Keith Smith - My Blog

Microsoft

Keith Smith - My Blog > Microsoft

My latest IT infrastructure refresh

Sunday, May 15, 2022 - Posted by Keith A. Smith, in Network, Automation, Microsoft

Two years ago, I took on a new opportunity where the infrastructure environment was stuck in what felt like the tech era of the 2000s, specifically around 2005 and older. Things like network segmentation for security, modern operating systems, applications, hardware, scanning from copiers, ubiquitous Wi-Fi, and more did not exist at any of the sites. It took me just shy of a year to complete this infrastructure refresh. As I write this post,  I'm glad to share that this refresh is done for now. I wanted to share some of the before and after shots.
 
I'll start from the server room and work my way outwards. This comparison shows the lack of cooling in the server room. Notice in the old pic the piece of cardboard on the vent. My guess is that it was supposed to redirect the air to another part of the room. The old A/C was failing and leaking refrigerant, so I replaced it with Redundant A/C units.




The racks were old, making it difficult to rack new equipment. I scheduled a maintenance window on a weekend to remove all the equipment and racks.





Here is a comparison of everything racked before and after. I had the electricians install LED lighting in the room. I moved a lot of services to the cloud but still needed a private cloud for certain services being provided to staff.





Here is a shot of all the racks and new equipment. I introduced virtualization, 1, 10 & 25 gig network connections, temperature and environment monitoring, and enterprise-wide Wi-Fi, which was a first for this org.





I decommissioned the legacy 100meg networking and cleaned up the cable spaghetti with color-coded cabling. I later upgraded the phone system software since it was due.





IDF1 - New 12-strand optical cables were run to this area, and I upgraded the network switches and cleaned up the cable spaghetti with color-coded cabling. Lastly, I added a cellular extender to help with signal strength.





IDF2 - New 12-strand optical cables were also run to this area, and I upgraded the network switches and cleaned up the cable spaghetti with color-coded cabling.




Remote site1 - All equipment had been exposed in a vehicle mechanic shop for years. I'm not sure how the old equipment stayed running in those conditions, but everything was full of dust and grease. I ordered a new 12U APC cabinet, upgraded the network switches, and cleaned up the cable spaghetti with color-coded cabling.



Remote site 2 - This site was the easiest to upgrade. I installed new network switches, added some remote site servers here, and replaced the cable spaghetti with color-coded cabling. 




I created a standardized zero-touch windows 10 image with automated application deployment by department and deployed dozens of laptops, VPN, etc., with docking stations for staff to work from anywhere during the pandemic.




-End

View Comments 0 Comments
Share Post   


My Windows 11 evaluation

Friday, April 1, 2022 - Posted by Keith A. Smith, in Microsoft

In short, the OS has potential, but isn’t quite ready for the business world.

From January to early March of 2022, from a system admin and technical project management perspective, I personally ran tests.

1.    Pros
a.    Resource usage has the same friendly demands as compared to Windows 10.
b.    The new OS does have some TPM (Trusted Platform Module) tech needs to be mindful.
c.    Can sideload Android APK files – handy for those System Admins that are supporting Android devices.
d.    Widget friendly for those that want the feature.
i.    Me personally, I have no desire to know the weather, news, and trendy topics on my business machine – feels like commercials that distract focus.
e.   More options to those working with multiple screens and snapping windows into multiple partitions.
f.    For those AI-users, there are additional controls with Google and Amazon AI’s. Cortana is still there, but must be installed.
g.   Edge browser works just as snappy and friendly as Chrome, but that’s to be expected since the new Edge operates on the Chromium engine.


2.    Cons
a.    Start Bar Grouping is Removed (Limit to showing only 18 apps).
i.    As a system admin that uses many applications, this forced more mouse clicks and keyboard touches to find my desired app. I’m not a fan of using a desktop shortcut for every app I use.
ii.    If one currently desires to have this feature back…there’s an app for that. Look up Start11 by Stardock. Yes, that’s right, MSFT decided to remove a native feature and now we need to pay for use.
b.    Task Bar Grouping Granular Options are Removed
i.    Example: Outlook and all active email items (email, meeting invites, etc.) are nested in the Outlook toolbar icon. I am a technical project manager that schedules multiple meetings and can have 10-plus Outlook items open at any given time. For me to see my active Outlook objects, I must click on the taskbar icon and then my ten Outlook objects will expand (Um…which one of the ten is the meeting invite I need?). This is a massive inefficiency gap.
ii.    Same as above, you’ll need Start11 by Stardock to restore previous native function to ungroup your taskbar icon.
c.    When upgrading to Windows 11 from Windows 10, there are only 10 days to revert. After that, it is a full reinstall.
d.    Windows Hello is Forced Heavily

i.    These features can be fully disabled via local and group policy, but it was overly frustrating to disable these features. The intuitiveness of the process is in question.
e.    Microsoft has many areas that must be disabled to limit/stop Microsoft from “knowing” you. Disabling identifying information takes time but appears to be straightforward.
f.    OneDrive Enterprise SharePoint Sync sites are grouped into “shared” OneDrive paths. OneDrive operated beautifully until the February 2022-2 cumulative update.

i.    If you are a heavy OneDrive user for individual use and SharePoint Online TeamSite use, you will likely spend part of your days and weeks hunting for and resyncing your data…even then, I wasn’t able to get OneDrive to play nice like it does in Windows 10.
g.    The MSFT Store requires use of a personal MSFT account to download certain apps. Work and School domain accounts do not function as acceptable access to the store for many apps…why, just because.

Windows 11 started out great in January 2022, but the February 2022-2 cumulative update caused MS Teams and Office365 to operate rather “buggy” (dropped calls, audio driver issues, Teams calls crashing, Office365 apps crashing, etc.). This was the final indicator that the new OS has a ways to go for the business world.

My take, the design for Windows 11 is focused on the average Windows user or those that desire to have multiple desktop icons on their screen (think mobile phone). If you are an organized user that requires multiple start menu groups to locate apps in the least number of clicks/touches, Windows 11 is not the OS you are looking for….move along.

The new OS has potential, but the MSFT product mangers seem to have forgotten those of us that have used Windows as a business OS for the last 25-ish years. Sure, the UX on the surface is utterly gorgeous and sleek, but form must still follow function.

How many businesses and agencies implemented Windows 8 despite the initial lack of the start button?



-End

View Comments 0 Comments
Share Post   


Let's Encrypt redirect with KEMP load balancer

Sunday, November 10, 2019 - Posted by Keith A. Smith, in Network, Automation, Microsoft

PKI Management is a huge PITA, in a near future I will post how I've automated PKI renewals and installation of certificates. In this post I wanted share a method managing certificate renewals in an environment that has multiple web servers and a KEMP load balancer in front with a central server for certificate management. The Load balancer rules will send traffic with the /.well-known/acme-challenge/ to the certificate management server and all other 80 traffic gets redirected to 443.


You will need to create a virtual service with two subVS's.




Open the virtual service then add the first SubVSs





The first subVS weight should be 1100 and Not Available Redirection Handling Error code set to 302 and the Redirect URL set to https://%h%s.




The second SubVS has a weight of 1000 and has the IIS server I use to create my Let's Encrypt certs set as the real server.





Create a content rule named Lets_Encrypt, Rule Type is Content Matching, Match Type is Regular Expression, Header Field is left blank, Matching String is /^\/.well-known/ and ignore case is checked.




Now enabled Content Switching at the VS. I then added all my Content rules for my domains to the first SubVS so they will be redirected to HTTPS then I added the Lets_Encrypt Content Rule to the second SubVS.




To download the exported file, visit my github repo https://github.com/KeithIT-Dev/Kemp






-End

View Comments 0 Comments
Share Post   


Still a bunch of cool tools from Sysinternals

Friday, September 13, 2019 - Posted by Keith A. Smith, in Network, Microsoft


You can point your favorite browser to http://live.sysinternals.com/ to access to any Sysinternals tool. If you would like do it the "old school way" you can open up Windows Explorer (if you are on windows) and point it to \\live.sysinternals.com\ to browse and launch any Sysinternals app. These tools have been a staple for most of us that have been in field for a while now, it's good to see them still being developed.


-End

View Comments 0 Comments
Share Post   


Error Solved 0x80070490 while activating product key win server 2019

Friday, August 23, 2019 - Posted by Keith A. Smith, in Microsoft

If you are getting error 0x80070490 while trying to active windows server 2019 in the gui try running the following command from an elevated command prompt

slmgr.vbs -ipk ABCDE-FGHIJK-LMNOP-DX3G-QRSTV  <--(place your product key here)

It should be successful. As a side note, I have found parts of GUI in windows server 2019 don't function correctly. An example I've seen is that when installing windows updates after the updates have installed and you click the restart now button. It throws an error which causes the operator to restart the server from the start menu options. Maybe Microsoft will address these issues in the near feature via a patch of some type.

-End
View Comments 0 Comments
Share Post   


Page  123...5>