Class in Session: Microsoft

Exchange Server 2010 SP1: What to Expect

Published September 3, 2010 Brad Werner , Exchange Server Leave a Comment
Tags: Exchange Server 2010 SP1, RTM, Exchange Release

In the nine months since Microsoft Exchange Server 2010 RTM became available on October 9, 2009, and generally released a month later on November 9, many new developments have been brewing in the world of Exchange. June 11, 2010 marked the fourteenth anniversary of the release of Exchange Server 4.0 back in 1996, as a successor to Microsoft Mail. And now, after much beta testing, and waiting, service pack one (SP1) was released by Microsoft on August 25, 2010. Here’s a breakdown of what Exchange 2010 SP1 brings to an enterprise environment.

Maturity

While many people are still asking what to expect of Exchange Server 2010, I think a more appropriate line of questioning now is what to expect from Exchange Server 2010 SP1. The quick answer “maturity,” neither answers very many business nor technical questions, yet certainly any one new or upgraded feature amidst all of the accumulated features of Exchange Server does not bring forth words such as radical, game-changing, or paradigm-shifting. Indeed, Exchange Server 2010 SP1 is quite mature as messaging platforms go, and as such great care has been taken to ensure that the stability and security we expect from a mature product has not been compromised by newfangled bells and whistles. Even so, there are many exciting new features – with a stable platform, most of the enhancements are focused on a higher level of service.

Angle of Attack

Certainly, depending on where you’re coming from and where you want to go, what is essential to mention about such a broad, feature-rich product will vary from someone else’s interests based on different needs. If you and your organization have been well established in use of Exchange Server for many years and you are already running Exchange Server 2010, what you need to know is quite different than if you’re looking at Exchange 2010 or 2010 SP1 from the perspective of Exchange 2007, Exchange 2003, Lotus Domino/Notes, Novell GroupWise, or open source offerings built around sendmail, postfix, and others. Are you using Postini, Barracuda, or other products instead of Exchange’s Edge Transport role? Are you using or interested in Unified Messaging? In innocent question like “what to expect” is complicated by the reality of market diversity. With this in mind, the follow assessment focuses on Exchange 2010 SP1 with aspects of 2010 and 2007 versions included for perspective.

Some of the Exchange Server 2010 SP1 (E2010 SP1) enhancements affect end-users directly, others are more important to administrators, and some even get security analysts and financial auditors excited. Here are five phrases to focus on:

• Division of Labor

• Asynchronicity

• Enhanced Mobility

Division of Labor

Realistically, many small-size organizations have systems administrators who manage both Exchange Server and Active Directory, however it is typical in medium-size and large deployments to have separate Exchange administrators and Active Directory administrators. Many administrators were surprised when going from Exchange Server 2003 to Exchange Server 2007 because with the 2007 version, the Exchange Management Console (EMC) and Exchange Management Shell (EMS) were used for recipient administration (e.g users, contact, groups) rather than the classic (E2K, E2K3) use of Exchange extensions within Active Directory Users and Computers (ADUC). Optionally, with Exchange 2010 SP1, administrators can go another step further in this separation. Although E2010 SP1 still defaults to a Shared Permissions Model, administrators can choose to use a Split Permissions Model instead. Not only are the tools separate as with E2K7, but it is far easier to distinguish between the permissions granted to Active Directory administrators and Exchange administrators. E2010 SP1 can use either a split permissions model based on Active Directory or on a Role-Based Access Control (RBAC) system. To summarize, you can now choose between three models: shared, AD split, and RBAC split permissions models.

Asynchronicity

The immediately imperative mindset and framework of some operations can sometimes pose as limitations to productive administration. Running a command synchronously and waiting for the results could lead to a significant waste of time. Luckily, over the years Exchange administration has allowed more and more operations to be executed asynchronously. For example, E2010 processes mailbox move requests in the background. Along with some improvements to that process, E2010 SP1 now supports soft-deletion and restoration of mailboxes as well as the ability to utilize separate databases for archive and primary mailboxes. In addition, mailbox repair requests can also be performed through a similar request procedure, even when the mailbox database involved is still online.

Enhanced Mobility

Vast amounts of messaging activity takes place outside the walls of offices and normal workplaces. E2010 SP1 supports greater degrees of mobility in a variety of ways. Assimilation of SMS messages from mobile phones into their users’ Exchange mailboxes is one such feature of E2010 SP1. Another aspect of enhanced mobility is the ability for administrators to manage a user’s Exchange ActiveSync (EAS) devices as well as maintaining policies for all EAS devices. Yet this management of EAS devices can easily be performed remotely because E2010 SP1 supports these features via the Exchange Control Panel (ECP). Although these mobility features are new, the ECP debuted as a part of Outlook Web App (OWA) in Exchange Server 2010 RTM. Further new features of EAS include improved Information Rights Management (IRM) which can be extended to non-Windows Mobile devices and Windows Mobile devices alike.

Exchange Server 2010 SP1 not only has many more significant features beyond the E2010 RTM version, but for all those organizations who customarily wait until the first service pack is released until adopting a new version, the wait is over. If you haven’t already delved into Exchange Server 2010, now with SP1 available, the time is ripe.

Author: Brad Werner

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 (M10233)

MCITP: Enterprise Messaging Administrator 2010 Boot Camp

Worried about data at rest? Try TDE…

Published September 1, 2010 Brian Egler , SQL Server Leave a Comment
Tags: SQL Server 2008, Transparent Data Encryption, TDE

SQL Server 2008 introduced a great new feature called TDE, Transparent Data Encryption. It allowed a database to be completely encrypted without having to change the applications that access it. It is referred to as encryption for “data at rest”. But what about data in motion? That’s where column-level encryption pays off to provide end-to-end encryption.

With TDE, each data page is encrypted when is written to disk and is decrypted when read from disk. This provides extra physical level security so that if a disk drive falls into the wrong hands the data is protected by strong encryption. This also applies to backup tapes since technically the backup is a copy of the encrypted data pages from disk. The master key and associated certificate are backed up separately providing an extra level of security. A major trade-off is that the TempDB is also encrypted even if only one database has TDE switched on. This has performance implications. Because the application does not have to change, this is ideal for package databases provided by third-parties.

Column-level (or “cell-level”) encryption was introduced with SQL Server 2005. We can encrypt individual columns that are sensitive in nature. The trade-off here is that we need to change our database design as the data type we use needs to be varbinary. Also the application has to be changed to use a symmetric key, a certificate and the new functions EncryptByKey and DecryptByKey. There’s also extra administration to allow security for the symmetric keys/certificates and performance again will take a hit. However, when encrypted the columns are encrypted on disk, in memory, across the network, everywhere, until we choose to decrypt the data in the application.

Database Encryption in SQL Server 2008:

http://msdn.microsoft.com/en-us/library/cc278098(SQL.100).aspx

I remember when all we could say for SQL Server 2000 was “go purchase encryption software”. Now, at least, we have a few choices.

Author: Brian Egler

Implementing and Maintaining SQL Server 2008 Analysis Services and Business Intelligence Solutions (M6234)

Maintaining, Troubleshooting, and Developing Solutions with Microsoft SQL Server 2008 Reporting Services (M6236)

SQL Server 2005 Administration (M2780)

SQL Server 2008 for Administration (M6231, M6232)

Writing Queries Using Microsoft SQL Server 2008 Transact-SQL (M2778)

SharePoint Site Administration Ribbons

Published August 30, 2010 Brad Werner , SharePoint Leave a Comment
Tags: SharePoint 2010, Administration, Ribbons, Site Settings

After introducing the SharePoint 2010 ribbon interface for editing regular page content, we took a short tour of some of the basics of SharePoint Site Administration. We saw that within the Site Settings, some of the subcategories of site settings are edited as list, while others are configured as a dialog with a table of settings and customary OK and Cancel buttons. Now we’ll look at a third style of Site Settings subcategories – those which can be viewed and editing using a ribbon interface.

Like the SharePoint 2010 site content ribbons, the site settings subcategories with ribbons have a densely packed array of tools similar to Microsoft Office applications. Let’s start our journey into the Site Settings ribbons by looking at the Users and Permissions category’s Site permissions subcategory. From the Site Settings page, select the Site Permissions link under the Users and Permissions heading.

Once you enter the site permissions area, the Permissions Tools ribbon appears with the sole Edit tab selected. The four groups of controls in this ribbon:

(a) Grant — with Grant Permissions and Create Group buttons,

(b) Modify — including buttons to Edit User Permissions and Remove User Permissions,

(d) Manage — containing links to manage the Permissions Levels and Site Collection Administrators.

The list presented beneath the ribbon is a list of users and groups currently granted some level of access to the site. The columns in this list include a check for selecting the user or group, the user/group name, the type (e.g. User or SharePoint Group), and the Permission Levels (e.g. Full Control, Design, Contribute, Read, View Only, Limited Access).

Checking the box next to one of the existing users or groups enables both the Edit User Permissions and Remove User Permissions buttons in the Modify section of the ribbon. Then pressing the Edit User Permissions button loads the Edit Permissions modal dialog. This property sheet is referred to as a modal dialog because the rest of the Permission Tools management interface is faded into the background while you are interfacing with this dialog. The options in the Edit Permissions dialog title bar include icons to maximize or close (i.e. cancel) the dialog. At the bottom are customary OK and Cancel buttons. Of course the main attraction is in the middle of the dialog. Because this is an Edit dialog, the Users or Groups portion is fixed. It is the list of permissions in the Choose Permissions section that may be adjusted. You can check or uncheck the individual permissions:

• Full Control – Has full control.

• Design – Can view, add, update, delete, approve, and customize.

• Read – Can view pages and list items and download documents.

• View Only – Can view pages, list items, and documents. Documents types with server-side file handlers can be viewed in the browser but not downloaded.

Once you have adjusted the permissions, use the OK or Cancel button to either commit or abandon these changes.

Similarly, the Grant Permissions button in the Grant section of the ribbon brings up a Grant Permissions dialog which allows choosing Users or Groups (separated by semicolons if you indicate more than one), as well as an option to grant permissions either indirectly via SharePoint Group membership (which Microsoft recommends), or directly with the Full Control, Design, Contribute, Read, and View Only choices.

I hope that this brief introduction to one of the ribbon interfaces in SharePoint 2010 site administration has helped familiarize you with how the ribbon interface can be used to streamline management SharePoint tasks.

Author: Brad Werner

Make Hyper-V running on Windows Server 2008 R2 more efficient with Dynamic Memory

Published August 25, 2010 Mark Menges , Windows 7 , Windows Server Leave a Comment
Tags: Virtualization, Windows 7, Hyper-V, Windows Server 2008 R2

Microsoft has recently released the beta of the eagerly awaited service pack 1 for Windows 7 and Windows Server 2008 R2. This service pack is unusual because it can be applied to either operating system. The service pack includes many new and improved capabilities for Windows Server 2008 R2. One such new feature is Dynamic Memory. Servers running Hyper-V role can now better manage allocations of memory to Virtual Machines.

In Hyper-V the memory allocation of a Virtual Machine could only be modified if the VM was shut down. This would cause an interruption of services for any network connected users. System Administrators would have to specify an amount of RAM that was sufficient during periods of peak demand. This meant that often memory was unused on a VM most of the time but was still not available for other, busier VMs. This leads to a situation where a significant percentage of the memory resources of a Hyper-V server is wasted.

When Service Pack 1 for Windows Server 2008 R2 is installed a VM can be configured with Dynamic Memory. An administrator can assign a range of memory to a VM that can change based on an increase to a VM’s workload. This range consists of a Startup RAM allocation and can increase to a Maximum RAM value. A percentage of RAM can also be reserved, based on a VM’s workload, to be used as a buffer if memory demand increases suddenly. Each Virtual Machine running on a Hyper-V server can also be assigned Memory Priority ranging from low to high relative to the other VMs. I if multiple VMs need more memory at the same time those that have a higher priority will receive more Dynamic Memory.

The Windows 7 and Server 2008 R2 Service Pack is still in beta and is intended for testing and evaluation only. The final version is expected to be released in early 2011. Check out Dynamic Memory by down loading the beta version of the service pack at: http://technet.microsoft.com/en-us/evalcenter/ff183870.aspx

Author: Mark Menges

Indexed Views are great – for some…

Published August 23, 2010 Brian Egler , SQL Server 2 Comments
Tags: SQL Server, SQL Server 2005, Data Warehouse, Enterprise Edition, Books Online

There has been a lot of confusion about Indexed Views in SQL Server. This is a great feature for Data Warehouses that captures complex number crunching into persisted storage. Unlike standard views they can provide significant performance gains. Oracle has a similar feature called Materialized Views. Indexed Views were introduced in SQL Server 2000 as an Enterprise Edition feature.

The confusion arose in SQL Server 2005 when it appeared that all editions supported Indexed Views. I remember seeing Books Online listing Indexed Views as a feature across the board. However, this meant that, yes, we could create Indexed Views in all editions but the Query Optimizer would only use it if you were using the Enterprise or Developer editions. There was a loop-hole though. With the minor editions you could force the usage of the Index Views using hints: WITH(INDEX(view index name)) and the query option NOEXPAND.

Now Books Online 2005 has been updated to specify exactly what happens using a subtext item:

“This feature is supported in all editions of SQL Server 2005, except that indexed view-to-query matching by the Query Optimizer is supported only in Enterprise Edition and Developer Edition. Indexed views can be created in all editions of SQL Server 2005, and queried by name using the NOEXPAND hint”.

Source: http://msdn.microsoft.com/en-us/library/ms143761(SQL.90).aspx

The view-to-query feature is pretty cool. It means that even if you do not use the view by name, the query optimizer will pick up on the Indexed View if you are doing the same kind of calculations with the base table. This is quite sophisticated and is rightly an Enterprise level feature.

However, in the other editions even if you access the view directly, the query optimizer would ignore the Index on the view. Thankfully, we had our loophole using index hints and NOEXPAND.

But wait, I just tried the loophole in SQL Server 2008 Standard edition and it even ignores the hint. Dang! So Microsoft is not only releasing new features mainly to the Enterprise edition (and now Datacenter edition in R2), it is busy closing loopholes to entice us to upgrade editions. My fears are confirmed in the following MSDN document:

Features Supported by the Editions of SQL Server 2008 R2:

http://msdn.microsoft.com/en-us/library/cc645993.aspx

Disappointed! Just wait for my Scrooge List 2010…

Author: Brian Egler

Writing Queries Using Microsoft SQL Server 2008 Transact-SQL (M2778)

Maintaining, Troubleshooting, and Developing Solutions with Microsoft SQL Server 2008 Reporting Services (M6236)

Implementing and Maintaining SQL Server 2008 Analysis Services and Business Intelligence Solutions (M6234)

Reduce WSUS WAN traffic between Main Office and Branch Office with BranchCache

Published August 20, 2010 Mark Menges , Windows 7 , Windows Server Leave a Comment
Tags: IIS, WSUS, Windows Software Update Services, Internet Information Services

Windows Software Update Services (WSUS) is commonly used to distribute security patches and updates for Windows operating systems and Microsoft applications. WSUS is a web application that runs within Internet Information Services (IIS) on Windows Server. When client computers require updates WSUS is a local source of updates and clients do not need to download updates from Microsoft Update on the Internet. To further conserve network bandwidth, WSUS servers use the Background Intelligent Transfer Service (BITS) to transfer updates efficiently using idle bandwidth whenever possible.

Networks that consist of large main office sites hosting WSUS servers and small branch office sites consisting primarily of client computers often need to reduce the amount of network traffic across the main office to branch office WAN link. BranchCache, a new feature only available on Windows 7 Enterprise, Ultimate editions and Windows Server 2008 R2 can be used to ensure that any update file is only transferred once between main office an branch regardless of the number or branch office clients.

To enable BranchCache on a Server 2008 R2 WSUS server use Server Manager to add the BranchCache feature. Client computers can be configured using the Netsh BranchCache commands or, on large numbers of computers using Group Policy. Before a Windows 7 computer downloads an update from WSUS at the main office it uses WS-Discovery, a multicast-based protocol to see if the update has been already downloaded and cached by another computer at the branch. A nice bonus to enabling BranchCache is that it can also be used with file servers and other web applications.

A terrific resource for implementing BranchCache is Microsoft’s early adopter’s guide, which can be downloaded from:

http://www.microsoft.com/downloads/details.aspx?FamilyID=a9a1ed8a-71ab-468e-a7e0-470fd46e46b3&DisplayLang=en

Author: Mark Menges

Administering and Maintaining Windows 7 (M50292)

Planning and Managing Windows 7 Desktop Deployments and Environments (M6294)

A Closer Look at Event Collector Subscriptions

Published August 18, 2010 Brad Werner , Windows 7 , Windows Server Leave a Comment
Tags: Windows 7 workstation, Windows Remote Management, Event Collector Subscriptions

If you have a Windows 7 workstation configured to use Windows Remote Management (WinRM), you can use Event Collector Subscriptions to have your workstation collect events from several servers and workstations. In a recent article, I wrote about the basics of such configuration using the winrm and wecutil commands. At that point, I didn’t get into much detail of either winrm nor wecutil. Now let’s take a closer look at setting up subscriptions so that Windows 7 can collect events from machines running Windows Server 2008 R2. The same techniques will work for monitor certain other Windows operating systems which support WinRM and the Event Collector service.

One of the techniques for creating an event collector subscription is to use the command:

wecutil cs mySubscription.xml

The magic is in this subscription definition file, which uses the extensible markup language (XML) following a specific schema. Consider the following simplistic example:

<Description>System Event Log event subscription</Description>

<SubscriptionId>SELSubscription</SubscriptionId>

<Uri>http://schemas.microsoft.com/wbem/wsman/1/logrecord/sel</Uri>

<Address>localhost</Address>

</EventSource>

</EventSources>

<LogFile>HardwareEvents</LogFile>

</PushSettings>

</Delivery>

</Subscription>

As we described in a previous article, Event Collector Subscriptions can be source initiated or collector initiated. In other words, if you have a Windows 7 machine used to monitor events generated on a Windows Server 2008 R2 machine, there are two ways to approach this.

(a) The Windows Server 2008 R2 system could be configured with a source initiated subscription which allows sending to one or more collectors, such as our Windows 7 machine.

(b) The Windows 7 monitoring station could be configured with a collector initiated subscription which requests events from one or more computers, such as the Windows Server 2008 R2 server.

Note that both scenarios accommodate lists of computers as the collectors or sources. In the case of a source initiated subscription, we specify the set of computers to be collectors of events from this machine. In the case of a collector initiated subscription, we define the list of computers which are the sources of the events we collect.

Now with that in mind, let’s look back at the earlier script, and we’ll see at least one reason why it is simplistic. First, let’s determine which kind of subscription it is. Note the delivery mode as defined in the <Delivery> tag, with the mode declared as <Delivery Mode=”pull”>. This means that this is a collector initiated subscription. A source initiated subscription would have a <Delivery> section which starts with <Delivery Mode=”push”>.

In a source initiated subscription, we would have sections such as <AllowedSourceNonDomainComputers> and <AllowedSourceDomainComputers>. This example, however is collector initiated, therefore we have the <EventSources> section. This section lists, well, the computers configured as sources from which to collect. The example above has:

<Address>localhost</Address>

</EventSource>

</EventSources>

But in order to collect from Windows Server 2008 R2 machines across the network, we would have to list their addresses as well. The addresses could be Internet Protocol addresses, either IPv4 or IPv6 style, or DNS names, preferably fully qualified domain names (FQDNs). For example, if we had two Windows Server 2008 R2 servers hosting SharePoint Server 2010 called ‘sharity.sp.wernerconsulting.local’ and ‘clarity.sp.wernerconsulting.local’ we could replace the earlier <EventSources> list with:

<Address>sharity.sp.wernerconsulting.local</Address>

</EventSource>

<Address>clarity.sp.wernerconsulting.local</Address>

</EventSource>

</EventSources>

There are far more options which could be configured in the Event Collector Subscription XML-based configuration file, however I hope that this helps you understand the basics of such files a little better.

Author: Brad Werner

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services (M6425)

Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure (M6421)

Administering and Maintaining Windows 7 (M50292)

Try these samples to learn Business Intelligence

Published August 16, 2010 Brian Egler , SQL Server Leave a Comment

One benefit of a two year beta program was not only a quality product but sample databases and code that were refined and accurate. Yes, we had to wait a long time for Yukon in 2005, but it was worth it! OK, we all know about the AdventureWorks Bicycle Company but I quickly forgot the Pubs and Northwind databases as lightweight memories. Instead of 23 rows in a table we had some tables with over 100,000 rows. Wow! Books Online also had countless code examples that actually worked. And they conveyed the concepts very well. Someone had the time to do a few QA cycles in those days.

As an instructor, I remember that I could delve into Books Online, copy a piece of code and demonstrate a concept straight away with confidence. An example was Data Partitioning. A sample table would be partitioned using a Partition Function and a Partition Scheme. The code would also add the required File Groups first to act as Partitions. The Sliding Window scenario that showed how to archive off the latest partition while making room for a new one had sample code and diagrams to convey the concept of archiving using Merge, Split and Switch meta-data changes alone. Someone really worked hard to make sure the code was accurate.

I have developed many technical courses including lab work and understand how hard it is to get things accurate and stable. Of course, it’s not far removed from Application Development and multiple QA cycles. Try to cut the QA short and ultimately you pay for it. One development manager I worked with did not believe in QA at all. He believed that QA made the developers lazy who would therefore hand untested code to the QA team. In my experience, developers actually have pride in their code and do not want QA throwing it back with lots of red-ink. But if a decision is made to cut QA it is almost always a mistake.

In SQL Server 2005, somebody spent a long time developing the Enterprise sample for the Business Intelligence Solution based on AdventureWorks. This is usually stored under the C:\Program Files\Microsoft SQL Server\100\Tools\Samples\AdventureWorks Analysis Services Project. The 2005 version is delivered with 2008. I know they spent a lot of time on it because there are amazing features in it like horizontal partitioning, perspectives, translations to French and Spanish, realistic data mining, meaningful KPIs and Actions that include a hyperlink from a City name attribute value to a Map on the internet. In the Cube structure diagram, someone even had time to straighten out the relationship lines! Whew!

OK, you’re thinking “somebody had a lot of time on their hands!” but you can tell that someone had the time AND passion to create one of the best samples I have seen in any product. Here’s to having the time to do a great job.

Author – Brian Egler

Maintaining, Troubleshooting, and Developing Solutions with Microsoft SQL Server 2008 Reporting Services (M6236)

SQL Server 2008 for Administration (M6231, M6232)

Revisiting Remote Administration – The Event Log Collector

Published August 13, 2010 Brad Werner , Windows Server Leave a Comment
Tags: Remote Administration, Servers, Devices, Routers, Workstation

Think globally, act locally may be a great mantra for many aspects of computing, but wearing sweaters or a parka in the summer just to cozy up with all your servers in the cooly air conditioned data center hasn’t been considered cool in at least a decade. Remoting is typically far preferred even for most server administrators with just one server room.

Most devices, routers, switches, and of course workstation and server operating systems support one or more forms of remote management. Windows Server 2008 (both releases) support technologies such as Remote Desktop and Web Services Management (WS-Management). Microsoft often refers to their implementation of the industry standard WS-Management as WSMan or Windows Remote Management (WinRM). Microsoft actually started supporting the foundations for such web services back in Windows Server 2003, with IIS 6.0 supporting the Simple Object Access Protocol (SOAP) which is the foundation for a family of Web Services standards.

While most Windows system administrators likely do not care about the details of SOAP itself, I regularly get questions about the features and services which are dependent upon it. Like Remote Procedure Call (RPC) and Windows Management Instrumentation (WMI), peoples’ interests often lay in what can be done with the technology. One particular feature which several students were curious about in a class this week was Event Subscriptions.

Internet standards for collection, storage, and analysis of event log information, derived from the syslog subsystem of UNIX and sendmail heritage, have existed for several years, in the form RFC 3164 and its successor RFC 5424. Syslog’s architecture supports originators, relays, and collectors. Similarly, Microsoft’s Event Collector Service supports originator and collector roles.

Both Windows Server 2008 and 2008 R2 support using the Event Collector service in source initiated and collector initiated subscriptions. An event collector subscription is the configuration of an agreement between two Windows systems for one system to send specific event log entries to be received by the other. Although the configuration of such subscriptions is manual, once configured, these subscriptions are persistent. Yes, if you’re creating event collector subscriptions for hundreds or thousands of computers, automation of these relationships via tools such as Windows PowerShell could be essential. For starters, we shall just look at the basic configuration.

The configuration of the Windows Event Collector (WEC) and WinRM on which it depends could be done with great care for particular details, or there is the quick configuration (QC), a.k.a. quickconfig. Consider the following two commands which could be used on both computers prior to setting up one or more subscriptions.

wecutil qc

winrm qc

What is also needed beyond the quick configuration of the WEC and WinRM is to allow the two (or more) systems to communicate as trusted hosts via WinRM, and then to configure the WEC with one or more subscriptions.

winrm set winrm/config/client @{TrustedHosts=”localhost”}

This command simply configures WinRM to trust itself. While that is useful as a basic test of the functionality on a test machine, in a test network or production system, the names or addresses of the trusted systems would be used instead of merely localhost.

wecutil cs mySubscription.xml

This command creates an event collector subscription (cs = “create subscription”) as defined in the XML file mySubscription.xml. The details of this configuration file are beyond the scope of this article, however we’ll likely delve into such details soon!

Author: Brad Werner

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services (M6425)

Managing Windows Environments with Group Policy (M50255)

Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure (M6421)

The Windows 7 Action Center integrates key components of Windows 7

Published August 9, 2010 Mark Menges , Windows 7 Leave a Comment
Tags: Windows 7, Security, Troubleshooting, Action Center, User Account Control, Network Access Protection

Starting with the Security Center in Windows XP, Microsoft has attempted to create a central location within Windows for system security and recovery utilities. With Windows 7 the Security Center has become the Action Center and has been enhanced with more and better features.

The Windows 7 Action Center can be accessed by selecting the flag icon in the Windows 7 notification area on the Taskbar. Once selected, a thumbnail will appear with messages from the Action Center related to the health of the computer, including backup results, application issues and solutions to system problems. Clicking on the Open Action Center link on the thumbnail opens the full Action Center window. The Action Center is organized in two main areas, Security and Maintenance. The Security area displays the status of the network firewall, Windows Update, virus protection, spyware protection, internet security settings, User Account Control settings and Network Access Protection. If any of these items are not functioning or have issues, the Action Center will create a notification message in a balloon that will appear next to the system clock. Click on the balloon and a dialog box will open that urges you to correct the problem immediately. If you do not act to correct the problem, the Action Center will keep the message and remind you periodically that the issue still exists. Integrated help files and links to external resources assist in correcting problems.

The Maintenance area of the Action Center is dedicated to keeping Windows 7 backed up on a regular basis and with application and operating system issues. Message details about these problems can be viewed in the Center or the messages can be archived for future reference. My PC has a message about a problem with Adobe Reader that included a link to an on-line source for a solution to the problem (download an update from Adobe). There is also a “Check for solutions” button that will submit any outstanding problem messages to Microsoft for possible solutions. Microsoft can often suggest a solution that really works.

At the bottom of the Action Center Window is a Troubleshooting link and a Recovery link. The Troubleshooting link connects us to numerous Windows 7 Troubleshooting Wizards that range from Program compatibility to Hardware to Network and System Security.

The Recovery link takes us to System Restore and also to advanced recovery methods that could be used as a last resort. System Restore points allow us to revert the computer to a previous point in time when a backup of Registry and other system settings was created. This has been effective strategy with Windows XP and continues to be with Windows 7. Advanced recovery methods allow us to either restore the computer with a system image backup (bare metal recovery), or reinstall Windows from scratch. In a reinstall users files remain in a windows.old folder created during the re-installation.

With luck, the protective features of the Action Center will insure that a re-install will never be necessary.

Author: Mark Menges

Class in Session: Microsoft

Exchange Server 2010 SP1: What to Expect

Worried about data at rest? Try TDE…

SharePoint Site Administration Ribbons

Make Hyper-V running on Windows Server 2008 R2 more efficient with Dynamic Memory

Indexed Views are great – for some…

Reduce WSUS WAN traffic between Main Office and Branch Office with BranchCache

A Closer Look at Event Collector Subscriptions

Try these samples to learn Business Intelligence

Revisiting Remote Administration – The Event Log Collector

The Windows 7 Action Center integrates key components of Windows 7

Blogroll

Links we Like

Other Global Knowledge Blogs

Posts by Author & Technology

Archives

Tags