Augusto Alvarez

Blog
Contact

[Events] Presenting at Code Camp 2010

September 2, 2010 at 1:51 am | Posted in Events | 2 Comments
Tags: Code Camp, Code Camp 2010, Events

Once again I have the pleasure to present at the Microsoft’s academic event of the year: Code Camp 2010 (Buenos Aires). This year, also repeating with two more tracks: Hyper-V and interoperability with Linux; and Migrating Windows XP to Windows 7 with MDT 2010.

The event will take place in Universidad de Palermo (Mario Bravo 1050 – Buenos Aires), this Saturday, September 4th; starting at 9AM. The registration link can be found here.

Since the description is in Spanish, let me translate the abstract:

“Hyper-V en Windows Server 2008 R2 e interoperabilidad con Linux” (Hyper-V in Windows Server 2008 R2 and interoperability with Linux): Taking a review about using Linux virtual machines in Hyper-V; compiling and installing “Integration Services” for Linux and backing up virtual machines with Data Protection Manager 2010 (DPM). I’ll be presenting with Guillermo Sanchez.

“Windows 7 Para Todos” (Windows 7 For Everyone): Migrating Windows XP with Microsoft Deployment Toolkit 2010 (MDT 2010) within easy steps, maintaining all user’s configurations including Internet Explorer favorites.

Review Code Camp’s complete schedule here.

See you then!

Reviewing GFI Backup 2010

August 3, 2010 at 5:51 pm | Posted in GFI Backup | 2 Comments
Tags: Backup, GFI, GFI Backup 2010, GFI Backup 2010 Business

A good backup solution and strategy in our organization is a key factor when we want to talk about continuity in our business. Unfortunately not all companies discuss this issue as an important matter.

Just to avoid the responsibility and the cost, I’ve seen organizations which decided not to implement a solution for backing up users’ data or just deciding using uncomfortable and ineffective strategies like “the user is responsible of maintaining their own backups”.

GFI provides another suite to simplify a lot of the work we usually have as IT guys: GFI Backup Business Edition. This software contains many features we usually look for in any number of platforms, and can lead us into a simple and efficient environment to maintain our company’s backup:

Easy and straight-forward configuration and deployment.
Centralized web-based administration interface
Supporting file, web and SQL Servers.
Email notifications about scheduled backup tasks.
Supporting Windows Volume Shadow Copy Service (VSS).
High encryption levels to protect the backups: 256-bit AES.

To understand a little bit more about the components involved in GFI Backup 2010, take a look to his graphic:

Also, for home users GFI provides a special suite; with very similar features and completely free for use. Take a look to it in GFI Backup Home Edition web site.

Ok, we can start working with this tool.

Requirements

GFI Backup 2010 does not require large capacities in hardware nor complex software configurations. The supported characteristics for server and clients are the same:

Operating System

Supported operating systems:

Microsoft Windows 7 (x86 or x64)
Microsoft Windows Server 2008 (x86 or x64)
Microsoft Windows Vista (x86 or x64)
Microsoft Windows Server 2003 Standard/Enterprise (x86 or x64)
Microsoft Windows XP (x86 or x64)

Minimum Hardware

Processor: Intel Pentium 4 or higher.
Memory: 512mb or higher.

Communication

An important matter we should consider before implementing this solution are the necessary ports for the communication between the agents and server:

TCP 5580
TCP 5543

These ports can be customized in the installation process.

Installing GFI Backup 2010

The installation process, as any GFI product, simple and very intuitive:

1. Download the installer from GFI Backup 2010 Business Edition Site. A free registration is required.

2. Double click the installer, and follow the steps on the GFI Backup wizard.

The steps involved, as said, are simple and you should not have any problem at this stage.

3. In “Connection Settings” we can configure the HTTP/HTTPS ports used.

If the computer uses more than one IP, we should select it in this stage; since this is the only IP which will be reachable for GFI Backup agents.

4. In “Credentials” introduce the username and password which will be used for the installation of this tool.

5. Complete the installation.

Once the installation is completed, the “Startup Wizard” will appear; which will require two things: credentials for the backup console and credentials for the backup/restore tasks necessary for agents.

6. Complete the administrator console credentials and the following for client agents.

Once we login to the Backup console, we will see a centralized dashboard where we can check the status and reports about the backup environment.

Deploying GFI Backup Agents

For deploying GFI Backup client agents we have two basic possibilities: Group Policy deployment (recommended for a large number of users) and manual installation.

Any of the options involved will require the agent installer and XML file for the deployment. These can be found in “%ProgramFiles%\GFI\GFI Backup 2010 Administration Console\htdocs\agent”

Group Policy Deployment

As any software installation through group policy, the preferred is the MSI file we can find in the mentioned folder.

1. Copy the files to a shared folder accessible for client machines.

2. Create a new GPO using Computer Configuration > Policies > Software Installation.

Remember you will need to reboot the machines in order for the software to be installed.

Manual Installation

The manual installation only requires double clicking the agent installation file in the client machine, and following the wizard.

Configuring a Backup Task

Again, configuring a backup task can take just a few seconds in seven simple steps:

1. As said before, we have the possibility to backup files & folders or SQL Server databases. In this example we will use files and folders.

2. We can choose to store this backup by using Local or external drives, shared folder, FTP location, CD/DVD media or even tape backup.

A new wizard will appear which we can complete very easily.

3. Complete the backup task name.

4. Select the client computer we would to extract the backup.

5. Retrieve the source folder/files we are looking for. It could take a few seconds, depending on the connection we are using.

6. Select the destination for the backup.

7. This step contains several options about how the backup will be stored and secured: Creating a ZIP files or not; encryption level; incremental, differential or full backup; or using versioned backups.

8. The “Scheduler” options include several interesting we can apply in various scenarios: Running the backup on Windows startup or shutdown, for example.

9. Also other very interesting features are presented in “Pre & Post Actions”: What to do before and after the execution of the backup; verification of the files; etc.

At this point we can also configure the mail notifications about the backups.

10. Soon as the wizard completes, we can run the backup to verify everything is configured OK.

And monitor it in the “Reporting” area, where we can verify all the backup tasks status.

Configuring a Restore Task

If you thought the backup process was simple, just wait to take a look to the restore process; where we can also configure to restore files/folders or databases in the original location as well as an alternate.

1. Select the type of restore you would like to execute: Full or item-level.

2. Select the “Source” backup, where you can also mark the option “Restore to a different location”.

Other Options

By clicking on “Settings” in GFI Backup dashboard we can set some of the features we’ve discussed earlier:

Using and configuring Volume Shadow Copy Service (VSS)
Tasks priority.
A central location for the backups.
Product Updates.
Etc.

Conclusions

Here’s a short summary of thoughts about this tool:

- No large or complex requirements for the installation. Supporting all common operating systems available, makes this tool really easy to find a place in our environment.

- Really simple to install and configure. We don’t need any experience with similar backup tools to configure and put this suite into production.

- Nice monitoring and reporting options. E-mails digest and the GFI Backup dashboard makes this tool very easy to maintain.

- As a con in this tool we can find the scope of the backups we can execute. There’s no possibility to retrieve system state backups or any other rather than files and databases.

- Another possibility not included is the option to deploy automatically client agents from the console, avoiding the use of Group Policies or manual installations.

Implementing a larger and complex backup solution could end up on making this vital task obsolete, with no people around it to maintain the health of the tasks and the backups itself. GFI Backup 2010 can simplify this providing a straight-forward solution which we can implement in just a few minutes. With no special configurations required for servers and clients can takes a lot of time for troubleshooting.

Deploying Windows 7 + Office 2010 Using Microsoft Deployment Toolkit (MDT) 2010 – Part I

July 13, 2010 at 2:56 am | Posted in Deployment, Microsoft Deployment Toolkit (MDT), Windows 7 | 3 Comments
Tags: Windows 7, Microsoft Deployment Toolkit (MDT) 2010, MDT 2010, Microsoft Deployment Toolkit, Deployment, Office 2010, Microsoft Office 2010, Automatic Deployment

I’ve started (finally!) re-editing a set of posts created a while ago: “Microsoft Deployment Toolkit 2010 Beta 1: Using MDT to Prepare, Install and Capture Customized Windows 7 Images”: Part I, Part II and Part III. Within those posts we had the chance to review some step-by-step procedures to create customized images of Windows 7, including Microsoft Office 2007 and achieve an automatic deployment; using always the Beta version of Microsoft Deployment Toolkit 2010.

Now we are going to evaluate some interesting step-by-step procedures for automated deployment of Windows 7 + Microsoft Office 2010 using Microsoft Deployment Toolkit (MDT) 2010.

The current version of this free deployment tool is Microsoft Deployment Toolkit 2010 with Update 1. This latest update brings some nice improvements:

Comprehensive tools and guidance to efficiently manage large-scale deployments of Microsoft Office 2010.
A new User-Driven Installation (UDI) deployment method that utilizes System Center Configuration Manager. UDI lets end users initiate and customize an OS deployment on their PCs—via an easy-to-use wizard.
Automatically detects the true supported platforms for drivers, reducing deployment issues.

As in the previous set of posts, using the final and latest version of MDT 2010, we will use the Lite Touch Installation (LTI) for the deployment of Windows 7. For the Zero Touch Installation of Windows 7 we can use Microsoft Deployment Toolkit 2010 with System Center Configuration Manager 2007 R2 SP2.

Note: Only using SCCM 2007 with SP2 is the supported platform for deploying Windows 7; prior this release, the environment is not supported to use Configuration Manager Operating System Deployment (OSD).

What We Are Going To Do?

These posts will represent a step-by-step procedure for the following tasks:

· Install and configure Microsoft Deployment Toolkit 2010 – Update 1.
· Create a Task Sequence and deploy clean Windows 7 images.
· Adding and configuring Microsoft Office 2010 in MDT 2010 for deployment.
· Creating and capturing a reference image of Windows 7 and Microsoft Office 2010.
· Automatic deployment of the customized Windows 7 images with Microsoft Office 2010 installed.

Requirements

Before starting with any procedure we need to review the requirements for the environment. In my case I’ll be using:

Active Directory and DNS infrastructure working and operational.
DHCP configured with Windows Deployment Services (WDS).
Windows Deployment Services (WDS) configured.
Windows 7 source files.
Microsoft Office 2010 installation files.

Note: This previous post of mine shows how WDS must be configured to work together with DHCP.

As in software and features necessary:

Windows Automated Installation Kit (WAIK) 2.0. You can download it from here.
Note: The download page indicates that the WAIK version is “1”; but don’t worry, the actual version is 2.0.

· MSXML 6.0.
· PowerShell.
· .Net Framework 3.5 SP1. Available for download here.
Note: Even though .Net Framework 2.5 SP1 is not a requirement for MDT 2010 installation; one of its features, User-Driven Installation (UDI), does requires the latest Microsoft Framework installed.

Here’s a message you will see when you try to run the UDI launcher:

MDT 2010 Installation

As for all the Microsoft Deployment Toolkit versions, the installation is a straight forward procedure: Just download, execute the installer and complete the installation wizard.

Once installed, we can access any of the components from the “Start Menu”.

One of the coolest options we can find in Microsoft Deployment Toolkit 2010 (and in most of Microsoft platforms) is the idea of designing the User Interface as places to find everything you need to know about what to do next.

“Getting Started”: All the steps involved to get MDT 2010 functional.

“Documentation”: All necessary links to start working with the tool.

Also another important section is “Components” where we can verify that all necessary requirements were installed (plus other optional installations).

Adding a Clean Image to MDT 2010

With the application installed, we can now start working directly with the operating system deployment. The configurations needed in MDT 2010 maintains as the Beta version and the older versions of the Deployment Toolkit.

The process is the following:

1. Create the distribution share.

2. Add operating system files to the distribution share.

3. Create a task sequence for the reference computer.

Creating the Distribution Share

1. In the MDT Console, right click on “Deployment Shares” and select “New Deployment Share”.

2. In the wizard, click on “Browse”.

3. Select a folder where you want to store all the binaries (applications, operating system, etc.) MDT will use. As a recommendation use a separate partition.

4. Click on “Next”.

5. Accept the name of the “Share Name” and click on “Next”.

6. In the next page we can add a short description for the distribution share. Click on “Next”.

7. Ensure that the option “Ask if an image should be captured” is checked and click on “Next”.

8. Another option we can select in this stage is if we are going to let users who are deploying an image can set the local administrator password. In large environment this is normally not recommended since not all users in charge of the deployment should be local administrators of the operating systems.

Click on “Next”.

9. Leave deselected also the option for “Ask user for a product key”. This option will be set in the task sequence of each operating system deployment. Click on “Next”.

10. Review the “Summary” page and click on “Next”.

11. Wait for the process to complete and click on “Finish”.

Once the process completes, we should see this in our MDT 2010 Management Console.

Adding Windows 7 Operating System

Once the deployment share is created, the next step is to add the files from the Windows 7 image. In my case I’ll be using a Windows 7 64bits image.

1. In “Deployment Shares”, expand the deployment share we’ve just created, right click “Operating Systems” and select “Import Operating System”.

2. Since this is a clean image from the Windows 7 media, select “Full set of source files” and click on “Next”.

3. I’m selecting the D:\ directory since I have attached the Windows 7 media in this drive. Click on “Next”.

4. Select the “Destination directory name” and click on “Next”.

5. In the “Summary” page click on “Next”.

6. Once the process is complete, click on “Finish”.

In my case, the images added will look like this in the MDT console.

Creating the Deployment Task Sequence

Now we have the distribution share with a clean image of Windows 7, we can create a task sequence to deploy the operating system.

1. In “Deployment Shares”, expand the deployment share created, right click “Task Sequences” and select “New Task Sequence”.

2. Insert a “Task Sequence ID”, I’m using “WIN7”. And a “Task Sequence name”, in my case “Deploy Windows 7 clean image”. Click on “Next”.

3. Accept the default option in “Template”: “Standard Client Task Sequence”. Click on “Next”.

4. Select the operating system to deploy. Since I have several options, I’ll be using “Windows 7 Professional”. Click on “Next”.

5. The “Product Key” section can be used to not specify a key at this point. Click on “Next”.

6. Complete the information about the registered user and click on “Next”.

7. In my case I’m also selecting the local Administrator password. Click on “Next”.

8. In the “Summary” page click on “Next”.

9. Once the process is complete we can click on “Finish”.

Note there’s an option of “View Script”, which we can use to retrieve an automated script to use for every time we want to create a similar Task Sequence (we only need to change the values used)

Once the Task Sequence is added, we should see something like this:

10. The process is completed once we update the Deployment Share. In the Deployment Share name, right click and select “Update Distribution Share”.

11. Leave selected the option for “Optimize the boot image updating process”. Click on “Next”.

12. Click on “Next” on “Summary”. This process can take a few minutes since it will be creating new files, including the boot images “LiteTouchPE_x86.iso” and “LiteTouchPE_x64” which can be used for the clean operating system deployment.

Within this process the Distribution Share is populated with several files which will be used in the operating system deployment. Even though we didn’t use the option, Microsoft Deployment Toolkit also includes the section for “Out-of-box Drivers”.

The drivers section includes a simple wizard where we can add device drivers into the operating system deployment. Using only the “.inf” files from these drivers, we can add the components directly; but always remember to use the “Update Distribution Share” once those are added; with that the drivers are injected automatically.

In the next post we will add Microsoft Office 2010 to MDT 2010, the Task Sequence involved and configuring this application for a silent install.

Stay tuned!

Deploying Windows 7 Using Windows Deployment Services (WDS): Step-by-Step – Part II

April 21, 2010 at 10:58 am | Posted in Windows 7, Windows Deployment Services (WDS) | 18 Comments
Tags: Windows Deployment Services (WDS), Unattended Files, Windows 7, WDS, Unattended Deployment

After reviewing Post I about installing and configuring Windows Deployment Services, we’ve also review the process of capturing a customized Windows 7 image and upload it to WDS.

To image is already available and we can use it to deploy on workstations from a PXE boot; but to achieve the full unattended process we have to create the unattended files, basically the files where the installation process can request answers about the installation process (product key, user name and password, computer name, etc).

To create these answer files, two of them, we are going to use a tool included in WAIK 2.0: Windows System Image Manager.

1. Preparing WISM for Unattended Deployment

The use of Windows System Image Manager (WISM) is based on loading an operating system image, the application will review the answers involved on the deployment and we can set the answers as we need it.

1.1 Open WSIM console, which you can find on WAIK program menu.

1.2 Right click on select a distribution share, create new distribution share.

This will be the working folder.

1.3 For WISM to work properly with the image, we’ll need to export it from WDS to the distribution share.

To export the image, we can access the WDS console, explore the “Install Images” section, right click on the image and select “Export”.

1.4 Now getting back to the WSIM console. Right click on “Windows Image”, and select a “windows image”, then browse to “Dis share ref_001” and select the image we exported earlier from the WDS console.

1.5 Now WSIM will need to create a catalog file, so select yes at the next window.

1.6 Now it will begin the catalog process, this will take more than a few minutes depending on how big the WIM is.

Now you will see in the windows image panel components, and packages, in my case. In the packages part you can choose to run certain updates, language packs, hotfixes, and versions during the installation process of the OS. We are going to focus only on unattended part of the WDS deploy.

2. Creating the WDSClientUnattend.xml

Here’s an example file of WDSClientUnattend.xml.

Now that we have our reference image loaded into WSIM, I am going to show you how to create the unattended file for the first booting process. I will refer to this file as WDSClientUnattend.xml. We will need to create two .xml files for total automation. There are a few components we need to add for the unattended pre install environment.

Here are the things we are going to add.

Regional – Language settings during setup
Domain credentials
Create partition
Modify partition
Then validating the answer file.

Setting the regional-language

2.1 In the WSIM console look for the “Windows Image” pane, the expand components. Since I am doing this on a 64 bit, will show that first. Browse to the “windows-international-core-winpe” node. Right click on this and select “Add Setting to Pass 1 windowsPE”.

2.2 Now we’ll see this added to your answer file. Also look in the properties pane right next to the answer file, and notice this is where we’ll make any changes to the settings of each component you add. For this component we’ll add “en-us” to everything except “layeredDriver”.

The “layeredDriver” is optional, and only used for Japanese and Korean keyboards.

2.3 Now we need to expand “windows-international-core-pe”, select “SetupUILanguage”, then in the properties pane add “en-us” to the “UILanguage”.

Domain Credentials

2.4 Browse to “windows-setup\WindowsDeploymentServices” in the components, then right click on “login”, and add this to 1 pass windowsPE. Now expand login in the answer file pane, and select “credentials”. Now put in your domain credentials for the network install.

Create Partition

2.5 Browse to “windows-setup\WindowsDeploymentServices” then right click on “ImageSelection” and add to 1 pass windowsPE. Now select install to in the answer file pane, then in properties set “DiskID” to “1”, and “PartitionID” to “1” also.

Modify Partition

2.6 On the modify partition properties set “active” to “true”, “format” to “NTFS”, “label” to “WINDOWS”, “letter” to “C”, “Order” to “1”, and “PartitionID” to “1”.

Image Selection

2.7 Add “Microsoft-Windows-Setup\WindowsDeploymentServices\ImageSelection” to your answer file. In the properties of “installImage” add the file name of the image we’ve captured, image group where we stored it in WDS, and image name the way you have it setup in the WDS console.

2.8 Next select “InstallTo”, and set “DiskID” to “0”, and “PartitionID” to “1”. This will install the image to disk 0, on partition 1.

Validate the answer file

2.9 To validate the answer file we can access to Tools, and selecting “Validate Answer File”. In our case should not complete without any errors.

If it does, you’ll see in the error description what went wrong.

2.10 Save the file as “WDSClientUnattend.xml” in the “E:\RemoteInstall\WdsClientUnattend” folder created by WDS.

NOTE:

The unattended file WDSClientUnattend must be associated to the WDS Server and not to any particular image. If you are inserting a value in the Image you’ll be deploying, that means every time you are using the PXE boot and contacting the WDS Server, the image selection will be always the same.

So, if we want to choose the image when the installation process starts, we must remove “Microsoft-Windows-Setup\WindowsDeploymentServices\ImageSelection” section from our answer file.

3. Adding the WDSClientUnattend.xml to the WDS server

3.1 Open up the WDS console, and right click on your server and select “Properties”.

3.2 Click on the client tab, and check “Enable unattended installation” then browse for the “WDSClientUnattend.xml” we created in the previous step. Selecting the appropriate architecture.

This will automate the booting process in the deployment process. Now we need to automate the OOBE which is the actual installation of the WIM.

4. Creating the OOBEunattend xml for Installation/OOBE settings

Here’s an example file of OOBEUnattend.xml.

This is the second part which will unattended the actual installation of our reference image, the OOBE part. This file I will be calling OOBEUnattend.xml. I will show you how to:

Set the computer name and time zone
Skip the EULA, and setup network location
Create a login, and set a password

Computer name and time zone

4.1 Open WISM console, then go to file, and open a new answer file. Browse to the Components section and right click on “Microsoft-Windows-Shell-Setup” and select “Add Setting to Pass 4 specialize”

4.2 Here we want to configure the time zone, computer name (add an asterisk * for random name), and any other settings we want to setup in the properties pane.

4.3 Now right click on “Microsoft-Windows-International-Core” and select “Add Setting to Pass 7 oobeSystem”

4.4 Now set everything to “en-us” except for “UIlanguageFallback”. Leave that blank.

Setup Network location, and EULA skip

4.5 Find “Microsoft-Windows-Shell-Setup” in the components, and add “OOBE” to “Add Setting to Pass 7 oobeSystem”. Fill in the settings that you want in the properties.

Login and password

4.6 Browse to, and expand “Microsoft-Windows-Shell-Setup”, expand “UserAccounts”, “LocalAccounts”, “LocalAccounts” again, then add “password” to “Add Setting to Pass 7 oobeSystem”.

4.7 Click on “LocalAccount” in the answer file, and add the information in its properties.

4.8 Then do the same for the password. Also feel free to play around with the shell setup in the specialize part of the file for a more personal install.

Validate and add to reference deploy image

4.9 Validate the answer file as mentioned before. And save the file to the folder we’ve created for unattended images “E:\RemoteInstall\WdsClientUnattend”.

5. Associating OOBEUnattend.xml to the Install Image

5.1 Open the WDS console and expand “install images”, click on “captures” then right click on the image name “Ref_001”, and select properties.

5.2 At the bottom of the properties window we’ll see “Allow image to install in unattended mode” check that. Now browse for the file created in the step above in “E:\RemoteInstall\WdsClientUnattend”. Apply and select ok.

6. Deploying an unattended custom image with WDS

We have everything in place now for a complete unattended deployment of Windows 7.

6.1 Boot up the computer with F12 for a network boot.

6.2 The computer will find your WDS server and ask you to hit F12, do so quickly or you may miss it. Now select the boot image, “Windows 7 (x64)” in my case.

Windows will load files after booting

Since the deployment will not require any user intervention, the next window appearing should be this one.

Hope you found this information useful.

Deploying Windows 7 Using Windows Deployment Services (WDS): Step-by-Step – Part I

April 20, 2010 at 9:51 am | Posted in Windows 7, Windows Deployment Services (WDS) | 17 Comments
Tags: Windows Deployment Services (WDS), Unattended Files, Windows 7, WDS, Unattended Deployment

We had a good look about the possibilities about Windows deployment; regarding Windows 7 we’ve completed a guide using Microsoft Deployment Toolkit 2010 (MDT 2010 beta) to capture and deploy unattended installations of Windows 7 with Office 2007 (Post I, Post II and Post III). Also we’ve reviewed how to implement unattended installations of Windows Vista using Windows Deployment Services (Post I, Post II and Post III).

But we didn’t take a look about deploying Windows 7 using Windows Deployment Services (WDS). Now we have a good chance to do that, providing a simple step by step procedure.

Why Using WDS?

Deploying operating systems using technologies like Microsoft Deployment Toolkit 2010 or even System Center Configuration Manager are far more scalable that we can offer using WDS. But there’s always the cost/benefit analysis we should take before deciding to use always the most scalable and dynamic technology available.

Having a robust platform for deployment requires, as always, bigger costs for maintain it; and if there’s no trade off which we can see it in the short term, why bother? Example: We are using one operating system image as a baseline for our branch office with around 15 users; and we usually have to deploy one operating system to users per month. Should we need to allocate considerate hardware and efforts to maintain MDT or SCCM? Probably those technologies will be far more expensive than just using a simple one or even manual deployments.

Windows Deployment Services is a simple and straight forward technology to achieve fast and unattended deployments. Just loading a WIM file and the operating system is available over the network.

So, let’s take a look about a simple step-by-step process to achieve unattended deployments of Windows 7 using WDS.

Prerequisites for WDS

Active Directory and DNS server in place. The computer running WDS must be a member of an Active Directory.
An active DHCP server on the network
An NTFS partition on the server with the WDS role to store your OS images.
Windows Automated Installation Kit (WAIK). This is an optional component that we can use to create unattended files.

1. Installing the WDS role on Windows Server 2008

1.1 Installing WDS in Windows Server 2008 is quite simple, just add it as a Server Role from Server Manager.

Besides the core components in WDS, Windows Server 2008 has the multicasting feature for the deployment. Transport Server option gives us that functionality.

1.2 Click on next and then Install.

2. Configure WDS for first use

WDS also has a simple procedure to configure the server, just running a wizard and you’ll be good to go.

2.1 In Administrative tasks open the WDS up in mmc, expand “Servers” then right click on the root name, and “configure server”.

2.2 We’ll need to create a path for the storing of our images. E:\RemoteInstall.

2.3 PXE answer policy, every time a machine boots from the network you can decide if they are going to receive an automatic answer or wait for an administrator decision.

2.4 Uncheck “add images now” select next.

If we have the DHCP server on the same operating system running WDS, we’ll also need to access the WDS server properties and select on the DHCP tab both options: “Do not listen on port 67” and “Configure DHCP option 60 to ‘PXEClient’.

In our case the DHCP role is placed on a different server and those options are not checked.

3. Adding Boot and Default Windows 7 Images

Every environment we are trying to deploy will always need boot images; fortunately we just have to select the boot images included on Windows 7 DVD.

3.1 Right click on “boot images” and select add boot image

3.2 Using a Windows 7 DVD, we can easily find the boot.wim file in “sources” folder.

3.3 Now we can leave the image name to its default or we can change it.

3.4 Confirm settings then continue.

For adding the Windows 7 operating system image is the same procedure to run, but using the “Install Images” folder in WDS console.

3.5 Adding the default Install Image Right click on Install Images in the WDS console and select Add Image.

3.6 Creating a new image group.

3.7 Browse again in “sources” folder and select install.wim.

3.8 Now we are given a choice of all the available versions of the installation media; install.wim contains all the versions available of Windows 7.

We can select just one version to avoid allocating unnecessary space in the hard drive.

Once completed we’ll have available a boot image, plus a default and clean image of Windows 7 to be installed over the network.

4. Capture Boot Image

There’s an important note regarding boot images; to capture a Windows 7 operating system that you’ve already deployed, you’ll need to create a new media set of this boot.wim file.

4.1 Add a new boot image, the same procedure shown above. Open up the WDS console and right click on “boot images” and select “add boot image”.

4.2 Change the name, and description to identify which image is for booting and for capturing; click on “Finish”.

Once the wizard complete, we’ll see the image added to “Boot images”.

4.3 Now select the image name right click, then select “Create Capture Boot Image”.

5. Install, configure, and Sysprep the reference machine

To deploy a customized image of Windows 7 using WDS we must capture it first from an already deployed image.

An operating system by default is not ready to be captured, before doing that we must prepare the image. Sysprep is the tool in charge of removing all the particular components in an installation (computer name, SID, OS product key, etc) and makes this image suitable for capturing.

5.1 We can find sysprep tool in “C:\Windows\system32\sysprep”. Running sysprep.exe will pop a simple GUI, where we can select the options OOBE, Generalize and Reboot after completion.

We can also use the command line: “sysprep /oobe /generalize /reboot”.

Once selected, we’ll see a process running that is going to take a few seconds and the following reboot.

6. Capturing the reference machine

6.1 After sysprep has rebooted our reference machine, boot from PXE network boot, using F12.

The computer will require for an IP address to the DHCP Server which will redirect it to a Boot Server available on the network, in this case WDS. After finding it, it will require a second F12 selection.

It is important to note that if we missed this sequence, we should reboot the machine as soon as possible. If Windows operating system starts, the sysprep clean up performed earlier will be lost and you won’t be available to capture the image.

6.2 Select “Capture (x64)” and press enter

6.3 After this we’ll see the WDS wizard, select next.

6.4 Now select the volume to capture, C:\, and create the image name file.

If we don’t see any volume available to capture, is because the sysprep process did not completed normally and we must run it again.

6.5 Now we will see the screen asking you where to store the WIM file. Select “upload Image to WDS server”, providing the IP address or FQDN. It will also require domain credentials to access the server.

6.6 Select the Image Group you’ve created to store the image. If you don’t have any group created in WDS, you’ll receive the error of no group available.

Now the WDS will create your custom reference image of your client machine.

The process usually takes a while, depending on the operating system characteristics you are capturing.

On the next post we’ll see how to create unattended files with some examples and deploying a this captured Windows 7 image in a full unattended process.

Powering Up WSUS with EminentWare Extension Pack

April 13, 2010 at 1:46 am | Posted in EminentWare, WSUS | 2 Comments
Tags: WSUS, EminentWare, Extension Pack

For a long time now Windows Server Update Services from Microsoft represents the best possibility to handle, distribute and install updates in your Windows platform. Over the years WSUS scalable and stable architecture find its way to be one of the most mature Windows Server roles.

But still any platform always can be improved a little bit more: adding some missing functionalities, more automation process, scaling up the possibilities by expanding the scope. WSUS it’s not an exception, that’s when I met EminentWare WSUS Extension Pack.

Here are some of the features included:

Deploy and manage 3rd party applications and updates. You can integrate in your WSUS console all the necessary 3rd party applications (like Mozilla Firefox, Adobe Reader or any installer/update as EXE, MST or MSP) and their updates.
Improvements in WSUS reporting.
Inventory features. You can handle system details for over 200 systems and easily identify rogue machines.
Keep scaling up! Flexible machine selections, granular approvals, immediate updates, precise scheduling, and even more.

If you are familiar with the WSUS administration then I’m pretty sure you’ve asked yourself about the features mentioned above.

Ok then, let’s take a look into the product.

EminentWare Components

Before starting to review the product, here’s a little explanation about the components included in the extension pack.

Data Grid Server: This is the main component, responsible of scheduling and executing tasks in the EminentWare system. This service contacts directly with WSUS to retrieve all the necessary information; also talking to the WMI providers
Administration Console: MMC 3.0 integrated directly with WSUS.
WMI Providers: These are the components, installed on each client, in charge of automating the process and collecting the information from managed computers.

EminentWare Extension can be installed on the same server where WSUS resides, but it is recommended to use a dedicated server.

This recommendation applies for most production environments, since EminentWare process and WMI queries could be a significant load if we are talking over 500 clients. Also the use of the EminentWare database, different from SUSDB, could cause a bottle-neck in your server.

For more information check the EminentWare WSUS Extension Pack Deployment Guide.

EminentWare Requirements

Hardware

Memory: 2GB as separate server. 3GB (recommended) WSUS with EminentWare.
Disk Space – System Partition: 1GB.

Disk Space – EminentWare Database: 2GB.

Operating System & Software

One of the interesting options from this extension pack is that can be installed on a desktop or server operating system. The following are supported:

Windows XP Professional SP2 or superior.
Windows Vista Business, Enterprise or Ultimate.
Windows Server 2003 SP1 or superior.
Windows Server 2008.

Regarding software

WSUS MMC 3.0 installed. If you are not deploying EminentWare on the WSUS server, the machine must have the WSUS console.
.Net Framework 3.5 and Visual C++ Runtime library. If it’s not present, the EminentWare will automatically install them.
Local SQL Server 2005 instances. If it’s not present, a SQL Server 2005 SP2 Express (free product) will be installed.

Note: 64bits operating systems are not supported (even though the product can be installed).

EminentWare Installation

The installation process it is quite straight forward and you should not have any problem. Here are some of the important steps:

1. SQL Server Instance: The product does not support installing the EminentWare database on a remote SQL Server, that’s why will try to find a SQL Server 2005 instance locally or you can install directly a SQL Server 2005 Express to store the database.

2. EminentWare Server Configuration: If this is your first server, the “Primary Application Server” must be the option for selection.

The other options available, when there’s an existing Primary Application Server, are “Application Server” (for load balancing), “Management Server” (different Management Group) and “Automation Server” (in charge of executing only tasks for a dedicated Management Group).

For more information check the EminentWare WSUS Extension Pack Deployment Guide.

EminentWare Initial Configurations

After completing the installation and registering your trial version, once your run the EminentWare WSUS extension, the first thing to do is to select the domains and/or workgroups to manage.

1. Environment: In my case I’m only adding AALVAREZ domain and after that selecting my WSUS existing server.

2. Credential Ring: Here’s where you select the users that will be in charge of connecting to the machines and servers to retrieve information, execute tasks, etc.

An important note is that you can select multiple type of users and define which one applies for what: Different domain users and even local users for special cases, like a workgroup (for local users use the format “.\Administrator”).

EminentWare Publishing 3rd Party Applications

Possibly the hottest feature in the product is the possibility to distribute and update third party applications, which WSUS treats them as any other update. Let’s take a closer look.

You can find and interact with the third party packages (as for any package you want to create) in “Administration and Reporting” > “Software Publishing” > “Packages”.

You can directly download from EminentWare a sample catalog for 3rd party software and updates that you can easily import and have a bunch of the most commonly used software ready to go. Some of the included are: Adobe Reader, Mozilla Firefox, QuickTime, Adobe Flash Player and Java Runtime.

Let’s take a quick look about the process of creating your own customized application to be distributed:

1. I’m going to create a package for WinRAR application, selecting “New Package”, the wizard will appear requesting information about the application.

2. You can add some Pre-Requisites rules before applying the application. You can create or use some the existing rules like “Windows Version”, “Windows Language” that the target machine must fulfill before receiving the package.

3. Select Package. Here you’ll complete the information about the package type and location. In my case I’m using an .EXE file and I have the content locally and on a share folder. Also you can set the EXE file parameters, like “/quiet” for a silent installation.

4. Applicability Rules. Are similar than the pre-requisites, you can add some more granular options for targeted machines, like applying the package just if a registry key exists. In my case, none in particular.

5. Installed Rules. This will be the “exceptions” values. Whenever the following rules apply, the package will not be installed.

For WinRAR, I’m using if the registry value “HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR” does exist, do not install the package.

6. All done; now you can select the package from the list and publish it.

EminentWare Inventory and Reporting

Reporting capabilities represent a big feature in most products. Having a strong and scalable solution to sort and describe the information within a platform makes products far more close to the persons that are managing it.

WSUS reporting capabilities are significantly high, but EminentWare takes that and goes a little further integrating with great inventory features.

For example, taking a look to the Updates section you can retrieve some nice granular information about the updates. Selecting an update, you can quickly verify which computers have it installed or on which the update failed.

Take a look to the drag-n-drop section, where you can add the filters you want to sort all the information in the way you need it.

Combining the reporting options with the inventory information you can get some amazing results, and using just some out of the box reports. Here are few samples:

Retrieving machines Firewall status

Hardware: Memory information

This is a nice troubleshooting tool: Available computers that were not successfully connecting to using WMI.

And if you want to see some really detailed inventory information, you get the chance from each computer to receive the information about:

Installed software: Where you can also uninstall programs.
Windows updates log: Remotely check the updates logging and looking for errors directly on the machines.
Services console and processes running. And of course disabling or stopping any of them.

Services available

Processes running

And even more, some interesting endpoint tasks:

Shutdown or reboot the remote computer.
Remote Desktop.
Wake on Lan.
Windows Update Agent Maintenance and Repair. One of my favorites, you can run some of the most used tasks regarding WSUS with just one click: Reset authorization (regenerating the WSUS cookie), flush BITS cache, reset SUS Client ID (for duplicate clients, which BTW can easily find using a report), delete software update folders, and more.

Conclusions

As you can see, this extension pack it is a big one. We just had the chance to name some of the most important features and options available, but there are many more to observe. Let’s wrap it up with some of what we’ve discovered:

The 3rd party updates and distribution has been some of the most wanted WSUS features, that’s a fact.
Talking about easy-to-work-with products, the 3rd party updates catalog which you can import simplifies a lot of work.
The inventory features could provide you some information and control over your environment that you possibly are not handling right now.
Incredible scalability with the tasks features. Direct actions can take place with remote computers. Or you can schedule any task to run on daily, weekly or monthly basis; including some an important one like the “WSUS Clean Up Wizard”. Also you can easily monitor the tasks status and behavior.
The out-of-the-box reporting: Nice embedded reports ready to use and export them or send it over e-mail directly.
Big and robust product. Even though this is what we look for in scalable platforms, one thing that would increase the usability of this product is to have the possibility to only use some of the features available. Small or mid-sized companies with no big requirements, would not take advantage of some of the important features presented here because it could be too expensive to maintain it.

Hope that you found this information useful, that’s pretty much for now.

Cheers!

Reviewing GFI MAX MailProtection

March 16, 2010 at 2:43 pm | Posted in GFI MailProtect | Leave a Comment
Tags: GFI, GFI MAX MailProtect, Spam Protection, Mail Protection

I had the chance to get involved in another GFI security product, this time was the turn for the GFI MAX MailProtection. This product represents a cloud service model for mail protection against spam, viruses and other threats.

Due to a significant spam and malware menaces increase in the last few months, having a network protection layer introduced in your mail platform could translate in saving tons of hours and headache for your IT team.

Some of the features included in GFI MAX MailProtection are:

Works with any mail platform. It doesn’t matter if you have Exchange, Lotus Notes, GroupWise, Zimbra, or any other SMTP Server; MailProtection fits in.
Inbound and outbound protection. Not only protect from getting threats into your organization, you can also be aware for possible “zombies” inside.
Individual Mail Quarantines. Each user handles their own quarantine so they can check constantly the spam filter. Also you can configure a mail digest to be sent periodically.
Administration delegation. You can set special permissions to users so they can administrate their own mailboxes security (I know, not a good idea in most cases).

Now, let’s take a deeper look about the solution.

Installation

In case you’ve missed it, this is a cloud service offered by GFI, meaning that you don’t need to set up any server in your platform; you just need to register and you’ll receive a mail with all the necessary information:

Setting Up GFI MAX MailProtection

Ok, with the info you received in the mail you pretty much have all what it takes to set up the product. Let’s take a quick look.

After you enter your credentials, and select the “Add a new domain”, the process is quite simple. I’m using an alternative domain “aalvarez.com.ar”.

After you successfully added the domain, to start working with users you can add them manually or synchronize the list using an LDAP query for Active Directory or openLDAP, or simply taking the data from a database.

In my case, I’m going to add them manually. Using the format “<username>@aalvarez.com.ar|<password>”

Inbound Filtering

The third basic step of configuring the service would be the Inbound Filtering options, basically the rules that you need for protecting your incoming mail. And what you’ll see here, there are simple steps and options that any administrator could comprehend.

Delivery Methods. In my case, tagging spam and delivering to the user’s junk mail.

Mails sent to unknown users: Block. Many spammers usually try some random names to get to mailboxes.

Greylisting. This is a common configuration when you are having spam issues. The feature will send a referral every time a mail is sent, making that any valid mail server will always retry sending this message. Most of spammers are programmed to ignore referrals and not try again.

Also in “Additional Blocking Rules” you can get more specific about mails you won’t allow. For instance, containing particular languages in a different language; or the attachment that includes.

In my case, I’m blocking anything that comes with a character from “Eastern Asia”.

Other possibilities in “Advanced Options” are, for example, “Hide Egregious Spam”. This option applies to avoid all the common spam to actually get to the junk mail for the user.

It is basically a “common sense” option, there are some well-known spammer’s behaviors and mails that do not need to actually get verified by the user. With that you’ll also avoid some curious users to not open any obvious spam.

Regarding to this matter, in “Hide Viruses”, you get the chance to automatically block any messages that contain viruses and don’t let them get near any junk mail.

Additionally to all that you will also get, of course, the whitelisting and blacklisting options.

Changing your MX Records

In case you are not familiar with the DNS platform, maybe this step could be the trickiest one. But there’s nothing out of the ordinary.

What you need is to redirect all incoming mail to the GFI MailProtection system, this way the service will evaluate the health of each mail regarding the configurations you’ve set.

You can check the records that applied to your domain in the “Overview” settings for each domain:

Outbound Filtering

The service does not avoid the possibility to check the health of the outgoing mail. It is unlikely that you would have in your organization a person that decides to spam and send viruses using their company mail… ok, maybe it is not so unlikely.

But there’s always a high possibility to have a zombie computer, infected with some worm that automatically sends spams and other malwares. Nearly 20 million of zombie computers are present in the world, something like 15K infected every day without the user even knowing about it.

You can treat the outbound spam the same way you treat the inbound and redirecting it to the junk mail.

Reporting

Ok, you already know about how to configure it, now let’s take a look how we can see the actual work that is done.

Your home page will look like this every time when you login, taking a glance for all the domains configured and the spam involved.

Within the “Reports” section, you can get a complete result for a selected period of time for message volume, virus received/sent, inbound and outbound messages.

Here’s a sample about how a very exposed domain would look like:

To give it a try with my domain, I’ve sent some mails that I’ve copied from other spam mails and see how are they treat by GFI MAX MailProtection. Also, I’ve deselected the character options for “Eastern Asia”, so any mail with that language will be automatically blocked.

To see what is in the “Inbound Quarantine”, you have to check on “Messages” section. Here’s how it looks like in my few tests:

Conclusions

Here’s a quick recap of what I’ve been testing it:

- The cloud model of this product fits perfectly in most environments, where you don’t to set up, deploy, troubleshoot any installation.

- Easy to configure: What you’ve seen in this post is what you get. It only took me around 10 minutes for getting it ready to stop all the spam in my domain. There are no tricky configurations and you don’t need to be an expert to get this service working for you.

- Reporting: Complete reports available to use with basically all the necessary information.

- But the reporting area does have a particular cons, does not have the option to export the information into a CSV or an Excel file, even a database would be fine to get.

That’s pretty much it for now.

Cheers!

The test king offers testking 640-816 online training for IT professionals to help them to gain knowledge about different gfi security products with testking 70-290 gfimax mail protection reviews

Implementing App-V – Part IV: Sequencing Applications

January 18, 2010 at 3:50 am | Posted in App-V | 26 Comments
Tags: App-V, application virtualization, Virtualization

Other posts in this series:

Implementing App-V – Part I: Introduction to Application Virtualization

Implementing App-V – Part II: Choosing and Preparing the Environment

Implementing App-V – Part III: Integrating Clients

Ok, we had a good look about the entire App-V platform so far: Explanation about application virtualization and the components involved in App-V (Post I); installation of the App-V Server including some troubleshooting tips (Post II); integrating App-V client components, testing the default application and some troubleshooting about this process as well (Post III).

Now it is time to sequence some real applications and deliver them to clients. As always, I’m going to start with an easy one, so you can see all the tricks involved to get the things working. But first, we must prepare the App-V Sequencer machine.

As we’ve seen in Post I, the main component involved in the sequencing process is the App-V Sequencer.

Sequencer Quick Checklist

Use the same base operating system for both, Sequencer and Target (client) machines. Microsoft does not support using different type of OS between these two. Off the record: I’ve used many applications that worked perfectly when this requirement was not fulfilled.
The Sequencer machine must have a second partition available. The common use for this one is to assign the Q:\ drive letter.
Sequencer and Client machine must have the same Windows Installer version.
In the Sequencer machine ensure that the directories %TMP%, %TEMP% (user temporal data) have sufficient space, since the application use this directory to store temporal sequencing data.
Before sequencing an application you should close all other programs, including Antivirus.
As a recommended best practice, use VirtualPC or any other type of virtual machine for the App-V Sequencer. Combine this using snapshots or differencing disks to always have available a fresh OS to deploy applications.

For more information about the sequencing process and requirements, check the Sequencing Guide from Microsoft and also the Sequencing Best Practices.

App-V Sequencer Setup

Once you’ve checked all the requirements mentioned above, the installation process is quite simple and straight forward.

App-V Sequencer main window:

Sequencing Applications Step-by-Step

As I mentioned earlier my first pick will be a simple application, this will allow us to get familiarized with the sequencing process. I want to start showing the App-V compatibility with some non-Microsoft applications, I’ll be using Mozilla Firefox.

1. In the App-V Sequencer program window select “New Package”.

2. A new wizard will start, select the package name “Firefox”.

3. In the next window you are ready to get started with the applications installation and capture, so you can start creating the installation folder in the Q:\ drive.

Within this folder, the application will store all the program files and the sequencer will use them to package the application.

Note: You don’t need to place the installer inside this folder.

4. Click on “Begin Monitoring” to start the installation process.

5. The capture process will start by selecting the folder in the Q:\ drive.

6. Once you’ve selected the folder, the virtual environment will start to load, wait for the “Monitoring started. Please begin installation” message appears.

7. Locate the installer and start the installation process.

8. In the installation process, the main step will be in the destination folder option that the program use to place the program files. Select the folder you’ve selected to be monitored. In my case: Q:\Firefox.

9. Once the installation is complete and you verified that the program was installed correctly, get back to the sequencer window and click on “Stop Monitoring” and click on “Next”.

10. In the next window you can add some more files inside the package. This can help you if you are using customized applications, that need to load local files.

In my case I don’t need any.

11. In the next window, the sequencing process detects the applications that compose Mozilla Firefox, in my case the Firefox standard app and the Firefox safe-mode.

You can add new ones, remove the detected and modify the components involved: File type associations and icons.

For every application shown here, we will need to make a small change. Click on each application in the right list, and select the “Edit” option. In the “OSD File Name” you will probably see a long name, like “Mozilla Firefox 1.9.1.3523.osd”.

You need to change this one removing all the spaces in the name, like “Firefox.osd”.

Change this in all applications involved and click on “Next”.

12. The next step is optional, where you can launch the applications for a final check that they are working properly. Click on “Next”.

13. Sequencing process is complete. Click on “Finish”.

14. The package is ready for the final customization regarding the application deployment.

In the App-V Sequencer window, select the “Deployment” tab and change the Protocol option to “RTSP” (this will automatically change the Port to 554), and in the Hostname option select the name of the App-V Server, in my case “appv-server”.

In the Operating System list, you can add all the baselines where this application can become available. And note also the option to generate an MSI package, that you can use it with the App-V Stand Alone mode (explained in Post I of this series) and/or System Center Configuration Manager (SCCM) integration with App-V.

15. Before saving the package, you can explore other options within the Sequencer, like the registry files that are modified by the application.

Once you are done, click on save this package locally.

With the project saved, you can check on the files created and verify that the OSD files were not created with names composed by blank spaces.

Adding the Package to the Server

Now that the package has been sequenced and created, it is time to add it to the server.

1. Copy the files created in the App-V Sequencer to the “content” folder in the App-V Server.

2. In the App-V Server, open the App-V console. Right click in Applications and select “Import Applications”.

3. Select the SPRJ file for the Mozilla Firefox and click “Open”.

4. In the General Information window, accept the default options and click on “Next”.

5. In the “Published Shortcuts” select the shortcuts that the clients will have created.

6. In the “Access Permissions” select the group that will load this application. In my case, I’m using Domain Admins.

7. In the “Summary” window, click on “Finish”.

And now you have the application ready in your App-V Server to be deployed.

Testing the Application

After completing the importing wizard, the application is ready to be deployed in the client machines.

Access the client machine, and if you want to avoid the process of log-off and log-on to test it, locate the App-V Client console (C:\Program Files\Microsoft Application Virtualization Client\SftCMC.msc), select “Publishing Server” and click on “Refresh Server”.

The new icons will appear in the desktop or in the places you’ve selected.

Mozilla Firefox starting

Troubleshooting App-V Published Applications

The most common error about App-V applications I’ve experienced are regarding the firewall exceptions discussed in the Post III of this series. But, there’s also another problem that appears related to the package it self.

If the package that you’ve created, the OSD file name uses spaces between, like “Mozilla Firefox 1.9.1.3523.osd”:

Then most likely when you try to deploy this application, after importing it in the server, you’ll get these errors:

“The package requested could not be found in the system data store or the files associated with this package could not be found on the server”. “Error code: 4513CDC-1690150A-20000194”

To fix this, you’ll need to regenerate the sequenced application as shown above, editing the application information and remove any blank spaces in the OSD file name.

More Resources

Other posts in this series:

Implementing App-V – Part I: Introduction to Application Virtualization

Implementing App-V – Part II: Choosing and Preparing the Environment

Implementing App-V – Part III: Integrating Clients

[Events] Overview of Run Reloaded in Buenos Aires

January 18, 2010 at 3:41 am | Posted in Events | Leave a Comment
Tags: Conferences, Events, Run Reloaded

As I mentioned to you before, I presented in the Run Reloaded event that took place here in Buenos Aires in last November. I had the pleasure to give two presentations: Geo Clustering with Windows Server 2008 R2 and Group Policies with Windows 7 and Windows Server 2008 R2.

The event gather some great presentations about several of the new technologies introduced by Microsoft: Windows 7, Windows Server 2008 R2, SQL Server 2008 R2, Exchange Server 2010, Sharepoint 2010, etc.

And the public response was also amazing, thousands of people showed up in this two-day event, that also had several simultaneous conferences given in the Universidad Argentina de la Empresa (UADE).

Multi Site Clustering with Windows Server 2008 R2

I presented this track with Roberto Dilello and we had the chance to revisited a previous track of mine presented in Code Camp 2009.

This time I had the chance to take a deeper review about the multi site clustering architecture, their benefits, requirements and how to configure them in Windows Server 2008 R2 Failover Cluster.

You can download the multi site clustering presentation (Spanish) from here.

Windows 7 and Windows Server 2008 R2 Group Policies

Presented with Leandro Amore, making an overview of the changes made since Windows Vista about the Group Policies management.

Taking a closer look to the ADMX migrator, PowerShell, Starter GPOs, Group Policies preferences, etc.

The group policy presentation can be downloaded from here (Spanish as well).

Cheers!

[Events] Run Reloaded: Buenos Aires

November 21, 2009 at 2:40 am | Posted in Events | 1 Comment
Tags: Conferences, Events, Run Reloaded

After presenting at the Code Camp this year, I’ve started to prepare my participation in a new and upcoming event: Run Reloaded – November 24 and 25 – Universidad Argentina de la Empresa (UADE).

This event will officially introduce to the community the brand new Microsoft technologies: Windows 7, Windows Server 2008 R2, SQL Server 2008 R2, Exchange Server 2010, Sharepoint Server 2010, and may others, including devs technologies.

The event is divided in two days, and each day will have the IT and the developers sessions. Here is the schedule and registration links for the IT sessions (Spanish):

Day 1 Registration

Day 2 Registration

More info about Run Reloaded here.

About my conferences:

- Multi Site Clustering with Windows Server 2008 R2: Taking a little bit deeper about my previous presentation, checking the benefits of geo clusters and what are the necessary requirements. I’ll be presenting it with Roberto Dilello.

- Group Policies with Windows 7 and Windows Server 2008 R2: Reviewing the improvements and features that we can adopt using group policies with the just released operating systems: Windows 7 and Windows Server 2008 R2. I’ll be together with Leandro Amore.

See each other then!

Blog at WordPress.com. | Theme: Pool by Borja Fernandez.
Entries and comments feeds.

	Microsoft Deployment… on Installing and Configuring WDS…
	Microsoft Deployment… on Microsoft Deployment Toolkit 2…
	WSUS 3.0: Deployment… on WSUS 3.0: Deployment and First…
	[Events] Presenting … on [Events] Presenting at Code Ca…
	Tweets that mention … on [Events] Presenting at Code Ca…

Requirements

Operating System

Minimum Hardware

Communication

Installing GFI Backup 2010

Deploying GFI Backup Agents

Group Policy Deployment

Manual Installation

Configuring a Backup Task

Configuring a Restore Task

Other Options

Conclusions

What We Are Going To Do?

Requirements

MDT 2010 Installation

Adding a Clean Image to MDT 2010

Creating the Distribution Share

Adding Windows 7 Operating System

Creating the Deployment Task Sequence

1. Preparing WISM for Unattended Deployment

2. Creating the WDSClientUnattend.xml

3. Adding the WDSClientUnattend.xml to the WDS server

4. Creating the OOBEunattend xml for Installation/OOBE settings

5. Associating OOBEUnattend.xml to the Install Image

6. Deploying an unattended custom image with WDS

Why Using WDS?

Prerequisites for WDS

1. Installing the WDS role on Windows Server 2008

2. Configure WDS for first use

3. Adding Boot and Default Windows 7 Images

4. Capture Boot Image

5. Install, configure, and Sysprep the reference machine

6. Capturing the reference machine

EminentWare Components

EminentWare Requirements

EminentWare Installation

EminentWare Initial Configurations

EminentWare Publishing 3rd Party Applications

EminentWare Inventory and Reporting

Conclusions

Installation

Setting Up GFI MAX MailProtection

Inbound Filtering

Changing your MX Records

Outbound Filtering

Reporting

Conclusions

Sequencer Quick Checklist

App-V Sequencer Setup

Sequencing Applications Step-by-Step

Adding the Package to the Server

Testing the Application

Troubleshooting App-V Published Applications

Multi Site Clustering with Windows Server 2008 R2

Windows 7 and Windows Server 2008 R2 Group Policies

About Me

Contact Me

Visitors Map

Recent Posts

Category Cloud

Top Posts in Last 24hs

Recent Comments

Technorati