Someone might ask: why the heck do I need that? And yes, I never thought that I will need it but I learned that in SCOM 2007 a group is not always a group.

Jakub Oleksy helped me to understand and solve my problem and I am happy to share this information with you.

The problem is, that groups created by the web application wizard can not be tweaked using the UI in SCOM 2007. It's not possible to create a dynamic membership rule. It's also not possible to assign a subgroup to such a group. So having a lot of servers and a lot of web applications it's not really fun to pick every single server in every single web application.

Here my workaround:

• Create a web application using the wizard
  A group named after your web application with the suffix "watcher computers group" will be created
• Create your own computer group using the UI and define a dynamic membership rule
• Configure the script (the 3 lines at the beginning) and test (DO NOT RUN THIS UNTESTED IN PRODUCTION ENVIRONMENT!)

This is just a proof-of-concept script to show how you can do stuff like this. According to Jakub there may be a fix in SP1 which enables you to utilize the group created by the web application wizard in a way to either create a dynamic membership rule or attaching a subgroup, or both.

Disclaimer:
USE THIS AT YOUR OWN RISK. I AM NOT RESPONSIBLE FOR ANY DAMAGE THIS SCRIPT MAY CAUSE. THAT SAID, HAVE FUN!

Source Code

During the deployment of System Center Operations Manager 2007 we realized that the database is not supported on Itanium (IA64) hardware. This was a big issue for us, because we only had IA64 hardware for our database machines. So a sick idea came to our minds: just install it on a temporary x86 or x64 machine - with the exact same machine name as the final IA64 production machine, detach the database and move it to the IA64 and re-attach it there.

After that, you have to ensure that the broker function is enabled on the DB. To do so, execute the following query in the SQL management studio (assuming you named the database 'OperationsManager':
SELECT is_broker_enabled FROM sys.databases WHERE name='OperationsManager'

This should return '1'. If not fire up the following statement (again, assuming the database is named 'OperationsManager':
ALTER DATABASE OperationsManager SET ENABLE_BROKER 

If the service broker is not enabled you might get errors or hangs during discoveries and submitting tasks. 

So far this is working great for us, it's still not clear if a setup like this is supported by Microsoft. But there really should be no difference running the DB on a IA64 instead of running it on a x64. No binaries are installed by the setup, only the database schema is created. As far as I know, Microsoft is working on IA64 support for the database - maybe a Service Pack 1 thing...

Update:

You also have to be sure that the CLR (.NET Common Language Runtime) for stored procedures is enabled. To do so:
EXEC sp_configure 'clr enabled', 1;
RECONFIGURE WITH OVERRIDE;
GO

I use a lot of different browsers on my systems. I am using Safari on the Mac and Internet Explorer on Windows - and of course most of the other available browsers like Camino, Opera and Firefox. My favorite is Firefox. One simple reason is the huge amount of available plug-ins and extensions which are handy for daily browsing and of course for development purposes.

Another great thing about Firefox is customization. Ever tried to put “about:config” in the URL box? Doing so enables you to change a lot of settings where no GUI is available. In fact that’s the GUI for managing  Firefox’ “registry”. One thing which was bothering me all the time about Firefox was the automatic image resize to fit in the window.

Fire up Firefox. Enter “about:config” and just change the value of “browser.enable_automatic_image_resizing” to false. That’s it. 

You can find some useful tips on the How-To-Geek blog like the one above or on how to disable tab scrolling and much more.

James Henry blogged about how to enable PDF indexing in Sharepoint:

Here are best instructions for properly configuring SharePoint to search PDF documents and view the file type icon in a document library. This involves installing the Adobe PDF IFilter 6.0 on each SharePoint 2007 front end web server. You would also need to do this on the Search Server, if you have split this up in your environment.

Perform the following steps for either Windows SharePoint Services v3 (WSS v3) and Microsoft SharePoint Server 2007 (MOSS 2007).

• Download Adobe PDF IFilter 6.0
• Stop the IIS Admin service: Start -> Run -> services.msc -> IIS Admin Service -> Stop
• Run the Adobe PDF IFilter 6.0 Setup program to install the filter on the server
• Copy the ICPDF.GIF file ( – right click and save as) to "[Hard_Drive]:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Template\Images"
• Edit the file "[Hard_Drive]:\Program Files\Common Files\Microsoft Shared\Web server extensions\12\Template\Xml\DOCICON.XML"
  1. Add an entry for the .pdf extension.
     
• Perform an iisreset by performing the following: Start -> Run -> iisreset. You could also recycle the SharePoint Application Pools in Internet Information Services Manager

For MOSS 2007, perform the following additional steps

• If you have MOSS 2007 and have enabled Shared Services then, goto Central Administration -> Shared Services Administration -> Select your current Shared Services Provider -> Search -> Search Settings -> File types
• Click on the "New File Type" button
• Add the "pdf" file extension in the designated text box and click on the "OK" button
• Go back to the Search Settings page
• Click on the "Content sources and crawl schedules" link
• Select the content source, access its context menu, and click on "Start Full Crawl"

I use Sharepoint Services V3 and installed the PDF IFilter after I uploaded hundreds of PDFs. This was bad, because Sharepoint Services does not crawl these already uploaded documents until they are touched (modify a property or so). Since no GUI is available to do so like in MOSS you have to use stsadm.exe command which ships with sharepoint:

Change the directory to: Program Files\Common Files\Microsoft Shared\web server extensions\12\bin
Now execute: stsadm.exe -o spsearch -action fullcrawlstop
then: stsadm.exe –o spsearch -action fullcrawlstart

Some time ago I implemented (actually still implementing and enhancing) MOM 2005 to monitor and manage a lot of servers (>600).

Some MOM Basics:

A nice feature in MOM is the ability to start tasks in the Operator Console. When you create a task you can specify variables in the command line. The most common variable is $Computer Name$ or $TargetComputer$. Using this placeholder you are able to dynamically fill in the computer name from the console selection in the command line. Because alerts and events are always related to a computer, you can start tasks from these views as well.

You can define local or remote tasks. For now we are just focusing on local tasks, which are command lines (scripts are not possible) executed on the machine running the Operator Console.

 

Some Remote Desktop Basics:

How to find out who has remote desktop connections to a server?

You have more than one choice to find out who is currently connected. One of course is Royal TS if the security context allows it, another is the Terminal Services Manager from the Administrative Tools (you may have to install the adminpak.msi first), the fastest way is to fire up a command prompt and type:

query session /server:[servername]

As you can see, the query session command lists all users connected. Next to the user name you see the session id.

So if you really need to get on that box you may want to kick out one of the users:

reset session 1 /server:web01

The command above kills the connection with the session id 1 from the user “Admin”. Note: if this user is still connected or has any opened documents, it’s all gone…

 

Some Command Shell Basics:

I wanted to have some sort of batch file which shows me all sessions, asks me if I want to kill one and kills the session id I entered. This batch file should look something like this:

Here a short description of the code:

The command line parameter %1 will be stored in the environment variable %ComputerName%.
Query session will be exectued.
SET /P asks for user input and stores it in the environment variable %uinp%.
Reset session will be executed with the session id the user provided in the line before.
Clear the screen and show again the sessions to verify it worked.

So I place the batch file in C:\batchfiles\resetsession.cmd on the machine(s) where the Operator Console is running and create a task with the command line: C:\batchfiles\resetsession.cmd $Computer Name$

All set. Except: I don’t really want to deploy batch files to all machines running Operator Console. So what can be done here?

There is a very useful feature in the command shell: executing multiple commands in one line. You can use “&”, “&&” and “||” to combine multiple commands. For example:

command1&command2 will execute command2 after command1 completed.
command1&&command2 will execute command2 after command1 completed successfully (ERRORLEVEL=0)
command1||command2 will execute command2 when command1 was unsuccessful (ERRORLEVEL<>0)

CMD /V:ON /C "QUERY session /server:$TargetComputer$&SET /P uinp=Enter Session ID to reset and press [ENTER]:&RESET session !uinp! /server:$TargetComputer$&CLS&ECHO Session reset command executed.&QUERY session /server:$TargetComputer$&PAUSE"

One thing to mention here is the parameter /V:ON and the different handling of the environment variable %uinp%. /V:ON allows to expand a variable at execution time but then you have to use “!” instead of “%”.

Instead of deploying batch files you can do more complex things in one command line. Paste this into the task command line and you are all set. Have fun.

[Win]+[Space] opens the Vista Sidebar

[Win]+[T] goes through all task bar programs and shows you the mini preview

[CTRL] holding the CTRL key while scrolling the mouse wheel changes the icon view in Explorer windows

[ALT] use ALT to show the classic menu bars in IE7 and Explorer

[SHIFT] hold SHIFT and right-click to get the context menu items “Open Command Window here” and “Copy as Path” on files and folders

[Win]+[D] show Desktop

[Win]+[E] open Windows Explorer

[Win]+[R] opens the Run dialog

[Win]+[Q] opens Messenger or Office Communicator

[Win]+[F] opens Search dialog

[Win]+[G] sets focus to Windows Sidebar, after pressing the combination again you can toggle through the Sidebar Gadgets

[Win]+[L] lock your Desktop

[Win]+[M] minimize all windows

[Shift]+[Win]+[M] opens all minimized windows

[Win]+[X] opens the Windows Mobility Center

[Win]+ [Pause] opens the Systemproperties window

According to the windowssecrets.com article you don’t really need to activate windows. Only downside is that you obviously have to reboot your machine every 30 days or so…

A friend of mine just brought to my attention that Royal TS was mentioned in the November Issue of Windows IT Pro Magazine (on Page 9). Björn Lysell wrote:

"... I can recommend a freeware utility called Royal TS that you can use to group your connections in a simple GUI. You can read about and download Royal TS at the following URL: http://www.code4ward.net  ..."

I am very proud that a tool which was done late 2003 using dotnet Framework 1.1 is still very popular and useful - It's even running smoothly on Windows Vista.

So I got Vista RC1 and my beautiful MacBook was begging for an update [H]

BUT:
1st, I already had Beta 2 installed, and in order to get this done you need to delete the 200MB EFI partition.
2nd, there was a BootCamp update, which wont start if the EFI partition is missing

SO:
How the heck do I get back that partition?

After some googling around I found a couple of instructions:

Note: Doing this is very dangerous. I strongly suggest to backup all your data!

• Start Vista (from CD or from the Mac) and format the 200MB partition as FAT32 file system using Computer Management snap-in
• Reboot your Mac and hold Command-S. Now you are in "Single User" mode - feels like a completely different world here [:D]
• Type "fdisk /dev/rdisk0". The Mac partition (2) should start at 409640. Note: if this isn't the case, don't continue!
• Considering the previous command showed the expected output, type "edit 1"
• Answer "EE" to the prompt for System ID, "n" when prompted about editing in CMS mode, "1" for the start block and "409639" for the length
• Verify your settings with "print" and commit with "write" - you can cancel the procedure with "exit"
• Reboot and start the BootCamp assistant

This worked for me and I am using an Intel MacBook. And, almost forgot, when using RC1 you do not need to delete the EFI partition anymore!

This took me a while so I want to share some of my findings. My situation may be a common one so here's the task I want to accomplish:
I use Exchange 2007 Beta 2 as a "single server" setup - which means all relevant roles are installed on one physical server to send mails, receive mails, connect via Outlook and Outlook Web Access, etc. You can read this post which tells you how to do that.

Now I want to enable relaying without any authentication but only from some of my internal IP addresses.

This is what I did (there may be another way to do this):

• Organization Configuration / Hub Transport / Accepted Domains
  Create a new entry. Select "*" as accepted domain and select "External Relay Domain"
• Server Configuration / Hub Transport / Receive Connectors
  Create a new custom receive connector and specify the IP range of your allowed internal servers in the list "Receive mail from remote servers which have these IP addresses:"
• Now fire up the Exchange Management Shell
  execute: Set-ReceiveConnector -Identity "[type your receive connector name here]" -PermissionGroups "AnonymousUsers"

The last commands enables you to relay messages from this IP range without authentication.

Edit:
As Rodney Buike pointed out there is a more elegant way to do this: http://msexchangeteam.com/archive/2006/12/28/432013.aspx

Thanks for the feedback...