I’ve always been intrigued on the idea of streaming my own music collection from my home server, so I decided to write this post on technology which can make this happen.  If you’re running any version of Server 2008 other than the version for Itanium-based systems, you have the capability of using Windows Media Services and/or IIS7’s Media pack to stream your audio / video (media) content. What’s the difference and which should I use?

Windows Media Services – This enables you to stream media using the “mms” prefix in your player of choice and this method is commonly referred to as a media streaming server. You have the ability to broadcast media or setup on-demand publishing. To make this work, you must install the Media server role and after this download and install media services.

Some key benefits over IIS7 Media pack

• Stream content using multi-cast
• Proxy/Cache the stream and other options for bigger scale streaming operations
• Broadcast media in addition to on-demand playback
• More efficient utilization of network bandwidth by adjusting to network conditions

File formats supported : .asf, .wma, .wmv, .mp3 (with use of the MP3 media parser plug-in & doesn’t support VBR files), .jpg, .nsc, .wsx

Media Pack for IIS7 – This enables you to stream media using a method referred to as progressive download (or using a web server), This means the media is downloaded to the client machine, playing via some type of a client such as Windows Media Player, and often beginning to play before the file is completely downloaded. This method only allows you to setup on-demand playback.

The media pack includes two components: Bit Rate Throttling and Web Playlists; both of which must be installed separately on top of IIS7.

Benefits over Windows Media Services

• Additional file formats officially supported for .avi, .flv, .mov, .rm, .mp4, and .rmvb with throttling, but any file format could potentially work.
• Easily push out the configuration using the shared hosting capabilities of IIS7
• Granularly configure bit rates for specific files/folders
• Delegate permissions for others to modify the settings for specific files/folders

File formats supported: .asf, .avi, .flv, .mov, .mp3, .mp4, .rm, .rmvb, .wma, .wmv.

Conclusion: If you have a very large amount of content you want to stream, then you’ll definitely want to use Windows Media Services due to the options available to scale and save bandwidth. However, IIS7’s media pack may be the right option for you if you’d like to stream the additional file formats and gain all of the benefits of being integrated with IIS7. For another great comparison between the two media streaming methods, see Chris Knowlton’s blog post.

Get started

IIS7 Media Pack - Bit Rate Throttling
IIS 7 Media Pack – Web Playlists
Windows Media Services Deployment Guide
Changes in Functionality from Windows Server 2003 with SP1 to Windows Server 2008 (http) (doc version)

I met up with Stephanie Cheung, the program manager for active directory backup and recovery and we discuss:

• What restartable AD is and when it is appropriate to use it
  • Good for usage when you want to recover deleted objects without rebooting
  • Bad for when you need to do a "bare metal" restore or have database corruption
• Thoughts around when to do a "Dcpromo /forceremoval" versus restoring from backup.  This includes discussion of restoring using install from media (IFM) and IFM for an RODC.
• What the database mounting tool (DMT - old name "snapshot" tool) does and some ideas on what we're going to do to make recovery of deleted objects easier using DMT.
• A best practice around preventing deletion of objects in AD (including the new "Protect object from accidental deletion" checkbox for objects).
• Future thoughts for AD backup and restore, such as reducing forest recovery time
• General disaster recovery tips

Virtualization is getting a ton of attention right now, and it’s a great way to compartmentalize apps so you can better control resource consumption.  It’s not the only way though.  You can easily control how CPU and RAM is doled out to users and apps using Windows System Resource Manager (WSRM)

Windows System Resource Manager

What is it?  Some apps are well behaved and only request and use as much RAM as they really need to run, others look at what’s physically available on a server and take it all.  WSRM allows you to throttle CPU and RAM resources – allowing you to limit particular apps from consuming more than say, 20% of CPU time and 256MB of RAM.

Can I manage only apps? Nope, there are a few ways you can limit resources:

· Per application (process)

· Per IIS application pool

· Per user

· Per session

The last two items are particularly appropriate for a Terminal Server environment.  You can keep one user from monopolizing all the resources on your server.

What if I only want to manage resource usage at certain times of day?  You can totally do that.  In addition to scheduling, you customize resource management with other criteria like system events and exclusion lists.  It’s all manageable by policy as well!

But I can have resource management happening all the time on my servers?  Ok, there’s one minor caveat.  CPU throttling doesn’t actually kick in until the server is above 70% utilization across all CPU’s.  Below 70% though, means there’s not really contention for resources, so it’s no big deal.

Well, how do I get it?  Well, first you install it.  It’s a feature on Server 2008, so just go to Server Manager and Add Feature – Windows System Resource Manager.  It’s installed as a service, so you need to start the service  (and, presumably, set it to auto start) after you install it.  After that, you can run the WSRM console, and start adding rules.  You can also use the built in Resource Allocation Policies to do some default management (on a Terminal Server, you’d use the equal_per_session policy to make sure all users share resources equally, for example)

Ok, this is cool! I know, that’s why I wrote about it.

Get started

TechNet Library WSRM page

How to Add Rules

On this episode of TechNet Radio, we talk with customers at the April 1 Heroes Happen Here launch event in Seattle, WA. Tune in and hear what attendees are excited about and what you can expect at a launch event in your area. We also have our April 2008 Security Bulletin.

In part 2 of this interview, we cover:

• Reasoning behind why the specific account lockout and password policy settings were chosen in the guide
• General tips (using the appendix when you have a problem and check out the Threats and countermeasures guide)
• How to the guide helps implement the granular AD auditing capabilities in WS 2008.
• Demo of the security solution accelerator

For part 1, click here.  
You can download the Windows Server 2008 security guide here.

In part 1 of 2 for this interview with the program managers of the security guides Jose Maldonado and Vlad Pigin, and test lead Bora Gaurav we cover a number of topics including:

• What the differences are between the 2003 security guide and the new Server 2008 security guide
• What are some of the "deal killers" for most people to be able to run in the specialized security limited functionality (SSLF) mode versus the Enterprise Client mode (EC)
• Briefly go through the basic steps to implement
  • Establish an acceptable security baseline (EC or SSLF)
  • Run the GPO accelerator tool to deploy the baseline
  • Deploy the server roles (if you haven't already done this)
  • Secure the individual roles using SCW / GPO accelerator tool / guide & checklist
• How to implement the guide using a different OU structure than mentioned in the guide.

You can download the Windows Server 2008 security guide here.

On this episode of TechNet Radio, We come to you from the April 1^st Heroes Happen Here Launch event in Seattle, WA.

As a tool to manage end user desktops, Group Policy is very powerful, but how many times have you wanted to manage a users printer settings or drive mappings and not been able to do it outside of a script? How about the challenge of copying a set of files or a registry change for a set of computers? Again Group Policy isn’t the best answer and we are forced to scripting. Well let me introduce you to a new feature in Windows Server:

Windows Server 2008 Group Policy Preferences

Who’s it for? IT Professionals who manage desktop systems.

What is it? Group Policy Preferences allows IT Professionals to manage operating system and application settings via centralized Policy previously unavailable via Group Policy.

What can I do with Group Policy Preferences? There are too many items to list here (over 20 new policy extensions) but some of the items available for configuration are:

· Create, replace, update and delete files, folders, and .ini files on destination computers.

· Create, replace, update, and delete network drive mappings.

· Create, replace, update, and delete registry settings on multiple computers.

· Configure ODBC data sources! That’s right you can create, replace, update, and delete for both user and Computer ODBC data sources. This is one item that regular Group Policy lacks.

· Remote networking options such as VPN Connections and Dial Up Networking and then target the configuration specifically at mobile PC’s in your environment.

This sounds an awful lot like Group Policy. What’s the difference?

It really comes down to enforcement. Group policy strictly enforces policy settings. When Group Policy is processed settings are written to the policy areas of the registry and then secured via ACL that prevents users from changing them. If a user does change the setting, periodic policy refresh intervals reset the settings.

Group Policy Preferences do not strictly enforce preferences. Preferences are not written in the policy branches in the registry, they are written to the same locations in the registry that the setting would be written to if the user themselves made the change. Because of this model, preferences can support features and applications that are typically not Group Policy aware. Group Policy preference settings are also not secured via ACL’s that prevents the user from changing the setting. This allows you to set a particular preference one time and then allow the user to change it, or you can have the preference refreshed using the same interval used by Group Policy.

There are also significant differences in how you are able to filter or target Group Policy Preferences. In regular Group Policy you are limited to filtering using WMI and those filters determine whether the entire GPO (Group Policy Object) is applied. You cannot specify individual settings within a GPO. Group Policy Preferences support item-level targeting. Imagine a policy that has 50 settings and each setting can be targeted on criteria such as IP address, if that machine is a laptop or desktop, security group membership and so on. Group Policy Preferences then becomes a very powerful tool to manage desktops.

How do I get Group Policy Preferences? Group Policy Preferences are available in the GPMC on Windows Server 2008 systems and also available to run on Windows Vista with the release of the Remote Server Administration Tools.

What systems can I use Group Policy Preferences on? In order to take advantage of Group Policy Preferences, the following clients require the installation of the Client Side Extensions (CSE’s) that have been released as separate downloads (hyper link leads to the download site for the CSE). Windows Server 2008 ships with these extensions already installed.

· Windows XP 32 Bit

· Windows XP x64 Edition

· Windows Server 2003 32 Bit

· Windows Server 2003 x64 Edition

· Windows Vista 32 Bit

· Windows Vista x64 Edition

In closing: Group Policy Preferences comes at no added cost and are available to use with NO TRAINING to the IT Professional. A simple user interface allows for easy configuration of policy preferences helping to decrease the configuration errors that are common when deploying and managing desktop systems. With over 20 available settings with the flexibility to filter and apply settings to specific users, groups, computer types and more the IT Professional has a new tool that will help reduce the reliance on logon scripts and fine-tune settings for users and computers in users organizations.

Get started:

Check out the Edge screen cast here.

The essential resource for Group Policy Preferences is the Group Policy Preferences White Paper.

A FAQ is also available.

1. Copies Setup sources to the local hard drive.
2. Dynamic update runs to check for updated setup files and compatibility database updates.
3. Checks to ensure that the source operating system is supported for an upgrade.
4. Presents the compatibility report to the user. The report provides details about any applications that must be uninstalled or that may cause problems after upgrading. The report also recommends backing up the server before continuing.
5. Dynamic update runs to check for updated system components and drivers.
6. Unpacks the image file to the local hard drive.
7. Identifies system data including operating system state, user files, and drivers. The operating system state is identified based on upgrade manifests that are authored by Microsoft.
8. Extracts the WinPE boot files to the local drive.
9. Restarts the server.

The upgrade engine performs the following actions from within WinPE:

1. The server boots into WinPE
2. Files marked for gathering are moved to an in-place transport directory.
3. Moves operating system binaries from the source operating system into quarantine.
4. Collects SID and local account data.
5. Installs a language-neutral version of the operating system.
6. Installs a language-specific MUI package.
7. Installs any optional components that are needed for parity with the source operating system.
8. Configures access control lists.
9. Installs any updates collected by dynamic update.
10. Apply SIDs, computer name, and local accounts to the server.

Specialization phase

1. Installs Plug and Play drivers.
2. Creates user profiles for the user accounts on the source computer.
3. Applies machine-specific operating system state.
4. The upgrade engine migrates data to the new installation including the following:
5. Applies the operating system state that was captured by the upgrade manifests
6. Applies settings from the unattend file (if an unattend file was provided to Setup).
7. Deletes files from the quarantine directory that were from the source operating system. Restarts the server.

Application Compatibility Checks

Because upgrading to Windows Server 2008 may cause problems for certain applications, a message is presented to all users through the compatibility report that is shown after you initiate the upgrade. If necessary, the report will recommend the appropriate action before upgrading. To verify software compatibility on the Windows Server Catalog and to download tools and documentation, go to http://go.microsoft.com/fwlink/?LinkID=85172.

If software isn’t supported on Windows Server 2008, or if the software vendor does not support software that is installed during the upgrade of the operating system, uninstall that software before you upgrade. If you do not uninstall the software, your system will be unsupported, the software might not work, and software settings or other information might be lost.

There are several different types of upgrade blocks within the compatibility report. The database used to identify applications to block is shared with Windows Vista and does not generally cover server applications.

The types of blocks that you may see are:

• Upgrade hard block: These blocks prevent the upgrade from continuing until the issue causing the block is resolved, which may be a bad driver, incompatible source operating system or known bad applications (malware, for example). Users can not circumvent a hard block.
• Upgrade soft block: These blocks recommend against upgrading without taking preventative measures or validating that a software vendor has provided an upgraded version for the new operating system. Users can choose to continue past a soft block, because there is no known risk of upgrade failing with the application installed.
• Program Compatibility Assistant hard block: The Program Compatibility Assistant is a runtime mechanism which can prevent applications from running on the system. The process is prevented from loading, and the user can not circumvent the block.
• Program Compatibility Assistant soft block: The Program Compatibility Assistant can also provide a soft block which advises the user that the application may not run successfully without being updated. Users can still choose to run the application and continue with the upgrade.

Changes that May Impact Your Applications

Because of the differences in the upgrade process in Windows Server 2008, it is possible that pre-existing applications will not be authored in such a way that they function predictably post-upgrade. Most will just work, but there are specific changes that application developers should be aware of, and which may necessitate testing or patching.

The Quarantine Directory

During the collection phase, the upgrade engine goes through all system folders that need to be recreated in the new operating system. When booted into WinPE, the upgrade engine moves files into the quarantine directory that 1) are not listed in upgrade manifests and 2) are located in places that conflict with the new operating system (for example, %SystemRoot% and %ProgramFiles%). These files remain in this directory throughout the upgrade, so that they can be restored in case of a rollback.

However, in addition to making a rollback possible, the quarantine also serves as a safety net. It prevents permanent data loss of any files that have been gathered by the upgrade engine. When the upgrade is complete and the rollback has been disabled, the quarantine is purged -- that is, files are deleted from quarantine if the upgrade engine determines that they were from the source operating system (user data files in the quarantine directory will not be deleted).

Consequently, if an application is unable to find particular files, they may have been moved to the quarantine directory during the upgrade process. The structure of the quarantine folder (%SystemDrive%\$WINDOWS.~Q) mirrors that of the source operating system, beneath a subfolder called “Data”. For example, user profiles are stored at %SystemDrive%\$WINDOWS.~Q\Data\users\<username>. Application developers should expect that files installed to common system locations may end up in the quarantine directory after the upgrade.

Folder Hierarchy and Names

Windows Server 2008 has a different default folder hierarchy than any of the previous operating systems that you can upgrade. Specifically, note the following two changes:

• Windows Shell. Many of the standard Windows folders are now under different paths. For example, the path for My Documents in Windows Server 2003 is C:\Documents and Settings\username\My Documents while the path for the same folder in Windows Server 2008 C:\users\username\Documents. The new folder structure is determined by querying the system for constant special item ID lists (CSIDLs). CSIDLs are a system-independent way of checking where a special folder is located. CSIDLs have been supplanted in Windows Server 2008 by KNOWNFOLDERID, but are still used when upgrading from a previous operating system.
• English folder names. Non-English versions of Windows Server 2003 sometimes contain folders with CSIDLs that have localized folder names. In Windows Server 2008, the same language installation will now have English language folder names.

These changes are mitigated by directory junctions. Directory junctions are hidden redirectors that translate requests for the old system folders to the new directory structure. This process is typically seamless to applications that rely on the old paths, but you should test this to ensure the hidden directors work for your application.

If the source operating system is not English, directory junctions will be written to remap the English namespace. For example, a German operating system which once pointed to C:\Dokumente und Einstellungen\<username>\Eigene Dateien will now utilize an equivalent folder in Windows Server 2008 found at C:\users\<username>\documents. Consequently, a directory junction will redirect any requests for the original folder. So, in English and non-English computers, the junction will have the same target folder, but the source folder may be different.

The upgrade engine will also write additional directory junctions in some situations. For example, if a user upgraded to Windows Server 2003 from Windows Server 2000, the operating system folder may be called \WinNT, so calls to \WinNT would be redirected to the correct system folder in the new installation.

Unsigned Software in x64

In the x64 version of Windows Server 2008, any kernel-mode software (for example, drivers) that runs on the computer must have a signature, which is referenced each time the operating system is started. If a piece of software is not signed, it will not be loaded. This prevents unknown kernel-mode software, such as many low-level viruses, from compromising a computer.

Previous x64 versions of Windows Server did not require signed drivers, which creates a challenge when upgrading to Windows Server 2008. Because security is a primary concern, the upgrade process for the x64 version of Windows Server 2008 contains additional steps and considerations . The upgrade engine performs the following actions in addition to those in the initial phase (Step 1 in the Detailed process section):

1. Copies any necessary in-box signed drivers to the local hard drive.
2. Dynamic Update downloads a list of available signed x64 drivers that are not available in-box. The actual driver packages are not yet downloaded.
3. Scans kernel-mode software on the source operating system to determine whether each is signed. Unsigned drivers are compared against a local catalog file to see if Windows Server 2008 contains a signature that can be used to validate the driver.
4. If unsigned kernel-mode software are found, they are displayed in the compatibility report. The upgrade may be blocked, but you can provide signed drivers to the setup engine at this time.
5. Downloads any driver packages (which were identified in Step 2)
6. Gathers any valid driver packages in the source operating system for installation during the specialization phase (Step 3 in the Detailed process section). Valid packages are any that have either been signed or are unsigned but have a valid signature in the operating system catalog file.

Because of how upgrade works with x64, one risk for software developers is the disabling of kernel-mode application drivers, as used by many firewall, file system, antivirus and copy protection vendors. These drivers will typically block the upgrade until the application is uninstalled. If an application does not uninstall cleanly, it may continue to block Setup. For drivers that are not Plug and Play, vendors should distribute a version of the driver where the signature is embedded in a file rather than in an external catalog file. Boot start drivers must be signed using this embedded method. Plug and Play does not recognize embedded signed drivers, which are new in Windows Server 2008. For details on how to sign drivers for Windows Server 2008, or to see what drivers have passed the certification, go here.

There are a number of enhancements to DNS in Windows Server 2008. There are already some lengthy articles on the features, so in this post I hope to give a quick “why you care” on each of the features and some nuggets of wisdom / insight. Here we go…

DNS on Server Core: I see this as a very useful scenario for most people who use DNS in conjunction with RODC in branch offices using the new primary read-only zone. You get all of the server core benefits such as improvements in performance, less patching, security, etc, and it can have all of the same core functionality as a regular DNS server. The easiest way to manage is remotely using the DNS MMC.

Background Zone Loading: Companies who have a large number of records in AD-integrated zones might have to wait 1+ hours to have DNS respond to queries after restarting. Now, DNS spawns off multiple threads to be able to respond to client queries right away. If the record in the zone hasn’t been loaded into memory yet and it is still in the process of loading the entire zone, it will query the node in AD, cache it in the zone, and return a response to the client.

IPv6 Support: Microsoft supports IPv6 in Server 2003, but it was a bit of a management pain and there were some other limitations. See Joseph Landies Cable guy article for the management/integration improvements made in WS08. Also, some other improvements:
· DNS servers can now send recursive queries to IPv6-only servers
· The server forwarder list can contain both IPv4 and IPv6 addresses
· DHCP clients can also register IPv6 addresses in addition to (or instead of) IPv4 addresses.
· DNS servers now support the ip6.arpa domain namespace for reverse mapping.

Make sure your critical apps are cool with receiving a response for an IPv4 address and an IPv6 address. I haven’t personally seen any app problems, but nonetheless, worth mentioning.

Primary read-only zone: This new zone type is also referred to as a “branch office zone” which is available on RODCs running DNS. The zone will make a read-only copy of all of the AD-integrated zones locally from a full DC. The easiest way to think about it is as a read-only secondary zone, but better due to the benefits of AD-integration (i.e. security, management, and you can easily replicate multiple zones).

Global Names Zone: This allows you to resolve single-label names in DNS as an aid to get rid of WINS. If you still need computer browsing, you have apps hard-coded to only use NetBIOS name resolution, or have really old clients & NT4 – sorry, you probably still need WINS. However, if you just need the single-label name support for things like custom-named internal websites or servers throughout your entire environment – this is the solution. There are quite a few things to consider with this, so I recommend reading the whitepaper listed below. A couple quick key limitations are a) this functionality only works with WS08 DNS servers and b) it also doesn’t support dynamic updates.

DNS Client changes: For Vista clients or WS08 servers, the DNS client has a few good changes:
· Periodic check to make sure the client is authenticating with a local DC (configurable via group policy). Previously, a client would only fail back to the closer DC when forced.
· Locate the nearest domain controller using the defined Active Directory sitelink costs instead of searching randomly.  This is disabled by default, but good to enable when you have clients across slow site-links.
· Use link-local multicast name resolution (LLMNR), also known as multicast DNS or mDNS, to resolve names on a local network segment when a DNS server is not available.

Get Started
Windows Server 2008 & Domain Name Service: What's New (WS08 Blog by Kurt Roggen)
Changes in Functionality from Windows Server 2003 with SP1 to Windows Server 2008 (http) (doc version)
The Cable Guy DNS Enhancements in Windows Server 2008 (by Joseph Davies)
What's New in DNS in Windows Server 2008 (very short blurb on TechNet)
DNS Server GlobalNames Zone Deployment Whitepaper

Iain McDonald helped create the vision document for Windows Server 2008 and saw it through with his team to completion.  In this interview, he tells us some of the things he likes they have accomplished with the launch of WS08 today.  You'll discover Iain is an IT pro too, with 12TB of storage at home.  Also, you'll get the inside scoop on what really goes on behind naming our server products and the release cycle.

To break this down a little further, you'll get to hear about:

Some of the challenges he experienced going from vision of WS08 server to launch and overcame, such as:

• Cadence of releases to customers
• Getting the right server for the job
• Building in a more connected system
• Improving storage and backup
• Creating more secure access to data & automatically fixing errors/problems
• Better management

Explanation the role the IT Pro has played in shaping the product and what he does to create the vision for the upcoming server products. 

Why we are calling Windows Server 2008 SP1 on its RTM release

"Mommy, Why is there a server in the house?" - Iain gives us an idea of his own personal IT setup at home.

How they really come up with the names for the server products and a little history behind how we came up with the codenames whistler, blackcomb, and longhorn and how we no longer use these anymore.  He doesn't think anyone enjoys the codenames - do you?

How they determine the release schedule

If you decide to tune in for "Over the Edge" @ 20:33, some of the things you'll see: 
Windows Server 2003 R2 comedic poster, Windows 95 launch pass, Iain driving Brian Valentine wearing a pink ballerina outfit (tutu) on his motorcycle,  Iain's band from 1985, an Australian $10 bill, "big mofo" heat sinks, and a picture of Iain at the Nasdaq.

I met up with Otto Helweg and learned about some of the cool things you do out of the box with Vista and Server 2008 technologies around management, automation, and alerting.  If you don't want or it doesn't make sense for your environment to fork over the cash for one of the full blown Microsoft SC* management software suites - this is a video you definitely want to watch.  It's also interesting to see the types of things you can do on the fly, even if you already have a management/automation/alerting software in place.

Since this one is a little bit longer, I am including a breakdown of the video:

00:00 - Description of what he does in the Windows Server Customer Advisory Team (WinCAT)

01:20 - Tells us some of the management technologies he work to find solutions with: WMI, WinRM/WS web services for management (WS-man), Netnew, Windows eventing and forwarding, Task scheduler, powershell, group policy.

02:18 - Demo of triggering an event alert to centralized servers over the internet

04:33 - Whiteboard description of what happened. (see full description of this scenario below) DMTF = desktop management task force.

09:20 - Practical / Real-world application of where this scenario might be used

13:46 - Demo of WinRS doing a "dir /s" over an HTTP connection. How to make it

14:46 - How to make a secure connection using this

16:55 - Demo of subscribing to events using of a custom query filter and viewing them in the forwarded events log.  Comparison and capabilities of Windows Server 2003 or below events to Windows Server 2008/Vista events.  Description of the RenderingInfo section of the events.  Attaching a task to an event. Showing the task automatically created in task scheduler.

23:22 - Triggers, Actions (now up to 32 serialized actions), in task scheduler.

26:43 - Recommended tips for how to get started with management technologies: Go to his blog (http://blogs.technet.com/otto), they are working on guides, some information on MSDN/TechNet.

Windows Server 2008 incorporates the most significant advance in enterprise management and automation technologies that assist IT in their efforts to achieve a “Dynamic Infrastructure” in the datacenter. This clip will not only show disparate in-the-box Windows Server 2008 management technologies, but demonstrate how they work together to enable new automation, alerting, and monitoring scenarios WITH NO CODE. These “Dynamic Infrastructure” foundational components include Task Scheduler automation, a new Windows Eventing and the Event Forwarding sub-system (with a peak at Windows Remote Shell).

These technologies will be presented in an enterprise context so they can be leveraged across a very large number of servers where automation, programmatic action, and alerting are critical. This demo will be enterprise management system agnostic, but provide the attendee with building blocks that will enable integration into existing IT monitoring systems. For this demo, the managed server is http://wsman.msft.net.

Demo steps include (easiest to follow along with 2 domain joined Vista/WS08 machines and a mutual Admin account):

· Use WINRS to connect to the managed server (winrs /r:<sever> cmd)

· Create a Windows Event subscription to the managed server using the local “Event Viewer”

· Stop and Start the Time Service (sc stop w32time) on the managed server

· Find the events in the local “Forwarded Events” log (note: you can increase the polling rate down from the default 15 minutes)

· Attach a Task to the forwarded events

This video takes this demo to the next level by managing a server that is outside the internal corporate network on a DMZ in the Internet. In addition, this managed server is in a workgroup and not domain joined.

I was able to meet with Andrew during the one week he was in Redmond for the month to talk about the new Server Core functionality which is available with Server 2008.  In this interview, we cover: why server core exists, explanation of what MinWin is, the differences between MinWin and server core, why MinWin was created, see what ideas Andrew has on the future of server core, see what practical application you could currently have with a USB stick, his personal viewpoints on whether or not powershell and the .Net framework should be on server core, and get some management and other tips: see his server core blog, check out the step-by-step guide for server core, use unattend files, and enable the mmc to work through the firewall.

For "Over the Edge", in the office Andrew works he'll come out of "night vision" and we'll see his true colors. Also, be prepared for a server on rollerblades, some Windows branded alcohol (yes, whiskey) which looks like a JD bottle, a Server 2008 shot glass, some old school books & games he used to read/play, and a tiny little bit about what Andrew does outside of working on server core.

Other than the .Net framework and Powershell being able to run on server core (which they are working on), what would you like to see in the next versions of server core?

In this interview, I met up with Charles Denny on the solutions accelerator team who is in charge of the infrastructure and planning guide for AD (this is the next generation of the (WSSRA) guides.  We talk about the purpose of this guide and dig into information in the guide which might be useful to you such as his viewpoint on one of the most difficult business decisions which need to be made in an AD environment. 

There is tons of documentation out there on how to technically do things with AD, but until now with the IPD, there is not very much with how to successfully design your infrastructure and the decisions which need to be made along the way.  For instance, divestitures in deciding what forest design to choose is one important factor to consider.  This guide will help you in migrating to Windows Server 2008 from a needed angle. 

To take a look at the beta to the TS and AD guides, go to the Connect site by clicking here if new or here if already enrolled.

Also, the guides for the below can be found here: