Saturday, June 27, 2009

Upgrade to Windows 7 for $49.99!

Today, Microsoft announced a fantastic deal for current Microsoft customers. You can now pre-order Windows 7 Home Premium Upgrade for $49.99 or Windows 7 Professional Upgrade for $99.99 from select retail partners. The offer ends July 11th in the U.S. and Canada, and on July 5th for Japan or while supplies last

As a way of saying thank you to our loyal Windows customers, we are excited to introduce a special time limited offer! We will offer people in select markets the opportunity to pre-order Windows 7 at a more than 50% discount. In the US, this will mean you can pre-order Windows 7 Home Premium for USD $49.99 or Windows 7 Professional for USD $99.99. You can take advantage of this special offer online via select retail partners such as Best Buy or Amazon, or the online Microsoft Store (in participating markets).

This is a great deal for this fantastic operating system. Take advantage of it!

Thursday, June 25, 2009

Windows 7 Pricing and Upgrade Program Information Released

Today, Microsoft released its pricing model for Windows 7, the much anticipated operating system that will replace Windows Vista.

The estimated retail prices for upgrade packaged retail product of Windows 7 in the U.S. are:

  • Windows 7 Home Premium (Upgrade): $119.99
  • Windows 7 Professional (Upgrade): $199.99
  • Windows 7 Ultimate (Upgrade): $219.99

And the estimated retail prices for full packaged retail product of Windows 7 in the U.S. are:

  • Windows 7 Home Premium (Full): $199.99
  • Windows 7 Professional (Full): $299.99
  • Windows 7 Ultimate (Full): $319.99

This means that Windows 7 Home Premium full retail product is $40.00 less than Windows Vista Home Premium today.

General availability of Windows 7 is scheduled for October 22, 2009 worldwide.

For those who need a new PC now but still want to get Windows 7, the Windows 7 Upgrade Option Program starts tomorrow, June 26th. Anyone who buys a PC from a participating OEM or retailer with Windows Vista Home Premium, Business or Ultimate on it will all receive an upgrade to the corresponding version of Windows 7 at little or no cost. The Windows 7 Upgrade Option Program will be available until January 31, 2010 – and it's global. For more information on taking advantage of the Windows 7 Upgrade Option Program, visit www.windows.com/upgradeoffer.

Wednesday, June 24, 2009

Imagine Cup 2009 Worldwide Finals

I'm honored to be one of four judges for the Imagine Cup 2009 Worldwide Finals in Cairo, Egypt. This is the second time I've been a judge, the first being last year in Paris.

This year's finals will run from July 2-9, 2009.

The object of the IT Challenge competition is to highlight the art and science of developing, deploying, and maintaining IT systems that are efficient, functional, robust and secure. IT professionals have a base set of tools and techniques, but still have to work through customer needs and configurations that require an intimate understanding of how the pieces fit together. They also need to know how far the systems can be pushed before they will break, and how to make the systems highly available, so that they are always available.

Competitors will have 24 hours to complete a real-world scenario. The competition will involve almost the entire stack of Microsoft technologies, where competitors will actually implement their solutions.

I'll be blogging about the competition and our travels to Cairo and London here. If you would like to see real-time updates, you can follow me on Twitter. We leave on Sunday and will arrive in Cairo Monday, June 29.

Looking forward to a great time!

Wednesday, June 17, 2009

Is it down for just me?

Here's a great tip I got from my friend and co-worker, Pete Handley.

Have you ever gone to a website, found out it was down, and wondered if it was just you? Check out http://www.downforeveryoneorjustme.com. You enter a website to check and it'll tell you if it's down for everyone or just you!


Simple and elegant!

Monday, June 15, 2009

Windows Server 2008 R2 Service Pack Level at RTM


You may have known that Windows Server 2008 RTM shipped as Service Pack 1. This is because the Windows Server 2008 code base is shared by Windows Vista, and Windows Vista was at SP1 when 2008 shipped. Windows Server 2008 SP2 was released on May 26, 2009 and was the first service pack you can actually apply to Windows Server 2008.

Unlike Windows Server 2003 R2, which was based on the same code base as Windows Server 2003 SP1, Windows Server 2008 R2 is based on an entirely different code base (Windows 7). The Windows 7 code base is derived from Vista, but is actually a seperate kernel. This change in strategy was required to address challenges that 2008 R2 faced, such as hardware platforms with many processor cores and new power saving features that couldn't be addressed by keeping the same kernel as Server 2008.

For this reason, Windows Server 2008 R2 RTM will ship as service pack level SP0, not SP1.

Friday, June 12, 2009

Failure of FSW Causes Cluster Group to Failover

The following information was written for Exchange 2007 CCR mailbox clusters, but it pertains to any clustering solution that uses the Windows Server 2008 Node and File Share Majority cluster quorum configuration.

How Does Node and File Share Majority Clustering Work?

Exchange 2007 CCR uses two clustered Exchange mailbox nodes, called a Clustered Mailbox Server (CMS). In order for Windows to know which node is active, it utilizes a File Share Witness (FSW) to maintain quorum. The FSW is a network share on a third computer (typically a Hub Transport server in the normally active node's physical site). The active node writes information to files in that share and locks them for writing, preventing the passive node from writing to the FSW and taking quorum. It always take two out of three votes to maintain quorum.

If the active node becomes unavailable, the passive node can write to the FSW and the cluster group fails over. In the case of a total site failure where both the active node and the FSW are offline, both the cluster group and the CMS will fail since there is no quorum (there's only one vote).

What Happens When the FSW Becomes Unavailable?

When the FSW fails, the active CMS node (Exchange) does not fail over because there are still two votes (the active and passive nodes). However, the Windows cluster group will fail over to the other node if the FSW does not come back online within 60 seconds. This is because File Share Witness resource in Windows Server 2008 is configured to fail over the cluster group when the FSW fails, as shown below.


Worse, the FSW resource will not come back online for another 60 minutes. During this time, a failure of either one of the nodes will cause the cluster to fail, even if the FSW is back online.

These default settings are provided so that the cluster event logs don't fill up with constant "Trying to start the resource", "The resource failed to start" events during a prolonged outage.

This is what happens when the FSW server is rebooted (during patch management, for example):

  • The server holding the FSW resource is rebooted.
  • The cluster tries to connect to the FSW one minute after failure is detected.
  • If the FSW is still unavailable (which usually happens - most servers take longer than 60 seconds to restart), the cluster group fails over to another node.
  • Wait one hour and try connecting to the FSW again. The FSW is finally brought online.
Note: This behavior only pertains to Windows Server 2008. Windows Server 2008 R2 does not have this issue.

It's important to know that even though the cluster group fails over, there really is no effect on Exchange, even with a geographically disbursed CCR cluster (geo-cluster). However, if you're like me, you like symmetry and order. The cluster group should be with the active CMS node.

Here's how to minimize the time that the cluster group is on the (normally) passive node:

  • Open the Failover Cluster Management console
  • Add the cluster name, if necessary, and select it
  • Double-click Cluster Core Resources in the middle pane to expand it
  • Right-click File Share Witness (\\servername\sharename) and select Properties
  • Click the Policies tab
  • For optimal restart performance, change "If all the restart attempts fail, begin restarting again after the specified period (hh:mm)" to 15 minutes, as shown below:

This configuration will cause the cluster service to attempt to bring the FSW resource to online once every 15 minutes, instead of an hour.

Next, logon to the server holding the FSW resource (typically a Hub Transport server in the active site and install the Failover Clustering Tools feature. You'll find it in Remote Server Administration Tools > Feature Administration Tools.

Now create a batch file called FSW_Online.bat. Enter the following two lines:

  • cluster EXCLUSTER1 res "File Share Witness (\\server\mns_fsw_excluster1)" /online
  • cluster EXCLUSTER1 group “Cluster Group” /move:node.yourdomain.com

Note: Replace EXCLUSTER1 with your cluster name. Replace \\server\mns_fsw_excluster1 with the name of your FSW resource (enter "cluster res" at a command prompt to find it). Replace node.yourdomain.com with the FQDN of the CMS node you want to keep the cluster group on.

Lastly, configure FSW_Online.bat to run at startup on the FSW resource server:

  • Open Local Group Policy Editor
  • Navigate to Computer Configuration > Windows Settings > Scripts (Startup/Shutdown) > Startup
  • Click Add and browse to the FSW_Online.bat file you created
  • Click OK twice and close Local Group Policy Editor

This is my current best practice for configuring the File Share Witness resource failure policy.

Special thanks go to Tim McMichael, Senior Support Escalation Engineer on the Exchange product support team, for assisting me with this article.

Thursday, June 11, 2009

How to Verify the AD Schema Level on All Domain Controllers

Whenever I perform schema extensions in Active Directory, I always want to verify that the new schema attributes have replicated throughout the domain's Domain Controllers. Schema extensions are usually necessary for Exchange installations and upgrades, or to prepare a domain for a new version of Windows.

The following batch file will display the value of the rangeUpper attribute for the ms-Exch-Schema-Version-Pt object on every Domain Controller in the target domain.

@echo off
dsquery server -o rdn >DC.lst
FOR /F "tokens=1" %%i in (DC.lst) do (
echo %%i
dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,dc=yourdomain,dc=com -scope base -attr rangeUpper -server %%i
)

Modify dc=yourdomain,dc=com as necessary for the target domain and save this file as CheckSchemaVersion.bat.

The output will display the name of each Domain Controller and the rangeUpper value. You will know that the schema changes have replicated throughout the domain when each Domain Controller returns the same (highest) value.

Wednesday, June 10, 2009

Be Aware: Windows Server 2008 SP2 Re-enables Disabled NICs

Be aware installing Windows Server 2008 Service Pack 2 (SP2) will re-enable any network adapters that were disabled prior to the update. This will also affect computers updated with Windows Vista Service Pack 2.

[Before installing SP2]

[After installing SP2]

This is important for several reasons. It is best practice on Hyper-V servers to disable the virtual NIC assigned to VM guests, so that a host with a dedicated management NIC does not use the NICs assigned to VM guests. SP2 re-enables all these virtual NICs, as well.

Sometimes disabled NICs should only be enabled for disaster recovery purposes. Enabling these NICs at startup could have dire consequences in these rare situations.

It's important to understand that if you're using the Windows Firewall, the server uses the most secure firewall network profile for all NICs. If your domain joined computer has more than one NIC, but only the NIC that is used to connect to the domain is enabled, the Windows Firewall uses the Domain Network profile. However, after installing SP2 the computer will start up with all NICs enabled. If the previously disabled NICs are not connected, the Windows Firewall will use the Public Network profile, which uses much different firewall policies -- potentially causing service interruptions.

My advice is to document your network connections prior to installing Windows Server 2008 SP2, so you can reconfigure them when your done with the update.

Thursday, June 4, 2009

Just Bing It

You know you've got a winner when your name becomes a verb. How many times have you heard, "Just Google it." Well, that parlance is about to change.

Bing, Microsoft's new search portal, debuted this week to rave reviews. Bing is different than other search engines because of what Microsoft calls Bing's Decision Engine. It gives much more useful and relevant information than competitors, without having to enter arcane search terms. Take a look at this example to see a side-by-side comparison of Bing and Google search results.

I especially love the travel results that Bing offers. Microsoft has merged several technologies together to give easy to consume results with truly meaningful information. For example, a search for airline flights on Bing not only returns the best flights, but predicts whether prices are going up or going down, similar to FareCast.

You can also check flight times simply by entering the airline and flight number in the search window, such as "United 9120" or simply "ua 9120".

The image and video results are very cool, too. Image search results are returned on a single scrollable page rather than dozens of pages you have to click through. Video search results actually play in the results window by simply hovering your mouse over the video.

I'd like to find a way to create a custom portal page that allows me to dashboard the information I'm interested in, such as news, market reports and RSS feeds. I'm still learning all the cool things Bing does, but so far I'm very impressed. I recommend you Bing it to find out for yourself.

Bing. It's not your father's search page.

Wednesday, June 3, 2009

Fix for having to supply credentials when connecting to a Hyper-V guest


One of my customers complained that he was getting the following prompt for credentials whenever he connected to a Hyper-V guest from the host.

Your credentials did not work
Your system administrator does not allow the use of default credentials to log on to the remote computer (computer name) because its identity is not fully verified. Please enter new credentials.

The host Hyper-V server is in a workgroup and the guests are in either a domain or workgroup.

The fix is to allow saved credentials with NTLM-only server authentication on the Hyper-V host. You can do this in the Local Group Policy Editor.

  • Run GPEDIT.MSC on the Hyper-V host
  • Expand Local Computer Policy > Computer Configuration > Administrative Templates > System > Credentials Delegation
  • Double-click Allow Saved Credentials with NTLM-only Server Authentication
  • Enable the policy
  • Add servers to the list by clicking the Show button and adding your Hyper-V hostname
  • Click OK twice and close Local Group Policy Editor

Now run GPUPDATE on the Hyper-V host to apply the new settings.

Connect to one of the Hyper-V guests, enter your username and password, and check the Remember my credentials checkbox. Hyper-V will no longer prompt for credentials when connecting to any of the guest VMs.

Tuesday, June 2, 2009

What's New with Exchange 2010 ActiveSync and Outlook Mobile

Some great new changes are coming with Exchange Server 2010 ActiveSync.

Many more partners beyond Windows Mobile have licensed the ActiveSync protocol for syncing email to your mobile device. Here are just a few:

Architecture-wise, Exchange 2010 ActiveSync has the same connectivity flow as Exchange 2007.

Here are some of the new Exchange Server 2010 ActiveSync features:

Block/Allow/Quarantine List
You can setup a single list to block/allow mobile devices as needed. You can also quarantine devices such as new untested devices, etc.

Over the Air Update ModeYou can now push new Outlook Mobile updates and/or new versions to Windows Mobile 6.1 and above. This is really nice since you no longer have to wait for a new Windows Mobile OS version to obtain a new version of Outlook Mobile.

SMS SyncThe ability to send SMS text messages through Exchange and Exchange ActiveSync is used to sync SMS messages with a user’s mobile device. Benefits of SMS sync:

  • User can use OWA, Outlook, and Outlook Mobile to respond
  • SMS messages are backed up on the server
  • Recipients can respond to messages
  • User can switch “screens” while still seeing all their messages

IMAP/POP3 Service DiscoveryYou can now autodiscover/autoconfigure the IMAP/POP3 settings from your mobile device by just specifying your email address, just like you can now with Outlook 2007.

Here are some of the new Outlook Mobile features:

Conversation ViewConversation view is invaluable. This allows you to have a nicer mobile email experience when trying to skim through the onslaught of emails. This is the same experience you will have in Exchange 2010 OWA and Outlook 2010, but really makes a huge difference on a mobile device.

Reply State
You can now see which emails you have replied to or forwarded.

Conversation Actions
You can now ignore threads, move entire threads to folders, etc. from your mobile device.

Nickname Cache
Very nice that your nicknames follow you now. Especially useful for external recipients you email often.

Voice Card
You no longer have to download an attached voicemail before you can play it. You just hit play and hear the voicemail. Another cool feature is the ability to see a written transcription of the voicemail in the body of the message. Very useful for meetings and noisy airports, where you can't play the voicemail.

Get Free/Busy
I love this feature. You can now easily check someone's Free/Busy times at a glance from your phone instead of breaking out the laptop, etc.

As you can see, there are some very useful features coming to Exchange Server 2010 ActiveSync and the new Outlook Mobile.