Archive for the 'Microsoft' Category

Windows Server 2012 Essentials R2 Experiences

boxartMany businesses today have a mix of technologies, often with business applications, file and print services running in the office, and email and web running on ‘cloud’ services. Remote and mobile workers often struggle to access company resources and information back at the office, and if faced with the complexity of dialling up to connect via a VPN, will often just not bother and keep valuable company data locally on PCs or iPads.

Windows Server Essentials is the replacement for Small Business Server, and is intended to make management of corporate info easy, integrate cloud services and make access simple for mobile devices.

It brings some technical compromises though, this blog is intended as an intro to some of my experiences looking at Essentials for my home lab, before we consider deploying at work. Essentials is not for everyone, it’s limited to 100 users and 200 devices.

My home lab is probably more complex than many home users, with a couple of Macs, iPhones and iPads, Windows Phones, and a mix of Windows 7 & 8 PCs and servers running Server 2008R2 and 20012/R2 with Hyper-V and Windows Home Server 2011. Never mind the games consoles and internet connected TVs.

I run a local domain for user management, with 2 local domain controllers and one on Windows Azure, with some other test resources in the cloud.

Remote access has always been a pain, as I have 5 public IP addresses I have typically published resources I need directly, as VPN is a PITA. I have never got to DirectAccess as I’ve run into challenges with picking up on certificate services.

So there are a few things that Essentials could do

– integration with Azure & Office365 user management
– ease of mobile/remote access
– backup infrastructure (my clients are backed up on home server, but virtual servers just typically vhd copies)

Domain Setup

Essentials technet notes say that a single domain is required – that’s fine for me. However, not so clear is that a single domain controller is required to enable integration with Azure/365. That’s a pain, and the rationale is not clear – I have to demote my other 2 DC’s and will install Essentials as a role on my remaining DC.

Update – well that didn’t work ;-( Installing on the old DC results in a meaningless error (retry…) with no help. I created a new WS2012R2 vm and

– domain attached
– promote to DC
– demote ‘old’ DC
– install Essentials role

This worked cleanly – very nice.

Cloud Integration

Seems to ‘just work’ 😉

Prompted for a login to windows live, and the Azure integration sets up. On reboot, selected the Office365 option and that seems to connect too, very nice.

Sadly Azure backup is is broken (see http://blogs.technet.com/b/sbs/archive/2014/05/01/configuring-microsoft-azure-online-backup-on-windows-server-2012-r2-essentials.aspx) on datacenter sku’s – I will see if i can get it going on a physical install.

Server Backup

more later, parked until I have a nice disk array set up. However, it does seem that Azure backup is not working on Datacenter edition http://blogs.technet.com/b/sbs/archive/2014/05/01/configuring-microsoft-azure-online-backup-on-windows-server-2012-r2-essentials.aspx 

VPN

I have setup a ‘free’ Microsoft host.remotewebaccess.com domain address, as I haven’t looked at certificate issue. Remote access to the Essentials console is fine, but I cannot access VPN. A question for when more time is available. I tried the VPN yesterday and couldn’t get access, but having added a connected PC, checking the settings (SSTP), I could successfully connect from a remote (virtual) machine. All going well, next up…

DirectAccess

The holy grail of easy remote access, an invisible link to your domain from public internet, so rdp and fileserver access is painless. Just what is needed. It’s a bit of a faff to set up on Windows Server, but Essentials promises to make it easy. Instructions available here http://technet.microsoft.com/en-us/library/jj204618.aspx

A pleasant surprise, it just works too. All in all the Server Essentials test journey has been excellent (as smooth as the first Windows Home Server, its grandparent)

Next steps, to shut down and back up the test and reinstall on a live system, and see if that has any problems eg DirectAccess

 

ISA Server 2006 Web Reverse Proxy – challenges

I’ve been having a difficult time trying to set up my virtual machines to be accessible from the interweb. Although I have 5 IP addresses, I’d like to set up my sites as http://www.domain.com/sharepoint, http://www.domain.com/crm etc rather than sharepoint.domain.com, crm.domain.com.

I looked at Microsoft TMG (Threat Management Gateway) and balked at the complexity, as I remembered ISA Server being quite simple (wrong…). After an abortive attempt with ISA, I tried Squid, but although I could get the s.domain.com and c.domain.com I couldn’t get paths working

Today, I went back to ISA. I set up the site and rules fine, but kept getting an authetication error “isa server is configured to block http requests that require authentication”. It turns out the problem is that I don’t have a security certificate assigned. After some hunting, there is a Microsoft KB to fix it at http://support.microsoft.com/kb/924374

I still couldn’t get to my sites from the LAN (192.168.x.x) though; in this case, I had assigned 192.168.0.0-192.168.255.255 as the internal network range. However, this doesn’t define a default route for internal-internal, only internal-external. Simply selecting both the external and internal adaptors as valid adapters for the internal network fixed this.

Finally, I couldn’t get to my site from the outside world (tested on my iPad over 3G). It turns out that my BT external IP addresses were not showing up on the device list on the BT HGV2700 hub, so there was no external route to them. I had to enable DHCP on my external adaptor, and then assign the external IP to the device on the BT router.

Snow Leopard BootCamp Backup and Saving vhd’s

Looked around for some recommendations and found WinClone for OSX, looks like it does a nice job of backing up a BootCamp partition under OSX, I’ll also see if VMware Fusion has got better at handling the BootCamp partition.

I’m also planning to install the beta of Windows Server 2008 R2 SP1 to test to see if it solves the BSD on Hyper-V on my Dell 1747. I boot my WS2008 install from VHD, so first step (after the crash last time…) is to create a rar archive of the VHD (11Gb VHD shrunk to 5Gb) before I apply the beta – I’ll also be able to revert to a ‘clean’ install if I want to upgrade to production too.

© John Edwards 2010 MicroScotland Ltd http://www.microscotland.com

MSFT: A Tale of Two CEO’s

A brilliant graph from gawker.com, comparing Gates and Ballmer, it’ll really crash when Kevin Turner takes over

Steve Ballmer @ D8 Conference – where’s the vision gone?

“I don’t think the whole world is going to be able to afford 5 devices per person” says Steve. A couple of observations.

When Microsoft was founded, the idea of a pc on every desk and in every home was absurd, but it was a remarkable vision for the 80s which MSFT delivered on. A few years ago the vision statement was actually changed, as the original goal was on the verge of being achieved (in the industrialized world anyway).

Steve’s also plain wrong, many people in the world already have a pc at work, a pc at home, a phone and an iPod – that’s 4 devices, is it a big stretch to get to 5? Equally, this is not just just true of New York and Paris, it’s true of Shenzen and KL too. As William Gibson said, the future is already here, it’s just not evenly distributed.

Feels like it’s the end of SteveB @ MSFT to me, and loved the quote from Rob Glaser at RealNetworks “Is Microsoft empire about to crumble?” Me: “Yes, like the British empire, not the Soviet.”


jzedward’s tweets