Akron, OH Questions and Answers Windows 2003R2 and Exchange SP2 (1-31-2006)
Good afternoon Akron. Again thank you all for attending the event in Akron. I am glad you enjoyed the event as much as I did, I look forward to the next time I am in town. There were a lot of great question so without any further delay here are the Questions and Answers from the event. As always feel free to comment if I missed any question or if you need additional information, enjoy!
Q: What are the requirements for DFS in Windows 2003 R2?
A: This is a great question I got this week, the main question is: Can Non Windows 2003 R2 systems participate in the new DFS replication model. The answer is a definitive and official yes with a couple of requirements. The servers that will participate in DFS Replication must run Windows Server 2003 SP1 and Windows Server 2003 R2. After you install Windows Server 2003 R2, you must install the DFS Replication Service on each server that will take part in replication, and you must install the DFS Management snap-in on one server to manage replication. Here are some additional requirements:
DFS Replication requirements
Before DFS Replication can be deployed, administrators must configure servers and storage as follows:
· The Active Directory schema must be updated to include the new DFS Replication objects.
· Anti-virus software must be compatible with DFS Replication; contact your anti-virus software vendor to check for compatibility.
· Servers in a replication group must be in the same forest. You cannot enable replication across servers in different forests.
· Replicated folders must be stored on NTFS volumes.
· On server clusters, replicated folders should be located in the local storage of a node because the Distributed File System Replication service is not cluster aware and the service will not fail over to another node.
Important
DFS Replication is not supported for SYSVOL replication in Windows Server 2003 R2. Do not attempt to configure DFS Replication on SYSVOL by disabling FRS and setting up a replication group for SYSVOL. Continue to use FRS for SYSVOL replication on domain controllers running Windows Server 2003 R2. FRS and DFS Replication can co-exist on the same member server or domain controller.
DFS Namespaces requirements
To enable all features in DFS Namespaces, you must configure lab servers and clients as follows:
· Servers where namespace management tasks are performed must run Windows Server 2003 SP1 and Windows Server 2003 R2.
· To take advantage of new namespace features, all servers that host namespaces must run Windows Server 2003 SP1.
· To take advantage of new namespace features, all domain controllers must run Windows Server 2003 with SP1.
· Namespaces must be created on NTFS volumes.
· Clients that access namespaces can run any of the supported client operating systems, but only clients running the following operating systems, service packs, and the appropriate client fail-back hotfix can be configured for client fail back:
· Windows® XP with Service Pack 2 and the Windows XP Client Failback hotfix.
· Windows Server 2003 SP1 and the Windows Server 2003 Client Failback hotfix. (This hotfix does not yet have a release date.)
For a great overview document on more information on DFS take a look at the overview document on the DVD from the event or take a look at this link: https://www.microsoft.com/windowsserver2003/technologies/storage/dfs/default.mspx
Q: Can you set the default printer with a Microsoft Group Policy (GPO)
A: There is no default set Group Policy to accomplish this however, there are a couple of ways to set this. One way is to create a script with the following commands to set the printer, there is some good information here: https://www.servernewsgroups.net/group/microsoft.public.windows.server.active_directory/topic2766.aspx The other way to accomplish is to modify the registry of the system you are working with. Take a look here for the registry locations: https://www.jsifaq.com/SUBB/tip0600/rh0672.htm The great thing about knowing the registry entry is that you can create a custom policy .ADM file to actually accomplish this via group policy. Take a look here on how to create custom .adm files: https://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/management/gp/admtgp.mspx
Q: Is there a remote administration package for Windows XP for Windows 2003 R2?
A: There is still the ability to load the adminpak.msi file on the Windows XP desktop, however I do know for some of the specific like the print management console, it will only work on Windows 2003 R2 servers. On a side note the great thing about the new print management console is that you can use Print Management to monitor printers that are on print servers running Microsoft Windows XP, Microsoft® Windows® 2000 Server, Windows Server 2003, and Windows Server 2003 R2 operating systems.
Q: Can you view Access Based Enumeration with DFS and shares?
A: This is a question based on some of the tools that other operating systems had. Inside Microsoft Windows Technologies, this is look at the, discretionary access control lists DACLS of the files themselves, the only way I have ever processed this information was with some scripts. Please take a look here: https://www.microsoft.com/technet/scriptcenter/scripts/security/dacls/default.mspx This site will show you how to look at this at the file and folder level.
Q: How do you upgrade to Windows 2003 R2?
A: This is a great question and there is a ton of information on the main web site here: https://technet2.microsoft.com/WindowsServer/en/Library/9015ae87-dff0-4291-9079-98a6e8e567b11033.mspx With a Windows Server 2003 R2 license, you can upgrade to Windows Server 2003 R2 if your computer is running one of the following operating systems:
| • | Windows Server 2003 with SP1 |
| • | Windows Server 2003 without SP1 |
| • | Windows 2000 Server |
| • | Windows NT Server 4.0 with Service Pack 5 or later |
| • | Windows NT Server 4.0, Terminal Server Edition, with Service Pack 5 or later |
The process is fairly straight forward for all the OS’s listed. For more detail take a look here: https://technet2.microsoft.com/WindowsServer/en/Library/adbf5608-ef96-40b9-bafc-02bfbeab559f1033.mspx
Q: Can you put a pure Print Server in the new Print Management Console (PMC) in Windows 2003 R2?
A: This question is in relation to the all in one types of printers, where they are their own server as well as printer. Yes you can, just when you add in the server just put in the IP address of the print server. Although I have not tried this, all the docs indicate that you can. So if someone has tried this please comment and I will update the post, my only concern is how the print management will handle the driver for the printer.
Q: What are the requirements for the Windows 2003 R2 file screening technology?
A: This is a great new technology in Windows 2003 R2. It does require the File Server Resource Manager (FSRM). There is some great information for FSRM here: https://technet2.microsoft.com/WindowsServer/en/Library/3cb63d86-964f-45e8-a76f-1bf72676b0751033.mspx
File screening allows you to do the following:
| • | Create file screens to control the types of files that users can save and to send notifications when users attempt to save blocked files. |
| • | Define file screening templates that can be easily applied to new volumes or folders and that can be used across an organization. |
| • | Create file screening exceptions that extend the flexibility of the file screening rules. |
There is one caveat, take a look here: https://blogs.technet.com/matthewms/archive/2006/01/23/417963.aspx
Also you can learn more about specifically file screening technology here: https://technet2.microsoft.com/WindowsServer/en/Library/0b7566a4-ace9-4872-9246-86d26573983a1033.mspx
Q: How do you configure Windows Mobile 5 devices for the direct push technology?
A: I had some great feedback during the session on this particular topic. I know there was some rumors that we were holding the mobility features due to recent lawsuits. I am happy to report that this is not TRUE! I checked with some friends in the product group as well as my good friend Harold Wong. Right now accomplishing a lot of the fantastic things I showed are not quite possible yet. A lot of the device manufactures are in the process of getting the mobile 5 security update tested. The new mobility features require quite a bit of work on the devices and the servers to work. Harold Wong. actually put a FANTASTIC post together on this very topic, please check out his post: https://blogs.technet.com/haroldwong/archive/2006/01/31/418476.aspx. Hopefully this will clear up some confusion. However, there is a device out right now that does have the MSFP bits already incorporated. This device is the Gigabyte g-Smart: https://www.msn.com.tw/3c/windowsmobile/hot/product12/Default.asp. It's a pretty cool device!!!