Comms Rack Chaos

How tidy is your comms rack?

Like everything in life, a comms rack can generally become chaotic over time. This is often due to a lack of time, emergency patching, no documentation and possibly some entropy.

itQED were recently involved in a project to provision a new VOIP phone system. As part of this, the network had to be re-vamped to ensure it was able to support prioritised voice traffic end to end. To this end, a number of Cisco PoE (Power over Ethernet) switches were installed in a redundant configuration to provide a stable and resilient network.

The picture below shows the comms rack at the beginning of the work:

 

Messy Rack

 

As you can see, the patching had organically grown over time! This can cause a number of problems, including:

 

  • Patch panel numbering is obscured
  • Changing any patching requires spending significant time tracing each cable
  • Rack doors will not close
  • Documentation is impossible to produce
  • Issues can be difficult to diagnose and solutions can be delayed.

 

 

As part of the work the entire cabinet was re-patched allowing:

 

  • Full documentation
  • Colour coded cables for each resource
  • Full visibility of the patch panel numbering and switches
  • Patching changes are now much easier, taking seconds rather than 15 minutes
  • Tidiness!

(Bearing in mind there was no access to the sides or back of the rack)

Tidy Rack

 

 

Azure and Hosting Remote Desktop Services

What are Remote Desktop Services?

 

Remote desktop services is a mature technology from Microsoft that allows many users to connect to “Remote Desktops” hosted on a central server or in the cloud such as Azure. Remote Desktop allows users to access their desktop and applications from anywhere and from a variety of devices and operating systems.

Its like having your office PC everywhere!”

 

Some of the advantages of this include:

  • A consistent desktop experience for all users, which is easily accessible from any device, including desktops (Mac and Windows), laptops, tablets (iOS, Android, windows) and smartphones!
  • Users can connect from anywhere with access to the same desktop, data and business applications
  • Data is stored centrally so company data is protected and easy to share
  • The system can be accessed from relatively inexpensive “dumb” terminals which require little maintenance
  • As all “remote desktops” are hosted on a centralised server(s) application management and updating is simplified
  • Applications are fast and responsive
  • Provisioning new users takes minutes as the environment is already setup
  • Connections can be made from older hardware which reduces costs involved in upgrading client machines
  • Remote desktops can be centrally configured and locked down to give a consistent experience.

 

Remote Desktop Services 2016

 

Remote Desktops can be provisioned in a number of ways and locations, including Offices, Data Centre or in Cloud Providers such as Microsoft Azure and Amazon AWS. itQED have experience in deploying and maintaining Remote Desktop Servers and server farms in all of these locations.

 

Deployment in Azure

 

Cloud Services and Infrastructure as a service (IaaS) are growing rapidly and maturing to a point that they can provide a Secure, Scalable and Smooth experience for all businesses. Deploying infrastructure in the cloud has a number of advantages, some of which are briefly described below:

  • The infrastructure and associated configuration can be deployed via scripts to ensure rapid consistent deployments and fast recovery in the event of disaster
  • The infrastructure is easily scalable so extra VMS can be added or removed depending n current requirements
  • You only pay for what you use rather than owning under / over utilised hardware
  • Stay updated with the latest operating systems and software
  • Configurations can range from small deployments for a few users through to large scale fully redundant deployments for hundreds of users
  • Flexible geo-redundant backups, allowing restores of full virtual machines or individual files and folders
  • Servers and infrastructures can be placed in specific datacentres worldwide including the UK

 

 

Azure Remote Desktop Diagram

 

itQED have implemented Remote Desktop Services across numerous client sites with great feedback! Our experience in this area puts us one step ahead of our competitors, allowing our wide breath of knowledge to be applied in deploying Remote Desktop solutions to fit our client’s needs.

Please contact us to discuss any requirements or to discuss the options available,

Colin Weeks July 16, 2017 No Comments

WSUS With Windows 10 1607

There was a case where a 2012 R2 server was being used to deploy Windows updates via WSUS to centrally manage client update approvals. Once the Windows 10 classification was added the WSUS console would not open. When connecting to the console an error stating that it could not connect to the database.

After further investigation and testing, it appeared that a recent update to the server had caused the issue. Specifically, the Windows update KB3159706 had caused this issue. This update appears to enable the new decryption feature in Windows 10 so that it can natively decrypt ESD files. After uninstalling this update the console worked as normal, however, the Windows 10 1607 machines weren’t appearing in the console correctly and updates weren’t applying correctly.

To resolve this issue, following steps were carried out:

  • Ensured that the April 2014 rollup was installed on the server KB2919355 along with KB3095113.
  • Installed KB3159706 on the server and restarted.
  • Opened an elevated command prompt and then ran following command “C:\Program Files\Update Services\Tools\wsusutil.exe postinstall /servicing”
  • Enabled HTTP Activation in roles and features within server manager.
  • Restarted the WSUS service.

Once the above steps had been completed, the console opened correctly and you could view all the Windows 10 1607 devices along with their associated updates. The WSUS console was able to push out Windows patches to Windows 10 machines correctly.

Reference : https://support.microsoft.com/en-us/help/3159706/update-enables-esd-decryption-provision-in-wsus-in-windows-server-2012-and-windows-server-2012-r2

Colin Weeks January 13, 2017 No Comments

Office 365 IMAP migration issues. Resolved!

We recently conducted a Microsoft Office 365 migration for a small organisation who decided to move away from their current IMAP mailboxes onto Office 365. They had decided to make the change as they wanted a highly reliable, robust, business grade email solution.

On completion of the migration, during testing, We noticed that the delete button within all of the users’ Outlook clients was no longer usable. All other functions behaved as expected apart from this one oddity. Items could still be deleted as normal using the ‘delete’ key on the users keyboard, however, not from the client itself.

After further investigation, it appears this was a result of exporting an IMAP data file to a PST file and then uploading the PST file to Office 365. The folders retained certain IMAP features, one of which was the purge function that is present in an IMAP mailbox as opposed to the delete function.

In order to resolve the issue, the following can be carried out:

  1. Download a 3rd party application called MFCMAPI. (Note, If you have 64 bit office, you will need 64 bit MFCMAPI)
  2. Open MFCMAPI select ‘session > logon’.
  3. Select the relevant Outlook profile.
  4. Double click on the affected data store.
  5. Expand ‘Root > Mailbox’.
  6. Expand ‘IPM_Subtree’
  7. Select the affected folder (In this case it was ‘Deleted Items’).
  8. On the right hand side, I search for ‘PR_CONTAINER_CLASS’ and double click it.
  9. Change the item IPF.IMAP to IPF.Note
  10. Repeat this for each folder that was exported from IMAP.
  11. When completed, close the MFCMAPI window and click ‘Session > Logoff’

After these steps have been completed, you should find that you regain the delete option within the Outlook client.

a110ur30rk November 19, 2015 No Comments

Safe, reliable and secure solutions based on Server 2012 and Office 365

Small business solutions based on Server 2012 and Office 365 running on HP hardware. These are industry standard solutions to provide fast, stable and reliable computing for small businesses.

These solutions allow small business to benefit from enterprise class features allowing them to work how, when and where they want to.

Combining the latest on premise software with leading Cloud services provides the best of both worlds.

These solutions can be installed / migrated to provide little downtime and allow you to concentrate on your business. We can offer support ranging from ad-hoc consulting to fully managed services.

itQED specialises in the selection, implementation and support of Microsoft and HP solutions for small businesses in the Thames Valley and Greater London areas. We specialise in Network Infrastructure and Security solutions allowing our customers to feel confident that we can provide a safe and reliable platform on which they can conduct their business. Combing this with Office 365 provides hybrid cloud solutions offering customers the maximum flexibility.

Through these capabilities we can ensure that customers can concentrate on carrying out their business without having to worry about the complexities of the IT that supports their everyday work. The directors of itQED have a combined experience of over 50 years experience in the IT industry as well as being highly qualified in Microsoft, HP and Cisco technologies providing a complete solution for your IT needs as well as understanding the challenges of running a small business. We are more than happy to provide references and case studies on request.

a110ur30rk November 19, 2015 No Comments

Small Business Server 2008 Sites Certificate

We recently had an interesting problem with an Expired Sites certificate in Small Business server 2008.

We had a call from a customer who owned an SBS 2008 server that had been setup by a previous IT firm. The users had started to get certificate prompts from Outlook. On checking we found that the remote.company.co.uk certificate had expired, we duly recreated the remote.company.co.uk certificate but found that some users were still getting prompts:

small-business-server

So, it looks like Outlook was requesting a “sites” certificate that is setup when SBS is installed (but not normally used once the relevant network setup wizards are run). So it looks like some parts of exchange on the SBS had been setup manually.

Looking at the certificates snapin showed that the sites certificate had expired and proved difficult to renew.

expired-certificate

We then started to look at why this certificate was being referred by using some exchange management shell commands:

Get-ClientAccessServer | Select Name, *Internal* | fl

Get-WebServicesVirtualDirectory | Select name, *url* | fl

The resulting outputs showed that some of the exchange services were pointing to “sites”

 

Get-ClientAccessServer | Select Name, *Internal* | fl

AutoDiscoverServiceInternalUri : https://sites/Autodiscover/Autodiscover.xml

 

Get-WebServicesVirtualDirectory | Select name, *url* | fl

InternalNLBBypassUrl : https://server.company.local/EWS/Exchange.asmx

InternalUrl          : https://sites/EWS/Exchange.asmx

ExternalUrl          : https://sites/EWS/Exchange.asmx

 

This is why the clients were getting the popup in Outlook as it tried to connect to the exchange web services via Https://sites/. A few more lines of PowerShell reset these URLs to the correct locations

Set-ClientAccessServer –Identity server -AutoDiscoverServiceInternalUri:https://remote.company.co.uk/Autodiscover/Autodiscover.xml

Set-WebServicesVirtualDirectory –Identity “server\EWS(SBS Web Applications)” –InternalUrl: https://company.co.uk/EWS/Exchange.asmx

Set-WebServicesVirtualDirectory –Identity “server\EWS(SBS Web Applications)” –ExternalUrl: https://remote.company.co.uk/EWS/Exchange.asmx

 

And the popups stopped. So, the moral of this is “Always use the SBS wizards to configure a Small Business Server!”

a110ur30rk November 19, 2015 No Comments

Windows Server 2012 Data Deduplication

We have recently been visiting Windows 8 and Windows Server 2012 IT Camps. We will be highlighting some of the new and exciting features in this blog ove the coming months. This post is about the new Windows Server 2012 Data Deduplicationfeature which is part of the fileserver role in Microsoft Windows Server 2012.

This DeDuplication technology works on a number of levels, from files through to disk clusters:

 

“Deduplication segments files into variable-sizes (32-128 kilobyte chunks) using a new algorithm developed in conjunction with Microsoft research. The chunking module splits a file into a sequence of chunks in a content dependent manner. The system uses a Rabin fingerprint-based sliding window hash on the data stream to identify chunk boundaries. The chunks have an average size of 64KB and they are compressed and placed into a chunk store located in a hidden folder at the root of the volume called the System Volume Information, or “SVI folder”. The normal file is replaced by a small reparse point

http://blogs.technet.com/b/filecab/archive/2012/05/21/introduction-to-data-deduplication-in-windows-server-2012.aspx

Testing

Microsoft have provided a tool that will give an indication of potential savings on file shares that already exist. The tool is called DDPEval.exe and can be found in the following location on a server 2012 installation:

C:\Windows\System32

We have run this against a filestore which mainly consists of large ISO files in a software repository:

deduperesults

As can be seen above the potential savings are 122GB on a 255GB volume which considering that these are already compressed is impressive. we are currently testing further on a selection of volumes and file types and have achieved savings of up to 80% which when considering the price of redundant disk arrays defiantly has potential savings.

Considerations:

If you are going to use Data Deduplication there are a number of things to consider:

 

  • Backup, as always, is a vital consideration. If you have 2TB of data on a 1TB volume will it fit if you have to restore it? So we really need a backup application that is aware of deduplication and that can backup, store and restore the data in its optimised state. Unsurprisingly Microsoft have this covered with System Centre Data Protection Manager 2012 SP1.
  • Consider where to use deduplication, file shares with infrequently changed files or software repositories are the best candidates.
  • Research the technology as there are many options to optimise the deduplication based on the data that is being optimised and its usage patterns.
  • There can be issues with file access on deduplicated volumes that are almost full so they need to be monitored and have clean-up jobs run / scheduled.
  • Copying single large files of a deduplicated volume can take longer.
  • It is also worth testing this thoroughly in any environment before implementing is a live system.