|
Longhorn Server is the interim version of Blackcomb Server.
We didn't discuss any interim versions of the workstation OS Pre-Longhorn (aka
Shorthorn, Shoehorn, etc).
I think it is has only been since last November or so that
the idea that we were going to have Longhorn server came about. Since we just
got Windows Server 2003 I don't think there is any push to have a server version
even sooner than Longhorn.
-------------
http://www.joeware.net (download joeware)
http://www.cafeshops.com/joewarenet (wear joeware)
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bernard, Aric Sent: Sunday, March 28, 2004 12:44 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DEC Chatter - Was something else... Seems that there was a
little talk about Longhorn. Was anything said about an interim version of
Windows before Longhorn? i.e. Windows
2005..6..7… From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of joe DEC was indeed cool. I
am not under NDA for it that I am aware of. In fact I would expect Gil would
like to hear people chattering about the conference as it will drive more people
to it. And again, I don't do many conferences but this one is exceptionally good
in terms of anything I have been to. I heard a lot of chattering along the same
lines and that it was especially considerably better than the big MS conferences
that focus on all MS techs instead of just AD. So instead of AD being one topic
of hundreds it is THE topic. And honestly, this deserves to be THE topic. Why?
Because AD is the corner stone of your security if you are using it for your
authentication/authorization. So why specifically was
DEC cool? First and foremost, I met a lot of people in person that I had
previously chatted in email and newsgroups with. That was very nice. Now
everyone knows what I look like and probably wonder how a guy 5' 2" and 105 lbs
like me can be so wicked and opinionated in email yet not utter a peep in
person. Some of the folks I met from this list are Gil Kirkpatrick, Guido "The
Killer UG Pimp", Robbie Allen, Todd Myrick, Hunter Coleman, Stuart Fuller, Alan
Isham and several others. Also got a chance to talk to and more importantly
listen to some of the MS folks such as Stuart Kwan, Paul Rich, Andreas
Luther, Sanjay Tandon, Robert DeLuca, and others. This face to face
chatter is invaluable. There was one cool
session where there were three teams broken out to solve three AD issues. These
were some evil little issues Gil dreamt up to see if people could work through
them. Simple configuration issues gone bad. I sat and watched Stuart lead a team
working on one of the problems. It was entertaining. I didn't sign up as I
didn't think solving a problem would be that much fun, heck I do that every day
at work, why go to a conference and do it in the evening, especially while
drinking... I was wrong however, it ended up being great fun. Interesting
watching different people troubleshoot issues. The presentations were
generally quite informative. Alan Isham had a great presentation on object
lifetimes. This is a topic that everyone really needs to start paying attention
to. A lot of folks are finishing up the get your ass into AD stage. Now they
need to get AD cleaned up. It brought up for myself and my manager (who was also
there) the whole idea of really having to have a known defined owner for
EVERY object in AD and if we don't know who it is, it is us. This is not what we
liked to think previously but I think we don't really have a choice in the
matter because the clutter mostly impacts us. The other Intel
presentation (by John Dunlop I think - don't have my DEC cheat book here with
me) was about using Virtual Server for restoring a forest. It was interesting as
it was very close to what we have been looking at and I have previously
discussed here on the list. Glad to see someone else thinking that way which
lends credence to our thoughts and direction. They had an interesting twist for
getting all of the DCs at all of the sites back up and running quickly via
spinning up a backup VS DC on every machine and then slowly going through
rebuilding back to the original physical setup. Overall there was a considerable
amount of talk about DR and lag/hot sites and data restoration. It seems to be a
big topic on everyone's mind. There was a
presentation by the US Army which basically made me glad I wasn't trying to
deploy in that environment. I thought my environment was big and complex and
politically charged and underfunded... At least my people are mostly not
carrying weapons. There was a
presentation by Wook Lee from HP (the Compaq side originally) which I can only
say was... well you had to be there. Let's just say he wore a faux Forest Ranger
hat and had Smokey the Bear slides and Burma Shave jingles. If that doesn't
entice you into wanting to see his presentation, well you are just not alive I
guess. :op I also spoke with Wook Sunday night at the reception for
an hour or so and that was also quite entertaining and informative. Wook has
seen some issues that I wouldn't ever want to see. One of the side benefits of
fully deploying beta and RC code is what I would call it.
Guido had a good
presentation on forest trust stuff. Had a couple of DLG vs UG jabs in there for
me which I appreciated. Several folks recognized them as such as well. It is all
in good fun and keeps life interesting. :op He ended up using a joeware tool
(sectok) in one of the slides to illustrate something so that was good too...
push the use of joeware for effective admining and information discovery.
:o) It was interesting to
hear from Andreas concerning the direction of MIIS. Apparently it is being
driven towards being your one stop provisioning system. Sounds like AutoGroup is
going to be completely bundled into that versus off on its own. AutoGroup, if
you are unaware, is the AutoDL replacement that handled security/dl group
memberships with subscriptions and such. I think it was pretty clear from
several people I was talking to that group management is also on the minds of
many people. One point on that that I found interesting was the idea that
several folks seemed to be using 80/20 rules for assigning group memberships by
departments or roles... i.e. if 80%+ of the folks needed, everyone in that dept
or role got it... That flies in the face of my least privilege mantra I repeat
100 times every night before going to sleep. I think that may be one of the
other issues with Role based security. The first major one using a one role one
group mentality and assigning perms to that group all over the place versus the
resource based security ideology of having one group for each resource and then
assigning people or role groups to the resource permission groups. I am much
more into wanting the nesting than having a group and wondering where all the
places I (or anyone else in the company) assigned perms to it.
Stuart's information in
the keynote and a couple of points through the conference were especially
interesting concerning possible enhancements in Longhorn Server. I hope to hear
more at the So some of the items
are 1. Caching Domain
Controllers - basically a DC that did credential caching for a site. It didn't
cache admin password info so it couldn't be compromised and used to gain access
back into the forest. I liked this idea and asked that it not just work for a
single domain, but any domain in the forest. 2. Multiple domain
hosting from a single DC. 3. Ability to
stop/start Active Directory on the fly as a normal
service. 4. Domain Controllers
not being dependent upon NTFRS. 6. Logging for
directory changes in general, not changes on specific DCs.
7. Ability to have
multiple password/lockout/complexity policies per
domain 8. Role based security
built into the product 9. Better Undelete/Undo
functionality 10. Increased ease of
use for authentication/authorization of non-MS OSs 11. Simple setup WAN
site DCs... I.E. Not the normal DC build process, sort of like easy bake
DCs. 12. Allowing people to
admin hardware/OS without being able to touch AD. Ok those are the ones I
remember and actually they may be warped so I really hope Gil posts the real
list. Also I would hope he posts the results from the conference as I think that
would also be good for everyone to see. Again, overall, it was
a really good conference. Its good to get people together talking like that. I
had great fun and I can't recall how many times I heard "Oh, you are THAT joe"
which made me generally ask, is that a good thing or a bad thing? It always
seemed to be a good thing and overall people seemed to indicate that I was
helpful to them which made me happy. Gil was talking to me
about presenting at a future DEC. I have no clue what I would present,
anyone have ideas on things they would like to hear out of me in that forum?
About the only thing I can think of would be to sit there responding to
ActiveDir Org posts in front of everyone and discuss my thoughts while
responding. My recommendations for
future DECs were to have it someplace warm in the cold months (D.C. was kind of
on the cool side), white boards in conference rooms for ad hoc chat sessions,
keep the bars open all night (at least a cooler with beer) in the conference
rooms so people didn't have to go find other bars and disturb the conversations,
keep everything at very technical level. Oh yeah, there was one
big huge issue with the DEC... I didn't see one single rubber chicken.
joe ------------- http://www.joeware.net (download
joeware) http://www.cafeshops.com/joewarenet (wear
joeware) From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Rick
Kingslan "BTW, if you didn't go
to the Directory Experts Conference, you missed a good time. NetPro did a good
job and there was a lot of good discussions. Plus some of the stuff Stuart was
talking about was pretty darn cool. " Firstly, just rub it
in..... Secondly, are you under NDA? Cut loose with some specifics,
man! Rick
Kingslan MCSE, MCSA, MCT, CISSP |
- RE: [ActiveDir] DEC Chatter - Was something else... Bernard, Aric
