Category Archives: SBS 2008

Office 365 migrations

I just spent the weekend working performing some SBS to Office 365 migrations.

Here are some useful links that make the process a whole lot easier.

Export mailboxes to PST for Exchange 2010 (SBS 2011 Standard)

Export mailboxes to PST for Exchange 2007 (SBS 2008)

Import PST files to Office 365

Enabling Autodiscover for Outlook in SBS Exchange Environments

Getting Outlook 2007 and Outlook 2010 to work with Office 365

  • The following link lists the minimum requirements needed to quickly get your Outlook desktop client running with Office 365.
  • http://www.netdummy.net/office365-client-updates.html
  • With SBS 2011, it is necessary to remove the Service Connection Point (SCP)
    • Show SCP information: Get-ClientAccessServer | Select Name, AutoDiscoverServiceInternalUri
    • Remove SCP information: Set-ClientAccessServer -Identity “[Servername]” -AutoDiscoverServiceInternalUri $NULL

Importing LegacyDN information

Problems connecting Outlook to Office 365 

AND if you happen to still be using SBS 2003 (I certainly hope not!), you can use Exmerge or Outlook to output individual mailboxes to PST. Do it soon!

Migrating Email from SBS Exchange to Office 365

In the past few months, I have been working with some clients on moving their existing Small Business Server (SBS) systems over to the Microsoft cloud based Office 365 email system. There are a number of issues and possible gotchas in making this transition which will be discussed here. Note that this blog post is targeted to the small business community with existing SBS 2003, SBS 2008 or SBS 2011 deployments that are looking to move their email services to Office 365, while maintaining their existing network. We will not be considering Office365 migration method in this move as the costs and complexity of implementing this in a small business are prohibitive.

The pre-requisite when performing such a migration, is to plan and work out a migration path for email services. Questions to be considered are:

  1. Do we need to migrate all the old email data, or should some be archived?
  2. Are there old accounts that can be decommissioned?
  3. What distribution groups and contacts need to be migrated across?
  4. Are there any Send As and Send on Behalf of permissions that need to be addressed?
  5. Are there individual permissions on Calendars and Folders that need to be recreated?
  6. How will we move the old email data from Exchange on premises to Office 365?

Moving Email data from On-premises Exchange to Office 365

Central to the entire issue is retaining old emails and settings. There are a number of ways to move the data across to Office365.

  • Export-Import. This method involves exporting the current emails to PST and re-importing them into Office 365 once Outlook has been configured.
  • Migrationwiz.com is a fast and easy way to move mailboxes at a low cost.
  • Office365 Migration wizard. This is a built in tool from Microsoft to help in performing a migration from on-premises Exchange. It requires an Azure subscription and the installation of the Directory Sync tool and has some tough pre-requisites for SMBs. The process is detailed on technet here – http://technet.microsoft.com/en-us/library/jj573653.aspx

One main drawback from using any method that does not synchronize the Office 365 platform to your existing Active Directory is dealing with the issue of Auto-Complete or Suggested Contacts. After the migration, it is quite likely that replies on old emails or emails sent using the stored contact information in Auto-Complete or Suggested Contacts will result in a Undeliverable error as follows:

IMCEAEX-_O=MyDomain_OU=First+20Administrative+20Group_cn=Recipients_cn=bOldLastName@domain.com

#550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found ##

Create Users and Set up Domain in Office 365

In this step, you need to set up and recreate all the users, distribution groups, and domains to match what you have on-premises. In the public DNS, set the MX records to point to your on-premises Exchange until you are ready to receive emails at the Office 365 service. Ensure that the Autodiscover and other DNS services are set up properly.

Setting up the Outlook Profile

One of the main issues with setting up Outlook for Office 365 on an existing SBS domain is the existing autodiscover configuration set up for each user account. The following steps should be followed to ensure a simple, incident free set up of Outlook on Office 365.

  1. Log in to the PC as the user. The configuration is done per user.
  2. Update your PC with a the latest patches, especially Microsoft Office patches and Service Packs.
  3. Log in to the Office 365 portal using the users email address and assigned password.
  4. Install software and connect it to Office 365

  5. You will need to sign in to Office 365 again using the user’s credentials.

  6. The Office 365 setup application will note that manual steps will be required (which involves setting up the Outlook profile as detailed here).

  7. For Office 2007, the registry key is [HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]

    For Office 2010, the registry key is [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]

    The six entries are all DWORD. (NOTE: all but one entry are set to 1)

    “PreferLocalXML”=dword:00000001

    “ExcludeHttpRedirect”=dword:00000000

    “ExcludeHttpsAutoDiscoverDomain”=dword:00000001

    “ExcludeHttpsRootDomain”=dword:00000001

    “ExcludeScpLookup”=dword:00000001

    “ExcludeSrvRecord”=dword:00000001

    They should be displayed among other entries like this.

  8. Download and run the two AgileIT tools from http://www.agileit.com/news/office-365-autodiscover-xml-tool-released/. Just enter the domain name and click OK.

  9. Now you can Add a new Outlook Profile from Control Panel-Mail (32-bit). You will see the existing Outlook Profile there, which can be kept as a backup, as you may need it later for export to PST purposes.

  10. The local autodiscover settings that have been configured earlier will kick in and set up the account. You will need to log in using the Office 365 credentials.

You can also add the on-premises Exchange profile to this new profile, if you are planning to export the old email data or manually transfer information over to the office 365 account.

With smaller sites, this is a quick and easy way to manage your Office 365 migration. With larger installations, the Office 365 migration wizard using Azure and Directory Sync may be a more efficient method. In the end, it is up to the business owner, with advice from the IT consultant, to work out which method is preferred.

UPDATE: There is a really good article on how to use Azure Active Directory to handle password sync between your local AD and the new Office 365 AD – www.infostream.cc/dirsync-aadsync

Http://Connect shows a 404 – File or directory not found error page

Http://connect is used in Small Business Server and Windows Server Essentials to configure and join client computers to the domain. There is a known issue with Trend Micro’s Worry Free Business Security suite version 7 and 8 which causes this issue.

The solution is to disable (NOT DELETE) the CGI-exe and ISAPI-dll modules on the SBS Client Deployment Applications Website in IIS.

  1. To do this, you need to start up the Internet Information Services (IIS) Manager. Note: There are 2 of these located in Administrative tools. Select the non-numbered (version 7) one.

  2. Expand to the SBS Client Deployment Applications Home and locate Handler Mappings.

  3. Double-Click Handler Mappings. Then locate CGI-exe. Right-Click and Edit Feature Permissisons.

     

  4. Remove the tick on Execute. You will now see CGI-exe and ISAPI-dll listed in the disabled section. Click OK.

     

  5. Return to the SBS Client Deployment Applications Home, right-click on the website, select Manage Web Site, and restart the site.

 

 

Using DISKPART to create a Bootable USB of Windows 8

Windows 8 was released today on MSDN and Technet. It will soon be released publically. With that comes the many GBs of downloads for the ISOs. Many may have newer Ultrabooks, which do not feature DVD drives anymore. Rather than burning the ISO to a DVD disc, why not put it on a bootable USB stick? There are many ways to do this, and I have found that the best way to do this is to use a command tool called DISKPART. The commands are fairly easy.

  1. Open an elevated Command Prompt and type DISKPART. You will open up the Diskpart tool, as evidenced by the DISKPART> prompt.
  2. DISKPART>LIST DISK <- This will give you a listing of the disks on your system. It is very important to identify the USB disk, as you really do not want to format your system drive.
  3. DISKPART>SELECT DISK n <- this will make select the USB disk n, as identified in step 2
  4. DISKPART>CLEAN <- This effectively does a quick format/wipe of the USB disk
  5. DISKPART>CREATE PARTITION PRIMARY <- This will create a primary partition on the disk
  6. DISKPART>SELECT PARTITION 1 <- Since there is only one partition, this will select it.
  7. DISKPART>ACTIVE <- This makes the partition active
  8. DISKPART>FORMAT FS=FAT32 <- This formats the disk and sets it up as a FAT32 formatted drive. This will take a while to complete
  9. DISKPART>ASSIGN <- This assigns the next drive letter to the drive
  10. DISKPART>EXIT <- To exit the utility

Once the USB drive has been prepared, you can now use a utility like 7-Zip to extract the ISO directly to the drive.

BTW. This process will also work when creating bootable USB disks of other Windows ISOs – Windows Server 2012, Windows Small Business Server 2011, Windows Server 2008 R2, Windows 7, and even Vista.

 

 

Goodbye SBS!

Microsoft announced today the next release of their Windows Server operating systems, and thus ended the branding and name Small Business Server. Read the announcement here – http://blogs.technet.com/b/sbs/archive/2012/07/05/windows-small-business-server-essentials-becomes-windows-server-2012-essentials.aspx. Also check out the new line up for Windows Server 2012 here – http://www.microsoft.com/en-us/server-cloud/windows-server/2012-editions.aspx.

Here is a brief history of SBS. Google “Small Business Server” for more information on this.

  • 22 Oct 1997. BackOffice Small Business Server 4.0 is introduced, based on Windows NT Server 4.0 SP3. Allowed 25 client licenses.
  • 24 May 1999. BackOffice Small Business Server 4.5 is released, based on Windows NT Server 4.0 SP4. Allowed 50 client licenses.
  • 21 Feb 2001. Microsoft Small Business Server 2000 is released, based on Windows 2000 Server. Allowed 50 client licenses.
  • 9 Oct 2003. Windows Small Business Server 2003 is released, based on Windows Server 2003. Allowed 75 client licenses.
  • 29 July 2006. Windows Small Business Server 2003 R2 is released, based on Windows Server 2003. The main updates here included the introduction of Windows Server Update Services and expansion of the 18GB Exchange database limit to 75GB.
  • 21 Aug 2008. Windows Small Business Server 2008 is released, based on Windows Server 2008. Allowed 75 client licenses, and introduced a new Console for administration and management.
  • 13 Dec 2010. Windows Small Business Server 2011 is released, based on Windows Server 2008 R2. The product was split into a Standard and Essentials version, where the standard version carried forward the 75 client license limit as seen in past releases. The new Essentials version was introduced from the Windows Home Server codebase and included 25 client licenses built in.
  • late 2012/early 2013 (estimate). Windows Server 2012 Essentials will be released, based on Windows Server 2012. Includes 25 client licenses.

With the introduction of Windows Server 2012 Essentials, the Small Business Server brand name will be lost. Here are some screenshots of the administration console as it developed in SBS2000, SBS2003, SBS2008, SBS2011 Standard and Essentials.

For more information on Small Business Server features, go to www.microsoft.com/sbs. SBS2011 is available right now. This is your last chance to get a fully integrated server for small business which integrates on premise Email, collaboration, update services, remote web access gateway, and much more.

 

Filtering and Managing Event Alerts in SBS Reporting

The SBS Teem have released a Powershell commandlet that will allow you to fine tune and manage the reporting and alerting functions in SBS 2008 and 2011. There are a number of alerts that can be safely ignored and yet persist in the event alert reports, which often cause anxiety and uneccesary concern. This commandlet will allow you to configure and specify which alerts to ignore, thus providing less noise to work through in order to see the important alerts more clearly.

The blog provides more information here – http://blogs.technet.com/b/sbs/archive/2012/01/16/managing-event-alerts-in-your-reports-an-sbs-monitoring-feature-enhancement.aspx

Windows SBS Migration resources

Microsoft have out out a page with all Microsoft Migration resources within a click’s reach here – http://technet.microsoft.com/en-us/sbs/gg981878

The page covers:

Migrate to Windows Small Business Server 2011 Standard

  • from Windows SBS 2003
  • from Windows SBS 2008
  • from Windows SBS 2011 Standard to new hardware

Migrate to Windows Small Business Server 2011 Essentials

  • from Windows SBS 2003
  • from Windows SBS 2011 Essentials to new hardware

Migrate Exchange Server mailboxes and mailbox data to the Cloud

  • Migrate All Mailboxes to the Cloud with a Simple Exchange Migration
  • Migrate a Subset of Mailboxes to the Cloud with a Staged Exchange Migration

Move Microsoft SharePoint Foundation 2010 databases to Windows Small Business Server 2011 Premium Add-on

Migrate to Windows Small Business Server 2008

  • from Windows SBS 2008 to new hardware

It also includes links to the Best Practices Analyzers and to the Forums and to the Windows SBS Blog.

What is in the SBS BPA?

The SBS Best Practices Analyzer (BPA) is a tool that collects information about your server and analyzes this information to produce a report on how you can configure the server to perform better. It is not a comprehensive 100% check of the entire system. It checkes your server against a specific set of configuration rules and reports when these rules are not properly followed.

A write up about the BPA can be found here – http://blogs.technet.com/b/sbs/archive/2011/04/08/introducing-the-windows-server-solutions-bpa.aspx

The following is a list of checks that the BPA does for SBS 2011 (from http://blogs.technet.com/b/sbs/archive/2011/04/25/windows-server-solutions-bpa-checklist.aspx)

Small Business Server 2011 Standard Edition

Checks the following service’s start mode:

  • DNS Client – DNSClientStartModeSection
  • DHCP Client – DHCPClientStartModeSection
  • IIS Admin Service – IISAdminStartModeSection
  • Remote Registry – RemoteRegistryStartModeSection
  • Remote Desktop Gateway – TSGatestartModeSection
  • Windows Update – AutoUpdatestartModeSection
  • Distributed Transaction Coordinator – DTCStartModeSection
  • Netlogon – NetlogonStartModeSection
  • DNS Server – DNSServerStartModeSection
  • Windows SBS Manager – SBSMgrstartModeSection

Checks that the following services are started:

  • DNS Client – DNSClientStartedSection
  • Windows Update – AutoUpdatesStartedSection
  • DHCP Client – DHCPClientStartedSection
  • IIS Admin Service – IISAdminStartedSection
  • World Wide Web Publishing Service – W3SVCStartedSection
  • Remote Registry – RemoteRegStartedSection
  • Remote Desktop Gateway – TSGateStartedSection
  • Windows Time – W32TimeStartedSection
  • Distributed Transaction Coordinator – DTCStartedSection
  • Netlogon – NetlogonStartedSection
  • DNS Server – DNSServerStartedSection
  • Windows SBS Manager – SBSmgrStartedSection

Checks the following service’s logon account:

  • DNS Client – DNSClientStartNameSection
  • Windows Update – AutoUpdatesStartNameSection
  • DHCP Client – DHCPClientStartNameSection
  • World Wide Web Publishing Service – W3SVCStartNameSection
  • Remote Desktop Gateway – TSGatewayStartNameSection
  • Windows Time – W32TimeStartNameSection
  • Distributed Transaction Coordinator – DTCStartNameSection
  • Netlogon – NetlogonStartNameSection
  • DNS Server – DNSServerStartNameSection
  • Windows SBS Manager – SBSMgrStartNameSection

Other Checks:

  • SKUsFoundSection – Returns the Operating System Platform name
  • PingDefGtwySection – Checks to see if the server is not able to ping the default gateway
  • PingDefGtwyOKSection – Checks to see if the server is able to ping the default gateway
  • Check2IPsSection – Checks to see if there are multiple IP addresses on the network card
  • IPFilteringSection – Checks to see if IP Filtering is enabled
  • HyperVSection – Checks to see if the Hyper-V role is installed
  • IPv6Section – Check to see if IPv6 appears to be improperly disabled
  • KernelAuthEnabledSection – Check to see if Kernel Mode Authentication is enabled in the applicationhost.config for IIS

Small Business Server 2011 Essentials

Checks the following service’s start mode:

  • DNS Client – DNSClientStartModeSection
  • DHCP Client – DHCPClientStartModeSection
  • IIS Admin Service – IISAdminStartModeSection
  • World Wide Web Publishing Service – W3SVCStartModeSection
  • Remote Registry – RemoteRegistryStartModeSection
  • Remote Desktop Gateway – TSGatestartModeSection
  • Windows Time – W32TimestartModeSection
  • Windows Update – AutoUpdatestartModeSection
  • Distributed Transaction Coordinator – DTCStartModeSection
  • Netlogon – NetlogonStartModeSection
  • DNS Server – DNSServerStartModeSection

Checks that the following services are started:

  • DNS Client – DNSClientStartedSection
  • Windows Update – AutoUpdatesStartedSection
  • DHCP Client – DHCPClientStartedSection
  • IIS Admin Service – IISAdminStartedSection
  • World Wide Web Publishing Service – W3SVCStartedSection
  • Remote Registry – RemoteRegStartedSection
  • Remote Desktop Gateway – TSGateStartedSection
  • Windows Time – W32TimeStartedSection
  • Distributed Transaction Coordinator – DTCStartedSection
  • Netlogon – NetlogonStartedSection
  • DNS Server – DNSServerStartedSection

Checks the following service’s logon account:

  • DNS Client – DNSClientStartNameSection
  • Windows Update – AutoUpdatesStartNameSection
  • DHCP Client – DHCPClientStartNameSection
  • IIS Admin Service – IISAdminStartNameSection
  • World Wide Web Publishing Service – W3SVCStartNameSection
  • Remote Desktop Gateway – TSGatewayStartNameSection
  • Windows Time – W32TimeStartNameSection
  • Distributed Transaction Coordinator – DTCStartNameSection
  • Netlogon – NetlogonStartNameSection
  • DNS Server – DNSServerStartNameSection

Other Checks:

  • SKUsFoundSection – Returns the Operating System Platform name
  • PingDefGtwySection – Checks to see if the server is not able to ping the default gateway
  • PingDefGtwyOKSection – Checks to see if the server is able to ping the default gateway
  • Check2IPsSection – Checks to see if there are multiple IP addresses on the network card
  • IPFilteringSection – Checks to see if IP Filtering is enabled
  • HyperVSection – Checks to see if the Hyper-V role is installed

Windows Storage Server 2008 R2 Essentials

Checks the following service’s start mode:

  • DNS Client – DNSClientStartModeSection
  • DHCP Client – DHCPClientStartModeSection
  • IIS Admin Service – IISAdminStartModeSection
  • World Wide Web Publishing Service – W3SVCStartModeSection
  • Remote Registry – RemoteRegistryStartModeSection
  • Remote Desktop Gateway – TSGatestartModeSection
  • Windows Time – W32TimestartModeSection
  • Windows Update – AutoUpdatestartModeSection

Checks that the following services are started:

  • DNS Client – DNSClientStartedSection
  • Windows Update – AutoUpdatesStartedSection
  • DHCP Client – DHCPClientStartedSection
  • IIS Admin Service – IISAdminStartedSection
  • World Wide Web Publishing Service – W3SVCStartedSection
  • Remote Registry – RemoteRegStartedSection
  • Remote Desktop Gateway – TSGateStartedSection
  • Windows Time – W32TimeStartedSection

Checks the following service’s logon account:

  • DNS Client – DNSClientStartNameSection
  • Windows Update – AutoUpdatesStartNameSection
  • DHCP Client – DHCPClientStartNameSection
  • IIS Admin Service – IISAdminStartNameSection
  • World Wide Web Publishing Service – W3SVCStartNameSection
  • Remote Desktop Gateway – TSGatewayStartNameSection
  • Windows Time – W32TimeStartNameSection

Other Checks:

  • PingDefGtwySection – Checks to see if the server is not able to ping the default gateway
  • PingDefGtwyOKSection – Checks to see if the server is able to ping the default gateway

Windows MultiPoint Server 2011

Checks the following service’s start mode:

  • Windows MultiPoint Server Host Service – WMSSvcStartModeSection

Checks that the following services are started:

  • Windows MultiPoint Server Host Service – WMSSvcStartedSection
  • Remote Desktop Services – TermServiceStartedSection

Checks the following service’s logon account:

  • Windows MultiPoint Server Host Service – WMSSvcStartNameSection

Other Checks:

  • SRCShellAccountExistsSection – Verifies the SRCShell local account exist

You can also find the BPA for all versions of SBS from here – www.sbsbpa.com

PowerShell Not Your Father’s Command Line

There is a great 31 part blog post on PowerShell that is in developement (part 23 of 31 at this moment). Everything you wanted to know about PowerShell and some great scripts that can be used.

The main landing page for the blog is here – http://blogs.technet.com/b/matthewms/p/powershell.aspx

Here are the titles.

Part 1 of 31: Why PowerShell?
Part 2 of 31: The Basics on How to Read PowerShell
Part 3 of 31: Where Did All the Good Cmdlets Go?
Part 4 of 31: Who Ya Gonna Call For Help?
Part 5 of 31: What’s in it for Devs?
Part 6 of 31: A Cmdlet By Any Other Name Would Be An Alias
Part 7 of 31: Conjunction Function PowerShell What Are Functions?
Part 8 of 31: Won’t You Take Me To Functiontown?
Part 9 of 31: Another Side of PowerShell Profiles
Part 10 of 31: PowerShell Protecting You From Yourself
Part 11 of 31: PowerShell Providers and You!
Part 12 of 31: PowerShell and The Registry
Part 13 of 31: The Provider Active Directory Style
Part 14 of 31: Sorry I’m Not Home Right Now, Walking into IIS Webs…
Part 15 of 31: ISE, ISE Baby…
Part 16 of 31: PowerShell Take Me Out To The Grid
Part 17 of 31: Who Wants to Manage Active Directory?
Part 18 of 31: So You Deleted A User…On Purpose
Part 19 of 31: Small Business Server, PowerShell, and Me
Part 20 of 31: Hanging with Hyper-V
Part 21 of 31: Knock Knock PowerShell Calling!
Part 22 of 31: Good PowerShell Things Come in Nifty Packages
Part 23 of 31: HUGE Announcements, Disagreements, Best Practices and A Party…Oh My!
Part 24 of 31: PowerShell Did What!?!? How to Mitigate Risk!
Part 25 of 31: Did You Know PowerShell Can Talk VMware?
Part 26 of 31: Start Spreading the News…
Part 27 of 31: It Takes a Community to Raise a Language
Part 28 of 31: What is the .NET Framework?
Part 29 of 31: Demystifying MSDN and PowerShell static syntax
Part 30 of 31: PowerShell Likes the Pretty Blue Eyes of Azure Too
Part 31 of 31: That’s a Wrap and We are Not Done Yet!

SBS2008 and SBS2011 Log File locations

The following is a list of locations for key log files stored in SBS2008 as posted here – http://blogs.technet.com/b/sbs/archive/2008/10/01/key-small-business-server-2008-log-files.aspx. This also applies to SBS2011.

C:\Program Files\Windows Small Business Server\Logs

Console.log SBS Console Log
CTIW.log Logs events of the “Connect to the Internet” wizard
DCPromo_yymmdd.xxxxxx.log DCPromo that ran during SBS install
DPCW.log Logs events of the “Set up your Internet address” wizard
ERRORLOG.TXT Logs any errors that occurred during SBS setup
ExtSchemaTask.log Logs result of SBS AD schema additions
FinishSetup.log Logs the completion of the SBS 2008 install
GPOTask.log Logs the creation of the SBS Group Policy objects
olsignupwiz.log Logs events of the “Set up your Microsoft Office Live Small Business Web site” wizard
pop3connectorinstall.log Install log for the POP3 Connector
SBSHook.log Logs hooking of SBS install shell to Windows install and runonce modification
SBSSetup.log Logs all events that occurred during SBS setup
adduser.log Logs events of the “Add a new user account” wizard
addgroup.log Logs events of the “Add a new group” wizard
CreateUserRole.log Logs events of the “Add a new user role” wizard
CopyConnectComputer.log Logs events of the “Connect computers to your network” wizard
SBCW.log Logs events of the “Configure server backup” wizard
fncw.log Logs events of the “Fix My Network” wizard
AddMultipleUsers.log Logs events of the “Add multiple user accounts” wizard
FaxRoleInstallation.log Install log for Fax
FaxCW.log Logs events of the “Configure the fax service” wizard
MoveData.log Logs events of the “Move Exchange Server Data”, “Move Windows SharePointServices Data”, “Move User’s Shared Data”, “Move User’s Redirected Documents Data”, and “Move Windows Update Repository Data” wizards 
CIMW.log  Logs events of the “Configure a Smart Host for Internet e-mail” wizard
TrustedCert.log Logs events of the “Add a trusted certificate” wizard
VPNCW.log Logs events of the “Configure a virtual private network” wizard


C:\Program Files\Windows Small Business Server\Logs\MonitoringServiceLogs

Contains logs for  SBS Monitoring and it’s associated data collection tasks


C:\Program Files\Windows Small Business Server\Logs\pop3connector

Pop3service.log POP3 Connector log


C:\Program Files\Windows Small Business Server\Logs\WebWorkplace

W3WP.log IIS worker process log for RWW