Archive for SBS 2011

Jun
27

Setting up Autodiscover for SBS 2011

by dave

Post to Twitter Post to Facebook Post to StumbleUpon

This is a refresh of an article I wrote earlier for SBS 2008, with a few minor updates.

If you are using Exchange 2007 or Exchange 2010 (SBS or non-SBS) and are using a single-name certificate, this article is for you.

When you migrate to SBS 2008 or SBS 2011 and you already have a domain name, you don’t need to use the built-in domain registration wizard that is included in the SBS setup process.

This is well and good, but it has a downside worth knowing about. You probably didn’t know it, but something that Microsoft does when they set up your new domain name at the registrar is create a custom SRV record for your domain so that Autodiscover will work properly for external client auto-configuration. This is because you are using a single-name cert, which isn’t what Exchange 2007/2010 was designed to use. If you already have a domain name registered and are able to create your own DNS SRV records (some DNS hosts don’t allow SRV record creation), it would be a good idea to create an Autodiscover SRV record to make it easier for Outlook 2007/2010 clients to autoconfigure themselves for Outlook Anywhere (RPC-over-HTTPS) and ActiveSync.

The details on how to set this record up are all inĀ KB940881, but I’ll briefly summarize it here:

1. Get rid of any CNAME or A records for “autodiscover”, and any wildcard “*” records in the public DNS zone. This is a critical step, so don’t just drift past it.
2. Build the SRV record to look like this:

Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: remote.smallbizco.net

Weight and priority should normally both be set to zero.

Why do you need to do this for Autodiscover to work? Well when you feed an Outlook client an email address, it tries to autoconfigure itself, and it does this by trying to contact a series of hosts as follows:

- https://domainname.com/autodiscover/autodiscover.xml
- https://autodiscover.domainname.com/autodiscover/autodiscover.xml
- http://autodiscover.domainname.com/autodiscover/autodiscover.xml

After failing these steps, it will look for an SRV record, and if you haven’t created one, there won’t be one. We’ll come back to this point shortly.

Because your certificate is tied to a single name: remote.domainname.com, any https connection to the autodiscover URL will fail. If you want to create an A or CNAME record for ‘autodiscover’ that points to your server’s public IP and allow port 80 to your server, autodiscover will work, but you would then have allowed port 80 traffic to your server.

An alternate option, still using SSL, is what this article is about. This method takes advantage of a feature that was added in Outlook 2007 SP1 that allows it to look for an SRV record and use the SRV record to find the “real” autodiscover host. In this case, the SRV record is pointing to remote.smallbizco.net, which is the name covered by the cert, so a secure connection to that server to get Autodiscover information will succeed.

Got it? Great!

BTW, if you have a single-name cert on a non-SBS Exchange 2007 or Exchange 2010 server, you still want to use an SRV record as described above, but there will be other changes you will need to make to your environment as well, primarily resetting the URLs on most of your Exchange virtual directories so that they all point to the name that is on your certificate. This is something that the SBS wizards take care of automagically.

3 Categories : Dave Shackelford, Exchange, SBS 2011
Jan
25

January Webinar Available for Download

by Third Tier

Post to Twitter Post to Facebook Post to StumbleUpon

For those who were not able to attend last week’s webinar, the first in the Managing SBS 2011 series, the LiveMeeting recording is now available for download from our Store page (http://www.thirdtier.net/store/). To view the webinar, download the file, extract the ZIP file, go into the folder, and open the ReplayMeeting.htm file.

0 Categories : Amy Babinchak, Eriq Neale, SBS 2011, Webinar
Jan
20

Q&A from Managing SBS 2011 – Installation webinar

by Third Tier

Post to Twitter Post to Facebook Post to StumbleUpon

Here is the Q&A from today’s webinar on Managing SBS 2011 – Installation:

Question: sas or sata drives?
Answer: We are using primarily sata drives. Where we find that they aren’t fast enough, we generally provide a second sever for file storage with those drives.
Question: A lot of DVD burners do support DL, but good luck finding the media! I have found it easier to find Blu-Ray burnable media than DVD DL media…
Answer: Good tip. We’ve found the same thing. The USB setup is very simple and so much faster.
Question: Can we build SBS 2011 and fully configure it with our unique “recipe” (GPOs, tweaks, setup wizards, etc) then image it? Could we then apply that “custom” image to new servers and then tweak a few things for that specific customer? And… If we build that base as “company.lan” can we change that after that fact to “xyzcorp.local”?
Answer: You can’t do all of those things, but you can do most of them. This is a pretty complex questions. We’ll talk about it at the end during Q&A
Question: Do i need an trial key, for trial period of SBS2011. (Have downloaded from MSDN)
Answer: It will let you run without a key for a few days. If you have an MSDN subscirption you can get a key from your downloads section.
Question: I have a customer installation with my ISO file. But need an trial period, before I get the key to my customer. OEM editions have not been released yet in Norway.
Answer: You should be able to install without a product key when you run the install and then add the product key later.
Question: So i dont need an trial key for getting 60days trial
Answer: There is no place in the install where a key is asked for, so no trial key is needed. I’m not certain about the timeframe allowed before a key must be entered, but it doesn’t prompt for a key during install.
Question: Are you all using HP or Lenovo/IBM hardware or whitebox/HAAS hardware for SBS 2011, in particular I’m interested in the RAID controller and any out of band management you deploy.
Answer: Eriq’s company is using Dell hardware for hardware. We’ll discuss this more in live Q&A.
Question: I have started an SBS2011 server installation with 8GB ram for a customer, and i am worried that this will be a problem for my customer. Should i sell more RAM or keep on with 8GB?
Answer: If the customer is very small, it might be OK. But you will find it slow. I would recommend a few more GB minimum. Ram is pretty cheap these days.
Question: It is a 4user business with a simple MySQL database for an LOB software
Answer: I think I would still get them another 4GB. It will help the server have a long healthy life
Question: Most of customers coming from SBS2003. Firewall recommendations and why… What to look for?
Answer: We are using Calyptix. I would recommend a UTM appliance of your choice because attacks today come from all angles.
Question: We use HP 410i with 512MB FBWC controller + 4x146GB SAS 10K disk in RAID5. Choose BBWC or FBWC on the controller. Makes it much faster.
Answer: Thanks for the recommendation.
Question: When we virtualise SBS & a seperate SQL box then we have a mix of SATA and SAS.
Answer: Thanks for the recommendation
Question: If we are okay with using “company.lan” as the internal domain for all customers can we use the “confgiure and image” method and just change the external domain name “xyzcorp.com” using the wizard (in other words not run that wizard before imaging). In other words if we are okay with a generic internal domain name for AD are there any other reasons we cannot build an image of SBS 2011 for use in deployment?
Answer: This is a much better choice. We haven’t tried it. Do some experimentation first and keep us posted on how it goes.
Question: Is there anything new in SBS 2011 that better supports Macintosh / Ipad / Iphone Os es?
Answer: answered live
Question: Amy, how much cache ram on the raid controllers for your SATA installs?
Answer: 256 or 512mb
Question: Teaser question re migration: it sounds like I need another physical server even when I have a perfectly capable box currently running sbs2008. Is this true????
Answer: There’s no in place upgrade. This is function of Exchange. So you do need two boxes. We either replace the existing hardware or if we reuse it we virtualize the SBS 2008 on a temporary server.
Question: Does Remote (RWA) work from Safari Browser?
Answer: It depends..Yes but you can’t remote control a machine in the domain.
Question: Have you tried doing an install on an SSD? If so what RAID options did you choose, if any? Since SBS 2011 is based on Windows 2008 R2, it supports TRIM to increase SSD life span. I have my production SBS 2011 running on 2008 R2 Hyper-V and the virtual disk on an SSD and the performance is amazing! I’m not doing this for customers yet but was just wondering if you guys have played around with SBS on any type of SSD structure yet.
Answer: We have not. But this is great information for everyone. Thanks for sharing.
Question: Will handout or recording of the slides be available?
Answer: The webinar has been recorded and will be available on the site. Most likely there will be a subscription available for supporting materials later.
Question: Are there any documents I should follow or that Eriq can recommend for Macintosh join on SBS network SBS 2011?
Answer: I’ll be doing a post on Macintosh connectivity to SBS 2011 in the near future (read weeks, not days :) )
Question: Have you found a way to disable the remote file share access that shows up in the remote web?
Answer: answered live
Question: Do you feel it is too soon to put SBS 2011 into a client production environment?
Answer: Eriq does not, we have a number of proposals out right now for SBS 2011 migrations.
Question: Thanks. That’s too bad than you can’t filter somehow. Just like the remote control server only shows up for admins, not normal remote users.
Answer: Yes, we’ve bugged it for a future update, but no idea if/when it will be updated.
Question: This might have been discussed earlier, but when clients with SBS 2003 need a hardware refresh and aren’t ready for SBS 2011 yet, do you typically P2V it? If so, what tech do you use?
Answer: I use Storagecraft backup restore into a MS hyper-V machine. MS P2V should work equally as well
Question: Any difference in specs for virtual installs?
Answer: Not much experience with this yet. We expect that the requirements will be higher for virtual servers.
Question: Thanks – Great Job, as usual!!!
Answer: You’re welcome!

0 Categories : Amy Babinchak, Eriq Neale, Q&A, SBS 2011, Webinar
Dec
21

SBS 2011 Release Party Download Available

by Third Tier

Post to Twitter Post to Facebook Post to StumbleUpon

Last week’s Third Thursday webinar presentation of the SBS 2011 Release Party is now available for download from the Store page. To view the recording, download and extract the ZIP file, then open the contained folder and open the ReplayMeeting.html file.

Categories : Amy Babinchak, Eriq Neale, SBS 2011, Webinar
Dec
17

SBS 2011 Standard Download Available

by Third Tier

Post to Twitter Post to Facebook Post to StumbleUpon

Following this past Monday’s release of SBS 2011 Standard to manufacturing, the bits are now available for download from Technet Plus and MSDN. For those who have been wanting to take a look at it before deploying it to customers, now is your chance! Expect that the download site might be a little bogged down today, though. :)

1 Categories : Announcement, SBS 2011

Search

Support

Third Tier provides advanced support services to IT Professionals. Learn about what we do at http://www.thirdtier.net or click on the support icon below to chat with one of our support representatives.

Third Tier
Copyright © 2013 All Rights Reserved
iThemes Builder by iThemes
Powered by WordPress