Canadian Information Processing Society (CIPS)
 
 

CIPS CONNECTIONS

INTERVIEWS by STEPHEN IBARAKI, FCIPS, I.S.P., MVP, DF/NPA, CNP

John Policelli, International Authority in Windows Technologies, Widely Acknowledged Networking Expert, Best-selling Author and Certification Exam Contributor, Microsoft Most Valuable Professional

This week, Stephen Ibaraki has an exclusive interview with John Policelli.

John Policelli Microsoft Directory Services Most Valuable Professional (MVP), MCTS, MCSA, ITSM, i-Net+, Network+, A+. John Policelli is a solutions-focused IT consultant with over a decade of combined success in architecture, security, strategic planning, and disaster recovery planning. He has designed and implemented dozens of complex directory service, e-Messaging, web, networking, and security enterprise solutions. John has spent the past 9 years focused on Identity and Access Management and providing thought leadership for some of the largest installations of Active Directory. He has been involved as an author, technical reviewer, and subject matter expert for over 50 training, exam writing, press, and whitepaper projects related to Windows Server 2008 Identity and Access Management, networking, and collaboration. John maintains a blog at http://policelli.com/blog

To listen to the interview, click on this MP3 file link

Go to www.microsoft.com/youshapeit/technet for a look at this interview and much more.

The latest blog on the interview can be found in the IT Managers Connection (IMC) forum where you can provide your comments in an interactive dialogue.
http://blogs.technet.com/cdnitmanagers/

DISCUSSION:

Interview Time Index (MM:SS) and Topic

:00:44: You have a long history with wide expertise in Windows operating systems and especially Windows Server 2008. Can you overview the Windows Server 2008 product suite?
"...there are a number of editions which include Web, Standard, Enterprise, Data Center, Titanium and HPC. I primarily deal with Windows Server 2008 Enterprise but I'll do my best to align the major differences with each edition...."

:06:00: Can you provide your top tips in the technologies present in Windows Server 2008?
"....Active Directory or Active Directory Domain Services (improved auditing capabilities)....Read Only Domain Controller role (designed for offices that lack physical security)....Global Name Zone (intended to provide single-label name resolution)....New Validation Wizard (run before you implement a failover cluster)....System Requirements for Windows Server 2008 are much higher than predecessors (...use as much memory as possible and give yourself lots of disk space).....Active Directory Federation Services (not as complicated as in previous versions)....New features relating to Group Policy (can help you move away from logon scripts and achieve better security and policy enforcement)....Service Manager (a new tool in Windows Server 2008 which enables you to perform a number of management tasks in a single location)....Windows Server 2008 Enterprise and Data Center editions provide Hyper-V and integrated high availability support at no additional charge (very important when you use virtualization for production systems)....File Server Resource Manager (provides a number of new capabilities and improvement over NTFS disk quotas)....IIS 7.0 (familiarize yourself with IIS 7 and IIS Console before you deploy)...."

:12:11: What are your top 5 tips for IT Pros who have to install Windows Server 2008?
"....Understand system requirements....Ensure you have enough memory....Familiarize yourself with the steps to install Windows Server 2008 by using the command-line and an answer file....There are less installation steps but this results in more post installation tasks....If you plan to use Windows Server Backup, you need to plan ahead...."

:14:30: How about your top 5 tips for managing Windows Server 2008?
"....Familiarize yourself with Server Manager....Learn PowerShell....Leverage Windows Deployment Services....Invest some time learning the new Reliability and Performance Monitor....Meet the new Event Viewer...."

:19:29: What are 5 little known gems about working with Windows Server 2008?
"....Any new Organizational Unit that you create in Active Directory is automatically protected from accidental deletion....When you use the Windows interface to promote a domain controller, you now have the option to export the settings you specified to an answer file....If you use the Remote Desktop console on a Vista or Windows Server 2008 computer to connect to the console of another server, the /console switch will not work....You can now view an Active Directory object's attributes by using the Attribute Editor tab on the object properties....Microsoft has a new release of its FTP service called FTP 7.5...."

:22:40: Tell us more about the new Active Directory in Windows Server 2008 and Windows Server 2008 R2.
"....In my opinion Windows Server 2008 includes the most significant changes to Active Directory since its initial release in Windows 2000 Server....Active Directory auditing....Fine-grained password policies....Read Only Domain Controllers....Restartable Active Directory....Point-in-time snapshots of the Active Directory DS Database....With Windows Server 2008 R2 there are many noteworthy changes in R2 as well. It will only ship in 64-bit editions (not specific to Active Directory but this is a significant direction for Microsoft)....As for the changes that are specific to Active Directory, there's quite a few. I won't get into too much detail because R2 is still in beta but I will list some of my favorites...."

:28:23: What are your best practices for securing Active Directory for large enterprises?
"....Give an entity the least amount of access it requires to do its job and nothing more....An asset must be protected to a degree consistent with its value....Assume that an intruder will attempt to use any available means of penetration....A security system is only as strong as its weakest link....A security strategy needs to address all aspects of securing an Active Directory including physical security, administrative authority and the end system...."

:31:34: What are your experiences and lessons learned from running Active Directory and Microsoft Core Network products for one of the largest banks for 5 years?
"....I found myself doing a lot of research. This was very beneficial to me because it allowed me to learn a great deal with regards to Active Directory and interoperability requirements of dozens and dozens of applications...."

:34:47: What are your recommendations around Microsoft Certification Exams for Windows Server 2008?
"....Ensure you fully understand what is being tested on the exam and prepare for it by using a number of methods....You need to complement books with additional preparation material. (For example, take an instructor-led training course, subscribe to some e-learning courses, purchase some practice tests.) Using multiple methods to prepare for a certification exam will really pay off in the end...."

:36:20: What are your top recommendations for Microsoft E-Learning?
"....Most E-Learning courses include hands-on virtual labs. I recommend that you complete these labs because you will be exposed to hands-on tasks which will better prepare you for the certification exams...."

:37:16: Can you spend more time detailing the benefits of Windows Server 2008 R2?
"....R2 includes a number of CPU-specific enhancements....Additional power management capabilities, as well as reduced power consumption for servers....Hyper-V improvements ....Windows PowerShell 2.0....Best Practice Analyzers integrated into Server Manager....IIS 7.5 and full ASP.NET functionality on Server Core...."

:40:17: What are some of the top challenges and their solutions with Windows Server 2008 that you hear about in your work?
"....A client was experiencing some unpredictable issues with their Exchange Server 2003. This issue surfaced after they deployed Read Only Domain Controllers in their Active Directory environment....To resolve the issue for the client we made some changes to their Active Directory site topology which prevented the Exchange Server 2003 servers from using Read Only Domain Controllers....A client had moved a website from IIS 6.0 to IIS 7.0 and the ASP.NET application that was hosted on the client's website broke....We had to modify the website's application pool request processing mode to resolve this issue...."

:44:12: What do you consider to be the best resources for working with Windows Server 2008?
"....'24 Hours of Windows Server 2008' (series of Microsoft TechNet webcasts)....'Build High-Availability Infrastructures with Windows Server 2008 Failover Clustering' (Microsoft TechNet webcast)....The Windows NT Backup Restore Utility and Microsoft Active Directory Topology Diagrammer (download both from the Microsoft Download Center)....ADFind and ADMod command-line tools (freeware tools by Directory Services MVP, Joe Richards at joeware.net)....There are a number of valuable community sites such as the Microsoft Windows Server Active Directory newsgroup)....'Ask the Directory Services Team' blog....Books relating to Active Directory (eg. 'The Windows Server 2008 Active Directory Resource Kit and the Active Directory Cookbook, Active Directory 2008 How-To Book)....Microsoft TechNet Library...."

:49:26: What about the future with Windows Operating Systems-what should IT Pros be preparing for?
"....Immediate future - IT Pros should familiarize themselves with Windows 7 and Windows Server 2008....Long term - I think cloud computing is in the future for Windows operating systems....With the current economic conditions, cloud computing is in a great position to gain momentum in the market place. I believe that it is important for IT Pros to familiarize themselves with Microsoft's Azure Services Platform...."

:51:19: John shares an interesting story from his work.

:53:26: What 3 questions would you ask and what would be your answers if you were doing this interview?
"....What is it about Active Directory that makes it one of my favorite technologies to work with?....Were there any instances where you implemented a change that went horribly wrong?....What made you get into IT?..."

:57:10: Where do you have the most fun?
"....Research and Development and creating solutions...."

:58:07: The UN-founded International Federation for Information Processing or IFIP has their Professional Practice Partnership Program which received full ratification at the world general assembly in August 2007 with their first implementation meeting in Montreal hosted by CIPS in October. This marks an historical inflection point and speaks to IT as a recognized profession with global standards, profession-based code of ethics, and widely adopted professional certification-all happening in 2009. Can you provide your comments?
"....I have long been a believer that the IT industry is in need of better standards and professional certifications...I am a strong believer that IT should be recognized as a profession with global standards...."