Infrastructure Planning and Design Guides—Release Announcement


Infrastructure Planning and Design Guides—Release Announcement

Windows Server Virtualization

System Center Virtual Machine Manager

The Infrastructure Planning and Design team has released two updated virtualization guides: Windows Server Virtualization and System Center Virtual Machine Manager.
These guides, updated to reflect the features and functionalities of Windows Server® 2008 R2 and System Center Virtual Machine Manager 2008 R2, outline the critical infrastructure design elements that are crucial to a successful implementation of these virtualization products.

The Infrastructure Planning and Design Guide for Windows Server Virtualization takes the reader through the process of designing components, layout, and connectivity in a logical, sequential order. Identification of the Hyper-V™ server hosts required is presented in easy-to-follow steps, helping the reader to design and plan virtual server datacenters.

The Infrastructure Planning and Design Guide for Microsoft System Center Virtual Machine Manager assists readers in the design and implementation of SCVMM architecture, thus enabling centralized administration of physical and virtual machines. Identification of the VMM server instances required is one of the simple, seven-step design processes presented in this guide.

Download the IPD Guides for Virtualization at
Infrastructure Planning and Design streamlines the planning process by:

  • Defining the technical decision flow through the planning process.
  • Listing the decisions to be made and the commonly available options and considerations.
  • Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.
  • Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Active Directory Recycle Bin

Active Directory Recycle Bin is a new feature in windows 2008 R2 it is not an option that you can turn on or of.

Yes it is a hidden feature and you can only turn it on. What do you need well only a windows 2008 R2 DC

By default, Active Directory Recycle Bin in Windows Server 2008 R2 is disabled. To enable it, you must first raise the forest functional level of your AD DS or AD LDS environment to Windows Server 2008 R2, which in turn requires all forest domain controllers or all servers that host instances of AD LDS configuration sets to be running Windows Server 2008 R2. After you set the forest functional level of your environment to Windows Server 2008 R2, you can use the instructions in this guide to enable Active Directory Recycle Bin.

The restore can only be done with powershell there is no supported tool from microsoft but there are nice gui tools.

How does It work.

You can enable it if your forest is on windows 2008 R2 <> check it in Active directory domains and trusts <> right click on domain<> raise domain functional level.

Active Directory Recycle Bin I started the Powershell and get this. Active Directory Recycle Bin

Oh ok I never used the powershell on this server so I have to import the modules

Active Directory Recycle Bin  Active Directory Recycle Bin

Now I am ready to go , mm what is this error

Active Directory Recycle Bin

security ! ok we can fix this so check our powershell policy : Get-ExecutionPolicy

Active Directory Recycle Bin Restricted easy thing change one letter G=S

Set-ExecutionPolicy RemoteSigned

Active Directory Recycle Bin   Now we have set the policy and get a list off commands

Get-help set-AD*

this shows a list of all set-ad starting commands.

Active Directory Recycle Bin

Active Directory Recycle Bin

We have already checked that the domain is in 2008R2 mode but you can set this with powershell.

set-ADForestMode -Identity mvp.local -ForestMode Windows2008R2Forest.

To enable the AD recycle Bin we use Powershell, you can do this by hand in the CN=Partitions but this is the best way.

Active Directory Recycle Bin No Ad recycle bin key.

We run the enable option. you can get help on this get-help Enable-ADOptionalFeature

Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=MVP,DC=local’ –Scope ForestOrConfigurationSet –Target ‘mvp.local’

Active Directory Recycle Bin

Active Directory Recycle Bin Now there is a key CN=Recycle Bin Feature

To verify that Active Directory Recycle Bin is enabled, navigate to the CN=Partitions container. In the details pane, locate the msDS-EnabledFeature attribute, and confirm that its value is set to CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=mydomain,DC=com, where mydomain and com represent the appropriate forest root domain name of your AD DS environment

Active Directory Recycle Bin

We do a list of deleted items check on deleted=True

Active Directory Recycle Bin I used a user that is called “Deleted”


Active Directory Recycle Bin   Active Directory Recycle Bin

Get-ADObject -Filter {displayName -eq "delete"} –IncludeDeletedObjects

Active Directory Recycle Bin   Active Directory Recycle Bin

Get-ADObject -Filter {displayName -eq "delete"} -IncludeDeletedObjects | Restore-ADObject

Active Directory Recycle Bin

So now you can delete and restore AD items but better would be if there where gui tools.

There are no Gui Tools from microsoft at this time. but there are some great community tools . I like the tool from Overall solutions, but there is also a powergui tool


AD Recycle bin AD Recycle bin



Have fun with it don’t tell your user or IT manager this that you can restore Items with a click or script in 10 min time. Else you get more work on recovering deleted items. Even the helpdesk can do this. IMHO this is a must have option just like AGPM Or my old post

The New Efficiency




On September 29th at 9 am (PST) please join us here on for a kick-off discussion on “The New Efficiency” live from San Francisco as a part of Microsoft’s Virtual Launch Event.

Join in the conversation during this must-see event and see top technology leaders and Microsoft’s Steve Ballmer, debate the role of IT during this economic reset. Can cost savings, productivity and innovation come together to drive business growth? Get a closer look at how real companies are justifying IT investments across desktop, server, network and beyond.  You’ll also find sessions related to new releases of Windows 7, Windows Server 2008 R2, Microsoft Exchange Server 2010, Microsoft Forefront, Microsoft System Center, and Microsoft Desktop Optimization Pack.

Mark your calendars; watch it live; submit questions in advance.  Don’t miss it!

Myth or True SMB BOSD


Today there is this story about the SMB BOSD is it true ?

first here is the full story

My Windows Versions.

image image

I run the exploit and yes there is a BSOD 

image but there is no firewall on and everything is wide open. This is on my windows 2008 R2 RC build 7100

even with the Firewall on it still gets a BSOD the only thing you can do is block port 445. And I did a test on Windows 7 in my domain with the BSOD DC ;-( and no BOSD my Windows 7 is secure !!



image image On the left windows 7 <> right Windows 2008 r2 RC build 7100

After replacing the srv2.sys file and a reboot I did the test again and no more BOSD

image  but where did I find this new srv2.sys file <> yes in windows 7

Story confirmed partly true. but it can be fixed. when I do not know. but remember changing this file is not supported.

and you need to bypass the NT SERVICETrustedInstaller security rights.

You must remember turn your firewall on does not always help you port 445 ,138,139 are open if you make a block rule 445

image but maybe you need 445 😉

No I’m not gona help you to test this or tell you where to find the tools to do this.

Microsoft Network Monitor 3.3.1641


For troubleshooting you can use several tools. This time I used the microsoft network monitor 3.3 tool for network sniffing.

no not wireshark first I had to update I used an old version so after I installed 3.3 I’m ready to go. But after a “binging” I found extra updates and tools for the MNN3.3 Below is Info I grabed to get you started. Source info : Network Monitoring Team

Updated Parsers:

As you probably already know, we release new parsers on CodePlex every month. In these updates we’ve included updates for Windows 7 protocols. We also have support for Remote Windows Sockets (RWS) which is used to proxy TCP and UDP traffic from Winsock applications. Check out this blog for more information.

We post all the source code for the parsers, and you are free to look at the code, file bugs, request we take your parser code etc. This is a fully open-source parser project!

New Experts:

TCP Analyzer – TCP Analyzer lets you view TCP traffic visually and determine performance issues. This blog has more information.

Top Users – Top Users is an expert that lets you view the heaviest talkers on your network. This allows you to get a high level view and narrow down on machines that could be expectedly consume network bandwidth.

If you would like to create your own expert feel free to contacts us for information. has more details on how to submit a project for consideration.

New Public Forums:

The forums on Connect are normally for supporting our betas, though we’ll answer any question you have. However we now have public forums here, which is geared towards supporting the currently released version. Please post your Network Monitor 3.3 questions there so all users can learn from each other and feel free to answer question as well to help others out.

Hopefully this quick note will help you keep in touch with everything that is going on with Microsoft Protocols and Network Monitor 3.


Network Monitor Team