Windows 2003 has a Built-In Backup program called NTBACKUP which you can use to backup your Windows environment and when you had installed Exchange 2003 on this system, NTBACKUP is enhanced to allow backups of your Exchange Server databases.
NTBACKUP features:
- Local and remote backup of data
- Exchange Backup ready
- Scheduled Backups
- Volume Shadow Copy support
- Integration with Removable Storage from Windows 2003
How do you enhance NTBACKUP with the capability to Backup Exchange 2003 without installing Exchange Server? (
continue at source)
The European Union head office said Tuesday it expects to make a decision by the end of July on whether to impose new fines on Microsoft Corp. which faces a Wednesday deadline for complying with an earlier order aimed at assuring that rivals can compete to supply accessories for its Windows platform.
EU spokesman Jonathan Todd said EU antitrust regulators hoped to have a decision on new fines "before summer holidays ... before the end of July."(
continue at source)
Industry hype surrounding Microsoft's decision to go with IBM's Power processors over Intel for its next generation Xbox, won't translate into Windows for Power servers in the near future, despite a pledge by IBM to support the operating system.
IBM's iSeries chief scientist Dr Frank Soltis said a port to the Power architecture is a requirement for it to run natively on the iSeries and, as such, is entirely "up to Microsoft." Soltis said the new Xbox 360 is an example of a Windows operating system running on the Power architecture, so it is possible for Windows servers to run on the iSeries.(
continue at source)
Details of Microsoft’s ‘next generation’ Web server have snuck onto the blogs of one of its partners.
Vole has apparently been giving its partners sneak previews of the new IIS7 which will probably hit the shops about the same time as Longhorn (when ever that is).
Robert McLaws, of a .Net development outfit Interscape Technologies claims on his blog that he saw the IIS7 last year, but is now allowed to talk about it.He said that IIS7 is a unification of ASP.NET and IIS and HTTP pipelines, handlers, modules, XML config files are all natively built into the platform.(
continue at source)
AMD released the complete specification of its “Pacifica” chip-level virtualization technology for its 64-bit processors this week, joining Intel in the rush to build chip support for running multiple operating systems simultaneously.
Like Intel’s similar Virtualization Technology (VT) for its own 64-bit processors introduced March 1, Pacifica is meant to make it easier for AMD’s 64-bit CPUs to virtualize operating systems. Additionally, AMD assured customers that Pacifica will not harm the compatibility or stability of legacy applications.(
continue at source)
There is no question that administrators need to have a user account that will allow them to perform their tasks of taking care of the network and enterprise. There is a question as to whether or not this user account that provides these “Superman” privileges should also be the user account that is used to check email, surf the Web, and perform other routine tasks that a typical employee would perform. When the IT staff only has a single user account for performing their daily “Clark Kent” tasks, as well as their “Superman” tasks, there are too many situations that leave the network, servers, Active Directory, and other essential resources vulnerable.
This article will discuss some of the most common vulnerabilities that are exposed when someone with administrative or other elevated privileges use only one user account for all tasks. Some of these situations might seem abstract or far-fetched, but there is no doubt that someone has taken advantage of some of these exploits at one time or another.(
continue at source)
The bottom line with Group Policy is that it’s only as good as your Active Directory design. If you’ve implemented your sites, domains and OUs in the wrong way, Group Policy will be difficult to use and troubleshoot. So the first step in planning how you’re going to implement Group Policy on your network is to plan how you’re going to implement Active Directory itself. Such planning includes decisions like: How many forests you will deploy (one or several)? How many domain trees? Will there be child domains? What kind of OU structure will each domain have? And so on. Each of these decisions should always be made by asking the question: What impact will my decision have on how Group Policy is implemented in my enterprise? Let’s look at some guidelines that can help you design Active Directory effectively as far as Group Policy is concerned.
This article summarizes best practices for planning the implementation of Group Policy in an Active Directory environment. Topics covered include designing an OU structure to facilitate management by Group Policy, minimizing use of blocking and enforcement, and more.(
continue at source)
With Internet Explorer 7 Beta 1 set to debut next month, Microsoft has quietly closed the door on Windows 2000 users planning to adopt the new Web browser. IE7 will require Windows XP Service Pack 2 due to internal security changes that rely on Microsoft's latest operating system release.
The decision to update Internet Explorer before Longhorn arrives in late 2006 was announced by Bill Gates at the RSA Conference in February. Although Microsoft had said it was focusing on Windows XP SP2 only, the company did leave open the possibility of IE7 supporting Windows 2000.(
continue at source)
This question was asked of me at the roadshow this week and I expect this is going to become a far more common situation with the use of tools like Virtual Server Migration Toolkit (VSMT) increasing as organisations consolidate and virtualise environments. I'm no licensing expert, but thankfully there are others in Microsoft who are fully aware of such things. I was directed to the virtual machine licensing document on microsoft.com which pretty much sums up the situation. Quoting from the FAQ:
Q: May I move an OEM license for Windows to a virtual machine?
A: You may not transfer original equipment manufacturer (OEM) server licenses from the original computer to a different computer. Any Microsoft Windows Server license acquired preinstalled with a new computer from a computer manufacturer is tied to the computer on which the licensed software is first installed. This applies to the initial copy installed on the computer as well as any subsequent copies licensed to run with virtual machine software. However, if you have acquired Software Assurance for this preinstalled license, you receive the rights associated with the Volume License program, including license reassignment. At this point, you would be able to move that license and Software Assurance from one computer to another, including a VM.
Virtual Machine licensing
Do you have relatives that live far away? Do you work with people from other countries? Use this simple utility to keep track of the time in other part of the world. Share your ideas without waking up your buddies.
Microsoft Time Zone installs as a small tray icon that allows you to specify as many as five cities to watch the time on while you are working on your computer. In order to schedule meetings and trip the Microsoft Time Zone application also lets you compare times at different places in the world without changing your system time. With Microsoft Time Zone you will always know the time.
Download Microsoft Time Zone (Standard)
Software giant Microsoft has set out to topple search king Google, but to listen to Eric Schmidt you almost wouldn't think the two companies were rivals. Google's chief executive, appearing in Seattle yesterday, acknowledged Microsoft's push into the search business but said there's ample room for multiple competitors to thrive. He also downplayed the notion of Google as a threat to the Redmond company's dominant software franchises.
"It looks to me like this space is so large that there will be multiple winners," Schmidt told the audience at the Technology Alliance annual luncheon in downtown Seattle. "There's plenty of room for all the players."
(more)
The BT data centre in Cardiff Bay has landed a three year contract with Microsoft, the world's largest IT and computer software company. The centre will host Microsoft's Office Live Meeting 2005 services for Europe, Middle East and Africa (EMEA). Office Live Meeting 2005 is a major update to Microsoft's online meeting offer that helps users effectively work, train, or present together without having to be in the same place at the same time.
Torben Andersen, EMEA director for real time collaboration at Microsoft, said, "The integrated communications market is one of the fastest-growing marketplaces and core to our business. It was therefore important for us to select a partner who could ensure we had a reliable service 24/7.
(more)
Every year or so I like to see how Microsoft is doing in its attempt to make a desktop operating system as usable as Linux. Microsoft Windows XP, Home Edition, with Service Pack 2, is a tremendous improvement over previous Windows versions when it comes to stability and appearance, but it still has many glitches that keep it from being competitive with GNU/Linux for everyday users, including a tedious installation procedure, lack of productivity software included with the operating system, hardware compatibility problems, and a price so much higher than any of the Linux distributions I've tested lately that I don't feel this product is a good value for most home or small office users.
(more)
REDMOND, Wash. -- May 26, 2005 -- Microsoft Corp. today announced new MSN® Hotmail® tools and services designed to expand e-mail industry collaboration in fighting spam -- MSN Postmaster and Smart Network Data Services. These new services complement ongoing industry efforts supported by Microsoft, including e-mail authentication mechanisms such as the Sender ID Framework, to help protect MSN Hotmail customers as well as the overall e-mail community from online safety concerns such as spam, phishing and viruses.
Central to the effort by MSN Hotmail to engage with the e-mail community is the launch of the new MSN Postmaster Web site, an online resource available in 10 languages worldwide designed to help bulk e-mailers, Internet service providers (ISPs), e-mail service providers and others better understand issues and solutions around sending e-mail to users of the MSN Hotmail Web-based e-mail service. MSN Postmaster offers up-to-date information and tools addressing a range of issues, including helping fight junk e-mail, improving delivery of legitimate bulk e-mail messages, streamlining the reporting of e-mail abuse and assisting with troubleshooting.
(more)
It's been a busy couple of years in the suddenly-hot desktop search market. Since October 2003, when Microsoft spilled the beans on its plans to integrate instant desktop search into Windows Longhorn, competitors far and wide have tried to take advantage of Longhorn's delays to release their own desktop search products. The most visible is Apple's Spotlight, a feature of Mac OS X 10.4 "Tiger". However, Spotlight has two main limitations: It runs only on the very latest Mac OS X system, severely limiting its exposure, and it has some glaring functional omissions (i.e. it cannot perform advanced Boolean searches or search key parts of the system, including the OS X Help files).
On the PC, instant desktop search products are popping up everywhere. Google was first out of the gate with its Google Desktop Search, but others, like Yahoo! Desktop Search and Copernic Desktop Search soon appeared as well. Each of these products includes basic search functionality with varying degrees of Windows integration. However, each is also somewhat limited.(
continue at source)
Microsoft has warned users that the new Netscape 8 browser will not work properly with Internet Explorer on their desktops.
Microsoft said Netscape 8, launched earlier this month, broke the XML rendering capabilities in Internet Explorer, and installing it would cause IE to render XML files as a blank page.
Users often like to have more than one browser on their desktops, particularly users who require access to different features.
The XML problem is said to affect IE 6 and could also affect earlier versions of the Microsoft browser. Microsoft is currently developing IE 7 with extra security features.(
continue at source)
Contrary to what many believe, Longhorn won't be built on top of the .Net Framework, we hear. But that might not be a bad thing.
Developers say there's a dirty little secret about Longhorn that few Softies are discussing publicly: Longhorn won't be based on the .Net Framework.
We're still expecting that the .Net Framework will ship with Longhorn – on the CD and/or "in the box" in some way. But the .Net Framework won't be at Longhorn's core.(
continue at source)
This guide provides step-by-step instructions for deploying Active Directory Federation Services (ADFS) on servers running the Microsoft® Windows Server™ 2003 R2 operating system. The current version of this document for Windows Server 2003 R2 Beta 2 provides instructions for deploying ADFS in a Federated Web single sign on (SSO) scenario. Future versions of this document will provide instructions for deploying ADFS in additional scenarios.
Download Step-by-Step Guide to Deploying Active Directory Federation Services for Windows Server 2003 R2 Beta 2
Microsoft® Virtual PC 2004 is a virtual machine solution for desktop operating systems. Microsoft Virtual Server 2005, on the other hand, is a solution for server operating systems. Although Virtual PC and Virtual Server share many features in common, they are designed for different purposes. As a result, some of their features are also quite different. This white paper explains the differences between Virtual PC and Virtual Server and discusses the scenarios in which it is appropriate to use one or the other.
Download the Virtual PC vs. Virtual Server: Comparing Features and Uses whitepaper
Something which came up a couple of days ago was a question about creating a service account for a custom service, but not being able to logon interactively with it. The solution is very simple through the use of User Rights Assignment. Fire up the Local Security Policy snap-in from Administrative Tools. Navigate down the tree to:
- Security Settings
- Policies
- Rights Assignment
Depending on your requirements, add the user to "Deny log on Locally" policy rule, or remove the user from the "Allow log on Locally" policy rule. However, be sure to read
KB823659 before changing and security settings or user rights assignment.
Recently the oft-referenced
KB.810986 that talks about the support policy for clustering was refocused to encompass only the support policy for 3rd party cluster software (hence the updated title: “
Microsoft support policy for Exchange Server installations that are running with a third-party Cluster service”).
But, if you’re a careful observer of the collection of Exchange clustering KBs, you may remember that
KB.810986 is the KB article that has historically also provided the support stance regarding making nodes of an Exchange cluster into domain controllers. There was a single paragraph (a single sentence in a paragraph, really) that said something along the lines of “don’t make Exchange cluster nodes into domain controllers”. Fear not! Rather than losing this (very important) support stance in the rewrite of
KB.810986, it’s actually been expanded into its own dedicated KB article:
KB.898634 (“Active Directory domain controllers are not supported as Exchange Server cluster nodes”).
A researcher has posted what looks to be a simple workaround for Microsoft's latest attempt to crack down on those using unlicensed versions of Windows. A tool provided by Microsoft could let people get around a check meant to prevent those with unlicensed copies of Windows from downloading additional software from the company, according to a security researcher.
Researcher Debasis Mohanty outlined what he said was a technique to trick Microsoft's Windows Genuine Advantage validation check in a posting to the Full Disclosure security mailing list on Monday. WGA is a software tool that verifies whether a particular copy of the operating system is properly licensed. Using a secondary Microsoft validation tool called "GenuineCheck.exe", it may be possible for people to trick the checking mechanism, Mohanty said in the posting. They could then download and run supposedly restricted software from Microsoft's Download Center on a PC running an unlicensed version of Windows, Mohanty wrote. Microsoft confirmed that the technique could circumvent the licence check, but a representative said Monday that the company is not worried.
(more)
You could meet the chairman of Microsoft, but you'll have to profess a passion for Windows first. Microsoft is looking for true stories about people using Windows computers to pursue a passion or hobby. The company plans to use them in a marketing blitz tied to the 20th anniversary of Windows' debut. To entice essay submissions, Microsoft is offering a number of prizes, including the chance to meet Gates in Seattle and appear in the ad campaign. Other prizes include an overseas trip with National Geographic Expedition, VIP access to a major movie premiere and a home makeover with an HGTV designer.
Essays must be 300 words or less. Extra points are given to essays that demonstrate the positive impact Windows has made on someone's life. Microsoft will select winners in five categories: culture and community, music, memories, home and lifestyle, and sports and games. To win, you must be at least 13 years old, live in the United States, and enter by Sept. 30. Microsoft plans to select winners in October.
(more)
"Samba and winbind provide authentication and identity resolution for Linux hosts that are part of an Active Directory domain, since Active Directory does not deign to provide a method for authenticating them directly. Follow the steps for joining a Samba server to AD. Then comes the hairy part -- if your Linux users require access to network services that require authentication, you'll have to configure PAM (pluggable authentication modules). This can be a bit vexing, but the advantage is it saves users from having to manage multiple logins. And it allows you to control access to services very precisely."
Article: Join Linux to Active Directory with Winbind
Microsoft's massive presence in the anti-virus space may be bad news for vendors leading the market, but for enterprise customers with tight budgets, it presents wonderful bargaining opportunities. With all-out price war looming, an influential IT research firm suggests that enterprises use Microsoft Corp.'s anti-virus push to negotiate better pricing—and bundled services—from existing vendors.
On the heels of the Windows OneCare rollout for consumers, a subscription-based package that bundles virus, spyware and firewall protection alongside data backup and PC configuration features, Gartner Inc. is predicting an enterprise-grade service will ship in 2006 for sale well below current market prices. "We're telling out clients, especially midsize businesses, to use Microsoft as a bargaining chip to get better pricing right now," said John Pescatore, Gartner research director for Internet security.
(more)
Eileen Brown writes: "Sam mailed me with the question that made me shout out Aargh!
We're trying to configure Active Active cluster situation in Exchange 2003 but are having problems with poor performance when failing over. Can you advise please? Well the best advice I can give you is DON'T do it! We do support Active Active in Exchange 2000 and Exchange 2003 but we DON'T recommend it. Read
this KB article that's been published recently, and go and deloy Active/Passive instead. There are some good tips in
James' blog, and don't forget to have a read of the whitepaper on
deploying Exchange clusters."
Eileen Brown's Weblog
Darien writes: "I just moved all my machines over to the new Microsoft Update Beta. This includes my machine at work and both my home PC and laptop. A very painless experience, and so far a good experience all 'round. My first set of updates that got automatically downloaded and installed were the updates for the Outlook 2003 Junk Filter. It's a simple thing, but I think that's just so great, becuase I don't have to go visit Office Update everytime. And you know that we're always changing this Junk Mail filter to keep in line with the latest spam scams, so I'm really happy I have that super up-to-date now, and it's going to stay that way."
Microsoft Windows Update (BETA)
MSN was birthed in controversy and was then somewhat of a joke in the online community for several years. But about five years ago, MSN found its groove. Since then, this Microsoft division has become the most unheralded success story at the software giant, all while consistently nipping away at past perceptions and prejudices. Most important, perhaps, MSN is also making headway against the competition. While online giants such as AOL, Google, and Yahoo! still stand in its way, MSN has unleashed a startling array of integrated products and services over the past year. And this, I'm told, is just the start.
(more)
Like day follows night, a bogus "cumulative update" with a malicious attachment has followed Microsoft's patch day. In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment. The latest social engineering trick arrives via e-mail with an attachment that purports to be a "cumulative patch" for May 2005.
The claim is that the executable file contains patches for vulnerabilities in Internet Explorer, Microsoft Outlook and Outlook Express, three widely used products with a history of serious security bugs. The file is actually an executable for a variant of W32.Pinfi, a memory-resident polymorphic virus capable of replicated via mapped drives and network shares.
(more)
new page will no doubt make many people scream "Portal!" That's because despite the name, it is essentially a "My Google" service, similar to the My Yahoo, My MSN and other My pages that portals created so their users could access the many features they offer.
Available through Google Labs later today, you can sign-up for the page if you have a Google Account. Once created, you'll see something that looks almost the same as the regular Google home page. But below the search box, you've got new options: News, Gmail, Weather, Stocks, Driving Directions, Movies.
(more)
My Google
Microsoft has sparked heated debate by claiming that Windows software is cheaper to patch than open-source alternatives. A Microsoft-commissioned study, conducted by its business partner Wipro, outlined the main areas of so-called "cost savings" by using Windows. A survey of 90 organisations revealed that Windows database servers cost 33 percent less to patch than their OSS counterparts. Respondents said on average, Windows clients are 14 percent cheaper to patch.
The findings were criticised by several quarters, with some critics dubbing them unrealistic and outdated. These sorts of studies can't be used as a real-world guide to the cost of patching or maintaining applications, said Frost & Sullivan Australia security analyst James Turner. "All organisations have different needs," he added.
(more)
n May 16, 2005, Microsoft Office Communicator 2005 was Released to Manufacturing, and the final Microsoft Office Communicator 2005 Documentation was released to the Office Online Resource Center. A 120-day Evaluation version of Microsoft Office Communicator 2005 is now available, and it will be available through volume licensing channels in July 2005. The Service Pack 1 upgrade for existing Live Communications Server 2005 customers is now available, and a 120-day trial software version which contains Live Communications Server 2005 integrated with Service Pack 1 is also available.
Office Communicator 2005 120-day Evaluation
Bob Roudebush writes: "The issue this time was a strange error when attempting to install VS 2005 on a Domain Controller. The installation succeeds, but when you start the Administration Site, you get the following error:"
The service principal names for Virtual Server could not be registered. Contrained Delegation cannot be used until the SPN’s have been registered manually. Error 0x80072098 - Insufficient rights to perform the operation.
It seems this is a known issue that is caused because the Network Service account that Virtual Server 2005 uses does not have the appropriate permissions in Active Directory to register the Service Principal Names (SPNs) for Virtual Server. You can read more about the problem and how to fix it (not for the faint of heart - it requires using ADSIEDIT!) by reading
this KB article.
MS Knowledgebase Article 890893
In a packed hall of developers and industry partners at Microsoft Mobile & Embedded DevCon 2005, Microsoft Corp.'s annual mobile and embedded developers conference, Bill Gates, chairman and chief software architect of Microsoft, announced the release to manufacturing (RTM) of Windows Mobile (TM) 5.0. See screenshots for the latest version Windows Mobile software: Windows Mobile 5.0.
Windows Mobile 5.0 Screenshots
Yes, IE7 has tabs. In general, I think tabs are a great idea. I liked them a lot in Office dialogs and in Excel in the early 90's. (I used to work on Office, and I admit we almost added tabs to Word at one point.) I like them in Visual Studio. I think, as an industry, we have a ways to go in refining the experience, consistency, and value of tabs. The main goal for tabs in our beta release is to make sure our implementation delivers on compatibility and security. The variety of IE configurations and add-ins across the Internet is tremendous. We want feedback on how it works with add-ins that you run (or have written), with the sites that you visit, and with the line of business applications, accessibility tools, management and development tools that you run.
We’ve also looked closely at reported vulnerabilities in other implementations of tabbed browsing. We’re looking forward to feedback from the security community as well. The tabbed browsing experience in the upcoming Internet Explorer 7 beta is pretty basic. Expect additional end-user functionality to come in after the beta.
(more)
Speculation among security industry sources suggests that Microsoft may be preparing to introduce its standalone antivirus software next week. Industry watchers said Thursday that the software giant very well could take the wraps off its emerging security product plans in a scheduled announcement on Monday, although the sources indicated their belief that the applications themselves may not reach the market for several more months. Microsoft representatives did not immediately return calls seeking comment on the rumor.
At least one security expert said that Microsoft is readying a shrink-wrapped antivirus package that it will offer through retail channels for "significantly less" than $25. Based on the level of sophistication of the product, or whether it includes tools for fighting different types of malicious programs--including spam and adware--the Microsoft offering could undercut pricing of similar products sold by security specialists such as Symantec and McAfee.
(more)
When Microsoft said that Windows XP Starter Edition, the cut-rate version of Windows for emerging markets, was for beginning computer users, the company wasn't kidding. The operating system will not work on computers running Intel's Pentium 4 processors or the Athlon from Advanced Micro Devices, a public relations representative said on behalf of Microsoft. Instead, it will run on computers containing Intel's Celeron chips, AMD's Duron or Geode chips, or processors from Via Technologies.
"When you try to load it onto a Pentium 4 machine, it gets to the processor ID and stops functioning," said P.R. Lakshmanan, senior vice president of Zenith Computers in Mumbai, India, who tried it as an experiment. Zenith is one of India's larger local PC makers. Starter Edition for India won't be released publicly until June.
(more)
You've certainly worked with Group Policies if you have Windows 2000 or Windows Server 2003 deployed anywhere in your organization (and the clock is ticking on NT4, by the way, in case you haven't yet completed your migration). You've probably customized password policies, locked down a few security settings, instituted a login script and possibly redirected the My Documents folder. However, quite a few of you stop short of getting the full value out of Group Policies because of their perceived limitations.
(more)
One of the tests performed by Windows Hardware Quality Labs (WHQL) was the NCT packet stress test which had the nickname "Hell". The purpose of the test was to flood a network card with an insane number of packets, in order to see how it handled extreme conditions. It uncovered packet-dropping bugs, timing problems, all sorts of great stuff. Network card vendors used it to determine what size internal hardware buffers should be in order to cover "all reasonable network traffic scenarios".
It so happened that at the time this test had currency (1996 era), the traffic on the Microsoft corporate network was approximately 1.7 times worse than the NCT packet stress test. A card could pass the Hell test with flying colors, yet drop 90% of its packets when installed on a computer at Microsoft because the card simply couldn't keep up with the traffic. The open secret among network card vendors was, "If you want your card to work with Windows, submit one card to WHQL and send another to a developer on the Windows team."
(more)
The Old New Thing Blog
News Analysis: Microsoft has stressed the importance of quality vs. speed when releasing software patches, but problems have been caused by a recent "critical" update. For Microsoft, delivering high-quality security patches in a timely manner has always been a lose-lose predicament. If patches for major software vulnerabilities take too long, customers are at the mercy of zero-day threats. When patches are rushed out without proper quality assurance testing, they invariably become a system administrator's worst nightmare.
Earlier this week, when Microsoft Corp. announced plans to re-release a "critical" bulletin because of patch quality problems, the move triggered a new round of eye-rolling among security research pros. The bulletin, MS05-019, first released in April, contains patches that have caused major connectivity problems for network administrators.
