Vol. 17, #19 - May 7, 2012 - Issue #878

Barenaked Servers

  1. Editor's Corner
    • From the Mailbag
    • Mailbag Overflow
    • Barenaked Servers 
    • Tip of the Week
    • Recommended for Learning
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • Conferences, Expos and Other Events
    • Upcoming Microsoft Webcasts
    • VMware Webcasts 
    • Upcoming O'Reilly Webcasts
    • Cisco Events
    • Oracle Events
  4. Tech Briefing
    • IT Pro Secret Weapon
    • vSphere to Hyper-V Shuffle
    • Microsoft Private Cloud Guided Labs 
    • Office Web Apps Webinars
    • SkyDrive for Windows Desktop
    • WSUS on Windows Server 2012 
  5. Windows Server News
    • Sophisticated clouds call for sophisticated management services
    • How do you stop a VDI deployment in its tracks? Scale up!
    • VDI thin client options: How to choose the best thin clients
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Free IP Address Tracker from SolarWinds Makes Tracking Easy    

 

Free IP Address Tracker from SolarWinds Makes Tracking Easy

Download SolarWinds FREE desktop tool and get a unified view of your IP address space. IP Address Tracker shows you what IP addresses are in use and which aren?t. It also eliminates manual errors associated with Excel spreadsheets and ensures IP addresses are listed in the right place.

GET FREE TOOL>>>>

 

Editor's Corner

Save this newsletter so you can refer back to itand find helpful tips, tools and other resources that can help you when you face some planning decision, management task or troubleshooting headache!

From the Mailbag

Here's some feedback we received concerning the April 16, 2012 issue Backup Blues Redux which itself was a continuation of the earlier March 26, 2012 issue Backup Blues. Seems like preparing for possible disasters is a popular topic among our newsletter readers. I wonder why? Could it be we're infected with "disaster voyeurism" from watching too much TV?

Obligatory XKCD comic:
http://www.wservernews.com/go/1336040540571

A reader named Mickey who is President of an IT consulting firm had some additional thoughts on the issue of how long it can take to perform backups of large amounts of data:

Many of my clients have been dealing with this concept for the past couple of years, several have recently done something about it, either because their previous backup device failed (my opinion of Quantum's tech support has dropped significantly in the past two months dealing with getting a warranty replacement made properly) or because they finally exceeded the capacity of their previous device... Unlike many consultants I know, I am still a firm believer in tape backup as the best, most stable, long term backup solution. The difference these days is the dramatic decrease in the price of multi-magazine changer systems. Tandberg Data has a great LTO-4 based 8 slot changer (two 4 slot magazines, left and right), set up into two partitions of 3.2TB native/6.4TB compressed capacity. Set up using Symantec's Backup Exec to do a full system backup on Friday night (allowing for the weekend in case the backup goes past the 12 hour window) and then differential backups through the rest of the week gives me two weeks rotation using two magazines. The nightly differential backups take 3-4 hours max. Great option.

How popular is tape backup among our readers? Let us know at [email protected]

Another reader named Sam sent the following pearls of wisdom from his Windows 8 PC:

If you are not an expert on backup/recovery find someone who is. The architecture is the most important part of the strategy. You either make your investment at the beginning like getting a really good backup software, we like Symantec, a reliable backup hardware provider, we like Dell and HP and a good Cloud like Amazon or Microsoft or the best laid plans will fail. A new trend that we have noticed is data backup offered by the software manufacturer like Quickbooks, etc., and yes they use their own cloud but it works and after all is the recovery what is all about. At least one time a year or after large changes to your system, you need to do a disaster recovery test on your servers , workstations, laptops, pdas, etc. Just because it says "backup successful" it does not mean that the data is recoverable. Most data backup software does not offer granular control over the data that is backed up. We learned this long time ago and are surprised by the large amount of customers who after a RAID failure, tornado/fire/flood destroyed their office, stolen/lost laptop or PDA, that cannot recover their data. Regular testing is highly advisable if the data is extremely important like medical records, daily sales, accounting, production, etc. It takes a very long time to perform a full backup (longer if it has to be verified) hence an incremental is a more practical solution but again BEWARE, the devil is in the details. Cloud storage is a great place to back up your data for it is safe and much faster than most and very cost effective. Last, ALL hardware and software have a life cycle, do not exceed it. From a real state office: "It has been working fine since 2000, what is wrong" Answer: the tapes needed to be changed long time ago, nothing lasts forever.

Maury from the Netherlands recommended a backup product he uses:

I take care of several small companies that do not run servers as such, but simply use file sharing and network-mapped drives from one common desktop. If they were to lose all of their data, it would be curtains for these companies. I use Second Copy from Central Point. While this may not be suitable for extremely large amounts of data, it does have certain advantages. It's easy to program, extremely reliable, and very inexpensive. In the desktop used for data storage all of the data files are on a second hard disk. So if the Windows 7 installation ever goes bad, I can still get to the data. Secondly, we use Second Copy to make daily backups of this data disk to an external USB drive which can then also be taken off location if desired (for various reasons I'm not worried about theft at either location). Second Copy may be simple and basic, but for small companies it is still an outstanding product.

Here's a link to Centered Systems where you can purchase Second Copy:
http://www.wservernews.com/go/1336040580008

A reader named David recommends a product he uses for dealing with the issue of growing PST files:

You might like to tell Alain in SA that one option for his growing PST files is to use archiving but then add Nelson Email Organizer in front of them. NEO gives you a complete view of the data regardless of which file it is in. I've used it for several years and find it to be much better than older versions of MS Outlook. Can't really compare with the later versions as I continue to use NEO regardless of which version of MS Outlook I am using.

Here's a link to Caelo Software where you can purchase NEO:
http://www.wservernews.com/go/1336040593693

Ray, who calls himself a "WHS convert", had some good things to say about using Windows Home Server as a backup solution:

Why do it the hard way? We have been using Microsoft's 2011 Windows Home Server for Backup, remote access, and shared server storage. Best for non-domain systems, small workgroups (<10 workstations) are masterfully served in an incredibly efficient and reliable way. "DeDup" storage enables complete backups of a homogenous population of PC's, stored once, in a Tiny space. Bloody marvelous really. I don't know why this $54 license for Server 2008 R2 with 10 Cals hasn't attracted more attention. I can tell you one thing, for sure, using WHS puts the entire subject of Backup and Security in the "Boring" category, for a busy group of Users. Job done.

Shawn shares a story of how an IT person (himself) backs up his own personal collection:

I am an IT representative and I wanted a solution that was very flexible, resilient and priced well. On my machine, a windows 2003 server, which has the largest set of data, I keep my data on a RAID 5, and then Robocopy each night to backup drive in the same server. That gives me 2 copies of my data locally.

Also in my house are 2 laptops that are used by my family. I wanted an offsite backup that could run client and server OS, be not capped by price, and offer my security that my offsite backups could not be accessed without my knowledge. For that I chose CrashPlan. It runs on Windows XP, Vista, 7, and Windows 2003/2008. Also for the home plan it is $12 / month with no node or size limit. Finally I have the ability to choose my own encryption key for the data.

I set up all of my machines to backup with the same key, because I don't need to keep my data secret from each node, but secure my data from everyone else. It works great and since CrashPlan runs as a service, once you configure it, it just backs up everything you have chosen, whenever the machine is on. No client that needs to be running.

Here's a link to CrashPlan:
http://www.wservernews.com/go/1336040609127

Finally, Steven, a Technical Analyst at a university, shared a way you can deal with the issue of needing admin privileges to configure the Windows Backup feature on computers running Windows Vista or Windows 7:

To get around the whole UAC prompt conundrum, you can create a scheduled task that runs as a local administrator account. Where it is running as a different user it will run in the background and suppress any UAC prompts. You can specify for the task to run only when specific criteria are met; e.g. when a specific user logs on and a specific network connection is available. May not work for all instances, but will allow you to use the built in windows backup utility with non-admin accounts and suppressing any UAC prompts.

When I asked him how you could create such a scheduled task if you don't have local admin access to the workstations, he replied:

You can use Group Policy to schedule the task; Computer Configuration / Preferences / Control Panel Settings / Scheduled Tasks. These settings are only accessible under Server 2008 and 2008 R2; 2003 on back don't have them. The batch script needing to be executed would either have to be copied locally or executed from a UNC path or network drive you knew was mapped. So, it definitely isn't going to meet all needs, but may work for some instances.

Finally, be sure to check out my article Restoring Windows Server to Bare Metal which demonstrates how to restore a backed-up Windows Server 2008 R2 installation to a bare metal system that has no operating system installed on it:
http://www.wservernews.com/go/1336040627076

Mailbag Overflow

Just a reminder that sometimes we get so much great feedback from readers that we're sad we can't include all of it in our Mailbag column. So to address this issue, I've started a new series of articles on WindowsNetworking.com called Trench Tales that shares some of this additional feedback and tries to draw some practical lessons from it that we can all learn from.

Trench Tales #1 is a follow up to the January 9, 2012 issue Hardware Hell and can be found here:
http://www.wservernews.com/go/1336040641037

Trench Tales #2 is a follow up to the January 23, 2012 issue Lengthy Logons and can be found here:
http://www.wservernews.com/go/1336040653512

Barenaked Servers

That's my provocative moniker for Windows servers that provide the services you need and no more. Examples of barenaked servers include Windows Server Core installations and Read-Only Domain Controllers. Let's talk about these for a moment.

Server Core

Server Core is an installation option available in Windows Server 2008 and later that gives you a server with fewer installable roles and features and no GUI. The lack of a GUI means if you log on locally to a Server Core installation you have to manage it from the command line or by running scripts. Remote management of Server Core however supports all the usual tools including MMC consoles, Remote Desktop connection, Group Policy and scripts.

What are the advantages of Server Core compared with a Full installation of Windows Server? The main one is probably reduced servicing since fewer components means less to patch. Fewer components also means less that can be attacked and maybe less that can go wrong as well, so increased security and stability are two other possible benefits.

Server Core also has a smaller memory and disk footprint than a full Windows Server installation. That could be an advantage in a datacenter for example if you need to deploy hundreds or thousands of Windows servers. You might also extend the usable life of older system hardware that can run Server Core better than a full installation, but you might be treading on risky ground there and maybe you should just recycle the old hardware before it breaks down on you causing problems.

What might you use Server Core for? Dedicated infrastructure servers like DHCP servers and DNS servers make good candidates. Another possibility might be branch offices that have less physical security and no onsite IT staff. Domain controllers are sometimes good candidates too as we'll discuss in a moment.

Have any readers of this newsletter deployed Server Core in their production environments? If so, what's your take on its value? I'm curious because I have some ambivalence about the supposed benefits of Server Core. For example, Server Core apparently needs only about half the number of software updates that a full Windows Server installation needs. On the face of it, it sounds therefore like patch management of Server Core machines is only half the work as patching full installations. But is that really the case? If half your servers need all the patches, and half your servers only need half the patches, maybe that means you've now got double the work because you've got two different patching processes you have to follow, one for your full installations and one for your Server Core machines. By process I mean of course the full procedure of identifying and downloading necessary updates, testing and evaluating them appropriately, and distributing them to the machines that need them. I don't mean just turning on Windows Update and having a coffee.

Just thinking out loud here. Anyways, email me at [email protected] if you've used Server Core in your environment and let me know what you think of it.

Here are a couple of resources about Server Core in Windows Server 2008 R2.

For information about Server Core in Windows Server 2012, see this:
http://www.wservernews.com/go/1336040719800

Read-Only Domain Controllers

Read-Only Domain Controllers (RODCs) is a domain controller running Windows Server 2008 or later that contains a read-only partition of the Active Directory database. RODCs update their database by replicating with standard, writable domain controllers, but the replication only goes one way: from writable DCs to RODCs. Users and computers can authenticate against RODCs and credentials can be cached on them.

The combination of RODC and Server Core can be a winner for small branch offices. That's because branch offices typically have less physical security than the corporate head office, and if you don't want BO users to have to authenticate over the WAN then you need domain controllers at all your branch offices. But if someone got their hands on a writeable domain controller at one of your branch offices then the security of your entire IT infrastructure may be compromised. That's something you can't afford to let happen. Hence deploying RODCs on Server Core installations at BOs is a good idea.

Do any of you readers have RODCs deployed at your organization's branch offices? Let me know at [email protected] along with some details concerning why and how you did this. I'm interested, and I'm sure other readers are as well.

Here are a couple of resources about RODCs in Windows Server 2008 R2.

Tip of the Week

If you need to administer a RODC, do it remotely. Don't log on locally to a RODC with your domain admin account or you'll compromise it's security. Instead, if you MUST log on locally to a RODC, create and use a temporary domain user account for that purpose and add this user to whatever security group you have delegated authority for administering RODCs. Delegation of RODC installation and administration is assigned to a group or user when you run the Active Directory Installation Wizard to promote a server to a RODC, but you can also specify a group or user for delegation afterwards by opening the properties of the computer account for the RODC and selecting the Managed By tab. Then once you've finished performing whatever admin tasks you logged on locally to the RODC to perform, you should delete the temporary user account for security reasons. More here:
http://www.wservernews.com/go/1336040791207

Recommended for Learning

Some fun books I've been reading:

What Would Steve Jobs Do? (McGraw-Hill) is a business book with a techie slant to it. Steve had a way with words, and the book is peppered with sayings like "Real artists ship" that are really catchy (what did he mean by that?) I'm not sure what I'll learn from reading this book but if you want to learn about success in business it can't hurt if you read about a guy who built a company that currently has the biggest market capitalization of any tech company in the world.
http://www.wservernews.com/go/1336040804797

Programming Your Home (Pragmatic Bookshelf) is a very nerdy book about how you can build and program microcontrollers for doing fun things like having your sump pump email you when your basement is in danger of flooding, controlling your living room lights from the web, unlocking your front door with your smartphone, and more. Given that the clock light on my microwave oven is still flashing 88:88 all the time, I'm probably not the target audience for this book. But some of the more adventurous readers of this newsletter who are bored with work and have time on their hands might have fun building some of the projects the book explains how to implement.
http://www.wservernews.com/go/1336040817543

Quote of the Week

"I have come to realize that how happy and fulfilled you are is largely under your control, and that it has less to do with success and accomplishments than you might think... The truth is, your fulfillment largely depends on the choices you make how you see the world, what you allow to influence you, what you focus on, and how you react to circumstances, regardless of whether they're good or bad." --Todd Patkin, author of "Finding Happiness: One Man's Quest to Beat Depression and Anxiety and--Finally--Let the Sunshine In" as interviewed in Exercise & Health magazine.

Todd's right on the mark here. There are some things in life you can control and others you can't, and the road to happiness lies largely in focusing on the things you can control and not getting upset about things you can't control. And one of the things you can control is how you react to events that happen in your life. You may feel like you're being buffeted by bad things that happen but you don't need to let yourself feel that way. You can't always control what happens in your life or job or relationships, but you can control how much you let things that happen influence you.

Here's a link to Todd's book:
http://www.wservernews.com/go/1336042002341

Save this newsletter so you can refer back to it later for tips, tools and other resources you might need to do your job or troubleshoot some problem you're dealing with.

Forward this newsletter to a friend or colleague who might find the tips and tools in it helpful for performing their job.

Send us feedback if you have questions, comments or suggestions concerning anything in this newsletter: [email protected]

Cheers!
Mitch Tulloch

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Download a free, fully functioning 30-day trial of Virtualization Manager from SolarWinds and take control of your virtualized environment.
http://www.wservernews.com/go/1336045532159

Free StealthTOOLS solve the SharePoint versioning dilemma and powerful Regex Engine for DLP.
http://www.wservernews.com/go/1336045544253

mPowerTools - an AD Admin essential. 200+ reports, bulk import/export, scheduling, GPO/File Share Reports. Eliminate scripting. Only $1499.
http://www.wservernews.com/go/1336045499490

Automate your backups using Second Copy from Centered Systems:
http://www.wservernews.com/go/1336042061333

Take control of your inbox with NEO from Caelo Software:
http://www.wservernews.com/go/1336042072811

Onsite, offsite and cloud backup for your personal or business data with CrashPlan:
http://www.wservernews.com/go/1336042083494

 

Webinars & Seminars

Conferences, Expos and Other Events

June 11-14, 2012 - Microsoft TechEd North America 2012 in Orlando, USA:
http://www.wservernews.com/go/1336042529227

June 26-29, 2012 - Microsoft TechEd Europe 2012 in Amsterdam, Netherlands:
http://www.wservernews.com/go/1336042558240

July 8-12, 2012 - Microsoft Worldwide Partner Conference in Toronto, Canada:
http://www.wservernews.com/go/1336042569234

August 27-30, 2012 - VMworld 2012 in San Francisco, USA: 
http://www.wservernews.com/go/1336042581348

October 9-11, 2012 - VMworld 2012 in Barcelona, Spain:
http://www.wservernews.com/go/1336042592627

Nov 12-15, 2012 - Microsoft SharePoint Conference 2012 in Las Vegas, USA.
http://www.wservernews.com/go/1336042605695

Upcoming Microsoft Events and Webcasts

Sign up for these and other Microsoft events and webcasts at:
http://www.wservernews.com/go/1336042618478

VMware Webcasts

Sign up for these and other VMware webcasts at:
http://www.wservernews.com/go/1336042644778

Upcoming O'Reilly Webcasts

Sign up for these and other O'Reilly webcasts at:
http://www.wservernews.com/go/1336042667707

Cisco Events

Browse the Cisco Corporate Events Calendar to find Cisco at events, trade shows and conferences around the world:
http://www.wservernews.com/go/1336042680299

Oracle Events

Browse the Oracle Events page to find in-person events and live webcasts for your location:
http://www.wservernews.com/go/1336042692399


Would you like to list your IT event, webcast, or seminar in this section? Contact Michael Vella, the WSN Account Manager at [email protected]

 

Tech Briefing

IT Pro Secret Weapon

You don't need a GUI on Windows Server 8 because everything you can do in the GUI you can also do in PowerShell. See the video:
http://www.wservernews.com/go/1336042935991

vSphere to Hyper-V Shuffle

Bryan Semple of VKernel talkes about moving virtualized workloads between different hypervisors:
http://www.wservernews.com/go/1336042962194

Microsoft Private Cloud Guided Labs

Get hands-on experience with Microsoft's private cloud solution built on System Center 2012 and Windows Server 2012 R2 SP1 with these 14 guided labs that run within your browser window:
http://www.wservernews.com/go/1336042974190

Office Web Apps Webinars

Learn how to shares documents, embed presentations, and do other cool stuff using Office Web Apps and SkyDrive in these recorded webinars:
http://www.wservernews.com/go/1336042985315

SkyDrive for Windows Desktop

The Irish IT Pro tells us we can now browse and work with SkyDrive files and folders directly from Windows Explorer using the new SkyDrive preview app:
http://www.wservernews.com/go/1336042997152

WSUS on Windows Server 2012

You can install and manage Windows Server Update Services using PowerShell on Windows Server 2012:
http://www.wservernews.com/go/1336043009583

 

Windows Server News

Sophisticated clouds call for sophisticated management services

As your cloud management needs become more complex, don't rely on manual methods. Access this expert tip to learn how a management service can maintain performance levels and cut costs.
http://www.wservernews.com/go/1336043179101

How do you stop a VDI deployment in its tracks? Scale up!

When a VDI deployment doesn't get past the pilot stage, scalability is often the culprit. A small VDI project is a completely different animal than a large one.
http://www.wservernews.com/go/1336043205826

VDI thin client options: How to choose the best thin clients

Check out this popular article for key considerations for assessing VDI thin client options, including management style, deployment options and display protocol support. You want the best thin clients to fit your environment.
http://www.wservernews.com/go/1336043219670

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

Sci-fi author Arthur C. Clarke predicted in this 1974 TV interview that in 2001, regular people would have personal computers and be connected all over the world:
http://www.wservernews.com/go/1336043239921

The amazing NUIverse astronomy application by Dr. David Brown puts the cosmos at your fingertips like never before.
http://www.wservernews.com/go/1336043252487

Awesome compilation of 183 different viral video clips in 4 minutes. Watch in Full Screen and HD:
http://www.wservernews.com/go/1336043265153

Amazing 17-year-old R/C pilot flying at the World's largest annual R/C event: 
http://www.wservernews.com/go/1336043276602

The PAL-V 'Personal Air and Land Vehicle' is a two seat hybrid car and gyroplane. Now you can leave home and fly-drive to almost any destination!
http://www.wservernews.com/go/1336043287663

Rita Hayworth and her co-stars are dancing to "Stayin' Alive" in this brilliantly edited compilation from her most popular movies:
http://www.wservernews.com/go/1336043299726

 

WServerNews - Product of the Week

Free IP Address Tracker from SolarWinds Makes Tracking Easy

Download SolarWinds FREE desktop tool and get a unified view of your IP address space. IP Address Tracker shows you what IP addresses are in use and which aren?t. It also eliminates manual errors associated with Excel spreadsheets and ensures IP addresses are listed in the right place.

GET FREE TOOL>>>>

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.