Certified Mail: April 2003
Printer troubles; security tracks; success with FUD; and ethics unveiled
I Can See You
I have a problem connecting Windows 98, Windows 2000 Professional, Win2K
Server and Windows XP Professional. Win2K and XP can access Win 98 resources,
but Win 98 can’t access Win2K, Server or XP resources. Yet, I can ping
them and see those operating systems in Win 98’s Network Neighborhood.
Win 98 is running FAT32 and the others have NTFS. Can you help me?
—Dennis Daria, MCP, CCNA
Quezon City, Philippines
You have a peer-to-peer network (no domain) with a mix of
Win 98, NT and Win2K machines. When you connect to a share point on an
NT or Win2K machine from a Win 98 machine, you’re prompted for a password
to IPC$. The prompt for an IPC$ password is the Windows server saying,
“You want to create a secure channel using the Inter-Process Communication
stub, but you haven't given me any credentials I can validate.” You can
solve the problem by creating user accounts on the target machines that
have the same name and password as the user account on the Win 98 machine.
This permits the Win 98 user to be authenticated transparently.
Printer Migration Blues
I’m having trouble with printer migration. I’ve tried using the print
migration tools in Win2K on an NT 4.0 Service Pack 6a cluster to a Win2K
SP3 cluster, and the product couldn’t see any printers. Any suggestions?
We’re planning to have the night shift add 280 printers manually. This
means they’ll also have to compare all the device settings for memory
and other variables.
—R.J. Vaughan, MCSE
The Windows 2000 Resource
Kit (supplement 1) has a Printer Migrator 2000
tool, Printmig.exe version 2.0, designed to do this sort of work. In addition,
printer configurations aren’t migrated to all nodes on the cluster; each
node must be updated using the tool. You can learn more here: http://support.microsoft.com/?kbid=315983.
Does having the Certified Information Systems Security Professional (CISSP)
certification give someone more job opportunities? This is a tough job
market, as we all know.
—John Lowe, MCP, Network+, CCNA
Neptune, New Jersey
It’s provided me with respect from some people who value
the certification. This may have helped me win some business, but there’s
no way to judge. Certainly, it wasn’t the sole factor in any decision.
It’s not a panacea, a trophy or a magic bullet.
What’s your thought on which security
certification is most recognized by the general IT industry—the CISSP,
the Global Information Assurance Certification (GIAC) or perhaps another?
I’m planning to get a security certification in the near future, and I’m
trying to decide which to get or—if both are required—which one to get
—John E. Fiess, MCSE
They’re two different paths. The CISSP is for those with four
or more years of experience in information systems security. It’s broad-based
and covers everything, but not in depth. It’s not highly technical on
covering management issues and so on. The CISSP is well respected in the
info sec world. The GIAC has many different exams, mostly all technical.
This one is well respected by technical folks. Take a look at sister site
Cert-Cities.com for reviews of the exams. That should help direct your
I’ve just finished the MCSE (six-plus months of school and prior networking
knowledge) and am interested in a career involving IT security. Currently,
I’m enrolled in the Information Systems program at Kennesaw State University
for my bachelor’s degree, and I plan to take the security classes with
a computer forensics elective. Is this the best route, or is holding a
cert and attaining the Associate of Applied Science degree a better choice?
—John Bradley, MCSA, A+, Network+
Only you can make the right decision. I’m very much in favor
of education—legitimate education, and as much of it as you can get. I’m
also in favor of certification—when it makes sense. And that depends on
the industry. Some titles are entry-level recognition of minimal skills.
Others are only awarded after demonstrated success in the industry. Sometimes
we look at the successful, experienced person with a credential and think
that getting the certification was what made that person successful. The
industry doesn’t help us when it seizes on that idea as well and rewards
titleholders with no experience for more than what they’re worth.
You have experience plus education and now certification.
Evaluate what your schooling can bring to the table vs. certification
alone. And don’t forget that the market for job seekers isn’t good right
now. It’s a good time to acquire new skills via education; but only you
know your financial needs and where your heart is taking you.
Ethics by the Numbers
In February’s “Professionally
Speaking” column, Greg Neilson’s comment that the IT profession needs
an ethical framework is somewhat confusing. Doesn’t it already exist?
Although the article points out several professional organizations that have established codes for their members, these are organizations of professionals and not the professions themselves. I could complete the necessary college courses and pass the required state/local exams to become an engineer but not necessarily join a professional organization. Am I bound by the code of the organization that the majority in my profession have joined? I doubt it. However, I am subject to contractual obligations and the laws and statutes that govern and regulate the profession I practice.
Crandall mentioned, “Instances of ethics lapses...” by various individuals
and businesses as reported in the press in recent years. Were these individuals
and businesses violating a “code” that governs their profession? I’m not
sure; but they did violate the laws and statutes that govern the business
process and individual rights of consumers.
In every certification course I’ve taken, I was reminded of the illegalities
of copying/using software not properly licensed. As an IT professional,
I have an obligation to provide my customers with the best product or
service I can and to provide my employer with the best performance I can
offer. I believe this “ethical framework” exists in all IT professionals.
Some people in our chosen field need reminders now and then. Perhaps we
should form an association for IT professionals so we can remind each
other of our ethical framework.
—R. Wayne Kirby, MCSE, MCP+I, CCNA
Lexington Park, Maryland
Thanks for your comments, Wayne. You’re right about the
distinction between professions and these professional bodies. Unfortunately,
our field is still very young, so we don’t have this type of body in place.
Who knows? Maybe sometime in the future when we all need to have a license
to practice in IT, we will. The breadth of these ethical codes is often
much bigger than respect for copyrights and for us to strive to perform
well in our jobs. They include our responsibilities to our profession
and society as a whole.
In February’s “Editor’s
Desk” by Dian Schaffhauser, I really appreciated the comments about
people in related industries sharing their IT challenges. I’m a firm believer
in networking, and the article does a great job of illustrating that principle:
Even though IT people may do the same “job,” we aren’t necessarily competitors.
In the Puget Sound area, I belong to a group of IT professionals that
owns small businesses in related IT fields. We meet once a month and focus
on our strengths and interests to pass each other referrals. Many of us
do the same thing, but the PC people give referrals to the Mac specialists;
the early morning people give their evening referrals to the night owls;
and the people who live 50 miles from a potential client have seen the
wisdom of passing that referral to someone closer to the client, who will
return the favor when the time comes. In short, we cooperate with each
other, and our businesses grow. Thank you for reminding everyone that
there are advantages in cooperation and sharing information.
—Ed Ebel, MCSE, MCSA, MCDBA, Network+
I work in the oil and gas industry, and we have similar issues regarding
IT challenges. Demanding users—such as engineers, geologists and
geophysicists—know computers are just tools, so they should be able
to do what they want. We had a guy complain to us about not having 1500GB
free space for diagrams he wanted to view. The same guy complained to
management that we were blocking e-mail attachments (he tried sending
a 1.2GB zipped file as an attachment).
I could go on about security rights, printing, connectivity and application
compatibility issues, but it all boils down to understanding clients'
needs and expectations.
Employers Who Want It All
I’m a systems administrator currently out of work, and
I see a lot of strange requirements for jobs. I’ve read ads where the
company wants everything from a cable rat to a security manager all in
the same person. The employer wants it all and
wants it for a low salary. Some of my search engines return the same results
using different keywords. I see systems administrator, network administrator
and security put into the same hat and sometimes into the same ad. I can
perform systems administration well. I do network administration well
enough to keep my own private network protected and secure. I can do security
well enough for my small private network, but I’m not a certified security
expert, and I don’t expect I would be after taking a one-week class. When
a prospective employer wants all three of these job descriptions put into
one hat (to save costs, of course), you have to wonder what they’re really
—Gregory C. Ekholm, MCSE
Colorado Springs, Colorado
This is so true. Do they really expect to get that? I think
many times it’s a clueless HR person writing the ad—or maybe it’s someone
dreaming. Still, no one said you have to say you possess all those things
before you apply for the job. Who knows? Maybe they realize they’re shotgunning
and actually will like your credentials.
Licensing 6.0 and FUD
Now wait a second. If, as Em C. Pea writes in her February column, “Of
Profit and Pickles,” successfully extorting money from customers is
a measurement of success, then we need to re-examine our yardsticks. The
“success” of Licensing 6.0 has only encouraged Microsoft to continue its
policy of FUD—fear, uncertainty and doubt—when it comes to future availability
of software and upgrades. (Do we need to replace our software suites every
three years?) Yet Licensing 6.0 is built around this premise and the fear
that upgrades aren’t economically available to retail users. People flocked
to Licensing 6.0 not because of sound economic reasons, but because they
thought that they’d lose their ability to upgrade. Perhaps that success
has led to Microsoft’s new tact, recently revealed, that all terminal
services connections in Windows Server 2003 will carry a cost through
a purchased TSCAL (previously free for Win2K and Win XP clients). There’s
nothing like giving away something for free and charging for it later.
I’m a longtime Microsoft supporter, but its recent strategy to extort
money from users by any means possible has moved my company and me to
open-source solutions. Sure, they’ll cost more to support and implement,
but being a proficient technologist, I can handle it. What I can’t handle
is capricious and predatory pricing by our friends in Redmond.
—Pete Helgren, MCSE
Salt Lake City, Utah
Auntie’s point was not to comment on the fairness (or otherwise)
of Licensing 6.0. I said my piece regarding that months ago. My point
was simply that the market has spoken—and according to the market, it
was a fair deal. Apparently, people such as you who moved to other vendors
were outnumbered by those who decided not to choose that path.
—Em C. Pea