WWWOooeeeps I forgot my password for my USB stick .
What we do next: I forgot my Password
Click on More Information: Hey I found a recovery key 
Then you go to Active Directory Users And Computers 
Next Enter the the recovery key 
YES: My data is readably
Last Step: Changing your password
Before you start wit Bitlocker to Go your domain controllers must be 2008 R2. You must upgrade your Schema.
After done that I made a group policy named Bitlocker to Go.
You can find the Bitlocker Policy under: Computer Configuration | Policies | Administrative Templates: Policy Definitions | Windows Components | BitLocker Drive Encryption | Removable Data Drives.
I enabled the following policies:
Choose How BitLocker Removable Drives Can Be Recovered
At first you must select the Allow Data Recovery Agent option. This option should be selected by default, but since this option is what makes the entire key recovery process possible, it is important to verify that the option is enabled.
Next, you will enable the Omit Recovery Option From The BitLocker Setup Wizard option. This prevents users from saving or printing their own copies of the recovery key.
Next, you will have to select the Save BitLocker Recovery Information to AD DS for Removable Data Drives. This is the option that actually saves the BitLocker recovery keys to the Active Directory.
Finally, you should select the Do Not Enable BitLocker Until Recovery Information Is Stored To AD DS For Removable Data Drives option. This option forces Windows to confirm that the recovery has been written to the Active Directory before BitLocker is allowed to encrypt the drive. That way, you do not have to worry about a power failure wiping out the recovery key half way through the encryption process.
Windows XP SP2 & SP3 can only read the bitlocker usb stick.
Update for Best Practices Analyzer for HYPER-V for Windows Server 2008 R2 x64 Edition (KB977238) You can use Hyper-V Best Practices Analyzer to scan a server that is running the Hyper-V role, and help identify configurations that do not comply with the best practices of Microsoft for this role.
Update for Best Practices Analyzer for DHCP Server for Windows Server 2008 R2 x64 Edition (KB977236) You can use DHCP Best Practices Analyzer to scan a server that is running the DHCP role and help identify configurations that do not comply with the best practices from Microsoft for this role.
Update for Best Practices Analyzer for Network Policy and Access Services for Windows Server 2008 R2 x64 Edition (NPAS) (KB977239) You can use the Network Policy and Access Services update for Best Practices Analyzer to scan a server that is running one or more of following the role services: Network Policy Server, Health Registration Authority, and Routing and Remote Access Service.
Update for Best Practices Analyzer for File Services for Windows Server 2008 R2 x64 Edition (KB981111) You can use File Services Best Practices Analyzer to scan a server that is running the File Services role and one or more of following role services: DFS Namespaces, DFS Replication, File Server, File Server Resource Manager, Services for Network File System.
Update for Best Practices Analyzer for Active Directory Rights Management Services for Windows Server 2008 R2 x64 Edition (KB981391) You can use Active Directory Rights Management Services Best Practices Analyzer to scan a server that is running the AD RMS role and help identify configurations that do not comply with the best practices of Microsoft for this role.
Update for Best Practices Analyzer for Windows Server Update Services for Windows Server 2008 R2 x64 Edition (KB981390) You can use the Windows Server Update Services (WSUS) update for Best Practices Analyzer to scan a server that is running WSUS.
Update for Best Practices Analyzer for Application Server for Windows Server 2008 R2 x64 Edition (KB981392) You can use the Application Server update for Best Practices Analyzer to scan a server
Een aantal mensen van Red-Gate hebben weer een mooi ebook geschreven wat elke Microsoft/Exchange beheerder moeten weten. Het is een samenvatting van The Best of
Simple Talk SysAdmin
De Onderwerpen:
Exchange
- High Availability in Exchange 2007
- Message Hygiene in Exchange Server 200731
- Using Exchange 2007 for Resource Booking
- Controlling Email Messages using Exchange’s Transport Rules
- Exchange 2007 Mailbox Server Clustering
- Top Tips for Exchange Admins
- Exchange Database Technologies
- Message Classifications in Exchange 2007
- Deploying Exchange 2007 on Windows Server 2008
- Exchange Server Log File Replay
- Configuring Exchange Server 2007 to Support Information Rights Management
- Reporting on Mobile Device Activity Using Exchange 2007 ActiveSync Logs
- Online Exchange Backups
- Optimizing Exchange Server 2007
- Exchange: Recovery Storage Groups
- Exchange E-mail Addresses and the Outlook Address Cache
- Upgrading to Exchange Server 2007
- Goodbye Exchange ExMerge, Hello Export-Mailbox
- Determining MS Exchange Disk Performance
- Upgrading to Exchange Server 2007: Part 2
- Message Tracking in Exchange 2007
- Third Party High Availability and Disaster Recovery Tools for Microsoft Exchange Server
- Exchange Server 2010 – The First Public Beta Version
- Emulating the Exchange 2003 RUS for Out-of-Band Mailbox Provisioning in Exchange 2007
- Using Exchange 2007 Transport Rules to Protect the First Entry in the Address Book
- Cluster Continuous Replication Network Design
- Building an Exchange Server 2007 environment
- An Introduction to Messaging Records Management
- Installing Hyper-V and Beyond
- Restricting Outlook Client Versions in Exchange 2007
- Using Twitter and PowerShell to Find Technical Information and Join a Community
- Update: Exchange Server 2010 Release Candidate
- Exchange backups on Windows Server 2008
- Moving to Office Communications Server 2007 R2
- Monitoring and Scheduling Exchange 2007 Database Online Maintenance
- Exchange 2010 High Availability
- Implementing Cluster Replication – Part 1
- The Active Directory Recycle Bin in Windows Server 2008 R2
- Using Group Policy to Restrict the use of PST Files
- Introduction to Exchange Server 2010
- The Ego and the System Administrator
- Implementing Windows Server 2008 File System Quotas
- Implementing Cluster Continuous Replication, Part 2
- Active Directory Management with PowerShell in Windows Server 2008 R2
- Upgrade Exchange 2003 to Exchange 2010
- Customizing the Outlook Address Book
General Articles
- A SysAdmin’s Guide to Change Management
- A SysAdmin’s Guide to Users
- Change Management – What It Is and Why You Need It
- Manage Stress Before it Kills You
- Hiring System Administrators
- Increase Your Value as a Professional in the Technical Industry
- The Art of Dealing with People
Virtualization
- Virtual Exchange Servers
- Virtualizing Exchange: points for discussion
- Build Your Own Virtualized Test Lab
- A Beginner’s Guide to Virtualizing Exchange Server – Part 1
- A Beginner’s Guide to Virtualizing Exchange Server – Part 2
- Windows Server Virtualisation: Hyper-V, an Introduction
- Increasing the Availability of Virtualized Applications and Services
- Microsoft Hyper-V Networking and Configuration – Part 1
Unified Messaging
- An Introduction to Unified Messaging
- Moving to Office Communications Server 2007 R2
PowerShell
- Managing Exchange 2007 Mailbox Quotas with Windows PowerShell
- So You Thought PowerShell Was Only For Exchange 2007
Downloaden klik op het boek
Stap 1. Licentie code invoeren. 
Stap 2. Configureer Virtueel Center 
3. Aanmaken van een Desktop Pool.
4. Zorg dat in Active Directory een groep hebt gemaakt waarin elke user zit die een desktop mag gebruiken. Ik heb groep View Gebruikers aan gemaakt. 
5. En dat was het.
Prerequisites
Domain Controller:
Windows Server 2003 Standard Edition met Service Pack 1 (SP1) of later (32-bit or 64-bit)
Windows Server 2003 Enterprise Edition met SP1 of later (32-bit or 64-bit)
Windows Server 2008 Standard of Enterprise (32-bit or 64-bit)
Windows Server 2008 R2 Standard or Enterprise
Prepare Active Directory en domains
1. Indien er nog een Exchange 2003 Server aanwezig is moet je:
setup /PrepareLegacyExchangePermissions of setup /pl
2. setup /PrepareSchema of setup /ps
3. setup /PrepareAD of setup /p
Onder de OU in domain genoemd Microsoft Exchange Security Groups worden de volgende groepen aangemaakt:
Exchange Organization Management
Exchange Recipient Management
Exchange Server Management
Exchange View-Only Organization Management
Exchange Public Folder Management
Exchange UM Management
Exchange Hygiene Management
Exchange Records Management
Exchange Discovery Management
Exchange Delegated Setup
Legacy Groepen:
Exchange Security Groups OU:
Exchange Organization Management
Exchange Recipient Management
Exchange Server Management
Exchange View-Only Organization Management
Exchange Public Folder Management
Exchange UM Management
Exchange Hygiene Management
Exchange Records Management
Exchange Discovery Management
Exchange Delegated Setup
ExchangeLegacyInterop
4. setup /PrepareDomain of setup /pd
Feature Names:
RemoteServerAdministrationTools
RemoteServerAdministrationTools-ServerManager
RemoteServerAdministrationTools-Roles
RemoteServerAdministrationTools-Roles-CertificateServices
RemoteServerAdministrationTools-Roles-CertificateServices-CA
RemoteServerAdministrationTools-Roles-CertificateServices-OnlineResponder
RemoteServerAdministrationTools-Roles-AD
RemoteServerAdministrationTools-Roles-AD-DS
RemoteServerAdministrationTools-Roles-AD-DS-SnapIns
RemoteServerAdministrationTools-Roles-AD-DS-AdministrativeCenter
RemoteServerAdministrationTools-Roles-AD-DS-NIS
RemoteServerAdministrationTools-Roles-AD-LDS
RemoteServerAdministrationTools-Roles-AD-Powershell
RemoteServerAdministrationTools-Roles-DHCP
RemoteServerAdministrationTools-Roles-DNS
RemoteServerAdministrationTools-Roles-FileServices
RemoteServerAdministrationTools-Roles-FileServices-Dfs
RemoteServerAdministrationTools-Roles-FileServices-Fsrm
RemoteServerAdministrationTools-Roles-FileServices-StorageMgmt
RemoteServerAdministrationTools-Roles-HyperV
RemoteServerAdministrationTools-Roles-RDS
RemoteServerAdministrationTools-Features
RemoteServerAdministrationTools-Features-BitLocker
RemoteServerAdministrationTools-Features-Clustering
RemoteServerAdministrationTools-Features-GP
RemoteServerAdministrationTools-Features-LoadBalancing
RemoteServerAdministrationTools-Features-SmtpServer
RemoteServerAdministrationTools-Features-StorageExplorer
RemoteServerAdministrationTools-Features-StorageManager
RemoteServerAdministrationTools-Features-Wsrm
Step 1. Installatie the RSAT MSU pakket
wusa x86fre_GRMRSAT_MSU.msu /quiet (x86)
wusa amd64fre_GRMRSATX_MSU.msu /quiet (x64)
Stap 2 Alle beschikbare opties:
dism /Online /Get-Features
Stap 3: Aanzetten van de beschikbare Opties
dism /Online /Enable-Feature /FeatureName:<FeatureName>
Voorbeeld
Ik wil Active Directory snap ins uitrollen.
wusa Windows6.1-KB958830-x86.msu /quiet
dism /online /enable-feature /featurename:RemoteServerAdministrationTools
dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles
dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles-AD
dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles-AD-DS
dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles-AD-DS-SnapIns
De meeste van ons kennen PowerGui van Quest. Hier mee kun je powerpacks maken van Powershell Scripts.
Aangezien Quest Software Vizioncore heeft overgenomen. Heeft een Vizioncore een gratis en handig product op de markt gezet genaamd: Virtualization EcoShell. Dit stukje software wordt gesponserd door VizionCore. De makers van deze tool zijn de VESI™ Community.
Wat is nu de EcoShell:
De Virtualization EcoShell biedt een eenvoudige, consistente en geïntegreerde beheer user interface voor het creëren, debuggen en vereenvoudiging van het beheer van Windows PowerShell scripts.
Voor downloads en informatie over het installeren van de Virtualisatie EcoShell, bezoekt u de Virtualisatie EcoShell download pagina.
Meer en meer bedrijven gebruiken Windows PowerShell scripts op verschillende platformen.
De Virtualisatie EcoShell gepositioneerd is voor IT-beheerders, adviseurs, en consultants die alles moeten beheren en terug kerende taken te automatiseren . Gecentraliseerd beheer van servers. De Virtualisatie EcoShell bespaart dagelijks tijd voor beheerders voor het beheer van virtuele omgevingen.
Wat heb je nodig om er gebruik van te kunnen maken.
Windows PowerShell Version 1.0
VMware PowerCLI 4.0
Quest PowerShell Commands for Active Directory Version 1.2
32-Bit | 64-Bit
Virtualization EcoShell Build 1.2.0.154
Zo ziet de Virtualization EcoShell er uit. 
1. Installeer een Windows 2008 R2 server en zorg dat deze aan het huidige domain is toegevoegd.
2. Zorg er voor dat de eventuele DHCP role al overgezet is.
2. Kopieer van de 2008 R2 iso de adprep map naar c:\ van de eerste 2003 domain controller.
3. Voer het volgende uit: adprep /forestprep > c:\forestprep.log 
4. Check domain level 
4. Voor nu het volgende uit adprep /domainprep 
5. Nu kun je de geïnstalleerde Windows 2008 R2 server upgraden tot domain controllers door middel van DC promo te draaien.
6. Draai dcpromo op desbetreffende servers. Gebruik hiervoor een account dat lid van is van de volgende groepen Schema Admins, Enterprise Admins, Domain admins.
7. Zet alle rollen over naar de 2008 R2 domain controllers
7.1 RID Master, PDC Emulator en Infrastructure Masters 
7.2 Active Directory Domains and Trust
7.3 Active Directory-schema
De module Active Directory-schema installeren
Klik op Start, klik met de rechtermuisknop op Opdrachtprompt en klik vervolgens op Als administrator uitvoeren.
If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
Typ de volgende opdracht bij de opdrachtprompt en druk vervolgens op ENTER:
regsvr32 schmmgmt.dll 
Klik op OK om het dialoogvenster te sluiten waarin wordt bevestigd dat de bewerking is gelukt.
Klik in het menu Start op Uitvoeren, typ mmc en klik op OK.
Klik in het menu Bestand op Module toevoegen/verwijderen.
Klik onder Beschikbare modules op Active Directory-schema, klik op Toevoegen en klik vervolgens op OK
En vervolgens doe Change Schema Master
8. Check met het volgende command of alle FSMO rollen netjes zijn omgezet: netdom.exe query fsmo 
9. Zo te zien zijn alle rollen netjes omgezet en kan ik win2k3r2x64 gaan demoten.
10. Zorg er voor dat de DHCP scope en overige servers de juiste dns instellingen hebben.
11. Voer dcpromo uit. 
12. Nu nog even de win2k3r2x64 server uit het domein halen dan kan daarna de server netjes uitgezet worden.
Exchange 2007 CCR gehad van het weekend. Kreeg de volgende melding in de eventviewer en in de gui.
Event Viewer:
GUI: 
Oplossing: ![clip_image002[4]](http://www.wardvissers.nl/wp-content/uploads/Eventid7005MicrosoftExchangecouldntreadt_DE98/clip_image0024.jpg "clip_image002[4]"){kind=small}
Gestopt.
Daarna was de melding nog steeds niet weg in de GUI. In de event viewer wel. Aangezien deze toch als passieve draait maar even herstart uitgevoerd. Nu is alles weer netjes in orde.