The alarmingly worse permutation is when step 3 is replaced by a manager who has politically mandated bundles of access and has "32 bit systems for 16 bit experts" or "Windows 2000 for NT4 Admins" on his desk or some similar volume. At least the low-level analyst will usually follow the direction somewhat. The manager will base his own permutation of the directions on his years of experience in the field.
Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, September 23, 2005 12:17 PM To: [email protected] Subject: RE: [ActiveDir] SBS migration (was SBS Server Question) It is about scale, mom. I expect if you got pulled into a project to deploy 500 or even 50 SBS servers in a month or so you would be like, holy shit, these wizards are NOT going to cut it one bit... I need an automated installation process. That is how the guys in big server land do it, or at least if they are interested in consistent timely installations. In a medium to large Org you can't trust every single person who could possibly stage a server (some people probably call it load or build) to do it exactly the same way twice unless you are really watching quality control. I am sad to say that most companies do not do that quality control check so they either use automated processes or have wildly divergent configurations and are absolutely shocked when two servers with completely different configurations do not operate in the same way. At the widget factory I worked for for 10 or so years, I could be relatively sure that if 10 people built a server using the control file I created for the build process coupled with the CD or network share I specified the servers would all turn out the same. I couldn't be completely sure because if they modified the control file or logged on after the fact and started to monkey around it could be different. That is why every server that I truly cared about, I or someone I trusted implicitely, inserted the build floppy and kicked off the automated process. Anything not built by one of my "trusted" realm folks but built by someone we had some level of confidence in went through a very extensive "review" prior to our use. We didn't use any machines not built by the trusted realm or the "some level of confidence" realm. We would rebuild them. A complete end to end rebuild would take less than an hour including putting all of our custom apps, etc in place. That is the other reason besides consistency to do it, efficiency and speed. In big server land the general process is this. 1. Some engineer figures the process for something out. 2. Some documentation person tries to document it. 3. Some low level analyst tries to use what was documented. 4. Things blow up, especially as scale goes up. 5. Some high level bright engineer gets called off of some fun project to figure out why some server/application isn't operating properly. 6. Engineer assumes low level analyst was recently hired away from the city zoo due to capability to throw feces alarmingly well for low wages, later realizes that the documentation doesn't match the original engineering process which was also wrong in the first place. 7. Bright high level engineer bangs head into desk for several hours and then finally breaks down and redesigns entire process and documents it so there is no misunderstanding. 8. Engineer then gets beaten up because they know tech better than they know documentation procedures and communication and most especially how to be politically correct when saying "then the monkey should type the following command...". 9. Engineer says screw this and automates the entire process so documentation is less than 5 lines long and is even able to be written in notepad or vi. 10. Low level analysts no longer have a requirement to be able to read, breathing and capability to insert floppy into server is finally sufficient which is actually what they could do versus what was on their resume. 11. Things work well for a while. 12. Management thinks that things always just work well because they don't hear any issues and that is what XYZ vendor told them it would be like anyway so they start wondering why they pay the bright high level engineer so much when they could get 20 low level analysts in his/her place. 13. Eventually circumstanced change so processes need to change and no one knows how to figure it out so things break and the 20 new analysts churp and hoot and screech and throw feces at the managers and the managers tell their execs that Microsoft products suck. Anyway, computers don't involve religion darn it. Stop saying that. They are simply tools to help us get through the day in a semi-efficient way. Not that I don't believe in something when working on them, generally I believe it is time for lunch or time to go out for a beer or both. :o) joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley Sent: Friday, September 23, 2005 1:01 AM To: [email protected] Subject: Re: [ActiveDir] SBS migration (was SBS Server Question) Trust me... it's a religious thing :-) Those of us that have the religion of SBS don't see a problem with the wizards .:-) We're looking to start a support group for former Enterprise Admins who are now SBSers <http://msmvps.com/bradley/archive/2005/07/27/59808.aspx> http://msmvps.com/bradley/archive/2005/07/27/59808.aspx I'll be honest with you ... the first time I set up 'normal' server and 'normal' exchange I was extremely surprised how much manual stuff you guys do in big server land. Forestprep and all that. The next thing I was absolutely flabergasted about was how they trust you on the number of cals. 'You just stick in a number there? And they trust you to be honest? Wow." Blew me away. Actually it's near impossible to get WSS [sharepoint] on a same box as Exchange anyway. There are a couple of folks that tried and finally gave up. Roger Seielstad wrote: >Actually, I don't think it's a religious issue. The problem with SBS is >that its not really the amalgam of Microsoft technologies that it's >billed as, and as such you can't administer it as you would with all >the same apps in a non-SBS implementation. > >It's a neat package overall, but the requirement to do the wizard thing >makes it hard for people like us to deal with it.. > > >-------- >Roger Seielstad >E-mail Geek >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of Michael B. >Smith >Sent: Thursday, September 22, 2005 1:06 PM >To: [email protected] >Subject: RE: [ActiveDir] SBS migration (was SBS Server Question) > >And that is a real difficulty. > >The wizards should integrate seamlessly. Or the other tools should >integrate seamlessly. Take your pick. > >I've got a couple of hundred client companies, probably 3 or 4 use SBS. >I HATE touching the SBS clients because it's a fair bet there is a >wizard for something that I'm not going to use a wizard for, because I >can use one of my scripts or a native tool and do it quicker. (You can >argue that someone that knows the wizards can do it more quickly with >them -- and that's fine -- but I don't, and shouldn't have to.) > >It's a religious issue. > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, >CPA aka Ebitz - SBS Rocks [MVP] >Sent: Thursday, September 22, 2005 12:19 PM >To: [email protected] >Subject: Re: [ActiveDir] SBS migration (was SBS Server Question) > >Difficulty? > ><cough cough> > >What difficulty? [please feel free to take this offline] the only >difficult issues we have in SBSland is cleaning up the messes from >folks that don't follow the wizards.... > >[EMAIL PROTECTED] wrote: > > > >>Thanks! This must be SBS Week. Was at a user's group meeting last >> >> >night and the topic came up again. (Main topic was R2) Sounds like >Microsoft is getting the message about the difficulty of working with SBS. > > >>Al Maurer >>Service Manager, Naming and Authentication Services IT | Information >>Technology Agilent Technologies >>(719) 590-2639; Telnet 590-2639 >>http://activedirectory.it.agilent.com >>---------------------------------------------- >>"Cry 'Havoc!' and let slip the dogs of war" - Anthony, in Julius >> >> >Caesar III i. > > >>-----Original Message----- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of Susan >>Bradley, >> >> > > > >>CPA aka Ebitz - SBS Rocks [MVP] >>Sent: Tuesday, September 20, 2005 1:57 PM >>To: [email protected] >>Subject: Re: [ActiveDir] SBS migration (was SBS Server Question) >> >>Transition pack or www.sbsmigration.com >> >>Transition pack is the best way however lets you keep the Remote web >>workplace and monitoring email even after you break away from SBSland. >> >>[EMAIL PROTECTED] wrote: >> >> >> >> >> >>>OK, since the topic came up: I'm trying to figure out how to migrate >>> >>> >off SBS2003. > > >>>Scenario is a recent acquisition where we want to migrate from >>>company >>> >>> >SBS to corporate AD (standard 2003 domain). Trusts are out. Hack is >both dangerous and illegal. > > >>>MS offers a Transition Pack (for a cost) to upgrade the SBS2003 to >>> >>> >normal AD. Is there any other way? LDIF export? > > >>>Thanks, >>>AL >>> >>>Al Maurer >>>Service Manager, Naming and Authentication Services IT | Information >>>Technology Agilent Technologies >>>(719) 590-2639; Telnet 590-2639 >>>http://activedirectory.it.agilent.com >>>---------------------------------------------- >>>"Cry 'Havoc!' and let slip the dogs of war" - Anthony, in Julius >>> >>> >Caesar III i. > > >>>-----Original Message----- >>>From: [EMAIL PROTECTED] >>>[mailto:[EMAIL PROTECTED] On Behalf Of Susan >>>Bradley, CPA aka Ebitz - SBS Rocks [MVP] >>>Sent: Wednesday, September 14, 2005 12:06 PM >>>To: [email protected] >>>Subject: Re: [ActiveDir] SBS Server Question >>> >>>Nope. No trusts, no forests. We're the spoiled only PDC that must >>>hold all the FSMO roles. We can do some funky stuff with pass >>>through >>> >>> > > > >>>authentication, but no trusts. >>> >>>US versus THEM: >>>http://www.sbslinks.com/Us_v_them.htm >>> >>>In SBS 2000/2003 the 'correct' terminology is Yes, an 'additional >>>domain controller' is supported and not calling it a BDC. >>> >>>Member servers are covered by the SBS cals but last I read in the PUR >>>the additional DC would need server cals. [that's my interpretation >>>anyway but I get a headache reading that doc in the first place] >>> >>>Honestly ...keep in mind that with XPs, they will used cached >>>credentials and you can log into that profile even if the network is >>>down. Now comes the fun... who's doing the DHCP? The recommended way >>>is to have the SBS box to do that...so you still have fun. If the >>>SBS >>> >>> > > > >>>box goes down, I normally have ways around the temporarily failure >>>[and even then I can count on one hand the time my network has been >>> >>> >affected.... > > >>>power mostly, then NICs, then switches, and one harddrive falling off >>>a RAID. Get good equipment [and honestly either reinstall those OEMs >>>and stay away from those preinstalled versions] and we do just fine. >>> >>> >>> >>>Medeiros, Jose wrote: >>> >>> >>> >>> >>> >>> >>> >>>>Hi Susan, >>>> >>>>Since we have an SBS MVP on the Active Dir list, let me ask a >>>> >>>> >question. > > >>>>Can I now make an SBS 2003 server a child domain in an AD 2003 >>>> >>>> >forest? > > >>>>Before you ask why, some one asked me this recently at a Linux users >>>> >>>> >group meeting, as his company has several remote offices using SBS 2003. > > >>>>Also on SBS 4.5, one could have a BDC as a backup, can this also be >>>> >>>> >done with a DC or are you " Sh.T out of luck " when a box fails? > > >>>>Jose >>>> >>>> >>>>List info : http://www.activedir.org/List.aspx >>>>List FAQ : http://www.activedir.org/ListFAQ.aspx >>>>List archive: >>>>http://www.mail-archive.com/activedir%40mail.activedir.org/ >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >>> >>> >> >> >> >> > >-- >Letting your vendors set your risk analysis these days? >http://www.threatcode.com > >List info : http://www.activedir.org/List.aspx >List FAQ : http://www.activedir.org/ListFAQ.aspx >List archive: >http://www.mail-archive.com/activedir%40mail.activedir.org/ >List info : http://www.activedir.org/List.aspx >List FAQ : http://www.activedir.org/ListFAQ.aspx >List archive: >http://www.mail-archive.com/activedir%40mail.activedir.org/ > >List info : http://www.activedir.org/List.aspx >List FAQ : http://www.activedir.org/ListFAQ.aspx >List archive: >http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
