Internal network (which is not bound to a physical network interface in the parent server) with a Class B address, and one connected to my External network (bound to the NIC that connects to the physical router) with a Class C address. For some reason both of them got addresses from the Management Server’s DHCP Server, so both had Class B addresses. In Hyper-V I opened the settings for the Security Server, disconnected the External adapter; I was then able to distinguish and select the Internal NIC in the setup process. I then reconnected the (virtual) external NIC and continued without incident.
The Security Server Installation rechecks the environment, and if you haven’t disconnected anything in the process it should return a bunch of ‘Good job, boy!’ Green check marks. It reboots several times during the configuration – domain joining and all that rot – and then asks you to confirm the network addresses you will be using. 
Because the security server is the first one on my network that will be ‘hot’ – externally facing – I am always careful to allow it to download and install security and critical updates right away. You really should do this for all three servers, but Security is the first point of contact.
It will reboot on its own of course… several times at this point. if you did kick off the Messaging Server deployment then you should wait until prompted by the Security Server before continuing with that server’s installation.
I just noticed one Update Failed message on the Security Server. It is for Microsoft Silverlight, an important update certainly on Vista or even server workstations, but not for the headless security server on EBS. I will not try to go back and remedy that one.
Once my Security Server is done I get my ‘Good job, boy!’ Green screen, and go right on to my Messaging server. Historically this is the one that I have had the most issues with… some having to do with settings, one or two because of ‘beta bugs’ and a plethora caused by environmental factors – Active Directory restrictions and such. In the Hyper-V machine settings I remembered to uncheck the ‘Time synchronization’ in the Integration Services set… I have spoken with people who say that this should not be an issue and I agree, but it always has been for me, and frankly I am bored with dealing with it.
Once you have told the Messaging Server the domain name and password you cannot just walk away… Once it checks and then joins the domain it will ask for more interaction… After the Domain Join is complete it will check the environment, including DNS and Exchange pre-requisites, then ask you IP Address information, and before you press GO on the actual installation you can (as with the other servers) save your Server Configuration file, which I always do. From there calculate about 90 minutes that it will work without you.
I got my ldifde.exe error again… the one that I blogged about recently. It is strange because I do NOT have another domain controller running – I was careful to take my SBS box off-line (read: OFF) before going ahead. I will try the same fix (disconnecting the external NIC on the Security Server) and see if that works…
The problem with this particular error is it can take up to half an hour to materialize, all the while I am waiting patiently. As it happens I know that this fix did not work, because if it had the progress bar would have moved… even a little, slowly. Once it does crash, I move on to my next possible mitigation – switching the (internal) virtual network to a private virtual network. If it doesn’t work I have another half an hour to consider what to try next.
After the third failure I decided that tweaking it might not be enough, and that it might actually need a kick. I restarted the Messaging Server installation from scratch – wiped the partitions and literally started from zero. It seems to have worked, because for the first time the progress bar on the Exchange Server Installation line is moving quite nicely… slow, but steady.
Once the Messaging Server Installation is done (and gives us one more ‘Good Boy!’ green mark) we go back to our Management Server to continue with the Guided Configuration and Migration Tasks. From here on in the Management server is where we will spend most of our time, not only during the Installation process but for the life of our servers. The Guided Configuration and Migration Tasks list is essentially a checklist that takes you from zero to production environment; some of the tasks you are forced to do (Tasks 1, 2, & 3 are Install the Management Server, Install the Security Server, and Install the Messaging Server). Some are informational (i.e.: Migrate DNS), and some are wizard-driven tasks that once completed can be marked as done. Each task will have an estimated time commitment (Management Server being the longest at 2.5 hours). Of course these are estimates based on best-case scenarios, and do not account for two hour delays in the Messaging Server installation due to FSMO issues, Time Synchronization, or intermittent network issues, all of which are issues that I have encountered along the way.
Most of the tasks are important for a production server, but for my purposes they are unnecessary. I do not have multiple sites, I don’t have a SAN, and (at least for the time being) I am not publishing any web sites that are not pre-configured. I do decide to let EBS manage my DHCP Server for me, which involves a number of steps:
- Verify the DHCP scope in the EBS Management server;
- Disable the DHCP service in my DLink router;
- (Because I am working in a virtual environment) bind my virtual Internal network to a second physical network adapter in my server that is attached to my wireless router.
The rest are tasks that you should pay close attention to, but I am not going to discuss because they are as straightforward as they are different on each network. All told, including the installation of SharePoint on my Management Server, I probably spent nine hours installing my EBS environment. I wish you luck with yours, and look forward to hearing your stories!
So this may be hard to believe, but I carved my first pumpkin today… ever. My mother might counter this 
with a failed attempt in 1980, but this was my first real go at it.
I told Aaron that he could draw a face on the pumpkin for me to carve… He did, but what he drew was not realistic for my carving skills… at least not in the time allotted (I planned to spend no more than 20 minutes on this venture…it IS a work day!). I did follow the basic outline for the eyes (including brows) and nose, but the mouth was really an impromptu custom on-the-fly job.
Jack-o did lure a couple dozen trick-or-treaters into our lair, and they were well rewarded with potato chips, chocolates, and rockets. Witches and princesses, a spider and even a kid dressed up as a pumpkin all feasted on our booty!
Until next year, when hopefully I will allot a little more time to carving!
More Posts
Next page »