Archive for October 2009 – Page 2

Oct
15

…and the winners are!

by amy

Post to Twitter Post to Facebook Post to StumbleUpon

Thanks everyone for entering our first ever Twitter based contest. If you are following us on Twitter you can do so @thirdtier

We are pleased to announce that

@bobmiller

@bytecafe

have won a 10 user license of Exchange Defender for a year.

 

Thank you OwnWebNow and thanks everyone for participating in the contest.

—–

So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN
0 Categories : Contest, Twitter
Oct
15

Q&A from Behind the SBS 2008 Wizards

by amy

Post to Twitter Post to Facebook Post to StumbleUpon

Question: hey are you using voip with this presentation?
Answer: yes, no dial in number
Question: Could you go ofer your support fees and offerings?
Answer: Our fees are $175 per hour, charged in half hour increments. Projects are negotiated between the consultant and you. We definitely let you know how much time something is going to take.
Question: What is the roadmap for SBS 2008 "R2"?
Answer: No roadmap has been published yet, other than to say that there will be another version coming. That’s all we know at this point.
Question: Is there an issue with setting up SBS2008 in the lab using a different IP/subnet/dns, configureing everything then take to client and change IP/subnet/dns?
Answer: That will work. You’ll need to change the IP. Run the connect to the Internet wizard once on site. I’d then run the fix my network wizard to make sure everything is running properly for good measure.
Question: Can you distribute this presentation?
Answer: Yes, it will be available at www.thirdtier.net/store
Question: What about sbs on ip’s other than the default 192. range like 172.?
Answer: It won’t find the router. But that’s OK. If it doesn’t find your router you will be given the opportunity to enter your router address manually. then the wizard will continue
Question: Steve you could be a little more happy ;-)
Answer: I think he’s nervous
Question: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SmallBusinessServer\Networking\ “InternetConnectionCheckRootDnsServer” REG_SZ
Answer: This is the registry key that Steve mentioned during the presentation.
Question: I still love him ;-)
Answer: :)
Question: We see it
Answer: thanks! Slow getting to it but we finally did
Question: Is Steve saying that SBS2008 has the capbility to modiify and configure your DNS records at the Registrar level?
Answer: Yes that’s what he is saying. Certain registrars have been selelcted as partners for that function. The wizard will provide a list of those.
Question: Can see anything except the slide show….
Answer: we’re back
Question: what is port 987 for?
Answer: Port 987 is the SSL port that Sharepoint (companyweb) gets published on. If you choose to publish it your users can access Sharepoint from the Internet.
Question: will these slides be available for download?
Answer: The whole presentation will be available at www.thirdtier.net/store
Question: http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
Answer: This is the URL that will create an SPF file for you.
Question: What about ports 1723, 3389 and 4125? Are they still used in 2008
Answer: 1723 is used if you want to support incoming VPN connections on PPTP. 3389 is remote desktop access direct to the server. This is not recommended. You should use RWW. In 2003 port 4125 was never necessary. This was the port that RWW used internally. RWW only uses 443 now.
Question: Just Bing "SPF Wizard"
Answer: BING!
Question: that is a way cool tool!
Answer: The SPF record creator is a cool tool. But remember the Internet Address Wizard will run it for you too. SBS makes it even cooler.
Question: Does it handle using third party filtering? Reflexions?
Answer: Yes, it does. You can specify the relexion servers in the SPF tool.
Question: true if you have sbs2008. But for the clients still running sbs2003 this will really help. Cuz you know that some of them dont have this setup right.
Answer: Yep. Any non-SBS 2008 machine can really benefit from that tool and you can use it for any network
Question: can you use the spf record creator to create spf for prior versions>
Answer: Yes, it is not SBS specific. The tool will work for any network. The recorc itself does not reside on the server, it resides with your DNS provider.
Question: what about a isa 2006 in front and configuring vpn?
Answer: Do what Steve suggests. In addition on the ISA server, publish PPTP to the SBS server.
Question: Can you redirect the smarthost to say port 567 (ATT requires this)
Answer: Checking on it right now while Amy continues. Should have an answer in a moment.
Question: thought that pictures would automatically follow the my documents folder..
Answer: Only if in XP. In Vista and Win7 they are broken out on their own now (unless you want to keep them in your My Docs).
Question: can you talk about the migrate user wizard? Or have you discussed in one of your previous presentations?
Answer: Wasn’t on the list for today, but we can get it on the list. :-)
Question: Steve do you think the small business segment is conscious about energy savings?
Answer: Yes, we have a construction company that started powering off their desktops at night. They saw a considerable cost savings per month. So now we have them leave the machines on once a week so we can update over night.
Question: Thank you for the information. It was great to know
Answer: Welcome!
Question: Does running the bpa for ip changes include if the isp has changed the address; not just changing the internal server ip?
Answer: No you would handle that at the edge, your firewall or router device.
Question: is there some way to limit what computers folder redirection is used on. For instance, Some users may occasionally need to log onto someone elses PC and you dont necessaryly want all their folders copied down to that PC. I have some accounts where 5 or more people have loged onto a pc and when a user logs in or out it syncs folder for everyone and takes a long time.
Answer: Chad has been working on this with a client over the past week. I don’t think they have an answer yet.
Question: check out Reflexion’s pdf this will help on the port question http://www.reflexion.net/docs/basic_exchange_setup_guide.pdf
Answer: Thanks
Question: woll4rww: http://dnn.sbstools.de/
Answer: Thanks! THis is the link for the Wake on Lan for RWW add-in
Question: user state migration tool better: mdop 2010 saw this yesterday at microsoft demo takes ALL settings from all users not just the one selected
Answer: This is the tool in Vista that will migration your user settings to the new profile
Question: is there a list of all the wizards in sbs2008?
Answer: No list that we are aware of
Question: Thanks great show when will the slides be up at www. thirdtier.net/store (as in paying for it?)
Answer: They are free in the store. It should be up sometime tomorrow.
Question: in mgration mode there is a migrate user wizard
Answer: We’ll do a blog post
Question: Thank you Amy and Steve. Great meeting today.
Answer: We’ll do a blog post
Question: Whats athe address for your blogpost?
Answer: www.thirdtier.net/blog is our blog
Question: Good Job!!
Answer: thanks
Question: thanks again, see you next time.
Answer: thanks

 

—–

So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN
0 Categories : Amy Babinchak, Steve, Webinar
Oct
13

Contest! Win 10 users of Exchange Defender for a year

by amy

Post to Twitter Post to Facebook Post to StumbleUpon

2 of our Twitter followers will win a 10 user package for 1 year with Exchange Defender. Just tweet #thirdtier by Thursday noon.

Find out more about Exchange Defender. www.ownwebnow.com

You aren’t following us yet? You’ll find us @thirdtier

—–

So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN
0 Categories : Announcement
Oct
8

Third Thursday Webinar: Behind the SBS Wizards

by amy

Post to Twitter Post to Facebook Post to StumbleUpon

What is actually happening when you use one of the wizards in SBS? Reality is that wizards are nothing more than scripts that were written by the development team. But knowing what they are doing is important information that will aid you in becoming an SBS expert.

Steve Banks, SBS MVP and new Third Tier consultant will join Amy in this presentation. It will be Steve’s debut! We’ll tackle as many of the wizards as we have time for in this session.

Please plan to join us on October 15th at Noon eastern time.

When: Thursday, Oct 15, 2009 12:00 PM (EDT)
Scheduled to Occur: Once
Duration: 1:00

Amy Babinchak has invited you to attend an online meeting using
Microsoft Office Live Meeting.

https://www.livemeeting.com/cc/mvp/join?id=MSCQN6&role=attend&pw=Cgb%2B%23W9Qq

Meeting time: Oct 15, 2009 12:00 PM (EDT) 

Add to my Outlook Calendar:
https://www.livemeeting.com/cc/mvp/meetingICS?id=MSCQN6&role=attend&pw=Cgb%2B%23W9Qq&i=i.ics

—–

So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN
0 Categories : Amy Babinchak, Announcement, Steve, Webinar
Oct
8

Mark's rules for TMG Firewall client (MRFTFC)

by steve

Mark Stanfill has started a great series, via his Twitter account, covering EBS rules for TMG. So good that I thought it a great idea to include them here. I'll add to this post as he adds additional rules. Following are the first sets, plus a bonus precursor:

#EBS08 New series: Mark's rules for TMG Firewall client (MRFTFC)

#EBS08 Never use 'route add' on TMG. Use the TMG getting started wizard instead. Look for startup scripts that do route adds,exclude admin

#EBS08 MRFTFC #1 - You probably don't need th FWC. 99% of apps can get by with SNAT and web proxy

#EBS08 MRFTFC #2 - Install from Management Server (not Security): C:\Program Files\Windows Essential Business Server\bin\ISA\client

#EBS08 MRFTFC #3 You only need the FWC if you have an APP that needs it or if you want to track access by user rather than by IP.

#EBS08 MRFTFC #4 Down-level FWC from ISA 2004/6 still works, but you should update it if you use it.

New #EBS08 TMG rule 1 - never, ever use "route add" - you will corrupt the IP stack

New #EBS08 TMG rule 2 - add routes via the getting started wizard only - TMG Console -> Forefront TMG -> Tasks

New #EBS08 TMG rule 3 - Only use TMG Console to configure VPN, never RRAS Mgmt console

New #EBS08 TMG rule 4 - Never, ever,ever, ever disable IPv6 on Security Server - you will never fix anything, but you will break RRAS

New #EBS08 TMG rule 5 - Networks under TMG Console\Networking\Networks must have an interface on TMG server itself or we'll drop traffic

New #EBS08 TMG rule 6 - deploy firewall client via gpo from MGMT server: c:\progra~1\window~3\bin\isa\client --- Exclude Servers from GPO

-Additional markstan comment: It depends on the app and the environment. Use FWC if you need user auditing, don't want to use default gateway, or know that you will have a lot of custom protocols. Undefined protocols = block for SNAT, access for FWC.
New #EBS08 TMG rule 7 - for WMI to work you must disable Enforce Strict RPC Compliance on all applicable access policies and system policies
#EBS08 TMG-if you are publishing TS 2 another server, TS 2 TMG will fail. Set the winstations regkey to 3390 on TMG,reboot cr8 access policy. Set the winstations regkey to 3390 on TMG,reboot create access policy for internal to localhost
 
#EBS08 TMG - Want to query RBLs 4 SMTP? Create an access rule for DNS (not dns server) from localhost to external. Not there by default.
#EBS08 TMG rule - TMG requires IPv6. Never disable via registry or uncheck from ncpa.cpl. This will lead to routing issues and application crashes. I've seen random blue screens, but never been able to repro.
#EBS08 TMG tip - you can copy rules via ctrl-c/ctrl-v, modify settings (like port #) to save time.
#EBS08 TMG tip - getting started wizard (for adding static routes) must be ran on Security Server itself (can't do from mgmt)
#EBS08 TMG TIP - slow web page load/dns name resolution - use the script from http://bit.ly/4tuT6u
#EBS08 TMG TIP 3 updates that need additional work on Security Server - http://bit.ly/3kD7na http://bit.ly/1IeVCM and http://bit.ly/2NypqT
#EBS08 TMG Tip - TMG comes with a 1yr AV subscription. TMG Console\Update Center\Highlight 'Malware Inspection'\Configure License details
#EBS08 TMG TIP - renew licensing for TMG - http://bit.ly/aCRtl To renew, contact your Microsoft Partner or Small Business Specialist.
#EBS08 TMG -Networking\Networks\Internal\Web Browser-'Directly access computers specified in the addresses tab' needs to be checked
#EBS08 TMG TIP - quick TMG backup - EBSAdmin console\Security tab\highlight Network firewall\Save network firewall settings
#EBS08 TMG TIP - Native TMG backup- right-click forefront TMG (servername) in TMG Console -> Export (Back Up)... - choose the defaults.
#EBS08 TMG : Reset TMG to day1 (all ebs services published) in Admin Console\Security\Network firewall\restore default network firewall set
#EBS08 TMG - TMG has a 1 GB limit on http downloads by default
#EBS08 TMG - tmg download limts = TMG Console\Web Access Policy\Configure Malware Inspection\Inspection Settings
#EBS08 TMG - Email a daily network usage report - TMG Console\Monitoring\Reporting\Create Recurring Report Job
#EBS08 - To run IT Health Scanner w/ TMG - create allow all access rule as rule #1, disable strict rpc checking there & on system policy\AD
  - blog post: http://bit.ly/2nwQh3 - How to run the IT Environment Health Scanner in an EBS Environment
#EBS08 - Update to blog post - http://bit.ly/3oWBYO - Preparation Wizard/IT Environment Health Scanner fail with DNS WMI Provider error
Not labeled TMG by Mark, but worth having in this list:
#EBS08 browser access from security server itself - you must manually configure proxy, port 8080, set exclusion for local domain
#EBS08 - security server unable to get updates? Check the proxy exclusions list first.
#EBS08 MRFTFC - Address ranges, subnets, and computer set objects should not contain the TMG server’s IPs (rare exceptions).
#EBS08 MRFTFC - OWA HTTP 500/error 12217 = disable normalization on the OWA publishing rule
#EBS08 MRFTFC OWA "Could not connect to a directory server" error = disable link translation on OWA publishing rule. http://bit.ly/OXr0X
#EBS08 MRFTFC Slow or failed FTP behind TMG? Create the reg key in http://bit.ly/2kPttl and restart server. (many other potential causes)
#EBS08 MRFTFC Postback errors uploading to or configuring SharePoint? Add /WebResource.axd* to the SharePoint publishing rule's path.
#EBS08 MRFTFC to repair or uninstall/reinstall SCE Agent on Sec Server, "net stop fweng /y", install or repair, then "net start fwsrv"
Categories : Steve
Oct
6

Welcome Mikael Nystrom

by Third Tier

Post to Twitter Post to Facebook Post to StumbleUpon

Third Tier is pleased to announce the addition of Mikael Nystrom to our team. Mike is a well-respected member of the SBS community and presented a session on deployment techniques for Windows 7 at the recent SMB Nation conference in Las Vegas.

You can learn more about Mike on his bio page.

Welcome aboard, Mikael!

—–

So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN
0 Categories : Announcement, Mike
Oct
6

NT AUTHORITY\NETWORK SERVICE account in SharePoint Content Database

by edwin
I have had the opportunity to assist a WIndows SBS MVP migrating Windows SharePoint Services 3.0 databases from SQL Server 2005 to SQL Server 2008 in a Windows SBS 2008 environment. He was following the steps outlined in this Microsoft TechNet article to move the content databases and configure them from inside SharePoint Central Administration when he hit a wall and couldn't move forward. When he was at the point where he is already pointing to the new content database, SharePoint started throwing an error. My first instinct was that it has something to do with permissions but I need to capture some activity before even doing anything. Apparently, SQL Profiler is not installed. I opted to change the Authentication mode from Windows to Mixed mode just so I can use a SQL Server login with the SharePoint configuration. After creating a SQL Server login for SharePoint to use, everything was back to normal. While I wasn't comfortable with using Mixed Mode authentication for SharePoint, I dug deeper to see what Windows account was being used thru the Application Pool from within IIS. It appears to be NT AUTHORITY\NETWORK SYSTEM - the default account when you install Windows SharePoint Services 3.0 in the same server as the SQL Server (this is a common setup with Windows SBS). What I did was to add the NT AUTHORITY\NETWORK SYSTEM account in SQL Server using the CREATE LOGIN command (you won't be able to do this in Management Studio as the account is not exposed) and, then, assign the db_owner role in the content database.

I went back to the SharePoint Central Administration after that to switch the configuration of the content database from using a SQL Server login to using Windows authentication. That did the trick.

Note that if you are moving your SharePoint databases from SQL Server 2005 to SQL Server 2008, whether within Windows SBS or a full blown Windows Server system, make sure you check the logins as they need to be moved as well for the SharePoint application to work. You can even use the transfer SQL Server logins script from Microsoft to do this
Categories : Edwin Sarmiento, SharePoint
« Previous Page

Search

Support

Third Tier provides advanced support services to IT Professionals. Learn about what we do at http://www.thirdtier.net or click on the support icon below to chat with one of our support representatives.

Third Tier
Copyright © 2013 All Rights Reserved
iThemes Builder by iThemes
Powered by WordPress