devolve

2005.11.09

kansas opts to include intelligent design.

it’s likely that the flying spaghetti monster will not be included in these discussions though.

Categories : OMG DUDA WTF

p-cups

2005.11.05

frozen reeses peanutbutter cups are totally friggin awesome.

i introduced jeff and his fiance to them today. we’ll see how they like them.

Categories : about  fun

and i’m back

2005.11.04

bill was kind enough to upload pictures from the backpacking trip we all went on. click the picture to be sent over to the album

Categories : fun

scary

2005.11.04

background:

the company i’m on assignment to is migrating from an NDS/Netware/Win2k-Pro/Zen/NAL infrastruture to an AD/Win2k3/WinXP/Group Policy/SMS infrastructure. it’s a rather large company so this change is complex, difficult to manage, and full of workarounds.

a large majority of the “user migrations” rely on a backend SQL server, which nathan wrote an app to help import users from NDS. project managers give the migration team lists of users to be created in the AD environment. this information also goes into the SQL server, updating the records nathan’s app imported. smoke and mirrors and a few hours later, we have some user accounts, created on servers and everybody’s pacified.

the drawbacks to this setup are:

  • sysadmins export users from their systems with no regard to validation. these get passed to the project managers to be imported
  • usernames can also be collected with an inventory-agent that runs (monthy?) at login time
  • the project managers pass this information along, performing minimal validation
  • some users have multiple user accounts in the NDS infrastructure, it appears the first user ID they come across gets migrated to AD whether it’s the right or wrong one
  • garbage in, garbage out

where my team sits in this whole process, all the bullshit coming from upstream stops. everything that’s been done wrong upstream becomes apparent when we have to do our part.

frustrated with the (perceived?) lack-of validation, i came up with a lookup webpage (actually, two+two classes files) to help me with my role in this process: operational-level support. these php scripts leverage two SQL servers, an LDAP server, an AD Domain, and two Novell NDS directories.

it started out as a simple interface to quickly verify user information. it’s turned into a little more, but only for leveraging more systems for validation.

  • lookup users against the corporate directory server (using LDAP://) to verify if the user is still with the company (maintained mostly by HR, updated when management informs them of changes)
  • lookup users against both Novell NDS’ (again, using LDAP://) to verify if the user exists in the file & print infrastructure (maintained by sysadmins, updated when management informs them of changes, but less frequently than HR)
  • lookup users in the “new” AD infrastructure (using…GUESS!) to see if they already exist, if their accounts were created in the right context, etc
  • a summary page which takes a list of IDs and displays the pertinent information for a user in the migration process and indicators of issues worth investigating
  • the summary page can currently process about 15-25 users/sec and upto 2000 users before running out of allocated memory
  • user details page which shows everything the summary does, and then some
  • oh yeah, running on linux2.4/apache/php4/mysql 😈
  • this lookup tool is on my test box, it’s running debian sarge (2.4.27 testing/unstable)

what gives this post its title? this has turned into an enterprise tool which gets about 1200 hits a day. this isn’t the first time some hack i’ve done has turned into an enterprise solution though. i hate supporting shit for others that i do for my own personal benefit.

  • debian has since moved on with their testing versions and things are breaking on my test server. it needs to be reloaded.
  • no UPS, no RAID, no backups. this server isn’t redundant in any way, shape, or form

there is a production linux/apache/php4 environment i can migrate this to, but i don’t know if freeTDS is available on that suse9 setup yet.

screenshot under the “more” link.
Read more…

Categories : geek  OMG DUDA WTF