|
|
Articles
Q. How can I obtain limited-release
hotfixes?
John Savill
A. In some cases, Microsoft doesn’t make a hotfix
widely available because the fix is designed for specific installations
that are experiencing a problem on their systems and isn’t an
across-the-board OS or program fix. For such hotfixes, the update
isn’t available through a link in a Microsoft Help and Support
Knowledge Base article. Instead, you can obtain the fix in one of two
ways: via a form or through Microsoft Support.
If the hotfix is available only from Microsoft Support, you’ll need to
contact Microsoft to obtain the update. If the hotfix is available via
an online form, you can access the form from a link at the top left of
the Knowledge Base article page, as the following screenshot shows.
If you click the View and request hotfix downloads link, you’ll be
taken to the following form, where you select the update you want and
enter your email address and the confirmation code that’s displayed.
After clicking the Request hotfix button, in a couple of minutes you
should receive an email from hotfix@microsoft.com that has a
download location for the hotfix and the password needed to extract the
file.
Q. Why can't multiple nodes access the
same logical unit number (LUN) running NTFS in a Windows cluster, as
they can with VMware ESX Server and VMFS?
John Savill
A. Users of VMware ESX Server are used to formatting
LUNs, which are areas of space on shared storage such as a storage area
network (SAN), with the VMFS file system. VMFS lets multiple nodes
access the same LUN simultaneously. Thus, multiple virtual machines
(VMs) can be running on one LUN, and each VM could be running on
different nodes because the file system is accessible to all nodes at
the same time, as the following diagram shows.
VMFS performs file locking on the disk by locking virtual hard disks
that are in use, to ensure that multiple nodes can’t start the same
VM.
With Windows, the clustering process prevents an NTFS file system from
being accessed by multiple nodes at the same time, by restricting the
disk resource to being online on a single node only. This is known as
the shared-nothing model because any resource can be online on only one
node at any given time. This single-access model avoids possible
corruption to the file system.
Windows doesn’t have a separate cluster file system, which means it
isn’t possible to have a LUN active on multiple nodes in a Windows
cluster. A separate LUN that must be separately movable between nodes is
needed for each unit of a file system, as the following diagram shows.
With a separate LUN for each VM, the flexibility to move each VM
individually is achieved by simply moving the LUN that houses the VM to
another node.
There are third-party file systems, such as the Melio file system (Melio
FS) from Sanbolic, which can be used with a Windows failover cluster and
allows a single LUN to be active on multiple nodes simultaneously. I
discuss Melio FS in more detail in the FAQ,
“Q. What is Melio FS?”
Q. What is Melio FS?
John Savill
A. Melio FS is a cluster file system created by Sanbolic
that allows multiple active connections from Windows failover cluster
member nodes, as the following diagram shows. Melio FS runs on Windows
Server 2003, Windows XP, and Windows 2000, and I’ve run it
successfully on Windows Server 2008.
Melio FS isn’t built on NTFS; rather it’s a complete 64-bit file
system that’s independent of Windows and allows concurrent read/write
to the same volume from multiple nodes. Melio FS takes care of locking,
which can be either file-level or, if the application supports it,
bit-level, such that different parts of a file can be locked by
different applications on different nodes.
Melio FS is completely symmetrical, which means that no host in the
cluster controls the file system, and any node can fail and the
remaining nodes will maintain uninterrupted connectivity. Melio uses the
underlying Windows access control capabilities, so that the same
security permissions are available on Melio as on NTFS. You can find
more information about Melio FS at www.sanbolic.com/melioFS.htm.
Installing Melio FS is simple and consists of a wizard-based install
over a few dialog boxes, with no reboot required. After Melio FS is
installed on all nodes, you can format a shared LUN with Melio FS using
the Melio Format context-menu option in Windows Explorer, as the
following screenshot shows.
Make sure the Melio formatted volume has the same drive letter on all
nodes in the cluster and that shared storage isn’t a storage resource
in a cluster group, since the storage won’t move between nodes because
the storage is always available to all cluster nodes.
Check out this
screencast to see how Melio FS works.
Q. Which file is locked on the file
share witness with a Windows Server 2008 failover
cluster?
John Savill
A. In the event the file share witness is enabling
quorum to be made, the witness.log file is locked by the cluster
computer account. You can see an example of this behavior by running a
net file command on the server that hosts the file share witness for a
cluster, like this:
C:\>net file
ID Path User name # Locks
----------------------------------------------------------------
1677722253 E:\fsw\...\Witness.log savdalclus$ 0
1677722256 E:\fsw\... savdalclus$ 0
The command completed successfully.
Note that if the file share witness isn’t required to make quorum,
then the witness.log file isn’t locked.
Q. How can I enable single sign-on for
my Remote Desktop connections?
John Savill
A. It’s possible to configure your logon credentials
to be sent to a target computer, so that you aren’t prompted for
credentials to use. To do so, you have to configure delegation for your
credentials to be used on specific servers. You wouldn’t want to
enable this for any target as doing so would be an easy way for
computers to harvest credentials.
You can configure this delegation by using either a local computer
policy or Group Policy. Follow these configuration steps for Group
Policy.
1. Open the Group Policy Object (GPO) you’ll enable the setting on.
2. Navigate to Computer Configuration/Administrative
Templates/System/Credential Delegation.
3. Double-click Allow Delegating Default Credentials.
4. Select Enabled and click the Show button.
5. In the Add servers to the list text box, which the following
screenshot shows, enter the server name in the form TERMSRV/server name
(forward slash, not a backslash). You need an entry for each possible
way you might type the server name; for example, you need an entry for
both the fully qualified domain name (FQDN) and the NetBIOS name if you
use both names. If you wanted to enable all Terminal Services servers in
the domain, you can use *.domain—for example, *.savilltech.net.
However, I don’t recommend doing so because of the point raised
earlier regarding possible illegitimate servers harvesting credentials.
Likewise, to allow connection to any Terminal Services server, simply
enter TERMSRV/*. Click Add to add an entry and when done, click OK.
6. Click OK to return to the main policy.
7. Refresh the policy, and the change will take effect immediately.
Events & Resources
Events and Resources
Checklist: Setting Up a Call Center
It has never been easier or more cost effective, to set up call center.
The low-cost, more advanced technologies inherent in VoIP allow you to
better integrate a call center into your phone system and into your
business operations and applications. This checklist walks you through
all the steps of rolling out a call center, from understanding your
business's needs to making improvements post-deployment.
windowsitpro.com/whitepapers/Index.cfm?fuseaction=ShowWP&wpid=7fb3dbf0-ff2f-424d-a14a-307fe63ec8fe&code=091008er
PCI Compliance Made Simple
Retailers, banks, service providers, and credit card companies have
struggled to secure the personal and financial data entrusted to them.
This challenge has resulted in a data security standard called the
Payment Card Industry Data Security Standard (PCI DSS). Although
achieving PCI compliance might seem like an insurmountable task, it is
actually rather well defined and is built on fundamental security best
practices. Download this white paper today to better understand the PCI
DSS and learn how to simplify compliance.
www.windowsitpro.com/Whitepapers/Index.cfm?fuseaction=ShowWP&WPID=cae3c388-ed0a-46b1-8176-65cb5b13f8f2&code=091508er
Is your data still vulnerable even with your tape backups?
In a recent survey it was found that as many as 20% of routine nightly
backups fail to capture all data. This whitepaper explores the high
cost, complexity and potentially dangerous shortcomings of a strategy
based only on tape backup.
windowsitpro.com/Whitepapers/Index.cfm?fuseaction=ShowWP&WPID=1d0c83d9-2344-4934-831d-b029c8920420&code=091008er
Featured White Paper
Mobile Policies – Why They Matter & Best
Practices
Read this white paper to learn the risks of wireless data solutions and
how to control the data contained on the wireless devices and the
networks and applications to which they connect. Are you going mobile?
Make sure you can maintain control, ensure compliance, and prevent
information loss or leakage.
windowsitpro.com/whitepapers/Index.cfm?fuseaction=ShowWP&wpid=e068a5d5-2ebc-4a2c-8227-a2d757e692a0&code=091008er
Announcements
Don't Miss the Mastering SharePoint eLearning
Seminars!
Join MVPs Dan Holme and Michael Noel to learn how to build a better
SharePoint infrastructure and enable powerful collaboration. On October
1, 2008, at 11:00 AM EDT, direct from your computer, these SharePoint
gurus will guide you through three info-packed sessions:
* 21st Century File Sharing: Configuring & Managing Document Libraries
* Building Code-Free SharePoint Applications and Business Intelligence
Lite
* Forms-Based Authentication and Extranet Deployment Options for
SharePoint 2007.
Get all three for only $99! Registration closes September 29, 2008. Sign
up today!
www.windowsitpro.com/elearning/index.cfm?fuseaction=dynamic&v=5144&p=5172&eventid=29&code=UPDATEDONTMISS
Know a Developer?
Pass on the SharePoint Mastery series, built especially for developers,
with speaker and Microsoft MVP Andrew Connell!
www.windowsitpro.com/elearning/index.cfm?fuseaction=dynamic&v=5143&p=5171&eventid=29&code=CrossRefUPDATE
|
|
If you use a product that has made a tremendous impact in your
organization and is a product that you can't live without, tell us about
it at whatshot@windowsitpro.com
and we'll feature your review in a future issue of the magazine, under
the "What's Hot" section.
|
|
