totalnetsolutions.net

Upgrading software – always required to keep things secure.  Windows, WordPress, Mac OSx, Linux, Office, Firefox, etc.  So I just finished upgrading TotalNetSolutions.net again.  Hopefully I’ll be able to be better about this, now that WordPress does the automatic upgrades now.

I’ve been doing the automatic upgrades on one of my other sites since they came out.  They’re easy, fast, and even more painless than the 3-step upgrade that works so well. So now, I should be able to keep TNS much further away from the “cobbler’s kids” syndrome so many small company’s systems suffer with.

The past week has given me major troubles.  I was tasked with performing a restore of a large database from our offsite storage.  Upon getting the tapes back I found that their indexes were no longer available and I would need to read them in from the tapes…there were only 107 tapes.  Not knowing the software well enough to accomplish this quickly I contacted support, where things began to get more…”interesting”.

After four hours on the phone I was able to determine the two tapes that would be needed to recover the 79Gb database file and started reading in the specific saveset that was needed.  Two hours later I was able to start a restore, which failed.  2Gb of the restore file was missing.  After another two hours on the phone with support I was told “Let’s reposition the tape.  It could take a while, on newer technology I’ve seen it take an hour, on LTO1 and LTO2 drives I’ve seen it take 8 hours.”  You guessed it, I have LTO2 drives.  Fortunately I have a multitude of drives to reposition the tapes with so it won’t impact backups, unfortunately I have a time limit on the restore that’s fast approaching.

So what do you do when you backup your file systems?  Do you simply believe that the software you backup with validates your tapes or do you test them regularly?  Are you satisfied with seeing an email at the end of a backup routine stating “SUCCESS”?  Then answer is simply NO.  Your backups are only as good as your ability to restore from them. Keeping that in mind and all the different technologies and services available what do you choose?

For us the answer is simple.  We require low cost, reliable, offsite secure data storage as do most companies nowadays.  TAPE.  We’ve looked into collocated services and replicated SANs with virtual tape backup but the cost far exceeds it’s benefits.  Tape technology has been proven over and over for decades.  There is no cost effective replacement for a good old fashioned tape, even taking into consideration the troubles it can give you.  Our entire datacenter can be put onto 6 tapes costing $25 each.  4.8TB for $150.

Any good backup initiative should be followed up with an equally adequate restore plan.  So next time you recommend a backup solution plan a regular restore plan to test because there’s nothing worse than spending an entire week restoring one file.

Dean Wells started out Day 3 of DEC 2008 with a recap of the Dean and Joe show. He finished up the demo of “how exactly the FSMO role works” which was amazingly detailed and deep. He also explained more about AdminSDHolder and showed off several of Joe Richard’s tools. They also showed some info about how to read deep into the DIT itself that I found really interesting. Yes, I’ve now dumped my test network’s AD database and read it with their tools.

Don Jones had the next session, but I had to skip out on it to prepare for my session. I did hear some great feedback, but was disappointed, since his was one of the sessions I was most looking forward to prior to the conference start.

I spoke at 11am about how to integrate Linux/Unix systems with Active Directory. Download the deck here. It was a great experience, and the bit of feedback I’ve heard so far has been really positive.  It sounds like several attendees have moved their integration projects forward with information I presented, so I think it was successful.

After lunch, the Microsoft Windows and Active Directory product teams had a chalk talk about what’s next with AD where they solicited a LOT of suggestions from the attendees.  I was surprised by the number of people who are using “Prune and Graft” techniques for domain migrations.  Microsoft was very clear, however: do not EVER prune and graft domains.

And I’ll leave it at that.  In all, in was a great experience, and I learned so much.  I’m going to go back again!

Tuesday the 4th started with Stuart Kwan’s keynote at 8am – he talked about an eventual plug and play software “identity bus” where you just plug in identity management software, and it just works – the same as PCI or USB hardware does on those busses. It’s a pretty cool concept, and that Microsoft is driving in that direction is great. I just can’t see how quickly they’ll be able to get there. But it’s a well thought out plan they seem to have. I’m excited to watch it grow.
(more…)

I spent a large portion of this week at DEC 2008. I mentioned previously that I’d be presenting as well. Now that I’ve had a couple of days back to catch up with work and home, I wanted to recap the amazing experience, and share a few bits of info that I learned as well.

Sunday March 2nd was only registration and the reception for me. I just used the brief time downtown to meet with the Centrify and Likewise teams who worked so hard over the previous month to help me prepare my presentation for Wednesday. I met a bunch of great new contacts as well – not a conversation passed that I didn’t learn something new.

Monday the 3rd included Gil Kirkpatrick’s discussion on AD administrators vs. software developers, Jerry Camel and Brad Turner’s overview of proper architecture for ILM “2″, how Microsoft is using Windows Server 2008 (Brian Puhl), an amazingly indepth look into AD with Dean Wells and Joe Richards, and a discussion about how Centrify DirectControl works (in Centrify’s vendor track). (more…)