Microsoft is currently running a series of webcasts under the heading of MCS Talks: Enterprise Architecture with topics including:
- Infrastructure architecture.
- Core infrastructure.
- Messaging.
- Security and PKI.
- Identify and access management.
- Desktop deployment.
- Configuration management.
- Operations management.
- SharePoint.
- Application virtualisation.
Over on my main blog I've written up my notes from the first session (as well as some commentary on being and architect) and here are the links to the various posts:
- Introduction.
- Remote offices.
- Controlling network access.
- Virtualisation.
- Security.
- High availability.
- Data centre consolidation.
I'm hoping to follow the entire series so, to pick up the articles as I write them (rather than as I get around to double-posting them over here!), subscribe to the RSS feed or, to get the information from the horse's mouth (so to speak) check out the MCS Talks blog.
The number of user groups around Microsoft products seems to be increasing steadily and another group has recently started - the Active Directory UK user group (ADUG) - who aim to:
“[…] build a community of Active Directory users, be they experts or beginners, where they will be able to ask questions, share experiences and learn from each other and leading experts in the field. Regular meetings will be held, to discuss and learn about topical issues such as upgrade paths, virtualisation and compliance; these will be in addition to traditional topics such as replication, disaster recovery and administration.”
As for the Windows Server UK user group, we’re steadily building a membership in our LinkedIn group and I’ve just approached Microsoft to see about getting a room for a meeting in the autumn.
I was putting together a demo environment earlier today and needed to publish a Terminal Services RemoteApp, so I installed Terminal Services (and IIS) on my Windows Server 2008 notebook. Later on, I noticed that Outlook was not working in cached mode and I found that offline store (.OST) files and features that rely on them are disabled when running Outlook on a computer with Terminal Services enabled.
I can see why cached mode on a terminal server would be a little odd (it’s fair enough caching data on a remote client but it’s also resonable to expect that the terminal server would be in the data centre - i.e. close to the Exchange Server) - even so, why totally disable it - surely administrators can be given the choice to enable it if circumstances dictate it to be an appropriate course of action?
Oh well… I’ve since removed the Terminal Services role and Outlook is working well again.
A few months ago, I wrote a post on customising Windows Server 2008 Server Core and Michael Armstrong tipped me off about a cool utility, written by former MVP Guy Teverovsky, called Core Configurator. I say former MVP, because Guy has given up that award to join Microsoft in Israel - and I’m not surprised, after his employer claimed it was their intellectual property (even though he developed it in his spare time) and asked him to remove it from the web.
Anyway, Core Configurator is intended to provide a GUI (strange as it may seem on server core) to aid in the initial setup tasks for a server core machine including:
- Product activation.
- Display configuration.
- Date and time configuration.
- Remote Desktop configuration.
- Local user account management.
- Firewall configuration
- WinRM configuration
- Networking.
- Computer name and domain/workgroup membership.
- Installation of server core features/roles.
- Shutdown.
- Reboot.
Because the tool has been removed from the web, it’s now pretty hard to get hold of, so download it while you can (there is another download location but this version has a slightly different filename and I cannot vouch for the file contents - i.e. I have not tested it). Once it’s gone, it’s gone - so don’t ask me where to get it if these links stop working.
Just before the weekend, I was trying to run an application on a 64-bit installation of Windows Server 2008 and was presented with a strange error:
This application has failed to start because its side-by-side configuration is incorrect. Please see the application event log for more details.
I know that side-by-side is something to do with avoiding DLL hell (by not dumping all the DLLs in the same folder with the consequences of one application overwriting another’s libraries) but I didn’t have a clue how to fix it and the application event log didn’t help much:
Log Name: Application
Source: SideBySide
Date: 15/08/2008 18:00:10
Event ID: 33
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: computername.domainname.tld
Description:
Activation context generation failed for “C:\foldername\applicationname.exe”. Dependent Assembly Microsoft.VC90.CRT,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″ could not be found. Please use sxstrace.exe for detailed diagnosis.
Thankfully, Junfeng Zhang wrote a comprehensive blog post about diagnosing side by side failures. It’s a bit too developery for me but I did at least manage to follow the instructions to produce myself a sxstrace:
=================
Begin Activation Context Generation.
Input Parameter:
Flags = 0
ProcessorArchitecture = AMD64
CultureFallBacks = en-US;en
ManifestPath = C:\foldername\applicationname.exe
AssemblyDirectory = C:\foldername\
Application Config File =
—————–
INFO: Parsing Manifest File C:\foldername\applicationname.exe.
INFO: Manifest Definition Identity is (null).
INFO: Reference: Microsoft.VC90.CRT,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″
INFO: Resolving reference Microsoft.VC90.CRT,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″.
INFO: Resolving reference for ProcessorArchitecture x86.
INFO: Resolving reference for culture Neutral.
INFO: Applying Binding Policy.
INFO: No publisher policy found.
INFO: No binding policy redirect found.
INFO: Begin assembly probing.
INFO: Did not find the assembly in WinSxS.
INFO: Attempt to probe manifest at C:\Windows\assembly\GAC_32\Microsoft.VC90.CRT\9.0.21022.8__1fc8b3b9a1e18e3b\Microsoft.VC90.CRT.DLL.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT.DLL.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT.MANIFEST.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT\Microsoft.VC90.CRT.DLL.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT\Microsoft.VC90.CRT.MANIFEST.
INFO: Did not find manifest for culture Neutral.
INFO: End assembly probing.
ERROR: Cannot resolve reference Microsoft.VC90.CRT,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″.
ERROR: Activation Context generation failed.
End Activation Context Generation.
=================
Begin Activation Context Generation.
Input Parameter:
Flags = 0
ProcessorArchitecture = Wow32
CultureFallBacks = en-US;en
ManifestPath = C:\foldername\applicationname.exe
AssemblyDirectory = C:\foldername\
Application Config File =
—————–
INFO: Parsing Manifest File C:\foldername\applicationname.exe.
INFO: Manifest Definition Identity is (null).
INFO: Reference: Microsoft.VC90.CRT,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″
INFO: Resolving reference Microsoft.VC90.CRT,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″.
INFO: Resolving reference for ProcessorArchitecture WOW64.
INFO: Resolving reference for culture Neutral.
INFO: Applying Binding Policy.
INFO: No publisher policy found.
INFO: No binding policy redirect found.
INFO: Begin assembly probing.
INFO: Did not find the assembly in WinSxS.
INFO: Attempt to probe manifest at C:\Windows\assembly\GAC_32\Microsoft.VC90.CRT\9.0.21022.8__1fc8b3b9a1e18e3b\Microsoft.VC90.CRT.DLL.
INFO: Did not find manifest for culture Neutral.
INFO: End assembly probing.
INFO: Resolving reference for ProcessorArchitecture x86.
INFO: Resolving reference for culture Neutral.
INFO: Applying Binding Policy.
INFO: No publisher policy found.
INFO: No binding policy redirect found.
INFO: Begin assembly probing.
INFO: Did not find the assembly in WinSxS.
INFO: Attempt to probe manifest at C:\Windows\assembly\GAC_32\Microsoft.VC90.CRT\9.0.21022.8__1fc8b3b9a1e18e3b\Microsoft.VC90.CRT.DLL.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT.DLL.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT.MANIFEST.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT\Microsoft.VC90.CRT.DLL.
INFO: Attempt to probe manifest at C:\foldername\Microsoft.VC90.CRT\Microsoft.VC90.CRT.MANIFEST.
INFO: Did not find manifest for culture Neutral.
INFO: End assembly probing.
ERROR: Cannot resolve reference Microsoft.VC90.CRT,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″.
ERROR: Activation Context generation failed.
End Activation Context Generation.
I don’t understand most of that trace but I can see that it’s trying to find a bunch of resources named Microsoft.VC90.CRT.* and a search of my system suggests they are missing. Microsoft VC sounds like Visual C++ and v9 would be Visual Studio 2008. Checking back at the original developer’s website, I saw that he suggested to someone else experiencing problems that they might need the Microsoft Visual C++ 2008 redistributable package. I thought that the whole point of having the Microsoft .NET Framework on my PC was so that .NET applications would run, regardless of the language they were developed in (if there are any developers reading this, please feel free to leave a comment on this because I’m out of my depth at this point) but I downloaded the latest x64 version and installed it on my system.
No change (same error).
I realised that I was using the latest (SP1) version (v9.0.30729.17) and perhaps I needed the original one (v9.0.21022) as that’s the version number in the systrace log. So I removed the SP1 version and installed the original redistributable package instead.
Still no change.
I had the C++ source code, so I considered recompiling the application but I found that there was no compiler on my system (unlike for C#) and so I needed to install one of the Visual Studio Express Editions and would take a while. So I thought about other options.
It turned out that, even though I was running on 64-bit Windows, I needed to install a 32-bit redistributable. Don’t ask me why (that’s another developer question - the references to GAC_32 and Win32 in the sxstrace probably provide a clue) but it worked - and it didn’t matter whether I used the original or the SP1 version of the Microsoft Visual C++ 2008 redistributable package (so I used SP1).
Now the application runs as expected. It’s got me thinking though… I really should learn something about .NET development!
After a year of speculation about what will, or won’t, be included in the next version of Windows, it looks like Microsoft might be getting ready to tell us a bit more. Yesterday they launched a new blog called Engineering Windows 7 (thanks to Dave Saxon for alerting me). As the title suggests, it’s all about putting together the next version of Windows and is probably worth keeping an eye on.
I’ve run PHP with Microsoft Internet Information Services (IIS) before (running on a Windows XP laptop) and I seem to remember the installation being quite straightforward. Even so, tonight I was installing PHP 5.2.6 with IIS 6 (on Windows Server 2003 R2 Enterprise x64 Edition) and I ran across a few issues. This post describes what was involved:
- Firstly, PHP can be installed in CGI, FastCGI or ISAPI mode. I used ISAPI.
- Secondly, there is anecdotal evidence that the Windows Installer version is problematic - for that reason you may prefer to use the ZIP file and perform a manual installation (as I did), following the instructions on the IIS Admin blog, which were:
- Extract the files to a location of your choice (I used C:\PHP to keep it simple but C:\Program Files (x86)\PHP would be better).
- Rename php.ini-recommended to php.ini.
- Edit the
extension_dir line in php.ini to read extension_dir = C:\phpinstallationfolder\ext.
- Add the PHP installation folder to the
%path% system variable (e.g. append ;C:\PHP to the existing path).
- Create a web service extension for PHP using
cscript iisext.vbs /AddFile c:\phpinstallationfolder\php5isapi.dll 1 PHPISAPI 1 “PHP ISAPI”. The new extension should show in IIS Manager with a status of Allowed.
- Create an application extension mapping for .php files. Following the advice on the IIS Admin blog article that I referenced previously will remove all other mappings so I used the IIS Manager MMC instead (Default Web Site Properties, Home Directory, Configuration to add a mapping to the executable at
c:\phpinstallationfolder\php5isapi.dll using extension .php for all verbs).
- Create a test file called phpinfo.php containing
<?php phpinfo(); ?>.
- Use a web browser to navigate to http://servername/phpinfo.php and the PHP information page should be displayed.
- If you are running on 64-bit Windows there are some extra steps in order to avoid an HTTP 500 Internal server error or the message %1 is not a valid Win32 application. It seems that this is caused by trying to load a 32-bit application (in this case PHP) inside a 64-bit worker process (as described in Microsoft knowledge base article 895976). To resolve this issue, enter
cscript adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 1. adsutil.vbs is one of the scripts installed into the wwwroot\AdminScripts folder but if you have removed it to secure the server (as I had), then it may be temporarily copied back to the server from another IIS installation.
- To ensure that PHPinfo reflects the correct location of the php.ini file, create an environment variable called PHPRC referring to c:\phpinstallationfolder and restart the server or, alternatively, set the appropriate registry keys (although neither option seemed to have any effect for me).
Some time back, there was talk of System Center Virtual Machine Manager 2008 (then called SCVMM vNext) shipping within 90 days of Hyper-V. This link was later denied, or at least downplayed (depending upon who you spoke to at Microsoft) but it seems that SCVMM 2008 is expected to ship in September… that’s ooh… about 90 days after Hyper-V. Of course, speculating on product release dates is always a risky business, but Rakesh Malhotra should know (he runs the SCVMM program management team).
On a related note, he also explains why SCVMM requires virtual center in order to integrate with VMware ESX (a question I asked a few days back after the release of the VMware Infrastructure Toolkit for Windows v1.0 (PowerShell cmdlets for VI).
Last, but not least, the Microsoft Virtualisation User Group UK has been formed and have an inaugural meeting planned at Microsoft’s London (Victoria) offices on 24 September. Clearly there is a cross-over between MVUG and the Windows Server Team's content, so I'm sure I'll be in touch with Patrick and Matthew to see how best we can work together.
Microsoft’s Background Intelligent Transfer Service (BITS) has been around since Windows 2000 SP3 and provides a “firewall-friendly” means of transferring files across the network which also allows for restarts. It’s also the file transfer mechanism used for Windows updates (but is not exclusively used for Microsoft products) and is now at version 3.0 (included with Windows Vista and Windows Server 2008).
A few weeks back, I was discussing the problem of rebuilding remote servers with some colleagues. We considered that it may be advantageous to keep a copy of the build image locally (e.g. on a branch office server) but image management (making sure that the locally cached image is the latest version) is an important concern. One of my colleagues asked if BITS could be used to control the distribution of the image files (which could be expected to be around 2GB) so I decided to dig a little further. The short answer is “yes”, but there are some things to be aware of:
Microsoft provides a command line tool called BITSAdmin (bitsadmin.exe) for monitoring the progress of BITS jobs. BITSAdmin is available as a support tool for Windows XP SP2 and Windows Server 2003 but is included with Windows Vista and Windows Server 2008. James Finnigan has a good post introducing the concept of transferring files using BITS; Aaron Czechowski has another BITSAdmin script; Frank-Peter Schultze has a good post on scripting downloads with BITS; or refer to the full BITSAdmin syntax and examples for further details.
Various third party wrappers also exist, including:
I haven’t seen a PowerShell wrapper for BITS yet but I have used Alexander Sukhovey’s BGet command (batch) file to initiate and manage BITS file transfers.
If BITS is not appropriate, those with plenty of bandwidth might consider RoboCopy (I have used it in the past to synchronise folders across the network) but, for me, Mads Klinkby’s BITSync looks perfect - unfortunately the download link was unavailable at the time of writing this post.
A few nights ago, I finally got around to upgrading my own Hyper-V installation from release candidate 1 to the RTM version. I’d already updated the notebook PC that I use for work but I’d forgotten about the server at home - it was working well (and if it ain’t broke…). What follows explains the process for upgrading a server that is already running a pre-release version of Hyper-V to the RTM code:
- On the parent partition, run the 64-bit version of Microsoft update 950050. This will update the Hyper-V components and will require a restart. After the restart, the version of Hyper-V Manager should be 6.0.6001.18016.
- On each virtual machine, upgrade the integration components ICs - also known as integration services). To do this:
- Connect to a VM using the Virtual Machine Connection (VMC) tool and log on.
- Cancel the Found New Hardware Wizard and select Insert Integration Services Setup Disk from the Action menu in the VMC tool.
- A previous version of the Hyper-V integration services should be detected. Click OK to upgrade.
- When the integration services have been upgraded, restart the virtual machine.
- Following the restart, there should be no new hardware detected and all synthetic devices (e.g. the Microsoft Virtual Machine Bus Network Adapter) should be at version 6.0.6001.18016.
The process is time consuming and it does involve restarting every computer in the virtualised infrastructure, which should not be surprising as it also involves some pretty deep changes in the operating system (this upgrade is also from a pre-release version of Hyper-V, which implies it’s not running a production workload).
For the last week or so, my colleagues have suffered an increasing amount of profanity as I’ve struggled with account lockouts on our Active Directory. I honestly nearly threw my notebook PC across the room last Wednesday.
I’d had my password reset twice and the account lockout flag removed about 7 or 8 times but I didn’t really get the answer that I needed when I asked our (offshored) IT helpdesk what might be causing the problem (for example, were there any AD synchronisation issues that they were aware of). After giving up on the helpdesk, I circumvented the proper support channels and dropped an e-mail to one of the administrators, who helpfully pointed me in the direction of another support team with the tools to diagnose the source of my lockouts and said it tends to be a disconnected terminal session or a software update program (e.g.from Adobe) using old credentials (e.g. to access the Internet via our proxy servers) that causes the lockout.
Sure enough, the problem was traced to a terminal server - and I did have a disconnected session there. Since resetting that session, the account lockouts have gone away and my access to e-mail, intranet, internal websites, Internet proxy servers, etc. has been restored.
My first inclination was to blame the infrastructure - and in this case it turned out to be a user error (or “a layer 8 problem”, as I like to refer to such things)… even so, I thought the experience might be useful for someone else who is getting frustrated by near-continuous account lockouts.
I've written a lot about Hyper-V on this blog (some would say too much) but I'm going to carry on regardless. What I'll try to do is steer clear of the arguments about how it competes with alternative technologies and stick to technical details. After all, this blog's not really about news and comment - it's supposed to be technical.
John Howard published a detailed blog post when Hyper-V RTMed but I've spent a fair amount of time recently clearing up confusion about the various versions of Hyper-V, so I'll try and clarify things here:
Hopefully, that explains the various software products that include the Hyper-V branding or are in some way related to Hyper-V.
The Windows Server Team was the creation of Scotty McLeod - and Scotty continues to be our group leader.
Unfortunately though, Scotty had a serious accident several months back and, although he continues to make a steady recovery, no-one else knows how to administer this website (and I'm not going to bother him for the credentials as I want him to concentrate on getting better!)...
...that means that we have no way of finding out who our members are and no way to contact you should we do what we talked about at the community day in April (was that really 3 months back?) - namely to start to organise some events.
So, with that in mind, I've created a LinkedIn group to supplement this website. Many of you will know LinkedIn - a professional networking site - and I'd ask you all to join the Windows Server User Group UK on LinkedIn.
LinkedIn's terms of service for the group do require me to provide LinkedIn with a list of the names of our group members, if required; however we should have no worries about privacy as they also state that:
"LinkedIn participates in the EU Safe Harbor Privacy Framework and is certified to meet the strict privacy guidelines of the European Union. All relationships on LinkedIn are mutually confirmed, and no one appears in the LinkedIn Network without knowledge and explicit consent."
I look forward to seeing you over at LinkedIn and hopefully this will be the first step towards organising some user group events. In the meantime, Austin and I will keep on blogging over here and one day we should be able to get this website back to being the focal point for our community that Scotty originally intended it to be.
Even though choosing a hypervisor is only a small part of implementing a virtualisation strategy, much has been written about how Microsoft Hyper-V compares to VMware ESX - and
there are some fundamental differences between those two products. Architecturally, Hyper-V has a lot more in common with the Xen hypervisor (although they are not identical) and indeed XenSource worked with Microsoft to provide Linux support for Hyper-V and I've recently been alerted to the presence of
a short white paper which compares Hyper-V and the Xen technology implemented in Red Hat Enterprise Linux (the leading Linux distribution, which is not currently on the list of supported guest operating systems for Hyper-V). Despite being published by Microsoft, it seems to me to give a balanced view between the two products, although it should also be noted that
Red Hat has announced it will be switching from Xen to KVM for future virtualisation support.
More Posts
Next page »