|RSS | MY PROFILE | PRIVACY|
Vol. 34, #8 - June 17, 2013 - Issue #934
This week's newsletter is all about deploying Active Directory in the cloud using Windows Azure. Unfortunately I couldn't find any funny cartoons about Active Directory, but I did find this Dilbert strip that shows how your company directory can sometimes be used for nasty purposes:
We're still getting lots of feedback from our issue Tiptoeing Towards Windows 8 (Issue #932). Mark, a network admin working in Virginia, USA, says:
I enjoyed reading your article. I had a similar experience switching from Windows XP to Windows 7 in that I had to think a bit about how to perform certain basic tasks simply because it was different. One blog I read on the subject said that Windows 7 was more "intuitive". IMHO, Windows XP was far more intuitive if only because after years of working with it, it BECAME intuitive. Bottom line: I chalked up a great deal of my frustration to that age old IT nemesis, the learning curve. As you said, "maybe the cognitive dissonances that annoy me in Windows 8 are chimeras that will vanish in the wind as I begin working in earnest with the platform."
I basically agree since there's always a learning curve with any new release. It's just that for many folks the learning curve for Windows 8 seems to be steeper than usual...
Tony, who works in the UK, shared as follows:
I have been trying to use Windows 8. I can see what Microsoft is trying to do, and really want to go along with it. One of the differences between "touch" i.e. Windows 8 etc and "mouse" i.e. Windows 7 and earlier -- touch is imprecise and mouse is precise. Thus, apart from the autohide task bar (which some of us used e.g. on smaller screen laptops), the mouse guides the cursor to a precise point and clicks. Thus it is very easy to pick from a long list of things e.g. programs on the start menu. A finger on most touch screens is too coarse to do the same. Thus any touch screen approach cannot have anything like as many discrete "areas" on the screen as we are used to. To compensate for this, touch has the concept of swiping to one side to get to additional screens.
But I think that what is making it difficult is that whilst swiping off screen is intuitive for touch, using a mouse to drag the cursor to nebulous areas of the screen is conceptually quite difficult. Here you have a precise pointer, but you are expected to move it to somewhere not clearly defined.
I have thought of something that would make the transition much easier -- if the start menu background was not a solid colour, but a colour gradient to where the active off screen areas are (and heresy a word in semi-transparent text to indicate what the area does) would make it far more logical. This could easily be switched in and out -- get rid of it when you are used to it.
And probably few people ever realised that the Windows taskbar could be put down the side -- it does not have to be at the bottom. So why can't we have the "off screen" trigger configurable -- then most of us could put it in the bottom left on our desktop machines.
In a few years we will have all got used to it. But if you look back at XP, it has an option for "classic menu" because some people took time to adjust from Windows 2000 to Windows XP. If that was a problem, then it should have been obvious that the more radical change in Windows 8 (and Server 2012) would take more getting used to. I think the other thing that was forgotten -- many of us switch backwards and forwards between different versions of Windows -- especially consultants and anybody in IT support. If you make a switch and use it all day, every day, then the change is easier to get over.
From what I understand, the Windows 8.1 release is going to address the "nebulous area" and background issues that Tony describes above, so let's keep our fingers crossed and hope for the best.
And a reader named David said:
For all the good and/or bad about Windows 8 and its interface, the thing I keep coming back to is why Microsoft insists on making everyone change when clearly many people don't want to change. What would be wrong with leaving the options in place so that you could easily have Windows 8 look like 7, or Vista or XP or even 95. For IT professionals and people who are using different systems all the time a change is maybe annoying but can usually be done without too much problem. For Mr/Mrs Average who don't understand systems very well, a major shift like this can massively reduce their productivity.
My guess here is that it's simply too costly for Microsoft to continue to include legacy UI elements in Windows 8 because doing so would add considerably to the test matrix for debugging builds. But I agree that Mr/Mrs Average might have a hard time adjusting to Windows 8. I've also heard however that their kids love it.
Anyways, keep sending us your feedback to firstname.lastname@example.org if you have more to say on the matter, thanks!
My how times have changed. Companies used to deploy their domain controllers on-premises, but now they can deploy some or all of them in an Infrastructure as a Service (IaaS) cloud. This can have huge ramifications for organizations that have a global reach or whose users often travel to far-away places and need to authenticate where the organization has no local Active Directory infrastructure.
Deploying a portion of your company's Active Directory infrastructure to the cloud is simple. All is requires is deploying your domain controllers on Windows Azure virtual machines and setting up site-to-site VPN connectivity between your on-premises and Windows Azure infrastructures. You need to use Windows Azure Virtual Network to establish this connectivity however. That's because Windows Azure virtual machines don't support static IP addresses, and while domain controllers are supposed to always have static addresses, using Windows Azure Virtual Network ensures that the dynamic addresss assigned to these domain controllers will last for the lifetime of the virtual machines. There are a few other considerations you'll need to be aware of and you can read all about it in this whitepaper on MSDN:
But that's not the only way of doing it. There's also a new offering from Microsoft called Windows Azure Active Directory (Windows Azure AD) that can provide your organization with a single identity service that works across Windows Azure, Microsoft Office 365, Dynamics CRM Online, Windows Intune and 3rd party cloud services. You can integrate Windows Azure Active Directory with your existing on-premises Active Directory environment, and you can use it to provide your users a seamless single sign-on (SSO) experience across Microsoft Online Services, third party cloud services, and applications built on Windows Azure that leverage web identity providers such as Microsoft Account, Google, Yahoo!, and even Facebook. You can find out more about Windows Azure Active Directory here:
Finally, you might want to read Sander Berkouwer's summary article concerning it here:
How do you get started with Windows Azure Active Directory? Keith Mayer has a good walkthrough explanation and whiteboard video in his blog here:
We're going to hear from Keith soon in a guest editorial he's writing for an upcoming issue of WServerNews, so stay tuned.
Send us feedback
What do readers think of deploying part or all of their Active Directory identity and access functionality to the cloud? Have you tried it yet? Is your organization considering doing it? Let us know at email@example.com.
GOT A TIP you'd like to share with other readers? Email us at firstname.lastname@example.org
The following tip was submitted by reader Quentin Gurney who is an enterprise IT architect currently working for a Fortune 100 company:
Windows updates not installing due to local computer WSUS database corruption
Perhaps you have run into this issue. You cannot install Windows updates and there is an error in the application log that suggests there is something wrong with the database.
Error code requiring this fix:
Log Name: Application
Date: 6/18/2009 3:22:06 AM
Event ID: 474
Task Category: Database Page Cache
wuaueng.dll (340) SUS20ClientDataStore: The database page read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 4595712 (0x0000000000462000) (database page 1121 (0x461)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The expected checksum was 2818733426791738953 (0x271e271e0c70ee49) and the actual checksum was 1089324781602401865 (0x0f1e0f1e0c70ee49). The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
There indeed is something wrong with the database, but how do you fix a windows internal database for WSUS? There is not much documentation on the subject and what there is suggests you might need to rebuild the whole O/S to make it work. When I ran across this, I was not very interested in doing that kind of a rebuild so I did some more digging.
I found some information that suggested that the local machine WSUS DB might be the same DB that Active directory uses or Exchange uses. To fix that kind of dB, I found this entry suggesting I needed to use esentutl.exe which on a DC is front ended by ntdsutil:
Found this KB and got the idea to try repairing the JET DB:
C:\Users\my account>esentutl /p z:\windows\softwaredistribution\datastore\datastore.edb
Extensible Storage Engine Utilities for Microsoft(R) Windows(R)
Copyright (C) Microsoft Corporation. All Rights Reserved.
Initiating REPAIR mode...
Temp. Database: TEMPREPAIR1264.EDB
Checking database integrity.
Scanning Status (% complete)
0 10 20 30 40 50 60 70 80 90 100
Integrity check successful.
It is recommended that you immediately perform a full backup
of this database. If you restore a backup made before the
repair, the database will be rolled back to the state
it was in at the time of that backup.
Operation completed successfully in 61.75 seconds.
After that, restarted services and we are now installing windows updates. This saved me a few hours by avoiding a rebuild. Server is working fine.
A couple of announcements from the Microsoft Virtual Academy:
Build a Private Cloud w/ Windows Server & System Center Jump Start -- June 18
Join Day 1 of a two day Jump Start series covering the end-to-end process of implementing a MS cloud solution, providing a deep dive into key topics associated with implementing a Microsoft hybrid cloud solution.
Move to Hybrid Cloud with System Center & Windows Azure Jump Start -- June 20
This Jump Start is a continuation of Day 1 and will focus on successfully monitoring and managing ongoing operation of a private cloud environment.
"Opportunity.. don't wait for it - create it. Put in the work, grab it by the throat and don't let go." --Tweeted by Dwayne Johnson a.k.a. The Rock
Until next week,
Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at email@example.com and we’ll try to troubleshoot things from our end.
Use free EMCO Remote Installer to install/uninstall/repair EXE setups and MSI packages remotely on multiple PCs over a LAN. This all-in-one tool combines software audit and deployment features.
Amp up your application monitoring! Download SolarWinds free WMI Monitor and start monitoring any Windows® application or server and achieve amazing insight into real-time performance. Download now!
Free Tool: Idera Server Backup Free – fast, disk-based continuous data protection for Windows and Linux servers – backs up and restore files in seconds
Exclaimer Mail Archiver is a fully featured, competitively priced archiving solution for Exchange that's easy to set up and maintain. It uses file system-based storage so it doesn't require SQL.
Ping Plotter is a network troubleshooting and diagnostic tool that combines traceroute, ping and whois:
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact firstname.lastname@example.org
PLANNING A WEBCAST you'd like to tell our 100,000 subscribers about? Contact email@example.com
After taking the MTA exam, Florian shares some of his thoughts about the exam and who should take it.
In this article Aidan gives an overview about the new enhancements features in Microsoft Hyper-V Server 2012 R2
In his blog post Aidan gives an overview about his TechEd NA presentation about Windows Azure Pack for On-Promises IaaS Solutions.
Janique Carbone begins a new series of articles that will provide an overview of critical concepts associated with a Microsoft private cloud solution.
Deb Shinder begins a new series of articles that looks at how a hybrid infrastructure can let you have the best of both worlds when it comes to the cloud and on-premises services.
In his blog Didier explains a Datacenter concept: running your whole storage on SMB 3.0 and using an RDMA environment for your SAN.
David Davis takes a look at downloading virtual appliances from an online store.
This week Dell launched his Cluster in a Box (CiB) Solution. With 4 blades, Shared SAS and different expansion options available chassis, this offering is targeted for workloads like Hyper-V and SMB 3.0 Building Blocks, Branch or Small Offices or even Datacenter Building Blocks.
Eric Geier begins a new series of articles that look at the benefits of launching a RemoteApp versus using the app in a traditional Remote Desktop session.
In his article Johan collected all fixes that are included in SP3 RU1 with a short description.
This marks the first important step in extending Lync’s unified communications capabilities to the hundreds of millions of people who use Skype.
Ricky Magalhaes asks whether with the advance of computing into the world of mobility, has the requirement for antivirus deprecated or is this a case of complacency. Some vendors are claiming that they can get rid of pattern files and others are saying no antivirus altogether. In this article we explore the options and the reality.
DeviceLock was selected the winner in the Endpoint Security category of the WindowSecurity.com Readers' Choice Awards. GFI EndPointSecurity and CopyNotify! Data Security Software were runner-up and second runner-up respectively.
Thanks to Florian Klaffenbach for providing some of the items in this section. Be sure to check out Flo's Datacenter Report:
IT pros that transition to the cloud for its high availability benefits may be in for a rude awakening – cloud outages can happen just as frequently as traditional data center failures without proper planning. Inside, explore essential tips and tricks that can help you minimize cloud outage risks.
To reap the benefits of virtual desktops, it’s critical to take the necessary steps to minimize availability and performance issues. Access this exclusive guide to explore five common causes of virtual desktop and application downtime – as well as tips for avoiding these pitfalls in your virtual environment.
How you design and manage your virtual infrastructure has a significant impact on the maintenance it requires and the efficiency gains it delivers. Discover the benefits you can enjoy by applying some of the same tactics that cloud providers use on their data center design to your virtual infrastructure.
While many of the new enhancements and features offered in Microsoft Office 2013 were designed with end users in mind, there’s a lot for IT pros to be happy out as well. Explore the top features that are sure to put a smile on your face, including the Web Apps Server, Click-to-Run and Office Telemetry.
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at firstname.lastname@example.org
The space probe 'Mars Express' by the European Space Agency has created the first three-dimensional map of our neighboring planet.
A Ukrainian pilot takes a home-made helicopter for a spin.
A chipmunk will store over 6,000 acorns - but he needs to keep an eye out for pickpockets.
Sound waves passing through liquid cause the formation of bubbles that emit bright flashes of light when they collapse.
Sandwich shop workers Richard and Adam Johnson received a standing ovation for their rendition of 'The Impossible Dream' at Britain’s Got Talent:
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com
Ingrid Tullochis Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.