Windows Server 2008 & Domain Security Policy

Posted: 12:02 am
October 9, 2008
Microsoft, Security
3 Comments

Some of the new software we are building at Own Web Now manages it’s own password complexity, sometimes much to the chagrin of the default policies built into Windows Server 2008. You’ve heard about Security By Obscurity, so get ready for the new model: Security by presenting GPOs where you would expect to see them, just disabled and uneditable, forcing you to go modify them in a completely different place – Security By Ambiguity. Where does one modify the local security policy in Windows Server 2008?

Local Security Policy used to be managed through Administrative Tools >Local Security Policy. Things like minimum and maximum password age, minimum length, complexity and so on were tweakable under that console. In Windows Server 2008, those screens are still there but you have no way to edit them:

10-8-2008 11-46-06 PM

So, how does one disable all this stuff in Windows Server 2008 because the external application is intended to manage it (and you presumably do not want your policies to break because they override some of Microsoft’s?):

Start > Run > gpmc.msc

This is the Group Policy Management Editor, nifty tool that used to be optional with Windows Server 2003 and XP (free download) is now the way to manage your security policies. 

10-8-2008 11-47-22 PM

Computer Configuration > Policies > Windows Settings > Security Settings > Account Policies

Warning: The security policy outlined above is pretty much suicidal if you don’t enforce password policies through a different tool. Here is a brief description of the Microsoft password policy requirements.

So why did we disable it? Because we wrote our own software to manage the policies, which has the same complexity as Microsoft’s recommendations, but we found that Microsoft will at times even deem it’s own default password policy not to be strong enough, introducing inconsistencies that we were not willing to risk support expenses to narrow down.

Another bad security lesson brought to you by Vladville.

1….

Posted: 9:48 am
October 8, 2008
Uncategorized
Comments Off on 1….

Just 1 day left to sign up and get it free..

www.vladville.com/signup.php

Don’t complain and beg me for it later when the signup form changes and you have to pay for it.

Has Microsoft lost it?

Posted: 9:38 am
October 8, 2008
Microsoft
2 Comments

You already know my take on it, but there appears to be more to this topic with the financial community chiming in now:

We wanted to share some thoughts on Microsoft (MSFT), which we closed during the quarter.  We believe that we purchased the shares at an attractive time, and for a good while the investment worked nicely.  As has been our habit of late, we overstayed our welcome as the shares peaked after the company announced a very good September 2007 quarter. 

Since then, management has acted in an overaggressive and almost panicky fashion regarding its online offering.  First, it sought to acquire Yahoo! and then after that failed, it announced extremely high internal investment requirements to pursue this “huge” opportunity (read: “Google-envy”).  We doubt the opportunity is what they say it is and wish MSFT focused on its core strength: software. 

The CEO is a very smart and very wealthy man.  Perhaps, he is so wealthy that he has bigger ideas and aspirations than making MSFT’s shareholders wealthier.  We’ve given up on MSFT for now as we feel better investing in companies where management at least appears to be trying to work for shareholders.

I think David is right on with Microsoft losing focus, losing in consumer web properties, losing in search, losing in media players, losing in… well… everything except software.

Knowing the guy, I never got the sense that he is so wealthy that he has bigger ideas and aspirations that transcend the core business of making money. As an unnamed Microsoft whore pointed out the other day via IM, Microsoft is above all things an insecure, arrogant company that cannot stand not being #1 or an ounce of competition, even if the competition pays it licensing fees and royalties. I am not sure if they are arrogant or just afraid – Microsoft has always stood for a seamless computing experience, so they think that if anyone is to get on their territory their doom will soon follow. That is why you see them trying to spread their wings to nearly anything that runs software.

There is a little more to this, as more and more PDC content comes available every day it reveals what Microsoft is actually up to. Developers are writing software that runs on distributed clusters on the Internet. There is relatively little new stuff showing up on the desktop. Microsoft doesn’t own the Internet, it doesn’t control the Internet, and as far as standards are concerned it doesn’t control any of them or for the most part doesn’t even come close to the 10% share.

What is a company with 90% desktop OS market share to do when it cannot move the developers to develop for its market dominant platform and the choice of OS become irrelevant?

You don’t have to look further than Microsoft’s 10-K which lists their going concerns.

Microsoft is about to enter very dangerous territory: It walks into a fight with tarnished reputation for it’s core business, with multiple losses across a wide variety of markets from search to media, and now it opens a huge front with a 1.0 release on the cloud without the comfort of a huge partner sales force it has just alienated.

One has to wonder if Microsoft’s lack of immediate success and fanboy following for their cloud computing initiatives to be announced at PDC simply leave Microsoft as a giant, yet subpar, technology company on the decline.

As the old saying goes: Nobody ever got fired for buying IBM. Oh yeah? And where are they now in terms of the way you view hardware and software? Another blue to bite the dust? We’ll know very soon.

Dealing with investment fear

Posted: 1:57 am
October 7, 2008
OwnWebNow
Comments Off on Dealing with investment fear

It takes a strong gut to look at the financial investment statements these days, even more so to start ramping up the training, hiring and R&D in these tough economic times. And if it’s really looking tough you probably have to take a hard look at your game plan and probably admit defeat, cut losses and move on before you lose it all.

If you’re wondering where I’m standing at this point then you’ll probably be surprised that today I’ve seen the first return on the largest single HR investment in OWN’s history since I stopped being a one man shop.

Gutsy?

I don’t think so. I’ve been very open about what we are doing, at times even to the detriment of competitive advantage, and where we are placing our bets. And unlike my usual batting percentage of 60% (with 40% of ideas ending up in the garbage) nearly everything I’ve done for the past 2 years has become a huge success. Even things that might appear to have fallen off the face of the earth, like SM, have not just added thousands of partners into our portfolio but have also created a huge surge in business done with OWN by the companies that signed up. This just builds on the ExchangeDefender brand that is on an epic climb, Exchange+SharePoint killer-combo, data center solutions and enterprise services.

Gloating?

Far from it. This wasn’t easy. I’ve held on for about 3 months as we looked at our indicators trying to figure out which direction the economy is going and which markets we focus on.

Then we started executing the plan and I’d like to sit here and pat myself on the back about the revenues and month-to-month of skyrocketing profits but I’m not Scrooge McDuck, I don’t sit on top of the money bin or get joy out of counting coins. At the end of the day, I’m just a geek that went to business school and never stopped trying to be better.

So as the revenues grew and our staff didn’t….

Well….

I’ll only say this once. It’s a bitch going to bed every night seeing how far you’re getting backed up, just to wake up in the morning and hear about how much you suck.

So a little while back while looking over the projections and estimates we decided to hire ahead of the demand and radically transform our support infrastructure. It has been a tough month, taking away from production to invest into training and documentation building and focus on more than two goals.

In case you’re wondering, they used to be “write great software partners need to make money” and “always be closing the sale”

If you were at the UG meeting in Seattle or spent some time with me at the MVP deep dives you probably know the next vector of OWN that I’m in process of implementing, not to mention the one that comes after that.

As you will read in my first little piece of serious writing in just over 24 hours, the time for planning, thinking, conceptualizing and figuring things out is over. If you don’t have your marketing, leads, pipeline and project processes narrowed down you’re basically just counting down to extinction as the IT services become a commodity and a utility.

As for me, I know my role. My role is to build the software and services that help people integrate their solutions for their customers. Which I’m glad to say a LOT of people are making a killing on. Thank you all. Moreso, I want to thank those of you that have put up with us through the little rough patch if things didn’t work out perfectly right away as they should. That’s business. But if you’ve been looking at this blog, the folks that work with me and help me realize my objectives tend to be compensated greatly.

The new big OWN support teams went online today and in the first day we have been able to cut the open issue reports in half. The support and network ops and development are clicking along and the backend side of this (which you will soon see out in the open) is back.

It’s Monday, October 6th, and the Ironman is back.

2…

Posted: 1:28 am
October 5, 2008
Vladville
1 Comment

Two more days till the first issue, gonna be big. http://www.vladville.com/signup.php

-Vlad

So this is something big…

Posted: 6:08 pm
October 3, 2008
SMB
Comments Off on So this is something big…

Royal Oak, MI, October 3, 2008:  Amy Babinchak and Eriq Neale, MS MVP’s, Authors and Speakers,  have teamed up in a new business venture to provide remote support services to IT professionals. By formalizing and centralizing the remote support services of highly skilled professionals across a wide range of products ThirdTier.net will be the place where IT professionals turn to when they need assistance to resolve that tough problem for their client. Third Tier will also offer SMB focused vendors the solution to the difficult problem of supporting a wide variety of skill sets in the SMB market space, thus making it easier for them to offer their products to small business customers.

· Central location for IT Professionals to contract experts on a wide variety of technologies to remotely assist in problem resolution.

· Experts providing vendors the solution to product support in the SMB market space.

….

indianinthebucket.com for bottom-feeding NOC services, thirdtier.net for the expert services.

In Seattle

Posted: 1:51 pm
October 3, 2008
Vladville
1 Comment

If you happen to be in Downtown Seattle this weekend, track me down.. I’ll be at the SBS UG meeting tonight to talk about a new community project, out drinking with the boys later tonight, and tomorrow morning/afternoon just hanging out at the hotel. If you’re one of my partners and we’ve never met face to face track me down.

* Ok, obligatory community note here – Yes, I have tshirts. I am also here on behalf of Andy Goodman as the Deputy Riffraff General. No, I am not going to the Garbage Truck Driver Convention.

Coming back to work..

Posted: 8:58 pm
October 1, 2008
Vladville
1 Comment

Starting with next week I am coming back to work full time (and then some) from my paternity leave. Depending on the little monkey’s sleep schedule I might be putting in a lot more hours in odd hours of the night and I’m committing to my comeback full on.

So I have started something.. several things in fact..

My first goal is to clean up Vladville a little. There are a lot of serious technical and business articles I have written but decided to pull back from Vladville since they don’t really fit into the vibe of the fun-n-gun style of humor displayed here.

newslettericon

So sign up for it here
Vladville Newsletter

It’s free and it’s actual content and it’s what I actually do (sans the satirical view of it you will still get here daily 🙂 I promise you will love it.

Dweeb Wars

Posted: 8:23 pm
October 1, 2008
Vladville
Comments Off on Dweeb Wars

Take a room full of MVPs and give them a bunch of interconnected servers for lab purposes. Take away Internet access. What happens next?

Monkeys launch a mailbomb at each other. It’s the equivalent of a slap fight, for geeks.

photo

Vlad: At some level this is really childish..

Tim: This is childish at every level..

Who is YOUR daddy Wayne & Dana, who is your daddy?

Finish Him

Posted: 2:51 am
October 1, 2008
Microsoft, OwnWebNow
1 Comment

tan dan tan dan tan dan tan dan.. Moooortaaaalll Kommmbaaaaat!

Never in my life have I imagined I would see a live human reenactment of the final move in a Mortal Kombat video game. As I’ve mentioned previously, I’m in Redmond this week getting the deep dive SBS 2008 training with some other fellow MVPs. This is a scene from earlier today, and in my opinion it is fairly remarkable. I never thought I’d be able to capture the very moment when the persons soul leaves his body at the exact moment he loses all hope for humanity and his vocational contribution to it:

jeffmortalkombat

SBS 2008 developer, who wrote the console.exe management interface for Cougar, checks for his pulse while Jeff Middleton, of SBS Migration fame, attempts to explain how a simple schema change would only require 3 lines of code.

Bonus points for the dev for keeping his carcass vertical 🙂

Microsoft MVP program, contributing to Microsoft Developer attrition since 1997.

Which brings me to an interesting symbiosis software developers (me) and very passionate users (MVPs) have when it comes to social interaction. In digital interaction (forums, bug sites, trouble tickets) the responses are raw and nearly primal – “This is broken – fix it” with the response “It’s like that by design”. In plain terms the users are telling developers that their software sucks, and the developers are telling the users to stop bitching and go away because it won’t be fixed. It’s a conversation that repeats often so today I asked:

Dana Epp: I bugged it and the bug was closed as “By design.”

Vlad Mazek: How come you guys never let me get away with that?

Dean Calvert: Because we know where you live.

There is something to be said about the personal connection the software has to the way business gets done and value is contributed to both the person designing the software to solve the problem, person implementing the software to help the end user be more effective at their task and the end user who ultimately makes a significant impact with the software to improve something else.

When all three of these individuals connect and are on the same page the results are astonishing.

This is why OWN invests so much in remaining a partner-only company and why Microsoft pours so much money and time in the MVP program and why people continue to put up with difficult problems and people to improve the entire chain.

At Own Web Now we have a picture of Nick Whittome, which I am not allowed to publish, that I put in my IM icon every Friday when we do code reviews. Nick is my residential code review scarecrow – every time you take a shortcut Nick will find it and kick you in the ass about it. Why? Because people like Nick Whittome and Howard Cunningham and Dave Sobel and a few thousand others constantly give us feedback on our solutions. They aren’t paid for this role, nor do their clients pay for them to work with us, nor does this go under the line item under any of the financial reports. And when my team looks at these kick in the balls tickets and bug tracks it is hard not to de-humanize the feedback as a complaint and reflection of personal incompetence. It is hard to differentiate where “you suck” starts and “this would fix the problem” begins.

This, in my opinion, is why working with the vendors, partners, end users and everyone involved in the software consumption cycle is extremely important. Once you get beyond taking the criticism personally you can move on to the positive side of what everything you’ve dedicated at least 8 hours a day goes to. It’s very motivating, in my opinion moreso than money.