Managed World

This is a temporary post that was not deleted. Please delete this manually. (91312b61-9b8f-4eee-860f-008c7f1bee01)

All this week, I've been at an internal Microsoft conference. Today, I attended a session that definitely got me excited. The session was given by a Product Manager on the Directory Services team. The topic covered the new Directory Services features coming with Longhorn Server. One of the new features that got me jazzed was the new Read-Only Domain Controller role. It is basically exactly like it sounds.

By default, an RODC doesn't actually store any passwords ("user secrets"). Not only that, but the replication is unidirectional so an RODC won't replicate any information back to the primary domain controller. These features in-turn reduce the attack surface of a Windows Server.

The story that is trying to be won with this new feature in this release is the Branch Office story. Basically, for a company that is large enough to have branch offices (where physical security might not be as strong), instead of deploying a fully blown domain controller, you can now deploy a read-only domain controller. This ensures that if the remote domain controller is compromised, that the entire AD forest is not compromised (since by default, there is very little chance that a username/password combination is cached that could be used to compromise the rest of the domain).

Combine this new features with the new "Server Core" installation option, and you come one step closer to a true "domain appliance." What is Server Core? Server Core is an install path of Longhorn Server (as of Beta 2) that does not install the unnecessary components of the OS (like the GUI or applications like Internet Explorer (after all, why in the world would I need Internet Explorer on a Server?!?!?)). Not only does this further reduce the attack surface of Windows Server, it also will minimize the amount of patching and maintenance that is required. This is something that the Linux/Unix servers have been doing great for a while, so I'm happy to see Windows Server finally catching up in this space!

I'm thinking once I settle into a permanent home up here in the Seattle area, I may very well end up using Longhorn Server at home to actually build up my own personal Domain at home (which I haven't done to date since I haven't really known all that much about maintaining/hardening servers; and seeing that Longhorn Server is significantly hardened by default and I can use Server Core to reduce the attack surface even more, I might as well get started :D).

Exciting times ahead of us, indeed.

[The usual disclaimer about my opinions not reflecting the opinions of my employer apply here]

At times, this was a very frustrating weekend. The biggest contributor to that frustration was a set of directions I got. You see, I was traveling from the Seattle area to Walla Walla, WA (think Northwest Washington to Southeast Washington). I needed to get some directions on how to get there and I figured it was as good of a time as any to start dogfooding Microsoft technologies now that I'm working here.

In the past, everytime I've needed directions, I've used MapQuest. I'm a long-time MapQuest user. Recently, I've started using Google Maps instead and have loved it. For those dissenters out there, I should make it clear that as a Microsoft employee, I am not required to use Microsoft products. Heck, to tell you the truth, I simply want to dogfood our products out of company pride. So, I decided to start with my weekend trip and went to Windows Live Local Beta to get my directions (http://maps.msn.com).

I suppose my first mistake was using a Beta product. But I've used other beta products with no problem. The directions looked good (and believe it or not, they looked better than Google (a 4.25 hour drive according to Windows Live, and a 5.5 hour drive according to Google Maps). Technically, the directions were _sort of_ correct. Practically, they were HORRIBLE. Oh my goodness, I think we need to give some people dictionaries.

One direction said "Stay RIGHT on local roads". When I see that, I immediately think "okay, I'll still in the right hand lane because there are probably exits and turns in the left lane". Nope, that was far from the truth. What did they actually mean? "Take a 90 degree right turn onto a different highway as soon as humanly possible". Oh, and I don't understand how they can say "on local roads" as these were highways in the MIDDLE OF FRIGGEN NOWHERE in central Washington. They might as well have told me "Look for the four-leaf clover and pot of lucky charms. When you see them, you should be right next to a leprechaun. Turn right at the leprechaun and drive through the rainbow bridge." Oy!!!

Later down the road (oh, 60 miles or so), the directions said "Take the I-182 exit". Problem is that they didn't say _which_ I-182 exit. At the first exit sign, there is no visible indication that there is another I-182 sign down the road. Combine that with the fact that the exit sign itself doesn't specify East or West for the exit, and I was sufficiently on my way to a much longer drive that I thought I was in for. So, I take the exit still thinking that I'm heading the right direction. The next direction was "After Exit 14, I-182 will become US-12". Okay, that's an easy one. After all, I'm on the right road. After Exit 5, the Interstate comes to a complete stop and there are only two directions to go, left or right. This meant that there was absolutely NO way I was every going to reach Exit 14 because it DOESN'T EXIST!!!

The frustrating part to me is that if I was a "normal" end-user, I'm pretty sure there would be no way in heck I would ever use that product again. Sadly, when I was getting ready to come home, I went back to MapQuest. You know what? The directions were wonderful and I got home in great time. Boy, both Microsoft and Google still have a long way to go to catch up to MapQuest in my mind.

Since I said I was going to talk about my adventures in server land, I might as well get started, right? Let's start from the beginning.

While I've certainly had server-side programming experience, I've come to realize that my programming experiences were perhaps a bit more client sided that I originally thought. Starting to work with the various core technologies in Longhorn Server last week has made me realize something: I have a lot to learn. Of course, this is a learning experience that I'm really looking forward to having. Like I've said before, I hope I never live a single day where I don't learn something new (no matter how small).

So, what's the learning curve? I'm not only talking about learning all the various technologies in Longhorn Server, I'm also talking about having to "back-learn" Windows Server 2003. My feeling is that if I can't express why certain advancements make our programming life easier than before, than I can't very well do my job, can I? To be able to communicate this, I need to go back and learn a bunch about Windows Server 2003 that I didn't know about before. This way, I can talk about how we had to do something before and compare it with how we can do it today with Longhorn Server. Of course, with certain technologies like the Transactional File System, this issue doesn't directly apply.

Currently I find myself learning Windows Server 2003, learning Longhorn Server, continuing to learn .NET 3.0, and learning Microsoft. And you know what? I still feel like a kid in a candy store :D.

So, what are we talking about when we say "Core Services" in Longhorn Server? These are the features that are core to the operating system and are not necessarily development frameworks themselves. The best way to explain is perhaps by example.

Some of the technologies that I will be working with from the start? TxF (Transactional File System), Virtualization, WMI, and RDC (Remote Differential Compression), to name a few. This week I'll be attending an internal Microsoft conference called TechReady. I'm hoping that after this week, I'll have a better understanding of the various core technologies. Not only that, I hope to be able to get a handle on what other core technologies may exist that get me excited that I haven't heard mentioned yet.

There's definitely a lot to be seen in Longhorn Server. I can say for sure that my adventure is just beginning :).

So expect to hear future posts from me on these various technologies (and possibly more as I dig into Longhorn Server more).

I can't think of a better way to express my first two days at Microsoft than "drinking from the fire hose". There is a lot of information for a new employee to take in. The good thing is that they (read: Microsoft) know this and have an entire team dedicated to the "On-Boarding" experience of new employees.

Was Microsoft "People-Ready" like I was wondering? As a new employee, I feel they definitely are. Of all the companies I have worked for, Microsoft is the company is by far the most prepared for new employees that I have seen. Of course, with how many employees they hire (just over 12k last fiscal year world wide, I believe), it is hardly surprising they are so prepared. From what I understand, it hasn't always been that way. Frankly, I'm just glad they're more prepared now :).

I was really thinking of making a more detailed blog post about New Employee Orientation and my On-Boarding experience so far at Microsoft but I am simply emotionally drained right now. I'm definitely looking forward to a good night's sleep so I can really dive into the deep end tomorrow. I guess I'm one of those people who like to simply dive right in. That's one of the reasons I'm looking forward to tomorrow: it is the first "full day" at Microsoft without New Employee Orientation.

One thing I will share with all of you? No lie, every time I swipe my Microsoft badge at a door and hear the ding when the light goes "green", I smile :). I guess it's just starting to "sink in" that I'm now working for Microsoft.