Microsoft tech•ed Europe 2009, Berlin, 12 November 2009

Slighty shabby and a late start to Thursday following the Windows Server 2008 R2 EAP dinner followed by the 1E TechEd party – a heavy night! 

For the dinner, the UK team chose a fabulous Italian restaurant called Bacco (www.bacco.de/english/restaurant/restaurant.html) which I’d definately go back to and hosted a great evening… many thanks to Stuart, Gareth, Neil, Alex, etc. from Microsoft UK. 

We were also joined by Allen Stewart & Rajesh Dave from corp.  Allen is Principal PM for Windows Server and Raj is a PM for Windows Hyper-V.  Both very interesting & incredibly knowledgable guys with deep understanding across a wide range of topics (and not just Microsoft!).
I pestered them for info on Hyper-V thin provisioning of memory and whilst they couldn’t confirm anything as we all said ‘we live in hope!’ 😉 

…as for the  night, I’d been invited to the 1E TechEd Europe party at Spindler & Klatt www.spindlerklatt.de – an uuber trendy restaurant/club in East Berlin frequented by the likes of Angelina, Clooney, and now Cook! 

What a great party and many many thanks to the team at 1E (www.1e.com).  Did I mention I was the 4th member of the business in the founding year?  (yes I probably did & several times.. lots to drunk! ;-)) We went our separate ways in 1999, oh for a slice of that now… anyway, moving on! 

Seriously though hats off to Samir, Mark, and Phil – they have built a company that knows how to throw a great party (regarded as the best at TechEd), and a team of very bright, talented people who have a lot of respect for the company and its founders. 

Ouch my head is pounding!  time to go to sessions, starting with… 

ITS211 Keeping Your CIO Happy: Microsoft Office SharePoint Server 2007 SLA Scorecarding with Operations Manager 2007 and SQL Server 2008

Gordon McKenna & Sean Roberts speaking at TechEd
Presenters: Gordon McKenna, Sean Roberts, www.inframon.com
Thu 11/12 | 10:45-12:00 | London 2 – Hall 7-1b
Learn how you can create CIO level SLA scorecards in SharePoint Server 2007 for Microsoft System Center Operations Manager 2007 using some of the new features in Microsoft SQL Server 2008 Reporting Services and to create Executive SLA views of your Operational Environment. The session looks at why these types of views are important to many companies, what impact this can have on your business, and what simple steps you can take to achieve very effective, high-level executive views of everything from performance and availability of your key LOB services and applications, whether important SLAs and KPIs are being achieved and whether your IT department is meeting the day-to-day needs of your business. The key demos in this session take you through the steps you need to implement effective business scorecarding in SharePoint Server 2007 using key metrics collected in the Operations Manager 2007 Datawarehouse based on “real-world” experiences gained from the field. After attending this presentation you will have a good insight into how CIO Scorecards can help you add value to your Operations Manager deployments, helping you to show real value to your executives.
Tip – to remove parameter data from Ops Mgr reports imported into a SharePoint webpart, suffix the url with &rc:Parameters=collapsed
Cracking session from Gordon & Sean on how to try and keep your CIO happy (if that’s possible! ;-))
blog Daniel Savage

Service Level dashboard – free solution accelerator dashboard on Microsoft 

SVR401 & 402 DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and Transition Technologies + Part 2 of 2: Putting It All Together

John Cradock presents DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and Transition Technologies 

Presenter: John Craddock (www.xtseminars.co.uk)
Thu 11/12 | 13:30-14:45 | Helsinki – Hall 7-2a
Take a sprinkling of Windows 7, add Windows Server 2008 R2, IPv6 and IPsec and you have a solution that will allow direct access to your corporate network without the need for VPNs. Come to these demo-rich sessions and learn how to integrate DirectAccess into your environment. In Part 1 learn about IPv6 addressing, host configuration and transitioning technologies including 6to4, ISATAP, Teredo and IPHTTPS. Through a series of demos learn how to build an IPv6 Network and interoperate with IPv4 networks and hosts. In Part 2 we add the details of IPSec, and components that are only available with Windows 7 and Windows Server 2008 R2 to build the DirectAccess infrastructure. Learn how to control access to corporate resources and manage Internet connected PCs through group policy. Part 1 is highly recommended as a prerequisite for Part 2.
John Craddock is an extremely talented AD/identity expert, and deeply technical across many other fields – in this case IPv6 & DA.
I was also lucky enough to have a drink with John and my old Microsoft PSS chum Paul Duffy on Monday night at the cleverly named hotel ‘Berlin Berlin’.
John is a genuine international industry expert and a thoroughly nice bloke with it!   Paul, another ‘genie-I’ went on to become PM for Office Communicator and knows a thing or ten about OCS amongst other subjects to a deep level.  This probably explains why these two know each other!
Anyway, back to the session plus my own notes, links, etc.
Gems & Tips
– be careful, not all apps will be compatible – test!
– to be native will likely mean new network gear, is new network layer (layer 2 unchanged)
– hex is back!  use of double colon notation, but can only be used once per address
– cannot mix with ipV4 mask bit notation
– host derived with mac address which has privacy issues, Win7 & R2 generate random based on interface, can be disabled (revert to mac based) with netsh interface ipv6 set global randomizeidentifiers=disabled
– route print -6 will show IPv6 route table
– ::1 is IPv6 loopback
– if you have a registered IPv4 address then you automatically have an IPv6 address on the 6to4 network
6to4 http://en.wikipedia.org/wiki/6to4 states 6to4 performs three functions:
  1. Assigns a block of IPv6 address space to any host or network that has a global IPv4 address.
  2. Encapsulates IPv6 packets inside IPv4 packets for transmission over an IPv4 network using 6in4.
  3. Routes traffic between 6to4 and “native” IPv6 networks.

– you need to manually unblock ISATAP entry in DNS which can be done via the registry or command line, e.g. 

C:>dnscmd /config /globalqueryblocklist wpad 

Registry property globalqueryblocklist successfully reset.
Command completed successfully. 

ISATAP is a huge subject in it’s own right, the Intra-site Automatic Tunnel Addressing Protocol Deployment Guide is available at http://www.microsoft.com/downloads/details.aspx?familyid=0f3a8868-e337-43d1-b271-b8c8702344cd&displaylang=en 

Putting it all together..

– Check tunnel endpoint authentication using ‘klist’ to list Kerberos data
– Use NRTP to direct DNS queries to a specific server for a particular names space (view using ‘netsh namespace show effectivepolicy’)
– PKI needs to be right as certificates are the foundations
– you must publish the revocation list
– NLS (Nework Location Server) is just a https website accessible from the DA server, e.g. nls.corp.example.com
– if it doesn’t work, it could be a couple of days troubleshooting! 

If you’re thinking of setting this up in a virtual lab, I also took note from Allen Stewart’s blog at http://blogs.technet.com/wincat/

…if you’re planning to virtualize your lab environment on Hyper-V, you should ensure you’re using Legacy Network Adapters for the child partition where you’re running the DAS. Using the default synthetic NICs is OK for all the other resources in the test lab, but for the DAS itself, it’s important to have both the Internet and Corpnet NICs as legacy ones, to ensure proper passing of traffic between both sides of the DAS. If you use the default synthetic adapters, you may end up in a situation where traffic doesn’t properly flow from the outside to the inside, even though all your IPsec, 6to4, Teredo, and IP-HTTPS settings are correct. Basically, you’ll be in a situation where connectivity will fail at a basic level, with you not even being to successfully ping the internal DNS server using its ISATAP address.If you’ve already built your lab on Hyper-V using the synthetic adapters, the fix is pretty simple. Just replace them with legacy ones, reconfigure the IP addressing as specified in the guide and rerun the DirectAccess wizard, again supplying all the information specified in the guide. After doing so, all your traffic should flow properly.

– Thanks Allen!

DAT312 All You Needed to Know about Microsoft SQL Server 2008 Failover Clustering

Presenter: Gopal Ashok
Thu 11/12 | 17:00-18:15 | London 3 – Hall 7-1b
There are major architectural changes in SQL Server 2008 for failover cluster setup and management, geared towards increased reliability and high-availability. To learn all the benefits and changes, attend this session for a comprehensive overview direct from the product development group. We cover SQL Server 2008 failover clustering setup, underlying Windows Server cluster and how SQL Server uses it, what’s new in SQL Server 2008 for failover clustering, differences from previous versions of SQL Server and future directions. This includes details of SQL Server 2008 failover clustering setup operations together with demos to illustrate the new setup.

– new features
– applications need retry mechanisms built in to provide seamless failover
– no longer have to take down the cluster to upgrade, supports rolling upgrades 

Want to deploy stretched clusters?  lots do.  As in separate geo-redundant clusters, not separate nodes e.g. 

Stretched SQL Clusters or the doodles of an artist?
Stretched SQL Clusters or the doodles of an artist?

– sql 2008 failover clustering install breaks on windows server 2008 R2 and needs to be slipstreamed with SP1 (If only we knew this last weekend!)
(slipstreaming is incorporating patches into the installation media to effect a higher level of install base over RTM – Microsoft tend to do this but not always quickly!)
see http://blogs.msdn.com/psssql/archive/2009/03/17/how-to-fix-your-sql-server-2008-setup-before-you-run-setup-part-ii.aspx for more info
– during upgrades to a 2-node cluster there will be a period of time when you are exposed to node failure, and must not have a failover attempt for fear of corruption.  removing the node from the cluster owners will stop premature attempted failover. 

Further Microsoft resources.. (will add others also) 

      SQL Server ® 2008 Failover Clustering White Paper: http://sqlcat.com/whitepapers/archive/2009/07/08/sql-server-2008-failover-clustering.aspx 

      Recommended  Books Online  Doc Refresh #7 (May, 2009), or later: http://msdn.microsoft.com/en-us/library/ms130214.aspx 

      Failover Clusters – Getting Started: http://msdn.microsoft.com/en-us/library/ms189134.aspx 

      Rolling upgrade process and best practice: http://msdn.microsoft.com/en-us/library/ms191295.aspx 

      Maintaining a Failover Cluster: http://msdn.microsoft.com/en-us/library/ms178061.aspx 

      Setup command line usage: http://msdn.microsoft.com/en-us/library/ms144259.aspx 

      Configuration.ini file usage: http://msdn.microsoft.com/en-us/library/dd239405.aspx