Enterprise Best Practice does not necessarily equal Cloud Best Practice…

2017-07-27T00:00:58+00:00 July 28th, 2016|Azure, blog|

This article might just be restating the obvious for some — but to put it bluntly, a “best-practice” Enterprise Active Directory (AD) design feature may not perfectly translate to a Cloud-based deployment scenario. Let me explain…

When Good Mappings Go Bad

Let’s imagine an enterprise that has done a good job of providing universal access to user Home Folders by using the AD Home Folder attributes on the user objects.  Very common indeed, and very well loved in most cases.  In a well-designed infrastructure, the users get access to the Home Folder from almost anywhere in the world, and from a variety of platforms including local, remote, and thin/terminal access.

On top of that, imagine further that the environment utilized the individual logon script user object attribute to determine group memberships, deliver printers, and maybe even deliver a mapping or two.  All of this is fine (though arguably cumbersome) in a high-speed environment where the network inter-connectivity is not rate-limited or rate-charged.

Now however, let’s imagine being one of those users authenticating to an RDS/Terminal Server (session hosts) farm in a cloud-based domain instead of in the Enterprise.  Hmm.  Suddenly, different access and performance considerations appear when walking through that logon process.  For instance, while that Home Folder server may be reachable from that RDS farm, that lookup and access of the file server might very well be across a VPN pipe that is slow; or even if it’s fast, there may be a charge for egress data transfer as is the case with Microsoft Azure.  Oh, and that logon script will definitely hit the Domain Controller looking for all of what it needs to draw conclusions; and in the end, may attempt to map you to things you cannot even reach.

Can you solve this problem by putting domain controllers in the cloud?  Well, part of it — if you use good AD Site and Subnet configuration.  But you can’t escape the fact that your enterprise user objects may attempt to reach beyond those controllers and into the infrastructure to access what they must, and time-out on what they cannot (read: slow logon).

The GPO is your frienemy

And don’t even get me started on GPOs.  Yes, you know them, and you love them, and you use them to provide a rock-solid enterprise configuration for your users…  But what about those mandatory proxy registry settings that matter in the cloud?  What about those printer map settings?  What about those WMI evaluations?  The Item-Level Targeting?  And so on.

And then one day of course, there’s the one GPO setting that accidentally gets applied to those users that inexplicably wipes out their access to the application in the cloud-based RDS farm.

The bottom line is that again, things that may be prudent and reasonable in the Enterprise may be detrimental to the Cloud users’ experience.

So what can you do?

First, step back.  Ask yourself if your user logon process is clean, lean, and mean, and prudent for a Cloud-based experience.  It may very well be the case, but it likely is not.  So if you find that you’ve been a good and dutiful Enterprise admin and used Active Directory to tightly configure that user, you might be faced with a need to have a separate directory for your Cloud environment that is either replicated, integrated, or federated.  Which, for some organizations, may very well cause them to have to re-think security models (or at least re-imagine the ones they have), evaluate provisioning, and so on, as part of a larger Cloud Strategy.

Or, if your situation permits, you might be able to take advantage of the soon-to-be-released Azure Active Directory Domain Services, as long your design doesn’t run up against some of the limitations (I strongly recommend you read the FAQ and other documentation before deciding it’s right for you).

Now you’ve heard what to watch out for, but the options you utilize going forward depend on what you are trying to achieve.  Good luck out there, and let us know if we can help…

Hyper-V, Windows 10, and Insider Preview…

2017-07-27T00:00:58+00:00 July 21st, 2016|blog, Hyper-V, Microsoft|

I am guilty of running Windows 10 with the Insider Preview “Fast Ring” in production as my day-to-day laptop.  I also maintain a lab of Hyper-V Virtual Machines (VMs) on my laptop that use shared virtual networking with the built-in interfaces, so I can have the equivalent of a NAT environment for my VMs.

Mind you, it’s really been great in almost every way — except that every time I get an update to the Windows 10 Insider Preview (and that is ever few days lately), I have to re-configure my interface sharing and NAT so my VMs can reach the Internet.  So, I thought I’d whip up the steps for you, in case you face the same thing.

So first, after you notice that your VMs don’t have Internet access — and then you remember that you got another Fast Ring update recently, you do this:

Open the Hyper-V Manager on the Windows 10 laptop, and click on “Virtual Switch Manager…” from the Actions area.

Capture1

Select the virtual switch to be fixed, in my case named “Internal-NAT switch”, and change from Internal to Private, and apply.

Capture3

You may notice that the Hyper-V interface disappears from the laptop Interface list.  Select Internal again to change from Private, and click OK.  The Hyper-V interface reappears in the interface list.

Capture2

Right-click on the WiFi interface (or whichever you wish to share networking with the VMs), and choose Properties.  On the Sharing tab, ensure the box is checked for “Allow other network users…” and click the drop-down list under “Home networking connection:”.  Change from “Select a private network connection to choose the Hyper-V interface, and click OK.

Capture4

Note that the previous step has not *always* worked for me, though it usually does.  A couple times, I’ve had to either a.) un-check the check box and save before re-enabling sharing, or in rare cases, b.) go into Device Manger and remove the WiFi interface, reboot, and return to re-enable sharing.  Anyway, if all goes well and you’ve re-enabled sharing, your VM pings will start going through as the networking gets reconnected.

Capture6

I’ve become quite used to doing this series of steps and have got it down to a quick few moments, but it always seems to catch me off-guard each time it happens.  I hope it helps you a bit!

Nutanix .NEXT Conference 2016 Recap

2017-07-27T00:00:58+00:00 July 8th, 2016|blog, Hyperconverged Infrastructure, Nutanix|

One of our strategic partners, Nutanix recently successfully completely their annual .NEXT Conference boasting over 2500 attendees from 50 countries. There were 67 breakout sessions and 120 speakers, and many exciting announcements were made, including but not limited to the following:

  • Acropolis Block Services: Expose Nutanix to bare metal with important features like migrating SQL from bare metal to VM with zero down time.
  • 5th Generation Hardware: The G5 series will now provide the option to choose all flash configurations across the board.
  • Predictive Analysis / What-If Scenarios: Answering such questions like, “What would we need if we bought a new company?” and “How would new hardware help my environment?”
  • Microsoft CPS: Nutanix will now have an option to ship with the “Azure in a Box” experience, pre-installed with SCVMM SCOM and Azure pack.
  • ESXi Management through Prism: This is now truly a single plan of glass for managing compute, storage and virtualization under one umbrella.  No need to jump back and forth between management tools.
  • Network Visualization: See how VMs are connected to the host, switches and other VMs.  This works not only as a great troubleshooting tool but also as an excellent tool for documenting the current state of network connections.
NTCs Behind the Scenes (literally)

NTCs Behind the Scenes (literally)

Coretek’s Datacenter Practice Manager, Todd Geib was honored to be a part of the conference.  Nutanix asked Todd to help kick off the .NEXT keynote session along with other members of the Nutanix Technology Champion (NTC) program.  In 2015 Todd was nominated into the NTC program.  The NTC Program recognizes Nutanix and web-scale experts for their ongoing and consistent contributions to the community and industry. The program provides its champions with opportunities to further expand their knowledge, amplify their brand, and help shape the future of web-scale IT. Todd and the NTCs started with a little fun, spelling out “WELCOME TO #.NEXTCONF 2016” on their shirts. Watch the Keynote here: https://www.youtube.com/watch?v=rV0LDLO4uPw

David Blaine at .NEXT Conference

David Blaine at .NEXT Conference

 

And what would a trip to Las Vegas be without a magic show? Magician and illusionist David Blaine made an appearance at .NEXT, testing his ability to hold his breath underwater against the time it took to install Nutanix Community Edition. It was installed in a little over 7 minutes – plenty of time for David to relax in the water tank, whose breath-holding record is 17 minutes.

 

 

 

For more highlights, announcements and information on the .NEXT Conference, visit the Nutanix page:

http://www.nutanix.com/2016/06/21/nutanix-next-2016-announcements-innovation-is-just-a-click-away/

 

The future with Nutanix looks bright and we’re looking forward to .NEXT 2017 in Washington D.C.!

CORETEK SERVICES ANNOUNCES NEW SALES DIRECTOR CYNDI MEINKE

2017-07-27T00:00:58+00:00 July 8th, 2016|News|

Farmington Hills, Mich., July 5, 2016 – Coretek Services, one of the leading IT consulting and systems integrators, is pleased to announce the promotion of Cyndi Meinke to her new role as the Director of Sales and Marketing. In her new role, Cyndi will oversee a sales team of seven account executives, as well as sales support and marketing.

Prior to working at Coretek Services, Cyndi held a variety of job titles including Account Executive, Manager of Client Services and IT Director. Since 2014, she is also a Certified Associate in Healthcare Information and Management Systems (CAHIMS) by the Healthcare Information and Management Systems Society (HIMSS). Along with this vast experience, Cyndi brings a driven work ethic, a positive can-do attitude, and creative spark to the role.

 

About Coretek Services

Coretek Services is a Systems Integration and IT Consulting Company that delivers high value and innovative solutions. Coretek works with your team to custom-design an IT architecture based on each clients’ unique requirements; the solution encompasses server and desktop virtualization, optimization of a virtual desktop environment, cloud desktop, mobile device management, infrastructure consulting and project management. Our goal is to help our clients achieve Project Success. No exceptions! For more information, visit coretekservices.com.