Many months ago, I wrote about using ImageRight via Server 2008 RemoteApp. There's been a problem with accessing some of the drop down menus and as we've upgraded ImageRight a few times since then, I've been hoping the issue will just go away.
But after moving to 5.4 and having more and more users accessing ImageRight via RemoteApp, the issue really need to be addressed. Turns out there is a quick and easy workaround. Hold down the CTRL key when you select the drop down menus. Simple and effective.
Now, go forth and be Merry for the Holidays!
Wednesday, December 21, 2011
Monday, December 5, 2011
Customizing Distribution Group Management in Exchange 2010
One of the things I allowed certain end-users to do via Outlook was manage some of their own distribution lists. With a small office and a small IT staff, constantly changing distribution list membership was an easy thing to just delegate back to the people who really "owned" those lists. In Exchange 2003, it was an easy process to delegate that ability to end-users by making them the "manager" of the list.
Shortly after the migration to Exchange 2010, I started getting reports that the distribution lists could no longer be changed by the designated list managers. Exchange 2010 RBAC roles include a role called "MyDistributionGroups" that grants the ability for end-users to view and modify distribution groups. However, it also grants the right to create new distribution lists, which was not something I wanted for non-IT staffers.
I found this great blog post, Allowing End-Users to Manage Distribution Group Membership, in Exchange 2010 by Mike Pfeiffer on how to create a custom locked-down role for distribution group management using PowerShell. Written in early 2010, it's still get lots of great comments and usage - it certainly made my day easier!
Shortly after the migration to Exchange 2010, I started getting reports that the distribution lists could no longer be changed by the designated list managers. Exchange 2010 RBAC roles include a role called "MyDistributionGroups" that grants the ability for end-users to view and modify distribution groups. However, it also grants the right to create new distribution lists, which was not something I wanted for non-IT staffers.
I found this great blog post, Allowing End-Users to Manage Distribution Group Membership, in Exchange 2010 by Mike Pfeiffer on how to create a custom locked-down role for distribution group management using PowerShell. Written in early 2010, it's still get lots of great comments and usage - it certainly made my day easier!
Monday, November 28, 2011
Exchange 2010: Database Stores, Not Quite Ready When You Are
Once I had my Exchange 2010 server up and running, I had a need to create a new store. Unfortunately, things didn't look so great when the store wouldn't mount after I created the store in the GUI console. There were even some fine error messages in the logs letting me know that Exchange was unable to mount the store. If you search the Web for answers to this problem, you'll find all sorts of potential solutions and ideas.
Turns out the thing that worked best for me was some patience. Exchange 2010 is deeply ingrained in Active Directory and Active Directory does things at it's own pace. Sometimes immediately, sometimes in 5 minutes and sometimes in fifteen.
So go ahead and read all those links you found in the great WWW and then after about 5 minutes, go back and try to mount that database again. Chances are, it'll work just fine.
Turns out the thing that worked best for me was some patience. Exchange 2010 is deeply ingrained in Active Directory and Active Directory does things at it's own pace. Sometimes immediately, sometimes in 5 minutes and sometimes in fifteen.
So go ahead and read all those links you found in the great WWW and then after about 5 minutes, go back and try to mount that database again. Chances are, it'll work just fine.
Saturday, November 19, 2011
The Next Rev: ImageRight 5.4
My office is a week or so post-upgrade to ImageRight 5.4 from version 5.2. While this version integrates some post-5.2 hotfixes to resolve some annotation and image display issues, it comes with it’s own post-5.4 hotfixes that need to be installed after the primary installation. If you deploy the desktop client with Group Policy, you’ll need to create an MSI file and a third policy to fully deploy the software and hotfixes automatically.
While the desktop client hasn’t changed much from a user standpoint, there were some security additions and tweaks that are important to know about.
Overall, ImageRight 5.4 brought several new features and welcome changes to the document management product, with a relatively easy upgrade process from 5.2.
While the desktop client hasn’t changed much from a user standpoint, there were some security additions and tweaks that are important to know about.
- Alphabetizing Lists and Annotations – In previous versions, many of the lists that users interacted with were sorted by creation date. This was less than ideal when selecting from a long list of private annotations or selecting from the document type tree drop-down. Those list displays are now alphabetized.
- Read/Write permissions added to File Notes – while this is a great addition as a security feature, it’s turned on by default post-upgrade with the result being that users can’t see or add any file notes. I needed to make a support call to find the odd place that permission change was located. (The Security properties of the "Storage Types" container in the EMC.)
- Annotations Limited to Specific File Types - There is a feature in version 5 where you can filter or limit on what file types an annotation is available for use. When migrating from version 4 to 5.2 the system defaulted all the private annotations to be available on all file types (which was the behavior in previous version), but didn’t automatically check the “include all file types” option box. In version 5.4, the check box status is enforced, which may make private annotations seem to disappear for the end users.
- New Permissions for "Desktop - Modify Document Date" - also defaulted to not having any permission set in 5.4, users will need this permission added to change a document date. Also new is some functionality to track the date and time a document is received ("Desktop - Modify Receive Date and Time"), you may or may not want to let users change that.
Overall, ImageRight 5.4 brought several new features and welcome changes to the document management product, with a relatively easy upgrade process from 5.2.
Wednesday, November 16, 2011
From BlackBerry to Windows Phone
Last week, I landed myself brand-new Samsung Focus Flash phone with Windows 7.5. I had debated about going with the older Samsung Focus model in mid-October, but figured it was probably worth the wait for some new hardware too.
Having a physical keyboard on the BlackBerry was hard to give up, but outside of the lack of real keys, I pretty much love everything about it right now. One of the big factors in deciding on what phone to select was my ability to hold it and have a reasonable chance of being able to type with one hand. The Focus Flash is the only phone in the Samsung Focus line that is the same width as the BlackBerry Bold 9700. If I wanted a tablet, I would have bought one that has a screen larger than 4.3 inches.
As someone who spends a good amount of time using Twitter and dabbling in the other popular social media sites (depending on where my friends are), the People Hub has got to be the best idea since sliced bread. Being able to group certain friends and family members and highlighting a tile for that group on home page is fantastic. Even after a week, I feel less like I have to constantly watch my Twitter stream or check Facebook because I can easily view the postings from the people I care about the most. The native integration for interacting with Facebook and Twitter lack some of the more robust features, but it certainly good enough for the majority of my social media interactions.
The live tiles on the home page are great for highlight the next appointment and the latest status updates from the People Hub. Not having to open the calendar to see my next appointment is a nice bonus. Plus having a miniature "digital picture frame" that highlights my favorite photos is a fun feature.
I know many iPhone lovers may find faults in some of current features in the Windows Phone. There isn't the extensive catalog of apps yet and some of the ones that exist lack some of the more refined functions that more mature apps for iPhone and BlackBerry have. But I think it's only a matter of time before those app offerings catch up. And I have a list of things that I do miss from the BlackBerry - battery life being one of them and I'm developing a wish-list of things I hope to see change or become available in 2012, but that's a post of its own!
Having a physical keyboard on the BlackBerry was hard to give up, but outside of the lack of real keys, I pretty much love everything about it right now. One of the big factors in deciding on what phone to select was my ability to hold it and have a reasonable chance of being able to type with one hand. The Focus Flash is the only phone in the Samsung Focus line that is the same width as the BlackBerry Bold 9700. If I wanted a tablet, I would have bought one that has a screen larger than 4.3 inches.
As someone who spends a good amount of time using Twitter and dabbling in the other popular social media sites (depending on where my friends are), the People Hub has got to be the best idea since sliced bread. Being able to group certain friends and family members and highlighting a tile for that group on home page is fantastic. Even after a week, I feel less like I have to constantly watch my Twitter stream or check Facebook because I can easily view the postings from the people I care about the most. The native integration for interacting with Facebook and Twitter lack some of the more robust features, but it certainly good enough for the majority of my social media interactions.
The live tiles on the home page are great for highlight the next appointment and the latest status updates from the People Hub. Not having to open the calendar to see my next appointment is a nice bonus. Plus having a miniature "digital picture frame" that highlights my favorite photos is a fun feature.
I know many iPhone lovers may find faults in some of current features in the Windows Phone. There isn't the extensive catalog of apps yet and some of the ones that exist lack some of the more refined functions that more mature apps for iPhone and BlackBerry have. But I think it's only a matter of time before those app offerings catch up. And I have a list of things that I do miss from the BlackBerry - battery life being one of them and I'm developing a wish-list of things I hope to see change or become available in 2012, but that's a post of its own!
Wednesday, November 2, 2011
Exchange 2010 and External Relays (Migration - Part 3)
The "Receive" Connector is a funny thing in Exchange 2010. The receive connectors on my system seem to double as "Send" connectors depending on who's doing the sending. Once my new server was up and running, it was a no brainer to make a proper "Send" connector so the server could access the Internet to deliver mail to external parties. I was also able to quickly bring up "Receive" connector to collect mail from our Barracuda appliance.
Then I started tackling the servers within our organization that send alerts and reports via email. I added their network addresses to the same connector I used for the Barracuda device, since they are all on the same network.
All the devices seemed happy until I ran across one that needed to send messages to external recipients. Turns out that on Exchange 2003, I was using the same connector for both internal and external relaying without issue, but Exchange 2010 is a little pickier from a security standpoint (a good thing) and I had to create a special receive connector to handle external relaying.
So why are we using "receive" connectors to relay external mail? The receive connectors collect mail coming to the Exchange 2010 server which are then sent out using the Internet send connector. So while all your devices are sending mail, the Exchange server is both receiving it and sending it.
Of course, I wouldn't be writing a post about External Relays if there wasn't something special about them.
When creating an external relay you want to be sure to un-check all the security mechanisms from the Authentication tab, since it's likely you are relaying mail for things like your UPS which might be "phoning home" with updates to a support provider or copier/scanners that might need to send a scanned items to an outside party - all types of devices that likely won't have a mechanism to authenticate to your mail server.
You also need to set your "Permission Groups" to Anonymous, but the configuration doesn't end there. Be sure to kick off this little extra PowerShell as well.
Get-ReceiveConnector "External Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
Now that this relay is pretty wide open, so lock down which IP addresses from your network are allowed to use it so that its well controlled. If you need some screenshots for the configuration, check out this post from the Lazy Network Admin.
http://www.lazynetworkadmin.com/knowledgebase-mainmenu-6/2-windows/149-exchange-2010-configure-anonymous-relay-to-external-domains
Then I started tackling the servers within our organization that send alerts and reports via email. I added their network addresses to the same connector I used for the Barracuda device, since they are all on the same network.
All the devices seemed happy until I ran across one that needed to send messages to external recipients. Turns out that on Exchange 2003, I was using the same connector for both internal and external relaying without issue, but Exchange 2010 is a little pickier from a security standpoint (a good thing) and I had to create a special receive connector to handle external relaying.
So why are we using "receive" connectors to relay external mail? The receive connectors collect mail coming to the Exchange 2010 server which are then sent out using the Internet send connector. So while all your devices are sending mail, the Exchange server is both receiving it and sending it.
Of course, I wouldn't be writing a post about External Relays if there wasn't something special about them.
When creating an external relay you want to be sure to un-check all the security mechanisms from the Authentication tab, since it's likely you are relaying mail for things like your UPS which might be "phoning home" with updates to a support provider or copier/scanners that might need to send a scanned items to an outside party - all types of devices that likely won't have a mechanism to authenticate to your mail server.
You also need to set your "Permission Groups" to Anonymous, but the configuration doesn't end there. Be sure to kick off this little extra PowerShell as well.
Get-ReceiveConnector "External Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
Now that this relay is pretty wide open, so lock down which IP addresses from your network are allowed to use it so that its well controlled. If you need some screenshots for the configuration, check out this post from the Lazy Network Admin.
http://www.lazynetworkadmin.com/knowledgebase-mainmenu-6/2-windows/149-exchange-2010-configure-anonymous-relay-to-external-domains
Thursday, October 20, 2011
Playing IT Fast and Loose
It's been a long time since I've been at work from dusk 'til dawn. I not saying that I'm the reason we have such fabulous uptime, there are a lot of factors that play into it. We've got a well rounded NetOps team, we try to buy decent hardware, we work to keep everything backed up and we don't screw with things when they are working. And we've been lucky for a long time.
It also helps that our business model doesn't require selling things to the public or answering to many external "customers". Which puts us in the interesting position where its almost okay if we are down for a day or two, as long as we can get things back to pretty close to where they were before they went down. That also sets up to make some very interesting decisions come budget time. They aren't necessarily "wrong", but they can end up being awkward at times.
For example, we've been working over the last two years to virtualize our infrastructure. This makes lots of sense for us - our office space requirements are shrinking and our servers aren't heavily utilized individually, yet we tend to need lots of individual servers due to our line of business. When our virtualization project finally got rolling, we opted to us a small array of SAN devices from Lefthand (now HP). We've always used Compaq/HP equipment, we've been very happy with the dependability of the physical hardware. Hard drives are considered consumables and we do expect failures of those from time to time, but whole systems really biting the dust? Not so much.
Because of all the factors I've mentioned, we made the decision to NOT mirror our SAN array. Or do any network RAID. (That's right, you can pause for a moment while the IT gods strike me down.) We opted for using all the space we could for data and weighed that against the odds of a failure that would destroyed the data on a SAN, rendering entire RAID 0 array useless.
Early this week, we came really close. We had a motherboard fail on one of the SANs, taking down our entire VM infrastructure. This included everything except the VoIP phone system and two major applications that have not yet been virtualized. We were down for about 18 hours total, which included one business day.
Granted, we spent the majority of our downtime waiting for parts from HP and planning for the ultimate worst - restoring everything from backup. While we may think highly of HP hardware overall, we don't think very highly of their 4-hour response windows on Sunday nights. Ultimately, over 99% of the data on the SAN survived the hardware failure and the VMs popped back into action as soon as the SAN came back online. We only had to restore one non-production server from backup after the motherboard replacement.
Today, our upper management complemented us on how we handled the issue and was pleased with how quickly we got everything working again.
Do I recommend not having redundancy on your critical systems? Nope.
But if your company management fully understands and agrees to the risks related to certain budgeting decisions, then as a IT Pro your job is to simply do the best you can with what you have and clearly define the potential results of certain failure scenarios.
Still, I'm thinking it might be a good time to hit Vegas, because Lady Luck was certainly on our side.
It also helps that our business model doesn't require selling things to the public or answering to many external "customers". Which puts us in the interesting position where its almost okay if we are down for a day or two, as long as we can get things back to pretty close to where they were before they went down. That also sets up to make some very interesting decisions come budget time. They aren't necessarily "wrong", but they can end up being awkward at times.
For example, we've been working over the last two years to virtualize our infrastructure. This makes lots of sense for us - our office space requirements are shrinking and our servers aren't heavily utilized individually, yet we tend to need lots of individual servers due to our line of business. When our virtualization project finally got rolling, we opted to us a small array of SAN devices from Lefthand (now HP). We've always used Compaq/HP equipment, we've been very happy with the dependability of the physical hardware. Hard drives are considered consumables and we do expect failures of those from time to time, but whole systems really biting the dust? Not so much.
Because of all the factors I've mentioned, we made the decision to NOT mirror our SAN array. Or do any network RAID. (That's right, you can pause for a moment while the IT gods strike me down.) We opted for using all the space we could for data and weighed that against the odds of a failure that would destroyed the data on a SAN, rendering entire RAID 0 array useless.
Early this week, we came really close. We had a motherboard fail on one of the SANs, taking down our entire VM infrastructure. This included everything except the VoIP phone system and two major applications that have not yet been virtualized. We were down for about 18 hours total, which included one business day.
Granted, we spent the majority of our downtime waiting for parts from HP and planning for the ultimate worst - restoring everything from backup. While we may think highly of HP hardware overall, we don't think very highly of their 4-hour response windows on Sunday nights. Ultimately, over 99% of the data on the SAN survived the hardware failure and the VMs popped back into action as soon as the SAN came back online. We only had to restore one non-production server from backup after the motherboard replacement.
Today, our upper management complemented us on how we handled the issue and was pleased with how quickly we got everything working again.
Do I recommend not having redundancy on your critical systems? Nope.
But if your company management fully understands and agrees to the risks related to certain budgeting decisions, then as a IT Pro your job is to simply do the best you can with what you have and clearly define the potential results of certain failure scenarios.
Still, I'm thinking it might be a good time to hit Vegas, because Lady Luck was certainly on our side.
Monday, October 17, 2011
Migrating to Exchange 2010 (Part 2) - Certificates
Depending on your installation of Exchange 2010 and what internal and external services you want to provide, you'll likely need a new SSL certificate from a 3rd party provider. You probably already have a basic mail.company.com certificate, but that's just not going to cut it anymore.
If youl'll be supporting mailboxes on a previous version of Exchange or providing access to supporting Outlook Anywhere, you'll likely need additional host names on your certificate, like legacy.company.com and autodiscover.company.com. This will require a SAN (Subject Alternate Name) certificate.
Exchange supports different URLs for internal and external access and after a typical installation, your internal URLs will be set to the FQDN of the server name (server.company.com) and external URLs will be set to whatever host name you specify during the install of the CAS server, like mail.company.com.
In order for us to get a shiny new SAN certificate, we had to revoke our existing mail.company.com while we were waiting for the new certificate to be issued. This would cause some temporary certificate problems with anyone who tried to use Outlook Web Access, but since this was a weekend project and I already declared the entire weekend as a maintenance window I wasn't too concerned about it.
Meanwhile, I moved all my users mailboxes to the new server. All the Outlook clients were happy with the server's self-signed certificate, which was great, since our 3rd party certificate provider took a few days to finish issuing the new cert. Once the new certificate came, I loaded it onto the mail server and authorized it for IIS to use.
My OWA certificate errors disappeared, but shortly there after we started getting reports of Outlook 2007 complaining about the certificate having a different name than what it was expecting. This was because we didn't include the server name as part of the certificate, but all the internal URLs referenced the FQDN of the server's real name.
Some of the internal URLs can be change in the Exchange Management Console, but there are a few that are easily overlooked since you can only change them using PowerShell, particularly the URLs for Autodiscover and EWS (Exchange Web Service).
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.company.com/autodiscover/autodiscover.xml
Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.company.com/ews/exchange.asmx
Then be sure to recycle your MSExchangeAutodiscoverAppPool in IIS. You can read more about this issue in Microsoft's KB 940726.
Wednesday, October 12, 2011
Migrating to Exchange 2010 (Part 1)
Ah, upgrades and migrations. Nothing every happens the same way it does in the lab! First off though, I do have to say that my upgrade/migration from Exchange 2003 to Exchange 2010 SP1 was successful and relatively transparent to my end users. Of course, we have a pretty small office and only one server, so there were not a lot of moving parts.
Before working in production, I did two lab-based migrations using some older copies of my Active Directory and Exchange servers - probably a tad too old, since I ran into totally different troubleshooting hurdles in production. Also, there were several things I couldn't completely test in our lab environment, like our BlackBerry BES implementation or inbound and outbound mail connectors. But hey, I love flying by the seat of my pants.
One of the benefits of being late to Exchange 2010 was that there was lots of information on the Internet when I went search for solutions and nothing was insurmountable.
My primary source of guidance was the Microsoft Exchange Deployment Assistant, which is an online checklist of steps to follow. It asks a few questions about your environment and the produces a "customized" checklist. I have a few caveats about it though.
In the lab, the typical installation went along with out a hitch. However, I was not blessed with such luck in production. The CAS and Hub Transport roles installed fine, but the installation choked on the Mailbox role with the following error.
Couldn't resolve the user or group "mydomain.local/Microsoft Exchange Security Groups/Discovery Management." If the user or group is a foreign forest principal, you must have either a two-way trust or an outgoing trust.
I found the solution in several places, but it was very nicely documented here on Peter Schmidt's blog.
Just to clarify, you are deleting the "DiscoverySearchMailbox" user from Active Directory, rerunning your install for the mailbox role and then rerunning "setup /prepareAD" to recreate the user you deleted. Interestingly, I can't see the Discovery Search Mailbox in my Recipient Configuration in production, but I can in my test lab. (Odd... maybe one day I'll figure that out.)
At this point, Exchange 2010 is humming along right next my Exchange 2003 server and everything is happy and still working the way it did before, mostly because we have a Barracuda appliance that collects our inbound mail and delivers it to the Exchange 2003 server, so really nothing had changed.
I created a Receive Connector for the Barracuda, updated the Barracuda to deliver mail the Exchange 2010 server, then created my new Send Connector as per the Deployment Assistant and removed the Send Connector on the Exchange 2003 server. Once I verified that inbound and outbound mail was still flowing it was time to take a breather and regroup for the next round.
Coming up - Getting BlackBerry BES to work again, fixing certificate errors with Outlook 2007, creating an external relay for some legacy devices on my network and figuring out why I couldn't mount an new database after I created it. Stay tuned.
Before working in production, I did two lab-based migrations using some older copies of my Active Directory and Exchange servers - probably a tad too old, since I ran into totally different troubleshooting hurdles in production. Also, there were several things I couldn't completely test in our lab environment, like our BlackBerry BES implementation or inbound and outbound mail connectors. But hey, I love flying by the seat of my pants.
One of the benefits of being late to Exchange 2010 was that there was lots of information on the Internet when I went search for solutions and nothing was insurmountable.
My primary source of guidance was the Microsoft Exchange Deployment Assistant, which is an online checklist of steps to follow. It asks a few questions about your environment and the produces a "customized" checklist. I have a few caveats about it though.
- It assumes you are installing the various Exchange server roles on different machines or at different times. Since I was using the "typical" installation process my CAS, Hub and Mailbox roles were being installed together.
- You must check off the completed steps in order. Sure, you can skip around and follow the instructions however you want, but if you like crossing things off a list as you go along and something early in the list is delayed, you can't check of any of the later tasks. For example, "Adding digital certificates on the CAS" is something that is listed very early in the checklist. I had to wait several days for my new SAN certificate to be issued but that didn't prevent me from moving forward with my migration. However, I couldn't play along with with the checklist.
In the lab, the typical installation went along with out a hitch. However, I was not blessed with such luck in production. The CAS and Hub Transport roles installed fine, but the installation choked on the Mailbox role with the following error.
Couldn't resolve the user or group "mydomain.local/Microsoft Exchange Security Groups/Discovery Management." If the user or group is a foreign forest principal, you must have either a two-way trust or an outgoing trust.
I found the solution in several places, but it was very nicely documented here on Peter Schmidt's blog.
Just to clarify, you are deleting the "DiscoverySearchMailbox" user from Active Directory, rerunning your install for the mailbox role and then rerunning "setup /prepareAD" to recreate the user you deleted. Interestingly, I can't see the Discovery Search Mailbox in my Recipient Configuration in production, but I can in my test lab. (Odd... maybe one day I'll figure that out.)
At this point, Exchange 2010 is humming along right next my Exchange 2003 server and everything is happy and still working the way it did before, mostly because we have a Barracuda appliance that collects our inbound mail and delivers it to the Exchange 2003 server, so really nothing had changed.
I created a Receive Connector for the Barracuda, updated the Barracuda to deliver mail the Exchange 2010 server, then created my new Send Connector as per the Deployment Assistant and removed the Send Connector on the Exchange 2003 server. Once I verified that inbound and outbound mail was still flowing it was time to take a breather and regroup for the next round.
Coming up - Getting BlackBerry BES to work again, fixing certificate errors with Outlook 2007, creating an external relay for some legacy devices on my network and figuring out why I couldn't mount an new database after I created it. Stay tuned.
Thursday, October 6, 2011
Replication Warnings? - It could be just one Attribute.
Active Directory can be a funny beast. This week, I noticed a reoccuring replication error that didn't seem to be sorting itself within a reasonable time frame. I was seeing NTDS Replication Warning 1083, referencing a specific user account:
Event Type: Warning
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1083
Date: 10/3/2011
Time: 11:45:00 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory could not update the following object with changes received from the domain controller at the following network address because Active Directory was busy processing information.
Object:
CN=Joe Smith,OU=Accounts,DC=mydomain,DC=org
Network address:
a5b5b72d-c74b-486a-9dfa-f6516f37b38b._msdcs.caclo.org
Following it was the informational event 1955 about a write conflict:
Event Type: Information
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1955
Date: 10/3/2011
Time: 11:45:00 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory encountered a write conflict when applying replicated changes to the following object.
Object:
CN=Joe Smith,OU=Accounts,DC=mydomain,DC=org
Time in seconds: 0
After some research I tried the following troubleshooting steps:
1) Moved the offending user to a different OU temporarily to see if the problem resolved. This essentially "tickles" AD into replicating that particular user. I recieved the same messages, but the user's CN had been updated to the new OU.
2) Used the LDP tool to see if there was duplicate entries for this user somehow, but only one instance was found.
3) Used repadmin to look at the time stamps of various attributes on the account, particular one with a time stamp close to the time that the replication warnings started appearing in the event log.
Repadmin was where I had the most luck. You'll want to run the following command for Windows 2003 SP2 DCs:
repadmin /showobjmeta DC1 "CN=Joe Smith,OU=Accounts,DC=mydomain,DC=org"
This will return a list of attributes with timestamps. In my case it was the attribute related to the last password change, which was the only one that had a timestamp of the same date when the errors began. I reset the password on the account to "tickle" that particular attribute and the replication completed without any complaint.
Some anticodotal stories on the Internet indicate that this attribute can cause trouble if replication occurs while an account happens to be locked out. In this case, the account was for a consultant who didn't log in very often, so the locked account went unnoticed for some time, causing the replication issue.
Event Type: Warning
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1083
Date: 10/3/2011
Time: 11:45:00 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory could not update the following object with changes received from the domain controller at the following network address because Active Directory was busy processing information.
Object:
CN=Joe Smith,OU=Accounts,DC=mydomain,DC=org
Network address:
a5b5b72d-c74b-486a-9dfa-f6516f37b38b._msdcs.caclo.org
Following it was the informational event 1955 about a write conflict:
Event Type: Information
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1955
Date: 10/3/2011
Time: 11:45:00 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory encountered a write conflict when applying replicated changes to the following object.
Object:
CN=Joe Smith,OU=Accounts,DC=mydomain,DC=org
Time in seconds: 0
After some research I tried the following troubleshooting steps:
1) Moved the offending user to a different OU temporarily to see if the problem resolved. This essentially "tickles" AD into replicating that particular user. I recieved the same messages, but the user's CN had been updated to the new OU.
2) Used the LDP tool to see if there was duplicate entries for this user somehow, but only one instance was found.
3) Used repadmin to look at the time stamps of various attributes on the account, particular one with a time stamp close to the time that the replication warnings started appearing in the event log.
Repadmin was where I had the most luck. You'll want to run the following command for Windows 2003 SP2 DCs:
repadmin /showobjmeta DC1 "CN=Joe Smith,OU=Accounts,DC=mydomain,DC=org"
This will return a list of attributes with timestamps. In my case it was the attribute related to the last password change, which was the only one that had a timestamp of the same date when the errors began. I reset the password on the account to "tickle" that particular attribute and the replication completed without any complaint.
Some anticodotal stories on the Internet indicate that this attribute can cause trouble if replication occurs while an account happens to be locked out. In this case, the account was for a consultant who didn't log in very often, so the locked account went unnoticed for some time, causing the replication issue.
Tuesday, September 27, 2011
Want to be an MCT? Here’s your chance!
The upcoming 2011 North American MCT Summit offers a unique opportunity for anyone seeking to become a Microsoft Certified Trainer (MCT). Prior to the event, on October 18, there will be a 1.5 day train-the-trainer (TTT) boot camp. This will, assuming successful completion of the session, satisfy the presentation skills requirement for becoming an MCT.
Because the boot camp will be right before the MCT Summit, held October 19-21, upon completion you can then attend the Summit where you'll be able to connect with other MCTs and continue to expand your skill set.
The cost for the event is $700,which includes the TTT event, your MCT fee through the current enrollment period (which ends in April of 2012), and entry to the MCT Summit. Learn more about the MCT Summit at http://www.mctsummit.org/.
Because the boot camp will be right before the MCT Summit, held October 19-21, upon completion you can then attend the Summit where you'll be able to connect with other MCTs and continue to expand your skill set.
The cost for the event is $700,which includes the TTT event, your MCT fee through the current enrollment period (which ends in April of 2012), and entry to the MCT Summit. Learn more about the MCT Summit at http://www.mctsummit.org/.
Sunday, September 18, 2011
IT Pro Events This Week!
Pacific IT Professionals has a few upcoming single day events this week, one in San Francisco and one in Los Angeles.
On Tuesday, Sept 20th in Los Angeles - Ed Horley and Richard Hicks will be talking about IPv6 and DirectAccess in the Enterprise. Find out more at http://www.meetup.com/pacitprosla/events/26490521/?a=socialmedia.
On Friday, Sept 23th in San Francisco - CA Callahan will be covering SharePoint Administration for the Unexpected Administrator. You know who you are - you inherited a SharePoint installation or have been asked to get one running. Once you've got it going, then what? This one day event will give you a chance to pick the brain of a true SharePoint expert and author of several books on SharePoint WSS 3.0 and SharePoint Foundations. For $99, you can't afford to miss out on this "everything but the kitchen sink" session - bring a question, you'll get the answer! For more details and to register go to http://techdays.org/2011/09/spwithca/
On Tuesday, Sept 20th in Los Angeles - Ed Horley and Richard Hicks will be talking about IPv6 and DirectAccess in the Enterprise. Find out more at http://www.meetup.com/pacitprosla/events/26490521/?a=socialmedia.
On Friday, Sept 23th in San Francisco - CA Callahan will be covering SharePoint Administration for the Unexpected Administrator. You know who you are - you inherited a SharePoint installation or have been asked to get one running. Once you've got it going, then what? This one day event will give you a chance to pick the brain of a true SharePoint expert and author of several books on SharePoint WSS 3.0 and SharePoint Foundations. For $99, you can't afford to miss out on this "everything but the kitchen sink" session - bring a question, you'll get the answer! For more details and to register go to http://techdays.org/2011/09/spwithca/
Wednesday, September 7, 2011
SharePoint TechDay in San Francisco!
Have you found yourself in charge of a SharePoint installation you didn't plan for? Have you installed SharePoint and are wondering "Now what?" If so, don't miss the SharePoint Administration for the Unexpected Administrator - September 23rd from 10-5pm in San Francisco.
CA Callahan, the author of Mastering Windows SharePoint Services 3.0 and Mastering Microsoft SharePoint Foundation 2010, will be covering 6 hours worth of SharePoint tips, tricks and topics. Personally, I turn to her books whenever I have a question about something in SharePoint.
Registration is open now!
Wednesday, August 31, 2011
Remote Assistance in Windows 7
Today I had a random reason to use the built-in Remote Assistance features of Windows 7. I was helping troubleshoot an issue with a vendor on a user's machine, using the user's session. Here are some things I noticed about the Remote Assistance that differs from a regular Remote Desktop session.
- Remote Assistance will give you a view of all the users screens with the full screen resolution. In this case the end user had 3 monitors, so I had to expand my view the that machine across the majority of my 3 monitors in order for it to be usable. Normally when you do a simple remote desktop session, all the applications and desktop icons from multiple monitors are fitted to one screen. This may or may not annoy you, depending on how you like to work with remote systems.
- Remote Assistance really assumes you have a person sitting at the computer. As the remote support person, it's very easy to accidentally loose your rights to control the remote desktop by hitting Escape or Cntl-Escape. You need the end user to re-authorize your request for control. (My end user used this troubleshooting time as an excuse to get coffee, so I had to run back to the desk to authorize that a few times.)
- Remote Assistance blocks your ability to send email using the users email application, in this case, Outlook 2007. While I can see how this is good from a security standpoint, it was a hurdle when I wanted to use the email account to send some log files to the vendor.
Thursday, August 25, 2011
Tackling Windows 2003 Server Space Issues
Got a Windows 2003 server with a small hard drive that keeps filling up? Make sure to check out these potential space hogs:
- The Framework.log file in the %systemroot%\system32\wbem\logs folder. This file has the potential to grow out of control, but that problem can be easily remedied with a quick permissions change. Check out KB836605 for details.
- Some auditing and logging applications might be making backups of your Event Logs, which often end up in your %systemroot%\system32\config folder. Check for .EVT files you no longer need so you can move or delete them.
Finally, not sure what taking up the most space? Check out the free tool called WinDirStat for a quick visual mapping of what's taking up the most space.
Wednesday, August 10, 2011
Rotating Pages in ImageRight
Looking for the super-secret keyboard shortcuts for rotating multiple pages in the ImageRight Desktop 5.2? Oh, it's very secret, it's not even in the list of keyboard shortcuts in the help file.
1) Click to highlight at the document level (if you want to rotate all the pages in that document) or control/shift click to select the multiple pages you want to rotate.
2) Press Control + Shift + F to rotate 180 degrees.
3) Press Control + Shift + S to rotate 90 degrees.
You can also use just Control + F or Control + S on individual pages.
Friday, July 29, 2011
The Country Code for Nigeria is 234
We all know about the long running Nigerian email scams, the ones where some "Prince" of some "Small Country" has cash he can't access and wants to give you a nice cut if you can front him a couple thousand dollars via Western Union. I guess people have finally caught onto that one, because now the new big Nigerian scam is renting you a place they don't own via Craigslist or some other source for rental listings.
A friend of mine has been looking for a reasonably priced rental in the Bay Area and sent off a few inquires to some nearly "too good to be true" listings. He recieved three practically identical emails in return, from three different "gentlemen", with only the property address, dollar amounts and contact phone numbers differing.
They weren't asking for cash with the first email, but required an odd rental application form to be returned for approval. The emails also had several other characteristics that smell of a farce. See for yourself.
Thanks for the email. My name is Thomas Hough the owner of the 1 Bedroom Apartment you are making inquiry of, I've had so many responses so far,however it is still available but I do have one person who is ahead of you. I'll rent it to whoever puts down the deposit .Rent includes water and garbage. My company sent me overseas and will probably be between Africa, India and the UK for another year or so. The last tenants I had just moved out and my family and friends all live on the east coast so I don't have anyone available to show the place but I can send you pictures of the inside but will have to ship you the keys and papers.
Here is the address:[property address removed]...Ready for immediate move-in!You can drive down there to take a look at it...i will be willing to rent my home out for the maximum of 5 years and below.I personally had wanted to sell the Apartment earlier on.But after long time deliberation between me and my wife Sarah we finally agreed on renting out the Home, because it was initially to be sold. But I really want you to take good care of the Apartment, as if it were your own home.I would want to know how soon you would want to move in, as I will be taking a 1 or 2 month upfront payment which mean the first and last months you will be staying in the Apartment including some utilities (Water, Internet and Garbage). I am asking for $670 1 month upfront payment and if you can pay $1340 for 2months you will be getting a 1 month rent free. I believe we should be able to help ourselves. including utilities because I want you to take a very good care of the Apartment while I am away.
i will like you to go ahead and fill out the rent application form so that will can proceed further and discuss on how to get the the keys and papers sent to you via Dhl or ups e.t.c, also are you ready to rent it now or when?.So here is the Rent Application Form Below..
========= RENT APPLICATION FORM ============
PRIVATE & CONFIDENTIAL
Also,Pls answer these questions below:
1)Your Full Name______________________________________
2)Present Address(where you reside now) & PhoneNumber______________________________
3)How old are you _____________________________
4)Are you married ______________________________ _____
5)How many people will be living in the Home___________________________
6)Do you have a pet _________________________________________
7)Do you have a car __________________________________________
8)Occupation _________________________________________________
9)How long are you willing to stay _________________________________________
10)When do you intend to move in _________________________________________
11)1 month Or 2 month deposit needed______________________________________
12) Pictures of all the Occupant that will stay in my Home______________________________________
Pet allowed.
I will use the information above to prepare the rental agreement , rent receipts and other documents. Make sure the correct information is type.Do reply with your both cell & Apartment number i am going to call you if your application form has been accepted or call me after filling the rental application form. A package containing the housing documents, property address with full description. Including the direction to the place and keys will be ship to you once you both agreed with the term and condition. Call me once you fill out the application form.Here is my contact number: +234-708-289-7758 or 011234-708-289-7758 i will be expecting your call to know how serious you are in renting my Home
Thanks & God Bless
Here are my redflags:
- Weird use of capitalization and puctuation, like with "1 Bedroom Apartment" and no spacing after commas, etc.
- Claiming to live overseas and having no one to show the place - Really? You've owned a home and don't even know a neighbor? Haven't heard of a property management company?
- "I believe we should be able to help ourselves." - Huh? Writing generally has strange phrasing not uncommon to someone who's not great of writing or speaking English.
- Weird text-based "rental application" - Most legit landlords will send a PDF version of a standard application, with questions geared so they can run a proper background or credit check. How old are you? Are you married? Do you have a car? How long are you willing to stay? Pictures of all the Occupants? - I don't even know where to begin.
- Nigerian contact phone number - Um, yeah. That's a big one.
- Property Address (which I removed for this post) - A quick internet search of the property address shows that this place is listed on the MLS for sale. It includes several photographs, including the exterior shot that the scammer sent with this email.
I know the Internet is a big place, filled with lots of opportunity to find what you need and solve problems. But you have to trust your instincts, pay attention and help others who might not be so savvy to look out for stuff like this.
This only happens because it's worth it to scammer. Enough people list out their pet names, attach a family photo and don't give a thought about how odd it is that they are potentially renting a place based on a couple photos and some guy who claims he wants you to "take care of the Apartment like it were your own Home." Clearly, it's lucrative enough to keep doing and that's a real shame.
This only happens because it's worth it to scammer. Enough people list out their pet names, attach a family photo and don't give a thought about how odd it is that they are potentially renting a place based on a couple photos and some guy who claims he wants you to "take care of the Apartment like it were your own Home." Clearly, it's lucrative enough to keep doing and that's a real shame.
Stay safe out there and if you come across listings like this be sure to report them to the host of rental listing site so they can be removed.
Thursday, July 28, 2011
Have an Opinion about Microsoft Recertification?
Microsoft Learning is conducting a survey about the value of certifications and how those certifications keep pace with evolving technologies and products from Microsoft. If you are interested in taking a short survey abou the topic, do so by August 8th.
For more information, please check out the original blog post on the Born to Learn blog.
For more information, please check out the original blog post on the Born to Learn blog.
Monday, July 25, 2011
TechNet Events come to California in August!
If you are looking for a way to learn more about cloud computing with Microsoft's Azure, look no further than the TechNet Event folks who will be offering up a half day session on building a private cloud. The description from Microsoft is below.
Cloud Power! What are the options? Public Cloud, Hybrid Cloud, Private Cloud? Which one is right for your business? Join us as we discuss the basics of cloud infrastructures and the details of how to build your own private cloud. In 4 hours we will build a private cloud with you! We will talk about Hyper-V, Windows Azure, System Center Virtual Machine Manager (SCVMM) and the Self Service Portal. We will demonstrate how to use these building blocks to build your own private cloud environment to host your own IT applications and services. We will also show you how to connect Public Cloud components to your Private Cloud in order to maximize the unique competitive benefits of each environment. Before this session is over you will have an understanding of the ins and outs of Microsoft’s Private Cloud Offerings
Visit Microsoft's World Wide Event calendar and find a location near you. But if you are in San Francisco the even will be on August 23rd. For southern CA folks, it will be in Irvine on August 11th.
Cloud Power! What are the options? Public Cloud, Hybrid Cloud, Private Cloud? Which one is right for your business? Join us as we discuss the basics of cloud infrastructures and the details of how to build your own private cloud. In 4 hours we will build a private cloud with you! We will talk about Hyper-V, Windows Azure, System Center Virtual Machine Manager (SCVMM) and the Self Service Portal. We will demonstrate how to use these building blocks to build your own private cloud environment to host your own IT applications and services. We will also show you how to connect Public Cloud components to your Private Cloud in order to maximize the unique competitive benefits of each environment. Before this session is over you will have an understanding of the ins and outs of Microsoft’s Private Cloud Offerings
Visit Microsoft's World Wide Event calendar and find a location near you. But if you are in San Francisco the even will be on August 23rd. For southern CA folks, it will be in Irvine on August 11th.
Friday, July 22, 2011
You Can't Send That From Here
Recently, an end user of mine was getting immediate NDR messages when sending to an outside party with the error message of "None of your e-mail accounts could send to this recipient."
Normally, I chalk these type of issues up to a temporary problem with the external server, but the fact that it was an immediate NDR indicated it was some type of internal problem. Also, the language of the error message seemed odd, as our users only have one email account and aren't configuring their office Outlook clients to connect to other POP mail services.
While my research didn't turn up the exact scenerio my end user was seeing, it came down to the fact that he replied to a recent email using the "mailto" address link from a previous message that had imbedded the "mailto:" in the email address and Outlook 2007 was mishandling it in some way.
The link had then updated his Outlook autocomplete file to include the "mailto", so every time he tried to send something else to same address, the error reoccured. We had to delete the autocomplete entry and retype the email address to make sure everything worked properly again.
Their is a hotfix (http://support.microsoft.com/kb/2475888) that address several issues, including this one.I didn't apply the provided fix at this time, since the issue has only come up once so far. But I'll be on the lookout for more of this in case a mass deployment of the fix is required for our desktops.
Friday, July 1, 2011
PacITPros Hits July with a Storm of Events!
Don't let the summer slip by without taking advantage of some of the free or low cost events brought to you by Pacific IT Professionals.
San Francisco July 5th Meeting - The meeting sponsor is OpenDNS! Many network admins go to great lengths to secure their networks using costly security appliances, all the while leaving a critical network layer – the Domain Name System - unprotected. This discussion explores the way malware and botnets leverage the DNS to infiltrate your network and cause damage that costs you both time and money. And also how you to easily secure your DNS layer and smartly stop command center communication between malware and your network, rendering the malware harmless. Secure your DNS and block malware and botnets once and for all, before they ever even infect computers on your network, and cut off malware that’s already infected your network at the knees. Protect every device at your company, everywhere it travels.
Los Angeles, July 12th - Windows Deployment from ACT to ZTI with Stephen Rose - Do you know how to use the free tools to move your users from Windows XP to Windows 7 and Office 2003 to Office 2010 in less than 30 minutes? Paying money for deployment tools is so 2000! In this session, Stephen will show you how to use the many free tools available to manage and deploy Windows, Office and Internet Explorer while reducing cost and ensuring you never having to manage multiple images again. We will cover MDT, ACT, MAP, WDS, the PoC and other tools that will do network inventory, application compatibility, shimming, image management and automated Windows and application deployment.
San Francisco, July 15th - Deploy Windows 7 Using Microsoft’s FREE Deployment Tools - MAP, ACT, WAIK, MDT, WDS and SCCM – which tool does what? In this one day jam-packed session you’ll learn how Microsoft's free deployment tools can help you get Windows 7 up and running as quickly and easily as possible!
San Francisco July 5th Meeting - The meeting sponsor is OpenDNS! Many network admins go to great lengths to secure their networks using costly security appliances, all the while leaving a critical network layer – the Domain Name System - unprotected. This discussion explores the way malware and botnets leverage the DNS to infiltrate your network and cause damage that costs you both time and money. And also how you to easily secure your DNS layer and smartly stop command center communication between malware and your network, rendering the malware harmless. Secure your DNS and block malware and botnets once and for all, before they ever even infect computers on your network, and cut off malware that’s already infected your network at the knees. Protect every device at your company, everywhere it travels.
Los Angeles, July 12th - Windows Deployment from ACT to ZTI with Stephen Rose - Do you know how to use the free tools to move your users from Windows XP to Windows 7 and Office 2003 to Office 2010 in less than 30 minutes? Paying money for deployment tools is so 2000! In this session, Stephen will show you how to use the many free tools available to manage and deploy Windows, Office and Internet Explorer while reducing cost and ensuring you never having to manage multiple images again. We will cover MDT, ACT, MAP, WDS, the PoC and other tools that will do network inventory, application compatibility, shimming, image management and automated Windows and application deployment.
San Francisco, July 15th - Deploy Windows 7 Using Microsoft’s FREE Deployment Tools - MAP, ACT, WAIK, MDT, WDS and SCCM – which tool does what? In this one day jam-packed session you’ll learn how Microsoft's free deployment tools can help you get Windows 7 up and running as quickly and easily as possible!
Thursday, June 30, 2011
Exchange 2010 Lab: Things I've Learned So Far
This month, I've been trying to concentrate on working on my test lab for Exchange 2010. I've done a lot of reading about Exchange 2010, but now is the time where the rubber hits the road and I can start seeing what I've been reading actually means in practice. Also, this gives me a reason to start paying attention to PowerShell, since I've have little need for it so far and I know I need to start learning it!
I did a pretty standard, "out of the box" installation of Exchange for this first test and I was having a problem moving mailboxes and creating databases. If you are already a member of the Organization and Recipent Management groups in AD, then you might need to rerun the "setup.exe /PrepareAD" command to reapply the permissions.
Yes, the PrepareAD switch is run when you do the standard install. And yes, even when I manually checked all the permissions they looked fine. However, rerunning /PrepareAD solved my issues. Want to read more about Exchange Trusted Subsystem permissions and how they fit in? Go here, to Richard's Exchange Ramblings on TechNet Blogs.
And for a little useful PowerShell, here's how to find the versions of Exchange you have installed in the entire organization:
Get-ExchangeServer | Format-Table Name, *Version*
For reference, all build numbers listed in this KB Article - http://support.microsoft.com/kb/158530
Finally, if you've been tweaking the Rentention Policies and want to kick off the Managed Folder Assistant immediately to see if your policies work for a particular user, here's the PowerShell for that too.
Start-ManagedFolderAssistant -Identity *MailboxOrMailUserIdParameter*
The full explanation of that command can be found here.
I did a pretty standard, "out of the box" installation of Exchange for this first test and I was having a problem moving mailboxes and creating databases. If you are already a member of the Organization and Recipent Management groups in AD, then you might need to rerun the "setup.exe /PrepareAD" command to reapply the permissions.
Yes, the PrepareAD switch is run when you do the standard install. And yes, even when I manually checked all the permissions they looked fine. However, rerunning /PrepareAD solved my issues. Want to read more about Exchange Trusted Subsystem permissions and how they fit in? Go here, to Richard's Exchange Ramblings on TechNet Blogs.
And for a little useful PowerShell, here's how to find the versions of Exchange you have installed in the entire organization:
Get-ExchangeServer | Format-Table Name, *Version*
For reference, all build numbers listed in this KB Article - http://support.microsoft.com/kb/158530
Finally, if you've been tweaking the Rentention Policies and want to kick off the Managed Folder Assistant immediately to see if your policies work for a particular user, here's the PowerShell for that too.
Start-ManagedFolderAssistant -Identity *MailboxOrMailUserIdParameter*
The full explanation of that command can be found here.
Monday, June 27, 2011
IT Pros and Plastic: Being a Better Steward for the Environment
Last week for some of my “pleasure” reading, I read “Plastic: A Toxic Love Story
”, by Susan Freinkel. It was a pretty enlightening read and you might be wondering how this topic applies to you as an IT Professional. I know we spend a lot of time dealing with intangible things in IT. Virtual machines, the “Cloud”, bits and bytes and software and the physical things always seemed very metal-centric – we even talk about installing things from “bare metal”.
But if you stop and look around for just a moment – it’s probably more plastic than anything else. Where are you reading this post from? Your desk? Your keyboard and monitor are plastic, your desk is probably even mostly plastic. Your laptop is mostly plastic, or if you are using an e-reader it’s plastic too. Just about any mobile device is in a plastic case these days. You might be surrounding by CDs/DVDs and their cases – plastic. Network cables – coated in plastic. Those swag items you have from that last conference – probably 99% plastic.
As IT Professionals, we rule a world of plastic. And we need to be better stewards of the plastic that is in our control. It’s so easy to see many of those plastic items as “throw away” – they’ve been designed that way. Cheap swag pens, demo CDs, mobile devices replaced annually with the newest model, the list is pretty endless once you start looking around. But really, plastic is for all practical purposes, forever.
So where to being? First, take advantage of e-waste recycling programs that are in your area. Make sure that the electronic items that are no longer in use in your office have the best opportunity to be repurposed. Second, consider your inventories of tech related “consumables” – make sure you are only buying what you need, so that items that have a shorter shelf-life don’t go into the trash unused. Printer cartridges and smaller capacity storage media are things that come to mind.
Third, think about what you are buying for yourself and your family when it comes to popular consumer items. I’m not saying you should deny yourself a new iPod or a better smart phone. But think about options for your older devices before they languish in the back of your closet – many organizations take working cell phones to be given to abuse victims, and while you might not want last year’s iPod, someone shopping at Goodwill or some other thrift store might.
As I finished up my reading on my first generation Kindle, I realized that even though some of the newer models are sleeker and faster, what I have is probably good for now.
”, by Susan Freinkel. It was a pretty enlightening read and you might be wondering how this topic applies to you as an IT Professional. I know we spend a lot of time dealing with intangible things in IT. Virtual machines, the “Cloud”, bits and bytes and software and the physical things always seemed very metal-centric – we even talk about installing things from “bare metal”.But if you stop and look around for just a moment – it’s probably more plastic than anything else. Where are you reading this post from? Your desk? Your keyboard and monitor are plastic, your desk is probably even mostly plastic. Your laptop is mostly plastic, or if you are using an e-reader it’s plastic too. Just about any mobile device is in a plastic case these days. You might be surrounding by CDs/DVDs and their cases – plastic. Network cables – coated in plastic. Those swag items you have from that last conference – probably 99% plastic.
As IT Professionals, we rule a world of plastic. And we need to be better stewards of the plastic that is in our control. It’s so easy to see many of those plastic items as “throw away” – they’ve been designed that way. Cheap swag pens, demo CDs, mobile devices replaced annually with the newest model, the list is pretty endless once you start looking around. But really, plastic is for all practical purposes, forever.
So where to being? First, take advantage of e-waste recycling programs that are in your area. Make sure that the electronic items that are no longer in use in your office have the best opportunity to be repurposed. Second, consider your inventories of tech related “consumables” – make sure you are only buying what you need, so that items that have a shorter shelf-life don’t go into the trash unused. Printer cartridges and smaller capacity storage media are things that come to mind.
Third, think about what you are buying for yourself and your family when it comes to popular consumer items. I’m not saying you should deny yourself a new iPod or a better smart phone. But think about options for your older devices before they languish in the back of your closet – many organizations take working cell phones to be given to abuse victims, and while you might not want last year’s iPod, someone shopping at Goodwill or some other thrift store might.
As I finished up my reading on my first generation Kindle, I realized that even though some of the newer models are sleeker and faster, what I have is probably good for now.
Thursday, June 9, 2011
Bing and It's Done. For Real.
I've been dreading planning some summer travel. Or more specifically finding reasonable flights for summer travel. I spent the last several weeks checking some travel websites and have been frustrated with the prices - Would they go down? Should I just buy them and be done with it? Will I be kicking myself for not waiting another week or day or be annoyed that I waited to long?
It was suggested that I check out bing.com for travel. Now I can't say that I use Bing much for my regular Internet searches. I've used Google since the beginning of time and I'm comfortable with it for what I usually need. But hey, Bing is the "decision engine" and I wasn't getting anywhere fast with my ticket search otherwise. It was worth a shot.
And then it was mission accomplished. Bing. Done. Wow.
To be fair, the search results are powered by kayak.com, and I've used Kayak directly in the past but it never struck me as any better than Expedia, which had been my go-to travel site for years. (Like my use of Google, old habits die hard.) Though often, I'd find the flight on Expedia and then book it directly from the carrier to elimate the middle man, especially since I don't often need travel packages.
With Bing you have all the features where you can customize your results based on number of stops, the travel times, red-eye or not, etc and you can look for hotels and other deals as well. Once you select your flight, Bing redirects you to the carrier so you can complete the purchasing process directly. From the main functionality standpoint, most flight search sites hand you the same base features and Bing doesn't disappoint.
The big selling point was the prominance of the price predictor and the fare history. This is where the "decision" with booking flights comes into play. This was the cleanest presentation of the where prices had been and where they might be going - it was the perfect stock ticker for travel.
Perhaps I just got lucky but according to those tools, I was finally hitting the right time. Ticket prices were the lowest they'd been in about 4 weeks and would likely go higher - I finally had the information I needed to move forward and put my money on the line.
Now I can check that off my list and you can be sure I'll use Bing for travel again in future. I guess everyone can learn a new trick now and then.
It was suggested that I check out bing.com for travel. Now I can't say that I use Bing much for my regular Internet searches. I've used Google since the beginning of time and I'm comfortable with it for what I usually need. But hey, Bing is the "decision engine" and I wasn't getting anywhere fast with my ticket search otherwise. It was worth a shot.
And then it was mission accomplished. Bing. Done. Wow.
To be fair, the search results are powered by kayak.com, and I've used Kayak directly in the past but it never struck me as any better than Expedia, which had been my go-to travel site for years. (Like my use of Google, old habits die hard.) Though often, I'd find the flight on Expedia and then book it directly from the carrier to elimate the middle man, especially since I don't often need travel packages.
With Bing you have all the features where you can customize your results based on number of stops, the travel times, red-eye or not, etc and you can look for hotels and other deals as well. Once you select your flight, Bing redirects you to the carrier so you can complete the purchasing process directly. From the main functionality standpoint, most flight search sites hand you the same base features and Bing doesn't disappoint.
The big selling point was the prominance of the price predictor and the fare history. This is where the "decision" with booking flights comes into play. This was the cleanest presentation of the where prices had been and where they might be going - it was the perfect stock ticker for travel.
Now I can check that off my list and you can be sure I'll use Bing for travel again in future. I guess everyone can learn a new trick now and then.
Tuesday, June 7, 2011
Summertime Tech
And with that, the summer season is upon us! There’s always something to attend when it comes to technology, so don’t miss out some great upcoming events:
As always, PacITPros has regular monthly meetings in San Francisco and Los Angeles. Check out the website at www.pacitpros.org for meeting dates and locations.
Also in Los Angeles in July, don’t miss a free TechDays event featuring Stephen Rose and Windows Deployment from ACT to ZTI. Register now to reserve you spot!
Don’t forget that tomorrow is World IPv6 Day. Learn more about what to expect and how to take part in it if your organization is already implementing IPv6.
Are you one of those developer types? Be sure to check out the SoCal Code Camp happening later this month in San Diego.
Finally, are you an ImageRight user? Start planning now for the Vertafore Connections Conference, taking place in Atlanta in mid-September.
Friday, June 3, 2011
Exchange 2010 on the Horizon
I started this week and hopefully I'll get to spend more time next week working on my lab for migrating from Exchange 2003 to Exchange 2010. Today I'm using the Exchange Server Deployment Assistant, which asks a few questions about your environment and then generates a checklist of things for you to check and do as you move through the installation process.
I'm also hoping to find some time to run the Exchange Pre-Deployment Analyzer in my production environment and see if that give me some good news.
Happy Friday Everyone!
I'm also hoping to find some time to run the Exchange Pre-Deployment Analyzer in my production environment and see if that give me some good news.
Happy Friday Everyone!
Thursday, May 26, 2011
When Its Not Quite A Licensing Issue...
Sometimes, a Windows XP boxes seem to have trouble connecting to a Terminal Services (aka Remote Desktop Services) server. The user sees an error about the server being out of licenses and the server reports errors that the workstation couldn't get a license.
At first glance, you think you need to buy more licenses, but it might turn out that you have plenty availble. The reality is that it's probably the client machine that needs tweaking, not your server.
Pop over to your client machine, fire up REGEDIT and delete HKLM\Sofware\Microsoft\MSLicensing\Store\LICENSExxx. Take out all the license keys under the store.
The client machine will get new keys when it connects successfully the next time around.
At first glance, you think you need to buy more licenses, but it might turn out that you have plenty availble. The reality is that it's probably the client machine that needs tweaking, not your server.
Pop over to your client machine, fire up REGEDIT and delete HKLM\Sofware\Microsoft\MSLicensing\Store\LICENSExxx. Take out all the license keys under the store.
The client machine will get new keys when it connects successfully the next time around.
Friday, May 20, 2011
TechEd 2011... Come and Gone!
Time sure flies when you spend nearly a week in conference-land! I had a great time at TechEd in Atlanta this year, I spent a lot of time catching up with other Microsoft MVPs, staff and favorite vendors as well as making some new friends. I also had a great time talking to other attendees about Microsoft Desktop Optimization Pack (MDOP) during my session and in the Technical Learning Center during the week.
I didn't catch as many sessions as I hoped to this year, but you and I can check out the recorded sessions at MSDN's Channel 9. I caught some sessions on Exchange 2010, but missed one on transitioning to Exchange 2010 because the room filled right before I arrived! That will be on my to-do list when I return to the office next week for sure.
Next year, TechEd returns to Orlando in June. Bring your walking shoes, as always.
I didn't catch as many sessions as I hoped to this year, but you and I can check out the recorded sessions at MSDN's Channel 9. I caught some sessions on Exchange 2010, but missed one on transitioning to Exchange 2010 because the room filled right before I arrived! That will be on my to-do list when I return to the office next week for sure.
Next year, TechEd returns to Orlando in June. Bring your walking shoes, as always.
Thursday, May 5, 2011
TechEd 2011... Here I Come!
Are you gearing up for TechEd 2011 in Altanta, GA? If so, I hope to see you around!
This year, I'm not only looking forward to attending some of the sessions and events, but I'll also be presenting on MDOP. If you want to check out some the tools in the MDOP and see some demos, be sure to add "WCL311: Solving Common IT Pro Pain Points with the Microsoft Desktop Optimization Pack" to you schedule.
Other things on my schedule this year are spending some time working the MDOP booth in the TLC area, hitting several of the Exchange 2010 sessions and enjoying the "Women in Technology" luncheon.
I'll miss out on the Attendee party this year, but I expect it will be a great way to unwind after a packed 4 days of learning and networking.
This year, I'm not only looking forward to attending some of the sessions and events, but I'll also be presenting on MDOP. If you want to check out some the tools in the MDOP and see some demos, be sure to add "WCL311: Solving Common IT Pro Pain Points with the Microsoft Desktop Optimization Pack" to you schedule.
Other things on my schedule this year are spending some time working the MDOP booth in the TLC area, hitting several of the Exchange 2010 sessions and enjoying the "Women in Technology" luncheon.
I'll miss out on the Attendee party this year, but I expect it will be a great way to unwind after a packed 4 days of learning and networking.
Friday, April 29, 2011
Adventures with at&t
Here's a story about how a company can have horrible customer service, yet have some wonderful customer service employees all at the same time. It started over 2 years ago when some at&t representative showed up at our office to review our accounts and help us with our contracts. Now, I'm no at&t contract expert. That's why you have an account rep who does these things for you. Seriously, telecom contracts are worse that Microsoft licensing.
Anyway, over 2 years ago, it was suggested that we have an ABN account set up so we can get the most discounts, etc, based on our usage. As I understood it, this ABN was like an umbrella account over all our other accounts (PRI, Long Distance, Internet) and we got credit for how much we spend or use. There's a penalty charge if you don't use the amount of service you agree on in the contract. We sign all the necessary paperwork and the representative heads off to get all these goodies set up. We do our job by continuing to pay our at&t bills as usual.
A year later, I get a mysterious bill for $15,000. A phone call brings to light that we didn't meet our "commitment" with the ABN contract, thus the penalty. I thought this was odd and more digging brought to light that our pre-existing accounts were never brought under that ABN account we signed up for the year before.
I called our representative and found out they were no longer assigned to us. A new representative, "Daniel", showed up to our office, reviewed everything and promised to resolve the issue, since it clearly wasn't our fault the accounts weren't put under this umbrella. We were told not to pay the bill and we'd get credited as soon as it was sorted out. That was almost a year ago. Every few weeks, I attempt to follow up, only to be told "it's being worked on." I've been trusting in at&t to resolve this.
Moving on, last September we upgraded our Internet service, cancelling our old Frame Relay connection and putting in some nice fresh fiber. Little did I know, this new account was properly linked to the ABN account. An account that had a $15,000+ unpaid balance attached to it. (Can you see where this is going?)
I still haven't heard anything definitive about our billing dispute and haven't had a real interaction with our "official" account representative, Daniel, in a long while. All my contact was with a technical consultant, "Beth", that was working with my rep, but I digress.
Then in early March, our Internet connection mysteriously dies - at&t cut our service due to the non-payment of the ABN account. Now, mind you, the account for the Internet service specifically has been paid for every month. A few calls later to Beth and our Internet was back up. Beth tells me not to worry, she'll contact billing and we'll get this resolved. It won't happen again.
Then yesterday, it happens again. I called Beth and got voice mail. I left a message. I called Daniel, got voice mail and left a message. I called Daniel's boss and got voice mail. Left a message. I called the 800 number for at&t customer service and got "Patrick". Patrick rocked. He pulled up my account, looked at the ridiculous number of notes on it, muttered something under his breath about how crazy it was that I still had a ticket from June of 2010 and went to find a manager. About a half hour later, I got a call from "Laverne", who managed to sort enough of it out to get our Internet turned back on. Laverne also rocks.
She couldn't fix the whole billing issue, but told me that it really needed to be handled by our account team.
I told her I knew that. And that I've left several messages. Clearly the phone company loves their voice mail features.
I tweeted about this fine event yesterday. I got a response (and a nice phone call) from "Troy" on at&t's team who's monitoring people who vent about at&t on social media venues. Troy lso told me that he'd work on it and I'd have some more information by Monday. Troy also appears to rock, but that remains to be seen.
So while I appreaciate some of the great service and response I get from some at&t employees, I'm overall really annoyed with at&t in general. They have too many departments doing too many different things and no one appears to read any notes before they go throwing switches.
I guess I'll go leave a few more voice mail messages now.
Anyway, over 2 years ago, it was suggested that we have an ABN account set up so we can get the most discounts, etc, based on our usage. As I understood it, this ABN was like an umbrella account over all our other accounts (PRI, Long Distance, Internet) and we got credit for how much we spend or use. There's a penalty charge if you don't use the amount of service you agree on in the contract. We sign all the necessary paperwork and the representative heads off to get all these goodies set up. We do our job by continuing to pay our at&t bills as usual.
A year later, I get a mysterious bill for $15,000. A phone call brings to light that we didn't meet our "commitment" with the ABN contract, thus the penalty. I thought this was odd and more digging brought to light that our pre-existing accounts were never brought under that ABN account we signed up for the year before.
I called our representative and found out they were no longer assigned to us. A new representative, "Daniel", showed up to our office, reviewed everything and promised to resolve the issue, since it clearly wasn't our fault the accounts weren't put under this umbrella. We were told not to pay the bill and we'd get credited as soon as it was sorted out. That was almost a year ago. Every few weeks, I attempt to follow up, only to be told "it's being worked on." I've been trusting in at&t to resolve this.
Moving on, last September we upgraded our Internet service, cancelling our old Frame Relay connection and putting in some nice fresh fiber. Little did I know, this new account was properly linked to the ABN account. An account that had a $15,000+ unpaid balance attached to it. (Can you see where this is going?)
I still haven't heard anything definitive about our billing dispute and haven't had a real interaction with our "official" account representative, Daniel, in a long while. All my contact was with a technical consultant, "Beth", that was working with my rep, but I digress.
Then in early March, our Internet connection mysteriously dies - at&t cut our service due to the non-payment of the ABN account. Now, mind you, the account for the Internet service specifically has been paid for every month. A few calls later to Beth and our Internet was back up. Beth tells me not to worry, she'll contact billing and we'll get this resolved. It won't happen again.
Then yesterday, it happens again. I called Beth and got voice mail. I left a message. I called Daniel, got voice mail and left a message. I called Daniel's boss and got voice mail. Left a message. I called the 800 number for at&t customer service and got "Patrick". Patrick rocked. He pulled up my account, looked at the ridiculous number of notes on it, muttered something under his breath about how crazy it was that I still had a ticket from June of 2010 and went to find a manager. About a half hour later, I got a call from "Laverne", who managed to sort enough of it out to get our Internet turned back on. Laverne also rocks.
She couldn't fix the whole billing issue, but told me that it really needed to be handled by our account team.
I told her I knew that. And that I've left several messages. Clearly the phone company loves their voice mail features.
I tweeted about this fine event yesterday. I got a response (and a nice phone call) from "Troy" on at&t's team who's monitoring people who vent about at&t on social media venues. Troy lso told me that he'd work on it and I'd have some more information by Monday. Troy also appears to rock, but that remains to be seen.
So while I appreaciate some of the great service and response I get from some at&t employees, I'm overall really annoyed with at&t in general. They have too many departments doing too many different things and no one appears to read any notes before they go throwing switches.
I guess I'll go leave a few more voice mail messages now.
Tuesday, April 26, 2011
Random Bits - Q1 Tweets and Links of Note
Gosh, time flies when the to-do list is stacked full. Right now, I'm gearing up head to TechEd in Atlanta in a few weeks (more on that later), but meanwhile, here are some fun and informative tweets and links from the last quarter that you might have missed!
Videos
Upgrading from Windows 1 to Windows 7 - http://ow.ly/49wir (Mar 7)
@dondonais - RT @buckleyplanet: A new video on how to become a SharePoint site admin (a warning to all) http://youtu.be/-1B2o2ENyi4 (Dec 29)
Social Media
@BAoki - Good social media reminders for newbies and veterans alike from @chrisbrogan http://www.chrisbrogan.com/socialmediaetiquette/ (Feb 25)
@amndw2 - Via @tcarmody, "Five Emotions Invented by the Internet" http://bit.ly/ijPfpP All hauntingly familiar. (Jan 15)
All About IPv6
@spamvikktim - A politically incorrect guide to IPv6, Part I - http://jl.ly/2011/02/18#v6incor (Feb 19)
@joeklein - List of websites supporting #IPv6 http://bit.ly/gmEWNN of the 990476 tested websites only 2903 have one or more IPv6 addresses. (Feb 9)
@sambowne - ty @frankbaitman Brilliant USC video explains the 4 billion Internet addresses and the limits of #IPv4 http://bit.ly/erQQgL (Feb 3)
Other Tweets
@rhalbheer - Something to be proud of: Ethisphere Institute: Microsoft amongst the world’s most ethical companies http://ow.ly/4kskk (Mar 23)
@briankrebs - If you've been scratching your head over RSA's "statement", read Steve Gibson's take. You'll probably learn a lot. http://bit.ly/haJy4x (Mar 19)
@garthobrien -25 Things I Hate About Google, Revisited 5 Years Later http://ow.ly/1bPTHx (Mar 19)
@Nonapeptide - New TheNubbyAdmin.com blog post: The Failure of a SysAdmin – A Tale of Laziness, Good Fortune and Self Loathing http://bit.ly/i2yWfq (Mar 17)
@MSSolutionAccel - Plan your response to malicious software BEFORE it happens! - Solution Accelerators IPD guide for Malware Response http://bit.ly/eBx4oP (Feb 17)
Happy Surfing!
Videos
Upgrading from Windows 1 to Windows 7 - http://ow.ly/49wir (Mar 7)
@dondonais - RT @buckleyplanet: A new video on how to become a SharePoint site admin (a warning to all) http://youtu.be/-1B2o2ENyi4 (Dec 29)
Social Media
@BAoki - Good social media reminders for newbies and veterans alike from @chrisbrogan http://www.chrisbrogan.com/socialmediaetiquette/ (Feb 25)
@amndw2 - Via @tcarmody, "Five Emotions Invented by the Internet" http://bit.ly/ijPfpP All hauntingly familiar. (Jan 15)
All About IPv6
@spamvikktim - A politically incorrect guide to IPv6, Part I - http://jl.ly/2011/02/18#v6incor (Feb 19)
@joeklein - List of websites supporting #IPv6 http://bit.ly/gmEWNN of the 990476 tested websites only 2903 have one or more IPv6 addresses. (Feb 9)
@sambowne - ty @frankbaitman Brilliant USC video explains the 4 billion Internet addresses and the limits of #IPv4 http://bit.ly/erQQgL (Feb 3)
Other Tweets
@rhalbheer - Something to be proud of: Ethisphere Institute: Microsoft amongst the world’s most ethical companies http://ow.ly/4kskk (Mar 23)
@briankrebs - If you've been scratching your head over RSA's "statement", read Steve Gibson's take. You'll probably learn a lot. http://bit.ly/haJy4x (Mar 19)
@garthobrien -25 Things I Hate About Google, Revisited 5 Years Later http://ow.ly/1bPTHx (Mar 19)
@Nonapeptide - New TheNubbyAdmin.com blog post: The Failure of a SysAdmin – A Tale of Laziness, Good Fortune and Self Loathing http://bit.ly/i2yWfq (Mar 17)
@MSSolutionAccel - Plan your response to malicious software BEFORE it happens! - Solution Accelerators IPD guide for Malware Response http://bit.ly/eBx4oP (Feb 17)
Happy Surfing!
Friday, April 15, 2011
Surviving TechEd
TechEd 2011 is drawing near, so I thought I'd share my personal list of “Rules to Survive TechEd”. Perhaps they will help you this year in Atlanta or at another multi-day conference you might have coming up.
- Register Early; Your Hotel is Key – Unless you have some special requirement or reason to stay at a particular hotel, you should register as early as possible so that you can pick a hotel within what you would consider walking distance to the conference center. I hate being at the mercy of the shuttles every morning.
- Prepare to Walk a Mile in Your Shoes – Most conference centers are large sprawling venues, last year TechEd spanned over a mile within the New Orleans Conference Center. Wear comfortable shoes and expect to get some exercise.
- Food and Beverage – Conference fare varies from year to year and location to location and it’s not always the highlight of the event. While some previous TechEds provided a hot breakfast and lunch, that’s not always the case. Also, depending on the contract of the venue, you may not find the soda brand of your choice provided. So you might have to make other arrangements or be flexible. The reality is that no matter what food is provided, not everyone is going to be happy.
- Know Where You’d Like To Be (but don’t expect to be everywhere) – Every year I as I work on building my schedule, I find that I want to be in several sessions at the same time or attend a session in every possible time slot. With over two dozen learning opportunities during the course of TechEd, my brain is simply on track to seize up and crash if I don’t pace myself. Take advantage of the content that will be posted online post-conference and skip a session or two. It's amazing what a little down-time can do for you.
- Don’t Jump Sessions – It’s annoying when you have multiple sessions to choose from in one time slot and the one you decide on is a dud. However, don’t try to run over to your next pick. By the time you walk to the session, you’ll have missed a good portion of it and will likely not get as much out of it as you’d hope. Either stick with your first pick (since you’ll likely find at least one “jewel” to take away from it) or bail and take that time to hit a TLC or community lounge area – you might find an answer to a burning question there instead.
- How Much Swag Do You REALLY Need? – Seriously, a dozen vendor T-shirts? That flying pig? Another plastic thingamabob that glows green? I managed to get to the conference with only carry-on bags and I like to save those checked baggage fees for something other than branded pens and blinking buttons. Until vendors start bringing a stash of shirts smaller than an XL, I’ll keep swag collection to a minimum. I prefer taking away new ideas for implementing technologies in my work or making new contacts for future conversations.
I'm looking forward to another great conference full of networking and learning opportunities. If you don't pass me tearing from end to end between sessions, look for me at the MDOP booth in the TLC.
Monday, April 11, 2011
Ed Horley and Stephen Rose on RunAs Radio
Have you checked out RunAs Radio lately?
Since 2007, RunAs Radio has been producing podcasts for Microsoft-centric IT Professionals and over the last few weeks has produced episodes featuring some of my favorite industry collegues - Ed Horley and Stephen Rose. On 3/30/11, Ed Horley discussed the current state of the transition from IPv4 to IPv6 and on 3/23/11, Stephen covers Windows vNext, IE9 and Intune.
Here are a few other older podcasts from some others I know in the Microsoft technology space that you might enjoy.
Since 2007, RunAs Radio has been producing podcasts for Microsoft-centric IT Professionals and over the last few weeks has produced episodes featuring some of my favorite industry collegues - Ed Horley and Stephen Rose. On 3/30/11, Ed Horley discussed the current state of the transition from IPv4 to IPv6 and on 3/23/11, Stephen covers Windows vNext, IE9 and Intune.
Here are a few other older podcasts from some others I know in the Microsoft technology space that you might enjoy.
- 11/24/10 - Episode #187 - Mark Minasi on Cloud Technologies
- 9/22/10 - Episode #178 - Alan Burchill on Group Policy Preferences
- 9/8/10 - Episide #176 - Chris Jackson on app comp issues with those old IE6 applications
Monday, April 4, 2011
Upcoming Tech Events
For those of you looking for some technology events in San Francisco over the next week, here is what's on my calendar:
- PacITPros Regular Meeting - April 5th at 6pm. (Free!) This will at the usual location in Microsoft's SF Office. Check out http://www.pacitpros.org/ for more information and to RSVP for the pizza dinner order.
- TechDays with PacITPros and LearnIT, featuring Todd Lammle and Mark Minasi - Also on April 5th, from 1-6pm. ($79.00) The location used to be at Microsoft's office, but has been switched to Zeum Children's Museum on 4th and Howard.
- Managing Assets in the Cloud: System Center Essentials & Windows Intune with Chris Avis - April 12th, 9am-noon at Microsoft's SF Office. (Also free!)
Friday, April 1, 2011
All Tied Up with Cables!
This month, one of our data center projects was to clean up the mess of cabling that had gotten out of hand after years of adds, moves and changes to switches and other equipment. I find it interesting that with so many wireless devices around and so much talk of using virtualization and the cloud, we still spend so much time tangled in cords and cables! Cable management can often be a challenge and this had become downright embarrassing. Here is a before picture:
Everything is labled and color coded for ease of use. And we were lucky that all of our servers, appliances and services were powered on and returned to service without much trouble. This project also forced me to update several out-of-date diagrams and charts that are used for managing the network.
While it was a crazy weekend with our own version of a "spaghetti western", the end result was well worth it!
We took on a pretty extensive list of tasks as part of this clean up, including replacing server older networking components with a single new Cisco ASA. While it's usually not recommended to make several logical and physical changes at the same time so you can avoid troubleshooting nightmares later, we were taking advantage of a planned power outage and wanted to accomplish as much as we can while we had everything turned off - including rebalancing all our servers on our power circuits, updating our UPS firmware and recabling every server and workstation port in the data center.
Here is shot of the same racks after the project was nearly complete. It's like night and day!
While it was a crazy weekend with our own version of a "spaghetti western", the end result was well worth it!
Wednesday, March 30, 2011
Tomorrow is World Backup Day
What have you backed up lately?
If you are a systems admin, you probably already have a backup solution in place at the office or for your clients. Take some time tomorrow to check in on those processes to make sure you aren't missing something important and that they are working the way you expect.
At home, check on or implement a solution for your important files and photos on your home computers. It can be as simple as purchasing a portable drive or using a cloud based solution. I'm a SugarSync fan myself. If you want to check out SugarSync for yourself, use this referral code and get some bonus free space.
With the proper backup solution in place, your home laptop can be almost instantly replaceable with no worries. I recently reinstalled the OS on my netbook and was able to sync all my data files right back on with SugarSync. It's easy and helps me sleep better at night!
Learn more about World Backup Day at http://www.worldbackupday.net/
If you are a systems admin, you probably already have a backup solution in place at the office or for your clients. Take some time tomorrow to check in on those processes to make sure you aren't missing something important and that they are working the way you expect.
At home, check on or implement a solution for your important files and photos on your home computers. It can be as simple as purchasing a portable drive or using a cloud based solution. I'm a SugarSync fan myself. If you want to check out SugarSync for yourself, use this referral code and get some bonus free space.
With the proper backup solution in place, your home laptop can be almost instantly replaceable with no worries. I recently reinstalled the OS on my netbook and was able to sync all my data files right back on with SugarSync. It's easy and helps me sleep better at night!
Learn more about World Backup Day at http://www.worldbackupday.net/
Monday, March 28, 2011
Upcoming - TechDays Technology Guru Speakers!
PacITPros and LearnIt have teamed up to bring you an opportunity to learn more about the future of mobile and cloud technologies. Todd Lammle and Mark Minasi will be joining forces on April 5th from 1pm-6pm, covering some great topics.
Todd will cover Cisco's plans for taking wireless networks to a new level, Mark will cover the future of the cloud and then they will join forces to discuss IPv6 and the future of the related networking technologies.
When: Tuesday, April 5, 2011 (1pm - 6pm)
Where: Microsoft: San Francisco Office (835 Market St.)
Cost: $79
Register at: http://techdays.org/2011/03/todd-lammle/
This speaker series takes place right before the regular April PacITPros meeting, so rest up for a jam packed afternoon and evening of tech talk.
Todd will cover Cisco's plans for taking wireless networks to a new level, Mark will cover the future of the cloud and then they will join forces to discuss IPv6 and the future of the related networking technologies.
When: Tuesday, April 5, 2011 (1pm - 6pm)
Where: Microsoft: San Francisco Office (835 Market St.)
Cost: $79
Register at: http://techdays.org/2011/03/todd-lammle/
This speaker series takes place right before the regular April PacITPros meeting, so rest up for a jam packed afternoon and evening of tech talk.
Thursday, March 24, 2011
Coming Soon – DaRT 7!
This week a MMS, Microsoft announced the upcoming beta of DaRT 7, the Diagnostic and Recovery Toolkit. The beta will be out in early April and customers can sign up for the beta at http://go.microsoft.com/fwlink/?LinkID=213952.
Some of the new features to look forward to are:
Some of the new features to look forward to are:
- Added remote control functionality - remotely control a machine that won't even boot into Windows by using WinPE.
- Fully supported USB Boot, as well as network boot and local installation.
- Local Tool Security - restrict the locally installed tools so that they can only be used during a remote recovery request to your helpdesk.
Wednesday, March 16, 2011
Random Bits
Here a some random bits of tech info that have caught my eye recently - enjoy!
- If you've so busy you haven't had a chance to look up and have missed the news, IE 9 was released on Monday. Check out more or download it at http://www.beautyoftheweb.com/.
- This is a bit older, but Kindle added page numbers to their e-reader in March and this post covers more about how it works. I wasn't that bothered by the lack of them, but it's cool that it's an option for those who need them. I have the orginal Kindle
, so I won't get page numbers with my version, but eventually I'll be tempted to upgrade!
- Going to TechEd in Atlanta this year? Check out their new MyTechEd portal - start a discussion, check out session topics and more.
Friday, March 4, 2011
Shopping for Hard Drives? Pay Attention to Sector Sizes
Disk drive manufacturers are transitioning to the production of Advanced Format disk drives, which have 4 KB physical sector size instead of the traditional 512 bytes. While larger sectors will ultimately improve performance, many applications are not written to take advantage of the change, so a transitional technology called "512-byte emulation" is used to support the 512 byte logical addressing. These disks are known as "512e" disks, for short.
Advanced Format drives will ultimately be the future standard, however some applications may have issues with the transitional 512e drives, especially if you are imaging a machine to new hardware and the OS and applications aren't expecting a difference in physical and logical sector sizes.
Microsoft has a hotfix available for Windows 7 and Windows Server 2008 R2 than can address several potential issues introduced with this type of disk. Check out KB 982018 for additional details and several known issues. I'd be particularly aware if you are doing any P2P migrations of servers that support Active Directory, DHCP or act as a CA, as the ESENT engine is sensitive to the reporting of sector size, as detailed in issue #1 of the knowledge base article.
Friday, February 25, 2011
Redmond Bound!
I'll be heading out this weekend to attend the MVP Summit at Microsoft in Washington. This is my second opportunity to attend this event, so I'm looking forward to getting out there and catching up with some of the MVPs I met last year. (Though I admit, I'm not looking forward to the chilly, wet weather.) Meanwhile, enjoy the next few days and perhaps I'll have some stories to tell when I return!
Friday, February 18, 2011
Check out the Malware Response Guide
Microsoft recently published the new Malware Response Guide, officially known as the Infrastructure Planning and Design Guide for Malware Response.
I reviewed this guide in its beta stages a few months ago and it was a great read and a very useful guide. If you have limited "official" procedures in place for handling infections on workstations, this is a great way to start that discussion with team members and use some of the tools mentioned to develop a plan that is specific to your organization.
I think the structure is well thought out and very logical. One can easily switch to the course of action that fits the needs of the user and the organization, as well as follow the instructions for preparing an offline scanning kit. I also appreciate the recommendations for additional reading so that I can go more in depth for the products I'm using.
While this guide likely won't change my organizations use of a third-party solution at this time, it greatly complements it by providing other tools from Microsoft that can support my existing tools, or give me an alternate set of tools if my vendor isn't as quick to produce a particular solution for new malware.
I think the structure is well thought out and very logical. One can easily switch to the course of action that fits the needs of the user and the organization, as well as follow the instructions for preparing an offline scanning kit. I also appreciate the recommendations for additional reading so that I can go more in depth for the products I'm using.
While this guide likely won't change my organizations use of a third-party solution at this time, it greatly complements it by providing other tools from Microsoft that can support my existing tools, or give me an alternate set of tools if my vendor isn't as quick to produce a particular solution for new malware.
I think this guide shows that Microsoft is willing to support systems in all types of scenarios and the information is not written to exclude organizations who aren't committed to only Microsoft software. It provides great processes and talking points to bring any organization closer to having a more cohesive malware response plan. Take a moment to download it and check it out.
Monday, February 14, 2011
Interesting Vendors and Products from SPTechCon
Last week, I popped over to the SPTechCon Expo Hall to check out some of the SharePoint related products that are available. I’m relatively new to SharePoint, so this seemed like a great opportunity learn more about other ways to take advantage of SharePoint.
There were a lot of vendors that concentrated on using SharePoint as a document management solution, but that’s not an area I’m seriously considering for our SharePoint installation. Primarily, I was looking for management tools since maintaining SharePoint is one of many things I manage on a day-to-day basis, so making things simpler is always a plus.
Here are a few products I might be looking at more closely this year:
AvePoint DocAve for SharePoint – AvePoint has a suite of products that are geared toward administration, data protection, compliance and migration. Tools that catch my eye are their Administrator, SharePoint Antivirus, Report Center, Backup and Restore, Auditor and Migrator.
Commvault’s Simpana 9 – An information management software that touts up to 50% reduction in storage costs, 90% reduction of redundant data and 50% faster backups. It includes modules for e-discovery, deduplication, records management and data archiving. Works with file servers, email, SharePoint and a host of other places you store data, regardless of if that is on physical or virtual devices.
MetaVis Migrator for SharePoint – Support migration from SharePoint 2010, 2007 and 2003, Exchange public folders and other file systems into the other SharePoint installations using a Windows Explorer interface.
Later this week I’ll be hitting the expo floor at RSA in search of products to secure email.
Monday, February 7, 2011
Thoughts from She’s Geeky: Being “Present” Despite Technology
One of the great sessions I attended at She’s Geeky unConference was one on “Being Present” in what you are doing, even though smart phones, email and other technologies clamor for our attention multiple times a day.
I admit that my BlackBerry is never far from my side. Work emails, personal emails, Twitter and even Facebook raise alerts on my phone on a pretty regular basis. It’s often hard to ignore them, especially when I’m known for responding quickly. Not only do I feel like I’m staying current with what’s going on in my life and helping those that need my attention, random alerts from the device are equivalent to the intermittent reward system that makes slot machines so popular and addictive.
It’s true – each little beep and ding give us a shot of chemicals in the brain that keep us wanting more and clearly many of us keep going back for it. It’s now the “norm” for smart phones to take their place on the restaurant table next to the salt and pepper shakers.
I know what did it for me – unlimited texting. Texting quickly became my preferred mode of communicating. Quick and to the point when I needed that, but also a way to have long random conversations with friends over the course of the day. I perceived it as a way to be LESS intrusive than a phone call. The receiver of the message could respond when they had the time. But really, it became the best way for me to NOT have to be fully engaged with the person I was communication with. I could text at my leisure – meanwhile researching a project, organizing my desk, or completing other tasks that I wouldn’t be able to do if I was on a phone call.
Soon that “polite” nudge of text message became a driving force to steal my attention and I’ve let it. And it just opened the door for emails and tweets and other alerts. I’m a slave to my smart phone. You probably are too. Don’t deny it.
So how do we break the chain? Screen-free days where we put down the phones and iPads and walk away from the computer? I don’t know if I can do that for 24 hours, honestly. How about dialing down the notifications on your phone? Or declaring a room or area of your home “phone free”?
I’m going to try a few things: I’m starting out by turning off the sounds for Facebook alerts and all emails. I will also put it on vibrate or silent when I go to bed at night. And maybe when I’m home I’ll find one central place to put it, instead of moving it around as I move around. And of course, I need to be more aware of when I’m denying someone who’s in front of me my full attention – the phone needs to stay off the dinner table at my house.
Do you have other suggestions for staying “present” while your devices beckon? Leave a comment.
Monday, January 31, 2011
And With That, She's Geeky Bay Area #4 Ends...
I had a fabulous time at She's Geeky again this year. Just like last year in Mountain View, it was a great chance to experience the various kinds of geekiness that bringing over 150 women together in a room generates. I hosted a small session about Systems Administration on the last day and spent the rest of the conference enjoying sessions on things like cyber identity issues, open source standards creation, "being present" while juggling new mobile technologies and wine tasting. (Hey, there are many kinds of geekdoms!)
The next She's Geeky will be held in Washington DC, so if you or someone you know is in the area (and happens to be a geeky woman), I totally recommend attending at least one of the days. Personally I go to all of them, since it's impossible to know ahead of time what each day will bring!
Finally in other news, today is the day that IANA has handed out it's last block of IPv4 address. Check out a quick post over at www.Howfunky.com that explains more.
Thursday, January 27, 2011
Get What You Need from TechEd 2011
If you are planning on attending TechEd 2011 in Atlanta this May, don't wait until the schedule is set to wonder if there will be sessions that strike your fancy. Take a few minutes to weigh in with the Session Preference Survey.
I've attended TechEd for several years now and really enjoy the sessions and opportunities to connect with other systems administrators. It's great to hear about other people's experiences with Microsoft technologies and software. Sometimes there is so much information, I have trouble keeping up with the events schedule!
Subscribe to:
Posts (Atom)
-small.jpg)
