Mick Huxley

The Changing Face of Infrastructure Part 3

The first post in this series I discussed the employee vs employer owned workstation (laptop) and the centralised vs distributed VDI infrastructure.  In the second I spoke about Server Virtualisation in the Enterprise.  This post I will take up where I left off and discuss the Private Cloud.

Cloud computing is not a new concept, it is simply a new way of looking at existing infrastructure.  To start I will define what I mean when I discuss these concepts.

Firstly the “Cloud” is a highly available infrastructure which can either be used to host services, infrastructure or software either for a private Enterprise or as a public hosting platform.

The “Private Cloud” is a Cloud for use by an Enterprise solely for the purpose of running their Infrastructure and Software.  Whilst some servers hosted in the Private Cloud may offer external services, such as a corporate Internet site, FTP, SharePoint or Business 2 Business portal, the Infrastructure is owned and run for the sole purpose of the Enterprise. 

The “Public Cloud” is a hosted platform which provides services to customers.  An example of a Public Cloud is Amazon’s EC2 (Infrastructure as a Service) , Microsoft BPOS (Software as a Service) or even Gmail (Application as a service).  Each of these offerings provide a different layers of compute to the end user.

A Private Cloud is really just new terminology to refer to a dynamic datacentre.  The biggest challenge with cloud computing is the management of the Infrastructure hosting the platform and the applications, services and servers which utilise it. 

The idea of a cloud is that it is highly available and the only way to provide high availability is to distribute the Infrastructure across multiple sites to remove Single Points of Failure (SPOFs). Ideally a cloud should have no SPOF’s however this isn’t possible because at some point the Earth becomes that SPOF.  Generally most SPOF’s can be removed by simply increasing the distance between datacentres, however be aware of International Borders, and Earthquake Fault Lines can sometimes add a level of complexity.

Inside the datacentre Server Virtualisation is the key, I covered the benefits of virtualisation of Part 2 and so won’t cover it again here.  Whilst Server Virtualisation is the corner stone of a private cloud, for the cloud to be dynamic many other technologies need to introduced. 

The first technology is monitoring.  Monitoring is more then just a simple is a server up or down.  All monitoring applications will also provide details about services, processes, monitor performance and even alert based of event log entries.  However the real benefit of monitoring is the ability to recognise trends in Infrastructure health and performance and use the data to proactively resolve issues before they cause outages.  The data can also be used as a trigger to further investment in Infrastructure as the existing server resources and storage are utilised. In the world of public cloud providers monitoring is also tied into the billing system where the user pays for the clock cycles they use. 

Management of the Infrastructure needs to be flexible and dynamic and allow for users with differing levels of Administrative control.  For the datacentre Administrator the ability to create, destroy, power on / off, move VM’s between hosts etc. needs to be a seamless activity that can be controlled interactively or scripted and scheduled as required.  For end users there maybe a requirement for a provisioning portal to spin up and destroy VM’s as required for projects.  This ability though adds more complexity again.

Once a server has been spun up in the cloud the virtual instance needs to be managed though lifecycle.  It needs to be licensed, backed up, have the correct anti virus settings applied, monitored and patched, domain joined and basically managed like any other server in the environment.  All of these activities need to occur with the little or no manual work by the Datacentre Administrator.

Having discussed at a high level the idea of a cloud and some of the technologies required for a private cloud it becomes clear that the biggest requirement when building a cloud isn’t technology but process.  Without process and strategy many Organisations suffer from server sprawl as spinning up a new server no longer requires a CAPEX.

In the next post I will dive into a few of the products that I’ve used and discuss how their use can increase the ROI of a private could.

Why I Love My iPhone

The smart phone market is heating up with the launch of Andriod 2.1 from Google running on HTC hardware and called the Nexus One.  Late last year Microsoft release Windows Phone 6.5 and again HTC is the hardware of choice for running the platform.  In the background is the iPhone 3G and 3GS. 

In the last two years for work I’ve had a Palm Treo 750, HTC Dopod 838 Pro and currently a HTC Touch Pro.  In previous lives I also used Blackberry devices.  For a corporate device I don’t believe that you can go past the Blackberry devices.  (Note : I haven’t used Windows Phone 6.5 so can’t speak for it).  In a work device I really want a device that does the following:

1. Is a phone that is easy to use, easy to look up contacts make calls etc..

2. Is easy to SMS

3. Has Bluetooth

4. Is easy to read and compose emails

5. Manages and makes good use of Contacts and Calendar items.

6. Has Over the Air (OTA) sync ability to my Exchange mailbox.

That’s it.. Ideally if a Bluetooth PAN can be configured for Internet access that’s a nice bonus but really the above list of 6 is all I really need and use for work.  I find Windows Mobile is very clunky for dealing with contacts and some email work, particularly if you have a lot of folders in your mailbox.  Worse still is the TouchFlo 3D on the HTC devices.  This interface (which I disable) is extremely resource intensive and not intuitive at all.  I will caveat the above comments by stating that the device running Windows Mobile has a large impact on the performance of the OS.  I have found the Touch HD is a much nicer device then the previous two, the PALM particularly.

Of course the features mentioned above are in the context of a user and not an IT Professional.  The device must also support Full device encryption, Remote Wipe etc.. All the functions of ActiveSync that I need to ensure the data security of my employer.

Now let’s move onto the iPhone.  To be far I’d like to start by looking at the list above.  It is very easy to make calls and handle contacts, has Bluetooth and is licensed for Active sync.  However I find Calendar and email is a little underdone and the IT Pro features, whilst improving, aren’t there yet.

But… as a personal device the iPhone is possibly the best device I have ever owned.  First and foremost it has a large market share, which results in a large number of developers and a large number of apps.  I contently use Shazam (records a portion or a song and it returns the title and artist), Facebook, LinkedIn, Tweetdeck, BOM Radar, Trip View (Sydney Public Transport info), UrbanSpoon and Around Me (for finding restaurants etc..) Flickr, e-buddy (Messaging App that hooks into MSN, Facebook, Yahoo etc..), Foxtel Guide to view the guide and remote record to my iQ, Cricket Live and F1 Live Timing 2010.  Don’t forget it’s also an iPod and runs Safari for some Web Surfing.  Also a number of companies have iphone versions of their sites (detected with cookies) which improves the web experience.

The bad side of the iPhone is that iTunes is the interface and I’m not a big fan and also the size of the updates.  Rather then releasing ‘meta’ updates each update is a full OS load of about 330MB.

Moving forward I’ve got a big decision come December when my contact is up as to whether I will get a new iPhone or another device.  If I was making the decision today I’d probably hang onto the iPhone for another few months and wait and see how the Nexus One and Windows Phone 7 looks.  Personally though I find the iPhone easy to use and the number of apps is awesome with over 100,000 in app store compared with < 20,000 for WinMo.  I do believe it’s the apps and interface that makes the iPhone such a great device, but probably not for the Enterprise.

A Year in Review

As we call in the end of the year it’s worth looking back at some of the product launches for the year initially and then some major events that made 2009 in IT.

1. Microsoft Windows 7

I doubt you’ll find anyone who wouldn’t put the launch of Windows 7 at the top of their list.   Many regard Windows 7 as the OS that Vista should have been.  However without Vista, Windows 7 would not have been what it is.  Arguably the most important operating system release since XP Windows 7 has received acclaim from Industry experts and IT Professionals across the globe.

2. Exchange 2010

Despite the name Exchange 2010 launched this year and includes a number of architectural changes from the previous version.  Firstly the storage engine has been re-written to improve the performance of Exchange on low cost Enterprise SATA disk.  High availability has also had a major work with the introduction of Database Availability Groups (DAGs) and MAPI on the Middle Tier.  From a client perspective speech to text voicemail, moderated DL’s, mail tips and Enterprise availability sharing through the Microsoft Federated Gateway add some nice new features.

3. Windows Server 2008 R2

Built on the 6.1 Kernel (the same as Windows 7) Windows Server 2008 R2 is significant as it’s only available as a 64-bit release.  Windows Server 2008 R2 also introduces new Active Directory features, and a bunch of new features such as Direct Access and Branch Cache, that make Windows Server 2008 R2 and Windows 7 better together.

4. VMWare vSphere 4.0

vSphere is an important release and the new name of ESX Server.  vSphere and vCentre have introduced features including thin provisioning and integration with Nexus completely integrating the Virtual Infrastructure seamlessly with the datacentre.  Additional features also include Distributed switching and Fault Tolerance.

5. Microsoft Security Essentials

Put very simply, it’s a free Anti Malware solution for Windows.  I’m using it on multiple Windows 7 and Windows Vista boxes and for home environments I strongly recommend it.

6. Forefront Threat Management Gateway

The update to ISA Server, TMG is the first gateway solution from Microsoft that runs in 64-bit.  I won’t dive into TMG too much at this point as I’ll be posting about it shortly.

7. 64-bit

64-bit computing is not new however 2009 and particularly Windows 7 has started to get a lot of home users and Enterprises considering the move to 64-bit in the datacentre and on the desktop. 

8. Twitter

Twitter moved from the corner of IT geeks and celebrities further into the mainstream and if Ruby Rose’s comments are anything to go by it’s now on the way out.  The micro-blogging service has changed the way many communicate.  If you want to know what’s happening get on Twitter.  If you want to find out what’s already happened enjoy Facebook.

9. The NBN.  How could I leave the National Broadband Network off the list of the 2009.  To date I believe the NBN has been nothing but a waste of time and tax payers money.  The majority of the news around the NBN has been to do with the members of the board rather then the technology, benefits and costs to the Australian Families.  Personally I think that the NBN will be a disaster unless Industry experts are bought in and the politics and bureaucracy removed.  The NBN whilst new for Australia is not a new concept with countries around the world already providing fast internet access to the home.  More attention should be payed to the technologies already available and in use internationally.  Get it right Rudd, remove the politics and get the right people working on a solution.

I’m leaving it at 9 events and launches for the year as it’s 2009.  Happy New Year all.

The Relevance of Certifications

For many years I was an IT Pro with basically no proof of my skills.  I was a Microsoft Certified Professional in both Windows XP and Windows 2000 Server and nothing else.  I, like many of my colleagues, viewed certifications as worthless.  A piece of paper that shows the ability to read a book and answer some multiple choice questions in an exam room.

What really put me, and I’ll assume others, off certifications was the ease at which they could be obtained.  Though the years I’ve met a lot of people who claim to be an MCSE or equivalent that can’t perform even the most simple of tasks.  Engineers (a term I’ll use very loosely here) who know the text book but have no real world knowledge or skills to back them.  Many may not know but I am a member of the State Emergency Service and one point our Rescue Officer harps on is our ability to take the text book and apply the knowledge, not replicate the knowledge.  He wants us to use the text book for reference but not as a Bible and to be able to adapt techniques we’ve learned and apply them to different situations.  Again the same is true for Certifications, if we all simply followed the guides there would be a lot of Active Directory forests called Contoso, Fabrikam, Tailspintoys or Litwareinc.

One thing that always caught my eye though was the number of presenters at Tech.Ed and alike that had a multitude of certifications.  Often times spanning multiple products and technologies.

In order to get the motivated to do some more exams I had becoming an MCSE 2003 and MCITP : Enterprise Administrator added as meet and stretch targets in my annual career goals by my manager in 2008.  6 months into the year I began exams and finished the year with both certifications.  At the time there was less then 7000 MCITP:EA’s globally.  Since that time I have participated in two beta exams each a PRO series exam for Windows 7 and Exchange 2010, I’m still pending the result of the Exchange exam.

What did this process teach me??  It showed me personally the value of certifications.  I don’t believe that the certifications demonstrate my knowledge in any area, what they do demonstrate is my willingness to study (although I didn’t read a single book for my last 11 exams) and more importantly my interest in new and emerging technologies.  Becoming certified in a new technology soon after launch shows potential employers that I take my career seriously and that I stay ahead of the curve.  It is one thing to talk about reading tech news or watching webcasts, attending events etc.. in an interview, but being able to demonstrate this with a recent certification just helps that little bit more to hammer home the point.

Microsoft particularly have now raised the bar of certifications with the introduction of the Microsoft Certified Architect and Microsoft Certified Masters programs.  Candidates who have successfully completed the requirements of these two programs are the best in their fields.

Moving forward I will continue to certify in new technologies because I believe that it demonstrates my willingness to study and interest in technology.  It also keeps employers happy as certifications = points towards higher Partnership levels with Microsoft.

The Changing Face of Infrastructure Part 2

In my last post I spent some time discussing the potential benefits of both Employee and Employer owned Desktop Virtualisation Solutions either hosted in the Datacentre or distributed and run on the end user hardware.  In this post I’ll cover Server Virtualisation and the the advantages it can bring to the Enterprise.

Like many IT Pro’s I started using virtualisation solutions back in the late 90’s / early 2000’s for running virtual servers on my desktop for training and testing.  It wasn’t until about 5 years ago that Server Virtualisation began to take off and initially it was limited to running legacy servers or development, test and lab environments.  VMWare bought server virtualisation into the mainstream with ESX, a server operating system based on the Linux kernel.  This change significantly changed the Datacentre improving hardware utilisation, management, provisioning, availability and disaster recovery.

For many years I have been speaking with colleagues about Mick’s Laws of Server Management (I will post the list soon).  The first law is “Single Server, Single App, Single Purpose”.  This law simply states that a single server should never host multiple applications.  Whilst there are some exceptions, such as an Active Directory Controller also hosting DNS, DHCP and WINS, it stands true most of the time.  This law was designed to improve availability of services as a file server that also ran the backup software might need a reboot to fix an issue with a tape device which would also require an interruption to file sharing.

The downside of the first law is utilisation and cost.  Buying server hardware to host applications that only required limited resources is an expensive exercise.  These servers often spent a the majority of the time idle whilst using valuable power, rack space and cooling in the Datacentre.  This is the first advantage of a virtualised server infrastructure.  By running these small applications servers as Virtual Machines (VM’s) I can collocate the server instances on one physical server and maintain an average of 60-70% utilisation rather 5-10%.  Whilst this may appear to increase risk as a hardware failure would now result in a multiple server outage, there are technologies which allow for automatic failure in the event of a disaster. 

Years ago a number of servers in the Datacentre would never have been made highly available.  Clustering and replication technologies were expensive and limited to a handful of Tier 1 applications, maybe Email and or ERP solutions.  Server Virtualisation gives every server high availability.  VMware ESX and Microsoft Hyper-V 2008 R2 have the ability to move VM’s seamlessly between hosts.  Let me explain this a little more.  When correctly configured I can move VM’s between physical servers.  This process is called vMotion on VMware or Live Migration in Hyper-V.  This allows for protection of the underlying server hardware.  If an outage occurs or maintenance needs to be performed the VM’s can be moved online to another host.  This move requires no downtime and users are unaware of the change.  Unfortunately this type of move won’t be quiet as seamless if a physical server crashes.  In  this example the VM’s would be moved and started on another node but they would reboot.  VMware have a new technology called Fault Tolerance which protects against this type of failure also. 

The next advantage of the virtualised Infrastructure is flexibility.  Using technologies that build on top of Server Virtualisation the ability to not only move VM’s between hosts but also between Datacentres becomes a reality.  Therefore not only providing a high availability option, but also a Disaster Recovery one.

Provisioning also becomes a much simpler process.  If the capacity is available spinning up a new VM can be done in minutes, without the need to raise a CAPEX, quote, order and await delivery of Hardware. 

Development and Test scenarios are also greatly improved from a cost and benefit perspective.  VM’s can be cloned and added to an isolated network providing an up to date copy of a production system for testing and development.  Environments can also be updated faster and more accurately represent their production companions.  Again both Microsoft and VMware have products for replicating test environments with System Centre Virtual Machine Manager and Lab Manager respectively.

The efficiency and high availability of VM’s, ability to move them between hosts or Datacentres, the speed to provision and the duplication possibilities when used together deliver a dynamic infrastructure.  This dynamic infrastructure is refereed to, by some, as the “Private Cloud”.  More on that topic to come in Part 3

smh.com.au Technology articles

The false claims, outright lies and sensationalism of the smh.com.au technology articles has gone too far.  Every article they write about a new technology is how it will power over a competitor and not about a simple review.

Today there are two articles that demonstrate this “Android set to topple iPhone” and “Windows 7 may test Apple’s winning streak”.  I honestly don’t care if Android is better than iPhone or Blackberry or a 15 year old Nokia.  I want to know what it does and how it works.  Likewise with Windows 7 article, paragraph 4. “Microsoft’s Vista operating system, released in early 2007, was plagued by problems and bad press. For Apple, this meant an opportunity that the company seized upon”.  I don’t care who has market share, it’s not an outright competition.  Just review the products as they are and stop wasting my time.

That’s my vent

smh.com.au #fail.

Exchange 2010 RTM

Ironically on the first morning I place an Exchange 2007 Server into production, Exchange 2010 has been Released to Manufacture.  This is a major milestone and one that I’ve been expecting for a couple of months following Tech.Ed Australia.

I’ll be dishing up more valuable information about Exchange 2010 in the coming months.

The Changing Face of Infrastructure Part 1

This will be a series of posts in which I will explore the benefits and misconceptions of the changing Infrastructure and Services model we are experiencing today in IT.  I will cover a number of topics including Cloud Concepts, Server and Desktop Virtualisation and try and connect the business drivers with the technical advantages that each can offer the Enterprise.

Whilst I’m only young I do remember the days of Mainframe computing.  Where the dumb terminals sat on the floor and the grunt processing is performed in the Datacentre.  In this post I will cover desktop virtualisation, the idea of the dump terminal or uncontrolled laptop on the floor either hosting a virtual machine locally or connecting to one in the hosted in the Datacentre.

One of the concepts being floated today is that of removing the end computing IT costs and risks from the Enterprise’s responsibility to the employee.  Here is the example.  I start work at Company Inc.  On my first day my boss and I head down to the local computer retailer with $2000 to spend.  With the $2000 I can buy which ever computer I wish and if I want to put some money in myself and buy a $3000 computer no worries.  Likewise if I already have a computer that meets the minimum requirements I can simply bring that along and pocket my $2000 computer allowance.  The asset as it stands is now mine, not my companies.  I am responsible for the host operating system, it’s updating, anti virus, applications and all data on the host.  Remember these responsibilities as I’ll reference them frequently.

Example 1 – Distributed Virtualisation 

Upon returning to the office with my computer I’m provided with VMWare Player and an ACE image.  VMWare ACE essentially wraps some additional security and policy around images built with VMware Workstation.  I fire up the image on my workstation and the image is domain joined, connects to the corpnet and off I go. 

Advantages :

There is never a need to update this image with new drivers as the drivers are all VMWare specific, so whilst ever I’m using the same version of VMware there is no need to update, unlike laptop and desktop models which change processors etc.. every couple of months.

The image is contained and I can give the employee all the tools required to perform their job, whilst still allowing them to control the host operating system.  They can install software, personalise it etc..

Any data not contained within the VMware image is not a Corporate responsibility, want to put music and movies on the Hard Disk?? No problems the employee owns the asset.

Portability, with VMWare ACE I can put the image on a thumb drive and run it on my home pc at night without having to carry my laptop around.

Disadvantages :

Today there are no real options when we start talking about parent partition separation or a desktop Hypervisor.  What this means is that data from the hosts, including Trojans etc.. can slip onto the virtual image.

If the host is unprotected and connected to my corpnet I need to ensure I have measures in place to prevent the host operating system from connecting to my resources.  This will mean require something like Cisco NAC or IPSEC.  I will also need measures to ensure that an infected host can’t cause an outage through a Denial of Service Attack preventing my Virtual guests or other clients from network access.

If the hosts is compromised I have no control over it and it becomes the employees responsibility to resolve the issue.

Hardware failures are not the problem of the employer, excepting when we start to think about the decline in productivity because there are is no spares pool and each employee needs to wait individually for their asset to be repaired and returned.

When an employee calls the service desk because they either have a problem with the hosts, or require a password reset the Service Desk will simply state it’s not covered by SLA and won’t be able to assist.

Example 2 – Centralised Virtualisation.

In this case the employee will still own the asset but rather then host the Desktop image it will be accessed from the data centre.  In this way we have a few options, we can either provide the employee with a full desktop environment or published applications.  With Windows Server 2008 R2 we can also determine whether each employee will be given a VM from a pool or they will have their own that is simply hosted in the Datacentre.

Advantages :

Unlike the previous example where I had two operating systems on the one piece of desktop hardware and had to allow the guest to access my servers whilst blocking the host, here I can simply block all connections from everybody and simply allow through port 443 to the Remote Desktop Web Server. 

There is no data on the desktop it is 100% hosted in the Datacentre which removes any chance of data loss through lost or stolen laptops.

I can easily backup all of my users data, including that data hosted on their hosted desktop computer.

Requires a lower spec machine as all the processing power is performed on servers in the Datacentre.  This could assist in a migration to an x64 platform.

Disadvantages :

Storage.  I need to keep a copy of all of my virtual desktops on fast, highly available and expensive storage.  Technologies such as de-duplication will assist in lowering this requirement.

If my employees need to work outside the office there is no way for them to maintain a local copy of their applications without purchasing a licensing. 

Again, the employee is owning the hardware so there is no support or spares available.

Of course both of these examples could be changed slightly if the employer owns the hardware.  Then we have support, spares and regain some of that lost productivity.  Let’s quickly review both examples again in the Employer Owned scenario.

Example 1 – Distributed Virtualisation

Advantages

None, that really stand out above those already mentioned.

Disadvantages

I need to support, maintain and license two copies of the operating system.

Example 2 – Centralised Virtualisation

Advantages

The refresh cycle can be extended as the local computer only needs to run a remote desktop session.

Provisioning mean time is lowered as the images are simply cloned on the server and applied to the users.  To upgrade the client operating system I can create the new images, USMT the settings across and then the next morning present Windows 7 instead of Vista to my users.  To roll back simply present Vista again.

Disadvantages

Again, there are no additional disadvantages then those mentioned previously.

Of course there is always the alternative.  Stay the way we are or select a mixture.  There are a number of technologies which can provide just as much control to the physical hardware as their virtualised partners, group policy, my document redirection, offline files, Bitlocker drive encryption, direct access, WSUS and System Centre Configuration Manager, Altiris, CA Unicenter or similar to deploy and control software.  Additionally MED-V can provide distributed desktop virtualisation for specific application compatibility issues.

In summary there is no silver bullet and the requirements of the SME compared with a large enterprise, government or academia will be different.  There are clear advantages to moving some applications into the Datacentre and “presenting” (to use an old Citrix term) them to the user through RDS or Xen.

In the next post I will cover Server Virtualisation and the role it plays in the changing face of Infrastructure, it’s effects on Disaster Recovery and advantages it can present as a stepping stone towards cloud computing.

Tech.Ed Wrap

So the posts slowed down later in the week, due to a combination of socialising and work chasing me down in my spare time.

The full wrap and verdict for this year is disappointed.  Microsoft appear to be suffering through the GFC with a very small contingent of International speakers and even Australian’s present at the event.  This resulted in sessions which were not as diverse as previous years.

My biggest disappointment this year was the lack of PKI or ADCS sessions.  Microsoft has been integrating PKI into everything over the last couple of years.  It all started with Smart Cards in AD and has extended to Exchange, OCS for MTLS, most of the System Centre products, AD RMS, ADFS, Terminal Services and the list goes on.  This is a great move as it provides a great level of security across the enterprise, however the amount of self-signed certificates in use forcing users to select the “Non-Secure” option does more harm then anything. 

A number of Organisations I work with still haven’t implemented a PKI either and not presenting on the topic was very short sighted.

Overall, I’m not sure whether I’ll be back at Tech.Ed next year, but with Windows 7 and Windows Server 2008 R2 on the horizon I’m sure there is still plenty of work to keep us moving.

Tech Ed Day 3

Well despite it being day 1 of the conference proper, I think I did less today then I have covered off in the previous 2 days.  It started with the Keynote this morning, which was presented by a number of different speakers and finished with a few Hands On Labs this afternoon.

This morning I attended a bringing it all together session for Office which covered client integration across SharePoint, OCS and Office and showed a few new features in Office 2010 that I hadn’t discovered.

I then headed off to an Exchange breakout session which tended to cover the same information I had in pre-conf.  From there it was MED-V and Virtual PC 7 and then two HOLS, one on PKI and the other on deploying A/V Edge with OCS.

That is a wrap for Day 3, I’m about to head back to the hotel and work out the plans for the rest of the night…

Tech.Ed Day 2 | Full Wrap

So Tech.Ed day 2 is really now over and I’m back in the hotel room, sorted a MOSS issue and have a minute to myself..

So today..once again the labs in the Exchange 2010 workshop didn’t work too well, to his credit Gordon Ryan was outstanding as a trainer and coped well with the set backs.  All 9’s from me on the eval (labs excluded) although massive thanks goes to Corey (Sorry if i get this wrong… but from Hayes IT) who created the HOL experience.  He came in and explained the Hardware incompatibilities with Hyper-V RTM which forced a change to Hyper-V in Windows Server 2008 R2 which had other issues.  Either way doesn’t matter it was a great 2 days with Gordo so thanks for that.

Tonight was the opening night and it was great to run into both Paul Grant and Wal Komar two friends from Canberra.  Spent some time with David McGhee from Microsoft and also with Dean Corcoran and Roland Leggat from DDLS (DiData Learning Services) talking Win 7 and WS2008R2.  A really great start to the week

On other news through my absolute persistent tweeting today I scored a Windows 7 hoodie.  Check out either #auteched or #shamelesswantahoodyplug for a list of today’s fun with @ohcrap and @themolk.

Tomorrow conference proper kicks in with the key note at 0815.  Sadly I’m already sad that we are two days in.  The week goes so fast.

On a last minute note and this really should be at the top of the blog rather than the bottom but I had the privilege of chatting with Adam from TechNet Edge today.  Awesome guy and really glad he is out here for Tech.Ed Australia.  Can’t wait to see Scott Schnoll speak either.

Tech.Ed 2010 pre-registration is now open and from www.msteched.com you can catch up with all the latest, including some presentations available to non-attendees of the conference. 

Tech.Ed Day 2

So this is the third time today I’ve opened Live Writer and only the first that I’ve been able to start blogging.

Exchange 2010 is good.  My initial favourite features though are still the user interaction components though.  The Exchange Control Panel (User self service), Moderated DL’s and Mail tips.  Would love to see the the ECP become integrated into Outlook 2010.

The biggest thing that I’ve picked up is that only a single 2010 CAS is required to connect to the Microsoft Federated Gateway to organisational free/busy sharing.  This makes deploying the technology easier in the short term.

Welcome To Tech.ED 2009

Well, I’ve arrived and am sitting at Tech.Ed Australia 2009 on the Gold Coast.

I’m just heading into the Exchange 2010 pre-conference training, so I’ll be blogging about it later today.  I haven’t had the chance to install the RC of 2010 yet so I’m looking forward to it.  Also hoping that we will be working on Windows Server 2008 R2 because I haven’t worked with that too much either.

Windows 7 A Week Away

It may seem strange that a Server Architect is more excited about the release of a desktop operating system than it’s server brother but that’s how I feel.  Next week Volume License customers (myself included) and TechNet / MSDN subscribers get their hands on the RTM version of Windows 7, Windows Server 2008 R2 and Hyper-V Server 2.  So why am I excited about Windows 7 and not 2008 R2??  Simple.. it has more chance of getting deployed to it’s full extent sooner.

Many Organisations that I work with are not interested in Hyper-V, personally though, I quite like it.  When coupled with System Centre Virtual Machine Manager it is a great alternative to ESX.  However like all products it has it’s place in the market and until R2 and ‘live migration’ become a reality it’s place is somewhat limited inside the Data centre.

Score check: Windows 7 – 0, Windows Server 2008 R2 – 0

For many organisations that haven’t taken the plunge into full volume encryption, Bitlocker and particularly Bitlocker-to-go offer a great breakthrough.  With key escrow in Active Directory, rapid deployment times and being included as an out-of-the-box product on Ultimate and Enterprise SKU’s it’s a great way to get end point encryption deployed.

Score check: Windows 7 – 2 (Bitlocker and Bitlocker-to-go both score), Windows Server 2008 R2 – 0

Direct Access is a brilliant addition to Windows Server 2008 R2.  Basically it provides an always on VPN.  You fire up your corporate laptop on the Internet and it will tunnel back home and allow you to access devices as if you were sitting at your desk.  The downside is the amount of infrastructure required to get Direct Access working and the investment most Organisations already have in Remote Access so it can’t score a point here.  It also requires Windows 7, so would remain score natural either way.

Score check: Windows 7 – 2, Windows Server 2008 R2 – 0

MED-V and XP Mode in Windows 7 allows for Intel-VT and AMD-V procs to run a virtual Windows XP environment to run apps that are not compatible with Windows 7 inside a VM with full network connectivity making the transition to Windows 7 possible without the immediate requirement to get all the apps either updated or shimmed.

Score check: Windows 7 – 3, Windows Server 2008 R2 – 0

Branch Cache is another cool feature in Windows Server 2008 R2 which basically acts like a WAN acceleration device, think Riverbed or Expand, and caches files which have been accessed across the WAN, speeding up access times for all subsequent users.  Similar to Direct Access it requires Windows 7 and many Organisations already have an investment in this type of technology which rules out an immediate gain.

Score check: Windows 7 – 3, Windows Server 2008 R2 – 0

Staying on Windows Server 2008 R2, Active Directory Recycle Bin and Power Shell AD Administration.  The first requires 2008 R2 Domain Functional level so start upgrading, the second just a single 2008 R2 DC.

Score check: Windows 7 – 3, Windows Server 2008 R2 – 2

Finally at the end of the day I never forget that whilst we are IT Pros or Dev’s we are still users ourselves and therefore need to look at the user experience in Windows 7.  The performance gains over Vista, Jump Lists, search and library functions are enough to keep me happy.

Final score Windows 7 – 4 and Windows Server 2008 R2 – 2. 

Enjoy the RTM trip and I’ll see you @ Tech.Ed

Windows 7 RTM

Yesterday Microsoft announced that Windows 7 has been released to Manufacturing.  This is the next major step in the software deployment lifecycle and represents one of the final stages.  With this announcement Microsoft are confident of meeting October 22nd for General Availability.

Other dates to be aware of are August 6th for all TechNet Plus subscribers, SA customers and MSDN subscribers will be be able to download Windows 7 in English, with the other locales to follow.  For a complete list check out the Windows Team Blog.

AUTHENTIFICATION

Dealing with colleagues from around the globe, the language barrier is always a factor.  Most people are aware of the www.engrish.com which looks at Japanese signs which have translated incorrectly.  My example today is Franglish, a French dialect and the word is “Authentification” which looks like a combination of two English words with almost opposite definitions.

The first word, and the word intended, is Authentication.  Without delving into the exact definition, it is essentially a process which results in a validated proof of identity.

The second word is fiction, again loosing translated to imagination, fantasy and NOT fact.

Herein lies the comedy.. As far as I can make out, the definition for Authentification is a process which validates the proof of a fictional identity.  It is probably how Shrek logs on at DreamWorks each morning.

OCS Install Error 0xC3EC796C

I have been haunted by 0xC3EC796C when attempting to add the first server to my Enterprise Pool with OCS 2007 R2.  After many attempts I entered service accounts with no spaces in the passwords and it all worked.  Not sure if this will fix everyone’s issues but it worked for me.

See You in QLD

Just a quick note… I’m booked in for Tech.Ed Australia 2009 8-11 September at the Gold Coast Convention Centre.  For those looking at attending the early bird registration offers a few hundred dollars off the full price and is available until around July 14.

Windows Server 2008 R2 Availability

Windows Server Marketing, Group Product Manager Ward Ralston has just announced that Windows Server 2008 R2 should be released close to the dates announced last night for Windows 7, that being RTM in late July with a 22 October General Availability. 

WDS Update

Following on from yesterdays post about WDS Errors when using the Enhanced vmxnet adapter in Windows PE, I’m happy to announce that embedding the drivers from VM Tools from ESX 3.5 U4 didn’t work either.

Windows 7 Dates Announced

Microsoft has confirmed in Taiwan during the Computex keynote, that Windows 7 will RTM in the 2nd half of July and hit General Availability (Retail and OEM) on October 22.  This means TechNet, MSDN, SA Customers and customers with Select or Enterprise Agreements should see it on their download portals soon, although no date has been given.

On the Windows Server 2008 R2 front there is still only a date of H2 2009.

WDS Error ESX 3.5 U4

It’s been sometime since I’ve blogged about a technical issue I’ve had to overcome but seeing as I couldn’t find an answer anywhere on the Internet for this one, I thought it best if I shared a little.

I have a WDS Server which is used to compile the build for our Windows Server 2008 environment, however we don’t utilise PXE and so a Media deployment point is used for the majority of installations.

Yesterday I went about updating the unattended.xml using the Windows Automated Installation Kit (WAIK) and validated the file before updating the deployment point.  I’m still developing the Windows Server 2008 SOE and wouldn’t be updating things once they were in production.  When I started to deploy an image, using a Datastore ISO on a new ESX 3.5 Update 4 Server, as the change occurred from the Windows Boot PE environment to the installation phase I received the following error.

Hitting OK I was presented with the failed deployment wizard screen. and the error: Non-zero return code executing command “X:\Deploy\Tools\X64\TsmBootstrap.exe” /env:SAStart, rc = –214746259.

Firstly I went for the easy solution www.google.com and was only able to find a single reference to the error on Ben Hunter’s BDD Blog and the fix listed is to re-import source files on the deployment point.  This didn’t seem like the issue I had, as the install.wim was injected to MDT directly from media and hadn’t been modified.

I decided to take a look through a few of the log files that WDS creates.  This can be done from within the Windows PE environment which the installation had returned too.  I fired up notepad from the command line browsed to the log path X:\MININT\SMSOSD\OSDLOGS, changing the file type to “All Files” displays all the log files in the common dialog.  I thought I’d start with the BDD.log.

No errors in BDD.log and the last command run was the format of the system disk.  Next I opened LiteTouch.log and the last line is “<![LOG[About to run command: “X:\Deploy\Tools\X64\TsmBootstrap.exe” /env":SAStart]LOG]!> and time/date stamp.  I was getting closer as this was the command the returned a non zero exit code. 

On a side topic an exit code of zero indicates that the application or command ran successfully, thus a non-zero means that an error has occurred.

Opening ZTIValidate.log the first line caught my eye. <![LOG[The task sequencer log is located at X:\windows\TEMP\SMSTSLog\SMSTS.log.  For task sequence failures, please consult this log.]

Opening the SMSTS.log I can see some errors about being unable to write logs, then I see the C:\ get formatted, so I assume as the disk hadn’t been formatted when trying to write the logs before caused these errors.  Sure enough following the format the log is able to be saved.  As I continue through the file I can see the steps from the Task Sequence successfully completing, “Inject Drivers”, “Apply Patches” etc.. then I find this error.

<![LOG[Failed to run the action: Install Operating System.  A device attached to the system is not functioning.  (Error: 0000001F; Source: Windows)]LOG]!>

Since this is a VM I figure isolating the hardware should be fairly quick.  To assist in my troubleshooting I decide it would be easier to get the logs of the server and onto my workstation where I could search them easier so I jumped back to the command prompt and checked I had an IP address. 

Hmm a little strange, then I remembered that I had selected “Enhanced vmxnet” as the type of Network Adapter when creating the VM.  That had me thinking that perhaps I should have selected E1000 or built the server without the adapter at all (at least initially).

Taking the easy option I simply “unconnected” the network card and rebooted to restart the deployment.  It once again failed so I completely removed the NIC and it completed with no problems.  Once the deployment was complete I simply added the NIC.  Now things are working, and moving forward I’ll try and get the drivers injected into PE.

Vista and Windows Server 2008 Service Pack 2 RTW and the SVVP Updates

Vista and Windows Server 2008 Service Pack 2 is out and available for download by clicking here.  I won’t run through the features as I’ve blogged about them previously.  It should be noted at Exchange 2007 is fully supported on the platform. 

The SVVP hasn’t been updated to include Windows Server 2008 SP2 but ESX 3.5 Update 4 is there…. still waiting for vSphere to make it’s appearance.

Windows Server 2008 R2 Easy Admin

One feature that was available in Hyper-V server (not Windows Server 2008 with Hyper-V enabled) was a text based config menu to set the IP address, computer name etc… Well this guy is now available in Server Core on Windows Server 2008 R2.  The command is sconfig.exe and allows a text menu based config of all the standard options that previously needed a number of commands (think netsh, net computer etc..) or Core Configurator to be installed.

This will greatly help IT Pros get their Server Core installations up and moving.  Also don’t forget that Server Manager can now be used to connect to remote installations and that includes Server Core also.  All up making Server Core management a little nicer. 

P.S don’t forget that Powershell is there too

Windows 7 /2008 R2 RC and some other releases

Windows 7 / Windows Server 2008 R2 both hit Release Candidate last night (for TechNet and MSDN subscribers).  Whilst most will need to wait for the public release on May 5.

This is a significant release as it marks the end of the development cycle at Microsoft, in terms of features, with the focus now on bug fixing.  I’m yet to download the RC and test it out but if it’s as stable as the Beta this should be a good indication of a fantastic Operating System in the wings and a well needed boost to Microsoft’s reputation following the backlash against Vista.

As for other announcements, Windows Vista and Windows Server 2008 Service Pack 2 has just completed the RC phase and notes around the release are available, no date as yet though.

Along the Service Pack 2 lines, Microsoft Office 2007 SP2 went RTW a day or so ago.  The release addresses some performance issues around start up an shutdown of Outlook among other things.  Seems to be stable enough on my Vista SP1 machine so go and grab it.

Moderated Distribution Lists

How many of us have seen people who are authorised to send to large Distribution Lists make a mistake.  An embedded picture that doesn’t fit, formatting issues, spelling mistakes, maybe the message is sent to the wrong DL??

Well fear no more as Exchange 2010 introduces Moderated Distribution Lists which allow for emails to be approved prior to being sent.  This picture should sum up the options:

I would like to see a tick which prevents members approving their own emails to add extra protection…. however moderators are bypassed by default. 

The moderation model is explained in detail at http://technet.microsoft.com/en-us/library/dd297936(EXCHG.140).aspx

Expect more on some new Exchange 2010 features as I discover them.

Vista in perspective

I will be the first to admit when I first used Windows Vista back in a pre, pre, pre Alpha release I was impressed but by the time the Release Candidate came around I was a little shaky.  It was fraught with performance and compatibility issues and the lack of Administrative tool support really annoyed me.  Furthermore UAC was a technology I wasn’t fully understanding at the time and applications such as the Cisco VPN client were not working for me at all.  But this was, after all, a pre-release copy of Windows and I was to expect that there would be issues.

Fast forward to release, Microsoft Windows Vista RTM and a subset of the issues remained.  Anti-Virus / Malware products needed to be updated as did the Cisco VPN client.  UAC prompted me 4 times to create a folder in “Program Files” and I still had some performance issues.  This prompted me to take a trip down memory lane to when Windows “Whistler” (that was the pre-release codename for Windows XP) was launched back in 2001. 

The fancy new start menu and bubble like task bar, multi coloured large min, max and close buttons.  This looked more like a children’s toy then an operating system that was designed for both the corporate and home markets.  Furthermore compared to the more plain UI from Windows 98 or 2000 it was slow.  My Pentium 3 with 32MB of RAM didn’t need this extra overhead in the operating system… my system resources were needed for running applications.

This caused a mixed emotion in my mind… I remembered back to the Windows 3.0 days when I would happily chant.. why run an application on top of the Operating System (MS-DOS) that will consume my resources just to get some pretty graphics.  My beliefs were forced to change when Microsoft released Windows “Chicago”, aka Windows 95.  I accepted this GUI was the way forward and embraced it, although very quickly removed all the extra animated icon software that IBM had installed in their OEM release.

Back to Whistler… the outcry at the time and the number of users who dropped back to the classic start menu and theme to avoid the wasting the resources on graphics was considerable.  I persevered with the new start menu as I realised it was the way forward and I needed to keep pace.  Over the years I grew to love the new look XP and really like how it has developed further in Vista and 7.

Fast forward back to 2006 and the launch of Vista again, with my apps that didn’t work, no Administrative tools for my servers and again the question begged.. Why do I want my operating system to consume all of my resources?  It was the same question I had asked myself just 5 short years earlier.  What had happened during those years, why was I happy running Windows XP on the same hardware that I would not take near Vista.  The answer was simple… the improvements in standard and affordable hardware were streaks ahead of what was available when XP had launched.  I was now running a Core 2 processor and at least 1 GB of memory which was well beyond even the recommended hardware for XP… yet not far above the minimum for Vista.

So what happened to cause the massive uprising against Vista it was simple.. we lost the performance we had enjoyed for so many years, our applications stopped working and now we were getting prompted to perform tasks that used to happen.  It took some time for ISV’s to get software updated to run on Vista and often times this required an upgrade which costs money.  It also kept a number of corporate players away and as time passed and more and more people experienced these issues the good name of Vista turned bad.

When Service Pack 1 launched things started to turn around.  The hardware had moved along, UAC was much more refined and many ISV’s had updated their software.  In fact now if you speak to many Vista SP1 users they actually quiet like the Operating System.  This was highlighted even more when Microsoft conducted the Mojave Experiment last year.  They basically grabbed people off the street who hated, yet had never used Vista and showed them Vista, but called it Mojave (the next version of Windows).  Almost everyone liked it and they were shocked to find out they had been tricked… They were even more shocked that a good Operating System namely Vista had such as bad name.

As I continue to rant I am slowly reaching the point of this post… today the Sydney Morning Herald published an article titled “Meet Microsoft’s antidote to Vista” which introduced readers to Julie Larson-Green the Corporate VP of Windows Experience at Microsoft.  The article continued on the usual path of the Media slamming Vista and let the reader know who, moving forward, was responsible for the user experience of Windows 7.   As a side note, Julie is not new to the big roles or to big changes at Microsoft, she was responsible for the “Ribbon” in Office 2007. 

Yet the question begged, excluding performance (and UAC which is a security related feature) what was actually bad about the Vista user experience?  No one has been up in arms about Aero, the sidebar, search functionality, the start menu or the reduced system tray pop-ups.  The article it seems, had no substance and no message it is nothing more than a seed article, a piece that the Sydney Morning Herald can refer back to if the Media slams Windows 7 at the launch.

Having used the Beta of Windows 7 extensively, I will state the Beta could almost have been the RTM it is very stable and runs well on older hardware.  But Windows 7 would not have been possible without Vista.  Vista was the major facelift which pushed Windows out in front when it came to security albeit at the price of performance.  Was this a fair price to pay?  Considering the global deployment of Windows, the number of black hats actively exploiting it, wouldn’t we all rather wait an extra 5 seconds for an app to load at least knowing our data was safe?

Windows 7 will be the hedging operating system, much like Windows XP bought the corporate and home desktops together, Windows 7, will bring the security and performance together all the while building on the solid foundation provided by its ugly older step brother, Windows Vista.

Useful Links

For our internal Tech Forum @ work I recently joined a discussion about useful links and places on the net for information.  After reading it back a few times I thought it would work as a good blog post here also… so here it is.

Here’s my list

Troubleshooting

www.eventid.net – Just drop in a Windows event log ID and search.  Whilst the links won’t work unless you subscribe the results provide the KB article numbers for TechNet so just go there manually.

www.google.com – Sounds generic but it often works, I use it with the advanced searching features and often refine my search to site:support.microsoft.com.  I find it better than using live search on Microsoft.com.

Evangelism

http://edge.technet.com – A great resource for all things Microsoft.  There are links to Channel 8, 9 and Mix for those who prefer a bit of Development work also.

Blogs

Often a great source of information are blogs…

http://blogs.technet.com/windowsserver – The Microsoft Windows Server Product Team….nuf said

http://msexchangeteam.com/ – The Microsoft Exchange Product Team … The Exchange team started the blogs

from the product teams @ MS and this is brilliant.

http://blogs.technet.com/askds – Active Directory Product Team

http://blogs.msdn.com/clustering – The Clustering Product Team

http://blogs.technet.com/jeffa36 – Jeff Alexander is a Microsoft IT Professional evangelist based here in Sydney.  He is a great resource for all events based in Australia. 

http://blogs.technet.com/mkleef – Previously Michael held the same role as Jeff but based out of Perth.  Michael

is now the Program Manager of Group Policy in Redmond.  Lots of good GPO/GPP info here.

http://blogs.technet.com/security – Jeff blogs, researches and writes a lot of published articles about Security Updates, risk profiles, and vuln management.

http://blogs.technet.com/markrussinovich – Not updated that often but if you want some blow your mind technical detail this is a great place.  Mark Russinovich started the Sysinternals company which was bought by Microsoft a couple of years ago.  He is a Technical Fellow who works on Windows Kernel development.

http://blogs.technet.com/steriley – Again not updated often but Steve works with the Microsoft Trustworthy Computing Group and is one of my favourite speakers at TechNet events and TechEd.

Newsletters / Email

Not sure about other vendors but Microsoft offer a large number of subscription based newsletters.  I subscribe to many of them including the AU, UK and US Technet Newsletter.  The Technet newsletter is great as it lets me know when the TechNet Magazine is available each month.  (currently it’s only available online for non-US folk)

A few Microsoft and VMware Announcements

First up clearly we haven’t seen the release candidate for Windows 7 as yet.. although a leaked TechNet page did indicate a late May / June release.  Either way we will have to wait and see.

SQL Server 2008 SP1 was release and is mainly a collection of the hot fixes already released.  I haven’t read the full release notes yet so you will need to do so before looking at implementation.  Click here for a shortcut to some notes.

On as bigger scale as Windows 7, VMware have announced that vSphere 4 will be launched in May.  vSphere is the new name for ESX and has some vExciting features including distributed switches and fault tolerance.  Fault tolerance is a pre-staging for vMotion and HA so rather then a cold restart of a VM quest on host failure the memory is already mirrored to another host and fails over without restart.  A really cool feature which will leave ‘live migration’ in Windows Server 2008 R2 still a long way behind the 8 ball.

Windows 7 RC April10??

There is a lot of talk about a possible April 10 release for the Windows 7 Release Candidate with possibly an RTM as early as July. 

Fingers crossed

Active Directory management is growing up

First came Exchange 2007 and the integration of Power Shell.  This was closely followed by a number of applications from the System Centre family and SQL Server 2008.  Finally Active Directory is now having it’s turn to move to Power Shell based management with Windows Server 2008 R2.  

Quest Software released some free modules a while ago which worked well but this move by Microsoft will introduce the Active Directory Administrative Centre, a new Management console built on top of Power Shell 2.0, providing a completely integrated management approach.

Service Pack 2 Edges Closer

Last week Microsoft announced the availability of Service Pack 2 Release Candidate for Windows Vista and Windows Server 2008.

Click here for the full list of changes but below is a quick summary:

• Support for native writing of Blu Ray media
• Improved Power Management
• Windows Search 4.0 is included

Windows 7 | Problem Steps Recorder

Keith Combs has added a screen cast to Edge this morning about the Problem Steps Recorder in Windows 7.  This app looks great for the non-corporate environment where a remote control application isn’t available.  It also looks great for compiling screenshot documentation of an application install.  Let’s hope it works well at recording a terminal session accessed from a Windows 7 client.

Lessons from the Trenches – OCS R2 and Windows Server 2008

It’s been a little while since my last post and I’ve been busy designing an Exchange 2007 and Office Communications Server 2007 R2 (OCS) implementation.  Previously I was working on getting a Mailbox SCC cluster working.  All fine on that front but I wanted to share some experiences from the OCS R2 Enterprise proof of concept (POC) that I built as this was a little tricky.

First let me preface this post by stating my OCS experience is near zero.  OCS to me is like a car, I can talk about all the features, why it should be purchased and implemented, but ask me to put it together and it’s a different story.  The POC was built on Windows Server 2008 EE x64 running on Windows Server 2008 Hyper-V.  All the guests are configured on an isolated network and in their own domain. 

The biggest and the first lesson I want to pass on is use the Event Logs and not the System or Application log for that matter.  Different errors during the installation provided a number of cryptic errors, displayed in a pretty HTML which proved to be useless.  Once the installation commences an Office Communications Server event log is created in the Application and Services logs node of the Event Viewer.  During the installation of my front server (I’ve split OCS FE, Archive and SQL) all the cryptic error messages and the Application / System logs left me with nothing.  But the OCS log was happily logging away telling me to install MSMQ.

The next big lesson was around SQL Server 2008 EE running on Windows Server 2008 EE x64.  The SQL Server install doesn’t update the Advanced Firewall and so you will need to open up port 1433/TCP or traffic for the SQL application exe. 

Get yourself an Administrative workstation and install Telnet (if it’s kernel 6+).  The exclusion of the telnet client from the default OS build annoys the hell out of me to the point that I’m thinking about including it in our SOE.

The final lesson for today is more around a direction I’m taking with the SOE, use Servermanagercmd it is your best friend.  Servermanagercmd is a command line utility which installs and removes roles and features of the Windows Operating System in a full installation (OCsetup is available on Server Core).  Most of the Microsoft Apps, such as SQL, Exchange have a list of the exact roles and features needed to support the application.  By using Servermanagercmd writing rebuild instructions is a lot easier as all that needs to be added to the doco is the list of commands, rather than, Open Server Manager, right click on Roles, add Role, select from the list and then select all these sub components. 

I should state I do have a working OCS R2 POC after all that and I’m looking forward to getting it into production, without Enterprise Voice…. for now.

Windows Server 2008 – Failover Clusters in a box

Well this week I’ve been looking at building a POC for Exchange 2007, basically just extending the schema, adding a HT, CAS and thought…. why not add an SCC Cluster for the Mailbox Server.

First up let me expand on what is meant by SCC.  Exchange 2007 introduced a number of storage and replication options for the Mailbox Server including Cluster Continuous Replication (CCR), Standby Continuous Replication (SCR) and Local Continuous Replication (LCR).  SCC is a Single Copy Cluster basically what we were all happy and used to running in Exchange 5.5 to 2003.

Of course this is 2009 so I am running my Exchange 2007 servers on Windows Server 2008 which uses SCSI-3 for communication with Cluster disks, which is not available on either of the SCSI Controllers in ESX 3.5 Update 3.  Here’s to hoping that VMware get working on that in the mean time I’m dropping back to iSCSI or Windows Server 2003 R2.

Microsoft IT Professional : Enterprise Administrator

Seeing as it’s taken me 6 months and 9 exams I feel like gloating about finally becoming a Microsoft Certified IT Professional : Enterprise Administrator (MCITP:EA).  Since June I’ve moved from an MCP on XP and 2000 Server to an MCSA + Messaging 2003, MCSE 2003 and now MCITP:EA.

Exam 70-649 – Upgrading your MCSE 2003 to MCTS 2008

I sat for the first of my upgrade exams from MCSE 2003 heading toward Microsoft Certified IT Professional : Enterprise Administrator on Windows Server 2008 last week.  The biggest thing about 70-649 was how easy this exam was.  Without giving too much away I would spend about an hour a day reading blogs from the likes of the Directory Services team, the Exchange Team, Jeff Alexander, Mark Russinovich, Steve Riley, Rocky Heckman and a stack of others as well as Technet newsletters and browsing Technet Edge so I do keep up to date.  So with all this reading felt I should be prepared for the exam and I was. 

Rather then blowing my own horn here the praise should really go to the speakers at Tech Ed 2008 Australia, Jeff Alexander and Derrick Buckley (Derrick runs the Sydney Windows Infrastructure User Group) who’s content both speaking and blogging have made this experience so easy.  Unlike the days of exams being almost ‘tricky’ and not evident of the ‘real world’ the new exams seem worlds apart and the speakers who represent Microsoft actually give you a lot of information needed to run off and look at doing the upgrade exam. 

That said I wouldn’t recommend just running in and doing it tomorrow if you’ve never used the Operating System but if you read a lot, pride yourself on keeping up with technology and are interested you shouldn’t find this exam too hard.

Boot from SAN

I’ve been trying to get another post out for the last week on Windows Server 2008 R2 as a follow up to the new Active Directory Features.

Reading through the Windows Server 2008 R2 Reviewers Guide I’ve come across a number of new features and whilst I’ll get a post out on Cluster Shared Volumes and Processor Power Consumption (although anyone who has seen the Intel ads on TV would kinda know where I’m going with that one) a feature that caught my eye was Boot from SAN.  Whilst this is certainly not a new technology (I was using it to replicate boot volumes four years ago) it is interesting to note that it’s listed as a feature for Windows Server 2008 R2.  It’s being pitched as a power consumption and Green Computing initiative as it reduces the power requirements of Servers and it also improves the reliability as Hard Disks are generally the major cause of a failure.

However I’d like to think it also opens up the door for greater use of Blade Technologies.  Recently I designed and implemented a VMWare ESX 3.5i embedded solution on IBM HS21 XM blades with no hard disks.  A really big win since the HS21 needs to be removed from the chassis to access the internal hard disks which means downtime.  Perhaps this move from Microsoft will help push the boot from SAN and open up the idea of Blade Technologies also.

Food for thought…..

Windows Server 2008 R2 – Active Directory Features

No doubt the biggest news this week has been around the announcement of Azure, Microsoft’s new cloud based platform, Windows Server 2008 R2 and Windows 7.  In this post I want to concentrate on the Active Directory features of Windows Server 2008 R2.  There has already been quite a lot of noise about "Live Migration" of VM’s in a Hyper-V cluster and that R2 will only be available in 64bit.  However there are always other features like improvements in ADDS that never seem to quite get the air play they deserve.

Windows Server 2008 introduced some great new features into ADDS including the RODC, GP Preferences and Fine Grained Password Policies.  Whilst these features are fantastic the next release of Windows Server is going to concentrate on the subtle improvements.  First up… How often have you deleted an account that you didn’t mean to.  Windows Server 2008 introduced protection against accidental deletion of some objects but not all.  Well bring in the humble "Recycle Bin" from Windows.  The "Recycle Bin" is domain based and will require a schema and forest functional level update to Windows Server 2008 R2 so don’t expect this feature to be too widely used on day 1.

Active Directory Centre (ADC) is the new ADDS Console which replaces Active Directory Users and Computers which has been a trusty companion since it’s release nearly 10 years ago.  At this point in time I’ve only seen a screen shot of the console and can’t confirm whether other ADDS Consoles, such as Sites and Services / Domains and Trusts, will also be migrated to this format.  The ADC (not Active Directory Connector …. I shudder when I think back to that little guy with Exchange 5.5) is a task based management console built on top of Powershell. That’s right it’s what we’ve all been asking for Powershell comlets for Active Directory management yeahhhh.

Ever wanted to join an ADDS domain but not had the box on the network at the time.  The big scenario maybe at your Vendor site where laptops are imaged prior to arriving.  Embedded in the deployment process is an XML file with all the information needed to join the domain once the laptop arrives on site.

The big ADDS feature for Operations teams is the introduction of "Managed Service Accounts".  These accounts record the usage and automatically update the password where applied when reset.  The best example would be a service account running services on multiple servers.  At the moment the Administrator needs to open a Services console, open the service, update the logon information and type in the updated password.  Then to confirm that the password has been typed correctly, restart the service which of course means an outage.  Managed Service Accounts will automatically perform this update for you ensuring consistency and removing the need for an outage.

If Exchange 2007 was the first step…. Windows Server 2008 R2 is the first day of school

When Exchange 2007 launched the big news was around three advances.  The first was Powershell, and the number of features not available in the GUI (although a lot reappeared in SP1), the second Unified Communications and finally that it would only be available (for production use) in 64bit.  Microsoft has announced at PDC (Professional Developers Conference) over night in LA that Windows Server 2008 R2 will also be the only available as 64bit. 

This is a significant announcement and one that is welcomed from me.  All procs produced in the last couple of years have been 64bit and pushing the OS to a pure 64bit release will continue to unlock the full potential of the hardware.  Moreover it will save organisations from having to download and store updates in both 32 and 64bit editions in applications like WSUS.

No doubt this announcement will see all of Microsoft’s Server applications slowly start to only be released in 64 bit as well.

Interesting Read

It’s been a while between posts and rather then actually posting something today I’m simply going to point you to a post by Mark Russinovich named "The case of the slooooow system".  Whilst this was posted a while ago I’ve only finally gotten around to reading it… which may explain why I haven’t posted either.

Have a read because it really shows some great troubleshooting skills and usage of Process Explorer

Tech.Ed 2008 Update 2

Well it’s taken me a week to get this second post out but hey, I’ve been on holidays spending a week on the Gold Coast and relaxing before the hectic run into Christmas.

Moving on the main component of Tech.Ed the sessions I spent a lot of bouncing between the Security and Server tracks.  I did an awesome Deep Dive with Gavin Carius on Network Access Protection.  Having been to a few NAP sessions previously, read about it and even setup a DHCP NAP Lab I was really happy to see NAP in action both using IPSEC and 802.1x and Gavin offered a number of options for staged deployments and considerations for distributed environments.

The other great sessions were those presented by Steve Riley who spoke about Privacy, Security and told a number of war stories as well as speaking about he’s thoughts on Microsoft products including the use of Microsoft Passport for internal web applications (available as an add on for Visual Studio 2008). 

I know this is only a short post on the event given the previous rant but hey it’s a week on..

I will close by saying get along to Tech.Ed Australia next year at the Gold Coast Convention and Exhibition Centre.

Tech.Ed 2008 Update 1

It’s been a big week in and out of the class room this week at Tech.Ed with the nightly events taking there toll on me, the mornings have been a real struggle but it’s the last day of a great week and it’s time to start writing about what has been.

The week started with two days of "Pre Conference Training", my course was run by Ryan Gordon of Longneck Consulting and covered Exchange 2007, Unified Communications and Office Communications Server.  This was a great look at how MS has extended the capabilities of their product suite to include Voice, Speech out of the box in Exchange.   The training involved a series of labs and working with Virtual PC (we needed to use an audio driver which isn’t in Virtual Server) and an Audiocodes MP-114 FXO SIP Gateway.  I used the labs on Exchange to strengthen my Powershell skills. 

Moving on to Tech.Ed proper on Tuesday night I was a little disappointed with this years Bag, whilst it is smaller than last years and that’s got it’s advantage I tend to carry a lot around

1. Laptop (Lenovo R60)
2. Mouse (Microsoft Wireless Presenter Mouse 8000)
3. Small USB hub (6cm x 6cm x 1cm)
4. A collection of mini USB<-> USB cables
5. USB cable for my phone (Palm Treo 750)
6. Cable Lock
7. Cat 6 patch lead (2m)
8. Cat 5e X-over lead (5m)
9. WD portable HDD
10. Power supply for my lappy
11. Stanton DJ2000 Pro Headphones
12. iPOD Power Adapter
13. iPOD USB Cable
14. CD Case (meant to hold about 15 discs but it’s full of nearly 30)
15. 3G Modem
16. My Leather Folder that I keep my notepad in…

So quite quickly I’ve filled the bag and having a cool pocket, lined with the reflective stuff you get in soft esky’s (chilli bins if you a kiwi) minimises the space for all my other stuff.  That said, for travelling last year’s Targus bag often had problems getting into the overhead bins on the plane.

Getting over the bag which I’ve just typed more about then was needed the Welcome Party on Tuesday night was a good chance to catch up with some of the guys that I’d worked with previously and see how things are over a few drinks.  Again the disappointment that this year the beer being served is Toohey’s New and not Crown Larger, oh well it meant I would be drinking White Wine for the week.

The only other big news on Tuesday was that Laura Chappel would not being here for Tech.Ed in Sydney….. Bit of a shame but here’s to hoping that Rocky Heckman (Security Track Owner) can get her out here for next year….

The case of the relapsing A record

Just recently I built and then shipped a server to a remote site.  As the server arrived there were a range of changes that occurred at the remote site including a large network infrastructure change and the creation of a new VLAN to host this server.  To make things worse this server is the first branch server in our new software development / desktop management solution.

The server arrived and was racked, etc.. by the local team and immediately errors started occurring with DNS.  When the network changes were finished and I was able to get onto the server I ran "ipconfig /registerdns" to update the servers A record in our Active Directory Integrated zone.  All appeared okay and the record replicated across the forest (yes we were using Forest DNS for this zone).  At some point through replication, the record reverted back to the IP from main office in DNS and of course started causing lookup errors.

With about 30 DC’s / DNS servers holding this zone troubleshooting was difficult.  So the first change was to move the zone to a domain replication and create a sub zone for this domain elsewhere in the forest.  This was done and had reduced the number of DNS servers I had to monitor down from 30 to 4 but of course failed to correct the issue. 

The next day, post change, I went about monitoring the replication of the DNS data across the domain.  After a few hours I discovered that the PDC emulator was the Domain Controller that was first writing back the old IP.  Looking at the ACL on the A record I was surprised to see a DC from another domain in the forest but located in the main office had a write ACE on the record.   Then it struck me, that DC was also the DHCP server for the site.  Looking at the properties I wasn’t surprised to see the scope properties set with  "Dynamically update DNS A and PTR records for DHCP clients that do not request updates (for example, clients running Windows NT 4.0). " checked.

Un checking the option and just for the hell of it, removing the DHCP lease resolved the issue.  Bit of a tough one but got there in the end.

Windows Server 2003 Clusters in a box

Clustering is a great way to increase application level redundancy especially for Exchange and SQL Server and using VMWare ESX this technology can easily be deployed in a low cost and time effective manner.  I work a lot with Virtualised Servers running on ESX but I am not completely convinced of the fact that anything can run on Virtualised infrastructure.  In fact I out and out refuse to run clusters on ESX (or Hyper-V) for that matter, but when it comes to the lab and not the production network it’s a different story.

Today as you can guess I have run up my first MSCS on ESX and it’s working very well.  I’ve kept it simple using a single ESX host with just local storage.  Here’s the platform:

1 Dell PowerEdge 2950
2 x Quad Core Intel Xeon X5355 @ 2.6Ghz
32GB RAM
4 x NICS (2 onboard and 2 on a duel head NIC)
2 x Qlogic QLA2432 HBAs
3 x 300GB RAID-5 plus 1 x Hot Spare (4 disks total) in a single Datastore
VMWare ESX 3.5 (Stand Alone, no VC)

The ESX box is built with the default options all the way so I’m not going to dive into that too much. 

The Cluster nodes were build with:

2 vCPU
4096 MB RAM
2 x NICS, 1 for Private and 1 for Public Comms

The cluster is configured with 3 disk resources, 1 for Quorum, 1 for Data and 1 for Logs. 

The nodes were built up first and joined to the domain.  Next came the cluster disk resources.  This took me a little bit of time to get going as I wasn’t familiar with creating internal shared disks on ESX.  The task itself is easy firstly log into the server console, putty is my tool of choice for SSH and elevate your privileges to root.  Shared disks can’t be created using the GUI so you’ll need to use the following command:

vmkfstools -c 2G -a lsilogic -d thick /vmfs/volumes/Volume/Folder/quorum.vmdk

In this example I’m creating a 2 GB disk at the path listed using the name "quorum".  Buslogic disks aren’t supported so ensure that lsilogic is used.  Once all the disks have been created we can head back to the GUI VI Client and add the new disks to our servers.  When adding the disks ensure that the SCSI Virtual Device Node is a different channel to your system disk.  For instance choose SCSI (1:0) or (2:0) as your system is created at SCSI (0:) by default.  This is because a shared disk in an MSCS cluster cannot exist on the same bus as the system disk.  If you’ve selected the correct bus you’ll notice that a second SCSI Controller is automatically created also.  Click on the Controller and change the SCSI Bus Sharing to "Virtual".

Now it’s simply a matter of starting up the first node and configuring the cluster. 

Is IT Like Fashion??

On my desktop calendar (the old flip over the page paper kind) each day is a quote.  To be honest this is the only reason I even have it.  Each day I’m actually at my desk, I turn over the page and read the quote of the today and catch up on the days I’ve missed.   One quote that has stuck in my mind is from Tuesday 11 March "Fashion is a form of ugliness so intolerable that we have to alter it every six months" – Oscar Wilde.  Thinking about the speed and cyclical nature of the Fashion Industry, started me thinking about IT and the Technology cycle.

Unless you’ve been living under a rock (or raised floor) for the last 5 odd years the concept Virtualisation or thin computing will not be a new one.  In fact if you are old enough to remember the days before Windows or DOS this concept will not be new at all.  Back in the 3rd quarter of last century the use mainframe and thin clients boomed.  IBM had the cornerstone of the market (and still does with the Z series).  Mainframe computing continued in this fashion until the boom of the Personal Computer and more specifically Bill Gate’s Microsoft Disk Operating System (MS-DOS) and eventually Microsoft Windows.

Recently though the move to bring the desktop back into the Datacentre has started all over again.  A number of players such VMWare with Virtual Desktop Infrastructure (VDI) and Citrix with XenDesktop have already moved into this space showing the value of minimum images, backup, availability, scalability and reduced time for deployment.

Whilst thin computing on Windows has been around for a number of years with Citrix Metaframe XP, Presentation Server and Terminal Services, this is the first time that we’ve actually seen a dedicated per user desktop available running a desktop operating system such as Windows XP or Vista.

Will it work?? Personally I’m a sceptic.  I love the fact that I can carry my laptop with me and do what ever I need with it.  That said backing up my laptop, or trying to restore from bare plastic (let’s face it my Lenovo is not made of metal, at least on the outside) is not always the easiest or most time effective task.  Does it have a place in the Enterprise? Yes, but like all technologies this is by no means a "Silver Bullet"

RSS Feeds in Outlook 2007

For the last few weeks I’ve noticed that the number of RSS feeds coming into my inbox has been on the decrease.  When I compared the items in Outlook to those in IE7 I found that some items weren’t coming across to Outlook from the Common Feeds list.

By removing outlook.sharing.xml.obi, ~last~.sharing.xml.obi, and outlook.xml.kfl from

Windows XP: %userprofile%\Local Settings\Application Data\Microsoft\Outlook
Vista:           %userprofile%\AppData\Local\Microsoft\Outlook

I was able to get the feeds to download again.

Happy Blogging

Andy, IT Guy

Came across a great little blog today.  Really sums up the progression of the Engineer…..

http://andyitguy.blogspot.com/2008/06/hello-my-name-is-andy-and-i-attend.html

Enjoy

Minimum Requirements

Just noticed that you can’t install Windows Server 2008 with less than 512MB of memory.  That said, once built a Server Core DC/GC with DNS runs well with just 256MB in the lab.

Microsoft / Windows Update

Like many companies I’ve worked for our internal Patch Management isn’t any where near the level of automation that it should be.  As a result new servers are deployed and Microsoft Update is run to ensure that at the time of build and handover the servers are updated with all critical and security updates.  Not really a bad idea as the scan engine used by Microsoft Update is going to pick up any updates that a 3rd party utility could miss.

The issue I’ve been finding lately is that a number of Engineers run Microsoft Update just once.  This has the potential to still leave servers vulnerable.  Let me explain.

A Windows Server 2003 R2 SP2 server is deployed and dot NET Framework 2.0 is installed via Add / Remove Programs.  Microsoft Update is run and sure enough dot NET Framework 2.0 Service Pack 1 is needed.  The Engineer installs the update and is done.  However there are a number of post SP1 updates that are also needed.

The point is, to ensure that servers are completely updated, running Microsoft Update should be like running ISINTEG on your Exchange Stores.  Continually run and re-run until no further updates are needed.  Once this process has completed the server can be added to the scheduled update list and covered by the Patch Management team.

Happy Patching.

Standards Part 1

View article…

Server Core – Big Server – Small Footprint

I am just loving Server Core at the moment.  I’ve always found it a struggle to run multiple VM’s on my laptop for demo’s.  Especially when I wanted a DC/GC which didn’t double as an Exchange, SQL or ISA server.  Usually about 512MB of RAM was assigned to my DC to keep it running nicely but this chewed into my available memory.

My Windows 2008 Standard Server Core box is currently up and running as a DC/GC using just 256MB of RAM and it’s humming along.  Now for the same footprint as a Windows 2003 DC I can set up two Server Core DC’s and have a nice empty Forest root.

Happy Days

Windows Server 2008 – My Favourite New Roles – Part 2

Part 2 and Sever Core and Fail over Clustering.

Server Core is by far the biggest improvement in Windows Server 2008. 

In short Server Core is a streamlined install of the Windows Server 2008.  This option greatly reduces the size, complexity and most importantly the service area of attack of a Windows install.  A number of vulnerabilities have been disclosed effecting components of Windows which aren’t required in a Server operating system such as Outlook Express or Media Player.  By removing these components Windows Server has become a more stable, scalable and secure operating system.

Due to it’s streamlined install there is no GUI in Server Core instead all local administration is performed from the humble command line.  The flip side is that only a subset of roles can be installed on a Server Core installation.  A complete list is available at http://www.microsoft.com/windowsserver2008/en/us/compare-core-installation.aspx.

The only problem I ran into with Server Core was the initial configuration.  For a Windows Guy I consider my command line skills pretty good, probably from my DOS days.  I launch most Control Panel applets from a command line, when I ran a Tivoli Storage Manager environment I used the command line.  But I started to run into problems with Server Core.  Why??? Well.. Have you ever set an IP address from a command line??  What about setup configured the Advanced Firewall in Vista or 2008 Server?? Configured an iSCSI initiator??  The answer is probably not.

Sure the Remote Server Administration Tools can do most things but what about the initial tasks such as the IP Address??  I will cover a number of commands in upcoming post but in the mean time why not check out Core Configurator by  Guy Teverovsky.  This is a simple tool which completes the simple admin tasks such as setting an IP, Installing Roles and Features and completing the activation process.

Fail over Clustering is one of my favourite improvements in Windows Server 2008.  The two big wins for me are Validation Wizard and the introduction iSCSI disks for the configuration. 

The Validation wizard checks the hardware and software configuration of the Cluster.  If the tests are passed then the Cluster will be supported by Microsoft Premier Support Services.  This is a quick way to check the configuration of the cluster and instantly know it’s state.  It removes the time that previously needed to be spent trawling through the Cluster Hardware Compatibility List and finding a supported configuration.

The use of iSCSI disks isn’t one that I would approve for production but for the lab, demo’s and training it is a quick and cheap win.  A number of software iSCSI targets are available allowing for a cluster to be run on a single computer with Virtualisation.

That’s all for now….

Mick

Time Changes, The Media and NTP

Through all walks of life people have been effected by the change of daylight savings which didn’t occur this weekend.

Traditionally Daylight Savings Time (DST) in Eastern Australia has finished on the last Saturday night (well very early Sunday morning) in March.  A change to legislation has pushed this back a week to the first weekend in April in a bid to lower power consumption and thus reduce carbon emissions.  The start of DST has been bought forward by three weeks also, which comes into effect later this year.

Today the media has been reporting of ‘computer bugs’ and ‘computer glitches’ which automatically in-corrected clocks.  News.com called the error a software ‘cock up’.  What really caused the issue to occur?? It was a combination of hard coding items like DST settings into software and not having a process for updating the software.

The real issue today, wasn’t technology it, was process.  Software designers have a responsibility to ensure that their software will be usable from the factory and through life cycle.  The only way to do this is to allow updating.

IT Pros also need to wear some of the blame for the issues experienced today.  There were a number of computer systems, that support updating, which didn’t have updated Time Zone settings and were displaying the incorrect time. 

The real test will come tomorrow as the majority of users return to work.  What time will they be turning up to their appointments and meetings??

Windows Server 2008 Security Resource Kit

Just a quick wedge entry…..

I’ve had a copy of Jesper Johansson’s new book on order from Amazon since early this year and it’s finally turned up.  Don’t worry Amazon were quick enough in the delivery, I just ordered it before it was published and the delays occurred somewhere in the publication process.

Regardless, the skim read that I’ve done tonight is enough for me to give it two thumbs up!!  I’ll report more from the book with my highlights when I’ve finished more of it.

More soon….

Mick

Windows Server 2008 – My Favourite New Roles Part 1

The launch events for Windows Server 2008 have now finished here in Australia and throughout most of the world.  The new Roles and Features summarised in the Microsoft Top 10 reasons to Upgrade have been heavily pushed by Microsoft and their Partners alike. 

My list of favourite features differs slightly and I’ll cover these over two posts.  In this post I discuss the Global Names Zone in DNS, the improvements in Active Directory and Network Access Protection (NAP).

The Global Names Zone (GNZ) in DNS is an attempt to remove the reliance on WINS (Windows Internet Naming Service) on the network.  WINS was a cornerstone role back in the Windows NT4 days and is still needed in a distributed Exchange 2003 Organisation.  The Global Names zone in DNS works in a similar way to WINS by using a single label name for resolution.  This allows the computer name to be resolved without the use of the Fully Qualified Domain Name (FQDN) or by customising the DNS Client settings.  It does have a fall back GNZ isn’t dynamic and all entries need to be manually updated.  GMZ also supports IPv6  which WINS does not.

The improvements in Active Directory Domain Services (ADDS) extend from the Data centre to the branch office including the Read Only Domain Controller (RODC), Restartable Directory Services and the ability to assign an "Administrator" to a Domain Controller without granting "Domain Admin".  Snapshot technology has also been added to NTDSUTIL which allows for instant snap to be taken of the NTDS database on a DC and then mounted on a port of choice.  This makes troubleshooting security or time related data a lot easier. 

The biggest improvement for ADDS from a security standpoint is the ability to use fine grained password policies.  Previously only one Password Policy could be applied to the domain however with Windows Server 2008 multiple policies can be applied to groups of users.  Useful for implementing stronger passwords for your privileged accounts (Administrators and Service Accounts).  My only disappointment with the fine grained password policies is the lack of GUI need to use ADSIEDIT to perform the task. 

Health Validation is not a new concept but Windows Server 2008 is Microsoft’s first implementation of the technology and it appears to work very well.  I have not played with NAP yet so can’t get too involved on its inner workings but on the surface it is health and policy enforcement for Windows clients on your network.  Through the use of 802.1x (the preferred method, although DHCP can be used) computers which do not comply with the networks health policy can be restricted in their access.  This can be useful for stopping rouge machines (either from employee’s or their visitors) gaining access to your corporate network until they meet your requirements for Updates and Malware protection.  NAP requires Windows Vista or Windows XP Service Pack 3 (due out soon) on the client side and so is limited until clients are updated.

Stay tuned for Part 2 where I’ll discuss Server Core and Failover Clustering……

I’m Back

Nothing special in this post, but the site is here.

Over the next few days i’ll be re-publishing my old posts to add some content to the site.  So I apologise if you end up with doubles of some of my old posts.