Windows 7: Take control of system security

The Control Panel in Windows 7 provides a number of options for securing your system, configuring backups, adjusting firewall settings and so on.

Jorge Orchilles

Adapted from “Microsoft Windows 7 Administrator’s Reference” (Syngress, an imprint of Elsevier)

Windows 7 comes with a variety of security and system management tools. There are tools for managing the local system, managing hardware and devices, and managing disks and file systems. The Control Panel is one of the most commonly used ones. The Control Panel has long been a central place to go to configure your Windows system. The look has changed over the years, but the tools have remained similar. We’ll take a closer look at the system and security aspects and functions of the Control Panel.

The System and Security category contains applets to help you secure, fine-tune and optimize your system. The subcategories under the System and Security category are Action Center, Windows Firewall, System, Windows Update, Power Options, Backup and Restore, BitLocker Drive Encryption and Administrative Tools. Here’s a brief overview.

Action Center

The Action Center helps you resolve basic system issues. It can help troubleshoot security, maintenance and performance issues. In the Action Center, you have four options: Review your computer’s status and solve issues, Change User Account Control (UAC) settings, Troubleshoot common computer problems, and Restore your computer to an earlier time.

If you choose Review your computer’s status and solve issues, the Action Center will display any issues that your system has detected. These could be issues with security, Windows Update, Windows Backup or a host of other issues.

If you choose Change User Account Control settings, the UAC Settings window will open. UAC is used to control whether programs can make changes to your system. This is important because you don’t want malicious programs to be able to make system changes.

The UAC Settings window includes four options:

• Always notify: The user will always be notified when either the user or a program attempts to make changes to the system.
• Notify me only when programs attempt to make changes to my desktop: The desktop will be dimmed when these attempts are made. This is the default option.
• Notify me only when programs attempt to make changes to my desktop (do not dim my desktop): The desktop will not be dimmed when these attempts are made.
• Never notify: The user is never notified when either the user or programs attempt to make changes to the system.

If you choose Troubleshoot common computer problems, the troubleshooting applet will open. The troubleshooting applet helps you troubleshoot issues with programs, hardware, Internet connections, appearance, personalization and security.

Choosing Restore your computer to an earlier time will open the Recovery window. In the Recovery window, you can open the System Restore wizard. System Restore lets you restore system files and settings without losing your personal files and data. You can select a restore point, and Windows 7 will restore your system to the state it was when the restore point was created.

The Recovery window also has an option for Advanced Recovery Methods. These will restore your system, but everything will be replaced, including your personal files and data. You can restore your system using a previously created image. You can also choose to reinstall Windows 7 using the original installation media. If you choose either of these methods, you’ll be able to back up your important files and data.

Windows Firewall

The Windows Firewall protects your Windows system from network-based threats. You can control who has access to your system and what level of access they have. The Windows Firewall applet lets you configure these firewall settings.

You have two options in the Windows Firewall section of the Control Panel: Check firewall status and Allow a program through Windows Firewall. Check firewall status will bring up the Windows Firewall window. This option lets you see if the Windows Firewall is enabled or disabled on your system. You can also see Windows Firewall settings for incoming connections and notifications.

Allow a program through Windows Firewall will bring up the Allowed Programs window. Here you can see what programs the Windows Firewall allows. If you want to change these settings, you must choose the Change settings option. Then you can select a program to allow and specify the networks with which the program is allowed to communicate.

The Details option will show you the path to the executable for the allowed application. If you want to allow a program not listed, you can choose the Allow another program option. You can then specify the location of another program you want to allow through the firewall.

System

The System section of the Control Panel lets you view and configure basic system settings. This section has five options: View amount of RAM and processor speed, Check the Windows Experience Index, Allow remote access, See the name of the computer and Device Manager. View amount of RAM and processor speed will launch the System window. Here you can view basic system information. You can see the processor speed, the amount of RAM in the system, the system type, computer name and other important information.

Check the Windows Experience Index will launch the Performance Information and Tools window. You can see your system’s Windows Experience Index. The Windows Experience Index is a number between 1.0 and 7.9 that represents the overall performance of your system.

Your index is based on five components: processor, memory, graphics, gaming graphics and primary hard disk. Each of these components is given a rating. Your index is based on the lowest individual score for the components. You can rerun the assessment any time you wish. This will help you determine if changes made to the system increased or decreased overall performance.

The Allow Remote Access option brings up the Remote tab of the System Properties window. You can use this tab to enable or disable Remote Assistance. You can also use it to enable or disable Remote Desktop.

Selecting See the name of this computer will launch the System window. You can view the name and description of the computer. In addition, you can view the workgroup or domain in which the computer resides. You can also use this window to change the name of the computer or change the system’s workgroup or domain.

You can use the Device Manager to manage the hardware devices in your system. You can install, disable and uninstall devices. You can update drivers. You can also use Device Manager to determine when there’s a problem with one of your hardware devices and when one of your devices isn’t functioning properly.

Windows Update

Windows Update keeps your system up-to-date with the latest updates and patches. Windows Update can automatically download and install device drivers, OS patches and application patches. There are three options in this section: Turn automatic updating on or off, Check for updates and View installed updates. The option named Turn Automatic Updating on or off will bring up the Windows Update Change Settings window.

You can enable or disable Windows Update on your system. You can also control how updates are handled. You can set whether updates are automatically downloaded and installed, or whether user intervention is necessary.

The Check for updates option brings up the Windows Update window. Windows Update will check and see what updates are available for your system. It will also let you know when your system was last updated. Selecting View installed updates will bring up the Installed Updates window.

The Installed Updates window will list all the updates installed on your system. You can see OS updates, application updates and security updates. The Installed Updates window also lets you uninstall updates from your system.

Power Options

The Power Options section includes the following options: Change battery settings, Require a password when the computer wakes, Change what the power buttons do and Change when the computer sleeps.

The Change battery settings option brings up the Power Options window. This is where you choose a power plan. Power plans determine how your system will manage energy consumption, especially when running on battery power. A good power plan will help extend the amount of time your system can run on battery power.

Choosing Require a password when the computer wakes brings up the Power Options System Settings window. This lets you configure whether a user has to enter a password when the system comes out of sleep mode. Take note that in order to make changes to this setting, you have to first select the Change settings that are currently unavailable option. Choosing Change what the power buttons do also brings up the Power Options System Settings window. You can configure what your system does when you press the power or sleep buttons. You can also configure what happens when you close the lid on your laptop.

Change when the computer sleeps launches the Edit Plan Setting window. This lets you change the settings for your current power plan. You can control when the display will dim or turn off. You can configure when the system will enter sleep mode. You can also adjust the screen brightness.

Backup and Restore

The Backup and Restore section of the Control Panel includes two options: Back up your computer and Restore files from a backup. The Back up your computer option will launch the Backup and Restore window. You can use the Backup and Restore window to create a system image, create a system repair or perform a backup of your system.

Back up now starts a new system backup. The backup will use your current backup device and location. Turn on schedule lets you set up periodic backups of your system. You should schedule these backups for a time when the system will be online, but not in use. The Change settings option will allow you to change the default settings for your backups. For example, you can use this to change the default backup location.

The Restore files from a backup option will bring up the Backup and Restore window. At the bottom of the window, there’s a Restore section. The Select another backup to restore files from option will bring up the Restore Files wizard. The Restore Files wizard will walk you through the process of doing a restore. You’ll have to specify the location of the backup to restore from, the files you want to restore and what you want to do with the restored files.

Administrative Tools

The Administrative Tools section includes the following options: Free up disk space, Defragment your hard drive, Create and format hard disk partitions, View event logs and Schedule tasks. Choosing Free up disk space launches the Disk Cleanup applet. This will scan your system and determine what can be done to free up space on your disks. You can delete Downloaded Program Files, Temporary Internet Files, Offline Web pages, files in the Recycle Bin, Setup Log Files, Temporary Files, Thumbnails, Per-user archived Windows Error Reports and System-archived Windows Error Reports.

The Disk Cleanup applet also includes an option to Clean up system files. This opens the Disk Cleanup applet with a tab called More Options. On the More Options tab, you have the option to remove programs you don’t use. You also have to option to remove older system restore points.

Choosing Free up disk space will bring up the Disk Defragmenter. This can help improve performance of your drives. Fragmentation occurs when files split all over your disks. When this happens, your disk has to do more work to access files. The Disk Defragmenter will move your files to a contiguous location. This will speed disk-access performance.

Create and format hard disk partitions will bring up the Disk Management console. You can use the Disk Management console to manage your hard disks and disk partitions. You can create partitions and format partitions. You can also configure fault tolerance for your disks.

Choose View event logs to open the Windows Event Viewer. You can view the Windows logs Application, Security, Setup and System. You can also view individual logs for certain Windows applications and Windows services. You can use Event Viewer to view logs on the local system or a remote system.

Schedule tasks launches Task Scheduler. Use this to schedule tasks to run at specified times. This is great for administrative and maintenance tasks that must be run on a regular basis. Task Scheduler offers great flexibility. You can use the Create Basic Task wizard or manually create a task.

You can schedule tasks to run once, daily, weekly, monthly, when the computer starts, when a user logs on or when a specific event is logged. The task can be to run a program or script, send an e-mail or display a message. Task Scheduler also lets you import and export tasks. This is useful if you want to run the same task on multiple systems.

I’ll cover other aspects of the Control Panel features and functions—such as the myriad options for network and hardware settings, personalization, establishing credentials and so on—in future articles.

Read More

Cloud Computing: Developing unique cloud solutions

When developing cloud solutions for specialized organizations such as government agencies, there are a number of areas to consider, including security, mobility and interoperability.

Niten Malik

Developing enterprise-class cloud computing solutions for unique functions such as supporting government agencies is a challenge. While traditional strategies have involved custom development or modifying off-the-shelf enterprise resource planning (ERP) systems, using a stable development platform based on Microsoft Dynamics CRM and SharePoint gives you significant flexibility and scalability.

Last month, I looked at the higher-level considerations for developing customized cloud solutions for specific purposes. Here I’ll examine some of the specific areas you have to keep in mind, such as mobility, security and interoperability.

Mobility management

Users have increasing expectations for access to systems and information through any type of device, whether it’s their desktop PC, laptop, tablet or phone. They require anytime, anywhere access to data, applications and people.

Through a platform like Dynamics CRM Mobile, users can have access to the full breadth of Microsoft Dynamics CRM functionality, including its dashboard capabilities. And they can do so on the mobile device of their choice. There’s no need to load multiple apps onto their device. Microsoft Dynamics CRM Mobile provides a single, consistent application experience.

It provides device-specific application experiences that are natural and intuitive across a range of platforms and targeted UXs. Because it’s based on HTML5, it can structure and present content on different Web browsers. The solution adapts so the look and feel is optimized for different hardware platforms.

You centrally manage Microsoft Dynamics CRM Mobile. You can configure record types, forms, views, offline synchronization rules and navigation structure for the mobile application. You only have to publish these configurations once, regardless of the range of devices that users employ. This simplifies and streamlines mobile CRM management.

To cater to your users’ different needs, you can establish multiple profiles that expose role-specific data and functionality. The result is a mobile experience tailored and optimized for every type of user, whether their job function is sales, marketing or finance, for example. You can also remotely wipe devices of CRM data should a device be lost or stolen, or if an employee leaves the company.

Platform adoption

Having consistent and familiar UIs across multiple, widely used Microsoft applications such as SharePoint, Office and Outlook results in high user adoption rates for a Dynamics CRM-based line-of-business (LOB) application. These friendly and intuitive UIs boost user-adoption rates, which in turn improves data quality.

The seamless integration between Dynamics CRM and other Microsoft Office products further increases adoption. For example, you can add a Dynamics CRM-based solution as a widget within Outlook. This eliminates the need to switch back and forth between applications.

Integration with Word provides an easy mail-merge capability. Excel offers powerful, self-service visualization and analysis tools for enterprise data. Multiple-device support enables access to information through the Web or through mobile devices, further expanding the usability of Dynamics CRM-based solutions.

Collaborative operations

Optimizing operations with the seamless out-of-the-box integration between Microsoft Dynamics CRM and SharePoint with Outlook, Lync and Office can fundamentally change how you work. Optimized business process operations can deliver a significant productivity improvement.

Consider these potential scenarios. In a typical credential-management use case, adjudicators often need to consult on eligibility questions or documentation provided by the customer. This consultation typically involves creating escalation and problem solving via e-mail or a meeting. This creates unpredictable delay in case resolution.

On a factory floor, if a high-speed, highly automated machine is followed by a machine that involves a lot of manual intervention, the factory’s overall productivity and output will suffer. When manual intervention is impossible to avoid, a collaborative process is required to solve problems more efficiently.

One example may be designing operations to leverage integration between SharePoint and Dynamics CRM, such that an adjudicator has easy access to expertise on SharePoint My Site or can use embedded search to find a relevant blog. The presence of the individual expert is automatically synchronized with his Outlook calendar.

You can have the adjudicator connected to an expert within SharePoint or a CRM workflow via Lync and be actively collaborating within minutes. The Lync platform facilitates collaboration in multiple ways, from instant messaging and video conferencing to desktop sharing and in-browser co-editing of documents.

Development considerations

The Microsoft Dynamics CRM development platform offers many features to rapidly deploy LOB applications. These capabilities include:

Data Model: The Dynamics CRM framework includes an extensive list of predefined data entities common to many business applications. Common processes won’t require that you build these entities from scratch. You can easily customize most entities or define completely custom entities.

UI: Dynamics CRM provides HTML-based pages to browse and manage data. You can easily customize the form content, layout and site navigation. You can integrate external UIs and applications as part of the navigation embedded within CRM forms.

Workflows: The Windows Workflow Foundation is integrated with the Dynamics CRM framework to implement business process automation as a single step or complex series of steps, checks, waits and rules. You can execute workflows manually or automatically when records or a data value changes. You can also use workflows to create activities, update records, create alerts, send e-mail on a user’s behalf or implement other custom tasks.

Your users can easily create new workflows and edit parameters using an intuitive interface to control how they work and when they run. They can define workflows at the organizational level to apply to everyone, or to apply to individuals as personal workflows.

Security: At its most basic level, the security model maintains access control over data and services. It allows user profiles and rules for each piece of data to secure sensitive information and meet data privacy requirements.

For single sign-on, authentication and authorization, the framework leverages Microsoft Active Directory. This lets a user enter and exit multiple tenants to which they’ve been granted access without having to log in multiple times. When the user is within a certain tenant, they won’t be able to view information in another tenant even if they have access to that tenant. They’ll need to exit and reenter the other tenant to access that data. This is how the framework guarantees data won’t be improperly combined. Once user access has been granted, the per-tenant security model provides a highly efficient means of establishing and changing security privileges to ensure users always have appropriate access.

Role-based security defines privileges based on business roles within each tenant, rather than on individual users. Users can have one or many roles associated with them, with additive privileges across roles. They can perform many roles within a tenant and the system will automatically recognize the correct security privileges.

Business units group users together and grant authorization based on roles. Business unit design can mirror or help facilitate company structure within the security model. Each business unit defines roles inherited from the organizational hierarchy or specific to it’s the unit’s needs. Each user is then allocated to a single business unit, and assigned one or more security roles within that unit.

Security for reports is just as important, but can typically be more challenging to implement. Microsoft Dynamics CRM uses a concept called filtered database views to provide consistency for the security model. Framework metadata creates and maintains filtered views for each built-in and custom entity defined in the data model. Filtered views incorporate security roles, business unit design and record ownership to enforce access control. You control the reports using the framework security model to determine who can see, run and modify each report.

Social media

Emerging social technologies provide people-centric experiences that can fundamentally impact how people and organizations communicate and collaborate both internally and externally. Social networks such as Twitter and Facebook provide a micro-blogging UX to post information, ask questions and find expertise. About 82 percent of the Facebook users in the 18-to-24 age group check Facebook more than once a day. Content is distributed in many social networks such as Twitter, Facebook and YouTube. It doesn’t follow any set standard.

Social intelligence, based on data patterns and streams, enhances customer service and decision-making. Micro-blogging in Dynamics CRM encompasses activity feeds, status updates and notifications regarding business events and actions. Business activity feeds deliver configurable real-time notifications regarding important relationships and business events.

Social media enables continuous engagement, which is often the end goal of social outreach and collaboration. It provides social sites and other forums such as blogs to share experiences and interests. Social media engages stakeholders in an ongoing dialog to solicit suggestions and address issues. Specific social media strategies will continue to evolve over time.

By itself, SharePoint won’t address the complexity inherent in developing digital outreach tactics. However, it will enable a cost-effective platform to implement social outreach strategies as they evolve. SharePoint has social media connectors, as well as predefined components from which you can launch social sites, wikis and blogs.

Interoperability

The success of any program or initiative depends on the reliability and speed at which you can analyze data from multiple systems and subsequently identify potential risks. Solutions need to be centered on a service-oriented architecture, Web services and an enterprise service bus to quickly and reliably pull together relevant information.

Dynamics CRM is designed to work seamlessly with these and other systems. It natively integrates with any application that can expose and consume Web services. It provides a dynamic Web service interface for applications to access and manipulate data, as well as interact with other framework services. The Web services are interoperable with non-Microsoft platforms.

Dynamics CRM also has out-of-the-box integration with Outlook, which lets you exchange Outlook e-mail, contact, appointment and task objects. You can automatically incorporate CRM content into Microsoft Word documents. Dynamics CRM includes integration with SharePoint, so your users can store unstructured content in a SharePoint workspace. The SharePoint information will appear within the CRM data form. Dynamics CRM lets you add iframes to a CRM form to integrate Web-based applications in-line and use scripting to pass data via URL strings.

Hybrid cloud

You can use Windows Azure to develop new applications or services in the cloud that don’t depend on a specific platform and are widely available. Windows Azure also delivers cloud-based application development tools for testing, deploying, hosting and maintaining applications. The architecture comes with concurrency management, scalability, failover and security. Its open architecture supports integration with legacy applications and interoperability with other systems.

The Windows Azure platform can provide Infrastructure as a Service or on-demand compute and storage to host, scale, build and manage applications. On-demand storage and compute provisioning helps optimize infrastructure costs during non-peak usage.

You can also use this platform to provide different levels of data security. There are numerous security considerations such as location, access and what other data resides in the same environment. Because data security requirements differ, one way to optimize costs while managing security is to operate applications on a hybrid cloud infrastructure consisting of public cloud, government cloud, and private cloud or on-premises infrastructure.

You could host some solution components on a public cloud while having your data reside on the government community cloud and private cloud. By distributing data and solution components across public, government and private cloud, you can optimize storage and compute costs. Solution components hosted in the government cloud have fewer users and a lower infrastructure cost. The government cloud will optimize those costs to a lesser extent compared to the public cloud.

Applying the same logic, you could explore an on-premises or private cloud infrastructure for components and data with the highest security requirement. Because of the smaller user base, these functions have the lowest infrastructure cost to begin with and are appropriate for a private cloud-hosting model.

Any cloud solution should come with enterprise-level tools, such as the ability to designate files as confidential or encrypt messages to avoid add-ons that increase complexity and cost. Solutions built or originated as consumer cloud solutions often lack enterprise-level tools that are standard in government cloud solutions.

Many cloud offerings don’t effectively manage data integrity as data moves between on-premises and the cloud data repository. For example, documents should maintain a consistent format and all key features, such as watermarks. All data retention, management and archival regulations must be followed in the public or government cloud as if those cloud environments are on-premises.

A solution that enables real-time collaboration between officials and customers will result in a responsive program, leading to a rich and impactful ongoing customer relationship. Reliable and robust information exchange with other departments and agencies, combined with actionable analytics that draw insight from contextual data, will increase mission reliability.

Read More

Microsoft Exchange Server 2010: High availability strategies

The strategies Microsoft offers for creating highly available Microsoft Exchange mailboxes have evolved over the years.

Jaap Wesselius

Ever since Exchange Server 5.5, Microsoft has offered Windows Clustering as an option for creating a highly available Exchange mailbox environment. There are two server nodes available in a typical shared-storage cluster environment. Both are running Exchange Server and both servers are connected to a shared storage solution.

In the early days, this shared storage was built on a shared SCSI bus. Later on, it typically used storage-area networks (SANs) with a Fibre Channel or iSCSI network connection. The important part was the shared storage where the Exchange Server databases were located.

Only one server node is the “owner” of this shared data. This node provides the client services. It’s also known as the active node. The other node isn’t able to access this data, and is therefore the passive node. A private network between the two server nodes is used for intra-cluster communications, such as a heartbeat signal. This lets both nodes determine the cluster state and ensure the other nodes are still alive.

Besides the two nodes, it creates an “Exchange Virtual Server” as a cluster resource. This has nothing to do with virtual machines. This is the resource to which Outlook clients connect in order to access their mailboxes. When the active node fails, the passive node takes over the Exchange Virtual Server, which then continues to run. Although users will notice a short downtime during the failover, it’s an otherwise seamless experience. No action is required from the user.

Although this solution offers redundancy, there’s still a single point of failure—the shared database of the Exchange server. In a typical environment, this database is stored on a SAN. By its very nature, a SAN is a highly available environment. When something does happen to the database, though, such as a logical failure, the database is unavailable for both nodes. This results in total unavailability.

Exchange database replication

With Exchange Server 2007, Microsoft offered a new solution for creating highly available Exchange environments: database replication. Database replication creates a copy of a database, resulting in database redundancy. This technology was available in three flavors:

• Local Continuous Replication (LCR): This approach creates a copy of the database on the same server.
• Cluster Continuous Replication (CCR): This creates a copy of the database on another node in a Windows failover cluster (there can only be two nodes in a CCR cluster).
• Standby Continuous Replication (SCR): This came with Exchange Server 2007 SP1. It creates a copy of a database on any other Exchange Server (not necessarily in the cluster). This isn’t meant for high availability (HA); it’s more for disaster recovery.

This is how database replication works in a CCR clustered environment. Exchange Server 2007 is installed on a Windows Server 2003 or Windows Server 2008 failover cluster. There’s no shared storage in use within the cluster. Each node has its own storage. This can be either on a SAN (Fibre Channel or iSCSI) or direct-attached storage (DAS)—local physical disks.

The active node in the cluster services client requests, and Exchange Server uses the standard database technology with a database, log files and a checkpoint file. When Exchange Server is finished with a log file, it’s immediately sent to the cluster’s passive node. This can either be via a normal network connection or via a dedicated replication network.

The passive node receives the log file and checks it for errors. If it finds none, the data in the log file is relayed to the passive copy of the database. This is an asynchronous process, meaning the passive copy is always a couple of log files behind the active copy, so information is “missing” in the passive copy.

In this environment, all messages—even internal messages—are sent via a Hub Transport server. The Hub Transport server keeps track of these messages in a CCR environment. It can therefore send missing information (that the passive node actually requests) to the passive copy of the cluster in case of a cluster failover. This is called the “Transport Dumpster” in a Hub Transport server.

This kind of replication works very well. CCR replication is quite reliable, but there are a couple of potential drawbacks:

• An Exchange Server 2007 CCR environment runs on Windows Server 2003 or Windows Server 2008 clustering. For many, this adds too much complexity to the environment.
• Windows Server 2003 clustering in a multi-subnet environment is nearly impossible, although this has improved (but still isn’t perfect) in Windows Server 2008 failover clustering.
• Site resilience isn’t seamless.
• CCR clustering is only possible in a two-node environment.
• All three kinds of replication (LCR, CCR and SCR) are managed differently.

To overcome these issues, Microsoft dramatically improved the replication technology. It also reduced the administrative overhead. It achieved this by completely hiding the cluster components behind the implementation of Exchange Server 2010. The cluster components are still there, but the administration is done entirely with the Exchange Management Console (EMC) or the Exchange Management Shell (EMS).

DAG continuous replication

In Exchange Server 2010, Microsoft introduced the concept of a database availability group (DAG). This is a logical unit of Exchange Server 2010 Mailbox Servers. All Mailbox Servers within a DAG can replicate databases to each other. A single DAG can hold up to 16 Mailbox Servers and up to 16 copies of a database.

The idea of multiple database copies in one Exchange organization is called Exchange Mobility. There is one database on multiple servers, each instance of which is 100 percent identical and thus has the same GUID.

With a DAG in place, clients connect to an active database. This is the database where all data was stored initially. New SMTP messages, either from outside or inside the organization, are stored in this database first.

When the Exchange Server has finished processing information in the database’s log file, it replicates the file to other servers. You can assign the servers that receive a copy of the database. The log file is inspected upon receipt and if everything is all right, the information in the log file is dropped into the local copy of the database.

In Exchange Server 2010, all clients connect to the Client Access Server, including all Messaging Application Programming Interface, or MAPI, clients such as Microsoft Outlook. Supported Outlook clients in Exchange Server 2010 include Outlook 2003, Outlook 2007 and Outlook 2010.

So the Outlook client connects to the Client Access Server, which then connects to the mailbox in the active copy of the database. Unfortunately, this is only true for mailbox databases. When an Outlook client needs to access a public folder database, the client still accesses the mailbox server directly.

When the active copy of a database or its server fails, one of the passive copies of the database becomes active. You can configure the failover order during the database copy configuration process. The Client Access Server automatically notices the failover and starts using the new active database. Because the Outlook client is connected to the Client Access Server and not directly to the database, a database failover is fully transparent. Messages such as, “The connection to the server was lost,” and, “The connection to the server is restored,” simply don’t appear anymore.

When building a highly available mailbox server environment in a DAG, there’s no need to build a failover cluster in advance. You can add additional mailbox servers to the DAG on the fly. However, for the DAG to function properly, you’re still using some failover clustering components. These are installed during the DAG configuration. You do all DAG and database copy management via the EMC or the EMS. You no longer have to use the Windows Cluster Manager.

The DAG with database copies is the only HA technology Exchange Server 2010 uses. Older technologies such as SCR, CCR and SCR are no longer available. The traditional single-copy cluster with shared storage is no longer supported, either.

Configuring a DAG is no longer limited to a server holding just the mailbox server role. It’s possible to create a two-server situation with the Hub Transport, Client Access and Mailbox Server roles on both servers, and then create a DAG and configure database copies.

However, it isn’t an HA configuration for the Client Access or Hub Transport servers unless you’ve put load balancers in front of them. You can’t use the default Windows Network Load Balancing in combination with the failover clustering components. Nevertheless, this is a great improvement for smaller deployments of Exchange Server 2010 where HA is still required.

Jaap Wesselius is the founder of DM Consultants, a company with a strong focus on messaging and collaboration solutions. After working at Microsoft for eight years, Wesselius decided to commit more of his time to the Exchange community in the Netherlands, resulting in an Exchange Server MVP award in 2007. He’s also a regular contributor at the Dutch Unified Communications User Group and a regular author for Simple-Talk.

Read More

The Real Saina Nehwal has emerged

Former India badminton player Sanjay Sharma raises a toast to Saina after Denmark Open triumph

Saina Nehwal is only 22! But, she has broken enough records in Indian sport to be called a living legend. On a typical cold Sunday evening in Copenhagen, Saina cat-walked her way to yet another honour. She became the only Indian after Prakash Padukone (in 1980) to win a Danish Open Superseries title. And that too, without dropping a single game in the tournament.

Her 21-17, 21-8 victory in the final over Juliane Schenk of Germany was as emphatic as it was cruelly one-sided. An elated Pullela Gopichand, who has coached and nurtured Saina since she was 13, said after the final: “Saina was sharp, exceedingly efficient and explosive when it mattered. This was a drubbing and she was comfortable almost throughout, especially in the second game which was one-sided.”

Saina Nehwal poses with the Denmark Open Superseries trophy in
Copenhagen yesterday. Pic/AFP

This is her sixth Superseries title — a premier event in the sport — and like the Indonesian Open earlier in the year, this one too has cemented her place among the legends of world badminton. The Denmark Open was a huge field with three of the top-most Chinese stars competing.

The star-studded line-up included World No 1 and London Olympics silver medallist Wang Yihan, whom Saina had never beaten in their last six clashes. The heart-wrenching losses included a one-sided win for Wang in the semi-finals at London.

In Copenhagen though, Saina was in a different zone. The Hyderabadi hammered Wang 21-12, 12-7 in the semis before the lanky Chinese retired. The final frontier was thus conquered, and the fabled Chinese wall was demolished.

Saina has well and truly arrived! There is no one among the top players who she has not defeated. All the best names of her generation have now bitten the dust.

“It is all due to her work ethic. She is a glutton for hard work. She never says no for any sort of training schedule. And what is most mind-boggling for me, is that I can feel that her best is yet to come.

“Saina is just 22, still learning a few things. But what is important is that the more she wins, the more she wants to learn,” said Gopi.

I never expected to win here: Saina

Olympic bronze-medallist Saina Nehwal was not expecting to win the Denmark Open due to a slight niggle in her right knee. But she battled through the pain to triumph here and that to without dropping a set.

The 22-year-old defeated sixth seed German Juliane Schenk 21-17 21-8 in 35 minutes. Saina, who had beaten World No 1 Yihan Wang in the semi-finals, said: "I never expected to win this tournament. There were a lot of things which I did after Olympics which made me fresh but every tournament is tough. My right knee was not really in perfect shape but I thank god for giving me the energy to win the title.” 

Read More

Asia's biggest Apple store opens in Beijing

Apple's largest store in Asia opened in Beijing Saturday.

The store, located in the city's commercial street of Wangfujing, is Apple Inc.'s third in Beijing, reported Xinhua.

John Browett, Apple's senior vice president of retail, had previously said that the new store is the company's largest store in Asia, with an area of 2,300 square meters and more than 300 employees.

A full range of accessories for Apple products is available in the store, according to Browett.

Hundreds of Apple fans waited in line before the store opened at 9 a.m.

"We will bite the 'Apple'," said one customer.

Apple currently has 390 retail stores around the world, and the company is stepping up its efforts to expand its presence in China.

Browett said a store in the south China city of Shenzhen is also about to open and there will be more stores across China in the future.

Read More

Eight days with Microsoft Windows 8

(According to Microsoft,…)

Windows 8 is coming on October 26. But it is not just any other update to Windows, the most widely used operating system (OS) in the world. According to Microsoft, Windows 8 is re-imagining of the 25-years-old OS.

Windows 8 is publicly available as a Release Preview. I downloaded the 64-bit version, installed it onto a laptop and used it to see what sort of changes it brings for the end users. There are interesting and significant ways in which this Windows is different from its predecessors. All of them affect the way people use computers. Some in a good way and some in bad. Dive in to know how Windows 8 fared on my laptop...

Read More

Facebook offering Rs. 50 talk time to new signups via mobile

Facebook India is currently running a promotion in the country, under which every new signup from social network's mobile website will get Rs. 50 talk-time. The social giant is also offering the same talk time if anyone signs up via your referral.

The promotion, which seems to have gone live around ten days ago, does not seem like a potent strategy and will only add to more fake profiles on the social network.

On one hand, the company seems to be worried about fake profiles and had recently reported the number to be as high as 83 million and on the other hand, it is launching offers which are likely to bring in more fake users rather than genuine ones.

New users will have to go to this link to signup and get the free talk time, which will be credited to their account in three days, notes Facebook on the signup page. The free talk time offer is not valid for existing users.

New users don't even need email address to register a new account, and will only need a mobile number that is not already associated with any other Facebook account.

Though details aren't available, Facebook would have likely tied up with a recharge service to provide the talk time to new users.

The social giant had recently crossed 1 billion monthly active users mark and is now focussing on developing countries like Brazil, India, and Mexico to get more users, as it struggles to get viable revenue sources in post-IPO era.

Read More

Apple sends invite for 'iPad mini launch'

The invite, sent to reporters Tuesday, doesn't hint at what will be revealed, beyond saying that "We've got a little more to show you." The event will be held in San Jose, California.

NEW YORK: Apple has sent out invites for an event next Tuesday, where it's expected to announce the release of a smaller iPad. 

The invite, sent to reporters Tuesday, doesn't hint at what will be revealed, beyond saying that "We've got a little more to show you." The event will be held in San Jose, California. 

Media and analysts have said for months that Apple has an " iPad mini" in the works. The tablet is thought to be about half the size of the regular iPad and to start at $249 or $299. The regular iPad starts at $499 for the most recent models. 

Apple founder Steve Jobs derided the idea of a smaller tablet two years ago, but Amazon.comhas had some success with its Kindle Fire, which is about half the size of the iPad and starts at $159. Analysts believe Apple wants to tackle that competition with its own similarly sized tablet. 

Reports suggest that the smaller iPad would have a screen that's 7.8 inches on the diagonal, a bit more than the Kindle Fire or Google's Nexus, with their 7-inch screens. The full-size iPad has a 9.7-inch screen, giving it about twice the display area as the 7-inch units. 

Apple typically starts selling a new phone or iPad a week or two after announcing it. But it could treat the new iPad as a minor product update, in which case it could start selling it right after the announcement. 

Apple shares rose $14.02, or 2.2 per cent, to $648.78 in midday trading Tuesday. The shares are off their all-time high of $705.07, hit September 21 when the iPhone 5 went on sale in stores.

- Kirshna Kishore

Read More