Lukas Beeler's IT Blog

HP recently had a special offering for an ML110 G5 hardware bundle, that consisted of the following parts:

• Intel Xeon 3065 2.33Ghz 4MB L2
• 512MB ECC RAM
• E200 SAS Controller (8 Ports, 128MB BBWC)
• 2x 160GB 7.2kRPM SATA Disks

For less than 400 CHF. As i needed a machine to run SBS2008 at home, and my current one wasn’t 64bit capable, this seemed like a good buy, especially because the E200 with BBWC alone is worth around 300 CHF.

Of course, i needed more RAM and disk space. I also ordered 4x 2GB memory modules (with ECC) from a third party memory manufacturer (Transcend) – priced at around 80 CHF each. I also ordered 4x Western Digital 1TB disks that are optimized for 24 hour use, priced at around 180 CHF.

This brought me to a total price of around 1500 CHF. I had two 160GB disks that i didn’t have any use for (except throwing them at people i don’t like).

1500 CHF is a lot of money for me, but for a company it’s nothing – still, this is ideal for experimentation. The free ESXi supports the E200 SAS controller, making it easy to build a test lab based on VMware – also, Windows Server 2008 x64 and Hyper-V also run flawlessly on the machine.

The machine is also very quiet, making it possible to use it in a normal appartment or in your office.

You get what you pay for still applies – the machine has no remote management features, only a single network port, forcing you to use the same port for management and virtual machine traffic, which can be acceptable in a test environment. HP’s System Insight Manager is not supported on this machine, either.

The case is very small, resembling a normal HP client minitower. The mainboard supports ECC memory, which is becoming more and more important with todays memory sizes. Unfortunately, it only offers four memory slots with a maximum capacity of 2GB per stick, maxing the machine out at only 8GB of RAM.

The integrated E200 SAS RAID Controller has a 128MB BBWC card, that allows it to use it as a write cache, and enables licensing to use RAID5. In my case, i used RAID10. The disk performance is better than anticipated, even though i’m using slow consumer drives, the performance for running VMs is acceptable.

The machine has three x8 PCI-E slots and a single PCI slot. One of the x8 slots is used by the E200 controller.

This offer is still available under HP Part# 470064-639, and there are still some companies that are selling it for the lower promotion price.

I’m currently running SBS2008 directly on the hardware, with not virtualization in-between. The performance is good, but i’d still never use such a setup for a production deployment at a customer – the management options, hardware flexibility, redundancy etc. just aren’t fit for production.

Update: I was asked about Linux compatibility on this machine. See the official HP Linux compatibility list. The E200 SAS RAID Controller is supported by the cciss driver, which is in the vanilla linux kernel. So most distributions will be able to install on this box – support is another matter, though.

There is no easy way to get official support for non-corporate versions of Linux, like Ubuntu. My usual way in those scenarios is to run Linux as a VM under ESXi, but that doesn’t work with the ML110 as ESXi is not supported (but works).

I’ve written a bit about ESXi before in a comparison to other free virtualization products from an SMB perspective.

I’ve seen the “big” ESX in a few places and worked a bit with it, but i decided to refresh my knowledge on VMware a bit. For this, i first had to scrounge up a machine that was able to pass the rigorous HCL from VMware.

Unfortunately i didn’t find something that was really a Small Business machine – i used a HS21 Blade from my BladeCenter S testing environment.

The HS21 blade has 4GB RAM, a 2.66 Ghz QuadCore CPU and two 500GB SATA Harddisks attached to an LSI1064 SAS Controller. Fortunately, this configuration is supported.

Installing ESXi

Similar to the installation of Windows Server 2008 or Windows Vista, the ESXi installation is extremely streamlined. All you have to do is pop the CD in, select the disk where you want to install ESXi and then let it continue. The whole setup took around 15 minutes, most of the delay owed to the extremely slow Laptop CD Drive installed in the BladeCenter S.

After installation, the Blade rebooted and you will be greeted by an extremely simplistic interface that allows you to change basics like the password of ESXi and reconfigure the management network interface and also display a few logfiles. On first startup, it also showed my a Web address where i can download the VI Client that is used to manage ESXi.

A very pleasant experience.

Installing the VI Client

After accessing the ESXi host through HTTP, i could then download the VI Client. Installation on another Blade running WS2008 was smooth. It also installed an Update Service that allows me to upgrade ESXi.

Configuring ESXi for the first time

After logging on using the VI Client to ESXi, i was greeted with a nicely detailed instructions that i would need to create a datastore. After few clicks i had a datastore created on the RAID1 that ESXi was installed.

The VI Client looks very impressive and neat. It looks like ESXi can read diagnostic information from the Blade, and can monitor RAID, Fan and other stati easily. One of the things i really like about this is that you get a standardized interface for monitoring your hardware – on Windows you usually have to use tools like IBM Director that are just one big mess to handle. Here, i didn’t have to configure anything – it just worked.

After entering licensing information, configurating a static IP Address, changing hostname and DNS information, i rebooted the blade.

Creating the first Virtual Machine

I decided to create a first virtual machine – the blade i killed for running ESXi was previously running Exchange 2007. As this is just a demonstration setup, i decided to recover the preexisting Exchange server into a VM, in order continue having a full featured demo setup.

So i created a new Virtual Machine, configured for running Windows Server 2008 x64. Now, i didn’t have WDS setup in the Demo Environment, so i had to find a way to boot the Blade from an ISO. Previously i used scp to copy the ISO to the ESX Management Partition, but that didn’t work on ESXi. Luckily, the VI Client has a “Datastore Browser” that allowed me to upload files to the vmfs3 filesystem.

After uploading the ISO, i booted from it. The installation was pretty slow, but comparisons to my Hyper-V hosts aren’t fair as those run 10kRPM 147GB SAS Disks in a RAID5 configuration instead of the slow-as-molasses 500GB 7.2kRPM SATA Disks.

After OS installation, i immediately installed the VMware tools. One reboot later, i had a working Windows Server 2008 machine.

One of the things i noticed: When running WS08 virtualized on Hyper-V with 4 virtual CPUs on a Quadcore machine, WS08 thinks i have on Quadcore. On VMware, WS08 thinks i have 4 real CPUs (Sockets). This can bite you if you want to give a WS08 Std Machine more than 4 Cores – as WS08 Std is only licensed to four sockets.

The next step obviously is restoring the Exchange server, but that doesn’t really have to do all that much with ESXi.

Conclusion

ESXi is great. One of the biggest advantages over Hyper-V is the VI Client that consolidates a lot of information that is all strewn about in Windows. For example, it has built-in performance metrics, raid status monitors, etc. You can get all the same information with a machine running Hyper-V, but you’ll have to use other tools for that (of course you can customize a MMC do include Perfmon, but it’s not exactly the same).

VMware shows that they have gained long term experience with Virtual Machines, and the VI Client clearly shows the maturity of their product.

Permission management seems much better than Hyper-V, but i didn’t find a way to use Active Directory integration. Maybe Virtual Center is required to this, or i just wasn’t able to find it in ESXi – it exists, because there are numerous references on the Web.

I’ll certainly consider using Hyper-V when i have to run non-Windows guests. For Windows guests, Hyper-V with it’s VMbus architecture seems better suited. For non-Windows guests, VMware can’t be beaten right now.

Disclaimer: I work for a Microsoft Partner. So i’m probably biased.

Virtualization has always been a topic with a lot of hype, but as of today we have a single customer that is using it (out of 150).

Why? Because virtualization is still expensive. For larger companies, it was possible to save money by using virtualization, for smaller companies that wasn’t really the case. You’ll still need to license the guest OS. You’ll still need to maintain it.

Most customers decided to just buy a Windows Small Business Server, and run all apps from that machine. Though that usually required a technician that knew what he was doing to get all the apps running together on a single machine, it saved money in licensing cost and hardware – and the most important application ran on a separate machine anyway (our ERP software on the IBM i).

With the release of Hyper-V and it’s inclusion in SBS 2008 Premium (on the second machine), Virtualization will probably get picked up even in small businesses. But is it the right way?

I’ve started gearing up my knowledge on virtualization as it will become a topic for our customers. For that, the most important other factor is VMware. VMware offers virtualization products for longer than Microsoft, and i’ve been using their Workstation product for a long time.

Microsofts Desktop product Virtual PC is lackluster at best. The performance is awful and it doesn’t offer many features. There was also Virtual Server 2005, which we’ve used internally since mid-2005 (when you still had to purchase GSX Server and we got VS2005 through the MSPP for free).

Now VMware has an offering that is free, Microsoft has an offering that is included into most Windows Server licenses and Citrix offers a very limited edition of their product for free (Max 4GB RAM, Max 4 VM).

And the big question would be – what product should a small business use today, and why?

I’ve found a few good blog posts on ESXi:

What’s the difference between free ESXi and licensed ESXi?

And on Xen:

Citrix XenServer for the ESX Engineer

And on Hyper-V:

Hyper-V for the ESX Engineer
More on Hyper-V for the ESX Engineer

On ESXi

ESXi Installable Edition Free (short: ESXi) only runs on certain certified systems. Of course you can still build a whitebox machine that runs ESXi, but that would be a rather stupid decision. Running supported hardware is important even in a small business.

ESXi doesn’t support many systems, especially our bestseller system, the IBM x3650 is not supported with ESXi installable edition. I expect the list of machines supported by ESXi to grow steadily, though.

On the other hand, ESXi supports a wide variety of guest operating systems that are supported by VMware. This is one of the main advantages VMware has over Hyper-V. However, most Small Businesses struggle with the complexity of using one operating system. They are unlikely to use multiple ones. On the other hand, VMware offers preconfigured appliances, which sounds like a good use. Important to know: Microsoft does not directly support running Windows on VMware unless you pay big for a Premium support contract.

ESXi can be managed by the VMware “VI Client”. This allows you to do all the everyday tasks of configuring and setting up virtual machines.

ESXi doesn’t have any restrictions that would prohibit production usage, but the management features are a bit limited – you can’t monitor it using SNMP, you can’t script it using the RCLI. If you want those features, you’ll have to pay.

VirtualCenter, which is VMware’s variant of System Center Virtual Machine Manager, is quite expensive. Of course, SCVMM is also quite expensive. So i doubt that either will be used in a Small Business. The disadvantage i see here over Hyper-V is the fact that it can’t be scripted or automated. While not a showstopper, it’s important to consider this.

On XEN

The free XEN version supports a maximum of 4 VMs and 4GB of RAM. With that, i think everything is said and done. These restrictions do not allow production usage. It’s more like a demo version for the full products.

On Hyper-V

Hyper-V only works on 64bit installations of Windows Server 2008 Standard, Enterprise or Datacenter. In SBS 2008 Premium, one license for Windows Server 2008 Standard is included. This allows small businesses to get started with Hyper-V. WS2008 Standard x64 supports up to 32GB RAM. If you use “just” Hyper-V on a WS2008 Standard installation, you can also install a single guest VM with WS2008 Standard without having to purchase an additional license. Be aware that it does not work this way if you run any other software like SQL Server on the Hyper-V host.

Hyper-V can run on a lot of hardware, as described in the Windows Server Catalog. It is also a lot more flexible when it comes to storage configurations, as Windows supports more disk controllers than ESXi.

Hyper-V can be automated using WMI, there is no direct PowerShell support (though you can use PowerShells WMI support).

You can deploy Hyper-V on Windows Server Core, as a dedicated VM host. Managing Hyper-V in this scenario requires a machine running Windows Server 2008 or Windows Vista with the Hyper-V management tools installed. This is the recommended deployment mode.

You can also install Hyper-V on a full Windows installation. Though not recommended, this allows you to logon to the machine using RDP and manage the VMs directly on the server using the same Hyper-V management tools.

Here is one of the biggest advantages Hyper-V has over ESXi. For example, if you setup the WS2008 Standard Server as a SQL Server, you can install Hyper-V after the fact with a simple reboot. Though this is not what Microsoft recommends, the reality is that most Small Businesses have to achieve a lot with less equipment. Running such a configuration can help fix business problems without having to reinstall a machine.

System Center Virtual Machine Manager allows you to manage Hyper-V centrally. It’s quite expensive, so i doubt many small businesses will start using it. Maybe the next version of System Center Essentials will include a subset of SCVMM functionality.

Conclusion

Hyper-V supports more hardware, and is more flexible when it comes to it’s deployment. For me, this makes Hyper-V the better choice for a Small Business than ESXi. XEN Express is absolutely unusuable in a production deployment.

Now, Enterprise admins will probably slap me for the “flexible” deployment of Hyper-V, and they are right. But for most small businesses, being able to cut corners in IT is more important than running “recommended” configurations.

I’m using Hyper-V standalone on a machine in a hosting center to run my private infrastructure (where i plan on moving this blog to), and it’s also a full Windows installation. Hyper-V runs flawlessly in such a scenario.

I also didn’t talk about Vmotion, HA, DRS and all the other fancy features that VMware has and Hyper-V doesn’t have yet – simply because they do not matter to a small business.

In our branch office in Lyss, BE i run an RODC – not because it’s needed, but a production environment is always better to gain experience than a few VMs.

As almost all data from that RODC is replicated through DFS-R, backing it up wasn’t that important, we had a few more business needs that couldn’t be solved by using DFS-R to backup in our HQ in Horgen.

So we purchased a BackupExec Media Server license, and i tried installing BackupExec. It reminded me that installing on an RODC requires a seperate Windows installation that runs SQL Server. Well, we have Hyper-V and enough Windows licenses to do this, so i didn’t think of this as a big deal.

I’ve setup a VM with WS08, installed SQL Server Express with an Instance called “BKUPEXEC” and tried installing BackupExec, pointing it at the remote SQL Server Express (that was configured to allow remote connections).

The RODC is called LYS-RODC-01. The SQL Server Express VM is called LYS-SQLE-01, with a SQL Server Instance called BKUPEXEC.

It didn’t work:

08-08-2008,23:22:58 : There is no MSSQL$BKUPEXEC Service
08-08-2008,23:22:58 : V-225-212: Unable to connect to SQL Server. ***To search for information about this error, click here
08-08-2008,23:22:58 : Failed to configure SQL instance LYS-RODC-01\BKUPEXEC SQL instance to allow updates.
08-08-2008,23:22:58 : Action ended 23:22:58: InstallFinalize. Return value 2.
08-08-2008,23:22:59 : Action 23:22:59: Rollback. Rolling back action:

The error message seems strange. Why does it connect to the RODC – there is no SQL Server on the RODC, and i configured it correctly in the setup.

I read through the logfile multiple times. Didn’t find a mistake. Reinstalled the SQL Server VM a few times using a variety of SQL Server and OS combinations.

I contacted Symantec Support (which was a bit of a letdown, first i had to talk someone in one of the Eastern European countries who could barely speak German, and next i had to talk to someone from India who could barely speak English, much less German). After almost a month, i still wasn’t anywhere near a solution.

I’ve spent a few more days playing around until i finally tried something that worked.

I changed the name of the SQL Server instance from BKUPEXEC to SQLEXPRESS.

This fixed the problem.

I’m still baffled by this.

Customer is running two Terminal Servers on Windows 2000 Server. 32bit. 4GB of RAM.

Recently upgraded to Symantec Endpoint Protection 11, around 1 Month ago. A week ago, the customer complained that one of the Terminal Servers crashed constantly, requiring a reboot to recover.

Quick investigation showed that the machine was running out of paged pool.

Event ID 2020
Event Type: Error
Event Source: Srv
Event Category: None
Event ID: 2020
Description:
The server was unable to allocate from the system paged pool because the pool was empty.

I’m not proficient with Terminal Servers or Windows 2000, but debugging this issue was mostly similar to what you do when debugging pool issues on Windows Server 2003. First you need to enable Pool Tagging, which is enabled by default on Windows Server 2003 but not on Windows 2000. KB177415 explains how.

After that, install the Windows 2000 Support Tools, and run poolmon /p /p /b.

In my case, the output looked like this:

The limit for Windows 2000 Terminal Servers is 160 MB. As you can see, the machine here is idle and without any users on it. And we’re already at 132MB utilisation.

There are two culprits: “CM” and “SavE”. The Pooltag “SavE” is the Symantec Endpoint Protection Virus Scanner Driver. It clocks in at 50MB. The other Pooltag “CM” stands for “Configuration Manager”, and is the registry. It is 67MB big.

This is not normal – the other Terminal Server, the CM tag is a lot smaller, only 35MB. The “SavE” tag is still 50MB. This explains why the other TS does not have the same problems as this one. But we don’t know why one registry is so much bigger than the other.

This can be found out by using the dureg.exe tool, which can help us resolve the issue.

As you can see from the picture above, the enlarged registry is also caused by Symantec.

C:\Programme\Resource Kit>dureg /lm “SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Quarantine”
Size of HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Quarantine: 26111494

Clocks in at 26MB. The Quarantine key contained around 20’000 subkeys, each with a simple number below. Each was about the same .doc file.

After deleting the Quarantine key, the CM pooltag went down from 67MB to 35MB – just like the other TS.

The next step was obvious. Remove Symantec Endpoint Protection which something that doesn’t suck as bad: McAfee AntiVirus Enterprise. I downloaded an Evaluation Version, and installed it.

And the results were obvious:

Do you see the pooltag “NAI0″ somewhere in this list? I don’t. It’s there, but somewhere around Page 400, and surely not eating away 50MB of my paged pool.

So if you have problems with your machines running out of paged pool, frequently showing Event 2020 with Source Srv, check the registry size and replace Symantec Endpoint Protection with something that doesn’t suck that much.

I’m not exactly what one would call an “Enterprise” Admin – so i don’t really know all that much about WMI.

We first started our internal virtualization stuff when both VMware GSX and Virtual Server 2005 still cost money. So we used VS2005 because we could get it for free since we were in the Microsoft Partner Program.

So, with the release of Hyper-V we finally had a chance to move to a more robust and faster virtualization solution – however, not everything has improved with Hyper-V, for example delegating permissions which was easy in VS2005 has now become much more complex. Probably because Microsoft wants to sell SCVMM 2008 that will automate a lot of this.

We have a few development VMs that are used for QA purposes by our development team – and we just have a single machine running Hyper-V. So i want to delegate a few of the VMs to the development team, without them being able to manage the Hyper-V server or virtual machines that do not belong to the development team.

I’ve found an excellent resource regarding setting up remote management for Hyper-V from John Howard. He has an excellent 5 Part series on how to enable remote management.

Part 1 Part 2 Part 3 Part 4 Part 5

What is not described in these links is how to delegate specific VMs. For doing this, you’ll need a script from Andrzej.

Hyper-V Azman Scope Scripts

Here’s a basic rundown of the general steps you’ll need to do:

• Create an appropriate Active Directory group for the users you want to give access to. If necessary, nest the groups according to your organizations group strategy
• The following two steps are detailed in Part IV from John Howard
  • Add to the group to the local “Distributed COM Users” group on the Hyper-V host
  • Grant the group permissions on the Root\CIMV2 and Root\Virtualization WMI Namespaces
• For detailed instructions for these three steps, see below.
  • Run azman.msc and create a new scope
  • Use the SetScope VBS script to assign the VM to scopes.
  • Run azman.msc and delegate appropriate permissions to Windows Groups using newly created scope

Creating scopes in AzMan and assigning VMs to scopes

First, you’ll need to start azman.msc and open to following Authorization Store: C:\ProgramData\Microsoft\Windows\Hyper-V\InitialStore.xml

Then, you’ll need to right click “IntialStore.xml” and choose “New Scope”. In my case, i named the new scope “Dev”.

Next, you will need to create a role in the top-level of the authorization store. This role is needed so that the Hyper-V Management tool can even connect. I called mine “View Only”, as it does not grant any specific permissions. It should look like this:

You’ll also need to add the Windows Group to this azman role in order for it to be of any use:

Next, we need to create a role that grants the necessary VM management skills to the Dev scope. It should look like this:

You’ll also need to add a Windows Group to this role.

After you’ve come so far, we will need to assign the VMs to the newly created scope. You can find the scripts here: Andrzej’s Hyper-V Scripts.

Assigning a VM to a scope is simple.

For example, if you want to assign the VM “dev-hdi-xp-01″ to the scope “Dev”, use this command.

setscope.vbs dev-hdi-xp-01 Dev

There will be three popup Windows – the first two don’t matter, and the latter will contain a single number. If the number is 4096 (or anything else), it failed. If the number is “0″, it succeeded.

You can verify scope membership using getscope.vbs

getscope.vbs dev-hdi-xp-01

The result should look like this:

If my posting is entirely correct, and you followed it correctly, the end result should look like this:

Here, we’re logged on as an admin. All VM’s are visible:

Here, we’re logged on as a normal user. It does not have any special privileges on the Hyper-V box, except the WMI / DCOM and AzMan changes. You’ll only see the two Development VMs.

So, this is quite a bit more complex than VS2005. But also a lot more cool.

I hope there are no mistakes in this post. If you find any, please tell me. If you found this post helpful, tell me too. Thanks for reading!

Microsoft released the Windows Small Business Server 2008 RC0 today.

For those of you who do not know SBS: SBS has traditionally been a single server setup with Exchange, SQL Server and ISA Server. It consolidates all “big” Microsoft technologies on a single server. This contradicts most “Best Practices” published by Microsoft, and as such SBS has always been seen as the red-headed stepchild in the Windows Server Family. SBS 2008 aims to improve several of these points (especially with the Premium Edition shipping with TWO server licenses).

After a 6 hour downloaded that trickled in at a few meager 200kbyte/s, i was finally able to get started with it.

SBS 2008 now demands x64 hardware – so for testing i used an IBM x3650 running Windows Server 2008 Enterprise with the Hyper-V RC1. Hyper-V supports 64bit guests. Other hardware requirements have also gotten steeper – you’ll need 4GB RAM minimum (though i launched the VM with only 2GB). The Premium Edition now comes with licenses for two servers – finally making it possible to have redundant domain controllers even in a Small Business setup without paying for full server licenses.

The first half of the setup is similar to what you know from Windows Server 2008 and Windows Vista – you boot, select the disk, have the chance to enter a product key, and finally start the installation. After that, the WIM image is expanded to the harddrive. The machine reboots after installation, and this is where things get different.

After booting, you’ll land in “Install Windows Small Business Server 2008″ Wizard. This can be mostly automated using an Answer file, which is mandatory when migrating from earlier versions. I will check that out later and proceed with a simple installation without using an Answer file.

I get nagged by a “Insufficient Hardware Screen”, reminding me that my (virtual) machine only has 2GB RAM. After acknowledging the warning, i can setup my date and time. I choose the CEST timezone, and move onwards.

Next, a screen confronts me with the fact that i don’t have a NIC – which is true. The machine is running on Hyper-V RC1, and i wasn’t able to install the integration components yet. Luckily, there is a “Browse” Button, where i can launch the Integration Services setup. Installation of the Integration Components worked fine, the machine rebooted. I hope Microsoft packs the Hyper-V RTM bits into SBS RTM. This would make it easier to install it into a VM, but as you can see, it’s not much of a hassle.

I was back at the beginning, at the start of the SBS Wizard. Luckily, i was now able to use the mouse after installing the Hyper-V IC. Next, i get an Update Dialog, asking me if i want to update my server. I choose yes and have to wait.

Next, i was asked to enter my company information. Next, i was able to name my server and the NETBIOS name of the Domain. I was not able to choose a DNS Name for the Domain (This is only possible if using an Answer File). Interestingly, Dashes “-” were not accepted as part of the server name. I wonder why – our production setup uses dashes extensively in server names, and so does Microsoft (judging from their Mail headers).

Then i was asked to create an an administrative account – a good idea. The “Administrator” account shouldn’t be used in a production setup, instead each user with administrative rights should have their own account. SBS enforces this – a very good idea.

After confirming Server name, Domain name and Company name, the installation continued on it’s own. This took a good amount of time, during which the server restarted several times – of course completely unattended. No need to play disc jockey or logon – much better than SBS 2003.

After the installation, i was greeted with a screen that told me that it was unable to install some critical updates. Clicking on that bar revealed an IE7 404. I checked the IP configuration – the server was configured to use 192.168.0.2, and didn’t have a DHCP server installed. There was no default gateway set yet.

Next, i launched the “Connect to the Internet Wizard” which told me that i was already running a DHCP server – which makes sense. After choosing “Postpone”, the Wizard aborted. That wasn’t quite what i was hoping for.

I shut down the VM and reconfigured it to use a private LAN. That way, it wouldn’t have a connection to the internet, but it wouldn’t have to deal with a DHCP Server either. But SBS didn’t like that either – it wanted a router. So i setup a second VM running IPcop (which works flawlessly on Hyper-V using Legacy NICs and a small virtual hard drive).

It was interesting to see using “tcpdump” what SBS did under the covers to detect the router. ARP scanning, IPv6 Discovery, Everything. This seems rather well designed. It was sucessfully able to detect my IPcop VM which didn’t have a DHCP server.

Next, i started the wizard to enable my domain name. It seems that SBS will be able to do some of these things automatically if you live in the US. Here of course we have to do things manually.

So far i don’t like that SBS tells me very very few technical details. But this might be because Microsoft somehow thinks that a Small Business Owner will setup SBS on their own (which just seems a horribly stupid design decision).

Next, it told me that i couldn’t configure my Internet Router properly (my IPcop instance didn’t have UPNP support enabled). It’s interesting to see that it wants to forward port 25 to the server. It looks like the POP3 Connector was finally killed off for good. That’s very good to hear! Unfortunately, it’s still there. Just hidden.

I also had to configure outbound email properly, with the ability to configure a smarthost or use direct sending. There is also a wizard to easily create a properly signed official SSL certificate – nicely done and will surely improve the security of the many SBS setups that are out there.

SBS 2008 also ships with OneCare for Servers already preinstalled. You can just activate it with a few clicks. I don’t see this very positively – I’ve made a few bad experiences with ForeFront Client Security, which OneCare is based on. We’ve been using McAfee for the past. So in the future for SBS setups we will have to either remove OneCare from the SBS, or deal with having multiple virus scanners on the network (a management nightmare).

Another interesting tidbit is that UAC is enabled in approval mode, just like on standard Windows Server 2008 installations when not using the Administrator account. This is annoying, IMHO. I don’t have a problem with UAC on my desktop because i usually use my desktop to work and not change settings – but when i’m logged onto a server, i want to change settings all the time.

That’s it for the first impressions. I will have a closer look at SBS 2008 over the following days and will keep you all updated.

Pictures are here:

Outlook Anywhere / Outlook Autodiscovery on Windows 2008 still has some problems.
Read this most excellent post that has all the details.

Long story shorts: Modify the hosts file, remove the IPv6 localhost (::1) and then add hosts entries for your server. I would recommend against disabling IPv6 on the Exchange server, as this is probably not a recommended or supported configuration.

The root cause is that Outlook 2007 can’t contact a DC/Domain Controller using RPC over HTTP/Outlook Anywhere when used on Windows Server 2008.

Also note that NTLM Authentification for Outlook 2007/Outlook Anywhere is broken on Windows Server 2008.

Microsoft TechDays 2008 has opened registration.

If you’re in Switzerland and work with Microsoft products, attending TechDays 2008 is a generally good idea. Pricing is okay (around 500.- for normal people, 140.- for students/apprentices) and usually your boss pays for this.

TechDays 2008 will be in Basel, they’ve moved from Zurich again. I don’t know the location, but it has it’s own parking spaces, which is what the Zurich location was sadly lacking.

If you’ve never attended TechDays, here’s what you can expect:

• Many interesting speeches by people that really know their stuff
• Meet other IT professionals
• Good food
• Free NFR versions of WS2008, SQL2008 and VS2008
• See my TechDays 07 Day 1 and Day 2 writeups

If you’re going to attend, leave a comment. It’s always nice to see new faces.

On my personal Machine (and all other machines in my office, running Vista and Office 2007), Communicator 2007 has been demanding an Outlook update since i’ve installed it (Outlook-Update erforderlich). Clicking it leads to this empty Microsoft page.

I have no idea why it demands this, because i’ve installed all the Office 2007/Outlook Updates there are, and even more funny I only found a single reference to this problem (this newsgroup posting).

The suggestion in said post was to contact Microsoft Support, which i’m not allowed to do. The problem does not exist on the Windows XP machines running Office 2003 (we don’t have any machines running XP/Office 2007). As such, i’m stumped.

Does anyone else know this problem?

Update: According to this post in the OCServer Blog, this icon works in English Environments and should remind users to install KB936864. However, i do have this package installed (according to systeminfo).