I’ve been using windows 8 for the last couple months. Instead of putting it on a tablet I loaded the new software on an old laptop and this adds to the learning curve. Windows 8 is obviously meant for a touch screen computer, not necessarily an old laptop. Yet it is giving me part of the experience. Continued »
I’ve been using windows 8 for the last couple months. As a Seattle IT Consultant I’ve been trying to get some early time on the software before all my clients are using it. Windows 8 is obviously meant for a touch screen computer, not necessarily an old laptop. The last 21 plus years I’ve been using Microsoft systems. Continued »
I was reading a blog recently called Channels com but never seem to go by Mitch Lieberman. I’m not sure if I took the same message as the writer meant me to take, but if you are like me, it’s frustrating as a Seattle IT consultant to have business experts just drop everything in my lap. Continued »
Working as a Seattle business consultant specializing in technology I tend to be on the lookout new solutions for my clients. I came across an interesting solution for among other things, Incident and problem managment. Kana is an interesting if you are a Modern Network Architect. Continued »
So if you are like 5 million other companies you are using Microsoft 365. As a Seattle IT Consultant, I became a partner back when BPOS was the only option for commercial Microsoft hosted email. When I became a partner, I got my own account and the email has always worked well. Then Microsoft moved my systems to 365 and I’ve spent the last year trying to get things working right. I have to admit that after 20 years of IT, the idea of working this problem out with Microsoft has not attractive. I’d rather go to the dentist than spend hours on a help desk line. I think this comes from the early days of computing when a 6 hour wait time was considered good. (When I worked on PeopleSoft, they had a 48 hour wait before they were required to follow-up on a problem)
So I was on the help desk with Microsoft and I found out that my DNS setting were not the recommended settings. The technician also warned that the DNS settings would need to be changed soon or some features would no longer work. He showed me how to test my DNS settings. I thought I’d share what I learned.
Testing DNS Settings
To test your DNS settings logon to your admin portal as administrator. Under the Admin section of the portal, go to domains. In the domains section you should be able to test your DNS. Under a button for testing DNS you will be able to test your DNS settings. If there is a problem, a report will show up with a list of errors.
I’ve found that with companies that have been migrated from BPOS to 365, that there may be some errors on the default DNS settings with your original hosting provider. I’ve included a more detailed list of steps on my info site. Check it out to verify if your settings are correct.
What is ITC
As a Seattle IT Consultant I worked closely with IT as it changed the modern workplace. Information Technology (IT) refers to the supporting technology for data over IP traffic. As voice moved to data and became VoIP (voice over IP (internet protocol)) Continued »
As a Seattle IT Consultant I have often found myself teaching technology classes for private businesses and for local colleges. When I first started in Technology the concept of a Windows security boundary was very different. Windows used the concept of a workgroup. This was a distributed security model. With Windows NT the idea of a centralized security model based on Windows domains. The security in the future became a little confused because a lot of the distributed security thinking was integrated with the centralized model Windows was using. I think it’s interesting that to really understand Microsoft security it helps to understand the similarities and differences between the way the early thinking about networks, DNS and TCP/IP.
NT 4.0 was a huge step in maturity when compared with Windows for Workgroups. For small companies NT 4.0 was perfect. Yet it didn’t take long for a small company to become a medium size company and then a large company. Large and enterprise companies struggled with NT from the beginning. This was because of the SAM. The SAM (Security Account Manager) is a file that describes the security properties of the entire NT 4.0 domain. This included access the security access to printers, servers, data and more on the network. As the network grew, the SAM file grew. This SAM file would eventually grow so bit and unwieldy that network speeds slowed. Access to every object required a review of the SAM that slowed everything down. The temporary fix was to create a new NT 4.0 domain and put have the objects in one versus another. Two domains grew into 4 domains, then 8 domains and so on. For a company like Boeing, the system was a nightmare of overhead.
Windows 2000 introduced the concept of a forest. In Windows 2000, the domain was the security boundary still, but the forest used Kerberos to manage the security between the domains. By Windows 2008, the forest was the security boundary. Domains in NT were impossible to divide. So in 2000, organizational units were created to divide up the domain. When the security boundary was redefined as the forest rather than the domain, the domain became the delineator of the security boundary.
When I would teach the concept of a forest the question would always come up. What is tree vs. What is a forest? The problem in answering this question is well it really depends on the context the question is being asked. Let’s assume though that we are talking about Windows 2008. If we do then we can answer this question using the Microsoft definitions.
A tree is defined by a namespace. Think of a namespace in the same way you would think of a DNS names space. So the names space, www.xyz.com or xyz.com would be a name space. All names spaces that started with xyz.com, like xyz.com/east and xyz.com/west would be still part of the same names space as xyz.com. So therefore would be part of the same tree. These are also called contiguous names spaces because all these names spaces share the names space xyz.com.
Now what if the company had two non-contiguous name spaces. So lets say in addition to xyz.com, the company also had a namespace called Giraffe.com. This non-contiguous names space would be a second tree. Giraffe.com/east and Giraffe.com/West would be separate subdomains associated only with Giraffe.com and would have nothing to do with the abc.com name space or sub domains.
Now the simplest way to think about a forest is as a container for trees. In other words the forest is a collection of trees. Trees are a collection of domains. Domains are a collection of Organizational Units. The forest is the ultimate root for all security for the entire structure. Network objects (users, computers, files, printers, etc.) are placed in the various locations within the tree structure based on the security requirements of the organization.
In our example we see:
Forest: <insert Your Company Name>
Tree 1: Xyz.com
Sub Trees: xyz.com/East, xyz.com/West
Tree 2: giraffe.com
Sub Trees: giraffe.com/East, giraffe.com/West
One of the questions I’m asked, then, is if there is only one tree in the forest is it still a forest or is it a tree? I think at this point we have to ask another question. What are we really describing? We are describing a database structure using non-database language. A database is made up of file, records, fields and field descriptions. The tree infrastructure description is actually a metaphor that helps us understand the data structure, without becoming database experts. So the question is interesting but unimportant. Yet I’ll ask you, if you see a tree standing out alone in the desert, is it just a tree or is it also a forest?