Entries by The Geekforce (14)
When LDAP happened, UNIX geeks loved it, and marveled at its simplicity, extensibility and power. All sorts of great applications sprouted up around it. From super smart mail gateways, to really granular management systems, there was a way to leverage LDAP to make building software better, and network and application management easier.
Then Microsoft got in the game. And managing a network has never been the same. Lets go back in time, and look at problems from the AD launch: http://webcache.googleusercontent.com/search?q=cache:http://www.ldapguru.com/2009/11/how-microsoft-went-wrong-with-active-directory/&hl=en&strip=1
Here, as we see it, are the major problems.
- Troubleshooting: You cant put the AD service in debug mode, and expect to get any kind of logging from it at all.
There are management tools that can tell you things about what has failed, but not why.
- Reapeatability: While there are sets of rules about what to do to make things work, some of those can be bent, others can be broken. There's not set of instructions that says - for <function X> to work every time, here is how configure AD for <function X>. This is a problem because different IT knowledge will say configure it one way, while other knowledge will say something different. It gets sloppy quick. Without a clearly defined process and procedure of who can do what, and how to do it, you can end up with a giant mess of hairy gunk that can't be manged effectively, if at all.
When configuration knowledge is tribal, you'll never have repeatability.
- AD Does not fail gracefully: When things do go wrong, they usually happen in the most unpredictable of ways. We made a policy inactive once that caused oulook to get uninstalled from everyones computer. Outlook was installed as part of Office. So, I would understand if the entire Office suite was uninstalled, but this policy did something completely unexpected.
- Understand that there is no line between Group Policy, and AD: They are symbiotic. Both depend upon each other. It is this complexity that I think is the real stem of the problem. GP cant make sure that it is configured correctly, because all it configuration is stored in AD, and GPO's only have an understanding of themselves, not the directory in which they live. There seems to be a very mappging from GPO to OU's in AD, but that is the extent of that.
- There are no built in reporting tools.
Do you want a nice, comma delimited list of what users are in the Marketing Group? Good luck with trying to get it out of AD directly.
You know that guy in Office Space, the one who wants his red swingline back? I think that is the guy in Microsft that understands Active Directory. MS has got him locked in the basement. He could address all these concerns, he can tell you how AD works. Support engineers that you reach at MS to get help? They dont have a clue.
This journalist has been remiss in failing earlier to post the account of a recent trip to Massachusetts. When I mentioned to a certain Super Geek, known to this site as David, that my friend, Linda, and I were on our way to Concord, Mass, he suggested we mention his name.
Well, more specifically, he said to mention his name at the John Buttrick Museum.
After the requisite visit to the Concord Cheese Shop for some of the best French Gruyere in the world, and an impassioned lesson about Citi Bank's desire to over develop that fine village, we headed over to the Concord Museum. And, a fine museum it was. However, we had over stayed at the cheese shop and soon learned that the museum would close in less than an hour, so we rushed straight to the point.
"Where's the John Buttrick stuff?" we ignorant midwesterners asked. (Well, we were a little more graceful than that.)
We were told that the Concord Museum housed only two pistols that belonged to John Buttrick, and decided that the $8 entry fee was a little more than we wanted to spend just to tell David that we had, indeed, honored the memory of some distant relative of his. Fortunately, a Minuteman happened to be on duty and enthusiastically directed us instead to the John Buttrick Museum, down the road a piece. A former librarian commando volunteering at the museum said the Buttrick House was is disrepair, but Mr. Minuteman said, not to worry because it was currently being restored.
Well, maybe the little cottage museum would have a nice picnic table and we could enjoy our cheese and a glass of cabernet. So, off we went to see the cottage where John Buttrick, David's great, great something or other had once lived. As we drove down some historic road, a sign directed us to the John Buttrick Museum. A small sign denoted the site, which, much to our surprise, included a huge, yellow Colonial clapboard farm house on one side of the road, and a marvelous early 20th century (1911) stone mansion on the other.
As it turned out, both houses were part of the John Buttrick Museum estate, a sprawling country manor the size of Forest Park, and resplendent with ancient birch and sycamore trees, and acreage that expanded as far as the eye could see. Within that range of vision was the famous North Bridge where the Minutemen, a group of farmers, craftsmen and other ordinary folks, took up arms against the well trained, well outfitted and totally pompous soldiers of King George for the first time in the embryonic history of the United States of America.
As for good old John, he was a gentleman farmer who wanted to keep a fair share of the money he generated on his farm, and did not want some overstuffed royal across the Atlantic telling him what to plant. He joined the Minutemen and was happy to serve in the background as a captain. But, as it turns out, John got promoted, instantaneously, to Major and shoved to the front of the line - face to face with the redcoated British Army prepared to extinguish the handful of Minutemen facing them.
There they were, all subjects of the king, facing off with only the short and narrow North Bridge between them. An act of defiance against the King was tantamount to treason. But, when Major John weighed the costs, he decided on the side of freedom and shouted, "Fire! For God's sake, fire!"
With that, John discharged his musket and fired what was immortalized by Nathaniel Hawthorne as "the shot heard 'round the world".
There it is. David Buttrick, Geek par excellence, is the seed of American history; a direct descendant of one of our bravest forefathers. If you have ocassion to travel to New England, I suggest you make it a point to visit Concord and, especially, the John Buttrick Museum. And, hey. Tell them you know one of "the Buttrick Geeks".
It is so important in life to not REACT to everything.Â So many of us talk, talk, and talk more.Â The only thing that comes of that is that after a while no one listens anymore.Â Don't talk about every thought you have or rant and rave about the inequities in life.Â Just go about and do.Â Talk about things that MEAN something and talk without being unkind, scathing, or judgemental.Â We all have hearts and souls and feelings.Â We need to make sure we run our lives without being narcissistic or self-entitled.Â If we don'tÂ do this we pass it on to all that are around us.Â Poison, toxicity of theÂ words that come out of theÂ mouth, is something that make people not want to pay attention to you when you speak.