Thursday, May 31, 2007

Hey! Where's my next version of SBS?

You wanna know about the next version do you? Well, Since our trip to New Orlean's a TS2 blog has popped up some public information.(here), I'd like to take the opportunity to publish similar information here.

Cougar is the code name for the next version of SBS. When the SBS team decended on New Orleans, some of the following information came out to the public. I wanted to make sure I shared so you could know what's going on with the next version.

  1. Cougar includes Exchange 2007 which is x64 only, This means that Cougar will be x64 only.

  2. Since Cougar is x64 only we can deduce some things just based on how the technology works. This means in-place upgrades from earlier versions will not be supported (x86 hardware cannot support x64 software). Since Chris Almida was also there to speak to migrations, and he is our man in charge of the migration he is not planning to provide an in place upgrade from x64 hardware (again, this makes sense since the OS is x86, and it cannot be upgraded to x64). There will be a migration too that will take you from your current SBS to Cougar on ANOTHER BOX. We are still working on this solution. (I had a meeting yesterday on this actually!)

  3. The SBS Backup solution is being completely re-vamped. However, we have made the full switch, and the backup solution will no longer support backing up to tape. Using snapshot technology, the backups will be extremely quick using incrementals that can be scheduled as often as every 30 minutes. A copy of NTBackup will be able to extract files from the old SBS 2003 format, but no new data can be added. If tape is super important to you, start sizing up 3rd party backup solutions.

  4. To date, we are not planning on changing the 75 user limit.

  5. Cougar will need to be installed behind some kind of firewall and the single-NIC model will be the only mode. You must use a firewall in front of the SBS box, this can be a hardware router type item, or a software firewall such as ISA.

  6. Cougar will be based on Longhorn server now officially called Windows Server 2008.


In addition to the points made in New Orlean's, I'd like to add my own. Cougar looks really really sweet! But then again, I am biased. :o)

Our Beta 1 is in the field with our MVPs (don't ask, they can't talk about it either!) and I'm already starting to contemplate an upgrade to Cougar at my house. Now I just need to find some x64 hardware.... hrm....



With cheap web hosting, today we have many more email marketing options. However, it is important that out web hosting service offers email hosting as well. If not, there is a not a lot the webmaster can do with the wireless internet.

Thursday, May 24, 2007

Want to prevent people from using PSTs on your network?


You have Exchange for a reason, it stores your email, and you do diligence to back it up daily. The problem is those pesky users keep moving mail to their PSTs. Hard drives crash, laptops are lost and along with that, email.

Why not force your users to keep all of their mail on the Exchange Server?

Well, it's a simple Group Policy object for Office 2003 and Office 2007.The problem is, SBS 2003 doesn't allow you to send out Registry edits without building a template for it. Well, a company called DesktopStandard has you covered with their PolicyMaker - Registry Extension plug in to Group Policy! This program is free (with registration) and can be installed on your SBS 2003/SBS 2003 R2 box. And it's my understanding, this company is working closely with Microsoft to build it's tools.

Once you've got that handy program loaded, you'll have to work around a minor issue if you have IE7 installed. Make the following Registry Key change:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING
Create the REG_DWORD with the value of mmc.exe, and ensure the value is 0.

Once that's all finished, we're ready to create the registry keys. To do so, here are the steps:

  1. Click Start, Administrative Tools, and click on Group Policy Management.

  2. When the GPMC opens, right-click domain.local and click on Create and Link a GPO here...

  3. Call the Policy something familiar to you, like Prevent PST Usage.

  4. You'll now see what you just created in the list of GPOs, right-click it and choose Edit...

  5. In the new gpedit MMC window that opens, under User Configuration, and User Settings, select the new node called Registry

  6. In the right pane, right-click in some white-space and choose New, Registry Item.

  7. On the new property page that opens, fill out the following:

    • Action: Create

    • Hive: HKEY_CURRENT_USER

    • SOFTWARE\Microsoft\Office\12.0\Outlook\PST\

    • Value name: PstDisableGrow

    • Value type: REG_DWORD

    • 00000001

    Similar to the following picture:

  8. If you have any Office 2003 versions on your network, you'll want to also repeat the last step, but make the registry key for version "11.0" instead: SOFTWARE\Microsoft\Office\11.0\Outlook\PST\



You will not see the two registry keys in the "Report" of the policy, in fact, the policy will appear to be blank! The reason for this is the report only shows items that have an .ADM template file associated with them. Registry keys do not.

On the clients, this registry setting will take place once Group Policy refreshes, you can force this by typing gpupdate /force from a command prompt window. You will be able to see these registry settings applied to the client by running the command: Start, then Run, then type in RSOP.MSC and hit ENTER. This command gathers the resultant set of policy and shows it for the machine you are on presently.

There you have it! This policy prevents the PST files from growing (hence writing to PST files) It does not prevent the user from loading up any PST file and reading mail out of it.

Gotta love the power of Group Policy!

Wednesday, May 23, 2007

How to launch a program always elevated under Vista UAC


This tip comes from our documentation team on how to launch a program that requires the use of some system files.

UAC is there for a reason, and I suggest only using this method if you know what you are doing and are ok with lowering the security level of your system!!

So now the warnings are out of the way, how do you create a shortcut that doesn't prompt you to run every time? Let's try creating one for the command prompt in Administrator Mode. Although this proceedure can be used for any application that is naughty for writing data into a system location, or that doesn't have a shim built for it to catch the data and write it into a better location.

These steps will require you are running as a local admin, with UAC enabled

  1. Start the Task Schedule from Start, All Programs, Accessories, System Tools, and finally click on Task Scheduler

  2. Accept the UAC prompt for running the Task Scheduler

  3. Click Create Task... (be careful not to click Create Basic Task)

  4. On the General, enter a Name and description, and ensure the Run with highest priviledges is checked similar to the following screenshot:



    Ensure you copy the name into the clipboard as you will need it later when building the shortcut.

  5. Leave the Triggers tab empty

  6. On the Actions tab, ensure you set an action to start a new program:

    • Ensure Action is set to Start a Program.

    • Browse to the path of the program, in thise case c:\windows\system32\cmd.exe.

    • Click OK

    Similar to the following screenshot:


  7. On the Conditions tab, uncheck all the boxes.

  8. On the Settings tab, make sure only Allow task to be run on demand, and If the task is already running, then the following rule applies is set to Do not start a new instance

  9. Click OK

  10. Right-Click on the desktop and choose New, Shortcut from the context menu.

  11. When it asks for the location of the command, type in schtasks /run /TN "Command Prompt in Admin Mode". Please note that "Command Prompt in Admin Mode" is the exact string name of the scheduled task you created and copied above, similar to the following screenshot:


    And then follow through the rest of the wizard with whatever friendly name you want for the shortcut

Now each time you click on this icon, the command prompt will open in admin mode without prompting for UAC.

Again, I recommend if you can deal with the UAC prompt, you do so! This should be used as a last resort for those customers who can't handle the prompt because they open the application 100s of times a day.

-------------------------------

A cheap web hosting may mean more to spare on advertising, but compromising on the hosting means compromising on features like internet phones and online backup. In search engine optimization, it is important that domain registration is followed by the website design. Naturally for all this to happen, the hosting should be reliable.
-------------------------------