Archive for sbs2008

06.03.09

Microsoft resources on Antivirus Scanning on SBS2008

Posted in OS, sbs2008 at 12:58 pm by webmaster

This is a collection of links that describe Microsoft’s information on AntiVirus scanning in the SBS2008 era.

For Windows 2008, DNS, DHCP

Virus scanning recommendations for computers that are running Windows Server 2008, Windows Server 2003, Windows 2000, Windows XP, or Windows Vista

http://support.microsoft.com/?id=822158
 
 

For Exchange 2007

File-Level Antivirus Scanning on Exchange 2007

http://technet.microsoft.com/en-us/library/bb332342.aspx
 

For SQL 2005

Guidelines for choosing antivirus software to run on the computers that are running SQL Server

http://support.microsoft.com/kb/309422
 

For SharePoint 3.0

Microsoft’s Position on Antivirus Solutions for Microsoft SharePoint Portal Server

http://support.microsoft.com/kb/322941
 

For IIS 7 server, exclude the following folders:
 

  1. %systemroot%\system32\inetsrv folder
  2. Files that have the .log extension

 Antivirus software may cause IIS to stop unexpectedly

http://support.microsoft.com/kb/821749
 

For WSUS Server
Drive:\MSSQL$WSUS

Drive:\WSUS

(where Drive: is the drive letter where you installed Windows Software Update Services)

06.02.09

BackupExec 10D and above on SBS 2003

Posted in OS, sbs2008 at 5:58 pm by webmaster

At all my Backup Exec 10D and above installs on SBS 2003 I am now creating two separate backup jobs to work around the issue of a compatibility problem when backuping up Exchange and System State at the same time.

  1. The first backup job with AOFO which backs up everything but exchange
  2. The second backup job without the AOFO on scheduled 30 minutes later, set to append to the tape that backs up Exchange

Note the following version is the most recent version of BackupExec available both released may 15, 2009:

 

BEWS_12.5.2213A_32BIT_VERSION.zip    12.5.2213A  557,764,568
BEWS_12.5.2213A_64BIT_VERSION.zip    12.5.2213A  597,707,883

Symatec article on the issue.

Consult the Administrators Guide and all the Best Practices Guides for all of the gory details.  I found the Advanced Open File Option Best Practice Guide especially helpfull.

 

06.01.09

Isolated Sharepoint site on SBS2008

Posted in OS, sbs2008 at 7:30 pm by webmaster

There are many applications that call for having the ability to have users share information in Sharepoint both internally and externally to organizations.  It is very easy to setup this ability within Small Business Server 2008 and to provide isolation from the rest of the network resources as well.  (The same concept can also be done in SBS2003 but it is done a bit differently)

The first step is to ensure you are currently licensed for the number of users you are going to be using. 

The second step is create your users and to tweak them so they do not have access to your other resources:

  1. Create new user using SBS Console
    1. Users and Groups
    2. Add a new User
      1. First name
      2. Last name
      3. Username
      4. Email Address (I add an external contact and forward later on)
      5. Standard User
    3. Type Strong Password
    4. Add User
    5. Do not allocate a computer just click finish
  2. Edit Account Properties
    1. Highlight User
    2. Edit User Account Properties
    3. Remove “Disable User can access RWW” on Remote Access menu
      1. Groups
      2. Remove “Sharepoint Membership Group” on Groups menu
      3. Remove OWA from websites menu

         The third step is to create a new Sharepoint site with unique permissions.

        1. Login as Administrator

        2. Navigate to companyweb in browser

        3. Create a new Sharepoint Site with limited rights

          1. Companyweb  –> Site Actions –> Create
          2. Sites and Workspace
            1. Name                                    mysite

            2. Description                           Mysite Description

            3. URL                                        https://remote.DN:987/mysite

            4. Document Workspace

            5. Permissions                          Use Unique Permmisions

            6. Nav                                        No        

            7.                                               Yes

            8. Nav inheritance                     No

          3. I prefer to create a seperate visitors groups so the site can be totally independant of all other sites/settings
            1. Visitors                                  Mysite Visitors
            2. Members                               MysiteMembers
            3. Owners                                 MysiteOwners
          4. Access the site https://remote.DN:987/mysite

        That should do it.

05.20.09

Issue with Symantec Endpoint Protection

Posted in OS, SAV, sbs2008 at 10:05 pm by webmaster

There have been issues reported issues with SEP 11MR4 MP1 and prior.  The issue definately affects SBS2008 (64 bit) when you deploy Network Threat Protection. 

Network Threat Protection is the firewall part of the Symantec suite.  I always deploy with the Microsft Windows firewall anyway because of the benefits of configuration via group policy so I have never seen the issue.

SEP 11 MR4 MP2 became available in North America on May 19, 2009.

05.05.09

Exchange Server 2007 Content Filter log file

Posted in OS, Exchange, sbs2008 at 11:07 am by webmaster

The default configuration of SBS 2008, will by default reject email based on the SCL rating of a particular email. 

One option is to turn Content Filtering Off and use a cloud based email filtering engine. 

Another option is to tune the Content Filter settings so that it will throw potential junk email into a Junk Mail folder in Outlook.  You can still reject the more obvious Junk Mail.  There is also a SBS Blog post on this topic.  If you are like me though, you want to know what (if any) mail is rejected.  Exchange 2007 has a log file that logs what the Content Filter does with a mail message (not limited to the content filter).

You can peruse the log file located at %programfiles%\Microsoft\Exchange Server\TransportRoles\Logs\AgentLog to see why a message was rejected.

Kudos to the Microsoft Managed Newsgroup team for pointing this out.   Now it would be cool to find the time to write a custom alert for this one.

05.02.09

Eventid 10016 on SBS2008

Posted in OS, sbs2008 at 11:28 pm by webmaster

Not sure why Microsoft was unable not fix the 10016 errors in the event log as we saw this very early in the beta.

To fix this perform the following steps (It’s a DCom issue):

  1. Administrative Tools –> Component Services
  2. Expand Component Services –> Computers –> My Computer –> DCOM Config
  3. Find the IIS WAMREG Admin Service
  4. Right click –> Properties –> Security tab
  5. Launch and Activation Permissions –> Edit
  6. Add the Network Service user
  7. Add Local Activation rights
  8. OK
  9. OK
  10. Close Component Services
  11. Reboot Server 

07.29.08

Using Exmerge with SBS 2003

Posted in OS, SBS2003, Exchange, sbs2008 at 9:16 pm by webmaster

Sometimes you want to perform a migration where you want to manually migrate the mail - in a semi-automatic fashion.   Exmerge is a tool that can be employed to do just that.

Because the domain administrator has explicit deny permissions set by default which restricts the domain administrator from accessing the users mailboxes to perform either exports or imports, additional steps must be used to perform this taks

Preparing a User Account to use Exmerge

Here is a method that I employed to allow Create a user account

  1. Create a regular user account (exmergeusr)
  2. Create a regular security group (exmergegrp)
  3. Add the exmergeusr to exmergegrp
  4. Add the exmerge user account to the local administrators group

There is also a way to enable the security tab of the exchange system manager so you can disable the explcit deny permissions for the domain administrator (temporarily)  http://www.computerperformance.co.uk/Registry/registry_hacks_exchange.htm

Now you are all ready to start using Exmerge.

Preparing to use Exmerge

  1. download exmerge
  2. unzip
  3. copy C:\Program Files\Exchsrvr\bin\exchmem.dll to exmerge folder http://support.microsoft.com/kb/297362
  4. Check destination disk space (for export) is 1.5 times store size
  5. Create pst folder to hold the pst files you will be exporting
  6. Run Exmerge to export to pst files on the source server
  7. Repeat the above procedure on the destination server to import from pst files on the destination server

Using Exmerge

Running Exmerge goes something like this 

  1. run exmerge
    next
  2. select 2 step
  3. select 1 for export 2 for import
  4. MSE server name  SERVERNAME
  5. dc   SERVERNAME
  6. Options –> Data first 2
  7. Options –> Import Merge (second option)
  8. Select mbox, select English locale
  9. select the destination for pst files if exporting or the source of pst files for importing

For SBS2008 these methods may work  http://www.exchangeinbox.com/article.aspx?i=88

07.22.08

SBS2008 Version

Posted in OS, sbs2008 at 5:11 pm by webmaster

To obtain the version of SBS2008 that you are running perform one of the following:

  1. Look at the properties of the following file on DVD1
    1. Setup.exe
  2. Look at the properties of the following file on an already installed system
    1. c:\program files\windows small business server\bin\sbssetup.exe

05.29.08

Cougar Kickstart (RC0) - Part 2 Installation

Posted in OS, sbs2008 at 12:38 am by webmaster

Install Small Business Server 2008

You are now about 90 minutes away from having an install of Small  Business Server RC0.  If you have not yet followed the prepatory Part 1 please do so before attempting the install.  Follow the procedure below.  

  1. Turn on power switch                                                                    0 seconds
  2. Insert SBS2008 DVD 1 in drive tray
    1. Press any key to boot from dvd                                           30 seconds
      1. Windows is loading files                                             45       
      2. progress bar                                                              1:30
      3. gray screen                                                                2:00
      4. gray screen with “Please wait”                                    5:20
    2. Language screen                                                                  8:30
      (Note I have note deviated from the settings below because of various bugs that have existed prior to RC0 even though I live in Canada .  These issues may or may not now be fixed.)
      1. Language                   English
      2. Time and currency     English US
      3. Keyboard                  US
      4. (Defaults – Next)
    3. Install Now
    4. Type your product key for activation          
      1. TYPE YOUR PRODUCT ID HERE
      2. check auto activate                      9:30
    5. EULA – I accept                                   9:45                           
    6. Where do you want to install Windows   10:00
      1. Custom Advanced
      2. Recommend creating at least two partitions one for system and one for data under Drive options
        1. Disk 0 Partition 1 - > 100 GBytes
        2. Disk 0 Partition 2 Whatever is left > 100 GBytes
      3. Format both partitions
      4. This step is now optional (driver now included with SBS2k8 - earlier builds did not have this driver)
        1. Insert USB stick with drivers
        2. Load Driver
          1. Browse
          2. Select Drive with Sata drivers
            1. Removable Disk –> IDE –> WinVista64 –> SataRaid
            2. Select
              1. Raid Controller
      5. Next
    7. Remove usb                                                                   11:00
    8. Next
    9. Installing Windows                                                           12:00
      1. Copying Files                                                         12:00
      2. Expanding Files                                                      13:00 
      3. Installing Features             
      4. Installing Updates              
      5. Completing Install              
    10. Gray Screen, Reboot, Please wait
    11. Completing Installation                                                       33:00
      1. Preparing your desktop                            
  3. Continue Installation                                                                     35:00
    1. Verify the clock settings                                                      35:00
    2. Go online and get the most recent installation updates          36:00
    3. Company Information                                                         40:00
      1. Business Name
      2. Street Address
      3. City
      4. State/Province
      5. Zip/Postal Code
      6. Country
    4. Personalize your Server and network                                   41:00
      1. Server Name                                 srv
      2. Domain Name                               dmn
    5. Network Administrator Account                                           42:00
      1. First
      2. Last
      3. Account Name
      4. Strong Password
    6. Summary, Finish
    7. Expanding and installing Files                                                44:00
      1. Logging Off                                                                46:00
      2. Applying Computer Settings                                        47:00
      3. Preparing Your Desktop                                             48:00
      4. Expanding and Installing Files                                      49:00
      5. Stopping Services                                                       1:03:00
      6. Shutting Down       
    8. Expanding and installing files                                                 1:03:00
      1. Configuring Updates (2 of 3)                                      1:08:00
      2. Stopping services                                                       1:14:00
    9. Applying Computer Settings                                                           
      1. Configuring Updates (3 of 3)                                      1:18:00
    10. Applying User Settings        
    11. Successful Installation                                                           1:19:00
  4.  Start Using The Server                                                                  1:20:00
  5. Read and check the “Using the Windows SBS console”
  6. Connect To The Internet (preconfigured router)                              1:20:00
    1. Next
    2. Verify Network IP Addresses
      1. Verify Router IP      192.168.1.1
      2. Verify Server IP      192.168.1.2
      3. Select Next
      4. Select Finish
  7. Customer Feedback Options                                                         1:22:00
    1. Join CEIP
  8. Set Up Your Internet Address                                                       1:23:00
    1. I already have a domain name that I want to use
    2. I want to manage the domain myself
    3. sbs2k8.com, configure
    4. finish
  9. Configure a Smart Host for Internet Mail                                       1:25:00
    1. Next
    2. Smart Host Server Information                          Smart Host FQDN
    3. Next
    4. Finish
  10. Add a trusted Certificate
    1. Next
    2. I want to use the certificate that is already installed on this computer
    3. Finish

Your server is now operational.  There are other tasks that should be performed as post installation tasks. 

05.27.08

Cougar Kickstart (RC0) - Part 1 Preparation

Posted in OS, sbs2008 at 12:27 pm by webmaster

Cougar RC0 Kickstart

This is an attempt at providing a simple walk-through that allows IT Professionals and others up to speed and running Cougar a.k.a. Windows Small Business Server 2008 in a test environment.  

I will focus on providing the necessary information required to obtain real hardware, configuring that hardware, obtaining the software, planning the installation and completing it.  I will focus on the the simplest installation I can to get you up and running so you can become familiar with this new product.  This installation will focus on Windows Small Business Edition Standard Edition Release Candidate 0 (RC0). 

Now for the obligatory disclaimer.  I am providing this a guide as to what worked for me.  Please don’t try to run this in a production environment and as with anything else purchase items and follow procedures at your own risk.  This is not necessarily the only way to install nor is it necessarily the best way but it is a documented way that I have found works well.

In order to be able to complete this walk-through you should have a thorough understanding of networking, and server topics in general.  Sorry to those who like screenshots I simply don’t have the time to make them.  I hope you find this helpful.

Thanks also to all those who helped me along the way!

Overview

We will be performing the following tasks:

  1. Peruse RC0 resources
  2. Planning
  3. Obtain Materials
  4. Preconfigure Router
  5. Preconfigure Public DNS
  6. Preconfigure Testbox
  7. Install Small Business Server (Separate Post)
  8. Post Installation Tasks (Separate Post)

Peruse RC0 Resources

Peruse the following resources:

Microsoft Small Business Server 2008 Documentation

There is also a newsgroup available to beta participants:  microsoft.connect.windows.server.sbs08

Planning

You will need some information along the way.  Here is a list of what you will need.  Please note FQDN refers to your fully qualified external domain name like microsoft.com.

         

  1. Product Key
  2. Network Information

    3. WAN Information

     

      1. Static IP
      2. Subnet Mask
      3. Gateway
      4. DNS Servers
      5. An A Record entry in your external DNS pointing to the static IP address of your server with the keyword remote prepended to it. remote.FQDN as in remote.microsoft.com)
      6. MX Record
    1. Lan Information
      1. IP
      2. Subnet Mask
      3. Gateway
  3. Company Information
    1. Business Name
    2. Street Address
    3. City
    4. State/Province
    5. Zip/Postal Code
    6. Country
  4. Server and internal domain information  
    1. Server Name      
    2. Domain Name
  5. Network Administrator Account information
    1. First Name
    2. Last Name
    3. Account Name
    4. Strong Password
  6. Public DNS domain name
  7. Smart Host Fully Qualified Domain Name

    Obtain Materials

    1. Obtain Hardware (~ $500 Canadian new)
      1. ASUS M2NPV-VM
      2. AMD 64 X2 4600+ (You may want a faster processor as this does not quite meet the hardware requirements)
      3. 4 GBytes System RAM (I installed 8 GBytes but 4 works)
      4. 200 GBytes SATA drive
      5. SATA DVD drive
      6. Linksys WRT54GL running DD_WRT firmware (Linksys firmware works as well.  I like the flexibility of DD_WRT
    2. Download and burn the first DVD of Small Business Server 2008 Standard Edition RC0 (Build 6001)
    3. Obtain and note Product Key
    4. Obtain the following Bios for the testbox 1(201) (earlier versions prior to 901 did not work.)  http://dlsvr01.asus.com/pub/ASUS/mb/socketAM2/M2NPV-VM/1201.zip 
    5. Obtain 64 bit Driver Package and place on usb stick.  There are reports that this is not required anymore but I have always installed the raid drivers. 

    Preconfigure Router

    1. Pre-configure the hardware router with a 24 bit subnet mask with an address of 192.168.2.1 with the standard port redirects.  Also disable DHCP on the router.  Note it is picky about the LAN subnet you use so be careful.  Note I do not use UPnP.  Below is a checklist of things that should be done
    2. Configure WAN interface
    3. Configure LAN interface
    4. IP                       192.168.2.1
    5. Subnet Mask      255.255.255.0
    6. Disable DHCP
    7. Open the following Ports by port forwarding them to 192.168.2.2
      1. 25       SMTP
      2. 443     HTTPS
      3. 987     HTTPS (Sharepoint/Companyweb)
      4. 3389   RDP (Optional)

    Preconfigure public DNS

    You really need a static IP address to use the full functionality of Small Business Server.  Note the required A record of remote.FQDN. (For example it would be “remote.microsoft.com)

    1. Ensure you have a A record for remote.FQDN
    2. Create an MX record for your mail system pointing to the static IP address of your server.

    Preconfigure TestBox

    1. Upgrade bios of Motherboard to 1201 (otherwise crashes on install)
      Using the ASUS bios updater located in the bios this was very easy DELETE –> Tools –> ASUS EZ Flash 2 (Install 1201.bin on a USB stick)
    2. I connected the SATA hard drive to raid 1 and the SATA DVD drive to raid 2
    3. Enable raid in bios
      1. Use Del key to get into the bios and configure drives for raid
      2. Advanced –> Onboard Device Configuration –> NVRAID Configuration
      3. Raid Enable (Enabled)
      4. Sata 1 (Enabled)
    4. You may also want to ensure AMD Virtualization is enabled Advanced –> CPU Configuration –> AMD Virtualization (Enabled)
    5. Use F10 key on powerup to configure raid and make bootable (and select striping)

    Your ready to begin installing.  If you have accomplished all of the above you are only about 90 minutes away from using Small Business Server 2008.

PART 2 Installing