Random Thoughts ...

Table of Content

Table of Content. 2

Architecture of the medium farm.. 3

Assumption. 3

Prepare Windows 2008 Servers. 4

Prepare Windows 2008 Server NLB Cluster. 4

Test NLB Cluster by Creating an IIS Website. 7

Install MOSS and Configure Central Admin Site. 8

Configure Index Server. 8

Configure SSP. 9

Prepare for Kerberos Authentication. 9

Configure MOSS Portal Using Kerberos Authentication. 11

Architecture of the medium farm

Assumption

· You have basic knowledge of AD, MOSS and NLB

· Windows 2003 Domain name: contoso.com

· SQL cluster already installed

· 3 servers with Windows 2008 Server installed, Web1 and Web2 has 2 NICs installed and connected to different subnet

· You have a Domain Admin account

· 2 Web front servers (Web1 and Web2)

· 1 Index Server (Idx1)

· NLB SharePoint farm will be accessed as http://sharepoint

· Following domain accounts used for SharePoint have been created:

o Contoso\MOSSPortal

o Contoso\MOSSSearch

o Contoso\MOSSMysite

o Contoso\MOSSAdmin

o Contoso\MOSSSsp

Prepare Windows 2008 Servers

Make sure all 3 Windows 2008 servers have the following roles added:

· Application Server Foundation

· Web Server (IIS) Support

· Windows Process Activation Service Support (optional – useful if this server will host WCF service)

· Distributed Transactions (optional for MOSS but install it in case some WebPart code need to use distributed transaction)

Prepare Windows 2008 Server NLB Cluster

This is a very straight forward process and we need to make sure the NLB cluster is functioning before we install MOSS on it. Here is the step by step configuration process:

· Logon to Web1, make sure the both NIC configured correctly by pinging Web2 (this should resolve 172.168.8.57 in my case), also make sure you can ping Web2 using another IP (in my case it’s 192.168.10.2)

· Logon to Web2, make sure the both NIC configured correctly by pinging Web1 (this should resolve 172.168.8.56 in my case), also make sure you can ping Web1 using another IP (in my case it’s 192.168.10.1)

· Logon to Web1, from command window, type nlbmgr, right click the Network Load Balancing Clusters and select “New Cluster”, specify a host to connect to and select the interface with IP 172.16.8.56, select unicast because we have two NICs here (you need to use multicast if you have only one NIC), make sure to specify your cluster IP (in my case it’s 172.16.8.58) and full internet name as sharepoint.contoso.com

· Add Web2 into the cluster and you should see something similar to the following after NLB configured successfully

Test NLB Cluster by Creating an IIS Website

Before we install MOSS to Web1 and Web2, we need to make sure the NLB is functioning as expected and here are steps to do the test.

· Logon Web1

o Create a folder to host our test website C:\WebSites\SharePointPortalSite, create a test.htm file in this folder, enter <h1>Content on Web1</h> in test.htm

o Create a website using IIS manager point to the above created folder, make sure this website is bound to the cluster IP only and cluster name as host header (in my case it’s 172.16.8.58 and sharepoint)

o Select DefaultAppPool as application pool

· Logon Web2, repeat the above steps but edit the test.htm to change the content to “Content on Web2”

· Now logon to the index server, type http://sharepoint, you should see either “Content on Web1” or “Content on Web2”

· Keep testing by shutting down Web1 while Web2 is on

· Keep testing by shutting down Web2 while Web2 is on

We have successfully tested the NLB cluster. You might get authentication error if you access the http://sharepoint from either Web1 or Web2, if so, please following this link to see the workaround (Disableloopbackcheck): http://support.microsoft.com/default.aspx/kb/926642

Install MOSS and Configure Central Admin Site

· Install MOSS bits on all 3 servers in the following order:

o MOSS bits

o MOSS sp1 bits

o MOSS infrastructure update bits

· Logon Web1

o Run “SharePoint Products and Technologies Configuration Wizard” to create your farm

o Make sure to select “Central Admin” will run on this machine

· Logon Web2

o Run “SharePoint Products and Technologies Configuration Wizard” to join existing farm

o Make sure to select “Central Admin” will run on this machine

· Logon Idx1

o Run “SharePoint Products and Technologies Configuration Wizard” to join existing farm

o Make sure to select “Central Admin” will run on this machine

· Test on all 3 servers and make sure the Central Admin site comes up

Configure Index Server

· Logon to Index server

· Start Office SharePoint Server Search service

· Start Windows SharePoint Services Help Search services

Configure SSP

· Create an application http://sharepoint:5100 to host SSP, app pool identity: Contoso\MOSSMysite

· Create an application http://sharepoint:5200 to host MySite, app pool identity: Contoso\MOSSSsp

· Make sure to the correct index server, in my case IDX1

· Plan the index capacity and make sure allocate enough space to host index

· Create new SSP

· Configure Search Settings

· Installed 64bit IFilter on Index Server (http://www.foxitsoftware.com/pdf/ifilter/ )

Prepare for Kerberos Authentication

To make Kerberos authentication work with SharePoint portal http://sharepoint we need to make sure that both web servers are configured to be trusted for delegation and needed Service Principals are registered.

Launch Active Directory Users and Computers MMC, find the Web1 and Web2 server, and double click to go to the properties, at Delegation tab, select “Trust this computer for delegation to any service (Kerberos only)

Find the domain user account contoso\mossportal which will be used as identity of the application pool for our SharePoint portal site and double click to go to properties page, go to Delegation tab, select “Trust this user for delegation to any service (Kerberos only)

Here are commands we need to run on a machine that has SETSPN.exe (which is included in Windows 2003 Server media as Support.CAB):

Setspn –a http/sharepoint web1

Setspn –a http/sharepoint.contoso.com web1

Setspn –a http/sharepoint web2

Setspn –a http/sharepoint.contoso.com web2

Setspn –a http/sharepoint contoso\mossportal

Setspn –a http/sharepoint.contoso.com contoso\mossportal

Configure MOSS Portal Using Kerberos Authentication

· Logon to Web1, launch Central Admin site, create new application, make sure to check “using an existing IIS website” and select the website we tested the NLB in above steps, in my case, http://sharepoint

· Make sure to choose “Kerberos” as authentication provider and supply all other necessary information to create a web application

· Create the root site collection and select one site template meet your need

· Wait for few minutes to make sure the site provisioning job completed and changes will be made automatically on Web2 server

· Logon to a workstation, you should be able to access the SharePoint site by the NLB url http://sharepoint

After government took over FNM, FRE and AIG, it's the time to boost the asset value of those companies so government can make some money from the rescue!!!

You should never act against government and policy in financial market - they can easily change the stock market direction BUT there is no way to solve housing market problem but the housing bubble needs to be burst to go to a level that people can afford to create huge demand. If we see more job loss in coming months then the housing market will not be able to recover any time soon.

It's time to load some beaten down high quality stocks, folks!!! but make sure sell it when the storms fade ...

I was really shocked how dumb it is to think that taking over Fannie Mae and Freddie Mac will save the housing market. The real problem of the housing market is the price was inflated so high past several years that even mid-class family could not afford to buy a single family home in State like California and Florida. This taking over action will only temporarily address concern psychologically. If there are not enough buyers and too many sellers due to losing jobs and high inflation, the housing price will keep going down.

Taking over a public traded company also changed the capitalism rule - this is a big impact that just "rescue" two companies.

Lots of people bought some FNM stock after Secretary Henry Paulson assured that Treasury Department will do whatever needed, including buy both company stocks, to rescue Fannie Mae and Freddie Mac.

Today, Government took over both GSEs, Investors will have huge loss if the FNM common shares are wiped out so the class action lawsuits are expected to file to recover the loss.

Landed at Chicago O'Hare International Airport after 4 hours non-stop flight from San Diego - this is not my first stop at Chicago but it's the first time I will get out of this airport and go to downtown Chicago.

Taxi driver (cab number: 1782) did not want to take my credit card and asked for cash ... checked in at Hotal SAX Chicago - seems like a very nice hotel and the front desk is very special - it does not look like a normal hotel front desk at all!!!

A very hungry man started to look for a restaurant that offers good quality meat - few hundred yards from the hotel, there is a steak house "Smith & Whollensky" - waited for about 10 minutes I was led to a corner table. One guy came with a framed menu and recommended the prime rib with bone which cost $45 and he asked me if I'd like soup - I chose one shrimp soup, he then asked me to pick on side order - I picked the broccoli. I did not order any wine but a cup of ice tea and I was totally shocked when the broccoli delivered - that's big enough for a whole family and I guess it must be over 1 pound of broccoli!!! I asked the waiter if I can take that off my order since it's too big and he asked me to take it home - of course he did not get the tips he expected. Anyway, the environment is beautiful and especially the outside seats along the river.

Oil price rose 300% last year or so and it keeps rising. It fell sharply twice recently but quickly zoomed to new high. People starts to believe the oil price will never fall and might think it's good idea to buy on the dip because it will come back again and goes to new high. All news (Iran vs Israel, Hurricane etc.) are good for high oil price.

Watch out, this is the classic peak sign!!! We just need a climax run before crashing!!!

sold half of JRJC ... bought lots of GU and VISN

keep accumulating GERN and DNDN