Windows Management and Scripting

A wealth of tutorials Windows Operating Systems SQL Server and Azure

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 721 other subscribers

  • SCCM Tools

    itxsolutions on codeplex

  • Twitter Updates

  • Alin D

    Alin D

    I have over ten years experience of planning, implementation and support for large sized companies in multiple countries.

    View Full Profile →

Posts Tagged ‘management software’

Active Directory Delegation

Posted by Alin D on March 21, 2011

Active directory

Active Directory Delegation

Active Directory delegation is an important task in the process of Active Directory management that requires careful planning and accurate implementation. Native Active Directory management tools are not able to cope with AD delegation tasks due to significant disadvantages. Third party solutions implement role-based access control model that proved its simplicity and effectiveness.

Active Directory management includes many tasks. Some of them are simple, though still very important. The necessity of rights delegation to non-administrative staff occurred when Active Directory administrators spent about 40 per cent of their time fulfilling those simple operations like reset of passwords, modification of users’ personal data, etc. Eventually it was decided that Active Directory delegation is vital to let the administrators solve more important challenges.

Active Directory delegation has a pitfall – security threat. When we deal with sensitive data, security is above all, that is why Active Directory delegation should be carefully planned and implemented with the possibility of constant revision of delegated rights. Native AD management tools do not cope with granular delegation of rights in Active Directory due to the following reasons: absence of central place for permissions storage, need of manual maintenance of multiple ACLs across Active Directory. Moreover, it is a huge problem to track what privileges were granted to users. Help of third party solutions is vital here.

Third party solutions proved their effectiveness for Active Directory delegation with the help of role-based access control approach that refers to delegation of responsibilities in a centralized manner. It is possible to create an administrative role, allocate a set of job functions to it and subsequently assign this administrative role to a user. Such approach helps control delegated permissions, assign and revoke those assigned even to large amount of users with the same job function.

Even though role-based access control helps significantly increase security by means of delegating limited rights to non-administrative staff, some actions still should be verified by responsible persons. This task is easily accomplished by means of approvals that are provided by third party Active Directory management software.

Active Directory delegation is a pressing problem for IT administrators as it involves possibility of security breaches and improper Active Directory audit. Third party AD management tools provide a vast range of features that help cope with the problem of Active Directory delegation, thus greatly reduce administrative misfortunes and headaches.

Experienced IT enthusiast.

 

Article from articlesbase.com

Posted in Windows 2008 | Tagged: , , , , | Leave a Comment »

Regarding Active Directory Management: Enhancing Network Construction And Functionality

Posted by Alin D on March 14, 2011

Active directory

Regarding Active Directory Management: Enhancing Network Construction And Functionality

Active Directory management software necessitates an understanding of the individual directories and various programs that are most efficient and effective. Active Directory management is such a critical aspect of your company’s network organization because it provides logical organization in a world that could quite easily turn into a wild ride of unorganized information overload insanity.

*** Briefly looking at the history of Active Directory management ***

Here are a few things to know about the emergence of Active Directory management:

• Active Directory was developed by Microsoft in 1996 and has been useful functionality in the IT world the past 15 years.

• The operating systems running on Windows use it most often, primarily to gather information about and monitor different domains.

• Over time, Active Directory has evolved from being able to view the flow of online data to also facilitating it.

Providing access to important and relevant objects within a network is one of the main attributes of Active Directory. Since it is built on a hierachical structure it is easy to understand. Domains, subjects, tress and forests can all be part of the Active Directory structure.

*** Presenting Spiceworks’ Active Directory management software ***

Spiceworks offers compatibility with Active Directory software with their “PeopleView” Functionality. IT managers are able to easily view visitor profiles with PeopleView. Benefits from this technology are seen both at the webmaster and network manager levels. It contains many great features for IT pros such as resetting user passwords, linking devices to specific users, and view all help tickets from a user at a glance.

How can I make Active Directory work for me?

When it comes to managing user profiles I recommend Spriceworks free Active Directory software! Download there free Active Directory management software, and in minutes, you’ll be able to lock users’ accounts and reset their passwords, link devices to specific users, and so much more.

As if that is not already awesome, Spiceworks.com also provides free support by phone and eMail plus a network of over 1,000,000 IT pros who are actively using their software. Get Spiceworks’ free Active Directory management.com now!

As if that is not already awesome, Spiceworks.com also provides free support by phone and eMail plus a network of over 1,000,000 IT pros who are actively using their software. Now that you know what is Active Directory you can secure your copy of Spiceworks’ free Active Directory management software now!

Article from articlesbase.com

Posted in Windows 2008 | Tagged: , , , , , , , , , , , , , , , , , | Leave a Comment »

Support Policies and Recommendations for Exchange Servers in Hardware Virtualization Environments

Posted by Alin D on September 8, 2010

Microsoft has published an interesting article about their official support for installing Exchange on Hyper-VVirtual Server 2005 virtual machines.

To make a long story short, here are the support policies for both Exchange 2007 and Exchange 2003:

Support Policy and Recommendations for Exchange Server 2007

Microsoft supports Exchange Server 2007 in production on hardware virtualization software only when all the following conditions are true:

  • The hardware virtualization software is Windows Server 2008 with Hyper-V technology, Microsoft Hyper-V Server, or any third-party hypervisor that has been validated under the Windows Server Virtualization Validation Program.
  • The Exchange Server guest virtual machine:
    • Is running Microsoft Exchange Server 2007 with Service Pack 1 (SP1) or later.
    • Is deployed on the Windows Server 2008 operating system.
    • Does not have the Unified Messaging server role installed. All Exchange 2007 server roles, except for the Unified Messaging role, are supported in a virtualization environment.
  • The storage used by the Exchange Server guest machine can be virtual storage of a fixed size (for example, fixed virtual hard drives (VHDs) in a Hyper-V environment), SCSI pass-through storage, or Internet SCSI (iSCSI) storage. Pass-through storage is storage that is configured at the host level and dedicated to one guest machine.Note:

    In a Hyper-V environment, each fixed VHD must be less than 2,040 gigabytes (GB). For supported third-party hypervisors, check with the manufacturer to see if any disk size limitations exist.

    • Virtual disks that dynamically expand are not supported by Exchange.
    • Virtual disks that use differencing or delta mechanisms (such as Hyper-V’s differencing VHDs or snapshots) are not supported.
  • No other server-based applications, other than management software (for example, antivirus software, backup software, virtual machine management software, etc.) can be deployed on the physical root machine. The root machine should be dedicated to running guest virtual machines.
  • Microsoft does not support combining Exchange clustering solutions (namely, cluster continuous replication (CCR) and single copy clusters (SCC)) with hypervisor-based availability or migration solutions (for example, Hyper-V’s quick migration). Both CCR and SCC are supported in hardware virtualization environments provided that the virtualization environment does not employ clustered virtualization servers.
  • Some hypervisors include features for taking snapshots of virtual machines. Virtual machine snapshots capture the state of a virtual machine while it is running. This feature enables you to take multiple snapshots of a virtual machine and then revert the virtual machine to any of the previous states by applying a snapshot to the virtual machine. However, virtual machine snapshots are not application-aware, and using them can have unintended and unexpected consequences for a server application that maintains state data, such as Exchange Server. As a result, making virtual machine snapshots of an Exchange guest virtual machine is not supported.
  • Many hardware virtualization products allow you to specify the number of virtual processors that should be allocated to each guest virtual machine. The virtual processors located in the guest virtual machine share a fixed number of logical processors in the physical system. Exchange supports a virtual processor-to-logical processor ratio no greater than 2:1. For example, a dual processor system using quad core processors contains a total of 8 logical processors in the host system. On a system with this configuration, do not allocate more than a total of 16 virtual processors to all guest virtual machines combined.

Support Policy and Recommendations for Exchange Server 2003

Microsoft supports Exchange Server 2003 in production on hardware virtualization software (virtual machines) only when all the following conditions are true:

  • The hardware virtualization software is Microsoft Virtual Server 2005 R2 or any later version of Microsoft Virtual Server.
  • The version of Exchange Server that is running on the virtual machine is Microsoft Exchange Server 2003 with Service Pack 2 (SP2) or later.
  • The Microsoft Virtual Server 2005 R2 Virtual Machine Additions are installed on the guest operating system.
  • Exchange Server 2003 is configured as a stand-alone server and not as part of a Windows failover cluster.
  • The SCSI driver that is installed on the guest operating system is the Microsoft Virtual Machine PCI SCSI Controller driver.
  • The virtual hard disk Undo feature is not enabled for the Exchange virtual machine.Note:

    When a Microsoft Virtual Server SCSI adaptor is added to a virtual machine after the Virtual Machine Additions have been installed, the guest operating system detects and installs a generic Adaptec SCSI driver. In this case, the Virtual Machine Additions must be removed and then reinstalled for the correct SCSI driver to be installed on the guest operating system.

Rest of the recommendations are at Microsoft website.

Posted in Exchange | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a Comment »