Amazon Widget

Thursday, October 06, 2011

UserAccountControl Values

Something that's always been difficult for me, probably because I rarely use this information, is remembering what the userAccountControl values mean in Active Directory.  So, I finally tracked down what the values are, and have assembled some of the more common values for easy reference.

  • 512 - Normal Account
  • 514 - Disabled Account
  • 528 - Locked out Account
  • 530 - Locked out and Disabled Account
  • 544 - Password Not Required
  • 66048 - Normal Account, Password Does Not Expire
  • 66050 - Disabled Account, Password Does Not Expire
  • 8389120 - Password Expired, Normal Account
  • 8389122 - Password Expired, Disabled Account
I hope this information helps you in your day-to-day job duties!

Friday, September 02, 2011

Interviewing with Microsoft

I've been lucky enough to interview with Microsoft a few times in the last 9 months or so.  I've learned that when you interview with Microsoft, no matter what you think you know, you don't know nearly as much as you think you do.  I've hung up the phone on technical phone screens or walked out to my car after Finals Day and felt like my brain had been taken out of my head, stretched out, stomped on, run thru a wringer, smacked around, steamrolled, and then put back into my head.  I've felt like I've totally bombed and been told I'm moving forward in the process, and other times I've thought things have gone well and been cut from consideration.

I have yet to achieve my much-desired break thru and get a job offer from them, but I will keep applying and trying until I do! :)  Here's a summary what I've learned during my experiences with the Microsoft interviewing process:
  1. Be patient!  The recruiters are dealing with hundreds of applicants each day, plus scheduling, and who-knows-what-else
  2. Never think you "know it all" - You don't.  Expect to be humbled in some way during each interview and by each interviewer.
  3. Relax!  The interview is not a life-or-death thing.  If you are nervous, it's going to come out in the interview when you can't remember simple things, or forget details, or who knows what else.
  4. Think out-loud.  I can't emphasize that enough.  If you think out-loud, the interviewer(s) gets an idea of how you think/troubleshoot/process and could help nudge you in the right direction if you're almost there but are stuck.  If you sit in silence while you think, it's pretty much a given that you're doomed.
  5. It's ok to say "I don't know".  If you try to make something up, you'll get called on it.  This ties in with the previous point - think out-loud.  If you don't know something when the question is asked, think out-loud about it, and if you just can't get figure it out, tell the interviewer(s) - I don't know.
  6. Make it a point to say, "When we're done, I'm going to go learn about [x, y, z]".  It shows that you want to learn and improve.
  7. Research the role you are applying for, and have plenty of questions prepared ahead of time to ask
  8. Refresh your knowledge of the basics for whatever technology you are dealing with
  9. Ask for feedback after every step in the process.  Take that feedback and dive into anything they say you are weak in or need work on
  10. Most important piece of advice - Have fun!  It's a great experience, and you'll talk with some extremely bright people along the way.
Good luck!

Thursday, June 09, 2011

Thoughts on Microsoft Certification

This could be somewhat of a controversial post.  It deals with certification and braindumps and "cheating".  You have been warned. :)

First off, I hold several Microsoft certifications.  Second, I have seen some of the offerings of TestKing, Pass4Sure, ActualTests, and RealExams for myself.  There are dozens of others, I'm sure, but quite frankly I don't have the time nor the desire to search them out.  That's what is for.  

The observations in this post are strictly my own, and are based on my perusal of some of the aforementioned braindumps, which is the basis for my opinion, and thus this blog entry.  If you stumbled across this blog entry as a result of searching for such materials, you won't find any here, but I would ask that you read the entire post before continuing on in your search.

A braindump, such as one listed above, is cheating.  Nothing more, nothing less.  Knowing the answers to an exam before taking it cannot be called anything less.
You cannot, I repeat, CANNOT, justify the use of braindumps to me.  Don't even waste the energy even thinking about trying to justify it to me.  If you know the questions before you take test, and can do a decent job of memorizing the answers, what have you learned?  How to memorize answers, that's it.  You haven't learned the material, you haven't spent hours and hours in some kind of lab environment learning about the product, how it works, how to configure it, what x and y and z can do. 

What can or should you do?  This is simply my opinion, take it with as many grains of salt as you like.  Turn in cheaters.  If you see people asking for braindump materials, get their name and/or e-mail address, plus the site where you saw the post, and report them to the appropriate certification source (Microsoft, Cisco, Red Hat, etc.).  It may not be the same e-mail address they have on file somewhere for their certification, it could be (and probably is) a fake name, but at least you're alerting companies to the cheaters and where they like to lurk.  If companies like Microsoft can take down these braindump sites, it raises the value of their certifications because there is no more "easy" avenue.  Granted, if someone wants to cheat, they'll find a way.  And taking these sites down will simply push them into the deep, dark corners of the interwebs.  But that's fine with me.
In the end, if you use TestKing, ActualTests, et al., as your "prep" material prior to an exam, then your certification is worth exactly what you paid for those materials.  You've learned nothing of value, and in any real world environment you will be exposed as a fraud, if you even make it past a good interviewer.  You have nothing to be proud of, no reason to show off the letters you can put behind your name.  For those who do not go that route, and learned on the job, in a lab, while pouring hours and hours of their own time and hundreds, if not thousands, of their own dollars into lab equipment, books, software, etc., your certification is priceless.  You can be proud of your achievement.

In the end, I'd rather have something I can hang my hat on and be proud of than have something that I don't deserve.

Maturing on the job

I was exchanging e-mails with an old friend today, and started talking about my experiences and how I've changed since I started working where I am now.  Hey, no better time to make a blog entry! :)

I'll be the first to admit that I've spent way too much time coasting and resting on my laurels the last few years, and I seriously regret it now.  Hindsight, right?  If I had a nickel for every time I've thought, "If only I had learned about this a few years ago", or "If only I had read up on that", I'd be, well, maybe not rich, but I'd have quite a bit more money than I do now. ;)  The difference between today and a year ago, or 2 years ago, or.... is that I've realized that if I want to get where I want to go, I have to get there myself, that I can't rely on others to help me get there, and I have to be able to show beyond a shadow of a doubt why I'm better than everyone else. I had often said in interviews that my goal was to be "one of the best".  I think I've finally figured out how to actually get there instead of just talk about it and think that what I've done in the past will help me achieve that goal.

The company I'm at right now is the first place in a long time where I don't want to screw off rather than work, or give a half-hearted effort, or openly question my manager and/or upper management and their decisions.  I've been given challenging work, have been learning more than I ever thought I would about Active Directory and all sorts of related things, and have been able to take pride in my work. Also, to get not only private but public kudos from my supervisor and manager (who then relay those up the management chain, where my contract extensions are approved :D ) has really driven me.

I really think I've matured professionally since starting here, but I know I have a ways to go still.  No longer am I the cowboy who goes off and just does things or makes changes because I think they're a good idea.  I'm the one now who tries to reign in the cowboys.  Now, instead of briefly reading about something and going off half-cocked trying to use it, I research.  I learn.  I plan.  I learn.  I test.  I learn some more.  I look at new technologies with an eye towards how they can improve what is in place in production, not just as something I can say I've learned about and used in a lab.  I've found sources of information that just overwhelm me with how much sheer knowledge can be obtained by digging into and reading them.

Now, I just need to maintain this momentum and keep moving forward.  My goals remain the same - to be one of the best, and to work for Microsoft.  Now, hopefully, I have the tools to make it happen.

Tuesday, May 03, 2011

PowerShell script to get Password Expiration

A little something I just wrote that will dump to a .CSV file the Password Expiration date for a list of users from an input text file.  It's one line.  I love PowerShell. :)  

NOTE:  This script was tested only on Windows Server 2008 SP2 in a Windows Server 2003 forest, and requires the Quest ActiveRoles Management Shell be installed.  I make no guarantees about other OSes. You assume all risk associated with running this script in your environment and I cannot be held liable for any damage that may occur from your use of this script.

get-content -path "[path to input text file]" | Get-QADUser -IncludeAllProperties | Select-Object dn, SamAccountName, passwordexpires | Export-Csv -Path [insert path to CSV file] -NoClobber


Monday, March 21, 2011

Lenovo piques my curiosity with the ThinkPad W520

Ok, Lenovo, you have my attention again - Lenovo ThinkPad W520

The page says "Available late March 2011".  It's March 21, does that qualify? :) Among the listed specs that caught my eye:

  • Upto 10 hours of battery life from a 9-cell battery
  • Upto 32GB RAM
  • USB 3.0, HDMI-out, and eSATA-out ports
  • Less than 6lbs
I'll be very curious to see what the various price points are, particularly how much the extra RAM costs. 

Wednesday, March 09, 2011

AD Web Services on Windows Server 2003/2008

Here's a little something I learned when trying to enable the functionality of the Active Directory Module for Powershell a few weeks back on a Window Server 2008 R2 box.  This module is also available on Windows 7, and the solution below is the same for it.

In order to make this feature work, you need AD Web Services enabled on at least one Server 2008 R2 domain controller in your domain.  In our case, the domain controllers are Server 2003-exclusively.  So, I did a little digging and found that you can install AD Web Services on Windows Server 2003 and/or Windows Server 2008 and it would then allow the AD Module for Powershell to interact with Active Directory, which means the Server 2008 R2-exclusive Powershell cmdlets will then work.

We did this on a handful of 2003 DC's in our environment without any problems.  However, when we launched the AD Module for Powershell on our 2008 R2 server, it still couldn't connect to the AD Web Service on any of the DC's.  We got the following message:

Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.
WARNING: Error initializing default drive: 'Unable to find a default server with Active Directory Web Services running.'.
PS C:\Windows>

After doing some digging, I found the information I was looking for.  The AD Module uses DS_WS_FLAG to find an ADWS instance.  This information can be used to locate a DC with ADWS instance, when a client will specify the additional DS_WEB_SERVICE_REQUIRED flag in the DC request.  The problem?  Server 2003/2008 DCs don't understand this new flag. To correct this, an additional hotfix has to be installed, KB969249 (for Server 2003) or KB967574 (for Server 2008).

The workaround for this is to specify the server at which your Powershell query will be directed, via the -server option.  But that can become a problem later if the server you are pointing at goes away, is down for maintenance, etc. 

So, if your AD Module for Powershell won't connect to your installation(s) of AD Web Services, you may now know why and know what to do to fix it.

Reflections on my Lenovo T500

In June 2009, I purchased a Lenovo T500 laptop.  I selected it because it was, at the time, near the top-of-the-line for specs - T9400 Intel Core 2 Duo processor, upto 8GB RAM, 7200rpm hard drive, DVD burner, 15" screen and a dedicated graphics card.  I also was able to get an open-box model at a very reasonable price.  At the same time I also upgraded the RAM to 4GB with a purchase from Newegg.

After 21 months of use, I can't say enough good things about my T500.  Durable.  Flexible (I have dual-booted from VHD a couple of times and it's nice).  Still fast.  Basically, a rock-solid laptop.  I've traveled with it a couple of times, and while it does have a bit of weight that comes with it, I haven't found it to be overly heavy when traveling thru the airport.  Performance has been outstanding - I can have multiple browser windows open, along with a couple of apps like Word, Excel, maybe Acrobat, and I cannot notice a discernible performance hit on any of the applications.  Of course, I use Windows 7 Ultimate 64-bit, so that could help in that department.  I also tend to refresh my Windows install every 6-9 months, or else whenever I try out things like installing the IE9 beta on top of the Windows 7 SP1 beta and it blows up my browser. ;)

I have another 12 months or so of the 3-year factory warranty left, so I'm not driven to find a new laptop yet.  But at the same time, I am driven to see what's out there.  Why?  I want a portable, or semi-portable, self-contained lab environment.  Even if I bumped the RAM on my T500 upto 8GB, I still could "only" run two or three VMs (Hyper-V R2, of course) at any given time.  That doesn't allow me much of a test environment to have going.

What am I looking for in my next laptop?  Quad core (probably an Intel i7), room for LOTS of RAM (16GB minimum), and enough storage to keep 6-8 VM's local on the machine at any given time.  The storage piece is an interesting one for me.  Do I go with a larger 5400rpm hard drive, a slightly smaller 7200rpm hard drive, or an SSD?  The hard drives keep the cost down and provide roomy storage space, while the SSD drives up the price for less storage but pays off with maximum performance.  The models I'm looking at include a Lenovo W510, an Acer Asprire, and the HP Elitebook 8740w (which a friend has and recommends unequivocally).  I obviously have a sweet spot for Lenovo, who's ThinkPad's I've used off-and-on for the past 6 years, both personally and professionally, and have yet to have a single problem or failure.  The Acer gives the features I'd like at a good price point, while the HP Elitebook walks in and flexes a lot of muscle, for a price.  All have multiple glowing reviews, so it may come down to which one "feels" right.

Whatever happens, I'll be sure to put it thru its paces and report back here.  It's something I'd like to do more often, as well as just blog more about my profession and experiences in general.

Until next time, thanks for reading!