mirco's.net

Latest Updates: server RSS

• 

  Tick, Tick, Tick, … Boom!

  Mirco 8:05 on Wednesday, 3. December 2008 | View Comments Permalink | Reply
  Tags: administrator (3), blaster, breach, changemanagement (2), clean, cleaning, consultant, coordination, customer (2), infection, management (5), microsoft (10), operations manager (2), opsmgr (2), patch, patches, scom (4), security (2), server, symantec, update, updates (2), virus (2), windows (5), worm (2), wsus (2)

  I still don’t know why I gave into my manager wanting me to postpone my scheduled vacation by a week, so he has some billable hours to report in December.

  So here I was, stumbling into the office after a terrible drive through heavy traffic and a 20km detour because of a roadblock caused by a serious accident. As expected most of my customers administrators where either still not in office or in a meeting. I start the computer and fire up Outlook and the Operations Manager Console, and… Uh-Oh, this can’t be good.

  I was looking at about 1000 critical alerts, all less than 36 hours old and of the same type.

  It turned out that a new Windows worm has appeared over the weekend, infecting computers without a previously released patch and/or old versions of Antivirus Software.

  To say I was surprised of this sort of fallout would be … a huge lie, since I kept telling every responsible stakeholder for months this could be happening anytime at the way they are handling update and patch distribution.

  And it continued to play out just as I had expected it would. Someone found the single patch that would prevent an infection, and everyone with an Administrator account jumped at any server they could get a hold on to install exactly this single patch manually, instead of installing the other 28 – 79 missing patches along the way.

  It also reminded some of them that I had published a process on how to identify and classify servers for automatic update distribution. After all this document was available to everyone for the last few months and presented to management for consideration.

  Two days later most of the monitored servers are responding again, which doesn’t imply they are no longer infected, just patched. But as far as I can tell we are only monitoring about 60% of all servers after all.

  Since there is no active WSUS on the network, all patches had to be downloaded from Microsoft to the servers which took hours. The worm was putting so much additional traffic on the network that the proxy servers collapsed several times. User where constantly complaining about service and accessibility.

  The last company I witnessed this kind of chaos after a virus out brake was during the Blaster era (2001). It took them less than a month after this incident to implement strict policies and processes to prevent this from happening again. And as far as I know it never has since.

  Knowing there are still companies like my current customer out there, that don’t have a clue about processes, security and management only fill me with the assurance that there is still a great potential for future business, if only they would listen to their consultants.

  That’s why the pay us, right?

   

  Reply Click here to cancel reply.

  Name (required)

  Email (required)

  Web Site

   
• 

  CoreConfigurator for easier Windows Server Core configurations

  Mirco 15:33 on Tuesday, 1. April 2008 | View Comments Permalink | Reply
  Tags: 2008 (2), administration (4), core, management (5), microsoft (10), server, system (2), tools, windows server 2008

  CoreConfigurator is a basic GUI configuration utility for Windows Server Core 2008 configuration and management.

  It will ease some of the common administration tasks on a Core Server installation.

  

  You can download this tool here >> Microsoft Israel Blogs

   
• 

  Managing SMB environments with Microsoft System Center Essentials 2007

  Mirco 13:30 on Thursday, 10. January 2008 | View Comments Permalink | Reply
  Tags: distribution, microsoft (10), packaging, server, software, sql (2), sql server 2005, system center (2), system center essentials 2007, windows (5), wsus (2)

  I currently have a SMB customer who wants to improve it’s IT management and monitoring processes without investing a lot of money.

  There are a few things companies can do without investing any money. Like installing a Windows Server Update Service for patch management, SharePoint Services for document and workflow management, a Distributed File System for easy file management, etc.

  But I haven’t found any lowcost solution for a reliable server and network monitoring that enables administrators to proactively respond to system events and errors. Most solutions like Nagios only monitor SNMP traps, which might tell you that your server is absolute fine and running… while an event monitor would show the administrators that the DNS service is actually offline due to a database error.

  On an Enterprise level there are several systems to choose from. Like Tivoli, OpenView and Microsoft System Center Operations Manager they are all very complex and very expensive.

  Together with the current System Center Operations Manager 2007 Microsoft introduced the System Center Essentials 2007 version targeted at the midrange market (50-500 employees). Essentials includes key features from the Operations Manager as well as Windows Update Services 3.0 and SQL Server 2005 Express Edition. While WSUS is fully integrated into the package, SQL server is an optional feature, since it’s also possible to use any existing SQL Server 2005 instance as long as it has Reporting Services installed.

  Installation is very easy, containing only of a single installation wizard which will guide you to the most important settings, like account name and password for the services and agents, and won’t bother with any unimportant details.

  After about one hour you can open the System Center Essentials console, which will present you a brief overview of your environment with the most important information and open tasks. The first two tasks for the administrators will be the configuration of the update services which works the same as in the standalone version of WSUS 3.0 and the creation of a domain policy for your clients and servers to utilize the Windows Update Service, as well as a another wizard based task to discover the potential clients on your network to install the Management Agents on.

  

  The management agents will collect all current information on the managed systems, like installed hardware and software, operating system version, installed patches and updates, existing users profiles, system status, hard drive status, event logs, etc.

  Like in the Operations Manager 2007 the Essentials version provides a basic list on Microsoft Management Packs which can be extended by installing additional Management Packs. System Center 2007 compatible management packs include a flag for the Essentials version that reduces the amount of data send to the database to a needed minimum. This will keep the database size down as well as prevent administrators from being overwhelmed by the sheer mass of available information.

  

  Additional to monitoring your client/server computers and deploying operating system and application patches System Center Essentials also enables you to distribute simple software packages. The deployment packages can be created from EXE or MSI files. The later also automatically creates an uninstall option for the package.

  The creation process is guides by an easy to understand wizard which again focuses only on the most important features of software packaging, like including additional files and providing command line options. In case of MSI files it also enables you to modify some of the MSI configuration settings.

  All software packages are listed in the Software tab and can be categorized and applied for installation on specific computer groups taken from the WSUS component.

  

  Microsoft System Center Essentials 2007 server licenses are available with or without a SQL Server 2005 license, in case you already have one or want to use the Express Edition. furthermore you will need a Client or Server Management License for each Windows based system you want to install a Management Agent on. None Windows based systems can be managed and monitored via SNMP and don’t require additional licenses.

  Since this Version of System Center is targeted at the midrange market the number of manageable Windows systems is limited to 30 servers and 500 clients and the managed environment will only host one Management Server. There is also an option for ISPs who want to manage multiple SMB customers. In this case all of the managed SCE can be connected to a full version of System Center Operations Manager 2007 for central management.

   
• 

  Why You Really Want To Use A Proper Messaging Server

  Mirco 21:20 on Wednesday, 5. December 2007 | View Comments Permalink | Reply
  Tags: backup, colaboration, continuity, corporate, domino, email, exchange, groupwise, messaging, pop3, server, thunderbird

  I’m currently participating an early adoption program for a Notes 8 rollout and so far I’m less than satisfied with the new “features”. Strolling through the forum pages to get a clue why I’m having certain effects on my client I ran across some posts from people who, according to their suggestions, clearly don’t know a thing about corporate messaging.

  They’re not alone in their lack of understanding for sure, but do you want to trust the future of your company to IT managers or administrators that suggest switching from a Domino/Exchange/Groupwise/… messaging server to some POP3 server with a Thunderbird Mail Client?

  If your answer is Yes please continue reading.

  Of course a proper messaging system is expensive. Of course it needs a lot of administration and maintenance. Of course you will have to carefully plan and size the server infrastructure if you need more than two servers.

  But all of this is no reason not to use any of these systems.

  Today email is most critical form of corporate communication. Loosing some of your business emails can cost your and/or your company a fortune. To reduce the risk of loosing data, companies tend to create backups of everything important… or at least they should. But how do you backup POP3 emails?

  To Answer this we need a short and incredibly rudimentary explanation of how POP3 emails get into your inbox.

  1. The sender sends an email to your address
  2. The email somehow arrives at your mail server and is stored in your mail account file (usually an encrypted text file, unless encryption wasn’t turned on)
  3. You open your mail client and it starts downloading your new emails from the mail account file
  4. After all the new emails have been transferred the mail account file will be emptied

  You will see that making a backup of the company emails will only be possible on the users computer, which is the last place you want to make a backup of. But this is another story.

  On a proper messaging server all the emails (incoming and outgoing) will stay on the server and the mail clients will only receive a copy to work with. Creating a backup here will only include the mail storage of your messaging servers.

  Oh… and you won’t loose all our emails once your desktop harddrive crashes. I wish I had a penny for every time that happened to one of my customers.

   
• 

  Who needs a Desktop Computer anyway?

  Mirco 19:24 on Wednesday, 14. November 2007 | View Comments Permalink | Reply
  Tags: budget, computing, cost (2), desktop, infrastructure, optimization, server, terminal, thinclient, virtualization (2), vmware

  Imagining most of the corporate environments I’ve seen… Desktop PCs on every desk, users mostly use Office software or some business applications, and security policies don’t allow saving files on the local disk.

  Asked how to reduce the fixed costs and consolidating servers, my first question usually is: “Does everyone really need his/her own desktop computer?”

  Why am I asking? Corporate Desktop PCs produce a lot of costs. You need to replace them every 3-4 years, you need to maintain the OS and the software installed on them, they consume a good amount of power to display spreadsheets and text documents, they need space, and produce noise as well as heat.

  Do not underestimate the heat! We noticed that after some of our customers switched their old CRTs with new shiny TFTs the room temperature went down, considerably. Ok, this slightly increased the heating bill in winter but the savings on cooling the office space during summer were higher.

  Replacing the Desktop PCs with Thin Clients will have roughly the same effect.

  “But wait. Replacing all of the computers with thin clients will not be accepted by the users!”

  Are you sure?

  Companies are not a democracy. If the users have no choice they will accept the new thin client strategy, if they want to keep their jobs.

  On the other hand companies try to squeeze out the last cent out of every investment before turning to new one.

  So, what will it cost?

  Now, that depends largely on the software you use, how much you spend on your average corporate desktop, and which kind of solution you’re targeting.

  Yes, there’s more than one way to thin down your computers.

  The classic approach would be a terminal server solution. All applications and the desktops run on a shared terminal server which can host roughly up to 80 users (depends on applications and server size).

  Or you could go with the virtualization hype and provide a virtual machine for every user which more or less behaves like the common desktop computer, only it’s running on a large server farm.

  Alternatively you also could use application streaming where preconfigured packages of application are synchronized with the application server but running locally. This could be an intermediate solution for existing desktops or used for traveling users on a notebook.

  Ultimately, if you need to provide high performance graphic applications like CAD or DTP tools you now can bind a whole blade server to a thin client. This is the most costly solution, but enables your users to work on his/her machine from any of these thin clients while the system itself is secured in the datacenter.

  This is the place where you start saving money. All of the solutions above focus on concentrating the user environment in a place where it can be managed most efficiently: Your datacenter.

  You won’t need highly trained IT personnel spread across the globe to maintain your desktop computers. I’m not saying you should lay them off, but they can remotely manage the centralized infrastructure. Think of it like a 24h server system administration plan with the people you already have. These people can keep your server running, so the users can work with the remote desktop environment.

  If a thin client breaks, someone just has to plug in a new one and all is set. If you have to shut down one server the sessions can be relocated to another, which reduces critical downtimes.

  Since all of the computing power is concentrated in a single place you won’t need local servers in every branch office, outlet, site, whateveryoucallit. This will save money for the hardware, system maintenance, and will simplify your backup strategy.

  And the best part: All data, documents, files, etc are stored in a (hopefully) safe place with periodic backups. Just imagine never having to search a broken harddrive for that crucially important Excel file, which should have been stored on the department file share in the first place, again.