J Wolfgang Goerlich's thoughts on Information Security
Virtualization and BCP Webinar Today

By wolfgang. 20 April 2009 08:01

How My Firm Reduced Costs and Delivers Agile IT Infrastructure through Virtualization

Virtualization has become an important part of many organizations’ IT strategy for 2009 and beyond.

The availability of both data and IT systems are at risk not only from natural disasters but also power outages, human error and hardware failures. To ensure that your company can quickly recover systems and data in the event of such an incident, it needs a reliable and cost-effective disaster recovery plan. The use of virtualization and data protection technology combined helps you control costs as your company grows, which is essential in any economic climate.

My firm has deployed CA ARCserve Backup and Microsoft Hyper-V server 2008 to create a simple and scalable disaster recovery environment. The combined solution is responsible for backing up around 36 terabytes of data every week.

Join this webcast to find out how CA ARCserve Backup, combined with Microsoft Hyper-V 2008, can work in tandem to protect many terabytes of data, and deliver an agile, cost-effective IT infrastructure.

In this webcast, you’ll also hear:

  • How to utilize CA ARCserve Backup to restore single files 
  • How CA ARCserve can backup your physical environment and also restore virtual instance 
  • Microsoft’s Virtualization Strategy 
  • The role Microsoft’s Hyper-V plays today and what you can expect in the upcoming release of Windows Server 2008 R2 
  • How in the event of a disaster, my firm is able to recover 86 physical servers to 12 standby servers in just two hours 
  • How my firm has been able to minimize not only downtime but also its spend on disaster recovery utilizing this combined solution 

Eric G. Pitcher
Eric Pitcher is vice president of technology strategy at CA, responsible for setting and communicating CA’s Recovery Management plans across the business unit, throughout CA and to partners and customers. Previously, Eric served as vice president of product management at CA, responsible for defining the process, requirements and product specifications for CA’s Recovery Management product lines. Prior to that, Eric worked as assistant vice president of CA’s research and development global SWAT team—a specialized task force designed to maximize the quality, customer satisfaction, and market competitiveness of CA’s storage management solutions.

Before joining CA, Eric was network and systems administrator at Universal Studios Florida and was responsible for server and network design, installation, administration and support on a network of more than 1,000 users. Eric earned a bachelor of science degree in business administration from the University of Central Florida.

Wolfgang Goerlich
J Wolfgang Goerlich, CISSP, CISA, is an information security professional who focuses on performance and availability. Mr. Goerlich is currently ... the network operations and security manager. With ten years of experience, Mr. Goerlich has a solid understanding of both the IT infrastructure and the business it enables.

Isaac Roybal
Isaac Roybal is a Product Manager in Windows Server managing the Server Virtualization, including Microsoft’s Hyper-V, and has been involved with IT for over twelve years. Seven of those years have been with Microsoft. Isaac’s career started in Systems and Network Engineering working with VMS, Windows Server since NT 3.51 and IIS 4 in various capacities.

Tags:

Business Continuity | Virtualization

Replication and Transfering Operations Master Roles

By wolfgang. 17 April 2009 09:52

Replication must be up-to-date before transferring operation master roles. If replication has not converged, then several symptoms may occur. The role may take significantly longer to transfer, or it may not transfer at all. Likewise, the new operations master may not receive changes that were initially sent to the original operations master. This could result in an inconsistent Active Directory. Thus all replications must be completed before beginning the process.

Check the replication status first. If necessary, follow the article below to resolve any replication issues.

Active Directory Operations Overview: Troubleshooting Active Directory Replication Problems
http://technet.microsoft.com/en-us/library/bb727057.aspx

Once replication has synchronized end-to-end, and Active Directory has converged, the roles can be transferred. Follow the article below to transfer the role in question.

How to view and transfer FSMO roles in Windows Server 2003
http://support.microsoft.com/kb/324801

The risk of Active Directory becoming inconsistent is higher if the role is seized rather than transferred. For that reason, Microsoft recommends you let a full replication cycle elapse between any changes before attempting a seizure.

Tags:

Active Directory

Security Journal: Finding Security in Tough Times

By wolfgang. 14 April 2009 13:04

This is an optimistic article, perhaps even a search for a silver lining. The recent economic news has been troubling. Companies have let go scores of workers, frozen projects, and delayed infrastructure updates. This puts Information Technology (IT) and Security departments in a difficult position. After being project-driven for so long, what does the department do when projects are delayed? And for the Information Security (InfoSec) professional, how can the security posture be improved without a budget?

Read more in this quarter's edition of the Security Journal.

 

Tags:

Security | Risk Management

Virtualization Webinar next Monday

By wolfgang. 13 April 2009 16:44

As I mentioned before, I have played around a bit with Hyper-V and virtualized my production and recovery systems. CA did a case study on the project.  This coming Monday, April 20 at 12:00 pm Eastern, I am doing a joint webcast with CA and Microsoft. The topic is still virtualization with the focus on disaster recovery. I doubt I will say anything new during the talk, excepting the talk will be much briefer than some others I have given on DR. CA’s going to talk a bit about their CDP, however, which is pretty cool stuff.

http://www.windowsitpro.com/go/seminars/CA/infrastructure_through_virtualization

Tags:

Business Continuity | Hyper-V | Virtualization

Back from the mountains

By wolfgang. 13 April 2009 11:17

I am back from hiking the Shenandoah national forest.

John le Carre: "Coming home from very lonely places, all of us go a little mad: whether from great personal success, or just an all-night drive, we are the sole survivors of a world no one else has ever seen."

Tags:

Out and About

Domain controller holds the last replica

By wolfgang. 3 April 2009 14:42

Error when demoting an Active Directory domain controller: This domain controller holds the last replica of the following application directory partitions: DC=MSTAPI,DC=yourdomain,DC=com

Active Directory has the following partitions: Application partition, Configuration partition, Domain partition, and Schema partition. The Application partition is used to store data from Active Directory-integrated software. This error indicates that an Application partition exists on this DC. There are two possibilities: this is the last DC in the domain or it is not.

If this is the last DC in the domain, and the domain information is no longer needed, then it is safe to delete the replica.

If this is not the last DC and you require the Application partition, you must remove the DC from the Application partition’s replica set. Use ADSIEdit and consult Microsoft’s help to perform this operation.

Tags:

Troubleshooting | Active Directory

Troubleshooting Active Directory replication

By wolfgang. 3 April 2009 13:11

Some tips on troubleshooting Active Directory replication:

You may notice that objects in the directory are not the same across all domain controllers, or that people and computers are not receiving their group policy settings, or that the SYSVOL share is not synchronized across the domain. These are symptoms of replication failures.

To troubleshoot replication failures, begin with the basics. Are all the replication links up? Are all the domain controllers synchronized to the same date and time? Then, run Dcdiag.exe to get status of the domain controllers. Run Netdiag.exe to get a report on the network connectivity. Address any issues that these utilities find. Then run Repadmin.exe and validate the connections, site links, and queues. Once everything is validated, run Repadmin.exe and force a synchronization of AD objects. To synchronize group policy settings and the SYSVOL, use Ntfrsutil.exe to troubleshoot and re-replicate the files.

Tags:

Troubleshooting | Active Directory

    Log in