Publications (RSS)

Branch Office Infrastructure Solution - lots of new information now available

The Branch Office Infrastructure Solution, or BOIS (which is far too easy to mis-type if you've worked in computing for a lot of years - think about it) has been released. The BOIS guidance and tools are designed and structured to address the needs of large organisations and enterprises in designing and deploying appropriate solutions for branch office infrastructures. It includes guidance on planning, design and deployment for a core set of MS technologies working together to provide a complete and integrated branch office infrastructure solution.

Streamlining a branch office infrastructure is basically a matter of consolidating services and applications, both by centralising them (if possible) and physically co-locating them (if centralisation is not possible).  A branch office project using this approach can result in substantial benefits for companies of all sizes, especially large organizations and enterprises. The guidance focuses on reducing Total Cost of Ownership (TCO), through:

- Better utilisation of server capacity.
- More efficient systems administration and management.
- Faster and more complete recovery of data in the event of a disaster.
- Higher degree of standardisation and automation.

Click here to download and view or Click here for more information about solutions for Branch Offices.

posted Friday, June 24, 2005 10:49 AM by jhoward with 1 Comments

File Server Migration Toolkit

Virtualisation for migration and consolidation isn't always the best answer. I'm not saying it isn't appropriate always, but there are alternatives. One great example which I was asked by a customer last week about was for migrating and consolidating older file servers. The answer could be the Microsoft File Server Migration Toolkit which provides tools and information to simplify the process.

Take a look at the FSMT homepage, the overview whitepaper or the Solution Accelerator for Consolidating and Migrating File and Print Servers

posted Tuesday, June 21, 2005 10:29 AM by jhoward with 1 Comments

Forms Based Authentication and RPC/HTTP over single IP using ISA 2004

You would think that this would be something fairly simple to do.... Well, think again, unless you know. In the scenario I was trying to get working, there are essentially three servers involved - a domain controller running Windows Server 2003, a single Exchange 2003 Server and an ISA 2004 Server.

The goal is to allows users to access the Exchange Server remotely, both via Outlook Web Access and through RPC/HTTP using Outlook 2003.

When you publish OWA (I'm not using a FE/BE [Front-End/Back-End] configuration - just a single Exchange Server) through ISA 2004, the principle is to create a new web listener running on port 443 (SSL) on the ISA Server. You configure the web listener to use forms based authentication (FBA) and forward the requests back to your Exchange Server. I had this going fine without a manual in sight ;-)

However, when it comes to a configuration where you have a single IP address externally, and want to publish RPC/HTTPS also on port 443, you have a problem. You cannot, in ISA 2004, have a web-listener running in both FBA mode and basic authentication.

I was puzzling about this last week, and came close to solving the problem. There wasn't much information I could find out there on the Internet, so my thoughts were to use Basic Authentication on the web listener, and proxy the FBA through another listener. I never quite got there until I found the article below, but the general principle was right.

This article by Tom Schinder "ISA Server 2004: Supporting Both Basic and Forms-based Authentication with a single External IP Address and Web Listener". This article goes through a step-by-step configuration and worked perfectly for me. Lots of screenshots to make it dead obvious what you need to do. The workaround is astonishingly simple in concept, yet resolves what should be such a simple thing to do.

...so here's a small part of my ISA configuration showing it configured

 

...and here's my OWA (with a few bits disguised - afterall, you wouldn't expect me to publicise my inbox contents or external domain name would you??? :-) )

Now for that XBox theme..... When's the XBox 360 theme coming out then, Eileen.

posted Tuesday, June 14, 2005 11:41 AM by jhoward with 0 Comments

PKI and Certificate Management Information in Windows Server 2003

While on the subject of Certificates/Encryption/IPSec/PKI in general yesterday, I was looking around for some good information on how PKI works to post up. One white paper which stuck-out from the pile was published in December last year (so it's reasonably up to date) by David B. Cross and Avi Ben-Menahem entitled "Key Archival and Management in Windows Server 2003". Now this isn't exactly going to be a best seller, but I found it very easy to read and understand, so all kudos to David & Ali. Joking aside, it is crucial to pay consideration to this subject if you are planning to implement or already have implemented a certificate authority within your organisation.

For further info on PKI in general, this link is a good starting point. The home page for Cryptography on Technet is here and information on EFS (Encrypting File System) in XP and Windows Server 2003 can be found here. Otherwise my colleague Steve Lamb will be able fill in the gaps.
 

posted Wednesday, February 02, 2005 2:16 PM by jhoward with 1 Comments

Windows 2000 ADSI Scripting for System Administration

Although published a few years ago, one of the most useful books I keep coming back to is "Windows 2000 ADSI Scripting for System Administration" by Thomas Eck. As an IT Professional with a development background, this book has proved invaluable time and time again. Even with no development background, it never hurts to have a little more insight. Note that most of the content applies equally as well to Windows Server 2003.

Futher details are on amazon

posted Monday, December 13, 2004 12:42 PM by jhoward with 0 Comments

Updated document - changes to functionality in Microsoft Windows Server 2003 SP1

There is a revised version of a document just posted on microsoft.com describing the changes in functionality in Windows Server 2003 Service Pack 1. It reflects Microsoft's early thinking about Service Pack 1 and its implications for developers. Note that there will be future versions of this document covering all new and changed technologies.

posted Friday, December 10, 2004 7:47 AM by jhoward with 2 Comments