Vol. 19, #11 - March 17, 2014 - Issue #971

Image

SharePoint Migration Tools

  1. Editor's Corner
    • From the Archive
    • SharePoint Migration Tools
    • Tip of the Week: Unintended Consequences of Server Hardening
    • Recommended for Learning
    • Microsoft Virtual Academy
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Events Calendar
    • Americas
    • Europe
    • Asia Pacific
  4. Webcast Calendar
    • VirtualizationAdmin.com Webinar: Tips, Tricks and Tools for Good and Lazy Administrators: Upgrade to vSphere 5.5
    • WindowsNetworking.com Webinar: How to Recover Exchange and SharePoint in Seconds
    • Register for Webcasts
  5. Tech Briefing
    • More on CMS and SharePoint
    • Windows Server
    • Windows Client
    • Security
  6. Windows Server News
    • Stop the insanity: Private cloud benefits for the enterprise
    • Taking charge of user support with virtual desktop remote control
    • Preparing your checklist for a flawless hypervisor switch
    • Steering your career as a desktop admin in the mobility age
  7. WServerNews FAVE Links
    • Ole Hemmingson And His Tractor - 'Lover Come Back to Me'
    • Black Bear Climbs Across Rope To Get Food
    • The Second-Largest Tree In The World - 3200 Years Old
    • Acrobatic Dance Duo - Stephan Choiniere And Tsvetelina Tabakova
  8. WServerNews - Product of the Week
    • Hidden Problem with Migrations to SharePoint - LinkFixer Advanced automatically fixes the broken links.

 

Hidden Problem with Migrations to SharePoint

Did you know that migrating to SharePoint will cause links that point to the migrated files to become broken? This is an often unknown and hidden problem that can result in costly disruptions for you and your users. LinkFixer Advanced automatically fixes the broken links!

Click now to download your FREE trial version!

 

Editor's Corner

This week's newsletter is all about tools for migrating your current enterprise content management system (CMS) to Microsoft SharePoint. Migrations can be tricky to perform however, and when something goes wrong the first thing to do is to be honest and admin you're facing problems instead of trying to hide. Well at least that's what Dilbert thought in this comic:
http://www.wservernews.com/go/1394792453078

From the Archive

For some of our past issues dealing with SharePoint be sure to check out the following:

And for some recent issues on various forms of migration, see:

SharePoint Migration Tools

There are many other enterprise content management systems out there in the real world besides SharePoint. A few that I've come across recently in my IT wanderings have included:

I'm sure you our readers have come across others and may have even implemented them in house. Feel free to let us know which CMS you're using and why you selected it by emailing us at [email protected] as we love to hear your opinions on such matters.

For whatever reasons however, your organization may have decided to migrate your existing CMS to SharePoint. If that's the case then here are a few tools that might ease the pain of your migration:

Content Matrix from Metalogix

This tool helps you consolidate your existing content and file shares into SharePoint without losing metadata, and it also lets you migrate from to SharePoint 2013 from earlier versions of SharePoint:
http://www.wservernews.com/go/1394792856815

Migration Suite from MetaVis Technologies

This product lets you perform pre-migration analysis and can migrate metadata, structures, workflows and permissions:
http://www.wservernews.com/go/1394792919331

Tzunami Migration Masters

This company offers solutions for migrating file shares, OpenText, Xerox Docushare, Documentum, and a whole host of other document management systems to SharePoint:
http://www.wservernews.com/go/1394792923175

LinkFixer Advanced from LinkTek

Finally, what if something goes wrong with your CMS migration? (Remember, if anything can go wrong, it will.) LinkFixer Advanced lets you find and fix broken links in hundreds, thousands or even millions of files quickly, easily and automatically. It also provides detailed reporting, including broken link reports, showing links within any files that are not working properly:
http://www.wservernews.com/go/1394792927362

Broken links can often happen when files are moved or renamed during server upgrades, server consolidations, server name changes, provisioning new storage, folder reorganizations, archiving operations, and so on. LinkFixer Advanced can fix broken links in Excel, Word, PowerPoint, Access, Visio, Windows Shortcut, PDF, AutoCAD, MicroStation, InDesign, PageMaker and other file types.

LinkFixer Advanced is a great product to have in your IT toolbox and LinkTek is also our sponsor for this week's issue of WServerNews.

Tip of the Week: Unintended Consequences of Server Hardening

This week's tip was submitted by Jack Johnson who has been working with Platforms Dedicated Support Engineering (DSE) at Microsoft for over fourteen years.

A Cautionary Tale of Server Hardening

Server hardening is a key component to the infrastructure of many enterprises. It is widely used and very effective against preventing attacks. One of the main tools of server hardening is to block high RPC ports. There are the ports normally in the 5000 and up range. However, careful planning should be taken to ensure the enterprise doesn't "shoot itself in the foot" so to speak when doing this. I came across one sure situation where a company was having issues with account lockouts. Based on the data, the account lockouts were due to bad passwords.

Viewing a Netlogon.log file would show something similar to this:

12/12 09:53:31 [LOGON] US: SamLogon: Transitive Network logon of US\User1 from WORKSTATION23 (via DOMAINCONTROLLER45) Returns 0xC000006A

So once we started to dig into the issue we discovered that the users were actually trying to change their passwords when this issue was occurring. Once the password was successfully changed, they were being prompted by their Outlook client for the correct password. They enter the password that was just changed but it doesn't work and now their account is locked out. So why did they account get locked out after only one "bad password"? The answer is in the screen capture below.

So in taking a look at a connection from Outlook we see multiple connections being made via RPC:

Image

The multiple connections are all using the port of 6001 which is one of those higher ports that are usually blocked via server hardening. There are 3 connections shows here but I have seen as many as 5-7 different connections. So if all of these connections are sending the same bad password, then it's possible each connection is being counted as a bad password, therefore exceeding the count and locking the user out.

So why is the password is considered "bad" when it was just changed on the users workstation successfully? Well, when a password is changed, the change is sent to the authenticating domain controller. If that domain controller is the PDCE (Primary Domain Controller Emulator), then the password change is recorded. If the authenticating domain controller is not the PDCE then that DC will forward the change to its PDCE. However, that forward is done via RPC on one of those high ports we just mentioned. But wait, those ports are blocked via server hardening. Correct, which is why the change is not successfully forwarded to the PDCE immediately so as far as the PDCE knows, the user's password has not changed. The PDCE does get the change eventually but only after normal replication has taken place. That was the other piece to this problem, the user's accounts would NOT get locked out if they waited for an hour or so, hence the normal replication cycle.  

Once we had all the pieces to the puzzle, we were able to create a static port to allow the domain controller to forward the password change to the PDCE without breaking the rules of server hardening. This type of issue is one that could easily be overlooked when constructing your server hardening plan so be mindful and design accordingly.

--by Jack Johnson, Platforms DSE at Microsoft.

GOT TIPS you'd like to share with other readers? Email us at [email protected]

Recommended for Learning

Check out all the free ebooks from Microsoft Press on this page of the Microsoft Virtual Academy:
http://www.wservernews.com/go/1394792993191

Microsoft Virtual Academy

March 19: Software-Defined Networking with Windows Server and System Center Jump Start

Find out how SDN can ease your networking worries in this half-day session led by seasoned experts, and featuring demos, technical guidance, and a Q&A session with a top-notch team. This popular solution can streamline datacenter implementation through self-service provisioning, take the complexity out of network management, and help increase security with fully isolated environments. Don’t miss it! Register here.
http://www.wservernews.com/go/1394792998504

On-demand from MVA: Building Modern Web Apps

If you want to get started building apps for the cloud, take an entertaining journey through the latest capabilities of Windows Azure, as our expert instructors challenge you to apply your new knowledge right away. This deep-dive course is deal for you if you’ve been thinking about Windows Azure for your next app, but aren’t sure where to begin. Watch the course here.
http://www.wservernews.com/go/1394793003394

Boost your career potential with a limited-time certification offer & free exam prep from Microsoft

Whether you are an aspiring technologist just starting your journey, or your career path leads you on an IT Professional, Database Administrator or Developer direction, we have free exam preparation, offers on certification and access to a community that can help you along the way. Find out more and get started here.
http://www.wservernews.com/go/1394793008004

Quote of the Week

"It’s not the most powerful animal that survives. It’s the most efficient." -- George St. Pierre, aka GSP, aka Rush, Canadian MMA fighter and former UFC Welterweight Champion

Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at [email protected] and we’ll try to troubleshoot things from our end.

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

LinkFixer Advanced uses a patented process to automatically fix broken links in Excel, Word, Access, PDF, AutoCAD, InDesign and other files during data migrations. Get your free trial version now.
http://www.wservernews.com/go/1395043316087

#1 backup tool for Hyper-V. Veeam Backup Free Edition is the must-have tool for VMware and Hyper-V. Use Veeam Backup Free Edition for as long as you like. Download now.
http://www.wservernews.com/go/1394794488013

Free Hyper-V backup tool for WServerNews subscribers that allows you to save offsite VM backup copies, manage multiple Hyper-V host backups remotely and support WinServ 2012 R2.
http://www.wservernews.com/go/1394794492779

Moving Exchange to Microsoft Office 365 can be a lengthy and complex process. This white paper covers the key steps and planning strategies that need to be considered.
http://www.wservernews.com/go/1394794499076

Need a USB charging adapter? Check out this one from Mediabridge.
http://www.wservernews.com/go/1394794504419

 

Events Calendar

Americas

Microsoft Exchange Conference (MEC 2014) on March 30-April 2, 2014 in Austin, Texas
http://www.wservernews.com/go/1394793013925

Microsoft Build Developer Conference (Build 2014) on April 2-4, 2014 in San Francisco, California
http://www.wservernews.com/go/1394793016332

TechEd North America on May 12-15, 2014 in Houston, Texas
http://www.wservernews.com/go/1394793018551

Microsoft Worldwide Partner Conference (WPC 2014) in July, 2014 in Washington, D.C.
http://www.wservernews.com/go/1394793020597

Microsoft SQL Server PASS Summit 2014 on November 4-7, 2014 in Seattle, Washington
http://www.wservernews.com/go/1394793022691

Europe

European SharePoint Conference on May 5-8, 2014 in Barcelona, Spain
http://www.wservernews.com/go/1394793025457

TechEd Europe on October 27-31, 2014 in Barcelona, Spain
http://www.wservernews.com/go/1394793027863

Asia Pacific

TechEd New Zealand on September 9-12, 2014 in Auckland, New Zealand
http://www.wservernews.com/go/1394793030035

Add your event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 95,000 subscribers about? Contact [email protected]

 

Webcast Calendar

VirtualizationAdmin.com Webinar: Tips, Tricks and Tools for Good and Lazy Administrators: Upgrade to vSphere 5.5

It's an adage that being a lazy systems administrator isn't a bad thing - as long as you're good!

Good and lazy administrators know it's important to anticipate and avoid problems before they happen. They also know that when problems do occur, it's equally important to have the right tools and features ready to perform a fast, flexible recovery in minutes - not hours or days. That's why vSphere 5.5 is packed with new features designed for your VMware infrastructure. 

Join David Davis a leading virtualization expert, and Rick Vanover, Veeam Product Strategy Specialist for this live, interactive webinar on Thursday, March 20th, 2014 at 2PM EDT / 7PM GMT to find out what you need to know to maintain your reputation as a good and lazy administrator in today's virtualized environments!

Sign up for this informative live event.

WindowsNetworking.com Webinar: How to Recover Exchange and SharePoint in Seconds

Microsoft's Hyper-V and VM protection are two of the hottest topics in the IT world. Join our webinar for an inside look on how together, Veeam and Microsoft can help to improve your Modern Data Protection Strategy.

Join Microsoft MVP Brien Posey and Chris Henley, Veeam Product Strategy Specialist for this complimentary, interactive webinar on Thursday, March 27th, 2014 at 2PM EDT / 7PM GMT to learn how to save precious recovery time and maintain your reputation as a good and lazy administrator! 

Sign up for this informative live event.

Register for Webcasts


Add your Webcast

PLANNING A WEBCAST you'd like to tell our subscribers about? Contact [email protected]

 

Tech Briefing

More on CMS and SharePoint

Here are some sources of news and reviews about content management systems:

And here are two SharePoint blogs you might want to follow:

Many SharePoint MVPs also have blogs that are worth following. For a list of SharePoint MVPs, see:
http://www.wservernews.com/go/1394793072988

 

Windows Server

Active Directory Federation Services How-To Video Series (TechNet Edge)
http://www.wservernews.com/go/1394793078285

Remote Desktop Services in Windows Server 2012/2012 R2 and Windows 8/8.1 (Part 1) (WindowsNetworking.com)
http://www.wservernews.com/go/1394793080988

Windows Server 2012 R2 Private Cloud Virtualization and Storage Poster and Mini-Posters (Microsoft Download Center)
http://www.wservernews.com/go/1394793083707

 

Windows client

Step-By-Step: Enabling Kiosk Mode in Windows 8.1 via Assigned Access (CanITPro)
http://www.wservernews.com/go/1394793092129

Windows 8.1 Quick Guide for Business (Microsoft Download Center)
http://www.wservernews.com/go/1394793094113

 

Security

Microsoft EMET v4 review & extensive tutorial (Dedoimedo)
http://www.wservernews.com/go/1394793104754

User and Group Accounts: What is in a Name? (WindowSecurity.com)
http://www.wservernews.com/go/1394793106692

CISO Perspectives (Microsoft Download Center)
http://www.wservernews.com/go/1394793109317

 

Windows Server News

Stop the insanity: Private cloud benefits for the enterprise

With so much vendor buzz surrounding the private cloud, it can be difficult to separate fact from fiction. Inside this exclusive resource, examine the real benefits of private cloud computing so you can objectively determine whether or not it’s right for your organization.
http://www.wservernews.com/go/1394793118489

Taking charge of user support with virtual desktop remote control

Troubleshooting your users’ computers can be a time-consuming task, but leveraging virtual desktop remote control technologies and tactics can streamline the process. Learn more about the benefits of this approach and realize the key steps to take to implement it in your IT environment.
http://www.wservernews.com/go/1394793122895

Preparing your checklist for a flawless hypervisor switch

Switching to a different hypervisor can enable you to improve functionality and lead to a better licensing model – but the transition can be a challenge. Access this exclusive resource to explore a critical checklist to follow to ensure a flawless hypervisor switch.
http://www.wservernews.com/go/1394793127270

Steering your career as a desktop admin in the mobility age

Being a desktop administrator in the mobile age is becoming increasingly challenging as demands for anytime, anywhere access to applications and data continue to escalate. Fortunately, there are ways to stay ahead of evolving desktop trends – find out key tips inside this exclusive guide.
http://www.wservernews.com/go/1394793132770

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]

Image

Ole Hemmingson And His Tractor - 'Lover Come Back to Me'

Ole Hemingson on guitar and a 1951 Deutz tractor as the rhythm section play the popular 1920's song 'Lover Come Back to Me.'
http://www.wservernews.com/go/1394793137364

Black Bear Climbs Across Rope To Get Food

A black bear climbs a tree and does an acrobatic rope stunt to get a snack.
http://www.wservernews.com/go/1394793141176

The Second-Largest Tree In The World - 3200 Years Old

3200 years old, 247 feet high - the equivalent of a skyscraper - the sequioia tree 'President' is currently the second largest in the world.
http://www.wservernews.com/go/1394793145254

Acrobatic Dance Duo - Stephan Choiniere And Tsvetelina Tabakova

World-class acrobatic dancers Stephan Choiniere and Tsvetelina Tabakova perform for the French TV Show 'The World's Greatest Cabaret.'
http://www.wservernews.com/go/1394793163051


WServerNews - Product of the Week

Hidden Problem with Migrations to SharePoint

Did you know that migrating to SharePoint will cause links that point to the migrated files to become broken? This is an often unknown and hidden problem that can result in costly disruptions for you and your users. LinkFixer Advanced automatically fixes the broken links!

Click now to download your FREE trial version!

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.