Windows 2008 Components Posters

Ever wonder it would be easy if you can know all the Windows 2008 features in one sheet so at a glance you can look at it and get the big picture. Well that wait is over for me since I found out Microsoft has a solution for this, giant poster!

Previously published in the TechNet Magazine, these are two PDFs of Windows 2008: Operating System components and Active Directory components. The posters explain how they work and detail capabilities.  They are great resources to have up on your office wall.

The Feature Components poster highlights the following components of the Windows Server 2008 operating system:

Terminal Services
Network Access Protection
IIS 7.0
Server Manager
Server Backup
Server Core
Bit Locker
Windows Server Virtualization

The Active Directory Poster highlights the following components of Active Directory in Win2008

AD Lightweight Directory Services
AD Federation Services
AD Rights Management Services
Group Policy
AD Management
AD Read-Only Domain Controllers

Many thanks go to MS team who has been taking considerable time to prepare these posters. You can get them by visiting over here.

Windows 2008 Components Posters

Ever wonder it would be easy if you can know all the Windows 2008 features in one sheet so at a glance you can look at it and get the big picture. Well that wait is over for me since I found out Microsoft has a solution for this, giant poster!

Previously published in the TechNet Magazine, these are two PDFs of Windows 2008: Operating System components and Active Directory components. The posters explain how they work and detail capabilities. They are great resources to have up on your office wall.

The Feature Components poster highlights the following components of the Windows Server 2008 operating system:

Terminal Services
Network Access Protection
IIS 7.0
Server Manager
Server Backup
Server Core
BitLocker
Windows Server Virtualization

The Active Directory Poster highlights the following components of Active Directory in Win2008

AD Lightweight Directory Services
AD Federation Services
AD Rights Management Services
Group Policy
AD Management
AD Read-Only Domain Controllers

Many thanks go to MS team who has been taking considerable time to prepare these posters. You can get them by visiting over here.

Windows 7 keyboard shortcuts

Widows 7 is in the horizon. Most of us enjoy the beta version and still using widnows RC 馃檪 So why don’t you go the extra mile and try out the short cut keys as well. Below are some of the short cut kes I found out while browisng the web sites,

Win + UP Arrow Maximize the current window
Win + Down Arrow Restore down or minimize current windows
Win + Left Arrow Dock the current window to the left half of the screen
Win + Right Arrrow Dock the current window to the right half of the screen
Win + [number] Activate and run the program pinned on Windows 7 Taskbar, running program won芒鈧劉t be affected
Win + Home Minimize all but the current window
Win + Space Makes all windows transparent so you can see through to the desktop
Win + Pause/Break Open System Properties
Win + Tab Flip Aero 3D [press Tab to cycle between Windows]
Win + B Move focus to notification tray (the right-most portion of the taskbar)
Win + D Show/Hide desktop
Win + E Windows Explorer is launched
Win + F Search
Win + G Bring all gadgets on top and foreground
Win + L Lock Computer
Win + M Minimize all windows
Win + P Open the projection menu (generally used for laptops connected to projectors)
Win + R Run Command is launched.
Win + S OneNote Screen Clipping Tool
Win + T Show preview thumbnail of running applications in Windows Taskbar one by one without mouse over
Win + X Mobility Center
Win + # Quicklaunch
Win + = Magnifier
Win + [+/-] Enables the magnifier and zooms in/out
Win + Shift + Up Arrow Maximize vertical size
Win + Shift + Down Arrow Restore vertical size
Win + Shift + Left Arrow Jump to left monitor
Win + Shift + Right Arrow Jump to right monitor
Win + Shift + M Undo all window minimization
Win + Shift + T Cycles backwards
Win + Ctrl + F Opens the Active Directory Find Computers dialog
Ctrl + Right Arrow Move the cursor to the beginning of the next word
Ctrl + Left Arrow Move the cursor to the beginning of the previous word
Ctrl + Up Arrow Move the cursor to the beginning of the previous paragraph
Ctrl + Down Arrow Move the cursor to the beginning of the next paragraph
Ctrl + Click A pinned taskbar icon to cycle through the program芒鈧劉s open windows (e.g. IE)
Ctrl + Win + Tab Persistent flip 3D
Ctrl + Shift with an arrow key Select a block of text
Ctrl with any arrow key + Spacebar Select multiple individual items in a window or on the desktop
Ctrl + Shift + Esc Open Task Manager directly
Ctrl + Shift + N Create new folder

AD Organizational Unit Design Best Practices

Organizational Units (OU’s) are containers within domains. They are the elements of hierarchical structure within domains. The OU hierarchy does not need to reflect the departmental hierarchy of the organization or group. OUs are created for a specific purpose, such as the delegation of administration, the application of Group Policy, or to limit the visibility of objects.

Sample methods of how can you create your company OU levels.

Characteristics of the Organizational Unit (OU)

OU’s offer the best method to organize the hierarchical structure in Active Directory. There is a big temptation to reflect the organizational hierarchy in the domain, but as we learned in the Domain Design section, this is not a good idea. The Organization Unit would be best suited for the job.

OU’s can easily be renamed, moved, and deleted. Using Active Directory Users and Computers (ADUC), manipulating OU’s can easy. Renaming the OU does not affect the objects inside that OU. Moving the OU moves all objects and containers inside that OU. Here’s the tough one: deleting the OU deletes all containers and objects inside that OU. So better be careful!

Maintaining the organizational hierarchy using OU’s has less impact on performance compared with maintaining it in domains. While the domain requires at least an addition of at least two domain controllers per additional domain, the OU does not have that requirement. Additional OU’s also don’t have additional replication overhead, well, enough replication overhead to replicate the hierarchy of the OU in the domain, but that’s it.

Organizational Units are bound within the domain. All organizational units do not exceed the domain boundary. Similarly named OU’s in different domains are independent of each other. To put it in another way, all domain controllers in the domain contain the same set of OU’s for that domain, and only for that domain.

The OU offers a good administrative boundary. Permissions to Active Directory objects can be delegated at the OU level, and have they inherited in the containers and objects inside that OU.

Reasons to create Organizational Units

Delegate administrative control. Administration of Active Directory objects can be done in a per OU level, and these permissions by default are inherited by containers and objects in the said OU.

Implementation of Group Policies. Group Policies can be implemented, among others, on the OU level. Like administrative permissions, they are also inherited by down-level OU’s and objects. We will take a look at group policies in the next section.

Object organization in Active Directory. The Active Directory domain can contain millions of objects. It may be very hard to locate for a specific object among millions if there was no mechanism to organize them.

Some OU design principles

Simplicity is (still) the key. Although we can create as many OU’s as we need, it would be important to make sure that they are in the simplest way possible. A domain with hundreds of OU’s may no longer be supportable. Also, the deeper the OU structure, the longer it takes for a computer to start up or a user to log on because of processing of Group Policies in the depth structure of the containers. A general rule of thumb is an OU structure that does not exceed a depth of 5 OU’s (3 is a conservative figure).

Have knowledge of the Customer’s political and organizational structure and boundaries. It is important that the organizational and political structure of the Customer is to be understood by the infrastructure architect from day one. As mentioned, we can move objects from one OU to another. However, doing so would change the object’s group policies applied to it, and may not be a wise move after rolling out the said GPO’s.

Consider separating the user from the workstation. In Group policy there are separate sections for computers and users. This makes it possible to also separate the computer objects from the user objects accessing them, since there might be a separate group of administrators managing them anyway.

Consider separating the service from the server. In the same way that user objects can be separated from their workstations, the services can also be can be separated from the server. This is because Group Policies can also control which services are running on a specific machine. Example, all computer objects of web servers running IIS can be placed on one OU, and apply to that OU a Group Policy Object that ensures that the World Wide Web Publishing Service starts automatically on those servers, while is Disabled for the rest.

Be careful with complex OU structures

Have a principle on OU design, at least on the top levels of the OU. This way, objects won’t get "lost" in an intricate and highly complex OU design. It’s very easy to "lose" an object after creating a complex OU hierarchy with matching delegated permissions to boot, by successfully finding an object in the Find function in ADUC, but not being able to access the same because delegated administrative control bars the currently logged on user from accessing either the object itself or the container (or one of the containers of the container) holding the said object. In other words, the object exists, but is not accessible, and uniqueness rules prevent us from creating a similarly-named object. Apart from that this will simply nightmare to mange by the administrator J

A popular OU Design

With the number of companies I have work on designing OU structure one simple rule is to keep OU structure simple and not to let it go too deep level. Try to have maximum of 3-4 sub OU level. This can be categorized in Geographical level or Department level or unit level.

The same is true for Group Policy implementation. A central group policy applied at the domain level or separate group policies applied separately for OU’s in either the geographical or administrative OU levels make it centralized, or decentralized respectively.

In short, this model enjoys the possibility of having either centralized or decentralized modes of administration and group policy application. If your organization is one that has multiple geographical locations per domain, consider this model.

How to asses an existing infrastructure with Microsoft tools

Most of us visit customer sites to identify their existing infrastructure to help them better. In this process identifying their network and finding issues and providing recommendation will be vary according to each persons experience level and knowledge on product. We use various tools for that and some will rely on third party tools as well. So depend on the information they gather the solutions you provide for the customer will be vary.

As Microsoft point of view they always want to empower the partners and as well as the customers and let them use the Microsoft software efficiently. So this thread is all about one of the Microsoft key success tool known as MAP (Microsoft Assessment and Planning) sometimes this will be referred as MAPS as well.

The whole idea behind MAP is to give the partners and customers is to do basement of their existing network / infrastructure and identify the hardware software and decide if they are ready for the new software /technologies. This will give you a clear picture and help you to make correct decisions. Based on my experience this will be a key tool any filed engineer should have in his belt of tools to better serve the customer.

Think about a scenario when you go and recommend Microsoft products do you really know their environment before you do that suggestions? Do you really know their business process? Now days it鈥檚 all about how you try to map your solution with their business process. So this tool will empower you with that information and give the clear visibility of their existing infrastructure. Armed with that information and your experience the solution you offer for the customer will be effective one.

More information will be provided by Microsoft if you visit over here.

How to asses an existing infrastructure with Microsoft tools

Most of us visit customer sites to identify their existing infrastructure to help them better. In this process indentifying their network and finding troubles and doing recommendation will be vary according to each persons experience level and knowledge on product.

We use various tools for that and some will rely on third party tools as well. So depend on the information they gather the solutions you provide for the customer will be vary.

As Microsoft point of view they always want to empower the partners and as well as the customers and let them use the Microsoft software efficiently. So this thread is all about one of the Microsoft key success tool known as MAP (Microsoft Assessment and Planning) sometimes this will be referred as MAPS as well.

The whole idea behind MAP is to give the partners and customers is to do basement of their existing network / infrastructure and identify the hardware software and decide if they are ready for the new software /technologies. This will give you a clear picture and help you to make correct decisions. Based on my experience this will be a key tool any filed engineer should have in his belt of tools to better serve the customer.

Think about a scenario when you go and recommend Microsoft products do you really know their environment before you do that suggestions? Do you really know their business process? Now days it鈥檚 all about how you try to map your solution with their business process. So this tool will empower you with that information and give the clear visibility of their existing infrastructure. Armed with that information and your experience the solution you offer for the customer will be effective one.

More information will be provided by Microsoft if you visit over here.