They silently (well maybe not so silent as I didn’t check if it was announced) published an internal tool that the F5 support engineers use for troubleshooting Big-ip load balancer configuration dumps. With a login account you can access this tool at the aptly named URL of http://ihealth.f5.com. This has some really cool info that you might fine useful in resolving load balancer issues in your environment.
Active Directory: Role Based Access Modeling
Much of my time is spend delving into the minutia of a particular technology to resolve issues or improve department processes. But sometimes understanding and implementing a technology is not the best “fix” for an issue. Sometimes it is a mindset or a model that needs to change. I came up with this security grouping model to address some of the pains of managing permissions across large groups of systems in our environment. Ok, I modified a long standing Microsoft recommendation of AGDLP (an abbreviation of “account, global, domain local, permission”) to meet our needs. Regardless here is a quick rundown of this security group model I devised if anyone is interested.
Funny: Microsoft Goes Chick-Flick
My wife saw this on my laptop screen while we were on a plane trip. She pointed to it, and said “Awwwww!!” as if I were reading a book on relationships rather than a technical pdf going over general SCOM 2007 concepts.
Microsoft gets a bit soft...
Virtual Connect: Cisco MDS 9500 Fiber Connectivity
I’ve done quite a bit of work with HP’s Virtual Connect and C7000 blade enclosures in a contained (almost pure HP) environment. Today I ran into an issue which flummoxed both myself and an on-site engineer while attempting to connect the VC 8gb interconnect bays to the Cisco MDS fiber module for an upcoming (and exciting!) VMAX implementation.
Outlook 2010: Photo Sizing Tool
We are about to get into full swing with our Exchange 2010 mailbox migrations and, soon afterwards, Office 2007 to 2010 upgrades as well. Unfortunately, we don’t have our Sharepoint farm upgraded to 2010 yet so there will be no automatic syncing of user photos into the GAL for those nice vanity pics which you can view in Outlook 2010. I know people like to be seen so I found a nice powershell based GUI for our (awesome) service desk team to use to upload these photos for users as requested. But you still have to get these photos thumbnailed to approximately 96×96 before uploading. Repeated manual labor is the anathema of any self respecting sysadmin who knows how to hack other people’s code to suit their needs. So I whipped up a very dirty (as in, “wow, get the bar of soap” dirty) hack which combines this person’s clever photo-sizing hack with the prior mentioned gui.
»Read More
ESX + MSCS 2008 R2 + SQL Server 2008
Just a quick note on this little combo. Should you be looking to setup a windows 2008 R2 cluster in a virtual environment (details on specific vmware configuration left to the reader) here are some quick notes that I have on some caveats.
1.) Either keep vmware tools un-uninstalled or make certain not to install the Shared Folder component of vmware tools.
2.) Don’t clone the second node from the first using vmware. Even if it changes the SID it does NOT change athe NIC card underlying GUID which causes issues in the cluster validation wizard.
3.) Make sure to configure all networking prior to presenting any raw data mappings in vmware.
4.) Increase the cluster heartbeat timeout to prevent unnessesary failovers:
cluster.exe /prop ClusSvcHangTimeout=120
5.) No thin provisioned disks.
There are other caveats and such but these are the ones that bit me personally (well except for the thin provisioned disks, we don’t use them where I’m at now unfortunately).
Unfortunately setting up a MS cluster in vmware sort of erases most the benefits of having a vm in the first place sometimes you just need a cluster without all the hardware and hassle thereof 
Exchange: Remove entire OU from address book
Here is another script that I hacked together in part of an AD/Exchange cleanup task to remove disabled users from the address book. This script, more specifically, removes an entire OU of users from the address book, so make sure that all the users are disabled in the OU you will be running this against!
Big-IP: Custom IIS SOAP Monitor
In working on a production issue with my company’s flagship SaaS product I worked with some of the brilliant F5 engineers to isolate one web server in the load balanced pool which was intermittently failing. The F5 engineer recommended a health monitor that does more than just poll for a static page. He suggested we implement some kind of soap call to make the application pool do some work and return a result (I guess in case the IIS application pool is misbehaving but not down). So I worked with one of our developers to do just that but ran into some caveats which required yet another custom health monitor.
Big-IP: Sharepoint 2010 Monitor
While specing out a Sharepoint 2007 to 2010 migration I discovered that the default monitor created by the application template on our big-ip LTM load balancers does not work. In seeking a solution I ran across this gentleman’s blog with a custom external monitor but found that it didn’t really work. The solution to make it work was simple (as I explained on his blog in a comment). I went ahead and extended it to be more environment generic.
»Read More
Exchange – Notify Forwarded Accounts Script
In cleaning up a large number of disabled user accounts in AD I wanted a way to notify a large number of users specifically that they were being forwarded e-mail from another account. This was part of an effort to clean up AD a bit before moving everyone over to Exchange 2010 but it can be used independently of any one project as part of a general AD maintenance plan.
You can download the script here, just rename to ps1 and run from a machine with exchange 2010 EMC installed.