 |
 |
 |
 |
 |
 |
 |
| RSS | MY PROFILE | PRIVACY | ||||||||
|
||||||||
|
||||||||
Vol. 34, #8 - June 17, 2013 - Issue #934
|
This week's newsletter is all about deploying Active Directory in the cloud using Windows Azure. Unfortunately I couldn't find any funny cartoons about Active Directory, but I did find this Dilbert strip that shows how your company directory can sometimes be used for nasty purposes:
http://www.wservernews.com/go/1371121688022
We're still getting lots of feedback from our issue Tiptoeing Towards Windows 8 (Issue #932). Mark, a network admin working in Virginia, USA, says:
I enjoyed reading your article. I had a similar experience switching from Windows XP to Windows 7 in that I had to think a bit about how to perform certain basic tasks simply because it was different. One blog I read on the subject said that Windows 7 was more "intuitive". IMHO, Windows XP was far more intuitive if only because after years of working with it, it BECAME intuitive. Bottom line: I chalked up a great deal of my frustration to that age old IT nemesis, the learning curve. As you said, "maybe the cognitive dissonances that annoy me in Windows 8 are chimeras that will vanish in the wind as I begin working in earnest with the platform."
I basically agree since there's always a learning curve with any new release. It's just that for many folks the learning curve for Windows 8 seems to be steeper than usual...
Tony, who works in the UK, shared as follows:
I have been trying to use Windows 8. I can see what Microsoft is trying to do, and really want to go along with it. One of the differences between "touch" i.e. Windows 8 etc and "mouse" i.e. Windows 7 and earlier -- touch is imprecise and mouse is precise. Thus, apart from the autohide task bar (which some of us used e.g. on smaller screen laptops), the mouse guides the cursor to a precise point and clicks. Thus it is very easy to pick from a long list of things e.g. programs on the start menu. A finger on most touch screens is too coarse to do the same. Thus any touch screen approach cannot have anything like as many discrete "areas" on the screen as we are used to. To compensate for this, touch has the concept of swiping to one side to get to additional screens.
But I think that what is making it difficult is that whilst swiping off screen is intuitive for touch, using a mouse to drag the cursor to nebulous areas of the screen is conceptually quite difficult. Here you have a precise pointer, but you are expected to move it to somewhere not clearly defined.
I have thought of something that would make the transition much easier -- if the start menu background was not a solid colour, but a colour gradient to where the active off screen areas are (and heresy a word in semi-transparent text to indicate what the area does) would make it far more logical. This could easily be switched in and out -- get rid of it when you are used to it.
And probably few people ever realised that the Windows taskbar could be put down the side -- it does not have to be at the bottom. So why can't we have the "off screen" trigger configurable -- then most of us could put it in the bottom left on our desktop machines.
In a few years we will have all got used to it. But if you look back at XP, it has an option for "classic menu" because some people took time to adjust from Windows 2000 to Windows XP. If that was a problem, then it should have been obvious that the more radical change in Windows 8 (and Server 2012) would take more getting used to. I think the other thing that was forgotten -- many of us switch backwards and forwards between different versions of Windows -- especially consultants and anybody in IT support. If you make a switch and use it all day, every day, then the change is easier to get over.
From what I understand, the Windows 8.1 release is going to address the "nebulous area" and background issues that Tony describes above, so let's keep our fingers crossed and hope for the best.
And a reader named David said:
For all the good and/or bad about Windows 8 and its interface, the thing I keep coming back to is why Microsoft insists on making everyone change when clearly many people don't want to change. What would be wrong with leaving the options in place so that you could easily have Windows 8 look like 7, or Vista or XP or even 95. For IT professionals and people who are using different systems all the time a change is maybe annoying but can usually be done without too much problem. For Mr/Mrs Average who don't understand systems very well, a major shift like this can massively reduce their productivity.
My guess here is that it's simply too costly for Microsoft to continue to include legacy UI elements in Windows 8 because doing so would add considerably to the test matrix for debugging builds. But I agree that Mr/Mrs Average might have a hard time adjusting to Windows 8. I've also heard however that their kids love it.
Anyways, keep sending us your feedback to wsn@mtit.com if you have more to say on the matter, thanks!
My how times have changed. Companies used to deploy their domain controllers on-premises, but now they can deploy some or all of them in an Infrastructure as a Service (IaaS) cloud. This can have huge ramifications for organizations that have a global reach or whose users often travel to far-away places and need to authenticate where the organization has no local Active Directory infrastructure.
Deploying a portion of your company's Active Directory infrastructure to the cloud is simple. All is requires is deploying your domain controllers on Windows Azure virtual machines and setting up site-to-site VPN connectivity between your on-premises and Windows Azure infrastructures. You need to use Windows Azure Virtual Network to establish this connectivity however. That's because Windows Azure virtual machines don't support static IP addresses, and while domain controllers are supposed to always have static addresses, using Windows Azure Virtual Network ensures that the dynamic addresss assigned to these domain controllers will last for the lifetime of the virtual machines. There are a few other considerations you'll need to be aware of and you can read all about it in this whitepaper on MSDN:
http://www.wservernews.com/go/1371121699460
But that's not the only way of doing it. There's also a new offering from Microsoft called Windows Azure Active Directory (Windows Azure AD) that can provide your organization with a single identity service that works across Windows Azure, Microsoft Office 365, Dynamics CRM Online, Windows Intune and 3rd party cloud services. You can integrate Windows Azure Active Directory with your existing on-premises Active Directory environment, and you can use it to provide your users a seamless single sign-on (SSO) experience across Microsoft Online Services, third party cloud services, and applications built on Windows Azure that leverage web identity providers such as Microsoft Account, Google, Yahoo!, and even Facebook. You can find out more about Windows Azure Active Directory here:
http://www.wservernews.com/go/1371121703303
Finally, you might want to read Sander Berkouwer's summary article concerning it here:
http://www.wservernews.com/go/1371121709116
How do you get started with Windows Azure Active Directory? Keith Mayer has a good walkthrough explanation and whiteboard video in his blog here:
http://www.wservernews.com/go/1371121714788
We're going to hear from Keith soon in a guest editorial he's writing for an upcoming issue of WServerNews, so stay tuned.
Send us feedback
What do readers think of deploying part or all of their Active Directory identity and access functionality to the cloud? Have you tried it yet? Is your organization considering doing it? Let us know at wsn@mtit.com.
GOT A TIP you'd like to share with other readers? Email us at wsn@mtit.com
The following tip was submitted by reader Quentin Gurney who is an enterprise IT architect currently working for a Fortune 100 company:
Windows updates not installing due to local computer WSUS database corruption
Perhaps you have run into this issue. You cannot install Windows updates and there is an error in the application log that suggests there is something wrong with the database.
Error code requiring this fix:
Log Name: Application
Source: ESENT
Date: 6/18/2009 3:22:06 AM
Event ID: 474
Task Category: Database Page Cache
Level: Error
Keywords: Classic
User: N/A
Computer: yourserver.yourdomain.com
Description:
wuaueng.dll (340) SUS20ClientDataStore: The database page read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 4595712 (0x0000000000462000) (database page 1121 (0x461)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The expected checksum was 2818733426791738953 (0x271e271e0c70ee49) and the actual checksum was 1089324781602401865 (0x0f1e0f1e0c70ee49). The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Event Xml:
474
2
2
0x80000000000000
850
Application
YOURCOMPUTER.YOURDOMAINcom
wuaueng.dll
340
SUS20ClientDataStore:
C:\Windows\SoftwareDistribution\DataStore\DataStore.edb
4595712 (0x0000000000462000)
4096 (0x00001000)
-1018 (0xfffffc06)
2818733426791738953 (0x271e271e0c70ee49)
1089324781602401865 (0x0f1e0f1e0c70ee49)
1121 (0x461)
There indeed is something wrong with the database, but how do you fix a windows internal database for WSUS? There is not much documentation on the subject and what there is suggests you might need to rebuild the whole O/S to make it work. When I ran across this, I was not very interested in doing that kind of a rebuild so I did some more digging.
I found some information that suggested that the local machine WSUS DB might be the same DB that Active directory uses or Exchange uses. To fix that kind of dB, I found this entry suggesting I needed to use esentutl.exe which on a DC is front ended by ntdsutil:
http://www.wservernews.com/go/1371121725694
Found this KB and got the idea to try repairing the JET DB:
http://www.wservernews.com/go/1371121731725
C:\Users\my account>esentutl /p z:\windows\softwaredistribution\datastore\datastore.edb
Extensible Storage Engine Utilities for Microsoft(R) Windows(R)
Version 6.0
Copyright (C) Microsoft Corporation. All Rights Reserved.
Initiating REPAIR mode...
Database: z:\windows\softwaredistribution\datastore\datastore.edb
Temp. Database: TEMPREPAIR1264.EDB
Checking database integrity.
Scanning Status (% complete)
0 10 20 30 40 50 60 70 80 90 100
|----|----|----|----|----|----|----|----|----|----|
...................................................
Integrity check successful.
Note:
It is recommended that you immediately perform a full backup
of this database. If you restore a backup made before the
repair, the database will be rolled back to the state
it was in at the time of that backup.
Operation completed successfully in 61.75 seconds.
After that, restarted services and we are now installing windows updates. This saved me a few hours by avoiding a rebuild. Server is working fine.
A couple of announcements from the Microsoft Virtual Academy:
Build a Private Cloud w/ Windows Server & System Center Jump Start -- June 18
Join Day 1 of a two day Jump Start series covering the end-to-end process of implementing a MS cloud solution, providing a deep dive into key topics associated with implementing a Microsoft hybrid cloud solution.
http://www.wservernews.com/go/1371121738850
Move to Hybrid Cloud with System Center & Windows Azure Jump Start -- June 20
This Jump Start is a continuation of Day 1 and will focus on successfully monitoring and managing ongoing operation of a private cloud environment.
http://www.wservernews.com/go/1371121744585
"Opportunity.. don't wait for it - create it. Put in the work, grab it by the throat and don't let go." --Tweeted by Dwayne Johnson a.k.a. The Rock
Until next week,
Mitch Tulloch
BTW feel free to:
Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at wsn@mtit.com and we’ll try to troubleshoot things from our end.
Use free EMCO Remote Installer to install/uninstall/repair EXE setups and MSI packages remotely on multiple PCs over a LAN. This all-in-one tool combines software audit and deployment features.
http://www.wservernews.com/go/1371456103828
Amp up your application monitoring! Download SolarWinds free WMI Monitor and start monitoring any Windows® application or server and achieve amazing insight into real-time performance. Download now!
http://www.wservernews.com/go/1371126155269
Free Tool: Idera Server Backup Free – fast, disk-based continuous data protection for Windows and Linux servers – backs up and restore files in seconds
http://www.wservernews.com/go/1371126159956
Exclaimer Mail Archiver is a fully featured, competitively priced archiving solution for Exchange that's easy to set up and maintain. It uses file system-based storage so it doesn't require SQL.
http://www.wservernews.com/go/1371219477232
Ping Plotter is a network troubleshooting and diagnostic tool that combines traceroute, ping and whois:
http://www.wservernews.com/go/1371126177910
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact michaelv@techgenix.com
PLANNING A WEBCAST you'd like to tell our 100,000 subscribers about? Contact michaelv@techgenix.com
After taking the MTA exam, Florian shares some of his thoughts about the exam and who should take it.
http://www.wservernews.com/go/1371121813226
In this article Aidan gives an overview about the new enhancements features in Microsoft Hyper-V Server 2012 R2
http://www.wservernews.com/go/1371121817476
In his blog post Aidan gives an overview about his TechEd NA presentation about Windows Azure Pack for On-Promises IaaS Solutions.
http://www.wservernews.com/go/1371121821913
Janique Carbone begins a new series of articles that will provide an overview of critical concepts associated with a Microsoft private cloud solution.
http://www.wservernews.com/go/1371121827851
Deb Shinder begins a new series of articles that looks at how a hybrid infrastructure can let you have the best of both worlds when it comes to the cloud and on-premises services.
http://www.wservernews.com/go/1371121832023
In his blog Didier explains a Datacenter concept: running your whole storage on SMB 3.0 and using an RDMA environment for your SAN.
http://www.wservernews.com/go/1371121836695
David Davis takes a look at downloading virtual appliances from an online store.
http://www.wservernews.com/go/1371121840757
This week Dell launched his Cluster in a Box (CiB) Solution. With 4 blades, Shared SAS and different expansion options available chassis, this offering is targeted for workloads like Hyper-V and SMB 3.0 Building Blocks, Branch or Small Offices or even Datacenter Building Blocks.
http://www.wservernews.com/go/1371121845132
Eric Geier begins a new series of articles that look at the benefits of launching a RemoteApp versus using the app in a traditional Remote Desktop session.
http://www.wservernews.com/go/1371121849898
In his article Johan collected all fixes that are included in SP3 RU1 with a short description.
http://www.wservernews.com/go/1371121854586
This marks the first important step in extending Lync’s unified communications capabilities to the hundreds of millions of people who use Skype.
http://www.wservernews.com/go/1371121859851
Ricky Magalhaes asks whether with the advance of computing into the world of mobility, has the requirement for antivirus deprecated or is this a case of complacency. Some vendors are claiming that they can get rid of pattern files and others are saying no antivirus altogether. In this article we explore the options and the reality.
http://www.wservernews.com/go/1371121863992
DeviceLock was selected the winner in the Endpoint Security category of the WindowSecurity.com Readers' Choice Awards. GFI EndPointSecurity and CopyNotify! Data Security Software were runner-up and second runner-up respectively.
http://www.wservernews.com/go/1371121869601
Thanks to Florian Klaffenbach for providing some of the items in this section. Be sure to check out Flo's Datacenter Report:
http://www.wservernews.com/go/1371121873679
IT pros that transition to the cloud for its high availability benefits may be in for a rude awakening – cloud outages can happen just as frequently as traditional data center failures without proper planning. Inside, explore essential tips and tricks that can help you minimize cloud outage risks.
http://www.wservernews.com/go/1371121895680
To reap the benefits of virtual desktops, it’s critical to take the necessary steps to minimize availability and performance issues. Access this exclusive guide to explore five common causes of virtual desktop and application downtime – as well as tips for avoiding these pitfalls in your virtual environment.
http://www.wservernews.com/go/1371121900617
How you design and manage your virtual infrastructure has a significant impact on the maintenance it requires and the efficiency gains it delivers. Discover the benefits you can enjoy by applying some of the same tactics that cloud providers use on their data center design to your virtual infrastructure.
http://www.wservernews.com/go/1371121904945
While many of the new enhancements and features offered in Microsoft Office 2013 were designed with end users in mind, there’s a lot for IT pros to be happy out as well. Explore the top features that are sure to put a smile on your face, including the Web Apps Server, Click-to-Run and Office Telemetry.
http://www.wservernews.com/go/1371121910195
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at wsn@mtit.com
The space probe 'Mars Express' by the European Space Agency has created the first three-dimensional map of our neighboring planet.
http://www.wservernews.com/go/1371121915758
A Ukrainian pilot takes a home-made helicopter for a spin.
http://www.wservernews.com/go/1371121919820
A chipmunk will store over 6,000 acorns - but he needs to keep an eye out for pickpockets.
http://www.wservernews.com/go/1371121924445
Sound waves passing through liquid cause the formation of bubbles that emit bright flashes of light when they collapse.
http://www.wservernews.com/go/1371121928774
Sandwich shop workers Richard and Adam Johnson received a standing ovation for their rendition of 'The Impossible Dream' at Britain’s Got Talent:
http://www.wservernews.com/go/1371121932914
|
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com
Ingrid Tullochis Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.
