July 16, 2014 Leave a comment
July 15, 2014 Leave a comment
There are always questions regarding the Office 365 umbrella and what is right for the customer. Microsoft have made a tidy little page for getting the crux of what your customer wants vs all the bells and whistles that you can easily pay for above and beyond requirements.
The link to the Office 365 service comparison site is below;
This should enable you to get to the right plan through criteria quickly and efficiently.
May 9, 2014 Leave a comment
I have recently jumped ship to become IT Manager at Comms Group UK Ltd. I have been offered a fantastic opportunity to work in a Telecoms company moving forward with their IT Managed Services offerings. I have now been at Comms Group for 4 weeks and already we’re taking things to a new level. The Telecoms side of the business offers competitive pricing and a clued up support base to offer insight and opinions with the technology in mind.
Moving towards the IT side of things I’ve recently attended the Service Desk and Support Event at Earls Court in London where I was able to meet some of the big players of Help Desk and support applications. It was a great insight into what is available and as such we are now moving forward with some excellent products This will enable us to offer a fantastic support portal for our customers and internal users, as well as the ability to remotely manage the IT infrastructure of our Managed Service contracts. We also have many other offerings including online backup and antivirus software that comes in at a very competitive price and we’d be very happy to quote you.
Moving forward we have plenty more to work on and improve but we’re making giant strides, if you’d like to be a part of our success and excellent support services then please give us a call for a competitive quote and informed opinion – 0844 848 8144
We may be able to give you some additional discount if you quote my name when making any enquiries – Either Stephen Pothecary or Guru365 – unfortunately I am unable to guarantee a discount as this may be unavailable to the products you require, but we can certainly give you a discount on any Managed Services enquiries or contracts.
Quote from the Comms Group UK Ltd Website -
At Comms Group, due to strategic partnerships we buy landline services on a wholesale basis from BT and have the same level of access to systems and support from BT Openreach as BT Retail. By understanding your needs we aim to provide better customer service than BT Retail. We can GUARANTEE you savings compared with your current telecoms supplier, typical savings are 35% and you can be assured that you will not receive loss in service when using Comms Group for your land line low cost call charges and line rental facility.
If you have any questions please feel free to give me a call and we’d be very happy to talk to you regarding any kind of Telecoms or IT related requirements. Even if you need pricing on a piece of equipment we’ll be very happy to get you the very best price we can through our many distribution partners.
March 12, 2014 Leave a comment
I’ve recently had a good experience with Amazon Prime and thought I’d tell you about it.
Much like most of you I was beginning to get a little tired of the ‘Prime’ being shoved down my throat with a 30-day free trial ending in a rather expensive renewal (either monthly or yearly). However, having looked into the product a little more I can finally give in and say what a fantastic idea.
Basically it boils down to the first idea of Prime, this is what has been going on for years at Amazon. You pay a yearly fee and you get free Two-Day shipping on millions of items. However, there are other perks, one of which I find to be extremely useful;
- No minimum order size (handy for cheap products that you need quickly)
- Unlimited instant streaming of thousands of movies and tv shows with Prime Instant Video (Oh hello Amazon, goodbye Netflix)
- Finally, Read free books each month through Kindle First and Kindle Owners’ Lending Library.
For a years worth of the above, it’s extremely cost effective, even if you only use the delivery thing once or twice a year you can certainly get your money’s worth in the 3 bullet points above.
It’s been a good experience and there’s usually complaints in this world. Please feel free to click the link below to give yourself a Free 30-day trial of Amazon Prime, yes there is a cost after this but I think once you have explored the other benefits you’ll see how far your £79 a year really goes.
http://www.amazon.com/gp/prime/signup/videos?tag=guru365net-21 – For the full Prime
http://www.amazon.com/gp/video/primesignup?tag=guru365net-21 – Alternatively if you’d just like the subscription service for movies and TV – click here :)
Oh and you can cancel your subscription before you have to pay anything, so if you aren’t sure/impressed then you are able to cancel when you want.
Happy shopping / reading / watching :)
Microsoft Books – You can also look for the latest Microsoft books focussing on Office 365 and Cloud Computing – some excellent authors out there willing to share their knowledge.
February 6, 2014 Leave a comment
This is due to the hydration status of your tenant at Office 365. Each Office 365 tenant is not “hydrated” by default. Hydration is the adding of lots of settings in the Exchange Online directory service per tenant – by default lots of tenants do not need these settings and so rather than creating the settings per tenant, each tenant shares these common settings. To enable your own Transport Rules, Free/Busy Rich Coexistence and custom RBAC settings require that all the “common” settings in the directory are copied to the tenants area of the directory. To do this means you need to run the Enable-OrganizationCustomization cmdlet in remote PowerShell to Exchange online. Once this is done the GUI will create RBAC, rules, free/busy etc. without throwing Exception has been thrown by the target of an invocation error. The exact steps to perform on your Office 365 tenant before configuring RBAC, rules or coexistence are as follows:
- Start the Windows Powershell
- $cred=Get-Credential firstname.lastname@example.org (If domain
- $EOSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/PowerShell/ -Credential $Cred -Authentication Basic -AllowRedirection
- Import-PSSession $EOSession -AllowClobber
February 4, 2014 5 Comments
Brief Overview of Directory Synchronisation (DirSync)
The Windows Azure Active Directory (AD) Synchronisation Tool is an application that synchronises the on premises Active Directory with Microsoft Online Services. This allows services like Office365 to provision the user structure for migration to the cloud.
It is good practice to install this tool on only one computer in the local network of the domain you are migrating, it is also good practice to tightly restrict access, as you would with a Domain Controller or other sensitive network infrastructure.
Dir Sync effectively synchronises the full set of attributes from your on premise Active Directory to the Windows Azure AD tenant used for Microsoft Online Services, once provisioned in Windows Azure AD, services such as Exchange Online can utilise this infrastructure to ensure a relationship between the users details on premise to in the cloud. The latest edition of Dir Sync provides a simple-sign on process using the Password Synchronisation feature, or you can utilise the Single Sign-On experience of ADFS (Active Directory Federation Services). In addition to this, a small set of attributes can be synced back from Windows Azure AD to the one premises infrastructure.
Preperation is the key to Dir Sync
An administrator must complete some basic preparation before being able to synchronise their on premise AD to the Windows Azure AD.
This process includes deciding on a ‘simple sign-on’ or ‘single sign-on’ environment.
Simple sign-on – Allows the synchronisation of the on premise AD DS password hash with Windows Azure AD to allow users to authenticate to Windows Azure Ad using their UPN (User Principle Name) and corporate password.
Single sign-on – Identity Federation enables a company’s users to authenticate using the customers corporate AD. This process requires on premise hardware and configuration separate to the Simple sign-on process, but can give some benefits which I will touch on later.
Dir Sync requires certain prerequisites in order to perform a successful migration, these include;
Joined to the Active Directory Forest – The computer must be domain joined, it will need to contact all the DC’s for all the domains in the forest**
** A forest is one or more Active Directory domains that share the same class and attribute definitions, site and replication information, and forest-wide search capabilities.
Dedicated Server (Best Practice but not a requirement) – This is a good practice recommendation to avoid interference with other applications or services on the particular server. EDIT ********Can now be installed on a Domain Controller!
Running a supported Windows Server OS – 64-bit edition of Windows Server 2008 Standard or Enterprise, Windows Server 2008 R2 Standard or Enterprise, Windows Server 2008 Datacentre or Windows Server 2008 R2 Datacentre, or 64-bit edition of Windows Server 2012 Standard or Datacentre.
Running Microsoft .NET Framework version 3.5 or later – Server 2008 R2 upwards this can be added as a feature through Server Manager.
Running Windows PowerShell – Windows Server 2008 R2 upwards has PowerShell installed by default.
Access-Controlled environment – Access to the computer should be limited to administrators only.
Running Microsoft SQL Server Software – If you have more than 50,000 AD objects you will require MS SQL 2009 Standard / R2, if you have less than this number you can utilise the default SQL Express database which is installed as part of the Dir Sync process.
Things to Consider
Active Directory Object Limit (as mentioned above) – Default limit of 50,000 objects in Windows Azure AD, to increase this limit you will need to contact Microsoft Cloud Services support and request an increase. Expect a week or more to have this resolved.
When using Simple Sign-On – Consider turning on the Password synchronisation Feature of the Windows Azure AD Synchronisation Tool. However, this should be enabled, after a migration, as this can interfere with certain functions of the migration.
Directory Synchronisation write-back – Write-back is required to enable full rich coexistence, if Exchange hybrid servers are not to be deployed or there is no Exchange server on premise then write-back is not required. If enabled – only a few attributes will be written to the on-premises AD service. Microsoft Exchange Server 2010 SP3 schema extensions will need to be installed to enable write-back, this is included in latest versions.
Service Account Requirements
The Windows Azure AD Sync Configuration Wizard will create a service account in your local AD, this will require your intended Windows server to be domain joined. The installation wizard creates this account using the local AD permissions that you provide.
To prepare, create or use 2 service accounts;
- An Enterprise Administrator account in the on-premise AD domain.
- A Global Administrator account in Office 365. (Set to never expire)
The details of these accounts will be required later in the installation.
Existing user accounts will be soft matched if they are already in existence in the Windows Azure AD, if this is the case please use this link to further elaborate on this process – http://support.microsoft.com/kb/2641663
Activating Directory Synchronisation
Directory Synchronisation must be activated before installing the Directory Synchronisation Tool, Microsoft strongly recommends that you leave it activated for the entire time that directories are being synchronised. Once deactivated the source of authority is transferred from the on premise AD domain to the cloud.
Dir Sync must be deactivated if you wish to transfer all user, group, contact, and mailbox management to the cloud. For example a company that used the staged migration tools to move their mailboxes to the cloud and no longer want to manage objects from on premise, can deactivate Dir sync.
To activate directory synchronization, log into your Office 365 portal and follow these steps:
- Select Office 365 from the Admin dropdown in the header.
2. Click users and groups in the left pane of the Admin page.
3. Click Set up located at the right beside the Active Directory synchronization tag.
4. Follow the onscreen steps to activate the directory synchronization features.
Please be aware that this may take up to 24 hours to take effect. The portal updates with the status of the configuration change. Please wait until the configuration is complete, before proceeding.
Installing the Dir Sync Tool
After activating Windows Azure AD synchronisation for Office365, you can download the Dir Sync Tool. This is either utilised in the SQL Server Express version for less than 50,000 AD objects or a full SQL Server instance for more than 50,000 objects.
The process for downloading this is below;
1. Access the Office 365 portal.
2. Select Office 365 from the Admin dropdown in the header.
3. Click users and groups located in the left pane of the Admin page.
4. Click Set up located at the right beside the Active Directory synchronization tag.
5. Click download under step 4 and follow the instructions to save the installation file on your computer.
6. Verify that the Microsoft Online Directory Synchronization Tool package downloaded to your computer.
Installing Dir Sync Tool – Less than 50,000 objects
1. On the computer where you want to install directory sync install the following; http://go.microsoft.com/fwlink/?LinkID=278924 (64bit)
2. Follow the instructions in the Setup wizard.
3. On the last page of the wizard, select Start Configuration Wizard now, and then click Finish to start the Windows Azure Active Directory Sync tool configuration wizard.
4. Provide the Enterprise Administrator and Windows Azure Active Directory credentials as prompted.
5. Enable the optional features that are required.
6. When prompted, check Synchronize your directories now to start synchronization.
Installing Dir Sync Tool – More than 50,000 objects
The Directory Synchronization Tool can be installed in Wizard mode, which provides step-by-step guidance through the installation process. Double-click the installation package and follow the directions to install. Continue with the following steps when using full SQL:
1. Log onto the Directory Synchronization Server.
2. Click Start, then Run.
3. Type CMD and click OK.
4. Type the path to where you saved the Directory Synchronization Tool package.
5. Type DirSync.exe /fullsql and click Enter. If prompted with a User Account Control prompt, do either of the following:
a. Click Continue.
b. Enter the username and password of the on-premises service account and click OK.
Note: The fullsql switch installs DirSync without installing SQL Express. The install stops after the Install-OnlineCoexistence cmdlet is installed.
6. Click Next through to the end of the wizard and then click Finish.
Important: The Directory Synchronization Tool installation is completed using Windows PowerShell.
7. On the Directory Synchronization computer, open Windows PowerShell by opening the command-line tool and entering the command Powershell.exe -noexit.
8. Press Enter.
9. Type Add-PSSnapin Coexistence-Install at the Windows PowerShell prompt.
10. To install the Directory Synchronization Tool
a. Using a remote installation of SQL Server 2008, type
Install-OnlineCoexistenceTool –UseSQLServer –SqlServer <SQLServerName> -ServiceCredential (Get-Credential) –Verbose
PS C:\Temp> Install-OnlineCoexistenceTool -UseSQLServer -SqlServer “SERVER\INSTANCE” -ServiceCredential (Get-Credential) -Verbose
b. Onto the same system as SQL Server 2008, type
Install-OnlineCoexistenceTool –UseSQLServer –Verbose.
11. At the Windows PowerShell Credential Request prompt, type the username and password of the on-premises service account.
Configuring the Directory Synchronisation Tool
After installing the latest supported version of SQL Server 2008, completing the Microsoft Online Services Directory Synchronization Tool Configuration Wizard is required for synchronization to occur.
- From the Directory Synchronization server, click Start/All Programs/Microsoft Directory Sync and then click Directory Sync Configuration.
- Click Next.
- Provide the username and password for a user account with Administrator permissions in your organization on the Microsoft Online Services Credentials page of the Microsoft Online Services Directory Synchronization Configuration Wizard and click Next.
- Provide the username and password for a user account with Enterprise Admin permissions on the on-premises Active Directory service located on the Active Directory Credentials page of the Microsoft Online Services Directory Synchronization Configuration Wizard and click Next.
- Select Enable rich coexistence if you would like to enable it and click Next.
- Select Enable Password Sync if you would like to enable it and click Next
- Click Next to complete the configuration.
- Select Synchronize directories now on the Finish page and then click Finish.
Verifying Directory Synchronisation
If you want to check that Active Directory synchronisation is provisioning users, groups and contacts from on premise apps to the cloud correctly, you can verify your directory sync.
After automatic synchronisation
- Sign in to the cloud service with service administrator credentials.
- When directory synchronization is complete, verify that the changes you made in your local Active Directory now appear in the cloud.
After forced synchronisation
- Ensure that there is a valid email address for your organization’s designated cloud service technical contact.
- Sign in to the cloud service with service administrator credentials.
- Verify the additional properties of a specific user account (such as Job title, Department, or Street address) that will be synchronized from your local Active Directory to Windows Azure AD.
- Verify that you cannot edit the additional properties of that user account in Windows Azure AD.
- Log on to your local Active Directory with the permissions needed to edit user accounts, contacts, and distribution groups.
- In your local Active Directory, make a simple but obvious change to one of the additional properties of the specific user account.
- Open the Windows Azure Active Directory Sync tool Configuration Wizard.
a. Provide the information requested on the wizard pages.
b. On the Finished page, select Synchronize your directories now, and then click Finish.
- When directory synchronization is complete, view the additional properties of the user in Windows Azure AD, and verify that the change you made to the additional properties of the specific user account in your local Active Directory have been synchronized to Windows Azure AD.
• To verify that the Directory Synchronization Tool is working from your local Active Directory service to Microsoft Office 365, testing both manual synchronization and automatic synchronization is required. It may take up to three hours to complete this process.
• The Directory Synchronization Tool writes entries to the directory synchronization computer’s event log. These entries indicate the start and end of a directory synchronization session.
• Directory synchronization errors are reported in the event log and emailed to your organization’s designated technical contact.
• When reviewing the event log, look for entries with Directory Synchronization as the source. An entry designated as Event 4 with the description “The export has completed” indicates that the directory synchronization is complete.
- When directory synchronization is installed, the local Active Directory becomes the master for all changes to the synchronized mail-enabled objects in Office 365.
November 19, 2013 Leave a comment
Storage Spaces is defined as an inbox solution for Windows to manage storage. Spaces is designed for Direct Attached Storage (DAS) only, which means local to the server chassis or via SAS.
The ability to virtualise disk storage by group standard disks into storage pools allows you to carve various Pools out of the disks, from these pools you are able to create virtual disks, or Storage Spaces.
Spaces have the ability to be Thin Provisioned and can be striped across all physical disks in a pool, this also allows the option to Mirror or Parity as these are supported within Spaces. At this stage Windows allows you to create volumes on the Storage Space and allows data to be placed on the volume.
Storage Tiering for Spaces
Storage Tiering for Spaces, allows the optimisation of storage performance, this is accomplished through the blending of high-cost and low-cost storage. Low-cost providing the capacity and high-cost (SSD as an example) providing the performance.
Hot data (or consistently read/written) is moved automatically to the high cost storage, whereas cold data is assigned to the low cost using Sub-File-Level Data Movement.
Utilising write-back-cache, DDs absorb random writes that are typical in virtualised environments. If required, hot data blocks can be manually assigned (or pinned) to the high cost storage to increase the performance. This option can be beneficial in driving applications to utilise the best available storage and as such achieve the best performance.
SMB 3.0 File Shares (compares to VMware – NFS)
A Scale-Out File Server allows VM’s and hosts to view a simple UNC path for file locations in structured Tiered Storage, this enables admins to grow and scale storage on demand.
The benefits of using this kind of technology include;
- Low OPEX and CAPEX
- Simplified provisioning and management
- Adding multiple NICs in File Servers allows SMB Multichannel – enabling higher throughput and reliability (NICs are required to be the same type and speed)
- RDMA NICs allow SMB Direct offloading – Network I/O Processing delegated to the NIC itself.
Deduplication maximises capacity by removing duplicate data. The benefits of Deduplication include;
- Reduces data – variable-size chunking and compression
- Reduced amounts of data to improve backup/archive/migration speeds
- Low memory and CPU impact
- Configuration options surrounding the schedule of compression
- Primary server workload transparency
- Redundant metadata and critical data
Windows Server 2012 R2 – Provides the ability to deduplicate a running VDI, this both increases performance AND minimises storage requirements.
Bitlocker Drive Encryption – Built in disk encryption to protect sensitive data
Data protection is built into the Hypervisor, allowing;
- Support for used disk space only encryption
- Integrates with TPM (Trusted Platform Module) chip
- Network unlock and AD integration
- Supports multiple disk types – DAS/SAN/Cluster Shared Volumes/ Windows Server 2012 File Server share
There is a slight overhead to the encryption but there are many configuration options to minimise the impact to your network, including on-demand encryption.
NIC Teaming – Network Card Resiliency
Hyper-V NIC Teaming is vendor agnostic and available out of the box.
Some of the benefits of Hyper-V NIC Teaming include;
- Local or remote management through PowerShell or UI
- Enables teams of up to 32 network adapters
- Aggregates bandwidth as well as providing traffic failover
- Large vendor support from Microsoft.
The above features are available with Hyper-V in both 2012 & R2 versions, these features are comparable to the VMware vSphere 5.5 Enterprise Plus option.
Data deduplication and storage encryption is only available in Hyper-V, proving that Microsoft are starting to take Hyper-V forward, above and beyond the current technologies available.
November 19, 2013 Leave a comment
At this point of the seminar we began delving into the features of Hyper-V and the benefits this represents.
We began with the storage aspects of Hyper-V;
- Support for iSCSI and Fibre Channel – Allowing integration with existing storage infrastructure/investments quickly and easily.
- Multipath I/O – In-box for resiliency, increased performance and partner extensibility.
To elaborate on MPIO, this basically allows a host to have 2HBA’s/iSCSI NICs with multiple paths to the storage. If MPIO wasn’t installed the host would see two versions of the same LUN. MPIO allows Windows to manage and use upto 32 paths between storage devices and the Windows host OS. The host uses the in box Microsoft DSM to provide a single view, the framework for MPIO allows storage providers to plug-in, by default, and optimise performance and availability.
Offloaded Data Transfers – Offloads storage-intensive tasks to the SAN hardware.
To enable you to paint a minds-eye picture,
When migrating a host you will request the storage to copy the data across the network to another location, in this scenario with ODX, the host sends a token to the SAN to provision the storage for the migration but by copying it through the SAN itself rather than going out through the network and back into the SAN again. As you can imagine this scenario is a lot faster than the traditional way.
Other benefits include;
- Rapid provisioning and migration of VM’s
- Faster transfers on large files
- Minimised latency
- Maximised array throughput
- Less CPU and network use
- Performance not limited to network throughput or server use
- Improved datacentre capacity and scale
November 13, 2013 Leave a comment
Thanks to Seb Matthews for the heads up :)