Vol. 20, #6 - February 9, 2015 - Issue #1016

Image

Active Directory change matrix

  1. Editor's Corner
    • Ask Our Readers - Moving from Windows Server 2003 to Office 365 with SharePoint
    • Active Directory change matrix
    • Tip of the Week - Effective ad blocking
    • Recommended for Learning
    • Microsoft Virtual Academy
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Events Calendar
    • Americas
  4. Webcast Calendar
    • Register for Webcasts
  5. Tech Briefing
    • Cloud Computing
    • Microsoft Azure
    • Security and Privacy
    • Small business IT
    • Storage
  6. Recommended TechGenix Articles
    • Recommended articles from websites in TechGenix Network
  7. Windows Server News
    • How to allot your shrinking cloud dollars in the future
    • How to use and when not to use VMware snapshots
    • DRaaS or DaaS? You can have both
    • Learning problem-solving techniques from kids at play
  8. WServerNews FAVE Links
    • Girl Without Bones
    • Russian Hercules
    • Airbus A380 Cuts A Cloud In Half
    • Why Are There No More Unicorns Today?
  9. WServerNews - Product of the Week
    • Veeam Explorer for Microsoft Exchange

 

Veeam Explorer for Microsoft Exchange

Veeam Explorer for Microsoft Exchange is better than ever, giving you instant visibility into your Exchange backups along with a number of other advanced features. You can browse, search and selectively export items (emails, mailboxes, notes, contacts, etc.) directly from Veeam backups of your Exchange 2010 and 2013 virtual machines (VMs) ? even compressed, deduplicated and incremental backups. Veeam Explorer for Exchange is a part of Veeam Backup Free Edition.

Download it today!

 

Editor's Corner

This week's newsletter is all about understanding the changes each new version of Active Directory introduces in your environment. We'd like to thank Pablo Tloupakis, an Infrastructure Architect with Microsoft Consulting Services (MCS), who has provided us with this information in tabular form and allowed us to reproduce it in this newsletter for our IT pro readers around the world. You definitely might want to SAVE THIS NEWSLETTERso you can have it handy should you ever contemplate upgrading your Active Directory infrastructure or raising its forest or domain functional level. 

By the way, whenever I hear the word "matrix" I automatically think of the movie with Keanu Reeves. There's also a terrific Dilbert comic about plugging into the Matrix in a corporate office environment:

http://www.wservernews.com/go/1423576074296

Then of course there's Ratbert's use of a matrix for illustrating strategy options:

http://www.wservernews.com/go/1423576076281

And if that's not geeky enough for you, check out Matrix Transform on xkcd, the webcomic of romance, sarcasm, math, and language:

http://www.wservernews.com/go/1423576078406

Ask Our Readers - Moving from Windows Server 2003 to Office 365 with SharePoint

We received the following email from Hans Reimer, President of Market Vantage LLC in Groton, Massachusetts USA:

Hi Mitch, I've been having recurring nightmares re-connecting my Win 7 PCs to an old HP printer on an XP desktop, every time the power goes out or the router needs to re-boot. Your tip here: http://www.wservernews.com/go/1423576396937 saved the day. I'm still only able to connect to the XP when I use its local IP address, not its name. The machine does not show up when I browse the network. Microsoft really stepped in it when they added all sorts of enhancements to good old workgroups. But at least it works and I know how to fix it next time the XP machine gets assigned a new IP address. Thanks so very much!

By the way, if you can point me to any easy to follow advice for a very small business that's trying to move from a Server 2003 environment to Office 365 with SharePoint, I'm all ears. It's harder than it should be. We just want to be able to share files and host our QuickBooks company file on SharePoint the way we do it on the Server now.

Do any of our newsletter readers have any advice or suggestions for Hans concerning what he wants to do? And by the way, you can find lots more IT pro tips like this in the Knowledge Base on WindowsNetworking.com here:

http://www.wservernews.com/go/1423576404953

Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]

Active Directory change matrix

Organizations that are planning on upgrading their Active Directory infrastructure by deploying domain controllers running a newer version of Windows Server might want to know what new features will be available for them to use. In addition, administrators who are thinking about raising the forest or domain functional level of their Active Directory environment need to be aware of the changes such actions can introduce. Pablo Tloupakis has graciously provided us this information in tabular form so we can publish it in our newsletter. The three tables included below summarize Active Directory features by:

We hope you find these tables useful!

Table 1: Active Directory features supported by different VERSIONS of Windows Server

AD feature Windows 2000 Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2
Group Policy Preferences N/A SP1 Enabled Enabled Enabled Enabled
Operation-based Auditing N/A Enabled Enabled Enabled Enabled Enabled
DNS Application Partitions N/A Enabled Enabled Enabled Enabled Enabled
DNS Stub Zones N/A Enabled Enabled Enabled Enabled Enabled
DNS Conditional Forwarding N/A Enabled Enabled Enabled Enabled Enabled
DNS Background Zone Loading NA NA Enabled Enabled Enabled Enabled
DNS GlobalNames Zone NA NA Enabled Enabled Enabled Enabled
DNS Settings via GPO NA NA NA Vista+ clients Vista+ clients Vista+ clients
DNS Security Extensions (DNSSEC) NA NA NA Enabled Enabled Enabled
DNS Security Extensions (DNSSEC): online signing and automated key management and other enhancements NA NA NA NA Enabled Enabled
DNS Security Extensions (DNSSEC): support for Key Master role NA NA NA NA NA Enabled
DNS Devolution NA NA NA Enabled Enabled Enabled
DNS Cache Locking NA NA NA Enabled Enabled Enabled
DNS Socket Pool NA NA NA Enabled Enabled Enabled
NTLM  minimum session security encryption (default) 40/56 bits 40/56 bits 40/56 bits 128 bits 128 bits 128 bits
NTLM restriction N/A N/A N/A Enabled Enabled Enabled
Kerberos DES default cipher suites default configuration Enabled Enabled Enabled Disabled by default Disabled by default Disabled by default
Per User Selective Auditing N/A Enabled Enabled Enabled Enabled Enabled
Logon/Logoff  Auditing events with IP/User Name/Workstation Name N/A Enabled Enabled Enabled Enabled Enabled
Account Management auditing:- Group Membership Changes N/A Enabled Enabled Enabled Enabled Enabled
Directory Services Auditing ON/OFF (single category Directory Access) Enabled 59 granular settings 59 granular settings 59 granular settings 59 granular settings
Auditing of Removable Storage Devices N/A N/A N/A N/A Only Win8 Clients Only Win8 Clients
AD Database Mounting Tool N/A N/A Enabled Enabled Enabled Enabled
Restartable Directory Services N/A N/A Enabled Enabled Enabled Enabled
Install Replica from Media N/A Enabled Enabled Enabled Enabled Enabled
DCPromo /Forceremoval N/A Enabled Enabled Enabled Enabled Enabled
Confidential Attributes N/A SP1 Enabled Enabled Enabled Enabled
Access Based Enumeration N/A SP1 Enabled Enabled Enabled Enabled
Directory Partition Quotas N/A Enabled Enabled Enabled Enabled Enabled
LDAP bind to rootDSE Anonymous Authenticated Users Authenticated Users Authenticated Users Authenticated Users Authenticated Users
Single-Instance Security Descriptors N/A Enabled. Need to defrag DB after upgrade. Enabled. Need to defrag DB after upgrade. Enabled. Need to defrag DB after upgrade. Enabled. Need to defrag DB after upgrade. Enabled. Need to defrag DB after upgrade.
Garbage Collection - Tombstones purged every 12 hrs  (default) - 5000 objects per batch - If > 5000, every 50% of tombstone purge cycle No limits per batch No limits per batch No limits per batch No limits per batch No limits per batch
ADUC: protect container from accidental deletion N/A N/A Enabled Enabled Enabled Enabled
ADUC: drag'n'drop warning N/A Enabled Enabled Enabled Enabled Enabled
Directory Services Backup Reminders N/A SP1 Enabled Enabled Enabled Enabled
Active Directory Administrative Center N/A At least 1 DC 2008 R2 At least 1 DC 2008 R2 Enabled Enabled Enabled
Active Directory Best Practices Analyzer N/A At least 1 DC 2008 R2 At least 1 DC 2008 R2 Enabled Enabled Enabled
Active Directory Web Services N/A At least 1 DC 2008 R2 At least 1 DC 2008 R2 Enabled Enabled Enabled
Block the creation of duplicate service principal names (SPN) and user principal names (UPN). N/A N/A N/A N/A N/A Enabled
Command line process auditing N/A N/A N/A N/A N/A Enabled
Restricted Admin mode for Remote Desktop Connection N/A N/A N/A N/A N/A Enabled
LDAP query optimizer algorithm improved N/A N/A N/A N/A N/A Enabled
LDAP search result statistics (event ID 1644) N/A N/A N/A N/A Enabled Enabled
LDAP search result statistics (event ID 1644). Additional statistics N/A N/A Enabled With hotfix KB2800945 Enabled With hotfix KB2800945 Enabled With hotfix KB2800945 Enabled
Active Directory Replication throughput improvement Adjusts the maximum AD Replication throughput from 40Mbps to around 600 Mbps. N/A N/A N/A N/A N/A Enabled Between 2012 R2 DCs

 

Table 2: Active Directory features supported by different FOREST functional levels

Forest feature Windows 2000 Windows 2003 Interim Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2
Global catalog replication improvements Enabled if both replication partners are running Windows Server 2003. Enabled Enabled Enabled Enabled Enabled Enabled
Defunct schema objects (Schema de-/reactivation) N/A N/A Enabled Enabled Enabled Enabled Enabled
Forest trusts N/A N/A Enabled Enabled Enabled Enabled Enabled
Kerberos Forest Search Order N/A N/A N/A N/A Enabled Enabled Enabled
Linked value replication N/A Enabled Enabled Enabled Enabled Enabled Enabled
Domain rename N/A N/A Enabled Enabled Enabled Enabled Enabled
Improved Active Directory replication algorithms N/A Enabled Enabled Enabled Enabled Enabled Enabled
Dynamic auxiliary classes. N/A N/A Enabled Enabled Enabled Enabled Enabled
User to InetOrgPerson objectClass change N/A N/A Enabled Enabled Enabled Enabled Enabled
Basic and query based groups (for roles based auth) N/A N/A Enabled Enabled Enabled Enabled Enabled
Read Only Domain Controlller N/A N/A Enabled At least 1 DC 2008 Enabled Enabled Enabled Enabled
Admin Role Separation N/A N/A Enabled At least 1 DC 2008 Enabled (with RODC) Enabled (with RODC) Enabled (with RODC) Enabled (with RODC)
Password Replication Policy N/A N/A Enabled At least 1 DC 2008 Enabled (with RODC) Enabled (with RODC) Enabled (with RODC) Enabled (with RODC)
Active Directory Recycle Bin N/A N/A N/A N/A Enabled Enabled Enabled
Active Directory Recycle Bin User Interface N/A N/A N/A N/A Enabled With 1 or more 2012 DCs Enabled Enabled
Domain Functional Level Rollback N/A N/A N/A N/A N/A Supported FFL Rollbacks: - DFL = 2012 AND FFL=2008 R2 -> FFL 2008 R2 - DFL = 2012 AND FFL=2008  -> FFL 2008 R2 - DFL = 2012 AND FFL=2008  -> FFL 2008 - DFL = 2008 R2 AND FFL=2008  -> FFL 2008 Supported FFL Rollbacks: - DFL = 2012 AND FFL=2008 R2 -> FFL 2008 R2 - DFL = 2012 AND FFL=2008  -> FFL 2008 R2 - DFL = 2012 AND FFL=2008  -> FFL 2008 - DFL = 2008 R2 AND FFL=2008  -> FFL 2008
Virtualized DC Cloning N/A N/A Enabled PDCe must be on 2012 Enabled PDCe must be on 2012 Enabled PDCe must be on 2012 Enabled PDCe must be on 2012 Enabled PDCe must be on 2012

 

Table 3: Active Directory features supported by different DOMAIN functional levels

Domain feature Windows 2000 mixed Windows 2000 native Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2
Domain controller rename tool N/A N/A Enabled Enabled Enabled Enabled Enabled
Update logon timestamp N/A N/A Enabled Enabled Enabled Enabled Enabled
User password on InetOrgPerson object N/A N/A Enabled Enabled Enabled Enabled Enabled
Universal Groups Enabled for distribution groups. Disabled for security groups. Enabled Allows both security and distribution groups. Enabled Allows both security and distribution groups. Enabled Allows both security and distribution groups. Enabled Allows both security and distribution groups. Enabled Allows both security and distribution groups. Enabled Allows both security and distribution groups.
Group Nesting Enabled for distribution groups. Disabled for security groups, except for domain local security groups that can have global groups as members. Enabled Allows full group nesting. Enabled Allows full group nesting. Enabled Allows full group nesting. Enabled Allows full group nesting. Enabled Allows full group nesting. Enabled Allows full group nesting.
Converting Groups Disabled Enabled Allows conversion between security groups and distribution groups. Enabled Allows conversion between security groups and distribution groups. Enabled Allows conversion between security groups and distribution groups. Enabled Allows conversion between security groups and distribution groups. Enabled Allows conversion between security groups and distribution groups. Enabled Allows conversion between security groups and distribution groups.
SID history Disabled Enabled Enabled Enabled Enabled Enabled Enabled
Redirect users and computers N/A N/A Enabled Enabled Enabled Enabled Enabled
Auth manager can store auth policies N/A N/A Enabled Enabled Enabled Enabled Enabled
Kerberos Constrained delegation for computers N/A N/A Enabled Enabled Enabled Enabled Enabled
Kerberos Constrained delegation for computers across  Forests N/A N/A Enabled - 2012  schema update in back-end server's forest - One or more DCs in front-end domain running  2012 - One or more DCs  in back-end domain running  2012 Enabled - 2012  schema update in back-end server's forest - One or more DCs in front-end domain running  2012 - One or more DCs  in back-end domain running  2012 Enabled - 2012  schema update in back-end server's forest - One or more DCs in front-end domain running  2012 - One or more DCs  in back-end domain running  2012 Enabled Enabled
Selective authentication cross-forest N/A N/A Enabled Enabled Enabled Enabled Enabled
Fine-grained password policies N/A N/A N/A Enabled Enabled Enabled Enabled
Fine-Grained Password Policy User Interface N/A N/A N/A Enabled With 1 or more 2012 DCs Enabled With 1 or more 2012 DCs Enabled Enabled
DFS replication support for the Windows Server 2003 System Volume (SYSVOL) N/A N/A N/A Enabled Enabled Enabled Enabled
Advanced Encryption Standard (AES 128 and AES 256) support for the Kerberos protocol N/A N/A N/A Enabled Enabled Enabled Enabled
Last Interactive Logon Information: - The time of the last successful interactive logon for a user - The name of the workstation that the used logged on from - The number of failed logon attempts since the last logon N/A N/A N/A Enabled Enabled Enabled Enabled
Authentication mechanism assurance for ADFS N/A N/A N/A N/A Enabled Enabled Enabled
Off line Domain Join N/A N/A N/A N/A Enabled Enabled Enabled
Off line Domain Join vía DirectAccess N/A N/A Enabled. - At least 1 DC 2012 - Only for 2012 Member Servers and Win8 Clients Enabled. - At least 1 DC 2012 - Only for 2012 Member Servers and Win8 Clients Enabled. - At least 1 DC 2012 - Only for 2012 Member Servers and Win8 Clients Enabled. - Only for 2012 Member Servers and Win8 Clients Enabled. - Only for 2012 Member Servers and Win8 Clients
Managed Service Accounts N/A N/A Enabled. - At least 1 DC 2008 R2. - Only for 2008 R2+ Member Servers Enabled. - At least 1 DC 2008 R2. - Only for 2008 R2+ Member Servers Enabled. - Only for 2008 R2+ Member Servers Enabled. - Only for 2008 R2+ Member Servers Enabled. - Only for 2008 R2+ Member Servers
Group Managed Service Accounts N/A N/A Enabled. - At least 1 DC 2012. - Only for 2008 R2+ Member Servers Enabled. - At least 1 DC 2012. - Only for 2008 R2+ Member Servers Enabled. - At least 1 DC 2012. - Only for 2008 R2+ Member Servers Enabled. - Only for 2008 R2+ Member Servers Enabled. - Only for 2008 R2+ Member Servers
Remote Group Policy Update N/A N/A Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled Enabled
Group Policy Report Improvements N/A N/A Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled Enabled
Group Policy infrastructure status N/A N/A Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled Enabled
Local Group Policy support for Windows RT N/A N/A Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled. At least 1 DC in 2012. Enabled Enabled
KDC Support for Claims N/A N/A N/A N/A N/A Enabled Enabled
Compound Authentication N/A N/A N/A N/A N/A Enabled Enabled
Flexible Authentication Secure Tunneling (FAST) (aka Kerberos Armoring) N/A N/A N/A N/A N/A Enabled Enabled
Domain Functional Level Rollback N/A N/A N/A N/A N/A Supported DFL Rollbacks: - DFL = 2012 AND FFL=2008 R2 -> DFL 2008 R2 - DFL = 2012 AND FFL=2008  -> DFL 2008 R2 - DFL = 2012 AND FFL=2008  -> DFL 2008 - DFL = 2008 R2 AND FFL=2008  -> DFL 2008 Supported DFL Rollbacks: - DFL = 2012 AND FFL=2008 R2 -> DFL 2008 R2 - DFL = 2012 AND FFL=2008  -> DFL 2008 R2 - DFL = 2012 AND FFL=2008  -> DFL 2008 - DFL = 2008 R2 AND FFL=2008  -> DFL 2008
Workplace Join for Windows 8.1 and iOS 5+ devices N/A N/A N/A                 Enabled -  ADFS 3.0 Servers (Windows Server 2012 R2) - Schema of the forest must be  Windows Server 2012 R2 - Group Managed Service accounts for ADFS 3.0 require at least 1 Windows Server 2012 DC - Extranet Access: requires Windows Server 2012 R2 WAP Servers                 Enabled -  ADFS 3.0 Servers (Windows Server 2012 R2) - Schema of the forest must be  Windows Server 2012 R2 - Group Managed Service accounts for ADFS 3.0 require at least 1 Windows Server 2012 DC - Extranet Access: requires Windows Server 2012 R2 WAP Servers                 Enabled -  ADFS 3.0 Servers (Windows Server 2012 R2) - Schema of the forest must be  Windows Server 2012 R2 - Group Managed Service accounts for ADFS 3.0 require at least 1 Windows Server 2012 DC - Extranet Access: requires Windows Server 2012 R2 WAP Servers                 Enabled -  ADFS 3.0 Servers (Windows Server 2012 R2) - Schema of the forest must be  Windows Server 2012 R2 - Group Managed Service accounts for ADFS 3.0 require at least 1 Windows Server 2012 DC - Extranet Access: requires Windows Server 2012 R2 WAP Servers
Second Factor Authentication Across Company Applications Windows 8.1 and iOS 5+ devices N/A N/A N/A
Web Based Single Sign-On (SSO) to resources from known devices (Windows 8.1 and IOS 5+) N/A N/A N/A
Multi-factor Access Control N/A N/A N/A
Work Folders Intranet Access N/A N/A N/A Enabled File Servers must be Windows Server 2012 R2 Enabled File Servers must be Windows Server 2012 R2 Enabled File Servers must be Windows Server 2012 R2 Enabled File Servers must be Windows Server 2012 R2
Work Folders Extranet  Access N/A N/A N/A                Enabled - File Servers must be Windows Server 2012 R2 - Same requirements as "Workplace Join"                Enabled - File Servers must be Windows Server 2012 R2 - Same requirements as "Workplace Join"                Enabled - File Servers must be Windows Server 2012 R2 - Same requirements as "Workplace Join"                Enabled - File Servers must be Windows Server 2012 R2 - Same requirements as "Workplace Join"
Kerberos Authentication: KDC Resource Group Compression N/A N/A N/A N/A N/A Enabled Enabled
Kerberos Authentication:  Kerberos SSPI context token buffer size (Windows 8.x clients) N/A N/A N/A N/A N/A Enabled Enabled
Kerberos Constrained Delegation Resource-based constrained delegation across domains N/A N/A N/A N/A N/A Enabled Enabled
Group Policy: Expanded IPv6 Support N/A N/A N/A N/A N/A N/A Enabled
Group Policy: Policy Caching N/A N/A N/A N/A N/A N/A Enabled
Protected Users.  Members  signed-on to Windows 8.1 devices and Windows Server 2012 R2 hosts can no longer use: - Default credential delegation (CredSSP) - plaintext credentials are not cached even when the Allow delegating default credentials policy is enabled - Windows Digest - plaintext credentials are not cached even when they are enabled - NTLM - NTOWF is not cached - Kerberos long term keys - Kerberos ticket-granting ticket (TGT) is acquired at logon and cannot be re-acquired automatically -  Sign-on offline - the cached logon verifier is not created N/A N/A N/A Enabled PDCe must be on Windows Server 2012 R2 Enabled PDCe must be on Windows Server 2012 R2 Enabled PDCe must be on Windows Server 2012 R2 Enabled
Protected Users. Members   members of the group can no longer: - Authenticate by using NTLM authentication - Use DES  or RC4 cipher suites in Kerberos pre-authentication - Be delegated by using unconstrained or constrained delegation - Renew user tickets (TGTs) beyond the initial 4-hour lifetime. N/A N/A N/A N/A N/A N/A Enabled
Authentication Policy Silos.  Configure authentication policy for each silo in order to control: - Non-renewable TGT lifetime - Access control conditions for returning TGT - Access control conditions for returning service ticket N/A N/A N/A N/A N/A N/A Enabled
Restrict a user account to specific devices and hosts N/A N/A N/A N/A N/A N/A Enabled

About Pablo Tloupakis

Pablo Tloupakis is currently an MCS Infrastructure Architect with a more than 20 years tenure fulfilling multiple roles in the MS Services division, deploying MS technologies (including more Windows versions than he can remember!) at enterprise customers in multiple countries in the Americas. Pablo can be reached at [email protected]

Send us feedback

Got feedback on anything in this issue? Let us know at [email protected]

Tip of the Week - Effective ad blocking

You might remember this quote by Captain Renault in the movie Casablanca:

"I'm shocked, shocked to find that gambling is going on in here!"

Well I was similarly SHOCKED when I read the following article on Business Insider recently:

Google, Microsoft, and Amazon are paying Adblock Plus huge fees to get their ads unblocked

http://www.wservernews.com/go/1423577708281

Is there no justice in the world? No escape from the plague of advertising that engulfs us? No purity of purpose? No free lunch?

Hmmm...

If you're similarly concerned about blocking unwanted ads when you browse around the web, there is another solution you might want to check out. A long time Microsoft MVP (who is now no longer an MVP) has created a HOSTS file that you can install on your computer in order to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. He keeps this HOSTS file updated (the last date was on January 24th of this year) and offers it to the IT pro community at no charge--and with no banner ads too! :-)

Just go to the following site:

http://www.wservernews.com/go/1423577711421

and click on the button "There's no place like 127.0.0.1" and you'll find full instructions on how to download and use his HOSTS file.

Note that some websites you browse will look really dorky when no ads can be displayed on them, but who cares? No more ads!!

P.S. You might want to carefully read the FAQ before using his HOSTS file as it can sometimes result in funny things happening when you browse certain sites.

http://www.wservernews.com/go/1423577714281

P.P.S. If you like using his HOSTS file you might consider clicking the Donate button on his site.

GOT TIPS you'd like to share with other readers? Email us at [email protected]

Recommended for Learning

Here is an IT Pro course on Active Directory from the Microsoft Virtual Academy you might want to check out:

Understanding Active Directory

http://www.wservernews.com/go/1423577825203

Microsoft Virtual Academy

Some announcements from the Microsoft Virtual Academy:

On-demand:  Upgrading to SharePoint 2013

If you want to upgrade to SharePoint 2013, this course walks you through the necessary steps to perform an efficient and effective upgrade.  Experts Brian Alderman and Christopher Harrison show you how Microsoft has enhanced the process, and you'll hear a discussion on how to upgrade from your service applications and web applications, plus how to strategically upgrade individual site collections.  All this and much more in this on-demand course.  Watch here:

http://www.wservernews.com/go/1423577895734

February 25-26:  Two PowerShell DSC Live Events

Master the basics of PowerShell Desired State Configuration (DSC) in this introductory course, Getting Started with PowerShell Desired State Configuration (DSC) February 25:

http://www.wservernews.com/go/1423577897765

Then go in-depth on this fast-moving technology February 26 in Advanced PowerShell Desired State Configuration (DSC) and Custom Resources:

http://www.wservernews.com/go/1423577900093

Register now for Know it.  Prove it.

There is still time to join the tens of thousands of people who are already taking the challenge.  Know it.  Prove it. is a month-long challenge to learn any of eight hot tech topics in  just about an hour a day in the month of February.  Earn badges and points as you compete in the learning challenges, while getting encouragement and help from the blogs and forums.  It's never too late to start to rock your skills!  Register now!

http://www.wservernews.com/go/1423577902046

Quote of the Week

"Never send a human to do a machine's job." --Agent Smith (played by Hugo Weaving) in the movie "The Matrix"

Until next week,

BTW feel free to follow me on Twitter and connect with me on LinkedIn

Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at [email protected] and we’ll try to troubleshoot things from our end.

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Veeam Explorer for Microsoft Exchange gives you instant visibility into your Exchange backups. You can browse, search and export items directly from Veeam backups of your Exchange 2010 and 2013 VMs.
http://www.wservernews.com/go/1423569868578

Failure of a server or critical application can shut you down. FREE Server & Application Monitor will help reduce or eliminate application, database and general file server interruptions at no cost!
http://www.wservernews.com/go/1423569894375

TeraCopy lets you copy and move files at the maximum possible speed.
http://www.wservernews.com/go/1423569943890

NimbleText is a text manipulation and code generation tool that makes you able to perform incredible feats of text and data wrangling.
http://www.wservernews.com/go/1423569949984

WD My Passport Enterprise 500GB Secure Portable Corporate Environment with Windows To Go provides a secure work environment that is fast and easy to set up
http://www.wservernews.com/go/1423569958500


Events Calendar

Americas

Convergence 2014 on March 16-19 in Atlanta, Georgia, USA
http://www.wservernews.com/go/1423578221343

Microsoft Ignite on May 4-8, 2015 in Chicago, Illinois, USA
http://www.wservernews.com/go/1423578223281

Add your event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 95,000 subscribers about? Contact [email protected]

 

Webcast Calendar

Register for Webcasts

Add your Webcast

PLANNING A WEBCAST you'd like to tell our subscribers about? Contact [email protected]

 

Tech Briefing

Cloud Computing

Trust me, I'm a cloud vendor (Microsoft Cyber Trust Blog)
http://www.wservernews.com/go/1423578376421

DevOps and the Cloud (CloudComputingAdmin.com)
http://www.wservernews.com/go/1423578380250

 

Microsoft Azure

Stretching Those Azure Dollars (CanITPro)
http://www.wservernews.com/go/1423578468796

5 Things You May Not Know About Azure (CloudComputingAdmin.com)
http://www.wservernews.com/go/1423578470812

 

Security and Privacy

Third-Party Software is a Security Threat (Part 2) (WindowSecurity.com)
http://www.wservernews.com/go/1423578527953

Keeping Cloud-based Data Safe from Prying Eyes (CloudComputingAdmin.com)
http://www.wservernews.com/go/1423578530546

 

Small business IT

Maintaining Networks without an IT Staff (WindowsNetworking.com)
http://www.wservernews.com/go/1423578665156

Small Business Meets Cloud Computing (CloudComputingAdmin.com)
http://www.wservernews.com/go/1423578667218

 

Storage

Sizing Volumes for Data Deduplication in Windows Server (File Cabinet Blog)
http://www.wservernews.com/go/1423578702859

Making Cloud Storage Secure (CloudComputingAdmin.com)
http://www.wservernews.com/go/1423578705515


Recommended TechGenix Articles

When Good Clouds Go Bad: All about Cloud Services Outages (Part 1)
http://www.wservernews.com/go/1423579075515


Importing a Virtual Machine into Amazon EC2 (Part 1)
http://www.wservernews.com/go/1423579077343


Office 365 Message Encryption (Part 3)
http://www.wservernews.com/go/1423579079437


Working with the Desired State Configuration Feature (Part 6)
http://www.wservernews.com/go/1423579081375


Security: A Shared Responsibility (Part 2)
http://www.wservernews.com/go/1423579083375

 

Windows Server News

How to allot your shrinking cloud dollars in the future

There are a lot of cloud services available today, which makes choosing between them extremely difficult.  Planning ahead and knowing what to budget for in the coming year can make this selection process a little bit easier. Fortunately, this exclusive guide dives into two projects in particular that you should start budgeting for now so your IT cloud dollars will go far in 2015.
http://www.wservernews.com/go/1423578790156

How to use and when not to use VMware snapshots

Simply put, a VMware snapshot is definitely not a backup. Learn what a VMware snapshot is, and – more importantly – what is isn't, so you can sort through the confusion and ensure you avoid trouble by only using virtual machine snapshots as they're intended.
http://www.wservernews.com/go/1423578792171

DRaaS or DaaS? You can have both

If you are thinking about embracing the cloud as part of your disaster recovery strategy, consider DaaS – many DaaS providers offer options where DRaaS is built in already. Learn more about how to leverage both DRaaS and DaaS together for optimal DR in the cloud.
http://www.wservernews.com/go/1423578794968

Learning problem-solving techniques from kids at play

When new vulnerabilities arise in your data center, it's best to think outside the box and adapt.  So, how can you apply this methodology to your vSphere environment? Learn how inside and review the key considerations you need to keep in mind to creatively solve your virtualization security problems when they arise.
http://www.wservernews.com/go/1423578797140


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]

Girl Without Bones

19-year-ol Tatyana Balahnina amazes the judges and audience of Ukraine's Got Talent with her flexible body:
http://www.wservernews.com/go/1423579195062

Russian Hercules

A true Russian Hercules demonstrates his strength:
http://www.wservernews.com/go/1423579196796

Airbus A380 Cuts A Cloud In Half

An Emirates A380 airplane cuts a cloud in half over Amsterdam Shiphol Airport:
http://www.wservernews.com/go/1423579199093

Why Are There No More Unicorns Today?

A dramatic and hilarious explanation of why there are no more unicorns today by French cable channel Canal+:
http://www.wservernews.com/go/1423579201437


WServerNews - Product of the Week

Veeam Explorer for Microsoft Exchange

Veeam Explorer for Microsoft Exchange is better than ever, giving you instant visibility into your Exchange backups along with a number of other advanced features. You can browse, search and selectively export items (emails, mailboxes, notes, contacts, etc.) directly from Veeam backups of your Exchange 2010 and 2013 virtual machines (VMs) ? even compressed, deduplicated and incremental backups. Veeam Explorer for Exchange is a part of Veeam Backup Free Edition.

Download it today!

 

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.