Archive

Archive for the ‘Tech Tip Tuesday’ Category

Exchange 2010 Checklist

When upgrading your Exchange server to 2010, here is a list of things you should review before moving forward:

1. Clean up old mailboxes: Backup and remove old/Stale mailboxes from exchange 2003 system
2. Clean up mailboxes: Remove deleted items, Purge junk mail folders
3. Identify any archive PST files that users may have on their local systems and move and label them to a central location on the server if they wish for them to be imported into the existing system
4. Identify All domains to be accepted by the mail server
5. Identify need for Active sync. Active sync policies need to be identified and new policies need to be distributed to end users.
6. Mailbox quotas need to be identified
7. Identify retention policies
8. Identify need for any devices that need to relay email to the mail server
9. Spam Rules need to be identified
10. Verify all clients are using outlook 2003 or greater
11. Best practices needs to be run against the server and any issues identified and resolved.
12. Identify certificate information. Unified communications certificate needs to be purchased based on machine name, public name of server, Normal certificate will hold 5 FQDN names unless the internal domain is the same as the external domain.
13. New 2008 x64 server needs be spun up in virtual environment partitioned off so that information store and log files can be stored on their own server.
14. Exchange needs to be installed and configured on server
15. Smart hosts need to be configured if used
16. Configure retention policy
17. Configured email policy
18. Configure any relay’s needed on the network
19. Database and log files need to be moved to appropriate locations on the server
20. Firewall rules need to be implemented to allow port 25 traffic to the server or another port if so indicated in requirements.
21. Connector needs to be built to communicate between the 2003 and 2010 exchange servers
22. Test of migration of one mailbox and verify mail flow between the servers and the outside
23. Schedule move of mailboxes to new server
24. Import PSTs as needed
25. Configure Relays for devices
26. Public folder replication needs be setup and moved to the new server
27. Complete testing
28. Setup external url information in 2003 access to web is via https://FQDN/exchange and in 2010 it is https://FQDn/owa if the client would like to keep /exchange a redirect needs to be configured.
29. Anti virus needs be setup on the exchange server
30. Backups of the server need to be configured, tested and verified
31. Test of active sync and active sync rules
32. Test of all secure certificates
33. Verify all clients connect smoothly to the new server using Auto Discover.

Advertisements

Blackberry Recap

Back in 2010 I posted an article titled Droid Doesn’t in reference to the comparisons between Droid phones and the longstanding enterprise market leader, Blackberry. But if you have been following tech news lately, you will see that the RIM platform is slipping terribly compared to Apple’s iPhone and Google’s Andriod Platform.

I have been a long advocate for Blackberry because of the product was built from the ground up to be both a solid mobile phone, and an enterprise class messaging device. In many ways it is still a far superior product with regards to solid phone performance, and enterprise class messaging device, which includes excellent and consistent manageability, and secure messaging abilities.

However in the consumer driven markets, and the ever slow slippery slope of Bring Your Own Device to work policies, we have seen an in rush of competing products.

Products from Apple and Google are not built from a phone company with light computing power; but rather full on computer companies making mini-computers with phone functionally. Due to their experience as a computer company, they have brought to market excellent devices which server a significantly larger dual-purpose of phone and mobile computer. And the platform which Blackberry was built wasn’t computer friendly enough.

In the early years of 2009-2010 when iPhone and Andriod was introduced into the marketplace, it was easy for large enterprises to turn their noses up at those products for the lack of enterprise features and manageability. However in the years since, Microsoft Exchange with Active Sync, along with better active sync support from Google and Andriod, have brought these devices much closer to the standards we expect from an enterprise mobile device, offering security, and policy based control – perhaps best of all, remote wiping.

So today, with many of the reasons to reject the iPhone and Android products gone, these competing phone products are now on a more level playing field. However, that only applies to the enterprise and IT end of the equation. From the end-user prospective, the Blackberry is still a clunky, aged style device. Where the new devices, are more appealing, with thousands of more applications and are more social.

Unfortunately it appears that unless Research In Motion, the makers of Blackberry comes around quickly to adapt, they will disappear very soon. Their last attempts to change from their proprietary OS to the Andriod derived OS doesn’t appear to be working well enough to make them a market leader.

Having “Good Time”

No, that’s not bad grammar… It is just a reminder that it is important for all windows systems to have “good time” and all be pulling from an accurate time source. In Active Directory based networks it is critical that all of your systems be no greater than 5 minutes apart from each other. Without this, it can lead to sporadic issues with users being unable to connect to resources on the network.

The best way to configure this for our clients is for the domain controllers to be pulling time from a reliable time source (such as pool.ntp.org) and then for domain servers and workstations to pull from the domain controllers.

Offline NT Password & Registry Editor

What is it?

  • This is a utility to reset the password of any user that has a valid (local) account on your Windows NT/2k/XP/Vista/Win7 etc system.
  • You do not need to know the old password to set a new one.
  • It works offline, that is, you have to shutdown your computer and boot off a floppydisk or CD or another system.
  • Will detect and offer to unlock locked or disabled out user accounts!
  • There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.
  •  

Read more…

VoIP System Design Considerations

When installing and configuring the VoIP System, it is necessary to analyze and meet some design considerations to ensure the best quality and user experience. The design considerations cover available bandwidth and quality of service.

Bandwidth Requirements and Call Capacity

The available connection bandwidth determines the maximum number of simultaneous calls that the system can support with the appropriate audio quality. Before installing and configuring the LVS components, use this information to determine the maximum number of simultaneous VoIP connections that the system can support. For asymmetric connections, such as ADSL, the maximum number of calls is determined by the upstream bandwidth.

For more information about bandwidth calculation, refer to the following web sites:

Wide Area Network (WAN) Quality of Service (QoS)

You can choose from several types of broadband access technologies to provide symmetric or asymmetric connectivity to a small business. These technologies vary on the available bandwidth and on the quality of service. It is generally recommended that you use broadband access with a Service Level Agreement that provides quality of service. If there is not a Service Level Agreement with regard to the broadband connection quality of service, the downstream audio quality may be affected negatively under heavy load conditions (bandwidth utilization beyond 80%). To eliminate or minimize this effect, Linksys recommends one of the following actions:

  • For broadband connections with a bandwidth lower than 2 Mbps, perform the call capacity

calculations by assuming a bandwidth value of 50% of the existing broadband bandwidth. For example, in the case of a 2 Mbps broadband connection, assume 1 Mbps. Limit the uplink bandwidth in the Integrated Access Device to this value. This setting helps to maintain the utilization levels below 60%, thus reducing jitter and packet loss.

  • Use an additional broadband connection for voice services only. A separate connection is required

when the broadband connection services do not offer quality of service and when it is not possible to apply the above mentioned utilization mechanism.

Wave Embassy Security : Remove all users / enrolled fingerprints

This recipe explains how to remove and delete all enrolled users and fingerprints in Wave’s Embassy Security Suite. This is very handy if you, like me, had enrolled fingerprints/users but then did a clean install of an OS without deleting the enrolled fingerprints/users. Usually you will get an error saying that the fingerprint is already enrolled but none show in the security center.

I had upgraded my XP Prof installation to Vista by doing a clean install. However, after reinstalling the Embassy Security suite i was unable to re-enroll my fingerprints. It appeared that the TPM/Biometric scanner thought my prints were already enrolled. This recipe will show how to reset all the users and prints.

1. Open windows explorer and go to the C:

2. Then go to Program Files > Wave Systems Corp > Dell Preboot Manager

3. Double-click on the deleteusers.exe

4. This will bring up a command window and a prompt asking if you want to delete all enrolled users. Choose Yes.

5. The command box window will run and then show “users deleted”

6. You should now be able to re-enroll your fingerprint.

This was tested on a Dell D620 and D430 laptops w/Wave Embassy Security.

Echo Elimination & DTMF Problems

The easiest echo to fix is:

  1. Echo that you or the person at the other end of the call always hears on a VoIP phone system when you’re talking on an analog line or trunk
  2. Echo that you or the person at the other end of the call always hears on a regular phone system connected to a VoIP phone line (adapter), and where you don’t hear the echo when you connect your butt-set directly on the line (with the phone system disconnected). Read more…