The intent of this post is to create a summary definition of roles required to adequately
manage an enterprise website. It is designed to be used in tandem with a RACI (Responsibility,
Accountability, Consultable, and Informed) document to provide a unified management
model for the web Infrastructure developed.
Each role is neither inclusive nor exclusive in that any one person can qualify for
more than one role, and more than one person can qualify for the same role, as long
as each role has been fulfilled adequately.
In a future post I will discuss the creation of a RACI document.
Database administrators are charged with controlling website data resources, and use
repeatable practices to ensure data availability, integrity and security, recover
corrupted data and eliminate data redundancy, as well as leverages tools to improve
database performance and efficiency.
Application Administrators are charged with installing, supporting, and maintaining
applications, and planning for and responding to service outages and other problems
including, but not limited to, troubleshooting end-user issues at the application
Server/Operating System Administrator
Server Administrators are charged with installing, supporting, and maintaining servers
and other systems, as well planning for and responding to server outages and other
problems including, but not limited to, troubleshooting Application Administration
issues at the Operating System level.
User Account/Permissions Administrator
Account Administrators are charged with managing user accounts as well as permissions
for users within the system. This includes, but is not limited to, locking and unlocking
user accounts, as well as resetting passwords.
Hardware Administrators are charged with managing server hardware and resources. This
includes, but is not limited to, deployment of servers as well as troubleshooting
issues such as faulty hardware.
Network Administrators are charged with managing physical network resources such as
routers and switches and logical network resources such as firewall rules and IP settings.
This includes, but is not limited to, managing routing rules as well as troubleshooting
These roles were created in an attempt to define job responsibilities at an executive
level. A RACI document is then suggested as the next step to define what each
role entails at the management level.
Or your ally in the fight against technology management. Earlier this week I
was given the task of doing some naming for new servers, which is pretty much SOP.
Problem is, we don’t have a naming standard. As such, I may choose a name that
annoys someone, or they choose a name that annoys me. This becomes very political.
We don’t want to name things in such a way that they annoy people. It’s a bad
idea. And, much to my dismay, I said something this morning that was pretty
much just insulting to one of my team members.
I could have given loads of excuses, but it wouldn’t have mattered. I was being
petty. Man, that’s a bad idea in an office. It divides teams, and man,
that’s *really* bad in an office. The reason it came about was because a few
people were talking about moving into “fun” server names, as apposed to functional
server names. Examples of this would be Cygnus or Badger, as apposed to GR-SQLCluster1.
The reasons behind it being:
It’s more secure if the attacker doesn’t know what the server does, based
on it’s name
Server roles change over time, so GR-SQLCluster1 might become relegated to an apps
Sections of functional names become redundant
Organize names by type; i.e. birds, galaxies, different words for snow, etc
At first glance, they make great sense. However, after a little time to digest
the reasons, a few things become clear.
If an attacker is able to get to the server, to the point that they can know the name,
you are already screwed
A good practice is to rebuild the server if it changes roles, and with that change
People don’t want to connect to the Badger Server
You need a reference list to figure out what the Cygnus server does/where the Cygnus
server physically is
If you want to create DNS entries to provide functional names to it, that’s another
level of complexity to manage
What happens when you run out of server names?
Given this list, it now becomes an interesting debate. But I have one question
As a developer, would you name a variable ‘badger’ if it was holding a shopping cart?
Not a chance. You would only do that if it were badger related, and even then
you are better off with ‘meanLittleWoodlandCreature’ in case you change something.
In my response I called the security reason laughable. Again – petty and a really,
really, really bad idea when in a team discussion. Obviously I was
in a pissy mood for some reason, or maybe a greater than thou mood thinking
I knew more about the topic. I tend to do that.
I think what really made me do it was that we are developers, not administrators.
It’s not our job to name servers. So why were we? I didn’t want to piss
anyone off, I just wanted to name the server so we could move on to the next stage
of the deployment. This situation could have easily been averted.
If we had a naming convention for our servers, regardless of fun vs functional, I
could have followed the convention and washed my hands of the problem. So I
guess the question is, why don’t we have one? Lot’s of companies don’t have
them. And I think it’s because of stagnant server growth.
If you are only setting up a couple servers every so often, you aren’t bogged down
with these types of questions. You have time to discuss. The problem we
are having, I think, is because we have increased our server growth dramatically in
the last little while, which hasn’t given us enough time to discuss names as a group.
I was rushing to get the server into production because the administrators were busy
working on other tasks that were filed under the category “Do Now Or ELSE!”
So I think we need a naming convention. A functional naming convention.
It will prevent a world of hurt down the road. Now to get buy in, and ask for
forgiveness. I still have lots to learn.
It’s been a long week, and it’s only Monday. It all started with an off-the-cuff
comment. It was of the petty nature, and it certainly wasn’t accurate.
It seems that is usually the case with petty comments.
I was berated for suggesting SharePoint Services as a replacement for our ageing intranet,
and the commenter responded with a quick “SharePoint? Microsoft makes that,
it’ll cost too much. Our current java site works just fine, and it’s free.”
Or something of that nature.
How do you respond to a petty comment? It’s pretty damn hard:
While Microsoft Office SharePoint Server 2007 does cost money for licensing, Windows
SharePoint Services 3.0 (which MOSS is built on) is free. Not free as in speech,
but free as in beer. Always has been.
Java is a terrible language for websites. It’s slow, and none of the developers
in the company know Java. We all program with .NET languages.
The current intranet is running on an AS/400.
The bulk of the stuff we do on our current intranet could very easily be done in SharePoint,
without any development. And, we can also increase productivity with the added
features of team workspaces and free templates for other departments.
The only cost will be in man-hours setting the server up, and migrating content.
Those have been my main arguments since I started working here. We are a Microsoft
shop, but very often choose non-Microsoft products. Hmm…
The main reason we don’t use Microsoft products is cost. Plain and simple.
Ironically, that is also the same reason WHY we use Microsoft products.
We use SQL Server, Windows Server 2008, Active Directory (finally!), IIS, MOSS (soon),
and program in C#. We don’t use office 2007, only Office 2003, some computers
are still on Windows 2000 and XP. Only one computer is running Vista, and two
are running Windows 7. But then again, we are a Not-For-Profit company.
Budgets are tight.
This post is NOT a comment on our current state of technology, because like I said
in a previous post, we do a pretty good job of staying on the cutting edge in a few
This post IS a comment on the people out there who think cost is the only thing to
look at when evaluating a product. For the love of god, STOP bitching about
price. START bitching about quality.
I can’t stand bad software. People don’t pay for good software, but then complain
about its quality. Come on! There is a formula out there that calculates
the cost of a piece of software over time. It takes into account initial cost,
and the cost of the updates that follow. It’s a simple y = mx+b formula.
Now, when you have a higher initial cost, you tend to assume it’s of higher quality.
Put this into the equation, and the number of updates, and the cost to implement these
updates goes down. Over the life of the product, it’s cheaper to go with the
software that is initially more expensive. This is basic business.
What this basic business formula doesn’t show you is the added headaches you get with
crappy software. You tend to end up with silos of systems, and silos of data.
You don’t get integration. This is where the cost sky rockets. Or more
accurately, this is where productivity decreases.
SharePoint Services 3.0 is free. It doesn’t cost anything to use. It’s
easy to use, and integrates with most of our internal systems. I just ruined
my entire argument. Sorta. SharePoint is a quality piece of software,
and over time, it will cost less to use and maintain than any of the other intranet/middleware
applications out there. Most people don’t realize this.
I’ll probably get flack for this one: Most people don’t complain about software
expenses. They complain about Microsoft expenses.
“We give Microsoft too much money, and don’t get enough in return.”
“There must be better software vendors out there than Microsoft that are cheaper.”
“Why bother upgrading; XP Works fine.”
Have you seen the cost of a friggen Oracle license? What about
IBM’s iSeries? Novell’s Groupwise? My jaw dropped when I saw the cost
of these things. I can’t say a single nice thing about Groupwise. It’s
a terrible product. IBM’s iSeries is pretty good, but it’s limited what you
can do with it. Oracle knows databases, but has a higher license cost than a
good chunk of a department’s salary.
Microsoft gets most of our money because it has quality products, at a good price.
Look at a few competing vendors products and compare cost and quality as well as the
ability to integrate across platforms. Revelation is a wonderful thing.
You might think twice before settling on cost.
Last week Silverlight 3.0 was released. In Toronto, ObjectSharp put
on a very cool launch event, with lots of great demos and compelling reasons to start
using Silverlight immediately. I was impressed, but I’m a Microsoft fan-boy
(fan-boi?), so that doesn’t count. It was certainly fitting that ObjectSharp
propose using Silverlight for some parts of our new website www.woodbineentertainment.com,
seeing as they won the bid to build the new site. I saw the potential; as did
a few others on the team. However, some executives did not see the benefit.
I respect their opinion, somewhat because I have to – they can fire me after all,
and mostly because they have business sense on their side.
The company is very much on the cutting edge of technology in a few respects, but
very conservative in the way we choose technology. For instance, our new site
will be built on Microsoft Office SharePoint Server 2007. I’d wager there are
less than a hundred publically facing websites on the internet that use MOSS (probably
due to complexity and cost), yet we chose to use it because of the potential in further
developing it in future iterations.
Silverlight on the other hand is a different story. Recent reports peg Silverlight
penetration at around 25-30% of all browsers. Whether or not this is accurate,
who knows. It’s the only data available. Flash penetration is at 96%.
Now, in my opinion 25% growth in 2 years on Silverlight’s part is impressive.
Flash has been around for nearly 2 decades. There is definitely a correlation
to be made in there somewhere.
At this point, I was sold on using Silverlight. The exec’s still weren’t.
Seeing as Silverlight is a browser plug-in, it must be installed in some way, shape,
or form. At 25%, that means our customer demographic would have around 10% penetration.
That is terrible. Getting them to install a plug-in to view site content is
a tough sell. The executives didn’t want to scare away customers by making them
install the plug-in. SharePoint doesn’t need a browser plug-in.
And here in lies the Catch-22
To expand our marketed audience, we build on Silverlight to give them more content
that is better authored to their needs. In doing so, we lose customers because
they need to install the plug-in. There is no metric at this point in time to
help us extrapolate the difference. There is a reasonable risk involved with
using such cutting-edge technology. We will use it when browser penetration
is high enough, yet browser penetration won’t grow if sites like ours don’t use Silverlight.
I’m a technology risk taker. I live on the bleeding edge. I run Exchange
2010 beta, on Server 2008 virtualized on Hyper-V, with IIS7 running this site, browsed
by IE8 on Windows 7 RC, and authored in Office 2007 (2010 if Microsoft would give
me the flippin bits!). The company, not so much. Risk is good – as long
as you can mitigate it properly. I can manage my risk, as it’s not the end of
the world is something here crashes. I don’t lose an audience. If the
company can’t market to it’s customers because the tools in use are too new, it will
lose audience. Period. And that means lost revenue.
Maybe we can convince the exec’s in Phase II.
In the previous post Make it Right I
asked the question
Why aren’t more people making it right?
I was curious why people don’t take the time to write software properly. There
are lots of jokes about bad software development:
If houses were built the same way programmers build programs, we’d all be living on
Unfortunately it’s a fair statement. Most programs out there suck*. I
used to come back with the argument that people have been building houses for thousands
of years, but software for only a few decades. There are bound to be issues.
But then it occurred to me.
Mike Holmes is all about making it right, as I said in the previous post. His
TV show was about fixing the problems that professionals made. Professionals
who have been building the same thing people have built for thousands of years.
Wait a minute. I just flawed my own argument.
Houses are built the same way programmers build programs.
I see three very apparent reasons.
Cheapness – People want software built quickly, as cheap as possible.
Laziness – Why strain your mental processing or follow best practices when you can
just do whatever first comes to mind?
Uneducated – Sometimes (a lot of times) the person doing the building/development
just doesn’t know what they are doing.
There are numerous other reasons why, but these three are by far the biggest across
all aspects of building stuff. I think they answer the basic question asked
earlier, but now I have another question.
Why do we let people who are lazy or uneducated build applications for us, just so
we can save a few bucks? We will end up paying loads more in support after the
*I said programs, not programmers.
I hated school. Technically, I’m still enrolled in college. Bachelors
of Business Management. Blech. I figured at least with business, I would
learn something useful later in life. I chose against Comp. Sci. for a few reasons.
One being that I know a couple PhD’s that know nothing about building applications
in the real world.
In Comp. Sci., you learn how to build data structures, and how to make Mandelbrot
Set’s process faster. In business, you learn why people buy stuff.
Or more appropriately, you learn how to get people to buy your stuff.
Seeing as I learned (taught myself?) about things like linked-lists and pointers while
in grade 10-ish, and wrote/re-wrote/re-re-wrote Mandelbrot Set builders as a final
project in grade 11, I think I can safely say I would be bored as all hell in University.
Not to mention all the theory. Comp. Sci. is all about theory. Maybe 10%
is actually coding. F-that.
Business is inherently hands-on.
I like hands-on. It’s tangible.
The only problem I had was finding resources. My programming teachers were pretty
cool, and were always willing to help me on algorithms that confused me, as well as
extra-curricular programs when something just wasn’t jiving. But I had cool
teachers. Not everyone is as lucky as I was. And with the teachers, they
weren’t thinking in C# or ASP.NET everyday like I tended to do. Trying to ask
them why something trivial like
didn’t compile was kinda painful. I usually got a response along the lines of
“what’s the colon for?”. I always felt funny trying to explain the quasi-xml
structure of ASP.NET to teachers. This left me in a lame position of needing
to find help. Forums are great, but separating the wheat from the chaff is a
waste of time. Enter stackoverflow.com (4
years late, mind you) and you get answers quickly. I like it. I use it
all the time. I’d like to think that those who are willing to look for resources
will find the site fairly easily. However, there is another site out there that
not too many people know about. It’s the Microsoft
Student Experience site. Yeah yeah, brain wash them early. I drank
the kool-aid early.
Part of the website is dedicated to the DreamSpark program.
Free, fully-licensed Microsoft products. Nuff said.
The other half of the site is dedicated to students. Good thing, given the name.
Not just students studying software development either. All students.
It provides tangible resources for students. Stories, tutorials, and templates
look to be the main content. It’s all surprisingly good stuff too. It
ranges from school studies to general life, to post-school life.
These resources may help those students who are struggling with school – at any level.
There are students out there with lots of potential. Let’s not see it go to
As budgets get tighter, Tech·Days is the perfect way to get the Tech·Ed experience
without the travel expense, with two days of skill-strengthening education to help
you position yourself for success by:
Learning the technology—with a customizable agenda from over forty
sessions across five technical tracks on both current technologies and new products,
like Windows® 7 and Microsoft® Exchange 2010;
Connecting with Experts and Peers—with Birds-of-a-Feather lunches
and the new Windows 7 Zone, you'll have lots of opportunities to share your ideas
with those who know the products best; and
Apply what you learn—with a Learning Kit packed with products and
resources so you can continue to grow your skills long after the event has finished.
Technologies discussed: Windows 7 Operating System, Windows Server®
2008 R2 operating system, Visual Studio® 2008 development system, Silverlight™ browser
plug-in, Exchange 2010, Security/Management, and more.
If you want the VIP Discount use the promo code TD09Partner.
Vancouver Convention Centre
Metro Toronto Convention Centre
World Trade & Convention Centre
Hampton Inn & Convention Centre
Winnipeg Convention Centre
Early Bird: $299, Regular Price: $599
There is a good chance I will be presenting at one (or more) of these locations, so
keep an eye out. In the event that I don’t, I will definitely be enjoying the
Toronto stop of the tour. In either case, I will be there ready to learn, with
a pocket-full of business cards.
Oh, and I’ll be leaving with a box/bag/shopping cart* of swag.
*Metaphorical shopping cart. They are going to give away lots of
Boredom is a bad thing! Especially when you are putting off work.
So what do I do to waste my time? Check out local user groups. The websites
at least. A few days ago I posted a few links to some promising groups.
To my disappointment there really aren't that many Microsoft oriented user groups
in Toronto. I wouldn't call it a bad thing. More of an opportunity.
I have determined that TorontoSql.com, TorontoSql.net, and TorontoSql.org
were not registered. So for $30 I registered all three of them. Now I
have to put them to good use. Currently they are pointed to www.syfuhs.net
until I find a proper home.
More to come on that front!
Since moving to Toronto I have been looking for user groups that I
think I could benefit from. So far I have found a couple of interest:
What is Techdays?
The Canadian IT Pro Team would love to call it a Tech-Ed of the north, except on tour.
Check out the site: www.techdays.ca
to get the
info, but the dates are:
Toronto Congress Centre
The Palais des Congrès
Calgary Stampede Roundup Centre
Halifax World Trade Centre
Vancouver Convention Centre
I will be doing a presentation in Montreal and Ottawa entitled Microsoft SQL Server:
Essential Database Maintenance for New and Seasoned DBAs
. The synopsis is:
Every DBA knows that managing a database using SQL Server
requires dealing with a key set of components of SQL Server in an optimal in order
to make their lives easier. But what are the elements of SQL Server that you need
to really focus on to get the best bang for the DBA buck, and what best practices
should be followed to ensure an optimally-running an instance in SQL Server? In this
session we will walk through the Top 10 List of DBA techniques and best practices
to ensure a smooth running database and instance. You’ll learn: how to optimize data
files and transaction logs; why TempDB is special and how to treat it properly; indexing
strategies dealing with corruption; and much, much more.
I'm also doing a session entitled Beyond Relational SQL Server 2008: Managing Unstructured
and Semi-Structured Data
The amount of data that does not fit into the tabular format
of relational tables is increasing tremendously, be it images, sounds, text documents,
XML documents, or semi-structured data. Integrating this data with the robust, efficient
processing capabilities of SQL Server and providing integrated querying and management
of that data together with the standard relational data becomes increasingly more
important. This presentation will present new and existing functionality on how SQL
Server 2008 supports these non-relational kinds of data. The presentation will provide
insights into FILESTREAM, Remote Blob storage, new XML functionality, integrated Full-Text
Search, sparse columns, filtered indexes and the new hierarchyID type.
Should be fun. See you there!