Archive for the 'Technology' Category

Windows Server 2012 Essentials R2 Experiences

boxartMany businesses today have a mix of technologies, often with business applications, file and print services running in the office, and email and web running on ‘cloud’ services. Remote and mobile workers often struggle to access company resources and information back at the office, and if faced with the complexity of dialling up to connect via a VPN, will often just not bother and keep valuable company data locally on PCs or iPads.

Windows Server Essentials is the replacement for Small Business Server, and is intended to make management of corporate info easy, integrate cloud services and make access simple for mobile devices.

It brings some technical compromises though, this blog is intended as an intro to some of my experiences looking at Essentials for my home lab, before we consider deploying at work. Essentials is not for everyone, it’s limited to 100 users and 200 devices.

My home lab is probably more complex than many home users, with a couple of Macs, iPhones and iPads, Windows Phones, and a mix of Windows 7 & 8 PCs and servers running Server 2008R2 and 20012/R2 with Hyper-V and Windows Home Server 2011. Never mind the games consoles and internet connected TVs.

I run a local domain for user management, with 2 local domain controllers and one on Windows Azure, with some other test resources in the cloud.

Remote access has always been a pain, as I have 5 public IP addresses I have typically published resources I need directly, as VPN is a PITA. I have never got to DirectAccess as I’ve run into challenges with picking up on certificate services.

So there are a few things that Essentials could do

– integration with Azure & Office365 user management
– ease of mobile/remote access
– backup infrastructure (my clients are backed up on home server, but virtual servers just typically vhd copies)

Domain Setup

Essentials technet notes say that a single domain is required – that’s fine for me. However, not so clear is that a single domain controller is required to enable integration with Azure/365. That’s a pain, and the rationale is not clear – I have to demote my other 2 DC’s and will install Essentials as a role on my remaining DC.

Update – well that didn’t work ;-( Installing on the old DC results in a meaningless error (retry…) with no help. I created a new WS2012R2 vm and

– domain attached
– promote to DC
– demote ‘old’ DC
– install Essentials role

This worked cleanly – very nice.

Cloud Integration

Seems to ‘just work’ 😉

Prompted for a login to windows live, and the Azure integration sets up. On reboot, selected the Office365 option and that seems to connect too, very nice.

Sadly Azure backup is is broken (see http://blogs.technet.com/b/sbs/archive/2014/05/01/configuring-microsoft-azure-online-backup-on-windows-server-2012-r2-essentials.aspx) on datacenter sku’s – I will see if i can get it going on a physical install.

Server Backup

more later, parked until I have a nice disk array set up. However, it does seem that Azure backup is not working on Datacenter edition http://blogs.technet.com/b/sbs/archive/2014/05/01/configuring-microsoft-azure-online-backup-on-windows-server-2012-r2-essentials.aspx 

VPN

I have setup a ‘free’ Microsoft host.remotewebaccess.com domain address, as I haven’t looked at certificate issue. Remote access to the Essentials console is fine, but I cannot access VPN. A question for when more time is available. I tried the VPN yesterday and couldn’t get access, but having added a connected PC, checking the settings (SSTP), I could successfully connect from a remote (virtual) machine. All going well, next up…

DirectAccess

The holy grail of easy remote access, an invisible link to your domain from public internet, so rdp and fileserver access is painless. Just what is needed. It’s a bit of a faff to set up on Windows Server, but Essentials promises to make it easy. Instructions available here http://technet.microsoft.com/en-us/library/jj204618.aspx

A pleasant surprise, it just works too. All in all the Server Essentials test journey has been excellent (as smooth as the first Windows Home Server, its grandparent)

Next steps, to shut down and back up the test and reinstall on a live system, and see if that has any problems eg DirectAccess

 

iTunes Sync Server to Mac

Holidays are a good day to catch up on things you’ve been meaning to do fopr ages. I have all of my music on my Home Server (WHS), but iTunes is dog slow if I try to access the 100Gb of files directly and update anything. So I keep a copy of my music on my MacBook locally (it’s nice to have a backup too, even though it’s mirrored on WHS).

I decided to try out a folder sync app, Sykron, which is cross platform. In summary, it works very nicely and I’d recommend it, my WHS and Mac folders are now in sync, and I’ll probably set it up to automatically sync too, so that any music added to the server gets added to the Mac too, and any artwork/genre etc updates will get sync’d back to WHS.

However, to automatically add music to iTunes when it gets sync’d? For this, go to Doug’s AppleScripts for iTunes and add the folder update

Next problem, how to deal with moves and renames so they don’t duplicate…

ISA Server 2006 Web Reverse Proxy – challenges

I’ve been having a difficult time trying to set up my virtual machines to be accessible from the interweb. Although I have 5 IP addresses, I’d like to set up my sites as http://www.domain.com/sharepoint, http://www.domain.com/crm etc rather than sharepoint.domain.com, crm.domain.com.

I looked at Microsoft TMG (Threat Management Gateway) and balked at the complexity, as I remembered ISA Server being quite simple (wrong…). After an abortive attempt with ISA, I tried Squid, but although I could get the s.domain.com and c.domain.com I couldn’t get paths working

Today, I went back to ISA. I set up the site and rules fine, but kept getting an authetication error “isa server is configured to block http requests that require authentication”. It turns out the problem is that I don’t have a security certificate assigned. After some hunting, there is a Microsoft KB to fix it at http://support.microsoft.com/kb/924374

I still couldn’t get to my sites from the LAN (192.168.x.x) though; in this case, I had assigned 192.168.0.0-192.168.255.255 as the internal network range. However, this doesn’t define a default route for internal-internal, only internal-external. Simply selecting both the external and internal adaptors as valid adapters for the internal network fixed this.

Finally, I couldn’t get to my site from the outside world (tested on my iPad over 3G). It turns out that my BT external IP addresses were not showing up on the device list on the BT HGV2700 hub, so there was no external route to them. I had to enable DHCP on my external adaptor, and then assign the external IP to the device on the BT router.

Multi-Platform Video – is m4v the answer?

I’ve been working with home media for a very long time, and have a range of recording and playback devices, and settling on a common format to playback on all my devices has been a bugbear.

My recent conclusion has been that H264 mp4 (m4v on Apple) is the best compromise, as it plays nice with iPhone, iPad, PS3, Xbox360 and Media Center. Setting a default for iPad playback (704×576) is also a reasonable compromise of size and quality.

My primary recorded is a Windows7 Media Center machine with 2 x USB and 2 network tuners (HD HomeRun), which records wtv format (a bloated version of MPEG-2), and is automatically set up to compress to wmv and copy Recorded TV to my HP Windows Home Server.

To convert to m4v I have tried many apps, but settled on Handbrake because it

  • is cross platform, Windows, Mac and Linux
  • has a wide range of output presets
  • is free

The first trick is that Handbrake doesn’t accept wtv files, but Windows7 can convert the wtv to dvr-ms (the original media center format) with a right click, which Handbrake *does* accept.

Then drag the file into Handbrake, select the preset (iPad) and go. It’s not as quick as I’d like, I get around 40-50fps on my quad core 4Gb machine, with CPU at 97%, which means a file takes around 1/2 of its running time

I’d like to find out how to batch convert to dvr-ms and run Handbrake, but that’s for next time

SQL Install – No Mapping Between Account Names and Security IDs

Working on a test virtual install of SharePoint 2010, an interesting error on installing SQL 2008 R2, “No Mapping Between Account Names and Security IDs”. Turns out I was dumb in re-using a server image which hadn’t been sysprep’d with the generalise option. See http://macraem.wordpress.com/2010/02/25/no-mapping-between-account-names-and-security-ids-sql-server-install-and-sysprep-generalize/

Installing Windows Server 2008 in a Virtual Hard Disk (VHD)

One of the most useful features of Windows7/2008 is the ability to create a virtual hard disk as a bootable disk; in this way you can have multiple bootable operating systems (or configurations) without partitioning – this means that installations can be copied or backed up quickly and easily, and the virtual disks can be mounted and accessible on the other installs as required. This useful feature makes managing a multi-boot machine very easy.

The only downside that I have identified so far is that VHD installs can’t be hibernated, but that’s not an issue for a server o/s as far as I’m concerned.

See Windows IT Pro for instructions on how to create a VHD installation.

I’m installing VMware Server 2.0 on Server2008 for now, so that I can migrate my SharePoint 2010 VM’s to ESXi 4.1 when I get my new network card.

Function Keys in VMware Fusion Mac

Installing ESXi in Fusion, I couldn’t use the F11 key, even though I’d changed the Mac System Preferences/Keyboard to ‘Use all F1, F2, etc keys as standard function keys’. Turns out that Vmware Fusion has an option too, in VMware Fusion/Preferences/Keyboard and Mouse/Mac OS Shortcuts, untick the option ‘Enable MacOS Keyboard Shortcuts’ et voila.


jzedward’s tweets