2009 February :: Third Tier

Archive for February 2009

Feb
28

Allowing additional subnets to talk to SBS 2008

by amy

In group policy there are several settings that configure the Windows firewall. By default these settings only allow members of the local subnet to talk to one another. If you have more than 1 subnet in your domain you will need to make the following changes to Group Policy.

- Windows SBS Client – Windows XP Policy

– Computer Configuration/Administrative Template/Network/Network Connections/Windows Firewall/Domain Profile

– edit Windows Firewall: Allow Inbound Remote Desktop exceptions (should be enabled)

change the value from "localsubnet" to ‘*’

– edit Windows Firewall: Allow inbound remote administration exception (should be enabled)

change the value from "localsubnet" to ‘*’

– edit Windows Firewall: Allow inbound file and printer sharing exception (should be enabled)

change the value from "localsubnet" to ‘*’

***thanks to Kevin Royalty for the detailed list.

—
So who wrote this blog and what do they do for a living anyway?

We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Get Support BlogFeed Blog Twitter Twitter Facebook LinkedIN

2 Categories : Amy Babinchak, SBS 2008

Feb
20

Setting up an external Autodiscover record for SBS 2008 or SBS 2011

by dave

If you are using Exchange 2007 or Exchange 2010 (SBS or non-SBS) and are using a single-name certificate, this article is for you.

When you migrate to SBS 2008 or SBS 2011 and you already have a domain name, you don’t need to use the built-in domain registration wizard that is included in the SBS setup process.

This is well and good, but it has a downside worth knowing about. You probably didn’t know it, but something that Microsoft does when they set up your new domain name at the registrar is create a custom SRV record for your domain so that Autodiscover will work properly for external client auto-configuration. This is because you are using a single-name cert, which isn’t what Exchange 2007/2010 was designed to use. If you already have a domain name registered and are able to create your own DNS SRV records (some DNS hosts don’t allow SRV record creation), it would be a good idea to create an Autodiscover SRV record to make it easier for Outlook 2007/2010 clients to autoconfigure themselves for Outlook Anywhere (RPC-over-HTTPS) and ActiveSync.

The details on how to set this record up are all in KB940881, but I’ll briefly summarize it here:

1. Get rid of any CNAME or A records for “autodiscover”, and any wildcard “*” records in the public DNS zone. This is a critical step, so don’t just drift past it.
2. Build the SRV record to look like this:

Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: remote.smallbizco.net

Why do you need to do this for Autodiscover to work? Well when you feed an Outlook client an email address, it tries to autoconfigure itself, and it does this by trying to contact a series of hosts as follows:

- https://domainname.com/autodiscover/autodiscover.xml
- https://autodiscover.domainname.com/autodiscover/autodiscover.xml
- http://autodiscover.domainname.com/autodiscover/autodiscover.xml

Because your certificate is tied to a single name: remote.domainname.com, any https connection to the autodiscover URL will fail. If you want to create an A or CNAME record for ‘autodiscover’ that points to your server’s public IP and allow port 80 to your server, autodiscover will work, but you would then have allowed port 80 traffic to your server.

An alternate option, still using SSL, is what this article is about. This method takes advantage of a feature that was added in Outlook 2007 SP1 that allows it to look for an SRV record and use the SRV record to find the “real” autodiscover host. In this case, the SRV record is pointing to remote.smallbizco.net, which is the name covered by the cert, so a secure connection to that server to get Autodiscover information will succeed.

Got it? Great!

BTW, if you have a single-name cert on a non-SBS Exchange 2007 or Exchange 2010 server, you still want to use an SRV record as described above, but there will be other changes you will need to make to your environment as well, primarily resetting the URLs on most of your Exchange virtual directories so that they all point to the name that is on your certificate. This is something that the SBS wizards take care of automagically.

—
So who wrote this blog and what do they do for a living anyway?

We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Get Support BlogFeed Blog Twitter Twitter Facebook LinkedIN

21 Categories : Dave Shackelford, Exchange, SBS 2008, SBS 2011

Feb
19

SBS 2008 and Companyweb Offline

by Eriq

Over the last couple of weeks, I’ve seen reports of companyweb not displaying on some SBS 2008 servers. Same when trying to load the SharePoint 3.0 Central Administration site. Poking through the event logs, we’re seeing errors and warnings like:

Error Windows SharePoint Services 3 3760 Database

SQL Database ‘ShareWebDb’ on SQL Server instance ‘np:\\.\pipe\MSSQL$Microsoft##SSEE\sql\query’ not found. Additional error information from SQL Server is included below.

Cannot open database "ShareWebDb" requested by the login. The login failed.
Login failed for user ‘NT AUTHORITY\NETWORK SERVICE’.

Restarting the Windows Internal Database (Microsoft##SSEE) service restores access, at least temporarily.

Thus far, I’ve been unable to identify any commonality that might be triggering this behavior. If you have encountered this issue, especially if all you’ve had to do is restart the Windows Internal Database service to recover access, please post a comment back so we can try to collect additional information and see what might be triggering this issue.

Categories : Eriq Neale, SBS 2008

Feb
17

SBS 2008 Unleashed On Sale

by Eriq

Karl Palachuk has a sale going on for the Microsoft Small Business Server 2008 Unleashed book at SMB Books. If you purchase SBS 2008 Unleased plus any other item and enter the promo code, you’ll get $20 off the total order. Other promotions are going on at the site as well. For more information, check out Karl’s post: http://smallbizthoughts.blogspot.com/2009/02/right-now-sale-at-smb-books.html.

Categories : Eriq Neale, SBS 2008

Feb
16

Reminder Managing SBS 2008: Exchange. This Thursday!

by amy

This month we’re going to discuss Exchange. In this session Third Tier welcomes staff consultant, David Shackelford Exchange MVP, to educate us all on Exchange 2007 as it is implemented in SBS 2008. We’ll learn about the new features and how to manage Exchange in the SBS 2008 environment.

When: Thursday, Feb 19, 2009 12:00 PM (EST)
Scheduled to Occur: Once
Duration: 1:00

Third Tier has invited you to attend an online meeting using
Microsoft Office Live Meeting.

https://www.livemeeting.com/cc/mvp/join?id=NNH33Q&role=attend&pw=k%7C%2F3j3w%23P

Meeting time: Feb 19, 2009 12:00 PM (EST)

Add to my Outlook Calendar:
https://www.livemeeting.com/cc/mvp/meetingICS?id=NNH33Q&role=attend&pw=k%7C%2F3j3w%23P&i=i.ics

AUDIO INFORMATION
-Computer Audio(Recommended)
To use computer audio, you need speakers and microphone, or a
headset.

0 Categories : Dave Shackelford, SBS 2008, Webinar

Feb
14

Amy @ Sacramento SBS 2008 Build Day, Feb 28th

by amy

The Sacramento SMB IT Pros (SSMBITP) and the Bay Area Small Business Information Technology Specialists’ Users Group (BASBiTS) are pleased to announce a special event for Microsoft partners – a one-day Small Business Server 2008 build event and technical education opportunity.

Event Date: Saturday, February 28, 2009
Event Location: The Microsoft Sacramento office at 300 Capitol Mall, Suite 100 in Sacramento, California 95814
Event Time: 10 AM to 4 PM (Sign-in at 9:30 AM)

Note: Due to the amount of information to be presented at this event, we will start promptly at 10 AM. Please arrive as close to 9:30 AM as possible in order to sign-in and be seated in a timely manner.

Capacity: 50 In-Person Attendees & 50 Live Meeting Attendees

Event Cost: In-Person Cost is $20.00 (includes lunch/refreshments) – Cash Only Please

Live Meeting Cost is $0

Registration is required.

In-Person Registration: http://www.clicktoattend.com/?id=135646

Live Meeting Registration: http://www.clicktoattend.com/?id=135655

In-Person Food Selection: Please click the following link to send your food selections to Bob Nitrio: news@ranvest.com

Entrée Choices:

· Tri-tip sandwich

· Grilled chicken breast sandwich or

· A Caesar salad entrée

Side dish choices – select two, please.

· Potato salad

· Macaroni salad

· Mixed greens salad

Beverages and light snacks will also be provided.

This event will showcase a live step-by-step SBS 2008 build, including joining XP Pro and Vista clients to the domain and a review of the other post-installation Getting Started Tasks. Interspersed throughout the build will be discussions of various topics such as:

• Minimum and recommended hardware requirements
• Use of the Answer File
• Network changes from SBS 2003
• the new Management Console
• other highly useful information

Following the networking luncheon we will discuss:

• Migration tasks, experiences and caveats
• Securing SBS 2008 with AuthAnvil (Dana Epp – Microsoft MVP)
• Edge security devices – Amy Babinchak – Microsoft MVP
• SBS 2008 Gotchas (Susan Bradley – Microsoft MVP)
• Licensing
• Mobility
• How to setup your own internal network

The presentation team of Tim Carney and Alan Helbush (BASBiTS) will be joined by Sharjeel Noor and Peter Gallagher from the Microsoft TS2 team, together with Amy Babinchak, managing partner of Third Tier and a Microsoft MVP. Remote presentations will be made by Susan Bradley and Dana Epp, both Microsoft MVPs.

Tim Carney, MCP & Small Business Specialist

Tim has been providing technical consulting services to emerging Bay Area businesses since 2002. Involved in Microsoft’s Small Business Specialist Community for several years Tim co-founded BASBiTS.org a San Francisco Bay Area users’ group for Small Business Information Technology Specialists. For the 15 years prior to starting his consulting business, he was the CFO and CTO for a 45 person Copier Sales and Services Business in Silicon Valley. Tim was the primary technical force in changing its sales focus from Telex to Facsimile, from Fax to Copiers, from Analog to Digital, and from Stand Alone to Connected. Tim’s technical passions include Small Business Server, Infrastructure Security and Mobility Enablement. Tim is an Eagle Scout and has a B.S. degree in Business Management. Tim blogs on http://sbs-mobility.blogspot.com and recently co-presented with Eric Ligman on Licensing for the Small Business Specialist for the 5W/50 Webcast Core Business Series http://www.mssmallbiz.com/training/.

Alan Helbush, MCP, & Small Business Specialist

Alan has over 25 year of Information Technology experience. Alan opened Where To Start, Inc. Technology Solutions in 1999, providing “Big Business” IT and Managed Service Strategies tailored for mid-sized businesses including medical centers and non-profit organizations. With his detailed and methodical approach, Alan excels at network design, integrating security, implementing best practices and maintaining a hands-on customer service approach. Alan co-founded BASBiTS.org a San Francisco Bay Area users’ group for Small Business Information Technology Specialists, and was one of the first Small Business Specialists in the region. Alan’s technical passions include Compliance, Small Business Server, Infrastructure Security, Response Point and Exchange 2007. While previously employed with premium high-tech companies within the Silicon Valley, Alan honed his IT skills to match technology to business requirements while maintaining an eye on the businesses mission and goals.

Peter Gallagher, Microsoft TS2 Team

Peter Gallagher joined Microsoft in October of 1998. He started out supporting the Windows 9x platform until the 2000 time frame. He then moved to the Small Business Server support team where he supported SBS 4.0 through SBS 2003 R2. Peter’s decision to join the TS2 team was a natural extension of his forming of the DFW SBS Users Group in 2004. He enjoys working with Microsoft Partners around the Small Business Server product. In Peter’s spare time he enjoys cycling, playing XBOX, drinking fruity drinks on sandy beaches (little umbrellas are optional) and goofing around with technology.

Amy Babinchak, MCP, Small Business Specialist & Microsoft EBS MVP

Amy owns Harbor Computer Services, a consulting firm specializing in providing IT services to small businesses. She is also Managing Partner of Third Tier, which provides advanced support services to other consultants and vendors. She has written articles, contributed to the SBS Unleashed books, is the technical editor for others, has been a speaker to many user groups, and conferences. Amy recently founded the EBS virtual user group. She can be founded on her blogs at http://securesmb.harborcomputerservices.net and http://www.thirdtier.net/blog as well as SBS and EBS newsgroups and mailing lists.
This will be an information-packed day and seating will be limited to fifty attendees. In order to accommodate as many people as possible, there will also be a Live Meeting connection for an additional fifty virtual attendees.

Susan Bradley
Susan has been a SBSer since the SBS 4.0 era (and has the old media to prove it) and blogs on SBS and other tech topics at www.sbsdiva.com. She writes articles on Patch issues for Brian Livingston’s WindowsSecrets.com and has been an author on Eriq Neale’s SBS 2008 Unleashed as well as an author on the Windows 2008 Server Security Resource Kit. Susan was honored as the SBSer of the year at SMB Nation 2008 and is a Microsoft SBS MVP.

Dana Epp

Dana Epp is a security expert with the awarded designation as a Microsoft Security MVP, who focuses on helping to secure small and mid-sized businesses. He has developed a strong authentication and identity assurance solution called AuthAnvil that greatly increases the confidence and assurance business owners need when allowing remote access to their company assets when using Microsoft’s server solutions. Epp is the author of “Computer Security Concepts: Managing Business Threats in a Wired World”, a book written to explain at an
executive level how to handle the threats of online risk as companies move to the new digital economy, and is the author of the popular security blog “Dana Epp’s Rambling at the Sanctuary”.

Directions to the event: The Microsoft office is located on the southeast corner of 3rd Street and Capitol Mall and is accessible via I-5. 3rd Street is a one-way street in the southbound direction.
From the West – Take I-80 east and continue east on US 50. Options include Jefferson Boulevard (CA 275) and I-5 north to J Street. Please consult your favorite map tool for details.
From the North – Take I-5 southbound. Multiple options exist, so please consult your favorite map tool for details.
From the South – Take I-5 northbound and take the J Street exit. Stay in the right lane and turn right on to 3rd Street southbound to Capitol Mall.
From the East – Take US 50 west, transition to I-5 north and take the J Street exit as noted above.
Parking: The parking garage in the building may be available for attendees. The entrance is located on N Street. Metered parking is located on nearby streets (make note of time limits and park accordingly). Additional parking is available in a lot immediately west of the building, which is accessible via 2nd Street. Google Maps’ satellite view is the best way to locate this lot.

0 Categories : Amy Babinchak, Events, SBS 2008

Feb
13

Eriq @ SMBNation East May 1-3

by amy

Eriq Neale will be speaking and attending SMBNation East, May 1-3 in New Jersey. Eriq will have a 1 1/2 hour slot in which he’s going to present Group Policy and Preferences in SBS 2008: A look at the changes in Group Policy from SBS 2003 to SBS 2008, including Group Policy Preferences and the new SBS Group Policy Objects. Further discussion for how to use Group Policy to replace login scripts and other management functions that can be handled with Group Policy

Go to www.smbnation.com to learn more and register. The cost is extremely reasonable and the content is going to be great!

From Mr. Harry B:

—–

Content Is King!

Judge us first by our content! And then our character. Here is the content session lineup offering over 20+ academic lectures over three days at the 4th Annual SMB Nation Spring conference:

GeekSpeak

1. Why Cloud Computing is the Future for Small Businesses

2. Leveraging Windows Essential Server Solutions to Enhancing Remote Productivity

3. Small Business Server 2008 Secrets

4. Essential Business Server 2008 Secrets

5. Migration Techniques for 2008 Platforms

6. Microsoft Voice and Unified Communications

7. Microsoft Response Point Secrets (Including Service Pack 2.0!)

8. GeekSpeak Panel MVP and VIPs

9. Group Policy in SBS 2008

10. Taking Unified Communications One Step at a Time

11. Making Mobility Happen – A Multi-Vendor Approach

12. And more content coming!

BusinessSpeak

1. BusinessSpeak Panel VIPs

2. Street-Smart Branding – your path to Growth

3. Everything Legal – Take 2

4. Total Small Business Management Using OneNote 2007

5. Businesses Win, Businesses Run Like Jobs Will Lose

6. Exit Strategy: "Run It Like You’re Gonna Sell It" To Maximize Profit Now and Build Business Value for the Future

7. Town Hall Meeting – Looking Forward!

8. Speed Dating

9. Technology Solutions for The New IT Economy

10. How To Get SaaSy! Software as a Service (Hosted)

11. And more content coming!

Speakers

Only the best and brightest are invited to present and these speakers have been carefully vetted for to add the highest value! Check out this smoking hot line-up!

1. Jeff Middleton

2. Eriq Neale

3. Tony Bradley

4. Philip Elder

5. Harry Brelsford

6. Dana Epp

7. Greg Starks

8. George Siercho

9. Ben Yarbrough

10. Grant Thompson

11. Vlad Shmunis

12. Todd Colbeck

13. Jeff Connaly

14. Eric Steinberg

15. Scott Barlow

16. Ashutosh Tiwary

17. Joe Schurman

18. Joel Allen

And more coming!

Agenda!

Friday May 1st

All Day Hallway 101 Peer-to-Peer Interaction

All Day SMB Photo portfolio sessions

9:00am – 11:30am PRE-DAY: How To Be A Trusted Business Advisor

9:00am – 11:30am PRE-DAY: Your Professional Makeover! "Give Your Business a Facelift"

12:30pm – 1:00pm Registration

1:00pm – 2:00pm Keynote

2:15pm – 3:45pm General Sessions

3:45pm – 4:00pm PM Break

4:00pm – 5:30pm General Sessions

5:30pm – 7:30pm Marketplace Expo Reception

7:30pm till Evening Activities

Saturday May 2nd

All Day SMB Photo portfolio sessions

All Day Hallway 101 Peer-to-Peer Interaction

7:30-8:30 Breakfast

8:00-9:30 General Sessions

9:30-10:15 Marketplace Expo and AM Break

10:15-11:45 General Sessions

11:45-1:15 Marketplace Expo and Lunch

1:15-2:15 Keynote

2:15-3:45 General Sessions

3:45-4:30 Marketplace Expo and PM Break

2:30-6:00 General Sessions

6:00pm till Ending Activities

Sunday May 3rd

All Day SMB Photo portfolio sessions

All Day Hallway 101 Peer-to-Peer Interaction

7:30am – 8:30am Breakfast

8:00-9:30 General Sessions

9:30-11:00 Marketplace Expo, AM Break and Raffle

11:00-12:30 General Sessions

12:30-1:30 Keynote and Lunch

1:30 – 3:00 Town Hall Meeting, Technology Speed Dating

3:00 End of Conference, Private Meetings

*Schedule is subject to change

Pricing

Save hundreds this spring and see, hear and even feel great content! And take advantage of our payment plan (kinda like a "student loan" with $99 per month payments – we will bank your future) so you can BE THERE!

Note that the early bird pricing expires April 2nd!

Regular Price $395.00

Early Bird $296.00

Alumni $195.00

Day Rate $145.00

0 Categories : Eriq Neale, Events

Feb
11

Hotfix for Server 2008 Issue Available

by Eriq

Microsoft released a hotfix today that addresses an issue in the Server 2008 networking stack. Users of SBS 2008 may have seen the effects of this issue if networking services seemed to “hang” after the server had been running for 4-7 days and needed a restart to restore normal operations. The problem has manifested with certain software products attempting to access the impacted resource. One such application is Trend Worry-Free 5.1, but it is not the only application that has seen the issue. Note that third-party applications are not causing the issue, but third-party applications that attempt to access the problematic code are seeing the issue.

Microsoft has released a hotfix for this issue, but the KB article, KB961775, that describes the issue in detail is not yet available. The hotfix can be downloaded from http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=961775&kbln=en-us.

UPDATE: While the MS KB has not been made public yet, the SBS blog does have detailed information on this issue. Check out their blog post at: http://blogs.technet.com/sbs/archive/2009/02/12/you-may-lose-network-connectivity-on-sbs-2008-when-using-a-driver-which-utilizes-tdi.aspx.

Categories : Eriq Neale, SBS 2008

Feb
11

ISA or Calyptix?

by amy

As migrations to SBS 2008 start to pick up steam, consultants that were using ISA as part of SBS 2003 Premium are wondering how the Calyptix Access Enforcer compares. Let’s make one thing clear right off the bat; nothing compares to ISA except ISA. ISA has a rating of 4+. That’s as good as it gets. But the Calyptix Access Enforcer has some features that ISA users have come to depend upon and it’s built on OpenBSD by a company whose focus is software development. It’s also a unified threat management product while ISA 2004 is a traditional firewall. Really they are two completely different things.

Virtual EBS User Group

by amy

The Virtual EBS User Group meets via Live Meeting tonight at 5:00pm eastern time. (-5 gmt)

Copy this address and paste it into your web browser:
https://www.livemeeting.com/cc/mvp/join
Copy and paste the required information:
Meeting ID: 8BCFFF
Entry Code: G:-)tgS.4

Mikael Nystrom will present EBS virtualization. Tips, tricks, How to, which method. I’m expecting a lively conversation in addition to Mikael’s presentation.

So get out those headphones and microphone and join us.

0 Categories : Webinar

Archive for February 2009

Search

Support