Vol. 23, #38 - September 24, 2018 - Issue #1200
WServerNews Spotlight: When migrating to the cloud goes wrong
- Editor's Corner
- Cloud migration risks
- Identifying the root cause
- Tip of the Week
- Are My RDP Connections Really Secured by a Certificate?
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Ask Our Readers - Dealing with bloatware (new question)
- Ask Our Readers - Small SSDs and Windows/Office (new question)
- Ask Our Readers - Why are brute force crackers still used? (a response)
- Book Corner
- Want to review some books for us?
- The return of Maxwell's Demon
- Conference calendar
- North America
- New on Techgenix.com
- Hidden cloud computing costs: Catch them before they catch you
- 10 most lucrative and coveted positions in Big Data
- The Xtreme Minute: Change is everywhere (but not from a $20 bill)
- Here's why edge computing will change IT forever
- Have Microsoft patches reached a painful tipping point?
- Fun videos from Flixxy
- Mountain Biker David Godziek Lands The First Quadruple Tail Whip
- Filipino Inventor Builds Flying Car To Beat Traffic
- Indoor Aerobatics R/C World Champion Donatas Pauzuolis
- Fake News On The Weather Channel
- More articles of interest
- Apple WWDC 2018: Here are the new iOS 12 MDM features
- How can IT turn off Windows 10 automatic updates?
- RDmi is a milestone for the future of RDS. Here's how it works
- Hybrid cloud adoption trends and strategies explained
- Need help from the IT pro community?
- Send us your feedback
- WServerNews - Product of the Week
- Free Tool for Monitoring Exchange Server Status & Performance
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to [email protected] if you have any comments or suggestions!
This week's newsletter focuses on the risks that are sometimes associated with migrating your business to the cloud. We also have several new Ask Our Readers questions that we're hoping some of our readers will be able to help out with. And we're still looking for readers who are interested in reviewing new tech books for the Book Corner section of our newsletter. So if you'd like to help us out or have any questions or other comments on this issue just email us at [email protected]
Thanks! And P.S. when you have a few free moments please tell your friends and colleagues about WServerNews! We want to get the word out to more who work in the IT profession about our long-running newsletter (now 21 years and counting!) and also about our TechGenix website that reaches millions of IT pros around the world and empowers them with the answers and tools that are needed to set up, configure, maintain and enhance their networks. So please help us by spreading the word -- thanks!
Cloud migration risks
Now as many of us who work in IT are keenly aware from our past experiences, migrating on-prem infrastructures, workloads and applications to the cloud isn't always as simple as ABC. Our own Sukesh Mudrakola here at TechGenix has highlighted some of the issues you need to think thru before starting your migration in the following article recently published on our website:
Cloud data migration: Common issues and problems you must avoid
One of our longtime newsletter readers Martin Urwaleck the Head Of Desktop, Shop & International IT for Tchibo GmbH in Hamburg, Germany also recently shared with me some of the problems he and his team experienced as they implemented their pilot of migrating Office 365 to the cloud. I shared Martin's story and how his team resolved the issues they faced in the following article:Air turbulence when piloting Office 365 to the cloud
Another IT professional called Bob (not his real name) also shared a cloud migration story with me recently which I've excerpted below from our website to give us some food for thought for this week's newsletter. Bob works for a company that provides IT support and managed services for small- and midsized businesses in the southern USA, and one day risk became reality when Bob was migrating his client's email system to Office 365. Bob's client initially had their email hosted on their provider's servers. For reasons that were not 100 percent clear, the client wanted to migrate away from this as quickly as possible. So on Thursday afternoon, Bob was told that the cloud migration had to be completed before the weekend arrived. This meant that 28 mailboxes and four domains all had to be moved without the current provider realizing anything was happening.After a bit of discussion, the customer and Bob decided that Office 365 would be a better solution than migrating to the in-house mail service hosted by the company Bob worked for. The reason for this decision was that Office 365 seemed to offer better reliability, larger mailboxes, and, should the client later decide they needed to move to have Bob's company provide support for their IT needs, better portability. In particular, the administrator of managed services at Bob's company felt that their mail servers would have been busting at the seams had they suddenly added such very large mailboxes as this client said they required. So on Thursday afternoon Bob's company prepped O365 tenancy for the client, created the necessary accounts, and assigned permissions and email addresses. Friday was then spent double-checking everything, and a cutover to the new mail system was done at the close of business that day. By Saturday morning everything had been uploaded and seemed to be working well. Workstations had been reconfigured, all their data was available, and not a single message appeared to have been lost. It was a very clean cutover -- or so it seemed.
Then something unexpected popped up: The realization arose that the client also had a line of business (LoB) application that needed to send emails. Unfortunately, this requirement had not been brought to Bob's attention prior to the cutoff. Well, this is what happens when you don't get enough time to plan everything out properly. So a connector was hastily configured for their Office 365 environment and once again all seemed to be well.
Then Sunday morning Bob got a call from the client that their emails were bouncing with an NDR indicating "thresholds exceeded." A quick call to Microsoft Support confirmed that the connector has a limit of 1,000 messages per hour and, according to their systems, that limit was being exceeded. This didn't match what the LoB app was reporting, but Microsoft Support insisted it was correct. The working theory they had was that the import of messages as part of the cloud migration process may have triggered the connector. The solution was to turn all thresholds off for seven days. This would then be reset, and within the hour all messages would be sent again.
Except it didn't work. From that moment on, despite dozens of calls to Microsoft, the customer was never able to send another email externally through Office 365! They were told that the thresholds for the connector had been reset 11 times, but the LoB app kept on busting it. Over the next three days, the app actually attempted to send 468 messages in total while the entire company only attempted to send some 3,000 messages according to the Office 365 reporting feature. This was nowhere near any of the thresholds, so clearly the problem was something happening on the Microsoft side of things. As a precaution, on Monday morning they took out the connector and reconfigured the LoB app to use one of the servers at Bob's company as a mail relay. But it didn't work: excess usage was still being reported on the connector. For three days the only response they got from Microsoft Support was the issue had been logged and was being escalated. They were promised again and again for three days that it would be "working within the hour." At no time, however, was Bob able to talk to anyone on the escalation team; he could only get hold of the entry helpdesk. He even received a call at 3 a.m. on Wednesday telling him the problem had been fixed -- but it hadn't.On Tuesday afternoon, Bob migrated the customer once again to the hosted mail system at Bob's company. This enabled the customer to have their mail fully up and running before they opened for business on Wednesday morning. Wednesday was then spent importing messages once again and sorting out other minor issues. This seemed strange to both Bob and me because, after all, even if you did have a user or connector that's exceeding the threshold, should that disable the ability to send for the entire company? Finally, on Wednesday afternoon a so-called "Office 365 Ambassador" emailed Bob apologizing for the frustration his customer had been experiencing. The apology, however, included the following words: "I do think in your case, however, that there seems to have been a regional service health incident that may have been going on since yours is not the only case I have had with this issue. And it seems our backend team got a bit swamped trying to work all the issues as they came in."
Identifying the root causeBob's story and the other two articles I've referenced above suggest that there may be several factors influencing the degree of risk a business faces when migrating to the cloud. Bad planning and unrealistic expectations are certainly two factors that can exacerbate your risk of performing a successful migration. Some degree of flexibility is also often necessary in being able to evaluate which aspects of a migration are likely to succeed or fail to meet your organization's needs. I wonder however if the real root cause of most cloud migration failures is the half-baked "agile" approach that cloud service providers frequently adopt today whereby they release new features that are still buggy and/or poorly documented with the result that the migration steps needed are unclear and the results of your migration are not what you expected.
What do you readers think about all this? Has your cloud migration experience been smooth or has it been a frustration? What tips can you offer other IT pros who've been tasked with migrating their organization's IT resources/services to the cloud? Email your comments and suggestions to us at [email protected] so other IT pros can benefit from your own expertise and experience.
Got any IT pro tips you'd like to share with other readers of our newsletter? Email us at [email protected]
Are My RDP Connections Really Secured by a Certificate?
This tip from Brandon Wilson on the Ask PFE blog helps clear up some confusion you may have concerning what the little lock icon really means on a Remote Desktop connection:
Admin Tools We Think You Shouldn't Be Without
GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]
Altaro VM Backup removes the complexities of backing up Hyper-V & VMware. Easy to use, sets up within just 15 mins & comes with the best deduplication in the industry! Download your FOREVER FREE copy!
RML can analyze profiler traces or replay the trace file against another instance of SQL Server:
Sysinternals Whois, a command-line utility that reports domain registration information for the specified domain, now works with new whois registry server redirects:
LogLauncher brings ConfigMgr related and other logs together, in one view:
Anya from Tennessee emailed us the following question:
Hi! I've recently been asked to take on doing part-time IT for the small business where I work in administration. We recently decided to hire new staff and I'm going to need to buy a few new desktops and laptops from them from our local Office Depot. I have a question about bloatware (crapware?) that maybe some of your readers can help me out with please. When you buy a new computer for your business is it really important to remove any preinstalled software you don't need before you give the computer to an employee for doing work? What kind of bloatware should be removed and which is OK to leave on the computer?? What's the best way to find and remove bloatware from a computer? Is there a tool available for doing this?? Or is all this a non-issue waste of time? Please help, I'm proficient in using Windows but not much else! Thanks!
Can any readers offer Anya some advice on this matter? Email us at [email protected]
This question comes to us from Robert who works in IT for a company in Toronto, Canada:
What's the minimum disk size needed for a laptop with SSD that has Windows 10 and Office 2016 installed? Reason I ask is because we have two Lenovos with 128 gb drives that came with Office 2016 preinstalled and we're having trouble updating them because of low disk space. My boss wants to buy more of these machines because they're a cheap but IME upgrading/upgrading them is a nightmare even when I try to follow this support article:
What do other WServerNews subscribers do and recommend on this matter? Thanks.
Send us your suggestions for Robert by emailing us at [email protected] as I'm sure many of you have experienced similar problems.
Two weeks ago a reader named Michael sent us this question for those of our readers who work in the cybersecurity field:
Something that I do not understand, why brute force password crackers are still a thing. All that a website needs to do is institute a small time out between unsuccessful logins. As an example, for the first 5 login attempts, there is a 15 second delay between each attempt. After that, for the next five attempts, a 30 second delay between each attempt. You don't need to lock down the account, just keep increasing the time out delay until one is waiting a couple of minutes or more between each attempt. This gives the true owner of the account time to figure out what was miss typed, support does not need to use time to unlock accounts, and people with nefarious intentions will give up because the wait time just keeps getting longer and longer between single attempts at guessing a password. Maybe I'm naive, but perhaps some one in the security field would know why this time out strategy is not used.
A reader named Jeffrey responded to Michael's question as follows:
I have several responses to the question of password crackers:
- Michael is correct if he is only worried about casual attackers. But the toolkits out there are adaptive to such controls, and can throttle their attacks to work around those time delays, often by connecting from multiple sources that make it appear each one is a separate client making a different request.
- If the site's password hash store is compromised, then an attacker can identify passwords without fear of any such application controls.
- Once one site's password hash is cracked, the attackers can attempt to access other sites for password reuse using the recovered passwords that were brute-forced.
Here is a fascinating article about how Tesla keyfobs were hacked using a brute force attack:
>> Have you written and/or published a book you'd like us to review? Send us a free copy and we'll review it in an upcoming issue of WServerNews! For more info contact us at [email protected]
Want to review some books for us?
Your Editor has been too busy recently to find time to read the pile of new IT/dev books on his bookshelf, so as I mentioned at the start of this issue we're seeking help from any readers who might be willing to review books for this section of our newsletter. If you're interested please tell us a bit about your background and expertise and the subject areas for which you'd be interested in reviewing books. Email me at [email protected]
Last week's factoid and question was this:
Fact: New study reveals that mice hate cheese.
Question: If mice hate cheese then what do mice love to eat?
We received a veritable avalanche of cheesy responses to this one, perhaps because many of our readers have mice problems in their home or office? Anyways, here is a short sampling of what our readers have to say on this topic:
Best bait I have used is peanut butter. Works great in regular traps and the five gallon pail trap as shown in this YouTube video
Instead of water in the bottom of the bucket use RV antifreeze. It works just as well to drown them and if the trap is in an unheated space it does not freeze. --Tim
I use peanut butter with great success … Unfortunately there are too many of the little creatures about. --Pat from Wisconsin, USA
Mitch, I have used peanut butter with good success. It has some sugar content (which the newspaper article suggests is good), enough odor for the critters to find it, and it sticks nicely to the bait pedal. --Jim who works in printed circuit board design for a company in Maryland, USA
Mitch. First time responder to one of your polls, but have enjoyed the newsletter for many years. Thanks for sharing the knowledge. Mice in my part of the world, Southwest part of Virginia USA, love Peter Pan creamy peanut butter. --Glen
Peanut butter! [numerous readers]
I use peanut butter or melted cheese on mouse traps. I first get some butcher string and tie it tightly to the trip so it has up to 1 cm tails that can be fluffed out, then spread the melted cheese or peanut butter on it. Melted cheese sticks nicely and I have had the same trap and cheese catch mice over a period of a year without refreshing it. The string tangles their teeth and makes it more likely to keep them from jumping back. The butcher twine is cotton string and the oils and flavour stay for a long time. Another trick is to make an 8 " folded rectangular tunnel out of 8 1/2" x 11" paper, cereal box board or cardboard making sure it is tall enough for the loop to pass under the top. Slide the trap in it halfway and place it beside the wall or furniture the mice run along. You can also make a longer cardboard tunnel with the centre of the floor cut out the size of the trap and tape the center back in as one end as a hinged flap. then tape the trap to the flap. When you catch a mouse you can pick up the trap, hold it over a trash can and tap it to drop the flap, and then release the bail of the trap with a screwdriver or finger to drop the mouse in the trash. then just reset the bail and put the flap back up and replace the tunnel for the next visitor. These tunnels work without bait of any kind since mice and rats like tunnels to hide. --Bruce
We always found that peanut butter (smooth) was the best bait for trapping mice because it required them to lick it and they could not simply pull it off. Or Bacon (who doesn't love bacon :) --Wayne from Western Australia
[EDITOR'S NOTE: Ah, bacon. But why would I want to give a pesky mouse such a treat? Maybe because he deserves a good last meal?]
Hi Mitch, to my knowledge the bait depends on what mice you want to catch – field mice or house mice. You use cheese or bacon – however, I don't remember which bait attracts which mice.
[EDITOR'S NOTE: Interesting point! I wonder if the referenced study in last week's Factoid evaluated "cheese-like-to-eatedness" for different species of mice? There may be a good PhD thesis study here for someone to take on…lol]
Now let's move on to this week's factoid:
Fact: Physicists recently found a way to implement a version of Maxwell's famous thought experiment for reducing entropy.
Question: I'm not sure I really agree with what the scientists (or perhaps just the author of the article) is claiming here. But assuming that it might be possible to construct a device that could reduce the entropy of a system, and that you could buy such a device from Amazon, what would be the first thing you would do with it once it arrived on your doorstep?
Email your answer to [email protected]
>> Got an IT conference happening in North America that you'd like to promote in our newsletter? Email us at [email protected]
Microsoft Ignite -- September 24-28, 2018 in Orlando, Florida USA
IoT Security Summit -- Oct 15-18 in Dallas, Texas
IT/Dev Connections -- Oct 15-18 in Dallas, Texas USA
>> Got an IT conference happening in North America that you'd like to promote in our newsletter? Email us at [email protected]
Gartner Catalyst Conference -- Sept 26-27 in London, England
VMworld Europe -- Nov 5-8 in Barcelona, Spain
Cybersecurity Leadership Summit -- Nov 12-14 in Berlin, Germany
European SharePoint, Office 365 & Azure Conference -- Nov 26-29 in Copenhagen, Denmark
>> Got an IT conference happening in Australia or Asia that you'd like to promote in our newsletter? Email us at [email protected]
No conferences listed at present.
Hidden cloud computing costs: Catch them before they catch you
Unless you are aware of all the possible hidden cloud computing costs, you may get an unwelcome surprise when you open your monthly bill.
10 most lucrative and coveted positions in Big Data
Big Data means big money if you have the skills to snag a job in this growing domain. Here are 10 of the most coveted Big Data jobs.
In this week's Xtreme Minute, we discuss hidden cloud charges, business-friendly features of Android 9 Pie, and digital wallets.
Here's why edge computing will change IT forever
Edge computing is still in its infancy, but it will be a giant when it grows up. Here's why this technology will change everything about IT -- and the world.
Have Microsoft patches reached a painful tipping point?
The pain of keeping up with the sheer number Microsoft patches has become unbearable for many admins. Something has to change, and soon.
Mountain Biker David Godziek Lands The First Quadruple Tail Whip
Filipino Inventor Builds Flying Car To Beat Traffic
Inventor Kyxz Mendoza from Quezon City, Philippines, built his own 'flying sports car' after getting fed up with traffic jams:
Indoor Aerobatics R/C World Champion Donatas Pauzuolis
Incredible flying and choreography by indoor aerobatics R/C world champion Donatas Pauzuolis. His plane even takes off backwards!
Fake News On The Weather Channel
Weather Channel reporter acts like hurricane Florence is about to blow him over... while two guys casually stroll by in the background:
Apple WWDC 2018: Here are the new iOS 12 MDM features
Check out some highlights from the 2018 Apple Worldwide Conference.
How can IT turn off Windows 10 automatic updates?
In some cases, IT pros should disable Windows 10 updates to gain control over the process. They can use methods such as editing group policies and setting a metered connection. Get the full details here.
RDmi is a milestone for the future of RDS. Here's how it works
RDmi remains in private Technical Preview, but it's already an exciting milestone with huge potential. Find out more here.
Hybrid cloud adoption trends and strategies explained
Hybrid cloud deployments are gaining traction because they enable private cloud security and public cloud flexibility, and orchestration between the two cloud models has improved. Check out what your peers have chosen as the top deployment models for 2018.
WServerNews goes out each week to more than 500,000 IT pro subscribers worldwide! That's a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? Ask Our Readers by emailing your problems and/or questions to us at [email protected]
>> Got feedback about anything in this issue of WServerNews? Email us at [email protected]
Free Tool for Monitoring Exchange Server Status & Performance
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7www.mtit.com.Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.