Network Administrator Knowledgebase


November 15, 2007  8:15 AM

Windows Server 2008 pricing

Michael Khanin Michael Khanin Profile: Michael Khanin

Earlier this week at TechEd IT Forum in Barcelona, Microsoft announced pricing, packaging and licensing options for Windows Server 2008, which includes Microsoft’s server virtualization technology Hyper-V, previously code-named “Viridian.” The new packaging outlined in the announcement includes eight new versions, three of which include Hyper-V. For a rundown of the pricing, see the press release. In addition, Microsoft announced Hyper-V Server, a standalone hypervisor-based server virtualization product that complements the Hyper-V technology within Windows Server 2008, allowing customers to consolidate workloads onto a single physical server.

November 14, 2007  3:40 PM

Free Deployment System

Michael Khanin Michael Khanin Profile: Michael Khanin

All Network Administrators at least once thought about how to install a program on remote computer without ever touching it. Hopefully, today we have a lot of ways to achieve this goal. The very interesting part of it all is, when ever I provide a consulting services to companies, I hear the same question, “Michael, do you know any FREE solutions to distribute programs, patches or run anything on remote computers?

I’d like to show you the solution, I’ve created for myself. Let’s call it “Free Deployment System :)”…

Free Deployment System” contains a set of scripts and free tools. The heart of this system is a PSExec by Sysinternals.

Before I start, let’s clarify few pre-requirements. We need one server or computer that will hold off packages and scripts. The Deployment System will run on this system. We need a user with administration privileges on all remote computers (We can create a user on Domain level and set the necessary permissions to this user).

Ok, now we are ready to start.

Let’s created a directory structure on deployment server.

C:\Operation
 |_Scripts
 |_Tools
 |_Packages

In my situation, I don’t have any files in C:\Operation directory. In C:\Operation\Tools directory I have tools that I have been using in my scripts. The main scripts of “Free Deployment System” are located in C:\Operation\Scripts. C:\Operation\Packages contains packages for remote installation. Set a Share on the C:\Operation\Packages and give all users Read Permissions.Now we need to create a few files in C:\Operation\Scripts directory. The first file is #Servers.txt. This file contains an IP addresses or Computer Name of remote computers. Each IP or name should be on new line. In my case #Servers.txt looks as follow:

192.168.3.95
192.168.3.96
192.168.3.97
192.168.3.98
192.168.3.99
192.168.3.10

The next file in our system will be a Config.bat. By using Config.bat I set credentials for connection to remote computers. Config.bat looks as follow:

@echo off
set DM=AdminInfo
set USR=TSAADMIN
set PASS=TSAPassWord

OK, now we are going to create a main script of our system. I named it INSPKG.bat, meaning “Install Packages”. Before show the content of INSPKG.bat I’d like to say a few words about how it works.

INSPKG.bat runs in loop and checks each line of #Servers.txt file and use this addresses as a destination where the installation package should be installed. When the package installed on last computer (last line in #Servers.txt file) INSPKG.bat will stop working. If you have too many computers in your network, the package deployment could take time, be patient. So, INSPKG.bat contains the following lines:

@echo off

Rem *****************************************************************************
Rem *       For 1 envirement use the Pakage file name                           *
Rem *       The general location of all Pakage is: C:\Operation\Packages        *
Rem *       On remote computer computer should be located  "C:\Updates"         *
Rem *                                                                           *
Rem *       Websites:  http://thesystemadministrator.com                        *
Rem *                                                                           *
Rem *****************************************************************************

if {%1}=={} @Echo Please set the Pakagename.The format is INSPKG.bat 7Zip &goto :EOF

set Scripts=C:\Operation\Scripts
set Tools=C:\Operation\Tools
set Packages=C:\Operation\Packages

call %Scripts%\Config.bat

SET IP-SRV=
SET LoopNum=
SET Line=
SET I=
SET RCOMP=
SET Line=0

TYPE %Scripts%\#Servers.txt > %TEMP%\SRVLIST.txt

FOR /F "TOKENS=*" %%a in ('%Tools%\LINEX -c ^<%TEMP%\SRVLIST.txt') do set IP-SRV=%%a
SET /a LoopNum=%IP-SRV% + 1

:LOOP1
SET /a I=%I% + 1
SET /a Line=%Line% + 1
IF "%I%"=="%LoopNum%" goto END
FOR /F "TOKENS=*" %%a in ('%Tools%\LINEX -l %Line% ^<%TEMP%\SRVLIST.txt') do set RCOMP=%%a

copy "%Packages%\%1\%1.bat"  "\\%RCOMP%\c$\Updates\" /Y

@echo Please wait ...

%Tools%\psexec.exe \\%RCOMP% -u %DM%\%USR% -p %PASS% -i C:\Updates\%1.bat

SET Line=%Line%
goto LOOP1

:END
SET IP-SRV=
SET LoopNum=
SET Line=
SET I=
SET RCOMP=
SET Line=

INSPKG.bat should run from a console (cmd.exe) of our deployment server. The format is following:

C:\Operation\Scripts\INSPKG.bat 7Zip

Where, 7Zip is a name of a package. As you can see, in this example, I’m going to deploy a 7-Zip to all computers, but before this I have to create a package. So, for this purpose I’m going to the C:\Operation\Packages directory and create a new directory, 7ZIP. Inside 7ZIP I create a file 7ZIP.bat and put the installation file of 7-Zip. I’m going to install a 7z442.exe on all computers. By using RTFM rule :), I know that to install a 7-Zip in silent mode I have to use switch /S. So, my 7Zip.bat contains the following lines:

@echo off
\\192.168.3.39\packages\7ZIP\7z442.exe /S

Note: Change 192.168.3.39 to the IP or name of your Deployment Server.

And, on the final, we need put necessary tools to the C:\Operation\Tools directory. Download last version of PSExec and put it to C:\Operation\Tools directory. In INSPKG.bat I’m using a very cool tool, LINEX.EXE. Linex.exe is a part of “Bill Stewart’s freeware Batch Script Tools”. When I wrote this article, I tried to find an official web site of “Bill Stewart’s freeware Batch Script Tools”, but failed. So, you can download a Linex.exe directly from my web site.As additional example, I’ve created packages for Acrobat Reader and Firefox.  Keep in mind to create a separate directory for each package. The Directory and name of package script should be the same, meaning if you are going to create a package for Firefox inside C:\Operation\Packages create directory Firefox and inside C:\Operation\Packages\Firefox create a script Firefox.bat and also inside C:\Operation\Packages\Firefox put the installation file of Firefox. Here is my Firefox.bat:

@echo off
\\192.168.3.39\packages\Firefox\FirefoxSetup2.0.0.9.exe -ms 

Note: Change 192.168.3.39 to the IP or name of your Deployment Server.

I hope I didn’t forgot anything :) .
Let me know what kind of package you are interesting in and I’ll try to create it. I’ll be very happy if you write comment for this article.


November 11, 2007  6:01 PM

Sysinternals tools have been updated

Michael Khanin Michael Khanin Profile: Michael Khanin

Sysinternals Tools have been updated. PSExec v1.90 improves handling of arguments, BgInfo v4.12 offers improved reporting, Process Explorer v11.04 fixes a memory leak, ADExplorer v1.01, DebugView v4.72 and Process Monitor v1.26 fix some minor bugs.


November 8, 2007  10:52 PM

Windows Server 2008 Technical Overviews

Michael Khanin Michael Khanin Profile: Michael Khanin

These technical overviews provide IT Professionals with information about how a Windows Server 2008 technology works. They may also cover design and planning considerations and basic setup and operating instructions.

The download contains the following documents:

  • DNS Server Global Query  Block List
  • Installing and Configuring and Troubleshooting the Microsoft Online Responder
  • What’s New in Failover Clusters
  • What’s New in Terminal Services for Windows Server 2008

Download: WS2008 Technical Overviews


November 8, 2007  10:44 PM

Direct9.0c – Unattended (Silent) Installation

Michael Khanin Michael Khanin Profile: Michael Khanin

I’ve asked by one of companies, where i provide an IT consulting services, how to install directx on client’s computers unattended?

Equally, on internet existed a lot of articles about how to do this. Who use an old dxsetup.exe file, who try to edit an exe file in HEX-Editor and then use switch OPK . Also, admins use other tricks, likes an AutomatIT or similar products. Just one consider i can’t understand :), why nobody tries to read a HELP?
By going to the http://msdn2.microsoft.com/en-us/library/bb219742.aspx you can find, black on white, how to install directx in unattended mode. All you have to do, is to add the switch “/silent“!

Admins, I’m also VERY lazy admin, but reading a HELP save your time :)


November 5, 2007  2:06 PM

SMB v2.0 in Windows Server 2008 & Windows Vista

Michael Khanin Michael Khanin Profile: Michael Khanin

Server Message Block (SMB), also known as CIFS (Common Internet File System) is the file sharing protocol used by default on Windows based computers.  Windows includes an SMB client component (Client for Microsoft Windows) and an SMB server component (File and Printer Sharing for Microsoft Windows).

SMB in Windows Server 2008 and Windows Vista support the new SMB version 2.0 that has been redesigned for today’s networking environments (wireless, possible high loss, timeouts, high latency, …) and for the needs of the next generation of file servers (EFS over the wire, Offline Files and Folders enhancements, …).

Machines running Windows Server 2008 and Windows Vista support both SMB v1.0 and SMB v2.0.  However SMB 2.0 can only be used if both client and server support it!!  So, the SMB protocol revision to be used for file operations is decided during the negotiation phase.

A Vista client advertises to the server that it can understand the new SMB 2.0 protocol.  If the server (Windows Server 2008 or otherwise) understands SMB 2.0, then SMB 2.0 is chosen for subsequent communication, otherwise they fall back to SMB 1.0.

This preserves “downwards” compatibility so that deploying Vista clients or Windows Server 2008 servers should be simple and straightforward.   The following list below describes what protocol will be used when communicating between different types of client and servers.

  • Vista client <> Vista client or Windows Server 2008 – SMB 2.0
  • Non-Vista client <> Vista client or Windows Server 2008 – SMB 1.0
  • Vista client <> Non-Vista client or Non-Windows Server 2008 – SMB 1.0
  • Non-Vista client <> Non-Vista client or Non-Windows Server 2008 – SMB 1.0

For an overview of the impact on network throughput, have to look at the white paper of a third-party benchmark study done by The Tolly Group which compares network throughput and time-to-completion of several tasks when using Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008 .

Source: http://trycatch.be/blogs/roggenk


November 3, 2007  7:03 AM

Installing DOS additions under VPC 2007

Michael Khanin Michael Khanin Profile: Michael Khanin

MS-DOS is no longer officially supported under Virtual PC 2007, as such the DOS Virtual Machine Additions are not included with Virtual PC 2007.  However – if, like me, you want to run DOS on Virtual PC 2007 – you can get the DOS Additions by following this easy process:

  1. Download Virtual PC 2004 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=6d58729d-dfa8-40bf-afaf-20bcb7f01cd1&displaylang=en
  2. Extract the contents of the installer per this blog post: http://blogs.msdn.com/virtual_pc_guy/archive/2007/01/08/extracting-files-from-the-virtual-pc-installer.aspx
  3. Grab the DOS Additions .VFD file and insert it into the floppy drive of your virtual machine under Virtual PC 2007.
  4. Run the install program from the floppy under the virtual machine.

As I have already mentioned – this is not supported – but should work fine.

Source: http://blogs.msdn.com/virtual_pc_guy


November 3, 2007  7:02 AM

Disabling folder sharing / clipboard integration / etc… under Virtual PC

Michael Khanin Michael Khanin Profile: Michael Khanin

When you install the Virtual Machine Additions under Virtual PC you get a lot of benefits.  You get faster performance, integrated mouse cursor support, folder sharing, clipboard integration, drag and drop integration and dynamic desktop resizing.  There are times – however – when all this integration can be a problem.  For instance, you may be working in an environment where you do not want to be able to easily transfer data between the host and the guest (for security or confidentiality reasons).  It is possible, thought non-intuitive, to disable folder sharing,clipboard integration, drag and drop integration and dynamic desktop resizing while still having improved performance and mouse cursor integration.

To do this under Virtual PC 2007 (note – this will not work on earlier releases), you need to go into the guest OS and delete the following registry key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“VMUserServices”=”C:\\Program Files\\Virtual Machine Additions\\vmusrvc.exe”

When you restart the virtual machine these services will now no longer be present (you may want to delete ‘vmusrvc.exe’ if you are worried about users starting it themselves).

Source: http://blogs.msdn.com/virtual_pc_guy


November 3, 2007  6:56 AM

Windows Server 2008 & SSLVPN aka Secure Socket Tunneling Protocol (SSTP)

Michael Khanin Michael Khanin Profile: Michael Khanin

Secure Socket Tunneling Protocol (SSTP) is a new form of (SSL-based) VPN tunnel with features that allow traffic to pass through firewalls that block PPTP and L2TP/IPsec traffic.

SSTP provides a mechanism to encapsulate PPP traffic over the SSL channel of the HTTPS protocol.  The use of PPP allows support for strong authentication methods such as EAP-TLS.  The use of HTTPS means traffic will flow through TCP port 443.  Secure Sockets Layer (SSL) provides transport-level security with enhanced key negotiation, encryption, and integrity checking.

SSTP supports multiple authentication methods such as passwords, smart cards, certificate-based and “One Time Password” authentication.

SSTP has integrated NAP support for client health check, by using the NPS (Network Policy Server – ex-IAS) for authentication and authorization.

Client/Server Requirements

SSTP is available through the Windows Server 2008 Routing and Remote Access VPN Server.  IIS is not required for running SSTP, since RRAS listens to HTTPS connections directly over HTTP.SYS.

Only clients running Windows Vista SP1 are able to create SSTP-based VPN tunnels.

Additional reading:

Source:http://trycatch.be/blogs/roggenk


November 1, 2007  10:54 AM

Exchange 2007 SP1 Improvements for Unified Communications

Michael Khanin Michael Khanin Profile: Michael Khanin

Microsoft Exchange Server 2007 Service Pack 1 introduces many new features for each server role. Lets

  • New deployment options: You can now install Exchange 2007 SP1 on a server that is running Windows Server 2008
  • Client Access Server Role Improvements: We’ve added an UI to manage POP3 / IMAP4, OWA improvements, Active sync improvements with the addition of for example remote wipe information and much more
  • Transport: Enhancements to message processing and routing functionality on the Hub Transport role.
  • Mailbox Server Role Improvements: Public folder management in the Exchange Management console, mailbox management improvements, etc…
  • High Availability: In SP1 we will introduce the Standby Continuous Replication in addition to LCR and CCR, further more we support the WS2008 Failover clustering and we improved the Exchange management console.
  • Unified Messaging Server Role: Unified Messaging has been improved and has added new features in Exchange 2007 SP1. To use some of these features, you must correctly deploy Microsoft Office Communications Server 2007 in your environment.

As you can see we have made a lot of improvements onto Exchange Server 2007 with this Service Pack and especially for the Unified Communication Role.

Exchange Server 2007 Unified Messaging combines voice messaging, fax, and e-mail into one Inbox, which can be accessed from the telephone and the computer. Unified Messaging integrates Exchange Server 2007 with the telephony network in your organization and brings the features found in Unified Messaging to the core of the Exchange Server product line.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: