Wednesday, May 20, 2015

Another Plug: Microsoft Virtualization/VDI Book

A brief plug for the latest book writing project that I've completed.

Brian Svidergol and I have completed Virtualizing Desktops and Apps with Windows Server 2012 R2 Inside Out. Here's a quick synopsis of the book.

First, I want to be clear that this book is about planning and implementing virtualization technologies. It's not just an overview.  Much of the content is similar to what's in Microsoft Course 20694 which I was also a co-author on.

This book starts with an overview of Microsoft virtualization technologies. For many of you, this is just review, but if you haven't seen the full range of technologies, then this is useful. It also highlights when you would use each of the virtualization technologies.

The first set of virtualization technologies we explore the details of are for user state virtualization. Basically technologies that support roaming. The newest of these from the Microsoft Desktop Optimization Pack (MDOP) is User ExperienceVirtualization (UE-V). Older technologies like roaming user profiles and credential roaming are also covered.

We also cover Client Hyper-V in this book because some people will use it to run apps in isolation for either testing or compatibility reasons. It also provides a good base of knowledge to understand the virtual machine-based (VM-based) VDI content later in the book.

There are four chapters on implementing and using App-V. This book covers installation, management, and sequencing applications. If you want to learn about using App-V in your organization this is a great resource.

The last five chapters are about implementing Remote Desktop Services (RDS) for virtual desktops. This includes the components you expect for session-based remote desktops with RD Session Hosts (formerly terminal servers), RemoteApp programs, RD Gateway for remote access, RD Connection Broker, and RD Licensing. We cover high availability for all of these components.

Also included in the RDS content is VM-based virtual desktops that are implemented by using Hyper-V servers. Personal virtual desktops are a VM for which a user has exclusive access and it retains state between sessions. Pooled virtual desktops are a set of VMs which are shared between users and don't retain state between sessions. Management considerations for both are discussed.


Free Windows 10 ebook for IT Pro

Microsoft typically releases some free ebooks when new versions of Windows come out. For the most part, they tend to be a high level overview of the new features. So, they won't help you implement much, but they will let you know what's possible.

True to pattern, they have released a new free ebook for Windows 10. You can get it here.

I've downloaded this book, but haven't had a chance to read it yet. I'll update with a synopsis later on.

Wednesday, May 13, 2015

A quick plug for Conexion Networks

You may or may not know that I am a business partner in Conexion Networks. We just updated our web site. So, if you read the blog but have never checked out the company, you can see the new web site here:

Thursday, May 7, 2015

SSD Drives Not Suitable for Archiving

My shocker for the day was finding out that SSD drives start to lose data when they are powered off. It depends on the environmental conditions but, worst case, an unpowered SSD drive will start to lose data in a week.

The big takeaway for me on this is to not use SSD drives as external USB drives. I have an SSD drive in an external enclosure that emulates an optical drive based on ISOs stored on the drive. I use this every once in a while, but could conceivably go for several months without using it. During this extended period without being powered up, it could lose data.

So, if you're archiving data on external drives for an extended period of time make it a traditional spinning disk.

More info:

Saturday, May 2, 2015

Throttling Exchange Database Reseeds

We have a client with a 100Mbps link between sites. They replicate a large mailbox database (600GB) across this link and due to some errors need to reseed the database. The reseed process takes about 13 hours on this link at full speed. Which is long enough that it impacts production activities and can't be done during the week.

Exchange Server 2010 and Exchange Server 2013 do not have any built in mechanism to throttle reseeding of databases. If you do some searching, you'll probably find links recommending that you implement QoS at the network level. Unfortunately in some cases that is difficult to implement.

I recently had a similar issue with Hyper-V replication and solved the issue by using a little known feature in Windows Server 2012 and Windows Server 2012 R2. Both of these operating systems include network QoS in the operating system. No need to involve the network team. And you can do the QoS based on ports and applications.

During the reseeding process, msexchangerepl.exe is responsible for copying the database. So, that's the process we need to limit. I did also some significant activity generated by Microsoft.Exchange.Store.Worker.exe but this was temporary (a few minutes) and there was no need to throttle it.

To limit Exchange reseeding to approximately 50 Mbps I used the following command:
New-NetQosPolicy "ExchangeRepl" -AppPathNameMatchCondition msexchangerepl.exe -ThrottleRateActionBitsPerSecond 50000000

After creating the QoS policy, you can see it take effect in Resource Monitor within a few seconds.

Once the reseed is finished, you can remove the policy by using the following command:
Remove-NetQosPolicy "ExchangeRepl"

For a little more detail, you can see my previous post on throttling Hyper-V replication:

Sunday, April 19, 2015

Whitelist Domains for Exchange 2010 Content Filter

Our standard antispam solution for clients is Symantec Mail Security. The main benefit of this software is a very low number of false positives. However, we've been having issues at a few clients where more spam gets through than they'd like. For these clients, we've added the built-in Exchange 2010 content filtering as another layer.

With the Exchange 2010 content filter, we've run into issues where some domains are not able send pdf attachments. It seems that most of these senders are hosting their domains using Google mail where you can't blame the content filter for being a bit overly sensitive.

To resolve this, we add the domain to the whitelist for the content filter with the following command:
Set-ContentFilterConfig -BypassedSenderDomains "",""

When you use this command, it overwrites the existing list of domains. If this is a long list, rather than risk making a typo, you can use these few commands to add a new domain to the existing list:
$domains = (Get-ContentFilterConfig).BypassedSenderDomains
Set-ContentFilterConfig -BypassedSenderDomains $domains
To simplify this process and make it less likely that a typo wipes out your whitelist of domains, you can use the following script:
$newDom = Read-Host "Domain to add"
$domains = (Get-ContentFilterConfig).BypassedSenderDomains
Set-ContentFilterConfig -BypassedSenderDomains $domains