Active Directory: Role Based Access Modeling

Much of my time is spend delving into the minutia of a particular technology to resolve issues or improve department processes. But sometimes understanding and implementing a technology is not the best “fix” for an issue. Sometimes it is a mindset or a model that needs to change. I came up with this security grouping model to address some of the pains of managing permissions across large groups of systems in our environment. Ok, I modified a long standing Microsoft recommendation of AGDLP (an abbreviation of “account, global, domain local, permission”) to meet our needs. Regardless here is a quick rundown of this security group model I devised if anyone is interested.

Continue reading

Funny: Microsoft Goes Chick-Flick

My wife saw this on my laptop screen while we were on a plane trip. She pointed to it, and said “Awwwww!!” as if I were reading a book on relationships rather than a technical pdf going over general SCOM 2007 concepts.

Outlook 2010: Photo Sizing Tool

We are about to get into full swing with our Exchange 2010 mailbox migrations and, soon afterwards, Office 2007 to 2010 upgrades as well. Unfortunately, we don’t have our Sharepoint farm upgraded to 2010 yet so there will be no automatic syncing of user photos into the GAL for those nice vanity pics which you can view in Outlook 2010. I know people like to be seen so I found a nice powershell based GUI for our (awesome) service desk team to use to upload these photos for users as requested. But you still have to get these photos thumbnailed to approximately 96×96 before uploading. Repeated manual labor is the anathema of any self respecting sysadmin who knows how to hack other people’s code to suit their needs. So I whipped up a very dirty (as in, “wow, get the bar of soap” dirty) hack which combines this person’s clever photo-sizing hack with the prior mentioned gui.

Continue reading