Jake Kappus.comCertified Geek, Dad, MMA fan, and ocassional Pro Wrestler

I’ve installed FCS before and it was a major pain in the ass.  The pre-reqs weren’t documented well and it took a while to get SQL to play nice and eventually get Forefront installed.  I really just attributed it to my own lack of experience with it.

I’m back installing Forefront again and I’m going to say it again.  It’s a pain in the ass to install.  Great anti-virus product on the front end, but damn it makes you want to throw your laptop across the room and find a sledgehammer to smash the server into pieces ala the Office Space printer on the backend.  First I ran into the msiexec.exe access is denied error which was apparently fixed by installing the .NET 1.1 Framework.  Really?  The documentation calls for .NET 2.0 or higher.   Two days later after fighting through one KBXXXX article after another, it’s installed.

Seriously, if you want people to buy this…make the install a little bit easier.  If Symantec can do it, why can’t you, Microsoft?

Well, it is for my house anyway.  After a failed attempt at installing Microsoft Forefront Security on my home lab’s primary Domain Controller, I decided to make the leap at Windows Server 2008. 

Somehow when I installed either DFS or Forefront I completely killed my Sysvol folder.  I still haven’t figured out how I did that.  I’m thinking that MOM somehow did it when trying to write the FCS policy, but I can’t place a finger at the exact cause.  I know that it isn’t a best practice to install Forefront on a DC, but it was my only server at the time.  Don’t do it if you’re in a production environment.  But I was in a lab, so anything goes here right?

Installation of 2008 was a snap.  As usual for any Windows OS.  I put it into a new domain and right away put it into 2008 Native Mode.  Looking back, that makes it more difficult to migrate users over from the old domain, but adds to the learning experince IMHO.  The first thing I noticed was the modular setup of the services and roles.  I like that.  No more bloated first install, then you spend the next 2 hours removing the services and roles you don’t want.  Kind of like buying a PC from HP or Dell.  Install what you need and leave out the rest.  Nice.

While perusing the AD Domain Services Role, I see that 2008 now uses DFS replication instead of FRS.  Nice.  Much more reliable.  I’m not much of a DFS guru, so let’s see how much easier it is to troubleshoot replication issues down the road.

Interesting use of the Vista-like gui interface. I don’t mind it, but I can see some admins grumbling already.

And why hasn’t MS built in it’s Virtual CD applet into 2008 yet?  That is the most useful tool ever.  Maybe it is, and I haven’t found it yet.

Apparently, ADMT v3.1 isn’t available yet.  This would allow for migrations between 2003 domains and 2008 domains.  I’m guessing it will be out when the RTM version is released.  Not much help to me now since I want to migrate my wife’s account over.  I just got her used to using the domain account on her PC and laptop. 

Oh, and on another note.  I finally found a workaround for the blocked port 25 issue here.  By using Rollernet’s SMTP Redirection service, I can redirect to port 2525 (or any port really) on my end and point the Exchange SMTP Virtual Server to that port instead.  HA Charter, you can’t keep me down long!  Now how do I get around Charter’s hijacking of the NFL network?