Posts made by Mike Davis

I never expected the thread to blow up while I was away. I meant two servers are needed for the remote office. A domain controller and a file server. Corporate IT insists that the DC and FS be physical. Corporate says only physical servers are allowed because virtual servers are too risky. Since they obviously aren't following best practices, I was trying to make a business case out of virtualization and wondered if we could save $600 on the license of Windows. I was proposing taking their hardware and only buying one Windows license to come out $600 ahead and have a redundant system instead of having production go down if either one of their servers fails.

@coliver yes, they want to buy two servers and two licenses anyways. I'm suggesting virtualizing them so that they are not totally down if one goes down. It would be nice to save $600 on a server license since they won't be running on it unless their primary server fails.

For small/remote offices I like the look of the little HP Microservers. They come with what looks to be fake raid. On CDWs site the list an option for this controller:

HPE Smart Array P222/512 with FBWC - storage controller (RAID) - SATA 6Gb/s Mfg. Part: 631667-B21

It's about $600 Is there a less expensive controller that supports hardware RAID? Do I really care for a server with really light loads? We're talking about a handful of users that only need a local server because of QuickBooks and the need for fast local storage. They're right on the edge of actually needing a local server.

I think in this case they wouldn't be switching back and fourth. It would be for a major event that they failed over. They would have to have another major failure on the hot spare server in 90 days before they would be failing back.

I have a client that doesn't want to virtualize. They have a remote office that only needs two servers. They are saying that they don't want to virtualize the servers because of risk. I'm suggesting that with the same hardware, their cost will go down and their protection against downtime will go up.

They also don't like external USB drives for backup targets. They would prefer tapes and a tape drive. I suggested a rack mount NAS as a backup target if they don't like the look of a external USB drive. What do you all think?

If I had a single Windows Server Standard license, and two hyper V hosts and set up replication for the two VMs on host 1, am I good as far as licensing goes?

How good is the fail over for replicated servers? Is it like in a VMware cluster where you can have the VM spin up if it senses it went down on the other host?

Bring another wireless router with you and try that next time. I had a much cheaper HP Photosmart printer that behaved the same way and I don't know what the problem was between the old AP, but I put in a new Ubiquiti and it worked fine ever since.

Last week Scott set up a new Windows Server 2012 R2 server for me so I could test out some WDS stuff. That thing is blazing. The first thing I noticed was that there was no lag even though the datacenter is in California and I'm in NY. I pinged google in <1ms. I wondered if google was across the street or something so I did a tracert and hit it in 8 hops.

When it came to adding the WDS role, it was weird. I'm used to clicking next and having some time to read a few emails while the progress bar chugs across the screen. I hit next and the bar shot across and was done.

@scottalanmiller can you share some of the details about what we're running on?

I thought of Veeam because I know I'll be able to bring it right back to where it was fairly quickly. The file level backups as some have noted, won't grab application settings.

I agree with everything said. It basically comes down to one manager. His machine got infected, so we nuked it by reimaging it. 40 minutes later he had his new computer, but it took another 2 hours for Windows updates to catch up to current since the image was so old. Then he had to tweak all his apps. So then he asked for the computer backup.

I almost think firing off the user state migration tool every so often might solve his problem, but I have to put the numbers together to show it's going to be expensive to store and expensive to manage for something that would get used very rarely.

Can anyone recommend anything for centrally managed end user computer backups? I have a client with Windows 7 computers and they are concerned about down time if a machine has to get reimaged and the user has to reconfigure all the settings from default when they get their machine back.

I've used Server Essentials and it has a piece in the dashboard where it lets you configure and monitor client backups. Does this piece exist for larger networks?

I could use something like Veeam Endpoint, but would it deduplicate all the OS and software files that are the same on every machine? Is that what you get when you add Veeam Backup and Replication repository?

It would have been nice if it was just that easy. WDS wasn't running because the second drive wasn't showing up because it was never set online after the machine was P2Ved and a few other things after that...

Found the WDS service wasn't actually running on the new server. Not sure why the old one responded, but it's serving images from the new one so I can move on now.

I'm working on a network that has two servers with WDS on them. The old server that didn't seem to have any working images was set to "Respond to all client computers" and the new server that looked like it should have been in use was set to "Do not respond to any client computers". I flipped those settings and expected my test VM to boot from the new server, but it didn't. I checked DHCP for option 66 and it wasn't set. (nor was 67)

How else can I troubleshoot this?

Is this for a drive mapping or what? There are sometimes easier ways that blocking the whole policy depending on what you're doing.

The problem was once I moved the user to a test OU in the local AD that was not synced and then forced a sync, I still couldn't set the immutableID and was getting the error:
Set-MsolUser : Uniqueness violation. Property: SourceAnchor.
At line:1 char:1
+

This was because when o365 saw the account was no longer coming from AD, it moved it to deleted users. I found the user with:
Get-MsolUser -ReturnDeletedUsers |fl
and sure enough, the immutableID matched the one I was trying to set.
I purged the user with:
Remove-MsolUser -UserPrincipalName [email protected] -RemoveFromRecycleBin
Then the Set-MsolUser -UserPrincipalName [email protected] -ImmutableId $ImmutableID
worked.

Free AND Hosted? How is that supposed to work? What do they sell so they can make money?

Seems like I have to do this:
Add ImmutableID from AD user to Cloud user:
$guid = (get-Aduser <username>).ObjectGuid
$immutableID = [System.Convert]::ToBase64String($guid.tobytearray())
Connect to AD Azure (Connect-MSOLService when AD Azure Powershell Module is installed)
Set-MSOLuser -UserPrincipalName <clouduserUPN> -ImmutableID $immutableID
It’s possible that the clouduserUPN must be changed to the <tenant>.onmicrosoft.com format. It should be changed by DirSync to correspond with the AD UPN.
See also http://www.joseph-streeter.com/?p=423
Then perform a sync as described in the previous section.

From:
https://dirteam.com/dave/2014/08/15/fixing-office-365-dirsync-account-matching-issues/

I have a client that seemed to create a cloud mailbox while AD sync was off. Now there is a conflict. In the portal I can see the cloud mailbox that actually contains mail, and the AD account. The UPN of the cloud account is the domain.com suffix and in the portal, the AD UPN is the domain.onmicrosoft.com suffix. In the portal the cloud account has both addresses and on prem AD has both addresses. Any idea how to straighten that out?

I have a client where I support them. They do what they do well, which is file locking across a distributed file system. Backups go to Amazon. That's the good. The bad is that they are a black box. When something goes wrong, you are in the dark until you get support involved and even then they can't always tell you what you need to know. If you have more specific questions, please let me know.

I put RdpGuard on a couple servers. In a matter of minutes I had 17 IPs banned.