Thursday, October 28, 2010

Upcoming Tech Events

In case you are lacking in some tech related places to be, here are a few good options for the upcoming week.

November 2nd - You should vote, of course.  But when you are finished that, swing by the Pacific IT Professionals meeting in San Francisco.  There will be a presentation from NetApp on storage solutions, followed by two Microsoft specific topics -  BPOS (Business Productivity Online Suite) and MDOP (Microsoft Desktop Optimization Pack).  I'll be doing the MDOP presentation, so if you aren't sure what applications come inside that pack and what they do, this will be a great chance for you to get an overview.

November 3-4th - The gogoNet LIVE! IPv6 Conference in San Jose. I hear the pre-conference workshops are booked up, but it's not to late to attend the 2 days of sessions on planning and transitioning to IPv6.  I'll be helping out with some of the conference logistics on the 3rd and am hoping to slip into a few of the presentations as well.
Today and the next couple Thursdays - Callahan, a Microsoft MVP and book author on SharePoint, is offering up several free webinar presentations on SharePoint Foundation.  Today's session is already started, but you might want to check out what she has to offer in the coming weeks. If I was migrating my current SharePoint WSS 3.0 installation to Foundations, I'd start my planning with anything Callahan has to offer.

Friday, October 22, 2010

DNS Transitioning within AT&T

It took several months of emails, phone calls and coordination, but I finally managed to get our office Internet connection switched from the "legacy" (aka "PacBell") frame relay to the newer AT&T fiber optic network.  This also included an upgrade in our connection speed, which is always a win.  Our IP address ranges were ported from the legacy account to the new service, so we had very little downtime during the cut over - it was a fantastic migration experience.

 After letting our new service settle in for a few weeks and since email responses from AT&T reps are often spotty or non-existent, I called up the customer service number to request that the legacy account be cancelled so we are no longer billed.  The representative I spoke to happily emailed me a "Letter of Authorization to Disconnect" that I would need to verify, sign and return.  Seemed pretty easy to me.

 As I reviewed the letter, I noticed a familiar account number referencing the Internet access, different than the billing account number.  It was the same account number that I used to request changes to our external DNS registrations. Bells went off in my head. Certainly those DNS entries would be ported to the new service with the IP address ranges themselves, right?  Right?

 To confirm, I started off with the tech support email for my new service.  They promptly replied, saying I needed to contact the DNS team and provided additional contact information.  I called the DNS team and explained my situation.  The representative confirmed, that no, they don't have any of our DNS records in their systems.  Our DNS records are with the legacy PBI group.  I'd have to submit a request to add the DNS records with the new group so that they had them in their name servers prior to the disconnect of the legacy service.  He was also nice enough to explain their system for requesting changes, which involved knowing a magic "CCI Number" for my account.  This CCI number which was totally new and different than anything else I knew about and which I promptly wrote down as an addition to my runbook.  (I swear, I learn something new about telecommunications every time I get off the phone with AT&T.)

Then I gathered up all the known external DNS records I had documented and sent an email to the legacy DNS group asking for a copy of my zone record so I could be sure I didn't miss anything.  Based on what I have on hand, it'll be a great time to do some housecleaning with our external zone records.   I will also need to update our domain registrars with the new name servers as well.

If all goes well, this will be sorted out in a few days and I'll be free of my old circuits and billing by the end of November.  If not, I'm sure I'll have another story to tell.

Wednesday, October 20, 2010

Blog Highlights for October

October is just flying by, but I thought I’d take a moment to toss out a some other great blogs and recent posts that have caught my eye in the last few weeks.  (Many are by some of my fellow Microsoft MVPs, too!)

For those of you in the Exchange camp, check out BlankMan’s Blog, by Nicolas Blank, an Microsoft Exchange MVP. He’s recently posted a link to the Exchange 2010 Architecture Poster and a overview about Exchange 2010 SP1

Thinking about IPv6? Don’t miss out on some recent posts on, the blog by Microsoft MVP, Ed Horley.  Are you an ostrich or not when it comes to IPv6? You might want to find out.

Maybe you are on the certification path, if so, don’t miss out on some of the posts on the Born to Learn blog, geared to keep you up to date with the latest in Microsoft certification.  Born to Learn recently highlighted MVP Justin Rodino, who will be presenting a session on Windows 7 at the upcoming Certified Career Conference on November 18th.

Finally, since I’ve spent a lot of time in airports this month, I’m finding the TSA Blog to be particularly interesting. Learn about upcoming technologies, changes in protocols and tips on packing so you can breeze through security. Maybe I’ll cross paths with you at the airport.

Thursday, October 14, 2010

What's in Your Runbook?

At least once a year, the time comes to re-address the documentation around the IT department regarding disaster recovery. One of the things I've been working on improving over the last two years is our network runbook. We keep a copy of this binder in two places - in our document management system (which can be exported to a CD) and in hard copy, because when systems are down the last thing you want to be unable to access is the documentation about how to make things work again. 

Here's a rundown of what I have in mine so far, it's in 10 sections:
  1. Runbook Summary - A list of all servers with their IP address, main purpose, a list of notable applications running on each and which are virtual or not. I also include a list of which servers are running which operating system, a list of key databases on servers and finally copies of some of our important passwords.
  2. Enterprise AD - A listing of all corporate domains and which servers perform what roles. I include all IP information for each server, the partitions and volumes on each and where the AD database is stored. Functional levels for the domain and forest are also documented.
  3. Primary Servers and Functions - This is similar to the Enterprise AD section, but it's for all non-domain controllers. I list out server information for file services, database servers and their applications and backup servers. I document shares, partition and volume information (including the size), important services that should be running and where to find copies of installation media.
  4. ImageRight - Our document management system deserves it's own section. In addition to the items similar to the servers in the previous section, I also include some basic recovery steps, dependencies and the boot sequence of the servers and services. Any other information for regular maintenance or activities on this system are also included here.
  5. Email / Exchange - This is another key system that deserves it's own section in my office. I include all server details (like above) and also completely list out every configuration setting in Exchange 2003. This will be less of an issue with Exchange 2007 or 2010 where more of the configuration information is stored in Active Directory. However, it makes me feel better to have it written down. I also include documentation related to our third-party spam firewall and other servers related to email support.
  6. Backup Details - A listing of each backup server, what jobs it manages and what data each of those jobs capture.
  7. Telecommunications - Details about the servers and key services. I also include information regarding our auto attendants, menu trees and software keys.
  8. Networking - Maps and diagrams for VLANs, static IP address assignments, external IP addresses
  9. Contacts & Support - Internal and external support numbers. Also include circuit numbers and other important identifying information.
  10. Disaster Recovery - Information about the location of our disaster recovery kit, hot line and website. A list of the contents of our disaster kit and knowledge base articles related to some of our DR tasks and hard copies of all our disaster recovery steps.
This binder is always in flux - I'm always adding and changing information and making notes, as well as trying to keep up with changes that other team members are making to the systems they work with most.  It will never be "done" but I'm hoping that whenever I have to reach for it, that it will always be good enough.

Tuesday, October 12, 2010

October is National Cyber Security Month

Personally, I think every month should be a month people pay attention to security online, but regardless, here are some resources and blog posts to help you think about being more secure as you navigate the world online.

First, Microsoft has a whole site dedicated to online safety, don't miss out on some tips for creating more secure passwords and using public computers.  There are even some great brochures and sheets you can print out and share at the office or with clients.

Also, check out this post by Microsoft's Worldwide Chief Security Officer, Robert Halbheer, on "Is the online world more dangerous?" He provides a link to another great handout that addresses some myths regarding online safety.

Finally, one of the most common ways that people are exposed to online security risks is by clicking on spam.  Check out a short post on managing spam by another sysadmin that works in the trenches, The UberGeekGirl.

When it comes down to it, managing your security and safety online is not all that different from managing it everywhere else.  You already keep track of your keys and your wallet, you lock your car and your house when you leave, and you don't leave your credit information around for people to grab.  Just do the same online - keep track of your passwords, don't stay logged onto web services on public computers, don't click on links that look suspicious in emails or on social networking sites and look to do business with online companies that use secure websites for transactions. 

Keep safe everyone, no matter where you are.

Thursday, October 7, 2010

ImageRight Hotfixes = Happiness!

My last post about ImageRight covered two defects that we were experiencing that will not show up in the release of version 5.3.  However, since they were critical to actually viewing and interacting with images in the system, last week we received the hotfix that address both of those items.

The fix updated five DLL files on the client side and was provided to us as a self-extracting executable file that needed to be ran on each desktop.  I'm not a fan of sending executable files to my end users to click on via email, since that encourages some email habits I'd prefer to avoid.  Thus, we (meaning my rockin' programming co-worker) repackaged the hotfix as a MSI file that I could easily deploy via Group Policy.  I tested the fix on my desktop and we rolled it out to the rest of the staff the following morning for installation at the next desktop reboot. 

One little caveat that would have been nice to know ahead of time... Once a user has the fix installed, ANY .tif document they add to the system will cause a "red X" error on a non-fixed ImageRight client.

I discovered this after installing the fix on my machine and then adding in some expense reports for processing.  I then had to go over and install the hotfix on an accounting computer so my tasks could be processed.  Going forward, that user would create documents than everyone else in the office wouldn't be able to view until they had the hotfix.  So it's imperative that this particular fix be rolled out en mass, so users don't see even more errors.

Overall, kudos to the ImageRight Support team and the developers for working hard to make sure that ImageRight continues to work for us.

Tuesday, October 5, 2010

System Center Essentials and the Reappearing Declined Updates

I've been slowly spending time with System Center Essentials and one of the things that turned out to be the most time consuming task when first installing SCE is approving and declining the seemingly endless number of updates.  I've grouped out my servers and workstations by the operating system they are running, as well as a few other specialty groups for specific applications like SQL, Exchange, etc, that often have specific updates.  Then I went through and approved updates for each group and declined all the updates that were expired, superceded or didn't apply to my environment for one reason or another.  (Yes, you can manually tweak which types of updates you download, but there still always seems to be something I don't want in the list.)

All was good.  Then a few weeks later, all the updates that I declined had magically returned to my "unapproved" list.  How frustrating. 

On the Microsoft TechNet Forums I found a post from June 2010 that mentioned how the "Update cancelled or renewed subscriptions maintenance task" was likely buggy and the culprit for this problem.  Disabling this task would prevent declined updates from accidentally get tossed back into the "unapproved" list when each maintenance cycle came around.

To find the setting, open your SCE Console and select the "Updates" view.  On the right side of the Update Overview page, you'll find a task list that includes and option to "Configure Windows Server Update Services Maintenance".  Within these settings, you'll want to uncheck the option to "Update cancelled or renewed subscriptions" which is supposed to "decline all updates for inactive subscriptions and change the status of all updates for subscriptions that have been renewed within the previous 30 days." 

If you are interested in more details about what that option is supposed to do and what you might be missing out on by deselecting it, check out this blog post on the System Center Essentials Team Blog.

Friday, October 1, 2010

Coming Soon! - Chat with MVPs, Learn about IPv6 and Hang with PacITPros

October is starting out with a bang.  Here are a few upcoming events that you might want on your calendar.  Please visiting their listed sites for more information or to register.

October 5th - PacITPros Monthly Meeting - This month they welcome Chad Scott, Solution Architect with Infoblox who will be going over their DNS/DCHP/IPAM solution plus their newest solution of NetMRI from the recent acquisition of Netcordia.  Also featured will be Kenny Spade, Academic Developer Evangelist with Microsoft presenting on Windows Phone 7. This will be a sneak peak prior to the official launch date, so you will get to see the handset and OS in action.

Meeting location is at the Microsoft Office, 835 Market Street, Suite 700, San Francisco, CA 94103. Please RSVP at the website.

October 14th - Chat About Microsoft Office and Windows with the MVP Experts, 10-11am PST -Would you like to learn more about the cool new features in Office 2010 and Windows 7 and what has changed since previous versions? Do you use Microsoft Office but would like to learn tips and tricks to be more productive at home, school or at work? Perhaps you are a new user who has questions on how to get started with Windows 7 or using the Office ribbon? Or would like to learn how to protect your computer from malware and viruses. Or perhaps you are just stuck and need answers. 

The Microsoft Most Valuable Professionals (MVPs) are here to help! The MVPs are the same people you see in the technical community as authors, trainers, user groups leaders and answerers in the Microsoft forums. For the first time ever we have brought these experts together as a collective group to answer your questions live.

MVPs will be on hand to take questions about Microsoft Office 2010 or Office 2007 products such as Word, Excel, PowerPoint, Outlook, Access, Project, OneNote and more. As well as the Windows 7 and earlier versions such as Windows Vista. In addition to Microsoft Office, the chat will cover Windows related topics such as upgrading, setup and installation, securing your PC, Internet Explorer, personalizing your computer desktop or having fun with Windows Live Essentials to share photos, make movies and more. All levels of experience are welcome from beginners and students to intermediate power users.

Please join this informative Q&A style chat and bring on your basic and your tough questions!

November 2-4th - The gogoNET LIVE! and CAv6TF IPv6 Conference - With IPv4 addresses predicted to be depleted within 18 months we all need to start becoming familiar with IPv6. The California IPv6 Task Force is pleased to present the gogoNET LIVE! IPv6 conference at San Jose State University to:

- Get the knowledge you need from experienced IPv6 professionals
- Learn IPv6 theory in workshops
- Make useful technical contacts in the IPv6 world

 This is the only local West Coast IPv6 event for the remainder of 2010 and it is right here in the Bay Area so take advantage of this opportunity to increase your knowledge on all things related to IPv6.  gogoNET LIVE! is a live version of the gogoNET social network that has close to 30,000 IPv6 professionals as members.

Be prepared, don’t fall behind – this is your chance to get on the cutting edge of IPv6 deployment. Visit for details and to register.