She’s Geeky Conference: Days 2 & 3

This weekend I enjoyed some more great sessions at the She’s Geeky unConference. Not only was this event filled with a collection of fantastic women with a variety of tech interests that I can’t even begin to list, it was a great opportunity to learn new tips and tricks for soft skills that aren’t always high on the “geekdom” list! Practicing the “elevator pitch”, improving your speaking skills and discussing how to manage transition as tech roles evolve were some of the sessions on agenda wall today. The notes for the sessions will be posted to the She’s Geeky Wiki over the next few days and I’ll post the links to the sessions I enjoyed most when they are available.

The one thing that seemed to be missing from the weekend was other system administrators. I was excited to enjoy the experience with Jessica DeVita, the owner of UberGeekGirl, but it was a little hard to believe that out of approximately 300 registered attendees, less than .01% identified themselves as server or desktop administrators. Those that even hinted they might have done it previously didn’t even utter the word “Windows”.

Is there something about this particular area of tech that makes it even less appealing for women? Maybe that will have to be a session topic when I attend next year.

She’s Geeky: Day 1

Today I attended my first “She’s Geeky” unConference. I didn’t know what to expect, but after today I highly recommend checking it out if you are a woman who works in technology (or mention it to a woman you know in the math, science or tech fields).

Lots of women were willing to talk about the areas that interested them in technology, so the day was filled with a variety of topics ranging from using social media to “green” technology, programming and development to Internet privacy and identity. (I even managed to make some time to present an overview of Windows 7!)

The privacy and identity talk was lively and full of ideas about one’s online identity(s) and how managing those can be different for women for a variety of reasons. Managing online privacy is only going to get more important as data continues to be collected, stored and mined, regardless of gender.

Notes from all the sessions will be compiled and available online, so I’m looking forward to being able to recap what I’ve learned (or missed) at the end of the weekend. While not everyone does the same type of “tech” it was a great experience to spend the day with other women who were all passionate about whatever thing that made them “geeky”.

SharePoint 2007 Notes & Oddities

Since working with SharePoint for a couple of weeks, I've noticed a few oddities that I think are worth mentioning. Some I have an explanation for, others I don't.

Oddity #1 - Rich-Text Editor for Web Parts doesn't work properly on 64-bit Internet Explorer.

I get a scripting error when I try to use the rich-text editor and when I edit a wiki page on a machine using 64-bit IE, I get the HTML code instead. This is a known issue with "Level 2" browsers - of which 64-bit IE (7 or 8) is considered. TechNet details out the compatibility issues. This issue still appears to remain with SharePoint 2010 according the compatibility table for that version as well.

Oddity #2 - I can't link SharePoint calendars to my Outlook 2007.

This seems to be a problem that only affects my user account at the moment and it follows me from computer to computer. I have two machines at work 64-bit Windows 7 with Office 2007, and Windows XP SP3 with Office 2007. In both instances, if I select the option to "Connect to Client" I get the prompt to accept the connection and then nothing happens. No link to the calendar, no sharepoint.pst is created, no mention of calendar link in the Sharepoint Lists under account settings. Outlook 2007 reports an information event in the application log - Event 27: The operation failed.

I've had two other people test the functionality with no problems, so this is bizarre for sure. But I want to work out why this is a problem before rolling SharePoint out across the board. If I want to get rid of public folder calendars, everyone needs to be able to link SharePoint calendars into their Outlook. Even me.

Special Note #3 - Make sure the SharePoint site doesn't launch in Protected Mode.

Protected Mode blocks a lot of the functionality of ActiveX, so the drop down Action menus won't work for users in this mode. I noticed this when I accessed the site from Terminal Services RemoteApp. I'll need to adjust some of the policies and IE security features on terminal services to make sure regular users have the same experience they would in the office.

Upcoming Conferences

Just a quick reminder that the She’s Geeky conference is happening later this week in Mountain View, Friday through Sunday. There’s still time to register, so maybe I’ll see you there.

Also, if you have a little bit of wiggle room in your training budget for the first half of 2010, you might want to check out this local one-day conference, Windows Intelligence, hosted by QuickStart Intelligence on April 26th. Several MVPs will be presenting, including myself and Ed Horley.

More details to come!

Starting out with SharePoint

This week I’ve started implementing the SharePoint pilot at the office. Right now, the goal is to use it an “upgrade” to our current Intranet and provide some calendar and meeting workspaces for better collaboration.

Our existing Intranet is organized by department, with a subset of users in each department being responsible for updating content in their areas. Right now, we use the combination of a basic IIS website and Macromedia’s Contribute as the client application for updating the pages. We’d had some difficulty with the Contribute application and training, which has resulted in the Intranet being mostly static content.

For this implementation, I’ve set up one site collection with the main site being the company Intranet home page. Then I created additional sites for each department and a couple extra sites for some specialty areas, like our company-wide disaster preparation. Each of these sites will likely have different contributors, so I wanted to allow for different permission sets for each site.

I’ve spent some time populating each site with some of the content that exists on our current Intranet site, playing around with web parts and getting a feel for what I’d be able to implement in this first phase. I’ve spent several days just copying and pasting – it’s almost a little addictive. Our current Intranet has a lot of documents and forms for reference, so I still need to set up the necessary libraries and port that information over to mirror the current web experience in SharePoint.

I’d like to be able to hand over the majority of the content management to the contributors in each department once everything is officially “live” and we've organized some formal training. With the addition of web parts for announcements, discussion boards and wikis, I’m hoping SharePoint will allow our Intranet to become a more fluid destination with fresh information posted by a variety of staff members. I know I’m looking forward to using Wikis to provide more tips from the Helpdesk related to using ImageRight, Shoretel, email and our remote access solutions.

Windows Update Hiccups Occasionally

Ran into an interesting Windows Update issue today. I have a freshly built Windows 2008 Server and have it set to automatically run Windows Update. The majority of the updates were installing with incident, but it kept reporting a problem installing two updates - KB967723 (TCP/IP vulnerability) and KB976098 (time zone update).

The error code was 80070490, which isn't particularly helpful. Most mentions of it I've run across in the 'net involve Vista users who seem to think they need to reinstall their OS. Also not helpful and hopefully not the same problem!

Windows Update was happily installing other updates after the failed attempts, so the problem was specific to those two updates. The event log reported 4374 Warning - "package is not applicable for this system." Seems that for some reason the Windows Update service was calling the wrong version of the package, as both of those updates apply to all the current Windows operating systems. Downloading each package and manually installing them did the trick.

Data Privacy Day: 1/28/10

Next Thursday, January 28th, is Data Privacy Day. It's a relatively new day of celebration - this is the third year, but the goal is to promote awareness around data privacy and stimulate new development of privacy tools and encourage compliance with privacy regulations. Several events are being held in conjunction around the US, Canada and over two dozen European countries.

As an official sponsor, Microsoft will be participating in a event held in Washington, DC. Here in the bay area, Stanford Law School will be hosting an panel on Money and Privacy that is open to the community. Also, if you are so inclined, the International Association of Privacy Professionals will be having some “Privacy After Hours” evening networking events.

If nothing else, you might want to take some time that day to review some of the publicly available information about yourself. Type your name into your favorite search engine. Double-check those privacy settings in Facebook and make sure only a limited amount of information available is to people who aren’t part of your immediate network. Consider removing your profile from social networking sites you no longer participate in regularly.

The Internet and the growth of social media has made it so much easier to stay in touch with those we care about and connect with others who share our interests. However, don’t make it too easy for others to use those tools to against you.

And one more thing – it’s probably time you changed your password.

ImageRight and a Remote Desktop display bug

This week starts our official "pilot" roll out of Server 2008 RemoteApp. This is our planned replacement of Citrix for remote access to several of our regularly used applications. We are only using the Server 2008 (not R2) on the application server because our imaging application, ImageRight (version 4.3), does not support 64-bit. If you are planning on doing something similar, there is a minor display bug when access ImageRight v4 through the Remote Web Applications interface and it's likely related to how the drop down menus are rendered using ActiveX. The problem is not repeated when one logs onto the server directly.

In the "File Open" menu, there are drop-down menus for choosing the drawer and file type of the file you are looking for. In this example, the drawer selection defaults to "All Locations," but depending on your personal settings, it may default to a particular drawer that is used most often.

When a user attempts to drop-down the drawer menu to select another option, the menu appears to snap closed quickly and does not allow a selection, making it impossible to switch drawers. (The File Type selection menu works fine.)

This display bug is not scheduled to be fixed in ImageRight version 4 of the software and it's not a problem in version 5.0 according to ImageRight support. Meanwhile, the work-around is simple. Right next to the "File Open" tab, is a "Search" tab. The Search tab allows for more specific options to selected - down to page types and document descriptions. However, it all does the same basic features as the "File Open" tab.

In my office this isn't a commonly used tab, we have another search tool that searches across other records databases at the same time, so I have to make sure to point out the issue to new users and provide the work-around information up front. While I'd like our remote access to ImageRight to be a seamless as working in the office, this display issue isn't a showstopper.

Upcoming TechNet Event – Happening Near You!

The TechNet Events team is hitting the road again, bringing you presentations on Windows Azure, Hyper-V and demonstrations on simplifying Windows 7 deployments.

TechNet Events are free and with over 35 dates in cities across the United States, there’s bound to be one near you. The San Francisco session will be held on March 2nd. Registration is open now.

Certification Discounts

There are a few Microsoft and Prometric exam discount programs going on right now. If you have plans for working on a certification in the upcoming months, these deals might help you along.

• Microsoft Second Shot - good for exams taken by June 30, 2010. You have to take the first attempt of the exam (and the 2nd attempt if needed) by the deadline.
• Prometric 15% Off - schedule your exam by the end of February and take it by April 30, 2010.

These offers can't be combined, but if you've got a few exams in the pipeline you might be able to take advantage of both.

Two Links from my last 24 Hours

It's been a busy last few days, but I don't want to forget a couple of links that have been useful recently.

The first comes from @nelz9999, who shared a link about managing geeks in the corporate environment. The second was happened upon by a co-worker as we were troubleshooting a BlackBerry trackball that wasn't working properly. This is how you get those little things clean, but be careful when dealing with those tiny magnetic rollers.

Download the Employee Separation Checklist

I heard from quite a few people about how useful my post was about Employee Separations. As a bonus, I put together a document that breaks out the items into a checklist that you can edit to meet the needs of your environment. No matter how often you are removing user accounts or performing some other similar task, a checklist helps ensure you don't miss anything in case your work is questioned at a later time.

New Hires – My System Admin Wish List

Last week I wrote about employee separations and the list of things that often need to be considered when an employee leaves. To balance that, here is the list of information I’d like to have handy when a new employee needs access to corporate resources.

• Proper spelling of the person’s name (and if they have a preferred nickname) - Your company might insist that user accounts and email addresses be based on legal names, but if “Robert” always goes by “Bob” he may prefer “bjones” over “rjones” for his username. If your email global address book is sorted by first names, other staffers might look for Bob first under B, instead of R.
• Start Date – I want to make sure everything is ready on the proper day. But, it’s also important to let me know if the start date is change or delayed. Most accounts are created with a generic, easy password and I would prefer to not have an active account hanging out there for an extra 2 weeks before the new hire can select a more secure password.

After the name and the start date, everything else tends to drift quickly from the ideal “standard” setup and slips to every employee being just a little bit different. By default, I give every new employee a personal home directory on the file server, access to their departments file share and membership on their department distribution list and any generic office lists, like “All Staff” or “San Francisco Office”.

• Specialty Distribution Lists – Which other DLs do they need to be on? Contractors and employees might use different DLs. Managers, supervisors, special project lists, etc.
• Phone Number – Will any available phone number do? Sometimes a hire is destined to replace someone who needs immediate coverage. If that’s not the case, I like to give out a fresh DID or at least one that hasn’t been used in a while. No one likes to spend their first weeks on the job fielding calls that don’t pertain to them. If I’m reusing numbers, I like to keep recycled numbers in the same department if possible. This way the new person in accounting won’t be getting calls directed to the person who retired from HR. And what about calling privileges - local only, long distance, international calling? How about membership in special hunt groups, dial-by-name directory? Do they need call appearances to pick up calls for manager or executive?
• Applications and Security Groups – Which applications will they be using their first week or so? I know roles evolve and users always need their access adjusted. New hires usually will be learning 2-4 new applications immediately, so concentrate on finding out what those are. I don’t like to “make Bob the same as Joe”, because I know that Joe probably has membership in some security groups that Bob will never need. If the hiring manager can’t give you a list of which applications and data the new hire needs, remind them that security groups and application access are areas that are often looked at closely by auditors.
• Hardware – What’s standard for others in that department or role? If you have options for different mice or keyboards, let the newcomer know so they can request changes sooner than later. Make sure they are connected to the closest printer to their workspace, etc.
• Helpdesk Communications – Make sure they know the appropriate ways to submit help desk tickets or report problems. Should they use a ticketing-system? Send email? Call a special number? Pop into you cube? It’s a safe bet that people new to the office don’t want to annoy the IT folks, so set them up for success.
• Training Documentation - Many departments have manuals or documentation about how various tasks are performed, IT is no different. Voice Mail instructions, conference bridge information, document management system procedures, "how-to" information for common FAQs related to Outlook or other applications... make sure the new hire knows how and where to find those things. It's much easier help someone do something right the first time than to bother your DBA with bulk corrections to database information that was improperly entered.

Finally, document, document, document! File any forms or emails related to access needs and who authorized the access. Note the date you added or changed access going forward. Not only will this help with any audit needs, proper documentation can make it easier to remove access completely when someone leaves the company in the future.

Confessions of a new MVP

I confess. I've been a Microsoft MVP for less than 2 weeks and I didn’t realize what I was getting into. There is a well-known quote from "The Matrix" where Cypher says to Neo, "I know what you're thinking, 'cause right now I'm thinking the same thing. Actually, I've been thinking it ever since I got here: Why oh why didn't I take the BLUE pill?"

I thought I had a pretty good handle on what resources I had available to me as an IT professional. TechNet, conferences, white papers, sponsored webcasts, blogs, books, user groups, training classes… My schedule was easy to fill.

And then comes the MVP award. Sure, I could just hang my certificate in my cube and call it a day. After all, it’s an award for recognizing past contributions to the tech community. But turns out its more than just an award. It’s a door to a world of resources and information that I didn’t know existed.

Barely a week has passed and I find myself trying to be realistic about the amount of information I can actually consume in the next year. There are more webcasts and chats and online meetings and downloadable resources than I can even begin to get my head around. I feel like a kid in a candy store, or perhaps like someone in the TV aisle of Best Buy, trying to figure out where to focus my attention first.

I’m sure I’ll have a better handle on what direction I should be facing as I get more comfortable with the ins and outs of the program. I’m looking forward to being able to use this experience as a way to give back to all those who’ve helped me out of a jam with a timely blog post or magazine article. But until then it seems like I’m back at my first days as a high school freshman. Does anyone know the way to the cafeteria?

My 2010 Reading List: So Far

It's unfortunate that I feel like I'm starting the year already behind on my "tech" reading list. Here's a quick list of I have within arms reach.

• Mastering Windows SharePoint Services 3.0 by C. A. Callehan - This has been a great resource for my first attempt at implementing SharePoint. It's a hefty book, I wish it included a PDF version I could convert onto my Kindle.
  
• Microsoft Exchange Server 2007 : The Complete Reference by Richard Luckett, William Lefkovics, Bharat Suneja and MCITP: Microsoft Exchange Server 2007 Messaging Design and Deployment Study Guide - These have been part of my Exchange certification study materials, as well as a starting point for deciding if its worth migrating to Exchange 2007 or skipping to Exchange 2010.
  
• Windows Server 2008 Hyper-V: Insiders Guide to Microsoft's Hypervisor by John Kelbley, Mike Sterling and Allen Stewart - Would you believe I got this free from NetApp? It got several good reviews on Amazon, so I'm looking forward to getting a chance to sit down with it.
  
• Group Policy: Fundamentals, Security, and Troubleshooting by Jeremy Moskowitz. I've read his Windows 2000 Group Policy book years ago, so I much appreciated winning this one from him via Twitter.

In addition to books, I've downloaded several whitepapers onto my Kindle for those free moments on the subway:

• Implementing and Administering Certificate Templates in Windows Server 2008
• Windows Server 2008 Active Directory Certificate Services Step-By-Step Guide
• Exchange Server 2010: What's New and What's Changed by Allan Jacobs

Managing Employee “Separations”

It happens at every workplace. Employees leave – layoffs, retiring, or just moving on to new things. As a systems administrator, I wish that managers understood how deeply integrated a staff-person is with the computer systems they work on daily. It’s not always a simple process to undo someone’s existence.

Processing exiting employees without identity lifecycle tools can be tedious, but it's often the way things are done in small and medium sized businesses. I realize that several days notice isn’t always possible, but I can hope. I’ll even take a few hours of notice. However, we’ve all gotten that call at ten minutes to 5:00pm letting use know that someone won’t be coming in the next day.

I have my list of basic things I’d like a department manager to think about when it comes to seeing an employee off. The first couple can get me out out the door on time, the rest of them tie things up in a nice package.

Before beginning, it’s important to make sure the employee REALLY is leaving. It’s not unheard of to get several days of notice about a separation, complete account closure process, and then find out that the employee will be contracting from time to time and needs access when they are on-site.

• What time should their network account be disabled? – Ideally this is before someone in the NetOps department leaves for the day. Worst case is having to set an account expiration, as midnight often comes a long time after the employee has walked out with their final paycheck.
• Do they have remote access? – If yes, I disable that ASAP. This way if the network account has to stay active for longer than I’d like at least they have to be physically in the office log on.
• Email Forwarding – Is it needed? If so, I like to turn that on as soon as possible so that any incoming emails (especially over a weekend) are not missed.
  
• Phone and Voicemail – Is any call forwarding needed? For the same reasons as email, I don’t want any voicemail messages missed or left unchecked for too long.
• Building Access – Has the access to office space been removed? Network Operations isn't always responsible for physical access and that needs to coordinated as well.
  

Now those are just my “get-things-under-control” checklist. Then comes the rest of the things that need to be considered, but most managers really don’t know to mention them ahead of time.

• Email History – Do someone need a copy of their email box? Does the user have any PST files that need to be located and preserved?
• Distribution Lists – Is the user the sole member of any distribution lists? If so, removing them and leaving the DL empty will cause messages to go undelivered and lost. A new contact person needs to be designated.
  
• Work Files – Does the user have a home folder or area where they store work products? Do these files need to be preserved?
• Phone System – Is the user a destination for any phone tree options, a member of a workgroup or hunt groups?
• Application Management – Is the user the sole owner/manager of other important enterprise products like databases or SharePoint sites? Those roles will need to be assigned to someone else. Is there any applications that regularly delegate specific tasks that would need to be reassigned to a co-worker?
• External Systems - Does the user have any accounts with third-party systems (not AD or Windows-integrated) or external systems with other partners or clients where access would need to be removed separately?
  
• Locally Installed Applications or Hardware – Do they have some special applications or hardware installed on their workstations that need to be set up for another staff member?
  

Finally, there is usually a change control process that documents what was done to close the network account of the user so items weren’t overlooked. In a perfect world, the manager in question would have filled out the necessary forms ahead of time, but I'll settle for some quick answers over email that I can file in our document management system.

Every company will have it's only list of tasks, but the premise is the same. Securing critical data and making sure that customers continue to be served after the departure of an employee are important aspects of any systems administrator's job.

Thoughts on Air Travel Security

I know that airport security is probably pushing it when it comes to technology topics, but one can't help but miss all the recent hoopla regarding airline travel lately.

I travelled to the east coast over the holidays (after the Christmas day incident) and had mixed feelings about the fact that security screenings were no better, nor no worse than they had been the past year. My husband got the extra "pat down" during our return trip, but stated that he'd been physically screened more significantly when going to a music concert. Overall, I find the current system to be more "security theater" than not. I'm sure that the current procedures do discourage some more casual attempts to cause harm, but when someone is determined its possible to circumvent the system.

While it's important to look for metal items that could be used as weapons, TSA still can not consistently detect explosives on passengers or in carry-on luggage. Personally, I would be willing to bring less into the cabin of the plane and tolerate having it more closely screened, if it meant that I would have unlimited access to those items for the duration of the flight and would not have my movements unnecessarily restricted.

Granted this would mean making improvements in the baggage handling systems and require airlines to charge less for checked baggage in order to restore confidence in handing one's bag over to an agent. However less carry-on luggage would allow for faster passenger screening - either by hand, machine or trained dog.

On Sunday, EWR was partly shut down due to someone entering through an exit into a secure area. I am surprised this doesn't happen more often. Airports are busy often confusing places, filled with distracted people who want to be someplace else. What concerns me is that they never found the guy. Clearly airports need to take a sheet from the casino playbook when it comes to installing video surveillance systems. Hundreds of travelers could have avoided being rescreened and flights could have operated as usual if TSA could have simply tracked down the errant man.

Security works best when it's unobtrusive and consistently applied. While random screening procedures do have their place, it's not practical to make traveling more frustrating for the majority of the population by adding to the confusion with knee-jerk restrictions that don't address the obvious issues. If nothing else, TSA does lend itself to some great tweets. Check out this travel blog post that calls out seven of them.

UberTwitter - Beta 6 Released

I was happy to discover that 2010 brought an updated release to my favorite Twitter client for the BlackBerry, UberTwitter. This release supports some of the new features of Twitter, including lists and the updated retweet function. In addition to the added functionality, the UI has been updated to make it easier to access your DM and @ replies. The application icon looks a little too close to the Facebook icon on the BlackBerry for my taste, but perhaps that was done on purpose.

I've been using the free version, which has some advertising, but decided to spent the nominal fee to upgrade to the paid version this year. Since I've been using Twitter more and more to communicate with other tech-minded folk and get news, I figure it's the least I can do.

See you in the Twitterverse!

Don't Forget - PacITPros Meeting on January 5th!

PacITPros will be starting out the new year with a presentation from Amit Malhotra of Bakbone Software. Amit will be presenting on the NetVault®: FASTRecover™, which provides disk-based, real-time data protection for Exchange, SQL Server and Windows File Servers.

Find out more and RSVP at the PacITPros website.

New Year, New Adventure

I was excited to wake up this morning to an email from the Microsoft MVP Program, congratulating me on earning an award for 2010 in the technology area of "Windows Desktop Experience." I'm honored to have the chance to be part of this group and continue to contribute to the technology community.

After nearly 10 years of being part of the Pacific IT Professionals user group, I think this type of community might just be in my blood. I hope this award allows me to bring even more benefits to our growing group of IT professionals.

I'm looking forward to learning more about Microsoft and meeting other fellow MVPs at the upcoming summit in February. Here's to 2010!