Technically Speaking

I head to Austin Tx for Tech Field Day 7 on Wednesday morning. Should be a good couple days of sessions and overall discussion. I am not sure at the moment who I am most looking forward to. I think all of the presenters have things that interest me.

The Presenters are:

Dell (Dell | @Dell_Storage)

SolarWinds (SolarWinds | @SolarWinds_Inc)

Symantec (Symantec | @Symantec)

Veeam (Veeam | @Veeam)

Some of them I have seen before, but there are new product releases since then and probably some new faces as well. I think the networking opportunity is what I like the best about Tech Field Day. In my neck of the weeds… er woods there aren’t many user groups so these events and the online stuff that tends to go with them are high on my list. Although the local tech stuff may be changing soon, but I cannot divulge that just yet.

I am looking forward to seeing some old friends again and definitely making some new ones. These events are busy, but in my past experiences they are enjoyable.

A bit of a thank you in advance to Stephen, Matt, and the rest of the TechFieldDay crew, without them, we wouldn’t be doing this. Oh and for the links above, I apologize as the editor I can access right now doesn’t seem to HTML friendly – will fix those soon. Update: Links Fixed… much better.

So it is 2011 and Windows 7 has been out for just about two years… wow. 2 years already, who can imagine? I have noticed that even though Windows 8 (or whatever it ends up being called) is likely just a few months away that there are still some great features in Windows 7 that may have gone uncovered by many. And if not, I am going to look at one of them here anyway.

This feature primarily applies to laptops and mobile computing, but it is still pretty sweet.

Cool Feature: Location Aware Printing
I carry my laptop with me most places and especially to work. Sure there is a PC under my desk, but sometimes the applications I own are just handy. When I brought my laptop to work after getting Windows 7 I added a default printer just the same as I might on an XP machine. Intending it to be for use in the office, and just complain that it wasn’t available when I was at home or on another network. No big deal.

The printer was named Office Printer so I would remember where the printer existed. After adding the printer, I left work for the day and went about my normal routine. When I got out my computer to check mail later that evening on my home network, the Office Printer, was nowhere to be found.

Maybe I deleted it before leaving so it wouldn’t just hang out unusable later. The next day, at the office, the Office Printer was right back where I had put it the day before.

A bit more research lead me to the feature explanation of Location Aware Printing. The printer is added dependent of the network you are connected to. Windows then hides the printer when you are connected to another network where this printer does not exist. Being someone who uses printers sparingly and does his best to name printers in a memorable fashion, I was quite pleased that Windows took care of visibility for these items without my help.

This printer feature is enabled by default but can be managed from the Devices and Printers window.

Managing Location Aware Printers

From the Device and Printers window, select a printer and click the manage default printers toolbar button.

Figure A

Location Aware Printers - image by Microsoft

Then select the option to change my default printer when I change networks.

In the select network list, choose the network you wish to manage the printer for

In the select printer list, choose the printer you want to set as the default, then click Add.

This printer added will be set as the default printer for the selected network.

To add default printers for other networks, repeat the steps above.

Note: The Location Aware Printers feature is only available in the Professional, Enterprise, and Ultimate Editions of Windows 7.

For anyone who frequents multiple networks and needs printing capabilities, this feature could be just what the doctor ordered.

If you wish to disable this feature, select always use the same default printer in the Manage Default Printers dialog box.

Recently I was working on a project to get an application prepared for rollout. When I received the initial email about the process that needed to be followed, I called the vendor to find out if our usual server configuration would work or if different considerations would be needed. Specifically we are considering virtualization in the future using Windows Server 2008 R2 guest machines.

The response I received was that this application would support Windows Server 2008 but not Windows Server 2008 R2. I asked about plans to support R2 and was told that the application would not support Server 2008 R2 for some time. In other words they have no plans right now to support it.

My first thought was that this was a bit of an odd practice since Windows Server 2008 R2 is the current version of Server OS from Microsoft. Then I got to thinking about some of the considerations I might need to make to work this application. The only testing to be done is to ensure that the application, once installed, communicates to its supported devices over our network.

My plan is to set the application up using a Windows Server 2008 R2 Virtual Machine just to see if it will even run. If it doesn’t work, a 2008 VM will be tested, but since the functionality of the application is very limited in scope, I thought it was worth a shot. My goal is to spin up a 2008 R2 guest for this testing very soon (next week sometime).

I also started thinking about the difference between “not supported” and does not work. There are many applications that vendors no longer support and configurations they choose not to support that work just fine. Case in point, Windows 2000. Microsoft doesn’t support Windows 2000 anymore. But if I install it, it will run just like it was 1999.

If an application can run on an operating system one step (or half step) prior to current, there are few things that would make it unusable on the current OS. This to me, warrants giving it a shot. I believe that the requirements I got didn’t rule out x64 architecture, thus making it likely to work just fine on the current version of Windows Server. This way all of the servers in our upcoming environment will be consistent on the same OS (for a little while anyway). I also have to admit there are times when I like a challenge… and this is one of those times.

When considering supported applications, it is generally good to follow supported guidelines given by the manufacturer. When the application or vendor provides no technical reasoning or explanation for this choice, it might be worth a try. It comes down to the cost of your time and availability of your resources. If you have the time and resources to test, go for it. If not, well, convenience (and downgrade rights) say that following the stated guidelines is the easiest course.

Applications like VMware do not work on things outside their stated hardware compatibility list. Sure there are some who might be able to work on the edges of that list, but mostly it is definitely easier to work amongst the guidelines of the HCL. Being someone new to VMware, I am following the HCL for sure.

My advice here is dependent on your time and interest. If you are curious and have the resources, test it. If not, do not bother testing it. Being a bit of a geek, I rather enjoy the idea of testing things just for the sake of trying them out. It has helped me learn many different ways to do things as well as just learning about technology. Which I certainly encourage.

As someone who has tried more than once to keep up with the Getting Things Done school of thought I have been looking for a list keeping tool that works for me.  It would have to be something that was easy to use and would be “trusted” so that the use keeps up.  Thus far, nothing has really gotten it done.  I am currently testing OmniFocus from OmniGroup and so far, it is quite the application.

What should OmniFocus be used for?

The idea behind OmniFocus, is to manage your lists of actions, projects, and reviewable items.  Because of the portability of it, I prefer the version for iPad.  It allows an easy way to see what is coming up and what I should be working on wherever I may be.

OmniFocus for iPad does a great job of allowing access to lists but there are features within the Mac application that aren’t natively available on the iPad.

Get some Perspective

Perspectives, on the Mac, are ways to see your lists in a new light.  Suppose you want to see tasks with an estimated time of 30 minutes that you might complete while waiting for an appointment.  You can create a perspective that will show only tasks that meet a given criteria, other than a context or project.

These are great for getting other looks at what you should be doing, but you cannot use them natively on the iPad.  To use perspectives on the iPad, it will need to sync with your Mac.  In addition, the perspective must be based on a context rather than a project.

Once synced, this new way to look at action lists might help the focus shift to a set of actions that can be accomplished in 30 minutes or less.

I have been an on again off again user of OmniFocus for quite some time, but the discovery of the perspectives feature and using the application on the iPad I might be able to keep it up this time.  I certainly hope so.

Recently we had an issue with a dead battery in a vehicle.  It was a larger vehicle and attempts to jump start it with our super fuel efficient Saturn ion went nowhere.  Fortunately, my wife has a friend at work who was able to come over and help us out with their also larger vehicle.

Upon jumping the battery we took the car to Auto Zone and everything checked out ok.  The point is not to point out my rather lacking skills with automobiles, but rather to point out that it is ok to lean on or ask for help with things that you do not know much about.

This is certainly the case with IT.  There are just far too many technologies to allow one person to know them all.  When you are unsure, it is ok to make an effort to learn, but at some point asking someone with the knowledge is likely the safest bet.  Not only will it help solve the problem in a quicker fashion, but will allow you to learn from those who help you out.

Remember though to help when others need it

Once you have asked for help with something you do not understand, do not forget or suddenly become too busy to help those you have leaned on with the things you do understand.  In the case of the less than starting SUV, if asked, my computer skills are available if needed. It is the least I could do.

Be nice (and helpful) to those around you as you never know when you may need their help.

As an aside, I did get to drive a Cadillac SRX (if only to move it into the garage).

KineticExtend is a remote desktop management app for the iPad that works with the KineticSecure backup client.  It allows you to manage other machines from your iPad… check it out below:

This week has been interesting, mainly in that I was reminded about the simple things in Active Directory and how much harder they become when you dont pay them enough attention.  Replication is much like Ron Burgundy – kind of a big deal.  If you do not pay enough attention to replication between domain controllers in Active Directory, bad things happen.

Sure they seem like small things, but over time, these small things like change in the couch cushions can add up to a big ticket problem.  For me, the issue wasn’t all that bad, but it did take some head scratching (outside the scope of the actual issue) and a brief conversation with someone wiser than I about the symptoms of my issue.

We don’t trust you anymore, go away

Windows 7 is a rather finicky OS (moreso that Windows XP, and probably a bit less so than the OS between XP and 7).  Because computers are still objects within Active Directory that access other secured resources within the directory, they too authenticate.  In reality, this means that computers have accounts equivalent to User objects within the AD environment. These accounts allow computers to tell Active Directory that they belong within the environment and should be allowed to access resources.  Just like when I logon to the domain and request access to resources by providing credentials, computers in the environment do the same.

If for some reason, the Domain Controller cannot match the credentials presented by the computer to what is stored in its database, the Domain Controller refuses authentication and presents a message about trust relationships.

I didn’t create credentials for the computer, what the heck do I do now?

When a computer is added to an Active Directory domain its account is established and the password set.  Then the password is managed by the computer and AD and changed automatically about every 30 days or so.  If the computer is no longer trusted by the domain, it is likely that the password is incorrect or has gotten lost in translation causing authentication to fail.

My issue was a replication issue which caused the computer accounts of a few workstations to fail authentication.  Because it is not the best idea to maintain only one domain controller in any Active Directory environment, and because of the way that AD manages information about objects, replication happens.

Perhaps an example will work here.  Suppose I create a user object for John Smith using Active Directory Users and Computers (ADUC) on a Domain Controller named creatively DC1 at my office.  John will be starting his new career as a data entry specialist in my company’s Houston office in a week or so.  Adding the user account for John to a DC in my office works just as well as if I had flown to Houston (or remoted into the DC there) and added the account.  Because replication sends all objects created, maintained, or deleted to all other replication partners within the domain, a user account created in my office on DC1 can be replicated to Houston on DC2 and when John gets to work, he can logon and all is well.

Replication happens in the background and is pretty much out of site when things are going smoothly, but from experience I can tell you that you should check in on your friend replication regularly.  Maybe not daily, but weekly for sure.  Just to make sure that objects in the directory are being moved around without errors.

What might cause replication problems?

There are any number of settings and configurations that can cause problems with replication.  Surely more than I have seen or have time to list here, but some of the basic things are:

• Improperly configured links
• Unmanaged Replication configurations
• Misconfigured Firewalls
• Equipment failure

Improperly configured links

When you establish replication between two (or more) Active Directory domain controllers, you create links between them that allow these DCs to exchange information.  The links are one way which means that each domain controller has two links to each replication partner.  The links can be configured to handle high speed links (fast connections, like you might see between domain controllers in the same site) and slow links (which may be used to link two remote locations).  When the links are configured correctly things work really well, but if you neglect to consider the speed of your Internet connection (on both ends) replication may suffer as a result.

Replicating information across a slow link that is configured to behave like a fast one might be a little less dire to watch than downloading a blu-ray quality video over a dial up connection, but missing information can have rather large repercussions in your environment which may be seen as inability to login, latent access or no access to resources and other things.

Unmanaged replication configurations

By this I am not suggesting that you check on replication statuses every day (depending of course on the size of your environment) but you should be looking at it regularly enough to know what is going on and that replications in all directions are happening as you need them to.

Because Active Directory is a multi-master beast, meaning that any machine configured as a domain controller carries just as much weight as any other machine configured as a domain controller, information for an object that has not yet replicated throughout the environment could be a problem.  As in my earlier example, if I created the user object for John Smith, and it failed to replicate to the domain controller in Houston by the time he needed to log in, we might have a problem.

The login would likely happen, but would take a significant amount of time because the most local domain controller didn’t have the information needed to handle the request.

Misconfigured Firewalls (and other Network issues)

Windows includes a firewall to help keep things out of your environment that shouldnt be there.  I would recommend disabling the firewall on all your Windows computers and servers because it will likely be a bigger headache than you are ready for.  Also because all organizations should use dedicated firewalls to protect their corporate assets from the outside world.

My issue with replication came at the hands of a misconfigured firewall.  The firewall was enabled for a good period of time which caused hiccups in the replication of information throughout my Active Directory environment. The symptoms displayed were the previously mentioned domain trust errors that popped up when logging on or trying to unlock a PC.

In my research and previous experience the best fix for the trust problem is to disjoin the affected system from the domain and delete the computer account from Active Directory.  Then rejoin the system to AD.  Normally this will take care of the symptom.  Not necessarily the problem.

Outages and Equipment Failures

There is the obvious replication issue with failures and downed equipment.  If the replication is scheduled to occur between two systems and one of those systems is down, obviously replication cannot happen.

Working on these issues is an interesting scenario as well.  For the sake of troubleshooting, the usual steps must be followed and checked out even if the steps do not solve the problem, they will likely help you down the path to correcting the problem.

The moral?

Do not be afraid to check out the functionality of your Active Directory environment, being proactive and working to pay attention to things like replication and group policy settings.  Keeping up with those tasks before the problem strikes and requires many late nights to correct.  You will still have some long nights working with Active Directory, but they can be worth it, without all the fires.

RemoteExec is a task scheduling powerhouse for Windows environments that works quite well on remote PCs.  Check out the details by clicking below:

I learned recently that everybody starts somewhere and helping those interested in starting somewhere seems to me to be something those of us who’ve been doing this for a while should be a little more than interested in.

Sure there is a need for the experience of IT, rebuilding Windows systems (or the OS of your choice) for family and friends will get you started and maybe taking some classes at the community college to get an idea of what all the funky acronyms mean (and finding out that they are all different when you know them) might be something to consider as well.  But what does the new to IT talent need to understand to be comfortable in this business?  This post is going to try and point some of that out, maybe some of the things I wish I would have known when I started out too, just for good measure.

Be careful what you wish for
In any new career path there are bells and whistles that you see from the outside that get you very interested in what might be going on.  Sure there may be some IT pros making gobs of money and doing all kinds of fun things, but you need to be realistic about your own expectations.  Sure you need to get paid, everyone has to eat, but be careful about the amount of work you tackle for the money coming in.  If you set your own rate, be fair but not too cheap.  Sure you can get a lot of potential clients  with a low rate, but you need to evaluate them just like they evaluate you. Making sure the customers are worth your time is a good idea.

Find things you like

Maybe there is a technology that you just like to work with, regardless of how much you use it at a particular organization.  If this is the case, continue to do what you can to learn the technology. Maybe these things become a hobby, but having something that keeps you motivated to keep learning is a great way to start.

For me, at least lately, Windows NT Permissions and Privileges are that thing… this week.  Next week it will likely be something different.

Most of the IT Pros I know live, eat, and breathe some portion of their career.  A particular area they excel in or just plain like is something they cannot get enough of.  I am not sure I have found that specific of an area (other than technology in general).  Maybe being a generalist isn’t quite as bad as it seems, but having some piece of tech that you find fun is always good.

Ask for help if you need it

You cannot know everything there is to know about technology.  Sure you can know a lot about a few technologies.  If you encounter something that you don’t quite understand or need clarification, ASK!  With all of the communication tools available on the Internet, finding someone who can help you is really not as hard as you might think.  Twitter and Linked in are great places to start.

The trouble is knowing when to step back and understand that your brain is not going to produce the knowledge that you don’t have.  I am not trying to imply that these things cannot be learned, but this comes from studying, mentoring, trial and error (of which, hopefully there will be a good amount).

One other thing

Another thing that seems to help me learn things, teaching others.  Sure it takes practice and can be a bit of work, but having the guts to help others is a step in the right direction.  Maybe there are people in the room who have more knowledge than you might, but there is something about getting up in front of the room is good for both sides.  The person on the stage wins just for being up there.  Not to mention there are tons of networking opportunities with those who attend your session(s).

The bottom line is to experiment with technologies and try to learn something new and interesting to you. It will pay off likely in more ways than one.

In a previous post at TechRepublic, I looked at ADManage Plus from ManageEngine and was impressed overall with the product.  Here their auditor tool is under the gun.  Click the link to check out the details.