SQL Server 2008 Beta Man Gets Caught up in Live Mesh Project8 7/3/08 12:42 PM Page 1

Project8 2/13/09 2:34 PM Page 1

Turn over to get a FREE t-shirt

Over 60 awards to its name, 80,000 satisfied customers and unbeatable price-performance

Download and install GFI MailEssentials from the link below and get a FREE t-shirt!

GFI MailEssentials for Exchange/SMTP/Lotus is the No. 1 anti-spam package that is easy to set up, captures over 99% of spam and also removes the need to install and update anti-spam software on each desktop. Eliminate spam from your mail server with the following key features:

Server-based anti-spam and anti-phishing Detects and blocks spam and phishing emails Bayesian filtering Detects over 99% of spam based on statistical message analysis Attachment spam check Detects image, PDF, Excel, ZIP and mp3 spam Email header analysis and keyword checking Blocks spam based on message field info and keywords #1 anti-spam solution Over 60 awards and 80,000 customers And much more!

Voted MSExchange.org Readers Choice Award Winner in the Anti-Spam Category four times, GFI MailEssentials is the No. 1 server anti-spam solution at unbeatable pricing!

Download and try a free trial and get your NETWORKING CONTENT SECURITY FREE t-shirt from www.gfi.com/tshirtforfree/ MESSAGING

tel: +1 888 243 4329 | fax: +1 919 379 3402 | email: [email protected] | url: www.gfi.com/tshirtforfree/ 0309red_Cover.v5 2/9/09 8:18 PM Page 1

Foley: Microsoft Should Keep It Simple

MARCH 2009 REDMONDMAG.COM

WindowsWindows

After Microsoft’s HeavenHeaven Vista troubles, the company seeks redemption with its next operating system. Redmond readers say Windows 7 could be the company’s savior.

Getting the Most out of SQL Server 2008 Beta Man Gets Caught up in Live Mesh Project8 7/3/08 12:42 PM Page 1

Project8 7/3/08 12:44 PM Page 2

%" ) %" "' $ $ ! '"% #$"$ & $ '$ %# ## $ # %$ # " + " # $,* $ " %! $ ## !" $")$ $ $ !$$ %$ %#$") #$ "# " # $, "&", #)#$# " " # $ #! ! $$ # '" "# "% !($)* ' &" $ #$ !" " !" " $ %#$")

$ &"! ! "#$! ! $% "#$ ! %)" &$ $$ % !,# $ #! #(# &%&##$ '#$&$ #!$!% ! !,# $ # $)$% $ ! *&# (% ! % $%!# %$ ""%! $!%(# &$ $$ % )% $!%(# $ %# # ! + #%$ #$#'

$!%(# &$ $$ % )% $!%(# $ %# # ! + #%$ #$#' Project10 2/6/09 2:24 PM Page 1

WELCOME TO A PLACE WHERE ANYTHING IS POSSIBLE.

WHERE IF YOU DREAM IT, YOUR INFRASTRUCTURE BECOMES IT.

FROM DATACENTER TO DESKTOP.

Virtualization Project10 2/6/09 2:25 PM Page 2

YOU DO MORE. YOU SAVE MORE.

THE BARRIERS TO VIRTUALIZATION FALL AWAY.

The end-to-end virtualized infrastructure is now a reality. From servers to desktops to management, it’s all possible with Microsoft’s comprehensive and cost-effective portfolio of virtualization products and solutions. Find out more at microsoft.com/virtualization Project2 1/6/09 1:46 PM Page 1

ALTERNATIVE THINKING ABOUT MANAGING COSTS: Lean price. Mean technology.

Making trade-offs isn’t in your job description, is it? So the challenge is to make the most of your resources, while giving your business the technology to reach its full potential. HP storage and server solutions do just that—erasing the gap between cost and innovation, while delivering reliable ProLiant technology. And with affordable prices, business can thrive; not just survive. Let others try to think outside the box—we’re rethinking what goes on inside it.

Technology for better business outcomes.

HP BladeSystem c3000 Enclosure HP ProLiant DL385 G5p Server HP Ultrium 448 SAS Internal Tape Drive Bundle $3,499 (Save $2,319) $2,929 (Save $1,396) $ $ Lease for just $86/mo. Lease for just $72/mo. 1,249 (Save 249) Smart Buy [PN: 481657-001] Smart Buy [PN: 501542-005] Lease for just $31/mo. Smart Buy [PN: AG735A] • Supports up to 8 server/storage • 2 Quad-Core AMD Opteron™ blade devices in a 6U enclosure 2300 Series Processors with • 400 GB compressed capacity in • 3-year limited warranty AMD Virtualization™ technology half-height form factor • Supports up to 6 large form factor, or • Ships with Data Protector Express Software, HP ProLiant BL495c G5 Server 16 small form factor (with optional drive One-Button Disaster Recovery, and a cage), high-performance SAS hard drives Host Bus Adapter $2,599 • 8 GB memory • Integrated Lights-Out 2 (iLO 2), Systems Lease for just $64/mo. Insight Manager, SmartStart [PN: 505638-B21] • 3-year limited warranty

• Quad-Core AMD Opteron™ 2300 Series Processor with AMD Virtualization™ technology • 4 GB memory; supports up to 128 GB memory

To learn more, call 1-888-685-9645 or visit hp.com/servers/affordable13

Prices shown are HP Direct prices; reseller and retail prices may vary. Prices shown are subject to change and do not include applicable state and local taxes or shipping to recipient’s address. Offers cannot be combined with any other offer or discount and are good while supplies last. All featured offers available in U.S. only. Savings based on HP published list price of configure-to-order equivalent (Enclosure: $5,818 – $2,319 instant savings = SmartBuy price of $3,499; DL Server: $4,325 – $1,396 instant savings = SmartBuy price of $2,929; Tape Drive: $1,498 – $249 instant savings = SmartBuy price of $1,249). Financing available through Hewlett-Packard Financial Services Company (HPFS) to qualified commercial customers in the U.S. and subject to credit approval and execution of standard HPFS documentation. Prices shown are based on a lease of 48 months in terms with a fair market value purchase option at the end of the term. Rates based on an original transaction size between $3,000 and $25,000. Other rates apply for other terms and transaction sizes. Financing available on transactions greater than $3,000 through April 30, 2009. HPFS reserves the right to change or cancel these programs at any time without notice. AMD, the AMD arrow logo, AMD Opteron and combinations thereof, are trademarks of Advanced Micro Devices, Inc. ©2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

I0260_M2979_A_R.indd 1 12/16/08 12:44:50 PM 0309red_TOC5.v5 2/9/09 5:15 PM Page 5

Redmond MARCH 2009 The Independent Voice of the Microsoft IT CommunityContents

COVER STORY REDMOND REPORT 13 Convergence Tackles Tough Times Will Windows 7 Microsoft’s annual Dynamics conference will be all about how companies Be Microsoft’s can benefit from enterprise applications in a Redemption? down economy. Early versions of Windows Vista’s successor could burnish the operating system’s tarnished reputation in the desktop market.

Microsoft Page 28 Business Solutions’ Kirill Tatarinov 15 Beta Man Windows Live Mesh TIPS & TRICKS 17 Professor PowerShell FEATURES PowerShell Reading List 37 Exploiting SQL 17 Pop Quiz Server 2008 Credential Caching (Exam 70-642) Through Code SQL Server 2008 has a 17 Windows Advisor ton of new DBA features, Taking ISA Server into the but if you really want to Danger Zone make this thing go, just 18 Professor PowerShell crank out a little code. Do You Read Me? COLUMNS 8 Barney’s Rubble: Doug Barney A Monopoly Means Never Having to Say You’re Sorry REVIEWS 44 Mr. Roboto: Product Reviews Jeffery Hicks 22 Microsoft’s VMM 2008: 24 Test-Driving PolyMonRT Does It Pass the ‘Good VMware’s ThinApp 46 Security Advisor: Enough’ Test? The Application Sync and Joern Wettern Redmond’s virtualization management Application Link features, The Little Things tool doesn’t have all the bells and combined with an easy-to- follow interface, make ThinApp 48 Foley on Microsoft: whistles that VMware’s vCenter has. Mary Jo Foley But it doesn’t have the same hefty a winner for both VMware Getting Touchy price tag, either. and its customers. About Touch

ALSO IN THIS ISSUE 6 Redmondmag.com | 10 [email protected] | 47 Ad and Editorial Indexes

COVER ILLUSTRATION BY GREG COPELAND 0309red_OnlineTOC6.v4 2/9/09 5:39 PM Page 6

Redmondmag.comMARCH 2009

RCPmag.com Questions with ... Independent Advice for Dustin Snell Dustin Snell, CEO of Microsoft Partners Network Automation Inc., f you’re a Microsoft Partner and you’re not visiting RCPmag.com, you’re missing explains how economic Iout on the best independent site for Microsoft Partners available on the Web. conditions will be RCPmag.com is packed with great news, how-to articles and real-world impacting the role of IT. advice for Microsoft partners, including: FindIT code: RadioAuto • Breaking news on issues of importance to Microsoft partners • In-depth features covering the latest on partner opportunities and challenges Saving money is a Dustin Snell • Expert advice on marketing, sales and improving your relationship top priority. How do with Microsoft automation tools help? • Perspective on all things partner-related One way is by freeing up IT from Pop on over to RCPmag.com now—and don’t forget to apply for a free writing and maintaining custom code subscription to Redmond Channel Partner magazine. FindIT code: RCPSub for things like starting and stopping servers, provisioning servers, etc. TechMentorEvents.com Won’t that mean fewer IT jobs? We don’t encourage replacing workers TechMentor Orlando with software. Automation enables IT Coming in June! pros to focus on what human beings do in a business—things that require on’t miss our upcoming TechMentor Orlando conference, being held creativity and intelligence. DJune 22 to June 26. It’s your chance to get hands-on training from IT experts—including your favorite Redmond authors—on all the new technologies The economy is forcing cuts, but it being released. Plus, you can catch up on tools and techniques you might seems IT personnel are being have missed, network with your peers, meet the editors of Redmond and retained. Insights? much more. The role of IT has changed quite a Because TechMentor is vendor-agnostic, you can be sure that everything bit. It’s no longer, ‘fix my computer,’ you’ll learn is steeped in real-world advice. And there’s no better way to get or ‘install my software.’ Now, IT is deep down into topics like virtualization, security, Windows Server 2008 and helping businesses achieve key goals more—all in one location. and restructuring the way things are Get all the details and register online! FindIT code: TechMentor done for greater efficiency. REDMONDMAG.COM RESOURCES What Are FindIT Codes? Resources Enter FindIT Code Throughout Redmond, you’ll >> Daily News News discover some stories contain >> E-Mail Newsletters Newsletters FindIT codes. Key in those codes >> Free PDFs and Webcasts TechLibrary at Redmondmag.com to quickly >> Subscribe/Renew Subscribe access expanded content for the >> Your Turn Editor Queries YourTurn articles containing those codes.

Redmondmag.com • RCPmag.com • RedDevNews.com • VisualStudioMagazine.com • VirtualizationReview.com MCPmag.com • CertCities.com • TCPmag.com • ENTmag.com • RedmondEvents.com • ADTmag.com • ESJ.com

6 | March 2009 | Redmond | Redmondmag.com | Project3 2/9/09 4:46 PM Page 1

-DDCØ@ BKSQRDPDCØEHKD QWQRDºØEMPØWMSP× THPRS@KHX@RHML #MULKM@CØLM BMQRØ2@LAMKHBØDT@KS@RHMLØQMERU@PDØEMPØ QMKSRHML 6HLCMUQØ2DPTDPØØ1ØADR@ØØ UUU Q@LAMKHB BMº Melio FS For Windows Server 2008

• Sanbolic software extends Dynamic IT to the storage layer, simplifying application data management and facilitating flexible application migration or scale-out. Virtual machines have shared access to application data on the SAN and maintain storage access when migrated.

• Sanbolic software provides a single platform to centrally manage application data on any SAN storage for Windows servers running on physical servers, Hyper-V, VMware ESX, or XenServer

• Sanbolic software simplifies LUN management for Hyper-V 2008 and 2008 R2 - Supports Quick and Live Migration from a single shared LUN

Software to Simplify and Share SAN Storage sanbolic www.sanbolic.com 1 617 833 4249 [email protected] 0309red_Rubble8.v9 2/9/09 6:10 PM Page 8

Barney’sRubble by Doug Barney

RedmondTHE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITY REDMONDMAG.COM MARCH 2009 ■ VOL. 15 ■ NO. 3

Editorial Staff Editor in Chief Doug Barney A Monopoly Means Never Executive Editor, Features Lee Pender Managing Editor Wendy Gonchar Having to Say You’re Sorry Associate Managing Editor Katrina Carrasco Contributing Editors Mary Jo Foley Jeffery Hicks Peter Varhol covered Microsoft before it was a true monopoly Joern Wettern Art Staff power—just an unrelenting and inexorable force. And Art Director Brad Zerbel Senior Graphic Designer Alan Tao

as I got older and weaker, their market share got bigger Online/Digital Media I Editor, Redmondmag.com Becky Nagel and stronger. Executive Editor, New Media Michael Domingo Online News Editor Kurt Mackie Associate Editor, Web Gladys Rama Lest anyone fool you, Microsoft has a look at the machines, hit a bunch of but- Web Producer Shane Lee nice share of server operating systems, tons, see what really happens. No dice. Director, Web Development Rita Zurcher but Linux (and even Unix) also nab their The nearest retailer is an hour away, and fair portion. On the Web, Microsoft is I don’t live in no dang sticks (we may just one of many—Google, AOL, Yahoo! have cows, but we also have Walmart!). President Henry Allain Vice President, Publishing Matt N. Morollo all steal a chunk of the action. For anything but Vista, you have to go Vice President, Editorial Director Doug Barney What Microsoft does control makes it out of your way. For a Mac you drive Director, Marketing Michele Imgrund the envy of red-blooded capitalists 50 miles and talk to a pretentious Mac Online Marketing Director Tracy S. Cook everywhere. It has a monopoly on genius with silly facial hair and piercings. browsers (one that admittedly is For Unix you install it yourself, President & Neal Vitale declining fast), and a tight grip usually on a machine that Chief Executive Officer on office suites. already came with Windows Senior Vice President & Richard Vitale Chief Financial Officer The Microsoft (for which you paid). And Executive Vice President Michael J. Valenti choke on clients is to get Windows XP, you President, Events Dick Blouin

as tight as a Chief have to yell at the Vice President, Finance & Christopher M. Coates Jay Strongbow sleeper retailer or OEM to Administration Vice President, Digital Media, Abraham M. Langer hold. Some of you may give you the OS Audience Marketing Vice President, Information Erik A. Lindgren scoff, pointing to your that, while old, works darn well. Technology & Web Operations Ubuntu desktop, or take a Now this is the weird part. Vista Vice President, Digital Media, Doug Mashkuri Advertising break from your pinot noir is not a great operating system. Vice President, Carmel McDonagh and warm brie to tell me about Yeah, some of you love it, but most Attendee Marketing your MacBook Air. All that is well Redmond readers who write me want Chairman of the Board Jeffrey S. Klein and good. But you are the minority, to throw Vista out the window. The the computing elite, and have the sheer power of the Microsoft grip on Reaching the Staff Staff may be reached via e-mail, telephone, fax, or mail. bravado and blog postings to prove it! OEMs, retailers and the channel means A list of editors and contact information is also available If these options are so good, and if that Vista is still pretty much the only online at Redmondmag.com. E-mail: To e-mail any member of the staff, please use the there is real client competition, explain choice—even if no one wants it. And following form: [email protected] Framingham Office (weekdays, 9:00 a.m. – 5:00 p.m. ET) to me how on earth Windows Vista that tells me that Windows will domi- Telephone 508-875-6644; Fax 508-875-6633 could be the only installed OS I see in nate for years to come. Vista problems 600 Worcester Road, Suite 204, Framingham, MA 01702 Irvine Office (weekdays, 9:00 a.m. – 5:00 p.m. PT) retailers? Linux desktop distros are don’t actually hurt Microsoft or help its Telephone 949-265-1520; Fax 949-265-1528 almost there, and Apple’s Leopard is OS competitors one bit! 16261 Laguna Canyon Road, Suite 130, Irvine, CA 92618 Corporate Office (weekdays, 8:30 a.m. – 5:30 p.m. PT) undeniably sweet. So why can’t you The good news is that Windows 7 Telephone 818-734-1520; Fax 818-734-1528 walk down to the local big-box store appears to be very good, and may well 9121 Oakdale Avenue, Suite 101, Chatsworth, CA 91311 The opinions expressed within the articles and other contents and get either of these offerings? ’Cuz earn Microsoft back the right to hold herein do not necessarily express those of the publisher. their market share is softer than a onto its monopoly. Vince Vaughn bicep. What do you think it would it take for I thought of all this when my two sons, the Microsoft desktop monopoly to Nick (13) and Dave (15) set out to buy fold? Send your prognostications to me themselves new Macs. I wanted them to at [email protected]. – PHOTO ILLUSTRATION BY ALAN TAO

8 | March 2009 | Redmond | Redmondmag.com | Project1 12/15/08 9:50 AM Page 1 How Much Email Can You Afford To Lose?

RECOVERY ADVANTAGETM

It’s Not Just E-mail, It’s an Asset! Self-Service Recovery of It’s Evidence! Missing / Deleted Exchange Items $)3#/6%2#REATEANDREUSEADVANCEDQUERIESTOSEARCHASINGLEDATA Recovery AdvantageFOR/UTLOOKENABLESEND USERSTOQUICKLYlND SOURCEORACROSSMULTIPLE"ACKUP#OPIESOF%XCHANGE)NFORMATION REVIEW PRINT ANDRECOVERMISSINGDELETEDMESSAGES CONTACTS 3TORESOR,IVE%XCHANGE3ERVERS ASWELLAS034S $ELL%QUAL,OGIC APPOINTMENTS ANDOTHEREMAILITEMSTHAT 3MART#OPIES %-#3NAPSHOTS AND$IGI6AULTDATASETSTOlNDTHE REQUIREDASSETEVIDENCEWITHINEMAILS ATTACHMENTSANDMETA DATA s(AVEBEENPURGEDFROMTHEDeleted Items folder • .OLONGEREXISTONTHELIVE%XCHANGESERVER YETARERECOVERABLE 2%#/6%25SE$IGI3COPESINTUITIVE/UTLOOKINTERFACETORESTOREINFOR- FROMASNAP BACKUPMADEWITHASUPPORTED2ECOVERY!DVANTAGE MATIONVIADRAG DROPTOASPECIlCLOCATIONORSELECT3INGLE4OUCH 3TORAGE0LATFORM SUCHASTHE$ELL%QUAL,OGIC033ERIES RECOVERYTOAUTOMATICALLYRESTOREMAILBOXES FOLDERS ORINDIVIDUALITEMS 3IMPLE%FlCIENT&ORTHEEND USER THEPROCESSISSIMPLE SECURE AND TOORIGINALLOCATIONSWITHINTHELIVE%XCHANGE3ERVER EFlCIENTSINCEITISINTEGRATEDINTO/UTLOOKANDCOMPLETELYSHIELDSTHE USERFROMMULTI STEP CUMBERSOME ANDCONFUSINGPROCESSES %80/243EARCHRESULTSCANBEOPTIONALLYDE DUPLICATEDANDTHEN EXPORTEDTOMULTIPLEFORMATSINCLUDING 8-, -3' AND034SWITH 3AVES4IME)NCREASES0RODUCTIVITY4HISSELF SERVICEAPPLICATION VARIOUSOPTIONSTOSUPPORTDATAMIGRATIONASWELLASFURTHERREview or DECREASESRECOVERYTIMESWHILEINCREASINGPRODUCTIVITYANDEND user LEGALANALYSIS SATISFACTIONWHILEFREEINGUP)4RESOURCES

Continuous Data Production Disaster Prevention & Optimization with SingleTouchTM Recovery for Microsoft Exchange for Microsoft Exchange '/EXCHANGEFOR%XCHANGE3ERVER ANDPROVIDes FASTANDAUTOMATICDISASTERPREVENTIONOPTIMIZATIONFORYOUREMAIL DigiVault ISEASYTOIMPLEMENT DEPLOYSQUICKLY ANDPROTECTSYOUR SYSTEM ENABLINGYOUTOSAVEPRECIOUSTIMEAND)4RESOURCES INVALUABLECORPORATEINFORMATIONXXBYCONTINUOUSLYBACKING UPCHANGESASTHEYOCCURTOASECUREREPOSITORY 0REVENT$ISASTERS-INIMIZEUNPLANNEDDOWNTIMEANDPROACTIVELY PREVENTDISASTERSCAUSEDBYUNSTABLE BLOATED ANDERROR lLLEDDATABASES 3ECURED4RANSMISSIONAND3TORAGE5SE BITENCRYPTIONTOSECURE DATADURINGTRANSMISSIONASWELLASDATA AT RESTWITHINTHEREPOSITORY 2EPAIR0ROBLEMS'/EXCHANGESEXPERTKNOWLEDGEBASECHECKSFORAND CORRECTSDATAERRORSBEFORETHEYBECOMEAPROBLEM #OMPRESSION2EDUCETHETOTALVOLUMEOFDATATRANSFERREDANDSTORED BYUPTO MINIMIZINGNETWORKIMPACTANDINCREASINGSTORAGEef- !CCELERATE0ERFORMANCE$ATABASESARERE INDEXEDANDDEFRAGMENTEDTO lCIENCYFORDATA AT REST PERMANENTLYREMOVEWHITESPACEANDDELETEDITEMS4HEENDRESULt is INCREASEDPERFORMANCEANDSTABILITYWITHACOMPACT EFlCIENTDAtabase 3INGLE4OUCH2ECOVERY2ECOVERYOURDATABASEJUSTPRIORTOTHEFAILURE THATSREDUCEDINSIZEBY ANDUPTOORMOREWHENUSEDIN EVENTANDRESTOREEMAILOPERATIONSINRECORDTIME CONJUNCTIONWITHAN!RCHIVING3OLUTION

® has you covered! TO LEARN MORE Go to: www.lucid8.com/RedCOVERED DOWNLOAD • Demo Versions of All Products • White Papers ATTEND • Flash Based Product Overviews • Live Weekly Product Demos CONTACT US Call: 425 456-8496 E-Mail: [email protected]

#OPYRIGHT,UCID®!LLRIGHTSRESERVED!LLOTHERTRADEMARKSAREPROPERTYOFTHEIRRESPECTIVEOWNERS 0309red_Letters10.v5 2/9/09 4:58 PM Page 10

[email protected]

Crack Down on Piracy There’s more than one side of the pirated software story Doug Barney mentioned in a recent Redmond Report [“Windows 7 Slips Out,” Jan. 5, 2009]. In addition to the loss of revenue that Microsoft experiences, countless unsuspecting consumers end up purchasing software that can’t be supported or even patched.

These pirates are making tons of to assume there’s a financial fine that money, and for every copy of a program these individuals will need to pay, and that’s sold, the impact is the same as if also that they probably didn’t charge they walked into a store and stole it off full price for the software they sold. the shelf. Still, that’s hardly sending a tough functionality. For example, I can’t I’ve long believed that as long as the message to counterfeiters! transfer files via Bluetooth because government continues to merely slap Cynthia Farren Verizon is afraid I might not have to software pirates on the wrist, there will received by e-mail pay for a ringtone I could put on my be no incentive for the behavior to phone. However, being a business stop. Now, knowing that they may face Copy Protection Perils owner, I could care less about ringtones. six-and-a-half years of incarceration I just read Doug Barney’s column Keeping service providers out of the may well deter the next pirate from [“Copy Protection: Aaarrrrrgh,” OS might also provide more stability. embarking on an illegal career. January 2009], and I couldn’t agree 2. Here’s a concept: If you provide a LouAnne Stachowski with him more that copy protection Windows Update feature, perhaps you Maryland hurts the customer. should actually provide some updates. After a recent event, I’m fed up and I’ve never received a Windows Update Frankly, one to six years in prison for angry. Trying to install a three-license any time I tried the feature. piracy seems far too lenient. There’s version of the CA Internet Security 3. Provide more features that I can lost tax revenue to the United States (a Suite put me over the edge. download. For example, I want to be touchy subject right now); lost revenue I installed the suite to combat mal- able to record my phone calls on my to the reseller channel, which in turn ware on my children’s computer. The mobile device without any other trickles down to the individual level; CA package only operates in disabled equipment. Many other models have and time lost by companies and indi- mode until license registration and this functionality, but mine doesn’t. viduals who were gullible enough to validation online—so it was too bad Perhaps the idea of a Microsoft purchase the counterfeit software— for me that the offending malware phone isn’t a bad one; this would assuming they even know they’re disabled my Internet connection! definitely make sure all of the features running illegal software, as many Name Withheld by Request were consistent. counterfeit versions are hard to detect. Oklahoma Andrew D. Ramsey Of course there’s also the lost revenue Reynoldsburg, Ohio to Microsoft, which—much like the Mobile Flaws and Fixes reseller channel—trickles down to the After reading Mary Jo Foley’s Foley on individual consumer. Microsoft column on Windows Mobile For all of this, 11 people get short [“5 Ways Redmond Can Fix Its Mobile Whaddya Think prison terms? Mess,” January 2009], I have a few Send your rants and raves to While admittedly I don’t know the comments. (I have an HTC 6800 from [email protected].?! full details of the case, $2 billion lost Verizon—a horrible combination, I Please include your first and and 11 individuals serving up to six- might add.) last name, city and state. If we use it, you’ll be entered into a and-a-half years is about $30 million 1. Do not allow the service providers drawing for a Redmond T-shirt! per individual per year served. I have to alter the Windows operating system

10 | March 2009 | Redmond | Redmondmag.com | PHOTO ILLUSTRATION BY ALAN TAO Project1 1/6/09 2:45 PM Page 1

/D/G/1/<16/<53B63E/G G=C@B316<=:=5G3D=:D3A

7¸[BW[2W`SQb]`]T7B7QO\¸bOTT]`Rb]`WÔ\R `S^ZOQS[gQc``S\bW\TÒab`cQbc`S/\ReWbV /dOgOC\W¿SR1][[c\WQObW]\aa]TbeO`S 7R]\¸bVOdSb]7bW\bSUÒbSaeWbV[gRSaYb]^ S\dW`]\[S\bO\Rac^^]`ba;WQ`]a]Tb O^^ZWQObW]\aéVWQVVSZâ[S[OfW[WhS[g Qc``S\bW\dSab[S\baO\RabOg]\PcRUSb ASSV]eOb/D/G/1=;16/<53

:SO`\OP]cb/dOgOO\R;WQ`]a]TbPcaW\Saa Q][[c\WQObW]\aa]ZcbW]\aOb/D/G/1=;;71@=A=4B

AVAYA AVAYA AVAYA AVAYA AVAYA AVAYA AVA

YA AV

AY Project2 1/6/09 9:58 AM Page 1 0309red_RedReport13-16.v5 2/9/09 6:32 PM Page 13

RedmondReport

Convergence Tackles Tough Times Microsoft’s annual Dynamics conference will be all about how companies can benefit from enterprise applications in a down economy.

By Lee Pender Building on Project Green onventional wisdom says that The year 2008 was a busy one for now is not the best time to try Microsoft’s Dynamics business. The Cto sell enterprise applications company launched a new version of to small and midsize businesses, but AX, AX 2009, in June, and released Kirill Tatarinov isn’t interested in NAV 2009 in December (see “ERP, conventional wisdom. Easy as NAV,” December 2008). It also Tatarinov—corporate vice president of introduced feature packs for the other Microsoft Business Solutions (MBS) two suites, GP and SL. and effectively head of Microsoft’s Past editions of Convergence have Dynamics enterprise resource planning focused heavily on Project Green, a (ERP) and customer relationship man- major Microsoft research project agement product lines—will take his involving its ERP and CRM products. message to companies at this month’s Project Green was once best known as Convergence conference. The message? the effort that would eventually merge Kirill Now is the time to invest in Dynamics. Tatarinov Microsoft’s four ERP suites into one It’s a mantra that an expected 9,000 mega-suite—but Microsoft scrapped attendees will likely hear repeated place in the last investment cycle nine that plan, more or less killing it at often at Convergence, Microsoft’s or 10 years ago.” Convergence in 2007. Dynamics-focused show, which will Some customers, however, still take place March 10-13 in New Profiting from Dynamics express confusion about Microsoft’s Orleans. But it’s also a mantra that will This year’s Convergence may be light on four-suite strategy. But according to likely be easier repeated than executed new-product announcements, but it will Tatarinov, no one should be confused in IT departments as budgets are be all about telling tales of customers anymore: “I would say if you hear any reduced and projects get shelved in a reaping benefits from Dynamics CRM, confusion, please send them to me,” he shrinking economy. as well as from the four Dynamics says. “Right now there shouldn’t be any Still, Tatarinov and his band of ERP lines: AX, NAV, SL and GP. confusion in the marketplace at all.” Dynamics evangelists hope to demon- “This year, the event becomes even And he reiterates that Project Green strate at Convergence that down times more unique because of the economic was about more than just potentially are the best times to invest in technology conditions and because we’re going to merging ERP suites. It yielded results that, once implemented, is designed to focus on articulating to our partners that have found their way into some of cut costs and increase efficiency. He’s and customers how they can endure the Dynamics products. hoping that companies will start taking and prevail,” Tatarinov explains.“We’ll “Project Green was a massive invest- stock of the ERP systems they have be talking about specific examples. ment and massive research project in in-house and looking to improve them. We’ll be bringing up customer exam- many different areas,” Tatarinov says. “[IT] budgets are certainly tight,” ples, methodologies and technologies.” “The role-tailored experience—that Tatarinov allows.“However, what And they’ll be touting what Microsoft innovation came from Project Green. we’re seeing here are two different considers its differentiators with What we found in talking to our partners vectors of approach. You have a sub- Dynamics—factors the company says and customers is [they] really don’t want stantive number of customers who are make the ERP and CRM lines different that revolution; they want evolution. We using legacy technology, technology from offerings from competitors like SAP are 100 percent committed to all four of they may have procured 10 to 15 years AG and Oracle Corp. Those messages our products in our portfolio.” — ago. We do see examples of customers will mostly be about the “role-tailored” that are looking at replacing old ERP nature of Dynamics apps, as well as ease Lee Pender ([email protected]) is systems that they may have put in of use, speed and ease of implementation. executive editor of Redmond magazine.

| Redmondmag.com | Redmond | March 2009 | 13 Project2 2/5/09 10:28 AM Page 1 0309red_RedReport13-16.v5 2/9/09 6:32 PM Page 15

BetaMan RedmondReport

Windows Live Mesh Live Mesh is useful today, but it may be By Peter Varhol a blockbuster in the future.

icrosoft announced Live Mesh with a flourish more Mthan a year ago, and not much has been heard from it since. Today, Live Mesh remains in beta, available for use by individuals interested in exploring its capabilities and developing applications and services around it. For those who take that time, they will find it a model that’s worth exploring and eventually using in the enterprise. In one sense, Live Mesh represents a compelling vision of working in the cloud from the context of the traditional The Live Desktop enables users to view all of their devices, add new devices and Windows PC. It enables individual users access individual devices on the Mesh. to connect PCs and other devices to a “mesh” in the cloud, which provides the PC on the Web, where you can see all Easy, Though Not Intuitive ability to access devices, exchange files your synchronized folders in one place. Live Mesh isn’t perfect, of course. It’s and run applications from other systems You can store up to 5GB of files in one Microsoft’s first foray into working in that are part of the Mesh. or more live folders, then open, edit, the cloud, and the company lacks the But that vision isn’t yet fully realized. save and share them from any computer pedigree and perhaps the imagination Part of the problem, of course, is it’s still or mobile smartphone that’s connected to do so with any panache. Despite a beta software, with fewer features than it to the Internet. focus on the desktop, Live Mesh pro- needs in order to be compelling to most In addition to setting up folders for vides an interesting model of device users. But more importantly, it needs the your own use, you can also share folders access, sharing and collaboration ability to add many more devices than with others. You can create additional based on devices connecting through Windows-based PCs and the latest Mac folders for sharing, and the data in those the Internet. OS systems to fulfill the promise of a folders will be shared only with those You have to use your Windows Live real mesh of computing systems. you invite to share. You do this in the ID to log in. Don’t have a Windows Invite Members dialog box, where you Live ID? No worries—all you have to Live Mesh and type the e-mail addresses of the people do is sign up, and it’s free. It prompts Live Desktop you’d like to invite to share the folder, you for the log-in upon booting your The Live Mesh client installs from the and Live Mesh will send an e-mail. desktop system, or you can choose to Live Mesh Web site (www.mesh.com) Those individuals are required to have it log you in automatically. If you on each system joining a Mesh, usually have a Windows Live ID and be part of prefer to do it manually, as I do, it within a few minutes and without diffi- the Live Mesh program. Once they requires that you log in to Live Mesh culty. Once the software is installed, sign in to Live Mesh and accept the first upon system startup, and then log that system will show up on your Live invitation, they can access the folder on in separately with the same ID to the Mesh display on the Web site, along their Live Desktop and start synchro- desktop. You have to wonder if with other computers you’ve added. nizing it with computers in their Mesh. Microsoft isn’t pushing its Windows The Live Mesh site display includes a Alternatively, they can view documents Live ID as a universal ID, yet the two feature called Live Desktop. The Live and images entirely within your Live log-ins seem like they still aren’t very Desktop can be thought of as a Windows Mesh folder. well coordinated.

| Redmondmag.com | Redmond | March 2009 | 15 0309red_RedReport13-16.v5 2/9/09 6:32 PM Page 16

RedmondReport

With Live Mesh Remote Desktop, The software download also supplies that people don’t dismiss it entirely. In you can connect to a remote computer Mac support, but the Mac client fact, when you can add a variety of and use it as if you’re sitting right in requires Mac OS 10.5.1 or later to other personal and group devices, Live front of it. I tested this by adding two install the Live Mesh software. Today, Mesh will likely become an essential computers to my Mesh, and using one other than smartphones, no additional part of working. to access and run Microsoft Office on devices are supported, although one Second, and more practical and the other computer. The response, as can imagine the day when you’ll be immediate, you can automatically syn- you might imagine, was not fast but able to synchronize your MP3 player, chronize data between computers in merely adequate for many simple tasks. GPS unit and similar devices, making it your Mesh. Even if your Mesh consists After all, the communication channel much more useful. of only a set of Windows computers, wasn’t just going across my network, the ability to see and control them but off into the Live Mesh. Combining Old and New from a central location on the Internet In fact, I typically have about five In the past, we’ve been able to do some has some value. In the case of my computers on my network, so I kept of the things that Live Mesh does in network, I can use it to easily commu- adding computers to see just how flexible different ways. Remote control soft- nicate among different systems and the Mesh is. I was able to add four of ware, or Windows Remote Desktop transfer files. I often travel while I the five (my server was a Windows Protocol (RDP), has enabled us to work, and can use Live Mesh to store a 2003 system and not supported), connect with another computer, take pretty hefty number of work files that I upload files from one system into a control of that computer and run can move among my different systems. work folder, and share them on the applications remotely. It’s even possible In the enterprise, you can use Live Live Desktop among those computers. to transfer files between the two com- Mesh to provide instant storage and You can also easily take files from those puters using this approach. collaboration and storage space for ad hoc workgroups. If several people must work together on a single project, it makes sense to create an individual Mesh and then have other members of the group join it and share one or more folders. So Live Mesh is somewhat useful during its beta phase, in that it enables viewing of other computers in the Mesh, as well as file transfer and remote control. Furthermore, with the application of the Mesh across multiple By creating a new folder, users can upload files to share with others they invite to systems, it’s not strictly one-to-one, but join their Mesh. can be applied to multiple computers and even across workgroups. folders and download them onto indi- Of course, we’ve also been able to Both enterprises and individuals vidual systems on the Mesh. store files in the cloud, at a location on should be looking at Live Mesh today, All Meshes are individual and private. the Internet, for access by ourselves or even if it doesn’t serve their immediate To add a new device to your Mesh,you’ll trusted colleagues. Vendors have long needs. For enterprises, it looks like it need to download and install the Live since rented out, and even given out, could become a collaboration tool. For Mesh software for each device. Today, disk space on Internet-accessible servers individuals who have the challenge of Live Mesh supports only Windows, for photos, generic files and other data. managing multiple computers and other requiring Windows Vista or Windows But Live Mesh gives, or has the devices while working and traveling, the XP Service Pack 2, an 800MHz or potential to give, two things that RDP service offers a compelling model for faster processor, at least 1GB of RAM, and traditional tools aren’t able to system interaction. In either case, it 25MB of available hard disk space, touch. First, you can use it with devices could be how we’re all working in the Microsoft Internet Explorer 6 or later, other than PCs. This advantage is partly not-too-distant future. — Firefox 2.0 or later, or Safari 3.0 or theoretical, because—with the exception later. It also requires a fast Internet of smartphones—Live Mesh clients Peter Varhol is a principal at Technology connection, broadband or equivalent, aren’t yet available for other computers Strategy Research, an industry research and at least a 1024x768 display size. or devices, but it’s interesting enough and consulting firm.

16 | March 2009 | Redmond | Redmondmag.com | 0309red_T&T17-18.v6 2/9/09 6:58 PM Page 17

MCPmag.com’s Tips&Tricks Windows Advisor Taking ISA Professor PowerShell Server into the PowerShell Reading List Danger Zone My secret for learning Microsoft’s scripting A reader wants to have ISA technology? Check out these blogs. Server obtain an IP address By Jeffery Hicks from an externally facing DHCP server. PowerShell alone can’t teach you PowerShell. If you really want to go to the By Zubair Alexander head of the class, you’ll need some additional outside reading. Blogs are an excellent source of information. The information is timely, Q. I’d like my ISA Server to get an IP address posts are usually short and they’re delivered right to your desk or mobile from a DHCP server on the external interface. I’ve device. Here are some blogs I encourage you to check out. tried different network cards, cables and every- First, you absolutely must read the PowerShell team blog from Microsoft. This is the best way to learn what’s coming from PowerShell. The team thing else, but for some reason the external usually posts terrific examples of how to use PowerShell. Follow Jeffrey network interface card isn’t cooperating. What Snover and the gang here: http://tinyurl.com/36afzu. am I doing wrong? If you have Citrix duties and are wondering how PowerShell will fit in, A. What you’ve described is the default take a look at PowerShell MVP Brandon Shell’s blog, BSonPoSH, at behavior on ISA Server versions 2004 and http://bsonposh.com. Shell’s blog includes quite a bit about PowerShell, 2006, and so, ideally, you should always use a Citrix and Active Directory. static IP address for servers. ISA Server’s For AD and PowerShell information, your first stop should be Quest’s system policy is configured, by default, to Dmitry Sotnikov’s blog at http://tinyurl.com/59l9ml. Here, you can get not permit DHCP replies from outside DHCP the lowdown on using PowerShell for AD, especially the free Quest servers to the ISA Server itself. Normally, there AD cmdlets. shouldn’t really be a reason for allowing DHCP I also think you’ll get a lot out of Richard Siddaway’s blog at replies from the outside world to your ISA http://tinyurl.com/2jdvpo. Lately Siddaway’s been quite active, posting a number of examples that cover topics like IIS and SQL. Server computer. Even though Shell, Sotnikov and Siddaway are all PowerShell MVPs, I Some people sign up with their ISP for Internet don’t want you to think they’re the only ones with excellent PowerShell access and want to run an ISA Server at home or information. I urge you to also visit the PowerScripting podcast at in their small business with a dynamic IP http://powerscripting.wordpress.com. You won’t even have to read! Hal obtained from their ISP’s DHCP server. Whatever Rottenberg and Jonathon Walz—future MVPs, for sure—put out a high- your reasoning might be, follow these steps to quality weekly podcast all about PowerShell. They usually include a lively change the default behavior: interview—I was a recent guest—and some terrific tips. They also broadcast 1. Start ISA Server Management Console and continued on page 18 click on the Firewall Policy. 2. In the right pane, click Tasks and then click Show System Policy Rules. Pop Quiz 3. Click the rule “Allow DHCP replies from DHCP Credential Caching servers to ISA Server.” 4. Right-click the rule; select Edit System Policy. (Exam 70-642) 5. Click on the From tab. By Andy Barkl 6. Click Add and add the IP address of the external DHCP server. Question: Which are the respective forest and domain functional levels 7. Apply the changes to update your ISA required for credential caching and fine-grained password policies when Server configuration. using Windows Server 2008? Note in step 6 that although you have the a. Windows Server 2003 and Windows Server 2008 option to add an external network rather than b. Windows Server 2008 and Windows Server 2003 the IP address of the DHCP server, that makes c. Windows Server 2008 and Windows Server 2008 your ISA Server more vulnerable to potential d. Windows Server 2003 and Windows Server 2003 Answer on page 18 continued on page 18

| Redmondmag.com | Redmond | March 2009 | 17 0309red_T&T17-18.v6 2/9/09 6:58 PM Page 18

MCPmag.com’s Tips&Tricks

Professor PowerShell

Do You Read Me? Windows Advisor continued from page 17 Sans GUI, PowerShell can be made to attacks. It’s best that you keep the exposure to a minimum by adding work interactively. The trick is the only a specific DHCP server. Read-Host cmdlet. And here’s one more thing you need to know: According to Microsoft Knowledge Base article 841141, this trick works only with renewals of IP PowerShell 1.0 is meant to be used as a management addresses. What you’ll have to do is allow DHCP packets from any console. As such, it doesn’t have a graphical interface. network until you get an IP address. Once you have an IP address, you There are no input or message boxes like those in can change the rule to allow traffic from a specific DHCP server. VBScript, although those items can be created through the use of WinForms or through third-party snap-ins. But that doesn’t mean you can’t have an interactive script. If your scripts require interactive input, use the Read-Host cmdlet: Professor PowerShell continued from page 17 PS C:\> read-host "Enter a computername" Enter a computername: SRV03 live on UStream, so you can participate. Definitely SRV03 great stuff. PS C:\> Finally, please don’t forget blog.sapien.com. I post The only parameter the cmdlet requires is a prompt. there quite a bit about PowerShell and other scripting The cmdlet takes the user’s input and writes it to the languages such as VBScript. You can also keep abreast of pipeline. In this example, it essentially went back to the training classes and conferences where I’ll be speaking. screen. You’ll most likely want to save the information There are many other excellent sources for PowerShell to a variable: information. These are just a few to get started. Now go PS C:\> $c=read-host "Enter a computername" hit those blogs. Enter a computername: SRV03 PS C:\> $c SRV03 PS C:\> get-wmiobject win32_bios -computername $c Answer continued from page 17 There’s no real limit to the size of the string. You can D. Windows Server 2003 forest and Windows even use the tab and spacebar for simple formatting. Server 2003 domain functional levels are required PowerShell will end the string when you press Enter. I at a minimum. like using Read-Host as a Pause substitute: There are few additional benefits in Windows 2008 PS C:\> read-host "press enter to continue" when raising the forest and domain functional levels press enter to continue: from 2003 to 2008. PS C:\> Credential caching is the storage of user or computer If I use this in a script, PowerShell will wait until I credentials of approximately 10 passwords per security press Enter before continuing with the rest of the script. principal that can be configured on read-only domain When I was writing batch files, I used Pause quite a bit, controllers. The availability of fine-grained passwords, and it’s what I use to get the same result in PowerShell. or the ability to define more than one password policy By default the Read-Host cmdlet uses simple strings. But per domain, is a new feature available when Windows you can also use the -asSecureString parameter, which 2008 DCs are present. instructs the cmdlet to convert the entered string as a Tip: Before using fine-grained passwords, you secure string: must run adprep found in Windows 2008 to extend PS C:\> $pwd=read-host "Enter a password for the the schema. — new user" -asSecureString Enter a password for the new user: *********** PS C:\> $pwd [email protected] System.Security.SecureString Check out MCPmag.com's column archive for more savvy That parameter also instructs the cmdlet to mask the tips and tricks from Jeffery Hicks, Andy Barkl, Zubair entered string. I can now use $pwd in any cmdlet or Alexander, Eric Johnson and other frequent contributors. PowerShell expression that requires a secure string. FindIT code: MCPmagTips

18 | March 2009 | Redmond | Redmondmag.com | Project15 6/6/08 2:46 PM Page 1

Finally, Affordable Enterprise-Class Archiving

Introducing Sunbelt Exchange Archiver. Sunbelt Up to 80% smaller message store. With SEA, you’ll Exchange Archiver (SEA) is a robust new product which dramatically reduce your Exchange storage. The benefits are delivers real enterprise-class email archiving, at a price that clear: faster backup times, better Exchange performance, won’t break your budget. Get comprehensive legal and and faster recovery. regulatory compliance. Reduce your Exchange storage by up to 80%. Securely store emails on your choice of media, Journaling not required. It’s a fact that using the using the built-in Hierarchical Storage Exchange Journaling mailbox for archiving Management. And, find archived emails dramatically affects server performance. rapidly with full-text search for e-discovery With SEA, Journaling is an option – the or compliance. program’s breakthrough Direct Archiving feature stores all emails immediately after Compliance, e-Discovery, and legal they are received, keeping load off the readiness. If you need to archive emails Exchange server. for regulatory or legal reasons, SEA has you fully covered. Emails are stored in “Exchange performance No more PST headaches! SEA gets their original form, in whatever secure is suffering. Your users rid of pesky PST files that are a major media you prefer, with complete flexibility complain about email admin headache. SEA automatically finds on retention. Need to find an archived storage. Your CEO wants them, imports them, and makes them part email? Simply use SEA’s powerful of your user’s archive. integrated full-text search of emails and legal compliance. Now what?” Great for disaster recovery. No attachments, and you’ll be ready at a matter where you email is stored, business moment’s notice for e-discovery or legal continuity is assured with SEA. Using the requests. included web client, users can continue to Seamless end-user experience. SEA see and use their email even if Exchange is is fully transparent for your users, whether down. they’re running Outlook, OWA, Blackberry Archiving’s time has come for devices or even Entourage on the Mac – with everyone. Contact us today and see how no special client software needed. Trusted SEA solves your legal and compliance end users can be delegated granular authority headaches and immediately improves the performance of with the included web-interface or optional Outlook Exchange – while saving critical budget dollars. add-in. They can do off-line synchronization, and search, edit, forward, move or delete archived emails.

Get a Free Quote and See How Cost-effective Sunbelt Exchange Archiver Really Is! Email [email protected] or call 888-688-8457

Sunbelt Software Tel: 1-888-688-8457 or 1-727-562-0101 Fax: 1-727-562-5199 www.sunbeltsoftware.com [email protected] © 2007-2008 Sunbelt Software. All rights reserved. Sunbelt Exchange Archiver is a trademark of Sunbelt Software. All trademarks used are owned by their respective owners. 0309red_SunAvanadeSpread_final2 2/12/09 8:17 AM Page 2

ADVERTORIAL Hyper-V on Sun— the Experts at Avanade Speak The combination of the Windows Server 2008 Hyper-V virtualization platform on Sun x64 servers is a performance winner.

vanade, the global enterprise Through other testing efforts that Avanade systems consultancy founded by conducted in conjunction with Sun By Peter Varhol, Microsoft and Accenture, has Microsystems, the experts had a number of Technology Strategy found that virtualization has test configurations available for use. The Research become an integral part of many specific test configurations were for Microsoft Aof its customer deployments. Enterprises are Exchange Server 2007, as well as for leveraging virtualization for large-scale server Microsoft Dynamics CRM 4.0, with the CRM consolidation, resulting in less hardware tests focused on collecting SQL Server data. purchases, electricity savings and better These tests provided a highly representative utilization of existing systems. platform for Hyper-V testing and also enabled Avanade engineers to easily compare Hyper-V To validate the capability of this new test results to those from a series of physical virtualization platform, Avanade ran extensive servers. tests on Sun x64 servers running Windows Server 2008 Hyper-V, seeking to fully These workloads were also ideal because understand its strengths and features for use each included a mix of Sun x64 servers. in demanding enterprise environments. Both configurations required Microsoft Active In particular, Avanade completed a Directory, a mainstay in most enterprises. comprehensive suite of performance tests Exchange required three Exchange server designed to exercise many different aspects roles (Hub Transport, Client Access and of system performance. Mailbox), plus four load-generation servers. 0309red_SunAvanadeSpread_final2 2/12/09 8:17 AM Page 3

The Exchange Mailbox server had very high in many Windows environments. SQL Server demands for CPU, memory and disk, which can also be very I/O intensive, making it a were excellent tests for Hyper-V. The CRM workload that historically many people have From a pure system also had numerous servers, including avoided virtualizing. Avanade wanted to run two load-generation systems, four Web/ SQL Server with a heavy workload to performance application servers, plus a database server. understand how Hyper-V would perform. Like the Exchange Mailbox server, the CRM perspective, SQL server had high CPU, memory and disk Avanade architects and engineers elected to there’s no doubt requirements. use a benchmark developed for Microsoft Dynamics CRM 4.0, Microsoft’s customer that Hyper-V In addition to these two application workloads, relationship management application. CRM Avanade architects and engineers also wanted applications are designed to manage customer on Sun x64 is to obtain a more detailed look at Hyper-V’s I/O information and a business’s interaction with enterprise-ready performance. High performance I/O is critical those customers. CRM products are useful for data workloads such as those represented any time a business interacts with its and capable of by Exchange Mailbox servers and database customers on a regular basis. A few examples servers. I/O performance has also been a include call centers and reservation systems. supporting weak spot for many virtualization platforms. To extremely test I/O performance, tests were designed The results of these tests provide excellent using Iometer and Microsoft Jetstress. Iometer evidence that Hyper-V is highly capable from a large loads. is an open source I/O testing tool that can be performance standpoint. Some of the tests used to test storage as well as network I/O. exceeded the target 2,000 I/O operations per JetStress is a tool designed to simulate second (IOPS) by significant amounts. This is Microsoft Exchange Server 2007 storage clearly evidence of an ability to perform at higher loads. demands, which in general speaks highly of the initial release of this virtualization platform. The purpose behind the Hyper-V I/O tests was to observe the performance of the numerous From a pure performance perspective, storage configuration options available in there’s no doubt that Hyper-V on Sun x64 is Hyper-V. In order to understand the relative enterprise-ready and capable of supporting performance, a baseline series of tests were extremely large loads. In our testing we’ve executed on the physical server used as the proven Hyper-V’s excellent I/O architecture via Hyper-V host. both network and storage testing. We’ve had Hyper-V guest partitions saturate 1Gbs A single physical server was used to obtain Ethernet links as well as drive enough load the baseline tests, and also served as the against storage arrays to saturate them. Hyper-V parent partition. The server we used was a Sun Fire X4450. This 2U rack mount In addition to its performance, Hyper-V’s server contained four Intel E7340 quad-core feature set is fairly rich with support for most processors (2.4GHz) and 32GB RAM. Two of the virtualization features required for mass internal SAS drives were used for the operating deployments. Hyper-V’s lack of support for a system, application files, and page file. live migration utility like VMware’s VMotion Ethernet connectivity for server as well as remains a competitive disadvantage; however, iSCSI connectivity was supported through the Hyper-V’s Quick Migration should suffice for four embedded Gigabit Ethernet controllers. the vast majority of customers.

How Hyper-V Stacks Up Peter Varhol is a principal at Technology Microsoft SQL Server is a popular database Strategy Research LLC, a technology application used as a foundation building block research and consulting firm.

Read the entire white paper, “Microsoft Windows Server 2008 Hyper-V: Ready for Prime Time,” at: Redmondmag.com/showcase/sun/1 By Patrick Cimprich, Chief Architect 0309red_ProdRev22-25.v6 2/10/09 10:54 AM Page 22

ProductReview

Microsoft’s VMM 2008: Does It Pass the ‘Good Enough’ Test? Redmond’s virtualization management tool doesn’t have all the bells and whistles that VMware’s vCenter has. But it doesn’t have the same hefty price tag, either.

By Reed Wilson icrosoft’s Virtual Machine Virtual Machine Manager 2008 Version 2 Manager 2008 (VMM 2008) $869 for an Enterprise License; $505 for Workgroup Edition Mversion 2 manages the virtual Microsoft | 800-426-9400 | www.microsoft.com infrastructure created by Hyper-V and has extensions to manage VMware’s ESX Server. The product boasts a delegated admin, failover cluster support, and a simple checkbox for highly available virtual machines (VMs)—much improved over version 1. It also offers resource optimization that recognizes poorly configured or failed hosts and VMs and dynamically self-heals them. A VMware Gotcha? Installation is straightforward, though it does demand a rather strict environment. Requirements include Windows Server 2008 with Hyper-V (this means 64-bit only), IIS7 and SQL. If you want to include ESX, you’ll need VMware ESX 3.0.2 or better and VMware vCenter 2.0.1 or better. The latter is a gotcha, in my opinion. Virtual Machine Manager 2008’s physical-to-virtual Wizard, for converting physical servers to virtual workloads, is fast and easy to use. Basically, you’re forced to purchase vCenter in order to interact with The bulk of the work is done with previous version. You no longer need VMM 2008, which tends to negate the Actions. From here, you add or remove to jump through all the hoops—you whole idea. Paying for two virtual hosts, perform clustering, and manage simply point to the physical server, managers is not an attractive option. I your library of templates, guest OS identify the volumes to copy, and hope that VMware and Microsoft profiles and virtual hard disks. And, choose whether it will be an online decide to play nice and include all the when working in conjunction with (where the server remains live and necessary APIs and calls to enable the Operations Manager 2007 (to grab available) or an offline conversion. free ESXi, without additional expense historical data of physical servers), Finally, you specify the number of or haranguing. VMM 2008 will generate a report of processors and RAM for the VM. And In terms of operation, the Admin consolidation candidates, taking into here’s the beautiful part: VMM 2008 Console is clean and well laid out. account average usage and any spiking gives you a rating of each host, deter- From the overview, you can easily see of a physical server’s resources. mining the most suitable host on which the health of your hosts, VMs, jobs and to deploy the VM, which makes the library. You can also easily drill down to No Hoops process quick and easy. the hosts to see and modify configura- Once identified, you can convert phys- tions. Clicking on Virtual Machines ical servers to VMs and convert VMs The ‘Good Enough’ Test provides a quick glance at configura- from ESX to Hyper-V.These conver- Typically, version 1 of a Microsoft tions, usage and owners. sions are incredibly improved over the product is little more than a placeholder,

22 | March 2009 | Redmond | Redmondmag.com | 0309red_ProdRev22-25.v6 2/10/09 10:54 AM Page 23

ProductReviews

products and strategy. All of these factors apply to this version of VMM 2008, including hints at further progress with the next release. Overall, Virtual Machine Manager 2008 is a solid version 2. The big question is: Is it “good enough” and worth the money and investment of time required? The answer depends on your needs and goals. If you need the advanced features included in VMware’s offerings, such as easier clustering, live migration and failover, then you should make the necessary investment to get those features. However, if you don’t need those types of features and are in a cost-sensitive situation (and who isn’t these days?), then the basic, easy-to-use, integrated approach of VMM 2008 Virtual Machine Manager 2008’s Overview screen shows the status of your virtual environment at a glance. makes this product a very good bet.—

giving the company a foot in the door version 3 usually knocks it out of the Reed Wilson ([email protected]) is a for later, greater things. Version 2 park and nails the coffins of the compe- global infrastructure architect at Nu Skin, delivers somewhere between 50 percent tition. Microsoft has long pitched a billion-dollar direct sales company with and 80 percent of full functionality. And integration as a key differentiator to its offices in more than 45 countries. Use your IT Certifications to accelerate your “Th e best—— degree online. and cheapest— Microsoft, Sun, Oracle, Cisco, Comp TIA, SAS, PMI, GIAC college you’ve never or (ISC)2 certiﬁcations could waive up to 25% of your fully heard of is found accredited bachelor’s degree. Here’s what you can get from the online only online” degree programs offered at WGU: November 17, 2008 —TIME magazine, • Flexible ONLINE learning • Up to 10 certifications built in at no extra cost • Programs in Networks, Databases, Security, Software and IT Management

Call Toll Free 800-918-4830 or visit us at www.wgu.edu/time9

WGU is honored to receive the USDLA 21st Century Award for Best Practices in Distance Learning for 2008. 0309red_ProdRev22-25.v6 2/10/09 10:54 AM Page 24

ProductReviews

Test-Driving VMware’s ThinApp The Application Sync and Application Link features combined with an easy-to- follow interface make ThinApp a winner for both VMware and its customers.

By Kevin Da Silva ThinApp 4.0 hinApp 4.0 takes VMware Inc. $6,050 with one year of support into the application virtualiza- VMware Inc. | 877-486-9273 | www.vmware.com Ttion world. ThinApp works by creating snapshots of applications to allow for easy installation across different ThinApp to be able to correctly identify creating the packages later on. I won’t versions of Windows operating systems, what changes an application has made go through all the steps taken for the without the need to worry about dif- (such as files or registry keys), it takes a setup process, but as I previously men- ferent requirements for installation. snapshot before and after application tioned, the instructions on the VMware This is achieved by providing a sandbox installation using the Setup Capture ThinApp blog are easy to follow environment, where applications are component. The first takes about 10 (http://tinyurl.com/8y2o5g). isolated from the host OS. seconds on your clean PC, and the second Suffice it to say, following the steps Generally, ThinApp has three pri- varies depending on the size of the and creating snapshots within VMware mary uses. First, it can be used to application installed. I found both com- Workstation provides an easy way to migrate proprietary or custom applica- pleted quite quickly. It’s recommended determine whether your package will tions to new versions of Windows. that you have a fresh install of your OS have any issues. The Word 2007 ThinApp Second, it can provide an easy way to of choice so as to not cause conflicts. package I created installed very quickly package complicated application instal- VMware has defined two ways to start on the Windows XP image—even lations. And third, it can be used by the Setup Capture program. The sug- faster than the normal installation. developers looking to create OS- gested way to install ThinApp is to put Once the package has been created, independent applications. But there it on another machine, then share out it’s as easy as sending users a link to a are many other uses as well. the files to run on a clean PC. The second network share. With the option to is to install the ThinApp package on the create an .MSI file (if Active Directory Easy Installation client PC itself. I tried both methods, is in place) you can create a Software ThinApp installation is fairly straight- and neither gave me any issues when Deployment GPO. It also has the forward and well-documented. Setup option to specify which users and creates the Setup Capture component Pros and Cons of groups are able to install this package. executable, which is then used to VMware ThinApp I found working with ThinApp very create a baseline as well as to decode easy and quickly started to use it to the changes made by the different Pros deploy all sorts of programs. The application installations after they ■ Easy-to-follow interface interface is easy to follow, and you’ll be have completed. takes the guesswork out of finding new uses for it constantly. One To test a widely used real-world pro- creating new packages that comes to mind is for applications gram, I chose Microsoft Word 2007. ■ Updates/new features are that include site licenses in which you ThinApp allows you to create custom seamless with Application can create a package and make it easily packages so that you can send out only Sync and Application Link available to all users. the components of an application that ■ Resource-friendly and has are needed. It also allows you to ensure support for everything from Operation that only what’s licensed is being Windows NT to Windows Vista Performance-wise, the XP image that I installed, because the process doesn’t used as my clean PC had the default allow end users to make modifications. Cons specs for an XP image in VMware Here’s the process I followed: First, I ■ With the price range starting Workstation 6, which was 8GB hard got the VMware workstation 6.0.4 soft- at more than $6,000, probably drive and 256MB of RAM. This can be ware included with the ThinApp 4.0 out of reach for most small to run effortlessly by an administrator on package up and running. Next, I created midsize businesses —K.D. a workstation or laptop. I was a new Windows XP image. In order for impressed that it ran without a hitch.

24 | March 2009 | Redmond | Redmondmag.com | 0309red_ProdRev22-25.v6 2/10/09 10:55 AM Page 25

ProductReviews

ThinApp also enhances security. ages has also been made easy thanks to companies. The basic package, Because it’s running in a sandbox envi- an integrated feature called Application VMware ThinApp 4 Suite + Gold with ronment, any changes that need to be Sync, which allows applications to be one year of support, costs $6,050 (see made to a program you’ve created updated to the latest service packs and “Pros and Cons of VMware ThinApp,” using ThinApp are limited to the security features. p. 24). If you’re tasked with a difficult sandbox. Modifications are not made to the host OS. Another great feature is that applications can be run locally, I found working with ThinApp very easy and quickly started to use it to on a network share or even on a USB deploy all sorts of programs. drive. This could allow a user to easily take an application with him instead of lugging a laptop. Another feature, Application Link, application deployment or a complex ThinApp runs all processes associated allows you to link applications. For migration, the benefits of ThinApp with the packaged application. This example, imagine you’re rolling out the will definitely outweigh the price. If allows it to run in real time on the latest version of software for your you’re looking for a cost-effective way host, which I found to be an immense developers and a must-have plug-in to simply deploy applications, then improvement over running the appli- becomes available. The two can be there are other solutions available that cation in a virtualized OS. Doing this linked, allowing the plug-in to provide might be more suitable. — cuts back on the resources required to access to the original applications run the ThinApp package to that of the without the need to repackage. Kevin Da Silva ([email protected]) application being installed on the actual provides system admin support for a host OS. Bottom Line midsize enterprise software consulting ThinApp is clientless and installs All things being equal, this program is a company. He has MCSE certification some required files within each package great addition to the VMware line, and is a Microsoft Certified Small (less than 400K). Updating these pack- although it’s geared more toward larger Business Specialist. Earn your degree and IT certs at the “Th e best—— and cheapest— same time! college you’ve never Earn up to 10 respected industry certiﬁcations with your online IT degree program—At No Additional Cost. heard of is found Here’s what you can get from the online only online” degree programs offered at WGU: November 17, 2008 —TIME magazine, • Flexible ONLINE learning • The opportunity to advance quickly if you already have certifi cations • Programs in Networks, Databases, Security, Software and IT Management Call Toll Free 888-455-6001 or visit us at www.wgu.edu/time15

WGU is honored to receive the USDLA 21st Century Award for Best Practices in Distance Learning for 2008. Project10 1/13/09 1:19 PM Page 1

Make the Move to

TM SQL with DELL A j UPGRA USABILITY POWERSHELL GAIN RESOURCES AVAILABILITY DE SQL Server 2008 is The new Windows Using Dell PowerEdge Using the new Resource Ensure the highest levels SQ easier to use and scripting language is servers running AMD Governor, you can of availability with new has manage. New policy- now integrated into SQL OpteronTM multi-core ensure that your Dell SQL Server failover wit based management Server providing a processor technology, PowerEdge servers clustering features when Ser lets you configure a powerful approach to you can obtain the running AMD OpteronTM running on Windows Stu single SQL instance SQL automation. highest performance for multi-core processors Server 2008. The new now once and apply the PowerShell integration your updated SQL provide the right Integrated Cluster for same policy to any includes support for servers. And, by using amount of resources to Installation provides a and number of instances. most management the new Performance your business-critical simple, two-step process ma This means that all of functions as well as Data Warehouse—a databases. Resource for the creation of a Inte your SQL Servers will security. Moving new method for Governor lets you cluster: create the cluster Act be configured in the forward, the SQL gathering and storing create up to 20 and then add a node. Que same way. Configure command structure will performance data—you resource pools per Making your SQL mo once, manage many be replaced by can ensure your server. Use the right instances highly available eas times—now that’s PowerShell—so now’s servers provide the pool to assign has been made simpler! mu compliance! the time to start utmost throughput for resources to your qui working with this new your applications. most critical data. command language.

About Dell Dell Inc. (NASDAQ: DELL) listens to customers and delivers innovative technology and services they trust and value. Uniquely enabled by its direct business model, Dell is a leading global systems and services company and No. 34 on the Fortune 500. For more information, visit www.dell.com, or to communicate directly with Dell via a variety of online channels, go to www.dell.com/conversations. Project10 1/13/09 1:20 PM Page 2

SQL Server® is Microsoft’s® enterprise relational database management system (RDBMS). SQL Server 2005 became the fastest growing database application in the industry according to research firm Gartner Inc. Now, Microsoft adds to this momentum by building upon SQL Server 2005’s powerful feature set to deliver SQL Server 2008, an integrated RDBMS that brings all data types—structured and unstructured—together for the first time and provides a trusted, productive and intelligent enterprise data platform. As an IT professional, you can rely on this new database engine to enable your applications to run better and faster while reducing your management overhead. And, by running your new SQL Server 2008 database instances on energy-efficient DellTM PowerEdgeTM servers powered by multi-core AMD OpteronTM processors, you’ll gain top-level performance. Ready to begin? Then use the following 10 reasons to justify your move to SQL Server 2008 on DellTM PowerEdgeTM servers. DESQ L TY DELIVER ENCRYPTION SAVE QUERY LAUNCH vels SQL Server management Your data is protected SQL now saves New FILESTREAM and Launch your upgrade w has never been easier while it’s located within considerable amounts spatial data formats in now! Dell PowerEdge with the updated SQL your premises, but it of space through SQL Server transform it servers based on hen Server Management may be at risk when it real-time data into a complete data- multi-core AMD Studio (SSMS). SSMS leaves your sites. compression at the row management solution. OpteronTM processors w now includes support Through Transparent or page level. This Because of these new offer superior value and for multi-server queries Data Encryption (TDE), decreases I/O and formats, you can now performance for your a and configuration you can now protect improves the scalability integrate both structured SQL applications. Find cess management, SQL data both onsite of your databases. and unstructured data out which Dell PowerEdge IntelliSense, a new and offsite. TDE protects While data compression into one, single data servers are the best fit ster Activity Monitor, new data contained within requires CPU cycles store. And, with for your SQL2008 Query Plans and much .MDF, .NDF and .LDF files during I/O operations, integrated search applications at more. This makes it so only authorized you can be assured capabilities, you can DELL.COM/SQL2008. able easier for you to manage personnel can access it that your Dell locate any data at er! multiple SQL instances at any time. PowerEdge servers any time. quickly and effectively. have the power when needed.

DELL.COM/SQL2008

©2009 Advanced Micro Devices, Inc. All rights reserved. AMD, the AMD Arrow logo, AMD Opteron, and combinations thereof are trademarks of Advanced Micro Devices, Inc. HyperTransport is a licensed trademark of the HyperTransport Technology Consortium. Microsoft and Windows are registered trademarks of Microsoft Corporation in the U.S. and/or other jurisdictions. Other names are for informational purposes only and may be trademarks of their respective owners. 0309red_F1Win7_28-33.v6 2/9/09 7:16 PM Page 28

28 | March 2009 | Redmond | Redmondmag.com | ILLUSTRATION BY GREGORY COPELAND 0309red_F1Win7_28-33.v6 2/9/09 7:16 PM Page 29 Will Windows 7 Be Microsoft’s Redemption? Early versions of Windows Vista’s successor could burnish the operating system’s tarnished reputation in the desktop market. By Doug Barney

t has been a dark couple of years for Windows 7’s requirements are seemingly higher, at Microsoft in the desktop operating systems least for RAM; Microsoft suggests a minimum of 1GB. business. The uncontested leader in that The real story, however, is far different. Windows 7 market for close to two decades, the company performs briskly on all manner of systems. In fact, our sullied its reputation with the delivery of readers are running it on everything from a single- Windows Vista, which proved a crashing dis- processor system with 768MB of RAM all the way up to appointmentI from the moment it stumbled out of the a multi-core system with 4GB. Not a soul reported any- starting blocks. Despite expensive marketing campaigns thing but snappy, highly responsive performance. and the sermons preached by top Microsoft executives about its advantages, IT shops clung to Windows XP. Faster than a Speeding Vista But with the first betas of Vista’s successor, With Windows 7, Microsoft has attacked nearly every Windows 7, trickling out in late December, new hope aspect of the OS’s performance—and it shows. In fact, has risen. Given what appears to be an OS with vastly most users wish Microsoft had paid this much atten- improved speed and performance, support for a tion to Vista. Redmond readers have spoken loud and greater number of devices, smoother installation and clear through our surveys and countless e-mails sent a sexier interface, Redmond has a chance at redemp- over the last few years on this matter. IT wants smaller, tion in the OS market—redemption much needed leaner OSes and application suites. After all this time, not just by Microsoft, but also by its thousands of Microsoft is finally listening. application developers as the ongoing recession eats “Windows 7 is what Vista should have been—Vista away at revenues and profits. on steroids!” exclaims Steve Birchfield, IT operations Indeed, much of the industry buzz is positive— supervisor at AnazaoHealth Corp. in Tampa,Fla. “It’s extremely positive. This has inspired us at Redmond to faster than both my machines running Vista and XP. I find out for ourselves if Windows 7 is all it’s cracked up was shocked to see how fast the first few large file to be. Our approach? Interview a dozen readers who copies went.” have all been beating on the beta. We quickly discov- Others are even more enthused. “First impression: ered the buzz was right on: This thing is really good. Wow!” says Christopher A. Blanchard, an MCSE and And it’s still an early beta. Out of a dozen readers, only customer engineer for EMC Corp. “I picked this one came across as a real Windows 7 curmudgeon. system because I had nothing but nightmares with Vista was rightly slammed for large hardware require- Vista’s performance. It runs much faster with just the ments. While Microsoft says it runs in as little as basics installed.” 512MB of RAM, users know different. Large hard drives, While few are surprised that Windows 7 outperforms multiple gigs of high-speed RAM and a hot graphics Vista, the favorable XP comparisons are particularly card are all needed to achieve reasonable performance. shocking. “Windows 7 is noticeably faster than Vista—

| Redmondmag.com | Redmond | March 2009 | 29 0309red_F1Win7_28-33.v6 2/9/09 7:16 PM Page 30

Windows 7

and even my XP desktop—for file copies across the network OpenOffice.org, Download Accelerator 9, Total Commander and USB locally attached drives. With the Aero desktop v7.04a, Brother printer software, Norton 360 beta and loaded, the performance is better than Vista with Aero SugarSync. The only trouble he had was with McAfee turned off. I’ve copied large sets of files on and off of USB Internet Security, which he swapped for Norton 360 beta. drives in Windows 7, and they’re at least twice as fast as Microsoft has publicly warned that some security tools Vista. I can browse network resources much faster now as and other bits of low-level code, such as imaging apps, may well,” Birchfield concludes. not work with Windows 7. Many are pushing Windows 7 to the limit with little Wagner also had problems with security. Symantec degradation. “I haven’t had any problems with performance AntiVirus didn’t work, so like Santori he switched over to while multitasking—the built-in CPU meter never maxed the beta of Norton 360. out to 100 percent,” notes Bill Carreira, municipal informa- IT experts believe Windows 7 will be an easy upgrade, tion systems director for the city of Kingsland, Ga. especially for Vista shops. “If you’re familiar with Vista and The new power-management features also mean that prepared your applications and drivers to function with it, hardware is tasked less. Steve Chapman, founder of blog UX Evangelist, put Windows 7’s power management to the test. “For certain “Windows 7 is what Vista should basic word processing or Internet have been. Vista on steroids! It’s browsing, where my computer fan would’ve normally kicked on at faster than both my machines certain times, I noticed a decrease running Vista and XP.” in those times ... but only when not using the Aero Glass UI,” Steve Birchfield, IT Operations Supervisor, AnazaoHealth Corp. Chapman explains. Chapman managed to slow Windows 7 down, but only on his 32-bit machine, “and when Windows 7 should slide right in,” says Patrick Dunlap, a I have upward of 15 tabs open in an Internet browser. client configuration manager. “The only thing that didn’t Waiting for the right-click fly-out menu has a way of work was Symantec Endpoint Protection R3. Also, testing one’s patience,” he says. Microsoft Virtual PC 2007 has a significant lag time problem Redmond reader David Aflak, a senior manager at Esurance in processing graphics, but that could be a video driver Inc., runs Vista on a newer HP 6910p machine and Windows 7 issue,” he continues. “I used all of the IBM Vista drivers for on an older 6400. The performance is virtually the same. the install without errors. I’m guessing all of the shims we Running Windows 7 while clogging network connections learned to use in Vista will work in Windows 7.” poses no problem. “I downloaded the Office 2007 installa- Custom and vertical software is off to a decent start. tion code—one 500MB-plus file—across the network. Carriera is running Incode Financial Software and Police Though the system was pegged, I had no trouble using RMS Software. “They work just fine,” he says. “Our Status Outlook to read e-mail while the process was going on in View application that keeps track of our employees—in the background,” says C. Marc Wagner, services develop- and out board—will not function, but it didn’t work in ment specialist, UITS, Student Technology Centers,at Vista either.” Like others, Carreira’s only surprise was not Indiana University in Bloomington, Ind. being able to run Norton AntiVirus. Wagner also noticed that Windows 7 uses far less RAM. Birchfield is also having good luck with custom software. His Vista Service Pack 2 (SP2) machine shows 1.14GB of “I’m running our in-house, custom-written ASP.NET app, RAM in use with IE and Outlook running, while the as well as VMware Infrastructure Client, VMware Converter, same apps on Windows 7 have a footprint of just 600MB. Google Chrome, Firefox 3, Microsoft Dynamics Solomon, SQL 2008 Express tools, VNC, Office 2007 and Winamp— No Shortage of Apps which all installed cleanly and work fine,” he says. Being IT pros, Redmond readers don’t just load up a beta OS “The only non-working application is Server 2008 and start to play—they throw on as many apps as they can RSAT, and the Verizon FIOS Internet Security Suite find. So far, the compatibility is impressive. And in some wouldn’t download from Verizon’s Web site,” he continues. cases, installation time is surprisingly fast. MCSE Blanchard “It reported the OS as Windows 98/ME. The Cisco installed Microsoft Office 2007 Enterprise Edition and got AnyConnect client works, but did blue screen once. I it running in half the time it took on his Vista machine. restarted the computer and it has been stable ever since.” But the breadth of compatible apps is what’s really impressive. Rocco Santori, a consultant with Rocconet, Driving Devices runs three browsers: Chrome (which is itself still in beta), One of the biggest Vista bugaboos is the lack of device IE and Firefox. He also runs the Microsoft Media player, drivers. From early Redmond reader reports, Windows 7

30 | March 2009 | Redmond | Redmondmag.com | 3_09_Redmond_Dorian_Outlined_Flattened.ai 133.00 lpi 15.00°45.00°0.00°75.00° 2/2/2009 2/2/2009 5:16:20 5:16:20 PMPM Project1Process 2/2/09 Cyan Process4:48 PM Magenta PageProcess 1 Yellow Process Black 0309red_F1Win7_28-33.v6 2/9/09 7:16 PM Page 32

Windows 7 7 Magnificent Windows 7 Features

AeroPeek: This feature, like a browser preview, shows locked down with a password, so only allowed family what the window you may want to open or toggle to members can share. actually contains—just by hovering over the thumbnail. If you have a corporate laptop that belongs to your corporate domain, it can also join HomeGroups, while at BranchCache: When Windows 7 is used in conjunction the same time keeping sensitive company data safe. with Windows Server 2008 R2, files move across the WAN Windows 7 will also automatically detect if the PC is at far more quickly thanks to new caching technology. home, at work or out in public and adjust accordingly. While aimed at consumers, HomeGroups may well be Direct Access: Mobile users no longer need a VPN to useful for sharing files within small and remote offices. access corporate networks. Libraries: Libraries are how users see content that’s Green: Microsoft believes Windows 7 is its greenest shareable across the network. Microsoft has worked hard desktop OS yet. Some power savings come from the to make them intuitive, so you aren’t seeing cryptic smaller footprint, but the bulk of the gains are in power descriptions, complex path names or files that really management, especially when the system isn’t in use. aren’t meant to be shared. Windows 7 offers more power settings, allowing IT or Libraries can also be organized by media type, such as end users to truly minimize electric use. These can also be video, documents, music and so on. customized for specific uses. Taskbar: The new Taskbar is set by default to show HomeGroups: Windows 7 is designed to be easier to large icons, which Microsoft believes make it easier for set up on a home network and let nodes share files. users to recognize what they’re launching. It’s also Through HomeGroups, PCs on the network will discover designed to be the one place where users launch each other and identify shared files. The system comes programs, files and tasks. —D.B.

is off to a pretty good start in addressing this seemingly The way devices install has changed a bit. “With my 64-bit perpetual problem. laptop, I had hardware that wasn’t recognized by Windows 7, Take Birchfield,for example: He had no problems but only a few items,” UX Evangelist blogger Chapman says. installing external USB drives, a Zebra ZM400 or his Ricoh “Installation of those devices went smoothly with a very multifunction printer. “I used Vista drivers for the devices obvious reduction in pop-up dialog boxes bugging you for that couldn’t be found. All of the hardware on the laptop answers compared to Vista. This is more than likely due to was automatically found during installation,” he says. the new User Account Control [UAC] settings with a default Carreira has had mixed, though generally positive, set to one notch below Vista’s.As for the process of installing results. “So far, all the printers we’ve connected to the new devices manually, things haven’t changed much. You can machine work just fine. The drivers for the Ethernet either do it through Device Manager, click on the pop-ups device and onboard video were found automatically. Our when you insert your new device or simply run the app con- video device is a generic onboard integrated device without taining the driver for your device.” But, he warns, “XP users hardware acceleration, so some of the graphics—such as won’t be any more comforted in Windows 7 than they were in games—that require the hardware acceleration don’t Vista—the driver model is essentially the same in that realm.” function properly,” he explains. A minority of beta users contacted had device issues. “I’m Not all driver stories are as heartwarming. MCSE an avid user of all Windows OSes: XP,Vista and Windows 7. Blanchard had a glitch trying to get his Mobile Intel I’ve used all versions of 7—every build,” says IT professional 915GM/GMS, 910GML Express Chipset Family to be Michael Hickman. “Windows 7 is good, but it’s still Vista-ish. properly recognized. “It showed up twice in device manager: You would’ve thought they would have changed the com- one working, one failed. I clicked on the failed driver to plete operating system. It’s a bit of a let down.Windows 7 is see what the issue was, and it read: ‘Windows has stopped really quick, but I have problems with drivers. If I can’t find this device because it has reported problems. (Code 43).’ a driver, I use Driver Genius or Driver Scanner. But when When [I clicked] on OK, despite having made no changes, you need a driver, the scanner finds XP drivers.” the system prompted me for reboot because changes were made. I rebooted the system per the instructions. After Steady as She Goes reboot, the issue went away, although it continued to show There’s nothing more frustrating or less confidence- two video drivers,” Blanchard says. inspiring than an OS that regularly and inexplicably crashes.

32 | March 2009 | Redmond | Redmondmag.com | 0309red_F1Win7_28-33.v6 2/9/09 7:16 PM Page 33

Vista and all client versions of Windows before it earned features we can’t use because the machine’s video card isn’t some well-deserved flack for their tendency to blue screen robust enough, but everything else is working better than or simply hang. While Windows 7 is far from crash-free, expected,” he says. “I’m even using the RDP to ‘play’ on the it’s earning high marks for stability. machine on my XP desktop. I’ve tested Vista and Windows 7, “It seems to be the most stable version of Windows so and right now 7 is the winner. Even some of my older apps far,” Santori says. run better on 7 versus Vista. My staff and I will continue to Carreira still hasn’t had a single problem: “It’s very stable hammer this OS and make it do what Vista couldn’t.” and has been operating without a reboot since we installed it.” The install is also pretty fast. “It took less than a half hour. Birchfield has also seen near-constant uptime: “So far, the Even on a clean install, it prompts the user to connect to an OS has been very stable. I have only had one blue screen available wireless network,” Wagner says. “It downloads all with the Cisco AnyConnect application, but since then updates, and it needed no drivers from Dell. Whether that nothing has seriously crashed or hung the system. I’m sur- means it found what it needed out on the Internet or that prised that pulling USB drives out and changing laptop the code was already in the ISO file that I burned to DVD, docking states hasn’t affected Windows at all.” I don’t know, but I didn’t need to do anything.” However, as with Vista, some users report flawless performance with Windows 7 while others run into glitches. “It blue screened several “If you’re familiar with Vista times. I’ve applied the update, and so far have not seen a repeat,” Aflak and prepared your applications says. “XP was stable. Vista blue and drivers to function with it, screens every month or so. This one has blue screened six times today.” Windows 7 should slide right in.” Blanchard even has problems with Windows 7-specific Web content: “I Patrick Dunlap, Client Configuration Manager went to the Windows 7 Web site and played a few of those fancy videos telling us what a great OS it is. When trying to play them, Others had a glitch or two. “I upgraded an existing Vista the system locks up and is unresponsive. Pressing and holding installation first and it ran through fine. However, when I ran the power seems to be the only option, as both keyboard Outlook and Word, the performance was slow and the appli- and mouse become non-functional. Also, I’m having issues cations crashed,” Birchfield says. “I tried uninstalling the with computer management requiring that the installation applications and it wouldn’t allow me to do so. I installed the media be accessible before any options will appear.” OS clean and added all of my applications on with much better results. The OS loaded quickly and all of the applica- Instant Install tions have run well. The only negative aspect of the install Sometimes beta software is a bear to install—especially an was the multiple reboots. The OS rebooted three or four OS. But for some users, Windows 7 has been a piece of times during the clean install and possibly more on the cake. “I installed it on an ASUS AMD 64 machine without a upgrade. I didn’t watch the entire upgrade process because it flaw. I had a little problem with a Linksys application for took so much longer, but there were file operations taking the wireless card, but ‘going direct’ worked,” says Bill place that required reboots not needed in the clean install.” Bates, business analyst for Penchant Software Inc., a Santori also had a minor problem. “The only thing that Microsoft Gold Certified Partner based in Minneapolis. didn’t migrate automatically was the network printer. I Aflak had even fewer problems. “Installation was very easy, spent some time discovering that the Work network was cleaner than Vista. You load the DVD and the entire process needed to remap it,” he says. is GUI-driven. The only thing it asks for in the first part of As far as installation, low-end hardware is not a negating the install is the partition setup. I had the system installed in factor. “I was trying it out on a laptop with 768MB of memory about 30 minutes. The first boot loaded basic video drivers, and was prepared for it to not work well. I was pleasantly and then the system did a search on the Internet and loaded surprised,” says Ron Rosenthal, an IT supervisor. the correct drivers for video and sound. After that, it rebooted, The Windows 7 OS itself has a revamped look and feel, and and the system was operational,” Aflak says. readers have plenty of other comments about their experi- Carreira installed Windows 7 as a full-fledged member of ences with it. Look for the second part of this feature—which his organization’s network.“I joined it to my Domain and will cover changes in the GUI, Taskbar, UAC and much have established a test user in the Administrator group. more—in the April issue of Redmond. — We’re putting it through its paces with Active Directory and GPOs, and so far the machine hasn’t crashed and has been Doug Barney ([email protected]) is editor in chief of running since the day of the beta leak. Some of the advanced Redmond magazine.

| Redmondmag.com | Redmond | March 2009 | 33 0309red_QuestSoftwareSpread.final.qxd 2/11/09 9:11 AM Page 1

ADVERTORIAL Key Issues in Managing OCS Efficiently and Effectively

THE GOAL OF and others for purposes of eavesdropping or UNIFIED COMMUNICATIONS infection with malware; in a unified system, Unified communications represents the goal these threats will become more common, and of many workplace decision makers—the so corporate policies to protect the organization integration of e-mail, telephony, presence, fax, and individual users must be managed more The bar for security, mobile communications, collaboration tools, carefully. Today’s threats that are designed to policy management audio conferencing, Web conferencing and impact just one system, such as an instant videoconferencing into a coordinated and messaging client, will become more sophisticated and data protection will centrally managed communications system, all and impact all of the capabilities in a unified be raised significantly as of which will be accessible via a single address. system. As a result, policy management will Ultimately, that is where most workplace need to become much more robust to deal with organizations migrate communications are headed, with the end goal the variety of issues that will require appropriate from traditional, being truly intelligent communications. management of e-mail, voice-mail and real-time A unified communications system offers a communications. separate e-mail and number of important benefits, including the ability to hold real-time meetings, place voice In short, the bar for security, policy management voice systems to the calls, send and receive e-mails and faxes, and and data protection will be raised significantly integrated world of carry out a number of collaborative tasks— as organizations migrate from traditional, all from within a single interface and from separate e-mail and voice systems to the unified communications. any location. integrated world of unified communications.

However, unified communications carries with it OCS IS A KEY PLAYER IN inherent risks, as well as greater risks of policy UNIFIED COMMUNICATIONS violations, than today’s non-integrated systems. Microsoft Office Communications Server (OCS) For example, today’s PBX-based, corporate voice represents Microsoft’s vision for the future of systems are not commonly exploited by hackers unified and real-time communications. The 0309red_QuestSoftwareSpread.final.qxd 2/11/09 9:11 AM Page 2

many features of OCS, coupled with the communications system, but even more so increasing number of Microsoft Exchange in a unified environment. Compliance and deployments and Microsoft’s dominant share of policy enforcement, as part of an integrated the desktop productivity market ensure that focus on corporate governance, will be OCS will be a key player in the unified and critical issues for managers and users of real-time communications market in the future. unified communications systems. The advantages of OCS will offer organizations of all sizes faster, better and more efficient WHAT SHOULD YOU DO? communications for those inside and outside OCS includes a number of tools and utilities the organization. Further, the integration of designed to assist IT staff in the management of voice, e-mail and real-time communications an OCS environment. While these tools offer into a single, unified communications some level of assistance in managing OCS itself, infrastructure will significantly reduce they do not provide as complete a solution as communications management costs and make most organizations require. IT and telecom staff members more efficient. As a result, organizations should deploy OCS UNIFIED COMMUNICATIONS using a complete set of tools designed to do DOES NOT ‘JUST HAPPEN’ several things: The advantages A successful OCS deployment involves much of OCS will offer more than just deploying the technology, • Justify the return on investment that an training employees on how it’s used and hoping organization will realize as it migrates from organizations of all for the best. For example, a variety of issues separate e-mail, real-time communications sizes faster, better must be taken into consideration: and voice systems to an OCS environment. and more efficient • Migration is a critical component of the • Assist in the migration from the existing deployment process to ensure a smooth environment to OCS at a pace that matches communications for transfer from traditional e-mail and legacy the needs of the organization and its users. those inside and PBX systems to the OCS environment. A variety of issues must be taken into • Diagnose and troubleshoot problems that outside the account, including how the system will be may arise, ideally before they impact organization. managed, how corporate governance end-user productivity. issues will be addressed, optimizing the system and so on. • Detect potential data leaks in real time and manage a sophisticated set of granular • Proper management of the system once it corporate policies that will help an has been deployed is critical to ensure that organization to comply with its statutory performance is optimized. This is a more obligations and legal requirements. critical consideration than with conventional e-mail because of the real-time nature of • Archive all content generated by users of unified communications, particularly voice. OCS that must be preserved in accordance with corporate policies or legal obligations. • Archiving of content generated within OCS will be an even more critical—and more • Support remote users so that their tricky—issue than is the case today with experience with OCS is seamless and e-mail. Organizations will need to archive so that productivity is maximized. not only e-mail, but also instant messaging conversations, Web collaboration sessions, HOW QUEST CAN HELP fax and voice mail. Quest provides tools to help organizations manage OCS for maximum efficiencies and • Compliance, policy enforcement and other return on their investment. For more critical issues are important for any type of information, please visit www.quest.com/OCS.

Read the entire white paper, “Key Issues in Managing OCS Efficiently and Effectively,”at: Redmondmag.com/showcase/quest/7 Project1 9/15/08 12:15 PM Page 1

“ 30% INCREASE IN SPEED AND PERFORMANCE.”

– Daniel Cosey, CareerBuilder*

Every month, 23 million people use CareerBuilder.com to ﬁ nd their next job. Dell™ PowerEdge™ servers and Microsoft® SQL Server® helped CareerBuilder deliver reports up to 30% faster.

With Dell, you can make the most of Microsoft SQL Server. We help speed deployment, simplify management, and reduce costs. That’s why we’ve sold more SQL Server than anyone else, anywhere in the world.

SIMPLIFY YOUR DATABASE AT DELL.COM/SQL

*Individual results may vary.

DELLOSRS0014AC_CBSM_Mr2.indd 1 9/15/08 10:33:56 AM 0309red_F2SQL37-43.v6 2/10/09 9:53 AM Page 37

Exploiting SQL Server 2008 Through Code SQL Server 2008 has a ton of new DBA features, but if you really want to make this thing go, just crank out a little code. By Don Kiely

QL Server 2008 is mostly in the domain of system and database Sadministrators. But it’s also a reposi- tory for data used by applications, which brings the product to those who aren’t afraid of a little code. This new release has a lot of goodies that support application development directly. I’ll walk you through several of the new and improved features that I believe are most useful and interesting for the code savvy. Management Studio Gets Several Enhancements Since SQL Server 2005, Management Studio has been an extended version of Visual Studio. In 2005, the implementation was useful but a bit half-baked. In SQL Server 2008, Microsoft has made Management Studio a worthy environment for both administrators and developers. (Members of both groups who prefer command-line interfaces can also use the extensible Windows PowerShell.) Many features will be familiar to users moving to SQL Server 2008, but there are also many new features that make working with SQL Server much easier. For coders, probably the nicest new feature in Management Studio is IntelliSense. Long a staple in Visual Studio, IntelliSense lets you write code in a Query Editor Window and reduce the number of times you have to go to Books Online to look up syntax or spelunk Object Explorer to find the name of that stored procedure you

ILLUSTRATION BY RYAN ETTER | Redmondmag.com | Redmond | March 2009 | 37 0309red_F2SQL37-43.v5 2/9/09 7:50 PM Page 38

SQL Server 2008

need. IntelliSense in SQL Server 2008 works largely as it does in VS, providing you with a list of objects and methods as you type code. The second-most-coveted new feature in Management Studio is T-SQL debugging. You can now debug code directly from within Management Studio, which provides all of the features you expect, including the ability to step through code, view and change local variables, watch expressions and set breakpoints. Debugging in Management Studio Management Studio now includes IntelliSense and syntax-error squigglies, features is nowhere as deep as it is in VS, but it that will make developers far more productive when writing SQL code. is functional and provides a lot of debugging tools. Of course, you can it just displayed the same list of the ability to configure the number of still enter a T-SQL debugging session objects shown in Object Explorer. rows returned when opening a table to from within VS, which means you can The tab took up space, and many users select or edit its contents. have the best of both worlds. simply closed the window. In SQL Server 2008, Object Explorer 2008 Adds New Object Explorer Details often provides useful informa- T-SQL Data Types Window Now Useful tion, such as when you select the One of the sexiest new features in SQL Management Studio’s Object Explorer Databases node in Object Explorer. Server 2008 is spatial data types. If has long provided a nice view into the The views are highly customizable, you’ve ever worked with spatial data in many persistent and virtual objects in a letting you display exactly the infor- a database, such as latitudes and longi- database and server. But the Object mation you find most useful. tudes or locations in a grid, you’ve Explorer Details window, which by Management Studio has a lot of other probably developed your own types to default appears to the right of Object new features, and I discover more every support basic operations and conver- Explorer when you first start Manage- day. Two more I recently discovered sions. It’s not trivial code. But now, ment Studio, was less than useless in include the ability to query multiple SQL Server 2008 has built-in support SQL Server 2005. For the most part, servers by defining a server group, and for two kinds of spatial-data systems.

Missing in Action: grammatically. Regardless, you should migrate your code to use Server Management Objects as soon as Features Dropped from you can, because DMOs are likely to not appear at all in the next version of SQL Server. The same goes for any SQL Server 2008 Data Transformation Services packages you’re still Software features are a lot like government regulations. using: Be sure to migrate them to Integration Services. Once a feature or regulation is implemented, it’s almost The Web Assistant system stored procedures, such as impossible to get rid of it. It’s certain that no matter sp_makewebtask and sp_runwebtask, are no longer how insane or arcane it is, someone out there is relying available. These procedures let you create Web pages on it and will cry bloody murder if it goes away. from within SQL Server automatically, but never gained Nevertheless, Microsoft has dropped a few features and any traction in the real world. deprecated many others. SQL Server 2008 also includes a lot of behavior The Surface Area Configuration tool is history. It was changes that produce different results from statements a one-stop tool for enhancing the security of a data- and functions. A major change is that the REPLACE base server, saving you the time of figuring out how function now preserves trailing spaces rather than trim- to enable various features. You can still lock down ming them. If you rely on the old behavior, you should SQL Server, but you must now do so with other tools scan all your code and add an RTRIM function to drop such as SQL Server Configuration Manager, or the spaces. through policy management. All of these discontinued, deprecated and changed Distributed Management Objects (DMOs) are now a features are well documented in Books Online in the legacy component. This means that you’ll have to Backward Compatibility section of Upgrading to SQL install this component separately if you want to use Server 2008, along with recommendations on what this feature to access the server and database pro- new features to use instead. —D.K.

38 | March 2009 | Redmond | Redmondmag.com | Project10 2/10/09 1:17 PM Page 1 0309red_F2SQL37-43.v5 2/9/09 7:50 PM Page 40

SQL Server 2008

The Object Explorer Details window lets you search for objects within a database or across all databases on a server using a wildcard search.

The geometry types support planar, or tional databases don’t support hierar- supports random insertions and dele- “flat-earth,” coordinate data. The chies easily. You can create hierarchies tions, and supports location-based geography types store ellipsoidal data with self-joins, but you generally need comparisons. You can index the data that stores locations on the earth’s sur- to do all the work. SQL Server 2008 either breadth-first or depth-first, face, a flattened sphere. Whether introduces the HierarchyID data type, depending on the nature of the data you’re storing GPS data scattered which greatly simplifies working with and how your applications access it. around the globe, or need to store the hierarchical data, complete with func- coordinates that define complex shapes tions that make it easy to navigate T-SQL Improvements on a rectangular surface, you’ll find a hierarchies. It doesn’t make data hier- T-SQL in SQL Server 2008 hasn’t lot of features in these data types, archies a substitute for the native received any major changes, but the new along with dozens of useful methods. structure of XML data, but it does version includes many features that It’s common to store hierarchical simplify operations. SQL Server make code simpler and more efficient. data in a database, even though rela- maintains the structure of the data, There are a few syntax enhancements

Learn More About

SQL Server 2008 You can also find several handy non-Microsoft blogs. Some of the more prominent third-party blogs include:

Even though SQL Server 2008 is not a revolutionary SQLBlog.com (http://sqlblog.com/default.aspx): improvement—certainly not to the extent that some Some of the leading SQL Server experts on the planet earlier versions were—there’s a lot to learn about all the blog here, including Kalen Delaney, Andy Leonard, new and different features. Here’s a list of resources that Adam Machanic and many others. There are other I’ve found useful in learning about it. A number of the independent SQL Server blogs, but this blog is a members of the SQL Server team have blogs, many of great single-stop resource. which have some great nuggets of information. Many are geared for admins, but most have plenty of good Simple-Talk (www.simple-talk.com): Although Simple- information for developers. Here are a few worth Talk is affiliated with Red Gate Software Ltd., a checking out: commercial SQL Server and .NET tools vendor, the site has some great, free content from both Red Gate Carpe Datum: Data Flotsam and Jetsam by Buck developers and others. Woody: http://blogs.msdn.com/buckwoody Erland Sommarskog’s Web Site (www.sommarskog.se): SQL Server Storage Engine, a group blog by members Erland Sommarskog is a SQL Server MVP and a fount of of the storage engine team: http://tinyurl.com/5rvnqw information. His Web site isn’t a traditional blog, but Microsoft SQL Server Development Customer Advisory rather an outlet for many long articles he has written Team, by the people who go out and solve customer about SQL Server. problems: http://blogs.msdn.com/sqlcat Blogs aren’t the only good sources of information on Laurentiu Cristofor’s SQL Server Security Blog: SQL Server 2008. You can also find a list of white papers http://blogs.msdn.com/lcris at http://tinyurl.com/53tuw6. This site is a great resource and includes papers that cover a variety of topics. Some SQL Server Engine Tips: Guidelines, best practices, are high-level marketing types of papers, but most have TSQL and SQL programming tips and tricks: a good level of technical detail. Some are brand-new for http://blogs.msdn.com/sqltips 2008, while others are revised from 2005. —D.K.

40 | March 2009 | Redmond | Redmondmag.com | Project1 12/10/08 12:49 PM Page 1 0309red_F2SQL37-43.v5 2/9/09 7:50 PM Page 42

SQL Server 2008

files before moving them over the network just to 2 Super SQL 2008 improve the copy time. Admin Tips

By Eric Johnson The Advantage of Application Roles You’ve seen them, but have you really ever used them? Application roles have been around forever, but have There’s no need to turn to third-party tools to keep you really ever implemented them in SQL Server? For your databases as small as possible. Compression is in that matter, do you really know what they are? Here’s a SQL Server 2008 now. quick look.

SQL Server 2008 provides a feature which—in my First let’s look at how application security can be imple- opinion—has been far overdue: backup compression. mented in SQL Server. There’s debate over which model For too long, if you wanted the benefit of compressed is better, and I’m not endorsing any specific one. Regard- backups you had to look to a third-party tool. Now, less of whether you use SQL Server Logins or Windows backup compression is built right into SQL Server Authentication, you still have to decide whether an appli- 2008, and what’s even better is that it’s easy to use. cation will use a single log-in to access SQL Server and all All you have to do is append the WITH COMPRESSION appropriate database objects, or if you will allow users to option to your backup statements and you’re off to have their own log-in. the races. This bit of code will back up the Adventure- Works2008 database using compression: Whichever approach you take, each has its pros and cons. But let’s look at the disadvantage to users having their own log-in. The biggest issue is that each user BACKUP DATABASE AdventureWorks2008 log-in has access to your server and to one or more databases. Does the user need to delete data as part of TO AdWorksBackup his job? If so, that user will have this right whether he WITH COMPRESSION logs in via an application or directly to the server. Often, the application controls what can and can’t be Using compression with SQL Server Management Studio deleted based on a set of business rules; these rules is just as easy. Simply set the compression option on usually don’t exist on SQL Server. In short, if each user the Options page of the Backup Database dialog. has their own log-in, they can access SQL Server directly and potentially cause damage. You may be asking: How effective is this compression? The answer can be tricky because it depends on This brings us to application roles. You create them and the structure of your database and the type of data assign permissions to them just like regular database being stored. When I backed up my copy of the roles, but you can’t put users in them. AdventureWorks2008 database, which is using about Application roles provide the best scenario for applica- 700MB of disk space, I got a 147MB compressed tion and user security. Here’s how they work: You set up backup file. Compare that to the 636MB file I got each user with an account on SQL Server with practically when not using compression. no rights. All they should be able to do is log in to the Here’s what else is cool: You can change the default server and run a system stored procedure called compression behavior of your entire server. On the sp_setapprole. This procedure accepts a couple of Database Settings tab of the Server Properties dialog, parameters, including name and password for the appli- you can select the Compress Backup option. Alterna- cation role. Running sp_setapprole will immediately tively, you can run the following T-SQL code: endow the user with all the permissions that you set up on the application role for the current session only.

EXEC sp_configure 'show advanced options', 1 What does this mean for security? As long as the password for activating the application role is only known to the RECONFIGURE application, your users won’t have any rights when they log EXEC sp_configure 'backup compression default', 1 in to SQL Server directly. In order to have the permissions RECONFIGURE they need, they’ll be required to use the application that knows the password and can unlock the permission for the application role. Now you can have SQL Server manage The first command enables advanced options, and individual log-ins and still have a secure environment that the second will make compression the default for all uses the rules and filters in place within your applications. backups. If you go this route, you won’t have to change a thing about your backup scripts in order to take advantage of compression. Now, just a simple BACKUP DATABASE statement will use compression. To run a Eric Johnson, SQL Server MVP, is the owner of Consortio backup without compression when it’s the server Services LLC, a Colorado-Springs, Colo.-based provider default, simply use the WITH NO COMPRESSION option. of IT systems management and technology consulting. I hope you find this to be a useful feature. It’s great for Johnson is also the president of the Colorado Springs saving disk space and you no longer have to zip backup SQL Server User Group.

42 | March 2009 | Redmond | Redmondmag.com | 0309red_F2SQL37-43.v5 2/9/09 7:50 PM Page 43

switching work, but they basically boil down to the fact that all of the involved tables must be identical in nearly every way. Full-text searching has long been a feature that held a lot of promise but never seemed to get traction. One of the reasons is that it always seemed like an add-in that wasn’t fully implemented. But with SQL Server 2008, full-text search is completely integrated into the database instead of being stored externally. Portions of full-text indexing and The MERGE statement lets you insert, update and delete data in a table with a querying are now integrated into the single statement. query optimizer, so performance is much better, and there are more tools that developers will like, including a or use during the course of a typical to extract useful data from the database. couple that make T-SQL seem more day, but there are a handful of admin- You might want to consider dumping like a “real” programming language. istrative features in SQL Server 2008 all that gnarly T-SQL code you wrote You can now declare and initialize that are useful to developers. over the last decade to give users variables in a single statement. One such feature is partition switching. flexible searches into their data and One of my favorite new T-SQL Developers and admins have long used implement full-text searches instead. features is table-valued parameters table partitions to store subsets of data SQL Server 2008 supports Windows (TVPs). This one feature will single- in various tables, usually for perform- PowerShell, an enhanced, extensible handedly save you from a lot of ugly ance or data-storage reasons. A common scripting shell interface for developers T-SQL code. Have you ever had to scenario is to store each calendar year’s and administrators who love the com- pass several pieces of data as a param- worth of transactions in a separate mand line. SQL Server includes two eter to a stored procedure? Maybe it table and put each of the tables in a PowerShell snap-ins that expose the was a comma-delimited list or some different file group. You can create a hierarchy of database and server other array-like structure. You’d have UNION query to extract and summa- objects as paths (similar to file-system to write some nasty parsing code to rize the data when you need to access paths). On the surface, this sounds a bit split up the values, then probably use a all the data, such as to create a report like an abomination, but it can simplify loop to process the data. SQL Server that spans all time. This works, but it getting around the database object 2005 introduced a table data type, but requires some work to set up and often model. Another snap-in implements a you couldn’t pass it to a procedure. requires modifying code when adding set of PowerShell cmdlets for per- TVPs solve these kinds of problems a new partitioned table when a new forming a variety of actions, such as elegantly by letting you pass—as the year begins. (There are lots of other running sqlcmd scripts. PowerShell’s a name suggests—a table-valued param- ways to do this.) You can use this kind powerful tool, but if you love your mice eter to the procedure or function. of scheme to archive old data while and GUIs, you can opt not to use it. Then, in the body of the procedure, keeping it available for analysis. SQL Server 2008 offers a lot to love you can use the set-based features of With partition switching, you can for a developer. It isn’t a revolutionary SQL to process the data, such as by add a table as a partition to another release, but it has enough great fea- inserting it into a persistent table. table that’s already partitioned, tures to make it a slam-dunk upgrade remove partitioning to create a single as soon as your neighborhood system Administrator Features aggregated table and switch a parti- and database administrator lets you. Help Developers tion from one partitioned table to There’s a ton of new stuff to learn SQL Server 2008 is a server applica- another. You could always set up your in SQL Server 2008, though, so be tion, and most of its features are own scheme to implement these fea- careful to get up to speed on what’s focused on making it robust no matter tures, but in SQL Server 2008 you new and different.— what kind of loads applications throw can perform these tasks using the at it. It’s chock-full of administrative- ALTER TABLE and ALTER PARTI- Don Kiely ([email protected]), support features that make it incredibly TION statements. The data itself is MVP, MSCD, is a senior technology easy to install, manage and secure the not changed or moved. The only consultant. When he isn’t writing database. Usually, there’s a difference thing that changes is the metadata for software, he’s writing about technology, between the features that administra- where it’s stored. There are a slew of speaking about it at conferences and tors and developers are interested in requirements to make partition- training others about it.

| Redmondmag.com | Redmond | March 2009 | 43 0309red_Roboto44.v4 2/9/09 4:18 PM Page 44

Mr. Roboto Automation for the Harried Administrator | by Jeffery Hicks PolyMonRT

r. Roboto is always on the lookout for tools and use. Save your dashboard, and create as many different dashboards as you’d solutions to make your life as a Windows system like. You can have multiple dashboards Madministrator easier. If the solution is inexpensive, running simultaneously. great; if it offers terrific value, so much the better. Given these Powering PowerShell Naturally I like that PolyMonRT sup- criteria, I think you’ll like what I have for you this month. ports PowerShell as a provider. You can take any PowerShell code that returns a Larger organizations, or at least those value that’s long enough so you don’t numeric value—technically a double— with adequate budgets, typically have put an undue load on the server, but and assign it to $PolymonRT.counter: full-blown system-monitoring solu- short enough to provide meaningful $PolyMonRT.counter=((get- tions that come complete with digital data. Now, what to measure? childitem $env:temp -rec | meas- dashboards. With just a glance, these Click the monitoring tab—in my ure-object -sum length).sum/1mb dashboards can tell you what servers opinion, this is the product’s best -as [int]) are running, how well they’re running feature. Then select the drop-down This counter will return the total size and, most importantly, what may not list, and you’ll see options such as of all files in %TEMP% formatted in be running so well. If you have some PerfMon, Ping and, my favorite, megabytes. There’s no PerfMon counter experience with Performance Monitor, PowerShell. Start off easy with that will return this value, but it’s very you may have been able to cobble PerfMon. Enter in the host name for easy using PowerShell. PowerShell something together, but it’s likely lim- the computer you want to monitor. must be installed, but it doesn’t have to ited. Save yourself the effort and Select a performance category, counter be running. download the open source project and instance. PolyMonRT will display PolyMonRT from CodePlex.com help information that explains the Report on the Past (www.codeplex.com/polymonrt). It’s a counters. Click OK when you’re The people behind PolyMonRT also small install that packs a lot of power. finished configuring the monitor. have a solution if you require historical You can install it on your desktop or data collection and trending. This any system that you want to serve as Choose Your Display requires a back-end database like some your monitoring platform. As always, I Some things you monitor may make SQL flavors, but offers many more encourage you to test it out on your more sense displayed as something options. For shops that require historical own computer or in a lab setting other than a chart. PolyMonRt can analysis and forecasting, this open source before fully deploying it in a produc- display information as horizontal or solution is worth checking out. But if tion environment. vertical gauges or dials, or as a cylinder all you need is real-time performance gauge, which is great for showing data monitoring that’s easy to configure and Getting Started such as disk utilization. Select style deploy, then you should be downloading When you first start the program, you from the options menu to change the PolyMonRT now.— will need to create a dashboard. Click format. You may need to adjust proper- the computer monitor icon to create a ties, as well, to suit the new style. Jeffery Hicks ([email protected]), new monitoring chart. The default is a To start the monitor, click the icon in MCSE, MCSA and Microsoft PowerShell graph, referred to as a trace chart. the monitor’s upper left corner. Repeat MVP, is a scripting guru for Sapien Click the gear icon in the chart’s this process for as many monitors as Technologies. He’s a 16-year IT veteran, and corner to edit its properties. Define a necessary. You can resize them and drag has co-authored and authored several books, name for the monitor and how often them around the dashboard. In the courseware and training videos on you want it to update. The default lower right corner, you should see your administrative scripting and automation, update interval is 500 milliseconds, log-on credentials. Click to change the including “WSH and VBScript Core: which I think is rather short. Set a credential you want the dashboard to TFM” (Sapien Press, 2007).

44 | March 2009 | Redmond | Redmondmag.com | Project1 4/10/07 10:01 AM Page 1 0309red_SecAdvisor46.v3 2/9/09 3:59 PM Page 46

SecurityAdvisor by Joern Wettern The Little Things

ith all the buzz about security initiatives and rights. Showpriv lists all users that have new products, it’s easy to overlook some of the been assigned a specific right. Wlittle things that can make all the difference Dealing with Users When administering user accounts, you when it comes to keeping your network secure without having often need to determine when a password expires or the last time a user to work overtime. Among them are many of the utilities in the logged on. Acctinfo.dll adds a new prop- erty page to Active Directory Users and Windows Resource Kit Tools,a collec- what a user’s permission is. Perms lets Computers that displays this and other tion of free Windows utilities from you view a user’s effective permissions helpful user account information, such as Microsoft designed to help IT admins to a file, whether granted explicitly or the last time a password was set. To only perform regular tasks more easily, through a group membership. view whether an account is locked out, including taking care of common Subinacl lets you control permissions use Lockoutstatus to display this infor- security issues. for files, registry keys, services and mation from all domain controllers. You may have already used some of other resources. You can use it to The Resource Kit also contains several these tools, which can help with many simply display permissions or to set, utilities that can help you with certificate tasks from printer administration to replace and even copy permissions for and log-on problems, including Pkiview Active Directory replication trou- multiple objects. You’ll probably never to check the certificate infrastructure bleshooting. Let’s take a look at some use it to its full potential, but it can health. Not able to back up open files of the security-related utilities. make your life easier even if you only because users didn’t log off before change permissions infrequently. leaving the office? Use Winexit,a Files and Permissions Moveuser helps with moving an screen saver that logs off inactive users. My all-time favorite Resource Kit Tools account between domains. Manually utility is Robocopy, short for Robust replacing all permissions involved is Keeping Track Copy. It’s one of the most versatile file- almost impossible, but Moveuser Monitoring security-related events can copying utilities available anywhere. You changes the security settings of the be as important as configuring security. can use it not just to mirror entire direc- user profile so they can be used by the Eventcombmt displays event-log entries tory trees—it recovers when a network new account. from multiple computers in a single list. share is temporarily unavailable—but Viewing permissions on file shares on a For example, it lets you view log-on also preserve NTFS permissions that remote server can be a pain. Srvchk dis- failures on all DCs. Vfi, or Visual File are lost during a normal file copy. In plays all permissions assigned to remote Information, compares files and pin- Windows Vista, Robocopy is even file shares. Ntrights and Showpriv points even minute differences that included in the operating system itself. complete the list of permission-related aren’t obvious. Other utilities included in The Vista version can also maintain the utilities. Ntrights lets you grant or the Resource Kit Tools let you perform encryption of EFS-protected files. revoke user rights; for example, tem- additional security tasks. You can refer Viewing permissions for multiple files porarily letting a user change the page to the included help file for details.— or folders can be tedious. Resource Kit file without assigning administrator Tools utilities let you view and manipu- Joern Wettern ([email protected]), late file permissions more easily. Ph.D., MCSE, MCT, Security+, is the owner Showacls displays all permissions FreeTools of Wettern Network Solutions, a consulting entries for a directory, letting you and training firm. He’s written books and include subdirectories and filter the The Windows Server 2003 Resource developed training courses on a number of Kit Tools, many of which also work output by user or group. Examining the under Windows XP, are available for networking and training topics, in addition to Showacls output sure beats manually free at Microsoft.com/downloads. regularly teaching seminars and speaking at examining multiple files to determine conferences worldwide.

46 | March 2009 | Redmond | Redmondmag.com | 0309red_Index47.v3 2/10/09 2:49 PM Page 47

AdvertisingSales

RedmondResources

AD INDEX Advertiser Page URL Avaya 11 www.avaya.com AvePoint, Inc. 12 www.avepoint.com East SALES STAFF Dell Computer C2-1, 26-27, www.dell.com Tanya Egenolf 36, C4 JD Holzgrefe Advertising Sales Associate Dorian Software 31 www.doriansoft.com Associate Publisher 760-722-5494 phone Eastern Regional Sales Manager 760-722-5495 fax Hewlett Packard 4 www.hp.com 804-752-7800 phone [email protected] Idera 39 www.idera.com 253-595-1976 fax [email protected] Kaseya C3 www.kaseya.com IT CERTIFICATION & Lucid8 9 www.lucid8.com Northwest TRAINING: USA, EUROPE Metalogix Software 14 www.metalogix.com Al Tiano Corporation Bruce Halldorson Advertising Sales Manager Microsoft Corporation 2-3 www.microsoft.com Northwestern 818-734-1520 ext. 190 phone Quest Software 34-35, 41 www.quest.com Regional Sales Manager 818-734-1529 fax Sanbolic Inc. 7 www.sanbolic.com 209-333-2299 phone [email protected] 209-729-5855 fax Sun Microsystems/Avanade 20-21 www.sun.com [email protected] PRODUCTION Sunbelt Software 19 www.sunbelt-software.com The Training Camp 45 www.trainingcamp.com/ So Cal/Central Jenny super Hernandez-Asandas Director, Print Production Western Governors 23, 25 www.wgu.edu/rdm Amy Winchell University So Cal/Central 818-734-1520 ext. 101 phone Regional Sales Manager 818-734-1528 fax 949-265-1566 phone [email protected] [email protected] Jennifer Shepard Production Coordinator EDITORIAL INDEX Danna Vedder 818-734-1520 ext. 112 phone Company Page URL Microsoft Account Manager 818-734-1528 fax Advanced Micro Devices Inc. 33 www.amd.com [email protected] 253-514-8015 phone Amazon.com Inc. 48 www.amazon.com 775-514-0350 fax [email protected] Apple Inc. 15, 48 www.apple.com Cisco Systems Inc. 30 www.cisco.com Citrix Systems Inc. 17 www.citrix.com (U.S. funds); International $64.95 (U.S. CORPORATE ADDRESS Dell Inc. 33 www.dell.com 1105 Media, Inc. funds). Subscription inquiries, back issue 9121 Oakdale Ave. Ste 101 requests, and address changes: Mail to: Google Inc. 30 www.google.com Chatsworth, CA 91311 Redmond, P.O. Box 2063, Skokie, IL www.1105media.com 60076-9699, email [email protected] Hewlett-Packard Co. 30 www.hp.com or call (866) 293-3194 for U.S. & Canada; IBM Corp. 30 www.ibm.com MEDIA KITS: Direct your Media Kit (847) 763-9560 for International, fax requests to Matt Morollo, VP, Publishing, (847) 763-9564. POSTMASTER: Send Intel Corp. 30 www.intel.com 508-532-1418 (phone), 508-875-6622 address changes to Redmond, P.O. Box (fax), [email protected] 2063, Skokie, IL 60076-9699. Canada McAfee Inc. 30 www.mcafee.com Publications Mail Agreement No: Oracle Corp. 13 www.oracle.com REPRINTS: For single article reprints (in 40612608. Return Undeliverable Canadian minimum quantities of 250-500), e-prints, Addresses to Circulation Dept. or Quest Software Inc. 17 www.quest.com plaques and posters contact: Bleuchip International, P.O. Box 25542, PARS International London, ON N6C 6B2. Red Gate Software Ltd. 40 www.red-gate.com Phone: 212-221-9595 E-mail: [email protected] © Copyright 2009 by 1105 Media, Inc. All SAP AG 13 www.sap.com www.magreprints.com/QuickQuote.asp rights reserved. Printed in the U.S.A. Symantec Corp. 30 www.symantec.com Reproductions in whole or part prohibited LIST RENTAL: This publication’s sub- except by written permission. Mail The Mozilla Foundation 16, 30 www.mozilla.org scriber list, as well as other lists from 1105 requests to “Permissions Editor,” c/o Media, Inc., is available for rental. For REDMOND, 16261 Laguna Canyon Road, Verizon 30 www22.verizon.com Ste. 130, Irvine, CA 92618. more information, please contact our list VMware Inc. 30, 22, 24 www.vmware.com manager, Merit Direct. Phone: 914-368- 1000; E-mail: [email protected]; The information in this magazine has not Web: www.meritdirect.com/1105 undergone any formal testing by 1105 Media, Inc. and is distributed without any Redmond (ISSN 1553-7560) is published warranty expressed or implied. Implemen- monthly by 1105 Media, Inc., 9121 Oakdale tation or use of any information contained Avenue, Ste. 101, Chatsworth, CA 91311. herein is the reader’s sole responsibility. Periodicals postage paid at Chatsworth, While the information has been reviewed CA 91311-9998, and at additional mailing for accuracy, there is no guarantee that the offices. Complimentary subscriptions are same or similar results may be achieved in sent to qualifying subscribers. Annual all environments. Technical inaccuracies subscription rates for non-qualified sub- may result from printing errors and/or new scribers are: U.S. $39.95; Canada $54.95 developments in the industry. This index is provided as a service. The publisher assumes no liability for errors or omissions.

| Redmondmag.com | Redmond | March 2009 | 47 0309red_Foley48.v3 2/9/09 3:42 PM Page 48

FoleyOnMicrosoft by Mary Jo Foley

Getting Touchy About Touch

henever I’m critical of some new technology— village to create the Office 2007 ribbon (which, in spite of Redmond’s data to such as multitouch PCs, pervasive-presence the contrary, still seems to be almost as functionality or speech input—I invariably get hated as Microsoft Bob by users with W whom I talk)? Is the Windows 7 letters calling for my immediate resignation. You know, Superbar truly an advance over the tried-and-true Windows XP user comments such as, “Ms. Foley is a dinosaur, a fossil, a relic,” interface, or is it just Microsoft’s and other words I never read in the Bible. attempt to ape the Apple OS X dock? While I’m a fan of some of the new features in Internet Explorer 8 (hooray Look, I’ll admit it: I’m a Luddite time someone showed me how to sub- for the “InPrivate” porn mode!), Web when it comes to some technology scribe to an RSS feed. From the get-go, slices and accelerators seem more like “advances.” I still don’t think Tablet I could see how RSS would make my distractions than time-savers. PCs are going to be the form factor of life easier and help save me time and Microsoft Researcher Bill Buxton the future. To me, Surface tabletops effort. I had the same feelings when I is one of the unabashed believers in offer too much complexity for too little added value. And do I really need Just because the touch-centric desk in “Minority Report” looked cool to stream TV shows to my bedroom, bathroom, cell phone and car? doesn’t mean that everyone wants or needs to use their hands to If a company delivers something that manipulate documents on a pricey Windows 7 touch-enabled PC. makes me more organized and productive without subjecting me to a prohibitive learning curve, I’m all over saw e-book reading software for the pushing the user-experience envelope, it. But just because the touch-centric first time. I wasn’t a Kindle early as well as a big backer of touch tech- desk in “Minority Report” looked cool adopter, but I’m definitely a potential nology. But even in his bullishness, doesn’t mean that everyone wants or customer for Kindle 2.0 or some kind Buxton also is a realist: “My general needs to use their hands to manipulate of book-reading software that works rule is that everything is best for some- documents on a pricey Windows 7 with a mobile device. And netbooks? thing and the worst for something touch-enabled PC. For me, a stripped-down, lightweight, else,” he wrote in a Web post last year. My attitude seems heretical to many cheap PC—not a cell phone—is what I If Microsoft developers would step in the inner circles of Microsoft. want to use for browsing the Web and back and realize that an hour’s worth Microsoft is a company hell-bent on keeping up with e-mail on the run. of additional battery life may not be as proving that it’s innovative. Its officials Microsoft execs are fond of playing glitzy as a touchscreen PC, yet would almost never pass up an opportunity to up all the telemetry data, focus groups, significantly improve more people’s talk about the billions of dollars anthropological studies and other user computing experiences, Redmond’s they’re sinking into R&D, the myriad feedback the company employs to innovations might seem a lot more projects the company is tinkering with develop new products and services. I’m innovative to the general population.— in its assortment of incubators and not convinced. Did it really take a labs, and how many patent applica- Mary Jo Foley ([email protected]) tions its employees are filing. is editor of the ZDNet “All About There’s no question that a tech com- GetMoreOnline Microsoft” blog and has been covering pany must innovate to stay relevant. Microsoft for about two decades. She has a Visit Redmondmag.com for more And there are more than a few innova- new book out, “Microsoft 2.0” (John Wiley on touch technology and other tions I’ve seen in recent years that I’ve innovations. FindIT code: Foley 0309 & Sons, 2008), which looks at what’s next found compelling. I remember the first for Microsoft in the post-Gates era.

48 | March 2009 | Redmond | Redmondmag.com | Project1 2/9/09 11:44 AM Page 1

We’ll Free You From The Tedious IT Tasks. YouWorkOnYour Mid-Field Defense.

Want to automate your day-to-day enterprise IT tasks? Get Kaseya. It’s like having hundreds of brilliant new service techs who never need to sleep, go to lunch or get paid. Kaseya provides a unified set of tools that proactively monitor, manage and control IT assets remotely, easily and efficiently. You can host Kaseya on your server or we can host it for you. We can also staff and deliver your NOC and monitoring services. Provision your IT Department with Kaseya and enjoy the freedom to pursue more strategic (or sporting) projects. TryitFREEfor30days.

©2009 Kaseya. All rights reserved. Kaseya and the Kaseya logo are either registered trademark or trademarks (888)530-9677 • www.kaseya.com of Kaseya International Limited in the United States and/or other countries worldwide. Project2 2/5/09 10:22 AM Page 1

;/F7;7H3 G=C@3@7A3 2/B/0/A3 7

µBVS`SO`SaSdS`OZTSObc`SaW\A?:AS`dS` &bVOb^`]dWRS Ob`S[S\R]ca`Sbc`\]\W\dSab[S\b4]`SfO[^ZSRObOPOaS Q][^`SaaW]\O\RPOQYc^Q][^`SaaW]\

ESRSbS`[W\SRbVObeSe]cZRaOdSPSbeSS\ #9O\R#9 W\bVS¿àbgSOÒZ]\SO\RW\Q`SOaW\UZgaOdS[]\SgU]W\U T]èO`RXcabPSQOcaS]TbVSRSQ`SOaSW\RWaYaÔQS\SSRSR¶

³2OdWR>A[WbV1VWSTBSQV\]Z]Ug=T¿QS`AS`dWQSC

;/F7;7H3@=7/B23::1=;A?: