Archive

Archive for the ‘ISA’ Category

Data Protection Manager SP1

December 7th, 2008 Amit Gatenyo No comments

SP 1 for System Center Data Protection Manager 2007 will be available on December 8th 2008. Along with the roll up update this release enhances many of the core features of DPM 2007. The key among them being

  1. Protection of Hyper-V™ virtualization platforms
  2. Enhanced SQL Server 2008 protection
  3. Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0
  4. Protection for Exchange Server 2007 Standby Cluster Replication (SCR)

In addition to enhancing the protection of each of the core Microsoft application workloads, additional capabilities have also been introduced with the release of DPM 2007 SP1, such as:

  1. Provision for a Client DPML answers customer demand for a more cost-effective way to protect Windows XP and Windows Vista clients using the same DPM 2007 infrastructure that protects their servers
  2. Disaster Recovery capabilities within DPM 2007 SP1 now include the ability to leverage a 3rd party vaulting partner via the cloud (SaaS) powered by Iron Mountain.
VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: DPM, ISA, SQL Server, Virtualization, Vista Tags: , , , , ,

SCOM 2007 Useful Links

October 2nd, 2008 Amit Gatenyo No comments

Main Downloads page (catalog, documentation)

http://technet.microsoft.com/en-us/opsmgr/bb498232.aspx

Operations Manager Product Team Blog:

http://blogs.technet.com/momteam

SystemCenterForum.org

http://www.systemcenterforum.org

System Center Content Search (Vista gadget)

http://gallery.live.com/liveItemDetail.aspx?li=49e26ad0-113d-4f3d-a711-57f6530c75d9

System Center Operations Manager Blog Search:

http://search.live.com/macros/microsoft_user_assistance/sc_operations_manager_blogs

Event Flow Diagram

http://blogs.technet.com/momteam/archive/2007/10/30/event-alerts-perf-data-flow-in-opsmgr-2007.aspx

DWDATARP.exe (For setting Data Retention policies in the Warehouse)

http://blogs.technet.com/momteam/archive/2008/05/14/data-warehouse-data-retention-policy-dwdatarp-exe.aspx

End-To-End Task test:

http://www.systemcenterforum.org/testing-end-to-end-notification-in-opsmgr-or-essentials-2007-mp/

Targeting Best Practices Poster:

http://download.microsoft.com/download/f/a/7/fa73e146-ab8a-4002-9311-bfe69a570d28/BestPractices_Rule_Monitor_REV_110607.pdf

Best practices to use when you configure overrides in System Center Operations Manager 2007

http://support.microsoft.com/kb/943239

Authoring Guide:

http://download.microsoft.com/download/7/4/d/74deff5e-449f-4a6b-91dd-ffbc117869a2/OM2007_AuthGuide.doc

Effective configuration Viewer:

http://www.microsoft.com/Downloads/details.aspx?FamilyID=a9db4dca-6716-478d-89b9-42f27ebc76a8&displaylang=en

Override Explorer:

http://blogs.msdn.com/boris_yanushpolsky/attachment/4301837.ashx

Group membership:

http://www.systemcenterforum.org/list-ops-mgr-group-membership-using-powershell

http://blogs.msdn.com/boris_yanushpolsky/archive/2007/10/26/which-groups-is-a-particular-computer-member-of.aspx

Management Group Configuration tool:

http://blogs.technet.com/cliveeastwood/archive/2007/06/04/mginfo-management-group-license-and-summary-info-utility-for-operations-manager-2007-and-essentials-2007.aspx

Maintenance mode Scripts:

http://blogs.technet.com/cliveeastwood/archive/2007/09/18/agentmm-a-command-line-tool-to-place-opsmgr-agents-into-maintenance-mode.aspx

http://blogs.msdn.com/boris_yanushpolsky/archive/2008/03/04/one-more-maintenance-mode-script.aspx

How Microsoft Does IT (includes MOM 2005 and Ops Mgr documents):

http://technet.microsoft.com/en-us/library/bb687791(TechNet.10).aspx

(from http://www.microsoft.com/itshowcase)

Certificates for Windows 2008 and Ops Mgr:

http://blogs.technet.com/momteam/archive/2008/06/02/obtaining-certificates-for-ops-mgr.aspx

Adding Custom Information to alerts and Notifications:

http://blogs.technet.com/kevinholman/archive/2007/12/12/adding-custom-information-to-alert-descriptions-and-notifications.aspx

Last contact time Style reports:

http://blogs.technet.com/kevinholman/archive/2008/06/27/which-servers-are-down-in-my-company-and-which-just-have-a-heartbeat-failure-right-now.aspx

http://blogs.technet.com/kevinholman/archive/2008/06/27/creating-a-new-data-source-for-reporting-against-the-operational-database.aspx

Converting an MP to XMl (unseal it)

http://blogs.msdn.com/boris_yanushpolsky/archive/2007/08/16/unsealing-a-management-pack.aspx

Powershell basics:

http://blogs.msdn.com/scshell/

http://blogs.msdn.com/scshell/archive/2006/09/28/getting-started.aspx

Powershell script examples:

http://blogs.technet.com/brianwren/archive/2008/03/11/mms-command-shell-presentation.aspx

Effective Config Viewer:

http://www.microsoft.com/Downloads/details.aspx?FamilyID=a9db4dca-6716-478d-89b9-42f27ebc76a8&displaylang=en

Developing MPs

http://www.developer.com/design/article.php/3740486

Enable Proxying on Agents UI

http://blogs.msdn.com/boris_yanushpolsky/archive/2007/08/02/enabling-proxying-for-agents.aspx

What Thresholds Monitors Have

http://blogs.msdn.com/boris_yanushpolsky/archive/2007/08/07/so-what-thresholds-do-my-monitors-have.aspx

Boris Yanushpolsky’s blog

http://blogs.msdn.com/boris_yanushpolsky/default.aspx

Bulk Enable / Disable of rules or monitors (Override Creator):

http://blogs.msdn.com/boris_yanushpolsky/archive/2007/08/04/disabling-enabling-multiple-rules-monitors-discoveries-at-once.aspx

New KB Articles / Hotfixes Summary:

http://blogs.technet.com/cliveeastwood/rss.aspx?Tags=New%20and%20upcoming%20KB%20Articles/Operations%20Manager%202007&AndTags=1

Update Custom Fields

http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.opsmgr.powershell&tid=0bdee97c-95b6-4074-9eff-f7edca3d0ff2&cat=01DE69DE-CFDB-E7B7-8849-BF4BC19A6B88&lang=en&cr=US&sloc=&p=1

http://www.systemcenterforum.org/updating-custom-fields-in-alerts-operations-manager-2007/

Design Reports in SCOM:

http://opsmgr.wordpress.com/2007/07/19/want-to-design-a-new-report-in-scom-2007/

DB IOPS Performance

http://blogs.technet.com/momteam/archive/2008/06/24/performance-iops-for-the-db-and-dw-in-opsmgr-2007.aspx

DW Backup and Grooming:

http://searchwincomputing.techtarget.com/generic/0,295582,sid68_gci1316214,00.html

Creating tasks:

http://www.systemcenterforum.org/wp-content/uploads/PowershellTasks_v1.0.pdf

Planning and designing the infrastructure:

http://www.microsoft.com/downloads/details.aspx?FamilyId=AD3921FB-8224-4681-9064-075FDF042B0C&SAMI_Campaign_Name=IPD062708RTM_IPDDL&displaylang=en

Operations Manager Training Videos:

http://technet.microsoft.com/en-us/opsmgr/bb498237.aspx

Publishing Reports to Sharepoint:

http://blogs.technet.com/momteam/archive/2008/02/29/publish-reports-to-sharepoint.aspx

Operations Manager Reporting Guide:

http://download.microsoft.com/download/7/4/d/74deff5e-449f-4a6b-91dd-ffbc117869a2/OpsMgr2007_RprtGuide.doc

Configuring notifications for a specific alert:

http://blogs.technet.com/kevinholman/archive/2008/02/01/configuring-notifications-to-include-specific-alerts-from-specific-groups-and-classes.aspx

System Center Capacity Planner:

http://www.microsoft.com/systemcenter/sccp/default.mspx

Operations Manager Authoring Console:

http://download.microsoft.com/download/f/4/3/f438d6a0-290c-42b8-8f9c-c6660f89e1aa/OpsMgr07_x64_AuthConsole.exe

http://download.microsoft.com/download/f/4/3/f438d6a0-290c-42b8-8f9c-c6660f89e1aa/OpsMgr07_x86_AuthConsole.exe

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: ISA, Performance, SCE, SCOM, Vista, Windows 2008 Tags: , , , , ,

New in the Windows 2008/Vista Auditing

September 6th, 2008 Amit Gatenyo No comments

Have you ever thought that 9 auditing options available in Windows (via Local security policy or GPO) are too general? Have you ever asked to make more granular auditing?

 

Now you can. You have about 50 new subcategories to audit:

System
  Security State Change
  Security System Extension
  System Integrity
  IPsec Driver
  Other System Events
Logon/Logoff
  Logon
  Logoff
  Account Lockout
  IPsec Main Mode
  IPsec Quick Mode
  IPsec Extended Mode
  Special Logon
  Other Logon/Logoff Events
  Network Policy Server
Object Access
  File System
  Registry
  Kernel Object
  SAM
  Certification Services
  Application Generated
  Handle Manipulation
  File Share
  Filtering Platform Packet Drop
  Filtering Platform Connection
  Other Object Access Events
Privilege Use
  Sensitive Privilege Use
  Non Sensitive Privilege Use
  Other Privilege Use Events
Detailed Tracking
  Process Creation
  Process Termination
  DPAPI Activity
  RPC Events
Policy Change
  Audit Policy Change
  Authentication Policy Change
  Authorization Policy Change
  MPSSVC Rule-Level Policy Change
  Filtering Platform Policy Change
  Other Policy Change Events
Account Management
  User Account Management
  Computer Account Management
  Security Group Management
  Distribution Group Management
  Application Group Management
  Other Account Management Events
DS Access
  Directory Service Access
  Directory Service Changes
  Directory Service Replication
  Detailed Directory Service Replication
Account Logon
  Credential Validation
  Kerberos Service Ticket Operations
  Other Account Logon Events
  Kerberos Authentication Service

 

Here you can find additional information about auditing:

http://technet.microsoft.com/en-us/library/cc766468.aspx

 

All events that are written to even log for each subcategory:

http://support.microsoft.com/default.aspx/kb/947226/en-us

 

And the way to enable and deploy it:

http://support.microsoft.com/kb/921469/en-us

 

Recommendation for enabling/disabling auditing subcategories are documented in Windows Server 2008 Security Guide:

http://technet.microsoft.com/en-us/library/cc264465.aspx

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: General, ISA, Security, Vista, Windows 2008 Tags: , , , ,

Recovering deleted files in Windows Vista with ShadowExplorer

September 6th, 2008 Amit Gatenyo No comments

Have you ever wanted to recover deleted files, only to discover you don’t have a backup ?

With Windows Vista, you don’t have to worry :)

All of the Vista version support an automatic backup mechanism named VSS (Volume Shadow copy Service).

The VSS creates an automatic backup of files and folders within the OS volume (default setting in Vista), but you can define the VSS to protect any volume.

Windows Vista Business / Ultimate offer a simply GUI based process which enables users to retrieve a backup version of a file/folder by selecting the relevant file/folder’s  “properties” and select the “Previous Versions” tab. You can select to open, copy to restore the file/folder.

image

The “Previous Versions” tab is unavailable in Windows Vista Home Basic / Premium, however there is a free utility named “ShadowExplorer” which enables users to access the VSS backup versions of the files.

 

image

The ShadowExplorer software is available for download from the following URL – http://www.shadowexplorer.com/

There are 2 easy ways to control the VSS setting:

1. Enable / Disable VSS protection per volume through “My computer” -> “properties” -> “System Protection”

image

2. View & configure advanced VSS settings using the “vssadmin” at the command line prompt.

image

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: ISA, Vista Tags: ,

October Technet Magazine was dedicated to Virtualization

September 6th, 2008 Amit Gatenyo No comments

Check out the October issue of Technet Magazine. it was dedicated to Virtualization and has some good articles in it:

October2008Virtualization: An Introduction to Hyper-V in Windows Server 2008

The introduction of Hyper-V makes virtualization an even more compelling solution for IT environments. Get an overview of today’s virtualization market and see how Hyper-V improves the manageability, reliability, and security of virtualization Rajiv Arunkundram

 

 

Virtualization: Manage Your Virtual Environments with VMM 2008

System Center Virtual Machine Manager provides a consolidated interface for managing your virtual infrastructure. The latest version adds support for Windows Server 2008 Hyper-V, as well as for VMware virtual machines. Explore the new features and get an overview of using VMM to centralize your management tasks. Edwin Yuen

Virtualization: Getting Started with Microsoft Application Virtualization

Microsoft Application Virtualization (App-V) allows you to deliver virtualized desktops to client systems throughout your organization. This simplifies system management and liberates employees from their desktops. Take a close look at how App-V works and discover how you can deploy it in your organization. Anthony Kinney

Virtualization: Achieving High Availability for Hyper-V

Consolidating servers onto fewer physical machines has many advantages, but it is extremely important that you plan for your systems to be highly available. Here’s a guide to using Windows Server 2008 Failover Clustering to bring high availability to your Hyper-V virtual machines. Steven Ekren

Virtualization: Backup and Disaster Recovery for Server Virtualization

Virtualization brings significant changes to disaster recovery. Here’s an introduction to how the Microsoft virtualization platform factors into your disaster recovery plan, as well as a deeper look into backup and restore options and considerations for Windows Server 2008 Hyper-V. Adam Fazio

Virtualization: Essential Tools for Planning Your Virtual Infrastructure

Is your infrastructure ready for virtualization? The Microsoft Assessment and Planning Toolkit, a network-wide infrastructure assessment tool, can help you better understand your IT infrastructure and determine whether your systems are ready for upgrade or migration to a variety of technologies, including virtualization. Jay Sauls and Baldwin Ng

From the Editor: It’s a Virtual(ized) World

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: App-V, Clustering, Hyper-V, ISA, Security, VMM, VMWare, Virtualization Tags: , , , , , , ,

Connect to an SQL Server Instance from a remote server

July 30th, 2008 Amit Gatenyo No comments

???? ??????? ??-SQL ?? ?? instance ?? ????? default ??? ?? ????? ????? ?? ?????? ?????,

????? ?? ???? ????? ??-Instance ????? ????? ?? ?? ??????.

1.?????? ?-SQL Server Surface Area Configuration

2. ?????? ?- Surface Area Configuration for services and connection

3. ?????? ?? ??? ??? ???? ??????? ???? ?-Instance ????.

4. ??? database engine ?????? ?-remote connection

5. ??????? Local and remote connection

???.

???….

?? ?????, ???? ?? ?? ?????? ??? ??? ?? ????? ???? ?? ????? ???? ???? ??? ?????.

????? ??? ?????? ??? ?????? ?-Instance ?????, ???? ??? ??????? ???? ?? instance ????? ????? ?? ???? ???? ????, ????? ?? ?-service ????? ???????? ?-instance ?????(?? ???? SQL Server Browser), ???? ???? ?-disable ????? (????? ??? secured by default?) ???? ?????? ?? ???? ?????? ?? ?? ???? ?????? ?? ?????? ??? tcp/ip ?????? ???? ????? ?? ????? ????.

????? ???? ?? ?-service  ??? (???? ????? ?? ?? ??? ??? ???? ?? ????, ????? ?????? ?? ????? ?????? ?-instance ?? ???? ????? ????):

1. ?????? ?-SQL Server Surface Area Configuration

2. ?????? ?- Surface Area Configuration for services and connection

3. ???? ?? ?????? ?? SQL Server Browser ?????? service, ?????? ??????? ?? ?? ?-automatic ?????? Start.

??? ?????? ????…

??? ???!

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: ISA, SQL Server Tags: ,

ืฆื™ืจื•ืฃ Windows 2008\Vista ืœื“ื•ืžื™ื™ืŸ ื“ืจืš ISA

July 29th, 2008 Amit Gatenyo No comments

ื ื™ืชืงืœืชื ื‘ืชืงืœื” ืกื•ืคืจ ืžืขืฆื‘ื ืช ื‘ืฆื™ืจื•ืฃ ืžื—ืฉื‘ื™ื ื”ืžืจื™ืฆื™ื Vista ืื• Windows 2008 ืœื“ื•ืžื™ื™ืŸ ื›ืฉ-ISA 2006 ื™ื•ืฉื‘ ื‘ื™ืŸ ื”ืžื—ืฉื‘ ืื•ืชื• ืืชื ืจื•ืฆื™ื ืœืฆืจืฃ ืœ-DC ืฉืœ ืื•ืชื• ื”ื“ื•ืžื™ื™ืŸ ื•ื”ื”ื•ื“ืขื” ื”ื™ื "The remote procedure call failed and did not execute"?

ืขืœ ืžื ืช ืœืคืชื•ืจ ืืช ื”ื‘ืขื™ื” ื™ืฉ ืœื‘ื˜ืœ ืืช ื”-RPC Filter ืฉืœ ื”-ISA ื‘ื“ืจืš ื”ื‘ืื”:

1. Go to: ISA Server Management > Configuration > Add-ins
2. Select RPC Filter
3. Click Disable on Rightmost Panel
4. Click Apply button at top dialog panel that will apear
5. Select second radio button for "Apply and RESTART" server

ื”ืžืงื•ืจ ืœื‘ืขื™ื” ืžืชื•ืืจ ื›ืืŸ – http://support.microsoft.com/default.aspx/kb/899148

ื“ืจืš ื ื•ืกืคืช ืœื”ืฉื™ื’ ืืช ืื•ืชื” ื”ืžื˜ืจื” ื”ื™ื:

1. Select "Firewall Policy"
2. Show System Policy Rules
3. Select the rule" Allow RPC from ISA Server…"
4. Under the "Protocols" Column, right click the "RPC(All Interfaces)" and
select Properties
5. Under the "Parameters" tab, "Application Filter" section, uncheck the rpc filter.

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: Active Directory, ISA, Vista, Windows 2008 Tags: , ,

How to configure Remote Assistance to not prompt for user permission

July 29th, 2008 Amit Gatenyo No comments

Assuming this does not violate any of your internal security policies and procedures, and assuming you have control over the files contained on your XP workstations, you can make changes to 2 files to eliminate the end-user prompts asking for permission when using Remote Assistance to XP workstations.

If you wish, you could modify just 1 of the files. For example, retain the initial prompt asking for the access, but disable the Take Control prompt. Or vice versa.

Procedure: On the TARGET client computer, modify two files:

File #1

Change Helpeeaccept.htm to eliminates the initial “Would you like to give <user> access to your computer?”

%windir%\pchealth\HelpCtr\System\Remote Assistance\helpeeaccept.htm

at about lines 156-158
——–original———
btnAccept.disabled = false;
btnDecline.disabled = false;
btnDecline.focus();
—————————

——–new————
btnAccept.disabled = false;
btnDecline.disabled = false;
btnDecline.focus();
DoAccept();
—————————–

File #2

Change TakeControlMsgs.htm to eliminates the prompt after the expert clicks “Take Control”, “Do you wish to let <user> share control of your computer?”

%windir%\pchealth\helpctr\System\Remote Assistance\Interaction\Server\TakeControlMsgs.htm

Lines 25-29, change from
—original——
alert( L_ERRACCESSDENIED_Text );
return;
}
return;
—————-

—–new——–
alert( L_ERRACCESSDENIED_Text );
return;
}
onClickHandler(0)
return;
—————-

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: ISA, SCCM, Security Tags: , ,

A Great place for SCOM scripts

July 13th, 2008 Amit Gatenyo No comments

Check out Boris Yanushpolsky’s blog (http://blogs.msdn.com/boris_yanushpolsky).

Boris is an SCOM Program Manager focusing on SDK and PowerShell.

Utilities documented and available on his blog include:

VN:F [1.9.3_1094]
VN:F [1.9.3_1094]
Categories: ISA, Performance, SCOM Tags: , ,

.