Mark's profileIn-Cider KnowledgePhotosBlogListsMore  |  Tools Help |
|
|
November 11 The Measure of ChangeI previously mentioned that Change Management was a part of ITIL, and one of the major areas for me as someone who makes more and greater changes to the setup and application layer of the University Managed Desktop at the University of Edinburgh than anyone else.
A lot of the learning process from being on the course is that the organisation is putting a lot more thought into how we have a process for this change management, especially bringing in ideas from ITIL such as forward schedules of change, a change advisory board and documented processes. I'm glad of this, as this has been something I have pushed for. Up until now, what has happened is that I tended to be the arbiter of these changes, and I went through my own (documented) process of change and announcement.
One thing that has fascinated me about this is that this is another area where ITIL suggests these processes get setup but does not prescribe what that process should look like. This is the way it should be, obviously, because each organisation is different. If you talk about application support and managed desktops, a common method in Universities is to only make major changes to the core set of applications once a year. A good example of this that I have mentioned in this blog is the situation with Firefox, where we only change a major supported version (eg. 1.0, 1.5, 2.0 or soon, 3.0) once a year, during the so-called quieter summer months. Then through the year, as patches are released, they are tested and then deployed. However, in other organisations things are quite different. I know a common methodology in some major banks is to have quarterly releases of the desktop, and have very little change inbetween each update. I have to say, I am growing to like this idea more and more - you release a desktop, rebuild everyone's machine to the new version and then for 3 months you can develop and extensively test the next iteration and release it. Arguably, it couldn't work in a University environment, but with Universities now having more and more going on during the summer, maybe the one-update-a-year idea is growing old.
But that's for the Change Advisory Board to decide! September 22 Speaking IT Common SenseOne thing that I think will be pretty big over the next year is ITIL. ITIL has been around for the best part of 10 years, so why big in the next year? Simply, people have been waiting for ITIL version 3, years in composition, to be released.
I have mentioned ITIL a couple of times before on this blog, most recently after I attended an "ITIL Foundation" course earlier this summer and posted some thoughts here. I talked about it then as "documented common sense", and probably didn't make the best case for people attending the course! However, time has effected my opinion of this course. I have to admit, when I was on the course and then after it just finished, I saw ITIL almost like an extra few boxes to tick when starting a new service. Actually, the opposite has happened: because the processes, practices and framework in ITIL make so much sense, when you see services (either new or ones that have existed for some time) in your organisation and you see they don't have a change management process, for example, it seems like a whacking great big hole in the quality of that service. If they are services that you are involved with, it gives you the momentum to fix this big hole in the service. This has happened to me, where with one major service I am heavily involved with and that effects pretty much every student and member of staff at the University, I now feel the communication of changes within the service is too weak, and as such I am looking into how to radically overhaul it. It might seem strange but without the ITIL course, I doubt I would have seen this. It effectively gave me the ability to properly stand back from a service and see it objectively.
However, there is something even more significant. I have found a remarkable thing when talking to others who have been on the course, especially in meetings: the language. When you are talking to other people who have been on the course, the language is now interspersed with vocabulary we picked up on the ITIL course. So, we talk about things like "incident management" and "change management" and both know what we mean by this. This is a massive boon because it means we know exactly what we are talking about when improving services and get on with actually improving services. The vocabulary is also important because to me, the term "change management" is now native, understandable, but to someone who hasn't been on the course, its confusing and scary (eg. they think: the "management" part means filling in forms and making everything slower and is nothing more than a hassle and "change" is never a good thing). This is one of the key reasons that organisations need a good strategy for ITIL adoption. It needs to be part of a multi-year strategy of adoption and you need to get a good set of people onto a Foundation course. These MUST NOT only be from Management layers, because you are dealing with services and many of these services can only be helped by having people onside on the "front line". Get a few up further than this and they can teach the rest - at least the basics, the framework and the language!
The reason organisations are looking towards ITIL now is that Version 3 has taken some time to come out, finally coming out early this summer. However, it doesn't take away from probably the biggest reason many organisations will be looking into it: it works. This is not a management fad. It has a long standing reputation worldwide. The other big reason is that a few years ago, many companies suddenly had IT Governance slammed into them thanks to Sarbanes-Oxley (SOX) and ITIL is seen to be a major way to both enforce the practices and processes as required by SOX, whilst adding the extra benefit of making for a generally more high-quality service. IT Governance isn't going to go away, so its best that companies use the right framework.
Now, all I need, is a ITILv2 Foundation to ITILv3 bridging course... June 16 All Your Base Are Belong To GoogleTrinity College Dublin announced at the start of this week that they are switching their email to Google's GMail. This is a really interesting development. Not new, mind - Microsoft have offered a similar service called "Windows Live@Edu" for over a year, and its been really effective (the one University I know has made quite a big success out of it is Glasgow Caledonian University).
I'm an IT Services person, so naturally, I'd be against this sort of out-source, right? Not really. I can see big challenges, big issues to deal with, but as a solution, it really works - especially, as is the case with Windows Live @ Edu, and Google's offering, called "Google Apps Education Edition", you can carry on using your *.ac.uk address (or *.edu for those Americans reading, etc etc). For life. From a hardnosed University point of view, the most important advantage of this deal is simply, money. Both Microsoft and Google's offerings include email with large capacity, calendaring, instant messaging and more. Google's even offers their online Office tools like a word processor and spreadsheet (although, I have to point out, I think they are absolutely dreadful - don't cancel that Microsoft Office contract just yet...). Talking money, to offer the same sort of features would EASILY cost a big University a 7-figure sum, and probably a 6-figure sum per year to maintain. That's a lot of saved money. It also frees up a lot of resource - it would free up quite a few people who could then be assigned to another job.
It has considerable disadvantages as well. My first concern is that this sort of service seems incredibly difficult to get out of. I just had a look around my Gmail account and simply cannot find a way of exporting all my mail, short of a POP3 download of them all. I could think of a way of downloading to a dummy POP3 account which then exports the data in a format that allows you to upload to your new service, but its difficult, full of issues and frankly, not an ideal solution. Then there are all the people who use it as alumni. If, for example, you are using Google's offering, and you cancel the account with them to go to a new service (either in-house or outsourced), will they destroy all those alumni accounts? If so, you need to know everyone who uses the account to then offer them this new service later. An administrative nightmare. Also, outsourcing email and the like is a bit like letting the genie out of the lamp - its damned difficult to get the thing back in there again! Decide to pull your email back in-house is a costly business, probably more than you saved. That is if you can even get the resources - the money saved by the outsource is usually not available because, as per usual, its been "reallocated"! This could be a major issue if your service supplier later decides to change the terms of the contract. For many Universities, this final point, the uncertainty of the intentions of these massive companies who exist to make lots and lots of profit, is major.
Those are really just IT resource and financial issues. There is one major issue over and above all this: your students and staff might well not appreciate having their online identity sold onto Google, Microsoft or the sort. Let's be clear: Microsoft and Google both routinely disrespect your privacy. They make money from their data they store on you. A recent report from Privacy International exposed this, so much so that Google took the "trapped animal" response and tried to besmirched the considerable and well earned reputation of PI. One Google response by Google blogger Matt Cutts is unintentionally hilarious, but telling: they think exploiting user details for 18 months at a time before deleting their logs is taking "privacy very seriously", whereas I think it mean they don't give a flying damn about privacy. However, with the fact that most students have hotmail and gmail accounts anyway and therefore are giving these organisations this information, does it matter if Universities also give Google or Microsoft this data?
Ultimately, practical and risk point of view, I still think there are a number of advantages to an in-house email and groupware service which make it preferable to outsourcing the service. However, with Universities never having enough funding, the financial pull of these deals are incredible. For many Universities, too much to resist. For those who keep the service in-house, offering comparable or better groupware functionality is now tantamount - a race against time, a race which if lost will cause the who service to be outsourced. June 05 Or Is It..?My previous post rang the obituary of Firefox 1.5. Only a couple of days later, reknowned security researcher, Michal Zalewski, exposed them to the Full Disclosure mailing list.
Now, I wont go into whether or not I think the way he discloses these is good practise or not, but it certainly leaves an interesting dilemma. As I've pointed out on this blog in the last post, for a lot of academic institutions it is necessary to support a single major version of many products for the entire academic session. For Firefox, this year, 07/08, it was 1.5, and the hope has been that Firefox 1.5 will last just this one last month. This security issue could throw an almighty spanner in the works for those who haven't completed their testing.
There is a silver lining, I noted: A 1.5.0.13 update on Mozilla's FTP site?
May 31 Firefox 1.5 - Now REALLY deadWell, Mozilla have finally gotten round to releasing the latest patch for their browser: 1.5.0.12 for those running Firefox 1.5 and 2.0.0.4 for those running Firefox 2. The significant point is, this is the very last security patch for Firefox 1.5.
In a way, I'm going to miss the plucky little 1.5. I was so disappointed with the scope of Firefox 2.0. I couldn't see that it added anything particularly interesting that would affect my everyday browsing, and also managed to break a whole bunch of extensions!
From a point of view of deployment in educational institutions, the extra month they added onto the support of the 1.5 version of the browser, which I mentioned here, was much appreciated. June is when the real updates for 07/08 start and it allows you to put in a nice and fresh 2.0.0.4 onto your desktops or into your deployment images. And then quietly warn user support that they will suddenly get lots of calls from annoyed users whose extensions no longer work... May 20 ITIL: IT Services meets Common SenseLast week I got the chance to study for my ITIL Foundation certificate. For those who haven't examined ITIL, it is a framework for best practise in IT Services - not solutions for IT Services, but practises. I have heard ITIL described as nothing more than "documented common sense".
Everyone in IT Services uses common sense, so its surely pretty pointless? You'd think that, but the truth is IT Services is incredibly lacking in common sense. One of the fascinating things about this course was at the start you are pretty cynical about it, and look at some of the examples, some of the explanations as "that doesn't really count for us, because we do things differently here". As the course carried on, this started to changed to being more, "I can understand why they are saying that, it does seem better that way" and as you thought more and more about it, it became "hang on, why the hell don't we do it like that?".
It is because of this, that in order to bring in ITIL practises in an organisation, you need to get buy in from a lot of staff and not just managers. A big reason for this is, simply, ITIL could make IT Services basically more boring, because there is better incident management, more control of change management, more documentation. It alters the culture of IT Services.
One of the most interesting areas I found was Change Management. Users know exactly how bad many in IT Services are at this. They are using their computer one day, happy, turn it off and then switch it off. They turn it on the next morning and a message comes up as Windows boots that something or other is installing. They log in and a message comes up and every time they run a program an error comes up. They and a hundred others phone support, who don't know about the change. Someone from support goes to the computer eventually figures out the change and then goes off to try and find the person who made the change, who is oblivious of the hell they have caused. Change Management is about controlling the entire process of changes from authorising the change request, organising the creation of the change, the stages of testing, documenting the change and communicating the change. Its also really interesting to me because no one make more or bigger changes to the circa 10,000 machines in the Managed Desktop at the University of Edinburgh. I like the concept of Change Management because I am quite the opposite of the gung-ho guy making unannounced changes and the Change Management process I currently adhere to is a dangerously paranoid quadruple checking of every step before and after I have made the change (which is why I never make changes on a Friday, or else I'd spend my weekend concerned about the change I made!).
Service Level Management is another area I find interesting. The main aspect of this are Service Level Agreements (SLAs) - contracts between the IT Services and the customers that define services provided, the level of service, metrics judging the service and what is expected of both IT Services and the customer in provision of this service. What is interesting about this is that many IT Services organisations have had this sort of thing for some time, except they tended to be one sided (the onus has only ever been on the IT Services side), toothless (written with find-in-the-air metrics and with service levels defined which are easy to match) and often the customers don't know they even exist. What is interesting about SLAs is that they are agreed between the customer and IT Services and so, both sides know the boundaries. It allows for better control of the services, allowing better services for everyone though sometimes at the detriment of the well-placed individual. A good example of this is a file store. Let's say you give everyone 100 MB quota on this file store. Let's say 5% run out of space but they know someone who in the past has up-ed their quota. They phone this person who does this for them. However, what if the file store physically runs out of space - the person using only 50MB tries to save a document and gets a "Disk Full" error? The 95% can legitimately complain that IT Services are not matching their SLA for that service. That's not to say you can't help the other 5% out, its just if they want a better service, they need to provide the resources for it. In other words, pay more! Of course, it you find that 20% or more run out of space, it may be a case you need to look at Capacity Management , look to find the resources to buy in new servers so next time you renegotiate the SLA, you can offer 200MB or more.
The course I did was 3 days long and pretty intensive and what I've said above is barely scratching the surface. After all, I haven't even mentioned probably the most crucial part: the CMDB, I haven't even mentioned the Service Desk, Incident Management, Problem Management, and many other aspects of it. If you happen to be in Service Management, don't just get yourself interested in it - its crucial that you get the entire organisation behind the idea. Its an idea that could change IT Services radically. April 03 Firefox 1.5.0.11 - RIP Firefox 1.5? Or Not?I've mentioned several times on my blog that Mozilla have always planned to support Firefox 1.5.* for 6 months post the release of Firefox 2.0. Firefox 2.0 hit the public on October 24th. That would make Firefox 1.5 unsupported, THIS MONTH, April 24th. Certainly, its been a date in the back of my head for some time. Th latest release of Firefox 1.5.*, 1.5.0.11, was released only a couple of weeks ago. So, is that it for Firefox 1.5?
It seems not.
According to Mozilla's own meeting notes, there is a Firefox 1.5.0.12 in the works, with a tentative release date deep into May (May 15th); into month 7 post-Firefox 2. I'll try and clarify this in the next couple of days but very busy!
Certainly, any extension to the deadline, be it deliberate or just finishing off the final update to Firefox 1.5 is much welcomed and, from a hugely selfish angle, should tie me over until I can start the big summer updates. March 29 Second Life - A Group Policy ExampleI haven't been doing many scripts lately, with my head at work almost constantly buried in a whole set of other issues (like a number of MSIs, carrying on the Internet Explorer 7 and Firefox 2 testing and attending sooo many meetings), so in a sick way, I was happy when I came across a problem which simply needed a script!
The problem occurred in the most unlikely of circumstances as well - I was repackaging Second Life. SL is getting a big push in UK academia especially with people trying new environments, new ways of teaching. I, personally, offered to repackage this up and get this ready simply because I find it really interesting (and when you get to post-repackaging testing, a 3D game is a lot more fun than testing a boring stats package or something!).
As a repackage, Second Life is really easy to do - it puts everything in the "Program Files\SecondLife" folder and puts in a few keys into root. Takes a really short time to repackage, validate and conflict check and away you go. It gets rotten in Denmark when you run the thing and then log off - it writes, by default, its cache to "Documents and Settings\<username>\Application Data\SecondLife\Cache". Worse, that cache is, by default, 500 Megabytes. Which equals "very angry server team"! So, what to do. It stores all its settings inside the profile in a file called settings.xml. How would we write a script to deal with this?
Like this:
' Second Life Login Script on error resume next ' create shell instance ' create file object instances ' variables I'll be needing later SLsettingsFileName = EnVar("appdata") & "\SecondLife\user_settings\settings.xml" ' Create folder if not exist ' Open file to write ' Get our settings from the registry SLCacheUseLocal=WshShell.regread("HKCU\Software\Policies\Second Life\SLCacheUseLocal") SLsettings.WriteLine("<?xml version=" & chr(34) & "1.0" & chr(34) & " encoding=" & chr(34) & "utf-8" & chr(34) & " standalone=" & chr(34) & "yes" & chr(34) & "?>") SLcachelocation = nothing What does this do? It starts at the top by setting all the normal variables you'll need, including a cheeky "on error resume next" (I plan to rewrite the possible errors out in try...catch routines but didn't have the time today!). Then we have a "create folder if not exist" section. What this does is iteratively check to see if the second life profile folders exist, and if not create them. This is to give the text file we eventually want to write a folder to write it into.
We then read in the settings we need from the registry and store them in some variables. They are values defining the Bandwidth SL uses, the size of cache for SL to use and a third entry: SLCacheUseLocal. This registry value asks whether it should use the Second Life default, or redirect the cache to the Local Settings folder. How do we put them into the registry? An Administrative Template, of course! I'll come back to this.
Now, to write the XML file. First couple of lines are from the XML file's header as defined by Second Life. The chr(34) are the quote marks we need. Here's the header:
<?xml version="1.0" encoding="utf-8" standalone="yes"?> The next lines simply write the lines as it has extracted them from the registry - if there is no value set, it wont write the value. The use local cache one is an exception because if the template for this value has been set to Disabled or Not Configured, it will write the default value - to just leave the cache in the user's roaming profile. Finally, it closes off the XML file with the footer
</settings> Now, for my nice virtual machine here, if I run the script, it hasn't got SL on or this template, so I could a settings.xml file looking like this:
<?xml version="1.0" encoding="utf-8" standalone="yes"?> Now, we are not finished. We still need an Administrative Template. Simple:
CLASS USER CATEGORY "Second Life" KEYNAME "Software\Policies\Second Life" POLICY "Network Settings" POLICY "Use Local Cache" END CATEGORY There you have it, Second Life fully controlled by Group Policy! The bigger point from this post though is, none of this has really anything to do with Second Life. Change the values, add some more variable, change the XML header and XML footer text in the script, and you could use this basic script to control XML or INI files (or any line-by-line preference file) by group policy. I plan to expand on this and maybe make a totally generic script for setting values. Stay tuned! January 31 OH NO! OH NO! OH NO! Symantec Buys AltirisWell, there's a lesson for you: if everything is looking really good, expect something horrible round the next corner. Or, in other words, purveyors of awful, awful software, Symantec, have just bought the excellent Altiris.
Altiris have come across to me as one of the best IT companies out there, pushing an excellent suite of applications, especially in the enterprise software packaging environment with their (acquired) Wise Packaging Studio and then the really brilliant Software Virtualization Solution (SVS). They were also a company that really proved they "got" the community with their vibrant Altiris Juice community and got a good reach-out to every user by licensing SVS for free for personal use.
Please, Symantec, just let them get on with it and don't mess with things. PLEASE?! January 12 Software on a StickAs a systems administrator at a University, offering a service to users with disabilities is always a very interesting area. It is, obviously, an area which involves a number of pieces of specialist software and hardware. Providing such users with this technology is always a big challenge. On top of that, there are the requirements set out in the Disability Discrimination Act.
Many think that supporting users with disabilities is only about "just staying within the DDA". I disagree. What I would like to aim for is to give users with disabilities what I'd dub "an unremarkable experience". Huh? What I mean is, there is nothing remarkable that a user with disabilities has in their experience of our systems that a user without a disability has.
Of course, there are limitations to this aim: you couldn't make certain hardware such as a braille display, screen magnifier or braille printer accessible physically and technologically to every computer in all labs at a University, for instance, and many pieces of software are so specialist, they have incredible costs attached to them. However, as an aim, you want to get the software that a user needs to their desktop they use, and that must not be a special setup where the user has to ask somebody else to leave a computer so they can get access to that software. So, for instance, a student with a disability should be able to sit, as any other student does, at any computer, and yet be able to use their specialised piece of software.
There are 3 ways to achieve this:
Firstly, you could install the software on every computer. That'll work, unless you have a concurrent licensing model for the software, its an extraordinarily expensive option.
Secondly, you could use a streaming technology. I have talked before about how great SoftGird is as a virtualisation solution. It really is. However, one of the greatest benefits of the software is how you can stream software down from the server. What this means is, you could give a user a shortcut to a SoftGrid application and they double click it. SoftGrid will then download just enough to get the software to work, and then download more as you access more features. Clever, for sure, but not without its issues. As virtualisation creates a barrier between the computer and the application, some core API calls can be inaccessible to virtualised applications. These are exactly the sort of core APIs that much disability software uses to work (eg. intercepting text being written to screen for screen readers, etc.). There is also the expense of implementing SoftGird, as I have blogged about bitterly elsewhere on this blog.
Thirdly, you could give the student themselves the software they need. They'd have to install the software and so, they'd have to have the correct privileges - be Power Users or even Administrators on computers. That's a security no no.
However, there is a really interesting option that has grown over the past year or so: instead of buying the software on a disk, you buy a USB stick with the software installed and are able to run it from that stick, and save your personal settings back to the USB disk. Software on a stick, if you will. These offer a solution to most of the issues above - its portable, doesn't need installation, is entirely personal to that user and has a relative level of discreetness to it. All the user does is put the USB pen in the computer, and run the program from it. Beautiful.
I'm not sure who really started this but Dolphin's Pen (http://www.dolphincomputeraccess.com/productdetail.asp?id=8) was the first I heard about. The latest is literacy disability software providers, TextHelp, with their excellent Read & Write package coming out as a USB pen (http://www.texthelp.com/page.asp?pg_id=1197&id=181) only a couple of days ago.
However, I can see this idea being usable far wider than just in the accessibility software market. It would be great in any piece of software in the education sector because students sometimes have specialist pieces of software that is departmental or course specific, and of course, they tend to move about a lot and yet still need access to the software, if doing coursework or dissertations, for example. A really, really neat idea on top of this is if you could install some virtualisation solution such as Altiris SVS on a USB pen - they could run this software on any machine, and you'd be guaranteed it wont effect the host machine. It would also allow applications that need the registry to be installed to run solely from a USB pen! (I REALLY should patent this idea, but what the hey...)
UPDATE: I'll bin that patent registration form! Those ever clever people at Altiris have thought of it already: http://juice.altiris.com/idea/771/svs-for-u3-usb-sticks January 10 RIP: Pegasus MailThe last couple of days has seen the passing of one of those software packages that define an era: Pegasus Mail, and its SMTP server Mercury.
Its a real shame to see this go. Pegasus Mail was part of my life for some 5 years between 1997 and 2002, and I remember it fondly. Back then, the University of Edinburgh had a Novell Netware-based setup and Pegasus Mail was the client of choice. The majority of people, and all students, at the University used it. As we (thankfully) moved away from Netware, the mail was the first to go - going to a larger and more robust Unix service. Pegasus Mail started to be phased out, but, I can tell you for a fact, there are many people at the University who still prefer it and even use the term "PMail" instead of "Email" for the mail they send to each other.
That's not to look at it through rose-tinted glasses: it certainly had its problems - it had a quirky interface and even quirkier options menus. The way we used it, it left anonymous looking files with extensions like .pmm, .pmi, .pms, .pmx and .pmx littered all over your network home drive. Ultimately, and let's be brutally honest here, it is a client for 5 years ago and cannot even get close to the sort of features that any email client or service, be it Outlook/Exchange, Gmail, whatever, has today. However, its quirks are what made Pegasus Mail so good. Jeremy Clarkson, of Top Gear fame, says in his newest book called "I Know You Got Soul", that some machines have soul because "it's because they possess that most human of qualities, a flaw". I'd argue that applies to Pegasus Mail. When I got a problem with Pegasus Mail, I was able to look at the user's directory and I grew to spot its quirks: "ahhh, its decided to not delete the temp pm$ files", "silly things lost its index file for the main.pmm, let's reindex that", "its having a hissy-fit over its mail queue, let's just remove that...", etc etc. I grew to love its quirks, because I knew what it took to fix them.
Ultimately, none of this could have happened without one tireless, wonderful individual: the author of Pegasus Mail, David Harris. I cannot underestimate what this guy has done: he developed, supported and gave away FOR FREE, a package that many millions relied upon for one of their most important services, email, and many continue to do so.
I was shocked and saddened to read that over the past few years, David has had to endure hate mail from free software zealots and that disappoints me, as well as similar comments in the story about Pegasus Mail on Slashdot. These people offer nothing to the open source community and should just go away - unfortunately, intimidation and hatemongering have become all too much part of the Free Software movement and its a nasty, vile trait.
However, the vast majority of us who used Pegasus Mail will thank David and other contributors for what they did. I hope David can have time to get away from it all, have a fond look back on a 17 year ride and come back even stronger. November 23 Are Microsoft, Oracle Co-Opting Linux?There have been 3 bits of big news in the open source world in the past few weeks - the open sourcing of Java, and the big Linux business moves taken on by Oracle and Microsoft. The news about Java is certainly big news and has some profound implications (I'd suggest more in bundling it in distros than in people adding new code to the source), but it is the latter two stories I find most interesting.
What you effectively have is what many say is Oracle and Microsoft attempting to co-opt Linux in their own ways, ways that sum up the way the 2 companies always tend to act.
For Oracle, its a full-on, brutal attempt to assimilate a market (as it has done so with recent big purchases of the like of PeopleSoft) - they offer to support existing Red Hat Enterprise Linux installations for their customers with their own updates, at almost half the price, and support for older versions. As Red Hat have quickly pointed out, adding Oracle patches would void any indemnities for RHEL. The other big problem Oracle has is that it is playing by the rules of the GPL, and that means that whatever new patches to existing code they add, must go back to the community. This surely can't be their big Linux move?
Ultimately, this a bit of a "toe in the water" move by Oracle. For the longest period, they have talked about wanted to be able to control the entire software stack from server to applications but are in danger of being caught badly by Microsoft's more complete set (http://news.com.com/Softwares+stack+wars/2100-1012_3-6062557.html). This current move seems to me to be their first steps towards maybe something bigger - Oracle is starting to make big statements about advancing Linux as an enterprise level product and maybe those noises will turn into a future fully supported Enterprise Linux that will march into the Linux industry and take Red Hat's market share piece by piece. Or maybe even the acquistion of Red Hat themselves...
And then there is Microsoft, who have acted as Microsoft often do in business: intelligent, cunning and ruthless. The tech papers were full in the past couple of weeks with the scare stories after Microsoft signed a deal with Novell that covered a number of areas including patent indemnity. There were stories like Microsoft is to sue everyone but Novell, they are going to exorcise patents against all and sundry and as many decrying the death of Linux as saying the deal is Microsoft accepting Linux.
I doubt it is any of those things per se. I think this deal can be summed up in one word: Hypervisors. Microsoft has already made several deals in this area with deals with Zend and XenSource and this is just another stepping stone. With the advent of Longhorn server (well, soon after its released) comes Microsoft's hypervisor technology, codenamed "Viridian". The hypervisor acts as a layer between the bare metal and a server with many hosted server operating systems - the next step in OS Virtualisation. Many believe this technology will become the next big thing in the server market and, no doubt, Microsoft will want to keep a controlling share. I believe where Microsoft is heading with this is they realise that the hypervisor layer is all important. If they can get their take on this technology linked in with the rest of the System Center products, they could provide a compelling solution over and above competing enterprise products.
Now, by signing deals with the likes of Novell and XenSource, they are making a much more valid solution for mixing Linux and Windows OSes on the same piece of hardware. In a way, this deal makes sense for both Novell and XenSource. XenSource are always likely to struggle in a Windows dominated server environment and probably see this as a way of getting something from this market whilst concentrating on enterprise products in either 50:50 mix or Linux dominated server environments. Novell, no doubt see this as a way of piggy-backing Microsoft's technology to try and displace Red Hat as the enterprise choice of Linux. It does, however, raise a number of "What If?" questions. The big daddy of them all is: What if you have a hypervisor hosting 6 Windows OSes and you want to add 2 Suse servers, and what if Microsoft charge more for a hypervisor that hosts 8 OSes than 6? Microsoft would effectively be charging a license fee for Linux....
So are these moves equating to Microsoft and Oracle trying to co-opt Linux? To an extent, yes - in both cases, they are reacting to what customers (especially in the enterprise space) are asking for and try to fit it into their own strategies. That should be a good sign for Linux, in that its take up is starting to get noticed. Unfortunately, after the Microsoft-Novell deal, Free Software Foundation lawyer, Eben Moglen, talked about changing the license in GPLv3 to ban these sort of deals - the latest anti-commercialisation-of-Linux move in that horrific license. The sad thing is, the biggest problem Linux now has in the enterprise space is the FSF and its politics.
Anyway, it'll be fun to watch! November 14 Who Needs Doctors When You Have SQL Server?!A nice link I like to look at every week or 2 is this one: http://www.microsoft.com/downloads/results.aspx?freetext=&productID=&categoryId=&period=&sortCriteria=date&nr=50&DisplayLang=en
What that shows is the latest additions to Microsoft Downloads. It can be a good way to find those downloads that maybe haven't hit the media stands yet. Couple of interesting ones on there at the moment (apart from the monthly patches and PowerShell releases).
First up is the ADMX Migrator. This is a Full Armor developed tool that allows you to migrate your ADM files to Vista's new XML-based format for Administrative Templates, ADMX. They have a number of advantages over ye olde ADM files, such as containing version control, are centrally stored (as opposed to being stored in each Group Policy) and can be configured with different language templates for different locales.
Second is, the rather shockingly overblown download called, "Hospitals Reducing Fatalities from Severe Trauma and Stroke using SQL Server 2005"! Yes, using only* SQL Server, lots less people are dying!
* I hear that those doctors, nurses and assorted other medical staff might also be involved... Where the Developer and IT Professional Meets: PowerShellAfter my moan yesterday regarding the seemingly increasing gap Microsoft is putting between those who are IT Professionals and those who are Developers, comes a glint of what I'd like to see more of: Windows PowerShell. This project was formerly known by a seemingly endless list of codenames such as Monad, MSH and Microsoft Shell, before Microsoft Marketing managed to get their grubby hands on it and rename it Windows PowerShell. Today, it finally hit version 1.0, and can be downloaded here: http://www.microsoft.com/windowsserver2003/technologies/management/powershell/default.mspx
What is it? Well, its at its most basic a very powerful command shell and scripting environment for Windows. It is not a new command shell for Windows Vista (as many thought in the early days of the project) and is most powerful when used in a lot of server environments where scripting is required. To be fair, PowerShell is quite an appropriate name for it, as it really goes far beyond Microsoft's command prompt and, seemingly from how much I've played with it, allows a whole lot more flexibility than even VBScript. I played with it on and off through the open betas, and have been looking forward to it finally RTM-ing.
I wont even try to do anything "interesting" PowerShell-wise in this blog entry as I need to get back up to speed with it, but hopefully will be able to contribute something here in the future. A good idea to see it is to read the blog of the team behind it (the old blog: http://blogs.msdn.com/monad/ and the new one: http://blogs.msdn.com/powershell/) and the documentation that comes with the package when it installs.
As I said before, a lot of the power of this shell is going to be used in server environments. I know that to a great extent, Exchange 2007 and the next versions of MOM and SMS (which will be called "Systems Center Operations Manager 2007" and "Systems Center Configuration Manager 2007" respectively) are built upon PowerShell. One feature of SCCM2007 I have heard about where it is being used is with its Task-based UI. As I understand it, you can configure computers and applications through a variety of Tasks (which can be set to complete in a certain order). Although many of these tasks will be macro-based or simple commands, these can be complex PowerShell commands. At least, this is what I've heard!!!
I'm really looking forward to learning more about this PowerShell. Of course, if you are really, really brave, just install it, load it up and use "man" pages unix-coder-style! November 13 Tech-Ed Non-Attendance BluesI had to be spending this week blogging from the reasonably sunny Barcelona where Tech-Ed IT Forum is taking place. Unfortunately (*mutters darkly*), others in the team I am in are attending instead, so it cold, dark Edinburgh instead.
I got to attend Tech-Ed last time 2 years ago, when it took place at the end of June in sunny and hot Amsterdam, and it was a damned good experience. Well, it took me a week or so post-Tech-Ed to realise that. Why? Well, its a REALLY hectic event, and I spent the whole week in such a spin and acting like a sponge taking in as much information as possible, it really took until after the conference was over for me to formulate everything I had heard and learned into something to take back as worthwhile.
Of course, this event going on this week is not quite the same as the one I attended. Up until this year, Tech-Ed was a big event that took place in the summer that was, in terms of conference tracks, roughly 50% IT Professional, 50% Developer, and there was a seperate IT Forum. This year, they have split the Developer tracks into Tech-Ed Developer and the IT tracks into Tech-Ed IT Forum (the Developer conference happened last week in Barcelona). I, personally, think this drains a lot of the interest I had in attending Tech-Ed this year, as when I attended a couple of years ago, I found myself going in and sitting in on several .Net and Office Developer talks. Obviously, being Developer tracks and not IT Professional tracks, these would have taken place last week in Barcelona.
I will never understand why Microsoft has such an attitude that IT Professionals and Developers are to be pigeon-holed in seperate areas and never the twain shall meet. I blame the narrow-minded internal management inside Microsoft between MSDN and TechNet. Sort it out! October 28 The People/Resource BalanceFollowing on from my previous blog post about virtualization, I was at first mocked by a friend who works for a big Building Society here in Edinburgh that I was a "cheapskate" to question the price of Microsoft Softgrid bundle.
The crux of the matter though is this sentence from that last blog: "I work in a University and for 10,000 machines, this equates to between 3 and 4 IT support people's salary at the low end of the scale". As my friend pointed out, that point would be the key part of his pitch to management: there is absolutely no doubt in my mind that the productivity increases and lower support with Application Virtualization would mean you could get away with 5 or more fewer support staff over 10,000 machines. I'm not sure that sort of pitch would get much traction in an educational establishment!
The upshot of this is that Universities, and to some extent the public sector, tend to be what I would call "people rich, resource poor". What I mean by "resource poor" is there tends to be less access to those off-the-shelf technologies which require significant monetary investment, such as Softgrid. However, on the flipside, Universities tend to be "people rich" in that they not only have a larger ratio of people to computers (or similar ratios), but because they tend to be richer in skills. OK, a contentious point, but it really often comes down to that phrase "necessity is the mother of invention" - the IT problems in a University are often the same as those in a bank, for instance, but come with less off-the-shelf solutions to pick.
To give an example, I was told by the same friend as above about the setup at a big Scottish bank. They moved to XP and used every Microsoft prescribed solution - a dozen sysprepped images of XP being deployed with SMS and RIS and other straight-from-a-Microsoft-case-study technologies. Where I work, we looked at all these, and realised their limitations. Ultimately, this led to a couple members of the team I am on building a Linux-based Pre Installation Environment and imaging solution from scratch. This meant if need be, we had those Microsoft solutions to be our Plan B. The solution we came up with was only able to be done because we had this flexibility of being in a People Rich environment. This bank unfortunately had no Plan B through not having that flexibility, and the last I heard were still struggling.
That's not to say Universities have it right. If access to productivity-increasing, cost-cutting solutions like Softgrid become unavailable, there is clearly something wrong in the balance between people and resources. Increasingly, I believe that with the new wave of ideas, processes and technologies that are coming, be it virtualization, Web 2.0, Vista, ITIL or whatever, an increasing People Rich and flexible IT setup is required. October 23 The Virtualization RevolutionA few days ago, Microsoft finally announced its pricing plans for the Softgrid virtualization technology it acquired when it bought Softricity. You can read more about it here: http://www.microsoft.com/presspass/features/2006/oct06/10-17Desktop.mspx
Virtualization is one of those phrases that gets thrown around a lot in IT today, and sometimes its difficult to see where they all fit. So, what does Softgrid do? Basically, it is a application virtualization environment. Applications packaged with this technology effectively run in a total bubble (aka "sandbox") and everything they do is kept within that bubble. So, for example, if you have an application that needs to install a DLL to System32, it only ever seems to be installed at that location to the application in the bubble. To the operating system, user and any other application, it doesn't appear to be there. We all know DLL Hell. Some aspects of MSI technology took that away but, frankly, it still exists (especially with a lot of the poorer vendor-created MSIs I've seen). Softgrid would make it go away because you are never overwriting any DLLs - they all just stay in their relevant bubble. Softgrid is actually one of the true implementations of application virtualization, trapping everything inside the bubble at the API layer. Other competing technologies don't do as much as that, but I'll come back to that.
The thing about these bubbles is, as they are self contained and leave the OS pristine, if one gets corrupted, just delete it and refresh it with the original application. This should dramatically reduce support issues with apps that are misbehaving. It also works better at the other end - the packaging. As everything is inside a bubble that should act absolutely the same every time you refresh the bubble, it should allow the packaging to be more of a snapshot approach (ie. a snapshot of changes between pre-installation and post-installtion of an application) than the MSI approach of repackaging. I haven't played with Softgrid enough yet to talk deeply about experiences doing repackaging for it, but when I do, I'll blog it!
There are a few caveats, obviously. A big one I have discovered so far is that it really makes you rethink the way your system works. A lot of the promise of this technology is that you have a plain version of XP and can install every app you need the Softgrid way and, later, you can just take them off and you go back to having a blank version of XP. Unfortunately, this technology doesn't work well with some low level software such as Virus Scanners or device drivers. Another issue is just how resilient these bubbles are. Take Office for example. Now think of the applications that add-in to that - things like Outlook Add-ins, TextHelp Read & Write, Endnote, Reference Manager (a lot of these will only be known to academic institutions). If, for example, Office is in a bubble and Endnote is in a seperate bubble, they WON'T work with each other. So, you need to think what you need actually installed on your system, what is in a bubble, etc etc etc.
The other, and very much less technical caveat, comes from the pricing. Microsoft, from the Press Release, have bundled Softgrid in with another set of technologies it has acquired (the Asset Management from the acquisition of AssetMatrix, PolicyMaker from DesktopStandard and the Diagnostic and Recovery Toolset used to be the administrator pak from Winternals) and priced it at "estimated retail price of US$10 a year per desktop". 10 Dollars seems OK. What screws thing up royally is "a year"; its an annual subscription model. If you are reading this and are a IT decision maker in a bank, you might scoff at this. However, I work in a University and for 10,000 machines, this equates to between 3 and 4 IT support people's salary at the low end of the scale; for a technology that must be seen as a companion to, as opposed to an alternative to, MSI (those who drop MSI to go to Softgrid will soon find applications that simply don't fit to the virtualization model and long for Wise Repackaging Studio or AdminStudio). The costs add up.
However, there are definitely large end-to-end productivity gains to be had by implementing a virtualization solution and, hopefully, a far sighted IT decision maker will see this. Further, in the Softgrid case, the extra utilities (especially AssetMatrix) are not to be sniffed at.
As mentioned earlier, there are other application virtualization solutions, most notably Altiris's Software Virtualization Solution (SVS) and Citrix's Application Isolation Environment (AIE). Actually, technically, neither does application virtualization - they do application isolation. The difference is small - as opposed to the API level virtualization offered by Softgrid, both effectively redirect files and registry for applications to a hidden sandbox folder. This means that it is possible for a SVS or AIE application to conflict with something else on the system at the object and API level. However, this can be mitigated. As with many things Citrix, AIE seems to work best within an existing Citrix ecosystem. SVS, though, works well outside of an Altiris systems management software model. Its also worth noting that Softgrid offers several features over and above these systems.
There are a number of reasons I really like SVS. Firstly, the technology is very, very cool. Secondly, Altiris have shown more understanding with the way System Admins work than most companies out there and provide a number of excellent community resources for SVS - such as http://www.svsdownloads.com/ and their excellent community site, Altiris Juice (http://juice.altiris.com/). Thirdly, they seem committed opening up the source of many aspects of the product, and, significantly, offer SVS for FREE for personal use (http://juice.altiris.com/page/86/get-svs-here-now). Yep, you can start using it right now and get blown away by just how cool SVS and application virtualization is!
Anyway, I don't mean for this post to be anything more than a skating over of the technology, and there are people out there who know a whole lot more than me on this. I'd suggest reading:
amongst others... October 11 Microsoft's Nonsense Notions of CommunityA while back, I wrote about a site Microsoft had started which seemed pretty promising - Talking Microsoft (http://blogs.technet.com/talkingmsft/). The site was, effectively, a fledgling UK Technet equivilant of the US MSDN community and video site, Channel 9 (http://channel9.msdn.com/). I thought it was promising because Channel 9 is not a very good community, has an awful "We Hate Everyone But Developers" attitude and the forums are more cliquey than a golf club with the word Royal in its name. It also seemed good because there seemed to be an ambition to Talking Microsoft, with the first video featuring the brand new boss of Microsoft UK.
Unfortunately, 2 months later...the ONLY thing on the Talking Microsoft site is a video with the boss of Microsoft UK. It seems to have been unceremoniously dumped.
What made me think of Talking Microsoft's stuttered launch was another Microsoft community I came across: Solshare (http://www.solshare.net). OK, "community" is rather not the word, seeing as it seems to be 1 bloke at Microsoft and several empty forums (fora?). Why is it a completely stillborn community? Simply, there is nothing to relate to there. I work at a top UK University and cannot see the point in getting involved in that community. The reason is simple; a site which is for "people in the Public Sector" is vast and massively unfocused. For example, Solshare breaks the forums (I'll use that plural!) into Education, Healthcare and Government, but in my job in IT at a top UK University, there are fundamental different challenges to those people working in IT in the UK Healthcare and UK Government markets. There are probably more differences than similarities between those of us working in IT in the UK education market and those in education in another country. I have certainly experienced that to an extent with the people I have dealt with, with my Firefox utilities (which have mostly, for obvious reasons, been mostly adopted in education establishments around the world) and other tools posted here.
The biggest problem with starting a community in the way Solshare has is that it is the "Field of Dreams" mentality - build it and they will come. Unfortunately, they wont. Realistically, you want to start a community with a good foundation - get a core involved and then expand it.
One of the annoying things about these flailing communities - there are so many disparate groups out there that could be formed into communities. For example, I think that UK Universities could be a strong community to help people use technologies, often Microsoft technologies, in the best way. To date, the closest I've seen is where a Microsoft sales person organises 2 Universities, one that has been successful with a MS technology and the other that is considering that technology, to meet over lunch or the like and discuss the way they've done it. Ultimately, that way is inefficient, has little or no follow through past this "pre-sales" time and does not build any long lasting relations between the Universities. There is also the feeling they are doing Microsoft's dirty work for them.
A UK Higher Education community as a core would be able to share knowledge, share ideas and even start a vibrant Marketplace - Universities, knowing that one has certain knowledge that others don't, could share or buy in consultation from another. It seems obvious to me that a great deal of these technologies would be Microsoft based. This community could then be be eventually expanded to take in the entire UK Academic community.
Ultimately, communities require time, forethought and ambition, and sometimes I feel Microsoft doesn't quite get that. Maybe eventually... October 06 The WGA Avalanche of DeathA couple of days ago, I got a call saying one of our Managed Desktop machines was throwing a message from Microsoft's Windows Genuine Advantage (WGA) "feature" saying, effectively, the machine was not genuine and had a pirated version of Windows. The person who reported the issue had also checked the non-obfusticated part of the product key you can get to in the registry and it was the University Volume License Key (VLK). Oh dear.
Then, this morning, first call, oh no...another machine with the same message from a different area of the University. One of the advantages of having a organisation wide Managed Windows Desktop is that you know those in one part of the University aren't doing things that are radically different from another part, such as using different images of Windows. In other words, this was unlikely to be a coincidence.
That is minor panic territory: if 1 machine is having this error, you can put it down to corruption, if 2 seperate machines are having the issue, then it is likely to be a real problem, and a real BIG problem at that: if these machines are reporting they are not genuine, then that means the key isn't genuine and of course......every Windows PC in the university uses that key!!!! Yikes! This is avalanche territory, where tens and then hundreds and then thousands quickly get the same issues and bang, total blackout.
Thankfully, I didn't see another one all day and then, just before I left work, I found this: http://forums.microsoft.com/genuine/showpost.aspx?postid=787014&siteid=25 . So, Microsoft acknowledges it has a problem with WGA (by the look of that forum, one of many). Well, maybe acknowledge is a bit of a strong word. Maybe, "buried deep on a forum where virtually no one would look", is a better term for it.
If Volume License Keys can ever come up in the WGA processing as non-genuine, there is a fundamental flaw in the way it works. Surely, if you have a problem of this nature with a VLK, it would make a lot more sense to not cripple individual machines and instead, contact the VLK contact at the relevant company? As it stands, a widespread WGA-based outage could well happen at an organisation, and may require relevant disaster response procedures thought up. It will require a lot more than listening to a Microsoftie saying "we regret any inconvenience" and giving scripts that only administrators can run. October 02 Microsoft Acquire DesktopStandardMicrosoft have certainly been a little bit canny on the acquisition trail of late, and I noticed they've just - today - announced they have acquired one of the top makers of Group Policy-based tools, DesktopStandard. You can read about the tools and the acquisition at DesktopStandard's site, here: http://www.desktopstandard.com/default.aspx
I do hope that the lead off of this is that Microsoft roll some of these tools into the integrated products. Outside of adding more and more settings, Microsoft really hasn't given Group Policy the care and attention it needs.
As I say, with this, Wininternals/Sysinternals and Softricity, Microsoft has been making some good acquisitions in the systems management sector of late, and I for one am happy to see this. |
|
|
