THE OFFICIAL BLOG OF THE SBS "DIVA"

... and if anyone has any issues hearing me while mowing their lawn...just holler....a short 6 minute podcast on security patching news in the SBS world

http://www.acidplanet.com/artist.asp?podcast=1075|2&t=6736

06-025 re-released but unless you are seeing issues.. don't repatch is the biggie...

You going to Boston for the World Wide Partner Conference?  If you are make sure you give Susanne Dansey a big HI!

She'll be in Boston at the Small Business Symposium giving a talk on Community...

•  How and what the UK & Irish community is
• Successes so far from the UK & Irish community (impressive growth, case studies from partners)
• Vendor relationships (with HP, MS, CA etc and how we can lobby them to build better relationships with us)
• Worldwide successes (video example of Nick Pieters and quotes from partners across the globe about their positive experiences from the community) as well as my view on what works and what doesn’t and why we are a strong network
• Where to go and how to join (SMB Nation, blogs, forums, events, sbsgroups.com etc)

She's got a room assigned to her.. but let's see if we can get her a standing room only for her community talk.. I've got Cockroach Community Cards and Buttons heading her way (via Vlad and Chris) so make sure you ask her .. we've customized them for a more International Community view but I think you'll find them very helpful!

(Both the WWPC and the Small Biz Symposium are both sold out... Vlad will be there blogging.. so I'll be watching his blog for the onsite photos and news.

So Dana Epp already worked on and came out with a ISA tool that really adds a ton of better reporting to my ISA server... but he blogged about what he's working on next...the answer to my 'risk' question from yesterday...he's working on a two factor plug in for RWW... that looks really cool...

...and I need to also disclose how the "SBS Diva" started.. you see I was helping David Coursey out with his SBS 2003 server and in a review he called me the "SBS Diva" and well it just stuck... so since we just added some new blog skins.. I decided to redecorate with a smidge of pink around the place...but... if you CAN see the fact that I changed the blog colors around and that DOES mean you are viewing this on the web.. maybe instead you should be viewing this on a RSS reader instead...

From a Sharepoint web part to RSS Bandit to Newsgator to IE 7 (yeah yeah it's a beta.. I know ...) don't read this blog from a web browser... get it via the feeds...

P.S.  If you are wondering..the "E-Bitz" comes from a two part nickname as well.. Bitzie because I have short hair.. and "E" because .. well.. I can find just about everything and anything online....

I've used this tool before and it's really cool.. and I forgot to blog that it's been updated...check it out!

You can download SYDI-Server 2.0 from the SYDI website:
http://sydi.sourceforge.net

Post on his blog concerning this release: 
http://ogenstad.net/2006/06/26/sydi-server-20-released/

...and Patrick knows me too well...
http://www.zipped.org/misc/stuff.php?vln=52 

Service Pack 3 for SBA/BCM

This service pack provides the latest updates to Microsoft Office Small 
Business Accounting 2006 and Microsoft Office Outlook 2003 with Business 
Contact Manager Update.

http://support.microsoft.com/?scid=kb;en-us;920115

(and is it just me or is that KB blank?... okay now it's resolving 
as it should.. must have been sunspots or something)

Okay do I need more dew or what?  Terry pointed out that the 
headline read SBS not SBA...uh sorry about that

So you want to start a patch management process...but you don't think your micro biz clients will install R2?

Check out this info from Shavlik---- 

Microsoft updated their guidance today concerning support for MBSA and
customers running legacy Operating systems and applications (iow, all
the systems not supported by WSUS). Microsoft posted this guidance on
the MBSA web page http://www.microsoft.com/mbsa

In response to Microsoft's announcement, Shavlik is offering a free
commandline scanner product to the security community. Shavlik NetChk
Analyzer for Microsoft (SNA) is the latest incarnation of Shavlik's
agentless hfnetchk scan engine. This scanner is backwards compatible
with MBSACLI.exe /hf - you can drop the new scan engine into your MBSA
scripts without any changes required. The SNA scan engine also adds many
new features that weren't part of the original MBSA scan engine. (more
information on the new feature set is available here:
http://xml.shavlik.com/SNAReference.pdf)

The SNA for Microsoft engine scans and reports on patch status for
Microsoft Operating Systems and applications, including remote scans of
Office 2000 through Office 2003. The scanner supports an unlimited
number of hosts and will not time out.

In addition, Shavlik is offering a version of the Shavlik NetChk
Analyzer that includes support for non-Microsoft products like Adobe,
Flash, Firefox, and others, as well as support for non-security
Microsoft patches. This version is available for free for one year and
will support scanning 25 clients at a time. Lastly, Shavlik is now
offering a free, one year 10 seat license of Shavlik NetChk Protect that
will perform patch scanning and deployment (and anti-spyware
management).

Additional information about these offerings, including links to
download these products is available here:
http://www.shavlik.com/mbsa.aspx


Regards,

Bob Peterson

The Official SBS Blog : Using the /3GB Switch with SBS 2003:
http://blogs.technet.com/sbs/archive/2006/06/30/439628.aspx

Mark posts the SBSized answer to "do we use the /3 gig or not?" on our SBS boxes.

Okay so now that that religious argument is now on a blog.... now what to we do to entertain ourselves for a Friday?

Earlier today there was chatter about the impact of WGA.. Windows Genuine Advantage... and how we didn't like the fact that Microsoft deemed the "piracy patch" as a critical patch, and when it failed, it had security implications because the computer user would disable automatic updates.

Already there's been a lawsuit filed against WGA.. and folks don't like it's ability to phone home.

But what I really don't like about it is the fact that it breaks the trust of patching.  It's not a security update... and it's certainly only critical of a patch to Microsoft.. and the fact that the first 'drop' of it was a beta that was not clearly communicated to those of us who got that WGA update just was one of those moments that as a customer of Microsoft you just want to say to someone, somewhere... what WERE you thinking?

As a result... poor Alex is going to bear the brunt of my "What WERE you thinking?" post.

It was deemed 'critical' by you so that if someone was running with Automatic updates turned on ..which ... hello Microsoft that's what you tell us to do... they would not have any other choice but to have it automagically installed. 

To whomever was the Product Manager who gave the go-ahead to place this WGA update into the "critical" section, shame on you.  Shame on you for approving a beta patch to be offered up as a critically needed patch.  Shame on you for not informing folks appropriately.  Shame on you for not providing appropriate support mechanisms.

What is the support mechanism you are told to use?  Web email interface.  With a one business day turn around.  Business day. 

Microsoft just remember that as you are building out that live.com stuff that the more you don't need a specific operating system.. the less we'll be tied to Windows.  Don't make your distrust of your own customer so great that we lose trust in you.

The upper "high priority patches" are ..by your own words... to protect your computer against security threats and performance problems... so how is a tool that makes sure that the legally purchased computer that "I" bought a security threat or a performance problem?

Job two is to increase our trust in those that you recommend we install.

You just made the job of those of us who urge people to patch just a little bit harder.

Way to go there guys...

I think this is the thing that Dave (from the SBSShow) talked about that he really liked....

Microsoft Solution Selling for Partners Online:
https://partner.microsoft.com/40016089

The MS solution selling training... and it looks like it's only $60 for the training.

Check it out...

• Identify and diagnose customer critical business issues
• Change a customer’s biased vision of a competitive offering
• Gain access to decision-making authority
• Create and demonstrate value at every step of the sales cycle
• Shorten the sales cycle
• Close opportunities more effectively and efficiently

Pssst..the site works for me? Do you need your cookie to be US based?
 

..and I was demoing the WSUS in R2 tonight for our SBS partner group and I looked under the 'real' WSUS and went...whoa....

Page after page of drivers up on WSUS that just came down on June27th.

I personally do NOT like to install drivers from Windows or Microsoft Update, so just be aware and feel free to cancel those driver updates that are offered up to you.

You know I already posted up dump files for folks to play with..now see the expert in action.....

Watch this webcast and download this powerpoint for "THE" debugging webcast of TechEd... and you can even buy the DVD of all of the presentations for $195(US).

Risks.

Real risks for a small firm.

Real risks for a small firm for remote access include such things like the misuse of kiosk computers that could steal usernames and passwords.

The US government is going to require mobile devices to support encryption and two factor authentication due to that stolen laptop (that's now been recovered).

But some of our risk isn't due to regulation or legistlation, but rather that someone else has set the bar for the right thing to do.  These days if your data gets accessed, the right thing to do is pay for credit checks for a year.... after this.. the right thing for access in general is two factor authentication.

At the present time RWW, my prefered way to connect won't support two factor.  But I still think its preferable to every other method out there...and trust me... we know 'em all.....

How about you.. are you defining and redefining that bar?

So it all started when Dave Nickason had a couple of workstations that just would not let him RWW into them. And when he went to query them, they had the XP sp2 firewall not allowing the remote desktop functions...but they were on the domain so it made no sense that they wouldn't see the domain... but yet they would not.

He found that if he ensured that the Network Location Awareness service was set to automatic, then it ensured that as it booted up it would check the network status consistently. It's supposed to handle this manually but for whatever reason it did not.

So check that NLA service and flip it to automatic if you need to.

Thursday June 29th, the Tidbits from Teched will be presented at 6:30 p.m. at 1991 N. Gateway.  Pizza and drinks will be served.

You can RSVP by sending an email to Sbradcpa-at-pacbell.net

See you there! 

We'll be handing out User Group DVDs and Technology Assessment cdroms.

 Microsoft Partner Readiness:
http://www.msreadiness.com/WS_abstract.asp?eid=15004326

*Recorded Event Date:*
6/28/2006

*Presenter:*
Ron Grattopp & Tim Barrett

*Event Time:*
12:00 PM Pacific, USA & Canada (DST) = GMT - 08:00

*Duration:*
60 minutes

*Description:*
This is a part 2 of the Hidden Gems webcast series (Part 1, May 24th). Ron is once again joined by Tim Barrett and a stellar supporting cast of experts on Q&A.
This month Tim will cover:

   * How to map a drive letter to a Sharepoint folder
   * The Intelligent Message Filter for your Exchange spam control
   * How to create custom Sharepoint Web Parts for RSS feeds
   * As well as other gems (which shall remain hidden unless you join
     us /<grin>/)

...and yes if you miss it.. it's recorded for later playback...

So you were hesitating on becoming a Small Business Specialist because you were not liking the fact that Microsoft PAMs would call you.. or that you got cool offers? But what if there was something cooler?

What if you could go to a staffed and managed newsgroup and get a guaranteed response from a Microsoft support engineer in four hours?

What if you could only get this kind of access if you were a SBSCer?

Guess what..that's exactly what is going to happen.

If you are a SBSC firm you will get special access to a SBSC only newsgroup that has a faster response time... from 6 a.m to 6 p.m if you have a question about SBS, Windows server, Exchange, Win XP, Office (from Access to Word) you'll get this special benefit.

Look for more info on the SBSC web site on access to this closer to the World Wide Partner Conference...but if you were on the fence before about why you should be a SBSCer... this is just one more of many reasons why you need to step up to the plate and brand yourself as a small business specialist.

So you loaded up Vista and you want to try it on a SBS network... so while you 'can' ... I'd read the SBS blog posting about Vista and SBS first..

http://blogs.technet.com/sbs/archive/2006/06/26/438938.aspx

And please do follow the advice of Dr. J... leave UAC on.  Yes it might be a smidge annoying but this is beta software NOT to be on production networks and the point of beta software is to give feedback in the approprate venue to make it better.

Invariably in newsgroups and listserves the question comes up "Can I cluster SBS?" and even more so now with Virtual Server and Virtualization the question comes up again...but it seems to me that everyone is looking for a technology issue to what I see is a people issue.

I don't think people are comfortable with the Disaster Recovery story of SBS because they haven't even tested out the recovery process of their own SBS box.

I'll bet you that most of you reading this blog haven't even tested out the process documented here in this SBS whitepaper on backing up and restoring.

But here's the thing that came out of Jeff Middleton's talk on disaster recovery of a small business at TechEd... sometimes a bit of understanding and placing in standardized spare RAID cards to ensure that you can slide from one piece of hardware to another is wise... sometimes understanding that the small business firm typically can handle some amount of downtime and as long as your DR strategy includes backdoors to the Internet and what not... it's about understanding that you have options and are not limited.

Want more options?  Then look into Acronis for imaging just the single domain controller (and don't add a secondary DC) ...or add a secondary DC .. or script system state backups and park them offsite... or look into Symantec Live State...

..but get comfortable with the basic backup and restore solution for SBS...because right now I get the feeling that too many folks aren't comfortable at all with their DR story that they are 'selling' to their clients.