Friday, November 07, 2008

System Center Virtual User Group meeting on November 13th

I'm going to be presenting at the upcoming System Center Virtual User Group meeting on November 13th. This will be my first User Group presentation, luckily it's virtual so they won;t be able to see me sweat.

I'll be presenting content from my recently published document covering how to deploy FCS agents with SCCM, how to maintain FCS signature updates with your existing SCCM WSUS infrastructure and monitoring FCS configurations via DCM. It'll be a brisk 30 minutes with a bunch of technical content. Hopefully brisk enough to keep me from realizing it's happening!

This should also be a good warmup for my presentation at the Jacksonville, Fl System Center Users Group on the 19th. More on that later.

Wednesday, November 05, 2008

Wings Over Houston 2008

Very early October 24th I drove down I-45 though Houston on my now annual trip to spend a weekend at Ellington field. This year was a bit different as I was working Friday as well as Saturday and Sunday. Once again I would be working with the most excellent and insane crew at the show's Motorpool. Having been there before, it was rather easy to navigate my way around the field and sneak over to park by the Motorpool rather than the normal Participant Parking. This was helpful since we're first in and last out in Motorpool.

Early Friday made for a bit of a false start, as my wife had locked her keys in her car. at $250 per key we only have the 2, so I had to drive back to home and unlock her car and turn around and drive back to Ellington. Not my idea of an enjoyable morning since it was now about 7am and rush hour traffic was in full swing. I was however lucky enough to be able to avoid most of the traffic. I had Kelly check the Transtar Traffic maps and decided to run east around the city on the 610 loop. Brillian choice if I do say so myself, the traffic was nearly non-existant and I maintained fast highway speeds the entire time. Everybody back at the field figured they woudln't see me again until Saturday Morning. Boy did I prove them wrong. An hour and 15 mintues later I walked back into the Motorpool smiling. Traffic was really running well for me (it helped that I checked the maps and took a few alternate paths and stayed with the fastest flow of traffic I could).

Once back at the Motorpool, things we proceeding calmly. Most of the hectic work had been done but there was more to be done.

The Motorpool at the Airshow "owns" all of the golf carts that the show staff uses to get around the field to do their jobs. This ranges from the carts the Programs group uses to distribute programs to the people hawking them, to the carts that drive around with Water and Poweraid coolers strapped to the back to make sure everyone at the show remains hydrated. This is why we have to be in before everyone else. The carts are checked out and back in on a daily basis so that we can make sure none are lost and take are of any matinenance and get them ready for the next day. This year was far easier than in the past since of the 155 carts, only 9 were electric. In past year's we've had to spend a lot of time getting all the carts plugged in so they could charge and drag the charging stuff off the carts in the morning.

Checking the carts out in the moring leads to a severe case of Wet Butt but that's a small price to pay for a fun weekend (and somewhat avoidable if I could rememebr to bring a pair of shorts to change into when it warms up).

The show this year seemed to run even more smoothly than past years. The core staff has been doing this a long time and seems very committed to learning something from every year to make future shows better. Don't get me wrong, things do go wrong and there are problems but nothing major and it was all handled very well by all parties.

I was a bit disappointed by the Ham community this year as we were significanlty short on operators. I'm sure this has largely to do with Ike but it's still unfortunate.

The Thunderbirds performed excelently as always as did all of the other performers. This year feature even more "Pyro Goodness" from the Tora Tora Tora pyro crew which was very cool. They do an excelent job of setting off car alarms every year (with explosives mind you, not by breaking into them!).

I want to thank the entire Motorpool crew for another great year. I'd especially like to thank Tom and Cory for stepping up to cover for some last minute cancelations on Sunday. As well as Bryan for letting me stay on the Katie Girl (It's a boat.. don't get any bad ideas) down in Seabrook which made the 0500 start times far easier!

I now realize that I should work on shorter blogs instead of writing a novel each time. Maybe I'd actually blog more that way!

Wednesday, April 23, 2008

MMS Session SS03 Manage Your Environment Using Microsoft Forefront Integration Kit for Network Access Protection through FCS to SCCM Integration

Make sure you stop by Titian 2201B at 10:15 on Thursday to watch me attempt to keep from looking like a deer in the headlights while I present the document I wrote on integrating Forefront Client Security (FCS) and ConfigMgr. I look forward to the opportunity to show off the documentation that I mentioned in an earlier blog post. I have gotten some pretty good feedback on the document and nobody has complained that it set their datacenter on fire (phew!) but MMS is a tough crowd from a technical perspective. I hope to see some of you there!

Monday, March 31, 2008

Automating ConfigMgr Query Creation with Powershell

I'm currently working on implementing a fairly large System Center Configuration Manager (ConfigMgr or SCCM depending on who you ask and the time of day) hierarchy. The hierarchy spans multiple domains on the workstation side of the house and we are targeting and tracking client deployment on a per domain basis.  With 11 domains and 4 queries per domain on 3 site servers I wanted to make my life a little easier so I spent some quality time with the ConfigMgr SDK and the PowerGui Script Editor to hack out a script to do it for me.

The script simply has 2 arrays that it iterates over, one for domains, and the other for the queries to create.  The array for the Domains is a plain vanilla list of strings.  The Array for the Queries is a bit more complex since it required more than a single piece of data per query.  I used an array of hashmaps for this.  There may be a more elegant way to handle this (an array of custom objects perhaps) but my days of perl have made me relatively comfortable with complex nested data structures. 

All of that was simple.  But issues with the Put() method on the WMI class gave me quite a bit of trouble.  Apparently, the put method occasionally fails to function for no apparent reason.  To resolve this I had to trap the exception and re-call the put method.  That worked splendidly.  After figuring out a bit more of the structure of the objects returned I was also able to spit out a nice bit of text if the creation succeeded of error out if it failed. 

One major item to note, the SDK will allow you to create duplicate queries.  So be prepared to delete some stuff if you play around with this script.  And now what you've probably been scrolling past all of this text to find...

$site = 'SMS'
$siteserver = 'SCCMServer01'

[
array] $domains = @(
'DOMA',
'DOMB',
'DOMC',
'DOMD'
)

[
array] $queries = @()

$queries += @{
'Name' = '|DOMAIN| - All Workstations';
'Expression' = 'select SMS_R_System.Name, SMS_R_System.SMSAssignedSites, SMS_R_System.IPAddresses, SMS_R_System.IPSubnets, SMS_R_System.ADSiteName, SMS_R_System.OperatingSystemNameandVersion, SMS_R_System.ResourceDomainORWorkgroup, SMS_R_System.LastLogonUserDomain, SMS_R_System.LastLogonUserName, SMS_R_System.SMSUniqueIdentifier, SMS_R_System.ResourceId, SMS_R_System.ResourceType, SMS_R_System.NetbiosName from SMS_R_System where SMS_R_System.Client = 1 and SMS_R_System.ResourceDomainORWorkgroup = "|DOMAIN|" and SMS_R_System.OperatingSystemNameandVersion like "Microsoft Windows NT%Workstation%"';
'TargetClassName' = 'SMS_R_System';
}
$queries += @{
'Name' = '|DOMAIN| - All Client Workstations';
'Expression' = 'select SMS_R_System.Name, SMS_R_System.SMSAssignedSites, SMS_R_System.IPAddresses, SMS_R_System.IPSubnets, SMS_R_System.OperatingSystemNameandVersion, SMS_R_System.ResourceDomainORWorkgroup, SMS_R_System.LastLogonUserDomain, SMS_R_System.LastLogonUserName, SMS_R_System.SMSUniqueIdentifier, SMS_R_System.ResourceId, SMS_R_System.ResourceType, SMS_R_System.NetbiosName from SMS_R_System where SMS_R_System.OperatingSystemNameandVersion like "Microsoft Windows NT%Workstation%" and SMS_R_System.ResourceDomainORWorkgroup = "|DOMAIN|" and (SMS_R_System.Client = 1 or SMS_R_System.Client is not null )';
'TargetClassName' = 'SMS_R_System';
}
$queries += @{
'Name' = '|DOMAIN| - All Non-Client Workstations';
'Expression' = 'select SMS_R_System.Name, SMS_R_System.SMSAssignedSites, SMS_R_System.IPAddresses, SMS_R_System.IPSubnets, SMS_R_System.OperatingSystemNameandVersion, SMS_R_System.ResourceDomainORWorkgroup, SMS_R_System.LastLogonUserDomain, SMS_R_System.LastLogonUserName, SMS_R_System.SMSUniqueIdentifier, SMS_R_System.ResourceId, SMS_R_System.ResourceType, SMS_R_System.NetbiosName, SMS_R_System.ADSiteName from SMS_R_System where SMS_R_System.OperatingSystemNameandVersion like "Microsoft Windows NT%Workstation%" and SMS_R_System.ResourceDomainORWorkgroup = "|DOMAIN|" and (SMS_R_System.Client = 0 or SMS_R_System.Client is null )';
'TargetClassName' = 'SMS_R_System';
}
$queries += @{
'Name' = '|DOMAIN| - All Computers';
'Expression' = 'select SMS_R_System.Name, SMS_R_System.SMSAssignedSites, SMS_R_System.IPAddresses, SMS_R_System.IPSubnets, SMS_R_System.OperatingSystemNameandVersion, SMS_R_System.ResourceDomainORWorkgroup, SMS_R_System.LastLogonUserDomain, SMS_R_System.LastLogonUserName, SMS_R_System.SMSUniqueIdentifier, SMS_R_System.ResourceId, SMS_R_System.ResourceType, SMS_R_System.NetbiosName, SMS_R_System.ADSiteName from SMS_R_System where SMS_R_System.ResourceDomainORWorkgroup = "|DOMAIN|"';
'TargetClassName' = 'SMS_R_System';
}

function New-SMSquery {
Param (
[
string] $SiteServer = '.',
[
string] $Site,
[
string] $Name = $(throw "Missing required parameter (Name)"),
[
string] $Expression = $(throw "Missing required parameter (Expression)"),
[
string] $TargetClassName = 'SMS_R_System'
)
Process {
trap [System.Management.Automation.RuntimeException] {
if ($_.Exception.ErrorRecord.TargetObject -eq 'put') {
$newquery.put()
continue
}
else {
break
}
}
$eap = $ErrorActionPreference
$ErrorActionPreference = 'stop'
$QueryClass = [wmiclass]"\\$Siteserver\root\sms\site_$($Site):SMS_Query"
$newquery = $QueryClass.CreateInstance()
$newquery.name = [string] $Name
$newquery.expression = [string] $Expression
$newquery.targetclassname = [string] $TargetClassName
$newquery.put()
$ErrorActionPreference = $eap
return $newquery
}
}

foreach ($d in $domains) {
foreach ($q in $queries) {
$newq = new-SMSQuery -SiteServer $SiteServer -Site $Site -Name $($q.Name.Replace('|DOMAIN|',$d)) -Expression $($q.Expression.Replace('|DOMAIN|',$d)) -TargetClassName $($q.TargetClassName)
$newq | gm
if ($newq[0].IsInstance) {
Write-Host "Created query: $($newq.Name) ($($newq.QueryID))"
}
else {
Write-Error "Failed to create query $($q.Name.Replace('|DOMAIN|',$d))"
exit
}
}
}

Tuesday, March 04, 2008

A sad day for Fantasy gaming

It is a sad day for Fantasy gaming, Online, offline, single player, multi player or tabletop.  The great Gary Gygax has passed away this morning. Gary is responsible for great amounts of joy for many people across the world. He will live on forever in the works he set in motion.

Roll a hand full of dice in his honor.

Thursday, February 28, 2008

Not all bots are evil

There appears to have been a malicious compilation of the EnergyMech IRC Bot that is currectly "in the wild".
The SANS ISC has reported this. Unfortunately the diary entry is not entirely clear and can be read that EnergyMech itself is a malicious bot. I have spoken with another handler about it and he will be speaking with the handler that wrote the entry regarding the wording.

News like this makes it even harder for legitimate users of IRC bots and even IRC in general to find hosts that allow these legitimate bots, clients and servers to operate on.

IRC is not evil
It is used by thousands a day for discussions just like Forums and IMs.

IRC bots are not evil
They provide channel control services where the network does not provide it, as well as other services. Some examples are RSS reading, Stock Quotes, Web Services, Weather information, Trivia game and Dictionaries.

IRC is not dead
On one of the neworks I am currently connected to there are 43,757 other users connected. That's more than some towns.

IM is realtime but cannot replace the ability to have a central gathering place for numerous people to discuss a shared interest.
Forums are central gathering places for people to discuss shared interests but are not real time.

Tuesday, February 26, 2008

I'm officially published in Beta

Some of you may know that I've been working on some documentation for integrating MS System Center Configuration Manager and MS Forefront Client Security so that they could play nice together. Well the document has been delivered to MS and posted as a Beta on Codeplex. Assuming it doesn't turn anybody's network/servers into smoking rubble, it should be posted on the main Microsoft site in the next couple weeks.

Monday, February 11, 2008

The Verdict is In!

Many of you probably already know that my absence from life in general over the last few months has to do with the fact that I was selected for a Jury in a large criminal case in Federal court.  After 8 and a half weeks of testimony and 3 days of deliberation we reached a verdict and were finally released to go back to our normal lives.

For info on the trial and the results see the following article from chron.com: Former El Paso Corp. traders are found guilty.