Posts from October 2013

Bring on Elgato EyeTV Netstream

I’m not the biggest fan of Sky TV even though I’ve been a customer of theirs for about eight years now. The way that you are locked into their eco-system and how you watch media the way they want you and not what is most applicable to you to doesn’t appeal to me. Sky Go and other new features have helped the situation for a number of people but it doesn’t help me using a Windows Phone or Windows 8 devices as none of their apps are available on these platforms (for clarification, by Windows 8, I mean impressive UI native Windows 8 apps and not desktop apps). I’ve long wanted to break into the IPTV and streaming TV markets, originally with SiliconDust’s HDHomeRun product and now Elgato’s EyeTV Netstream and now is the time to strike.

Me and @NickyCGreen got an email from Sky at the weekend to tell us that our bill was going from a promotional rate to the standard rate, almost doubling to £40 a month. I was happy enough to pay for Sky at £20 a month and actually, I didn’t even consider this was a promotional rate. Just because something is easy though isn’t justification for buying it, certainly when it’s £40 a month. All we really watch on TV these days is FTA (Free to Air) content like BBC One, BBC Two, Channel 4 and the kids watch a little bit of kids TV too like Pop and CBeebies. We don’t have sports or movies add-ons and we don’t have any other services like Sky Go, broadband or phone from them, this is just for basic TV with HD.I  was pretty staggered that Sky will expect me to pay £40 for this basic service so I decided that now was the time to strike the IPTV drum.

I’ve long courted SiliconDust and their HDHomeRun product line but they have let the European products stagnate and not updated them to meet the x2 standards such as DVB-T2 (Freeview HD) or DVB-S2 (FreeSat HD) which means that you can only get the SD (Standard Definition) variants of Freeview or FreeSat on the HDHomeRun. On my search for other products, I came across Elgato and their EyeTV product line. On first inspection, it looks quite Apple focused with a lot of detail on Mac OS X software, AirPlay support along with mobile device support for iOS iPhone and iPad devices but they do support Windows and Windows Media Center also which is enough for me to be happy.

Elgato EyeTV Netstream Sat

I decided to dip my toes into the line-up today by ordering an Elgato EyeTV Netstream Sat, a single tuner DVB-S2 FreeSat network tuner. For those of you who don’t know what any of that means, it basically means that I can connect one of the satellite feeds from my Sky MiniDish into the box of tricks from Elgato and it will output those FreeSat HD pictures onto my home network to be consumed by any device I choose.

I’ve gone with a single tuner to start with as a proof of concept to the wife and kids, I’m going to be configuring this single feed on the Windows Media Center PC in the living room to test out the Media Center Live TV interface, that basics like live TV and channel switcing all work as planned and also that none of the codec changes I’ve made to support .mkv playback effect the TV experience. Once I can get this working and other basics like the EPG (Electronic Programme Guide), I can start to experiment a bit more like. Tricks like the MCL (My Channel Logos) plugin to add the UK channel icons to the EPG are nice additions and make the experience much sweeter.

Aside from watching live TV and optimising that experience, the next thing I’m going to be playing with is the Windows Server 2012 Essentials integration with Media Center. A feature has existed since the days of the first Windows Home Server which allowed the server to move TV recordings to a share on the server and replace that recording with a stub on the Media Center. For me, this is the best feature of Windows Media Center and Windows Server 2012 Essentials coming together. The HTPC (Home Theatre PC) records a programme from the network tuner as normal and once the recording completes, the server moves the recording to the backend Recorded TV share. The result is that the recording then is available anywhere I can access the server from. For me, this means any other Windows PC in the house, my Windows Phone using the My Server app or any internet enabled device which supports Silverlight. Windows Server 2012 Essentials (and notably R2 with it’s tablet and touch device improvements) allow you to use Silverlight Adaptive Streaming to deliver video and audio content from the server to any device you can think of (so long as it supports Silverlight).

Isn’t that a much better way to be able to consume your media? Exactly how you want, wherever you want on whatever device you want and not paying a penny for a subscription service in the process?

I tried, as I always do with product purchases to o a tonne of research before laying down the money but nearly all of the videos I can find on YouTube for Elgato EyeTV Netstream are in German which doesn’t really help me. I’ll be sure to post up a nice review of how setting up the EyeTV Netstream and getting it to play with Windows Media Center goes. If the test goes well, I’ll be sending some more of my money Elgato’s way to beef that single tuner into a dual tuner with their EyeTV Sat Free extender for the Netstream and I’ll then be doubling down to give me four network tuners throughout the house so that I don’t have to worry about recording conflicts or scheduling problems.

If the excitement of unboxing the product doesn’t overwhelm me (these things normally do) then I may even try and get a video on YouTube to get some English language demo’s of the product out there.

 

 

Making the Blog Better and Faster

After moving the blog to Azure, I was really happy with the performance, but I decided this weekend I wanted more so I set off on a personal mission to improve to make the blog better and faster. This post is a quick update on the changes I’ve made to the site to get it to where it is now.

So What Have I Done?

Lots of people recommend YSlow as a Firefox plugin for assessing website performance. I use the Internet Explorer Developer Tools normally for my needs, but YSlow outputs nice reports which tells you what you need to do to get results where as unfortunately, the developer tools only tell you what you’ve got currently.

CSS Removal and Compressing

YSlow identified a number of issues with the site which I’ve worked on resolving to varying degrees. Firstly, it wasn’t happy with the number of CSS stylesheets I referenced due to the theme colour switcher. As I figured this was a gimmick added at the time and nobody would actually really use this, I’ve removed it which allowed me to drop 19 stylesheets from the HEAD section of the site.

Once I’ve removed these stylesheets, I used a plugin called Dust-Me which scans the site and finds unused CSS styles in the stylesheets. When a stylesheet is only 2KB, ever little helps. Dust-Me found about 10 styles across my CSS which I was able to remove and marginally reduce the filesize.

Compressing happened by using a great website, CSS Drive. Their CSS Compressor tool. You copy and paste your CSS into their site and it outputs a shrunken version of it with a large chunk of whitespace removed and where possible is reduces the length of colour codes and converts your CSS into shorthand. Doing that saved me about 20% on the size of my stylesheets, dropping the colour specific sheets from 856 bytes to 777 bytes and dropping the main stylesheet from 6,686 bytes to 5,636 bytes.

Whilst this may not sound like a lot, the smaller the page, the faster it appears to the user and the less load it also puts on the server delivering the page so it’s a double win.

Image Resizing

All of the images on the site which make up the page layout I have designed with high DPI users in mind. This means that users who are operating their displays at 125% or 150% aren’t penalized for doing so and get the same high resolution images and people set to 100%. I realized this weekend that my images where actually scaled to about 225% which is way bigger than high DPI users need so I’ve resized all of the images which make up the standard site page. This has had a big impact on the page weight for the site as a whole. The images which have been updated include all of the logos in the header section on the tiles and all of the images in the sidebar for the navigation.

Page Bloat Removal

I’ve never been 100% happy with my pages on the blog. I do what I can to tweak it when I have time and this weekend, I had time. I’ve made a whole load of changes to the site which will work to improve it’s usability, some of which I’ll list below.

  • Updated page TITLE attribute to include the post title.
  • Removed a JavaScript and some CSS references from the page HEAD to speed things up.
  • Removed the messy looking pagination links at the bottom of singular post pages.
  • Removed a load of bloat and fluff from my about me personal page.
  • Used a WordPress function to HTTP 301 redirect the author archives to my about me page as there isn’t any point in having author archives on a single author website.
  • Added a plugin to manage my sitemap.xml file for Google and Bing search indexing.
  • Created myself a Google+ account and setup author verification for the site so that Google can show my face against results from this blog.

New Picture Time

I figured this weekend that I’d been using the same boring head and shoulders shot of myself for my social presence for nearly eighteen months now and I wanted a change. I’ve got myself a nice new image for all of my social sites. The picture was taken on our holiday to Spain in 2011. With me always being the person taking the pictures in our family, it’s rare find a picture of me and even rarer to find one that I like. With a little bit of Adobe Lightroom magic, what was a wide angle shot including me and some flowers because a lovely little super-crop of me and the flowers with an Instragram-esque vignette and black and white filter to finish the look.

The Results

When I started the journey of updates this weekend, the page weight for the site was about 210KB which was pulled together by nearly ~75 HTTP requests. After all of the work this weekend, the page weight is now down to 140KB (50KB per page saving) and the number of HTTP requests is down to 25 (~50 per page saving). Yes, all of this has taken me quite some time to achieve over this weekend, but the results are really worthwhile and goes to show that even a well performing website has room for improvement.

My current Pingdom score is 88 and my current YSlow small website/blog score is grade B (86). If I change YSlow to the YSlow 2 test pattern then my score drops to grade C (74) but that’s still a pretty good score in my view. I think I could probably get my score up to 90 for the small website/blog category with a little bit more effort in the coming weeks.

On my radar for future changes and updates to the blog are going to be going back through my historical posts and updating them all to use the Azure BLOB Storage for the image hosting and correctly some of the ASCII character errors which where caused by using Windows Live Writer to upload my posts on a previous iteration of the site which didn’t have the UTF-8 encoding set properly.

The Case of the Missing Windows 8.1 Right-Click Shortcuts

When Windows 8.1 first went RTM on TechNet, I downloaded it in a heartbeat and updated my home desktop machine from Windows 8 Pro to Windows 8.1 Pro. A problem that’s been plaguing me since the upgrade but I’ve not had time to look into was that my right-click shortcuts menu (Win+X keyboard shortcut) has been missing. Right-clicking in the bottom left to activate the menu just did nothing. This is what the menu should look like but on my machine it was as if I haven’t even clicked the mouse. Pressing Win+X did nothing either.

Windows 8.1 Start Menu Right-Click

With a little time to look at this today, and with a little help from the community, I found the cause and the resolution.

This shortcut menu is driven by items located in a folder called WinX in your user profile, organised into sub-folders to make up the groups that appear in the menu. When I looked in my user profile for the path %LocalAppData%MicrosoftWindowsWinX, the folder which contains the data for this menu, it wasn’t there. I double and triple checked that I had show hidden files and system files enabled which I did but the folder just didn’t exist which went a long way to explain why I didn’t get the menu.

The solution for me was to break into the default user profile from C:UsersDefault and then navigate the default profile to AppDataLocalMicrosoftWindows and copy the WinX folder into my own profile. Doing this alone doesn’t fix the issue right away though as you need to log out of the machine and in again as this folder appears to be read at login to build the Windows Explorer interface.

To make this easier for people out there, I’ve zipped up the WinX folder default state and uploaded it to my SkyDrive account which you can download from here. Just extract this .zip file into your %LocalAppData%MicrosoftWindows folder if you have this issue also and Bob’s your uncle.

 

Lync 2013 App for Windows Phone 8 Updated

I’ll admit that I’m not totally on time with this post but I only noticed that update for the Lync 2013 app today – Better late than never they say right?

http://www.windowsphone.com/en-gb/store/app/lync-2013/d85d8a57-0f61-4ff3-a0f4-444e131d8491

It appears that Microsoft have listened to the feedback of the many and added some new features to the Lync 2013 app, most notably, the ability to use the app to join a Lync Online Meeting without needing be a Lync user yourself.

This is something I asked for in my feedback on the app when it was first launched so it’s great to see. I use Lync daily in the office for IM and presence, however we haven’t got as far as a fully edge published solution for external online meeting capability which means I’ve previously not been able to sign in and use the Lync app. Thanks to this latest update, you can now use the app to join an online meeting as a guest attendee.

 

 

Storage Spaces You’re My Favourite

I got asked today what my favourite feature of Windows Server 2012 was. For me, that’s a really tough question because there are loads of new features in Windows Server 2012. There are many existing features which have been improved and don’t even get me started on Windows Server 2012 R2, due for official release very soon although already available via MSDN, TechNet and VLSC.

I thought about it for a minute or so but it was obvious to me that Storage Spaces is the coolest and favourite feature of mine in Windows Server 2012 because for Windows Server, it’s a huge reboot on what we can do with storage natively, super easy to setup and operate and it has no additional costs to use as it’s included in Standard edition.

What are Storage Spaces?

Storage Spaces can be boiled down to a simple idea. Imagine that you have a server and with that server, you’re given a ‘pick and mix’ bag of disks and these disks that you have are all of varying capacities and even types (SAS, SATA and even USB) and you want to use these disks in the cheapest and most efficient fashion. Storage Spaces is made for you.

With conventional RAID setups, the above example just isn’t viable because RAID needs you to have matching disk types, capacities, firmware and various other parameters. Imagine then, that you could install these assorted drives into your server, configure them into one or more pools of storage resource and carve out chunks of that storage however you liked? A simple drive (a la JBOD), data that you want to protect and need fast write speeds (like RAID1) and data that you want to protect and need fast read speeds (think RAID5).

You can do all of this through an interface that’s common to you, the Windows Server GUI or PowerShell if you prefer? What’s more, you don’t have the capital expense of expensive storage solutions for your server like DAS (Direct Attached Storage) cages or SAN (Storage Area Network) arrays.

Surely That’s Not All It Does?

Of course not, Storage Spaces aren’t just as simple as my example above because it offers much more.

Think how you have a RAID set configured on a conventional RAID controller: Your server has six bays and you configure two as a mirror to the Windows Server 2012 installation and you decide to put the remaining four into a RAID5 stripe to store and protect your user and application data. Everything works fine but then, two months’ from now, you decide that you need another application or service on that server that would really benefit from a RAID1 Mirror and its higher write speeds. Your options are limited to put it on the sub-optimal RAID5 Stripe or extend the server with an expensive DAS cage because you are out of free disk slots on the server.

With conventional RAID, an entire physical disk and its capacity is assigned to the logical drive. In Storage Spaces, you create drives within one or more Storage Pools, the logical grouping of all of your physical drives and you then create Storage Spaces from those Storage Pools.

Storage Spaces Real-World

The screenshot above shows what a real-world Storage Pool with several configured Storage Spaces could look like, taken from my Windows Server 2012 Essentials machine, and as you can see, I’ve each one configured differently.

When you create a Storage Space inside a Pool, you get a set of options which allow you to configure all of the attributes of that Storage Space such as protection type, drive letter and capacity. You can even allocate more capacity to a storage space than you physically have. Because of these capacity and protection type options, you really can maximize the value you get from your set of disks and use then exactly how you need them.

Storage Space Create

This is one of the really cool things about Storage Spaces. The idea is so simple but yet really effective. In my image above, you can see my Windows Server 2012 Essentials server has a pool capacity of 19.0 TB (yes, I spent a lot of money on disks) and the available capacity right now is 7.82 TB, yet I’ve told Windows that I want the new Storage Space to be 25 TB.

Welcome to Thin Provisioning

It goes without saying that you can’t actually use more than you have as the data would have nowhere to be stored, but the principal is that you plan and configure your storage space sizes in advance to meet your long-term need and not what you currently have. You use capacity up to what you have currently and add more disk over time to give you additional physical capacity, spreading your capital expenditure over time. Best of all, adding more disk to a Storage Pool is simply a couple of clicks.

Storage Spaces doesn’t need to be limited to just one server like my simplistic example either. Windows Server 2012 likes to share so lets you use Storage Spaces in any way that you might want to use a normal disk. You can use a Storage Space to store a Hyper-V virtual machine .vhd file or an iSCSI target presented out to another server.

How to Find Out More

Hopefully this post has got you really interested and thinking about some of the possibilities with Storage Spaces. We saw a number of new features in recently for Storage Spaces too. Hopefully I’ll get to replace my home solution with R2 before too long, pending wife approval of course so I look forward to being able to share what I experience with that.

As there is more to Storage Spaces than I could force anyone to read in a single post, I’d highly recommend heading over to TechNet for a read of more of the features such as Failover Clustered Storage Spaces, Hot Spares, ReFS File System support and more and not forgetting, the Storage Spaces Overview page.

Somebing Isn’t Right

Pardon the pun in the title there, but I get the feeling something isn’t quite right with Bing this evening. I’ve been trying to do some searches online with respect to a feature in Windows Azure and an error I’m seeing. Every variation of the search I tried came up with no results. I know Bing gets a bashing from those Google types, but surely I’m not the only person to have ever thought of using a feature in Azure to the point that there isn’t a single post on it?

To test it out, I did the most basic search imaginable – “Facebook”. Here’s a screenshot of what I got back.

Bing Search No Results

Let’s hope this is just a transient thing which gets resolved soon.

Windows 8.1 GA Update and Update Rollup Release

I got home from the second day of my PRINCE2 training today and fired up my desktop PC from sleep and tried to log in to Windows 8.1. My home domain user account was still logged in from the previous night with a locked session so I unlocked it however it hung on the please wait message. After a few minutes, I’d had enough to gave the PC the finger of death and restarted it.

When it booted back up, I saw the Configuring Windows Updates message appear. I’ve got an Intel 520 Series SSD so I normally don’t have to wait at all for things like Windows Updates being that the overall boot time for the PC from a cold start is about 15 seconds. On this occasion though, the PC reboot at least three or four times with the Configuring Windows Updates message each time.

I was worried initially that I’d got myself a bad update download and I was going to be stuck in a reboot update loop (not that I’ve seen this happen for a long time) but eventually the machine came back to the login screen as normal. Once I got logged in, I checked the update history for Windows Update and the PC had prepared and downloaded two major updates last night. The first being Windows 8.1 and Windows Server 2012 R2 General Availability Update Rollup, KB2883200 and the second being Windows 8.1 and Windows Server 2012 R2 Update Rollup: October 2013, KB2884846.

Looking at the file information in both of these updates, they look like pretty substantial updates which you’re obviously going to want to apply but be patient. With updates of this size and type, you could end up seeing your PC reboot multiple times like I did. Have faith – It’s all working just fine.

If you’re deploying these updates at work or in your enterprise, make sure you’re users know to expect the multiple reboots otherwise your helpdesk team might not like you the next day.

4G Mode Tethering Not Working on O2 Windows Phone 8

After a recent software update on my Lumina 820, I noticed that under the Mobile Network settings menu there is a new mode for Connection Speed of mobile data. Previously, the choices were 2G or 3G but there is now a third item for 4G.

Whilst sitting in Heathrow airport bored because I arrived insanely early for my flight, I thought I’d at least get a bit of work done so started up Internet Sharing on the phone, but the Surface Pro would only see the connection status as Limited and never Connected.

This isn’t uncommon for tethering to fail to work off the bat so I restarted everything but still nothing. I tried a few other bits and still nothing so I decided to drop the speed on the phone to 2G just to see if it was a high speed data issue and immediately, the connection status on the Surface moved to Connected.

Not being happy with GPRS or EDGE speeds (and who would be these days), I moved it up to 3G on the phone and it still worked yet as soon as I moved it up to 4G, it stopped and the Surface reverted back to Limited. In that nothing has changed on my O2 account package or contractually wise, I must assume this is related to O2 blocking high speed  HSPA+ for tethering. What would be interesting is if I was in an area without HSPA+ coverage but with only HSDPA would it work in 4G mode? A call to O2 is in order I believe.

Whilst on the subject, I really dislike the industry coined term tethering to refer to internet sharing on mobile devices. Tethering means to be tethered or tied to something which implies a cable. As it’s all being done over an ad-hoc WiFi network, shouldn’t we come up with a better name than tethering?

Office 365 Setup and Windows Server 2012 Essentials

Something which I’ve never really talked about here is email. Me and my family currently consume Outlook.com via Windows Live Domains on both my blog domain richardjgreen.net and our personal domain name. Windows Live Domains really feels like something out of a Land Before Time movie these days. It hasn’t seen an update in years and frankly, I wonder what the shelf life of it is going forwards, leaving me to think that the options will be Outlook.com, Office 365 or bust. Not wanting to be stuck on a potentially end of the road email platform, left trying to move the mail service for my family on day zero, I started looking at options a few months back.

With Windows Live Domains being free, if I was going to pay for email, I needed it to not cost the earth, as low as possible really. At the same time, I didn’t really want anything more from a feature set than I get with Outlook.com via Windows Live Domains.  All I want is a flat service to match that of Windows Live Domains and Outlook.com. With me being such a softie, the option was really only going to be Office 365, it was just a question of what tier and flavour of it.

Windows Server 2012 Essentials which I use to run our home environment has native integration for Office 365 which means it would be super easy for me to manage which for me is great as the less time I spend managing our home solution, the more time I can spend blogging, working on other things and spend more time with the family themselves.

Exchange Online vs Office 365

This really confused me when I started looking into Office 365 and using the Windows Server 2012 Essentials integration features for Office 365 sometime ago. For me and my family, I am only interested in email. I’m not after Lync or SharePoint services as we just wouldn’t use them. I was concerned that if I signed up for Exchange Online Plan 1 which was my target option that the integration wouldn’t work. As it turns out, you just need to think of everything as Office 365. Exchange Online, Exchange Online Protection, Lync Online, Enterprise Plans; all of them fall under the banner of Office 365 so I now knew that Windows Server 2012 Essentials wasn’t going to care if I was on Exchange Online Plan 1 or if I was on an Enterprise 4 agreement.

Extending the Windows Azure Tenant into Office 365

Because I use Windows Azure Backup to backup our data from Windows Server 2012 Essentials already and because this blog is hosted on Azure, I already had a tenant setup on an onmicrosoft.com domain which I wanted to reuse so I needed to extend my tenant so the one tenant would work across Windows Azure and Office 365 services. To do this, I logged into office365.com using the account which I setup as the tenant global administrator when I configured Azure Backup on Server 2012 Essentials. I was greeted with a message that I didn’t have any licenses or any domains setup, but the login worked most importantly.

Buy a Service Plan

Before you can credibly do anything, you need a plan. I wrote this post after I set it all up and lucky I did really. When I first went through the motions, I added a domain richardjgreen.net and was wondering why I couldn’t do anything with it, not even validate it. It looks like you can’t even validate a domain to start configuring users until you have at least one license available to use.

As it’s just me on my blogs domain right now, I paid up for a single license of Exchange Online Plan 1. This gives me a 50GB mailbox, all of the Exchange features I want like OWA and Exchange ActiveSync and at £2.60 a month per user excluding VAT, the price is sweet enough for me also.

To buy a license or more, all you need to od is to hit the Purchase Services link on the left navigation. This presents a whole host of options for Office 365, Exchange Online services to buy and some add-on services also such as Exchange Online Protection and Exchange Online Archiving. Add a credit card detail on file, click buy and it’s as simple as that.

Adding Custom Domains

Adding a new domain is a simple matter of clicking Domains from the left navigation and then clicking the Add a Domain button then follow the instructions which follow into setting up DNS. I had both of my domains added within a matter of a couple of mouse clicks and keystrokes.

Configuring the DNS Settings

As part of the process of adding the domain, you need to do two things:

  • Verify you own the domain for starters
  • Add DNS records for your services

The first step is verification which in my case, I completed by adding an MS= TXT record in my providers DNS management console. I tried to do this but I received an error “richardjgreen.net has already been verified for your account, or for another Microsoft Online Services account.”. I new I was going to see this but not quite at which stage.

This is caused by the fact that my richardjgreen.net domain was currently configured to use Windows Live Domains for email service. I logged into domains.live.com, deleted all of the mailboxes in Outlook.com for the domain and then deactivated the service. This was the most nerve racking part of the process as I’ve read that other users doing the same thing have had issues rattling on for months to get this to clear out of the system properly.

In my usual style, I kept trying the Office 365 portal to verify the domain and 15 minutes after deactivating Windows Live Domains, Office 365 pinged into life, allowing me to verify the domain.

With the first step now done, I needed to configure the service records as directed. I needed three records for my Exchange Online service: An MX record for mail delivery, a TXT record for the SPF (Sender Policy Framework, required to allow receiving servers to trust the Sender ID of outlook.com and Office 365 to deliver email on my domains behalf) and a CNAME record for Autodiscover to allow devices to be configured automatically for my mailboxes in Office 365.

If you use a DNS management agency which Microsoft have steps with then you can get direct instruction for doing this if you are little uncomfortable with DNS or if you are with GoDaddy then there is the option for an automated setup through some kind of API channel with Microsoft.

After adding the records to my DNS, it took about 10 minutes for Office 365 to pickup the new records and complete the domain setup.

Enable Office 365 Integration in Server 2012 Essentials

From my Windows Server 2012 Essentials machine, this part should have been really easy but it turned out to be a nightmare.

From the Essentials Dashboard, click Email from the home screen and then select Integrate with Microsoft Office 365. The dashboard will open a wizard for you to enter your Office 365 Tenant Global Administrator account if you already have an account as I do otherwise you have the option to initiate a free trial using an E3 subscription.

The Office 365 integration with Server 2012 Essentials is neither DirSync nor is it ADFS. If you elect to use Office 365 with Lync and SharePoint you will not get the AD FS Single Sign-On (SSO) experience as you would with a full deployment. The integration here I would describe as light. When you provision users on-premise, make changes to Office 365 licenses or mailboxes through the Dashboard, the changes are pushed up to Office 365 via a web channel which you can see from the logs (explained later).

Password synchronisation does occur so that your on-premise password and Office 365 password are in alignment however. I found this happened really quickly and my Windows Phone would report a password change required on the Office 365 email account on the phone within about a minute or so of the password change on-premise.

When you enable the integration, one of the things that occurs is that it forces you to enable Strong password mode on-premise which results in passwords at least eight characters in length and passwords using symbols and all the tricks in the book. Whilst I agree this is something you should be doing, if you are a small business or a home user availing of the services of Office 365 like myself, this isn’t perhaps going to be ideal. Luckily, the password policy in Office 365 is actually less strict than this. I have gone under the covers using Group Policy Management Console (GPMC) in my setup and slightly amend the Default Domain Policy GPO and all my passwords sync okay still.

The Office 365 Integration Service Gone Bad

After I ran the initial setup integration for the first time, I stopped getting any data in the dashboard. I thought it may have been a result of some pending Windows Updates so I installed those and restarted but it was still broken. I found that the problem was that the Office 365 Integration service was stopped. I started in manually and it stopped immediately with a stack trace error in the Application event log which wasn’t particularly cool.

I tried to disable the integration so that I could then re-enable it, but it appears that any operation regarding the integration requires the service to be functional. I tried to re-run the configuration but I was informed that it was already configured and I would need to disable it first which didn’t help me.

The way I got around this was to force the service to be disabled via the registry. Open Registry editor and navigate to HKLMSOFTWAREMicrosoftWindows ServerProductivity. From here, delete the key MailService and then restart the dashboard application. Doing this makes it think that the Office 365 Integration is disabled even though the dashboard will show the green tick to indicate that it’s configured. Simply re-run the configuration wizard at this point and all appears to be working now.

The Office 365 Integration Service Gone Bad Mark II

After the above happened and it all looked like it was working, I wasn’t getting password sync up to Office 365 although the Dashboard was functional to a point of allowing me to configure mailboxes. I found that the Password Sync service generates a log file in C:ProgramDataMicrosoftWindows ServerLogsSharedServiceHost-PasswordSyncProviderServerConfig.log.

Upon reading this file, I was seeing WCF errors and unhandled exceptions every few seconds which hinted to me that even though I had been able to repair the integration as far as the service health and the Dashboard were concerned, something was still amiss. I opted to this time, use the Dashboard to disable the integration, restart the server and re-configure the integration as I was now able to do this with the service for the Office 365 Integration running okay.

After removing it all and adding it again, everything worked as intended.

Configure Users

You can either do this via the Windows Server 2012 Essentials Dashboard or directly in Office 365. I’d recommend doing it in the Dashboard if you are using Essentials otherwise you have a second step to link the cloud mailbox to the on-premise user account.

To setup a user, very simply, go to the Users tab in your Dashboard. Click the user you want to activate for Office 365 and select the Assign Office 365 Account option from the tasks on the right. Pick the email address for the user using either the onmicrosoft.com or the vanity custom domain you have configured and then click Next. If you have a license available to allocate to the user, it will be setup for you. If you don’t have a free license slot then you’ll need to buy one from the site office365.com.

One thing worthy of noting is that once you enable a user for Office 365 in this way, Windows Server 2012 Essentials will set the change password on next logon flag for the user to force them into a password change with a new password for the cloud which can then by synchronised up to Office 365 for that single password login experience.

ExRCA is Your Friend

Through all of this, testing everything is working is critical. Office 365 does a good job of telling you when you’ve got things configured properly, but ExRCA or the Exchange Remote Connectivity Analyzer is better as it’s a tool dedicated for the job. Visit http://exrca.com and click the Office 365 tab and run any of the tests you like to make sure things are working. Some tests need only your domain name to verify settings such as DNS records whereas others need a credential to simulate a synthetic transaction to a mailbox or account.

I found when testing my setup that everything is reported as working but Autodiscover fails every time. When you drill into more information this is caused because the certificate name presented by the CNAME redirect from autodiscover.richardjgreen.net to autodiscover.outlook.com means that the outlook.com certificate doesn’t have my domain name on it. My Outlook and Windows Phone clients still Autodiscover the service correctly so I think this is a by-product of the Office 365 configuration and not a problem as I’ve found literally hundreds of other people asking about failed Autodiscover tests on the TechNet forums.

Client Experience

One thing I discovered which isn’t hugely clear in the documentation is that I wasn’t able to configure Outlook 2013 or my Windows Phone for ActiveSync until after I had logged in for the first time at office365.com using the account I issued my license to and configured the mailbox. You are prompted with a couple of questions such as confirming your name and time zone logging in for the first time.

After doing this online piece, Windows Phone started to sync the mailbox using ActiveSync okay, and Outlook 2013.

What’s Next

Well first I have some mail service consumers to address. I’ve got quite a few family members using Windows Live Domains with Outlook.com on our personal family domain name which I don’t fancy paying for Office 365 for so I’m going to have those tough conversations over do they want to pay for their own Office 365 mailbox or do I help them move to Outlook.com natively using a non-vanity domain. Whichever way it happens, I’m going to be looking at manual mail migrations out of Outlook.com to Office 365 for these users as there isn’t a migration path for this right now.

One thing I will be doing once I move my personal family domain over to Office 365 is implementing the Outlook Group Policy .admx files to allow Outlook to auto-configure the email address from Active Directory on first-run so that my wife and, in the future, kids don’t have to manually enter those details. It’s something I have come to expect from enterprise environments so I feel I owe them that simplicity factor enterprise computing can bring.

The kids have mail addresses right now but they aren’t live, they are aliases on our mailboxes as parents so I’m going to be looking at shared mailboxes for these to make them one step closer to full service mailboxes and I’m also going to be looking into settings up some MRM policies in Office 365 to apply to our mailboxes to keep them trim and reduce the amount of overwork we have to do to maintain the storage of it although frankly, with a 50GB mailbox, do I care?

Longer term, I may look at the option to spend an extra 65 pence a month per user and sign up to Exchange Online Protection to stem the flow of nasty emails as not everyone is as savvy as someone in IT and that’s why these services exist. It’s another one of those things for me where 65 pence per month could potentially lead to hours and entire evenings saved, not having to repair a PC after a virus got installed via an email attachment.

In more posts to come, I’ll show how I’m configuring some of the features and settings in Office 365 and I’ll talk about how I plan to upgrade my estate to Windows Server 2012 E2 Essentials to get some of the new integration and management features for Office 365 in the dashboard along with other new features.

 

SSL Certificates and Wild Pricing

As part of a project of work I’m looking into currently, we are planning a move from Exchange 2007 to Exchange 2010. As those of you who’ve done this before will know, you need to setup the environment with two namespaces for a period of the migration which Microsoft refer to as the Exchange 2010 namespace and the legacy namespace (the Exchange 2007 namespace). As part of this, we need to get a new SSL certificate.

Normally we buy our certificates from VeriSign as a standard rule of thumb however after looking at the costs today, I’m starting to wonder how VeriSign do so well in the SSL certificate business? I’m not going to go into exact specifics, but the overall cost for the certificate I was looking to purchase was £69,000 which is frankly unbelievable for a certificate to secure a messaging platform. The cost of the certificate is over double what we paid for a pair of HP DL380p servers fully loaded with 900GB SAS disk for local storage to host the DAG Mailbox roles. To make it worse than just the price on it’s own, that’s just for one year validity on the certificates too.

Out of curiosity and because they are starting to develop a bit of a name for themselves, I decided to compare the cost of this to GoDaddy. That very same certificate, offering me the same number of SAN names for the Exchange features with GoDaddy is a mere £165 a year.

How I wonder, when you compare £69,000 to £165, do VeriSign actually sell any certificates? Sure VeriSign offer more in the way of commercial compensation that GoDaddy ($1,500,000 for VeriSign and $160,000 for GoDaddy) but commercial compensation really only applies to transactional or commerce websites. When you are talking about a messaging platform, coupled with a two factor authentication system, the compensation loses it’s value quickly. GoDaddy offer a Malware inspection service for secured sites, something which VeriSign also offer. VeriSign have some value add propositions that GoDaddy don’t, I will grant them that. Features such as Norton Secured Seal and a Symantec Search Seal are on offer but both of those things are dependant on people having Norton software and browser plugins installed to show the seal. Installing browser plugins which really aren’t needed and adding a true sense of value is something which I don’t recommend and nor do Microsoft hence the popups that modern versions of Internet Explorer have asking you to disable addons.

With GoDaddy being so popular these days, their Trusted Root CA certificate is valid on a claimed 99.9% of devices therefore gone are the days of use the likes GoDaddy or Comodo SSL at your peril due to the possibility of getting certificate invalid warnings on the clients.

I haven’t taken a decision on the purchase just yet as it needs some consultation within the company, but one or two people I spoke to today agreed with me in so much as why shouldn’t we use GoDaddy and frankly, I’m not seeing a lot of reasons why currently?