Shep’s Pondering’s

Windows 7 now supports the ability to have your own graphics as the background for the login screen, without purchasing a third-party application.

Granted it is turned off by default, which means a regedit is required. The place to look is

HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background

And the Dword value to add is

OEMBackground 1 is for enabled 0 for disabled.

Once this has been set you need to create two folders and load some images.

The place to create the folders is from %windir%\system32\oobe\

The folders to create are info\backgrounds

The following files are supported in this folder.

• backgroundDefault.jpg
  
• background768×1280.jpg
  
• background900×1440.jpg
  
• background960×1280.jpg
  
• background1024×1280.jpg
  
• background1280×1024.jpg
  
• background1024×768.jpg 
  
• background1280×960.jpg
  
• background1600×1200.jpg
  
• background1440×900.jpg
  
• background1920×1200.jpg
  
• background1280×768.jpg
  
• background1360×768.jpg 
  

Note1 – file size has to be 256kb or less
Note2 – the file used will be the resolution of your Primary Monitor. If a resolution specific image is not found it will stretch to fit the backgrounddefault.jpg file.

If you’re not worried about the stretch to fit, and don’t feel comfortable making the regedit, there is a quick and dirty way to accomplish this, simply replace the backround.bmp file at %windir%\system32\oobe\.

Once the file is present it will automatically load, press CTRL+ALT+Del and you will see your new background.

Enjoy!

(Credit needs to be given to Rafael and his Within Windows Blog —-Thanks Raf!)

• Leave a comment...

By default the number of ports the mediation server will use is 4000 in the range of 60,000 to 64,000.

This is to allow for 1,000 concurrent users. I had an issue opening up this many ports both udp/tcp.

Especially; if we are no where large enough to have 1,000 concurrent users on the system.

So I lowered ours settings down to 400 ports, range 60,000 to 60,400. This will allow for 100 concurrent calls. I then only have to open up 400 ports, much more acceptable by myself and our security team.

This option is set in the Graphical User interface, under:

Forest->mediation Server –FQDN (Mediation Server)

Right Click -> properties (you should see the screen below)

* As noted in the Media Port Range Server Allocation

• Leave a comment...

Exchange 2007 Deployment

This month we have started the Migration over to Exchange 2007. We built the infrastructure, have set the Best practices Options. We first moved over three people, and two resource accounts. This showed us some small issues that needed to be fixed. The first one that showed up was the lag the client was showing. This wasn’t a good thing, since we had 5 mailboxes on it, it was specked for 4,000 and it was showing almost an unusable latency. We diagramed the path, and we realized we were making 13 hops for each client, every time it made a connection to the Client Access Servers. We were able to eliminate half the hops by moving the Electronic Messaging AD site behind the same firewall as our load balancers.

The second issue that showed up was that the Free Busy for 2003 users wasn’t being replicated to the 2007 environment. This is still an open issue, and as more people move over to the 2007 environment it will grow exponentially.

We moved over 30 People to the 2007 environment, this is to allow us to be able to gauge any further issues. We even moved over to iMac people to help show any issues using Entourage. So far the main complaint has been the free busy. Next steps are to get the mail routing through the Hub Transport servers.

We did attempt a DR scenario, we were looking to have the ability to use Database portability, to help recover from a server crash. This was a great opportunity to see where we need to adjust our expectations. We also need to get DR stuff in one location to help facilitate the availability of those items. One of the biggest problems found out was that the media that had been burnt was not usable. It crashed at 99%, and not having a second physical copy or an ISO on my laptop pushed any recovery time out 45 minutes as I download the ISO again.

Office Communications Server Pilot

We went into a Production pilot; this is an Office Communications Server R1 installation. Once we moved into this environment, there was a need to move the Mediation Server, the SIP gateway and the Exchange Unified Messaging role. This would enable the pilot users to use Enterprise voice and voicemail. This installation will be scraped in April as we move forward with Office Communications Server R2 engagement with Enabling Technology.

With the move of the Electronic Messaging AD Site behind a different firewall gave us e the ability to tighten the firewall rules. Most issues that have been perceived have been a closed port on the firewall that before a catch all rule was enabling.

• Leave a comment...

Dial Plans and Location profiles. These can be the bain of your existence; you try to give them meaningful names so they remind you of what they do. The one thing you need to remember if you are tying enterprise voice to the unified messaging system is that they have to have the same name. Therefore, it must contain no more than 256 alphanumeric characters and must not contain spaces or special characters other than hyphens (-) or periods (.).

The other big gotcha in or environment is that we are in a slightly disjoined named space. This made it necessary to modify the ExchUCUtil.psl file. By default it will go to a Global Catalog server in the domain that the universal groups are defined in. This in our environment is not the same domain that the Exchange servers are deployed in.

To fix this issue I made the change to point the cmdlet to a specific GC by changing these lines.

•  $globalCatalog = $entry.psbase.Properties["rootDomainNamingContext"].Value;
   $entry.psbase.Path = “GC://” + $globalCatalog
   write-host Using Global Catalog: $entry.psbase.Path
  

   Put a # at the beginning of the second line and add a new line to point directly to a GC that exists on your domain1.com.
  

   For example:
  

   $globalCatalog = $entry.psbase.Properties["rootDomainNamingContext"].Value;
  # $entry.psbase.Path = “GC://” + $globalCatalog
  

  $entry.psbase.Path = “GC://myServer01.domain1.com”
  

  write-host Using Global Catalog: $entry.psbase.Path
  

   This assumes you have a GC called myServer01.domain1.com. Save the file, and run Get-UCPool.ps1
  

  Once this was changed the command ran appropriately. Creating the appropriate Access lists needed to connect the servers.
  

  (found this at Technet forums thanks Ray Fong for this answer.)
  

   

  After creating aN Auto attendant to answer the calls, we now have unified Messaging answering Voicemail through Office Communications Server.
  

   

  
   

• Leave a comment...

Unified Communications

The Unified Communications project has started to take off. We were commissioned to get 1000 Users on a Production pilot by January 2009. This will take a lot of coordination, and focused effort, but is an obtainable goal. We have set up a weekly meeting with the Medical Center to work through AD and Exchange issues. This is due to the joint and AD environment. We agreed to have the test environment ready to go by the Middle of October, with the production AD ready by the first week of November. Over all, the concerns were mainly about training and co-existence; both of these issues have been addressed.

We met with the UC representative from Microsoft to apply for the Lighthouse program. We looked over our current infrastructure and found that we are not as far off as we thought we would be. One thing that was brought out of the meeting was the redundancy of the mediations server. The Microsoft representative is to supply the answer for that design question.

Exchange Training

Brought a trainer onsite to help transfer skill sets from exchange 2003 to exchange 2007, the first three days was based on labs, and lecture. There were small tid bits that were brought out of what would have to happen in a co-existence phase and user migrations. Mainly that the user object would have to be migrated from a legacy user to a full 2007 user, this will have to be also done for resource rooms to make them true resource account for Exchange 2007.

Octel Replacement

This project has been through many different evaluations. The newest avenue is a co-existence between two voicemail systems, the new system to help do ECP’s and a Unified messaging system to do voice mail. The biggest issue is that Microsoft has made their system hard to co-exist with. So the way to transfer messages between the systems will be via smtp. This is an acceptable solutions so now we are revisiting the solution for a Hybrid.

Fax Server replacement

This project has been on the back burner for a while, I have started the build of a new OS on Fax Server2. This needed to be done to get a New Right Fax installed, and to help clean the OS up from the numerous test projects it has been on. Also the IP was needed to be changed to the .7 network and not the .115.

• Leave a comment...

Octel Replacement

This project is intersecting more and more with the Unified Collaberation Initative, in multiple ways. The push for a unifed environment has driven the project team to engage in discussions with other univeristes on their deployments of Office Communications Server and Exchange 2007 Unified Messaging. Even though this has been one of the four candidates, there seems to be some lack of functionality in the young product. So we are back to discussions of how other vendors will be able to integrate into the Unified Communications environment.

Office Communications Server – Proof of Concept

Seems the snowball has gained momentum. This month there was a huge push to get integration into the IPBX. We have some functionality, using the Dialogic 2060 sip gateway; we are still looking at routing issues that can cause one way voice communications. The issue seems to be a timing problem on the PBX and we are looking for a patch for it.

We now have 41 users on the POC, all at different levels of service, ranging from full Unified Communications, to just instant messaging and presence.

The team produced a small video displaying the agility and spontaneity that can be gained from the use of Unfired Communications. This four minute video has been showed to different groups to gage the interest in such a project. There seems to be a large interest in this technology.

Microsoft Unified Communications – Production Pilot

The other initiative is to get the schema changes into the Production Active Directory. To accomplish this we deployed the schema changes into the MS-Test environment. We also deployed a working OCS Standard server into that environment, to help identify the attributes that will be needed for the development team to automate activations.

After two weeks of life in the MS-test environment, we were able to make the schema changes into the Production Active Directory, there were some hurdles in this deployment, most of them have to do with the locked down security model of the root domain, and being able to add attributes into the child domain using the Enterprise Administration roles.

We have also set up meeting with Microsoft and one of their Partners to help validate our Design, and to gain us entrance into the MS Lighthouse program.

• Leave a comment...

Proofpoint Upgrade

This month persistence has paid off; we are finally on version 5.03. With that persistence has come a few problems mostly the way the custom rules are read. It seems one of our rules was the culprit on why the machines kept restarting the filters. Once that rule was removed, performance was again stable.

Office communications Server and Unified Messaging

This month my priority has been changed to get this up and running in a full featured model as quickly as possible. Microsoft’s documentation on the products is not the most informative and easy to follow. Certain documents omit the information on certain roles you must have in your AD, like a mediation server, or an audio/visual edge server. Once we found out all the servers we had to have to get a full functioning pilot, there came the issues of configuring them.

Integration OCS and Exchange 2007 takes two steps…..there is the EXUMutil tool that needs to be ran on the Exchange side, and the OCS side there is a utility called OCSUMutil.ext. The one on OCS was the part that I was missing. Once that was ran, I could get to voice mail!

Normalization of the dialing patterns that the mediation server passes to the sip gateway was probably the hardest part of the configuration. Even though the normalization rules can use .Net regular expressions….you have to know them to use them. Luckily there were a lot of blogs out on the web explaining the syntax. Also the tools in the OCS resource pack helped out. The Enterprise Voice route Helper program helped eliminate most of the confusion, and even allowed for testing of the pattern before implementing. Bravo for the programmer that wrote that tool!

We are slowly working on the issues, but as of now, we have exchange 2007 email, voice mail, outlook voice access, Office communicator integration, presence, live meetings, and Outbound dialing. All in all it has been a pretty productive month, at least on this project.

• Leave a comment...

Octel Replacement

This month has been more of a refinement of each of the vendor’s proposals, to compare them side by side. Each vendor has different strengths. A new twist that was thrown at the team is a full exchange 2007 implementation of Unified Messaging to handle the voice mail. This new direction from management has led the team to re-engage one of the vendors who withdraw early. This also has brought the comparison of the other three vendors to a halt while we do our due diligence. This impacts the OCS prototype project.

OCS Prototype

I tried to rebuild the OCS server this month; all do to the address book synch issue. Found out a lot about the issues that are incurred when you remove a OCS server from the environment. Also found out that you need to be familiar with the lcscmd.exe command tools. This commandlets let you do everything from install a role, to unprep the forest. When I finally had it totally removed from the environment, I re-installed the standard edition, on an all in one server. Reinstalled the certificates, re-enabled the users. Now the issue with the address book has changed, it is now a 403 error.

Exchange 2007 prototype

Working on the exchange prototype, I installed the forefront software to get anti-virus support, and started a local backup process to backup the database in case of hardware failure. The major change to this project is the new requirements that are surrounded with the integration of OCS and VoIP into this prototype. This means two new servers will need to be installed. These are Unified Messaging role and the Edge server role. These will be done over the next couple of weeks.

VUexchange Quota Increase

We have had movement on this project, we are moving to a 1gb quota on our exchange system. The hardware has been ordered, and has been shipped. We should be getting them in over the next couple of weeks. We will be doing a more stringent design this time with 1 store per lun, and fewer mailboxes. This will give the iops that Exchange 2003 needs to perform well. We will not only be distributing the load over more stores, but we will be adding more machines to the DR site also.

Listsrv replacement

This project has been repeatedly pushed back on the back burner, mostly do to resource contention. Other projects have taken more urgent priority, but we did have some movement. We came to the decision that we want to keep the same name and addresses for the lists, this helps with the design decisions. We also know that we need to have admin training before deployment because of all the new features that will be available to the community.

Mail FrontEnd Replacement (lifecycle)

The replacements have been ordered, and are on site. We will be looking at putting these behind the CSM, with different options depending on what is found out about the vip to vip communications issue. This is a pretty straightforward replacement.

• Leave a comment...

Exchange 2007

Migrated the vm’s off of the DEV cluster and onto the new ESX server (behemoth). This was in the thought that the pop-ups experienced by Scott Hogan and myself were due to resource constraints. Even though the servers have moved, there is a considerable fewer pop-ups but they have not disappeared altogether as we would have hoped.

Office Communications Server

The issue of automatic groups has caused me issues this month. The beta tool I was using now crashes after a MS patch. Not sure if the tool is being updated, but have not seen a OTC tool yet on the market. Have been researching the method that OCS integrates with Outlook, to try and see if we can get conversation history without moving to the exchange 2007 server.

Octel Replacement

This project is now down to the proposing of a solution to management, We have decided on the one we will suggest, and have pros and cons for all of the vendors to help explain how we came to the outcome that we came to. This should be proposed in the next couple of weeks.

ProofPoint Lifecycle

The new p845 appliances were put into production, as mailgate02, and mailgate03. This was done after hours, and consisted of taking the old hardware out of the cluster and bringing up the new hardware as the old server names. This allowed us to get the benefit of the new hardware in production before the upgrade to 5.03. The next step is to raise the ratio of mail distribution to a 3:1 ratio favoring the new boxes to see if they perform as expected.

IPhone Beta Testing

At first receiving the IPhone for testing I was pretty sure I was going to hate it, but I have been pretty surprised. The biggest complaint is the ability to dial via voice command; it is hard to find a contact and drive at the same time, the touch screen doesn’t like the bumpy interstate systems. The best feature that I like is the ability to actually read email on the device. Depending on the settings that are set for font size, it is very easy to read. If they get the horizontal screen working it will be even easier to read.

Exchange 2003 Performance redistribution

This month we brought down the mailstores on mailbe16, consolidated them down to one mailstore per storage group. This brings the databases in line with one database per disk lun. This should improve the performance on the read/write times. During this migration, we came across a couple issues, the main one being that I do not have access to move certain accounts. This proved to be frustrating when it came time to bring down the old mailstores.

Over all this month was a lot of changes, most of them pretty significant. The impact to the user base was considerable, but the some of the maintenance had been put off for over a year due to Email Oneness., while the other changes were due to lifecycle replacement.

• Leave a comment...

System Center Operation Manager 2007
This month was a lot of activity on SCOM. A new workflow was created. There is now New, Acknowledged, Work In Progress, Pending OverRide and Closed. Along with these new workflows, aging was set up. If a Message sits in the new que for 10 minutes it sends an email. If it sits in acknowledge for 30 minutes it sends an email. If it is moved to work in progress an email is sent to Magic/BNC to create an ticket. At all stages an email is sent to the windows Team lead.

Next step is working on a procedure that explains the workflow.

Mailgate Load Balancing
This project is moving forward pretty well. The team has set a date of Dec 20th for migrating behind the CSM. There are some steps that need to be done ahead of time. These are being created into tasks. The big task is testing the vmdk for a virtual machine. IF the vm doesn’t work it will be a big bang event. It can happen either way, but a big bang event takes a lot more involvement of different teams in a very tight schedule. Defitently prefer to do this one at a time with VM’s/

Octel replacement
Octel project is down to sending out a RFP. We are going to bring in 6 vendors to let them pitch their solution. Over all there are 3 that need to be seen, because they are the big leaders. Another one is a new player in the market, with a call center style system. This can handle up a million mailboxes on their large end. We fall in the middle tier, while on other solutions we are on the extreme high end.

Exchange Patching
Exchange patching went well this month. We updated all the patches, including IE 7.

Proofpoint Support
This month there has been a couple incidents of boxes on our network sending out mass emails. Both times the NOC notified the oncall, and with in minutes we were able to assess the situation and either block them at the firewall level or the local level. The total interruption due to Max deamon errors, was less then 10 minutes both times.

Security Event Support
Another item that has been increasing each month, is time devoted to doing ediscovery or security related searchs. As these become more prominent and time consuming, either someone will have to have time devoted or project will have to suffer.

**Note there was a crash of word that took 10minutes to find an ASD file. Word didn’t autosave like it was set up to. Not sure if it was due to being a blog instead of a doc. Format. Will have to investigate this.

• Leave a comment...