sbs memory issues

Okay, so what does tasklist /svc from a command prompt tell us?
Ah ha…it’s our Firewall monitoring service ….see that MSSQL$MSFW? That’s our ISA server monitoring that indeed needs to be throttled.
If you’ve checked out the instructions on the SBS 2003 sp1 document [the community one, not the official one], you’ll know that the recommendation is to perform a command to throttle that instance. So we open a command prompt and do the following:
Open a command prompt and type in the following instructions:
Osql –E –S %computername%MSFW
sp_configure ‘show advanced options’,1
reconfigure with override
sp_configure ‘max server memory’,NNNN (Where NNNN is the amount of ram in mb. Recommended amount is 100 MB for SBS)
reconfigure with override
and end the command with
As you can see the commit charge has now gone way down.
And you can see that PID 1612 [our firewall monitoring msde instance] is no longer sucking that memory.
And I’m once again a happy camper… along with my SBS box.

Microsoft Small Business Server 2008

Microsoft SBS Server 2008 is an excellent solution for small businesses.  However, migrating to SBS 2008 is not that simple.  First things first it is essential that you migrate to a new physical server.  Doing an in place upgrade is a nightmare and I would not attempt to do it.  If you don’t have another server and your current server is of x64 platform then you should create a virtual machine and use a physical to virtual utility to convert your existing machine to a virtual machine.  Once that is done install SBS 2008 from scratch then power up the virtual machine.  You can then migrate over to SBS 2008.
It should also be noted that x64 is becoming the new standard.  It gives you a bus twice as big as its predecessor x86 processing.  That being said Windows Server 2008 requires x64 hardware.  It will not install on x86.
You basically have two choices when it comes to SBS2008 standard or premium.  The main difference is with premium edition you can have 2 servers in the domain.  As where standard was intended to be a single server solution.
Microsoft decided that ISA server would not be included in SBS 2008.  This in my opinion was a good idea.  There are things certain companies are good at and they should stick to their core competencies of things that they can perfect.  Cisco owns Microsoft when it comes to networking/firewall’s and Microsoft has better server solutions.  Do yourself a favor and do not try to use a “software” firewall solution.  Use a Cisco ASA 5505 or model that fits your needs.
SBS 2008 also has a built in web interface for connecting to your PC at work.  I believe RDP is the way to go for employees accessing your network remotely.  The reason being is their PC acts as a dumb terminal and they can see and feel their desktop as if they were sitting at it.  VPN solutions also known as virutal private networks are over rated.  When a client VPN’s from home they basically connect their PC to your internal networking.  Meaning that if their PC is compromised their attacker basically has a door to your network.  Since it is almost impossible to control employees’ PC’s at home it is inevitable at some point they will get a virus or spyware.  If you remember this is how Microsoft’s network was compromised a few years back. 
Also with the premium edition you have the ability to install SQL 2008 standard.  This is not an option with standard.
The steps for migrating from SBS 2003 are as follows:
Always run backups on your existing server first before doing anything.  This is vital.
Next go to Windows Updates and make sure you upgraded and installed all service packs and updates.
You must now raise the function level of your SBS 2003 domain that can be done by first demoting any NT4 or Windows 2000 domain controllers(if you have any).  Once that is complete Go to active directory domains and trust.  Right click on your domain and select raise domain functional level to 2003.  You must also upgrade the forest functional level to 2003.  This can be done by staying in the console and right clicking on active directory domains and trusts select raise forest functional level.
I would recommend next that you have all of your users go into Outlook.  Tell them to go to tools and empty recycle bin.  This will free up tons of space worth of trash.  It will help make your migration faster.
Make sure your source server has the correct time as this is essential:  w32tm /config /syncfromflags:domhier /reliable:no /update
net stop w32time
net start w32time
Make sure your domain is in native mode and not mixed
Next prepare your server by inserting the 2008 SBS DVD.  Go to tools click sourcetool and run it.  You are going to need an answer file for this which can be created by running SBSAfg.exe on the SBS 2008 DVD.
Keep in mind you must remove the source server.  You have 21 days.
When you install the new server make sure your answer file is on a USB drive.  It will be auto detected as long as it is in the source of any drive.  If it successfully detected after you answer all the Windows server 2008 questions you will get a start the migration page. 
To migrate Exchange 2003 to Exchange 2008 I would recommend you have all your users create a backup PST from Outlook.  This way you have local copies of your data.  Once that is complete then on the migration wizard home page click migrate exchange mailboxes and settings.  Follow the steps outlined.

Remote access solutions, and what not to do.

Do you have a small, medium, or even large business? Are you looking for ways that employees can connect from home? There are many VPN technologies available to choose from today. The most popular choices include VPN, remote desktop, Citrix, goToMyPC(Worthless), and LogMeIn(Worthless).
I will explain each one of these choices and which ones i recommend:
I would personally not use the VPN option. Although this is probably one of the most popular deployed options I would not use it because what you are creating is a link from your employees remote machine to your network. It is the equivalent to plugging their pc directly into your network. Why is this not smart? Let me explain this means that if their machine has been hacked or they are on a hotel network, very common, then you have just opened a bridge into your entire network! Of course there are rules you can implement on your terminating server side but they can become very difficult to maintain and you will most certainly run into issues with things not working. This option is a huge security risk if you do not know what you’re doing!
The next options that I would stay away from are these little pay me $10 month and I’ll get you remote access to your machine. Services like this include goToMyPc and logMeIn. Sure they work but who wants to pay for something you should be getting for free?
The option that I personally feel is the safest, easiest, and most secure is configure remote desktop protocol or RDP. You need to be able to configure port address translation in your firewall, you may need to find help if you do not know how to do this. RDP runs on port 3389 so you need to go into your firewall and open this port to the IP address of the client machine you’re trying to access. However, if you have 20 employees that need to connect remotely then this is where you need the port address translation. You need to put holes in your firewall to all of your client machines. This means you pick a starting port let’s say 5000. So your employees will all get a port number like below.
Employee 1 = port 5000
Employee 2 = port 5001
Employee 3 = port 5002
etc, etc
Then you will give your employees the following information to connect remotely your external IP and port i.e. If they type this into Remote desktop and you have port 5000 to redirect to their workstation on port 3389 then they get connected right into their pc as if they were at work the entire time.

Gmail not working with IMAP

Are you able to send email through Outlook but you are stuck on a status message that says, “Checking for new mail in subscribed folders on”? If so you need to check your firewall and make sure outbound port 993 and 465 are open.

Google hosted solutions

Do you have an organization of 1 may be 5 people? Do you wish you had more advanced email features, calendaring, Blackberry integration, collaboration, etc?
A Google hosted might be the best option for you. I run my personal email system on it and the features are very rich given the price….Free! Most small businesses feel the need to purchase a small business server. Which I’m not completely opposed to. But if you’re a new business on a budget go with Google, you’ll be happy you did. If that is still not enough for you did you know Arizona State University one of the largest universities in the United States use Google hosted?