Category Archives: System Center

Microsoft Managment Summit Begins! #mms2013

Posted by Robert on April 8, 2013 No comments

MMS is an event that happens annually and is a place like no other for Systems Managment people. Figure at least half the systems Managment professionals in the word are going to be here in Vegas this week. I will share what I see as time goes on over the week.

Sadly, these won’t be the normal thought out posts I have. No, instead these will be more in the reporting concept. My apologies for this temporary change.

Keynote thoughts:

There are two many systems management products targeting to many separate technologies. Need to simplify. This is a valid issue that is seen everyday. The Microsoft idea is that this needs to stop. Their offering is System Center to do it all. In all reality, this is a real issue that needs to be looked at.

BYOD [Bring Your Own Device] is going to be the norm and no longer the exception. This is something Microsoft is pushing, but unlike some I think they are just trying to be ahead of the curve.

Can some of your demos… the keynote was killed because Mandalay Bay lost internet access. In this case, Microsoft didn’t and this is turning into a small disaster over it. However, in the end you can try doing a massive presentation with just a cell phone hot spot.

Odd facts stated at the keynote:

Skype does 2 million minutes a day.

20% of all enterprises use Office 365. (Wow! I had no idea.)

50% of workers in their twenties view BYOD as a right, not a privilege.

Stay tuned!

Certification Spotlight Series: MCSE: Private Cloud … how does it rate? Just buzzwords or real value?

Posted by Robert on October 12, 2012 12 comments

So, you’re looking at the next generation of IT certifications are you? You want a cert with all the new buzz words. Right? Let’s sit down and take a look at the point of the spear for these new Microsoft certifications. The new MCSE: Private Cloud. Microsoft Certified Solutions Expert. Yep, one of the new ones.

Part of the allure of this test is that it has the new buzzword phrase: private cloud. Does it really deserve it? In all honesty, it does somewhat. However it is way more than just private cloud though. This covers private cloud, systems management, disaster recovery, operating system deployments, etc. So, this cert can grab onto a lot of buzzwords. And those buzzwords can mean a lot. They can mean interviews, promotions, sales or even introductions. They cannot be emphasized enough.

The only thing that is really off on this certification is the MCSE in its tittle. The MCSE is by far, the most recognized industry certification in the world. They are attempting to bring it back because the MCITP just didn’t get the reputation the MCSE had. Additionally they are trying to modernize it. Remember, in the United States of America, that the MCSE, which stood for Microsoft Certified Systems Engineer was awesome. “Systems Engineer” and “Senior Systems Engineer” are traditional titles. In some parts of the world, “Engineer” is a protected term. As such, Microsoft tried the MCITP… but what was the title to with that? “IT Professional?” What does that mean? Microsoft is fighting back, so now you have the “Solutions Expert.” Microsoft is showing that they are in tune with the industry. I guess we can all live with it, right?

Oh, but there is a catch. The new MCSE requires a recertification cycle. Something Microsoft has threatened but never before pulled off. Every three years you have to recertify. I wonder what the tests will be for it.

So what is the audience profile? “With Windows Server 2008 and System Center 2012, and soon with Windows Server 2012 and System Center 2012 SP1, you can build your Microsoft private cloud solution and gain the automation and flexibility you need for your IT infrastructure, now and in the future. Do you have experience with these technologies? Are you ready to begin the journey to cloud computing with a Microsoft private cloud implementation? Become Private Cloud certified and prove your knowledge and skills in managing and implementing Microsoft private cloud computing technologies.” Hmmm…. Not much of a profile. However, you begin to see that this is heavily about buzz. Really, it is a System Center admin who has engineer experience and virtualization experience who wants to spread their wings. Honestly, I would expect most people who go for it to have five to ten years of experience.

For my reviews I will be rating certification on a 1-10 scale. Ten will be the highest, with one the lowest. So, on a ten scale, with MCM, CCIE and JNCIE at the top as a ten, and Microsoft Technology Associate (MTA), A+, CCENT at the low end as a 1. Well, I hope you weren’t waiting for me to rate those six certs… they just were rated as my baseline.

How would I rate these? First off remember that this certification takes anywhere from five certification tests to seven certification tests to earn. That is massive. As such I would rate the real value here as around a 7. However, with the current buzz, and the plain visibility of those buzz words, the perceived value is through the roof. As such the perceived visibility here is going to be at least a 9, yes, a 9. I know this is incredibly high. However, I can’t think of a certification outside my 10 point certs (CCIE, MCM) that even compare to the salivation that occurs with those buzzwords. So, I think the perceived value will drop, but for now: grab the value.

What do you think? And what certification would you like me to take a look at and grade next time?

Technology Concept: Do you have a broken glass account?

Posted by Robert on October 5, 2012 5 comments

Do you have a broken glass account? Are you ready for your environment to survive if you are not there anymore? Do you consider the hit by a bus concept to be a joke?

So I am sure you all have heard of the old “hit by a bus” concept. This is the idea that in case something happens, there is documentation on running the network somewhere. This somewhere is known by the company’s management… and normally more than one member of that management.

Okay, so you knew the concept, but it is kind of joked about in the industry yes? Yes it is, by people who have never been there. My first example of needing this in my day to day work was when a Domino Administrator went hosteling in the nineties. He left, and the company had problems. And of all the security had been done just to him, not to a group… so no one else had access. Back then we could use a brute force hacking program and get in. We still can if you don’t do your job on passwords. But if you do… how do you get in to support? This last year I have ran across two clients who primary network people really did die. Some of the documentation was there… some wasn’t. Happily, a “broken glass account” was not needed.

So what is a “broken glass account”? The name comes from the old fashioned breaking of the glass to pull a fire alarm. What it means in information technology is a little different. It refers to an account that is documented with user name and password, and normally kept on paper in a safe that allows a person who does not have access privileges to gain those access privileges when necessary.

This allows you to keep auditing clean by not leaving active users passwords written down, and at the same time allow access at need. Auditing should never be endangered by sharing accounts. This just leads to suspected troubles later down the way. This is also partly the reason that designated “broken glass accounts” exist. If the engineer or administrator writes down their credentials, then forever more you cannot guarantee that only that person has access to that account. Instead you have guaranteed that is not the case.

This leads to one requirement to always put on “broken glass accounts”. You should require all “broken glass accounts” to have a requirement to change passwords on use if they are domain accounts. This updates the object in Active Directory and therefore begins an audit trail. And after any disaster there is likely to be a review, so bright and clear audit trails are important.

Now traditionally there is a twist to keep things a little more organized. You can keep tiers of accounts. Would I keep all that I list? No, but these are reasonable. I would keep two or three at most. I always start with Enterprise Administrator. Some reasonable tiers are:

Enterprise Administrator
Systems Management / System Center Infrastructure Engineer
Server Operator
Desktop Administrator

The broken glass account is part of a broader solution of business continuity and disaster recovery, but it is simply basing pre–staged emergency user accounts in secured location that will allow management to access them at need, while not breaking the audit trails. Just remember to keep this solution simple. If you do it will always be effective and reliable if something happens.

Technology Spotlight: System Center 2012 Unified Installer, Disaster?

Posted by Robert on August 19, 2012 No comments

By Robert Meyers, MCITP

As we have all waited with baited breath, Microsoft System Center 2012 has been released. Now that it has been out for a few months and I have been done both lab and production installs, and our team has done more of the same, it is time to discuss some of these new products. So where better to start than the new and improved installer?

Microsoft writes, “System Center 2012 – Unified Installer is a tool that provides a single-user-interface experience for the installation of [all] seven System Center 2012 components, including all prerequisites and Microsoft SQL Server 2008. Unified Installer provides a means of distributed installation from a central point using the existing component Setup.” Does that sound awesome? You bet.

Now how many people here have heard the old saying that Microsoft only gets things right on the third incarnation? Let’s just say this is not the third incarnation. After speaking with multiple System Center implementers there seems to be a problem. We all are averaging only about 50% success rate in installing the suite with this tool.

So, if you are in a lab environment, give it a try. If you are implementing it without a schedule, give it a try. When this works it is like a dream. When it doesn’t… it is nearly impossible to troubleshoot. So, if it doesn’t, you may have your work cut out for you.

So my take on the System Center 2012 Unified Installer? This product is an unmitigated disaster and an unfulfilled dream. Microsoft, please fix it.

Tech tip:

When importing software into SCCM, check IT Ninja and see if they already researched all the switches for you. You may be able to save days of work in minutes. Just remember, share here when you discover new techniques.

The RepAdmin Active Directory Blog

Check out our Identity Managment, Systems Management and Certification spotlights.

Category Archives: System Center

Microsoft Managment Summit Begins! #mms2013

Technology Spotlight: System Center 2012 Unified Installer, Disaster?

Random Posts

Search by Tags!

Archives

Links

Meta