North East Bytes - a Microsoft technology usergroup in North East England.

Powered by Squarespace

Friday
Mar072014

Get the hell off Windows XP! NOW!

One month from today, support ends for the Windows XP operating system, and Office 2003.

YOU DO NOT WANT TO BE RUNNING UNSUPPORTED SOFTWARE!!!

This is why…

There are still a lot of people running Windows XP. There are bad people in the world who try to find vulnerabilities in Windows (and Office, and anything else with a decent user base). Those people know that any vulnerability that they find is only useful to them until it is patched. If they keep their newly discovered vulnerability to themselves until after 8th April 2014, it’s not going to be patched, so it will be useful to them forever (until people stop using Windows XP)! Therefore, it’s incredibly likely that people have been stock-piling zero day exploits for months if not years, waiting for this.

So, in case it isn’t clear yet, let me summarise: If you are running Windows XP this time next month, it is likely that very soon, someone with bad intent is going to take control of your computer (unless it is completely isolated from everything else).

The good news is that you have a month to do something about it. The bad news is that, depending on the size of your organisation, that pretty much makes it a DIRE EMERGENCY! Stop reading blogs and do something about it.

These links might help you:
http://www.microsoft.com/en-gb/business/community/hints-and-tips/business-implications-running-windows-xp-office
http://www.microsoft.com/windows/en-gb/xp/default.aspx

Monday
Jan272014

PowerShell Scripting Tip: Choose your tests carefully

There's a lot that can be achieved in a little bit of PowerShell (a single (pipe)line, even), and that brings with it a tendency to throw a solution together quickly. As the saying goes, though, with great power comes great responsibility, so you need to be careful.

Using -whatif and -confirm can help you to avoid hanging yourself, but you also need to do more thorough testing before you put a script into production (and yes, I'm talking to myself as much as anyone else here).

For example, I have tripped over a problem (and I know others who have done the exact same thing), where I wrote a PowerShell script that altered some objects in Active Directory. I had some dummy objects to test on and after a few itterations I had a script which manipulated them in just the way I wanted. I changed my input to the appropriate set of live objects and it all worked. Brilliant.

The trouble occurred when the script was run subsequently on a different set of input which referred to some objects which had previously been removed from Active Directory. I hadn't tested the script with any input that referred to objects which didn't exist. If you'd asked me ahead of time, I probably would have said that I'd expect the script would just ignore those rows in the input file. Most of the time that's probably what would happen...

...except in this particular case, when no exact matching object was found, it dropped back to a WILDCARD MATCH!!! Cue a bunch of objects that shouldn't have been touched, getting messed up in some inconvenient ways! :-(

The first time this happened, it had everyone utterly perplexed. It was fixed with no understanding of the cause. The second time the same script did the same thing we worked it out, fixed the mess and the script. I subsequently saw a similar script create a similar problem for someone else, and I was able to help him remediate that situation before anyone noticed.

What those experiences hammered home for me was the need to formulate test input for my scripts very carefully. Don't get me wrong, this wasn't news for me, as I'm sure it isn't for you, but the awareness of how much worse things might have been in those semi-disasters has helped me to formulate better testing, and I'm pleased to say that I haven't had an avoidable problem caused by one of my scripts since then.

AttributionNoncommercialShare Alike Some rights reserved by Paul Robert Lloyd

So, if there's any chance that your script is going to face anything unexpected in the future, you need to test for it, and perhaps including some input cleansing in there. In your test input you should include some stuff that's fine and your script shouldn't alter, some things that your script should operate on, some duplicates, some things that don't exist, and some stuff that just plain make no sense. Try to break it as much as you can (although be careful where you're running it!).

Oh, and if there's any chance that someone else may run your script in the future, make sure that you document what you know it works for, and what you haven't tested. There might not be a need for you to test for every possible outcome today, but you don't want someone coming and knocking on your door blaming you for something that you didn't do, but didn't test for either. You can at least make people aware of the scenario that you did test for, and let them know that you didn't check that it wouldn't blow things up if they decided to run it as domain admin instead!

Thursday
Jan022014

PowerShell MVP for another year

My 2014 started out with the news that I've received my 4th Microsoft MVP Award for PowerShell, which contrasted wonderfully with the end of 2013 when I had a rather nasty fall and was lucky to not break a few bones (although I do still feel pretty sore).

I've learned from experience not to bother making New Year's Resolutions, but going forward I do have a plan to work smarter (see my last post on The Phoenix Project) and to take advantage of working in a tall building to get some exerise up and down the stairs!

Wednesday
Dec112013

You've got to read this!

If you work in IT (heck, even if your business has any IT - so that's all of you), then there's a book that you should read; "The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win".

Regardless of your specific role, I'm certain that you'll learn something useful (and more importantly, actionable). I've changed my approach to doing a few things already based on lessons I've taken from the book and I still need to process some more ideas around how to do stuff better. I expect that I'll be reading it at least one more time through so that I don't miss anything that I could make use of.

One month ago, I'd never heard about this book. Of all the interesting and useful things that I took away from the Microsoft Global MVP Summit this November, I suspect that this will have the greatest impact. Fellow PowerShell MVP Steven Murawski often talks about DevOps and recommends this book in his presentations. He's such a fan of the book that he brought a bunch of copies to give out and I was very glad to receive one after hearing him extol its virtues. (Thanks Steven!)

Having read the first few chapters on the flight back from Seattle, on landing I purchased the Kindle edition from Amazon UK so that I could carry it around on my Kindle and phone in order to reduce the barriers to being able to consume it!

Personally, I love the approach that this book takes. By encompassing so much useful information about ITSM, DevOps methodologies and much more in a novel with an engaging storyline, I was able to read it much more easily and quickly that many of the dry technical texts that bog down our industry. I think that it also helped me to digest the information and apply it to my work situation more easily, even though I work in a significantly different type of organisation to that in the story.

The bottom line is that this isn't just a good book, it's an important book. You should read it at the first available opportunity. We'll all be the better for it.

Tuesday
Nov122013

Free events for IT Pros in Newcastle on 25th November

On Monday 25th November, St James' Park in Newcastle is the venue for three free events for IT professionals covering a range of Microsoft technologies.

During the day, the MVP Cloud OS Relay and SQL Relay 2012R2 have great line-ups of MVPs and other experts in Windows Server, System Center, Hyper-V, Office 365, Azure, SQL and Business Intelligence.

In the evening, the Windows User Group takes over with an event covering Windows 8.1, deployment, MDOP and Office 2013.

The schedule for the Cloud OS event is at http://www.cloudoscommunity.com/Newcastle and free sign-up is at http://www.eventbrite.co.uk/e/mvp-cloud-os-infrastructure-relay-newcastle-tickets-8456426399

The SQL Relay event has sold out, but if you're desperately interested in any of the sessions at http://www.sqlrelay.co.uk/events/2013r2/Newcastle.html you can register for the Cloud OS event and switch tracks throughout the day if there's capacity in the room.

Sign up for the evening event is at https://www.eventbrite.co.uk/e/windows-and-office-tour-tickets-9107714419

Hopefully I'll see you there!