I'm reposting up here the links to the handouts from yesterday. If you'd like to hand them out at User Group meetings, please do so.
PDF attachments for the handouts given out at the session:
What exactly IS managed servcies? Is it monitoring? Is it taking responsibility throughout the entire network?
Mark Crall says that managed services is such a broad term that in the end, all will offer managed services. Some of this thoughts...Predetermined price, predetermined contract, consistency that can be predicted.
Whether we know it or not, all will offer managed services whether or not it aligns with what the industry is defining it.
Can really small providers survive in the competition with the hardware vendors now offering services. Cynthia is saying that she says that with her clients, she brings to the table ensuring that the client gets his need served, not that they are sold hardware. Ted is talking about how his local user group turns into a support network for the smaller IT shops. The panel is making the point as well that sometimes the smaller IT companies you can limit the scope by defining the size of networks that they support.
Mark is saying that the large firms are not the competitive threats. Small business that are growing don't trust the larger firms. AutotaskGo, Hosted Kaseya via SecureMyCompany, the companies are offering services that used to be only offered during to the big guys are now offered to the smaller IT partners.
With partnering, and with the hosted offerings, Mark is saying that there's more opportunities for small shops not less. Karl is talking about how the trusted relationship and some of his clients wanted him to "bang his head against the top of the desk".
Karl is discussing that whether or not you call it managed services, the fact is that remote tools and technology has changed the IT industry.
When's the last time a screwdriver and a wrench fixed your car? Car mechanics used computer tools all the time.
If you don't evolve and used the tools, that's the event that will drive you out of business.
Cynthia said that the way SBS has changed a small business, and allowed a small firm to have the technology of a larger firm. Tools but the small IT firms on the same level playing field as the larger companies... and THAT's what will keep the small IT shop in business.
It's the trusted strategic advisory relationship that Microsoft, Dell, etc cannot compete with. Mark Crall said that trusted relationship is the one asset that you have that no one can take away from you. That is the key to your future success.
Ted is talking about that every three years you have to reinvent themselves. "You are always learning different things, it's our business".
Ryan is making the point that where the good IT shop will separate themselves from the rest, is when things break. That's where you separate the folks that only know the wizards, from the folks that can work deeper.
Mark Crall said that if you aren't looking at the next building blocks... and he said "If you are not into virtualization right now you are crazy"
Karl says that "we don't need to know everything", we just need to know where to go to find the information and get the resources for what they need to know.
Just so you don't get the idea that conferences in New Orleans are all about fuzzy pictures of folks riding mechanical bulls in a New Orleans bar that will go unnamed so we can blackmail them later, the best part of the SBSMigration conference just finished up about 10 minutes ago. Yes, that's 4 a.m. in the morning to the folks in New Orleans. The talking to folks in the lobby for several hours, getting a better understanding. Talking about the industry, the peers, the perceptions, the future of the Dells and the Silverbacks and what not, talking about UserGroups and community at a community conference.
Or perhaps it was the conversation on the balcony the the fantastic folks from http://www.calyptix.com/. (Hey, I'm a sucker for talking with fellow security minded folks)
But here's the thing on this topic this year. Change.
It's not going away.
SBS 2008, EBS 2008, Vista, man it's smacking us in the face. And the conversations regarding change are happening now.
My advice to everyone is to build a test box and get ready to embrace the Windows Essential Server Systems family and see what opportunities they can bring.
I'll be blogging more on the topics that were brought up today yesterday. But for now. Bed.
So there has been this thread in several listserves between those that have embraced Vista and those that see Windows XP as what they embrace. And invariably folks ask “what does Vista have that my clients want?” Before we get my reasons listed here let’s get the elephants in the room satisfied.
It’s slower.
It’s bloated.
It doesn’t have anything my clients need or want.
It takes more RAM.
..and so on…..
In my opinion what the yes or no to Vista comes down to is good or bad experiences with hardware. And I’m toying with the idea of starting a list of good Vista hardware configurations and bad ones as I’ve noticed a trend where some hardware is really good and some hardware isn’t so good. I’ve been very happy with HP hardware.
Here are my observations regarding Vista.
First off only buy it on new hardware. With all due respect to the folks that built the Vista hardware assessment toolkit so you can scan your network and see if you are ready to deploy Vista, don’t even think of deploying it to existing boxes. Yes, I’m typing this blog post up on a several year old Acer Travelmate C110 who’s video monitor can’t do Aero and it has 2 gigs of ram but it acts the same as it did with XP. I fully expect to support a mixed network for the next few years. I’ve also noticed a great deal of change between last year’s Vista quality hardware and this year’s. I've not found it slower.
I have it running on a 2 year old Acer Travelmate C110 and it can't do Aero. If your perception is that it's bloated... then turn off aero. I consider 2 gigs of ram to be standard these days. 3 gigs better, 4 gigs even better and I'm still 32bit. Throw a flash drive and I've seen it speed up as well.
Not running as admin. So many times I keep hearing people say that “I’m running as admininistrator”. And really, you are not.
Read that very carefully. It says “you think you are running with full administrator rights, but there’s still some places that impact more than one user that we still will ask your permission. That means the root of the c drive is protected. That other user’s folders are protected.
It’s bloated. In my office I have an 8088 luggable computer. On the green screen is burned into it the Lotus 123 we used back then. I also have a DOS based Lacerte from 1986 that still runs. However their user friendliness is for the birds. One man’s bloat is another man’s GUI. And if it’s so bloated why is it running like a champ on this laptop? One thing that I would recommend even with new OEM computers is to make sure the nics and the video card drivers are on the latest.
Searching. Truly it makes a big difference. In my experience it’s faster than the Windows Desktop search.
SMB 2.0. The very thing that is causing some pain now, makes for extremely fast network speeds once a Windows 2008 server is connected. Many of us right now are comparing the user experience of XP hanging off of a 2k3 box and that is indeed the optimal setting. What most of us are not seeing is the experience when you hang a Vista off of a 2k8 box. I have a 2k8 and a 2k3 member server and my goodness the speed difference.
Security (and no I’m not talking about UAC). For those that wax poetically about Windows 2000, look at the risk of that platform with regards to patching it. More often than not when there is a 2k vulnerability that matches an XP vulnerability, the XP can only be attacked from authenticated connections, the 2000 opens itself up to anything. I really don’t think enough time has passed for us to get a good feel yet for the code review and SDL impact on Vista (Jeff Jones counts and all not withstanding).
Group policy Settings. You want to allow some kinds of USB devices and not others? Not a problem. Take a look at these links. We do NOT use group policy like we should do and if you have clients worried about data walking out of their firm Vista has tons more granular policies for controlling USB devices.
http://technet2.microsoft.com/WindowsVista/en/library/a8366c42-6373-48cd-9d11-2510580e48171033.mspx?mfr=true
http://download.microsoft.com/download/c/3/8/c3815ed7-aee7-4435-802b-8e855d549154/GroupPolicySettingsforWindowsVista.xls
Specifies a list of Plug and Play hardware IDs and compatible IDs for devices that cannot be installed.
If you enable this setting, a device cannot be installed or updated if its hardware ID or compatible ID matches one in this list.
If you disable or do not configure this setting, new devices can be installed and existing devices can be updated, as permitted by other policy settings for device installation.
To locate the hardware IDs for a specific device, open the Device Manager, right click on the device that you are interested in and select the Properties command from the resulting shortcut menu. Upon doing so, you will see the device's properties sheet. Now, go to the properties sheet's Details tab and select Hardware IDs
from the Property drop-down list.
NOTE: This policy setting takes precedence over any other policy settings that allow a device to be installed. If this policy setting prevents a device from being installed, the device cannot be installed or updated, even if it matches another policy setting that would allow installation of that device.
If this computer is a Terminal Server, then enabling this policy also affects redirection of the specified devices from a Terminal Services Client to this computer.
UAC
User Account Control
Yes that lovely thing everyone loves to bash. First off in SBS 2008 the one tweak that I will go on record now as saying that I will not freak out one bit if you do is on the server, if you change the UAC to automatically elevate. Why? Because when you are on the server you should have your “I’m an admin, I should be careful now” mode.
Run Regedit and navigate to
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
Change the value of ConsentPromptBehaviorAdmin from "2" to "0".
On a workstation, I would argue that the threats on the web mean that when Microsoft says “only surf on trusted web sites” is meaningless. I don’t trust ANY web site anymore. Sandi of the www.msmvps.com/blogs/spywaresucks blog talks about malvertisements where banner ads offer up malicious content. Big sites like CNN.com, even Microsoft’s own Hotmail have been hit with these malicious advertisements. I can’t trust ANY web site these days (which is another reason I’m looking at http://www.calyptix.com/index.php as a unified threat management device solution).
Do I want to turn that off on the workstation? I would argue not. It puts Vista into what we jokingly call the “untied string bikini mode” http://msmvps.com/blogs/bradley/archive/2008/02/08/keep-your-bikini-on.aspx , where something ‘could’ trick you into lowering your defenses. But IF you do the “untied string bikini mode”, at least it leaves protected mode in place for Internet Explorer. (not to mention you have to also regedit off the warning as well).
It’s been my experience that the roughest/toughest part of Vista is the install of the applications. Those particular apps that throw off the most UAC prompts… you should equate UAC prompts per application to “this vendor didn’t care about security when they wrote this”. If you have an older LOB app that isn’t supported on Vista, then you have to make the call of going unsupported. Of course if the app is really old, it’s probably unsupported on XP as well. If you have a newer app and the vendor won’t support it, please push on the vendor to do so, and then virtualize the app, look at Terminal Server or opt for Vista Business with XP downgrade rights (and yes, OEMs will be selling this AFTER June 30).
But think about doing the hacking the registry stuff that the PDF’s and handouts talk about. As I can get workstations to only throw off UAC when they update.
As long as my users have icons on the desktop for their applications, they don’t skip a beat and they absolutely LOVE the clock on the gadget bar. But meanwhile I get the extra group policy settings, I get the advanced event viewer, I get the task manager, I get the local shadow copy.
I’ve just scratched the surface here and I’ll blog more on this, but Vista is a solid business value for me and my firm.
PDF attachments for the handouts given out at the session:
http://msmvps.com/files/folders/bradley/entry1618983.aspx
http://msmvps.com/files/folders/bradley/entry1618980.aspx
http://msmvps.com/files/folders/bradley/entry1618969.aspx
http://msmvps.com/files/folders/bradley/entry1618966.aspx
Video regarding group policy -- I sound a bit like Minnie Mouse but try it anyway.. http://www.sbslinks.com/sbsmigration/ITProConference.html
Microsoft Says No Client Backup In SBS 2008 <http://crn.com/software/207601736?cid=ChannelWebBreakingNews>
Microsoft has confirmed it won't be including PC client backup when it releases *Small Business Server 2008* later this year.
ChannelWeb Breaking News - http://crn.com <http://crn.com>
Benjamin is talking about how small businesses have 80% of the employees, in many cases small businesses need more security as we represent more nodes on the Internet.
Complete features, active directory, no seat licenses, the number of users are the recommended people hanging off the device.
http://www.calyptix.com/ae500.php,
Check it out.
According to Chris Rue it's gerbels and monkeys... but he's making the point that you have to learn how to crawl before you walk.. and from walk to run.
Stand up a site. Blow it up. Kill it. It's okay.
But the only way you will learn SharePoint is to blow it up.
You have it under the hood in SBS 2003. The thing that holds most people back is the backup/restore of SharePoint. They don't understand it.
Start playing with version 3 now as it has much more backup and version control.
Chuck just said that what it involves is mapping the business process of the firm to the technology. And then Chris commented that once you showcase how you understand and enhance the business processes you get stuck like glue with your clients. Amy is talking about how they use SharePoint as the location for master/standard templates for autocad. Chris just said that SharePoint allows you to make documents more actionable, that flat file doesn't do it.
"You gotta get involved in your customers business side" Chris Rue, New Orleans, May 10th, 2008
http://www.zune.net/en-US/support/webhelp/C00D11D2.htm?&webhelp_mpver=2.5.447.0&webhelp_id=C00D11D2&webhelp_contextid=0&webhelp_originalid=80070005&webhelp_locale=en-US
Sometimes one has to wonder about instructions, take a look at Zune's "debugging your internet problems". It seems to me that looking at the firewall may be the way to start first, not all the third party tool add ons.
(link courtesy of Mark Crall who looks even better when he's glistening)
...after a few hiccups..... Chris Almida gave a talk about their migration plans. One thing that should be clear to everyone here is when the public beta opens up one of the things you should get ready for is migration. Get a test bed. Build a test SBS box. Test the answer file/setup tool. Test a migration and make sure you document the processes you will do in migration.
P.S. for the record... Chris's presentation was SOOOOO powerful that it triggered a power spike from the Power Company which blew the breaker on the hotel. (they must not have had a surge protector or UPS ya think?)
http://blog.calyptix.com/2008/05/calyptix-at-sbsmigrationcoms-it-pro.html
For those here at the conference, Calyptix will be having a special session at lunchtime regarding their unified threat management SMB firewall unit. Check them out!
Sometimes you don't need any words... but then again it's hard to capture in pictures how the Bouncer threw out Mark Crall and Amy Luby off the balcony across the street because of the bead throwing going on....
(p.s. Mark reminded me that they were thrown off twice.... )
"Fuzzy" in New Orleans....
More Posts
Next page »
![[There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not.]](http://www.sbslinks.com/images/yodaheader.jpg "There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not!")