So I did some looking around as I figured it was a setting in a configuration file.  I just had to figure out which one.

I found this Microsoft Technet article : http://technet.microsoft.com/en-us/library/ff607221(EXCHG.80).aspx that talks about the issue.

The error was because the Exchange Managment accesses the Powershell contained in IIS and the configuration file had the location of the kerbauth.dll was incorrect.  The reason for this was Exchange was installed into the default Directory than removed to install it into a diffrerent directory. In doing that the Powershell configuration file in IIS doesn’t update the location of the file. You have to manaully update the file.

To resolve the error you need to follow these steps

1.  You need to modify the applicationhost.config file in c:\windows\system32\inetserv\config
2.  Search the file for the location referenced in Application error.
3. the line in the file will be this : <add name=”kerbauth” image=”File location” />
4. Change the file location to reflect where the file resides.
5. Finally run this command “IISRESET /NOFORCE” to restart IIS. It may fail, just run the command again until to runs successfully.







- John Chambers, Technical Architect
You can read more posts by John at UCBlog101.

]]>http://www.projectleadership.net/blogs_details.php?id=2485December 31,1969http://www.projectleadership.net/blogs_details.php?id=2485
1. Prerequisites:
a. Download the proper .iso file based on your PC from the MSFT website here:
i. Gotcha: It’s important that you use the link above instead of the standard download page The standard page just has the web installer and not the full .iso file
b. Download\Install a tool to mount an ISO as a drive on your computer if you do not have one
i. I use MagicDisc: http://www.magiciso.com/tutorials/miso-magicdisc-overview.htm
c. Download and Install Windows Automated Installation Kit for Windows 7
i. http://www.microsoft.com/download/en/details.aspx?id=5753
2. Using an application call DiskPart you will need to create and attach a .vhd file to your computer
a. Locate or create a directory where you want to store the .vhd file
b. Open a command prompt as an Administrator and enter the following commands
i. Gotcha: the MaxMB is the size of the vhd in MB. The size shouldn’t be any bigger than the unused size on your physical disk drive. For example if you vhd folder path is on the C drive and you have 50GB free space on that drive, the maxmb can’t be any larger than 51200 MB. I would suggest you create it somewhere around 30-35GB or so initially. You can always expand it later.
diskpart create vdisk file=\.vhd maximum= type=expandable select vdisk file=\.vhd vhd attach vdisk create partition primary assign letter=
3. After that, you should have your VHD attached to your computer at the assigned drive letter. You will be asked to format this drive:
a.
b. Click "Format disk" and click "start"
c.
4. Using the tool in step 1.b, attach the iso to your computer
5. From the start menu, open the Deployment tools Command prompt (installed in step 1.c above)
6. Run the following command to apply the necessary files to your new .vhd drive from the .iso file:
a. imagex /apply :\sources\install.wim 1 :\ b. Notes:
i. is the drive that the iso file was attached to in step 4
ii. is the letter assigned to the drive in the last command in step 2.b
c. Gotcha: If you do not have a .install.wim file in this location, you have downloaded the wrong version. GO back to step 1a ( do not pass Go, Do not collect $200…)
7. The final step is to add the .vhd drive to your boot paths.
a. Command line: bcdboot :\Windows
b. Gotcha: If you are like me, you may not want to have the Windows 8 drive the default boot. If you want to make the original Windows 7 drive the default boot, run msconfig and set it as the default:

c. Note: You can use this same dialog to remove the .vhd from the boot paths as well Thanks to Eric Boyd and Scott Hanselman for some additional guidance on this.
- Nick Althoff, Solution Architect]]>http://www.projectleadership.net/blogs_details.php?id=2481December 31,1969http://www.projectleadership.net/blogs_details.php?id=2481Managed Metadata Services (MMS) is one of my favorite features in SharePoint 2010. I love its ability to create a rich set of validated data which may be used throughout the entire SharePoint Farm. I love the enhanced user experience when you connect MMS to site columns and user profile properties. I love how easy it is for users to find the correct value or contribute their own into the enterprise taxonomy.

The only feature I don’t like is the web interface to manage the Term Store. As a refresher you manage the Term Store Set (the “Taxonomy”) from either Central Admin or in Site Action by accessing the “Term store management” page.



To be fair, the UI isn’t bad to setup your top level Groups or populate a few simple and there is a functional import facility, but since my other favorite feature of SharePoint 2010 is PowerShell, I prefer to link those two technologies together to create and populate a ‘non-trivial’ implementation of an organization’s information taxonomy.

Traversing a term set in code
The code examples shown below show how to traverse this taxonomy:



There are a number of reasons to connect to a specific Term Set. You need to do so in order to connect that term set to a custom user profile property; or if you need to update the value or properties of that tem set.

You access the MMS through a taxonomy session as show below:

#connect to your site collection
$siteCollection = Get-SPSite http://yoursite.yourdomain.com

#with the SP-Site object get a connection the Taxonomy Session
$TaxSession = New-Object Microsoft.SharePoint.Taxonomy.TaxonomySession $SiteCollection, $true

$TaxSession = Get-SPTaxonomySession -Site $SiteCollection

The Get-SPTaxonomySession CmdLet seems to have a problem getting current taxonomy information. If a new term store is added after you have invoked this CmdLet, even if your powershell script creates the term store, you will not be able to retrieve it with the $TaxSession object. So I use the more vebose New-Object syntax to work around that issue.

Once you have the Taxonomy Session Object you can reference the Managed MetaData Service you need with this command:

# replace "Managed Metadata Service with the name of your MMS
$TermStore = $TaxSession.TermStores["Managed Metadata Service"]

With the term store object it's very easy to reference the Term Store Group and then the Term Set:

# in this Example the MMS has a Term Store Group named "Offices" with a Term Set of Chicago
$officeGroup = $TermStore.Groups["Offices"]
$office = $officeGroup.TermSets["Chicago"]

"Chicago" is a term set, but it also contains other terms

$intheloop = $office.Terms["In the Loop"]
$notIntheloop = $office.Terms["Outside the Loop"]

Example Script – This script will print out the entire taxonomy for an MMS name "Managed Metadata Service" on http://demosrv

function PrintTerms($termSet, $level)
{
$levelStr = " " * $level
ForEach ($term in $termSet) {
Write-Host -ForegroundColor Green "$levelStr $($term.Name)"
if ($term.Terms.Count -gt 0) {
PrintTerms -termSet $term.Terms -level ($level+1)
}
}
}

$site = get-SPSite http://demosrv
$TaxSession = New-Object Microsoft.SharePoint.Taxonomy.TaxonomySession $site, $true
$TermStore = $TaxSession.TermStores["Managed Metadata Service"]

Write-Host -ForegroundColor Yellow "$($TermStore.Name)"
ForEach ($termGroup in $TermStore.Groups) {
Write-Host -ForegroundColor Cyan "Group = $($termGroup.Name)"
ForEach ($termSet in $termGroup.TermSets) {
PrintTerms -termSet $termSet -level 1
}
}


- Steve McHargue, Senior Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2509December 31,1969http://www.projectleadership.net/blogs_details.php?id=2509 Later that same day I had a similar conversation with a CIO that was concerned that the recently completed strategic planning process did not include IT. He was frustrated by the exclusion, but also by the impact of this on his team who once again felt that they were being relegated to the role of order-takers.
In both of these cases, the leaders responsible for direction setting or strategy development may be missing an important opportunity to engage their organizations. People in organizations need clarity of direction and a role in the direction setting process. This is not to say that everyone has an equal voice in developing a strategy or direction; clearly that is not the case. But, leaders should consider how to best involve their organization in the process and, ensure that everyone is clear on their role in the process. A RACI model can be a good tool to help define these roles. RACI stands for:

6. R = Responsible
7. A = Accountable
8. C = Consulted
9. I = Informed

At a minimum, everyone should be (I) informed; there is no excuse for leaving people in the dark. Such neglect causes exactly what was articulated by the director. Luckily for this leader, the Director is still trying to engage, many just shut down. Someone at the “C” level of an organization should at least be (C) consulted in the process. By leaving the CIO outside of the process, the CEO will encourage IT to remain in the role of order-takers. Given the importance of technology in most all aspects of strategy execution, this is not an optimal role for any CIO.
Those responsible for the strategy and direction of their company would be well served by utilizing this, or a similar, model to clarify roles and to think through the many opportunities they have to engage others in the process. This will result in better outcomes for the planning process and more importantly it will enable a far more effective execution process. - Dan Roller, Solution Group Leader]]>http://www.projectleadership.net/blogs_details.php?id=2478December 31,1969http://www.projectleadership.net/blogs_details.php?id=2478Although it is less common these days, occasionally you may run into a situation where you or a customer may need to manage your Lync infrastructure from a 32-bit machine (typically Windows XP or Server 2003). Leveraging both the Lync Control Panel and Lync Management Shell commands run remotely, this becomes one less obstacle for you to worry about.

Since the Lync Control Panel is web-based, it is accessible from any Silverlight capable PC browser, such as Internet Explorer (or even Firefox, Chrome, and some versions of Safari!, Silverlight Compatibility). As I'm sure you're aware, installing the Lync Management Tools on a 32-bit OS are not possible. And while you still cannot run Topology Builder on Windows XP or Server 2003 (32-bit), using the information below you can perform the majority of the Lync management tasks.

Prerequisites:
• PowerShell 2.0 (http://support.microsoft.com/kb/968929) - Since Windows XP and Server 2003 were released pre-PowerShell, you'll need to download v2 and install it. Vista clients were initially released with PowerShell v1, so they will also have to be upgraded as well.



Steps to connect your 32-bit client to Lync remotely through powershell:

Create a PowerShell Profile (more info on PowerShell Profiles here) by saving the following commands into a *.ps1 file:


Import the Lync module
$lyncOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
$lync = New-PSSession -ConnectionUri https://lync1/ocspowershell `
-SessionOption $lyncOptions `
-Authentication NegotiateWithImplicitCredential

Import-PSSession $lync

By using a PowerShell Profile, any time you launch PowerShell, a Remote Powershell session will be connected to the server specified in the ConnectionUri parameter and will allow you to execute the Lync-specific commands even though you don't have the Lync PowerShell Module installed locally. Alternatively, you could just run the commands above within PowerShell on an as-needed basis without creating a Profile.

Note that you will need to make sure you use the Internal Lync Web Services FQDN since we are making the connection over HTTPS.

*Additional credit goes to Mike Pfeiffer for the remote PowerShell syntax. See his blog post here.

- Phil Sharp, Technical Architect
You can read more posts by Phil at Mastering Microsoft UC.

]]>http://www.projectleadership.net/blogs_details.php?id=2475December 31,1969http://www.projectleadership.net/blogs_details.php?id=2475During a recent Exchange migration my client had some issues with users on their Exchange 2010 servers.  In order to fix these issues properly, it was decided to move the users back to their original Exchange 2003 server and disable the Personal Archive that resided on Exchange 2010.  In order to reuse these Personal Archives, we needed to complete all remediation and testing within 30 days of disabling the archive mailbox.  The 30 days is the default retention period for a disabled Personal Archive.  This time period can be increased or decreased based off your needs with this PowerShell command:

Set-MailboxDatabase -Identity <personal archive database> -MailboxRetention <# of days>

Once the client completed the remediation and testing we moved the original pilot users back to their Exchange 2010 servers.  To re-attach the Personal Archive we needed to go to the Disconnected Mailboxes in the EMC under Recipient Configuration.  If you do not see any of the disconnected Personal Archive mailboxes, you will need to do a database cleanup process:

clean-mailboxdatabase <personal archive database>

After the disconnected mailboxes are visible, you can reconnect them by right clicking on the mailbox and selecting ‘Connect to Primary Mailbox’.  You will then get a prompt to verify the user it wants to connect the mailbox to.  If this matches, then click yes.  Once AD replication completes, you old Personal Archive is now accessible to the mailbox.

As always, test this method out on a test mailbox before proceeding into production.  We did our testing to validate this before we moved any mailboxes back to the legacy Exchange 2003 servers.



- Damian Scoles, Technical Architect
You can read more posts by Damian at Just a UC Guy.

]]>http://www.projectleadership.net/blogs_details.php?id=2474December 31,1969http://www.projectleadership.net/blogs_details.php?id=2474So you decided to deploy a Barracuda hardware load balancer at your client site to load balance the CAS Array traffic, but you cannot find how to redirect the traffic for Outlook Web Access to redirect to Https and append a /owa at the end? If you are using a hardware load balancer device this redirection should not be doing this via IIS on your CAS servers, and should be done on the HLB itself. This is not documented in official Barracuda documentation and I hope it helps to guide you through the process.

Here is a mini-guide on how to get a URL to rewrite on a Barracuda HLB to append https:// at the front and /owa at the end, so your users only have to type in mail.constoso.com.

There are two steps to this procedure (You may have already done Step I if you followed the official Barracuda Configuration Guide found here, if so, go ahead and skip to step II):

I. First, Under the Basic  Services, create a rule named HTTPs Redirection.
Configure this as follows:
1. At the top, under new rule name the rule something meaningful like “Exchange Web Services HTTP Redirect”
2. Enter the VIP of your CAS Array/HLB as the Virtual IP address.
3. Under Protocol enter “TCP”
4. Service Type “Layer 7- HTTP” (if it does not let you do this at this point, we can edit that in step 7, the default is Layer 4, leave it).
5. Service Port “80”
6. Save the rule
7. Go into the rule and click the “edit” button.
8. Make sure your Service Type is set to “Layer 7 – HTTP” (if you did not change this in step 4, do it now)
9. Set the value of “Enable HTTP Redirect” to “Yes”



The above will take care of appending https:// or redirecting from http:// for your OWA url, but it will not add /owa to the end of the URL. For that see #II.

Your new rule should look like this:



Properties:




II. In your HLB go to Advanced  URL Rewrites
1. Make sure the correct service is selected. In this case we are working with Layer 7 – HTTP Services.
2. Under HTTP Request Rewrite, Rule name enter “OWA”
3. Rule Order enter “3”
4. Under Action Select the drop-down box to “Rewrite URL”
5. Header Name – leave blank
6. Old value, use “/*”
7. Rewrite Value use “/owa”
8. Rewrite Condition “*”



This will allow the HLB to append /owa to the end of your URL (or /exchange or whatever you may be using).

Your new rule should look this:



After you save your configuration, your users should be able to go to mail.contoso.com and it should forward them on to https://mail.contoso.com/owa. Happy redirecting!
- Julia Holden, Solution Architect

]]>http://www.projectleadership.net/blogs_details.php?id=2466December 31,1969http://www.projectleadership.net/blogs_details.php?id=2466This month’s discussion is about what a company can do with videoconferencing to go beyond a general meeting or a point to point discussion. On the marketplace today there are tools available to take videoconferencing to a whole new level as a means of communication and content distribution. Wouldn’t it be beneficial to be able to professionally capture the call in a way that moves beyond the legacy means of VCR tape or DVD disk? While those are the traditional means of capturing a “session” for archiving, it’s not very practical to then copy those and disburse them to share with colleagues in other locations. Video format in the USA (NTSC) differs from that overseas (PAL) meaning the content would only be useful domestically.

What I really like are the new appliances on the market that are server-based capture stations that can record videoconferences or even individuals needing to deliver a message to a wide audience. These devices are added as a “participant” in the case of recording a conference or are the called party in the case of recording a broadcast message. This makes it very easy to use to capture and then take advantage of the devices streaming capabilities. Streaming is popular these days what with the popularity of Netflix and streaming videoconferences is the same concept. The recording/streaming appliances can be purchased in various levels of capacity to manage the investment and tailor it to your capacity needs. For example, you can fit the appliance out with a license to be able to record differing levels of concurrent recording sessions at 5, 10 or 15 based on your volume. There is even a license for a high-definition stream. You can also throttle the licensing for how many simultaneous viewers are allowed to watch a broadcast and you can purchase a license to do multicasting “pushes” of the content to go beyond baseline unicast functionality provided by default. Multicast is a single transmission of the source to multiple destinations (one to many). Unicast involves opening a stream per user from the source to the destination and consumes more bandwidth on the network. With the right licensing, you can push content out and have 200 people view it at different branches across the organization. This speeds delivery of important communication and content can easily be managed and classified for access. Take your videoconferencing environment to the next level by looking in to all the useful applications this enables and reap the benefits of sophisticated content management and distribution.


- Bill Rasmussen, Solution Architect
]]>http://www.projectleadership.net/blogs_details.php?id=2464December 31,1969http://www.projectleadership.net/blogs_details.php?id=2464During a recent migration for a customer we needed to move some mailboxes back to their legacy Exchange 2003 servers for various reasons.  In order to do so, we needed to run a series of PowerShell scripts as the EMC does not allow for these moves.  Microsoft has provided a good article on what to do before moving the mailboxes to Exchange 2003 [ http://technet.microsoft.com/en-us/library/dd638157.aspx ].  Here are the steps per the article

 Moving mailboxes from Microsoft Exchange Server 2010 to Exchange Server 2003? Consider the following:

 • The move process is performed offline, and end-users won’t be able to access their mailboxes during the move.

• Perform the move from the server running Exchange 2010 by using the move request cmdlets in the Exchange Management Shell. You can’t use Exchange System Manager on an Exchange 2003 server to move the mailboxes.

• If you’re moving a mailbox that has a personal archive associated with it, you must disable the archive before moving the mailbox. For details, see Disable a Personal (On-Premises) or Cloud-Based Archive for a Mailbox.

• If you’re moving a mailbox to Exchange 2003, you must disable single-item recovery and purge the Recoverable Items folder. For details, see Clean Up the Recoverable Items Folder.

The first step is to disable the Personal Archive.  This means that the user will be unable to use the archive mailbox until their main mailbox is migrated back to Exchange 2010.  The good thing is that the archive mailbox will not be removed as long as the mailbox retention period for  the database that the mailbox is present on.  The default period is 30 days.  To disable the archive, you just need to know the mailbox alias and plug that in to this PowerShell command – Disable-Mailbox -Identity <mailbox alias> -Archive  

SAMPLE

Disable-Mailbox -Identity <mailbox alias> -Archive    

Confirm  Are you sure you want to perform this action?  Disabling the archive for <mailbox alias> will remove the archive for this user and mark it in the database for removal.  [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is “Y”): a

Once the archive mailbox is disabled, you need to see if Single Item Recovery is enabled for the user.  To do this simply run – get-mailbox  <mailbox alias> |ft displayname,singleitemrecoveryenabled

 SAMPLE    

get-mailbox <mailbox alias> |ft displayname,singleitemrecoveryenabled    

DisplayName                            SingleItemRecoveryEnabled

———–                                    ————————-  

<Mailbox Alias>                       False  

If SingleItemRecoveryEnabled is ‘True’, this can be disabled with - set-mailbox <mailbox alias> -SingleItemRecoveryEnabled $False

Next you need to check if the mailbox has any items in the Retention Items  in Exchange 2010 [ http://technet.microsoft.com/en-us/library/ee364752.aspx ].   To do this, we need to search the mailbox for this folder and its content.  You will need the Discovery Role in Exchange 2010.  To add yourself to the role run this in PowerShell – Add-RoleGroupMember -Identity “Discovery Management” -Member <your admin account> .  Once you have the role assigned to your admin account, you can query the users folder for these items using – Search-Mailbox -Identity <mailbox alias> -SearchDumpsterOnly -estimateresultonly

 SAMPLE    

Search-Mailbox -Identity <mailbox alias> -SearchDumpsterOnly -estimateresultonly    

RunspaceId       : dfe688c8-d4be-42f4-8023-83f0d23b026d

Identity         : <user’s DN>  

TargetMailbox    :  

TargetPSTFile    :  Success          :

True  TargetFolder     :  

ResultItemsCount : 1533  

ResultItemsSize  : 67.7 MB (70,989,444 bytes)

If the item count and item size are > 0, you will need to clear these out before the mailbox is moved to Exchange 2003.  The command to do so, per Microsoft’s own documentation, is as follows – Search-Mailbox -Identity <mailbox alias> -SearchDumpsterOnly -TargetMailbox “Discovery Search Mailbox” -TargetFolder “<mailbox alias>-RecoverableItems” -DeleteContent

 SAMPLE    

Search-Mailbox -Identity <mailbox alias> -SearchDumpsterOnly -TargetMailbox “Discovery Search Mailbox” -TargetFolder “<mailbox alias>-RecoverableItems” -DeleteContent    

Confirm  Deleting content from mailboxes bsmith  [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is “Y”): a      

RunspaceId       : dfe688c8-d4be-42f4-8023-83f0d23b026d  

Identity         : <user’s DN>  

TargetMailbox    : <Discover Search Mailbox’s DN>  

TargetPSTFile    :  

Success          : True  

TargetFolder     : \<mailbox alias>-RecoverableItems\<mailbox alias>-4/3/2012 4:25:30 PM  

ResultItemsCount : 1533  

ResultItemsSize  : 67.7 MB (70,989,444 bytes)

Now I like to verify if this has truly worked and you can do this by running the first search command we used to see if there were any items in the folder:

 SAMPLE    

Search-Mailbox -Identity <mailbox alias> -SearchDumpsterOnly -estimateresultonly    

RunspaceId       : dfe688c8-d4be-42f4-8023-83f0d23b026d  

Identity         : <user’s DN>  

TargetMailbox    :  

TargetPSTFile    :  

Success          : True  

TargetFolder     :  

ResultItemsCount : 0  

ResultItemsSize  : 0 B (0 bytes)  

Now that this is clean and all the other steps are complete, you can now move the mailbox back to Exchange 2003.

Sample    

new-moverequest -identity rgabuzd -targetdatabase 4717536c-893c-457a-85af-37f19fc9b823

Once the request has been queued you can monitor it from the Exchange Management Console under Recipient Configuration – Move Requests.

In my next article I will discuss how you can reattach those archive mailboxes when the users mailbox is moved back to Exchange 2010.

- Damian Scoles, Technical Architect
You can read more posts by Damian at Just a UC Guy.

]]>http://www.projectleadership.net/blogs_details.php?id=2465December 31,1969http://www.projectleadership.net/blogs_details.php?id=2465When creating disclaimers for your corporate email, a good practice is to prevent disclaimers from being added to internal emails. To do this, simply add a condition to your disclaimers.

Under Organizational Configuration, click on Hub Transport, go to the Transport rules tab, right click on your disclaimer and select Edit. Click Next, Next, and Next.









On the Exceptions page select “except when the message is sent to users that are inside or outside the organization, or partners”. After checking the checkbox, make sure the selection shows as Inside. Then complete the rule wizard. After this change no messages bound for internal recipients will have a disclaimer appended to the message.

- Damian Scoles, Technical Architect
You can read more posts by Damian at Just a UC Guy.

]]>http://www.projectleadership.net/blogs_details.php?id=2461December 31,1969http://www.projectleadership.net/blogs_details.php?id=2461
I am wrapping up a profitability analysis project for a global medical manufacturing company. The goal was to give the management team a Business Intelligence application to show profitability margins for customers, products, geographic locations, and production facilities. The solution provided OLAP reporting on profitability metrics by while supporting multiple currency conversions for every currency the company did business with. To deliver this solution I had to pull financial measures like revenue and expenses as well as statistics on the manufacturing process from Oracle’s JD Edwards Enterprise One.

The idea for this project was to use SQL Server 2012 and use SSIS for the ETL process and then SSAS for the cube. The users would be using Excel 2012 to connect to the cube directly. I am happy to report that I did not run across any issues related to using SQL Server 2012 even though I was using Release Candidate 3 for most of the development phase.

I came across a few things during the SSIS development phase of this project that I wanted to pass along to others business intelligence folks who may be pulling from JD Edwards / Oracle database.

1.  Configure 34bit and 64bit OLE DB Oracle providers following Greg Galloway instructions. These instructions are fantastic. I can appreciate these instructions as I remember the wailing and gnashing of teeth that took place the first time I had to setup Oracle’s OLE DB providers on a 64bit server.
2.  Decide on using linked server (TSQL) or OLEDB Source (PL/SQL). My experience was that I got noticeably faster performance when using the OLEDB Source with PL/SQL rather than using the more convenient linked server.

3.  Use existing date and time conversions. Bryant Avey had two useful TSQL functions. One converts the JD Edwards’s date fields, which are represented in Julian date format of CYYDDD where C = Century; YY = a 2 digit year and DD = the 3 digit number representing the day of the year (1 through 365 or 366 days on a leap year) to a Gregorian date. The function was called DateJ2G
CREATE FUNCTION [dbo].[DateJ2G]
 (
@JDEDATE int, @FORMAT int
 ) 
RETURNS varchar(20) AS 
--Written by Bryant Avey, InterNuntius, Inc.
--Provided free "As Is" with no warranties or guarantees
--I just ask that you keep these comments in the function, if you use it.
--The complete article describing this function can be found at:
--http://wp.me/pBPqA-a
--This function takes a JDE Julian Date and returns
--a varchar date in the format style you specify
--To us simply pass in the JDE date and the style code
--Style codes can be found at
--For Example: select dbo.DateJ2G(sddgj,101) from f4211
--would return the JDE date in the format of 02/29/2008.
--Select dbo.DateJ2G(108060, 1) = 02/29/08
--Select dbo.DateJ2G(109060, 107) = Mar 01, 2009
--Format codes are standard SQL 2005 Date Convert codes.
--Conversion codes can be found here: http://wp.me/pBPqA-a
BEGIN
DECLARE @sqldate datetime
set @sqldate =
 dateadd(day,cast((1900000 + @JDEDATE)%1000 as int)-1,(cast((
 cast((1900000 + @JDEDATE)/1000 as varchar(4)) + '-01-01')
 as datetime)))
RETURN (convert(varchar(20),@sqldate,@FORMAT))
END
The other function, DateG2J, converts a Gregorian date to a Julian Date. Again this was very useful.
CREATE FUNCTION [dbo].[DateG2J] (@Geogian_in datetime)
RETURNS int AS
--Written by Bryant Avey, InterNuntius, Inc.
--Provided free "As Is" with no warranties or guarantees
--I just ask that you keep these comments in the function, if you use it.
--The complete article describing this function can be found at:
--http://wp.me/pBPqA-a
--This function takes a varchar gregorian date and returns
--a Julian JDE Date
--To use simply pass in the string date
--For Example: select dbo.DateG2J('02/29/2008')
--would return the JDE integer date of 108060.
--Date input formats are standard SQL 2005 DateTime values.
--Any validly formated date string will work such as 'feb 29,2008' to get 108060.
BEGIN
declare @JulianDate_out INT
declare @Century INT
declare @YY INT
declare @DayofYear INT
Select @Century = case when datepart(yyyy,@Geogian_in) > 2000
then 100000 else 0 end
Select @YY = CAST((SUBSTRING(CAST(DATEPART(YYYY, @Geogian_in)
AS VARCHAR(4)), 3, 2)) AS INT)
select @DayOfYear = datepart(dayofyear, @Geogian_in)
SELECT @JulianDate_out = @Century + @YY * 1000 + @DayofYear
RETURN(@JulianDate_out)
END

I created a third function to validate and format the JD Edward’s time fields into a valid time field for SQL Server. My experience is that JD Edwards allows any combination of integers that may have not necessarily represented a valid time in SQL Server (or anywhere else for that matter). The ValidateJDETime function helped deal with this by checking the time and setting it to midnight if an invalid time was found.


CREATE FUNCTION [dbo].[ValidateJDETime] (@IN_Time VARCHAR(10) )
RETURNS CHAR(8)
AS
--Written by Thomas M. Puch
--Provided free "As Is" with no warranties or guarantees
--I just ask that you keep these comments in the function, if you use it.
----Usage:  SELECT dbo.ValidateJDETime ( '112233')
BEGIN
     DECLARE @RV CHAR(8),
                 @vt AS CHAR(6),
                  @vh AS CHAR(2),
                  @vm AS CHAR(2),
                  @vs AS CHAR(2)
SET @vt = REPLACE(STR(@IN_Time, 6), SPACE(1), '0')
SET @vh = SUBSTRING(@vt, 1,2)
SET @vm = SUBSTRING(@vt, 3,2)
SET @vs = SUBSTRING(@vt, 5,2)
IF (@vh BETWEEN 0 AND 23 AND
    @vm BETWEEN 0 AND 59 AND
    @vs BETWEEN 0 AND 59)
  BEGIN
     SET @RV = @vh + ':' + @vm + ':' + @vs
  END
ELSE
  BEGIN
     SET @RV = '00:00:00'
  END
RETURN(@RV)
END

4. Planning to deal with NCHAR and NVARCHAR2 is something you will want to do early on . Most text fields in JD Edwards are either NCHAR or NVARCHAR2 that are padded with trailing or in some cases leading spaces. Trailing or leading spaces need to be accounted for when matching up to other data using the SSIS Lookup transformation especially if you are joining to data from text files or other source systems. It is likely that the other data sources will not have trailing or leading spaces. This will cause the SSIS Lookup transformations to not find a match in SSIS. This can be time consuming to troubleshoot because at first look the data seems to match and even joins together in a TSQL query. I would suggest using the TRIM function in Oracle on every text field in your PL/SQL query to JD Edwards. This function will remove trailing and leading spaces and will allow your SSIS Lookup Transformations to find matches.

5.  When using the Oracle OLE DB provider I found that the property called ExecuteOutOfProcess, found in the Execute Package Task had to be set to FALSE if the sub-package used the Oracle OLE DB provider. This was also pointed out in Greg Galloway’s instructions. Like Greg, I did not really investigate why, but set the configuration and moved on.



-Tom Puch, Senior Consultant
You can read more posts by Tom at Concepts and Techniques on Business Intelligence.

]]>http://www.projectleadership.net/blogs_details.php?id=2460December 31,1969http://www.projectleadership.net/blogs_details.php?id=2460
1. Directory Synchronization is Required for Single Sign-On with Office 365.
The two main components of SSO with Office 365 are Directory Synchronization and Active Directory Federation Services 2.0 (ADFS 2.0). They are both necessary for a client to log on to Office 365 using their current Active Directory credentials. The key road block for some clients is that Directory Synchronization synchronizes the entire directory; all users, all groups. Yes, there are ways around this; no, they are not supported by Microsoft. Additionally, Directory Synchronization is limited to a single AD Forest at this time. Future functionality may provide solutions to these two concerns, but they are facts that have to be communicated today.
2. Lync Federation is Not the Same as Active Directory Federation Services.
Lync Federation is the ability to IM other companies that also use Lync Online or Lync on-premises, as well as see Presence and limited status information (depending on the configuration settings). This is not SSO.
3. Exchange Federation is (also) Not the Same as Active Directory Federation Services.
Exchange Federation allows Exchange Online and Exchange 2010 environments to share Calendaring information, depending on configuration settings. This is not the same as SSO. 3. Lync On-Premise and Lync Online Cannot Share the Same SIP DomainAt this time, Lync On-Premise and Lync Online cannot share the same SIP domain. In order to have coexistence between the two within a single organization, two separate SIP domains and Lync Federation between those domains needs to be configured. This will likely change in the future.
4. ADFS 1.0 is Not Used for Office 365. ADFS 1.0 is the version available in Windows Server 2008 within the Roles configuration settings. This will not work for Office 365 federation configuration. ADFS 2.0 is a separate download that will need to be installed.

Hopefully these points will help clear up any confusion during your planning process and allow you to focus on the other hurdles that come along with any migration effort.
What other deployment confusion have you seen in the field? I'm always ready to learn from someone else's hard work...

- Matt Green, Senior Consultant
You can read more of Matt’s posts at his blog Unified Messaging in the Cloud.]]>http://www.projectleadership.net/blogs_details.php?id=2459December 31,1969http://www.projectleadership.net/blogs_details.php?id=2459So you’ve enabled personal archives for all your users, but nothing seems to be working. How do you troubleshoot this?

Here is a short list of things to check to make sure you have personal archives enabled:

• Did you enable the archive for the user?

In the Exchange System Console – Properties of the user mailbox, mailbox features, Archive = enabled

OR

In the Exchange System Console - Get-mailbox |fl displayname,archivedatabase,archivename

• Did you add mailboxes to one of the Retention Policies?

(Exchange Management Console – Organization config – Mailbox – Retention Policies tab)

If you created a new policy, did you add any Retention Policy Tags to the new policy


• Did you start the Managed Folder Assistant process on the mailbox server where the mailbox resides?

Get-Mailbox -Server | Start-ManagedFolderAssistant


If all of the above is done, have you checked your Application Event Log for anything pertaining to ManagaedFolderAsstant?
To get more event logging detail use Diagnostic Logging:

Diagnostic Logging

This can be enabled by Opening up the Exchange Management Console, expanding Server Configuration, highlighting your mailbox server, right clicking and select Manage Diagnostic Logging Properties. Expand MSExchangeMailboxAssistants and highlight Email_Lifecycle_Assistant. Set the logging to high and click Configure. Then restart the Microsoft Exchange Mailbox Assistants service. < Check the logs for events pertaining to Managed Folders.

Check the Application Event Log for any new events.

- Damian Scoles, Technical Architect
You can read more posts by Damian at Just a UC Guy.

]]>http://www.projectleadership.net/blogs_details.php?id=2458December 31,1969http://www.projectleadership.net/blogs_details.php?id=2458Insurers that deliver an exceptional customer experience will win the battle for lasting and profitable customer relationships.

The business environment will remain challenging for the Property & Casualty (P&C) industry for the foreseeable future. Continued commoditization of P&C products, slowing population growth resulting in fewer first time insureds, poorer than average returns on investment portfolios and a slow to recover real estate market are just some of the challenges the industry will continue to face. But, these are not the biggest. The biggest challenge for most P&C insurers will be creating a customer experience that differentiates and the smaller the insurer the more important this will be.

Still most insurers, large and small, focus on products or price, but this is ultimately a zero sum game. Part of the problem is regulation – no doubt this makes creating unique insurance products a difficult and costly process. This lack of product differentiation has caused more and more consumers to focus on price. Some insurance companies initially win in this environment using big advertising budgets to attract new customers. But most insurers don’t have the luxury of a “Flo” or “Mayhem” to drive customers to their door. What all insurers, especially smaller players, do have is the opportunity to differentiate by creating a great customer experience for their two key customer groups: Independent Agents and insurance consumers.

A great customer experience causes Independent Agents to choose to sell a specific insurer’s products more often than competitor products. It also builds loyalty among end consumers who wouldn’t trade their relationship with their insurance company for a small difference in price. So why do many insurers choose to underinvest in this area?

There are those who believe that service cannot trump price. They have adopted a differentiation strategy that is meant to attract cost-conscious consumers. It is true that there is a segment of consumers that are only concerned about price and they walk out the door as soon as they spot a better deal. These same insurers believe that investing in service will significantly increase operating expenses and consequently reduce already thin margins making it difficult or impossible to maintain a low cost strategy. So they don’t invest and they also don’t grow. They also miss out on a growing segment of customers who care very much about service, will even pay a premium for it.

It used to be that quality service was very expensive, because it was delivered by employees who answered phones. But, a growing segment of consumers don’t want to talk to a customer service representative, they would rather have service offerings that they can access any time and any place, over the internet or on an app on their tablet or smart-phone. For insurance companies this means: quoting and binding policies, renewals and payments, account management, claim-filing and tracking – all on-line. This kind of service is less expensive than traditional service models.

The benefit to insurers can be huge. The problem is that many do it haphazardly; they all but ignore the experience of their customers causing their service offerings to back-fire. It is amazing to see how many insurance companies take their agent quoting system, make it accessible on the internet and claim that they enable consumers to get a quote on-line. If there is one sure way to piss-off an insurance shopper, it is to make them answer 50 underwriting questions and make them manually input all of their information only to be sent to an agent. And this is just one example.

In summary, service matters to many consumers, it is not costly to provide it – even the smaller players can do it, the customer experience matters – deliver a great one and you’ll have profitable long-term relationships with agents and consumers alike. And this is something differentiation on products or pricing can’t deliver.


- Dan Roller, Solution Group Leader

]]>http://www.projectleadership.net/blogs_details.php?id=2455December 31,1969http://www.projectleadership.net/blogs_details.php?id=2455While working with customer to publish their Lync Simple URLs through a F5 Big IP running v. 10.2.0, we were having some issues with getting the page to come up externally. DNS entries all seemed to be correct and pointing to the proper external IP addresses. We had verified the firewall rules were configured correctly to perform Port Address Translation from the Public IP on port 443 to the Internal/DMZ F5 VIP on port 4443, and we could see the traffic getting passed all the way through to the Front End server(s). Wireshark captures confirmed this as well.

From the F5 Lync Deployment Guide, found here, the virtual server was configured as follows:




NOTE: Under the Profiles column, the certificate used by the Big IP must be the same certificate installed on the client. Since this is externally facing, it should also be a Public Certificate from one of the approved CA vendors (http://support.microsoft.com/kb/929395).

To ensure the SSL tunnel could be maintained back to the Front End(s), we had generated the CSR on one of the Front Ends for the External Web Services. We then exported it with the private key (and the root certificate chain separately) and installed it on all of the other Front Ends in the pool, as well as F5 Big IP.

We kept comparing the settings and everything look like it was configured correctly. However, we were missing one setting - the SSL Profile (Server) was set to None. Setting this to the profile with the correct certificate(s) installed got everything working again. Below are some screen captures of the final working settings that were applied to both the Virtual Server and the Pool.

Virtual Server





Server Pool


One last important thing to note, specifically around Lync Mobility: There is a bug in firmware 10.2.2 and earlier which drops connections which try to use TLS 1.1 & 1.2. Make sure upgrade to resolve this, especially if you are supporting Apple iOS devices.

- Phil Sharp, Technical Architect
You can read more posts by Phil at Mastering Microsoft UC.
]]>http://www.projectleadership.net/blogs_details.php?id=2450December 31,1969http://www.projectleadership.net/blogs_details.php?id=2450There are times when a handshake MiniGrid or Result Set is empty that you would prefer to show nothing at all on the screen. That’s not a problem in the Handshake skin itself - it can display nothing if the data set is empty. For example, simply include something like the following statement in the condition of the body element of the handshake skin:

{=grsMyResult.recordCount} > 0

The problem you may run into is with the standard SharePoint Web Part Title. Unless the chrome on the webpart is set to ‘none’, then is will display even if the web part is empty, which is often not the user experience you want to achieve. There are two ways around this problem.

Handshake Provided Web Part Title
One way to manage that is to set the web part chrome to ‘none’, and allow the Handshake Skin to display a web part title instead. That’s usually not a problem, you simple add and additional table or row and include the Web Part title in the cell. You can even use the same CSS so that the Handshake supplied web part title is the same as any other SharePoint provided web part title

In the Text property of the CELL you would add this:



Using Code to Hide the Web Part Title
There is another way that might be more useful, depending on the circumstances, that involves hiding the SharePoint Web Part Title if the result set is empty. This can be done with a little code. Basically, you trigger a javascript function when the result set is empty.

For a minigrid, include the following function in the script block of the skin:

function HideWebPart(s) {
var elem = document.getElementById(s);
while (
(elem != null)&&(elem.tagName != 'DIV')&&(elem.id.indexOf('WebPartWPQ') != 0) ){
elem = elem.parentNode;
}
if (elem != null) {
elem = HSFindParentByType(elem, 'TABLE');
if (elem != null) {
elem.style.display = "none";
}
}
}


And in the minigrid, set the norowmessage property to call the function above:




Some notes on this XML
• The HideWebpart is triggered by the ‘norowmessage’ property and there you pass it the name of the minigrid. You do this by enclosing the “message” in a script tag
• The HideWebPart function finds the minigrid by the ID and then walks up the DOM tree until it finds the DIV that contains the web part.
• Once it finds that DIV, then it finds the parent table of that DIV using a Handshake supplied function.



An Empty Result Set
Hiding a web part title for an empty result set is similar. Here we are adding an additional row in our skin that will call the hide web part function. In a cell of that row we create a span with an ID to serve as an ‘anchor’, and then call the function with that id:



Summary
There is tremendous value in learning some basic javascript to improve the overall appearance of you Handshake Skins. This just one example. I have found it very useful to review and study the javascripts found in the Handshake web services folder. This allows you to better understand how Handshake is interacting and manipulating the data it retrieves from the web service, and enhance that functionality when you needed.

- Steve McHargue

]]>http://www.projectleadership.net/blogs_details.php?id=2434December 31,1969http://www.projectleadership.net/blogs_details.php?id=2434Once you have your Lync environment completed with the Front End, Edge and Archive/Monitor roles, what can you do to further enhance your install? You can install useful tools like these:


Lync 2010 Resouce Kit

Lync 2010 Best Practices Analyzer

One of the quicker ways to install these tools is to use the ‘set-lync2010features.ps1′ PowerShell script from here http://www.ehloworld.com/255. These are the Post Install options you have with this script:



The first two are by far the most useful. Option ten is also good for testing your hardware out to make sure it will do what you need it to do.

The same tool also helps with Lync 2010 PreRequisites as well:



Download the tool and make your Lync environment just that much better.

- Damian Scoles, Technical Architect
You can read more posts by Damian at Just a UC Guy.
]]>http://www.projectleadership.net/blogs_details.php?id=2445December 31,1969http://www.projectleadership.net/blogs_details.php?id=2445This month’s discussion is about the impact videoconferencing will have on the wide area network. When one is considering making an investment in videoconferencing or expanding usage of video from peer-to-peer into room systems or increasing the number of room systems, it is wise to take a look at the size of the pipe (WAN capacity) this application will traverse. Bandwidth capacity planning is as old as telecommunications itself. If I have 100 users, how many lines to the public switched telephone network (PSTN) do I need? Videoconferencing is the same theory or telecom only it uses more bandwidth than a telephone call.

Odds are, you have already made an investment in VoIP and in the planning stages, you looked at the impact of adding voice traffic to the WAN. We simply take this a step further and see what impact video will have. In its simplest form, capacity planning requires us to look at (monitor over several months and measure peaks and valleys) total bandwidth and bandwidth “bursts” which are big spikes in bandwidth used during a given slice of time. Bursts or peaks are important to understand how close to a saturation point (no bandwidth left) you get in a given period. A good rule of thumb commonly accepted is to run the bandwidth at 80% utilization. Any higher and you could max out in a “bursty” time and any less would be a case of paying for more bandwidth that you use.

To prepare to add video to the network you can assume an H.323 call at 384k will use 460k of bandwidth (factoring in 20% overhead) and you can use this figure to help plan capacity. The next steps would be to estimate traffic. How many calls per month and what is the average call duration? Adjust the 384k number accordingly if you plan to do HD resolution calling. Other factors to consider are the video codec used. For example, with Polycom’s H.264 High Profile codec (as opposed to H.323), a HD call (720k to 1 meg) can consume as little as 512k (not including overhead) so these are the elements to take into consideration when you want to add real time services (VoIP, videoconferencing or Video On Demand) to your collaboration platform.

- Bill Rasmussen, Solution Architect
]]>http://www.projectleadership.net/blogs_details.php?id=2444December 31,1969http://www.projectleadership.net/blogs_details.php?id=2444With the introduction of Exchange 2010 more environments are deploying HLBs (Hardware Load Balancers) to provide high availability. With the deployment of these device your users can expect a more stable and enjoyable experience with Outlook. However before you deploy your HLBs, testing of the features that will be behind these devices.

What should you test for?

Autodiscover - Can you create a profile automatically with Outlook? Can you run a Test Email Autoconfiguration successfully
Out of Office - Can you set this without getting an error?
OWA - Test an Exchange 2010 and 2003 mailbox (for redirection purposes)
ActiveSync - Test an Exchange 2010 and 2003 mailbox (for proxy purposes)
Outlook Anywhere – Test an Exchange 2010 and 2003 mailbox (for proxy purposes)

If any of these fail, fix the issue before adding the HLBs to the mix. Then once all issues are resolved, then insert the HLBs. If there are any errors now, you know that your HLB is most likely the cause. Tweak your HLB rules until it works.

One last consideration, if you are using TMG/UAG, test your rules before and after as well.

-Damian Scoles, Technical Architect
You can read more posts by Damian at Just a UC Guy.

]]>http://www.projectleadership.net/blogs_details.php?id=2439December 31,1969http://www.projectleadership.net/blogs_details.php?id=2439blog on this for further information.
Once you have normalization rules defined in Lync and changes have been committed, the next question is when will the Lync clients and/or Polycom CX series phones see these changes? The first (and easiest) way to force these changes to the clients is having them log off and log back into Lync. Upon login, the CX series phones and/or Lync clients will download the latest normalization rules along with the global address book (GAL). But what if you have 1500 Polycom CX series endpoints along with common area phones & conference room phones. After some testing, we found that the updated normalization rules are downloaded to the Polycom phones in 7 hour intervals.
- Robert Sestili, Senior Consultant]]>http://www.projectleadership.net/blogs_details.php?id=2438December 31,1969http://www.projectleadership.net/blogs_details.php?id=2438Active Directory Synchronization in Office 365 differed from BPOS in a major way in that once it was activated, you could not turn it off – until now…



Keep in mind that if you choose to deactivate AD Synchronization in Office 365 it can take up to 72 hours to complete, during which time no synchronization from the existing environment would occur (obviously) but also you cannot immediately configure synchronization to another environment until this is completed.



- Matt Green, Senior Consultant
You can read more of Matt’s posts at his blog Unified Messaging in the Cloud.

]]>http://www.projectleadership.net/blogs_details.php?id=2446December 31,1969http://www.projectleadership.net/blogs_details.php?id=2446As many of you know, Wise Package Studio is no more. But the good news is that we’re not left completely stranded. Symantec and Flexera have worked out a deal with each other so we can use AdminStudio going forward. It’s a special edition called AdminStudio for Symantec.

Symantec will offer three editions of AdminStudio for Symantec: Enterprise, Professional, and Standard. The three editions of AdminStudio for Symantec will include all of the functionality found in the traditional AdminStudio product plus functionality specifically developed for users of Altiris management suites and existing Wise Package Studio users. In addition, the process of converting from Wise Package Studio to AdminStudio is greatly simplified with an automated conversion tool which takes WSE packages and their associated meta-data and imports them directly into the AdminStudio database.
Curious what it looks like? You can watch a half-hour clip here. You can get a trial copy here.

Symantec will also offer AdminStudio Virtualization Pack, an optional add-on that provides advanced packaging support for the application virtualization technologies from Microsoft (App-V), VMware (ThinApp) and Citrix (XenApp).

If you have Symantec support up to date, you should have received information on how to migrate from Wise Package Studio to AdminStudio for Symantec. The migration program will be offered from November 7, 2011, until November 7, 2012. Wise Package Studio licenses covered by current Essential Support or Basic Maintenance are eligible to migrate to a AdminStudio for Symantec. Migration to AdminStudio for Symantec will not affect your existing Wise Package Studio licenses. You may continue to use previously purchased Wise Package Studio licenses, which is nice if you’re stuck in the learning curve of AdminStudio and need to crank something out quick.

So I know many people are particular about their packaging software and may not have looked at AdminStudio for some time. I make the analogy that one is like a Chevy and one is like a Ford; they both do the same thing but essentially they do the same thing - they generate packages. The learning curve for AdminStudio will be small for most of the packages you create and when converting the Wise packages to AdminStudio, it’ll be easy to modify any package you created in the past.

If you’ve been using Wise for some time (I’ve been using it since 1999!) it might be hard to let go and move on but trust me, it’s easier then you think.

- Vince Janeczko, Consultant
]]>http://www.projectleadership.net/blogs_details.php?id=2431December 31,1969http://www.projectleadership.net/blogs_details.php?id=2431I had a request to allocate a measure down to a lower level based on a percentage. A former colleague of mine called this prorating. I am not sure the proper name, but this is common in the media/advertising industry. In the past I have done this in the database by joining the original row to the lower level percentages and exploding the fact rows. The problem with doing this in the database is that the number of fact table grows quickly and becomes unmanageable. I wanted to use Analysis Service do the allocation down to the lower level and avoid the explosion of fact rows in the database. I found documentation from Microsoft here. It was a good starting point and gave me the confidence that this task could be accomplished by Analysis Services, but it did not include the custom rollup script that is needed in order to aggregate the totals properly. The purpose of this article is to build on the Microsoft documentation by going a bit further in explaining the solution.

The example below shows the basic idea of what I wanted to achieve. I wanted to allocate a single row (shown below as 2000 impressions) by a given percentage of an age demographic. I want to determine the allocated value by multiplying the percentage by the impressions.



To start I created a main fact table called Fact Advertiser and a related detail table called Fact Advertiser Detail in order to handle the one to many relationship.


The primary key on the Fact Advertiser table is Display Screen ID and Date ID. The primary key on the Fact Advertiser Detail was DisplayScreenId, DateId, and AgeID.

A many to many relationship was defined in the cube. In the diagram below, the FactAdvertiserDetail serves as the intermediate measure group and DimDisplayScreenID is the intermediate dimension. The intermediate dimension serves as a bridge between the two measure groups involved in the many to many relationship.



Once the many to many relationship was defined the relationships looks as follows.



The two scripts were added to the cube in BIDS under Calculations then Script View. The first one creates the calculated measure.



The second script is a custom rollup formula and was added just after the script above. The purpose of the script is to override the normal aggregation of our calculated measure (AdjustedDeliveredImpressions) and perform the calculation on the lowest level BEFORE the aggregation occurs. Without the custom rollup formula the calculated member would happen AFTER the aggregation and give us erroneous results, especially when querying on Age Demographic without using the intermediate dimension (Dim Display Screen).



After reprocessing the cube, I was able to verify the results by connecting to the cube with Excel and create this pivot table.





-Tom Puch, Senior Consultant
You can read more posts by Tom at Concepts and Techniques on Business Intelligence.
]]>http://www.projectleadership.net/blogs_details.php?id=2423December 31,1969http://www.projectleadership.net/blogs_details.php?id=2423 Oh no! Where's the LABCLUSTER Cluster Resource Object?

Now if I had the AD recycle bin enabled in AD 2008 R2 then this wouldn't have been an issue except to go into the recycle bin and recover the item.


NOTE: In order to enable the recycle bin in a 2008 R2 AD environment, open Powershell as an administrator with the following command where the DC values match your domain information:
Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=vdilab,DC=com’ –Scope ForestOrConfigurationSet –Target ‘vdilab.com’
Source: http://technet.microsoft.com/en-us/library/dd379481(WS.10).aspx
However I did not have this enabled so I was in a bit of a pickle. Of course we could do an authoritative restore but that seemed a bit overkill. A good point to note that even though you delete an AD object, it simply deletes the link to that object and tombstones the object.
First we'll need to grab the extremely useful Sysinternals tool ADRESTORE
http://download.sysinternals.com/Files/AdRestore.zip
Now we'll drop that on our DC and open up a command prompt to that directory. You can run adrestore.exe with no switches but it will return many results.

Let's go digging for the object I want by running adrestore.exe -r

Now if you accidently deleted the OU you can restore that as well by the same token. We're going to go ahead and choose yes. And look! The object is restored!

You can confirm that the object is valid by pulling the objectGUID value from the AD object and comparing it to the registry key on the cluster nodes.


To find the GUID on the cluster nodes, open the registry and navigate to HKLM\Cluster and find the ClusterNameResource key. Note that down and find that value under Resources and find the Parameters key. Compare the ObjectGUID to the hex value found in the AD object, they should be identical. Go ahead and restart the cluster service on your nodes one by one and everything should come back online.


- Rich Lilly, Technical Specialist ]]>http://www.projectleadership.net/blogs_details.php?id=2413December 31,1969http://www.projectleadership.net/blogs_details.php?id=2413What is Handshake?


Handshake Software is a powerful set of tools and web services that allow an organization to retrieve data from Line of Business (LOB) systems and deliver that data to your SharePoint pages. Handshake can also deliver data to any source system that can consume data from a web service, but we use it almost exclusively with SharePoint 2007/2010 Intranets and Extranets.

The system is used primarily in professional services firms, especially law firms. It has pre-built connectors that many of these firms use for financial, document and contact management – which makes presenting data in a context aware scenario a relatively straight-forward affair. For example building a feature rich project or “matter” page that displays the documents, contacts and current financial metrics can be done in a few hours once the Handshake Framework has been installed and connected to the LOB data.

PLA has been a long term partner with Handshake Software and we’ve done numerous projects for our clients that leverage the full functionality of the Handshake Toolkit for both Intranets and Extranets. The purpose of this blog is to share many of the techniques and lessons learned over the last few years. It is our hope to foster a sense of community among firms that use the Handshake Toolkit and allow them to explore new ways to use this versatile software to solve their portal related business problems.

If you haven’t already, you should also register and participate in the Handshake Support forum where you can find discussion forums and downloads. You can register at HandShake Software and then visit the Support area.

- Steve McHargue, Senior Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2412December 31,1969http://www.projectleadership.net/blogs_details.php?id=2412One of the new features in Exchange 2010 that almost every company seems to be taking advantage of is Database Availability Groups. With email being the lifeblood of most companies, the high availability and near instantaneous switch over of active databases to a redundant mailbox server, both onsite and off, is a dream come true. However, there might be an issue with this speedy transition that does not work well with your WAN connection.

Not every company can have a 100Mb/s, low latency, rock solid MPLS between their main and DR sites. In fact, some companies struggle with their providers to even keep packet loss in check. High latency and/or packet loss can be disastrous to a stable DAG environment. So let’s look at how a DAG works at the replication layer, what the default settings are, what issues you might run into with less-than-stellar WANs, and what tweaks you can make to better accommodate them.

During the DAG creation process, Exchange will install a subset of Windows Failover Clustering features to maintain the DAG. As with most types of clusters, a connection to the other members must be constantly checked with “heartbeat” packets. Any failure of a cluster member to respond to a heartbeat check can result in a database failover, a member being kicked out of the DAG, or even a corrupted database copy requiring a reseed from scratch. This will almost never occur across your LAN, but once the DAG members start talking across a WAN, latency and/or packet loss might be enough to trigger this.

By default, the expected latency should be below 1000ms for both local and remote subnets, and any node that misses 5 or more heartbeats will cause another node within your DAG cluster to initiate a failover. While 1000ms may sound like a lot, I have seen several WANs without proper QoS shoot up to 3000ms+ during cross-site file transfers, causing Exchange to freak out and send all active databases to the DR site. So what can we adjust these to, and how do we do it? Well, these are CLUSTER settings and not EXCHANGE settings, so they must be adjusted through the “cluster” command line tool.

To check your existing settings, type the following at a command prompt on any DAG member:

cluster /prop



What we are looking for is the SameSubnetDelay, CrossSubnetDelay, SameSubnetThreshold, and CrossSubnetThreshold settings. As noted in the previous paragraph, these settings default to 1000, 1000, 5, and 5 respectively. To set these properties at their maximums, enter the following commands:


cluster /prop SameSubnetDelay=2000:DWORD

cluster /prop CrossSubnetDelay=4000:DWORD

cluster /prop CrossSubnetThreshold=10:DWORD

cluster /prop SameSubnetThreshold=10:DWORD




You can then check to make sure the settings applied by once again typing “cluster /prop.”


So after applying these settings, you now have some breathing room with regards to WAN issues (and LAN if you also applied the “SameSubnet” settings above) and your DAG heartbeat traffic. But what if these maximum settings aren’t enough? How can you keep Exchange from just randomly activating databases at other sites when there has not been a true outage? Well, first and foremost, always make it a best practice to check and/or enable your Datacenter Activation Mode settings. A good explanation can be found here, but just remember to enter the following command as soon as you create your DAG:

Set-DatabaseAvailabilityGroup -Identity DAG1 -DatacenterActivationMode DagOnly
But for smaller line hiccups that don’t appear as full site failures to the cluster, there is another way we can control exactly which mailbox servers can activate database copies, and that is with the DatabaseCopyAutoActivationPolicy setting. This setting is applied on a per mailbox server basis with the following command:

Set-MailboxServer ServerName –DatabaseCopyAutoActivationPolicy Unrestricted

There are 3 settings here that determine how Active Manager decides where to activate database copies:


10. Blocked Databases will never be automatically activated on this server
11. IntrasiteOnly Only databases that are active in the same site as this server can be activated automatically.

Unrestricted Default setting. Any database can be activated on any server in any site automatically.



Keep in mind that this only affects AUTOMATIC ACTIVATION, hence the name of the command. You will always be able to manually activate any copy on any server, regardless of these settings.

So with all of these settings in place, you should be able to eliminate most accidental/unexpected DAG issues caused by cross-site connectivity issues, while also having complete control over which servers can automatically activate database copies without administrative intervention.

- Kyle Kennedy, Senior Managing Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2400December 31,1969http://www.projectleadership.net/blogs_details.php?id=2400

Connecting R to SQL Server to pull data from a SQL Server data warehouse or data mart is something you may want to consider if you need to do advanced statistical computing.

Assuming you have R already installed, the prerequisite steps are first you have to download and install the RODBC package. This was done by using the menu options found under the Packages menu in the Rgui. The second thing to do is create an ODBC data source. I created a system data source for SQL Server. I configured my server and default database, making sure to point the default database to the database I wanted to connect to. In this case I was connecting to the CatchAll database. I did not feel very creative so I called the ODBC connection the same name as the database.






The first line calls the RODBC package that supports ODBC calls.

The second line creates the connection using your ODBC connection your created previously.

The third line runs your SQL query. You can query a table or a view. The output is sent to a data frame called “dataframe”.

Finally in the fourth line the connection is closed and in the fifth line I displayed an average of the price field in my data frame to show that in fact the dataframe has been populated.

- Tom Puch, Senior Consultant
You can read more posts by Tom at Concepts and Techniques on Business Intelligence.

]]>http://www.projectleadership.net/blogs_details.php?id=2410December 31,1969http://www.projectleadership.net/blogs_details.php?id=2410Recently, I was working on a deployment for a customer who did not have PKI deployed internally. As you are probably aware, certificates are a crucial component of a Lync deployment. Due to time constraints, we decided to go ahead and use public certs for all of the servers, including the Front Ends (with collocated A/V and Mediation roles). I thought the process of getting a public cert onto the gateway would be pretty straight forward. Man, was I wrong.

All was well and good, until I presented the options of using TCP or TLS with the AudioCodes gateways we were deploying. The customer wanted to ensure that encryption was maintained through to the gateways. In virtually all deployments I have previously worked on, Microsoft PKI has been deployed internally. This just means taking the Certificate Signing Request (CSR) from the gateway and uploading it to the Certificate Services web page, then downloading the cert. I assumed the process for a public cert would be similar - that I could just log into the AudioCodes web interface, generate the CSR, and upload it to the cert provider's request page. This was definitely not the case.

Generating a CSR for a public cert provider requires that all of the organizational information be included in the request. When generating the CSR using the Lync cert wizard, you are prompted for all of this information. By default, AudioCodes does not.

The following steps are necessary to generate a CSR from an AudioCodes Mediant 1000 MSBG. I assume that the steps would be similar on other models, but cannot guarantee it.

Prerequisites:
• This has only been confirmed to work on gateways running firmware v. 6.20A.046.005 and up



Change the TLS Key Size:
Change the default key size for the CSR. By default, the gateway will generate a 1024-bit CSR. A 2048-bit key is now the default in Exchange and Lync, so we will update the CSR generated by the AudioCodes to match.

Connect to the gateway's advanced administrative page, typically http://"gwip or fqdn"/AdminPage (Note: the /AdminPage is case-sensitive)



Click ini Parameters on the left side



In the Parameter Name field, enter TLSPKEYSIZE



In the Enter Value field, enter 2048




Click Apply New Value



We then need to Generate a Self-Signed request for the change to take effect.

From the main Administrative page, http://"gwip or fqdn", navigate to Configuration -> System -> Certificates on the left side



Enter the FQDN of the gateway into the Subject Name field



Click the Generate self-signed request button



Burn the configuration to memory

Genreating the CSR with Organizational Info

Now that we've set the TLS key size, we can move forward with generating the CSR with the organizational info. This is buried in the engineering command shell.

Connect to the gateway engineering administrative page, http://


Click Cmd Shell on the left side



In the Command Line box below, type cm to enter certificate management mode

Click Enter (or press Enter on your keyboard)



Once in certificate management mode, type cm csrint into the Command Line box to generate a CSR in interactive mode
Click Enter (or press Enter on your keyboard)

You will then be prompted for the relevant organizational information (Country, State, City, Company, OU, etc.) within the Command Shell.

Once all of the information has been entered, the CSR will be output within the Command Shell window.

Copy this information and paste it into a text file or directly into your provider's request form.

Upload the Newly Generated Certificate

Once you have received the certificate package from your cert provide, simply upload the file just as you would if you had requested it from an internal CA.

From the main Administrative page, http://, navigate to Configuration -> System -> Certificates on the left side (just as we did above).

Under Certificate Files, click Choose File under the "Server Certificate" section



Select the certificate you downloaded from your Public CA (you may have to change the File Type drop-down to All Files).

Click Send File (Note: It will state whether or not the file was uploaded properly only the first time. From what I can tell, there isn't an easy way to validate the cert at a glance from here.)



Perform these same steps for the Root CA certificate under the "Trusted Root Certificate Store" section

Note: Nothing is uploaded to the "Private Key" section since the gateway already has the private key associated with the certificate. I have also not found a good way to backup/export the certificate with the private key for recovery purposes later.

Conclusion
I know when I was trying to figure this out, there was no information publicly posted on the web. This was somewhat of a unique situation where we were deploying Enterprise Voice functionality when a customer did not already have PKI deployed internally. Hopefully this helps if you happen to be in the same situation.

Please feel free to leave comments or questions below.

- Phil Sharp, Technical Architect
You can read more posts by Phil at Mastering Microsoft UC.

]]>http://www.projectleadership.net/blogs_details.php?id=2403December 31,1969http://www.projectleadership.net/blogs_details.php?id=2403There are many approaches to motivating employees. One of the most common approaches focuses on motivation through compensation, financial incentives and other forms of recognition. Another approach encourages managers to help employees link their work to the strategy of the company, to elevate the employee’s sense of importance in executing their role. Giving employees clear accountabilities and then holding them accountable is also key. While these are common practices, they are often not enough, the incentives are too small, and the link to strategy too obscure and the accountabilities are not easily measured. Still, this is what most managers do to motivate employees.

Years ago there was much attention paid to the changing contract between employers and employees. The change switched the accountability for development and advancement from employer to employee. The role of the leader was to support the employee in their work to advance their career. This change also required that the employer didn’t define the employees’ career path, but rather supported the employee in moving down their own career path. But here is where things fell apart. To support an employee’s movement down their own career path the manager had to understand the employee’s career goals.

For some managers this crossed the line and for some employees this was a frightening prospect. This conversation felt a bit touchy-feely for some managers. Employees sometimes felt embarrassed if they didn’t have a good answer or if their answer was in conflict with the objectives of their current position. As a result, this conversation rarely happens and some prefer it that way.

Some of the truly great leaders I have known responded quite differently. These leaders felt that it was their mission to help their employees reach their goals and they looked for ways to link these with the overall goals of the organization.

For example, if an employee had a career goal to be an application developer, but was currently in an accounting role the manager would work with them to understand the steps to realizing that goal and would look for opportunities to expand the role of the employee to accomplish some of these steps. This might mean sending the employee to a conference on new accounting software applications.

Leaders who play this role with their employees are the best motivators. Employees want to work for these leaders. But there is an important benefit to employees and even to society when leaders play this role for in playing it they also help employees develop options to pursue new opportunities, beyond the role they play in their current job which is tremendously valuable to the employee and to our world

- Dan Roller, Solution Group Leader

]]>http://www.projectleadership.net/blogs_details.php?id=2398December 31,1969http://www.projectleadership.net/blogs_details.php?id=2398In most of the LYNC 2010 Enterprise Voice deployments I have worked on in the past year, the majority of them were Cisco UCM integrations and/or pilot programs. The first question I get is "Can LYNC and CUCM share the same extension/DID. Let me first off start by stating that cannot be done natively. Forking, as it’s called, is not supported in LYNC 2010 with any PBX or VOIP system without the use of a 3rd party voice gateway product like AudioCodes SPS. The second question I get is "Can the Cisco extension and LYNC 2010 extension at least share the same UM Mailbox." The short answer to this is yes. CUCM and LYNC 2010 users can share the same Exchange UM mailbox allowing their Cisco IPT extensions and LYNC 2010 extensions to have the same voice greeting, auto attendant, subscriber access number, etc…This is simply accomplished by running the Exchange UM wizard on any UM mailbox once the UM dial plan for LYNC and gateway objects have been created just as you would normally setup LYNC voicemail (I am assuming the user in question has not already been enabled).

Once the UM wizard is run and LYNC 2010 voicemail is functional, you can add the unique CUCM extension and Cisco UM dial plan to the EUM address list:





Note, the UM mailbox will still utilize the LYNC 2010 mailbox policy, but it will allow the Cisco extensions to share all of the same settings with LYNC. There are a few caveats with this configuration. First, the LYNC 2010 EUM address must remain as the primary EUM address. Second, the MWI (Message Waiting Indicator) feature will cease to function on the Cisco IP phones. And finally, the Play on Phone feature will cease to function should you choose to play the voicemail on the Cisco IP Phone. After contacting Premier Support on these issues, it turns out these “caveats” are product limitations. The Outlook integration and other Unified Messaging features the Cisco UCM users currently have will still function properly. These limitations usually are not show stoppers in most cases.

- Robert Sestili, Senior Consultant, MCITP

]]>http://www.projectleadership.net/blogs_details.php?id=2395December 31,1969http://www.projectleadership.net/blogs_details.php?id=2395If you are thinking about investing in videoconferencing technology for your unified communications platform, you may not know what path to take when looking at all of your options. Videoconferencing has finally matured and the quality is amazing. When you sit in an immersive room and interact with global participants that in a conference call that gives the impression you are all seated at the same table in the same room, it is very impressive. I have experienced three different vendors’ solutions and all of them were high quality, giving the rooms a white-glove support look and feel. Far-end participants on the screens were life-size, eye contact was good, audio quality was superior and in general, the video was blu-ray or broadcast quality.

What sets one vendor apart from another? Perhaps some elements are merely preferences and others are defiantly related to the upfront and recurring spend. All three vendors I looked at had content in a different place. When doing a videoconference, sharing content (PowerPoints, spreadsheets, images, etc.) can add substantial value. One vendor had content below the monitors to keep faces pointed in the desired direction. However, a half hour into the meeting, I found that I was not able to sit or lean back naturally and still see the material. I also found myself banging my leg against the infrastructure under the table a few times. I prefer content brought up to the table top or on a content monitor on the wall I’m facing. This is something to discuss with the most common users as everyone has different preferences and the majority of conferences include content sharing.

Some things to consider:

Is this a compliment to my UC solution or is it yet another silo?

What kind of LAN/WAN bandwidth horsepower is required to get this quality?

Make sure you are comfortable that what you are buying is standard, simple to use, compliments your UC strategic direction and can do so without suturing WAN links. Bandwidth comes at a price and while one may argue that it has become a commodity, it is one that needs to be managed nonetheless. Ensure you do your homework and engage a knowledgeable partner to help in making an informed investment. Don’t forget to include various user categories in the process because that the end of the day, technology is there for their benefit and productivity.


- Bill Rasmussen

]]>http://www.projectleadership.net/blogs_details.php?id=2394December 31,1969http://www.projectleadership.net/blogs_details.php?id=2394Scenario – Brand new Lync install

Two Lync Edge servers with DNS load balancing.
Two Front End servers with an F5 hardware load balancer (HLB) in front of those.

External full clients fail to login into Lync. Internal Lync clients were working without issue. We concentrated our time on the Lync Edge servers. We looked at the NAT setup, IP addresses and routing on the Edge servers. We then verified the certificates were correct as well. As a final check we checked the live ports on the Edge servers. To do this we performed these steps:

Telnet from Edge1 to the VIP of HLB on ports 443 and 5061 – Passed
Telnet from Edge2 to the VIP of HLB on ports 443 and 5061 – Passed
Telnet from Edge1 to IP of FrontEnd1 on ports 443 and 5061 – Passed
Telnet from Edge2 to IP of FrontEnd1 on ports 443 and 5061 – Passed
Telnet from Edge1 to IP of FrontEnd2 on ports 443 and 5061 – Passed
Telnet from Edge2 to IP of FrontEnd2 on ports 443 and 5061 – Passed
Telnet from FE1 to IP of Edge1 on ports 443 and 5061 – Passed
Telnet from FE1 to IP of Edge2 on ports 443 and 5061 – Passed
Telnet from FE2 to IP of Edge1 on ports 443 and 5061 – 443 Failed, 5061 Passed
Telnet from FE2 to IP of Edge2 on ports 443 and 5061 – 443 Failed, 5061 Passed

What we found was that the telnet to port 443 failed to one of the Edge servers. Upon the conclusion of the test we logged into the edge server that failed the telnet test and ran a netstat -a. This verified that 443 was not listed. We then checked to see if all the Lync services were running and discovered that three services were not running. We then started the services on the Edge server and verified the ports were open with the netstat -a command.

So the lesson learned here is that there are many things to check when troubleshooting connection issues. Make sure to check the basics before turning to SIP Tracing.

-Damian Scoles, Technical Architect
You can read more posts by Damian at Just a UC Guy.

]]>http://www.projectleadership.net/blogs_details.php?id=2313December 31,1969http://www.projectleadership.net/blogs_details.php?id=2313Deployments are typically defined as a situation in which a company has to refresh new hardware or migrate their existing hardware to a new operating system. In fact, the deployment process is an ongoing process in which devices in the field are continuously updated and maintained to ensure proper manageability and the most optimal reduction in the total cost of ownership.

It is important that customers understand and appreciate the true lifecycle costs of deployment and not focus exclusively on the initial costs of deploying the new hardware or the new operating system. It is clear that the larger costs are contained in the ongoing management of these devices which could be significantly reduced with the implementation of an ongoing “managed” deployment process.

Deployment lifecycle


• 1. Define/review requirements
• 2. Manage assets
• 3. Create image
• 4. Package applications
• 5. Define hardware
• 6. Define systems
• 7. Data and state management
• 8. Coordinate deployment logistics (communication, training, marketing, scheduling)
• 9. Deploy image
• 10. Reporting and feedback




-Kris Gronert, Solution Group Leader

]]>http://www.projectleadership.net/blogs_details.php?id=2392December 31,1969http://www.projectleadership.net/blogs_details.php?id=2392When trying to add the SCOM 2012 components to SCVMM 2012, the job completes successfully, however when you go to the connect status, you receive the following error:
VMM Management group object cannot be found.
Operations Manager discovery failed with error: "Exception of type 'Microsoft.VirtualManager.EnterpriseManagement.Common.DiscoveryDataInvalidRelationshipSourceExceptionOM10' was thrown.".
If you have any stored Virtual Machines in the library, deploy it and store it back in the library and this should resolve the error.



- Rich Lilly, Technical Specialist

]]>http://www.projectleadership.net/blogs_details.php?id=2391December 31,1969http://www.projectleadership.net/blogs_details.php?id=2391I recently experienced a strange issue after adding 2 Qlogic QLE4060C-E-SP single port ISCSI HBA’s into a Dell R805 server cluster. This card is not a NIC, and only appears in the storage adapter section in vCenter as expected. However, when I went to tried to IP this card and give it visibility into the ISCSI VLAN, something bizarre happened. The configuration window sat there for about a minute and afterwards the task said it was completed. Then, all of a sudden, the HBA completely disappeared from the Storage Adapters list. I tried to refresh and rescan-all, but it would not come back. Also, you could not ping the card based on the IP that I supposedly assigned it.


After this happened, I tried to IP the other hba’s in the hosts cluster (the same upgrade was scheduled on multiple hosts in the cluster) and had no issues whatsoever. I also tried to reboot the host after putting it into maintenance mode and the hba still wouldn’t come back. To make a long story short, I had to go into Bios and try to launch the Qlogic FAST! Utility. When I did that, it immediately told me that the firmware was corrupted on the HBA in slot 0. The HBA was then replaced and all of the issues were completely resolved.


So, the moral of the story is that you should always check the built-in configuration utilities that come with these nic’s/hba’s to ensure that everything looks ok and is ready to be configured. Also, if this ever happens to you and adapters just magically disappear in vCenter, it’s probably something physically wrong with the card.




- Victor Rusovski

]]>http://www.projectleadership.net/blogs_details.php?id=2382December 31,1969http://www.projectleadership.net/blogs_details.php?id=2382The following is an excerpt from a white paper written by Dan Roller, PLA's business strategy and execution practice group leader. The entire white paper can be read here.

Introduction
How effective is your organization at executing strategy? Most organizations admit that there is room for improvement. They know, for example, that they often fail to meet their growth targets, or find that their cash flow rises and drops unpredictably. Their product line changes in reaction to customer demand, but is rarely out in front of customer demand. The level of service required by customers is not the same level of service delivered. Operations is overwhelmed by the number of initiatives they are asked to support - and consequently, the delivery on these initiatives rarely meets defined requirements. Surprisingly, these organizations may or may not be profitable, but they are always performing significantly below their potential.

When leaders in these organizations are asked to explain why they are underperforming, they often cite a lack of money and resources, or of being “spread too thin.” Some blame the market. Others point the finger at other departments. In the end, what they are all really talking about is “focus.”

Almost invariably, when an organization’s leaders talk about being “spread too thin,” they are saying that priorities aren’t clear. Those who blame the market typically can’t see the trends that really impact the company, because they simply don’t understand which trends are most important. Those who point the finger internally are really saying that their organization is made up of silos, operating independently of the needs of other silos.

Organizations with clear priorities, a strong grasp of the most important market trends that impact customer acquisition and retention, a view of the big picture and an understanding of how and where departments must coordinate activities all share one thing in common: “focus.”

Where does “focus” come from? It comes from the top. It requires aligning leaders around a common understanding of strategy first, and a common understanding of what is required to execute that strategy, second. In the past, organizations wishing to align around a common understanding of strategy often engaged in a strategic planning process. Strategy mapping and the development of a “Balanced Scorecard” were seen as best practices in the strategic planning processs for aligning leaders, and the rest of the organization, around a common understanding of strategy execution.

In applying these best practices, organizations often focused on developing a full and balanced map and scorecard to define organization priorities. Unfortunately, the focus on full and particularly balanced has blurred priorities instead of clarified them.



You can continue reading here.

- Dan Roller, Solution Group Leader

]]>http://www.projectleadership.net/blogs_details.php?id=2376December 31,1969http://www.projectleadership.net/blogs_details.php?id=2376PowerShell may be one of the most powerful system management tools that Microsoft has ever delivered. Its use is becoming pervasive across all platforms: SQL, AD, SharePoint, Exchange and even desktop management. The problem with a GUI interface when managing systems is that everything you do in a GUI is by its nature repetitive, often tedious and never easily reproducible in the exact same way for system to system.

With PowerShell, once you crafted a solution – whether that is creating users in AD, moving SharePoint site collections from one farm to another or managing mailboxes in Exchange – then you can reproduce that task at any time and across similar systems.

You can do much of the heavy lifting with PowerShell just using the built in CmdLets crafted by Microsoft for the different systems and applications without writing “code”. But, like all tools, there is tremendous power in learning to leverage all the features available. For PowerShell that means learning some basic coding techniques that let your PowerShell Scripts become even more useful for managing your particular environment.

This is the first blog in a series that will explore some of the basic programming syntax that will allow you write PowerShell scripts that go beyond basic chaining together CmdLets.

PowerShell Functions
Writing a function in PowerShell allows you to create a segment of code that you can call at any point in your script. It is useful when you see yourself repeating the same set of commands over and over throughout your script. It can make your script easier to understand, and improve the quality of your code. There are a few ‘gotchas’ that I’ve run across when first learning the PowerShell syntax.

Calling Your Function with Parameters
In every other programming language I’ve learned, when you call a function in your program you enclose the parameters you are passing in in parenthesis. For example a function to add two numbers you would use “AddNumbers(10,20)”. This is a common first-time mistake in PowerShell as enclosing anything in parenthesis tells PowerShell to take everything in the () and come back with whatever object that turns out to be.

An example of where this is useful is in working with the Get-Date cmdlet. Get-Date returns on object of DateTime, when you enclose the cmd-let in parenthesis then you can use that object directly. The following two command snippets produce identical results:
Example 1:
$x = get-date -year 2012 -month 7 -day 20
$x.AddDays(-10)
Tuesday, July 10, 2012 3:36:57 PM

Example 2:
(get-date -year 2012 -month 7 -day 20).AddDays(-10)

Note: Add Days is a METHOD, you do use paranthesis when you are call a METHOD.

Back to our fictional AddNumbers function. We can write that like this:

Functon AddNumbers([string]$msg,[int]$n1, [int]$n2)
{
write-host "$msg $n1 to $n2"
return $n1 + $n2
}

And here are the results when calling that function 3 different ways, only one of which is correct. Notice the first two examples call the function with the parameters in parenthesis and again without them, but separated by a comma. In the first two cases we are not actually passing in the string and two integers the function is expecting, rather we are passing in an array object as the $msg parameter and null values for the two integers:

PS C:\> $x = AddNumbers("Adding up ", 10, 20)
Adding up 10 20 0 to 0
PS C:\> $x
0
PS C:\> $x.getType()

IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True Int32 System.ValueType

PS C:\> $x = AddNumbers "Adding up ", 10, 20
Adding up 10 20 0 to 0
PS C:\> $x
0
PS C:\> $x.getType()

IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True Int32 System.ValueType

PS C:\> $x = AddNumbers "Adding up " 10 20
Adding up 10 to 20
PS C:\> $x
30
PS C:\> $x.getType()

IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True Int32 System.ValueType

Returning Unexpected Values from Functions
Another item that might trip up first time users in returning values from the functions they write. In many languages you control explicitly what the function will return as a value, and when your function has the statement “return x”, then the function will terminate and return x to the place in your code that called it.

This is not the case with PowerShell. PowerShell takes every object that is created in the function, and unless that object is either stored in a variable or consumed as part of a pipleline command, then it is returned as part of the return object.

Looking at the AddNumbers function again, if we change the line:

write-host "$msg $n1 to $n2"

if we change that to this (which is a commonw ay to print output to the console.

"$msg $n1 to $n2"

Then the string object is actually pushed onto the stack of objects that the function will return. The results look like this:

PS C:\> function AddNumbers2([string]$msg, [int]$n1, [int]$n2) {
>> "$msg $n1 to $n2"
>> return $n1 + $n2
>> }
>>
PS C:\> $x = AddNumbers2 "Test this Function" 11 22
PS C:\> $x
Test this Function 11 to 22
33
PS C:\> $x.GetType()

IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True Object[] System.Array


So, rather than returning an integer as expected, you get back an array of objects.

Using write-host instead of a quoted string if your function needs to output text is pretty simple and maybe obvious, but consider this command which creates a new Document Library in a SharePoint site.

$web.Lists.Add("Financial Documents", "Financial Documents", $fLibTemplate);

If used as shown in a function that later you were expecting to return a specific value from, for example a Boolean value if a document was successfully added to the library you created in the function then the library created by the line above would actually be an object returned by the function. You would need to use a statement like this:

$result = $web.Lists.Add("Financial Documents", "Financial Documents", $fLibTemplate);

Even if you didn’t otherwise need to the variable $result.

Summary
PowerShell functions are a useful feature that can improve many aspects of your PowerShell scripts including increasing code reusability. There are a couple of nuances to the language that I don’t consider obvious to those starting out with the tool. If that’s you, I hope this was some help.

- Steve McHargue, SharePoint Solution Architect

]]>http://www.projectleadership.net/blogs_details.php?id=2379December 31,1969http://www.projectleadership.net/blogs_details.php?id=2379There is always much debate on Lync 2010 Enterprise Edition on which load balancing method one should implement. Do we use Hardware based load balancing such as F5 BigIP, Citrix NetScaler, Barracuda, etc.? Many of these vendors are available in house in larger corporations so I won’t cover the hardware/maintenance costs associated with hardware load balancers. Microsoft also keeps their Hardware Load Balancing Interoperability list posted on the Lync 2010 website. This should be checked before any implementation and close attention paid to the specific code revision. So the question is always which one to use if both are made available. In my opinion, the simpler the better and when asked, I usually recommend using DNS Load Balancing for both Lync Front End and Lync Edge Pools. Microsoft usually will not prefer one method over the next as both methods are fully supported per the hardware requirements are met. I have come to this conclusion after many different Lync 2010 Enterprise Edition deployments I have completed for many reasons:
1. When implementing Hardware Load Balancing (HLB) on the Lync Edge Pool(s), we must not only load share the Edge server external network but also load share the internal network. This sometimes creates additional complexity for the project. In most large deployments (1500 seats and above), the ownership of the physical network and the hardware load balancers is usually performed by a different team than the System Administrators. This can sometimes not only create complexity in the design, but also cause delays due to change control and/or security reviews.

2. Most hardware load balancers will perform TCP checks on the virtual servers it is publishing. These TCP checks that it will perform on the Lync pools will sometimes cause the Lync Server System Event Logs to fill due to these TCP Checks. On the Front End pool, Lync can enable a hardware load balancing port monitor (shown below) which will allow the HLB administrator to specify the monitor port rather than use a separate monitor for each virtual server. However, this is not made available on the LYNC Edge Pool(s).



3. Using Hardware Load Balancers on the Lync Edge Pools require the external Lync Edge servers to be publically addressed. While this is still debated whether or not this is 100% accurate, I have found this to be true. Utilizing public IP addressing directly on a Lync Edge server is not always an option in any environment due to the perimeter network design and topology and of course due to security concerns.

4. While I prefer DNS load balancing, HLB is still required for the Lync 2010 Front End Pool. However, only the Lync web services and simple URLs will require HLB (TCP 80/443). This is due the lack of session state information that DNS LB can provide. Since the Lync web services provide us with Address Book, Web Meetings and Meeting Content, we are still at the mercy of a HLB Admin. A common workaround here is to utilize your reverse proxy such as Microsoft ISA or TMG. In most cases, the administration of these environments is under the ownership of the system administrators. Since ISA and/or TMG can function as a web server load balancer, we can utilize these systems to perform the load sharing requirements thus re-gaining all of the Lync 2010 environment back to the system administrators.

5. During systems maintenance, DNS LB will allow Lync administrators to perform server “draining” without the intervention of HLB administrators.

6. DNS Load Balancing will also prevent any interruption of SIP traffic and/or call routing that hardware load balancers can cause.

Since I have addressed the reasons why I don’t prefer Hardware Load Balancers in a Lync 2010 Enterprise Deployment, I should also state the limitations of DNS Load Balancing:

1. In a mixed mode environment such as OCS R1 or R2 and LYNC 2010, DNS load balancing fault tolerance cannot be utilized on OCS clients and/or OCS 2007 Edge Servers. This can be a problem if there are federated partners using OCS or internal users are still on the MOC (Microsoft Office Communicator) client. Since the resiliency when using DNS LB is partly part of the Lync 2010 client’s application awareness, this might not be an option for some deployments. In addition, when migrating legacy users to Lync TCP 135 (DCOM) must be load shared to successfully migrate the accounts. However, a “hack” or workaround is to simply enter a host entry within the OCS Front End Server(s) pointing the Lync Pool to one of the Lync 2010 Front End Servers. Then when the user migration is complete simply remove the entry.

2. DNS Load Balancing is also not fault tolerant with Public IM providers such as AOL, Google, etc. Should one of the LYNC Edge servers in a DNS Load Balanced pool fail, connectivity to these providers can be interrupted.

So there you have it. The pros and cons of HLB vs. DNS LB. For additional information and requirements on configuring Lync 2010 enterprise load balancing please follow the links below:

12. Load Balancing Requirements
13. Reference Architecture 3: Scaled Consolidated Edge (Hardware Load Balanced)
14. Reference Architecture 2: Scaled Consolidated Edge (DNS Load Balanced)

- Rob Sestili, Senior Consultant, MCITP

]]>http://www.projectleadership.net/blogs_details.php?id=2366December 31,1969http://www.projectleadership.net/blogs_details.php?id=2366Citrix has recently released an all-in-one VDI product which is appropriately named VDI-in-a-Box. The product is aimed at the SMB market and brings all the functionality and perks of a dynamic VDI architecture for just a fraction of the cost to implement and manage its big brother, Citrix XenDesktop.

VDI-in-a-box includes the necessary infrastructure required to deliver dynamic desktop pool inside of a virtual appliance or ‘VA’. The VDI-in-a-Box VA is compatible with all enterprise hypervisors; VMware ESXi, Microsoft Hyper-V, and Citrix XenServer. The VA also boasts built-in point and click web management, wizard driven configuration and management, a user facing web interface login, and support for the latest Citrix HDX technologies.

Setting up VDI-in-a-Box includes purchasing or re-utilizing a 64-bit architecture server. A hypervisor of choice is then installed and configured on that server. The VDI-in-a-Box VA is then imported and configured using the built in configuration wizards. The next step is to configure a Windows 7 or XP virtual desktop and import it into the VDI-in-a-Box appliance, also with the assistance of step-by-step wizards. The image is then edited to an image standard, including applications, customizations, and licensing. Once that is completed, a template is constructed and users can be assigned to login to that template. The number of VDI desktops to deploy is completely dynamic and can be increased or decreased on the fly.


The VDI-in-a-Box solution is a great fit for SMB’s looking to give their users virtual mobility both inside and outside the corporate walls. It’s also a great fit for enterprise size clients looking to offer VDI to specific departments within the organization. For under $500 per user (includes product and licensing), corporations can begin offering users the virtual mobility they are after.

- Adam Bolt, Technical Architect

]]>http://www.projectleadership.net/blogs_details.php?id=2365December 31,1969http://www.projectleadership.net/blogs_details.php?id=2365Have you turned over every rock?

The up-swing in the economy is not happening as fast as first thought! Most organizations under-went a series of cost-cutting measures in late 2007 early 2008. These cost cutting measures consisted mostly of reducing employee size and where possible real-estate and some internal operating costs, but how many organizations have taken a deep dive in their PRINT COSTS?
Re-structuring equipment lease or entering into a print management contract is a start but where does that leave your organization? Who is responsible for the enterprise wide print spend, how many devices does your organization have and which devices are cost efficient, is your fleet optimized? Some organizations can answer these questions, but the answers are coming from your trusted Print Vendor who probably sold you some new software or efficient hardware and has ensured you that your organization is 100% healthy as it relates to PRINT.
We’re not saying that you have been given false information – but 100% of the print vendors are sales organizations with monthly quotas and your vendor representative is paid on commission.
Consider this example of a recent client:
A large Organization with a global footprint – The MFD business is with one of the larger manufactures and the network printer business is being handled by another large manufacture. Both of these companies are in competition to increase their individual footprint with our client. Both manufacturers had completed what they call a “Print Study” – both reports came out favoring the individual manufacture and recommended to our client to buy more hardware and install a couple different software applications to help monitor the print volume and help drive the print jobs to the more efficient device. Of course the client needed to upgrade the current fleet to realize the savings!!!!
Our study contraindicate the first (2) studies – we traveled to a couple of destinations in the US and Asia and Europe, we conducted end-user studies and management studies. After 4 months we delivered our recommendations. This client ended up switching from a lease platform to a purchase platform, reduced 45% of the network printers and relocated MFD – added a print management program which we assisted with and end up reducing the current equipment no new equipment was purchased. We recommend software to help direct print traffic. This client saved over 1.4 million within the first 6 months and is on-track to save 4-5 million over a 36 month timeframe.



- Richard Ayares, Managing Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2370December 31,1969http://www.projectleadership.net/blogs_details.php?id=2370Recently after upgrading to SCVMM 2012 we had decommissioned our ESX test environment. In the upgrade it pulled over the hosts though as part of the process. In attempt to remove the cluster through the GUI I found that the refresh jobs on those hosts (light refreshes) happen every 2 minutes and take priority, therefore locking out my deleting.

So I’m in a bit of a conundrum, how do I remove the cluster within this time frame gracefully? The process itself takes a minute or two.


Well I’ve found that if we create the following registry key to increase that timeout (temporarily):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Server\Settings

REG_DWORD: VMPropertiesUpdateInterval = 9999

And restart the VMM service it allows us time to remove the cluster. If you still have any issues removing it through VMM, you can always do the same via Powershell with the following command:

Get-VMHostCluster | Remove-VMHostCluster –force

You can safely remove the registry entry when complete so that the refresh rate reverts back to the default of 2 minute.

- Rich Lilly, Technical Specialist

]]>http://www.projectleadership.net/blogs_details.php?id=2359December 31,1969http://www.projectleadership.net/blogs_details.php?id=2359Environment
Quite often in larger deployments, the teams that build SharePoint applications (development teams) will be quite different from the teams that manage the SharePoint servers (infrastructure teams). The Infrastructure team will be tasked with managing the SharePoint farms and will ultimately be responsible for the integrity of SharePoint. The assumption here is that the infrastrucutre team(s) will be the SharePoint server and farm administrators.

Challenge
In such setups, while the developers can be farm administrators on Development farms, they may have limited to no access to the Test, Stage and/or Production farms. The challenge here would be that anytime a custom developed WSP has to be deployed to the Test farm, the Development team will have to hand off the WSP to the Infrastructure team along with the deployment instructions, who would then perform the deployment. If repeated deployments have to be done, it takes up a lot of time coordinating this activity between both the teams and the turnaround might not be immediate. So, how do we enable the Development team to be able to perform deployments as needed without the concern of granting them farm admin access and preventing them from making any undocumented changes to the environment?

Solution
One solution is outlined below.
This solution will have to be implemented by the Infrastructure team, since they are the farm administrators. This should be set up on one of the WFE’s in the farm.

1. Create a PowerShell script that will do the WSP deployment. If this PowerShell script will be invoked from a command prompt, don’t forget to add the SharePoint PowerShell snap-in.

2. Create a Windows Scheduled Task using the Task Scheduler to run the PS script. The task can be scheduled to run with an account (possibly the farm account) that has the necessary permissions to deploy the WSP solution. The relevant settings for the task are:



3. Create a local group on the computer (maybe call it “SharePoint Developers”) that the developers can be added to. Make sure that the developer(s) are also a member of the Remote Desktop Users groups on the computer.

4. Now, assuming that the Scheduled Task was create under a folder called “SharePoint_Tasks”, open a command prompt and run:

>cacls “c:\windows\system32\Tasks\SharePoint_Tasks” /e /t /g “SharePoint Developers” :F
This will grant the “SharePoint Developers” the necessary permissions to run any of the tasks that are created under the SharePoint_Tasks folder in the Task Scheduler.

Note: You want to be careful when running the cacls command so as to only give the developers access to run tasks under a specific folder. Granting them access to C:\Windows\Tasks will enable them to run all the windows tasks scheduled on the server, so be wary of that.

Now for a developer to deploy the WSP, they would:

1. RDP into the server with their domain account
2. Copy their WSP to the appropriate location as defined in the PowerShell script
3. Open up the Task Scheduler and execute the task for deploying the WSP.

All this can be performed by the developers without them ever being local administrators on the server or SharePoint farm administrators.

Summary
Needless to say, you’ll still want procedures in place when are updates are made so that users are informed and the proper testing is done (and outage windows leveraged, if applicable).
Hopefully this suggestion will allow you to remain in control of your non-development environments while still giving developers the ability to update their code.

- Sudharsan Raman, Senior Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2356December 31,1969http://www.projectleadership.net/blogs_details.php?id=2356While waiting for DirSync to finish for the first time at a client site, we received the following email (partially edited for confidentiality):

Hello ,

See Directory Synchronization errors for more information about the errors listed in this email message.

The Directory Synchronization batch run was completed on Tuesday, 03 January 2012 23:54:02 GMT for tenant , Inc..

The following errors occurred during synchronization:

Synchronization has been stopped. The company has exceeded the number of objects that can be synchronized. Contact Technical Support and ask for an increase in your company’s quota.

Tracking ID: cb441337-5739-4d70-9b2e-4f10d87598a0

_____________________________________________________

Directory Synchronization has a 20,000 object limit (or 10,000 for tenants created before Oct. 5, 2011); that may seem like a lot, but remember you do not get to control with the application synchronizes. DirSync will grab every user, contact and group. Luckily the way around this is simply to request a quota increase from the MSO support team. Keep this in mind during design sessions and it can save you a time-consuming hurdle during implementation.

More information on identifying and resolving the problem can be found here.

- Matt Green, Senior Consultant
You can read more of Matt’s posts at his blog Unified Messaging in the Cloud.

]]>http://www.projectleadership.net/blogs_details.php?id=2355December 31,1969http://www.projectleadership.net/blogs_details.php?id=2355The chain of events in my ConfigManager 2007 Task sequence is as follows:
Note: Task Sequences can only be advertised to machines in a collection in ConfigManager, so beware of that before you begin.
1. Turn Off UAC
2. Copy the Elite installer to a local drive
3. Place the Elite installer in a compatibility mode for Windows 7
4. Install Elite as an Admin
5. Patch Elite as an Admin
6. Turn UAC back on
7. Reboot




Not the most elegant solution, but it does work…..

1. Turn Off UAC

Script runs as SYSTEM:

cmd.exe /c reg.exe ADD
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

2. Copy the Elite installer to a local drive

Script runs as SYSTEM:

@Echo off

XCOPY "%~dp0Enterprise\*.*" "%SystemDrive%\EliteInstall\" /Q /Y

3. Place the Elite installer in a compatibility mode for Windows 7

Script Runs as SYSTEM:
regedit /s "%SystemDrive%\EliteInstall\CompatibilityMode.reg"

CompatibilityMode.reg:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\\EliteInstall\\Elite Enterprise 3.7.msi"="MSIAUTO"

4. Install Elite as an Admin

Script Runs as a Local Administrator:

msiexec.exe /i "%SystemDrive%\EliteInstall\Elite Enterprise 3.7.msi" /qb NETWORK_INIFILE="\\********\INI$\eis.ini"

5. Patch Elite as an Admin

Script Runs as a Local Administrator:

(Example, not complete list of all patched DLLs, these will be client specific)

Note: You have to be aware of which regsvr32.exe you register your DLLs with when installing legacy software on Windows 7 X64, it sometimes matters and automatic 64bit redirection can be a problem.

@Echo off
XCOPY "%~dp0EliteConfig\ApexAPI.dll" "%ProgramFiles(x86)%\Thomson Elite\Enterprise\ApexAPI.dll" /Q /Y

%windir%\syswow64\RegSvr32.exe /s "%ProgramFiles(x86)%\Thomson Elite\Enterprise\ApexAPI.dll"

XCOPY "%~dp0EliteConfig\ApexApp.dll" "%ProgramFiles(x86)%\Thomson Elite\Enterprise\ApexApp.dll" /Q /Y

%windir%\syswow64\RegSvr32.exe /s "%ProgramFiles(x86)%\Thomson Elite\Enterprise\ApexApp.dll"

6. Turn UAC back on

Script runs as SYSTEM:

cmd.exe /C reg.exe ADD
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 1 /f

7. Restart the Computer (Necessary to turn UAC back on)

Notes: This install process could be replicated in any app delivery mechanism that allows you to specify context.

Known Issues:

(Doing this install stops Imanage Filesite 8.5 from detecting the connection mode correctly. It has to be manually set to online mode in Outlook)



(In addition, Elite reports do not print to the Adobe PDF printer properly in Acrobat 8, 9, or 10 with Win7 X64. We have used alternative PDF printers to work around this issue.)

This as intended as a quick and easy example of how to use scripting tricks, compatibility modes, and UAC to get legacy apps to (sometimes) work using a ConfigManager task sequence.

- Jay Marsett, Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2325December 31,1969http://www.projectleadership.net/blogs_details.php?id=2325Modernization of videoconferencing health care reimbursement models is already overdue. Reimbursement has been a sticky wicket it needs to come into the 21st century and recognize that there are new ways to deliver healthcare. Just take a look at what Walgreens is doing to completely revamp the pharmacy at their new modern flagship store in downtown Chicago at State and Randolph streets or the new 2-story pharmacy in Highland Park and you can see mobile and video are new critical elements in modern healthcare. When it comes to using videoconferencing in healthcare, some foundation work is needed such as practice guidelines, licensure, expanded high-bandwidth local and wide area networks and obviously payment mechanisms. Sure there are trade protections and cultural biases but this has the ability to be the “killer app” medical care badly needs.

Will Telemedicine be accepted as a standard of care?

Even a layman knows that medical images such as x-rays and various scans have been viewed in digital form for decades. Are you aware that the paradigm is changing in Radiology? "Teleradiology" is outsourcing radiology functions and is an example of maximizing hospital revenue, reducing cost and hopefully taking on more work rather than sending jobs away. Imagine providing 24x365 services by a US-based radiology department to patient’s nationwide, inmates in correctional facilities, elderly in nursing homes and to rural hospitals that could outsource rather than invest in this department and perhaps even patients in Canada, Haiti or Mexico. It is possible, if laws change, that this may be the tip of the arrow in telemedicine becoming mainstream. Using videoconferencing to commoditize interpretation of medical images is not only possible but practical. My sister is a radiologist and I hope that rather than this technology being a job threat, it becomes a boon to providing more services by those who are pioneers and get in early.

Mercy Hospitals recently announced that it would build a $90 million virtual care center in Missouri. The facility will host assorted specialists who will serve patients in outlying centers across four states in which Mercy operates. You can bet that other hospitals are watching developments closely and, if proven to be successful, will start on their own versions.

- Bill Rasmussen

]]>http://www.projectleadership.net/blogs_details.php?id=2324December 31,1969http://www.projectleadership.net/blogs_details.php?id=2324What level of service should you deliver to your customers? What is the return on investing in service? The level of investment you should make depends on how much of your success is dependent on having repeat business from your customers. The return you will get depends on 2 things:

1. How well you understand what your customers really need and want, and how and when they want to receive the serviced that delivers on these?

2. What you say do and deliver to customers at moments of truth?

Customers often come for the product. If the product you offer is well branded and of high quality, you have a solid basis for expecting customers to want to do business with you again and again. So what could go wrong? You could underestimate the importance of understanding why, how and when you deliver service.

Many clients try to answer the question of why they deliver service from the company’s point of view. We deliver service because there is a business benefit to helping our clients. That’s a good start, but it is important to also think about the customer’s point of view – what do they need and want? How do they? want to receive the service to meet their needs and wants and when do they want to receive this service?

Answering these questions from the customer’s point of view is key to delivering the kind of service that makes customers “stick." But, even this is not enough for many customers, they require service excellence. What else should companies do to realize service excellence?

Companies with service excellence take the information about why, what and when and elevate their performance around specific moments of truth. These moments of truth define the service interactions that matter most to customers, interactions that will form a lasting impression of what it is like to do business with your company. Once these moments of truth are defined, they standardize what they say, do and deliver to exceed customer expectations at these specific moments. Finally, they establish valid and reliable feedback mechanisms, phone calls, surveys, etc., to ensure that defined standards are being met or exceeded. This is what drives service excellence and delivers an exceptional customer experience.


- Dan Roller, Solution Group Leader

]]>http://www.projectleadership.net/blogs_details.php?id=2314December 31,1969http://www.projectleadership.net/blogs_details.php?id=2314In dealing with large messaging systems, restoration is key component of any project. Now there are many aspects to consider but the basic metrics are Recovery Point Objective (RPO) and Recovery Time Objective (RTO). In simple terms, how quickly can you lose data and how quickly do you want to be fully operational? A messaging solution needs to meet the established metrics for the company. Every company will have different metrics to meet their needs. These work together to provide for robust recovery model.




With Exchange 2010 from Microsoft, you have Database Availability Group also known as DAG. A properly designed Exchange system utilizing a DAG can provide both High Availability (HA) and Disaster Recovery (DR). A DAG can contain up to 16 Exchange servers with 16 copies of a mail database. These copies can be remote and/or local depending on the requirements of the Exchange deployment. Exchange is able to provide for remote copies of a database because of the under lying cluster technology of Windows 2008 R2 that allows for a disjoint cluster. That means the clustered servers can be on different ip subnets.




So how does all this work together? Let’s take a look at an example.




The customer has 3 Exchange servers. They are all members of a single DAG with 2 local and 1 remote. They perform nightly full backups. The client has an RPO of 24 hours and an RTO of 2 hours. With the information presented at a high level the RPO and RTO are met. Since the DAG is locally highly available, the outage the clients will see is very minimal. If they had to failover to the DR site, that can be accomplished in 2 hours, but you might have to wait for DNS changes to replicate to the root DNS servers. So the RTO is met for local and DR recovery. Since they perform nightly full backups, the RPO is met. How quickly they get access to the restored data depends on the speed of the backup system.




The smaller the RPO and RTO windows are, the more complex and expensive the solutions can become. With the cost of SAN storage and virtualization becoming more cost effective, more businesses are looking in the options to provided HA and DR





- John Chambers, Technical Architect
You can read more posts by John at UCBlog101.

]]>http://www.projectleadership.net/blogs_details.php?id=2312December 31,1969http://www.projectleadership.net/blogs_details.php?id=2312As we start off 2012, we are reaching higher and higher for elevated service levels, efficiency, and performance from all of our systems. Currently we use N-Central 8.0 to monitor and proactively review all of our client networks as well as provide reporting on the current status of any and all devices active on those networks. We will be upgrading to N-Central 8.1 which will provide several new features that will help to achieve those levels of service in which we strive for. Below is a video that demonstrates some of the new features:






We will also be upgrading the N-Compass reporting server. It has an extensive library of pre-built reports as well as advanced custom report authoring, N-compass is the fast and flexible way to produce easy-to-read reports that enable MSPs and their customers to view and quickly understand IT performance data. N-compass reports address four major functional areas:



• Business impact of managed services
• Long-term IT infrastructure performance
• Asset management
• Regulatory compliance auditing



Designed as an offline reporting engine to ensure optimal performance, N-compass is seamlessly integrated with the N-central® remote monitoring and management platform. Available as an optional add-on tool, it provides enhanced reporting capabilities that complement N-central's tactical and operational reports.


-Daniel Lueders, Senior Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2309December 31,1969http://www.projectleadership.net/blogs_details.php?id=2309Often times when working with Small Business Server 2008 or 2011, it will be desired to limit exposing your internal server name in the SSL certificate. Here is a way to avoid using internal names such as MyServer1.internaldomain.local when creating your certificate.

The trick is to alter the default URLs used by Exchange so that they will not be needed in the certificate in the first place. The end result will be a Unified Communications Certificate with only two names listed.

First and foremost, document your existing settings. You can do this from the Exchange Management Shell by running the following commands and saving the output. Note that these commands are based on Exchange 2010.


Get-WebServicesVirtualDirectory | Select Name,server,*url* | fl
Get-OWAVirtualDirectory | Select Name,server,*url* | fl
Get-ClientAccessServer | Select Name,*uri* | fl
Get-ActiveSyncVirtualDirectory | Select Name,server,*url* | fl
Get-AutodiscoverVirtualDirectory | Select Name,server,*url* | fl
Get-EcpVirtualDirectory | Select Name,server,*url* | fl
Get-OabVirtualDirectory | Select Name,server,*url* | fl
Get-ClientAccessServer | Select Name,server,*url* | fl
Get-AutoDiscoverVirtualDirectory | Select Name,server,*url* | fl
Get-OutlookProvider | select name,server,expr | fl



Now decide on what you would like to use for your public URL. For example, you could use remote.mydomain.com. SBS tends to favor the use of remote but you can use any name you wish.

The next step is to change all of the various URLs (and one URI) to use this name for both internal and external access. This means the public URL will be used for both internal and external access to the Small Business Server. We are doing this so that we only have to list public DNS names in the certificate.

To make the necessary changes, run the following commands in Exchange Management Shell, substituting your desired public URL from above. Note that the use of server refers to the actual name of your internal server (i.e. SBS01) and domain.tld refers to your actual domain name (i.e. mydomain.net).



Set-WebServicesVirtualDirectory -Identity "server\EWS (Default Web Site)" -internalurl:https://remote.domain.tld/ews/exchange.asmx
Set-WebServicesVirtualDirectory -Identity server\EWS (Default Web Site)" -externalurl:https://remote.domain.tld/ews/exchange.asmx
Set-WebServicesVirtualDirectory -Identity "server\EWS (Default Web Site)" -internalnlbbypassurl:https://remote.domain.tld/ews/exchange.asmx

Set-OWAVirtualDirectory -Identity "server\owa (Default Web Site)" -InternalURL https://remote.domain.tld/owa
Set-OWAVirtualDirectory -Identity "server\owa (Default Web Site)" -ExternalURL https://remote.domain.tld/owa

Set-ClientAccessServer –Identity server -AutoDiscoverServiceInternalUri: https://remote.domain.tld/Autodiscover/Autodiscover.xml

Set-ActiveSyncVirtualDirectory -Identity "server\Microsoft-Server-ActiveSync (Default Web Site)" -InternalURL https://remote.domain.tld/Microsoft-Server-ActiveSync
Set-ActiveSyncVirtualDirectory -Identity "server\Microsoft-Server-ActiveSync (Default Web Site)" -ExternalURL https://remote.domain.tld/Microsoft-Server-ActiveSync

Set-EcpVirtualDirectory -Identity "server\ecp (Default Web Site)" -InternalURL https://remote.domain.tld/ecp
Set-EcpVirtualDirectory -Identity "server\ecp (Default Web Site)" -ExternalURL https://remote.domain.tld/ecp

Set-OabVirtualDirectory -Identity "server\OAB (Default Web Site)" -InternalURL https://remote.domain.tld/OAB
Set-OabVirtualDirectory -Identity "server\OAB (Default Web Site)" -ExternalURL https://remote.domain.tld/OAB

Set-ClientAccessServer server –AutodiscoverServiceInternalURI https://remote.domain.tld/Autodiscover/Autodiscover.xml

Set-AutodiscoverVirtualDirectory -Identity "server\Autodiscover (Default Web Site)" -InternalURL https://remote.domain.tld/Autodiscover/Autodiscover.xml
Set-AutodiscoverVirtualDirectory -Identity "server\Autodiscover (Default Web Site)" -ExternalURL https://remote.domain.tld/Autodiscover/Autodiscover.xml

Set-OutlookProvider EXPR -CertPrincipalName msstd:remote.domain.tld




You can run the first set of command to check that all settings were changed as expected. Once you have confirmed the URL/URI values have all been changed to a public address, it is time to issue the certificate request.

When creating the certificate, you should specify the following values:

CN = the full domain name from your public URL (i.e. remote.mydomain.net)
SAN = autodiscover.domain.tld

Generating the certificate this way will ensure that the SSL requirements are met when the incoming traffic is evaluated by Exchange and will keep your actual server name and private domain name out of the certificate. One less item offered to would-be attackers!



-Joe Griffith, Senior Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2307December 31,1969http://www.projectleadership.net/blogs_details.php?id=2307Usually when I go onsite to clients for OSD related projects, once in a while come across those that do not want to adapt to using the Software Update Point (SUP). These clients want the capability for integrating the Software Update process in the Build and Capture as well as the Deployment Task Sequences without SUP.

This is easy to do if you have the MDT 2010 Toolkit packaged.

In the Task Sequence for the Build and Capture (of the Deployment TS)

1. Add the MDT Task Use Toolkit Package



2. Add the task Set Task Sequence Variable. Set the WSUSServer variable to the corporate WSUS.



3. Add the task Run command Line. Enter the command line as shown below.



-Jay Parekh, Managing Consultant


You can read more posts by Jay at Desktop Guy.

]]>http://www.projectleadership.net/blogs_details.php?id=2306December 31,1969http://www.projectleadership.net/blogs_details.php?id=2306I had a chance to do a proof of concept project with a client who was looking to migrate from an unsupported version of Sybase IQ to SQL Server 2012. The client was interested in keeping the database as similar as possible and then point the existing BI reporting applications to the new SQL Server. The client was also interested in proving that SQL Server can perform as well as Sybase IQ. Remembering that Sybase IQ is one of the leading high end column oriented databases that stores data in columns, rather than rows, this seems like a bit of a challenge. I thought this would be a nice chance to take a real world look at SQL Server 2012's new columnstore index.


There is a comprehensive article by Eric N. Hanson about the requirements and things to consider when implementing a columnstore index. I suggest reading this article before you get started so you can get an idea on the memory requirements and make an informed decision on the number and length of columns your server can support.

I wanted to give some information on the server and data characteristics so you can compare this to your environment. The server used for the proof of concept project was a virtualized server with Windows 2008 R2 (64bit) that had 2 cores, 8 GB memory, and SQL Server was setup with 7GB cap. The main fact table used for the proof of concept project was loaded with 25 million rows and contained almost 100 fields. The size of the table came out to about 20GB.

Creating the columnstore index could be done using SQL Server Management Studio by clicking on any table and then clicking on the indexes folder. You will now have the option to create a traditional binary tree index as well as the new columnstore index. This should be familiar as creating any other index. The index can be saved off as a script and executed later.

A few things I came across worth mentioning is that, first a table can only have one columnstore index. This is covered in all the documentation, but the implication is that you will need to put some thought into what columns will be included as putting all the columns in the columnstore index is not always possible since there is a memory requirement. This is also covered in Eric's article which gives the formula you can use to calculate the memory size required.

Second, INSERTS, UPDATES, and DELETES are prohibited on columns in a table that are included in a columnstore index. The columnstore index must first be DISABLED. After you are finished updating the table the index has to be REBUILT. Additionally any ALTER TABLE statements on the table are not allowed on the columns that are included in the columnstore index until you DISABLE the index. This seemed logical after thinking about it, but was surprised when I got the error message since this is a difference between a traditional binary tree index.

Third, you can verify if a query is using a columnstore index by looking at the execution plan in SQL Server Management Studio. Again this technique is no different than a traditional index.

Fourth, as expected, the columnstore will only be available in the Enterprise Edition only.

It took about 5 minutes to rebuild the columnstore index, which seemed reasonable when considering the table size I was working with.

The SQL below was used to create the columnstore index. Every column that was used in all the test reports were included in the columnstore index.

CREATE NONCLUSTERED COLUMNSTORE INDEX [invoice_line_IDX_CS] ON [POC].[invoice_line]

(

[year],

[period],

[item_no],

[cust_no],

[invoice_no],

[line_no],

[charge_cust_no],

[srep_code],

[quantity],

[selling_uom],

[ship_name],

[ship_addr1],

[ship_addr2],

[ship_to_city],

[ship_to_state],

[ship_to_zip],

[invoice_date],

[order_type],

[record_updated],

[total_pkg_qty_per_sku],

[total_product_quantity],

[net_sale_amt]

)WITH (DROP_EXISTING = OFF) ON [PRIMARY]

)GO]

Two Execute SQL Tasks were added to the SISS package that loaded the main fact table. The first Execute SQL Task to disable the columnstore index was added just before the load and the second Execute SQL Task was added just after the load.

<
)ALTER INDEX [invoice_line_IDX_CS] )ON [POC].[invoice_line] )DISABLE

GO

--LOAD TABLE USING SSIS

)ALTER INDEX [invoice_line_IDX_CS] )ON [POC].[invoice_line] )REBUILD

GO



Four basic reports that represented common user requests in the environment were used to compare report performance when using Sybase IQ, SQL Server with a traditional binary tree index, and SQL Server with a columnstore index. The reports were executed using two different BI reporting tools. This is represented in the chart below as "A" and "B". One BI reporting tool is "A" and the other was represented as "B". The time represents the total report execution time in seconds which includes data retrieval and internal report processing by the BI reporting tool.

The reports used simple SQL. Nothing fancy or complex here. Report 1 simply summed invoice amount by all years, while Report 2 filtered on a single sales zone and then summed invoice amount by year. Report 3 was similar to Report 1 (summed invoices amounts by all years) but was based on a view that included extra columns. Report 4 was also based on the same view and was similar to Report 2 (filtering on a single sale zone and then summing on invoice amount by year) .



Obviously the newer, 64bit hardware SQL Server outperformed Sybase running on older 32bit hardware.

In most cases the columnstore index improved query time and was impressively fast, but it always was not faster than the binary tree index. Report 1b was actually slower and Report 2b was the same. This may have more to due with the processing time by the BI tool rather than the data retreval time, but a deeper look is needed here to understand this observation. Overall, I was pleased with the columunstore index as it was easy to setup and offered a noticeable performance improvement to most report users.

A columnstore index will help reports that summarize data on an aggregate level (SUM, MIN, MAX, AVG). A traditional binary tree index will still have their place to help retrieve a few rows using highly selective filters as this not really the strength of a columnstore index. This leads me to ask "As a BI practitioner, where does it make sense to use a columnstore index ?"

Speed up existing reports may be one idea. Some reports that may have not been considered online reports can now be deployed in an interactive online way. I would think that if this were truly the case you would have already created a SSAS cube. Interesting enough, I did have a project where I had to create a SSAS cube using HR data for this very reason. The report needed to run embedded in a .Net web application with a 1 -2 second response time. After spending time performance tuning and reindexing, I turned to creating an SSAS cube which ended up giving under 2 second response time for the report queries. In a case like this, a columnstore index may have been something to consider since it would have avoided having to create and process an SSAS cube.

A second idea was that a columnstore index can be used as a replacement for aggregate table. In 1999, aggregate tables seems to be more common. Now a days I honestly don't remember having a need for them on any recent projects. Today I would tend to rely on a SSAS or a Cognos cube instead. So I am not sure about this idea.

I also thought up third idea when thinking back on a previous client where I was working with a company on a medium size SSAS cube that contained quality data. The company had many poorly performing SSRS reports that used MDX and a SSAS cube. The company's IT staff was not comfortable with MDX or SSAS , but did have strong skills in SQL and SQL Server. A company like this may be an ideal candidate for a columnstore index. It can support their SSRS reports and take advantage of their strengths in SQL and SQL Server. I would think that there are cases where a columnstore index may meet the reporting needs and avoid the complexities that come with MDX and SSAS.

I would be curious to hear if you have any other ideas for potential applications of the columnstore index.

-Tom Puch, Senior Consultant
You can read more posts by Tom at Concepts and Techniques on Business Intelligence.
]]>http://www.projectleadership.net/blogs_details.php?id=2305December 31,1969http://www.projectleadership.net/blogs_details.php?id=2305Mass adoption and use of videoconferencing has arrived making it mainstream groupware having overcome the following obstacles of the past:

• Complexity of systems: The average users are not technical and wanted a simple interface. The manufacturers have responded with simplified controls that are arguably as easy to use as a telephone.
• Successful system deployments are backed by IT support staff that can pro-actively render fast assistance when required.




• Lack of interoperability: Today almost all systems can readily interconnect. Popular solutions can easily connect to dissimilar systems even thou some brands use different standards, features and encoding/decoding techniques.




• Bandwidth and quality of service (QoS): It is no longer difficult or expensive to get a high quality connection that is fast enough for good-quality video conferencing. Network QoS is now commonplace to prioritize video, voice and data making videoconferencing a viable means of “face to face” communication.




• Expense of commercial systems: High definition (HD) is now a standard even in residential television sets and price points are much more within the corporate IT budget today. Immersive telepresence involving well-designed, state of the art systems does require specially designed rooms and can cost hundreds of thousands of dollars to fit out the room with codecs, integration equipment and furniture but the experience is incredible and very much feels like all participants are seated at the same table in the same room.




• Self-conscious about being on camera: For the first time user and older generations this was a deterrent but as quality reached HD states, being on TV is no longer so intimidating, especially to the tech-savvy new generation members of today’s increasingly mobile workforce.




• Lack of eye contact: This has been overcome with strategically placed cameras, vectoring technology and proper system design and tuning. Eye contact is important and is achievable by present-day systems that make the experience comparable to an in-person meeting.




-Bill Rasumussen

]]>http://www.projectleadership.net/blogs_details.php?id=2304December 31,1969http://www.projectleadership.net/blogs_details.php?id=2304I won’t belabor the release of the 64-bit DirSync software – plenty have already written about where it is and how to install it. What I will do is focus on the important considerations for deploying it:

1. It is functionally the same as the 32-bit version

Aside from being able to install the software on a 64-bit Windows server, Microsoft has indicated that there is no additional functionality being provided at this time. We are not looking at Microsoft support for OU exclusions from synchronization, multi-forest synchronization or any other capability that is not currently supported; Microsoft is still working on bringing those new features to the table. FIM 2010 will help them bring those features to the public, but they are not here yet.

2. ADFS and DC installations are still NOT supported

This is really just an extension of the first point, which is that nothing has changed when considering how to deploy DirSync. Do not install it on the ADFS 2.0 server and do not install it on a domain controller.

3. Upgrading from 32-bit DirSync requires some specific considerations

Be sure to read the documentation on upgrading DirSync before running the install. The following two paragraphs from the link included at the beginning of this post are of particular importance:

“Although the functionality of the 64-bit version of the directory synchronization tool is identical to the 32-bit version, the underlying SQL schema is different. For this reason, you cannot perform a standard upgrade. To upgrade your 32-bit installation of the directory synchronization tool, you must first uninstall it, and then install the 64-bit tool on a new computer.

Although the 32-bit instance of the directory synchronization tool is removed, the overall state of the objects in your on-premises and cloud directories, respectively, is preserved. When you install and configure your 64-bit instance of the directory synchronization tool, it finds and matches objects in the cloud with on-premises objects. However, the 64-bit instance of the tool will not find and match objects in the cloud if on-premises object deletions occurred when the 32-bit instance of the directory synchronization tool was offline.”

In summary, it’s nice to have the new software but this does not yet introduce any new functionality to Office 365. Some may chose to knock out a fairly simple upgrade during a slow holiday season but, if you find yourself busy this time of year, I’d keep it very low on the priority list.



-Matt Green, Senior Consultant
You can read more of Matt's posts at his blog Unified Messaging in the Cloud.

]]>http://www.projectleadership.net/blogs_details.php?id=2303December 31,1969http://www.projectleadership.net/blogs_details.php?id=2303Times have changed, but if you look at a standard (FMV- Fair Market Value) lease contracts for printing equipment, the terms and conditions are the same as decades ago.

Fair Market Value? Don't be fooled. The equipment has evolved over time, but the process to buy or lease is exactly the same.

Imagine yourself in the following common situation. Your lease is getting close to expiring - with four to six months remaining. It’s a Tuesday morning and your phone starts ringing. You glance at the caller ID and see the number matches to your incumbent print vendor. While your vendor's print representative has changed, the new representative's message assures you that he or she will save your firm tons of money on your next lease. You meet with your vendor who tells you that they have done an outstanding job over the term of the contract and you should avoid the time and hassle of meeting with other vendors. All you need to do is the following: re-lease the new, latest and greatest MFD's from them. Of course you block out the time to meet with two other vendors to hear what they have to say and by the end of it all, you sign with your original vendor, your costs have increased slightly, but you and the Firm have brand new equipment. You make a decision and hope everything goes well for the next contract term, but deep in your mind, you remain unsure if you got a good deal!

Your print-related contracts constitute one of the top 5 to 10 areas of spend for your organization or law firm. As your firm continues to have a focus on cost management, print expenses represent low-hanging fruit. Not only have the vendors not changed their tactics and pricing, but no focused consultant have existed to help you find your way. Print spend management has been an underserved marketplace- and the print vendors have continued to take advantage of uneducated buyers. The vendors have relied on the lack of outside expertise - and as you renegotiate your contracts every three to five years, there is no possible hope for you and your facilities or IT staff to develop the expertise in the current technology, processes and opportunities. The vendors have relied on the "business as usual model" to reap healthy profits. And we believe it is time for that to change.

We think there is a better way.

In the scenario we just discussed, there is no one who is really looking after your interests. The print vendor is trying to play an "independent" consultant role, where the focus is buying their equipment (a bit like going to a Toyota salesperson and asking them if you should buy a Nissan, GM or Toyota).

Our belief is that the client needs a true independent advisor. The best advisor is someone with deep industry insider experience, who knows the landscape and the technologies, but also someone who can listen and understand your needs and requirements. Someone who can translate what you need, and can be your advocate. This advisor must start by helping you look at your organization's "Total Print Spend" including copiers, network printers, off-line printers, software solutions (work-flow), production equipment, outsourcing and print facilities management (onsite employees who run the print/copy center). Looking at needs, requirements, current equipment and volumes, employee/print ratio are components of what is needed in this process. The advisor can help the client determine what they need, what solutions exist (regardless of vendor) and what fits best. Only then should the advisor recommend the client even think about specific print providers. Not many of these truly independent advisors with deep print experience exist in the marketplace. Some claim to help assess all of your spend, but we found virtually none with true deep insider print experience.

Example - a mid-size law firm, hired an independent print cost management consultant, although they were skeptical at the outset. Using the advisor and the professional print spend management team, they ended up saving a considerable sum. The results were astounding, according to the client. Costs were reduced by 55% from current lease equipment and maintenance - for a total savings of over $ 300,000. The client ended up with 19 new devices. Better yet, according to the client, the ED (Executive Director) ended up spending less than three total hours of their time dedicated to this project.

-Richard Ayares, Managing Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2301December 31,1969http://www.projectleadership.net/blogs_details.php?id=2301More often than not, the installation command for a SCCM package looks like this:

MSIEXEC /I “Widget 2.5.msi” TRANSFORMS=NorthAmerica.mst /qb-

But when we need additional logic during the installation, many people will create a VBS script which in many cases can be overly complicated and take additional time to troubleshoot, especially if a second person has to review the file. One tip is to go ‘Old School’ and leverage good ol’ CMD files. Why? They’re easily edited by anyone and far less cumbersome. In the years I’ve been packaging, I’ve yet to come across something that couldn’t be done in a CMD file.

First off, I commonly create an INSTALL.CMD file for each package. This makes it easy for everyone to identify how to install the application and it contains all the logic necessary. Most of the times it contains the single line above, but can perform most any task to get the job done.

Let me hit on a few tangents here:

• The reason we package applications is to silently install them. Users shouldn’t be pestered to interact with an install job. I use ‘/QB-‘ to show them activity, but it’s just a modal box.




• An SCCM install should not have logic beyond the need to execute the installation. What I mean is this; don’t set a variable or make an install change based on computer model, AD group, or any other parameter within the package. For example, if an application is setup differently between a laptop and a desktop, make two separate transforms and create two separate packages in SCCM.




• Never use a CMD file to chain the installation of dependencies. Those should be managed by SCCM.

I have a client that uses a VB script to perform an install in SCCM, and it’s a complicated mess for two reasons. First, the script itself is 66 lines of code and it requires a TXT file containing the MSI, MSP & MST names, the ProductCode GUID and the silent install switches. Second, it doesn’t pass back any error codes from the MSI. Even when there is an error, SCCM will still report an Errorcode of 0 because the VBS script executed successfully.

So when we compare a single-line CMD file with a 66-line VBS script requiring a second file containing the package parameters, I have to ask: Where is the benefit? There isn’t one. Sometimes the old stuff is still the best.

-Vince Janeczko

]]>http://www.projectleadership.net/blogs_details.php?id=2302December 31,1969http://www.projectleadership.net/blogs_details.php?id=2302Documents, documents everywhere. Businesses thrive on documents to store and communicate content. Where would we be without Microsoft Office?

However, if you are not using a document management system (like SharePoint 2010) , you aren't storing and sharing these documents effectively. How many times have you wished you could quickly search the large file share at your company? Accidently edited an older version of a document you thought was current? Had to remove old emails from your Inbox because you are running out of space with emails containing attachments?

Let's compare some of the advantages of storing documents on a file share vs. SharePoint.

Traditional Method - File Shares / Local Storage:

• Files are emailed and/or stored on local or shared drives – Users must be also typically by on the network to access them
• No version control and files can be overridden on shared drives with no auditing or history
• No “single source” of the truth
• Multiple people have multiple copies
• No way to search shared drives efficiently
• No metadata tied to the document (beyond basic Office information, like Title and Description) – i.e. no information about the content other than what’s in the document
• No alerts when content is changed

SharePoint Method - Using a collaborative, document management system:

• Files are stored in smart, collaborative location with check-in/check-out, version history and auditing – “one version” of the truth
• All content can be accessed anywhere you have access to a web browser
• Metadata can be specified and tied to the document
• All content can be found via Search, including document contents and metadata
• Users simply email a link to the document – no “multiple copies” problem
• Users can be alerted when content changes
• Files can be opened and saved directly from Office 2007 / 2010

As you can see, keeping documents in SharePoint provides a clear advantage over the traditional use of file shares. Plus, SharePoint can be used for lots of other content, business intelligence, application development, etc.

A few tips:

• Careful planning is essential - mapping out the kinds of documents and the properties of those documents, and how SharePoint features like dynamic metadata driven navigation, document routing and document sets will impact and enhance the user experience
• Carefully planning your site architecture
• Understanding your desktop infrastructure - current versions of Windows, Office and Internet Explorer are critical for a smooth user experience
• The companies that fail are the ones that treat SharePoint just as if it is another file share - no planning, just build it and go.



- David Gilbert, Managing Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2300December 31,1969http://www.projectleadership.net/blogs_details.php?id=2300Data governance is an essential component in obtaining good quality data. IT solutions can only deliver value if the data they depend on is accurate, complete and consistent. But for most organizations, this will not happen overnight. Developing and implementing good data management practices can take a long time and will evolve with many small victories. In today’s world, people like instant gratification and want to see results immediately. Like a crash diet, we may see some results quickly, but only diminish in time as we revert back to our old habits. Data governance promotes a utopian vision that may never occur, but with a practical approach, good habits can be formed to gain momentum and ultimately be embedded into the fabric of the organization.

There are a few simple steps an organization can take to launch and sustain a data governance program:

• Select a few key business users and at least one high level executive that have the influence and authority to make decisions and can assign data owners and stewards. It will be important for these folks to be on the same page in defining the goals and vision for the program.

• Begin thinking about data and how it is being leveraged within the organization. Start to think outside the box and challenge the status quo. Instead of focusing on “why” we should govern data, think about “what if” we don’t? What could be the impact or cost to the organization in both hard and soft dollars if we are making decisions on bad data.

• Pick the right projects that will have an immediate impact and promote these wins to the organization. Projects that increase efficiencies or help meet regulatory compliance are typically good candidates that can add value by reducing costs and/or corporate risk.

Once a data governance team has been established with some momentum, be sure to evangelize the team’s mission, purpose and successes to raise awareness which will help your efforts in sustaining a long term data governance program.

-Kevin O'Connor, Managing Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2299December 31,1969http://www.projectleadership.net/blogs_details.php?id=2299Today’s M&A activity seems to have a greater level of dialogue and acknowledgement that the odds of accomplishing a successful deal are against you. At PLA, we have developed a list of best practices that we believe will greatly improve the probability for success, including:
• Start integration planning at the time the deal is announced
• Begin implementing the plan immediately after the deal is closed
• Implement your plan as quickly as possible, focusing on achieving synergies
• Be decisive when confronted with an issue or a problem
• Communicate frequently to all constituents

One of the tools used for successful integration planning as well as one to identify synergies is a “Clean Room.” While borrowed from the chip manufacturing world, the term in M&A context refers using a third party to assist with the analysis and planning of merger information that may be too sensitive for buyer-seller disclosure prior to the close of a deal.

Clean Rooms should be used to sharing detailed information about customers, prices, marketing programs and product plans before a merger closes to prevent potential civil or criminal antitrust enforcement.

In addition, Clean Rooms can also be used as an effective “buffer” between the two competitors to help ensure that critical and sensitive business information is disclosed in a very generic manner and will not put either party at a competitive disadvantage in the event that the deal is called off.

It is best to hire a third-party, typically a consulting firm, early in the negotiating process to assist with assessing the deal, protecting confidential data and quantifying synergies and savings. Third-parties can also collect and analyze data and reports their findings to assist in overall integration planning.

Setting up and running a Clean Room is a no-brainer when you consider the potential repercussions: criminal prosecution, civil penalties of $11,000 per day or even significant potential lost revenues/profits that could come from the leaking of confidential customer, product and pricing information.

-Howard Samuels, Managing Consultant

]]>http://www.projectleadership.net/blogs_details.php?id=2298December 31,1969http://www.projectleadership.net/blogs_details.php?id=2298For about the last year or more I have been hearing about a new technology that Citrix has been working on called the Universal Print Server (UPS), code named “Project Phaser.” The UPS is actually a service which is installed and running on the Windows 2008 (or greater) print server. This service interprets print and driver data sent directly from the XenApp or XenDesktop session utilizing the Citrix Universal EMF Driver.

The technology uses a combination of the Simple Object Access Protocol (SOAP) and Citrix Group Policy (CGP) protocols to send print data from the client session to the web service running on the print server. CGP carries the bulk of the data while SOAP carries the enumeration data. The UPS is configured utilizing CGPs and the initial BETA is only supporting XenApp 6.5. There also appears to be another ongoing project named ‘Project Taser’ which is the 2.0 version of the Universal Print Server.

This is an exciting technology from Citrix. It will drastically reduce the number of print drivers we need to vigorously test and deploy on an image and at the same time will increase the number of printers that IS can fully support in a Citrix Environment without affecting the required SLA. It will also reduce the complexity of the image and reduce overhead typically created by installing various print drivers. I look forward to testing out this new technology and will have a follow-up post regarding my testing and any issues endured. Stay tuned…

- Adam Bolt, Technical Architect

]]>http://www.projectleadership.net/blogs_details.php?id=2297December 31,1969http://www.projectleadership.net/blogs_details.php?id=2297I have a client that was switching to Exchange 2010 from Exchange 2003 and had a group of pilot users with BlackBerries and SmartPhones move to the new servers. One SmartPhone user, while trying to send an email from their phone, received this error:

“Error Certificate missing” and content: “Your message" was not sent and has been moved to the Drafts folder. Certificates are not available for the following recipients or one or more members of the following distribution lists: user@domain.com.

On the SmartPhone, there are two settings that related to encrypted messages. They are found in activesync on the device under Menu > options > E-mail > Settings > Advanced :

“Encrypt all outgoing e-mail messages”

and

“Sign all outgoing e-mail messages”

In our case the second one was unckecked and the Encrypt all messages was checked and grayed out. I suspected an active sync policy had been set incorrectly. So I ran this command:

Get-ActiveSyncMailboxPolicy

Which lead to these two values set as:

RequireSignedSMIMEMessages: False

RequireEncryptedSMIMEMessages: True

The bold one was the source of our issue. We then changed it to False and the user was able to send emails without getting this error message.

-Damian Scoles, Technical Architect

You can read more posts by Damian at Just a UC Guy

]]>http://www.projectleadership.net/blogs_details.php?id=2381December 31,1969http://www.projectleadership.net/blogs_details.php?id=2381I wanted to share my top ten list on the topics I felt were significant and received a lot of attention at the SQL PASS Summit 2011.It was reported that this year’s SQL PASS Summit was the largest ever with 5000+ reported participants. Personally, it is always fun to chat with other SQL Server folks and the SQL Server celebrities (i.e. authors, bloggers, the SQL Server product development team, and the SQLCAT team).

Without any other formalities, here is my top ten list of significant topics at the SQL PASS 2011 Summit:

10. BI Semantic Model was something the Microsoft BI stack often got discounted for not having when companies did product evaluations against Business Objects, Cognos, and MicroStrategy or in reviews by Gartner Group. The BI Semantic Model (BISM) will expose the complex data structures in a simpler way that use business friendly terms which will become the foundation for self-service and ad hoc reporting for non IT staff.

9. Hadoop connectors and Linux ODBC drivers will be available. These type of connectors will surround these technologies to provide a gateway to the Microsoft BI stack. The Linux ODBC drivers will be useful when doing migrations from databases on Linux to SQL Server.

8. Powershell is the scripting language for administration for Windows, SQL Server, and SharePoint. There was a lot of buzz on learning Powershell to do setup and administration. Many of the setup tools actually use Powershell in the backend and provide the script before it is executed. This is a nice feature as the script can be saved to a file for reuse latter or be a good way to learn Powershell.

7. Change Data Capture extended to Oracle was announced to be in SQL Server 2012.

6. Data Mining - Noticeably missing in action was any update on the Data Mining Excel 2010 Add-On in the SQL Server 2012 release. Currently, the Data Mining Excel Add-On is only officially supported for Excel 2007. I was told by a SQL MVP that the SSAS team was focused on delivering Power Pivot v2 and Power View, but that updating the Data Mining Add-On for Excel 2010 is unofficially planned within the next year. There was a lot of buzz about using DMX queries to visualize data mining output in SSRS and using DMX queries to bring insights into SSIS or online web applications. This is a big positive. The message to me was that the pieces are in place to embed data mining insights to end users. I also had the chance to get familiar with a company called Predixion (aka the old Microsoft Data Mining team). They had an interesting cloud based analytics tool that used Excel 2010. It looked promising and to be tailored for small to medium sized companies.

5. SQL Server Reporting Service (SSRS) will support data driven alerts created by end users. This will be a first version so formatting is somewhat limited, but the idea will be that a user can create their own alerts to be emailed to them when data conditions exist that require immediate action. Additionally SSRS will be available as a service application in SharePoint. This improves performance to get integrated mode on par with native mode and simplifies setup. SSRS will still be available in native mode, but integrated mode will be required for the new alerting feature.

4. There was a lot of buzz about “AlwaysOn”. This is high availability (HA) feature that uses something know as Available Groups (AGs) which are a combination of the best of SQL Server Clustering (same IP) and database mirroring while not having a requirement for share storage. AGs support off site replication. This should make HA easier to deploy and reduce hardware dependencies.

3. Improvements in information retrieval of unstructured documents (PDF, Word, and Excel) in the SQL Server 2012 database engine. There are performance improvements in Full Text Search, but the two more significant new features called Semantic Search and File Table. Semantic Search gives the ability to find documents that are similar to a given document. File Table is a new object is SQL Server 2012 and uses FileStream functionality to query the files in a given directory. The File Table object is update immediately as soon as files are copied to the directory the File Table is configured to. Semantic Search is very exciting to me.

2. Column Store Index is database structure that stores data using Vertipaq which allows data to be stored in a more compressed format to reduce physical IOs. Historically column store technology was a high end feature available in products like Teradata and Sybase IQ. The column store index will significantly improve performance of queries that scan many rows, such as queries that scan large fact tables. It was reported that queries taking minutes can now take seconds.

1. Power View (formerly know as Project Crescent) is the ad hoc reporting application presented through a browser via Silverlight. Microsoft made a huge investment in this technology as it is seen as Microsoft's answer for mobile BI. Power View will allow users to create reports using the BI Semantic Model. The reports are very interactive and support self-service ad hoc reporting. It also supports animating charts on a time dimensions to visually show trend information changing over time. Power View is very visual and very eye catching. All in all, Power View was the buzz of PASS 2011. It carries a huge WOW factor that end users will be please with. With any good thing there is a catch. The catch here is that implementing Power View in most environments is not a trivial task. It involves multiple technologies, security topologies, and communication protocols. The challenge will be to understand SharePoint 2010, PowerPivot, SQL Server Reporting Services, Excel Services, SQL Server Analysis Services, BI Semantic Model, Sliverlight, and the various security architectures (classic Windows authentication and claims authentication) to successfully implement this solution in medium to larger environments.

-Tom Puch, Senior Consultant
You can read more posts by Tom at Concepts and Techniques on Business Intelligence.

]]>