Certified Mail: July 2002 -- Redmondmag.com

Certified Mail

Certified Mail: July 2002

BIND unbound, the benefits of obtaining an MCSD, and where Auntie gets her crow pies.

By MCP Magazine Readers
07/01/2002

Is the Box Checked or Not?

I recently read Kevin Kocis’ “BIND Your Windows 2000 DNS” article in the May issue. He claims that, by default, the BIND secondaries check box on the Win2K DNS Server is cleared to enable fast zone transfers. I’ve been installing, configuring, supporting and teaching Win2K for more than two years; it’s always been my experience that this check box is actually selected (enabled) by default. If you use the Help file as your source on this matter, I believe Kevin will be in error, as it’s misleading.

I’ve discussed this issue with several other MCSEs and MCTs. Our conclusion is that Microsoft made a mistake in the Help file, and that it’s going for the highest degree of interoperability (read backward compatibility) during a default installation, so the box is checked by default to allow for “old-style” zone transfers with BIND versions prior to 4.9.4. I believe that after a default installation, there’s a check in the applicable box.
—Mike Foster, MCSE, MCT, CCNA, A+, Network+, i-Net+
Mesa, Arizona

I concur, as I’ve encountered the same situation during installation. I’ve also witnessed it unchecked, although I can’t determine any criteria for the event. When I referenced this with Microsoft and other third-party training facilities, they claimed that the check box should be cleared by default (Microsoft’s influence with training facilities is unbiased, right?) In any case, I opted for the Microsoft claim in the article. You may be quite correct in your assessment about a mistake in the Help file. The important thing is that the administrator verify that it’s referenced and appropriately considered depending on the environment.
— Kevin Kocis

Replication Tip Error
A feature in the April 2002 online issue, “88 High Voltage Tips,” contained a tip titled “Prevent Files from Backing up in the FRS Staging Areas.” In this tip, Gary Olsen indicated that a bug in Win2K caused files scanned by anti-virus and disk defragmenting programs to be replicated, even though the contents of these files hadn’t changed. Microsoft has been aware of this behavior for some time (See "Antivirus Problems May Modify Security Descriptors Causing Excessive Replication of FRS Data in Sysvol and DFS," Q284947, published Jan. 9, 2001), but it isn’t the result of a bug.

The anti-virus and disk defragmenting programs in question all perform writes of some kind against scanned files, usually by backing up and then rewriting the NTFS security descriptor to the file. The File Replication Service, which monitors changes to files in replicated directories, becomes aware of these writes and, prior to Service Pack 3, queues the file for replication.

Microsoft has taken a two-pronged approach to correcting this situation. First, Microsoft is actively working with ISVs so that future versions of these products don’t trigger this behavior. Second, an update in SP3 contains code that will scan newly written files to see if the data contained in the file has actually changed. If not, the change order is suppressed and a warning event is written to the File Replication Service Event Log (Event ID 13567). A large number of these events should warn the administrator that an application is making these writes. The administrator can then choose to upgrade the product or exempt the directories replicated by FRS from scanning. The SP3 update is available as a hot fix as documented in Q307319 from Microsoft PSS at no charge to the customer.
—Jonathan Stephens

Is There an MCSD Market?
I have been an MCSD for about seven years. Unfortunately, I honestly don’t think the corporate world cares. Check out Dice.com, and do a nationwide keyword search for MCSD. Out of 31,000 jobs listed, MCSD returns back a grand total of 32 jobs. As a matter of comparison, searching for the word Fortran yielded 120 jobs!

On Careerbuilder.com, searching for MCSD nationwide yields 35 jobs out of the tens of thousands listed. Also, this year it seems Microsoft took away the TechEd discount for MCSDs. Being an MCSD used to get me $200 off a TechEd registration.

So, I guess I need a reminder: What are the tangible benefits again? Is there a measurable market for MCSDs?
—Steve Szyszkiewicz, MCSD
Delran, New Jersey

A Happy Ending
I just wanted to let you know that after five months looking for a new job, I’ve found one. I’ve never worked as hard in my life as I did looking for a new job, and the rewards are great. Although I don’t recommend unemployment to anyone, this has been a tremendous learning experience (both as a manager and an employee).

I’ve accepted a position with Financial Technologies International (www.ftisoft.com) serving in a management capacity. FTI is a software company that specializes in the financial services industry.
—Dwight Jessup, MCSE+I
Burlington, New Jersey

(Note: Dwight Jessup is one of two MCPs profiled by Editorial Director Dian Schaffhauser in her March Editor’s Desk column, “A Tale of Two Guys.”)

Issues with Auntie
Auntie, hold on just a second, please, and put your fork down. I think you’re giving Microsoft, and Bill Gates in particular, way too much credit in your April column, “Pass the Crow, Please.” Mr.Gates’ security initiative may be just what Microsoft and the software buying public need, but I think you’ve overlooked a couple of things.

To start with, Microsoft has been the target of some serious security breaches over the past couple of years. Look at all the worms, Trojan Horses and so on that have been aimed at exploiting holes in Outlook, IE and others. These attacks were not written to work with Netscape, Groupwise or Lotus Notes—were they? No, they were aimed directly at Microsoft software. Furthermore, IE and IIS are both full of some major holes that have slowly been getting plugged, but only after the problems were discovered and announced publicly. Even then, Microsoft wasn’t the one to announce the security problems; they were always being found by a third party, and then Microsoft stepped in and did something about them. So, yes, it’s about time the folks at Redmond did something about this. Security concerns are now paramount there because of the amount of anger directed at the company for all the problems. I also find it interesting that this announcement came at a time when everyone’s worried about security. Bill Gates isn’t starting anything new or being revolutionary; he’s simply jumping on the security bandwagon that’s been rolling since last September. He isn’t leading; he’s following.

This is nothing new, of course.

And the kudos you give him for Windows and the Internet—let’s look at those for a moment, shall we? Yes, Gates had things well in hand with DOS. But let’s remember the time period. While Apple wasn’t the innovative powerhouse it had been a few years back, it was still a force to be reckoned with and, while DOS could only handle one thing at a time, the Macintosh could multitask. Also, the interface was so much easier to use and everybody knew it. So what does Bill Gates do? Does he come up with something radical and different? No, he does exactly what Steve Jobs did: He borrowed and stole other people’s ideas to make his OS. Windows was nothing new. It was just a variation on the Mac, which became more obvious by the time Windows 95 was released. Recycle Bin? Come on! A trashcan by any other name is still a Macintosh OS rip-off.

As for the decision about the Internet, you’ve left out one important fact. Early in 1995, the BBS was still king. Compuserve, Prodigy, AOL—these were the powerhouses. Most of computer-buying America knew little, if anything, about the Internet. Bill Gates even stated flatly at a press conference that the Internet was a passing fad and unimportant. He said this at the announcement for its new BBS, Microsoft Network (MSN). Microsoft was going head-to-head with Compuserve and the other BBSs, and it was a disaster. When MSN was released, nobody signed up. After a couple of months, it had a few thousand subscribers at best. Meanwhile, the other guys were pulling in new subscribers left and right.

Then, you may recall, President Clinton and Vice President Gore began talking about building the “Information Superhighway.” And the whole country went, “What? The Internet? Tell me more.” Suddenly, everyone wanted on the Internet; shortly after that, the WorldWide Web was born. All the BBSs suddenly included Internet connections in their new software versions and subscriptions soared. Finally, as Windows 95 was nearing release, Bill Gates announced that the Internet was the place to be and the new OS would include a connection to MSN. Later, of course, with OSR2, he incorporated IE into the package as well, making Internet access even easier. But please note that, once again, Gates only did what everyone was already doing.

The point of this long-winded tirade, Auntie, is that Bill Gates and Microsoft are nothing new under the sun. Yes, he’s focusing on security, finally. But only to save his own skin, because everybody else’s software already has better security than his and he has known it all along. It’s just that people have caught on and are getting frustrated by it, and Microsoft has to do something about it to stay in the game. It might be a new corporate leaf, but it’s only because it’s such a big and easy target and, as a result, is becoming a laughing stock.

OK, sorry this took so long. The food’s getting cold, I’m sure—but I guess crow tastes the same hot or cold, right? If you want to eat, go ahead. But I think I’ll pass and see what they might be serving later.
—Lawrence Woodhouse, MCP
Penfield, New York

The nice thing about history is that we all get to pull out the parts that support our own views and interpret them to suit. We could debate for a long while whether Microsoft is, on the whole, a leader or a follower. Still, the important point here is this: If Microsoft is finally getting serious about security, we all benefit. I don’t care much whether that’s due to vision or butt-covering; all I want is secure servers.

I’ll tuck a piece of that pie in the freezer. Check back with me in a few years and we can decide how to split it between us.
—Auntie

WMI Need Help
I’ve been reading Chris Brooke’s articles in the magazine for quite a while and I’d like to say, nice job! His column is the first article I read every month.

I’ve been using scripting for quite a while to do many common tasks along with complex user migration for customers. Now I’m trying to get into the .Net stuff (I say, “stuff,” because I’m still not sure what it means yet). I’d like to create an ASP .NET page with code designating that when a button is clicked, it will use WMI to pull some information from the user’s computer.

I know that security is usually the first thing that comes to mind, so to let you know, I’m looking at using this in a LAN environment, not Internet. Ideally I would have a “Collect” button that a user would click on; via WMI (I think) the computer serial number would be collected and posted into a form on the Web page.

I’m trying to find an example of this, however basic. Any thoughts? Thanks for your help.
—Tim Erdelac
Technical Consultant, Windows & Messaging Practice
Compaq Global Services
St. Peters, Missouri

Tim, you’re in luck—sort of. The WMI SDK (available from the MSDN site) provides a Web-based interface to WMI, called the WMI Object Browser. This series of HTML pages (not ASP .NET) contains all the client-side scripts to access WMI. From these scripts, you should be able to build your own Web pages to do the same on ASP (with the script code still executing on the client).

ASP .NET is very different. You don’t use scripts—you use “full-blown” .NET programming languages. However, WMI does have an exposed object model for use in applications (including ASP .NET applications) that can be viewed in the Visual Studio .NET Object Browser.

Anyway, my point is that you have a good bit of work ahead of you, but the .HTM pages that come with the WMI SDK should get you started down the right path.
—Chris Brooke

What’s in a Test?
I’ve been developing Windows applications using Visual Basic for the last six or seven years. I was reading Steve Crandall and Greg Neilson’s column, “Professionally Speaking,” in the June issue, regarding companies that require job candidates to take a personality test before being hired. I worked recently for a company that required me to take a personality test.

I had already been through a few interviews with the company and had been narrowed down to the top prospect. Before making an offer, they asked me to come back and take a “personality” test “in order to ever be considered for a management position.” They also said they wanted to figure out what kind of person they were hiring. The director told me not to answer my questions based on what [I thought] the company wanted to hear because they would be able to tell and it would make me look indecisive.

This particular test took almost two hours. I had to rate a series of comments as “Strongly Agree,” “Somewhat Agree,” “Disagree,” etc. It was several pages long and would repeat the same types of comments, but would reword them so that a “Strongly Agree” decision on one could be a “Disagree” on another just because of the rephrasing.

By the time I was finished, I was so frustrated and upset, I didn’t care whether they offered me the job or not. They did, in fact, offer me the job, and I accepted only because I thought it was a job I wanted. However, I never could get the fact that I took that test out of my head. Honestly, I felt a little manipulated. And I was mad at myself for not refusing to take it. If I had been patient, I could have found another place to work.

I swore then and there to myself that I would never, ever let a company talk me into taking any type of personality test to be considered for a position. I think I should be judged by my performance and by my superiors’ and peers’ observance of my character, intelligence and personality while performing my everyday duties, not by results from a written test.

I’m no longer with that company. I’m happily employed elsewhere.
—Lori Simpson, MCDBA, MCSD

Thanks for your e-mail. I had a suspicion that things like this were going on. To my knowledge, this is illegal. I’m glad you’ve moved on to a more trusting company.
—Steve Crandall

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.