With HyperV beginning to make a dent into the small/medium business world as a solid virtualization solution some of us will need to migrate servers across from VMware to HyperV. There are naturally many many ways to achieve this goal. Personally i have tried Backup Exec Intelligent Disaster Recovery, Acronis True Image with Universal Restore & Windows Backup to name a few.

The release of Microsoft System Center Essentials encouraged me to try SCVMM to conver 3 vmware machines.
All 3 conversions failed from an oobe setup of SCVMM due to issues with NIC, disk drives and a SQL Server timeout (bad switch). These turned out to be because of Trend Micro AntiVirus so make sure you disable AV before trying it. The servers that failed the conversion ran Server 2003/2008 Operating systems. This lead me to search for other options when converting.

I followed an old guide here on technet from 2008.

Converting my Server 2008 server worked ok. For this i went from step 6 onwards.
Converting the Server 2003 servers went a little differently. Both of them had vdmk’s split over 2GB so i had to resolve that first, see http://scolard.com/wordpress/?p=376
Once done i used the same method as the guide with 1 change, rather than adding a virtual HDD on an IDE controller i simply added a CD/DVD-ROM drive on IDE 0-1, which has less messing with vmdk files.
Converting them after this went the same as my server 2008 conversion above.

All 3 VM’s are now running as HyperV Guests with only 1 minor issue. When i assigned the old IP addresses to the new NIC’s windows gave me an error that they were already in use. This meant the old NIC’s weren’t removed. To do this simply open command prompt with elevated rights and type “set DEVMGR_SHOW_DETAILS=1″ then “SET DEVMGR_SHOW_NONPRESENT_DEVICES=1″. Open Device Manager and go to View-> Show Hidden Devices. Then Uninstall the old VMware NIC’s.

conversion · HyperV · server 2008 · vhd · vmdk · Vmware

To date when a user receives an email from another user the Message Headers are used to identify the remote server and ip.
Usually this would only show the helo (ehlo) response and the External IP address with a Reverse DNS Query result.
Naturally this is what one would expect in order to trace the origin of the email.  However with Exchange 2007 and 2010 Microsoft has decided to publish the internal servername and ip when delivering the Message Headers. This can cause complications with Anti-Spam solutions which check the origin mail server and find it has an Internal IP which can lead to false positives.
Since the IP and servername is also published this leaves your security in question as anyone who receives an email (even a bounce message) can obtain this information.

So if you want to fill this glaring secuirty hole and have mail delivered properly then follow this guide.

1. Go to Exchange Management Console
2. Under “Organization Configuration” select Hub Transport
3. Select Transport Rules then “New Transport Rule”.

Give the Rule a name then set the following:

Sent to Users Outside the organization
Remove Header “Received”
Except: None

Now you should find that all Internal info is missing from the Message Headers.

exchange 2007 · exchange 2010 · mail headers · transport

Start -> Run:
type regedit
then navigate to:

Hkey_Local_Machine\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon. In the left pane, right click on Winlogon and click New and click Key.
Type “SpecialAccounts” and press Enter.

In the left pane, right click on SpecialAccounts and click New and click Key.
Type “UserList” and press Enter.

In right pane of UserList, right click on an empty area and click New then click DWORD (32bit) Value.
Type in the name of the user account that you want to hide and press Enter .e.g.: “IT”.

In the right panel, right click on the user account name and click Modify.

To hide the user account – Type ”0″ and click OK. (The number zero not the letter O). Changing this value to “1″ will unhide the account.

user account · vista · windows 7

My latest project involves a Dell Poweredge 1800 Tower.
It has an Intel Xeon 3.0 Ghz Processor with 4GB of RAM. It came with a SATA RAID controller with 3 x 250GB 10k SATA drives in a RAID 5 configuration. Now like most people playing with old hardware i wanted to run Server 2008 R2 with some room for expansion to include Exchange 2010 and maybe OCS 2010. However the OS would not install on the Array. I added the RAID controller drivers but the O/S Installation would not show the array as a possible location to install the O/S.

So i removed 1 HDD from the array and connected it to the SATA on board controller. I installed Server 2008 R2 successfully and installed the Dell Open-Manage software. This told me that my SATA RAID controller was in need of a firmware upgrade which i applied using the Rev 02 as the initial one failed to work. Once the O/S was online i installed the SATA RAID controller drivers and added 3 x 1TB SATA Drives in RAID 5.

The process of creating this array is taking forever. Even now, 3 hours later, the percentage is at 3. 3% complete and any attempts to copy data to this array mean slowing that down and a crippling 3MB/s transfer rate.

*Update* the raid build took a total of 4 days.This was made worse by the fact that when i try transfer files to the array i get a minuscule 5MB/s. This combined with the fact that i have no other SATA Raid card to use other than the on board one in my PC means i am retiring this project as a file server/central storage.

Instead i installed AD on the server and exchange 2010 which was surprisingly fast. In my attempts to install Sharepoint 2010 i ran into errors that are due to low server specs, lack of RAM and CPU and most likely slow HDD. While the server takes DDR2 it will not boot with standard desktop ram. I’m going to keep looking for an alternative setup, perhaps another desktop PC second hand with a SATA Intel Raid controller on the motherboard, should be simple enough with a dual/quad core to keep it quiet which is after all the main reason for not leaving the array in my desktop since that is water cooled and I’m not happy leaving it on 24/7.

2010 · Dell · Exchange · poweredge · raid · sata · server 2008 R2 · sharepoint

Today i became the proud owner of a Dell 2850.
I purchased it on adverts.ie for a whopping 250 Euro.
The server is a Dual Xeon 3.0 GhZ with 8GB RAM and 5 x 76GB 15K SCSI disks.
This will make a welcome addition to ”my ever expanding “cave”.

So far i have created the Raid as Raid 5 and installed ESXi 4.0.
I did all this through the DRAC interface which is seriously impressive.
Being able to view the console through a https interface as the machine boots gave me the giggles, being able to mount my ESXi 4 image from an ISO file across the same DRAC that made me damn proud to have helped my company achieve its EA Dell Certification only months ago. The server itself is loud, sure it’s a server, but its not too loud. I will leave it here beside me for a while to see how it handles.

*Update*

This post was sitting in my Drafts for far too long.
I’ll summarise what happened next.

Tried to install Server 2008 R2 but the Dell Perc 4 controller is “not supported”. This was a bummer so i retired the idea of using this for future proof concept testing. The server went into work to our LAB setup as it was far too loud at home. I’ve used it so far for in house Disaster Recovery testing, more on that later.

Dell 2850 · esxi · Perc 4 · server 2008 R2

I’ve been called to serve my country as a juror in a case. Today i attended and was selected for a juror panel so there won’t be anything juicy here for a bit. However if you are interested in the SSD’s the new HP server arrived on Friday along with the additional 2 SSD’s.

The server itself is a DL380G6 with the Xeon 5550 Processor. I purchased 4 SSD’d in total for a RAID 5 configuration with 1 Spare (just in case of failure, i’m wary of the reliability of the SSD’s). The HP 2.5″ SAS/SATA front bay caddy’s won’t be delivered until tomorrow/Wednesday. At that point we are installing Server 2003 Enterprise as the server has to run a legacy Borland Interbase 7.x database.

In other tech news i purchased myself a Nokia N85 and i have to say the prelimiary findings are that this phone is superb.
I’m also looking into setting up a test OCS 2007 R2, this may take some time however and will most likely be next year.

I hope to get more onto this in the coming days but its all trial dependant, so stay tuned.

jury · ssd

In most businesses there is a request for a Director/Manager to be able to check his email remotely. More times than not he wants it on his PC @ home, mobile phone and the ability to access it anywhere in the world. Those with a Small Business Server operating system have this luxury from day 1. However in Exchange 2010 its not an “out of the box” solution. However since OWA is, half the work is already done for you. So i set about enabling my “users” to access email from their domain laptops in Outlook using a single sign-on.

Step 1: Install and SSL Cert for your remote site.
Step 2: Enable Outlook Anywhere in Exchange.

Step 3: Install the Windows RPC Over HTTP Proxy Component

For Outlook Anywhere to work correctly, the Windows RPC over HTTP Proxy component must be installed on your Microsoft Exchange Server 2010 server that’s running Windows Server 2008 (R2). So i install this new role, quick reboot and hey presto outlook works. At this point you can stop and continue to use Basic mode. However for NTLM you need to change the setting in Part 3.

Step 4: Set Outlook Anywhere to NTLM Authentication

Wait the required 15 Min’s and it will work. This is extremely beneficial as the user does not have to authenticate with his/her user name and password each time. Given that it also requires the user to type the domain name as a prefix “DOMAIN\Username” NTLM allows you to rule out that horrible explanation into “why you have to type the domain name” where the answer is inevitably, “you just do”.

Resources: Outlook Anywhere Howto http://technet.microsoft.com/en-us/library/bb123542(EXCHG.140).aspx
Enable NTLM Authentication http://technet.microsoft.com/en-us/library/dd776122(EXCHG.140).aspx

Exchange · ntlm · oma · outlook · owa · VPN

Finally, they arrived, 2 Corsair X64 SSD’s with my name on them. As all new SSD drives are 2.5″ i will need to locate some 3.5″ to 2.5″ adaptors and will post a link when i get it. However the SATA II Raid controller never showed up so I’m going to make do for now with my Desktop, in order to begin the tests i must first explain the rig i am using and the reasons.

My Home PC is water-cooled and quite the effort filled task to undo drives and try not have my ICH9 Raid array decide to Rebuild itself, or worse run a check and repair which last time i ran it took over 24 hours. So without the RAID SATA 2 card (Adaptec) i had to run some tests using my Work PC.

Dell Optiplex 755
Windows Server 2008 R2
Intel Core 2 Duo E7500
8GB DDR2
ATI HD 2400 Pro 256MB

In order to run a benchmark i installed server 2008 R2 (trial) on a 250GB SATA 2 Drive as a 34.47 GB Partition.
I added the Hyper V Role, updated windows and ran a backup to a second drive.
This backup took a minor 2 minutes for a complete File and System Image backup. I then installed a single SSD and restored the image onto this drive.

A Table of Comparisons:

Some simple Disk Benching software showed the SSD’s to be over 600% more efficient at Random Disk Seeks on a simulated busy database server.
However i am not continuing these tests as the Adaptec SATA Raid Card arrived on Friday and on Monday i should have a new test server (HP ML350 G4) with SCSI 320 disks for comparison in RAID 0/1/10.

*Update*

2 of these SSD’s have failed. Corsair have replaced both but this failure rate has knocked a hole in my belief that they can do the job.
I had put 4 of them in a production server and now i’ve gone back to SAS drives.

hdd · server 2008 · ssd

More fun with Exchange has been had. Firstly by default exchange is configured for Internal .local domain mail only. So you need to add a new domain under Organization Configuration -> Hub Transport -> Accepted Domains. Then add a new Policy to make that external mail address default. This will enable the server to receive mail for this external domain.

But the fun doesn’t stop there. You now need to add a Send Connector, while you are not relaying through an ISP you still need to tell it to route mail via MX requests from DNS records. This is a given in SBS so i found it confusing at first but given the “Edge Server” that Microsoft try to push, it begins to make sense.

Now my server is setup and when i try to send a test email i get this error “530 5.7.1 Client was not authenticated Connection closed by foreign host”. This error is again down to Exchange 2010 expecting to see a transport server from the edge, and not a users mail server trying to deliver it directly to exchange. The work around for this will make your server accept mail from all servers but once you have your “Accepted Domains” in the section above listed correctly then it will not be a problem. For quick ease this is the command: Set-ReceiveConnector -Identity “Default <servername>” -PermissionGroups “AnonymousUsers”

Another snag in the remote mail setup. The self assigned certificate isn’t being accepted by outlook. I had gotten a free SSL certificate when i purchased my domain personatechsystems.com as my testing domain. The good folk at www.namecheap.com supplied me with a “Positive SSL” certificate.
Importing/exporting explained here http://www.digicert.com/ssl-support/pfx-import-export-iis-7.htm

Certificate installed and i still cannot add an Exchange mail account to Outlook 2010 with mail over https selected. I would have hoped that Microsoft had resolved this “issue” for fully remote users to not need to use a VPN to setup the mailbox initially. However the need for a VPN brings me to installing Routing and Remote access for a VPN. Guide source http://www.microsoft.com/downloads/details.aspx?FamilyID=7E973087-3D2D-4CAC-ABDF-CC7BDE298847&displaylang=en . In Server 2008 R2, Routing and remote access is installed via the Network Policy and Access Services (NPAS) role. Configuring this is the same as server 2003, although it does require 2 NIC’s, choosing a custom install will get around this. Do NOT use 2 nics as it will install the server as a Router, which is not what we want.

My progress on this was hindered today due to a migration of data from an old server 2000 box in work to my new DFS. More tomorrow.

2010 · Exchange · Office · Routing · VPN

So today began my first steps into Exchange 2010.
I created a new virtual machine yesterday with Server 2008 R2 and updated it. The prerequisites for Exchange 2010 are as follows. As has been customary on Server 2008, installing these roles and configuring them for first time use is simple.

Roles:

Active Directory (AD)
Application Server (.Net 3.5.1 & TCP Port Sharing)
Domain Name Services (DNS)
Web Server (IIS 7) and vitally important — IIS 6 Management Compatibility Role Services.
File Services (SYSVOL etc)

Applications:

2007 Office System Converter
.Net 3.5 (installs with Application Server Role)

Initial Problems

When trying to Install Exchange the prerequisites check failed on Connecting to IIS and checking is the WWW Publishing service had started. Installing IIS 6 Compatibility in Role Services resolved this. As such i have added it above as a Prerequisite.

So i create a new user for my laptop to login with. I log-in OK on the laptop, try to add the new account automatically but i get an error. Adding it manually fixes this and bingo i have email. The error was due to using my router for DNS and not the internal DNS. Auto configuration now works OK.

Tried to log-in via OWA failed on invalid user/pass. There are no errors in the event viewer or IIS logs. The realisation that i had not selected “Windows Authentication” under “Security” when i installed the Web Server (IIS) became a hope for a quick fix. That didn’t work. However the rejection for my user/pass is taking longer than previous attempts so i enable “Basic Authentication” as a Role Service. Bingo OWA is up and running.

More fun tomorrow!

2010 · Exchange · server · windows 2008 R2