Posted by Mike Preston on March 29, 2018
Using the Microsoft Certificate Authority to get rid of those self-signed certs



Most every application we run in our datacenters today provides some sort of web-based interface.  The push to move to HTML5, API driven GUIs is a good one – we can access things from anywhere, using any device or browser.  The problem being we are also seeing a push for security, more specifically ensuring that all our web accessible interfaces are running through SSL and only accessed through https.  With this we are seeing a lot of applications providing users the ability to generate self-signed certificates to get the job done.  While this is ok, you may be thrown off and annoyed by the constant nagging from modern browsers such and Chrome, Firefox, and Edge – having to accept the self-signed cert bypassing some scary messages.  To get around this administrators can go out and purchase a certificate from a trusted authority, however this could get pretty expensive if you start adding up all of the self-signed certificates within your environment.  Another answer – the Microsoft Certificate Server.

Learn More

Posted by Vladan Seget on March 1, 2018
How to enable Active Directory Recycle Bin in Windows Server 2016

Before we dive into how to enable Active Directory Recycle Bin in Windows Server 2016, we will first explain what it is and when Microsoft introduced this feature.

Active Directory Recycle Bin simply allows you to restore deleted objects from Active Directory. It can be a user account, computer account or a whole Organizational Unit (OU). Who did not accidentally delete an AD object in his career?


Learn More

Posted by Gary Williams on December 7, 2017
Deploying Microsoft LAPS

As a summary, LAPS is the Local Administration Password solution from Microsoft. This software changes the local administrator password on a selection of machines on a schedule and stores that password in plain text in Active Directory.

The first time I came across LAPS was when I hear about project Honolulu and I’ll admit that I hadn’t heard about it before which is something of a shame because LAPS is one of those very handy little add-ins that Microsoft should be offering as part of the core AD experience.

For those who haven’t come across LAPS before, LAPS is a handy tool for scenarios where you need to change or set the local admin password to something random because you need to give out that password.

LASP settings

Learn More

Posted by Karim Buzdar on November 22, 2017
Managing User Mailboxes in Microsoft Exchange Server 2016 with PowerShell

Managing user mailboxes in Microsoft Exchange Server 2016 is a day-to-day task of system engineers. This article focuses on managing user mailboxes in Microsoft Exchange Server 2016 including very common features like creating, removing and disabling the mailboxes with the help of PowerShell.

Importing an Exchange Management Shell

Your first step is to import an Exchange Management Shell before you can start executing Exchange Server’s related PowerShell commands.

create a user mailbox via PowerShell

Learn More

Posted by Edwin M Sarmiento on October 31, 2017
Deploying SQL Server 2016 Basic Availability Groups Without Active Directory. Part 1: Building the Platform


When Availability Groups were introduced in SQL Server 2012, they were only available in Enterprise Edition. This made it challenging to move from Database Mirroring to Availability Groups, especially if you’re running Standard Edition.  To upgrade and migrate from Database Mirroring in Standard Edition, you either choose to upgrade to a more expensive Enterprise Edition license and implement Availability Groups or stick with Database Mirroring and hope that everything works despite being deprecated.

SQL Server 2016 introduced Basic Availability Groups in Standard Edition, allowing customers to run some form of limited Availability Groups. Customers now have a viable replacement for Database Mirroring in Standard Edition. However, unlike Database Mirroring, Availability Groups require a Windows Server Failover Cluster (WSFC). SQL Server database administrators now need to be highly skilled in designing, implementing and managing a WSFC outside of SQL Server. Because the availability of the SQL Server databases relies heavily on the WSFC.

SQL Server 2016 logo

Learn More

Posted by Karim Buzdar on September 5, 2017
Installing Exchange Server 2016 on Windows Server 2016 with GUI

Probably most of the enterprise businesses have heard of Microsoft Exchange Server. It’s Microsoft platform delivering email, scheduling, and tools for custom collaboration and messaging service applications and is installed on Windows Server operating systems. Its main aim is not just to let workers inside an organization communicate but to collaborate. So, you can install Exchange Server 2016 on Windows Server 2016 using two ways:

  • PowerShell
  • Graphical User Interface (GUI)

However, in this article, I’ll focus on installation with the help of GUI.

Windows PowerShell with administrative privileges and sconfig utility

Learn More

Posted by Vladan Seget on May 1, 2017
How to install VPN access on Windows Server 2016

I did previously setup during a few occasions, VPN access on Windows Server 2012 R2, but haven’t tested that on the newly released Windows Server 2016.

Remote access role is a VPN which protects the network connection or your remote connection from one side to another and protecting both sides from attacks or data sniffing as VPN protocol uses a tunnel inside of a standard data connection.

Open the getting started wizard

Learn More

Posted by Nicolas Prigent on March 16, 2017
Installing System Center Configuration Manager 1610 (Current Branch) on Windows Server 2016 with SQL Server 2016. PART 2

Microsofr System Center Configuration Manager

Thanks to the previous part, we have SQL Server 2016 installed and configured. Before running the SCCM installation process, let’s remember the architecture we are implementing.

Learn More

Posted by Romain Serre on March 8, 2017
Backup and restore your first VMware VM with Veeam

In the previous topics, we have installed and updated Veeam B&R 9.5. Then we have connected Veeam to vCenter 6.5 to get visibility on VMware VM and backup them. To finish, we have added a backup repository to store backup files. Now we can backup a virtual machine. Once we have some restore points, we can also recover the VM.

Veeam Backup and Replication VM tools Add to backup job

Learn More

Posted by Romain Serre on February 6, 2017
Specialize Windows Server Hyper-V guest OS automatically

Last year I have written a topic on Starwind to create VMs from PowerShell. That enables to automate the creation process without using a GUI, either from Virtual Machine Manager or Hyper-V Manager. But a VM deployment is not finished when the VM is created but when the application is deployed. Before deploying the application, the OS must also be installed and specialized. This topic shows you the method I use to deploy and specialize a VM without a single click.

Specialize OS from unattended file

If you read this documentation (Implicit Answer File Search Order section), you can see that we can specialize the OS from unattended file. This unattended.xml file will be placed in C:\Windows\Panther\Unattend. To prepare the unattended file, I use ADK (Assessment Deployment Kit). When you install the ADK, select Deployment Tools. Then you can open Windows System Image Manager.

Windows System Image Manager

Learn More