March 28, 2014 Leave a comment
Microsoft are pleased to announce their new Office for iPad app. Makes the iPad less useless in business now……I’d still take a Surface Pro anyday 🙂
Insight, opinion and knowledge of an IT Manager
March 12, 2014 Leave a comment
I’ve recently had a good experience with Amazon Prime and thought I’d tell you about it.
Much like most of you I was beginning to get a little tired of the ‘Prime’ being shoved down my throat with a 30-day free trial ending in a rather expensive renewal (either monthly or yearly). However, having looked into the product a little more I can finally give in and say what a fantastic idea.
Basically it boils down to the first idea of Prime, this is what has been going on for years at Amazon. You pay a yearly fee and you get free Two-Day shipping on millions of items. However, there are other perks, one of which I find to be extremely useful;
For a years worth of the above, it’s extremely cost effective, even if you only use the delivery thing once or twice a year you can certainly get your money’s worth in the 3 bullet points above.
It’s been a good experience and there’s usually complaints in this world. Please feel free to click the link below to give yourself a Free 30-day trial of Amazon Prime, yes there is a cost after this but I think once you have explored the other benefits you’ll see how far your £79 a year really goes.
http://www.amazon.com/gp/prime/signup/videos?tag=guru365net-21 – For the full Prime
http://www.amazon.com/gp/video/primesignup?tag=guru365net-21 – Alternatively if you’d just like the subscription service for movies and TV – click here 🙂
Oh and you can cancel your subscription before you have to pay anything, so if you aren’t sure/impressed then you are able to cancel when you want.
Happy shopping / reading / watching 🙂
Microsoft Books – You can also look for the latest Microsoft books focussing on Office 365 and Cloud Computing – some excellent authors out there willing to share their knowledge.
February 6, 2014 Leave a comment
This is due to the hydration status of your tenant at Office 365. Each Office 365 tenant is not “hydrated” by default. Hydration is the adding of lots of settings in the Exchange Online directory service per tenant – by default lots of tenants do not need these settings and so rather than creating the settings per tenant, each tenant shares these common settings. To enable your own Transport Rules, Free/Busy Rich Coexistence and custom RBAC settings require that all the “common” settings in the directory are copied to the tenants area of the directory. To do this means you need to run the Enable-OrganizationCustomization cmdlet in remote PowerShell to Exchange online. Once this is done the GUI will create RBAC, rules, free/busy etc. without throwing Exception has been thrown by the target of an invocation error. The exact steps to perform on your Office 365 tenant before configuring RBAC, rules or coexistence are as follows:
February 4, 2014 5 Comments
Brief Overview of Directory Synchronisation (DirSync)
The Windows Azure Active Directory (AD) Synchronisation Tool is an application that synchronises the on premises Active Directory with Microsoft Online Services. This allows services like Office365 to provision the user structure for migration to the cloud.
It is good practice to install this tool on only one computer in the local network of the domain you are migrating, it is also good practice to tightly restrict access, as you would with a Domain Controller or other sensitive network infrastructure.
Dir Sync effectively synchronises the full set of attributes from your on premise Active Directory to the Windows Azure AD tenant used for Microsoft Online Services, once provisioned in Windows Azure AD, services such as Exchange Online can utilise this infrastructure to ensure a relationship between the users details on premise to in the cloud. The latest edition of Dir Sync provides a simple-sign on process using the Password Synchronisation feature, or you can utilise the Single Sign-On experience of ADFS (Active Directory Federation Services). In addition to this, a small set of attributes can be synced back from Windows Azure AD to the one premises infrastructure.
Preperation is the key to Dir Sync
An administrator must complete some basic preparation before being able to synchronise their on premise AD to the Windows Azure AD.
This process includes deciding on a ‘simple sign-on’ or ‘single sign-on’ environment.
Simple sign-on – Allows the synchronisation of the on premise AD DS password hash with Windows Azure AD to allow users to authenticate to Windows Azure Ad using their UPN (User Principle Name) and corporate password.
Single sign-on – Identity Federation enables a company’s users to authenticate using the customers corporate AD. This process requires on premise hardware and configuration separate to the Simple sign-on process, but can give some benefits which I will touch on later.
Dir Sync requires certain prerequisites in order to perform a successful migration, these include;
Joined to the Active Directory Forest – The computer must be domain joined, it will need to contact all the DC’s for all the domains in the forest**
** A forest is one or more Active Directory domains that share the same class and attribute definitions, site and replication information, and forest-wide search capabilities.
Dedicated Server (Best Practice but not a requirement) – This is a good practice recommendation to avoid interference with other applications or services on the particular server. EDIT ********Can now be installed on a Domain Controller!
Running a supported Windows Server OS – 64-bit edition of Windows Server 2008 Standard or Enterprise, Windows Server 2008 R2 Standard or Enterprise, Windows Server 2008 Datacentre or Windows Server 2008 R2 Datacentre, or 64-bit edition of Windows Server 2012 Standard or Datacentre.
Running Microsoft .NET Framework version 3.5 or later – Server 2008 R2 upwards this can be added as a feature through Server Manager.
Running Windows PowerShell – Windows Server 2008 R2 upwards has PowerShell installed by default.
Access-Controlled environment – Access to the computer should be limited to administrators only.
Running Microsoft SQL Server Software – If you have more than 50,000 AD objects you will require MS SQL 2009 Standard / R2, if you have less than this number you can utilise the default SQL Express database which is installed as part of the Dir Sync process.
Things to Consider
Active Directory Object Limit (as mentioned above) – Default limit of 50,000 objects in Windows Azure AD, to increase this limit you will need to contact Microsoft Cloud Services support and request an increase. Expect a week or more to have this resolved.
When using Simple Sign-On – Consider turning on the Password synchronisation Feature of the Windows Azure AD Synchronisation Tool. However, this should be enabled, after a migration, as this can interfere with certain functions of the migration.
Directory Synchronisation write-back – Write-back is required to enable full rich coexistence, if Exchange hybrid servers are not to be deployed or there is no Exchange server on premise then write-back is not required. If enabled – only a few attributes will be written to the on-premises AD service. Microsoft Exchange Server 2010 SP3 schema extensions will need to be installed to enable write-back, this is included in latest versions.
Service Account Requirements
The Windows Azure AD Sync Configuration Wizard will create a service account in your local AD, this will require your intended Windows server to be domain joined. The installation wizard creates this account using the local AD permissions that you provide.
To prepare, create or use 2 service accounts;
The details of these accounts will be required later in the installation.
Existing user accounts will be soft matched if they are already in existence in the Windows Azure AD, if this is the case please use this link to further elaborate on this process – http://support.microsoft.com/kb/2641663
Activating Directory Synchronisation
Directory Synchronisation must be activated before installing the Directory Synchronisation Tool, Microsoft strongly recommends that you leave it activated for the entire time that directories are being synchronised. Once deactivated the source of authority is transferred from the on premise AD domain to the cloud.
Dir Sync must be deactivated if you wish to transfer all user, group, contact, and mailbox management to the cloud. For example a company that used the staged migration tools to move their mailboxes to the cloud and no longer want to manage objects from on premise, can deactivate Dir sync.
To activate directory synchronization, log into your Office 365 portal and follow these steps:
2. Click users and groups in the left pane of the Admin page.
3. Click Set up located at the right beside the Active Directory synchronization tag.
4. Follow the onscreen steps to activate the directory synchronization features.
Please be aware that this may take up to 24 hours to take effect. The portal updates with the status of the configuration change. Please wait until the configuration is complete, before proceeding.
Installing the Dir Sync Tool
After activating Windows Azure AD synchronisation for Office365, you can download the Dir Sync Tool. This is either utilised in the SQL Server Express version for less than 50,000 AD objects or a full SQL Server instance for more than 50,000 objects.
The process for downloading this is below;
1. Access the Office 365 portal.
2. Select Office 365 from the Admin dropdown in the header.
3. Click users and groups located in the left pane of the Admin page.
4. Click Set up located at the right beside the Active Directory synchronization tag.
5. Click download under step 4 and follow the instructions to save the installation file on your computer.
6. Verify that the Microsoft Online Directory Synchronization Tool package downloaded to your computer.
Installing Dir Sync Tool – Less than 50,000 objects
1. On the computer where you want to install directory sync install the following; http://go.microsoft.com/fwlink/?LinkID=278924 (64bit)
2. Follow the instructions in the Setup wizard.
3. On the last page of the wizard, select Start Configuration Wizard now, and then click Finish to start the Windows Azure Active Directory Sync tool configuration wizard.
4. Provide the Enterprise Administrator and Windows Azure Active Directory credentials as prompted.
5. Enable the optional features that are required.
6. When prompted, check Synchronize your directories now to start synchronization.
Installing Dir Sync Tool – More than 50,000 objects
The Directory Synchronization Tool can be installed in Wizard mode, which provides step-by-step guidance through the installation process. Double-click the installation package and follow the directions to install. Continue with the following steps when using full SQL:
1. Log onto the Directory Synchronization Server.
2. Click Start, then Run.
3. Type CMD and click OK.
4. Type the path to where you saved the Directory Synchronization Tool package.
5. Type DirSync.exe /fullsql and click Enter. If prompted with a User Account Control prompt, do either of the following:
a. Click Continue.
b. Enter the username and password of the on-premises service account and click OK.
Note: The fullsql switch installs DirSync without installing SQL Express. The install stops after the Install-OnlineCoexistence cmdlet is installed.
6. Click Next through to the end of the wizard and then click Finish.
Important: The Directory Synchronization Tool installation is completed using Windows PowerShell.
7. On the Directory Synchronization computer, open Windows PowerShell by opening the command-line tool and entering the command Powershell.exe -noexit.
8. Press Enter.
9. Type Add-PSSnapin Coexistence-Install at the Windows PowerShell prompt.
10. To install the Directory Synchronization Tool
a. Using a remote installation of SQL Server 2008, type
Install-OnlineCoexistenceTool –UseSQLServer –SqlServer <SQLServerName> -ServiceCredential (Get-Credential) –Verbose
PS C:\Temp> Install-OnlineCoexistenceTool -UseSQLServer -SqlServer “SERVER\INSTANCE” -ServiceCredential (Get-Credential) -Verbose
b. Onto the same system as SQL Server 2008, type
Install-OnlineCoexistenceTool –UseSQLServer –Verbose.
11. At the Windows PowerShell Credential Request prompt, type the username and password of the on-premises service account.
Configuring the Directory Synchronisation Tool
After installing the latest supported version of SQL Server 2008, completing the Microsoft Online Services Directory Synchronization Tool Configuration Wizard is required for synchronization to occur.
Verifying Directory Synchronisation
If you want to check that Active Directory synchronisation is provisioning users, groups and contacts from on premise apps to the cloud correctly, you can verify your directory sync.
After automatic synchronisation
After forced synchronisation
a. Provide the information requested on the wizard pages.
b. On the Finished page, select Synchronize your directories now, and then click Finish.
• To verify that the Directory Synchronization Tool is working from your local Active Directory service to Microsoft Office 365, testing both manual synchronization and automatic synchronization is required. It may take up to three hours to complete this process.
• The Directory Synchronization Tool writes entries to the directory synchronization computer’s event log. These entries indicate the start and end of a directory synchronization session.
• Directory synchronization errors are reported in the event log and emailed to your organization’s designated technical contact.
• When reviewing the event log, look for entries with Directory Synchronization as the source. An entry designated as Event 4 with the description “The export has completed” indicates that the directory synchronization is complete.
November 19, 2013 Leave a comment
Storage Spaces is defined as an inbox solution for Windows to manage storage. Spaces is designed for Direct Attached Storage (DAS) only, which means local to the server chassis or via SAS.
The ability to virtualise disk storage by group standard disks into storage pools allows you to carve various Pools out of the disks, from these pools you are able to create virtual disks, or Storage Spaces.
Spaces have the ability to be Thin Provisioned and can be striped across all physical disks in a pool, this also allows the option to Mirror or Parity as these are supported within Spaces. At this stage Windows allows you to create volumes on the Storage Space and allows data to be placed on the volume.
Storage Tiering for Spaces
Storage Tiering for Spaces, allows the optimisation of storage performance, this is accomplished through the blending of high-cost and low-cost storage. Low-cost providing the capacity and high-cost (SSD as an example) providing the performance.
Hot data (or consistently read/written) is moved automatically to the high cost storage, whereas cold data is assigned to the low cost using Sub-File-Level Data Movement.
Utilising write-back-cache, DDs absorb random writes that are typical in virtualised environments. If required, hot data blocks can be manually assigned (or pinned) to the high cost storage to increase the performance. This option can be beneficial in driving applications to utilise the best available storage and as such achieve the best performance.
SMB 3.0 File Shares (compares to VMware – NFS)
A Scale-Out File Server allows VM’s and hosts to view a simple UNC path for file locations in structured Tiered Storage, this enables admins to grow and scale storage on demand.
The benefits of using this kind of technology include;
Deduplication maximises capacity by removing duplicate data. The benefits of Deduplication include;
Windows Server 2012 R2 – Provides the ability to deduplicate a running VDI, this both increases performance AND minimises storage requirements.
Bitlocker Drive Encryption – Built in disk encryption to protect sensitive data
Data protection is built into the Hypervisor, allowing;
There is a slight overhead to the encryption but there are many configuration options to minimise the impact to your network, including on-demand encryption.
NIC Teaming – Network Card Resiliency
Hyper-V NIC Teaming is vendor agnostic and available out of the box.
Some of the benefits of Hyper-V NIC Teaming include;
The above features are available with Hyper-V in both 2012 & R2 versions, these features are comparable to the VMware vSphere 5.5 Enterprise Plus option.
Data deduplication and storage encryption is only available in Hyper-V, proving that Microsoft are starting to take Hyper-V forward, above and beyond the current technologies available.
November 19, 2013 Leave a comment
At this point of the seminar we began delving into the features of Hyper-V and the benefits this represents.
We began with the storage aspects of Hyper-V;
To elaborate on MPIO, this basically allows a host to have 2HBA’s/iSCSI NICs with multiple paths to the storage. If MPIO wasn’t installed the host would see two versions of the same LUN. MPIO allows Windows to manage and use upto 32 paths between storage devices and the Windows host OS. The host uses the in box Microsoft DSM to provide a single view, the framework for MPIO allows storage providers to plug-in, by default, and optimise performance and availability.
Offloaded Data Transfers – Offloads storage-intensive tasks to the SAN hardware.
To enable you to paint a minds-eye picture,
When migrating a host you will request the storage to copy the data across the network to another location, in this scenario with ODX, the host sends a token to the SAN to provision the storage for the migration but by copying it through the SAN itself rather than going out through the network and back into the SAN again. As you can imagine this scenario is a lot faster than the traditional way.
Other benefits include;
November 13, 2013 Leave a comment
Thanks to Seb Matthews for the heads up 🙂
November 1, 2013 Leave a comment
With this particular slide we’re able to compare, like-for-like products between Microsoft and VMware.
The key point to address in this particular scenario is MS will provide the Hypervisor free of charge (either by a standalone ‘server core’ or as part of the Windows Server 2012 purchase), the other components are part of System Center.
From a VMware point of view, they sell you the hypervisor with various ‘levels’ that unlock the ability to add bolt-ons. To realise the full potential of the solution, you will be required to license the ‘software’ at an ‘Enterprise’ level.
Microsoft have gone for the ‘undercut’ approach with regards to pricing, there are significant costs savings with regards to licensing the features, and Microsoft have a simpler model, if you want more, get System Center and you can have it all!
For a little more information Microsoft have a website allowing you to check the hardware you have is supported by Microsoft.
http://windowsservercatalog.com is the site for checking your hardware and what is available/supported
If you have requirements you cal always call PCS and we can spec and price a solution for you – 08452414155