Mere words can't describe Brett, seeing him and joe go at it was not to be missed. His stuff last year on ESE was amazing and even the uber-experts were shaking their heads so I didn't feel so bad. Until I saw him last year, to me, he was just a mythical creature on activdir AKA "Building #7 Garage Door Operator" who wrote many of the moving parts of AD for like 5+ years before moving over to ESE. It was storied that they never let him off campus. When I first heard joe say something like, "I don't understand a lot of what he says but I always listen and try to" I was a little skeptical , but I started trying to follow what he wrote on activdir and made sure to listen to him last year. Scary smart indeed. Of similar caliber is ~Eric Fleishman but I thought I heard he moved on to a different world. I have not had the opportunity to hear Ross Smith, I will have to make a point of that.
Oh and don't sell yourself short, I would hardly call what I have seen of your work "filler". You are too modest J Here's part of a funny bit I saved from Brett from a few years ago when they were talking about theoretical limits of AD/ESE- "Anyway along time ago we (some AD people) went through all the various aspects, issues, etc and we came up with "the safe value", that special value we wanted to claim / support ... and we started saying 1 billion was the official limit. I updated the wikipedia topic on it awhile back. The issue joe mentioned with the # of pages in an ESE database being 2^31 ... I like to state it as: "Jordie (my pseudonym for a paticularly talented developer) took away the high bit before he moved off the ESE team, and won't give it back.". <g> That is the funny way to say, paranoia drove one of us to cap it to explicitly positive page numbers. Given that the file system is limited to 16 TBs for a single file for some paticular (?default? 4k? max?) "allocation size", I don't really see this being fixed anytime soon... My confidence ranges from 53% to 72% for all the above info ... I don't give a confidence of more than 80% to anything I didn't personally verify in code, and never a confidence of over 90% that I didn't personally test that the code worked like it looked ... that is experience talking. Confidences of 53% to 72% probably means talented and smart / non-blowheart types told me this information. *Cough* ... for the realists ... I've heard of two production ADs in excess of 50 M (less than 100 M though), and have seen 46, 85 and 100 M object test DITs. I've never seen an AD database in excess of 100 GBs in size. Basically, I'm neither worried about the # of objects nor the database size of AD databases, as clearly people haven't even gotten to an order of magnitude of the theoretical limits, and we've still tested higher than production deployments I've heard of / seen. 3 - 5 M is common for e-commerce directories. While thoretically we could give ~2/7ths of the world an account in a single AD database, that is not practical, limitations on backup/restore time, SLAs, amount of query load per server, will likely cause one to scale out and _probably_ partition (via NCs replicated to only some ADAM instances) before going to billion area scales. Management of database size on these scales is non-trivial, and drives the real per server #'s of objects / database sizes one should support down below 1 billion. Even e-commece doesn't care about these kind of numbers, because if you look at the income of the 1 billionth richest person in the world, you'll probably realize she/he is not worth selling to. Only hippies and the U.N. care about going above 1 billion accounts." From: Michael B. Smith [mailto:[email protected]] Sent: Friday, April 16, 2010 2:34 PM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret And...on the AD/Exchange side of the fence, you should DEFINITELY hear Brett Shirley talk - he is one of the lead developers for ESE (the database platform on which Exchange and AD are based - he's scary smart). I'm going to lock him into a room in LA and MAKE him give me some code this year he promised me last year. J For Exchange, you gotta see Ross Smith, IV (one of the absolute best Exchange people I've ever met) and Dmitri Gavrilov (who used to be on the AD team and is now on the Exchange team and can explain DSAccess/ADProxy so that it actually makes sense). (Not to mention me, Ilse, Scott, Nicolas, David, Juergen, etc. etc. - but compared to the headliners, we are just filler.) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Free, Bob [mailto:[email protected]] Sent: Friday, April 16, 2010 5:19 PM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret I would be remiss if I didn't mention to check out Brian Desmond's presentations, I think he has at least 3. He is also totally top-notch. From: Tim Evans [mailto:[email protected]] Sent: Friday, April 16, 2010 10:24 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret And it is because of your comments (and Joe Richards') about TEC that I decided it give it a try. So, if I don't learn anything there, it must be your fault :-) ...Tim From: Michael B. Smith [mailto:[email protected]] Sent: Friday, April 16, 2010 10:07 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret And I will say that I personally find TEC more valuable than TechEd. Lots of very smart people willing to sit down with a beer and answer questions for you. No 100/200 level presentations. 350/400. Great stuff. I've known Bob for probably 10 years now on this mailing list. First met him physically at TEC (it was DEC - Directory Experts Conference then). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Michael B. Smith [mailto:[email protected]] Sent: Friday, April 16, 2010 1:02 PM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret The Experts Conference. They have AD, IdM, Exchange, and SharePoint tracks. www.tec2010.com Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Steve Ens [mailto:[email protected]] Sent: Friday, April 16, 2010 1:00 PM To: NT System Admin Issues Subject: Re: Security - Marc Maiffret What is this TEC everyone is speaking about? June always is not a good time for me for Tech Ed, an April or May conference would be preferrable. On Fri, Apr 16, 2010 at 11:55 AM, Tim Evans <[email protected]> wrote: Cool! I'm looking forward to your workshop and meeting you guys. This will be my first TEC. I'm doing it this year instead of Tech Ed. ...Tim From: Michael B. Smith [mailto:[email protected]] Sent: Friday, April 16, 2010 9:06 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret /waves back....glad you got approved to go! I've finished my presentation slides and am madly working to get my pre-conference workshop material done... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com <http://theessentialexchange.com/> From: Free, Bob [mailto:[email protected]] Sent: Friday, April 16, 2010 11:59 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret Yes, he has for a number of years. It was really ironic that my manager and I were chatting about him Wed night as his firm was doing some work with our infosec team because she knew he and I used to keep in contact, then this article hit the newsfeeds the next day. Maybe more eerily coincidental J He and I chatted a little yesterday and I hope to meet up with him when I'm down there at the end of the month for TEC. /waves at MBS- See you the 25th From: Steve Ens [mailto:[email protected]] Sent: Friday, April 16, 2010 8:27 AM To: NT System Admin Issues Subject: Security - Marc Maiffret http://news.cnet.com/8301-27080_3-20002317-245.html Doesn't Marc post here from time to time? Good interview. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
