Thursday, June 30, 2011

Using the new Office365 with SBS 2011 Essentials

Over on the Official SBS blog, they have a new post about how you can use Office365 with SBS 2011 for a better together story.

SBS 2011 was designed from the ground up to work with hosted versions of Exchange and SharePoint, such as Office365, or BPOS. But you don’t need to wait for any integration pieces to be in play, you can get started today. Check out these videos for more details:

What you can do Today

What you can do with the Office 365 integration module

Wednesday, June 29, 2011

The Basics of Local DNS for Small Business Server 2011 Essentials

[Post idea courtesy of Robert Pearman, MVP]

If you’ve used Windows Small Business Server in the past, you’ve probably figured out exactly how DNS works. With the SBS 2008 and SBS 2011 the Connect to the Internet Wizard would analyze your network and determine a static IP address to use, and then ensure you like it before making it the server’s IP address. Then as we all know, the DNS server runs on SBS and resolves local network addresses, like “domain.local” or “server” or the internal fully qualified domain (FQDN) “server.domain.local”

Since SBS 2008 and SBS 2011 are DHCP servers by default, that means they hand out IP addresses, and the server’s IP as the DNS server. DNS works flawlessly in such an environment. Internet based addresses (such as are first sent to the SBS box for resolution, and then forwarded on to the ISPs DNS servers for name resolution.

Ultimately SBS is a middle man in the peer to peer DNS infrastructure and gives the full power of DNS to the local network

So how is SBS 2011 Essentials Different?DNS!

SBS 2011 Essentials doesn’t assign itself a static IP address, and it doesn’t have a Connect to the Internet Wizard. Essentials will automatically connect to the Internet just like any client computer, using the DHCP assigned address. It does however use its local DNS server to resolve both local and Internet based names by overriding the DHCP assigned IP address to (localhost). If you dig into the DNS settings, you’ll notice that the DNS Server picks up the routers IP as a forwarder. Routers by default will hand out their own IP as the DNS Server and proxy DNS out to the WAN configured (usually DHCP but sometimes services like OpenDNS) DNS servers. This means that if the server were to ask for an Internet based address, like, it would forward that request to the router, which would intern forward it to the ISP, which could hopefully resolve it for you.

Clients on the network also still need to use the SBS DNS Server in order for Active Directory to work, or to resolve the server and other services on the network (for example, client backup doesn’t work unless DNS is operating correctly). Clients *also* get their IP and DNS Server from the DHCP server, which in Essentials, by default, is the router. This means that the DNS server is the router, essentially skipping the SBS name resolution step. Once the client goes to http://server/connect, a service is installed called LAN Configuration Service. This service monitors client IP address changes, when the client gets a new IP (ie, it turns on, or it changes locations) it immediately sends out a UPnP query looking for the server (note, this only works on single subnet environments). If a server is found, the DHCP assigned DNS address is overwritten by the server’s IP address (obtained in the return call from UPnP). If no server is found, the DHCP DNS assigned address is kept.

This means that client computers get the SBS DNS address within the SBS network, but the DHCP assigned address at a place like StarBucks. Clients can always resolve the Internet, and inside of the SBS network, they can also resolve the SBS server and Active Directory domain.

Now, for those paying attention, you’ll have recalled that the SBS server’s address is also DHCP assigned, which means it can change if the router deems it necessary. There is a similar service on the SBS server that will broadcast when it’s IP address changes, the clients on the network pick this up and update DNS, the clients off the network will just re-do the process above to get the right IP address.

A side-effect/pro of this design over the SBS 2008 or 2011 Standard design is that if the server is down for patching (we all know how long those reboots take), or another reason, the client will revert back to the DHCP assigned address after a short period of time and can continue to resolve the Internet until the server comes back online.

Can I set things up the old way?

Of course you can. SBS 2011 Essentials is still a full blow copy of server, and all the power that you’re familiar with is there. You can just jump into the NIC settings on the server and give it a static IP address of your choice. No problems there.

Additionally, if you absolutely wanted to run DHCP on the SBS Essentials server, no problems there either, simply open up the Server Manager, install the roll and configure DHCP. Don’t forget to turn off DHCP on your router, and away you go. If you’re not familiar with DHCP settings though, I suggest you leave it the way it was.

Friday, June 17, 2011

How to Manually Configure SBS 2011 Essentials Internet Domain Name

Back in SBS 2003 timeframe, having an Internet domain name for remote access to your server started to become more and more essential. With the SBS 2008 product, we added the ability to work with domain partners directly inside of the product to obtain that domain name, and also configure it. This same methodology was moved to SBS 2011 Standard product, and with the birth of Essentials, only later this year, we added the ability to also get your SSL Certificate as part of this process. Moving away from the self-issued certificate, which while can be configured correctly to work, causes a lot of work pushing the root certificate around to all the remote PCs and devices that possible connect to the server.

I believe the best path to success for you is to have your domain with one of our domain partners, because the alerts are integrated, and the solution is simple to set up, and you don’t need any additional components like 3rd party Dynamic DNS clients or static IP addresses from your Internet Service Provider (ISP). It’s a built in Dynamic DNS client, that’s been completely tested by both our 3rd party vendors as well as the Microsoft test team.

However, if you must manually configure your domain name, In SBS 2011 Essentials, the path of manually configuring your domain name is more hidden, and I wanted to share with you how to do this. First off, your domain name cannot be with GoDaddy or eNom if you want to manually configure your domain name. We optimize for the automated cases as mentioned above. So let’s get started in manually configuring our domain name.

  1. Open the Server Dashboard and click on the Server Settings link
  2. On the Remote Web Access tab, select Turn On

Server Settings

  1. Choose to configure the router, or skip the router configuration. If your router does not support the UPnP based configuration protocol, or you have and want UPnP disabled; it’s recommended that you skip the router configuration. If this is the case, you should
    1. Create a DHCP reservation for your server in your router’s DHCP server (or other DHCP server on the network) such that your server gets the same IP address every time.
    2. Open at a minimum port 443 from the Internet to the router using the TCP protocol (UDP is not needed). If you do not wish to educate users to type in https://, then you should also open port 80 to the same internal IP address. The server will automatically redirect http:// requests to the secured by SSL https:// URLs
  2. When you have finished the router configuration portion of remote access, you should choose to Set up your domain name.
  3. Click Next on the Getting started page of the wizard
  4. When manually configuring a domain name, the server assumes you already own it. Thus in the Do you own a domain name page of the wizard, select I want to use a domain I already own and type in the name of the domain, eg.
    1. Note: if your domain name is with eNom Central or GoDaddy, you’ll be asked to use that service instead of manually configuring your domain name.
  5. On the following page, select Set up my domain name manually, and click Next.
  6. On the following page, you will be shown a help topic on how to set up your domain name manually by clicking the I want to set up my domain name manually link.
  7. Outside of the wizard, to setup your domain name, you’ll have to log into your domain name provider and make the following changes:
    1. Create an A record called “remote” (if you choose to use that points to the static IP address of your server
    2. Ensure that your IP address from your ISV is static (doesn’t change). If this is not an option, you can look into a 3rd party dynamic DNS solution and ensure that that’s updated. If you go with the Dynamic DNS option, then (a) above should probably be a CNAME to the URL provided by the Dynamic DNS company.
  8. Once you have completed the above step, confirm that your domain is set up, check the box and click Next.
  9. Next you will need to have a certificate for your domain name. This certificate will secure web traffic to your domain. It’s VERY important that the certificate name ( matches the A record you created above. Without a match, your users will get a certificate warning (you can change the “remote” using the Advanced button:

Set up a Trusted SSL Certificate

  1. This generates a certificate request. You’ll have to find a certificate provider (Both GoDaddy and eNom Central offer low cost certificates for use) and follow their instructions on how to get a certificate. They will need the certificate request string shown in the wizard below. To copy this into a webpage, simply press the Copy button and paste it into the certificate providers webpage when asked.

Generate a certificate request

  1. Most inexpensive certificates are issued immediately, but if you live in a country that doesn’t do this, or you purchased a higher end certificate, you might have to wait. I do want to take a second and tell you that yes, you do only need the cheapest of certificates. The SBS team has gone to a great deal of effort to ensure that you only need the cheapest security aspect, with no multi-name or wildcard certificates needed. If you choose to upgrade, it should be for another reason than those mentioned. So if your provider needs more time, just tell the wizard and follow the instructions

SSL Certificate request in progress

  1. Once you have the certificate string, or file, you’ll have to import that into the server using the next page of the wizard:

Import the trusted certificate

  1. Now you’re finished, and your domain name is set up.

You know you’re correct when on a computer outside of your network you type in NSLOOKUP (replacing your domain name here) and it returns the static IP address of the external IP of the router (the one your ISP gives you), and that when you browse to, that you don’t get a certificate warning when the logon page comes up. This ensures you have both the router port 443 forwarded correctly, and that the certificate is installed correctly. Additionally, all the errors in your dashboard should disappear, if they were there in the first place (this can take up to 30 minutes for these alerts to clear)

That’s all there is to it!

Thursday, June 16, 2011

SMB MVP Community Roadshow

HP and Microsoft have joined together with our Most Valuable Professionals (MVPs) to visit 66 cities in Canada, Australia, Europe and of course the United States.  They are touting it as a real-world experience and advice talk by the MVPs who live and breath the product ever day.  No marketing talk!

Kevin and Dana give it to you straight.

Kevin Beares and Dana Epp talk about SMB MVP Community Roadshow

These guys brought down the house in Vancouver, BC tonight.  Tomorrow night they hit up Victoria, BC.  Then are out to talk to you, in the rest of the world!

Register for the roadshow nearest you

Tuesday, June 14, 2011

Windows Phone 7 Add-in for SBS 2011 Essentials and WHS 2011 (Release Candidate)

Today the Release Candidate of the Windows Server Solutions Phone Connector for Small Business Server 2011 Essentials (aka Integrating Windows Phone 7 with your SBS 2011 Essentials Server) is available


The purpose of this Add-in is to enable Remote Server Management tasks for SBS 2011 Essentials including


After you complete the authentication steps with the server that you are trying to connect to, an alerts listing is the first panorama item that the application launches into. This feature brings the Alert Viewer that you know from the server, to the phone.

If an alert is displayed white, it is active and included in the alert count. If an alert is dimmed, that means the alert is disabled, and it is not included in the alert count. Any alert item can be clicked to view the full alert text just as on a computer. Contextual menu options include enabling or disabling an alert, and performing a repair action if one was assigned to this alert.


The user-panorama item performs basic user management tasks, including:

  • Viewing user account details
  • Enable or disable a user account
  • Change a user account password

If you disable a user account, that is a reversible action. The moment a user account gets disabled, it causes the same effect as it would if you disable it by using the dashboard. The user’s access to Remote Web Access, the phone application, and any server resources is turned off.


“Devices” is a panorama item that lets you:

  • View server-joined computer and Mac details.
  • View the backup status that every device last reported to the server.
  • Start or stop a backup for any computer or the server (from the contextual menu).

Live Tile Support

If you pin the application to the home screen of your Windows Phone 7, you will be able to see a variety of at-a-glance information without launching into the application. An opt-in using the settings menu is required.

The at-a-glance information includes:

  • Count and type of network health alerts.
  • Percentage of storage use of your main disk.
  • Server name sending this information.

The Windows Phone 7 application requires both a server sided add-in to be installed on the SBS 2011 Essentials Server, as well as Windows 7 Phone application downloadable via marketplace.

If you end up getting the Windows Home Server version, you’ll also get live media streaming

Media Support (Home Server Only)

The Media panorama lets you discover and view streams of media elements that you stored on your server in the appropriate shared folders (such as Music, Video and Picture shares).


MP3 non-Digital Rights Management-protected songs will be streamed directly from the server to your phone. Album art is also transported. Your library is searchable and can be organized in different views to help find what you want fast.





“Pictures” has a variety of functions:

  • Discover all .png and .jpg images that are stored in the Pictures shared folder on the server. Subfolders are recognized.
  • Open a picture full-screen to view it on the phone.
  • Save a copy of the picture to the phone, using its original dimensions and resolution  (to be viewed later in the built-in Pictures hub of any Windows Phone 7).
  • Take a picture with the phone’s camera and upload it to the server.
  • Upload any picture that is stored in the Pictures hub of the phone to the server.


The “Videos” feature allows you to discover and view videos that are stored on your server in the Videos shared folder.

Even though discoverable by this feature, the variety of video formats is high and not all formats can be streamed. For details about which video formats can be streamed from the server and accepted by the phone, see Supported Media Codecs for Windows Phone.


For further information, and access to the downloads to start testing today please visit the SBS Connect Site, or WHS Connect site depending on your product.

Please note this is a release candidate and as such is for testing purposes only.  Link Back to the Official SBS Blog Post.

Thursday, June 02, 2011

First Preview of Windows 8

If you’ve been living in a cave since yesterday afternoon, this video is for you. Director of PM, Jensen Harris, has revealed the first look at Windows 8.

Building Windows 8–Jensen Harris

Jensen talks about the “Tile” and “Multi-Tasking” designs of the Windows 8 new shell.  Using Tiles, similar to Windows Phone 7, allows for more space for the app to bleed out goodness (personality as Jensen calls it), and give you active views.

The other slick feature I liked was the multi-tasking, the ability to flip seamlessly between apps, or show two apps at the same time, something that the iPad doesn’t do today.

Finally, the “thumb mode” on screen keyboard is *amazing*, I can’t tell you how frustrating it is to have to stretch your thumb to the middle of the screen… now designed for your thumbs….

Well, enough typing, check out the video!