I've had two very different cloud support experiences today, and it really highlights the VAST difference in how cloud-based organizations support their customers.

First, the bad. I have several customers signed up for web services through a shared web hosting provider (who shall remain nameless). We ran into a problem this morning that impacted most of those customers, and I went straight to the company web site to start a support incident. I first clicked on their "Live Chat" icon, only to be told that no one was available for chat, but was offered to leave a message. (Ironically, every time I've tried to access their "Live Chat" feature in the past 6 months, I've yet to have anyone actually be available on the other end.) Next, because this was impacting at least one customer's ability to conduct business, I called in for support. I'm in Central time, and the hosting provider's offices are headquartered in Eastern, and it was well after opening business hours here, but no one was available to answer the call. No big deal, if they're having a major problem, I could see how all their phone support agents were tied up at the time I tried to call. So, I left a voicemail. A few minutes later, however, I recalled that last month when we'd run into an issue, I called and left a voicemail for support and never got a call back. So, I decided to go ahead and fill out an online support request form. I submitted the URLs of all the sites that were impacted, error messages seen in the web browsers, and sent it off on its merry way. Sure enough, almost immediately, I received the obligatory "we received your support request, and here's the request number." Good, at least the ticketing system is working.

Just a few minutes later, I received an e-mail from a technician who said they were aware of the issue and working towards a resolution and would let me know when it had been resolved. Great! That's all I can really hope for at this point. And sure enough, about 30 minutes later, I get an e-mail saying all had been fixed and should be good to go. I checked on a few of the sites impacted, and while some worked, others didn't. Long story short, I ended up with multiple messages back and forth with their support team. We finally had all sites but one up and functioning, and even though I asked several times what had actually happened and what was done to resolve it, I never got an answer. I finally sent in a long error message for the site that was still not working along with another request for what the problem and solution were, and two things happened. First, a different technician responded to the request. Second, he actually told me what had been the problem and what they had done to fix it. He also said that he was looking into it and would let me know when it was resolved. I ended up Googling the error and found several references to problems resulting from the exact thing they had done to resolve the initial issue, and send links with those items back to them. Over the next several hours, we went back and forth, with the new support guy saying they had fixed the issue, and me replying with updated errors when it clearly wasn't fixed. Even though this was significantly impacting one of my customer's ability to work, I never felt a sense of urgency on their part. Ultimately, I think the problem was resolved (at least is hasn't cropped up since the last set of changed made on their end), but not without a LOT of time on my part and a lot of research that I provided to them on topics that I'm just not that familiar with. Frustrating.

So, imagine my surprise when I got a call from my contact at Inbox Solutions (http://www.inboxsolutions.com), our hosted Exchange provider of choice, a few minutes after I sent in a non-critical request for assistance related to a spam filtering issue. Not only did I get a call, but he had understood my request and provided an immediate workaround to present to my customer having the issue. I wasn't needing or expecting a response until tomorrow, but because he got back with me so quickly, I was able to implement the workaround with my customer this afternoon and got his issue resolved. This is on par with the level of support that I've received since I started working with Inbox Solutions, but it was still a very pleasant surprise after dealing with the other support nightmare of the day.

This is ultimately the crapshoot of dealing with cloud providers. You may have some that can provide excellent support while others don't have the same focus. As we work with our customers who are contemplating moving some of their business processes into the cloud, this is a significant part of what we look for. Since we can't put our hands directly on some of the cloud pieces that our customers will be using, it becomes paramount for us to align ourselves with cloud vendors who we can easily work with to resolve issues when they arise. I can honestly say that in the 9 months we've been dealing with Inbox Solutions, we've received zero customer complaints, we've had exactly two support calls (one that we were able to resolve internally and the other which was addressed today), and the response time we've received to our queries with them has been phenomenal. In the two years we've been working with this web hosting provider, we've sen an increase in downtime, longer support response times, and a lack of urgency to our support needs. Guess which vendor we'll be sticking with and which we'll transition away from...

Today's eOnCall episode covers my thoughts and requests for SMB technology plans for 2011. Listen live at 10am/1pm Central time at http://airtunz.us/rock.html, episodes will be available for download later from http://eoncall.com.

Today, Microsoft announced the removal of the Drive Extender technology from the "Colorado" product line. That includes the next version of Home Server, SBS 2011 Essentials, and Storage Server 2008 R2 Essentials, all of which are still in beta. The Home Server announcement is at http://windowsteamblog.com/windows/b/windowshomeserver/archive/2010/11/23/windows-home-server-code-name-vail-update.aspx and the SBS 2011 Essentials announcement is at http://blogs.technet.com/b/sbs/archive/2010/11/23/windows-small-business-server-2011-essentials-update.aspx. There are a lot of folks in the Home Server arena who are probably going to be really unhappy about this, as well as some who were looking forward to having Drive Extender in SBS 2011 Essentials (Aurora) and Storage Server 2003 R2 Essentials (Breckenridge). Personally, I'm thinking it's a good thing for my business and the potential customers we have who will be looking at these products.

For those who are asking "What is Drive Extender and why should I care," here's a brief summary. Drive Extender was a disk management technology introduced with Windows Home Server that allowed the total storage on the box to be expanded by adding any size disk of any kind. Wikipedia has a little better description at http://en.wikipedia.org/wiki/Windows_Home_Server#Drive_Extender. On my Home Server at home, I have a pair of 500GB disk drives, a 1TB drive, all connected on the internal SATA controller, and just added a 750GB USB drive, all pooling to have one large storage area available for my music library and my wife's photo library. Unlike RAID, where all the disks have to be exactly the same geometry and the entire array has to be rearranged when new disks are added, with Drive Extender the newly-added disk can be added to the storage pool at any time and increases the overall storage amount.

While Drive Extender was cool technology for the Home Server market, I had real concerns about it in the Aurora and Breckenridge products. Yes, having the ability to add storage willy-nilly without a concern about the size and type of drive seems nice, but many application vendors refused to support their products on a Drive Extender platform. While logically all the storage appears to be one large single volume, the actual data stored on the drives could literally be anywhere, and possibly in multiple locations. Think about a SQL database where the log files might be stored physically on a SATA-connected drive, but the database files actually resided on external USB storage. As far as the OS was concerned, it was all one large volume, but the performance in that scenario would have been a real mess.

So as I've been working with Aurora and planning for how we'll be rolling out SBS 2011 Essentials implemtnations, I was already making plans to boost the storage in a box that would run Aurora to ensure that some disk was allocated to Drive Extender for storage of some data, but other disk would be excluded from the Drive Extender pool so that I could install LOB application data (i.e., QuickBooks, SharePoint, Kerio Connect, etc.) onto the non-DE storage area. But then how do you protect the non-DE storage area? Put it on a RAID array? Then what's the value of DE if I'm already putting in some sort of hardware fault-tolerance on the box? And what if a vendor chooses to say "we dont' support our product on SBS 2011 Essentials" because of DE, even though I've got their data and/or application installed on non-DE storage? That's a possible support nightmare I was not looking forward to getting into.

So, today, we know that DE will no longer be a part of the Colorado family, and we're waiting on updated beta builds of the product that do not have the DE technology implemented. Now I can speak more confidently about what application support will look like on Aurora, because there is no DE to confuse the issue. I can start scoping out "standard" hardware to use as a foundation for an Aurora install. Am I going to have to rethink how I do my next "home server" box at the house? Sure, but I wasn't sure I was going to make that box run on Home Server anyway, I'm probably doing that one on Aurora. And we don't sell a lot of Home Server in our business, and pretty much won't once Aurora and Breckenridge become available.

While I can see how the Home Server folks are going to lament the loss of DE from their product, as cool as it is, removing that technology removes a LOT of roadblocks I was expecting for Aurora and Breckenridge, and that's good news for my business.

In case you hadn't heard yet, Third Tier will be doing a pre-day training event in Las Vegas on October 21. Information about the event can be found in this Third Tier Blog Post. At the time of this posting, we've already reached 60% of the registration limit for this event. If you haven't yet, head on over to the Third Tier site and register. Look at the Third Tier Blog for detailed information about the sessions that will be presented.

We're really excited about this event and hope to see you there!

I'll be co-presenting a webinar with Kerio on their Connect mail server product running on Windows Foundation Server. Here are the details for the webinar, including a registration link at the bottom of the post:

Micro Businesses Find Their Edge with Kerio Connect

Wednesday | September 22, 2010 | 10:00 AM PDT

For many small and micro businesses, deploying a full-featured email and calendaring server can be a cost prohibitive endeavor, especially when considering Microsoft SBS or Exchange. But, these organizations have a unique advantage.

One of our industry’s best-kept secrets for organizations under 15 users is to deploy Kerio Connect on Windows Server 2008 R2 Foundation on a decent entry level server – all for less than the cost of the SBS license alone.

Kerio Sales Engineer Brian Carmichael and our special guest and Microsoft SBS MVP Eriq Neale will jointly host this live technical webinar. Don’t miss this session in which Eriq will share some of his personal tips and tricks to properly configure Kerio Connect on a Windows Server 2008 R2 Foundation box with IIS installed for TS Gateway services.

In this webinar Eriq will: 

• • Review the prep work needed on Windows including setting up multiple IPs on the server and getting IIS to listen only on one IP 
• • Install Connect and configure it to listen on the other IP 
• • Install the AD connector 
• • Set up the Outlook connector on a workstation 

Who should attend 

• • IT Solution Providers 
• • Independent Consultants 
• • Small business IT managers, owners and operators 

Presenter
Brian Carmichael, Sales Engineer, Kerio Technologies
Eriq Neale, SBS MVP; Owner, EON Consulting; Partner, Third Tier

Register
https://kerioevents.webex.com/kerioevents/onstage/g.php?t=a&d=666286300 

So Susan posted her thoughts on how to approach managing Group Policy in SMB environments. In the post, she asked for comments and thoughts, and since I can be a bit wordy and might want to include some content that would be difficult to add in the comment space, it seemed to me like a post on the topic was in order. 

First, a bit of background. I do a LOT with Group Policy. I've written the Group Policy chapters (among others) in the SBS 2003 and 2008 Unleashed books. I've given numerous user group and conference presentations on Group Policy. I'm certainly no Jeremy Moskowitz, who is pretty well recognized as one of the foremost experts in Group Policy, but I've been around the block with GP and seen how powerful it is, and how dangerous it can be. And to set the record straight, I'm pretty much in line with Jeremy's approach to GP.

My first rule of Group Policy management is simple: NEVER edit the policies named Default Domain Policy or Default Domain Controller Policy. Period. End of discussion. In an Active Directory environment, these are the core policies developed by Microsoft to get a solid, stable AD environment, and mucking around with them can cause issues. Why? Well, because there's no "undo" in Group Policy editing for starters. If you make a change to one of these objects and it has unintended consequences, like inadvertently locking EVERY object out of the domain, there's no "undo" button you can click to make things go back to the way they were before. Sure there are ways to "go back" but that involves working with backup software (assuming you can get to the backup software to run it, could be difficult to do if you're locked out of the domain), volume shadow copy (see previous point), or manually editing the gpt.ini files directly (I've done this once, and if I never have to do that again, it will be too soon). Then there's the issue that if you do go back and end up having to do a restore of a domain prior to a point where you made changes to the default policies, those changes are lost and not easily recoverable (outside of documentation, a point I will address a bit later).

My second rule of Group Policy management is also simple: test your Group Policy changes on a small subset of the domain before releasing it into production. You can't do that when editing the Default policies. Those policies apply to EVERYONE and EVERYTHING in the domain. 

To address Susan's first point: "I personally will make a new separate policy when it makes sense to do so." Well, that's a *really* loaded statement. Susan is looking at the topic specifically from the viewpoint of SBS and its environment which is pre-configured with a number of Group Policy Objects that don't exist outside the SBS product arena. In non-SBS land, there are only two Group Policy Objects - the Default Domain Policy and the Default Domain Controller Policy. If you follow the reasoning of my first rule above, you're not touching either of those objects, in which case it ALWAYS makes sense to make a new separate policy.

OK, that's a bit nit-picky, but it goes back to perspective. Susan's post only calls out Group Policy in SMB, not Group Policy on SBS. But knowing Susan and knowing the environment she works in, her post was specifically referring to SBS environments, not the greater SMB environment. Because in the SMB environment, we have tools like Microsoft Windows Server 2008 Foundation Server (henceforth referred to as "Foundation server") and the new "Aurora" product which, when looking at their Active Directory Group Policy space, only have the two Default policies (repeat point about never, EVER editing the Default policies).

I think that horse has sufficiently been beaten. Now let me address Susan's post from her perspective - managing and editing policies on an SBS network. And where I take the other side of the coin from her approach, Well, in one specific case.

In the last line of her post, Susan infers that she adheres to an SMB "rule" that "you'd want to have new policies for anything that you add" to the network. So in that regard, Susan and I are of the same mindset. Given my two rules above, never editing the Default policy objects and test Group Policy changes on a small subset of the domain, we're immediately in the realm of any changes to the Group Policy environment should be in a separate, stand-alone rule. When testing. But what do you do when you're done testing?

It depends.

If you are setting up a policy that only applies to a certain set of users/workstations/etc., you're going to have a separate policy for that scenario. In other words, you're not going to create a policy and put it at the root of the domain and yet somehow set it up so it filters only to certain objects for certain contents of the GPO. Doesn't work that way. In fact, the SBS development team has, in my opinion, done an outstanding job of keeping the number of Group Policy Objects to a minimum, meaning that they've combined similar modifications or changes to a specific subset of the network into a self-contained, clearly-named GPO. And it's that approach that I follow when working with Group Policy in all of my networks, SBS-based or not. But I also treat the SBS-generated Group Policy Objects as nearly untouchable as the Default Domain Policy and Default Domain Controller Policy (which I believe should never, EVER be edited, by the way).

Why? A few reasons. One - if I modify an SBS-generated GPO, and then re-run whatever wizard actually created or updated that GPO, my changes are lost. Two - if the SBS team releases an Update Rollup that touches Group Policy, those changes could be lost. Three (and this is the one I consider the most important) - if I have to call Microsoft for support on an issue, the technician who takes the call is going to look at the Group Policy environment and assume that it has not been modified from the defaults. And that could be a nearly-fatal assumption depending on the basis for the support call. A corollary to this is if another support organization takes over support of the network - they're going to assume that the Windows SBS Client Policy (as an example) has the same content as every other SBS 2008 implementation.

So, again, Susan and I are of the same mindset in general. Don't muck around with the SBS policies. So does that mean that you should create a new GPO for every policy change you want to make on the network? No, not in my book (figuratively speaking). My third rule of Group Policy management is: combine similar policy elements into a single GPO. A corollary to that is: combine elements that apply to the same subset of objects into a single GPO. For example, I've had a frequently-accessed post about Disabling SMB Signing in SBS 2003 that provides steps to create a stand-alone GPO for the specific purpose of allowing non-Windows workstations to access SMB shares on an SBS 2003 server (or any domain controller with file shares for that matter). This is a standard object we create on our managed systems in multi-platform environments. Or environments where MFC devices want to be able to scan to a file share on a domain controller. But I digress. That object contains one and only one adjustment to the domain environment and is clearly named as to what it is. Why? Because if someone comes along to provide additional support to the network, or if that customer has to invoke the "bus contingency" (that is, should my entire organization get taken out by a bus or other calamity), someone going in and looking at Group Policy can see immediately that something different has been done and get a good idea what it is without having to open the policy itself. 

If I were to have other domain-level modifications done to a network where we've modified Group Policy, I might take the approach of including those other changes in the same GPO, then changing the name from "SMB Signing Disabled" to "Domain Policy Modifications" or something equally clear that it's not one of the default policies. Why? Because it is possible to bog down a workstation during the boot or logon process if there are too many policies to process. How many is too many? That depends on the speed of the server (as the policy files have to be read off the server disk at some point), the speed of the network (so the workstation can pull the policy objects from the server), and the speed of the workstation ('nuff said), but it can happen. A typical SBS network already has a number of GPOs created, but honestly, in a typical SBS deployment, adding another 4-6 policy objects isn't going to significantly impact the performance of the server or the workstations. So, if I were adding two changes to the domain, disabling SMB signing and some other domain-level task, I would still probably create those as two separate policies and not combine them, again primarily for clarity sake. Even as well as we document the networks we support, who knows if that information is going to find its way into the right hands if we suddenly become unable to provide support for the network.

Susan says that the one exception she will make to the rule of not editing the SBS-generated GPOs is when she wants to make changes to the Windows Firewall settings on all workstations. She says if she thinks a firewall exception should have been a default (i.e., if she thinks the SBS development team failed to include a critical element in the firewall), she will put it into the default (and correct) firewall GPO. In Susan's environment where she is providing internal support for her own network and she fully controls the entire environment and is not likely to ever turn support over to an external support organization, that's within her right. I disagree with her philosophically on that point, but in her environment, it might make the most business sense. But in my opinion, for IT support organizations, even adding a firewall rule that you think should have been included with the product by default should really go into a separate GPO, if for no other reason that when someone other than you looks at the box the can see relatively quickly what has been done to GP. Is it a high risk that adding an exception to the firewall rule is going to take down the network? No, it's actually a fairly low-risk endeavor from a network impact point of view. But so is putting those changes into a separate OU. 

Susan says that she's concerned about workstations processing more than one GPO that has firewall rule elements in it. There's no need for concern from a performance standpoint. The amount of time it takes to process multiple firewall rules in a single GPO isn't significantly faster than processing multiple firewall rules in multiple GPOs. She also says that she thinks it puts the workstation at greater risk by her not creating a rule set properly. Susan, dear, if you're not going to build a rule set properly, it doesn't matter if it's in a stand-alone GPO or in the SBS-generated GPO. If you're going to screw up a rule set, you're going to screw up a rule set. And honestly, I think that there's a greater risk of impacting ALL the firewall rules for the domain if you somehow really screw up adding a rule set to the existing GPO than if you create a standalone rule. 

Which brings me to my final point about creating GPOs as separate objects and not rolling them in with the default objects. Let's say that you did create a bad firewall rule and it actually negatively impacted workstations on the network. It's far easier to disable the GPO that has the custom firewall rule to "fix" the problem than to go back in and edit the GPO to remove the offending element. And if you screwed up the rule when you put it in, what's to keep you from screwing it up when you try to edit or remove it from the existing GPO?

Here's how I approach GPO management in a nutshell (yes, perhaps it is about damn time, but I wanted to get the background out there):

1. I always create a new GPO and tie it to a specific set of workstations or users for testing, either through OU assignment or security restrictions. 

2. After I've tested the GPO and confirmed that it works, I'll either remove the restrictions or OU assignment so that it can be applied to the full set of objects it should be applied to.

3. If, after testing, it makes sense for the GPO element to be included as part of another custom GPO that has already been tested and implemented, I'll edit that existing object, knowing full well that I can quickly disable that custom object if problems arise. 

So this treatise on GPO isn't going to change Susan's mind on how she approaches doing firewall-related GPO operations for her organization. I maintain that it's better to create a separate GPO for firewall adjustments on an SBS network (not one for each firewall change, mind you, unless you have specific firewall rules for specific workstations) than to edit the SBS firewall objects. It doesn't create performance problems on the network or workstation, it falls in with the rest of the approach of doing separate GPOs for custom settings, and it's easy to turn off the rule if something does go wrong in the deployment of the object.

Now that the public beta of Aurora is out and in the wild, we can finally talk turkey about the product and what it does and doesn't do. To that end, I'm starting a series of posts to introduce people to Aurora who might not otherwise be able to look at the product. My reasons for doing this (given that there are a lot of other folks who are also blogging/writing about the product) are multifold. First, back in the SBS 2008 pre-release days, I got up on my soapbox and told everyone who would listen that they needed to take a long hard look at SBS 2008 because it was significantly different from SBS 2003. Based on the types of issues I'm still helping IT Pros get through with SBS 2008, there are a LOT of people who didn't do this. Well, Aurora is completely different from anything you've seen in the SBS product space before, and as such, there are some misconceptions and false assumptions I hope I can stamp out early on through these posts. Second, there are some things about the defaults in Aurora that I think need to be tweaked that I doubt very seriously will make it into the final product release build, so I'll be documenting some of those tweaks here as we go through the series. Third, there are some, well, *different* things I'll be doing with Aurora, and I want to have a place to highlight some of those unusual configurations someplace, especially if a few of these zany ideas make sense to other IT Pros who want to use them in their own deployments. Finally, I think that Aurora is going to be a huge player in the under-25 employee business, and the sooner consultants and businesses learn about what it can (and cannot!) do, the better!

So, with that introduction, let's get started. If you haven't already, I HIGHLY RECOMMEND that you start learning about the product on your own. You can get some overview information from the SBS Blog post from Michael Leworthy. That post includes links to several resources, including an overview video, that make for a good introduction. I'd also recommend, if you haven't already, that you read the Aurora Beta Announcement on the SBS Blog and go sign up for the beta of the product so you can get your hands on the bits now. 

While you're waiting for the bits to download, let's take a quick tour of an out-of-the-box basic install of Aurora in a test environment. From the basic desktop screen, you can see that this is NOT your typical SBS.

In fact, if you've seen Windows Home Server, it should look really familiar to you (especially if you've been in on the Vail beta). That's because Aurora is built on the same codebase as the next version of Windows Home Server, codenamed Vail. We'll get more into the similarities in later posts, but for now, let's mention the one key difference between Vail and Aurora, and that's Active Directory.

As you'll see in the above image, when looking at the list of services running on our unmodified Aurora install, there are Active Directory services running on this server. These are set up as part of the Aurora install and are present by default (i.e., you cannot choose whether to install Active Directory or not). Part of the licensing restriction for Aurora is that it must run Active Directory, and it must be the root domain holder for the network (very similar to the licensing restrictions for SBS, and the reason why you cannot have Aurora and SBS in the same domain).

One other key service of Active Directory is DNS, and as you can see in the above shot of the second page of services on Aurora, the DNS server service is installed and running. Again this is done as part of setup and is not configurable. Active Directory relies heavily on DNS, so it's good to have the service there and pre-configured as part of the setup.

If you look carefully at the list of services in that second screenshot, however, you may notice something missing (if you're used to the typical SBS installation). That's right, there's no DHCP Server service listed. Aurora does not preinstall or preconfigure DHCP services for the network. The default assumption with Aurora is that some other device on your network, perhaps the Internet Router, is providing DHCP for the network. This is one area where I disagree with the default configuration of Aurora out of the box. I firmly believe that DHCP should be installed and running on Aurora so that proper AD information can be handed out to workstations participating in the Aurora network, such as the default internal domain name and the IP address of the Aurora box as the primary DNS server for the workstations. Anyone who has run across domain-joined workstations that do not point to a domain-enbled DNS server knows that the Active DIrectory performance of the workstation leaves a great deal to be desired. Fortunately, the DHCP service can be installed on Aurora, and I have it on good authority that steps for doing so will be included on independent Aurora build docs that are being developed right now.

Next, let's take a look at the Active Directory environment that is configured with Aurora. Below is a capture of the Active DIrectory Users and Computers console showing the AD defaults for Aurora.

Again, anyone familiar with SBS will notice significant differences in the SBS AD configuration and the Aurora AD configuration. The Aurora AD configuration is the same as what you would get installing Active Directory on a standard Windows Server 2008 box. No custom OUs, user accounts placed in the Users containers, and so on. This isn't necessarily a bad thing - Foundation Server does the same when AD is installed (not installed by default). But it *is* different from SBS, and that's something that IT Pros need to be aware of. This configuration has significant impacts on how Group Policy will be applied, but we'll dive into Group Policy on Aurora in more detail in a later post.

Since we did mention Group Policy, however, let's take a quick peek at the Group Policy configuration in our out-of-the-box Aurora install:

When you look in the Group Policy Management Console, you'll see that the only GPOs listed for the domain are the Default Domain Policy and the Default Domain Controllers Policy. That's it. Again, this is exactly what you'd expect from a traditional Active Directory installation, but NOT from an SBS installation. SBS has used Group Policy heavily in its configuration since SBS 2003, but that is not the case in the default Aurora install.

So in this quick look at Aurora, I hope you've seen that Aurora is NOT the "next version of SBS" as some media outlets have claimed that it is. It's going to be an interesting hybrid of Home Server and Foundation Server, but it is NOT a derivative of the traditional SBS product line. While not all of the details regarding Aurora have been finalized or made public yet (i.e., pricing, licensing, additional restrictions, etc.), I still think that this is going to be a great platform to build on for the 1-20 employee business. I'm already making plans to "upgrade" several of our customers from SBS 2003 to Aurora (and I'll cover more about how I plan to approach that move from a technology standpoint in later posts in this series) once the product is released, and see the potential of this product with other clients that we haven't had a good solution for up until now. But as different as this product is, the typical SBS consultant will need to rethink the way they approach ongoing maintenance for this solution, and the best way to devise those plans is to start working with the product NOW to see what you're really up against. Some of the tools or processes you've been using for years simply may not work the same way on Aurora as they do your other supported devices, and you really don't want to figure that out AFTER you've deployed this to a customer.

Bottom line, we're sold on Aurora, and think you will be, too.

Yesterday, Microsoft released the first public beta of Windows Small Business Server Codename "Aurora" on the connect site (https://connect.microsoft.com/sbs). This is one of the two products in the SBS space that were announced back at WPC in July, and Aurora is the new entry into the SBS product space. Though some media outlets have been describing Aurora as the next version of SBS (implying that Aurora follows in the footsteps of SBS 2000, SBS 2003, and SBS 2008), that is NOT correct. The product named Windows Small Business Server Codename "7" (which has not yet been released in a public beta) will be the next version of "SBS" as we have known it, including Exchange, Sharepoint, RWW, etc., all bundled on the same box.

Aurora is something completely different in the business line. Those who are familiar with Windows Home Server will recognize Aurora when they load it, as Aurora is actually built on the WHS codebase. The key differences in Aurora and WHS are Active Directory (Aurora has it, WHS doesn't) and user limits (25 for Aurora, 10 for WHS). Aurora will also natively integrate with Microsoft's hosted Exchange product line.

There's still a lot we don't yet know about Aurora: pricing, licensing, CALs, release date, etc. But for those who are dealing with businesses under 25 users (for me, i'll probably put the limit at 20), Aurora is definitely something that you need to start looking at. Now. 

If history has shown me anything of late, it's that a LOT of people never took a look at SBS 2008 when it was in beta. Yeah, I heard all the excuses: I don't have the hardware, I don't have the time, yadda yadda yadda. Same thing after it was released. I spoke to a number of user groups and encouraged the members to load a box with SBS 2008 and kick the tires before dong a customer install. Or doing a migration (or two or three) before doing a migration for a customer. Funny thing is, generally speaking, those who looked at SBS 2008 before deploying it, especially those who ran through test migrations before migrating a customer, had FAR fewer challenges than those who walked into it blind. Back then, my mantra was "SBS 2008 is not your grandfather's SBS." SBS 2008 was significantly different than SBS 2003, and IT consultants found out either the easy or the hard way (mostly the hard way despiet a LOT of people's efforts to the contrary).

Well, the same holds true for Aurora. This is NOT your typical SBS. SO before you even THINK about deploying it for a customer, download the beta and give it a whirl. There's a greater than 0 chance that Aurora will become the backbone of our internal operation (although we will be doing things a bit differently, but that's a different post for a different time), so it's a product we're particularly sold on. But I cringe at the thought of the IT Consultant who will go out and blindly sell Aurora to a client, either thinking that it's the "next SBS" or being completely unfamiliar with it and end up causing more problems than resolving issues. 

So please, do yourself and your customers a favor, this time get in early on the Aurora product timeline and start getting familiar with it. You'll find that it's a bit easier on hardware requirements than SBS 2008 so that argument should go away, and I think that when you spend some time with it, you'll see how it will fit in for some of your clients and become a good sales tool for you. Just get over to the Connect site, sign up for the beta, and get started posthaste!

I'll be doing a Third Tier webinar tomorrow (July 15) that covers installation and configuration of Kerio Connect on a server running Windows Server 2008 Foundation server. This will be a live demo (as opposed to a series of screenshots) so you might want to stop by and see if something goes horribly wrong with the demo. :) The meeting WILL be recorded for those who are not able to be there at Noon Eastern (9am Pacific) and posted to the Third Tier web site for future viewing/reference.

This is NOT going to be your typical "go here, click this, boom it's working" demo - there are some special considerations I'm covering with this particular install scenario. Reading between the lines is strongly encouraged. :)

Brian Carmichael of Kerio will be assisting with the webinar to answer any questions I may not be able to and offer any additional insight on the Connect product.

The LiveMeeting information is below, and can also be found on the Third Tier site at http://www.thirdtier.net/2010/07/webinar-whats-all-the-hype-about-kerio-how-to-get-this-exchange-alternative-installed-and-configured-with-eriq-neale/

https://www.livemeeting.com/cc/harborcomputerservices/join?id=685ZTG&role=attend&pw=9x%3A4P%5Cqmd

AUDIO INFORMATION

• Computer Audio(Recommended)

To use computer audio, you need speakers and microphone, or a headset.

FIRST-TIME USERS

To save time before the meeting, check your system to make sure it is

ready to use Microsoft Office Live Meeting. 

http://go.microsoft.com/fwlink/?LinkId=90703

TROUBLESHOOTING 

Unable to join the meeting? Follow these steps:

1. Copy this address and paste it into your web browser: https://www.livemeeting.com/cc/harborcomputerservices/join

2. Copy and paste the required information:

Meeting ID: 685ZTG

Entry Code: 9x:4Pqmd

Location: https://www.livemeeting.com/cc/harborcomputerservices If you still cannot enter the meeting, contact support:

http://r.office.microsoft.com/r/rlidLiveMeeting?p1=12&p2=en_US&p3=LMInfo&p4=support

NOTICE

Microsoft Office Live Meeting can be used to record meetings.  By participating in this meeting, you agree that your communications may be monitored or recorded at any time during the meeting.

Gee, guess what? There's a LOT of talking about cloud computing going on today, probably moreso today than just about any other business day in recent history. Why? Because Steve Ballmer kicked off the Microsoft Wordwide Partner Conference with his keynote speech today, and it was pretty much all cloud, all the time. We've all heard that Microsoft is "all in" when it comes to the cloud, but just in case you missed it, that was Ballmer's message today.

The full transcript of Ballmer's keynote is now available from Microsoft (http://www.microsoft.com/presspass/exec/steve/2010/07-12wpc.mspx), and there are several YouTube video versions of the speech online as well. I'm a firm believer that everyone should read the entire transcript and/or watch the entire speech to form your own opinions about where you stand compared to Ballmer's vision of the future. And if you haven't yet, I'd humbly request that you do so before continuing with reading this post.

There are sections of Ballmer's speech that I suspect are going to bother some MS partners, and I won't necessarily disagree with you. I get the whole cloud message, really, I do. It's a marketing thing. If Microsoft were to come out and say "eh, this cloud thing might be interesting, we'll dabble in it and see what happens," partners might not be as eager to jump in given the company's recent history (Small Business Accounting, Response Point, EBS, etc.) So yes, there has to be a message about pushing cloud almost to the exclusion of everything else. Even with the announcement of Aurora and SBS, you're going to hear a LOT more about Aurora because it's "cloud ready" whereas SBS is not. It's a marketing move, and one that I understand the why behind the push.

But one statement does concern me a bit: "If you don't want to move to the cloud, we're not your folks." Here's the statement in full context (starting at 7:10 in this YouTube post: http://www.youtube.com/watch?v=3o91XoJmtgE):

I'll have a number of breakout sessions with partners, where I'm sure I'll hear various things about how we are competing with you when you don't want us to, and how we can improve channel conflicts. I'm sure I'll hear about margins and blah, blah, blah, blah, blah. But, we will factor those inputs in. We will continue to tweak and tune. We will continue to support you and drive this move to the cloud together. If you don't want to move to the cloud, we're not your folks. But, if you want to move to the cloud and take advantage of one of the most fantastic ways of interested investment that corporate IT has ever made, there's nobody better to bet on than Microsoft.

I've seen some posts already reacting to the "blah, blah, blah, blah, blah" bit, but that doesn't bother me as much as "If you don't want to move to the cloud, we're not your folks." Really? You're so sold on the cloud you're going to abandon every single customer who, for whatever business reason, doesn't want to "get cloudy"? Or are you so certain that the cloud is the only future that you're dissing those of us who don't buy into the "cloud is the solution for every problem" mentality? What exactly is the message here? As a Microsoft partner who has customers who have presented valid business cases why they currently choose not to embrace cloud solutions, how am I supposed to react to that statement?

Don't get me wrong, I'm not an anti-cloud zealot. Just like I'm not an anti-Microsoft zealot even though I happen to own and use a LOT of Apple technology in my business. Our business has been selling and supporting hosted Exchange for quite some time, and signed up yet another customer last week. We're likely to take one of our largest customers and move them off of SBS to hosted Exchange before year end because it makes sense for their business. Even my other business, Third Tier, is entirely cloud-based. So I'm not cloud-phobic. I'm just not also a pro-cloud zealot. When a cloud solution makes good business sense for our customers, we recommend it. When it doesn't, or when our customers articulate business reasons why they choose not to go cloud, we don't. 

So what does Ballmer's statement that "If you don't want to move to the cloud, we're not your folks" mean to you? Seriously - I want to know...

So the word is finally out today: http://blogs.technet.com/b/sbs/archive/2010/07/12/announcing-previews-of-our-simple-and-affordable-servers-for-small-businesses.aspx. Microsoft has announced that a preview release of SBS v7 is coming and that a new product will join the ranks of the SBS space, code named Aurora. Now let the wailing and gnashing of teeth begin, not to mention the flood of blog posts, tweets, as well as other status updates.

What does today's announcement really mean? Well, it means that Microsoft has publicly stated that a preview releases of these two products will be available soon, and that you can read more about them and sign up to find out when the preview releases will be available at http://www.microsoft.com/sbs/en/us/beta.aspx. That should answer the questions about "is there going to be another version of SBS after 2008" and "what is this Aurora thing that looks like it might be the next version of SBS" for most people. It also means that I'm somewhat *less* limited in what I can say about the products and the space.

I've already seen some speculation and confusion about these two products from people on the 'net. What follows is my personal take on these two products and how I think they'll fit into the space.

SBS v7 is pitched as a component refresh of the traditional SBS bundle. That means the latest versions of the core WIndows OS, Exchange, Sharepoint, WSUS, and SQL. The announcement doesn't say anything about any new features being added, but does allude to a "richer remote access experience." User limitations appear to be remaining the same at 75 users. I have not yet seen SBS v7, so I cannot say anything about it other than what's listed in the product announcement. If you're familiar with SBS 2008, my guess is that you'll be pretty familiar with what SBS v& will be bringing to the table. We'll know more after the preview release becomes official.

Aurora is the new kid on the block, is geared to be an "ideal 'first server'" according to the marketing. Supporting up to 25 user accounts, it presents the first "hybrid" product in the space, one that combines traditional on-premise equipment tied in with cloud services. Again, until the preview release becomes available, there's not much more to say.

What I do see coming down the pike is a LOT of discussion over proper server sizing, premise versus cloud, capital versus operating expenses, and so on. These products are going to mark a turning point in how many IT service shops approach providing services for their customers. Folks who have been avoiding dealing with the cloud are going to have to in order to fully understand how best to pitch these products to their customers. Those who have complained that SBS is too "big" for smaller shops now have an alternate solution.

For me, we'll be looking at Aurora for smaller sites who aren't concerned about having their e-mail hosted on premise. Or even small shops who are looking at Kerio as an on premise e-mail solution. We'll also be looking at SBS for those organizations who continue to want all of their technology services entirely on site: e-mail, collaboration, LOB apps, etc. The only real limits for how we may choose a solution is the seat count: 25 for Aurora and 75 for SBS. Businesses over 25 employees automatically have Aurora ruled out, and businesses over 75 employees automatically have SBS ruled out. Everything else is fair game.

In the coming months, as more information becomes available about these products and what they really can and cannot do, we'll get a better picture of how we're going to use these products as solutions for our customers. When to choose Aurora over SBS and vice versa. Until then, we are in research mode, and we will continue to promote solutions to our customers based on the needs of the customers and the products that we have at our disposal.

Third in the QonCall series, in which the notion of rebooting a system as a troubleshooting step is actually a good idea...

The second in the QonCall series of video posts. Sometimes, even when you think you don't want to be as connected as you've become, you find that you really, really need to be completely plugged in...

OK, I have no idea if that's a real word in the title, but you'll get the idea momentarily. I'm starting a new approach for some of the content on this blog which will hopefully allow me to get some of my thoughts/ideas out a little quicker. I can't tell you how many blog posts are running around in my head, realized in a moment of inspiration and lost in the lack of time that has been my life over the last year. Well now that I have a handy little device that will allow me to record quick little video snippets wherever I happen to be and then post them on YouTube, I can quickly get my thoughts recorded and then relatively easily posted here.

So today, we start the QonCall series of video posts with an event that happened to me this morning, and it turned a probably horrible Monday into a day that didn't suck quite as bad. Here's the story:

Now to figure out how to better automate this process. But that's a challenge for a later day...

In case you haven't heard just yet, I'll be participating in a two-part webinar with my friends over at Kerio to talk about their collaboration product, Kerio Connect. We've been using Kerio Connect as our e-mail and collaboration server in our business since the first of April and couldn't be happier with how it's been working for us. We're also starting to do proposals that include Connect instead of Exchange for customers in specific situations.

If you've been curious as to what Kerio Connect is and why we've become such passionate supporters of the product, please plan on attending these webinars on Thursday June 10 and July 8. This is a two-part series, not a repeated session. The official announcement is listed below.

I'll also be doing an "alternatives" webinar for Third Tier on Thursday June 17. Check out the Third Tier blog (http://www.thirdtier.net/blog) for details about attending that webinar.

On Change. On Kerio Connect.

Hear Why SBS MVP Eriq Neale Chooses Kerio Connect

Part One

Thursday June 10, 2010 | 10:00AM PDT

Kerio Connect – the new generation of Kerio’s messaging and collaboration platform, is the leading all-in-one, cross platform, messaging and collaboration server for small to medium organizations. Kerio Connect is more than a mail server – it includes integrated anti-virus, powerful anti-spam, built-in archiving, and automated backup, and a lightweight IT footprint, making it the SBS alternative of choice.

In part 1 of this two-part webinar series, join Kerio Sales Engineer Brian Carmichael and our honored guest, SBS MVP Eriq Neale, to learn more about Kerio Connect and to hear first hand why Eriq chose Kerio Connect for his business, EON Consulting.

In this webinar you will

• • Learn about Kerio Connect and its newest features including Distributed Domain, Full Web Admin, CardDAV and New Mobile Device Support.
• • Hear why SBS MVP Eriq Neale endorses Kerio Connect as an alternative to SBS.
• • Understand how Kerio Connect can fit in your product portfolio along side SBS and Exchange.
• • See a live demonstration of Kerio Connect.

Presenters

Brian Carmichael, Sales Engineer, Kerio Technologies
Eriq Neale, SBS MVP; President, EON Consulting; Partner, Third Tier

REGISTER

https://kerioevents.webex.com/kerioevents/onstage/g.php?t=a&d=667015513

Part 2

Thursday July  8, 2010 | 10:00AM PDT

Mark your calendar for part 2 of this two-part webinar series where Brian and Eriq will get much more technical focusing on configuration, administration, troubleshooting and addressing your technical questions about Kerio Connect.

Saturday Session 2 - Alternatives: Remote and Monitoring
Eriq Neale, Marina Roos, Andy Goodman, Dave Nickason

We picked up on the theme of alternative solutions for SBS technologies by addressing the remote access and monitoring topics. This session was largely interactive with the audience, discussing the various remote/monitoring solutions being used as well as why people chose those particular solutions.  

Saturday morning, Session 1 - Alternatives: Is Exchange Expendable?
Eriq Neale

OK, it does feel a bit self-serving to post a summary of my own session, so I won't. At least not in detail. Other than to say that the bulk of my 30 minute presentation was a show and tell of how Kerio Connect works as a back-end replacement for Exchange in small environments. I will be doing a more detailed demo of Kerio as a Third Thursday webinar with Third Tier in June, and I'll be appearing in a two-part webinar with Kerio coming in June and July. 

The last two sessions from yesterday were the Right-sizing Servers with Steve Banks, Oliver Sommer, Larry Struckmeyer, Jim Behning, and Dave Nickason; and Branding and Customizing of the SBS Organization with Ofer Shimrat. Unfortunately, I got called out for a good portion of both of those sessions so I did miss a good chunk of the content. I do know that Steve's session included a discussion of Foundation Server 2008, and Ofer had a good outline of how his company works to set up branding/templates for an SBS 2008 deployment for a new customer. As I understand it, Ofer's slide deck will be made available, and keep an eye out for possible future announcements about how to get audio access to the content sessions from this year's conference.

Third Session - New Economics: Cash, Cash flow, Liability management
Cal McLennan, Dean Calvert, Mark Crall, George Sierchio

Great discussion from a variety of experts on how important cash flow and understanding the money numbers in your business need really is. Cal and Dean provided a non-U.S. insight into dealing with some accounting issues, but the panel members all agreed that understanding where the cash is in your business and being able to explain your business finances is critical.

Second Session: Evolve
Speakers: Jeff Middleton, Matt Mackowicz, Karl Palachuk, George Sierchio

Jeff brought up to the stage a group of people who consult for IT consultants, a veritable "who's who" in their industry. Each one brings their own specific angle to how they advise their business clients, as indicated by their business tag lines:

George - Run it like you're going to sell it.
Matt - Let ambition be your mission, everything starts and ends with sales.
Karl - document, docuement, document (but really "relax, focus, succeed").
Jeff - Take your weekends off.

Jeff asked each of the speakers to detail how they got to the point they are with their current businesses, and each had a very different path that they took to get where they are. Hearing the individual stories leads to a better understanding of how each of the speakers has developed their philosophy and approach.

One point came up that was common among all the speakers:

Slow down and get more done: each agreed that if you're constantly running at a breakneck pace it's easy to overlook things and actually be less efficient.