|RSS | MY PROFILE | PRIVACY|
From the Mailbag
We received some great feedback from readers concerning the last issue Logon Limits. Here's a quick sampling from our mailbag:
One reader pointed out that hibernating your systems can be a bit help in preventing slow startup/logons:
I?ve found that Hibernation is a great way to mitigate slow startup, especially if you don?t want to leave you machine turned on for long periods. It works especially well for my laptops, and has me up and running quickly without all the overhead of a clean boot startup. I?ve configured my laptops to sleep when the lid is closed, but hibernate when the power button is pressed. Works like a charm!
Another reader pointed us to the following registry entry:
I was surprised your article didn?t mention the DelayedDesktopSwitchTimeout value. Our SOP is to set the value at 0 for all Windows Vista / 7 computers in a domain environment:
A couple of readers pointed out that DNS configuration issues can sometimes cause slow logon issues. One said:
I am a consultant for many small businesses and I have gone into a number of new clients who have complained that they had slow boot times. I have found that many small businesses are not setup by an IT professional and when they setup DHCP, they use the ISP DNS instead of the local server. Without DNS setup correctly, I have seen issues with boot times... Sometimes the AD server is listed as the second server, but the first DNS had been listed as the one from the ISP. most of the time, they have many problems of course, which is why they end up calling its out.
And another said:
I have had users who tried getting around my proxy by changing their DNS servers to something else. This causes a huge delay in logging on. Just thought I would throw out there that they should check to make sure DNS is correct.
A helpful reader sent even us a bunch of tips:
Remove any non-present device drivers:
Clean your system with CCleaner (free, works great):
Check for junk that is trying to start up but no longer exists use autoruns.exe to find this stuff:
Update your device drivers! Check with your machine manufacturer first, but you may find more up to date drivers at the maker of the components themselves. For example Intel makes a ton of items - chipsets, video cards, lan cards, sound cards, etc. They have a driver profiler that will check for you. Many times these are many versions newer than what you will find on the manufacturer websites.
Finally, several readers pointed out some unintended irony in the last issue. One said:
Do you find it ironic that you speak of "One common attack vector is to trick users into opening links they think are for familiar or well-known web sites but which actually redirect the user's browser to a site hosting malware" and the links you have to URL expansion services are in fact re-directs themselves?
Yup. Thanks. So whatever you do, don't click here:
Migrating Large Amounts of Storage
This week I want to talk briefly about strategies for moving large amounts of storage from one location to another, such as the contents of a file server or a large Microsoft SQL Server database. Such data often amounts to several terabytes or more, and moving it quickly, reliably and securely can often pose a challenge.
But before I continue on this topic, here's an XKCD comic that describes how storage devices can sometimes AROUSE STRANGE LONGINGS IN US:
You could try using Distributed File System Replication if you are using Windows Server 2003 or later on your servers. Here's a short series of articles I wrote a few years back on WindowsNetworking.com about using the Windows Server 2003 version of this technology:
If you're still on Windows 2000 Server (yikes!) then you could try using a third-party DFS product but it would probably be better to start planning on upgrading your servers before you plan anything else.
Of course, you'll need to make sure your WAN link can handle the replication traffic involved in transferring terabytes of data between sites.
And if you're using Linux in your environment, you could try using Rsync:
Copy over WAN
If your WAN bandwidth is sufficient, you could even do a simple file copy between sites using a tool like RoboCopy or you could instead do a multi-threaded copy by using RichCopy. You'll find links to these two tools in the Admin Toolbox section of this newsletter.
Copying SQL databases
If you need to copy an SQL Server database and not just files and folders on a file server, the recommended option seems to be ESEUTIL, one of the database utilities included with Microsoft Exchange Server:
Use the cloud
You could copy the data into the private or public cloud service your company subscribes to (if you do so) and this can be a good solution provided you have sufficient bandwidth between your premises and the service. For example, you might try using something like Dropbox for Teams for doing this:
You could copy (or export or backup) the data to removable storage media such as a USB hard drive and then send it via courier to the other location. The main downside of this approach is that it may take 24 hours or more for the data to reach its destination, plus you need to take into account the time it takes for you to copy/export/backup and copy/import/restore the data. Altogether this might amount to 48 hours or more if terabytes of data are involved.
If you need to move an entire server, such as the system volume on a server, you could try something like this:
Of course, if you can't afford any downtime with your original server during this process then the two servers may get somewhat out of sync during the process, but you may be able to copy the changes or use the transaction logs to get them quickly synced again before you decommission the original server.
You could also move an entire server by virtualizing it. For example, if your environment is using Hyper-V and VMM, you can use P2V to convert a physical server to a virtual machine:
You could then export the virtual machine from the local host, use WAN/Internet/cloud/courier to move it to the remote site, and import it into the remote host. You can also move virtual machines manually like this:
Secure in transit
You probably also want to encrypt the data so that if it's intercepted in transit over your WAN link or the Internet or if the courier loses it your organization's business won't be impacted. If you're sending the data over the WAN or Internet you should probably encrypt the transmission using IPsec. Another option is SSL/TLS but with all the news nowadays I personally feel more confident with IPsec even though it can be challenging to configure.
If you're physically moving a USB hard drive from one location to another you should use Windows BitLocker Encryption to encrypt the drive. And if you're still on Windows 2000 (yikes again!) you could use an encryption product like Truecrypt:
Finally, if you'd like to share your own tips or stories about migrating storage with our readers or if you have any data replication/migration tools or services you've used and can recommend, feel free to email me at email@example.com
Tip of the Week
When transferring large files with Robocopy, make sure you use the /J switch. Doing this causes Robocopy to use unbuffered I/O for the file transfer and is recommended when copying very large files. If you prefer using Xcopy you can also use the /J switch with Xcopy but only if you are using Windows Server 2008 R2.
Recommended for Learning
A few titles from Cisco Press today to recommend:
Cisco Firewalls from Cisco Press is an exhaustive guide to configure, monitor and troubleshoot Cisco firewall appliances. Lots of nitty-gritty IOS command-line examples here, but also some good high-level design and planning tips. For example, the chapter called Firewall Interactions looks at what happens when your firewall bumps up against your IPS, VLANs, load balancers, and so on. Not for the faint of heart but good reading nonetheless.
CCDA 640-864 Official Cert Guide (4th Edition) from Cisco Press targets network design engineers (or wannabe engineers) who need to learn everything from basics to best practices for designing LANs and WANs of various types. Like many good certification guides, this one too functions well as a quick reference for the busy networking professional and is not just for students wanting to pass the exam. The book also has some good examples of worst practices?the photo on page 134 captioned ?Data center cabling the wrong way? is almost worth the price of the book.
CISSP Boxed Set from Cisco Press has everything you need (except lots of caffeine) to help you prepare for your Cisco CISSP certification exam. The box includes exam guide, practice exams, and hours and hours of video and audio training for your entertainment and enjoyment. YouTube just can?t compete with this. After all, who wants to watch silly YouTube videos of base jumpers narrowly escaping death in the Swiss Alps? I?d rather watch someone explain how the Bell-LaPadula security model works, wouldn?t you? Yes, ladies and germs, networking can be fun provided you?re a nerd. Nerds rule the world. Or they should, anyways. After all, I?m one.
Quotes of the Week
"Get in, get it done, get it done right, and get out." -- Fred Trump, father of Donald Trump
"All I want is clear air in which to breathe, and there is none because everybody's full of hot air" -- Jack Kerouac to Allen Ginsberg in a letter dated September 6, 1945:
"As he was talking, I took a good look at his scarred face, and thought to myself that it takes all kinds to make a world." -- Yakuza mob boss Ijichi Eiji in Confessions of a Yakuza:
Be sure to forward this newsletter to a friend or colleague who might find the tips and tools in it helpful for performing their job. And if you have feedback concerning anything in this newsletter, feel free to send it to my mailbag at firstname.lastname@example.org
Cheers, Mitch Tulloch
Accident or Malicious? Learn whether suspicious activity on Windows Servers is a result of unintentional actions?or malicious insider. View Demo:
mPowerTools - an AD Admin essential! 200+ reports, bulk import/export, scheduling, GPO/File Share Reports. Eliminate scripting! Only $1499!
Tired of your Active Directory management tools? Centralize and simplify all Windows and AD management without scripting.
Need to reliably copy data between systems or even sites? Use Robocopy:
Robocopy isn't enough? Would you rather do a multi-threaded copy between systems or sites? Try RichCopy:
Microsoft Management Summit 2012
January 27 is the last day for Early Bird Registration for MMS 2012 that lets you save up to US $275 off the standard registration price. MMS is where skilled IT professionals can meet to increase their technical expertise through hands-on training, breakout sessions and interacting with industry leaders in desktop and device management, datacenter, and cloud technologies. MMS 2012 will be in Las Vegas from April 16-20, 2012.
Learn how to deploy, manage and maintain Microsoft?s private cloud solution using System Center 2012 in this free public two-day virtual event on February 21-22, 2012.
Sign up for these and other Microsoft events and webcasts at:
Sign up these and other VMware webcasts at:
Sign up for these and other O'Reilly webcasts at:
Browse the Cisco Corporate Events Calendar to find Cisco at events, trade shows and conferences around the world:
AMD Radeon HD 7970 Quad CrossFireX Stomps 3DMark Records
Tom's Hardware has the skinny on what this puppy can do:
How to become a Premier Field Engineer (PFE)
Looking for a new job in the IT field? Here's one possibility you might consider:
Troubleshooting High CPU Utilization issues using Tracelog.exe
From the AskPerf blog, some tips on using the Tracelog.exe utility to troubleshoot high CPU issues:
Reengineering the Windows boot experience
Read about how Microsoft plans on bringing the PC boot experience into the 21st century:
Trustworthy Computing?s Impact a Decade On: Looking Back, Looking Ahead
Rich Mogull, founder of security consulting firm Securosis, discusses the impact that TWC has had both inside and outside of Microsoft:
Finding your hybrid cloud match
Hybrid cloud attracts companies craving flexibility and control. Signing with the wrong provider, though, will leave you begging for a loophole. Watch this popular video for help finding the best hybrid cloud mach for your organization.
Mitigating the risk of a second virtualization hypervisor installation
Many enterprises have rolled out a second virtualization hypervisor installation to reduce costs and improve interoperability with applications. But introducing a second server virtualization platform into a data center is not without its risks. Check out this expert tip to learn how careful planning and testing can help ensure success.
The release of VMware vSphere 5 brought a number of vSphere security enhancements. This expert tip details the top five security features you need to know about in this new version.
Experts? top predictions for 2012: Windows Server 8, PowerShell, cloud
What does 2012 have in store for IT and Windows Server? We asked several experts to share their predictions, and while we received varying opinions on what Windows Server 8 will mean for IT in the year ahead, everyone agreed on PowerShell's increased role in the enterprise. Access this featured article now for more insight.
A compilation of some of the great YouTube moments of 2011:
Bored? Watch some squirrels do a Michael Jackson thing. Thanks to Eric for sending us this:
If a MakerBot ever learns how to make itself, we're in trouble! We MUST protect Sarah Connor AT ALL COSTS!!!
Don't miss the 100 Year Starship Public Symposium. There might not be another one for a hundred years!
Will it blend? Don't try this at home--eek!!
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.