Thursday, 7 November 2013

Microsoft Lync Zero Day Attack




On 5th November the Microsoft zero-day vulnerability was reported by McAfee Labs senior security researcher Haifei Li. The bug affects a range of products including Lync clients. Microsoft have been informed of on-going targeted attacks mostly in the Middle East and South Asia that have exploited this flaw.
The vulnerability is due to a bug in the handling of TIFF files and results in memory corruption which can be exploited to gain elevated access to the targeted system.

Lync products affected include:
Microsoft $100,000 Bug Reward

Lync 2010 x86, x64
Lync 2010 Attendee
Lync 2013 x86, x64
Lync Basic 2013 x86, x64
Office 365 is not affected by the exploit.

Microsoft have released a temporary patch to block rendering of the TIFF format using the registry mod below: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Gdiplus\DisableTIFFCodec = 1

Microsoft advise installing EMET (the Enhanced Mitigation Experience Toolkit) that is able to mitigate this exploit in advance when any of the following mitigations are enabled for Office binaries:
Multiple ROP mitigations (StackPointer, Caller, SimExec, MemProt) available in EMET 4.0
Other mitigations (MandatoryASLR, EAF, HeapSpray ) included in EMET 3.0 and 4.0

EMET can be deployed via group policy or SCCM for blanket coverage of all vulnerable clients.

Friday, 30 August 2013

Lync is Microsoft Fastest Growing Business – ComputerWorld got it Wrong

ComputerWorld published an article earlier this month entitled “Microsoft pushes into crowded Unified Communications market”. The article provides a reasonably balanced view of the current state however there are a few caveats I have, in one section it states:
Lync - Revenue exceeds $1Bn

“In the crowded UC market, it (Lync) competes against offerings from vendors including Cisco, IBM, Avaya, Siemens, Alcatel-Lucent, Mitel and ShoreTel.

However, Lync isn't being hailed as a product that stands out from the rest in any significant way nor that is blazing trails of innovation in this UC market.”

I disagree, Lync does stand out from the rest in one very important and deal-making way; Lync is fully integrated with the more traditional Microsoft products, it embeds itself into Office, SharePoint and Exchange making Lync an extension of the existing business worker stack. It was designed from the outset to operate in this way, Microsoft intended the deep integration that Lync provides into existing workflows and indeed only they can achieve this as they produce all of the other software as well.
The competition developed its products to be competitors for traditional telephony, a separate isolated system, only producing the allusion of integration using applications such as CUCILync.

Lync is now Microsoft’s fastest growing business with 30% growth this year to exceed the billion dollar revenue mark.
There are also a billion registered users of Microsoft Office out there and Exchange is an immensely popular corporate e-mail platform; a large percentage of this user base will migrate from either old PBX systems or other VoIP systems onto Lync as the benefits to that coupling are great and enterprise licensing cost outlay is minimal. In addition if they are already using Office and Exchange then they are a Microsoft shop and likely to be in a position to adopt the technology faster and with better in-house support. Lync has a lot of growing to do and a lot of market cap to take.

Voice engineers I talk to accept that the products they work with are separate systems and are quite happy to keep developing these for their clients. They just don’t get it that voice has no future as a stand-alone product with its own dedicated infrastructure. Voice is already part of unified communications stacks and for a system to have a future it must provide all of the core communication modalities equally well with transition between IM, e-mail, voice, video and application / desktop sharing being as seamless as possible. Only Lync currently comes anywhere close to offering this.

Cisco rely on their rock solid reputation as justification to buy into their systems; telephony is mission critical so you must have the most reliable platform with its own dedicated everything.
But Lync is the only system thus far to pass the Miercom Sip torture test for reliability.

Zeus Kerravala, founder and principal analyst with ZK Research was quoted in the article referring to Lync, stating "It's a good, competitive, traditional UC tool." The most important thing is that Lync isn’t traditional, it’s ground breaking.

The significance of the Lync – Skype integration was skimmed over in the article. They mention that it will allow support teams to move into an era of customer partnership models, but Skype is also a readymade global VoIP network and it’s free. Almost all of us have devices that can run Skype; its user base is already huge giving Microsoft a distinct advantage in the UC market place and decisions as to which UC platform to migrate to, will in part depend on the answer to the question “is it compatible with our Skype customers?” Cisco realise this as a serious threat, hence the pending legal case between them.

See http://www.reuters.com/article/2013/05/28/cisco-microsoft-court-idUSL5N0E933220130528

It’s clear in this new UC landscape those clutching at the past and pushing products that see voice as a separate entity to be placed on the desk alongside the ubiquitous in-trays of the world will be relegated to history. Some very big players in the market today that initially claimed Lync as a non-threat will be pushed out of that market by the very same product.

The UC space may be crowded with products but saturation is still only at 51% globally and 90% of the fortune 100 already have Lync investment that is surely only going to grow as they retire more traditional systems many of which are listed among the competition. The big blow here for them will be the loss of those very lucrative support and maintenance contracts.

Microsoft have done a rare thing; produced a world beating product in a space where they have very little experience and in a comparatively short period of time.


Lync is going to be very big. Don’t believe me? Then check back here in two years and leave your comments then.

Thursday, 4 July 2013

Lync Server 2013 CU2 Paired Pool Update

On Monday 1st July 2013 Microsoft released their second cumulative update for Lync server 2013. Unlike the first which involved breaking SQL mirrors for Enterprise edition it seems like Microsoft have listened and improved the Lync upgrade process; now fully supporting SQL mirrors and no need to rebuild your HA arrangements afterward.
However, all is not as simple as it may seem.

Technet guidelines on deploying the Lync CU's are causing confusion, the following is an extract from the site:

Lync Server 2013 Update Installer
"The front end servers in an Enterprise Edition pool are organized into upgrade domains. These upgrade domains are subsets of front end servers in the pool. Upgrade domains are created automatically by Topology Builder.
You must upgrade one upgrade domain at a time, and you must upgrade each front-end server in each upgrade domain. To do this, take one server in an upgrade domain offline, upgrade the server, and then restart it. Then, repeat this process for each server in the upgrade domain. Make sure that you record which upgrade domain and servers that you have upgraded".
Fairly straightforward so far. Unlike Lync 2010, 2013 uses the Windows fabric, organises its users into groups and its FE servers into upgrade domains; logical constructs which contain one or more FE servers. Use the following command to see which FE servers have been assigned to which upgrade domains (numbered 1,2,3 etc):
Get-CsPoolUpgradeReadinessState
If the command returns a status of True against each upgrade domain it is ready for upgrade. Proceed to upgrade each server listed in turn by firstly draining the server with:
Stop-CsWindowsService –Graceful
Then once active sessions on that server have ceased, launch the upgrade package, LyncServerUpdateInstaller.exe.
Once the upgrade on the first server is complete, restart all Lync services and verify it's status prior to proceeding onto the next server.
Once all servers within the first upgrade domain have been upgraded proceed to the next upgrade domain and repeat the above process.
However,Technet goes on to state the following if the status returned by upgrade readiness status is not True:

"If the State value of the pool is Busy, wait for 10 minutes, and then try to run the Get-CsPoolUpgradeReadinessStatecmdlet again. If you see Busy for at least three consecutive times after you wait 10 minutes in between each attempt, or if you see any result of InsufficientActiveFrontEnds for the State value of the pool, there is an issue with the pool. If you cannot resolve this issue, you may have to contact Microsoft Support. If this pool is paired with another front end pool in a disaster recovery topology, you must fail the pool over to the backup pool, and then update these servers in this pool".


It seems that this is being interpreted in one of two ways;
Firstly if uprgade readiness returns "busy" or anything other than "true" persists then you must contact Microsoft for assistance unless you are running paired pools in which case you can invoke failover and then commence the upgrade.
Secondly regardless of busy or true states for upgrade readiness, if you are running a paired pool topology then you must invoke a pool failover to be able to upgrade prior to failing the pool back to upgrade the second pool of the pair.
The first interpretation is correct and there's a supporting flowchart on Technet to confirm it.
If the upgrade readiness command returns true then regardless of anything else your environment can be updated. However, replies from Microsoft support for clarification have suggested that "you must fail over the FE pool to it's DR pair to perform the upgrade, then fail back and upgrade the DR pool". This is not correct and is in conflict with the procedure on Technet. Come on Microsoft, if your own people aren't on the same page here then how are we expected to manage.
Regardring the rest of the CU2 update, once all FE servers are upgraded you now have the remaining Lync infrastructure to tackle including the backend.

Microsoft have also posted a warning that if you install the CU2 update and then roll back to CU1 your Lync databases will revert to the RTM version, please see the link below for further details:

http://support.microsoft.com/kb/2819565

Tuesday, 4 June 2013

Outlook.com Claim your address now


Microsoft have released Outlook.com as a true cloud replacement for the Live.com and Hotmail.com systems we have used for years converging on the now familiar interface of Windows Server 2012, Windows 8 and Windows Phone. While having a Hotmail.com address on your resume was slightly embarrassing an Outlook.com address is a lot more credulous.

You could rename your existing Live / Hotmail account to a new Outlook.com account, or simply start again with a new Outlook.com address, but there is another way. Continue using your existing Hotmail account, but with the Outlook.com interface and create a new Outlook.com alias with the Outlook.com domain name.


An alias works just like a real email address but it’s not a separate account. If you have Xbox Live achievements, Zune purchases, Windows Live ID or you have a Windows Phone and don’t want to  hard-reset it, then they will all still work because you retain the Live / Hotmail account but also have a new Outlook address which you can use for your email.

There are however a few things to consider, you can only create up to five aliases each year. You won’t be able to use an alias on Windows Phone or any other mobile client or email application; it will only work from the Outlook.com web interface and you can’t sign in to Outlook.com with an alias you must continue using the original Hotmail account.

To set up an Outlook.com alias:

Log into Outlook.com with your Hotmail credentials. This will enable the Outlook.com user experience on your Hotmail account and going forward it won't matter where you sign in hotmail, live or outlook you'll get the new look.
  1. Once in, click the engine wheel located on the top right of the page.
  2. In this menu, select "More mail settings".
  3. Now, look for the option "Create an Outlook Alias" under the "Managing your account title"
  4. Enter your chosen alias and click create.
  5. You have an option of receiving mail in a separate folder or in your hotmail inbox, personal choice here.
My advice is get in quick before your chosen address is taken by others. Microsoft are working towards decommissioning Hotmail / Live accounts and Live Messenger ceases to exist this coming March. Outlook.com and Skype are the next generation communication tools and non corporate versions of Exchange and Lync.
With Outlook.com, you get the new Metro-style interface and the brawn of what is one of the most powerful email services around.

Friday, 17 May 2013

Microsoft Kill Conferencing


Conferencing is dead. But that doesn't mean web, audio and video conferencing are thing of the past. They are merging into integrated components for a larger collaboration platform that includes conferencing tools as well as chat, shared white board, etc. Conferencing implies a single-purpose tool that is used independently and procured separately; a conferencing “system”.

This type of environment, a unification of many communication modalities, provides Visual Conversations (see zkresearch.com) a natural mode of communication more aligned to “real” meetings of old.
Audio Conference

It is Microsoft that is farthest along this road to true communication unification. At their Lync conference 2013 a work / life balance was a central theme of the keynote with phrases like "re-humanization of communication," "bring the living room to the boardroom," and "you're not just a worker" were used often. This consumer-driven theme felt very Skype oriented, but is new to the Lync discussion. Reference points for the future of Microsoft's Lync and Skype evolution all related to a focus on users, minimizing barriers, multiple platforms, and support for mission critical operations. Innovations like WebRTC are clearly key to full unification; currently Lync Web app for browsers lets any user join a meeting from a PC or Mac browser, but requires a plugin for the browser. Once this standard is ratified (and Microsoft is going against the grain with this one) any user on any browser can enjoy the benefits of full Lync / Skype communication modalities with no barriers.

The Lync – Skype integration is central to Microsoft’s UC plans, Skype brings to the Lync ecosystem over 300 million users, targeting a scale of billions of users and transactions. When compared to the number of Lync Enterprise Voice users, 5 million, these numbers are indeed staggering. In addition the importance of the Microsoft Office installed user base isn’t lost on Microsoft with nearly 1 billion Office users out there scope to grow an installed user base for UC modalities is vast.

Microsoft's core value proposition to the Enterprise is not a sea of Skype users it’s an end-to-end communications ecosystem that includes an identity engine and central directory (AD), email (Exchange), content creation (Office), content management (SharePoint), real-time communications including presence, IM, audio, video, data sharing, and conferencing (Lync) all tightly integrated and available across the user's preferred devices. Making it easier and more intuitive to interact across these broad layers of the communications ecosystem is the name of the game. Replicating a familiar experience between Office applications, with which a billion users are familiar, in the Lync environment is a very logical place for Microsoft to focus.

Missing from this picture are the social networking aspects of B2C or B2X communications, a corporate Facebook for collaboration. This is in Microsoft’s plans and comes in the shape of Yammer, a fully established enterprise social network. Expect integration to come with the next major release of Lync – 2014.

Additionally, the advent of the Lync Room System (LRS), and the tight integration it offers between Microsoft Outlook, OneNote, and Lync. The Lync Room System has the potential to eliminate historic barriers that have limited group video as a method of communications, making it easier to schedule, join, and moderate, making content sharing a more natural part of room-based collaboration. The Office and OneNote integration, on the other hand, can make group collaboration more effective making it easier to include traditional best practices such as meeting agendas, notes, and action items.

In summary, Microsoft has a set of technologies and products becoming ever more tightly integrated forming a single identifiable ecosystem, harnessing an existing user base and a new global network with familiar, intuitive, ever pervasive interfaces. How will the balance of power shift in unified communications with over a billion users relying on Lync/Skype for telephony, messaging, conferencing, presence and feeds?

Tuesday, 14 May 2013

Supporting Microsoft Lync Architecture

With huge financial savings to be made by fully exploiting the Microsoft enterprise license agreement, organizations needing to make efficiency savings are looking to Lync. Here in the UK and rather surprisingly, this is most prevalent within the public sector. Year on year cuts across the whole sector have forced a thorough re-evaluation of all assets. IT services is an easy target; equipment, licenses, support etc. all add up to a significant investment of Cap-ex and ongoing Op-ex. Move from VMWare to Hyper-V, Oracle to SQL and the PBX to Lync and you have saved a fortune on licenses, ongoing maintenance contracts and specialists within your teams to support the tech. 


No one is implying that Microsoft products are better in some way than the omni-present industry mainstays, rather the opposite, but they are cheaper and the senior management thinking is “migrate all of our services to Microsoft systems and our IT teams can concatenate down to just a few Microsoft guys”, implying that Microsoft SharePoint and System Center occupy the same skill set.

Whichever way you look at it Lync is replacing analogue phone systems and VoIP telephony alike, and bringing with it the deep office application integration that no one else offers, not to mention mobility.
As an organization looking to leverage the benefits of Lync for increased business efficiency and cost savings it’s easy to get it all wrong and difficult to get it right, here’s a few pointers:
Understand the components. Lync is not only gateways, phones, 3rd party applications, load balancers and the front end / backend roles, but also the IP network, DNS, firewalls, reverse proxies and Active Directory.
Develop and share your UC strategic plan. If your Cisco experts think CUCM is the future, and Microsoft experts think Lync is the future then without buying into some common management direction, the end solution may be watered down, less efficient and provide less up-time.

Do you intend to support in-house or outsource as a managed service. Outsource if you’re moving fast and lack the required skills. If self-supporting, read on.

Align your teams. Retain experts in each key technology and bring them together to provide a shared service for the end users. Realign your teams, or at the least, break down the silos amongst Subject Matter Experts. They should commit to providing 99.999% service.

Choose systems integration partners carefully. Picking an SI with a broad portfolio and deep experience ensures your next decisions and investments will be future-proofed. Using a general Systems Integrator who handles Windows, VMWare, and Exchange may be a mistake. Lync is a complex product you need specialists.

Select components wisely. No less than five gateway manufacturers have at one point entered the market. Three remain. Even prior to Nortel being acquired by Avaya, the LG-Nortel IP phones were being discontinued. Ensure the SI partner offers a broad range of hardware and advice on who is exiting the market and who is investing.

Develop custom SOPs. The first-tier help desk should not always call the Lync expert if there’s an issue impacting Lync, because the issue may well be the Hypervisor, the LAN, or the trunk. Offer training enabling them to qualify issues and triage them to the correct tier-2 expert.

Get comprehensive, custom training. Effective Lync training for systems administrators is hard to come by. You can find installation/administration training on the market, but it’s aimed at certification and so once the system is installed half of the training is redundant. Consider using an expert to help your team understand how to diagnose and resolve issues relevant to your system and not an exam scenario.  
Retain an SME. Ensure you hold the contact details for a Lync subject matter expert, possibly the one that designed the solution. Bring them in at consultancy rates when you hit a problem that can’t be resolved in-house.

It’s easy to sell UC solutions to end users, specifically Lync UC. Unlike much of the IT technology we invest in within business, routers, firewalls, SANs etc. its high impact; the users get to see it, interact with it, it’s a shiny new toy. But it’s providing a critical service and moreover it’s replacing a device which we have come to rely on for even the most trivial operations; the PBX, the telephone. When it works it’s a look into the future of business, when it fails it will be your worst nightmare.


Current Top 7 Operating Systems by Internet usage.

Based on current trends we will see the standings shown below from June 2013.
Windows 8 has leapfrogged Windows Vista and Apples OSX to sit behind Windows XP.

As XP now enjoys only extended support and each new computer system ships with Windows 8 we can expect XP to drop to the number 3 spot in the future.
 
The debate as to whether Windows 8 will ever see widespread use within industry will continue until it does and inevitably eventually occupies the number one spot ahead of Windows 7.

1. Windows 7
2. Windows XP
3. Windows 8
4. Mac OSX
5. Windows Vista
6. iOS
7. Linux


Monday, 13 May 2013

The Lync Room System (LRS)


Lync is at the center of one of the biggest transformations in the way we work since the advent of the PC. The workforce is more distributed, with more flexible working hours and getting things done increasingly relies on collaboration with people in multiple locations. Bill Gates was referring to this trend when he said at the launch of Lync 2010, “Lync is the most important thing to happen to the office worker since the PC came along”.
Lync Room System from Smart Technologies

In Lync 2013 Microsoft have made significant investments in video and collaboration to make it really easy for individuals to collaborate from anywhere and on any device. The new video gallery enables all meeting participants to see and be seen and the mobile clients enable users to communicate and participate in a meeting from any device.

Lync 2013 is the fourth release of the Microsoft unified communications product line starting with Office Communicator 2007. The level of innovation we have seen since the start of our unified communications journey has been dramatic, if not unprecedented.

One area which hasn’t kept pace with this level of innovation is the meeting room, which is an area where information workers (IW’s) spend a lot of time during the course of a day. As more and more meetings involve remote attendees, the capabilities and expectations of these remote attendees make very clear how far behind the meeting room experience has fallen compared to desktop and mobile.

The best effort of the industry to bring communications to the meeting room to date has been with videoconferencing systems (VTCs). Over time, we’ve heard from many of our customers who are dissatisfied with their current videoconferencing experience that they wish it would just work and be as easy to use as their desktop.

So what exactly are the problems with conference rooms that make them so hard to use? Many of us who go to meetings on a regular basis know them well:

Time spent getting the meeting started: We’ve observed that it takes 8 to 10 minutes on average from the time someone tries to start a meeting to the time 2-way video is established and content is available in the meeting. Challenges abound in everything from getting the projector working to getting the laptop to project to getting video started.

Videoconferencing equipment is not well utilized: Most large companies have deployed VTCs in some meeting rooms but their usage is often limited to those who had the need to install and took the trouble to learn how to operate them in the first place. If you ask everyone else what they know about VTCs, they will probably comment on the camera at the front of the room pointing at the wall and the remote control on the table. This is primarily because the user interface for VTCs is not intuitive and even once it has been learnt, you still need to know the identity of the room you want to call to be able to establish a connection. VTC vendors have tried to improve this experience in recent years but it’s still not as intuitive as using the PC on your desk.

Remote attendees feel isolated: For most meetings with content and remote attendees, the in-room participants need to choose which of the two to show in the meeting room as there is only so much screen real estate available. Most often, the in-room attendees choose to show the content which is the subject of the meeting, and not the video of the remote participants. Without the 2-way video connection, out of sight is like being out of mind and remote attendees aren’t able to contribute effectively to the meeting.

Meetings are hard to manage: When you finally get the meeting started, you still need to worry about managing the participants, the audio/video and the content being shown in the meeting.

What is a Lync Room System?

Lync Room System is a meeting room solution consisting of integrated hardware and software delivered by our partners and optimized to join Lync meetings. With Lync Room System you can join an online meeting with one touch and be ready to collaborate with remote attendees in seconds. It has all the equipment you need for great meetings:

LRS - VTC

1.High definition touch displays (1080p) for showing video and enabling collaboration. Lync Room Systems are available with 1 or 2 front of room touch displays depending on your room size

2.High definition video camera for capturing the room in full 1080p resolution

3.Wideband audio for clear sound from the room and to the room

4.Table-top touch meeting console to enable the meeting controller to manage the meeting without distracting the other attendees

It’s all brought together by the Lync Room System Edition software, which is a full Lync client optimized to bring the immersive meeting experience to a meeting room setting. It makes joining meetings as easy as on your PC and breaks down the barrier between in-room and remote attendees. Being able to see content and high definition video side by side makes remote collaboration more effective.


Sunday, 28 April 2013

When will Microsoft add call center to Lync?


Microsoft Lync is often compared to specific contact center type software and of course it comes up short. Lync is not meant to satisfy this need, there is a functional ACD which works very well, but from a feature/functionality and cost positioning point of view it's of course not meant for structured contact centers. It's functionally a departmental ACD. Lync can be considered as Personal branch exchange, not Private branch exchange. It takes the knowledge worker or information worker as a baseline. This implies that the individual becomes ones own office assistant, ones own receptionist, etc. Lync doesn't need any call center, because no knowledge worker or information worker needs any.


The platform called UCMA on which OCS and Lync are built is very rich and enables  advanced capabilities such as programmatic escalation to conference, silent monitoring, barge in and recording, etc.
There are lots of contact centers being built on that platform. Not all are public like Aspect, some, like ExtendHealth, are internal to companies for their own purpose, and are used to run their entire business. Aspect is partially owned by Microsoft and they now have two solutions designed for Microsoft Lync.


So Lync is not a contact center product, but the Lync platform is not only credible but increasingly "the" platform for building contact centers on.

Innovation in the call center space for Lync will be driven by the 3rd party ISVs; by providing SDKs and APIs to interact with the Lync framework Microsoft is allowing industry needs to drive innovation and development to that part of the product and that is something that simply cannot be done on top of other UC platforms.
Call Center on Lync will be fine and we will see tremendous movement in this space as Lync gains market share, and that is something of a certainty.

Microsoft partners with a number of Independent Software VendorsISV's (including Aspect) for various 3rd-party solutions - contact center included:http://lync.microsoft.com/en-us/Partners/Pages/application-partners.aspx



 

Monday, 4 March 2013

Are Homogeneous Environments Better?


Not so many decades ago if you wanted software for your IBM computing environment you commissioned a software house to write it for you, you owned it and altered it to suit changes in the marketplace. Nowadays we buy off-the-shelf products and make them fit our needs. There's a whole marketplace of software vendors and when we need to achieve a particular business function we have many products to choose from.

So how should we make our choice? Do we go with the cheapest, the one with the best support contract, or the one that offers us the most functions?
As with any business procurement we should choose the one that, after everything is taken into consideration, offers the biggest return on our investment over a measured period. This could be through additional generated business or reducing operating costs.

Typically it means that we tend to grow our IT environments around multiple vendors which, at the time of purchase, may have offered the best product for us. In slightly less able organisations it's steered by whichever salesman does the best job as the internal team just don't have the skill-set to make the right choices.

There is a case to say that taking each business function in isolation it is correct to choose from the whole of the market an application which best meets its needs, but this will lead to a heterogeneous environment with multiple vendors. Applications which must be tied together which have not been designed to do so, much greater complexity in supporting the environment, less uniformity, a greater chance of a failure and when something does go wrong a "pass the blame" attitude from the vendors.

Taking all of our electronic business functions into consideration, not just the usual authentication, file storage and e-mail but also telephony. It hasn't been possible until recently to build a truly homogeneous environment based around one set of centralised management tools, for many organisations a holy grail. Over the past three years, Microsoft have gone strongly into innovation mode on many product lines. For the first time it seems they have a master plan of cohesiveness with development teams using a high degree of communication to ensure uniformity over the entire product range. For the first time these products are truly designed to work with each other using common management interfaces right across the data centre for our n-tier applications whether on-premise or private cloud. The turnaround started with Exchange 2010 and its leveraging of local storage as opposed to complete reliance on expensive shared storage and extends from there to System Center 2012, the new version of SQL Server following in Exchange 2010's footsteps and technology, Windows Server, Windows 8, the new App-V, Office 365 and not forgetting Lync Sever.
Many of the products in Microsoft new line require us to invest in yet others. Take Lync Server. We may have decided to move from an old PBX system for Enterprise Voice, so we invest in a Lync server infrastructure, we then need Microsoft SQL servers and although we were going to migrate away from it we now have a reason to retain Exchange and upgrade to the latest version. While we are doing that we should probably virtualise using Hyper-V and for management of the whole infrastructure, the one stop shop of System Center suite.

There are many benefits to this approach:

  • A common management interface. All of these products share a common installation routine and web / MMC based tools. Of course we're supposed to be using PowerShell commands for them all and that's a standard across everything.
  • Guaranteed interoperability. With all platforms and applications designed to work with each other there's less time spent on workarounds.
  • Documentation on everything in one place. Microsoft Technet, if we need to know something we just go there.
  • More timely training of support staff. Skills can migrate quicker across applications for the administrators and engineers as many products have shared concepts and terminology.
  • One point of contact for troubleshooting; it's all Microsoft software, we have no one else to be directed to.
  • Less complex environment leading to less downtime.
  • A centralised management and deployment point. Using System Center we can deploy, manage, secure and update our entire infrastructure.
The above benefits feed into a lower total cost of ownership due to requiring fewer support personnel; each staff member can cover a bigger skill base and support multiple products. No more having "the Exchange guy" we now have "the UC guy" and he looks after all of our messaging and telephony. We also don't need to maintain system integrators or hire consultants by the hour to integrate disparate technologies and less downtime ensures less business hours lost through loss of service.

Despite obvious benefits of a homogeneous many organisations don't subscribe to this system and prefer to remain vendor neutral, whatever the case Microsoft will continue to roll out their master plan as we move forward through 2013. I suspect they have many more surprises for us over the next few years.

Wednesday, 23 January 2013

Polycom Lync Phones new simplified config


Polycoms UCS 4.1.0 software release utilises a completely new, and streamlined provisioning process. The Polycom server-based provisioning process is still available for large deployments in which automation is required, but for SME deployments there is a new Out of the Box (OOBE) experience that is greatly simplified over the previous process. For most environments there is no longer any requirement to use the XML configuration files.
 


The new version is capable of downloading a private CA root certificate used by the Lync Server in the same fashion that the existing Lync Phone Edition devices operate and requires that Option 43 for DHCP be properly configured for the target Lync environment and the phones have access to the Lync Server Certificate Provisioning web service.To confirm the currently installed software for your Polycom IP Phone either check on the phone itself, user underneath or access the phone’s web browser interface. To check the software version from the device interface press the physical Home button and then tap the following menu items: Settings > Status > Platform > Application > Main.

This process is now much more inline with provision of Lync Phone Edition devices such as the Polycom CX600.



Saturday, 12 January 2013

Installing .Net Framework 3.5 Feature on Windows Server 2012

When trying to install certain roles on Windows Server 2012 you may need to add the .Net framework 3.5 feature. If you're trying to do this from within the GUI then it will most likely error as the 3.5 framework is now part of what Microsoft are calling Features on Demand.

To remedy this either open an elevated prompt and key the command below assuming the source media is in drive D:

dism /online /enable-feature /featurename:NetFX3 /all /Source:d:\sources\sxs /LimitAccess

Alternatively follow the procedure below to speficy an alternate source path.
1. Insert Windows Server 2012 DVD or iso to D drive.
2. Open Add Roles and Features Wizard.
4. Select Specify an alternate source path link in the Confirm installation selections screen.
5. Path: D:\Sources\SxS and then click OK.
6. Finally click Install button.

You can now proceed with adding your core role.

Thursday, 10 January 2013

System Center 2012 SQL Collation Error

Recently several sys admins have asked me for help with an upgrade to System Center Configuration Manager 2012.
Firstly, although it may seem as though System Center 2012 was designed to be hosted on Windows Server 2012 and with SQL Server 2012 as the backend, this is not the case.
For that you'll need to wait for System Center 2012 Service Pack 1. Grab the beta from here: http://www.microsoft.com/en-us/server-cloud/system-center/sp1-default.aspx.
System Center 2012

To run SCCM 2012 in a production environment today, Windows Server 2008 R2 is an ideal host with SQL Server 2008 R2, Service Pack 1 and Cumulative update 4 for backend.
Iv'e had no issues with this setup in the past.

The second issue people run into is SQL server Collation, SCCM may fail the installation check with the message:

"Installation check of SCCM 2012 fails with: Configuration Manager requires that you configure your SQL Server instance and Configuration Manager site database (if already present) to use the SQL_Latin1_General_CP1_CI_AS collation, unless you are using a Chinese operating system and require GB18030 support"

This can happen not only on production SQL servers with several active databases but on clean installations as well as I have verified.

To change the SQL instance collation, open an elevated command prompt and execute the following command assuming default DB instance name and current logged on user is authoritative:


setup.exe /ACTION=REBUILDDATABASE /SQLCOLLATION=SQL_Latin1_General_CP1_CI_AS /INSTANCENAME=MSSQLSERVER /SQLSYSADMINACCOUNTS=%username%

Then re-run the SCCM 2012 installation check, it should pass the above issue and allow continuation of the installation.

Monday, 7 January 2013

Windows 8, Business ready?

Thanks to an aggressive marketing campaign, no one can claim not to have seen the new "Metro Style" UI shared by both Windows 8 and Windows Phone.
This is the biggest change in a desktop operating system user interface since Windows 95.
Windows 8 - Dell XPS Duo


On the Surface tablet and other multi-touch devices it clearly works and works well with large bright live tiles which launch applications primarily geared toward social media.
I've ran the developer preview on a Zoostorm SL8 since the day of it's release, followed by Windows 8 Pro prior to Surface RT becoming available and I can say that as a web browser and a social application platform it's better than anything else out there. It's a big version of the Windows phone as the iPad is to the iPhone. Microsoft have completely reinvented what it is to be Windows, it offers a great deal more than the i-range with the freshest, cleanest, most modern looking interface to grace the industry to date. And if we were only reviewing its functionality for personal use then that would be it, case closed. Windows 8 and Windows Phone will be a success.

But as Microsoft have consolidated on a single OS for both business and pleasure then it has to work equally on both counts and I'm not sure it does. When showcasing Windows 8 to technicians and admins on desktop machines, their first reaction is to click the desktop icon and drop to that familiar interface. This only delays the somewhat painful transition from Windows 7 to 8. Microsoft have included the desktop to run legacy applications only. Anything written for Windows 8 will run within the new interface only. As we move forward legacy apps will be left behind along with the desktop.

Windows 8 has to work within industry for casual business users as well as serious number crunching apps, currently Microsoft have close to 90% of the desktop market and Windows 7 has sold more than any other Microsoft Operating System with over a billion sales.
At first it seems Microsoft have alienated their dedicated business users forcing them to change the way they work just because they wanted to try something new. But Microsoft have undertaken more research and are more aware of the shifting trends in the market place than anyone. When evaluating Windows 8 on a mouse driven desktop or laptop system designed for XP or Windows 7 it doesn't work. I've had feedback from countess IT managers and senior engineers toting that their organisation will not be adopting it. But this is a very short sighted view and we hear the same cries every time Microsoft change Windows. There are two reasons for this, firstly the IT support teams have to learn a new skill set just as they are getting comfortable with supporting the previous Windows, and secondly all of the end users supported by such teams lodge protests about the change as it prevents them from being as productive. Why change something if it works already?

To balance the argument we need to look at motivation for Microsoft to risk losing some of its lucrative business desktop market. New IT systems and services should only be adopted if they either need replacing due to reaching end of life and are no longer compatible or because they can generate a positive ROI. With Windows 8 it is a bit of both.
To understand the situation we have to realise what Microsoft already know, that desktop and mobile computing platforms we use today are not the ones we will be using tomorrow.
Our computing is becoming more ubiquitous, more portable, easier to interact with.
The mouse and the keyboard are not HCI tools we will be using forever. The next generation of desktop and mobile computing devices will be primarily touch and voice driven with mouse and keyboard secondary input systems and not required for many tasks.

As an example lets look at using a Windows 8 desktop computer with a touch monitor, installed with Microsoft Lync. I wish to call a colleague on his office extension.
I launch Lync by touching the metro icon. It logs me in with SSO, I scroll down my contact list using touch, tap the photo of the colleague I wish to call and tap the phone icon.
I'm in a VoIP call to another worker using my Windows PC and I haven't yet had to use a mouse.

In addition to the new hardware platforms favouring portability, voice and touch, the applications themselves are changing. They leverage features of Presence, social media, activity feeds and connectedness. The office of the future is expected to be a very different place depending upon many services which were once thought of as counter productive, such as messaging, with social networking tools at it's heart.

Windows 8 will help consolidate the diverse deployment technologies currently required and bring better integration with cloud services and while at first it will only be welcomed on tablet devices, eventually Windows 8-like systems will be the destination of all computing devices.



Sunday, 6 January 2013

Office 365 Certifiction, who is it for?

I have been contacted recently by several Microsoft Office Specialists that support information workers wanting to know which resources are best for learning Office 365 with a view to certify at some point in the future. They are currently certified as Microsoft Office Specialist for the 2007 Office System, are aware of  recent changes within the industry and have decided to up-skill.

With the recent hubbub over cloud services it's obvious that people are looking at Office 365 exams; 70-321 and 70-323 as the next step, however for IT staff in this category it may not be the right choice.

Microsoft Office Specialist Certification
Microsoft have ran the "MOS" certification programmes for many years through many iterations of the Office applications. Until the 2010 edition it has confined itself to Access, Outlook, PowerPoint, Excel and Word. With the rise in popularity of SharePoint it's a solid decision by Microsoft to include this with the MOS: 2010 certification giving a total of 8 exams required.

However, the Office 365 certifications belong to the ecosystem of certifications in the professional track. There are two required to provide the full Office 365 Administrator professional series certification:

MCTS: Administering Office 365.
Exam number 70-323 which covers the following learning domains:

  • Administer Microsoft Office 365 (35%)
  • Administer SharePoint Online (31%)
  • Administer Exchange and Lync Online (34%)
Pro: Deploying Office 365. 
Exam number 70-321 which covers the following learning domains:
  • Plan and Implement Office 365 Accounts and Services (20%)
  • Plan for and Configure SharePoint Online (19%)
  • Plan for Exchange Online (20%)
  • Implement Exchange Online (21%)
  • Plan Online Services and Infrastructure (20%)
As can be seen they require detailed knowledge of Active Directory Domain Services, Certificate Services as well as DNS infrastructure and SSO. But theres also a requirement for good working knowledge of Exchange, SharePoint 2013 and to a lesser extent Lync Server. Add to this the Office 365 applications and that the exams require good working knowledge of PowerShell Cmdlets and we have a series of quite tough exams aimed at existing administrators for Microsoft infrastructure and application services and not those supporting information workers.
It's also true to state that the exams centre on larger organisations with thousands of users over many sites, often with Hybrid environments blending on-premise services with private cloud.

For IT Professionals looking to certify with Office 365 to support the SME market it's worth taking a look at  exam 74-324 Administering Office 365 for Small Businesses.

For existing MOS certified staff looking at Office 365 from a support point of view then the Microsoft Office Specialist on Microsoft Office 2010 is the right place to start, specifically exam 77-891 MOS: Microsoft Office 365, and Features.

I'll close with a few links to some of the best Office 365 resources out there at the moment.
First the Official Jump Start videos from Microsoft:

Office 365 Jump Start Videos:

And finally the Microsoft Office PDF by Katherine Murray, Connect and Collaborate Virtually Anywhere, Anytime:

Office 365 PDF eBook: 

Saturday, 5 January 2013

Hyper-V 3 ready to take on VMware

With cloud computing gaining momentum in the market place will Microsoft be the virtualisation platform of choice? VMWare have built their empire doing just one thing, virtualising data centres. They have been a clear choice for most topping Citrix with a great range of products which have seen other vendors playing catch up. One of those has been Microsoft and until I saw the specifications for Hyper-V 3 I would have advised to steer clear of Microsofts' virtualisation technology in all but the smallest of environments.

Hyper-V 3
Released with Windows Server 2008 Microsoft's first attempt at following VMware into data center virtualisation with Hyper-V while innovative lacked many key features essential to success. Hyper-V 2 available with Windows Server 2008 R2 had caught up to VMWares offering but still missed some deal making features.
Let's review a few facts from the VMWare website:

Proven Efficiency:
VMware offers lower capital and operational costs than Microsoft due to VMware’s higher scalability and greater levels of administrative automation.
Third-party analysis (commissioned by VMware) shows that VMware can get 20% higher scalability and 91% lower operational costs.


Proven Business Value:
VMware uniquely solves customers’ business issues leading to greater business value, especially when moving to a private cloud, built on top of a proven foundation.
The result is greater business agility than most company’s enjoy today and reduced business risk by minimising application downtime and security and compliance risks.


While VMWare has certainly been able to claim the virtualisation crown up to this point, with Hyper-V 3 released for Windows Server 2012, we see a service coming of age and ready to take on the best in the industry. Lets look at a few key areas:

Scalability:
Hyper-V now supports twice the number of logical processors (320) and RAM (4TB) per host than VMWare, double the number of VM's (1024) per host and double the maximum clusters per node (64). Certainly on this statistic Hyper-V scales much higher.

Storage:
With Hyper-3.0 a new virtual disk format (VHDX) is introduced that is capable of supporting virtual disk upto 16 TB, against standard market support of around 2 TB, and it runs on Microsoft's SMB 2.2. It can leverage file shares as storage destinations with four-node active-active clustered file servers, providing simultaneous access to file shares. These enhancements fuel the virtualization of Tier 1 applications and are critical for an enterprise-class virtualization platform.

Networking:
Both Hyper-V and VMWare offer similar features, though the distributed switch offered by VMWare is an advantage for Cloud infrastructure as it ensures standard configuration of  virtual switches across all the servers in your cluster. However Hyper-V 3 supports policy-based, software-controlled network virtualization crucial in the cloud era because everything is about policy-driven automation and orchestration, all key enablers of infrastructure-as-a-service deployments. In addition Cisco supports Hyper-V on the Nexus 1000V.

Memory:
Though Microsoft has caught up with VMware memory management techniques
by introducing Dynamic memory, Ballooning and Memory over-commit similar to VMware, VMware offers TPS, Memory compression and resource sharing which all benefit larger environments. VMWare is still ahead in this area.
Clustering and Availability:
Hyper-V offers shared-nothing migration. But VMware offers Fault tolerance and Metro Live migration (migration across long distance with less latency). Share-nothing migration can be achieved , but for this the VM needs to be powered off.
Secondly, the cluster configuration process is simpler for VMware. But Microsoft now have Hyper-V Replica a new feature of Hyper-V 3 which is comparable to VMware Fault Tolerance. It will asynchronously replicate virtual machines from one Hyper-V host to another over an IP network. Additionally this process is configured at the VM level. Add to that Fail over clustering which is able to support 64 nodes and as many as 4,000 VMs and we have continuous availablilty.
Licensing:
Both licences are offered per processor, for Hyper-V it's $4,809 and for VMWare $3,495 (may vary). VMware imposes a 96 vRAM entitlement on its Enterprise Plus edition. Microsoft doesn’t place any restrictions but limits virtualisation rights. Datacenter can create unlimited VM’s. Standard allows only 2. An advantage of Datacenter licence is you can run an unlimited number of virtualized instances of Windows Server on processors without purchasing additional licenses.
Application:
VMware supports more than 85 guest Operating Systems while Microsoft supports around 25 and primarily their own platforms. ESXi 5 is around 144 mb vs Hyper-V's 9.6GB footprint and has a lower attack surface. Windows Server on the other hand being general purpose has a high attack surface, also Hyper-V is an added role to Server 2012 and not specifically designed for Virtualization purpose.

Microsoft have made huge leaps and in a short time scale but still have a way to go to take significant market from Vmware.
Remember VMWare have been virtualising Servers since 2001, Microsoft's first serious attempt wasn't until 2008, they have come a long way in that time and have the resources to throw a lot of development $'s at it if need be.

If you are a Microsoft shop then Hyper-V  may be be the better choice as it's designed for that ecosystem and it sits well with their cloud management tools such as System Center suite.
Also if you are a smaller organisation looking for a cost effective way to ease into the virtualisation space then Hyper-V is also the better choice.
For more diverse environments though, for now VMware is still the market leader but watch this space because Microsoft are accelerating much faster.