Tag Archives: admins

Salesforce Trailblazer community must keep pace to fuel growth

Salesforce customers need help to use Salesforce. It takes self-trained, motivated admins, developers and consultants to plug the Salesforce platform into a company’s operations. If it’s a successful implementation, it takes even more talent to scale up as the Salesforce customer’s business grows.

On its present growth trajectory in the wake of acquiring Tableau and MuleSoft, Salesforce will need to persuade triple the current number of these independent experts to join its tribe in the next decade. The number could end up being even higher, considering Salesforce customers like Heidi Melin, CMO of cloud office collaboration and project management provider Workfront, say they already see Salesforce admins and developers in short supply.

 “Salesforce is at a place from a scale and a breadth perspective that they should — and probably are — turning up their Trailblazer efforts,” said Melin, who added that many cloud software companies, including Workfront, need more skilled ambassadors to integrate their applications into their customers’ workflow to enable success. “The more people that are trained and are ready to use Salesforce, the higher propensity to influence their customers’ technology choices.”

To help develop the talent pool, Salesforce launched Trailhead, a free training site with an outdoorsy theme that includes a gamification element to mark learners’ progress. A Salesforce Trailblazer, or trainee, will then earn credentials called “badges” and gain skills following guided training paths. Trailblazers earn “superbadges” to show advanced competencies in areas such as app development, data management and Salesforce administration, as well as AI and analytics capabilities.

“This is part of the brilliance of Salesforce, building and continuing to curate this massive community of people — most of whom are not, and have never been — employed by Salesforce but are activists and fanatical fans out there,” said Constellation Research analyst Nicole France. “They’re involved on a daily basis using and shaping Salesforce systems.”

The genesis of Salesforce Trailblazers

Considering Salesforce just passed its 20th anniversary, Trailhead is relatively new, given that it debuted in 2014. New training videos and a mobile app were among the upgrades highlighted at its Dreamforce conference last month.

Sarah Franklin, executive vice president and general manager of platform, Trailhead and developers at Salesforce, helped create Trailhead from scratch. The idea, she said, was to make the training accessible and consumable by anyone, anywhere. That requires plain language, free of jargon, as well as making content renderable for people with disabilities. She said she wants everyone who wants to be a Salesforce Trailblazer — Salesforce’s word for customers and Trailhead learners — to join the community.

“There’s a bunch of generic words names in the industry — citizen developers, champions,” Franklin said, adding that Salesforce wanted to create a Trailhead culture where the people earning the badges were being celebrated, not Salesforce itself. She had to convince Benioff to use that particular word, Trailblazer, which is now emblazoned in white script lettering on black hoodies ubiquitous at Salesforce user gatherings.

We wanted to give our community an identity that they can relate to, and that they own.
Sarah Franklin Executive vice president and general manager of platform, Trailhead and developers at Salesforce

“The hoodie is symbolic. What is written is not ‘Trailhead.’ It’s not ‘Salesforce.’ We did not take a Salesforce logo and plaster it on their chest,” Franklin said. “We wanted to give our community an identity that they can relate to, and that they own.”

More than 1.7 million Salesforce Trailblazers have earned more than 17.5 million badges, according to the company, with 25% of Trailhead users indicating in a recent IDC report that a badge earned them a new job. Career site Indeed.com said job postings for Salesforce developers increased 129% from 2018 to 2019.

Salesforce Trailblazer roadmap: No-cost bachelor’s degrees

Over the next decade, Franklin’s setting her sights on making Trailhead a venue where users can earn a free bachelor’s degree. It must be fully accredited, she said, because accreditation is “the one thing employers have from our government to filter out applicants from skilled labor positions.”

If her team’s successful in doing that, it will give Trailhead a flashy tool to recruit more admins and developers to keep up with market demand and help lay a foundation for the future of Salesforce.

Another part of Franklin’s Trailhead strategy is to focus on diversity and inclusivity, and to find people ripe for job retraining such as recently discharged military veterans re-entering the civilian world.

 Salesforce Trailblazer Sheldon Simmons
U.S. Navy veteran and Texas Salesforce consultant Sheldon Simmons, pictured here at Dreamforce 2019 with co-CEO Keith Block, forged a post-military tech career by taking free Trailhead courses.

That was the case for Sheldon Simmons, a Navy boatswain’s mate who fueled aircraft for eight years and bounced around the Austin, Texas, region after discharge. Working at a semiconductor plant and living part-time in his car, he took a Java course at a community college, which didn’t pan out to a job as he’d hoped. After that, a representative from the Merivis Foundation, a group that connects military veterans with Salesforce employment, introduced Simmons to Trailhead.

Five Trailhead badges later, Simmons is a Salesforce consultant with three years’ experience under his belt. Last month, Salesforce featured Simmons in a Dreamforce keynote with Salesforce co-CEO Keith Block.

“My [Navy] job wasn’t technical, so when I got out of the service, no one was going to hire me as a gas man,” said Simmons, who now recruits fellow veterans for Salesforce Trailblazer training as a Merivis Foundation board member. He said he believes vets bring attitude and perspective that is conducive to success working on Salesforce teams.

“Sometimes I hear people complain about stuff, and I’m like, ‘Man, at least we get to go home, at least we’re not sleeping on a helicopter in 120-degree weather,'” Simmons said. “I remember those times and what I would give to be sitting in an office right now. There’s nothing that’s going to rattle me, and the work isn’t going to be too much.”

This is the second of two parts on how Salesforce can serve its customers while chasing ambitious growth. Read the first part here.

Go to Original Article
Author:

How PowerCLI automation brings PowerShell capabilities to VMware

VMware admins can use PowerCLI to automate many common tasks and operations in their data centers and perform them at scale. Windows PowerShell executes PowerCLI commands via cmdlets, which are abbreviated lines of code that perform singular, specific functions.

Automation can help admins keep a large, virtualized environment running smoothly. It helps with resource and workload provisioning. It also adds speed and consistency to most operations, since an automated task should behave the same way every time. And because automation can guide daily repetitions of testing, configuration and deployment without introducing the same errors that a tired admin might, it aids in the development of modern software as well.

PowerShell provides easy automation for Windows environments. VMware admins can also use the capabilities of PowerShell, however, with the help of VMware’s PowerCLI, which uses PowerShell as a framework to execute automated tasks on VMware environments.

PowerShell and PowerCLI

In a VMware environment, PowerCLI automation and management is provided at scale in a quicker way than using a GUI via the PowerShell framework. PowerCLI functions as a command-line interface (CLI) tool that “snaps into” PowerShell, which executes its commands through cmdlets. PowerCLI cmdlets can manage infrastructure components, such as High Availability, Distributed Resource Scheduler and vMotion, and can perform tasks such as gathering information, powering on and off VMs, and altering workloads and files.

In a single line of code, admins can enact mass changes to an entire VMware environment.

PowerShell commands consist of a function, which defines an action to take, and a cmdlet, which defines an object on which to perform that action. Parameters provide additional detail and specificity to PowerShell commands. In a single line of code, admins can enact mass changes to an entire VMware environment.

Common PowerCLI cmdlets

You can automate vCenter and vSphere using a handful of simple cmdlets.

With just five cmdlets, you can execute most major vCenter tasks. To obtain information about a VM — such as a VM’s name, power state, guest OS and ESXi host — use the Get-VM cmdlet. To modify an existing vCenter VM, use Set-VM. An admin can use Start-VM to start a single VM or many VMs at once. To stop a VM use Stop-VM, which simply shuts down a VM immediately, or Stop-VMGuest, which performs a more graceful shutdown. You can use these cmdlets to perform any of these tasks at scale across an entire data center.

You can also automate vSphere with PowerCLI. One of the most useful cmdlets for vSphere management is Copy-VMGuestFile, which enables an admin to copy files and folders from a local machine to a vSphere VM. Admins can add a number of parameters to this cmdlet to fine-tune vSphere VM behavior. For example, there is -GuestCredential, which authenticates a VM, and -GuestToLocal, which reverses the flow of information.

Recent updates to PowerCLI and PowerShell

PowerCLI features over 500 separate commands, and the list is only growing. In June 2019, VMware released PowerCLI 11.3, which added 22 new cmdlets for HCX management and support for opaque networks, additional network adapter types and high-level promotion of instant clones.

PowerShell is more than simply PowerCLI, of course. In May 2019, Microsoft released the most recent version of PowerShell: PowerShell 7, which includes several new APIs in the .NET Core 3.0 runtime. At the PowerShell summit in September 2019, Microsoft announced several other developments to PowerShell programming.

PowerShell now works with AWS serverless computing, which enables you to manage a Windows deployment without managing a Windows Server machine. So, you can run PowerShell on an API and use it to run serverless events, such as placing an image in an AWS Simple Storage Service bucket and converting that image to multiple resolutions.

PowerShell also offers a service called Simple Hierarchy in PowerShell (SHiPS). An admin can use SHiPS to build a hierarchical file system provider from scratch and bypass the normal complexity of such a task. SHiPS reduces the amount of code it takes to write a provider module from thousands of lines to around 20.

Go to Original Article
Author:

Microsoft self-service policy for Office 365 raises concerns

Office 365 admins must sacrifice some degree of control as Microsoft allows end users to purchase certain capabilities themselves for Power Platform products.

Microsoft Power Platform includes Power BI, PowerApps and Microsoft Flow, which have business intelligence, low-code development and workflow capabilities, respectively. These applications are included in most Office 365 enterprise subscriptions. Previously, only administrators could purchase licensing for an organization.

On Oct. 23, Microsoft announced that it would roll out self-service purchasing to U.S. cloud customers starting Nov. 19.

Reda Chouffani, VP of development at Biz Technology SolutionsReda Chouffani

Widespread adoption of the SaaS model has already caused significant communication gaps between IT and end users, said Reda Chouffani, vice president of development at Biz Technology Solutions, a consulting firm in Mooresville, N.C.

“Now introducing this and knowing that Microsoft has over 140 million business subscribers that are empowered to make purchasing decisions on certain apps within the suite … that will make it where more of these [communication issues] will occur, and IT is not going to take it lightly,” he said.

Users with non-guest user accounts in a managed Azure Active Directory tenant will be able to make purchases directly with a credit card, according to a recent Microsoft FAQ. IT administrators can turn off the self-service purchasing policy through PowerShell, however, according to an update this week from Microsoft. Microsoft also extended the rollout date to Jan. 14, 2020, to give admins more time to prepare for the change.

The decision to allow IT to disable the capability likely came about from customer pushback about security concerns, said Willem Bagchus, messaging and collaboration specialist at United Bank, based in Parkersburg, W.Va.

IT admins may still be deterred by the self-service purchasing capability, because some may not be aware they can turn it off via PowerShell, Bagchus said.

“For a small-business IT admin who does everything by themselves or depends on the web only for [PowerShell] functions, it’ll be a bit of a challenge,” he added.

Security, licensing and support concerns

Security remains a top concern for many Office 365 customers, said Doug Hemminger, director of Microsoft services at SPR, a technology consulting firm in Chicago. Midsize and large businesses will be scrambling to turn the self-service purchasing capability off, he said.

“A lot of companies are worried about the data access issues that those users may inadvertently expose their company to,” Hemminger said. “Monitoring is a key part of implementing a certain environment and making sure that governance is in place, so many companies that I work with don’t want to give their employees the ability to go out and buy their own licenses.”

In the world we live in today, employees need access to applications to get their jobs done.
Mark BowkerSenior analyst, Enterprise Strategy Group

Office 365 admins can apply data management and access policies to Microsoft self-service purchases, which may alleviate some security concerns. End users do not need administrator approval before purchasing an application with a credit card, however.

“Most users will not think twice before purchasing something if it’s going to help them, which means that security may not necessarily be top of mind,” Chouffani said. “That can make it very difficult, because now everybody can pick their product of choice without truly doing some sort of due diligence and evaluation.”

Others said Microsoft will handle security issues properly.

“Microsoft has proved to me that they’re very serious about security,” said Willem Bagchus, messaging and collaboration specialist at United Bank, based in Parkersburg, W.Va. “Anything that may happen from a security perspective, [Microsoft] will be on top of it right away.”

When it comes to licensing, organizations need to administer checks and balances, Chouffani said.

Self-service purchasers can access a limited view of the Microsoft 365 admin center and assign licenses to other end users, according to the Microsoft FAQ.

Daniel Beato, director of technology at TNTMAXDaniel Beato

“Licensing is the least of our worries,” said Daniel Beato, director of technology at TNTMAX, an IT consultancy based in Wyckoff, N.J. “The user can do their own licensing; they will pay with their own credit card or even the company credit card.”

Employees will likely be held responsible for company purchases, however, when an organization reviews its finances, Beato said.

It is also unclear who is expected to provide end-user support when an application fails, Chouffani said.

Microsoft will provide standard support for self-service purchasers, according to the company.

A ‘smart decision for Microsoft’

Mark Bowker, senior analyst at Enterprise Strategy GroupMark Bowker

Microsoft’s self-service policy is a smart one for the company, said Mark Bowker, a senior analyst at Enterprise Strategy Group in Milford, Mass.

“In the world we live in today, employees need access to applications to get their jobs done,” he said. “Today’s application environment is very, very dynamic.”

Unlike other Office 365 products, such as Word and Excel, Power Platform applications aren’t widely used, Bowker said. Instead, they are used mainly by niche employees such as corporate developers and data analytics professionals.

“I think overall this will be a good thing,” Bagchus said. “More users and more installations will improve a product.”

Communication is key

No matter their personal feelings on the Microsoft self-service policy, Office 365 admins should be prepared for the changes and adjust accordingly.

Admins should have a good relationship with their organization’s Microsoft sales representative and keep in regular contact with a point person for updates, Bagchus said.

“That way you won’t get blindsided,” he said. “You can evolve with it.”

IT should also collaborate with end users to understand the needs of the business and to be a part of the solution, Chouffani said.

Go to Original Article
Author:

Box admins get a deeper view with Insights Dashboard

With the Admin Insights Dashboard announced earlier this year, Box admins get a deeper view into collaborative work patterns related to the cloud services provided by the Box platform, something on-premises CMS admins may already take for granted, but hasn’t always been offered by cloud vendors.

Admins, of course, are on the front line for support and compliance, and they must contend with the ever-increasing complexity of these cloud-based services. While they continue to be responsible for routine tasks such as adding and removing individual users, assigning roles and maintaining workgroups, they also must now monitor what’s going on at all times, as well as be able to quickly diagnose and fix problems — before they impact others.

The Box Admin Insights Dashboard offers a window into those issues, as well as helping enforce compliance around data management and privacy. Using the Admin Insights Dashboard, administrators can monitor upload, download and preview events related to documents, files, spreadsheets, images and Box environments within their purview of responsibilities. Administrators also have visibility into adoption and user engagement with third-party applications, such as Salesforce, Office 365 and Slack.

Admins vs. users

When it comes to digital work, there are two sides to enterprise content management (ECM) in the cloud — what line-of-business workers experience and what administrators must do to maintain these shared enterprise resources.

Line-of-business workers are concerned about their own productivity, collaborating with colleagues and getting work done. They expect simplicity, intuitiveness, and just-in-time access to the right information. A cloud-based content services platform is simply the means to an end.

Box Admin Insights Dashboard screenshot
The Box Admin Insights Dashboard offers several snapshot views, including usage stats.

But a cloud services platform is only as viable as the range of digital experiences it supports. Making it easy for line-of-business workers to collaborate and securely manage the flow of everyday business information is one thing. Making it easy for administrators to monitor the platform’s health, report on operational activities, take administrative actions and enforce security mandates is something entirely different.

Visualizing the administrative experience

From its inception in 2005 as a cloud-native set of services, Box has featured extensive metadata capabilities for content tagging and event logs for auditing. Today, the Box platform includes a wide range of capabilities for enterprise content management (ECM), compliance, governance and data sovereignty, designed to support line-of-business workers.

While Box provides new tracking resources, administrators still need to know what they are looking for.

Administrators can drill into activity reports and further analyze them by time of day and location. They can sequence events along a timeline or map them geographically, selecting from a variety of displays to identify trends and spot anomalies. Administrators can visually detect what line-of-business workers are doing, as well as how apps connected to the platform are being utilized.

In short, monitoring important events for ECM in the cloud matters. Visualizing these events adds insights. With the Admin Insights Dashboard, administrators can intuitively understand what is happening, identify problems and take actions — and also drive Box adoption and collaboration in new ways.

Tracking events that matter

Yet being able to visualize administrative parameters is like an iceberg — often, the most significant lurk below the waterline. The Admin Insights Dashboard highlights the baseline event-monitoring capabilities that are possible within the Box platform. Box promises next-generation administrative experiences in future updates.

Box logs more than 90 events related to content management, external collaboration, categorization, security and endpoint management, retention policy management, legal holds and other usage patterns, both with Box and third-party applications.

By tracking the events that matter to individual Box admins, Box can provide added insights into work activities. For instance, with enhanced controls based on metadata, Box can set retention policies using a file’s metadata, providing organizations with added flexibility and control over their content governance.

Visualizing events is an important first step for enhancing the administrative experience. While Box provides new tracking resources, administrators still need to know what they are looking for and understand the meaning of relevant indicators.

Making things easy, intuitive and useful for administrators takes design expertise to envision, model and implement the next-generation metrics for tracking the health of a cloud-based platform. To deliver on the promise of insightful administrative experiences, it is essential to add meaning to the visible events

Managed private cloud gives IT a cost-effective option

Cost is a big factor when IT admins explore different options for cloud. In certain cases, a managed private cloud may be more cost-effective than public cloud.

Canonical, a distributor and contributor to Linux Ubuntu, helps organizations manage their cloud setups and uses a variety of proprietary technology to streamline management. Based on the company’s BootStack offering, Canonical’s managed cloud supports a variety of applications and use cases. A managed private cloud can help organizations operate in the “Goldilocks zone,” where they have the right amount of cloud resources for their needs, said Stephan Fabel, director of product at Canonical, based in London. 

Currently, 35% of enterprises are moving data to a private cloud, but hurdles such as hardware costs and initial provisioning can cause organizations to delay deployment, according to a June 2018 report by 451 Research. Here, Fabel talks about what makes a managed private cloud a more effective strategy for the long term.

What is different about BootStack? 

Stephan Fabel: BootStack is applicable to the entire reference architecture to our OpenStack offering. The use case will often dictate a loose handling of the details in terms of the reference architecture. So, you can say, for example, deploy a telco-grade cluster or a cluster for enterprise or a cluster for application development, and those are very different characteristics from another company.

Stephan Fabel, CanonicalStephan Fabel

We support Swift [an API for data storage and scalability] and Chef [framework codes for deployments]. With some of the more locked-down distributions of OpenStack, we support multiple Cinder-volume stores. … We have the ability to do a Contrail application programming interface and even an open Contrail.

The reason why we can do a managed private cloud at the economics we portray them is that we have the operational efficiencies baked into our tooling. Metal as a service and Juju [an open source application modeling tool] provide that base layer on which OpenStack can run and manage.

One thing that is not entirely unique — but it is rare — is that BootStack actually stands for ‘build, operate and optionally transfer.’ Managed service providers generally want users to get on their platform and never leave. We basically say, ‘You know you want to get started with OpenStack, but you’re not sure you’re operationally ready. That’s fine; jump on BootStack for a year, and then build up your confidence or skill set. When you’re ready to take it on, go for it.’

We’ll transfer back the stack in your control and convert it from a managed service to a generic support contract.

What features contribute to a managed private cloud being more cost-effective than public cloud? 

Fabel: The value of public cloud is that you can get started with a snap of your finger, use your credit card and off you go. … However, down the road, you can end up in a situation where due to smart lock-in schemes, nonopen APIs’ interfaces and unique business features, you’re locked into this public cloud and paying a lot of money out of your Opex.

The challenge is it takes a lot more investment upfront to actually get started with a managed private cloud. Somebody still has to order hardware, it still constitutes a commitment, and someone still needs to install the hardware and run it for you. … But, for what it’s worth, we’ll send two engineers, and it’ll take two weeks and you’ll have a private cloud.

Is it common to be able to deploy a private cloud with just two engineers, or is that specific to Canonical?

I think we’ll see more adoption of managed services from the more advanced user base.
Stephan Fabeldirector of product at Canonical

Fabel: You’ll certainly find in this space a lot of players who will emphasize their expertise and the ability to do almost anything you want with OpenStack, in a similar amount of time. The question is, what kind of cloud is within that offering? If you go to a professional service-oriented company, they’ll try and sell you bodies to continually engage with as their way of staying with the contract, which racks up those tremendous costs.

The differentiating fact with Juju is, as opposed to other configuration tooling such as Puppet or Chef, it actually takes things further by not just installing packages and making sure the configuration is set; it is actually orchestrating the OpenStack installation.

So, for example, a classic problem with OpenStack is upgrading it. If you go to some of our competitors, their upgrades are going to be an extremely expensive professional services quote, because it’s so manual. What we did is basically encoded the smart in with what we call Charms that work in conjunction with Juju to manage that automatically.

How does automation help reduce the cost of managed private cloud? 

Fabel: We launched [Juju] five years ago, and it went through a lot of growing pains. Back then, everybody was set on configuration management, and they were appropriating configuration management technology to also do orchestration. … That’s great if you’re only deploying one thing. But, as OpenStack exhibits, it’s not quite that easy when you try and deploy something a little bit more complex.

[Now,] Juju basically says, ‘I will write out the configuration because I’m an agent and I understand the context.’ If you can automate tasks such as server installation and management, and you can code that logic, then you have to think less.

It does require more discipline on the Charms side and more knowledge on the operator in case something does go wrong. … For you to be able to debug this, you actually have to understand how to use it. And that’s a hurdle that people in the beginning sort of dismissed.

Will there always be a mix of public and private managed cloud?

Fabel: We’re seeing interest in power users of OpenStack who want to move onto new frontiers, such as Kubernetes, which seems to be it right now, and we’re ready to take [management] off their hands.

I think we’ll see more adoption of managed services from the more advanced user base and in the more off-the-shelf kind of market that want a 15-node or 20-node cloud. It’s not about the 2,000-node cloud as much anymore. I think there’s a whole market that’s just saying, ‘I have a 10-node cloud, and I can pay VMware or someone to run it for me, and I choose so because it’s economically more attractive.’ 

OpenShift on OpenStack aims to ease VM, container management

Virtualization admins increasingly use containers to secure applications, but managing both VMs and containers in the same infrastructure presents some challenges.

IT can spin containers up and down more quickly than VMs, and they require less overhead, so there are several practical uses cases for the technology. Security can be a concern, however, because all containers share the same underlying OS. As such, mission-critical applications are still better suited to VMs.

Using both containers and VMs can be helpful, because they each have their place. Still, adding containers to a traditional virtual infrastructure adds another layer of complexity and management for admins to contend with. The free and open source OpenStack provides infrastructure as a service and VM management, and organizations can run Red Hat’s OpenShift on OpenStack — and other systems — for platform as a service and container management.

Here, Brian Gracely, director of OpenShift product strategy at Red Hat, based in Raleigh, N.C., explains how to manage VMs and containers, and he shares how OpenShift on OpenStack can help.

What are the top challenges of managing both VMs and containers in virtual environments?

Brian Gracely, director of OpenShift product strategy at Red HatBrian Gracely

Brian Gracely: The first one is really around people and existing processes. You have infrastructure teams who, over the years, have become very good at managing VMs and … replicating servers with VMs, and they’ve built a set of operational things around that. When we start having the operations team deal with containers, a couple of things are different. Not all of them are as fluent in Linux as you might expect; containers are [based on] the OS. A lot of the virtualization people, especially in the VMware world, came from a Windows background. So, they have to learn a certain amount about what to do with the OS and how to deal with Linux constructs and commands.

Container environments tend to be more closely tied to people who are doing application developments. Application developers are … making changes to the application more frequently and scaling them up and down. The concept of the environment changing more frequently is sort of new for VM admins.

What is the role of OpenStack in modern data centers where VMs and containers coexist?

Gracely: OpenStack can become either an augmentation of what admins used to do with VMware or a replacement for VMware that gives them all of the VM capabilities they want to have in terms of networking, storage and so forth. In most of those cases, they want to also have hybrid capabilities, across public and private. And they can use OpenShift on OpenStack as that abstraction layer that allows them to run containerized applications and/or VM applications in their own data center.

Then, they’ll run OpenShift in one of the public clouds — Amazon or Azure or Google — and the applications that run in the cloud will end up being containerized on OpenShift. It gives them consistency from what the operations look like, and then there’s a pretty simple way of determining which applications can also run in the public cloud, if necessary.

What OpenShift features are most important to container management?

Gracely: OpenShift is based on Kubernetes technology — the de facto standard for managing containers.

If you’re a virtualization person … it’s essentially like vCenter for containers. It centrally manages policies, it centrally manages deployments of containers, [and] it makes sure that you use your compute resources really efficiently. If a container dies, an application dies, it’s going to be constantly monitoring that and will restart it automatically. Kubernetes at the core of OpenShift is the thing that allows people to manage containers at scale, as opposed to managing them one by one.

What can virtualization admins do to improve their container management skills?

Gracely: Become Linux-literate, Linux-skilled. There are plenty of courses out there that allow you to get familiar with Linux. Container technology, fundamentally, is Linux technology, so that’s a fundamental thing. There are tools like Katacoda, which is an online training system; you just go in through your browser. It gives you a Kubernetes environment to play around with, and there’s also an OpenShift set of trainings and tools that are on there.

Kubernetes is the thing that allows people to manage containers at scale, as opposed to managing them one by one.
Brian Gracelydirector of OpenShift product strategy at Red Hat

How can admins streamline management practices between other systems for VMs and OpenShift for containers?

Gracely: OpenShift runs natively on top of both VMware and OpenStack, so for customers that just want to stay focused on VMs, their world can look pretty much the way it does today. They’re going to provision however many VMs they need, and then give self-service access to the OpenShift platform and allow their developers to place containers on there as necessary. The infrastructure team can simply make sure that it’s highly available, that it’s patched, and if more capacity is necessary, add VMs.

Where we see … things get more efficient is people who don’t want to have silos anymore between the ops team and the development team. They’re either going down a DevOps path or combining them together; they want to merge processes. This is where we see them doing much more around automating environments. So, instead of just statically [building] a bunch of VMs and leaving them alone, they’re using tools like Ansible to provision not only the VMs, but the applications that go on top of those VMs and the local database.

Will VMs and containers continue to coexist, or will containers overtake VMs in the data center?

Gracely: More and more so, we’re seeing customers taking a container-first approach with new applications. But … there’s always going to be a need for good VM management, being able to deliver high performance, high I/O stand-alone applications in VMs. We very much expect to see a lot of applications stay in VMs, especially ones that people don’t expect to need any sort of hybrid cloud environment for, some large databases for I/O reasons, or [applications that], for whatever reason, people don’t want to put in containers. Then, our job is to make sure that, as containers come in, that we can make that one seamless infrastructure.

Updates to Sysinternals tools benefit server admins

Some Windows Server admins who grapple with security issues or access control might not know that they have a comprehensive…

“;
}
});

/**
* remove unnecessary class from ul
*/
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

/**
* Replace “errorMessageInput” class with “sign-up-error-msg” class
*/
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {
$(this).removeClass(“errorMessageInput”).addClass(“sign-up-error-msg”);
}
});
}

/**
* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
*/
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
renameErrorMsgClass();
return validateReturn;
}

/**
* DoC pop-up window js – included in moScripts.js which is not included in responsive page
*/
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);
e.preventDefault();
});

set of free tools just a mouse click away.

The Sysinternals tools — a collection of more than 70 utilities for diagnostic, troubleshooting and monitoring purposes from Microsoft — have been around since 1996.

Mark Russinovich, CTO of Microsoft Azure, still has a hand in updating the tools he produced more than two decades ago to ensure they work with the latest Windows OSes and to add new features and capabilities, such as enhanced malware detection.

This year saw quite a few updates to the Sysinternals tools collection. Here’s a rundown of what additional functionality was added that could help untangle a few issues in your data center.

ProcDump

ProcDump, currently at version 9.0, checks running applications for CPU spikes and, if found, provides a dump to help the administrator determine the origin of the spike. As a secondary feature, ProcDump also generates crash dump data for hung applications.

Microsoft’s recent improvements to ProcDump should benefit Windows Server admins who need to troubleshoot application performance on a server. The most significant change is ProcDump now features triggers to start the dump process. ProcDump is a command-line utility, and prior to the current release, the administrator ran ProcDump on an as-needed basis. Starting with version 9.0, ProcDump can be set up to watch for a problematic condition, such as a stuck application, and perform a dump automatically. This helps collect relevant data when problems occur, as opposed to gathering data minutes or even hours after an issue happens.

Sysmon

The Sysmon (System Monitor) tool runs in the background to check and record system activity to the Windows event log. Sysmon is normally used to detect malware, but it also assists with other types of security incident management.

While the Windows OS also logs system activity, Sysmon gathers even more detail. Sysmon collects very granular information about network connections, process creations and any changes that are made to a file’s creation time.

Microsoft put in quite a bit of work on Sysmon in 2017. Version 6.0, released in February, added the option to show event schema and monitor itself for configuration changes. This version also introduced support for named pipes and a feature to display registry entries in its native format.

A few months after it released Sysmon 6.0, Microsoft put out version 6.1 in September to correct several bugs and add support for monitoring Windows Management Instrumentation event filters and event consumers for enhanced malware detection capabilities. Microsoft also added an autostart option to the tool.

Version 6.2, released in November, lets the user alter the names of the Sysmon service and driver to avoid detection from malware.

Autoruns

Windows servers have a tendency to evolve over time. As OS and application updates take place, they can leave behind remnants of the previous version. Although Autoruns is not designed to check systems for OS or application leftovers, it detects anything configured to run automatically when the system boots. In essence, Autoruns reveals anything from legitimate system processes to processes that are still running but are no longer needed. Admins can also use Autoruns to detect malware.

In September 2017, Microsoft published version 13.80 of Autoruns. While it was largely a bug fix release, Microsoft did add a few new capabilities. For example, the latest version of Autoruns performs asynchronous file saves and displays names for drivers and services.

AccessChk

The AccessChk command-line tool validates the level of access users or groups have to specific network resources.

Windows Server has multiple ways to approve access to a particular resource; sometimes, a user gets excessive, cumulative or even contradictory permissions as a result. AccessChk tests access permissions through its examination of files, folders, registry keys and Windows services.

In February 2017, Microsoft updated AccessChk to report on process trust access control and token security attributes. Microsoft further tweaked the utility in September 2017 with a cache for improved handling of multiple object enumeration.

Sysinternals Live

One of the more recent additions to the utilities lineup is Sysinternals Live, which offers web-based versions of some of the Sysinternals tools. The advantage to Sysinternals Live is it provides the most current version of the tools directly from Microsoft without the need to download or install the utilities.

Tools for system administrators that don’t cost a dime

Windows admins can’t solve every problem with System Center or PowerShell. There are times when a simple utility…

“;
}
});

/**
* remove unnecessary class from ul
*/
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

/**
* Replace “errorMessageInput” class with “sign-up-error-msg” class
*/
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {
$(this).removeClass(“errorMessageInput”).addClass(“sign-up-error-msg”);
}
});
}

/**
* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
*/
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
renameErrorMsgClass();
return validateReturn;
}

/**
* DoC pop-up window js – included in moScripts.js which is not included in responsive page
*/
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);
e.preventDefault();
});

fills a particular need to assist a troubleshooting exercise or just make a daily task easier.

A system administrator handles a number of small tasks on a daily basis. They must often create screenshots for documentation or to pass along to the help desk to help illustrate an issue. There are many freeware utilities available that make the IT staff more productive. These helpful free tools for system administrators are worth a look.

Check on disk space use

Windows Explorer and PowerShell are fine for general file management, but some tools for system administrators offer more functionality than native software. Dirsize and SpaceSniffer are two freeware applications that give a quick overview of what takes up space on the disk. These utilities are portable on Windows, which provides additional flexibility.

Windows Explorer and PowerShell are fine for general file management, but some tools for system administrators offer more functionality than native software.

Dirsize: This is the more basic application. It provides a File Explorer tree view and shows the size of each folder. Admins can adjust the color coding to their preference; the default settings highlight folders with less data in green, while folders that take up more space show up as red.

SpaceSniffer: A more advanced tool for system administrators, SpaceSniffer offers a visual representation of boxes to show what folders and files use large amounts of space. These boxes are also layered to show the location of data within a specific folder. Admins cut or delete unwanted data from the application with a right click on a file or folder.

Capture screenshots in a snap

The native PrintScreen or Alt+PrtScr hotkey in Windows saves the entire screen or active window, respectively, to the clipboard. The Snipping Tool, which debuted in Windows Vista, selects a specific part of the screen for a screenshot. But there are even better free tools for system administrators for this purpose.

Greenshot: This tool runs in the background and uses both the PrintScreen option and combinations of the Alt, Shift and Ctrl keys to grab certain parts or the entire screen based on preferences. Configure the different commands to capture full screen, window, region, last region and a scrolling window in Internet Explorer. Greenshot also configures apps that automatically open screenshots, such as MS Paint or GreenShot’s own editor, to highlight areas and add comments to the image. Admins then have several options, such as sending the screenshot to a printer or adding it to an email message. This is a useful tool for system administrators who take many screenshots to share information and get technical support. Greenshot also has a portable version.

ShareX: This utility is more feature-rich than Greenshot with its greater customization options and optical character recognition. ShareX also provides more upload locations. Some admins should look at this setting first since screenshots go to the Imgur image-sharing site by default. ShareX stores the Imgur URLs to share the full image, its thumbnail and the link to delete the image from the site. Users can automatically upload the screenshot to most major social media platforms, create a thumbnail of the image or choose from a wide range of other options. ShareX is the ideal freeware screenshot choice for advanced users, while Greenshot suits those with simpler needs.

Manipulate and store text

The Notepad and WordPad text editors are adequate for simple text handling, but there are several freeware utilities that make it easier for admins to type and store text.

Notepad++: This application touts a wide array of features. It numbers and highlights lines of text, allows tabbed documents and generates syntax highlighting for numerous languages, such as JavaScript, PowerShell and extensible markup language.

Another advanced feature is macro recording, which is useful when search and replace is insufficient. For example, a user who wants to remove a trailing space off the end of each line can use the feature to record the End+Backspace+Down Arrow key combination and play it back for each line in the file. This just scratches the surface of the capabilities in Notepad++.

Ditto: This tool is a way to overcome the inherent limits in the Windows clipboard. For example, if the admin copies text with Ctrl+C but doesn’t paste the content into a document or email, it invariably gets overwritten when the admin copies more text.

Ditto stores text and images copied to the clipboard, which admins can refer to at any time. The Ctrl+~ hotkey brings up the list of cached clipboard entries. The admin then chooses which item to paste. The program includes a setting to share clipboard entries to different computers. Admins who constantly copy and paste into the clipboard will appreciate the other features in this highly configurable application.

Gain remote control of servers

Windows admins spend a majority of their time on computers that are not physically near them. But sometimes they must manage multiple computers that are all within an arm’s length. Microsoft offers a different freeware option that works in each scenario.

Remote Desktop Connection Manager (RDCMan): This Microsoft tool gives Windows administrators a single management console to select and then connect to a remote server. Admins don’t need to memorize every server name and click on the right one. In RDCMan, each server can have its own remote desktop settings, whereas the native Remote Desktop app in Windows only remembers the last settings used. RDCMan produces a thumbnail view to show all the servers in the list and displays what the desktop showed in the last session. Admins use RDCMan to configure multiple desktop sets so they can group servers to their preference.

Mouse without Borders: This virtual keyboard, video, mouse (KVM) switch from Microsoft enables admins to control up to four PCs at once from a single mouse and keyboard over the network. The client must run on each device, but this is a great option if there are multiple physical PCs and laptops on the admin’s desk. When the cursor moves off the edge of one monitor, it appears on the next computer. The admin can copy and paste files from one computer to the next, as well as key in commands from a single keyboard. Even if it’s only a two-PC setup of a user box and an admin box, Mouse without Borders is worth the cost compared to a physical KVM. There are two caveats: It requires space for multiple monitors and isn’t ideal if the hardware constantly changes.

Next Steps

Forget virtual desktop infrastructure — Remote Desktop Session Host is the future

Dual Monitor Tools tailored for multiple monitor users

Avoid falling into the IT automation money pit

Microsoft’s VS Code embrace prompts PowerShell editor debate

Windows admins who write scripts with PowerShell ISE must switch allegiances if Microsoft has its way.

Since 2009, Microsoft has positioned the PowerShell Integrated Scripting Environment (ISE) as the official PowerShell editor to develop and debug scripts on Windows. But Microsoft’s effort to steer Windows, Linux and macOS users to PowerShell Core as an all-encompassing management tool requires a script editor that works on all those systems.

In May 2017, Microsoft named a new official PowerShell editor: Visual Studio Code (VS Code), a free, open source editor with a PowerShell extension so admins on multiple platforms can build PowerShell scripts. Microsoft continues to support PowerShell ISE for now but plans to focus development efforts on VS Code.

For IT engineers who code in multiple languages, VS Code is the recommended tool. It’s also a better tool even for people who only write PowerShell scripts and modules, said Jeffery Hicks, IT author and trainer.

“It’s the future,” he said. “ISE will no longer get improvements; we’re not going to see updates to it. What we have now is what we’re always going to have. VS Code is going to be continually updated, and they’ll fix bugs.”

Microsoft continues to support PowerShell ISE for now but plans to focus development efforts on VS Code.

While VS Code might be the future of PowerShell development, not everyone thinks it’s ready for prime time.

Jeff Wilson, an IT admin based in Los Angeles who works in a Windows shop, experiments with VS Code to learn how it works but quickly noticed it lacked some of PowerShell ISE’s functionality. ISE uses default profiles to let Wilson access all his administrative sessions — such as Exchange Online, SharePoint and Hyper-V clusters — without delay.

“It’s a huge time-saver, and it’s really valuable to me,” he said. “It’s the famous single pane of glass because it’s so flexible. So with VS Code, when I installed it, I wanted to duplicate the experience I had with ISE. … It wasn’t immediately evident to me how I would do that. That’s problematic, but [at least] I still have ISE.”

Expect a bumpy transition to VS Code

PowerShell ISE veterans such as Wilson will need time to adapt to the different layout and terminology in VS Code.

Admins use the integrated PowerShell console in PowerShell ISE to access menu items and keyboard shortcuts. With the integrated console, admins see the output as they write scripts. The console in VS Code needs work, Hicks said.

“The PowerShell integrated terminal that is shipping in VS Code now is not quite as feature-complete as it is in the ISE,” he said. “It’s still a little buggy, and it doesn’t quite feel the way you want it to. I have muscle memory [from PowerShell ISE], so when I do presentations, I still typically use PowerShell ISE because I can toggle between the code and the presentation on the full screen. I can’t really do that in VS Code.”

Despite these shortcomings, Hicks recommends admins move to VS Code as their PowerShell editor for its integration with the Git code management system and ability to auto-format code to make it easier to read.

PowerShell Studio gives scripts a GUI

For IT pros who want more advanced features from a PowerShell editor, a commercial product such as PowerShell Studio is another option.

Wilson builds front ends to his scripts with PowerShell Studio for his company’s help desk workers who want a point-and-click UI.

PowerShell Studio, which is a Sapien product, is Windows only, although Sapien also offers iPowerShell, a pared-down and free tool that’s designed for Mac, Android and iOS users who write scripts remotely. Additionally, Sapien’s PrimalScript product is compatible with PowerShell Core.

For Hicks — a former Sapien employee — one of the editor’s big selling points is that it builds a GUI on a PowerShell script, which isn’t possible in PowerShell ISE or VS Code. Admins can also use PowerShell Studio to export scripts as executable files, easily create modules, build advanced functions with multiple parameters, and auto-generate comment-based help for existing functions.

Wilson writes longer scripts and complex functions in PowerShell Studio, which he calls a more fully thought-out developing environment than ISE or VS Code. It also features a way to add a layer of security to the finished script.

“I always sign my scripts with a digital certificate and [PowerShell Studio] makes it easier to do,” Wilson said.

There’s a cost to this feature richness; a one-year subscription to PowerShell Studio 2017 is $389.

“If you don’t need 90% of the features, maybe it’s not worth your time and money,” he said. “But if that one feature Sapien offers [in PowerShell Studio] saves you a lot of time and money, then it’s worth it.”

Dan Cagen is the associate site editor for SearchWindowsServer.com. Write to him at [email protected].

Learn the basics of PowerShell for Azure Functions

just for developers; several scripting languages open up new opportunities for admins and systems analysts as well.

Scripting options for Azure Functions

Azure Functions is a collection of event-driven application components that can interact with other Azure services. It’s useful for asynchronous tasks, such as data ingestion and processing, extract, transform and load processes or other data pipelines, as well as microservices or cloud service integration.

In general, functions are well-suited as integration and scripting tools for legacy enterprise applications due to their event-driven, lightweight and infrastructure-free nature. The ability to use familiar languages, such as PowerShell, Python and Node.js, makes that case even stronger. Since PowerShell is popular with Windows IT shops and Azure users, the best practices below focus on that particular scripting language but apply to others as well.

PowerShell for Azure Functions

The initial implementation of PowerShell for Azure Functions uses PowerShell version 4 and only supports scripts (PS1 files), not modules (PSM1 files), which makes it best for simpler tasks and rapid development. To use PowerShell modules in Azure Functions, users can update the PSModulepath environment variable to point to a folder that contains custom modules and connect to it through FTP.

When you use scripts, pass data to PowerShell functions through files or environment variables, because a function won’t store or cache the runtime environment. Incoming data to a function, via an event trigger or input binding, is passed using files that are accessed in PowerShell through environment variables. The same scheme works for data output. Since the input data is just a raw file, users must know what to expect and parse accordingly. Functions itself won’t format data but will support most formats, including:

  • string;
  • int;
  • bool;
  • object/JavaScript Object Notation;
  • binary/buffer;
  • stream; and
  • HTTP

PowerShell functions can be triggered by HTTP requests, an Azure service queue, such as when a message is added to a specified storage queue, or a timer (see Figure 1). Developers can create Azure Functions with the Azure portal, Visual Studio — C# functions only — or a local code editor and integrated development environment, although the portal is the easiest option.

Triggers for PowerShell functions
Figure 1. PowerShell functions triggers

Recommendations

Azure Functions works the same whether the code is in C#, PowerShell or Python, which enables teams to use a language with which they have expertise or can easily master. The power of Functions stems from its integration with other Azure services and built-in runtime environments. Writing as a function is more efficient than creating a standalone app for simple tasks, such as triggering a webhook from an HTTP request.

While PowerShell is an attractive option for Windows teams, they need to proceed with caution since support for Azure Functions is still a work in progress. The implementation details will likely change, however, for the better.