Aidan Finn, IT Pro

Microsoft just released a MOM 2005 management pack for Office Project Server 2007.

The Microsoft Office Project Server 2007 Management Pack helps you detect and respond to critical events generated by Office Project Server 2007. The Management Pack collects the events from the Microsoft Windows Server 2003 event logs and highlights events that might indicate possible service outages or configuration problems, so you can take action.

No special configuration is required after you import the Management Pack. The default notification group for processing rule responses within this Management Pack is Microsoft Office Project Server Administrators. For information about adding operators to this notification group, see the Microsoft Operations Manager 2005 online help.

This Management Pack quickly brings failures or configuration problems to your attention so you can proactively increase the availability and performance of Office Project Server 2007. This Management Pack also provides the knowledge and expertise you need to leverage MOM 2005 and get an immediate return on your investment.

This Management Pack must be used in combination with the Windows SharePoint Services 3.0 Management Pack.

This Management Pack alerts you about the following critical conditions:

• Active Directory synchronization failed
• Cube build failed
• Database connection failed
• E-mail notification delivery failed
• Project plans take a long time to open
• Version incompatibilities exist between the client and server
• Large number of queue jobs are failing
• The Microsoft Office Project Server Queue service is not running
• The Microsoft Office Project Server Events service is not running
• Missing server-side event handlers
• Project workspace creation failed
• Project workspace user synchronization failed

Note: The document is now being shared from my personal website.

I’ve just finished a guide to System Center Configuration Manager 2007 (CM 2007).  It covers the basics on the product, architecture and installing the product to get basic functionality.  It is the first in a series on CM 2007.

It is expected that in March 2007, Microsoft will release System Center Configuration Manager 2007, the successor to SMS 2003/2003 R2. This document aims to illustrate the new features in CM 2007, document the installation strategies and show an installation of the product.

Quite briefly, the history of this product is one of progress. My first exposure to it was SMS 2.0. Colleagues who worked with it had not much good to say about it. Conversation with others led me to believe that it held much promise but it was painful to own. SMS 2003 was a much better product; in fact, I loved how easy it was to deploy and how powerful it was when used in conjunction with Microsoft Operations Manager 2005. Over time, a number of free to download feature packs extended to functionality of SMS 2003 so that it could automate the deployment and management of more and more of the network. SMS 2003 Release 2 (R2) was a minor update. In included SMS 2003 with Service Pack 2 and 2 exclusive feature packs that added the ability to scan security and manage updates for third party and/or in-house developed applications.

CM 2007 continues the gradual improvement process that was seen from SMS 2003 to SMS 2003 R2. However, it’s a much bigger and much more worthwhile leap.

This whitepaper will:

• Document the new features of CM 2007.
• Explain the basics of CM 2007 architecture.
• Give examples of deployment scenarios using CM 2007.
• Present a sample CM 2007 installation.

This is the first in a series of documents based on CM 2007. In the future, you can expect to see documents that drill down into components of the product and provide more detail.

This document is based on the Beta 1 Refresh release of CM 2007. You’ll notice that the product still refers to things as “SMS” or “SMS v4”. This is likely to all change or “Configuration Manager” and “Configuration Manager 2007” before it is released to manufacturing.

The document continues.

I know … it says "Software Development Environments".  I try to steer clear of all those "agility" and "software factory" things that MS bandies about because the’re code words for "developers only!".  But this time, this might highlight something of real interest to infrastructure specialists.  Software developers should be constantly testing and rebuilding their PC’s.  That means that Vista will constantly look to reactivate.  Hence, lots of information about how to manage Vista activation.

Anyway, Microsoft has released a document on how to plan for activation in such an environment.

Microsoft has released ActiveSync 4.5.  This software is installed on Windows PC to enable PDA’s to synchonrise with desktop and domain resources (via the PC).

I’ve not had a PDA in years but when I last had one, the installation of this software required the user of the device to have admin rights.  I hated that.  Luckilly, the Active Directory that I designed managed local admins via restricted groups in Group Policy.  We could add the user into the local administrators group by hand (as before), log them in, install the software and GPO would eventually refresh and remove the user from the administrators group.

The Exchange team posted some information about how the DST update for North America is affecting Exchange 2003.  Give it a read if you manage resources in North America.

Vista is only out the door and speculation on its replacement has already started.  Sure enough, MS is already working on it and seeking feedback.  But the speculation has lead to a comment from Microsoft.  So here it is, straight from the horses’s mouth (Kevin Kutz, Director, Windows Client):

"The launch of Windows Vista was an incredibly exciting moment for our customers and partners around the world, and the company is focused on the value Windows Vista will bring to people today. We are not giving official guidance to the public yet about the next version of Windows, other than that we’re working on it. When we are ready, we will provide updates.”

Patch Tuesday is here again.  We’ve got a big one this month.  The following updates will be available from Microsoft Update in the following few hours:

Critical

• MS07-008: This update resolves a vulnerability in HTML Help that could allow remote code execution – Windows.
• MS07-009: This update resolves a vulnerability in Microsoft Data Access Components that could allow remote code execution – Windows.
• MS07-010: This update resolves a vulnerability in the Microsoft Malware Protection Engine that could allow remote code execution – Microsoft Antivirus.
• MS07-014: This update resolves vulnerabilities in Microsoft Word that could allow remote code execution – Office
• MS07-015: This update resolves vulnerabilities in Microsoft Office that could allow remote code execution – Office.
• MS07-016: This update resolves vulnerabilities in Internet Explorer that could allow remote code execution – Windows, Internet Explorer.

Important

• MS07-005: This update resolves a vulnerability in Step-by-Step Interactive Training that could allow remote code execution. User interaction is required to exploit this vulnerability – Windows, Interactive Training.
• MS07-006: This update resolves a vulnerability in Windows Shell that could allow elevation of privilege – Windows.
• MS07-007: This update resolves a vulnerability in the Windows Image Acquisition Service that could allow elevation of privilege – Windows.
• MS07-011: This update resolves a vulnerability in Microsoft OLE Dialog that could allow remote code execution. User interaction is required to exploit this vulnerability – Windows.
• MS07-012: This update resolves a vulnerability in Microsoft MFC that could allow remote code execution. User interaction is required to exploit this vulnerability – Windows, Visual Studio.
• MS07-013: This update resolves a vulnerability in Microsoft RichEdit that could allow remote code execution. User interaction is required to exploit this vulnerability – Windows, Office.

Again, no Vista or Office 2007 in the affected software list.

Please be sure to test, test, test before you deploy these updates.

Microsoft is claiming they have the largest Windows Sharepoint Services 3.0 deployment in the world.  I don’t doubt them.  Having talked to various MS people about the subject of Sharepoint, I know how much they use it.  They’ve been using it for 6 years now and have all but eliminated the use of the file share for document sharing (there’s probably some left, in some dark corner!).

They’ve published a document that describes the lessons learned by Microsoft IT from their day-to-day operations of managing Sharepoint Servces 3.0 and Office Sharepoint Server 2007.

As you may know, every version of Vista, either off the shelf or volume license, requires activation.  I can’t say I’m a big fan of activation in the volume license market but I’ve no say in the matter.

The silver lining on this cloud is that we can limit our communications with Microsoft in the activation process if we have volume licensing by using a Key Management Server (KMS).  You can install a KMS on a server in your network and input your one volume license key.  You can then instruct clients to activate against this KMS server.  This is kind of like W2003 Terminal Server licensing.

You get 1 license key that you can install on 2 KMS servers.  This allows for a DR installation.  You can prbably use it again after talking to Microsoft.  You need to install the KMS on a secure network.  This key is being trusted to you by Microsoft to facilitate easier use of their anti-piracy system.  The KMS is very light … MS claim they could run their 55,000 user network off of 2 laptops.  It will have little impact on existing machines.  Clients only activate after their 25th attempt … this allows for temporary machines.  Clients will continually reactivate every 7 days … you can consider it as a lease.  The license timeout is 180 days plus a 30 day grace period … after this your client will be reduced to core funcationality, i.e. enabling you to reactivate.

Considering the criticality and lightweight nature of this function, I’d want to implement this service on a virtual machine, e.g. Microsoft Virtual Server 2005 R2 or VMware ESX/Virtual Server.  Being lightweight is perfect for VM’s, even for VM sceptics.  And the DR possibilities and mobility of the VM files means you can quickly recover this machine to alternate locations, e.g. full file backup, snapshots in VMware, volume shadow copy of the VM in Virtual Server 2005 R2 SP2.

Vista and Longhorn machines have the native ability to be a KMS server.  Windows 2003 servers require a download an an installation.  Microsoft has just made those downloads available.  There is an x86 and an x64 version.

Credit for KMS Information: PFoster.

Microsoft has published a release candidate of WSUS 3.0.  You can download it from Connect.  You will have to register, even if you were a beta tester of WSUS 3.0.  WSUS 3.0 features:

• Improved architecture possibilities.
• Delegation of reports.
• More reports.
• More granular automated approval rules.
• Use of an MMC 3.0 administration console instead of the web console.

Check out my whitepaper on WSUS 3.0 if you are interested in this product.