Posted on

Azure – a cloudless sky?

I signed up for my azure trial some time ago, unfortunately long before infrastructure services reached general availability and for me this is the main feature I am interested in; SaaS and PaaS are secondary points of interest. 

The interface is lovely and clear but from an infrastructure point of view some of the concepts of a VHD existing inside a blob which is displayed elsewhere is a little confusing and on more than one occasion I found myself with multiple VHDs floating about without a virtual machine associated.  Sometimes I was also unable to delete the VHD’s or storage blobs as they were showing as in use; usually waiting till the next day cleared the problem and I could delete them as expected.

azure portal

The templates which were on offer in the preview were a little disappointing but that situation has improved dramatically and since the announcement of general availability there are now three new Windows templates, SQL Server, BizTalk Server and SharePoint Server.  This should really take the sting out of deploying these services to azure and in my opinion lowers the barrier to entry a little as SharePoint in particular can be a demanding deployment.  For everyone else you can simply pick up one of the basic server 2012, 2008 or Linux templates and build from there or even upload your own virtual machine images.  I think Azure offers a great get out of jail card for smaller businesses and enterprises a like who can leverage the IaaS as a Virtual DR site for their datacentres or critical apps.

Along with the announcement of general availability of IaaS there has been separate announcement of price changes which from my understanding removes the discounted preview price and brings some of the larger compute instance costs in line with Amazon.  Personally I am a little disappointed to see the Extra Small (A0) instance jump in price by 50% as this was my favourite instance for running a little “Desktop in the cloud” but it is good to see the larger instances drop in price.

One advantage to the Azure cloud with the Extra small instance is that there is no difference in cost between Linux and windows compute instances so Microsoft are effectively giving away the windows server guest license for free so while It can on the surface look pricey to leave a server always on in the Azure cloud, once you factor in the server license as well things start to look a little more competitive.

I would love to be able to take my trial over again and play with some of the new templates for free but I fear I will have to get the credit card out to play with Azure again.

Posted on

Windows Server 2012: Thoughts so far

When I first booted up into windows server 2012 I genuinely couldn’t believe my eyes.  The user interface formerly known as metro?  On a server?  Who is going to have a touchscreen on a server?  But slowly, it starts to make sense.  When you open the start menu it is usually because you are looking to start an application or configuration console from a shortcut, and with the old start menu the rest of the screen is somewhat redundant.  Not any more; every icon in the menu now fills the entire screen and the Win key + search term combo stills works so I am happy.  The only thing I miss is the ability to shift and right click on an item to run it as another user; now I have to pin it to the task bar and go to the desktop to do so.  A minor inconvenience, but an inconvenience none the less.

metro 2012 gui

Now on to some of the amazing new features of 2012: I love the ability to team network interfaces at the OS level.  Previously, you were at the whim of your network card drivers to achieve any kind of teaming, whereas now you can use whatever network interfaces you like to create a bit of redundancy and/or failover.  I can’t say enough good things about the new server manager either; it makes adding roles and features a breeze, particularly when compared to previous versions.  You can quickly and easily add a role or make a change to entire clusters of servers from one server manager console.

server 2012 manager

The new resilient file system, and in particular the Deduplication feature of 2012, look very exciting and I suggest everyone tries building a test 2012 server and moving their file shares to it, just to see how much space you could save with deduplication.  Actually using it in production could be a little trickier as it requires backup solutions that are Deduplication aware ,or else on a restore you may find yourself rapidly running out of space or encountering other issues.  I don’t imagine it will be long before vendors include support for this feature.  Another great new feature of the resilient file system is that you can now run check disk online; never again will you have to restart and wait while check disk trawls tediously through a volume before the operating system starts. The new resilient file system also does not re-use the same disk blocks during a write, so if there is a power outage or other failure, the original data will still be readable.

PowerShell 3 is touted to have over 2,400 command-lets and to be honest I am only starting to scratch the surface of what is now available, but it is safe to say that if you liked PowerShell in 2008 R2,  you will love it in 2012.  A useful trick I use to learn more about PowerShell is to first configure something in the GUI and then hunt through the PowerShell logs in event viewer to see all the actual commands that were run.  Also dont forget to check out the new PowerShell 3.0 ISE.

PowerShell 3.0 ISE

There are other less tangible improvements such as boot time; it certainly feels a lot quicker to be up and running than previous versions.

There are a few gotchas.  For example, while deploying a new Lync 2013 environment I discovered that 2012 has much tougher certificate requirements, and even a single non self-signed certificate in the “Trusted CA” certificates folder was enough to upset the reset of the certificates in the personal store. So if you are planning to move to 2012 any time soon, now is a great time to think about cleaning up your certificates and rationalising any you have pushed out via group policy.  Another issue I faced was with a core edition server which had many updates applied.  I then tried to install the server GUI and found myself unable to do so, I would recommend that you build all servers with the GUI, update them and then uninstall the GUI so that you have the option of re-adding it later should you so desire.  The new “Minimalism” interface offers a reasonable compromise if the core is a little to extreme for you but you want to realize the benefits of a lighter footprint.

Hyper-v is now in its 3rd generation and each new version feels a little more mature and stable, and if you are already paying for datacentre licenses for your hosts this new version makes it harder than ever to justify paying for a competitor’s Hyper-visor when this is already included in your datacentre licenses.  Unfortunately I have not yet built a 2012 Hyper-v cluster, but even running it on single hosts I can see improvements. Additionally, running native hyper-v guests means that you can always export them to Azure, either for a bit of extra capacity or as a backup/DR solution.  My only gripe is that the new Hyper-v management tools can’t manage older 2008 R2 Hyper-v hosts, but I guess that is one of the prices of progress.

hyper-v manager 2012

Posted on

Remote Desktop Fails and server logs schannel error

Connecting to a remote desktop server fails and the server logs and error with the source: Schannel; Event ID 36888.  Schannel errors are usually down to problems with SSL and certificates.  This case is no different.  Simply run mmc.exe and go to “file” then “add/remove snap-ins” and select “certificates” and choose “computer account”

Next navigate to remote desktop > Certificates and highlight the certificate with the computer name listed in the “issued to” and “issued by” field and delete it.

certificates

 

Once the certificate is deleted simply disable then re-enable remote desktop services and restart the remote desktop service service.  This should regenerate the certificate and you should now be able to connect to your remote desktop server again.

Posted on

This workbook cannot be opened because it is not stored in an Excel Services Application trusted location when using SSL in Sharepoint 2010

When attempting to view or edit and Excel workbook in the browser you get the following error:

Cannot open trusted location

Curiously this error doesn’t occur when opening the same file without using SSL over a HTTP which suggests it isn’t actually the location the file is stored in which isn’t trusted but in fact the URL used to access it.

To resolve the problem follow the following steps:

1. Open the central administration site and navigate to “Application settings” and then “Manage Service Applications”

service applications screenshot

2. Once the “manage Service Applications” page has loaded locate and click on “Excel Services Application”

ExcelServicesApplication

3. Click on “Trusted File Locations”

trustedfilelocations

4.  Click on “Add Trusted File Location” and type “https://” in the address field then tick the “Children trusted” box.  You may also wish the change the “Allow External Data” setting to “Trusted data connection libraries and embedded if required in your worksheets.

trustedlocationconfig

5. Click on OK and re-try opening your excel workbook.  The workbook should open correctly.

While the above settings are appropriate for most organisations you may wish to edit the default http:// path to reflect only your own access URLs instead of the whole http:// and https:// range.  If you do this just remember to revisit this should you add or change any alternate access mappings.

Posted on

SCCM 2012 Client Package waiting for prestaged content

Clients local to the SCCM site (or all clients for a single site install) fail to deploy the client and the distribution status shows “Distribution Manager is waiting for Package XXX00001 content to be prestaged on the distribution point”

This is a strange one which can crop up after an upgrade to sp1 or on a fresh install.  It doesnt appear to be possible to distribute the content manually as the client package is a system one and the option is not avaliable.  A work around is to navigate in to Administration, highlight the affected server and right click on the distribution point site system role and then properties.  Simply deselect the “Enable this distribution point for prestaged content”

disableprestaged

 

Next locate the package in the software library and click on “Update Distribution Points.”  The client should now succeed in distributing and it is safe to re-enable the distribution point for prestaged content if required.

updatecontent

Posted on

SharePoint management shell commands fail with access denied when using run-as

I often log on with a non privileged account and then execute individual applications or scripts as a privileged account using the “run as” feature found in windows.  Unfortunately it seems with the sharepoint management shell that this often fails with access denied.

 

error message

First double check you are sure the account your using is correct, is in the farm administrators group and has shell access (try Get-SPShellAdmin and if you don’t have it get a user who is a shell admin to add you with Add-SPShellAdmin with no database specified.)

I found that actually logging on as the privileged user worked around the error.  It is a shame as it means working interactively as an admin which always introduces a little bit of risk and I personally like the safety net of having to explicitly run something as admin if I want to make changes.

No error message

 

Notice the change in background colour and the window title when run directly instead of with the run as option.

Posted on

OpenVPN on Windows 8 Routing fails

I just installed OpenVPN on Windows 8 and found that everything looked to be in order, the software ran (as administrator) and appeared to connect with a delay and a number of errors in the log.  The result being that the VPN connection wasn’t working properly.

It looks like OpenVPN requires the “Network Connections” service to be running.  Simply change this service from manual to automatic (so you don’t have to do this again) and start it.  OpenVPN should then connect correctly with no warnings.

Posted on

Installing Google Chrome on Linux Mint 13 Maya

Simply downloading and running the .deb software package for Google Chrome results in an error with missing dependencies and a broken cache.  Running the suggested “apt-get install -f” does not resolve the situation either.

To get the browser up and running start by downloading and adding Google signing key:

wget -q -O – https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add –

Now lets download the deb file:

 wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb (change stable to beta if you wish)

Finally install the Google Chrome package.  This should also add the Google Chrome repositories which will allow updates to Chrome in future.

 sudo dpkg -i google-chrome-stable_current_amd64.deb (change stable to beta if you wish)

Check out the following page for more information:

http://www.google.com/linuxrepositories/

Posted on

Unable to add new SharePoint 2010 server to farm due to missing products and patches when service pack 1 media is used.

Recently I built a new SharePoint 2010 server and attempted to add it to an existing farm.  The original servers were all setup on the original pre-SP1 media and then updated organically while for the new server I opted to use the latest media for sharepoint and office web apps which comes with SP1.

The install went through fine with no errors however on attempting to join the farm I was prompted to install many products and patches.

Curiously the same update is listed twice for different build numbers and installing the update only satisfies one of the build numbers listed in the check.  In addition to this a number of language packs are all listed as missing locally with the build number 14.0.6029.1000 despite none of these actually being installed on the original existing servers.

The full list of items:

Microsoft SharePoint Server 2010 Installed Across Server Farm 

Microsoft SharePoint Foundation 2010 1033 Lang Pack

Update for Microsoft SharePoint Foundation 2010 (KB2553014) (14.0.6106.5000)
Missing on xxxx
Missing Locally
Update for Microsoft SharePoint Foundation 2010 (KB2553014) (14.0.6109.5000)
Missing on xxxx
Missing on xxxx
Microsoft SharePoint Portal

Security Update for Microsoft SharePoint Server 2010 (KB2494022) (14.0.6106.5001)
Missing on xxxx
Microsoft Shared Components

Security Update for Microsoft SharePoint Server 2010 (KB2560885) (14.0.6106.5001)
Missing on xxxx
Missing on xxxx
Microsoft Word Server

Update for Microsoft Sharepoint Server 2010 (KB2553132) 64-Bit Edition (14.0.6108.5000)
Missing on xxxx
Missing on xxxx
PerformancePoint Services for SharePoint

Security Update for Microsoft SharePoint Server 2010 (KB2566456) (14.0.6106.5001)
Missing on xxxx
Missing on xxxx
PerformancePoint Services in SharePoint 1033 Language Pack

Security Update for Microsoft SharePoint Server 2010 (KB2566958) (14.0.6106.5001)
Missing on xxxx
Missing on xxxx
Microsoft Document Lifecycle Components

Security Update for Microsoft SharePoint Server 2010 (KB2566954) (14.0.6106.5001)
Missing on xxxx
Missing on xxxx
Microsoft Office Server Proof (Arabic) 2010

Microsoft Office Server Proof (Arabic) 2010 (14.0.6029.1000)
Missing Locally
Microsoft SharePoint 2010 Service Pack 1 (SP1) (14.0.6029.1000)
Missing Locally
Microsoft Office Server Proof (German) 2010

Microsoft Office Server Proof (German) 2010 (14.0.6029.1000)
Missing Locally
Microsoft SharePoint 2010 Service Pack 1 (SP1) (14.0.6029.1000)
Missing Locally
Microsoft Office Server Proof (French) 2010

Microsoft Office Server Proof (French) 2010 (14.0.6029.1000)
Missing Locally
Microsoft SharePoint 2010 Service Pack 1 (SP1) (14.0.6029.1000)
Missing Locally
Microsoft Office Server Proof (Russian) 2010

Microsoft Office Server Proof (Russian) 2010 (14.0.6029.1000)
Missing Locally
Microsoft SharePoint 2010 Service Pack 1 (SP1) (14.0.6029.1000)
Missing Locally
Microsoft Office Server Proof (Spanish) 2010

Microsoft Office Server Proof (Spanish) 2010 (14.0.6029.1000)
Missing Locally
Microsoft SharePoint 2010 Service Pack 1 (SP1) (14.0.6029.1000)
Missing Locally
Microsoft® Office Web Apps Missing Locally

All in all it looks to me like the slipstreamed sp1 media contains a number of old/broken files.

I ended up completely removing both SharePoint 2010 and office web apps from the new server and then installing the products again from the original pre-sp1 media and then updating to sp1 manually.  This had the desired effect and the odd missing updates for unexpected build numbers and missing language packs were all gone and the new server joined the farm as it should without issue.

 

Posted on

“HostStorageSystem.ResolveMultipleUnresolvedVmfsVolumes” Error when adding existing iSCSI datastore

I have a situation where one VMware vSphere 4 host in a cluster had to be rebuilt and on attempting to add the existing vmfs3 datastores with the “keep the existing signature” to the host there is a 30 second delay before eventually the following message appears:

Error:Cannot change the host configuration. Error Stack Call “HostStorageSystem.ResolveMultipleUnresolvedVmfsVolumes” for object “storageSystem-9” on vCenter Server “SERVER.FQDN” failed.

I believe this is down to a problem/bug with how it handles the signatures.  For me a work around was to connect the vSphere client directly to the host instead of the vSphere server where I was able to add the storage with no errors.