This is very interesting. You'd be amazed (or maybe not) at the amount of
resistance I got inside MS several years ago when I insisted that the
correct model for management of network services (using what eventually
became AD and Windows 2000) was serVICE-centric, not serVER-centric. In
other words, that it is more important to start with the idea of managing a
service, and then to find the instance(s) of the service to manage, than it
is to follow the prevalent "server room" mentality of going to a particular
server, then seeing if it had the service you wanted.
For example, if I want to make changes to my DNS infrastructure, it is
easier (and better IMHO) to start with "I want to manage DNS", obtain a list
of DNS servers, and apply the changes to that list of targets. The
alternative has the admin consulting a yellow sticky on her or his monitor
that lists the DNS servers. Attempts to encode the service name in the
server name (i.e. DNSPRIMARY01 etc.) were indicative of what admins really
wanted - to start with the service of interest, and use that to locate the
servers.
In a highly distributed system, you must start with the data and services of
interest and deploy servers "underneath" your logical model to deliver the
performance and reliability you need, not the other way around (e.g. the
"old way" - fill a room with servers built to some arbirary spec and attempt
to spread your data and services over them).
-s
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Dupler, Craig
> Sent: Friday, March 16, 2001 1:02 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: [ActiveDir] Reaction to the "Visions from the field" thread
>
>
> Except for the initial conversion from your existing file share
> system to the new one, there is no cost at all. In fact, since a
> lot of companies are using the Win2K deployment as an excuse to
> do a clean-up and redo their shares, the conversion costs could
> be largely covered too. However, in a very large environment, I
> will concede that this could be a big ticket item.
>
> The key to cost management is in leveraging processes that most
> places already have. Most enterprises have in place some sort of
> "hosting board" activity that processes requests for shares,
> documents who the owner is going to be, how much space is
> required, what the access requirements are, and what if any
> billing arrangements need to be setup. Typically, share names
> are defined as an incidental part of this process. All one has
> to do to bring order to the chaos, is to start implementing the
> OU's and shared file servers themselves within the natural data
> model of the enterprise, and then to extend that model as share
> requests come in. OU=Northwest becomes OU=data. Server
> //NTS-NW-53 becomes //sparesdata. Share /compops becomes
> /737tires. and so on. To bring this kind of order doesn't even
> required asking the users' permission. All it requires is a
> little guidance from your technical librarians, and some common
> sense. Also, it requires getting out of the cookie cutter!
> server mentality that typifies most server rooms. Let the data
> usage and storage requirements guide equipment selection, not
> some arbitrary standard like "we only buy Proliants with external
> arrays, one array per server . . ."
>
> This thing is easy. And, like getting a teenager to pick up
> their dirty socks and put them in the hamper, it is no less
> obvious that cleaning up our data storage is what we should be doing.
>
> Again, I'm sorry if I sound short, but cookie cutter servers,
> vanity names and sys admin junk is really getting old.
>
>
>
> -----Original Message-----
> From: Peter A. Solomon [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, March 15, 2001 12:23 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [ActiveDir] Reaction to the "Visions from the field" thread
>
>
> I agree, Craig has made many valid points! I believe
> though, in my humble
> opinion, what I'm reading in these threads is a left handed or
> right handed
> approach. A valid point has been made that the IS folks need to put more
> into the data side of things, I agree.
> The issue sometimes is empowerment though. Its not always
> the IT folks who
> are to blame for stepping up to the plate. One of my clients, the Director
> of IS, has bent over backward trying to work with other departments in
> finding better solutions to the way they work today. The response he gets
> is, no response at all. Its a two way street and unless the IS
> Department is
> empowered or engaged to work with the other business units you
> get the same
> results.
> Another road block is the ongoing thought that IS is a cost
> center and not
> one that generates revenue. Many times for this reason it becomes
> necessary
> to separate units, OU's, Sites, Domains etc. because the IS group doesn't
> either have the budget for the large pipes or the staff to maintain
> location. Often IS groups are so tasked with putting out fires, they never
> seem to find the time to be proactive or even know what proactive looks
> like.
> I agree our industry is full of those who think much of
> themselves. I will
> also say the people who are my mentors are the ones with open ears. Before
> you can be a true success, you have to honestly come to grips
> with the fact
> that you don't know everything or in my case humbled along the
> way into the
> same mind set.
> What does it take to bring all of this together? I honestly
> believe that in
> order to have a successful Active Directory, we are still talking about
> active directory, the business needs to have a healthy culture. Healthy
> cultures are driven by Quality management that understand the business and
> know how to root out problems, technical or human. The days of the nasty
> computer guy in the computer room are doomed. The days of the end user who
> whines because they don't want to learn something new is history.
> Its a two
> pronged approach and both sides will have to work together to get
> it right.
> I'm not saying you cant have an Active Directory if your not in
> utopia, I'm
> saying in order to get close to a centralized resource that
> benefits all it
> will take team work. Its going to take agreement and concessions from both
> sides. Affordability, Accountability and the desire to be successful will
> all play a part. You will have to look at this from a 50,000 foot view or
> you will not see through the forest.
> I believe that this is being driven home by reading much of
> the training
> materials coming out of Washington State. I see the bar being raised from
> technically trained to technically trained and business smart. Enough!
>
> Pete
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Schwartz, Jim
> Sent: Thursday, March 15, 2001 8:37 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: [ActiveDir] Reaction to the "Visions from the field" thread
>
>
> Bravo Craig.
> One of the most difficult concepts for some people here to "get" is that
> with a properly designed AD, physical location is secondary. We have a
> number of NDS people who are strutting around feeling that they understand
> directories the best since they've been doing for a while. The
> problem being
> is that the directories they built were based on physical
> location and data
> speed. They design of AD reverses that process and says, figure
> out how your
> business works, then design to that goal. I think some people are going to
> be awfully shocked at what they find out about their organizations and the
> inherent inefficiencies left over from the days of "one big box
> in the glass
> house".
>
> > -----Original Message-----
> > From: Dupler, Craig [SMTP:[EMAIL PROTECTED]]
> > Sent: Tuesday, March 13, 2001 6:30 PM
> > To: '[EMAIL PROTECTED]'
> > Subject: RE: [ActiveDir] Reaction to the "Visions from the field"
> > thread
> >
> > Sorry for the obvious typos toward the end.
> >
> > I have been reluctant to publish very much, because of the
> sensitivity. I
> > strongly believe that any company that implements its natural data model
> > in its data storage container labeling system will achieve an enormous
> > competitive advantage almost overnight. There is ample historical
> > evidence to support this belief. For example, Gutenberg worked on his
> > invention from roughly 1433 - 1465 when his investors took it away from
> > him and started selling presses. And yet, the impact was quite
> modest for
> > the next 50 years of so. The nature of printed information did
> not change
> > much, except of course for the bit about printing the Bible in something
> > other than Latin. That did have a big impact and helped fuel the
> > Reformation, but in many ways it was trivial compared to what happened a
> > few years later. Book collectors even have a name for printed books
> > produced before 1500. It is "incunabula" (sometimes spelled
> > "incunabulum") which roughly translates to "junk books." The real im!
> > pact of mechanical printing did not start until January 2, 1492 when the
> > Moorish libraries in Granada fell into European hands. All of a sudden
> > the very meaning of what a book was all about changed, quite literally
> > over night. It was the ability to pass information in a structured way
> > through time and space that made the Enlightenment possible.
> Right now we
> > live in an age of incunabula file servers and directory "structures" (a
> > generous use of the term).
> >
> > I've been mostly quiet about this while campaigning internally to cause
> > some changes. We have had some successes, and it has helped that a
> > certain large fabricator of chips is using a similar idea in a
> limited way
> > to support its manufacturing processes. Now, I am willing to risk a tad
> > more in order to help get some more traction.
> >
> > As for the education and skills question, yes it is real. But in many
> > ways, that is just data that can be conveyed in a class. Every MCSE I
> > ever met, once knew nothing about DNS and DHCP. Training is a trivial
> > issue. All we have to do is recognize the need and get the appropriate
> > MCSE manuals and tests put together and that will solve itself. The
> > vastly bigger problem is getting over the notion that systems
> engineers do
> > not have a responsibility for the productivity gains (or lack
> there of) of
> > the organizations for whose use we are building these systems.
> This is a
> > childish immaturity of our profession.
> >
> > Things like geographic based OU structures for data are frankly
> worse than
> > stupid. They destroy information value in a massive way. I have very
> > good friends that I have patiently listened to as they defend this crap,
> > and I've just run out of patience with it. It's like arguing about the
> > arrangement of the deck chairs on the Titanic.
> >
> > Sorry for dumping, but we need to step up to the task. Ok,
> I'll be quiet
> > now.
> >
> >
> >
> > -----Original Message-----
> > From: Osborne, Shaun [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, March 13, 2001 2:55 PM
> > To: '[EMAIL PROTECTED]'
> > Subject: RE: [ActiveDir] Reaction to the "Visions from the field" thread
> >
> >
> > Hi folks
> >
> > Craig an interesting discussion below.
> > I am particularly interested in IM and data models which you touch on -
> > if you have any good references on WWW material which expands on these
> > concepts I would appreciate (directly to me or the list).
> >
> > One observation I would make is that the discussion assumes that the
> > MSCE community has skills in the IM/IS/IT planning arena and/or data
> > modelling - I not sure one can assume this.
> >
> > Cheers
> > Shaun
> >
> > -----Original Message-----
> > From: Dupler, Craig [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, 14 March 2001 6:49 AM
> > To: '[EMAIL PROTECTED]'
> > Subject: [ActiveDir] Reaction to the "Visions from the field" thread
> >
> >
> > I mostly just listen to this list. It's one of the better learning
> > sites that I know. The discussions are pretty much noise free.
> >
> > This thread that ended in CJ's "Sammy Setup" comment was cause for a
> > great deal of thought. I have a long standing gripe with the whole MCSE
> > community over the topic of information management, and how we don't do
> > it - even poorly. So here is a thread in which some of the best are
> > agreeing that things like OU planning are going to prevent the casual
> > folks from doing anything useful. It seems like an appropriate place to
> > challenge some established thinking.
> >
> > The general belief among MCSE's is that information management is NOT
> > the responsibility of the MCSE community. Rather, tools like search
> > engines, index servers, and repositories are where that stuff is done,
> > all the while OU plans that define basic storage structures are things
> > that MCSE's should define. This belief is extended to a notion that
> > there should be a layer of independence between systems planning,
> > implementation, and operations, while the data folks to their thing on
> > top of what we provide. But isn't that rather like building libraries
> > complete with stacks, facilities for cataloging, and a location and
> > specification for the front desk, without knowing anything about the
> > service goals of the librarians?
> >
> > It isn't working.
> >
> > About the kindest thing that one can say is that data mismanagement and
> > chaos is just as bad in an NT world as it was in the NetWare and host
> > based worlds that came before. However, given the power of the tools
> > that are now available, that is probably too generous of a synopsis. We
> > need a better plan.
> >
> > Up in the chaos level where the data managers live, things are not much
> > better. They tend to know little about the underlying systems, and they
> > tend to live in a fiction that the basic approach that they have been
> > using is valid. But that is bad science. Generally, if you try
> > something repeatedly (maybe hundreds or even thousands of times) over a
> > 20 year period and you keep getting the same negative results, in most
> > fields the theory gets discarded. The data guys have not done this.
> > They still believe that the problem revolves around meta data, and
> > getting management to get tough with data owners to properly record
> > their meta data and maintain the source data. What a bunch of tripe!
> >
> > I've been studying this problem since sometime around 1987, and have
> > come to some conclusions. One is that the LAN systems engineers need to
> > step up to the plate and do the job. The data guys just don't have the
> > systems expertise that is required. There is a down side to this of
> > course, it means having the systems community get it hands dirty with
> > things that get tainted with stupid politics. But, if the MCSE
> > community does not do this, well then how can we claim not to be "Sammy
> > Setups" ourselves? Hey, it's not my problem . . .
> >
> > Here is the answer. Contrary to what most people believe, libraries do
> > not directly index and store meta-data about information. They use an
> > indirect process. They index and manage the storage space where the
> > data resides, and it is the addressing of the storage space that
> > provides the meta-data, which is then applied to the elements of the
> > collection. A book or a map receives meta data from the storage model,
> > not the other way around. To make this all work in a meaningful way,
> > librarians impose two simple but unwavering rules. First, there are no
> > miscellaneous storage containers. None. Second, the addressing schema
> > is in and of itself a master information schema. They do not use the
> > chaos of ISBN's for example, and assume that people will do massive
> > searches of meta-data indices, which in turn will lead them to materials
> > that are stored at random and labeled with something meaningless like an
> > ISBN. Whether they use Dewey, LC, modified LC, or something else, the
> > data model and the storage addressing system are one and the same thing.
> >
> > This is where the MCSE community is flat out wrong, and needs to start
> > over. We set up systems using arbitrary naming schemas that are created
> > solely for the purpose of sys admin convenience, the we expect people to
> > use search engines to overcome its inherent chaotic nature. Of course
> > it doesn't work. By definition, it can't.
> >
> > So I find these discussions about OU structures in the AD to be somewhat
> > amusing. They are serving the wrong master.
> >
> >
> > -----Original Message-----
> > From: Great Cthulhu [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, March 02, 2001 12:37 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [ActiveDir] Active Directory - Visions from the field
> >
> >
> > You are correct. "Sammy Setup" is not going to be a CD-slinger in the AD
> > world.
> >
> > (:=
> >
> > ----- Original Message -----
> > From: "Peter A. Solomon" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Friday, March 02, 2001 1:49 PM
> > Subject: RE: [ActiveDir] Active Directory - Visions from the field
> >
> >
> > > I can understand that many are converting to 2000 for the stability of
> > the
> > > platform and many are not rushing to embrace AD, but I don't think
> > Microsoft
> > > is giving any choice. Many products like, ISA and Exchange are
> > required to
> > > use AD now. The ones who are not embracing, still don't have a plan.
> > Having
> > > a plan in place today is paramount to converting at a later time. Its
> > the
> > > decisions being made now that will make or break the conversion at a
> > later
> > > date. The intent of this reply in no way is trying to contradict what
> > your
> > > saying, I agree for the most part. I'm just wondering if we have to
> > many
> > > "Technical Experts" around who are missing a very key fundamental
> > > requirement of success, plan, pilot implement. I think 4.0 allowed
> > anyone
> > > to, Insert CD, Pick Defaults and run. I'm also thinking this is what
> > many
> > > executives and mangers think is what's going to happen when the time
> > comes
> > > to convert. Hey, I like the business but I guess what I'm wondering,
> > is
> > this
> > > going to shake out a lot of the "Technical Experts" and people who
> > became
> > > the "Lan Administrator", because they could insert the cd and follow
> > the
> > > wizard. Perhaps the answer is, remove the wizards and make the
> > installations
> > > require some thought? Just posing more on the subject.
> > >
> > > Pete
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]On Behalf Of Great Cthulhu
> > > Jones
> > > Sent: Wednesday, February 28, 2001 11:09 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: RE: [ActiveDir] Active Directory - Visions from the field
> > >
> > >
> > > Many are converting to Windows 2000 for the stability of the platform.
> > Few
> > > are rushing to embrace Active Directory. Some of the best successes
> > are
> > > single-server shops where it's hard to mess things up as deeply and
> > > profoundly as you could with two or more servers in the mix.
> > >
> > > (:=
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]On Behalf Of Peter A.
> > Solomon
> > > Sent: Wednesday, February 28, 2001 7:29 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: [ActiveDir] Active Directory - Visions from the field
> > >
> > >
> > > Hello,
> > > I just joined the list, so I will start with saying hello. The reason
> > for
> > > the post is I am curious what others are seeing in the field as far as
> > > planning, and design. I'm getting the overall feeling for small to
> > mid-size
> > > companies that they are avoiding the AD concept as long as they can.
> > The
> > > majority of clients I have been seen are all talking about active
> > directory
> > > but when the topic of really converting to it comes up, they run for
> > the
> > > hills. I've also seen a number of sloppy attempts at planning for AD.
> > I
> > > think one of the bigger misconceptions in the field is that AD
> > planning
> > > doesn't have to be taken as seriously as touted.
> > > With NT 4.0, it was told that you must plan your domain's. The single,
> > > master, muli-master and complete trust was always a favorite interview
> > > question, right up there with what are the seven layers of the ISO
> > model.
> > > With Windows NT 4.0 you could do a poor job of planning a domain, and
> > many
> > > people got by with their mess. Many of these same companies are still
> > in
> > > that mess and if they were to start migrating today, it would be a
> > disaster.
> > > I also see the "Yes Active Directory, Its Great!, Blah Blah Blah".
> > When
> > the
> > > topic of planning and steps taken comes up, I get a half baked answer
> > and
> > > they change the subject, "Look A Moose!" Then in the next couple of
> > breaths,
> > > "Were going to Exchange 2000, were planning it now, its going to be
> > great.
> > > >From my experience of seeing half a** attempts at 4.0 domains, I can
> > just
> > > imagine what its going to look like with Active directory.
> > > Perhaps this is just what I'm seeing, I would like to see what others
> > see.
> > > With all the hype removed, what are others honest opinion on where the
> > AD
> > > conversions are going and what the average domain looks like.
> > >
> > > Pete Solomon
> > >
> > > List info: http://www.activedir.org/mail_list.htm
> > > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> > >
> > > List info: http://www.activedir.org/mail_list.htm
> > > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> > >
> > > List info: http://www.activedir.org/mail_list.htm
> > > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> > >
> >
> > List info: http://www.activedir.org/mail_list.htm
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> > List info: http://www.activedir.org/mail_list.htm
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> > List info: http://www.activedir.org/mail_list.htm
> > List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
> List info: http://www.activedir.org/mail_list.htm
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
> List info: http://www.activedir.org/mail_list.htm
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
> List info: http://www.activedir.org/mail_list.htm
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
List info: http://www.activedir.org/mail_list.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
