Damian Leibaschoff
Support Escalation Engineer
Microsoft
Ron Martinsen
Senior Development Lead
Microsoft
User Management
Group Management
Goal: Simplify management of an SBS network
Make it a repeatable deployment and management experience for you the partner
Empower the occasional small business IT person to do simple tasks
Strategy
One stop shop
Admin console
Amalgamate and organize most common/important tasks into an SBS management console
Windows SBS console
Complex tasks made easy
Amalgamate disparate native application tasks into easy to use SBS tasks
Organize tasks and resource information in a logical way
Do not organize tasks and resource information on the underlying technologies
Admin from anywhere
Except from “dumb Internet terminal”
Who can access the console?
SBS administrator (domain administrator)
Where can we access the server/console from?
Locally
Log on to the server
Intranet
Desktop link (TS/Remote Desktop)
Vista – Admin gadget
Remote Web Workplace – link
Internet
Remote Web Workplace – link
Goal: Simplify and unify management of SBS users
Strategy
One stop shop
Admin console/users, user roles sub-tabs
Amalgamate and organize most common/important user management related tasks into one area
Complex user mgmt tasks made easy
Amalgamate disparate native application tasks into single easy to use SBS user mgmt tasks
E.g., Add User wizard, edit user properties
E.g., Add Multiple Users wizards
Creation, modification and removal of user accounts
Management of user related features
E.g., Password policies
Management of user templates, which can then be applied to user creation and management
One Stop shop Administrator console/groups sub-tabs
Amalgamate and organize most common/important group management related tasks into one area
One task to create a group based on users scenario needs
E-mail distribution list/group
Security group
Mail enabled security group
Partner Profile
Interprom Inc.
Barrie Ontario
3 Employees
25 contracted customers in the SMB space
Our Focus: Outsourced IT and Managed Services
Microsoft Gold
Certified Partner
TAP Customer Profile
Blevins Insurance Group
20 Employees
Insurance and Group
Benefits
Key Pain Points: Remote access, mandated security
Enhancements to remote access features have enabled employees to have a seamless experience outside the office from their local desktops and windows mobile devices
SBS 2003 provided great tools, but not the easiest interface for remote users
SBS 2008 provides a seamless environment
TS Gateway, published applications, TS Web
Securely exposed Sharepoint 3.0
Outlook Anywhere !
We all remember that Remote Web Workplace was the big selling feature in SBS. Who knew it would come around again bigger and better!
SBS 2008 provide partners the ability to push out applications – third party, and those developed on SharePoint
Start learning SharePoint 3.0
Learn everything you can about Windows 2008 TS
Start talking to your customers about Anywhere access
Get familiar with trusted certificates!!
Single Executable
Performance
Limited dependency on IIS
Task oriented
Each TAB does pre-requirement checks
Examples
System Health: Are WSUS and IIS running?
Users and Groups: Is AD running?
Advanced mode (Command line /a)
ISV Extensibility
System Health tab
Mostly a migration type scenario
Stamp users using the Change User Role wizard
Be aware of replacing permissions/settings
Make sure you display all users from AD
For groups we will provide manual documentation
Users
Add a new User Account
Add multiple user accounts
Change user role
Change password policies
Default: Expire 180 days
Strong password enforced
Redirect user account’s folders to the server
Manage Desktop Links (Vista Gadget)
Tasks
Users (contextual)
Edit user account properties
General
Remote Access rights
E-mail quota
Computer Access rights
Shared Folder quota
Groups
Website Access rights
Remove user account
Reset user account password
Change group membership
Disable user account
Create a new role based on this user’s settings
Print getting started page for this user
Groups
Add a new group
Groups (contextual)
Edit group properties
Mail enable group
Allow Internet e-mail to the group
Allow archiving for the group
Change group memberships
Remove group
Under the Network tab
Only machines under
Default containers for new machines in AD
MyBusiness\Computers\SBSComputers
MyBusiness\Computers\SBSServers
Computers in OUs under them are also displayed
Status is a combination of
ARP and ICMP Responses (ping)
SMB Access (tcp/445 or tcp/139)
Use: “Net view \\machine ” to confirm
Problems
Stale DNS record pointing to a valid IP for another machine
Client/server time offset
Firewall at the client
File and Print Sharing not enabled on the client
Query the Security Center for
AV enabled
Firewall enabled
Anti-spyware enabled (Vista only)
Similar problems to the status check plus potential WMI issues
Tasks
Connect computers to your network
How to guide using online website
Use portable media
Enable Power Management in Windows Vista
By default Power Management is disabled on domain joined
Vista machines when plugged into AC power
Tasks (contextual)
View server/computer properties
General information (as reported by WMI)
Update information (as reported by WSUS)
User access
Workstation
Remote Web Workplace
Workstation access level
The information contained in this presentation relates to pre-release software product, which may be substantially modified before its first commercial release.
Accordingly, the information may not accurately describe or reflect the software product when first commercially released. This presentation is provided for informational purposes only, and Microsoft makes no warranties, express or implied, with respect to this presentation or the information contained in it.
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.