MDT Database – Named Instance Issue

January 20, 2011 Leave a comment

So the same security conscious client that I last blogged about arranged for their DBA to install SQL Express on the MDT server, create the MDT database and configure permissions (because I’m not trusted enough to install SQL).  All seemed well and good – as I got the MDT web front-end deployed and could update the database.

Then I go to test deploying an image after configuring database rules (which basically just updates the customsettings.ini with the SQL connection info) and sure enough “SQL Server does not exist or access is denied” error messages are being displayed.

At first I though that the DBA must not have granted my deployment account db_datareader permissions, but after testing connectivity by creating an ODBC connection I confirmed that permissions were fine.

After searching the internet, I came across a few forum posts that mentioned similar issues all related to using a custom Named Instance.  Turns out if you’re using a named instance in SQL Express, you MUST have the SQL browser service enabled.  I have tested MDT with the browser service disabled (as per the DBA’s request) but of course my tests were with the default \SQLExpress instance.  After all that troubleshooting, the DBA will be reinstalling SQLExpress and reconfiguring the database since she will not enable SQL Browser service on a server that has Named Pipes enabled.

Hope that helps!

Categories: OS Deployment Tags: , ,

Setting up the MDT Web Front End

January 16, 2011 2 comments

At long last I managed to convince a customer to start using the MDT Database so that we could have more control over the deployment process and build in better automation.  While I’d love to get into that topic at some point, for now just read the article over at Xtreme Deployment: http://deployment.xtremeconsulting.com/2009/11/24/understanding-the-mdt-configuration-database-part-1/

My customer is always worried about security and access to the MDT database (even though it happens to be deployed on the same server), I showed them the MDT web front end that I was running in my lab and they agreed it’d provide a better (and more secure) way to access and manipulate the MDT database. This is what helped get creating the MDT Database approved, since I showed the ability to manage and delegate access of specific and granular levels of control over MDT.

Since I couldn’t find any good deployment articles out there other than the install documentation on codeplex (found here), I figured this’d be a good first technical blog post.

Without further ado, here are the steps to deploy it:

Software Installation

Install IIS Roles

Instructions 

Details / Screenshots 
 
“Server Manager”

  • Right-Click “Roles”.
  • Click “Add Roles”.
“Before You Begin”

  • Click “Next”.
“User Account Control”

  • Click “Yes”.
“Add features required for Web Server (IIS)?”

  • Click “Add Required Features”.
  • Click “Next”.
“Web Server (IIS)”

  • Click “Next”.
“Select Role Services”

  • Under Application Development, Enable:

“ASP.NET”, “.NET Extensibility”, “ASP”, “ISAPI Extensions”, “ISAPI Filters”, and “Server Side Includes”.

  • Under Security, Enable:

“Basic Authentication”, “Windows Authentication”, and “Digest Authentication”.

  • Enable: “Management Service”
  • Click “Next”.
“Confirm Installation Selections”

  • Click “Install”.
“Installation Results”

  • Click “Close”.

 

Extract MDT Web FrontEnd Source

Instructions 

Details / Screenshots 
Download software from http://mdtwebfrontend.codeplex.com/releases/view/35756 and extract to C:\Support\Downloads.
“Windows Explorer”

  • Type the path to the MDTWebFrontEnd .zip file.
  • Right-Click the file, and click “Extract All”.
“Extract Compressed (Zipped) Folders”

  • Click “Extract”.

 

Add IIS 7 Web Application for the FrontEnd

Instructions 

Details / Screenshots 
 
“Server Manager”

  • Expand “Web Server (IIS)” à “Internet Information Services” à “SERVER” à “Sites” à “Default Web Sites”.
  • Right-Click “Default Web Sites”.
  • Click “Add Application”.
“Add Application”

  • Enter Alias: “MDTWebFrontEnd_Prod”.
  • Enter Physical Path: “E:\MDTWebFrontEnd_x64_v1_0_1\MDTWebFrontEnd\”.
  • Click “OK”.

NOTE: Repeat this process for each environment that needs to be managed by the MDT Web FrontEnd.

 

Configure IIS Authentication

Instructions 

Details / Screenshots 
 
“Default Web Site à [WebApp]”

  • Double-Click “Authentication”.
“Authentication”

  • Right-Click “Anonymous Authentication”.
  • Click “Disable”.
  • Enable “Windows Authentication” and “Basic Authentication”.

 

Create “MDTWebFrontEnd” Application Pool

Instructions  Details / Screenshots 
 
“Application Pools”

  • Right-Click “Application Pools”.
  • Click “Add Application Pool”.
“Add Application Pool”

  • Enter Name: “MDTWebFrontEnd”
  • Click “OK”.

 

Configure Application Pool Identity

Instructions  Details / Screenshots 
 
“NNNNNNNN”

  • Click “Next”. 
“Advanced Setting”

  • Under “Identity”, Click “…”.
“Application Pool Identity”

  • Click “Custom account”.
  • Click “Set”.
“Set Credentials”

  • Click “OK”.
“Application Pool Identity”

  • Click “OK”.
“Advanced Settings”

  • Set “Load User Profile” to “True”.
  • Click “OK”.

 

Configure Web Application to use custom Application Pool

Instructions  Details / Screenshots 
 
“IIS Manager”

  • Right-Click on the MDT Web FrontEnd Web Application.
  • Click “Manage Application à Advanced Settings”.
“Advanced Settings”

  • Beside “Application Pool”, Click “..”.
“Select Application Pool”

  • Select “MDTWebFrontEnd”.
  • Click “OK”.
“Advanced Settings”

  • Click “OK”.

 

MDT Web FrontEnd Configuration

Configure Database Connections

Instructions  Details / Screenshots 
 
“Internet Explorer”
“Configuration”

  • Enter MDT Database Information.
  • Click “Test MDT DB connection”.

Confirm the connection is successful.
“Configuration”

  • Click “Upgrade Database”.
“Configuration”

  • Close Internet Explorer.

 

Upload MDT Applications

Instructions  Details / Screenshots 
 
“NNNNNNNN”

  • Click “Admin”.
“NNNNNNNN”

  • Click “Next”. 
“NNNNNNNN”

  • Click “Next”. 
“NNNNNNNN”

  • Click “Next”. 
“NNNNNNNN”

  • Click “Next”. 
“NNNNNNNN”

  • Click “Next”. 
“NNNNNNNN”

  • Click “Next”. 
  
Categories: Uncategorized

Enterprise Vault 9 Administration Console takes a long time to open

January 16, 2011 Leave a comment

Last week I got to do my first production deployment of Symantec Enterprise Vault 9.0 for a small client in Vancouver. While all around, I like the improvements from past versions (I come from the EV 6 days – so trust me, there’s a LOT of improvements to the product than there ever used to be!).


One of my only complaints so far is the load time when opening the Administration Console.  It usually takes at least a few minutes to open – and often results in the “this snap-in is not responding” message.  You just hit cancel and eventually the console opens – but it’s a pain waiting for it.

 So thanks to @errmm, he told me that if I disable “Check for publisher’s certificate revocation” it’ll speed up.  So sure enough, I tested it and  now it opens in less that a minute! 

Categories: Email Archiving, Enterprise Vault

I step into the world of Blogging

November 21, 2010 Leave a comment

After creating a WordPress account last March, I’ve finally decided to actually write some content for the Blog.

 

My primary challenge is how much I work. Today for example, I’m procrastinating writing a Symantec Enterprise Vault Design Document that’s due tomorrow morning. Once that’s done, I have to finish writing a test plan for an Exchange 2010 Proof of Concept environment I just built for a client. Yes – all on the weekend before Monday morning!

 

 

Regardless, I’m on twitter now (@HardCoreITGuy) and I think my status updates regarding my projects don’t mean much unless I blog about them too. I mean, saying yeah I completed a vSphere and SAN deployment doesn’t mean much unless I can write about the highlights and the dos/don’ts that I ran into etc.

 

 

I honestly don’t want to blog for publicity or some kind of status in the community, but even though I still feel that I have a vast amount to learn I also feel I have a lot that I could be sharing. I literally have hundreds of ‘how tos’, quick tips, useful links, and best practices that I have sitting in an MS OneNote notebook that I’m continually dumping content into when researching for a project as well as anything I discover during my projects.

 

 

So my goal over the next few months is to get active on my blog and start sharing what knowledge I can with the community. I’ve definitely got a bit of a learning curve in terms of how best to share content, upload screenshots, offline editors etc, and not a lot of time to make the blog site ‘pretty’ or cool – so for now, my focus is on content. And then, once my projects are under control and I can free up more cycles I’ll see what I can do about how the site looks.

 

With that, please welcome me to the world of blogging and I hope that over time you’ll find my site useful. 

 

Nigel Brown (aka @HardCoreITGuy)

 

 


Categories: Personal Tags:

Skipping F12 when PXE booting from a WDS server

November 21, 2010 Leave a comment

These days, I’ve been deploying my Windows OS’s with Microsoft Deployment Toolkit 2010 in the lab.

The benefit of doing this, is that I can customize the deployment process to install just what I need, customize OS Settings, have it auto-join the domain, etc, etc.

Anyways, since all of my lab is built on VMware vSphere deploy OS’s using the vSphere Client. Now, when using PXE in this environment it’s a PITA when you have to hit F12 every time the VM boots. Often I’ll power on the VM, then open console – and guess what? You already missed the F12 boot and the VM skips right by PXE.

Read more…

Categories: OS Deployment Tags: , ,