Virtual Network Service Endpoints

Another new announced feature at Ignite was Virtual Network Service Endpoints.

Now I actually saw this turn up in the portal about a w eek ago and wasn’t quite sure what the feature was until now.

Basically this a very simple and very useful feature. up until now services such as Azure storage and Azure SQL have been public facing services. You would connect to these services over a public IP address and secure access either using a firewall or security token. Now I’ve had quite a few customers who were not happy using a public facing service. The new service endpoints allows you to connect your VNet address space to Azure services, and you can restrict access to the services to be from your VNet only.

Allowing you to secure access to Azure resources from your VNet only. The service currently supports Azure Storage & Azure SQL with more services coming in the future.



Linux Integration Services 4.0.11 released for Hyper-V

Microsoft just released and update for Linux integration tools.
The new integration tools are available for download here

The integration tools allow running of the supported Linux distributions on the following platforms:

  • Windows Server 2008 R2 (applicable editions)
  • Microsoft Hyper-V Server 2008 R2
  • Windows 8 Pro, 8.1 Pro, 10 and 10 Pro
  • Windows Server 2012 and 2012 R2
  • Microsoft Hyper-V Server 2012 and 2012 R2
  • Windows Server Technical Preview
  • Microsoft Hyper-V Server Technical Preview
  • Microsoft Azure

The new integration tools add support for the following Linux releases:

  • Red Hat Enterprise Linux 5.5-5.11 32-bit, 32-bit PAE, and 64-bit
  • Red Hat Enterprise Linux 6.0-6.7 32-bit and 64-bit
  • Red Hat Enterprise Linux 7.0-7.1 64-bit
  • CentOS 5.5-5.11 32-bit, 32-bit PAE, and 64-bit
  • CentOS 6.0-6.7 32-bit and 64-bit
  • CentOS 7.0-7.1 64-bit
  • Oracle Linux 6.4-6.7 with Red Hat Compatible Kernel 32-bit and 64-bit
  • Oracle Linux 7.0-7.1 with Red Hat Compatible Kernel 64-bit

Also remember that many Linux distributions already have Integration tools included with them and there is no need for a separate install.
You can find the list of supported Linux versions over here.

New De-Dupe features coming to Windows 2016

In its current beta Windows 2016 offers new Dew-Dupe features and rumors say that more are to come.

What we currently know is the following:

1. Volume size of up to 64 TB will be supported.

In Windows 2016 the recommended limit was 10 TB mainly due to processing rates. The new De-Dupe has a new engine with multiple threads supported to improve performance.

2. File sizes up to 1 TB are good.

Although supported in Windows 2012, again not recommended because of performance issues. In Windows 2016 1TB file sizes are good to go (DE-Dupe).

3. New type of DE-Dupe scenario – Backup.

Windows 2012R2 supported general File Server & virtualization (VDI) De-Dupe.

Not sure exactly what the improvement here is, but we’re promised better performance for De-Duping backup files. Can’t wait to try it out with Veeam.


Next Windows Server to be released in 2016

Been a bit quiet lately, had a personal busy month. Anyway should be back to blogging now.

Anyway wanted to start with a short blog regarding a blog I just saw on Microsoft.

The next version of Windows server (Next) will be postponed to 2016. Many believed that it would be a 2015 release along with Windows 10.
I can’t say that I’m massively surprised. Windows 2012R2 was only released in 2013 and having another major update within 2 years does seem a bit much. This will make it 3 years between releases which is more acceptable in the IT industry.
Can’t say that I wasn’t looking forward to new features, especially the new hyper-v features and more importantly the new and improved web application proxy.
But lets hope that this 2016 release will help companies adopt and promise us a stable release.


Windows Server Technical Preview – What I’m looking forward to

With the new Windows Server Technical Preview released there are a number of new features regarding Hyper-V that I am particularly excited about.

The number one feature that I’m happy about is the Rolling Cluster upgrade.
Finally we can perform zero downtime upgrades to our Hyper-V Clusters. Basically a rolling upgrade allows us to add a new Windows server technical preview hyper-V node to an existing Windows 2012R2 Hyper-V Cluster.
We can the then live migrate the VM’s to the new node and remove/format the old windows 2012R2 nodes. Very cool and about time.

The Second great feature is Storage Replica.

Now this is not strictly a Hyper-V feature but comes as great use for Hyper-V. storage Replica allows block-level, synchronous replication between servers for disaster recovery and this in turn will allow the creation of a stretched cluster for high availability. So just think you can now stretch your Hyper-V Cluster between two locations (providing you have a gigabit connection between the two sites) with a dedicated set of data in each location. Just then of The DR/HA Scenarios possible using out of the box technology.

My third favorites is the new checkpoint mechanism in Hyper-V. Basically making checkpoints VSS aware to allow for a totally supported recovery of A VM using built-in Hyper-V Checkpoints.

This is of course all tip of the iceberg stuff, but defiantly some great improvements worth waiting for.

Exchange 2013 SP1 – MAPI over HTTP

In my previous post I talked about creating a DAG without an AAP.

In this post I want to talk about another new feature in Exchange 2013 Sp1 know as MAPI over HTTP.

All Previous version of Exchange communicated with outlook clients using the RPC Protocol. Since Exchange 2003 there has been a second protocol available to connect to the server –  RPC over http also know as outlook anywhere. This option was mainly used for secure external access (Outlook clients that are outside of the exchange network) to the Exchange server.
Exchange 2013 used this protocol (Outlook Anywhere) for all communications both internal and external.

Now with SP1 a new communication protocol has been added – MAPI over HTTP.
The benefits of using MAPI over HTTP are:

  • Provides faster reconnection times after a communications break because only TCP connections—not RPC connections—need to be rebuilt. Examples of a communication break include:
    • Device hibernation
    • Changing from a wired network to a wireless or cellular network
  • Offers a session context that is not dependent on the connection. The server maintains the session context for a configurable period of time—even if the user changes networks.

First thing to mention is that MAPI over HTTP is only supported for outlook 2013 Sp1 clients. All previous clients will continue to use RPC over HTTP/Outlook Anywhere.
The second thing is that MAPI over HTTP is not enabled by default.

To enable MAPI over HTTP you need to complete the following steps:

1. Virtual directory configuration – By default, Exchange 2013 SP1 creates a virtual directory for MAPI over HTTP. You use the Set-MapiVirtualDirectory cmdlet to configure the virtual directory. You must configure an internal URL, an external URL, or both.

For example, to configure the default MAPI virtual directory on the local Exchange server by setting the internal URL value to, and the authentication method to Negotiate, run the following command:

Set-MapiVirtualDirectory -Identity "Contoso\mapi (Default Web Site)" -InternalUrl -IISAuthenticationMethods Negotiate

2. Certificate configuration – The digital certificate used by your Exchange environment must include the same InternalURL and ExternalURL values that are defined on the MAPI virtual directory.  As always make sure the Exchange certificate is trusted on the Outlook client workstation and that there are no certificate errors, especially when you access the URLs configured on the MAPI virtual directory.

3. Update server rules – Verify that your load balancers, reverse proxies, and firewalls are configured to allow access to the MAPI over HTTP virtual directory.

4. Enable MAPI over HTTP in your Exchange Organization -Run the following command:

Set-OrganizationConfig -MapiHttpEnabled $true

Caution: Do not enable Mapi Overt Http if you are still migrating from Exchange 2007/2010. 
Doing so may cause outlook 2013 SP1 client to lose connectivity to public folders.

No you can’t install Remote Desktop Services on a windows 2012 Domain Controller

I had a customer call me today saying that he had set up a small test environment and that his installation of Remote Desktop services was failing. Upon investigation it turned out that he was trying to install the remote desktop services on a Domain Controller. This has never been a good idea because a domain controller is not the server that you want to have users crawling around on and Domain Controllers don’t have local groups so your going to have to provision everything using Active Directory buitlin groups.

Anyway since the release of Windows 2012 you can not deploy Remote Desktop services with out a connection broker. Yes even if you only have a single Remote Desktop host you still need a broker. And the broker can not be installed on a domain controller.
So sure you could install the broker on a separate server and the Remote Desktop host on the Domain controller but if you have a second server your better off deploying the remote desktop host in that server.

Anyway I’m going to be offline for the next week or so. Hope you don’t get bored with out me 🙂