Wednesday, December 03, 2008

Microsoft Action Pack Subscription (MAPS) and Retail

Nicholas King and David Fabritius have gotten together to give you a post on what’s different between the MAPS (Microsoft Action Pack Subscription) kit and the Retail kit.

You can view it over on Nicholas King’s Blog.

When you receive your MAPS media you’ll get the following;

  • Windows Small Business Server 2008 DVD 1 – Installs SBS 2008 as we know it (ala Standard)
  • Windows Server 2008 Standard  32 bit and 64 bit editions
  • Microsoft SQL Server 2008 Standard 32 bit and 64 bit editions

Here’s the catch – In MAPS you wont get the media that is branded SBS Premium.  Why did we do this you might ask?  Well in fact we have three reasons.

  1. Cost of the MAPS kit and getting to you guys as quickly as possible.  By reusing the Windows and SQL media, we’re able to keep the costs low for all of you subscribing to MAPS. 
  2. Reducing the number of duplicate disks makes it easier for you to manage all of the different medias we send on a monthly basis
  3. The environment – reducing the amount of media, transportation costs, saving fluffy rabbits and rainbows are great for the environment

How does this differ from setting this up with the branded media?  If you’re deploying in an SBS target network with less than 75 users then there is no difference.

New face for home.live.com

For those of you who don’t know, the new Live Home page has re-launched with a new version at http://home.live.com.  Looks more functional, with feeds, profiles, and the ability to link your websites together, including Flixter, Facebook, Twitter, StumbleUpon, etc.

Definately worth checking out, it also includes a new version of SkyDrive, which appears to now offer 25GB of space, instead of 5GB.  What do you think?

Monday, December 01, 2008

Update to OneCare Strategy Post

image

On November 18th, OneCare made an announcement regarding a change in the OneCare Service.  I wanted to alert you that the Small Business Server Q&A on my original post had been updated. I will repost the Q&A here for you RSS feeders:

Q: How does this impact Windows Small Business Server 2008 (part of the Windows Essentials Server Solutions offerings) and Windows Live OneCare for Server?

A: Microsoft will continue to support the 120 day trial for Windows Live OneCare for Server offered in SBS 2008.  The subscription service will be available for purchase through June 30, 2009.  Microsoft will ensure Windows Live OneCare for Server subscribers will remain protected for the duration of their trials and subscriptions.  For language and market availability please see http://www.microsoft.com/sbs/en/us/editions-overview.aspx.

Q. Didn’t you announce at the Windows Small Business Server 2008 beta that Windows Live OneCare for Server would be offered as a trial on SBS 2008? 

A. Yes we did and in some cases the new Windows Small Business Server 2008 will ship with a Windows Live OneCare for Server trial (please see http://www.microsoft.com/sbs/en/us/editions-overview.aspx for language and market availability).  This announcement does not affect the trial at this time.  Microsoft will continue to support the 120 day trial for Windows Live OneCare for Server currently offered in SBS 2008.  The subscription service will be available for purchase through June 30, 2009.  Microsoft will ensure Windows Live OneCare for Server subscribers will remain protected for the duration of their trials and subscriptions.

Monday, November 24, 2008

Setting up Anti-Spam with a 3rd party Mail Hosting Company

Our Customer Support organization has a great post out on How to Setup Anti-Spam in Exchange 2007 When Using a Mail Hosting Company. They key to note here is that if you are using one of our DNS partners and have left the Dynamic DNS client on, there is a registry change you have to do in order to not have to update your DNS records after the Dynamic DNS client updates them again.

If you’re using a 3rd party anti-spam service (which totally frees up your bandwidth for more useful traffic), I highly recommend reading this post.

Friday, November 21, 2008

Windows Essential Server Solutions Partner FAQ

Now that both Windows Essential Business Server and Windows Small Business Server 2008 have launched, the marketing team has put together a 33 page FAQ today!  The FAQ is available on the Partner Portal, just point your web browsers here.

The FAQ includes links and information on:

  • Trial Versions
  • Pricing and Availability
  • Software Assurance
  • Virtualization
  • Migration

All you have to do is register as a partner and the information is yours!

Thursday, November 20, 2008

Don’t just Use SBS documentation, Add to it!

We all (hopefully) by now know about the SBS 2008 Document Library up on Technet. which has links to product help and whitepapers and all sorts of goodness related to the SBS 2008 product.  We also all know this has been growing over time as the User Assistance writers create more and more documentation.

Did you know that you can add to the documentation, your experience, extra pieces of information you’ve discovered.  That’s right, the SBS documentation is just a solid foundation to get you going, you can update the documentation to include added pieces of information as well.  If there is one thing I’ve learned, is you are never alone in trying to do something.  If you want to do something, chances are there is someone else on the Internet wanting to do the exact same thing!

Let me show you an example; I was looking for the information to manually configure a domain name. (I happen to know this is in the pipe to be published, but isn’t yet), and you come across this documentation on how to set up your Internet address.  As you can see at the bottom, I’ve added information on how to configure the domain name manually, linking to the Official SBS Blog.  You might want to add something to this same post.  Say you’re working with a domain name provider that has particularly tricky UI, and you had to call support to figure out how to navigate it.  Why not click the Add New Content link and type that up, so others can benefit? 

Just look for the community Content section, and click Add New Content

image

Tuesday, November 18, 2008

OneCare announces a Consumer Security Strategy Update

image

OneCare made a big announcement today to adjust the Microsoft solutions to ensure more customers are getting the essential protection they need.  If you are a OneCare subscriber, there is no action to take at this time.

For details on the change, visit the Windows One Care weblog.

Q: How does this impact Windows Small Business Server 2008 (part of the Windows Essentials Server Solutions offerings) and Windows Live OneCare for Server?

A: Microsoft will continue to support the 120 day trial for Windows Live OneCare for Server offered in SBS 2008.  The subscription service will be available for purchase through June 30, 2009.  Microsoft will ensure Windows Live OneCare for Server subscribers will remain protected for the duration of their trials and subscriptions.  For language and market availability please see http://www.microsoft.com/sbs/en/us/editions-overview.aspx.

Q. Didn’t you announce at the Windows Small Business Server 2008 beta that Windows Live OneCare for Server would be offered as a trial on SBS 2008? 

A. Yes we did and in some cases the new Windows Small Business Server 2008 will ship with a Windows Live OneCare for Server trial (please see http://www.microsoft.com/sbs/en/us/editions-overview.aspx for language and market availability).  This announcement does not affect the trial at this time.  Microsoft will continue to support the 120 day trial for Windows Live OneCare for Server currently offered in SBS 2008.  The subscription service will be available for purchase through June 30, 2009.  Microsoft will ensure Windows Live OneCare for Server subscribers will remain protected for the duration of their trials and subscriptions.

If you have questions on the OneCare solution, please level them as comments on the original announcement.

Independant Software Vendors supporting SBS 2008 at Launch

If you missed the launch of the Dream Server, you can probably still catch the recorded sessions.  I wanted to take a moment to shout out to our ISVs who did a lot of work during the development phases of SBS 2008 to make sure that you had such wonderful options for additional software and services that works well with Small Business Server.  Below is the ISV launch badge, which are the ISVs that responded to use with fully functional software or services that works with the feature sets of SBS.  This list can only grow from this day forward.

image

I know beyond the list above there are other solutions that also work with SBS 2008.  Remember the golden rule.  SBS runs on top of Windows Server 2008, so if the software is certified to run on Windows Server 2008, it’ll most likely run on SBS 2008.  Want more detail? Just consult the catalog.

Monday, November 17, 2008

Home Server with Multiple Subnets

I may be a little out of the norm with Home Server, but I have a home network with 2 subnets.  The reason is because I run a Sonicwall as my home router.  The wired LAN runs in 192.168.1.x and the wireless WLAN runs in 192.168.2.x .  This allows me to do guest wireless, and quite frankly, a business class router such as a Sonicwall just provides much more reliability, which is very important to me.

Ok, so now for how I got my WLAN clients to access the home server.  First of all, Home Server has a dynamic IP address, so because I’m a server guy, I just changed it to a static IP address on the LAN for the Sonicwall.  Next I went into the Windows Firewall on the Home Server

image

For each exception, I needed to verify that it allowed more than the Class-C subnet through the firewall.  I decided for simplicity, it was easier to change it from a class-C to a class-B subnet allowance (i.e. instead of 192.168.1.x through the firewall, it allows 192.168.x.x through the firewall).  This is slightly less secure, but it’s my home, and I have a pretty good WPA key on my wireless network.

Here are the steps to change each exception:

  1. Select an Exception, you’ll have to do this for all exceptions that are scoped to My Network (subnet) only, and choose Edit.
  2. On the Change Scope page, select Custom List, and place your cursor in the box
  3. For the subnet, type the static IP address of the server followed by a “/” and then the subnet for class-B networks (e.g. “192.168.1.2/255.255.0.0”) and choose OK.

That’s one exception that allows the WLAN clients into the home server.  Now go through all the exceptions and make this change, the WLAN clients just “popped” online without making a change on the client side.

Friday, November 14, 2008

Windows SBS 2008 Japanese, Portuguese, Swedish, Hungarian and Greek RTM!

こんにちは, Olá, hejsan, Magyar, Γειά σου!

Today the SBS team released the final set of 18 available languages.  This marks the end of all of the available languages for SBS 2008.  So let’s do a little recap here:

  • Tier 0 was English
  • Tier 1 was Brazilian, German, Italian and Turkish
  • Tier 2 was Spanish, Dutch, French and Polish
  • Tier 3 was Chinese (Simplified and Traditional), Korean, Czech and Russian
  • Tier 4 is Japanese, Portuguese, Swedish, Hungarian and Greek

Each language should hit a channel near you in 6-10 weeks after the date that the specific blog post was made.

Thursday, November 13, 2008

More SBS 2008 Documentation Available

SBS 2008 Remote Access PM Interview & Demo

Magesh, the man responsible for SBS 2008 Remote Web Workplace, SharePoint and other i-Worker type features has made his debut on TechNet Edge. This video will talk about such things like the SBS remote access gadget, the connection to your desktop computer remotely, how to configure RWW, as well as what you can access on your SharePoint website.


SBS 2008 remote access demo and interview


View the video direct on Technet.

Wednesday, November 12, 2008

Wednesday, November 05, 2008

Windows SBS 2008 Chinese, Korean, Czech and Russian RTM!

 

你好, 여보세요, Nazdar, Здравствулте!

Today, the SBS team has released some more languages to the manufacturing department. With only one more wave of localized versions to come, today we released: Chinese, Korean, Czech and Russian.  I’d suspect anywhere from 1-5 months after today.  We can’t control the fill of the channels.

Don’t forget the Product Launch on November 12th, for details, visit the Dream Server Launch Site!

Tuesday, November 04, 2008

SBS 2008 Backup Introduced

If I think back to the User Group tours we did this year, there were oodles of questions on the new backup application included with SBS 2008.  To answer a lot of questions about the new SBS 2008 backup application, the Official SBS blog has Introducing SBS 2008 Backup.

Which goes into detail on:

  • What the backup application will back up
  • How Volume Snapshot services work
  • What to expect in the Wizard

Browse on over to the Official SBS Blog to check out the post.

Friday, October 31, 2008

The Connected Home via Home Server @ PDC

If you want to know where Microsoft is taking your home, you might want to check out the videos of Home Server from the PDC (Professional Developers Conference). The specific video is Developing Connected Home Applications and Services for Windows Home Server.

There are some pretty exciting things in there about automation that will control your heater, air conditioner, blinds, TV, and the list goes on.

On the second day of PDC, CJ talked again about Exposing Connected Home Services to the Internet via Windows Home Server. Near the end, there is a bit on Windows Live Mesh, that I commented on earlier this week.

Connecting computers to the SBS Network

[This post courtesy of Steven Goddard]

This post goes over the different ways to join a client to the SBS 2008 network and differences.

HTTP://Connect

This method replaces the http://server/connectcomputer method. http://connect is a simpler url to remember, you don’t need to know or remember the server name. The goal of the web page is to do some pre requirements checking and guide the user through the experience before the Connect Computer program start. If we can detect the OS and browser version, specific instructions to that configuration are shown are shown on the web page to guide the user through the series of prompts they will see before the Connect Computer program starts. If we can’t detect that, a general set of instructions are presented.

Once you select “Start Connect Computer Program”, the wizard will start.

Note: see KB957708 if you the client machine can’t get to http://connect.

Portable Media

The second method involves creating portable media. Via the SBS 2008 Console, you can copy the Connect Computer launcher to portable media like a USB key. Then you can walk to each machine, plug in the USB key, and start the program (launcher.exe) that will download and start the Connect Computer wizard.

The wizard to do this is called “Connect Computers to your network” on the Getting Started Tasks and on the Network.Computers page. The wizard is a quick wizard. After the first page, you will need to select “Copy the program to portable media”.

image

Then, select the location to put the program.

image

Followed by the confirmation and the instructions how to run the program.

image

What is different between http://connect and the portable media method? They both launch the Connect Computer wizard (to be covered in a forthcoming post). However, if you can’t get to http://connect due to networking issues (lets say you are still getting DNS info via the router), you will get page not found. Running launcher locally, if it can’t get to the server, it will do a repair network. This will include doing an ipconfig release and renew. At this point, the client machine should get an IP from the SBS server, and able to get to the package to download the connect computer wizard.

Native domain join

You can always still natively domain join computers. The Connect Computer program only supports XP SP2 and above, Vista. So for older OS’s or server SKU’s, you will have to natively join them to the domain.

Thursday, October 30, 2008

Windows Home Server & Mesh, together soon!

If you haven’t seen what Mesh can do, then you haven’t moved into Web 2.0 yet.  Granted it’s still in Beta, but it’s very very cool.  Being able to sync your files with the cloud and desktops has simplified my life greatly.  In addition to access to your files from any connected device, you can remotely connect to any PC, regardless of firewall configuration!  What will make it even cooler is when it can combine with Windows Home server via an add-in.

Looks like they announced some of that at PDC this week.  Details on the HomeServer Blog.

Hyper-V Official Whitepaper now available!

The Official Hyper-V documentation for SBS 2008 is now available online.

This document provides an overview of the use of virtualization in a Windows® Small Business Server 2008 (Windows SBS 2008) environment, and discusses scenarios in which Windows SBS 2008 supports the Hyper-V technology.

Be sure to review the known issues list.

Wednesday, October 29, 2008

More on Autodiscover, for Windows Mobile and Gotchas with Certificates

A previous post introduced and explained how Autodiscover works in SBS 2008.  Today I want to dive a little deeper into the gotchas to be weary of when using self-issued certificates, and talk about what you need to do with Windows Mobile to make this work as well

Self-Issued Certificates

First of all, make sure you understand the self-issued certificate, and how that differs from a Trusted certificate for web traffic.  If you can swing it, with today’s SSL prices for a simple SSL cert, it’s far worth the money to get a trusted certificate than fight with your free self-issued certificate.

If you must use the Self-Issued certificate, any domain joined client computers or laptops will automatically get the self-issued certificate through Group Policy.  Any remote or non-domain joined computers will not get the certificate automatically, and you will need to manually install the root certificate on these computers. SBS 2008 provides a great tool to do this automatically (This tool is not designed for the iPhone).

To make sure Outlook Anywhere, or Autodiscover function correctly, you must install the self-issued root certificate on the client, or install a trusted certificate on the server in order for you to successfully configure Outlook Anywhere using the Autodiscover feature.

Windows Mobile

Windows mobile falls into much the same pitfalls as Outlook with a self-issued certificate.  Remember, the certificate is used to verify the identity of the server to the client computer or mobile device, much like your driver’s license validates you are who you say you are when getting on a plane.  If your server is configured to use a self-issued certificate, the device will refuse to talk to the server, because the SSL chain is not trusted.

To recap here:

  1. Purchase and Install a Trusted Certificate on the server before setting up Outlook Anywhere, or any Windows Mobile/iPhone type devices, OR
  2. Install the self-issued root certificate on remote clients, or Windows Mobile devices before you continue with connecting the PC or Device to the server

Monday, October 27, 2008

Autodiscover and Outlook Anywhere

[This post comes courtesy of Steven Goddard]

The Autodiscover service is new feature of Exchange 2007 and Outlook 2007. The goal of the new Autodiscover service is to reduce the time spent configuring clients. Autodiscover aids in profile creation and passing the URL’s back to the client for the Offline Address Book (OAB), free/busy, and Out of Office settings. You will see a number of new virtual Directories (vdir’s for short) in IIS, including Autodiscover, OAB, EWS.

Note: During SBS setup, all Exchange vdir’s are “moved” form the “Default Web Site” to the “SBS Web Applications” site.

Outlook Anywhere used to be known as RPC over HTTP in the SBS 2003 timeframe. It has been renamed, but in general, it is the same. It allows an Outlook client to communicate to the Exchange Server over HTTPS. No special ports need to be opened up, just the standard 443. Exchange builds upon the Windows 2008 feature “RPC over HTTP Proxy”. It works with both Outlook 2003 and Outlook 2007. Outlook Anywhere is automatically configured when you run the Internet Address Management wizard.

Here is some more info for Autodiscover and more info for Outlook Anywhere.

What does this all mean?

With Outlook 20007 and Exchange 2007 in SBS 2008, profile creation and ongoing maintenance is greatly simplified thanks to Autodiscover. Setting up Outlook Anywhere is automatic as well.

On domain joined machines, when a user starts Outlook 2007 for the first time, they no longer have to specify any information if their computer is joined to the domain. Outlook 2007 will start, gather the information automatically, log the user on to their mailbox, and begin retrieving information from your Exchange deployment.

On remote/non domain joined machines, you will have to do a few extra steps, but a lot less than the manual configurations with Outlook 2003 for RPC/HTTP. Basically, you will need your email address and password and you are ready to go. First, fill in the info below:

image

Outlook 2007 will try to use find the Autodiscover XML at:

  • https://contoso.com/autodiscover/autodiscover.xml
  • If above fails, outlook will try https://autodiscover.contoso.com/autodiscover/autodiscover.xml

Both of those will fail in the default SBS case as the info is actually at https://remote.contoso.com/autodiscover. With Outlook 2007 SP1 and above, outlook adds a third check. It checks a SRV record, or service. When you run the Internet Address Management wizard with a partner, this SRV record is automatically set. It looks like:

  • _autodiscover._tcp IN SRV 0 0 443 remote.contoso.com

Outlook will pop up the following informational popup:

image

After selecting allow, Outlook will receive the XML information from the SBS/Exchange server, and automatically create your profile including your Outlook Anywhere settings.

image

What about Outlook 2003?

Outlook 2003 story is similar to SBS 2003. For domain joined machines, we push a PRF file down to aid in first time profile creation to the Exchange server. Outlook Anywhere must be configured manually for domain joined machines (i.e. laptops) and non domain joined remote machines. Instructions are on Remote Web Workplace.

image

So make sure those Service (SRV) records are configured correctly!

Make sure you continue reading to the Windows Mobile and Gotchas with Self-Issued Certs!

Saturday, October 25, 2008

What happened to SBS 2003 R2 + Software Assurance?

Where did it go? it was removed from Volume License pricelists?

Well, Eric Ligman has a final solution for you over on his blog. The key piece being:

If you are looking to get your clients an SBS 2003 R2 Server license with Software Assurance, here is what you should do:

  1. Purchase a Retail Box SBS 2003 R2 Server license from your distributor
  2. Add Software Assurance to it within 90 days of the purchase (best off to do it on the same order to make sure you get it added)
  3. Follow the steps to claim the SBS 2003 R2 deployment rebate for your client

More details on Eric’s Blog.

Friday, October 24, 2008

How to use Resources & Equipment with Exchange 2007 in SBS 2008

In most offices, there are shared resources, this might be a room, a digital camera or a car.  These resources can typically only be used or be in one place at a time, and it’s a hassle to schedule it. 

With Exchange 2007, you can configure rooms or resources to be scheduled by the employees of the business.  It’s super easy:

  1. On the server, click Start, and then point to All Programs, Microsoft Exchange Server 2007, and click on Exchange Management Console.
  2. Expand Recipient Configuration, and select Mailbox.
  3. On the right-hand side click on New Mailbox ...
  4. Choose a Room Mailbox if you are configuring a meeting room, or an Equipment Mailbox if you are configuring a piece of equipment like a car or a camera, and then click Next.image
  5. On the User Type screen, choose New User and click Next.
  6. On the User Information page, enter the name of the conference room, I chose “Conference Room 1” with a username of Conf1, and give it a strong password you’ll remember, click Next.
  7. Verify the alias is Conf1 on the next page, and browse to a mail database (there is only one on SBS) and click Next and New on the next page.

At this point, your meeting rooms will tentatively accept all of the meetings and you can see where they are booked and not booked:

image

If you want the meeting request to auto-accept/auto-decline based on availability, you need to crack out the good ol’ powershell:

  1. Click Start, All Programs, Microsoft Exchange Server 2007, and launch Exchange Management Shell.
  2. Type in Set-MailboxCalendarSetting conf1 –AutomateProcessing:Autoaccept (where conf1 is the alias you defined above)

Now the Conference room will automatically accept anything that doesn’t conflict, and automatically decline anything that does conflict. 

image

If you want to learn more about what you can do with Resources and Equipment, there is an outstanding blog post at You Had Me At EHLO: Resource Scheduling in Exchange Server 2007.

Thursday, October 23, 2008

How Folder Redirection is different in SBS 2008

SBS 2008 treats folder redirection on a per user basis, instead of a per network basis like 2003 did.  What this means is that out of the box, the folder redirection policy applies to an empty security group (Windows SBS Folder Redirection Accounts).  This means that any user added to this group will get their folders redirected to the server for data protection purposes.

You can either add users directly to the security group, or use the handy UI on the Users’ Tab called Redirect folders for user accounts to the server.

image

By simply clicking on the User Accounts folder, you can choose which users have their folders redirected.  Additionally, as you can see above, you can choose what you want redirected.  We do not redirect the Start Menu by default, because if a client moves to a new PC, and that new PC doesn’t have the applications installed, the start menu is full of unknown icons.  Ugly!

Wednesday, October 22, 2008

Do I absolutely have to run DHCP on SBS 2008?

When running the Configure E-Mail and Internet Connection wizard in SBS 2003, you had the option to run DHCP services on the SBS server, or leave it on the router within the network.  There was no guidance one way or another, it was a choice you had to make to complete the wizard.

With SBS 2008, we provide guidance.

The guidance is that you should run DHCP on the server.  Why?

  1. Microsoft builds, and has been building a really high quality DHCP server built into Windows Server since Windows NT 4.  Why not get one of the highest quality DHCP servers on the market for your network?
  2. The SBS team can ensure your DHCP server is set up correctly on SBS, making sure there are no duplicate IP addresses, and that the exclusion range is set up correctly for the server’s IP address
  3. If you feel comfortable in the DHCP management UI, you can set up reservations to make sure the same clients get the same IP address.  This is handy for printers, or other things on your network that may act like servers, but you don’t want to manage the static IP address
  4. If you’re logging in remotely, you can see which clients are online by which ones have IP addresses in the DHCP management console.  You can also see the clients IP address right in the console, so it makes it easy to find clients on the network, especially if you are remote.
  5. DHCP uses limited resources and has essentially no impact on the server’s performance

If the above 5 reasons aren’t good enough for you, and you absolutely must run the DHCP service on the router, here is how you do it.

  1. Close the Windows SBS Console, and cancel the Connect to the Internet Wizard if it’s running
  2. Click Start and go to All Programs and expand Windows Small Business Server
  3. Click on Windows SBS Console (Advanced Mode)
  4. On the Network tab, select the Connectivity sub-tab
  5. Click on Start DHCP (image).
    1. At this point, the DHCP services will be forced to start.  Since you have another DHCP server running on the network, the DHCP service will stop itself, and log an event in the Event Log about how it can’t start because there is another non-authorized DHCP server on the network.  This is ok.
  6. Immediately click the same button, this time called Disable DHCP (image ).

Now the networking components of the server will ignore the fact that the DHCP service is not running, keep it disabled, and let you proceed with the Connect to the Internet Wizard without having to disable the DHCP services.

IMPORTANT: Please do not call Microsoft support with an incorrectly configured LAN DNS.  Make sure you make the SBS’s Internal IP address the primary DNS in your 3rd party DHCP server configuration.

Finally, the server is still going to alert you that DHCP services aren’t running, so to fix this:

  1. Flip on over to the Computers sub-tab on the Network tab.
  2. On the right, click on View Notification Settings.
  3. Uncheck the DHCP Server notification, and click OK.

image 

Now DHCP services is no longer running on the server, and SBS will be fine with that.  As a final note, please only do this if you have no other way around it, and if you’re familiar with your router UI to set it up correctly.  If not, just disable DHCP on your router, and we’ll take care of the rest!

Tuesday, October 21, 2008

“Fix My Network” Wizard in SBS 2008

In the previous version of SBS, the Configure E-Mail and Internet Connection Wizard (CEICW) could be run again and again and again ... and again.  If you had an issue with networking, you’d run the wizard as many times as you wanted to reset to the known SBS defaults.  With 2008, we provided a wizard for exactly this case, called “Fix My Network” wizard.

image

The wizard is designed to detect known problems on your network, and then give you the option to fix them or not.  There are roughly 70-80 different checks and fixes that it does.  Some important things to note:

  1. The fixes may have dependencies.  For example, if the wizard detects that the DHCP services are stopped, it will report that, but won’t be able to check the configuration inside the DHCP service, because it’s stopped.  So, it’s important to run this wizard a few times, until you’re happy with the issues it’s finding/not finding.
  2. If you replace your router on your network, or change your router IP address, you should consider running the Connect to the Internet Wizard first.
  3. The wizard is designed to bring the network back to a “known good” working state.  So any custom configuration will be un-done.

Now that you know how to use the wizard, what exactly are the things we keep an eye on?  Well, to know exactly, you will have had to work on the wizard, but here is the high level.

  1. Network Cards
    1. Disabled Network Cards
    2. Additional Network Cards
    3. Duplicate IP, Missing IP, Extra IP addresses
    4. Incorrect DNS, Gateway and subnet settings
    5. NIC unplugged from the network
  2. DHCP Configuration
    1. DHCP Enabled and running
    2. DHCP scope settings
    3. DHCP IPv4 and IPv6 settings
  3. Local DNS Configuration
    1. Missing Zones
    2. Invalid Names and domains
    3. Missing records
    4. Reverse Zones invalid or missing
  4. Internet DNS (if with a domain name partner)
    1. Missing Records
    2. Missing or incorrect credentials
    3. Domain configured and in good standing with provider
    4. Dynamic DNS client is configured correctly (if running)
  5. SSL Certificate Configuration
    1. Invalid Root and Leaf Certificates
    2. Invalid Certificate installation package
    3. Certificate installed on IIS
    4. Self-Issued certificates expiring or invalid
    5. Certificate authority is installed and running
    6. Trusted Certificate installed and valid
  6. Router Configuration
    1. Gateway can be reached
    2. Internet can be reached
    3. UPnP (if available) port mappings
  7. VPN (if enabled)
    1. Firewall configuration
    2. RRAS service enabled and running
    3. VPN default Policy is in place
  8. E-Mail Configuration
    1. SMTP connectors configured correctly
  9. IIS Configuration
    1. IIS is enabled and running
    2. Host headers are configured correctly

A Common Question

Question: Does SBS support NIC Teaming?

Answer: The core OS supports it, but not the SBS wizards, it’s recommended you configure your network with a single network card, and then set up the team afterwards.  Microsoft Support mentions they may ask you to disable the team for any troubleshooting.

Monday, October 20, 2008

Windows SBS 2008 Spanish, Dutch, French, Polish RTM

Hola! Hello! Bonjour! Witajcie!

Today marks the day when SBS 2008 starts shipping localized versions. SBS plans to release in 18 different languages, the second 4 countries that will be available are: Spanish, Dutch, French, and Polish.  They have released today and will be available as soon as possible.  I’d suspect anywhere from 1-5 months after the English version is available.  We can’t control the fill of the channels.

Don’t forget the Product Launch on November 12th, for details, visit the Dream Server Launch Site!

Friday, October 17, 2008

Windows SBS 2008 Advanced Console

By default, when the console opens when you log in, the Console is in normal mode, not advanced mode.  But there are extra buttons and gadgets in the advanced console for you to play with. Simply close the console, and open the Advanced console:

image

I bet your wondering what the differences are.  Well, they are very subtle:

Users & Computers Tab

  • Users Sub-tab: Link to open Active Directory Users and Computers snap-in.

Network Tab

  • Devices Sub-tab: Re-install the Fax service
  • Connectivity Sub-tab: Start/Stop DHCP services (use this if you absolutely must use DHCP on the router)
  • Connectivity Sub-tab: Manage DNS Snap-in
  • Connectivity Sub-tab: Manage DHCP Snap-in
  • Connectivity Sub-tab: Manage Certificates Snap-in

That’s it.  Some added links for you to make management simpler.

Also, for your convenience, there is a “Native Tools Management”, which includes many of the native tools you might need to troubleshoot, or make any custom settings.

Thursday, October 16, 2008

Windows SBS 2008 Best Practice Analyzer

`

Due to the overwhelming number of downloads for the SBS 2003 Best Practice Analyzer, the product team, and support team has worked extra hard to get the 2008 Best Practice Analyzer out before the general availability of the product on November 12th.

So, if you’ve already got your SBS 2008 server(s) up and running, you can start immediately with the Windows Small Business Server 2008 Best Practice Analyzer.

To download, click here.

Officially announced on the Official SBS blog.

Understanding Windows SBS 2008 Anti-Spam/Virus updates

[This post co-authored with Steven Goddard]

Exchange Server 2007, bundled with Forefront Security for Exchange that both come with SBS 2008, you get a lot of protection on your e-mail.  But how does it actually work? Let’s break it down.

With Exchange 2007 only

If you only have Exchange 2007, without Forefront Security for Exchange (FSE), then with SBS 2008, you get the Exchange Standard CAL.  This CAL entitles you to content filter updates that are published every two weeks via Microsoft Update.  You can reference this TechNet article for more information on this.

With Exchange 2007 and Forefront Security for Exchange

If you chose to install Forefront Security for Exchange during SBS setup, you are entitled to more regular updates (You can also do this with an Exchange Enterprise CAL, this is not included with SBS).

When checking multiple times a day, you get the IP Repudiation Service Data (an IP Block list that is offered exclusively to Exchange 2007 customers), spam signature data, as well as the content filter updates.

Make sense? If not here is some extra reading on TechNet.

Note on un-installing: If you choose to un-install FSE after the trial, you are no longer entitled to updates more than every two weeks.  You will have to do this manually.

SBS Specific Information

If you install FSE during SBS setup, then you get the anti-spam updates multiple times a day.  However, FSE asks Microsoft Update, which on your machine is WSUS (if you left it installed).  WSUS only asks the actual Microsoft Update, once/day.  So you are still ahead of the two week standard server, but you aren’t at your multiple-times-per-day, so you may want to consider changing your schedule, if this is important to you.

Data Usage Note: If you pay for bandwidth, it’s important to not that each signature download is roughly 6MB, and with this happening multiple times a day, you could be using more data than your used to.  On the second paragraph of this TechNet article, it talks about how it checks for signatures multiple times per hour.  Make sure to adjust the schedule to meet your needs (and in some places, budget):

image

Thanks to Philip for pointing out the confusion between Exchange 2007 and Exchange 2007+FSE, and to Wayne for pointing out the download size.