SuperBowl v2

Whoops! Since my last “IT Superbowl Party” I updated my RAID drivers and lost the drives holding my awesome Server 2012 Core environment I build out. And I lost the notes on how to build it to boot! But my birthday recently came and went and I treated myself to some extra RAM so I could run more virtual machines. It’s time to rebuild, and just so I don’t lose my notes, here’s what I have now.

Apologies for the very raw format. Oh, and I decided to up the ante and make sure that everything is IPv6 compatible, complete with DHCPv6 and what not.

Read more »

The Wall of Shame

It’s weird talking about The Wall of Shame not in relation to something I’ve screwed up myself. Not that I screw up often – it’s just that I never thought I’d be the one maintaining said Wall.

At work I’ve been struggling to focus hard on certain projects and everyday work. In my last post I talked about standing up for myself and making a name for myself as someone other than the Virt Build guy. I’ve already seen great progress in this regard, but it’s only partially fixed the uphill battle I feel every time I set out to get work done.

I wasn’t sure why until today when I thought about how upset I was that certain Windows deployments weren’t being sysprepped and I was part of the problem. I’d sure put myself on the Wall of Shame for that, but only one other person at work seems to comprehend the problem with it – and unfortunately he’s not in a position to help solve it. So if I’m the only one who knows enough to be worried and do something about the situation, that means it’s up to me to declare it an offence belonging on the Wall.

I added a total of 14 things to the Wall (actually to the white board by my desk) but I already feel a little better about things just having enumerated the problems. These aren’t trivial – they’re objectively important infrastructure and security components that should be part of any strong IT foundation. They might not be part of my current projects or responsibilities but as I make time to chip away at them little by little, things will continue looking up.

Now I’m off to become a Deployment Wizard and cast Smite against the very building block that started my Wall of Shame.

Putting my flag on the Moon

Now that I’m wrapping up my second month of work with the new company, I’m hitting that barrier where I’m no longer “the new guy”.

I’ve been a little frustrated at the kinds of work being assigned to me – I fought hard to make sure the roles and responsibilities I would have here were in line with a move up (with a salary to match), but frankly they’re paying me too much to just do basic server installs all day long. I’ve been thinking about why that is, and especially after hearing someone else say what I was thinking, I need to take a stand and really own my destiny. As the bright-eyed new guy I’ve had no qualms taking on “virt builds” but in doing so I’ve accidentally made a name for myself in that role.

So when I hit that barrier and I’m just “old news” I need to make sure my position is solid. My company is a good company. They’re good people and they need skills I can provide. They need virt builds too. But in the imaginary Venn diagram in my head I need to shrink the space where those two things overlap.

Also, I just have to say it. I hate when people call a VM guest a virt. It’s the most brogrammer thing I’ve ever heard.

Deployment Redux

Once again I am building an OS deployment solution based on the Microsoft Deployment Toolkit. Usually it is nothing but fun but this time there is such a desperate need for it that it really does feel like work. Plus the environment isn’t built out in a way for me to add all the bells and whistles I want to. But it is still cool stuff and I look forward to bringing this kickass solution to the office and showing off what it can do.

Cops. V-cops.

Work just closed the deal on the full vCenter suite this week. On Tuesday I spent about 2.5 hours upgrading to vCenter 5.1 (up from 5). As a matter of pride I tried to do it completely solo.

About 2 hours in I panicked and called up VMware support because I was getting a weird error and starting to run low on time. By the time they got back to me I figured out that I had misunderstood exactly what database I was supposed to point to. Their upgrade documentation is really vague in certain areas but pretty solid in others..

I must say it’s weird getting comfortable in SQL. Just hopping into the admin tool and doing stuff…. was kind of fun but I’m still sure DBA is never going to be in my future. Of course I say that about Sharepoint and today I was told (paraphrasing) “Oh hey, you DO know a lot about that. You’re my new escalation point.”  Me and my big mouth…. maybe I shouldn’t be commenting on my SQL exploits. At least I don’t think my coworkers know I blog so I’ll be safe for a little while…

Work Life Balance

This isn’t specifically tech-related, and really more of a chance for me to brag…

My round-trip commute was topping out at about 3 hours which is pretty crazy and not personally sustainable.

I emailed my boss and asked if I could shift my hours around. He told me that once I got a month of work under my belt and proved my work ethic I could “work from China every day” if I wanted to.

Well, a single day later after pitching some project plans for important infrastructure plans and I was told I could pick my hours effective immediately. What a relief! My commute was cut in half, I’m even more motivated to get things done, my home life is way more comfortable, I get more sleep, and my fuel bill is down.

Woot!

Fun New Guy

I’ve fallen a couple weeks behind in my blog posting. My new job has been a rollercoaster of emotions! But I’m starting to settle in and thus it’s time for me to get back to my routine of weekly blog posting.

My enterprise career was born and raised at Sony – I didn’t know what to expect at this new place. Plus it’s all about The Cloud and I’ve never known how much BS vs actual “not-a-buzzword” technology The Cloud really is.

Culture-wise I was wary at first because there wasn’t much up on the walls in people’s offices/cubes, and my geek radar didn’t immediately pick up fellow Comic-Con attendees. Slowly but surely I’m finding familiar cultural artifacts that make me feel at home:

  • The guy in the cube next to me happened to have purchased the same model mechanical keyboard as me. 
  • There’s more than one StarCraft fan (though they don’t hold a candle to the fire that was a certain Sony coworker’s ladder ranking)
  • I once again have a coworker with lots of dogs and horses (although this time > 20 horses … it’s a whole side business!). I definitely miss not seeing dogs around in the office though
  • Without having to make any special requests, a pair of new Dell 24″ monitors were set up for me and is standard-issue
  • I found my Comic-Con attendee friend, but he works across the country in the Boston office

Here’s a breakdown of the technology-related changes/differences I’ve picked up on:

  • I thought I was definitely not a network guy, but certain network infrastructure choices I see being made at the new job suddenly make me care a lot, and realize how much knowledge I had soaked up via osmosis while at Sony
  • It may be a Production environment, but Production Development problems never change
  • People who don’t have to regularly activate Windows over the phone don’t know what they’re missing. And should never know it. Guess who just implemented their first project for improving processes in the workplace!
  • I’m already getting pulled into lots of cool projects that I just happen to know lots about, which makes it hard to manage my time because I’m excited about all of them
  • I’m glad I took the time when I could at Sony to be involved with pioneering the IPv6 path
  • I need to put together the Perfect Pitch for why the IT group needs to go out to conferences like TechEd or VMworld. Every day I’m using some skill or knowledge I picked up from there!
  • While I do believe that The Cloud is more than just a buzzword, don’t underestimate the value good old fashioned elbow grease

New Job

Yesterday was my last day working with Sony. There are many awesome people I’m leaving behind, but come Monday I’ll be working with a whole new set of awesome people.

A former coworker of mine has a theory that to be successful with IT, the organization needs to take small, calculated risk gambles. My own interpretation is that there is a relationship between risk and progress. No risk, no progress. Lots of risk means you’ll probably have enough backwards progress to cancel out any benefits. But there’s a sweet spot somewhere in there.

I’m taking my own calculated risk gamble by moving away from a juggernaut in the digital entertainment / video game industry and into a ninja strike force team for cloud services. I never would have thought I’d be moving away from a video game company, but here I am. I love gaming. But I also love IT. My heart and my head tell me that when the chips are on the table, I should let gaming be the hobby I pay for and IT be hobby someone pays me for. Staying at Sony would be the safe and easy choice, but I’m confident I have great things in store for me at LoadSpring Solutions.

PowerShell QuickStart

I decided recently that I want to do more to empower my coworkers. For Windows administration, PowerShell is the modern, cool way of accomplishing all kinds of system administration tasks. The elevator pitch for getting people excited about it is easy, but the learning curve is so steep it’s hard to keep them interested. Here’s my best effort at a short, practical beginner’s guide. The only prerequisite knowledge required is basic command prompt experience, and you can probably get by without that. Also, you want to at least have Windows 7 with SP1, ideally the 64-bit version.

Launching PowerShell

This section may seem way too basic and easy to skip over. But I strongly encourage you to work your way through it at least once. Small steps – we’ll get to the cool stuff soon enough.

Getting the Latest Version

  1. If you already have some version of PowerShell installed, open it up. WindowsKey+R > PowerShell
  2. Type the following into the console, then press Enter:
    Get-Host
  3. Look for the row labeled “Version” – If you have the latest version (3.0 at time of writing this document), great! Otherwise, proceed onward.
  4. Download PowerShell 3.0 here [microsoft.com]. Don’t be confused like I was because they call it “WMF 3.0″. That stands for Windows Management Framework and is the totally uncool equivalent of saying PowerShell. Scroll way down to the Instructions section for directions on which exact file you need. Hint: For Win7 x64, get Windows6.1-KB2506143-x64.msu.
  5. Fire off the installer. Accept all the defaults. If you encounter an error like “This update does not apply to your system”, download and install the Microsoft .NET Framework 4 [microsoft.com] and try again (accept all defaults, and restart between installs if prompted). I don’t know why they couldn’t bundle these together or at least have a more helpful error on the PowerShell installer. If you’re still having trouble after that at you’re on Windows 7, make sure you have Service Pack 1 installed.
  6. At this point you’re ready to go. Launch and double-check with the “Get-Host” command

Console vs. ISE

There are two launchers for PowerShell: powershell.exe and powershell_ise.exe. These are both located in C:\Windows\System32\WindowsPowerShell\v1.0 – Yes, even PowerShell v2 and v3 are installed into that exact folder (something about compatibility). By the way, you cannot have older and newer versions of PowerShell installed at the same time.

PowerShell.exe is the basic PowerShell console. It’s much like a Windows Command prompt – by default you’ll see a prompt starting with “PS” and then the current directory path you are in. Copying and pasting works very similar to Putty or a Linux/Unix console – Use the right mouse button to copy text or paste whatever is in the clipboard – Control+C and Control+V won’t do what you want it to do here. You can start PowerShell from a command prompt by simply typing “powershell” (without the quotation marks) – the color scheme and fonts will be a little different but it really is the same thing.

PowerShell_ISE.exe is the PowerShell console plus a bunch of really convenient features that you almost definitely want to take advantage of. The ISE is broken up into three sections (all of which can be toggled on or off): At the top is a blank script file that works like a basic text editor. Consider this your scratch pad for planning things out. At the bottom is your console window. It is exactly the same as the non-ISE version of PowerShell except that keyboard shortcuts for copy and paste will work. And finally, on the right-hand side is a cheat-sheet of all available PowerShell commands.

In the ISE, write commands into the top section or the bottom. Use the bottom for “one-offs”, use the top for planning a series of tasks that can be automatically sent to the bottom section and run line-by-line using the Play button in the toolbar.

If for some reason you don’t see all the panes/sections, open the View menu and make sure the first six items are checked.

In summary, the ISE will make your life easier. It gives you a cheat-sheet of commands, makes it easier to plan a sequence of commands, and has some other benefits I haven’t mentioned yet that you will pick up and get accustomed to as you follow this guide. However, the guide will work for both vanilla PowerShell and the ISE and if you feel overwhelmed with the ISE by all means don’t use it

Setting Up Your Environment

Enabling Scripts

By default, PowerShell is designed to be so secure that no scripts will run by default. Single commands will work just fine, but a sequence of commands saved in a script file will fail. Script files have an extension of .ps1 but otherwise appear as a plain text file – you can edit them in Notepad, the ISE, or other text editors. PS1 stands for PowerShell version 1 – Even if you are using a different version or if the script was written using a newer version, for backwards compatibility all PowerShell scripts use .ps1.

Let’s find out if you can run scripts by typing the following PowerShell command:
Get-ExecutionPolicy

You’ll see the output come back Restricted – this means no script can run. (If you see anything else, Group Policy settings are managing this for you and you can skip the rest of this section.) Let’s relax those rules and allow local scripts to run. This will specifically only let scripts run if they are saved locally or if they are on a network share and have a signed SSL cert (we’re not getting into the details of that – it’s complicated):
Set-ExecutionPolicy RemoteSigned
Note: This is one of the few times you’ll need to launch PowerShell with the “Run as Administrator” option. You’ll be prompted to confirm this setting which you can do by just pressing Enter to accept the default.

Re-Run Get-ExecutionPolicy and you’ll see your new setting in place.

PowerShell Remote Connections

One of the most useful features of PowerShell is that you can use it to run commands on a different computer from the one you are sitting at. But to do so you need to set up a few things (unless Group Policy has been configured to do this for you – let’s assume that is not the case):

On the computer you want to connect remotely to:

  • Run the following PowerShell command (this is one of the other rare times you need to make sure you run launch Power with the Run as Administrator option):
    Enable-PSRemoting
    Note: You’ll be prompted several times with questions about settings. Press enter to accept all the defaults. Or cheat and use the command Enable-PSRemoting -Force to automatically select all defaults

On your computer:

 

  • Run the same Enable-PSRemoting command. Technically you don’t need all the settings that are enabled, but this is a much quicker way of getting started.
  • Next, make sure you can reach the remote computer from yours by hostname. Type ping RemoteComputer but with the name of your actual remote computer – do not use an IP address. If the hostname does not resolve to an IP address, you will be unable to run remote commands, but the fix is beyond what this guide can provide – You need working DNS and if this isn’t automated through Active Directory you’ll have to manually update your DNS server as needed.
  • If the machine you want to connect to is not bound to Active Directory, you also need to run the following command:
    winrm set winrm/config/client ‘@{TrustedHosts=”RemoteComputer“}’Be sure to use all the quotation marks as they appear here, and replace RemoteComputer with the actual hostname of the computer you want to connect to. If you have difficulty with managing computers remotely you can use an asterisk instead of a computer name but this is extremely insecure and a hacker’s paradise.

At this point, on your machine you can connect to the remote one by using the following command:
Enter-PSSession -ComputerName RemoteComputer -Credential Domain\User

You’ll be prompted for the username and password of an account on the remote computer that is a member of that computer’s Administrators group. If the command is succesful, you’ll see a normal PowerShell prompt except that in brackets it shows the name of the computer you are connected to. At any time you can type Exit-PSSession to return back to your local PowerShell console. It is important to always check for a hostname in brackets – this is how you tell if you are running commands on your computer or on some other computer.

Conclusion

Although we’ve hardly done anything, at this point you have everything set up on your computer and maybe even a remote computer. Next week we’ll dive into running commands, keyboard shortcuts, using auto-complete, etc.

Hosting My Own IT Super Bowl

This weekend I was finally motivated enough to attempt standing up an entire Windows infrastructure from scratch. Building on my Hyper-V efforts last week, here are my goals:

  • All servers and clients are hosted in Hyper-V off of my Windows 8 desktop host
  • All Hyper-V management is being done through PowerShell
  • VM servers are running Server 2012 Standard Core
  • All VM management and configuration is being done through remote PowerShell consoles from my desktop host
  • Services to configure first in the virutal environment: DHCP, DNS, Active Directory
  • Services to look into a little later: Exchange, IPAM, Sharepoint, SCCM, IIS, RDS

So far, so good, and having a blast using a Zombie theme where possible. I configured some virutal switches to isolate my virtual infrastructure’s DHCP and DNS (Switch names External, Borderlands and Quarantine), got my primary server up and running (PatientZero), turned on the DHCP and DNS role, and just finished configuring the new AD forest (zombienet.local).

Much assistance for configuring active directory is coming from http://technet.microsoft.com/en-us/library/hh472162#BKMK_PS but it’s definitely taking some extra time to parse and take it all in.