|RSS | MY PROFILE | PRIVACY|
Vol. 20, #4 - January 26, 2015 - Issue #1014
This week's newsletter is all about what you need to think about before you upgrade your server infrastructure to the latest version of Windows Server. I know IT folk like us always like to get our hands on the latest technologies, but sometimes you need to hold off upgrading because it might cause more problems than it solves, otherwise you might end up needing to cover your you-know-what.
Speaking of getting blamed for problems (which unfortunately seems to the lot of the IT professional) check out this classic Dilbert comic about the latest technology for randomly distributing blame:
Starting with this issue we're adding a new section called iOS to our Tech Briefing section. This new section will appear every few weeks and will mostly include links to articles relevant for organizations who use Windows Server for their infrastructure but who also need to be able to securely manage iOS devices such as iPhones and iPads. Check it out!
Concerned about mobile security for your organization? You might want to check out CIO Magazine's 2015 Mobile Security Survival Guide. You can get it free from here (registration required):
Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at email@example.com
In Issue #1011 Blame the software, we talked about who gets blamed when a security breach happens at an organization and we used an NPR story about Edward Snowden as an example of what can happen. Several readers had comments on our editorial and we included a selection of these reader comments in the Mailbag section of Issue #1013 New on the threat radar. Another reader named David sent us some additional feedback on this topic as follows:
While it is true that administrators have a great deal of access it is possible to use encryption so that not even an administrator can read something (like mail, or stored data). Obviously that requires care (for example not storing the encryption keys where an administrator can get them) and may be inconvenient, which is generally enough to prevent its use.
I responded to the reader by saying, "Sure, but then management becomes more complicated. For example if legal requires access to the info, you may need to enlist the help of both an administrator and the owner or overseer of the encryption keys..." and the reader replied with:
And realistically, any enterprise will want recovery keys so that they can assist end users who make mistakes, respond to legal requests, recover from disasters and so on. My point was simply that those keys need not be routinely accessible for an administrator to do their job, so it is possible to run a useful server without administrators having unfettered access to the data on that server.
My point is that protecting against the administrator is not impossible, just inconvenient.
Be nice if the NSA didn't let cost and convenience stand in the way of security, but that's a different whine.
Yes it would have been nice indeed, thanks.
In the Mailbag of that same Issue #1011 Blame the software, a reader named had Joe said:
The beginning of the end was when HP bought Compaq and decided to split itself from its roots as a high-end equipment manufacturer. Now they're just a "me-too" computer company, and not a great one. The Hewlett-Packard name has been reduced to a consumer brand with nothing to set them apart. I wouldn't own anything they put their name on today.
A reader named Tom took issue with what Joe said and sent us the following comment:
I disagree with the comment regarding HP's computers; 'they're just a "me-too" computer company, and not a great one as I have always found their computers, especially their server line to be among the best available. I think I've worked with one, maybe two Dell Servers, the greatest percentage of servers I've dealt with, sold, installed, etc have been HP's.
As for their PC's, they have had a couple of lemons, but again, the greatest percentage of the PCs I deal with, especially HPs are perfectly fine computers, and will stand up against any others.
I personally have never been a big fan of Dell's, mostly due to their keeping a proprietary nature to their machines and corresponding software far longer than any other manufacturer. One must realize that computers, like cars, TVs, or any other device have fans of all stripes, and what works well for one may not for another. While HP has and still does make the best everyday use printers, nothing will compare to an Epson for photos, their computers, especially the server line, are among the best available.
I've used both Dell and HP systems and I've been alternatingly happy and exasperated with them. What are our readers' thoughts on this subject? Got any tips or warnings about ordering server systems from Dell, HP or any other vendor? Let us know at firstname.lastname@example.org
What do you need to carefully consider before you upgrade your server infrastructure to a more recent version of Windows Server? This is not an idle question for several reasons. First, Windows Server 2003 has almost reached end-of-life:
Organizations who are going to decommission their old servers and deploy new ones have a choice between:
Alternatively, they can either wait for Windows Server Threshold which will be released later this year, or they can keep running Windows Server 2003 forever while also keeping their fingers crossed (or paying Microsoft a big pile of money to support their installation)
For the complete Windows Server support lifecycle, see here:
Let's say however that you do decide to upgrade your infrastructure. Should you go with the very latest version of Windows Server available, or with the next earlier version that's already been around for a while?
Leaving aside the question of "shaking the bugs out" for a moment, what are the most important considerations you need to pay attention to when you are planning on upgrading your infrastructure. I can think of three issues in particular where I've seen problems arise if they aren't given due consideration.
Large enterprises tend to have well-defined change management processes for undertaking large-scale tasks that involve their operations. Upgrading server operating systems and desktop refresh are both tasks that take a considerable amount of careful planning to ensure success, so they aren't embarked upon casually.
While Microsoft releases a new version of Windows Server very couple of years, the change management processes of a large enterprise can focus more on decades instead of years. This means you need to start by examining how well your organization's change management processes align with Microsoft's product release lifecycle for Windows Server.
After performing such a comparison, you might conclude that while the upcoming version of the product is great, the timing is bad for your organization. Alternatively, you might conclude that while the previous version lacks some features you'd like to have, the timing is right so you should go with it anyways.
Before you upgrade to the latest version of Windows Server you need to verify first that all of the software and drivers needed to support those servers are available. For example, I know of a company whose IT team upgraded their servers only to discover during the process that their antivirus vendor's software wouldn't support the new version of Windows Server until several months after the upgrade was expected to be finished. The team was then faced with a choice of either backpedalling on their migration plans or going with another AV vendor. In the end they went with the latter, but there certainly was some stress as a result of their lack of careful readiness planning.
The same can be true for the drivers of your server hardware. For example, if you have a SAN deployed in your environment then you need to make sure your SAN vendor's drivers for their HBAs will support the latest version of Windows Server before you get begin on your migration.
Related to the issue of readiness of course is the issue of compatibility. Will your existing applications still work on the new version of Windows Server? Or will you need to deploy a newer version of some applications? You better be sure about this before you upgrade. For large organizations compatibility testing can consume the largest portion of time and effort involved in migration planning.
Active Directory migration
Finally, a big part of upgrading any Windows Server-based infrastructure is Active Directory migration. See the Tech Briefing section of this week's issue for some pinned links you can refer to during the planning stage of your migration.
Send us feedback
Are there any other considerations you feel are really important for you to think about before you upgrade your server infrastructure to a newer version of Windows Server? Share your tips and stories with us at email@example.com
You've probably ordered a motherboard or network card or some other piece of hardware only to discover when your received it that it didn't work. Many vendors require you to obtain a number called a return merchandise authorization (RMA) from them before you can return the defective hardware for replacement. Here's a tip I got today from one of my colleagues who shared a good trick when returning defective hardware: write or scratch a tiny, unobtrusive little mark in some relatively hidden place somewhere on the hardware before you RMA it to the vendor. Why? Because he's heard stories from friends of his own who on past occasions have returned faulty hardware to a vendor and the vendor simply shipped back the exact same piece of hardware instead of sending a replacement!
Of course, before you do this you should also test the hardware even if it's the exact same identical piece they shipped you previously. The reason you should do this is because the vendor may have simply fixed the faulty hardware instead of replacing it with a brand new piece of hardware. This might be the case for example if you purchased a motherboard and found it to be defective because the defect may simply have been a chip that's loose in a socket or a wire that's become unplugged from the motherboard or something similar that's easy to fix.
GOT TIPS you'd like to share with other readers? Email us at firstname.lastname@example.org
Are you planning on pursuing IT certification on Microsoft products? Check out Born To Learn, the blog and resource page of Microsoft Learning:
Some announcements from the Microsoft Virtual Academy:
On-demand: Azure IaaS for IT Pros
Deep dive with Azure Engineering into technologies to help you better understand and build your foundational cloud skills. Recordings from the live Azure IaaS for IT Pros 4-day event are now available at MVA as on-demand courses. Take the 4 learning-packed courses, test your knowledge, and earn MVA points as you delve into core IaaS infrastructure fundamentals, open source technologies, Windows workload architecture, and more! Watch the courses here.
Get a free Second Shot on your MCP exam
Welcome to 2015! Have you set your sights on achieving a new Microsoft certification this year? Here’s some good news. The very popular "Second Shot" offer is back! Between January 5 and May 31, 2015, take any Microsoft Certified Professional (MCP) or Microsoft Dynamics exam, and get a free Second Shot if you fail the first take. Find out how you can take advantage of this offer here.
"I want to get online!! I need a computer!!!" --Keanu Reeves, from the movie Johnny Mnemonic
Until next week,
Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at email@example.com and we’ll try to troubleshoot things from our end.
Veeam Explorer for Microsoft Exchange gives you instant visibility into your Exchange backups along with advanced features.Browse, search and selectively export items: emails, mailboxes, notes, etc.
Network Scanner is a free multi-threaded Port, IP, NetBIOS and SNMP scanner with many advanced features:
Password Manager Pro is a secure vault for storing and managing shared sensitive information such as passwords, documents and digital identities of enterprises:
PlateSpin Migrate is a physical/virtual conversion tool that delivers the fastest and most efficient P2V (and in fact anywhere-to-anywhere) migrations:
Convergence 2015 on March 16-19 in Atlanta, Georgia, USA
Microsoft Ignite on May 4-8, 2015 in Chicago, Illinois, USA
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 95,000 subscribers about? Contact firstname.lastname@example.org
PLANNING A WEBCAST you'd like to tell our subscribers about? Contact email@example.com
We'll start off this week's Tech Briefing section with some links to a series of articles where you can find more information on migrating your Active Directory infrastructure to a more recent version of Windows Server. Be sure to SAVE THIS NEWSLETTER so you have access to these links later like you had pinned them onto your bulletin board.
Active Directory Migration Considerations (Part 1):
Active Directory Migration Considerations (Part 2):
Active Directory Migration Considerations (Part 3):
Active Directory Migration Considerations (Part 4):
Active Directory Migration Considerations (Part 5):
Active Directory Migration Considerations (Part 6):
There's more to come in this series soon, so stay tuned. And now on to some of our usual Tech Briefing items...
Microsoft Azure - The Network Operating System of the Future, Today (Part 4) - Multi-Site VPN and VNet-to-VNet Connectivity (WindowsNetworking.com)
Step-By-Step: Creating a VM Snapshot in Azure (CanITPro)
Work Folders for iOS – iPad App Release (File Cabinet Blog)
Step-By-Step: Enrolling iOS Devices Via Apple Configurator In Microsoft Intune (CanITPro)
How to transition your current SMTP service to EOP in 45 minutes or less (MSExchange.org)
Product Review: Macrium Reflect v5 Server Plus for Exchange
Hitachi Says its New 1.8TB Ultrastar is Highest-Capacity 10K Drive (Data Center Knowledge)
Windows Server Technical Preview – Storage Survival Guide (links to articles, blogs, downloads) (Jose Barreto's Blog)
Compliance and the Cloud: Making a Structurally Dysfunctional Marriage Work
Security Best Practices for AWS (IaaS) EC2 (Part 1)
Video: Configuring, Verifying, and Removing Active Directory Delegations (Part 2)
Exchange Server 2013 Backup and Restore 101 - Disabled mailboxes (Part 5)
PowerShell Essentials (Part 5)
Some enterprises adopt the public cloud, while others prefer to run their apps on-premises in a private cloud. If those two cloud models don't work, enterprises can also choose a hosted cloud, which offers many support levels and services. Learn more about the hosted private cloud and how it can help fill some of the cloud void.
Converged infrastructures can be a perfect fit for virtualized data centers, but only when considering the logistical and financial implications. Get all of your burning CI questions answered and learn when this strategy makes sense – and more importantly, when it does not.
You need to keep IP address management on your radar when you deploy virtual desktops, as consumption often doubles. Fortunately, IPAM tools can help you stay on top of it. Learn about the three ways virtualization increases IP address consumption, and how IPAM tools can help you prepare and manage it all before problems arise down the road.
Access an exclusive library of post project reports submitted by your peers that have recently completed a cloud initiative. Discover the total costs of their projects, top obstacles they experienced, advice they'd give to others, and much more. Complete a quick cloud questionnaire to gain immediate access.
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at firstname.lastname@example.org
The De Dion is capable of reaching 38 mph (61 km/h) - much faster than a horse-drawn carriage:
This amazing brick carrier from Khulna, Bangladesh stacks 22 bricks on his head!
You have seen jets flying in formation. Now watch the Spanish Acrobatic Team Patrulla Aguila (Eagle Patrol) also landing them in formation:
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.