Category: Windows

Windows 8.1 Full backup

Published on in Windows by Elvis

In the new version of Windows client (8.1), Microsoft cut out backup functionality. The reason why is simple: we have now more than one device, synchronised thru SkyDrive, all installed applications are available via Live account, and form this point of view, you can always restore your computer and data from this states.
As an administrator in small environments, I know that this is not always true and of course, we need the full machine backup. Now we still have the option to use 3rd party software, but to do it this way, we need to buy additional software.
Therefore, for everyone who want to use build in functionality for backup the computer, it is still possible and the step-by-step guide is available here..

Migrate from SBS 2008 or 2011 (Part 2)

Published on in Exchange Server, Windows, Windows SBS Server, Windows Server by Elvis

Environments with Limited Hardware Resources

This document assumes that most installations will have sufficient resources to bring up additional servers (physical or virtual) to complete the migration of SBS. It is highly recommended and very advantageous to perform the migration to three additional servers (physical or virtual). Another option is to decommission the SBS server role you do not plan to migrate in order to reallocate its hardware.

Install the server for new Domain Controller

Install a new server, using the Windows Server 2008R2 Standard Edition media. Assign to the server a static IP address. When prompted, join the existing domain. Before you can promote a new machine to a domain controller, you have to upgrade the AD schema using this steps:

  1. Go to SBS Server.
  2. Insert the Windows Server 2008R2 Standard Edition media. Click Start, locate the Command prompt and run it as Administrator.
  3. Navigate to <Installation media drive>sourcesadprep.
  4. Type adprep /forestprep and wait for completing the command. It could take a lot of time, depends on the structure of your AD.
  5. Type adprep /domainprep and wait for completing the command. It could take a lot of time, depends on the structure of your AD.
  6. Type Exit to close the Command prompt window.

Now you can return to new domain controller machine and promote it to a Domain Controller using the following steps:

  1. Open Server Manager. Click Start, point to Administrative Tools, and then click Server Manager.
  2. In Roles Summary, click Add Roles.
  3. If necessary, review the information on the Before You Begin page and then click Next.
  4. On the Select Server Roles page, click the Active Directory Domain Services check box and then click Next.
  5. If necessary, review the information on the Active Directory Domain Services page and then click Next.
  6. On the Confirm Installation Selections page click Install.
  7. On the Installation Results page click Close this wizard and launch the Active Directory Domain Services Installation Wizard (dcpromo.exe).
  8. On the Welcome to the Active Directory Domain Services Installation Wizard page click Next.
  9. On the Operating System Compatibility page review the warning about the default security settings for Windows Server 2008 and Windows Server 2008 R2 domain controllers and then click Next.
  10. On the Choose a Deployment Configuration page click Existing forest, click Add a domain controller to an existing domain and then click Next.
  11. On the Network Credentials page type the name of the SBS domain. Under Specify the account credentials to use to perform the installation click My current logged on credentials or click Alternate credentials and then click Set. In the Windows Security dialog box provide the user name and password for an account that can install the additional domain controller. To install an additional domain controller, you must be a member of the Enterprise Admins group or member of the Domain Admins group. When you finished providing credentials, click Next.
  12. On the Select a Domain page, select the domain of the new domain controller and then click Next.
  13. On the Select a Site page, select a site from the list or select the option to install the domain controller in the site that corresponds to its IP address. Then click Next.
  14. On the Additional Domain Controller Options page make the following selections, and then click Next:
    • DNS server: This option is selected by default so that your domain controller can function as a Domain Name System (DNS) server.
    • Global Catalog: This option is selected by default. It adds the global catalog, read-only directory partitions to the domain controller and it enables global catalog search functionality.
    • Read-only domain controller. This option is not selected by default. It makes the additional domain controller read only – it makes the domain controller a RODC. Leave this setting unchecked. If you do not have static IPv4 and IPv6 addresses assigned to your network adapters, a warning message might appear advising you to set static addresses for both of these protocols, before you can continue. If you have assigned a static IPv4 address to your network adapter and your organization does not use IPv6, you can ignore this message and click Yes, the computer will use a dynamically assigned IP address (not recommended).
  15. On the Location for Database, Log Files, and SYSVOL page click Next.
  16. On the Directory Services Restore Mode Administrator Password page type and confirm the restore mode password and then click Next. This password must be used to start AD DS in Directory Service Restore Mode (DSRM) for tasks that must be performed offline.
  17. On the Summary page review your selections. Click Back to change any selections, if necessary. To save the settings that you have selected to an answer file, that you can use to automate subsequent AD DS operations, click Export settings. Type the name for your answer file and then click Save. When you are sure that your selections are accurate, click Next to install AD DS.
  18. On the Completing the Active Directory Domain Services Installation Wizard page click Finish.
  19. You can either select the Reboot on completion check box to have the server restart automatically or you can restart the server to complete the AD DS installation when you are prompted to do so.

 Reconfigure Document Redirection, User home folders and Share location

Document Redirection is configured by default for new users, added through the SBS Administration Console.  The default share is \<SBS_SERVER>RedirectedFolders, which points to <DRIVE>:UsersFolderRedirections folder (where <SBS_SERVER> is the name of the SBS Server and <DRIVE> is the drive letter that the folder is located on). The settings for this policy are stored in the Small Business Server Folder Redirection Group Policy. By default, the “Redirect the folder back to the local userprofile location when the policy is removed” setting is set. With this setting in place, after the Group Policy is removed, clients will copy the contents of their Documents folder from the server back to their local workstation.

To stop Folder Redirection and copy data back to user workstations, follow this steps:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Group Policy Management.
  2. In the Group Policy Management console tree, expand the domain tree, right-click on Small Business Server Folder Redirection Policy, and then click Edit…. 
  3. In the Group Policy Management Editor, right-click the Small Business Server Folder Redirection Policy [domain name] Policy object and choose Properties.
  4. In the GPO Properties dialog box, click the Security tab and then click on the Authenticated Users group.  Change the Apply group policy permission from the default of Allow to the Deny. Click OK to close the dialog.

The folder Redirection will be stopped the next time that a user processes this GPO. By default the object is cached on the user’s computer and will not be updated, unless another change is detected. To force an update, you must follow these additional steps:

  1. Create or modify a GPO that applies to the computers on which users, who are affected by folder redirection policies, log on.
  2. Edit the GPO. 
  3. Under Computer Configuration expand Policies and then Administrative Templates
  4. Under Administrative Templates expand System
  5. Under System select Group Policy
  6. Double-click the Folder Redirection policy processing setting.
  7. Select the option Enabled and then click to select the second check box Process even if the Group Policy objects have not changed.
  8. Exit the Group Policy Object Editor. Make sure that this new GPO applies to computer accounts for which users are using folder redirection.

For more information, see http://support.microsoft.com/default.aspx?scid=kb;EN-US;888203.

After you are sure, that all users are logged off and on (it is recommended, that you wait a day or two), you can reestablish redirection to the new machine. The settings for this policy are stored in the Small Business Server Folder Redirection Group Policy. By default, the “Redirect the folder back to the local user profile location when the policy is removed” setting is set. With this setting in place, after the Group Policy is removed, clients will copy the contents of their Documents folder from the server back to their local workstation.

To re-enable the Folder Redirection policy, follow this steps:

  1. Create the FolderRedirections share.
  2. Click Start, point to Programs, point to Administrative Tools, and then click Group Policy Management.
  3. In the Group Policy Management console tree expand the domain tree, right-click on Small Business Server Folder Redirection Group Policy and then click Edit….  
  4. On the left pane expand Small Business Server Folder Redirection Group Policy, Computer configuration, then Windows Settings and select Folder Redirection.
  5. In the right pane right click on the Documents (or some other folder you wish to redirect) and select Properties.
  6. On the Target tab, under Root Path, with Browse button, select the new SMB share for folder redirection (do not enter local path).
  7. Click OK for close the properties dialog box.
  8. Repeat steps from 5 to 7 for every redirected folder (it is highly recommended to control all listed folders to prevent future issues)
  9. In the Group Policy Management Editor right-click the Small Business Server Folder Redirection Group Policy [domain name] Policy object and choose Properties.
  10. In the GPO Properties dialog box click the Security tab and then click on the Authenticated Users group.  Change the Apply group policy permission from Deny to Allow. Click OK to close the dialog box.

Folder Redirection will be started the next time that the user processes this GPO. By default, the object is cached on the user’s computer and will not be updated, unless another change is detected. To force an update, you must follow these additional steps:

  1. Create or modify a GPO that applies to the computers on which users who are affected by folder redirection policies log on. 
  2. Edit the GPO. 
  3. Under Computer Configuration expand Administrative Templates
  4. Under Administrative Templates expand System
  5. Under System select Group Policy
  6. Double-click the Folder Redirection policy processing setting. 
  7. Select the Enabled option and then click to select the second check box Process even if the Group Policy objects have not changed.
  8. Exit the Group Policy Object Editor. Make sure that this new GPO applies to computer accounts for which users are using folder redirection.

Users home folders are configured by default for new users, added through the SBS Administration Console.  The default share is \<SBS_SERVER>UserShares, which points to <DRIVE>:Shares folder (where <SBS_SERVER> is the name of the SBS Server and <DRIVE> is the drive letter that the folder is located on). You must copy all content of all users folders to the new server with same permissions and change locations of users home folders in Active directory users and computers following this steps:

  1. On the new server create a root folder for Users home folder shares.
  2. Right-click on the folder and go to Properties.
  3. On the Sharing tab click Advanced sharing and check Share this folder.
  4. In Settings, Share name, type the name of the share and click Permissions.
  5. Give Allow full control permission to Everyone group.
  6. Use Robocopy command on SBS server to transfer all content and permissions of the folders:
    robocopy.exe <DRIVE>:UsersShares \<NEW_SERVER><NEW_DRIVE>$UsersShares /Z /R:5 /COPYALL /MIR /FP /LOG+:<DRIVE>:UserShares.log /TEE /XF UserShares.log (where DRIVE is drive letter, where shares are located, NEW_SERVER is the name of the new server and NEW_DRIVE is the destination drive letter on the new server).
    Example: robocopy.exe C:UsersShares \My_NewServerD$UsersShares /Z /R:5 /COPYALL /MIR /FP /LOG+:C:UserShares.log /TEE /XF UserShares.log
  7. Open Active Directory Users and Computers and go to MyBusinessSBSUsers Organization Unit.
  8. Select all active users, click on Properties.
  9. On Profile tab check Home Folder and select Connect.
  10. Select drive letter to connect home folder. In field To write: \<NEW_SERVER><SHARE_NAME>%username% (where <NEW_SERVER> is the name of the new server, <SHARE_NAME> is the name of the share of users home folders).
  11. Close all Windows with OK.
  12. Repeat all steps between step 8 and 10 for Organization unit MyBusinessSBSPowerUsers.
  13. Optional: it is recommended, on Users home folders on SBS Server, to change sharing permissions for Everyone group to Deny Full control (it is only to prevent any duplicate using of home folders).

Shared folders should be in SBS server configured thru SBS Console and are all visible there. You can do a migration of shared folders in two different ways, but you must pay attention, to move all of them and that users will not be able to write in both shared folders (the old and the new one) while the migration is going on.
First you must locate all of the shared folders:

  1. Go to SBS Administration console.
  2. Click to Shared folders and Web sites and go to Shared folders.
  3. Annotate all the shared folders locations and share names.

Now you have to move all data to the new server, but you must preserve all security and share permissions:

  1. On the new server create a new folder for share.
  2. Right-click on it and select properties.
  3. Click on Security tab and give to folder exactly the same permissions as those in the source folder.
  4. Click on Sharing tab, Advanced Sharing and type the name of the share (it is recommended, that is the same as old one).
  5. Click on Permissions and give to share exactly the same permissions as those in the source share.
  6. It is recommended that in this time you open properties of Share on the SBS server and change all share permissions from Allow to Deny (just for prevent users to modify content in share, during and after the migration).
  7. On the SBS Server run robocopy.exe <DRIVE>:<OLD_FOLDER> \<NEW_SERVER><NEW_DRIVE>$<NEW_FOLDER> /Z /R:5 /COPYALL /MIR /FP /TEE /XF /LOG+:<DRIVE>:ShareLog.log (where DRIVE is the drive letter where share is located, OLD_FOLDER is the folder of share on SBS Server, NEW_SERVER is the name of the new server, NEW_DRIVE is the destination drive letter on the new server and NEW_FOLDER is the folder of share in the new sever), to copy data to the new server.
  8. Repeat all steps for any shared folder.

 

Migrate from SBS 2008 or 2011 (Part 3)

Migrate from SBS 2008 or 2011 (Part 1).

Replacing OS image in MDT 2012

Published on in Deployment, Windows, Windows Server by Elvis

Days ago I had a problem on one of MDT”s. There were installed OS images for some Windows 7 systems without SP1. Because I use the ImagePatcher PowerShell script to offline update all images, and there is no way to install SP1 with offline updating, I tried to delete the images and update new ones directly from DVD.
In that moment I had a problem with task sequences, because they lose OS images to install.
This problem can be solved very easy, with few clicks. You must open the desire task sequence and go to the tab Task sequence. You can find there the task “Install operating system”. In this task you have just to browse the right system you want to install.

 

.

Upgrade from MDT 2010 to MDT 2012

Published on in Deployment, Management, Windows, Windows Server by Elvis

Now is available a new version of MDT and of course there are new functionalities and new options. For this reason it is normal to upgrade it. There is no support to direct upgrade, but is very easy to upgrade it.
For the first thing, you have to uninstall the old version. You can uninstall it with default options, but be careful with deployment shares. You will need them in the future.
The second thing is a normal installation of MDT 2012. Then you have to start it. There you will see (or you will be able to import) all deployment shares, but they are not yet functional. They need to be upgraded.
Right click to any share and select the option upgrade. The share will be now present normally to the MDT and you will probably think that everything is OK, but if you try to use it, you will have problems. This is because you are still using the old boot image and this is the last step you have to do. You must rebuild all boot images and change them in WDS and other boot devices. I suggest, that in this step you select “Completely regenerate image”. You must have in mind that the version of MDT is changed and there are possible a lot of differences in the boot images.
That’s all. Make it a good use..

One of the SMB150 winners!

Published on in Management, Virtualization, Windows, Windows SBS Server by Elvis
Thanks to everyone who helped me to be one of the SMB 150 Influencers for 2012, the event organized by SMB Nation and SMB Technology Network. I am very excited about this. On SMB 150 site you can read “The SMB 150 honors individuals who have made a significant impact on the worldwide small and medium business (SMB) channel” and I am very happy to be part of this story and to know, that I am doing a good job. Thanks again to my supporters!

 

SMB_150_Winners_Press_Release.pdf (266.62 kb).