Search This Blog


Monday, June 29, 2009

Microsoft Malaysia - Wave14 events

The Wave14 preview brings together a series of technical sessions conducted by highly demanded certified professionals, Microsoft MVPs (Most Valuable Professionals) and Microsoft Technology experts who are experienced and focused on these exciting technologies.

The session covers fundamentals to in depth industry solutions on Windows 7, Exchange 2010, Essential Business Server 2008/Small Business Server 2008, Hyper-V R2 and SCVMM R2 .

09:00 – 10:00
Event Registration

10:00 – 11:00
Windows 7, a Kick Start for the Wave The new platform you do not want to missed Azra Rizal Dato Noor Azman Security Advisor, Microsoft Malaysia

11:00 – 12:30
Exchange 2010, new wave of unified communications – first preview!
Khoo Boon Keat Technology Solution Manager, Microsoft Malaysia
Poo Ching Loong Managing Consultant, Microsoft Most Valuable Professional

-- Lunch will be provided --

13:30 – 14:30
EBS 2008 & SBS 2008, new wave to save your $$$
Jabez Gan Senior Technical Officer, Microsoft Most Valuable Professional

14:40 – 15:40
Hyper-V R2 with SCVMM R2, the real virtualization
Noel Teng Technology Specialist, Microsoft Malaysia

15:40 – 16:00
Q&A, Chalk talk

Venue:-Microsoft Malaysia Auditorium, 29th Floor, PETRONAS Twin Towers, KLCC, Kuala Lumpur, Malaysia
Date: 4 July 2009 (Saturday)

Registration is closed and only by special invitation to Elite members and guests.
Note on the registration:"The response is overwhelming. Till date, we have more than 150 users registered"

Tuesday, June 23, 2009

Inter-forest migration (Win2k3 to Win2k8)


Just finished performed Inter-forest migration from Win2k3 to Win2k8 domain controller.

On this Migration, i have achieved:-
a) Group account migration
b) User account and password migration
c) Computer account migration.

Most of the time, i've performed a lot of configuration on the source dc and target dc.Just a little interaction on the the workstation.
Now all XP and Vista workstation has successful migrated to new domain without a lot of interaction. (everything is automated from target dc)

It is not an easy and straight forward tasks. You need to do some troubleshooting in order to successfully perform inter-forest migration.

If you want to perform this tasks, my advise is perform the migration after office hour. Some issue you need to consideration in order to make it successful...

Friday, June 19, 2009

SQL Server 2005 Clustering


Now let talk about High Availability for SQL Server.

SQL Server 2005 can do active/active and active/passive clustering.

In active/passive - one node will hold the resources and provide services to application/user. The passive node will act as standby unit and only use when failover.

In active/active - both node will hold the resource and serve the application simultaneously. In sql server use need to install into different instance group.

The following actions are needed to configure active/active clustering for sql server:
1. Build Active/Passive Windows cluster for all nodes with checking cluster disk resource.
2. Configure MSDTC
3. Install one instance on Node 1. Set preferred owner for the Instance Group to Node 1
4. Install another instance on Node 2. Set preferred owner for the Instance Group to Node 2.
5. Test using Studio Management.

Hope this info assist you in configure sql server clustering.

Microsoft Windows High Availability-Clustering


Currently i'm busy preparing a proposal about Windows Clustering for Windows Server 2003. Since then, i just revised my technical skill by preparing a VM for clustering by using Virtual Server 2005. I don't think i can create a simulation by using Hyper V as in order to do clustering, i need to share SCSI device.
So far i have tested on Virtual Server and it is working quite fine.

Some basis concept:-
Clustering is a high availability technology in which one or more servers (called
nodes) connect to shared resources to appear to clients as if they are a single server called a virtual server. If one node fails or is taken offline as part of a planned or unplanned event, the service resources will be provided by another node in the cluster without users knowing. It is important to realize that clients connected to the virtual server running on the first node will be disconnected and when they reconnect to the virtual server again, the services they access will be provided by the failover node.

Here is some guidelines that you need to take note before do clustering:-

You need to fulfill the following requirement:-
a) 2 identical hardware
b) Min 2 NIC adapter. 1 NIC use for heartbeat and another for public access.
c) Must use Windows Server 2003 Enterprise Edition

By using Cluster Administrator, you can create,remove node, add node and administrating cluster.
I have created Active/Passive cluster whereby one node is provide services to user/application while another one node is on standby mode. It would only online when one of node is offline.

For my testing ennvironment, i have created File Share Cluster.
User just need to map/type one URL \\FSShare (example) and can continuouly access to resources without any problem.

Now i got a HA for File share server....

Tuesday, June 16, 2009

Windows Server 2008 R2 RTM release date

Windows Server 2008 R2 Release to Manufacturing (RTM), scheduled to be available in the second half of July 2009.

More detail:-

Monday, June 15, 2009

Exploring System Center Virtual Machine Manager 2008 R2


SCVMM 2008 R2 RC just released few days ago. As usual, I've deployed in the production environment and currently managed 1 Host machine running on Hyper V.

Here is some features that i have explored:-

a) Management:-This product is almost similar as Vmware Virtual Center.The cool thing about this product is it allow us to manage Hyper V, Vmware Virtual Center and Virtual Server host machine. It is a good tool to consolidate and manage virtual machine.

b) Intelligent Placement, we also can determine which host to store the VM.

c) Conversion:-I have test convert one Windows XP to VM. The process work fine and no error occur after the conversion. But the physical host need to Join to domain in order for the SCVMM 2008 R2 to connect. The chances to connect to workgroup is a bit slim success rate.

d) Centralize Management.Good tool to manage all the host machine in one console.

Will update this section once i explore more on the SCVMM features..

Migration of Domain Controller and Infrastructure service


Finally with the simulation of migration of below products,
a) Windows Server 2000 to Windows Server 2008
b) Windows Server 2003 to Windows Server 2008
c) Windows Server 2008 to Windows Server 2008 R2 RC

It is my 1st project under Microsoft IT Pro Momentum program.

I have completed live migration of Windows Server 2000 to Windows Server 2008 in the production environment. All Infrastructure services is up and running after the migration.

My next project will be migration
a) Windows Server 2000 (DC & Infra) to Windows Server 2008 R2
b) Windows Server 2003 (DC & Infra) to Windows Server 2008 R2

R2 here i come....

Saturday, June 13, 2009

Deploy Read Only Domain Controller


To reduce the attack and tighten the security on the branch environment, Microsoft has introduce RODC.In order to deploy RODC, the forest functional level must at least Win2k3.

It is suitable to deploy RODC if you do not need application aware directory services at the branch.

Only certain accounts are pre-populate to the RODC and we can use Delegation Control Wizard to assign right to local administrator for managing the RODC.

Not only RODC, we can also deploy read only DNS and GC.

In my environment, i have tested Windows Server 2008 and Windows Server 2008 R2 RC. Both OS work fine for RODC. If your schema is in Win2k8, you need to use Adprep32 to upgrade the forest and domain before deploy Win2k8 R2 as a new domain.

Finally, bear in mind that RODC only support one way replication. We can use Password Replication Policy to define which account to allow or deny replicate to the RODC.

So far, i've deployed multiple Branch office deployment by using Active Directory and the having the concept RODC really improve the security in the branch environment.

Cheer for Microsoft hardwork to improve the security !

Friday, June 12, 2009

Deploy OS over the network


For those whose are familar with RIS,you may know how this is working.

In Windows Server 2008, RIS roles has changed to Windows Deployment Server (WDS). All you need to do is Install WDS roles, Put the boot Image and Install Image into the WDS.

One of the cool stuff that i tested today is Create an image with all the package/setting. Almost similar like "Ghost" concept.

a) Sysprep the source machine (Machine A).
b) Create a Boot Image (example: CaptureImage.
c) Then boot a machine A which is support with PXE boot.
d) Select CaptureImage option and start to capture your image.
e) After finish Capture the image. The wim must put into Install Image.
f) Lastly, boot all your computer with selecting the original OS Boot Image and select the Image that you have put in the step e.

This process can save a lot of your time when mass deploying of the operating system in your environment.

Patching Host machine running Hyper V


Below is some guideline when perform patching on the Host machine which running Hyper V roles:-

a) Backup all VM before patching.
b) Properly shutdown all the VM before patching. Do not "Save" the VM
c) After patching and if you encounter problem such as cannot start the VM. Just delete the Virtual Machine and create a new Virtual Machine with using existing vhd.

Apply Patch KB950050 before apply Service Pack 2 (applicable for host machine running operating system with Pre-Hyper V version.

Be careful when patch the Hyper V machine...

Thursday, June 11, 2009

Migration of Virtual Server to Hyper V

I've performed migration from Virtual Server 2005 to Hyper V.
Dell Poweredge 2950 is used to host Hyper V.

Previously VM is running on Virtual Server 2005 whereby it is not a suitable product to host VM. The limitation of Virtual Server 2005 R2:-

a) Limited 1 processor with only 25% utilization.
b) Running on top of host operating system. This has caused VM running in Virtual Server is consider slow and take a lot of resources.
c) Only host 32x platform VM
d) No snapshot
e) Max 3.6 GB RAM

With the migration to Hyper V, the performance of the VM has increase. Some important features of Hyper V:-
a) hypervisor based virtualization. Child VM is directly access to the resources
b) support 32x and 64x platform VM
c) Snapshot is included.
d) Can support more than 3.6GB RAM per VM
e) Fully utilize processor. Up to 32 logical processor is supported.
and a lot more...

Read the experiment lab result (Hyper V, Xen, Vmware) from

Cheer Hyper V !!!

Tuesday, June 9, 2009

Network Access Protection with DHCP Enforcement

i have set up a simulation lab for Network Access Protection (NAP) technology.
NAP is consider as pre-admission method whereby workstation is check first for compliant before access to the network. By using NAP, you can make sure that workstation connect to network must has the following features:-
-firewall is on
-antivirus is on and up to date
-antispyware is on and up to date
-automatic update is on and up to date.

With Windows Server 2008 R2, you also can perform DHCP NAP (Allow or Deny filter) for MAC Address and IP Address.

For those who are familar with virus characteristic, majority of the viruses/worm will disable antivirus, antispyware and automatic windows update program.

By having a solution to check every workstation when connect to network, you've secure and prevent any infection from spreading to other computer.

This technology has save a lot of administrator job and secure your network.
So the final result is:-
a) compliant- allow in the network
b) Not compliant - not allow in the network

Here is my simulation environment:-
a) Domain Controller
b) NPS Server with NAP Roles
c) DHCP Server with NAP enabled
d) Client:- Windows Vista, XP with SP3, Windows 7 RC
(The client is either join to domain or workgroup)
e) Remediation server such as WSUS, Antivirus server.
f) Another deployment method is whereby DHCP server is located in another server.I need to configure RADIUS proxy in order to support NAP features.

Cheer NAP!