adsense

Saturday, October 18, 2014

How Does Google Work?

Great Slideshow that I wanted to share.  I look at the way they talk about how Google is run, and it reminds me of the way my Dad, and the other leaders ran our scout troop.  If you asked any leader "who was in charge" they would say the kids were.

The real "organizing" was in their ability to create invisible fences for us.  We could fail.  If someone forgot to buy the groceries for the trip that weekend... that was on us.  We wanted to build a catapult large enough to hurl pumpkins? They were there to help (And watch as it broke on the first pre-camp trial)


Wednesday, September 17, 2014

I can Powershell and so can you!


Often automating a task is not worth the time and rarely takes the time planned.  At StackExchange we have lots of people on our team and in our community  who are amazing at PowershellI am not one of those people.

Is it possible to save time using Powershell, even if you're not a guru? Sure!


Framing the Problem

At Stack we use Google Apps for Work.  Google Apps for Work includes a great tool for linking your existing Active Directory structure to your Google Accounts.  That tool, Google Apps Directory Sync (GADS) allows a company to sync Active Directory Users and Groups with Google email accounts and mailing lists.  We already sync our users with email addresses, but my task is to also link our security groups with email distribution lists.  



In a fresh environment, this would be incredibly easy.  However, we have a number of mailing lists that exist on the "Google side" that don't have matching security groups in AD.  This issue is compounded because when group sync is enabled in GADS, any group that does not match an AD group will be deleted on the Google side.  As a friend put it:


We need to attach a trailer to a moving vehicle.


Steps to resolve the problem:

  1. Match existing AD Security Groups to Google mailing lists.
  2. Generate AD Security Groups that don't exist for matching Google mailing lists.
  3. Populate the AD Security Groups with the correct users
If you're familiar with GADS, you'll know #1 is pretty easy.  Using an AD filter we can match groups in our AD structure to existing Google Groups.   The only concern here is to make sure that the AD groups actually have the same users as the existing Google group, since no sync has occurred previously.  

Too Many Clicks...The second issue, Generating AD Security Groups that don't exist as mailing lists,  poses a problem.
Running a simulated Sync on GADS shows 80 Google Groups without a matching AD security group.   (That's quite a few clicks...)


This is our first opportunity to use Powershell to solve our problems.  





I start by grabbing a list of groups that arn't in AD.  GADS simulated Sync logs those groups in a way that is easily copy/pasted into a nice Tab separated format.

Now that we have the groups we can get them into AD:

  • Read the CSV into powershell
  • For each group, generate a security group with matching name.
"BUT I DONT KNOW HOW TO DO THAT IN POWERSHELL"
That's ok.  Lets use our minimal knowledge, and Google to figure out how.


A quick Google search shows a Technet article on Import-CSV.  Reading Microsoft Technet articles is an art all its own.  These articles provide lots of in depth information on Import-CSV.  While more information is GREAT, we're trying to Get Things Done.  Let's CTRL + F to find relevant examples:


We quickly isolate the example CSV import.  By dumping that import into a variable ($csv) we now have an object Powershell can manipulate.  Following a similar search and CTRL + F for New-ADGoup we end up a short script:


So Close.. But wait there's more!


Problem 1 and 2 are resolved, but we still need to populate those AD groups.  Many of the groups only have a few users, and are easily updated using the build in Active Directory Interface.  Some groups are larger.  So large that the existing AD interface would require hundreds, or even thousands of clicks.  If you think that's too many clicks, you'd be right.




Powershell can help!

Just as before, GADS simulated sync will return a list of users effected by a planned sync.  We can again pull that list of users into a TSV.

 Lets modify our existing Powershell script to populate AD groups:

We match on email address, not AD username, so we need to find the AD user with a matching email address, and add them to the correct group. Get-ADUser  has a filter option, which accepts a string.  If we set the email address provided by GADS as the filtered string, we should always get the user we want.

My own workflow involves grabbing a single set of usernames and dumping them into a TSV
I name that TSV after the security Group I intend to populate.
Defining my path with the string below lets me change only 1 variable with each pass of the script.



Saturday, May 10, 2014

What does it take to be an Awesome Sysadmin?

What does it take to be an Awesome Sysadmin?

This Post on Reddit does a nice job of fleshing that out.

http://www.reddit.com/r/sysadmin/comments/255zpb/what_are_qualities_of_a_good_sysadmin/

Knowing what problems are worth automating is a great start.

Tuesday, April 29, 2014

Forcing SSD's in VSAN

I've been working with VSAN quite a bit lately and thought I'd share a writeup I made on forcing HDD's to be set as SSD, and passing greater than 16 hosts to a single cluster.

 The goto11 command is, in my opinion, the best easter egg I've seen in a while.

SSD drives are recognized as non-SSD
 You can use PSA SATP claim rules to tag SSD devices that are not detected automatically.
  1. Identify the device to be tagged and its SATP.
esxcli storage nmp device list
  2. Create a new SATP rule (replace mpx.vmhba2:C0:T2:L0 with your Device ID):
esxcli storage nmp satp rule add --satp VMW_SATP_LOCAL --device mpx.vmhba2:C0:T2:L0 --option=enable_ssd
3. Reclaim the device with the new rule (You can instead restart you ESXi server):
esxcli storage core claiming reclaim --device mpx.vmhba2:C0:T2:L0
4. Enable support for clusters greater than 16 Hosts
esxcli system settings advanced set -o /CMMDS/goto11 -i 1
(If you're not familiar with the movie Spinal Tap, here's why this is amazing: https://www.youtube.com/watch?v=4xgx4k83zzc)
Reboot when complete.

Friday, March 7, 2014

Put an Hamburger in your Terminal

Today one of the guys in my office sent me this code to include in my .bash_profile :

export PS1='\u@\w🍔  ' (That export 🍔 is actually U+1F354 HAMBURGER )

Which makes my terminal look like this: 

Find lots of images to add from unicode_fonts here:

Django Connector Woes

Installing the Python MysqlDB connector for Django on my Macbook was much harder than it should have been.
After a day of tinkering and reading, I've included the steps below (with some references) to help anyone currently trying to make MySQL work locally on their macbook.

Steps to install Mysql Driver on MacOSX
0) Install Homebrew

ruby -e "$(curl -fsSL https://raw.github.com/Homebrew/homebrew/go/install)"

1 ) Install Mysql
brew install mysql

2) export PATH=$PATH:/usr/local/mysql/bin (May be unessesary with HomwBrew install)
http://moravec.net/2013/04/installing-mysql-python-on-mac-os-x/

3) pip install MySQL-python
http://stackoverflow.com/questions/3243073/django-unable-to-find-mysqldb-python-module

4) sudo /usr/local/mysql/support-files/mysql.server start
(force start mysql server 1 time )

For Good Measure:
Not entirely sure if this was needed, but I also installed the Python MysqlDB connector:
https://dev.mysql.com/downloads/connector/python/
(Click no thanks on the Download page to avoid signing up for an Oracle account.)

Friday, February 21, 2014

Better FizzBuzz

I was playing with PowerShell today - and writing another FizzBuzz.  I came across an example where the least common multiple of 3 and 5 (15) was used as a way to reduce the number of checks needed per pass.  Very cool!  Here's my powershell FizzBuzz using that.

Thursday, February 13, 2014

FizzBuzz

For Fun, I wrote a FizzBuzz today in Python. 
Happy to hear any comments on improving it.


; ;