Microsoft IT Camp

I was invited to attend a Microsoft test event on Monday 12th December. The Technet staff were trialling a new format of training session and wanted to get some feedback on the format from people within IT, and how people felt it would work if rolled out as part of Microsoft's normal training material. The session was held at Cardinal Place in London; a great venue, very modern with superb facilities but as I’m based down in the South West, this was a long way to travel.

The event was opened by a rather hoarse Simon May who left a lot of the talking to Andrew Fryer. The basic idea was to showcase the updated versions of the System Center products, with a specific emphasis on Virtualisation, making use of Hyper-V. However, they also wanted to focus particularly on the setting up of clusters. I’d seen some previous material on the earlier versions of these products, but was keen to see the 2012 versions due out next year.

For those that don't already know, there has been a move towards much more integration of the various products within the System Center range. Each product is now seen more as an integral part of the overall suite, rather than as a separate product that just happens to work with the others. This seems to a sensible move and it means that sysadmins should have access to all of the tools they need to manage their data centres.

Rather than use high specification equipment, Andrew wanted to demonstrate that it was possible to set-up a test lab using older machines; the sort that can be obtained using ebay or that might be sold off after an equipment refresh. He had several laptops; 2 acting as the Hyper-V hosts and one that was acting as a type of SAN unit. He proposed to join the 2 hyper-V hosts as clusters on a single node.

The presentation did not go quite as planned! He actually ran into several key issues during the set-up, but as many of the people present were very familiar with the product, they were able to highlight a number of the factors that had caused the hiccups. What was interesting was that even with these technical issues, the whole process didn’t actually take that long.

During the day, and also at the end, the staff asked for feedback on the event which it has to be said was generally positive. However, quite a few people (myself included) felt that they had missed a trick; many of us had our laptops with us, and it would have been a really impressive feat to have got these working as part of the set-up as well. There was a general feeling that most delegates would have been more than willing to bring their own equipment, possibly even downloading and installing some items in advance in order to make this more effective.

Having said, they were more than willing to consider this and a couple of other ideas that might allow those present to take a slightly more active and positive role. I’ve seen a couple of VDI infrastructure plans, and I feel that they would easily be able to set-up something that could be used for attendees to connect to and work with VMs in order that they could get a real “hands on” experience.

The plans are for the new format to be modified, based partly on experience but also on the feedback from those that were there. They also hope to develop it further to encompass more topics, and the organisers were keen to get feedback on which ones were of the most interest. Some comments were made about making sure that any future events would be held in other locations; the Microsoft offices are great, but not everyone can get there easily. Although there were no commitments, it seems that they intend to try to cover more of the major population centres than before; and that can’t be a bad thing!

I have to be honest I do enjoy these sorts of events. I feel quite strongly that those of us that work in IT can all too easily develop a “silo mentality”. We get so wound up with day to day problems, and all too often work in small groups, and it’s far too easy to forget about the bigger picture. This can also make the job less enjoyable; it’s just too easy to find the passion for the work drifting away. By going along to the various sessions, it’s possible to see new ways of working that might otherwise pass us by, to meet with other professionals and hear what problems they face. I find that it can help generate a new enthusiasm for the work that can all too easily be lost when you are dealing with very basic problems most of the time.

All in all, I found it to be an interesting, useful, enjoyable day. I suspect that future events will be along the same lines, but will benefit from the comments of those that have taken part so far. If you see one in your area, I would urge you to go along; it will most definitely be worth the time and effort.

Sec-1 Penetration Workshop

On Friday 10th I went to a workshop event held in Bristol. It was organised by Sec-1 a specialist security firm http://www.sec-1.com/ - note the correct address, if you get it wrong you end up at a completely different type of business!

Obviously, these events are to promote the company and their services; however, it wasn't just a massive sales pitch. The main purpose was to offer people advice about maintaining good security practice by illustrating just how easy it is to break into systems and highlighting the reasons why.

The speaker was Gary O'Leary-Steele and he spoke with passion, conviction and great deal of knowledge. He indicated that they have carried out many investigation tests over the years, and in most cases they could use the same report over and again, but just change the name of the organisation. This is particularly the case in the 150 NHS trusts they have investigated, but is also often true of many private sector businesses.

He stated that in many cases, people have failed to adequately install patches which have been issued for specific problems, often long after the issue has been identified. As it happens, I did a quick search on MS06-040 & MS08-067, the two main culprits and the autocomplete worked in each case after just the first 4 characters, the problem is so well known.

He went on to discuss some of the most common problems and illustrated how they could be used to access systems. He also went on to demonstrate how easy it can be to identify vulnerable systems, get access to accounts with innappropriate levels of security permission, crack passwords and elevate permissions. In most cases, the team of testers expect to get access within 30 mins - if they take longer than an hour, the others tease them unmercifully!

Most of the tools that they use are available quite freely on the Internet. In some cases, they do use items that have been commercially written and there is a small charge, but generally those ones are for the real high end stuff. Each has their own favourites in much the way that people do with most other kinds of software.

Whilst going through the potential problems, Gary also indicated some of the possible solutions, often by using the software tools to confirm the problem, then implementing suitable practice or policy to ensure that something is done to minimise the problem or reduce the impact.

It should also be identified that many of the exploits that were identified were in Microsoft OS or software; but the speaker also very carefully highlighted that issues are just as prevalent in other software products. Mac, Linux, Adobe etc, were all shown to be just as insecure. In many cases, this was due to installation or configuration, but equally there were many flaws straight out of the box.

I'm not a security specialist, although I have had some training in this area. I also enjoy some of the work involved, although it has to be said I don't think that I have the necessary skills to make this my specialism. However, I think that I know enough to be able to state that there are a lot of people that suffer with "delusions of adequacy"; they think that because they use a particular product, or do a specific thing, that makes them invulnerable. Often, they are so wrong that it is difficult to know how to take them seriously in anything.

I'm going to say that it was a great day, a really useful workshop and I was very impressed by the whole event. If they organise any more (and I'm told they certainly hope to) I would very strongly suggest that you grab the opportunity to get along and take advantage of the information and advice that they are willing to hand out free of charge.

Springboard Tour 2010

It's been a pretty busy weekend. I went up to Wembley to watch the NFL and stayed overnight so that I could get to Reading early on Monday morning to visit the Microsoft campus for the UK leg of the Technet Springboard Tour. This event was the only one in this country; the others are in major cities across Europe.

http://springboardseriestour.com/

The Springboard tour is about promoting the latest technology and providing opportunities for people to see the products in use. They also covered some of the reasons for migrating to the latest versions and highlighted tools and resources that can be used to make the process a lot easier.

I really like visiting the Microsoft Campus; there is always an energy and a buzz about the place that just makes you feel that it is great to work in technology. I believe that all too often, those of us at the sharp end get very isolated and develop a silo mentality to the work we do. It's important to take the chance to get out to see other people and understand that we are all part of a much larger community, that there are others that have exactly the same kind of problems and that there is more than one way of tackling the issues that we face.

The presentations were introduced by Stephen Rose - and I have a link to a video that he made a while ago. He says that he had drunk about 2 gallons of coffee before the filming and I can believe it!

http://www.youtube.com/watch?v=H2ewOGNGmZY

During the presentations, they made really good use of the demos to show just how you might improve the rollout and migration process. The tools provided are all available through the Technet site and many are improved versions of things that are already in use. There was someone with a video camera filming the event, so some of these may be added to the main site (link above) in addition to the preprepared videos.

Unfortunately, the sessions slightly overran - and there were a number of people that had to leave early, missing the final demo. This was of the Diagnostic and Recovery Toolset (DART). I'd very briefly heard of this before, but hadn't really had the chance to work with it. It looks like a really valuable asset for anyone providing any level of support to end users, and in particular anyone providing support for fatal errors. We will definitely be downloading it to give it a try in the next few weeks.

There was a bonus for those that attended; a free copy of Office 2010! There were also a few other little giveaways and prizes just to say thanks for being there. If you missed it, then you would have to go to one of the events on the continent, as there won't be another one in the UK. However, the presentations and information on the resources are on the Springboard site and I would recommend that you take the time to check it out.

As you may gather, I found the whole day a very good use of my time and really enjoyed the chance to talk to the various people. I am sure that I will be making really good use of the information that I picked up there in my daily work over the next few weeks.

I'm back!

It's been a while since I posted anything; 6 months in fact. It's not a case of having nothing to write about, far from it. I've just been very busy, plus I've been a bit more active in other areas.

One thing that I thought would be appropriate to point out is a Microsoft resource at: http://www.microsoft.com/uk/business/peopleready/technology/ioassessment/osyci/survey.mspx
This allows you to take a "survey" that can give you an indication of the status of your IT provision. I first came across this a while back and I found it very useful as part of the planning process. In order for you to reach a particular destination, it helps to know where you are starting from, so you can use the right directions.

Essentially, Microsoft suggest that IT departments can be classified into one of 4 levels based upon standard practice. Five years ago, we would have definitely been classed as being at the lowest level, "reactive". The IT provision was based around fixing problems after they occurred and very little thought went into planning or preparation.

We've slowly moved through the various stages, going from "standardised" to "rationalised", and are now pretty much at the top level, "strategic". There are still a few areas that we could improve upon, but that will always be the case. However, the IT is now a solid platform that people can use. We don't get the network failures, system crashes, or data losses that used to occur. Resources are there and available 24 x 365 for people to use, and generally they can access them using whatever device is appropriate.

Now although this all sounds great, there is unfortunately a fly in the ointment. The biggest problem is still the unit that is positioned between the chair and keyboard! It has been identified that we need to get people better trained, but somehow that never seems to get translated into action. Once of the worst instances was of a person that had been with the company for some 8 years. Unable to logon, the person phoned the helpdesk to ask what her user name was! (She normally didn't have to type that in, as it just appeared in the login box.)

I would encourage everyone to take a look at the Microsoft Core Infrastructure Optimisation resource. I think that you'll find it of significant value and help.

The Sad, The Mad and The Bad.

A while ago, I was asked to take part in the Microsoft Technet Community Council. We had a meeting a few weeks ago and it was really positive – from comments made on the day, I think that Microsoft are serious about listening to people and taking their views on board.

Whilst I was at the meeting, I met several of the Technet staff, including James O’Neill – I’ve followed some of the stuff that he has done in the past, and it was really good to see the person behind the writing, so to speak. He’s really driven by his passion for technology and has written eloquently on several topics which I have found of real value. Catch it here at: http://blogs.technet.com/jamesone/

So I was saddened to read his latest piece - it turns out that he has been the victim of a theft, and has lost many treasured items that were in his laptop bag. No top of the range gizmos, but none the less, things that mean a lot to him. His blog shows the anger and frustration he feels – it’s a terrible thing to become a victim and although several other people have offered their condolences, I know that he will still feel the pain of the loss.

Many people have their lives in the mobiles or on their laptops – contact details, names, addresses, numbers. Many others keep other ID details and some even keep credit card or other bank information in their devices. Losing the device is bad enough, but then these people are unable to run their normal lives until they can replace the missing information. And if that information falls into the hands of bad guys, then they really have major problems.

People are generally trusting; we assume that other people will behave in a way that is similar to the way that we ourselves would behave. It’s a terrible blow when we realise that some people are not as trustworthy as we would like. It’s even worse when the people concerned are people that we know or trust. In this case, it was a public event organised by Microsoft for technology specialists - in other words, probably one of our own.

For many years, I worked as a manager for a number of the bigger UK retailers, some of whom are still around, a couple long gone. At the start of my training, I attended a security session – the trainer was the company CSO, a former senior officer with the Metropolitan Police. His first words to our groups of trainees were, “There are only 3 types of people in the world; the Sad, the Mad and the Bad. Everyone falls into one of these 3 categories – and that includes all of you”.

His cynicism was the result of many years dealing with the public – no doubt, he had heard every excuse, every sob story, met people that had suffered the slings and arrows of outrageous fortune and met many, many people that were just no damn good. But everyone? And he then made the statement that we lost more through staff theft, than through pilfering by customers. I argued with him, but to no avail; and his response was that one day I would understand. And I hate to admit it it, but yes he was 100% correct.

Technet Virtual Conference June 09

One of the problems for many people working in IT is the tendency to work in small groups, possibly even alone – there are many more of us working in teams of 5 or less than there are that work in larger groups. Unfortunately, this can then cause us to develop a “silo” attitude to working. It’s then very easy to become blinkered in our attitudes and the way that we work.

For that reason, I try to get out of the business occasionally to attend various events, and I encourage my staff to do the same so that we can see what else is going on in the world. In the last few years we’ve been to various seminars that were on developing technology that we thought might be of use to us that we needed to learn more about, and of course we always try to get along to the supplier events (just a hint to the suppliers – guys, forget all the crappy junk that you hand out, it’s t-shirts we want!)

Over the years, I’ve seen the Tech-Ed events and have wanted to go; but the company won’t pay and I can’t justify stumping up the cash myself. So when it was announced that the Microsoft Technet team were planning to hold a “virtual” conference, I was intrigued. I work quite a bit with video-conferencing and audio-conferencing – and as part of my studies through the OU, I’m used to collaborative online work with forums, wikis and blogs. For me, making it an online experience makes a lot of sense – instead of spending money on event facilities, the resources can go into the content.

If you didn’t get the chance to attend the event, then most of the material is still available on-line at: http://vepexp.microsoft.com/govirtual
and I understand that this should remain available at this location until September 09 – I imagine that it will be available after that, but filed away somewhere else. I would suggest that there is something for everyone – plenty of useful material for the techie, and for the managers alike.

Now many people can get cynical about these sorts of things – they envisage it purely as a sales vehicle. I understand those concerns and yes, it could be argued that Microsoft is trying to sell us on the idea of buying more of their products. Well Duh! they are a commercial enterprise – of course they want to sell things. However, the event was much more about the ideas behind the use of the technology and the way that it can be used.

We are currently doing some evaluation work with Windows 7 and there were a couple of items during the event that discussed new features and the way that Microsoft sees it being deployed. These were very useful – they highlighted bits that we hadn’t actually seen and we will be making a point of checking them out at some stage. There was also information about some of the additional features in Server 2008 R2 that we want to look at – and there was a session on Data Protection Manager Server 2007 which my staff and I think is one of the most valuable / useful products we have ever bought.

A few minor criticisms – I had a couple of issues with some of the material, probably because I was watching on a laptop whilst doing some other work, so on occasion the videos were a bit jumpy and some of the lip synching was slightly off; the presentation slides could also be out of step with the talk. I had a problem with one of the sessions; it froze part way through and wouldn’t re-start. (OK, I need to buy more memory for my laptop, I only have 512M.) However, I went back to it the following day and watched all the way through. There was also an issue with the chat function – apparently even the Technet staff had this problem.

On the positive side, I would highlight one particular session that stood out for me – a look at the future in a session by Miha Kralj. Really thought provoking and delivered with sense of humour. I would have to say that I do actually take issue with some of his points and may even discuss it in more detail in subsequent blog posts. But don’t take my word for, go the site and hear what the man has to say for yourselves.

All in all, 2 thumbs up for a very useful resource produced by the guys and girls at Technet – I think that they all deserve a big pat on the back for a great job well done. I’m told that around 4,000 people took part on the day and I really hope that many more go back to the site to check out the resources in the next few months. I think that they also plan to hold more events like this in future and I for one would definitely be taking part if possible.

DPM Update 2

Having sorted out the problem with the autoloader, we can now add the tapes in and it displays them on the screen - it shows the barcodes on the label attached to the tape to help keep them ornganised as well which is quite useful. However, one small issue - 2 of the tapes are marked as "suspect". This is strange; they are both new and have only been used for a basic test.

It turns out that this is a known problem and there is a fairly simple solution. Details can be found here http://technet.microsoft.com/en-us/library/bb808923.aspx. It's to do with the database used by the software - it marks the tapes with data and this can get conflicted if the data and the label don't quite match. It appears that this is what has happened to us as the tapes were used for the testing, before the bar code label was put on.

A couple of caveats for this process; there is a script that you should download and add to a text file to run as a command. Make sure that the script is all on a single line - if it isn't, then the script fails. You might also need to watch what AV solution you use as some don't like you running command files.

It is also important that you follow the described process; remove all suspect tapes, run the script, then add just one of them and run the script again. Then after it detects the tape correctly, erase the data on the tape. Repeat until all tapes are added and data erased. If a tape failes, take it out and add it to the end of the line and use one of the others, until all tapes are OK.
It took a while to complete the process - nearly a full day, but we got there in the end. So all is well....


Well not quite. Now the reporting services function doesn't work. Again, it's known problem, but most of the sites that offer fixes for this, only do so for Server 2008 and we are on 2003. Still, I have hopes that we will get a fix for this fairly soon.

Decided to edit this rather than post a new item having spent a few days working with the guys at Dell. Really helpful chap called Javier who is a SQL specialist - he determined that the reports ran OK through a separate browser window, but not through the DPM console. From this, it appeared to be an issue with the .ASP settings and he did eventually get it fixed. Unfortunately, he didn't give me the exact details as he was working on it using a webex session for several hours. However, from what he told me, there are some issues with access rights - it's probable that the update carried out earlier reset those, which is why it wouldn't run.

Which one is the "Any" key?

This is just really to get started - I've been asked to set-up a blog to take part in a study organised by a big company. The study is to help them understand some of the issues involved in support and how it could be improved. Call me Mr Cynical, but I think that the best thing to help us would be a brain implant for all users!

This is a rough list of some of the issues that we have had to deal with this week. One of the directors had a problem with his home PC at the weekend - daughter downloaded a music file and it had a virus. Then another director put some home pictures on his laptop and he has a trojan horse. So we have had to deal with that for a couple of days

We've had about 7 requests for help with printing - 4 needed a new toner cartridge, 2 the print spooler had stopped, 1 had a piece of paper jammed in the device.

A lady in payroll took the week off; someone else had to go in to the work, and she needed help setting up the PC so that she could work with the HR / Payroll software. She also needed her phone moved.

There was a request to move / repair a network cable - it was a temporary thing that has turned into a more permanent solution. One of the staff also had to go to another site as we are cabling up a new building and he needed to do a second lot of work on patching cables up.

I had to deal with a site in France - the VPN link went down again (their connection is dodgy). We have also been trying to get the DNS server transferring zone data, and I finally got that resolved.

They had a query with setting up a new email account that will be shared; this was made more difficult as they have both Office 2003 and 2007 and the proces is slightly different on each. I had to set-up a copy of Office 2007 so that I could create screenshots to help demo the process.

They also asked about potentially running an EDI process, however it turned out that was actually not what is happening, plus we are implementing a new ERP solution, which makes it academic anyway.

I've been carrying a massive series of updates on the new ERP - spent almost 3 full days on that alone. One of my staff runs an automated process for patching, but it can't do the ERP.

I'm also trying to get a server set-up to act as the DC for a child domain of the groups main domain - this is the brainchild of my opposite number in Germany. Unfortunately, it's made a bit difficult as the guy that looks after their network doesn't reply very quickly to emails. I'm still waiting for a response to a mail I sent on Tuesday.

We are putting in a new autoloader tape drive for backups; it's now in, and we seem to be getting the tapes working. We'll see how it works later. It's linked to an MS DPM server which we all think is the dog's nuts - it backs up all our servers on all sites and the recovery is a piece of cake. We are so impressed with this product.

In addition, one of the guys is developing a web based portal for use by our staff and customers - he has been trying to develop something to reduce the amount of Excel spreadsheets that are being used on another site.

Mid week I went to a vendor presentation - early start (5:00 am) and later finish (10:00 pm). We are way down south and it takes ages to get anywhere.

Hopefully that's enough to get started - more later.