MCTS: SQL Server 2005

After about 2 months studying the SQL Server 2005 books, today I took the 70-431 exam and pass with the score 940! I am now Microsoft Certified Technology Specialist (MCTS): SQL Server 2005

It was a great experience to know how great is SQL Server 2005. It has all the capabilities and capacity to host enterprise level data.

High availability is very important these days and SQL server 2005 has the technology to make sure the data is available 24/7/365 through either mirroring, replication, log shipping or snapshot.

The reason for me learning SQL Server 2005 is because the working environment that I am with is full of SQL Server 2005. I need to be able to support them and I need the necessary skills to do the job for mission critical database

Virtualization Forum 2007

Today, I went to this VMware forum at Darling Harbour.

A lot of talk about Green technology and how hardware vendors with VMWare can reduce the CO2 emission by consolidating servers to Virtual infrastructure.

They were talking about VDI as well - Virtual Desktop Infrastructure - with thin clients, which is cool for large enterprise company with thousands of client PCs.

IBM was talking about their System X Servers which is pretty impressive!

some photos:

BackupExec 11d - GRT Backup for Exchange 2003

BackupExec 11d has a new feature called GRT - Granular Restore Technology - which allows you to restore emails at the brick level with Information Store backup only!

This is very exciting for most of us who know how painful is doing brick level backup, especially the time it takes.

Now Veritas with its BackupExec product has a great solution for us. This blog will show you a very quick way to make this happen. Of course you can do more tweaking:

1st step - very obvious, install your BackupExec Server

2nd step - once you have finished installing the BackupExec server - install the remote agent to your exchange server

3rd step - Create a backup selection list and choose the Information Store you'd like to backup




4rd step - Create backup-to-disk folder, this to store the backup files



5th step - Create a backup job with the selection list created on the 3rd step, use the backup-to-disk folder as the device and make sure on the Microsoft Exchange settings, tick the checkbox 'Enable the restore of individual mail messages and folders from Information Store backups'





6th step - create an Active Directory account for doing the backup. Make sure this account is mailbox enabled (send a test email to this account to trigger the mailbox creation after the AD account has been created). Run the BackupExec services using this account and use this account for the logon account that runs the backup and restore. Finally, assign this account as a local administrator of the exchange server and delegate this account as an Exchange administrator

Good luck! and I'll be posting again with Exchange 2007 backup

Passed ONT (642-845) Today - CCNP -

Yes!! Finally, the final fourth exam, Optimizing Converged Cisco Networks (ONT), was done today with the score 955/1000.

This marks special moment in my career as a Certified Cisco Network Professionals (CCNP). I learnt a lot of new stuff when studied for this certification. It is the best certification so far :)

Next one is probably CCDP

Cisco ISCW Exam Passed!

I have passed the 3rd Cisco exam toward the CCNP.

It is the ISCW, and my score is 966/1000!!
This is the best exam so far of getting the current knowledge; it includes:

• site-to-site VPN
• ADSL configuration with PPPoE and PPPoA
• SDM

1 more 2 go :)

The Best PST Password Recovery Utility

I've been trying to recover a PST file for the last 4 weeks!

Yes, I know there are a lot of utilities out there that promise you to recover the password of your PST file.

I tell you something, none of them is able to recover a password of a PST file that has a size of 4.0 GB - yes it is four GIG! All of them saying the file is corrupted! but it is not.

Only one utility can open the file and recover the password: PstPassword
This is the best utility for this matter, it is free and it works!

The website has a lot of other utilities, check it out.

Cisco BCMSN Exam Passed!

I have passed the 2nd Cisco exam toward the CCNP.
It is the BCMSN, and my score is 978/1000!!

2 more 2 go :)

Checkpoint and Cisco site-to-site VPN

This guide shows you how to create site-to-site VPN tunnel between checkpoint firewall and cisco router. Let's begin:

Checkpoint
IP address: 1.1.1.2
Network behind: 172.20.200.0/24

Create a network object that is the network that will be sitting behind the new Cisco router



Set the NAT – for Internet routing



Create a network object that is the network that will be sitting behind Checkpoint firewall:




Set the NAT – for Internet routing



Create a new interoperable device on CheckPoint for Cisco router



On Topology option, add external Interface



Note picture above is wrong (should be 1.1.1.1) – sorry$
Mark it as an external interface



Create an internal Interface:



Mark it as an Internal interface which leads to the network behind Cisco router



On the VPN domain option, choose manually defined: and assign the network that is behind Cisco router



On the VPN Manager, create a new community or join the new interoperable device to the existing community (either meshed or star)
Create a new one:



On the participating gateway, put the Cisco router and Checkpoint firewall



On the VPN properties, make sure the phase 1 and phase 2 is having the same setup in both Cisco (later) and Checkpoint
In this example we are using 3des-md5 for phase 1 and aes-128-md5 for phase 2



On the Advanced Properties, make sure the phase 1 and phase 2 is having the same setup in both Cisco (later) and Checkpoint
In this example we are using group 2 for phase 1 diffie-hellman group
Disable NAT inside VPN community – so that site-to-site VPN is not Natted



On Shared Secret page, put the share secret on to be used with Cisco router:



Create a rule in Checkpoint firewall to encrypt the traffic between network behind each firewall:



Push the policy to the CheckPoint firewall!

Cisco
IP address: 1.1.1.1
Network behind: 172.20.199.0/24

Create the isamkmp policy:
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2

Create the crypto key:
crypto isakmp key address 1.1.1.2 no-xauth

where shared-key is the shared key you setup in Checkpoint and 1.1.1.2 is the checkpoint IP address

Create transform set:
crypto ipsec transform-set cm-transformset-1 esp-aes esp-md5-hmac

Create the crypto-map:
crypto map cm-cryptomap 1 ipsec-isakmp
description VPN tunnel to Checkpoint
set peer 1.1.1.2
set security-association lifetime seconds 28800
set transform-set cm-transformset-1
match address 111

Create the outbound access list inside VPN (allow Cisco network to Checkpoint network):
access-list 111 permit ip 172.20.199.0 0.0.0.255 172.20.200.0 0.0.7.255

Create the inbound access list for external interface:
access-list 101 permit icmp any any
access-list 101 permit ip 1.1.1.2 0.0.0.0 any
access-list 101 permit ip 172.20.200.0 0.0.0.255 any
access-list 101 deny ip any any log

Assign crypto-map to the external interface:
interface Serial0/0
bandwidth 2048
ip address 1.1.1.1 255.255.255.0
ip access-group 101 in
no ip proxy-arp
ip nat outside
ip route-cache flow
no cdp enable
crypto map cm-cryptomap

Configure internal interface:
interface FastEthernet0/0
description Cisco LAN
ip address 172.20.199.254 255.255.255.0
no ip proxy-arp
ip nat inside
ip route-cache flow
speed 100
full-duplex
ntp broadcast
no cdp enable

Create the NAT rule:
ip nat inside source route-map nonat interface Serial0/0 overload
route-map nonat permit 10
match ip address 150

Create access list for NAT:
Do-not NAT traffic between sites
NAT everything else
access-list 150 deny ip 172.20.199.0 0.0.0.255 172.20.200.0 0.0.0.255
access-list 150 permit ip 172.20.199.0 0.0.0.255 any

Encode movies to Zune player

Since I've got my Zune player from Microsoft, I could not sync some movies to it. Those movies are Microsoft Webcast files, weird huh? Yes! On Demand Webcast is using .wmv file format and Zune player supports .wmv format, but it's just does not work.

The only way to do it is to convert the webcast file to Zune 'compatible' format. There are many products available on the market to do this, but they are not free.

Alternatively, you can use the Windows Media Encoder 9 to help you to encode the .wmv file to be Zune 'compatible' format.

I've created a video how to do it, and posted it on Youtube - have fun :)

Citrix Conference 2007

Today is the Citrix day.
Darling Harbour was the place for Citrix Conference 2007!

Citrix has got a great range of solutions for Enterprise:

• Presentation Server
• Desktop Server
• Access Gateway
• WANScaler
• NetScaler

I've been using Citrix Access Gateway with Advanced Access Control - this product is awesome! with two form of authentication and end-point analysis makes this product as secure as it can be.

WANScaler rocks as well!! It optimizes traffic between main office and branch offices by caching and compressing the data and use token to simplify the traffic.

There is a new coming appliance product which is based on Citrix and Microsoft technology, not available yet now. They are saying this product can be used as a Domain Controller at branch office as well as the WANScaler!

Some notes from the session about upgrading to Presentation Server 4.5:

1. Parallel Migration


• Build Presentation Server 4.5 Data Store
• Build License Server 4.5 (member server 4.5 does not work with earlier version of license server)
• Build new zone data collector
• Create a Web Interface Site 4.5 (using access management console -> create site)
• Add Server Farms
• Migrate Servers (install PS4.5 to the existing member server - note: maske sure the one that has data store installed is the last one to be migrated
  


2. In-place Upgrade (insert the CD to the existing server and install)


• First to upgrade -> License Server
• Upgrade Farm Metric Server
• Upgrade Consoles
• Upgrade Web Interface 4.5
• Upgrade Zone data collector
• Upgrade Member Server

Some pictures:

APAC SharePoint Conference 2007 - 1st Day

Today, I attended the 1st day of APAC SharePoint Conference 2007 in Hilton, Sydney.

Very exciting !! met a lot of MVPs and SharePoint guru from Microsoft and the Partners. I was attending cool stuff sessions about InfoPath 2007, Groove 2007, Security and Disaster Recovery.

If you don't know what Groove is, check this and this out. It is basically the collaboration tool you can use to share files securely, collaborate with other people around the world without having to worry about the underlying infrastructure such as the firewall.

Met with Joel Oleson - check his blog here. One of the most active SharePoint blogger dude :)

Some pictures:

Microsoft Zune

Ahh... finally, after 3 months - the most existing gadget has arrived safely to Sydney, Australia :)

It is the reward for winning the Microsoft ASAP Pro Infrastructure Architect design contest on February 2007.

The Zune looks great - and it's got the most existing Digital FM Radio! However, it is very hard to find any accessories on the market, since it is not officially released in Australia yet by Microsoft.

Some pictures: