Welcome to Sign in | Join | Help
Home Blog Forums

Front Page News

  • Mail Store Targeting in a Distributed Application

    We’d like to introduce another author on Thelazyadmin.com. Brad Bird is an IT Professional of 12 years experience.  Currently working as an independent consultant associated with Infront Consulting.  Brad has more than 8 years under his belt specifically in Windows Networking Administration.  Among his specialties are: Windows security, forensics, intrusion prevention and detection, Active Directory implementation, System Center Operations Manager and Data Protection Manager implementation...
    10-29-2008, 9:00 AM by rodney.buike to The Lazy Admin
    Filed under: ,
  • IIS 7 FTP over SSL

    One of the new and long awaited features in IIS 7 is support for FTPS or FTP over SSL. By default all FTP data is transfered in clear text, including the user name and password. From a security point of view you can see this is a bad thing. FTPS to the rescue! Before you begin you will need to download and install FTP for IIS7 and you can do so here: FTP for IIS 7 on Windows Server 2008 x86 FTP for IIS 7 on Windows Server 2008 x64 The first step is to create the certificate. You have two options,...
    10-27-2008, 9:10 AM by rodney.buike to The Lazy Admin
  • Critical Out Of Band Hotfix Released

    Typically hotfixes are released on the second Tuesday of each month as you are all well aware. Occasionally, I can personally only remember three including this one, there are out of band hotfixes released. While we don’t normally post hotfix release notifications considering this is an out of band release I wanted to let you all know about it. Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644) http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx...
  • Server 2008 Failover Cluster Failback Policies

    We’ve covered a creating a cluster and clustering a service and one other thing to configure in your cluster is failback policies. These control if, how and when a failed resource is brought back online on the preferred owner. As an example, say Node 1 in your file server cluster goes offline. The resource will failover to Node 2. But what happens when Node 1 comes back online? By default, nothing, and this is to prevent a resource from bouncing back and forth between nodes as Node 1 goes on and...
    10-22-2008, 9:00 AM by rodney.buike to The Lazy Admin
  • Clustering a Service with Server 2008 Failover Clustering

    We’ve covered setting up a two node failover cluster in Windows Server 2008 and now that we have that running we can start to cluster some services and/or applications. In this example we’ll cluster File Services to create a highly available file share. To start we can simply right-click Services and Application under the cluster and choose Configure a Service or Application. From there we are presented with a list of services and applications that can be clustered. Simply choose the service or application...
    10-17-2008, 9:00 AM by rodney.buike to The Lazy Admin
  • Building a 2-Node Server Core Failover Cluster

    If you have ever set up a Windows cluster in Windows 2003, 2000 or if you were brave enough NT4 you know it has always posed a number of challenges that usually required some specialized skills.  Well in Windows Server 2008 that has changed thankfully and we can whip together a two node failover cluster in minutes!  Before you get started you will need the following: 3 servers at minimum (1DC, 2 Nodes) Shared storage (iSCSI or FibreChannel) 3 Networks (Public, iSCSI, Heartbeat) With that...
    10-16-2008, 9:00 AM by rodney.buike to The Lazy Admin
  • Creating Custom Application Compatibility Shims

    In a recent article I wrote about the Standard User Analyzer, one of the tools available to mitigate app compat issues with UAC. Some applications require a little more work to get them working and for these situations you can use the Compatibility Administrator which part of the Application Compatibility Toolkit 5.0. Again it is a pretty straight-forward tool to use once you have collected the required information. Now before you begin you need to use tools like Process Monitor to determine what...
  • Application Compatibility with the Standard User Analyzer

    One of the biggest blockers to deployment in application compatibility. Whether it is a new OS and existing applications or new applications on an existing OS these are they kind of things that drive you nuts. There are many tools available now to help address these issues, one being the Standard User Analyzer. With Windows Vista one of the app compat issues that arises is due to User Account Control (UAC). With this you have two options, disable UAC (which is the worst thing you can do) or use SUA...
  • Enabling VSS for Hyper-V Backups With Windows Server Backup

    As with anything you should be backing up your Hyper-V machines. I think that just goes without saying. Backing up Hyper-V has gotten easier with the addition of VSS and Windows Server Backup (WSB). WSB is a new feature in Windows Server 2008 that replaces the old NTBackup from days gone by. It is not installed by default but can be easily added with the Add Features wizard in Server Manager. Once installed there is one last setting you must configure before backing up the Hyper-V virtual machines....
    10-06-2008, 9:02 AM by rodney.buike to The Lazy Admin
  • Server 2008 Domain and Forest Functional Levels

    As with each edition of Windows Server, the 2008 release also includes some new additions. In order to take advantage of some of these new features you need to upgrade your Active Directory Forest and Domain functional levels. You can read about the Windows 2000/2003 domain and forest functional levels as a refresher if you like, but here we'll cover the 2008 versions. Windows 2008 Forest Functional Level The Windows 2008 Forest functional level does not provide any additional features to your Active...
    10-05-2008, 10:24 AM by rodney.buike to The Lazy Admin
  • Is Your DNS Patched?

    In case you have been living under a rock for the past month you have most likely heard about the DNS cache exploit recently discovered by Dan Kaminsky . This might be one of the most severe flaws discovered as it was cross platform affecting everything from Windows to Linux, UNIX, Cisco IOS etc.... It was so big in fact that all the major vendors worked together to get the patch issued on the same day. The flaw would allow an attacker to insert a malicious DNS record into the cache. As an end user...
    07-25-2008, 12:27 PM by rodney.buike to The Lazy Admin
    Filed under: , ,
  • Recovering BitLocker keys from the Active Directory

    Here at the LazyAdmin we have talked quite a bit about using BitLocker with Windows Vista . With the introduction of Server 2008 you can now also leverage Bitlocker with your 2008 servers. This is particularly attractive when deploying Read Only Domain Controllers (RODC) to remote locations where physical security is questionable. One BitLocker features is the ability to backup your Bitlocker encryption key to the Active Directory. In previous articles we have talked about enabling GPOs that can...
  • Extending your AD schema for Vista and Windows 2008

    We have talked about enabling BitLocker Active Directory integration in a previous post now we will take a look at prepping your domain to implement this integration. To take advantage of the several of the more compelling feature such as RODCs and Windows 2008 domain controllers we first need to extend the AD schema in our current environment. These additions also allow you to add take advantage of feature in Windows Vista such as group policy client side extensions, and storing BitLocker keys in...
  • Videocast - Securing Cached Credentials

    One of the nice things with RODCs is the ability to control cached credentials. You can also pre-populate passwords for specific users, like a branch office user, in case the branch office connection goes down but this can be a security concern if that server gets stolen. Server 2008 has a nice way of handling this so you can sleep easier. This last video will cover what to do when the RODC is stolen. Note: Double-click on the video to go full screen. If you want to give these demos a try yourself...
  • Videocast - Creating a Read Only DC

    The next video in our Server Core series is going to cover making our demo server into a RODC or Read-Only Domain Controller . One pre-requisite for a RODC is an existing Windows 2008 based DC in the domain. You also need to run adprep /rodcprep before you can add the RODC. Other than that it is pretty straight-forward but without the DCPromo wizard can cause a challenge. Let's see how it is done! Note: Double-click on the video to go full screen. If you want to give these demos a try yourself be...
    06-19-2008, 9:07 AM by rodney.buike to The Lazy Admin
  • Videocast - Server Core Remote Management

    In the next video in the Server Core series we look at the remote management options. There are a number of options, RDP (still just a CLI), remote MMC consoles, PowerShell, WinRM/RS Because Server 2008 follows the secure by default standards these are all turned off and need to be enabled, again from the command line. Have no fear this video will ease the configuration :) Note: Double-click on the video to go full screen. If you want to give these demos a try yourself be sure to grab the lab build...
    06-18-2008, 9:01 AM by rodney.buike to The Lazy Admin
  • Videocast - Configuring Server Core

    Last week I posted two videos on configuring the server and client side for DHCP Based Network Access Protection. Over the next two weeks I'll be posting another set of videos on configuring Server Core. The first video is going to cover the OOBE or out of box experience. Server Core is like any other server out of the box, you need to configure IP address, join a domain, and add roles but if you have seen Server Core you know it is all command line. This video will take you through those steps and...
    06-16-2008, 8:56 AM by rodney.buike to The Lazy Admin
  • Videocast - Testing DHCP Based NAP

    The other day I posted the first half of this video with the server side setup of NAP. This video will cover the client side setup and testing on both Windows Vista and Windows XP SP3. Note: Double-click on the video to go full screen. If you want to give these demos a try yourself be sure to grab the lab build guide and demo scripts here!...
  • Videocast - Configuring DHCP Based NAP

    Server 2008 is out and one of the very cool features is NAP or Network Access Protection. This feature allow you to protect the internal network from threats. There is a nice entry on Wikipedia explaining NAP but the TLA way is to show you the quick steps to get it done. While I could write it out I figured video would be cool as well and since I had the videos from the Canadian Heroes Happen {Here} events I got real lazy and am posting those :) Over the next while I'll get up the rest of the videos...
    06-10-2008, 12:59 PM by rodney.buike to The Lazy Admin
  • The Lazy Admin @ TechEd: Demo Idol!

    Hello everyone, and a special hello to new TLA readers from TechEd. For readers that could not attend TechEd, (wish you were here!) I presented at TechEd's Demo Idol! The session was on the virtues of being a Lazy Admin. In the session I mentioned some great Microsoft products that really help LazyAdmins stay Lazy Admins. I wanted to post the links to those products, resources: Infrastructure Optimization: http://technet.microsoft.com/en-us/infrastructure/default.aspx There is also a site dedicated...
    06-10-2008, 12:30 PM by daniel.nerenberg to The Lazy Admin
  • TechEd 2008

    For all those going to TechEd 2008 in Orlando, it's your chance to meet a "real" Lazy Admin. I'll be in the hands on labs section at TechEd helping out! Don't hesitate to come on up and chat about the site, articles, or anything else that interests you! I'll blog about the experience and any cool stuff I see for those who couldn't make it. Keep an eye on your RSS feeds....
    06-08-2008, 8:30 AM by daniel.nerenberg to The Lazy Admin
  • Windows Search 4.0

    Quick post to let all you Lazy Admins out there that Windows Search 4.0 has been released. There is a long list improvements. I have been using the preview release for the past month, and I definitly have noticed performance benefits on my laptop. For those who haven't tried Windows Search, it's a Lazy Admin's best friend. The only downside is the search is so good, I forget where everything actually is located in Windows. Grab it here: http://support.microsoft.com/?kbid=940157 From the Microsoft...
    06-04-2008, 10:47 AM by daniel.nerenberg to The Lazy Admin
  • Windows Vista Springboard: Microsoft Assessment and Planning Solution Accelerator

    A few weeks ago I posted about some of the tools Microsoft provides to help establish the costs and saving that deploying Vista can bring. One of the issues that I have is how do we get the numbers to fill in those forms; well MS has you covered there too. This tool is really useful. With the MS Assessment and Planning Solution Accelerator you can scan the computers in your network for information such as which OS and Service pack they are running, and if they are good candidates to upgrade to Vista....
  • Quick Tip - Using Live Sysinternals Tools

    We have all muttered the words "Where is <fill in the blank> when you need it?" A lot of times that blank is filled with the name of a SysInternals utility like Process Explorer or TCPView. Well never utter those words again thanks to http://live.sysinternals.com :) Here you will find a list of all the SysInternals tools ready to download. Or if you don't want to download it to all your PCs just run the command from a command line to the remote server and run the tools that way :) It takes...
    05-29-2008, 2:33 PM by rodney.buike to The Lazy Admin
  • Windows Vista Springboard: Discover

    I posted a few weeks ago about some Vista Springboard. Continuing that series of posts, I wanted to talk about the first part of Springboard program which is: Discover. Now I'm sure many of you have already "Discovered" Vista, I thought I had too, but the great thing about the springboard site is it concentrates a great deal of information into nice digestible categories. So as most readers have probably already discovered the technical aspects of Vista, I wanted to highlight some of the great tools...
More Posts Next page »


All postings are provided "AS IS" with no warranties, and confer no rights.
Microsoft product screen shot(s) reprinted with permission from Microsoft Corporation.