Sam has been working in the IT industry for nearly 20 years now, and is currently working for VMware as a Senior Technical Marketing Manger in the Cloud Management Business Unit (CMBU) focussed on Automation. Previously, he has worked as consultant for VMware PSO, specializing in cloud automation and network virtualization. His technical experience includes design, development and implementation of cloud solutions, network function virtualisation and the software defined datacentre. Sam specialises in automation of network virtualisation for cloud infrastructure, enabling public cloud solutions for service providers and private or hybrid cloud solutions for the enterprise.
Sam holds multiple high level industry certifications, including the VMware Certified Design Expert (VCDX) for Cloud Management and Automation. He is also a proud member of the vExpert community, holding the vExpert accolade from 2013-present, as well as being selected for the vExpert NSX, vExpert VSAN and vExpert Cloud sub-programs.
OTRS is an exceptionally flexible ITIL compliant ticketing/helpdesk solution, which runs beautifully on almost any LAMP (Linux, Apache, MySQL, Perl (yes, I know it’s PHP really;-)) server, but what happens when you work in a Windows-only environment? OTRS does have a Windows installer, but it is somewhat clunky and requires almost as much work to configure as manually installing. Installing as components allows you to upgrade portions of the system and have more granular control over the setup.
It’s a fairly common requirement – setting up a guest WiFi network that is secure from the rest of your LAN. You need a secure WLAN access for the domain laptops which has full access to the Server and Client VLANs, but you also need a guest WLAN for visitors to the office which only allows internet access. Since the budget is limited, this must all be accomplished via a single Access Point – for this article, the access point is a Cisco WAP4410N.
Configuring WSS or SharePoint Services for a small client is a pretty effective way of getting a document management solution for a reasonable cost point. One of the limitations that caused headaches was that it used to have a maximum storage of 4GB, which was the database limit. If you wanted to go larger, you would need either a) multiple SPS installations, b) a full version of SQL server, or c) the full version of MOSS. None of those solutions are particularly cost effective, and for a small company cost is king.
SSTP or SSL VPN connections are great for people working on client sites or behind very restrictive firewalls – they only require HTTPS (port 443) to be open to be able to connect. Unfortunately, you need to be running Windows 7 or Server 2008 (or newer) in order to make use of them. Threat Management Gateway 2010 is one option for an SSL VPN endpoint.
SSTP VPN Requirements
Clients must be Windows 7/Server 2008 or newer
Certificate – either commercial or an internal Certificate Authority
Published CRL – SSTP clients check for the Certificate Revocation List of the CA
If you already have an SSL listener (e.g. for Exchange publishing rules) then you need a dedicated IP address for the SSTP connection
TMG is configured as a “back-firewall” in this environment, with an adaptor in the LAN and one in the Perimeter (DMZ). The DMZ has a NAT relationship to the External public IPs.
Having recently managed several Exchange 2010 migration projects, one of the best new features which really sells it to systems administrators is the Online Archive. “No more managing PST files? When can we have it installed by?”
The problem is, once they’ve purchased licensing for Exchange 2010 and installed and configured the server, migrated the users’ mailboxes and decommissioned the old Exchange 2003 server, the Online Archive feature is not available. The users have been enabled, and as of SP1 we have a separate Archive mailbox database configured on slow (cheap) storage, but the Online Archive is nowhere to be found in Outlook. If the users log on using OWA, lo and behold the Online Archive is available.
While using the New-TestCasConnectivityUser.ps1 script to create a test user for Exchange 2010’s connectivity testing, I ran into an issue:
Oddly enough, that OU does exist (as it will by default on any Windows Domain!) and the password complexity more than satisfied the complexity requirements. The issue is simple enough to fix, I opened the script in notepad and found the line beginning “new-mailbox” – and deleted the parameter “–OrgainisationalUnit:$OrganistationalUnit”. This means the new user defaults to the default OU – Users!
Disclaimer: this post is more for my own recollection than anything else! When it comes to Linux, I’m an amateur and everything I do from the simplest thing upwards is copy-and-paste from much more informed bloggers and websites!
My home server is running Ubuntu Linux 10.10 – access is via an SSH client only. I run an NFS file server for my home network, which stores my Music and Video for the network, and is running an iTunes server. Most of my DVDs have been ripped to high quality MP4 files for viewing on PC, but they aren’t suitable for my iPhone, so I also frequently compress them for viewing on that device.
Recently I installed and configured a client’s new ESXi host, they’re a small company and only require a single host. The host in question was an IBM x3650 M3, an excellent workhorse for virtualisation and one of 5 or 6 of the same model that I’ve installed in the last year. In addition to the onboard Broadcom Dual Gigabit NIC, we always install at least a second Intel PCIx Dual Gigabit card for resilience/redundancy/performance.
If you’ve been here before, you may have noticed a couple of changes – the theme and name of this blog for example, and hopefully you’ve been redirected to a new URL! There are a couple of reasons for the changes, all of which are aimed at increasing the presence and visitor numbers on this site:
Branding. Whether I like it or not, “McGeown” is not easy to spell or remember so I wanted to move away from it as an identity. After some discussion with my friend and creative advisor Matt Hellyer, I picked DefinIT.
I’d like to add some more bloggers to the site – the number of visitors is directly in proportion to the number of posts, and I can’t post as much as I’d like to. I will introduce those bloggers as and when they arrive, but they will be people I know and trust – with real technical expertise. (That said, if you’re reading and are interested in writing for DefinIT, please contact me!)
Eventually I’d like to use McGeown.co.uk for a more personal site, aimed at family and friends. That’s what it was originally aimed at, and hopefully one of these days I’ll get the time.
Feel free to let me know what you think about the new theme, new name and new URL in the comments below. This blog will always be dedicated to providing high quality IT help on a broad range of subjects, as ever, I hope it helps!
OTRS is an exceptionally flexible ITIL compliant ticketing/helpdesk solution, which runs beautifully on almost any LAMP (Linux, Apache, MySQL, Perl (yes, I know it’s PHP really;-)) server, but what happens when you work in a Windows-only environment? OTRS does have a Windows installer, but it is somewhat clunky and requires almost as much work to configure as manually installing. Installing as components allows you to upgrade portions of the system and have more granular control over the setup.
Configuring WSS or SharePoint Services for a small client is a pretty effective way of getting a document management solution for a reasonable cost point. One of the limitations that caused headaches was that it used to have a maximum storage of 4GB, which was the database limit. If you wanted to go larger, you would need either a) multiple SPS installations, b) a full version of SQL server, or c) the full version of MOSS. None of those solutions are particularly cost effective, and for a small company cost is king.
SSTP or SSL VPN connections are great for people working on client sites or behind very restrictive firewalls – they only require HTTPS (port 443) to be open to be able to connect. Unfortunately, you need to be running Windows 7 or Server 2008 (or newer) in order to make use of them. Threat Management Gateway 2010 is one option for an SSL VPN endpoint.
Disclaimer: this post is more for my own recollection than anything else! When it comes to Linux, I’m an amateur and everything I do from the simplest thing upwards is copy-and-paste from much more informed bloggers and websites!
If you’ve been here before, you may have noticed a couple of changes – the theme and name of this blog for example, and hopefully you’ve been redirected to a new URL! There are a couple of reasons for the changes, all of which are aimed at increasing the presence and visitor numbers on this site: