Dear Enda,

I was away all last week in Barcelona at my first Tech Ed, and although PDC slightly stole its thunder the previous week with some major headlines around Windows 7 and Windows Azure, I was still very impressed by the Tech Ed experience! Before I give you the run-down on what went on in Barcelona, I first want to do a quick recap on the unveiling of Windows Azure and showcasing of a Pre-Beta Release of windows 7.

1. Windows 7 was announced as the formal name of the next Microsoft Client Operating System. See a blog post on why it's called Windows 7.
2. Azure Services Platform and Windows Azure, offering unprecedented power of choice and open connections for developers.

So what are the key things in the many announcements surrounding Windows 7 Client and Windows Server 2008 R2 that are interesting for IT pros? Here is a view on the top 5:

1. Introduction of DirectAccess, a capability that allows IT to manage and update internet-connected remote PCs, even when they are off the corporate network.
2. There is a new Powershell v2 and its graphical editor helps to automate repetitive tasks with minimal scripting expertise required.
3. You have probably heard about BitLocker, with Windows 7 there will be BitLocker to Go - allowing USBs to be protected.
4. Windows 7 will allow IT to control access by specific users to specific applications.
5. Even more tools to help make deployment easier in your organisations, such as Dynamic Driver provisioning, the Deployment Image Service and Management tool, Multicast Multiple Stream Transfer, and improvements to user state migration.

What about Windows Azure? It has arrived and you may have seen previous stories about codename 'Red dog' but its formal name was announced during last week's PDC.

Moving onto Tech Ed...over 5,000 IT Professionals were at this annual conference, a small portion of whom were Irish! The keynote delivered by Brad Anderson, focused on the key to a 'Dynamic Enterprise in Changing Business Conditions', in fact many of the sessions throughout the week touched on Microsoft's Dynamic IT initiative.

Lucky for you if you didn't attend the conference, you can actually catch the highlights on video @ http://www.microsoft.com/emea/teched2008/itpro/. Some of the conference topline announcements worth mentioning are:

. New Windows Server 2008 R2 features: Live Migration; Branch Cache; DirectAccess; and Remote Desktop Services (RDS) - the new name for Terminal Services.
. System Center Operations Manager 2007 R2 beta.
. Integrated Identity and Security Solutions - Identity Lifecycle Manager 2 RC and Intelligent Access Gateway SP2 (including virtualization appliance).
. "Dublin" - codename for a set of extensions to the Windows Server application server. "Dublin" will be delivered as a separate out-of-band release, downloadable for use by Windows Server customers; the first Customer Technology Preview (CTP) was delivered at last week's Microsoft Professional Developer's Conference in October 2008.

My personal highlights were any of the sessions delivered by Mark Minasi (mostly Vista sessions) or Mark Russinovich - watch out for the session entitled 'The Case of the Unexplained'. These guys were brilliant presenters and actually managed to entertain as well as teach! I also hear Steve Riley's sessions earlier in the week were amazing. Again, check out the video highlights @ http://www.microsoft.com/emea/teched2008/itpro/

Finally, beyond all the news from the two conferences, this month I am running with a 'Security' theme in the newsletter. As part of this, I have an interesting feature article this week on Audit Collection Services, written by Senior Microsoft Consultant, Sean Rooney. Keep on reading also for news of the 'Get Secure Now' seminar and keep an eye on http://www.microsoft.com/ireland/connect/ for more local Microsoft 'Security' stories and resources, including local case studies and 'ask the expert'.

Thanks for reading!

Enda Flynn
TechNet Manager
Microsoft Ireland

'Get Secure Now' Seminar

December 2008, Dublin - Register Here

Come and hear from Microsoft's EMEA Security Manager and other customers about how you can improve your security strategy and make cost savings. You can also sign up for a Free Security Assessment!

Who Should Attend: The seminar is primarily intended for technical decision makers including: CIO's, IT Directors and IT Managers


Microsoft Unified Communications & Collaboration Seminars
20 November 2008, Belfast: 21st Century Communications and Collaboration Register here.


Who Should Attend: The seminar is primarily intended for technical decision makers including: CIO's, IT Directors and IT Managers


Microsoft Licensing Clinics
Due to the continuing complexity of product licensing, Microsoft is offering Licensing Clinics to help you get to grips with the fundamentals. These clinics outline all the licensing options available to you and the best solutions for your company. A brief presentation is followed by a Q&A session. These morning sessions will be kept to a small number to encourage discussion The clinic will give a high-level overview on the following areas:

The various licensing programmes
How products are licensed
Software Assurance
Online licensing management tools
Overview on licensing virtual machines

The morning session is being held in Microsoft Ireland's atrium building in Sandyford Industrial Estate, on the 16th December (register here).


Microsoft Consultancy Services Presents: Microsoft Virtualisation Technology Day
Microsoft Premier Support are delighted to announce a 1 Day Technology Event focused on the Microsoft Virtualisation product stack.

This event is aimed at providing skills to deploy and administer a Virtualised Data Centre, using Microsoft Server Virtualisation products and System Centre Virtual Machine Manager 2008.

It will be delivered by experienced engineers and consultants, all whom have worked with Virtualisation in the field. Expect lots of demo's, notes from the field and an opportunity to speak to and share experiences with the team who have been designing, implementing and supporting these Technologies!

There are a limited few number of places remaining for a delivery of this seminar in December, however there is another date scheduled for February. Please register your interest by emailing trcunnin@microsoft.com with the subject line 'Microsoft Virtualisation Technology Day'

SharePoint User Group Launching in Ireland!
Once again, just a reminder that: SharePoint MVP, Stephen Cummins is going to head up the Irish SharePoint User Group, which is due to have its inaugural meeting on the evening November 17th! Stephen is actually going to be the first speaker too - the opening topic is Planning and setting up your first MOSS farm: Hardware, Software, Licences, Capacity and Availability. Please see http://www.sugie.org/ for full details of meeting.

SQL User Group
Kimberly Trip is returning to Ireland on December 4th to speak in the Auditorium in the Atrium at 18:00. I have no details on the presentation yet. However, you can still register at http://sql.mtug.ie/Events/EventInfo.aspx?ID=166a7fcc-6003-4980-aaa0-efe7641875f3. As you know, Kimberly is considered to be the #1 speaker in SQL Server today.

Watch this space in future editions for news of forthcoming User Group meetings...additional local User Groups are planned to launch in the coming months too!

MS PRESS BOOK OF THE FORTNIGHT

IT Professional Training at reduced rates - places still available!

17/11/2008, Dublin (New Horizons): Microsoft Dynamics CRM 4.0 Applications
2 days, 267 euro. Register Your Interest Here

17/11/2008, Cork (PFH): SQL Server 2008 Implementation and Maintenance
5 days, 1,000 euro. Register Your Interest Here

19/11/2008, Belfast (New Horizons): Implementing and Administering Windows® Small Business Server 2008
3 days, 400 euro. Register Your Interest Here

19/11/2008, Dublin (New Horizons): Customization and Configuration in Microsoft Dynamics CRM 4.0
2 days, 267 euro. Register Your Interest Here

21/11/2008, Dublin (New Horizons): Installation and Deployment in Microsoft Dynamics CRM 4.0
1 day, 133 euro. Register Your Interest Here

24/11/2008, Belfast (BT): Microsoft Windows Server 2008 Hyper-V Virtualization in Depth
3 days, 400 euro. Register Your Interest Here

24/11/2008, Cork (PFH): Implementing and Administering Windows® Small Business Server 2008
3 days, 600 euro. Register Your Interest Here

01/12/2008, Belfast (BT): Implementing and Maintaining Microsoft SQL Server 2008 Reporting Services
3 days, 400 euro. Register Your Interest Here

02/12/2008, Cork (PFH): Advanced SharePoint Development
4 days, 799 euro. Register Your Interest Here

08/12/2008, Galway (New Horizons): Updating Your Skills from Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003 to Microsoft Exchange Server 2007.
3 days, 400 euro. Register Your Interest Here

08/12/2008, Dublin (New Horizons): Visual Studio 2008: Windows Presentation Foundation
3 days, 400 euro. Register Your Interest Here

15/12/2008, Dublin (Global Knowledge): Managing System Center Operations Manager 2007
3 days, 400 euro. Register Your Interest Here

15/12/2008 Dublin (New Horizons): Developing Web Applications Using Microsoft Visual Studio 2008
4 days, 533 euro. Register Your Interest Here

Security: Audit Collection Services
Author: Sean Rooney, Sean Rooney is as an Architecture and Planning advisor and has worked for Microsoft Consultancy Services for 2.5 years. His role, specifically, is helping customers to realise maximum value from their investment in Microsoft technology.

Hi I'd like to highlight a "hidden" feature of System Center Operations Manager (SCOM) that you might not have been aware of, but which could solve a problem for you and maybe even save some time and money.

In a discussion with a customer recently it came up that they were looking for ways to audit the activity taking place on their servers and workstations. They were in the process of deploying System Center Operations Manager and had been unaware of the facilities within the product that could help them and maybe even save some money.

Audit Collection Services (ACS) is a feature of the System Center Operations Manager product set. Each time you install an agent you actually install ACS too, but for various reasons it is disabled on install and will only start if enabled by the system administrator. Some administrators are unaware that it actually exists.



We began discussions with the customer to see if the ACS functionality mapped to their requirements:

1. Regulatory compliance - As a government department they were mandated to hold security logs for 6 months. ACS was a perfect fit for this. It monitors the security log on specific servers and send new entries to a backend database for reporting and retention.
2. Security Log Integrity - There was a possibility that logs on individual machines could be cleared by administrators in various scenarios. Again ACS met the requirement. The agent takes each log entry and passes it to secure database that normal administrators do not have access to. Even if logs on the individual server are cleared ACS will have a copy.
3. Security Policy enforcement - The department's security policy mandates that key security events must be recorded and reviewed periodically. ACS will take all security events or just a defined subset and store in a database. Out of the box there are various standard reports and there's a report designer option too. But there's also some great partner management packs that complement the in-built functionality.
4. Auditor Admin Separation - The customer wanted to ensure that standard administrators would not have access to the secure database. We were able to demonstrate various ways to configure ACS so that only auditors would have access to the databases:

a. Separate Database from monitoring system
b. Separate Management Servers
c. Separate Reporting Servers
d. Creation of an Audit Domain
e. Use of VPNs
5. Admin Abuse Detection - It's critical that facilities are available to monitor that administrators are using the "least privilege" rule and not tampering in areas that they shouldn't. ACS provided the ability to record actions and monitor key security privileges.

We were sure that ACS was a fit.

The next step was to begin a limited pilot of the functionality. We installed the ACS on a few domain controllers to monitor flows, performance, data sizes etc.

We were able to demonstrate the ease of configuration and management. Basically, you enable the agent on the server; configure it to report to a management server and database. Presto, data begins to flow.

Obviously there's a lot more to consider when deciding to go into full deployment, but what we've been able to demonstrate is that the features of ACS meet their requirements. They have a secure mechanism to ensure that security logs are managed and retained.

Most importantly the customer has been able to really extend the value of their investment in System Center Operations Manager. This had been bought for management and monitoring, but now the customer is going to use it as their compliance and retention solution.

The customer followed best practice in this situation - clearly defined requirements, controlled pilot of the functionality and are now moving towards a formal design. It's been great to see them exploiting their existing investment in SCOM and saving themselves a lot of money in the long run.

I'll finish off now, but I'd encourage you to try out the ACS functionality in your test lab. I know a lot of you are coming under pressure to deploy compliance and retention solutions, so this might fit the bill. If there's good demand or feedback I'll write a more technical article around the design of an ACS system, but for now get tinkering. I've included some links to get you going:

. Audit Collection Services
. How to deploy ACS
. Regulatory Compliance Planning Guide
. Regulatory Compliance TechCenter

How-to Articles

How to Configure Certificate Based Authentication for OWA - Part I

Hotfixes

Description of the Outlook 2007 post-Service Pack 1 hotfix package: September 24, 2008

Stop error message on a Windows Server 2008-based computer that has the Hyper-V role installed: "STOP 0x0000001A"

Knowledge Base Articles

Windows Server System software not supported within a Microsoft Virtual Server environment

Error message when you call the OpenCluster function against a Windows Server 2008 cluster from Windows XP or from Windows Server 2003: "The RPC Server is unavailable"

After a user is deleted from a role in the Authorization Manager in an Active Directory domain environment, the user can still unexpectedly access that role from a Windows Vista-based or Windows Server 2008-based client computer

You cannot perform NetSH commands by using a user account that belongs to the "Network Configuration Operators" security group on a Windows Vista-based computer or on a Windows Server 2008-based computer

See a selection of new Knowledge Base articles on the TechNet website. Knowledge Base articles feature an Article Translations box in the right column. You can select a language from the drop-down list and read the article in the language of your choice.

Also available via RSS