Cloud, Scripting

Microsoft Teams and PowerShell

I just started playing around with the MicrosoftTeams PowerShell module (available in the PowerShell Gallery, use Find-Module MicrosoftTeams for more information). Here’s a quick sample of how you can get started using it…

$conn = Connect-MicrosoftTeams

# list all Teams
Get-Team

# get a specific Team
$team = Get-Team -DisplayName "Benefits"

# create a new Team
$team = New-Team -DisplayName "TechSupport" -Description "Technical Support" -Owner "dave@contoso.com"

# add a few channels to the new Team
New-TeamChannel -GroupId $team.GroupId -DisplayName "Forms Library" -Description "Forms and Templates"
New-TeamChannel -GroupId $team.GroupId -DisplayName "Customers" -Description "Information for customers"
New-TeamChannel -GroupId $team.GroupId -DisplayName "Development" -Description "Applications and DevOps teams"

# dump properties for one Team channel
$channelId = Get-TeamChannel -GroupId $team.GroupId |
Where-Object {$_.DisplayName -eq 'Development'} |
Select-Object -ExpandProperty Id

# add a user to a Team
Add-TeamUser -GroupId $team.GroupId -User "dory@contoso.com" -Role Member

Here’s a splatted form of the above example, in case it renders better on some displays…

$conn = Connect-MicrosoftTeams

# list all Teams
Get-Team

# get a specific Team
$team = Get-Team -DisplayName "Benefits"

# create a new Team
$params = @{
DisplayName = "TechSupport"
Description = "Technical Support"
Owner = "dave@contoso.com"
}
$team = New-Team @params

# add a few channels to the new Team
# NOTE: You could form an array to iterate more efficiently
$params = @{
GroupId = $team.GroupId
DisplayName = "Forms Library"
Description = "Forms and Templates"
}
New-TeamChannel @params

$params = @{
GroupId = $team.GroupId
DisplayName = "Customers"
Description = "Information for customers"
}
New-TeamChannel @params

$params = @{
GroupId = $team.GroupId
DisplayName = "Development"
Description = "Applications and DevOps teams"
}
New-TeamChannel @params

# dump properties for one Team channel
$channelId = Get-TeamChannel -GroupId $team.GroupId |
Where-Object {$_.DisplayName -eq 'Development'} |
Select-Object -ExpandProperty Id

# add a user to a Team
$params = @{
GroupId = $team.GroupId
User = "dory@contoso.com"
Role = 'Member'
}
Add-TeamUser @params

Advertisements
System Center, Technology

ConfigMgr Anxieties

dmvidpics-2017-02-20-at-13-46-18

This is a sampling of the most common situations I run into with customer engagements.  I haven’t followed-up my older “what I learned this week” articles, so this is sort of catch-up.

The following is intended for an immature audience.  Mature people will likely fall asleep before completing this, and may require physical or electrical stimulation to regain consciousness.  I am not mature, so I may fall asleep before you do.

1 – Software and Update Deployments with Maintenance Windows and Overrides

Beer-level:

  • You can deploy Applications and Packages to Device Collections and User Collections
  • The Deployment itself has properties (attributes) assigned to stipulate the behavior (schedule, target, restrictions, exceptions, etc.)
  • User and Device Collections can have Maintenance Windows assigned, which provide guard rails for drunken, passed-out, deployments
  • Deployments can be assigned to respect or ignore Maintenance Windows, like a politician at a press conference

Wine-level:

  • Machines which end up in multiple collections with maintenance windows can easily become unpredictable
  • Machines that end up in multiple non-contiguous maintenance windows can become a reason to drink
  • People who place machines into multiple collections with unique maintenance windows may end up duct taped to a urinal at a bus station
  • It’s easy to forget Maintenance Windows, or how they overlap and pile up on devices which end up in multiple collections

Advice:

  • Use maintenance windows sparingly
  • Plan all of your maintenance window needs before you apply the first one
  • Consider naming Collections to indicate maintenance window involvement (as well as the window itself: example = “Crappy Machines – MW – Fridays 5p-11p”)
  • Consider custom Device Client Settings for roaming devices, versus stationary devices

2 – Operating System Deployments and PXE Panic

Wine-Cooler-level:

  • You can target PXE deployments of OSD Task Sequences to Collections
  • You can restrict the Deployments to recognize only existing ConfigMgr Clients, or “unknown” Computers (never been on your network or AD or ConfigMgr), or allow anything (both known and unknown)
  • Targeting PXE OSD deployments to both known and unknown can be risky

Bourbon-level:

  • It is actually not easy to accidentally image production machines via PXE using SCCM OSD
  • In order to “accidentally” re-image existing/known computers, you’d have to:
    • Target the wrong Collection(s) with a…
    • Zero-Touch (ZTI) task sequence, and…
    • Select the wrong availability, such as allowing ConfigMgr clients, and…
    • Set the Deployment purpose option to “Required”, and…
    • Not have a PXE password enabled, and…
    • Have the devices boot configuration set to boot from the Network first, and…
    • Not know what you’re doing
    • Not ask for help when you realize you don’t know what you’re doing
    • Getting ready to quit your job out of anger at your employer

Advice:

  • Be careful with Deployment targeting
  • Clearly name your Task Sequences so your worst technicians can still understand which ones to select
  • Restrict access to Deploying Task Sequences (and anything else) if you work within a large team (tip: roles and scopes are your friend)
  • Consider using a central or regional workbench process, with a local PXE responder (DP, etc.) on the same subnet, isolated from the production network on a common switch.  The network team doesn’t need to be bothered
  • Use a controlled password on your PXE responder (DP, etc.)
  • Slip Xanax into the coffee pot near the network team (just kidding, don’t do that)

3 – Collection Limiting and Refresh Scheduling

RedBull-level:

  • Collections with Query Rules are “limited” to being a subset of a parent Collection, called (queue the dramatic music) a “limiting collection”
  • A limiting Collection restricts the scope from which the dependent Collection can see resources to consider as members.  If the limiting Collection doesn’t contain a resource, the dependent Collection won’t be able to add it as a member

FourLoco-level:

  • A Query-Rule Collection will only refresh membership results as often as its limiting Collection.  In other words, if the limiting Collection refreshes every 7 days, the dependent Collection can be set to 1 day, but will only update when the limiting Collection hits its 7 day cycle
  • Query-rule Membership Collections with very short refresh cycles may impact site server performance, and may cause ripple effects which can further impact performance
  • Avoid using a lot of incremental updates for collections.
  • Be careful with Direct-rule Membership Collections and assigning refresh schedules

Advice:

  • Pay attention to Limiting Collections and their membership rules and refresh schedules.
  • Consider tuning query rule collection refresh schedules during and after major changes to the environment only.  For example, during OS migrations/upgrades, reduce the interval to get faster reporting updates, but after the bulk of activity dies down, increase the interval back to reasonable values
  • If you’re not a DBA or DBD, go talk to one and ask for advice on query optimization techniques.  They may look at you like an Ebola patient when you show them WQL, but free doughnuts or Empanadas, and coffee should calm them down again

4 – Accounts and Security

KoolAid-level:

  • ConfigMgr uses several security (user-type) accounts for various features.  Each account is used in a unique and different way, for a unique purpose.  Some are mandatory, and some are optional:
    • Site Installation and Initial Configuration (Windows, SQL Server, AD)
    • Client Push Installation (Workstations, Servers, Domain Controllers, Classified/Sensitive systems, etc.)
    • Network Access / Software Distribution and OSD
    • Domain-Join / OSD
    • Build and Capture / OSD
    • Remote Tools / Client Settings
    • Roles / Accounts / Administration
    • Discovery Methods / Administration
    • Cloud Services / Administration
  • Each account has unique access/privilege needs

Scotch-level:

  • Accounts which are used by multiple (unrelated) systems often add risk of unexpected interruption by other users (password changes, account lock-outs, etc.)
  • You can often control team access from application-level groups, or via AD security groups.  Trying to manage it both ways often leads to unwanted results.

Advice:

  • Avoid using SCCM-related accounts for multiple purposes, even within SCCM
  • Aim for dedicated, purpose-driven accounts, exclusive to what they’re intended for
  • Grant each account only the bare minimum permissions it needs
  • Choose a consistent manner by which to manage team access to tools and features
  • NEVER share the use of a ConfigMgr service account with an unrelated system or process
  • NEVER use a person’s own login account for a service account
  • Avoid using a person’s own login account for building site systems
  • Document everything, and track changes always

5 – Device Imaging, Naming and Provisioning

SawDust-level:

  • If you don’t provide an explicit name for each device during imaging, the default name will suck
  • Sucky device names make for a sucky day at work
  • You can assign a unique device name to a bare metal imaging process using a variety of means within ConfigMgr:
    • Collection Variables
    • UDI form input, or tools like UI++
    • Custom (script) form input
    • Semi-Automated using external systems / third-party tools or custom development
    • Completely Automated using internal data
  • You can spend hours, days, even weeks on the perfect naming process

Cheerios-level:

  • There is no 200 level.  Don’t listen to that other guy

Advice:

  • Strive for fully-automated, zero-input processes
  • Watch out for forgetting Collection Variables while trying to implement other options at the same time
  • Count the time you spend on device naming (if you’re not already fully-automated) and assign a dollar figure to that, tally it up weekly, monthly and annually.  Then see if it saves you more than that somewhere else, and by how much.  I bet it’s not saving you anything at all (dollar-wise)

6 – Guard Dogs and Anti-Malware Fences

Bush-level:

  • Anti-Virus / Anti-Malware is intended to protect your computer from malicious code
  • Most AV/AM products are general in nature, rather than specifically-tuned for every other product you may have installed.
  • Some products step on common parts of a computer which cause AV/AM products to react as if it is malware.
  • System Center Configuration steps on a lot of those parts.
  • Most AV/AM products do not know what Configuration Manager is.
  • Many Windows 10 migration projects are derailed or delayed by AV/AM interference
  • The less consistent your AV/AM environment, the greater the interference risk and scale of impact to migration projects

Tree-level:

  • One of the most common interference issues is having unsupported (outdated) AV/AM client versions installed on machines
  • Another common problem are rogue AV tools installed inconsistently throughout the environment
  • Most AV/AM products like McAfee, Symantec, Sophos, provide administrator consoles for managing their own environments.
  • Most AV/AM admin consoles are in front of dedicated AV admins
  • Most AV/AM admins have some sort of favorite food or drink.  Leverage that.

Advice:

  • Make sure all AV/AM clients are on a consistent, and Windows 10 supported, version.  Refer to vendor docs like McAfee, Symantec and Sophos or whatever you use, for more details.
  • Grant exclusions for ConfigMgr client footprints, such as files/folders, registry paths, services, processes, etc.
  • Don’t forget the firewall exceptions
  • Don’t forget the exclusions for the ConfigMgr site servers too
  • Don’t forget food bribery works wonders on cross-team collaboration

7 – Failing to Keep Up

Water-level:

  • Many customers are still on ConfigMgr 2007, 2012, 2012 R2, as well as Windows Server 2003, 2008, 2008 R2, and SQL 2008, 2012
  • Many customers are still on Windows 7, Office 2010 or 2013
  • Many customers have moved up to ConfigMgr Current Branch, but are still behind on site updates/upgrades.
  • Many customers upgraded in-place but didn’t spend time on the underlying infrastructure (Windows Server OS, SQL Server, physical and virtual resource allocations, etc.)
  • Current levels are Windows Server 2016, SQL Server 2017, SCCM 1802, ADK 1803, MDT 8450, and Windows 10 1803

Steam-level:

  • Many sites haven’t been diligent on keeping 3rd party apps updated consistently
  • Many customers haven’t kept their AV and disk encryption installs consistently up to date

Advice:

  • Focus on bringing all of your platforms up to date
  • Consider a new stack and clean cut-over if possible
  • Double-check your licensing and resource constraints (VM hosts, storage, etc.)
  • Update or replace peripheral processes, like backups, monitoring, etc.
  • Consider third-party tools to augment things like patching, backups, automation, etc.

Did I miss anything?  Let me know in the comments below.

Thank you!

Devices, Scripting, System Center, Technology, windows

ConfigMgr OSD Device Naming

For whatever reasons, this still seems to be an interesting and ongoing topic of discussion/debate/argument/angst/drinking, etc.  I’m talking about assigning names to computers while they’re being imaged or refreshed.  There are quite a few common scenarios, and an unknown variety of less-common scenarios, I’m sure.  Some embrace this and some despise it.  The views are all over the place it seems.  But regardless, as a consultant, I’m very often tasked with advising (okay: consulting) customers on options for either fully or partially automating the process.

Personally, I approach all automation scenarios with the same view: Explain why you need it.  Very often, automation is simply taking over from a poorly designed manual process.  As an old colleague of mine once said (and I repeat ad nauseum) “If you automate a broken process, you can only get an automated broken process“.  It’s true.  If the customer is receptive to a discussion about alternatives, it always produces a more positive outcome.  So far, at least.

Anyhow, I wanted to lay out some common scenarios and examples for handling them.  These are based on the use of either Microsoft System Center Configuration Manager (aka ConfigMgr, aka SCCM), or Microsoft Deployment Toolkit (aka MDT).  I am by no means implying these are the ONLY way to accomplish each scenario.  They are provided simply as ONE way out of many, but which I’ve found offer the best benefit for the least effort and risk.  You are free to roll your eyes and call me a dumbass, that’s fine, because I plug my ears anyway.

Manual: Stick shift (The Exploding Space Shuttle Method)

This method requires a human to manually enter the desired name to assign to the device.  It’s the easiest/quickest method to implement.

For ConfigMgr environments, the quickest implementation is by assigning “OSDComputerName” Collection Variable to a device collection.  For bare metal (e.g. new) machines, that is often the “Unknown Computers” collection, but for refresh/reimage scenarios it’s whatever device collection is being targeted by the relevant task sequence.

Pro – easy, fast, cheap

Con – prone to human error

Fully-Automatic: Serial Number

Since Windows 10 still imposes a limit of 15 characters, with restrictions on certain alphanumeric characters, this method often includes some checking/filtering to insure that the process doesn’t swallow a grenade and make a mess.  This is less common today with physical machines, but often occurs with virtualized environments due to differing serial number formats.  This example uses the BIOS serial number as the machine name.  If the serial number is longer than 15 characters, only the last 15 characters are used.  So “CNU1234567891234” would become “NU1234567891234”.

# Set-ComputerNameAutoSN.ps1
$snmax = 15
$csn = (Get-WmiObject -Class Win32_SystemEnclosure).SerialNumber
if ($csn.Count -gt 1) { $csn = $csn[0] }
if ($csn.Length -gt $snmax) {
  $csn = $csn.Substring($csn.Length - $snmax)
}
try {
  $tsenv = New-Object -ComObject Microsoft.SMS.TSEnvironment
  $tsenv.Value("OSDComputerName") = $csn
  Write-Output 0
}
catch {
  Write-Output "not running in a task sequence environment"
}

Note: You might be wondering why the “if ($csn.Count -gt 1)…” stuff.  That’s in case the device is sitting in a dock or connected via an e-dock or dongle, which often causes WMI queries to return an array instead of a single integer for things like ChassisTypes and so on.  Checking the count of values assigned to the variable allows for retrieving just the first element in the array.

Full-Automatic: Form-Factor + Serial Number

This is a variation on the preceding example, whereby a prefix (or sometimes a suffix) is added to the name to identify a general form, such as “D” for desktop, and “L” for laptop, and so on.  This example would take a ChassisType value of 3 and the last 10 characters (arbitrary, not required) of the Serial Number of “CNU1234567891234” and concatenate these into “D4567891234”

# Set-ComputerNameAutoFormSN.ps1
$snmax = 10
$csn = (Get-WmiObject -Class Win32_SystemEnclosure).SerialNumber
$cff = (Get-WmiObject -Class Win32_SystemEnclosure).ChassisTypes
if ($csn.Count -gt 1) { $csn = $csn[0] }
if ($cff.Count -gt 1) { $cff = $cff[0] }
if ($csn.Length -gt $snmax) {
  $csn = $csn.Substring($csn.Length - $snmax)
}
switch ($cff) {
   3 { $ff = 'D'; break }
   4 { $ff = 'D'; break }
   5 { $ff = 'D'; break }
   6 { $ff = 'D'; break }
   7 { $ff = 'D'; break }
   8 { $ff = 'L'; break }
   9 { $ff = 'L'; break }
  10 { $ff = 'L'; break }
  11 { $ff = 'L'; break }
  14 { $ff = 'L'; break }
  default { $ff = 'X'; break }
}
$newname = $ff+'-'+$csn
try {
  $tsenv = New-Object -ComObject Microsoft.SMS.TSEnvironment
  $tsenv.Value("OSDComputerName") = $newname
  Write-Output 0
}
catch {
  Write-Output "you forgot to flush the toilet"
}

Semi-Automatic: Location Code + Form Factor + Serial Number

This one is based on a scenario where all devices are imaged at a single location, and shipped out to other locations, whereby the customer wishes to place the AD computer account into an associated location-based Organizational Unit (OU) during the imaging process.  This can be done using User-Driven Interface (UDI) forms, or by script.  I prefer script because I’m more comfortable with it and there are far fewer moving parts to contend with.  That said, there are several ways to do this:

Option 1 – SCCM Collection Variable

A collection variable can be assigned to the target collection in order to prompt for a location identifier.  This could be a number, a name, or an abbreviation, it doesn’t really matter since it’s just a textbox form input.

Option 2 – MDT / SCCM Task Sequence Script

Some flavors of this involve copying the ServiceUI.exe component from the MDT installation into the script package, so that ServiceUI.exe can be invoked to suppress the task sequence progress UI and allow custom script GUI forms to display properly.  I did it this way for a long time, until I ran across this really nice script from John Warnken *here*.  After some (minor) tweaking it can easily be adapted to almost any need.  The example below prompts the technician for a 3-character Location Code and then concatenates the device name using [Location]+[FormFactor]+[SerialNumber] up to 15 characters, so the [SerialNumber] value is truncated to the last 10 characters (max).

<#
Set-ComputerNameFormLocSN.ps1
.SYNOPSIS 
Displays a gui prompt for a computername usable in a SCCM OSD Task Sequence. 
 
.PARAMETER testing 
The is a switch parameter that is used to test the script outside of a SCCM Task Sequence. 
If this -testing is used the script will not load the OSD objects that are only present while a task sequence is running. 
instead it will use write-output to display the selection. 
 
.EXAMPLE 
powershell -executionpolicy Bypass -file .\Set-ComputerNameLocationPrompt.ps1 
 
.EXAMPLE 
powershell -file .\Set-ComputerNameLocationPrompt.ps1 -testing 
 
.NOTES 
This is a very simple version of a OSD prompt for a computername. You can add extra validation to the computer name, for example a regular expression test 
to ensure it meets standard form used in your environment. Addtional form object can be added to other options that you may want to set 
task sequence variables for. Also as a simple example, I just added the xaml for the wpf form as a variable in the script. You have the option of storing it in 
a external file if your form gets complex.

.Author 
Jonathan Warnken - jon.warnken (at) gmail (dot) com 
https://gallery.technet.microsoft.com/scriptcenter/Prompt-for-a-computername-6f99fa67
.Hallucinator
Skatterbrainz - @skatterbrainzz
#> 
[CmdletBinding()] 
param( 
  [parameter(Mandatory=$False)]
    [switch] $Testing
)
$snmax = 10
if(!$Testing){
  # this section provides the gluten-free, high-protein alternative to ServiceUI.exe
  $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment  
  $tsui  = New-Object -COMObject Microsoft.SMS.TSProgressUI  
  $OSDComputername = $tsenv.Value("OSDComputername")
  $tsui.CloseProgressDialog() 
}

# query machine serial number and chassis type from WMI
$csn = Get-WmiObject -Class Win32_SystemEnclosure | Select-Object -ExpandProperty SerialNumber
$cff = Get-WmiObject -Class Win32_SystemEnclosure | Select-Object -ExpandProperty ChassisTypes

# check if return values are an array and if true, then only use the first element
if ($csn.Count -gt 1) { $csn = $csn[0] }
if ($cff.Count -gt 1) { $cff = $cff[0] }

# if serial number is longer than 10 chars, get last 10 chars only
if ($csn.Length -gt $snmax) {
  $csn = $csn.Substring($csn.Length - $snmax)
}
# derive form factor code from chassis type code
switch ($cff) {
   3 { $ff = 'D'; break }
   4 { $ff = 'D'; break }
   5 { $ff = 'D'; break }
   6 { $ff = 'D'; break }
   7 { $ff = 'D'; break }
   8 { $ff = 'L'; break }
   9 { $ff = 'L'; break }
  10 { $ff = 'L'; break }
  11 { $ff = 'L'; break }
  14 { $ff = 'L'; break }
  default { $ff = 'X'; break }
}
[xml]$XAML = @' 
<Window 
  xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" 
  xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" 
  Title="SCCM OSD Computername" Height="154" Width="425" Topmost="True" WindowStyle="ToolWindow"> 
  <Grid> 
    <Label Name="Computername_label" Content="Location:" HorizontalAlignment="Left" Height="27" Margin="0,10,0,0" VerticalAlignment="Top" Width="241"/> 
    <TextBox Name="LocationCode_text" HorizontalAlignment="Left" Height="27" Margin="146,10,0,0" TextWrapping="Wrap" Text=" " VerticalAlignment="Top" Width="220"/> 
    <Button Name="Continue_button" Content="Continue" HorizontalAlignment="Left" Margin="201,62,0,0" VerticalAlignment="Top" Width="75"/> 
  </Grid> 
</Window> 
'@ 
[void][System.Reflection.Assembly]::LoadWithPartialName('presentationframework') 
#Read XAML 
$reader=(New-Object System.Xml.XmlNodeReader $xaml) 
$Form=[Windows.Markup.XamlReader]::Load( $reader )

# add form objects as script variables 
$xaml.SelectNodes("//*[@Name]") | %{Set-Variable -Name ($_.Name) -Value $Form.FindName($_.Name)}

# set the default value for the form textbox
$LocationCode_text.Text = 'STL'

# assign event handler to the "Continue" button
$Continue_button.add_Click({ 
  $Script:LocationCode = $LocationCode_text.Text.ToString()
  $Form.Close() 
})
# display the form for user input
$Form.ShowDialog() | Out-Null

# after form is closed, concatenate computer name from input values and other variables
$computername = $Script:LocationCode+$ff+$csn

if (!$Testing) {
  $tsenv.Value("OSDComputername") = $computername 
  Write-Output " OSDComputername set to $($tsenv.value("OSDComputername"))" 
}
else { 
  Write-Output " OSDComputername would be set to $computername" 
}

Pro – works with PXE and offline media

Con – some scripting and testing required

Fully Automatic: Location Code + Form Factor + Serial Number

This method relies on something available from the environment upon which to determine the “location”.  For MDT this is often using the CustomSettings.ini with the IP Gateway address.  Using a logical if/then you can construct a logic mapping of IP gateway = Location or location Code.

Option 1 – MDT Deployment Share Configuration

This one uses a CustomSettings.ini which reads the IPv4 Gateway address and the Serial Number to concatenate the resultant device name.  For a better example of this and a much, much better explanation by the one-and-only Mikael Nystrom, please read this first.

[Settings]
Priority=Init, ByDesktop, ByLaptop, DefaultGateway, Default 
Properties=ComputerLocationName, ComputerTypeName, ComputerSerialNumber

[Init]
ComputerSerialNumber=#Right("%SerialNumber%",10)#

[ByLaptop]
SubSection=Laptop-%IsLaptop%
ComputerTypeName=L

[ByDesktop]
SubSection=Desktop-%IsDesktop%
ComputerTypeName=D

[DefaultGateway]
192.168.1.1=Norfolk
192.168.2.1=Chicago
192.168.3.1=NewYork

[Norfolk]
ComputerLocationName=NOR

[Chicago]
ComputerLocationName=CHI

[NewYork]
ComputerLocationName=NYC

[Default]
OSInstall=Y
ComputerLocationName=XXX
ComputerTypeName=X
OSDComputerName=%ComputerLocationName%%ComputerTypeName%%ComputerSerialNumber%
SkipCapture=YES
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerBackup=YES
SkipBitLocker=YES

Using this sample INI configuration, a laptop device with Serial Number “CNU1234567891234” connected to IP gateway 192.168.3.1 would end up with an assigned name of “NYCL4567891234”.  If the DefaultGateway is not defined in the list, it will default to location code “XXX”.  If the form factor cannot determine Desktop or Laptop it will default to “X”.  So, using the same serial number value it would end up as “XXXX4567891234”.

Option 2 – SCCM Task Sequence

This example adapts the semi-automatic example above, but replaces the GUI prompt with a check for the IP gateway.

# Set-ComputerNameAutoLocIPFormFactorSN.ps1
$csn = (Get-WmiObject -Class Win32_SystemEnclosure).SerialNumber
$cff = (Get-WmiObject -Class Win32_SystemEnclosure).ChassisTypes
if ($csn.Count -gt 1) { $csn = $csn[0] }
if ($cff.Count -gt 1) { $cff = $cff[0] }
if ($csn.Length -gt 15) {
  $csn = $csn.Substring($csn.Length - 15)
}
$gwa = (Get-WmiObject -Class Win32_NetworkAdapterConfiguration | Where {$_.IPEnabled -eq $True}).DefaultIPGateway
switch ($gwa) {
  '192.168.1.1' {
    $location = 'Norfolk'
    $loccode = 'NOR'
    break
  }
  '192.168.2.1' {
    $location = 'Chicago'
    $loccode = 'CHI'
    break
  }
  default {
    $location = 'NewYork'
    $loccode = 'NYC'
    break
  }
}
switch ($cff) {
   3 { $ff = 'D'; break }
   4 { $ff = 'D'; break }
   5 { $ff = 'D'; break }
   6 { $ff = 'D'; break }
   7 { $ff = 'D'; break }
   8 { $ff = 'L'; break }
   9 { $ff = 'L'; break }
  10 { $ff = 'L'; break }
  11 { $ff = 'L'; break }
  14 { $ff = 'L'; break }
  default { $ff = 'X'; break }
}
$newName = $loccode+$ff+$csn
try {
  $tsenv = New-Object -ComObject Microsoft.SMS.TSEnvironment
  $tsenv.Value("OSDComputerName") = $newName
  Write-Output 0
}
catch {
  Write-Output "not running in a task sequence environment"
}

Option 3 – SCCM Task Sequence + Collection Variable

This example came from a project where the customer had created a device collection for each branch location, which had a Collection Variable “DeviceLoc” assigned, and having deployed a refresh task sequence to each.  So in this scenario, they wanted to merge the script with the collection variable to derive the new name.  Is this ideal?  Not for most people, but due to time constraints it had to work.

$csn = (Get-WmiObject -Class Win32_SystemEnclosure).SerialNumber
$cff = (Get-WmiObject -Class Win32_SystemEnclosure).ChassisTypes
if ($csn.Count -gt 1) { $csn = $csn[0] }
if ($cff.Count -gt 1) { $cff = $cff[0] }
if ($csn.Length -gt 15) {
  $csn = $csn.Substring($csn.Length - 15)
}
$gwa = (Get-WmiObject -Class Win32_NetworkAdapterConfiguration | Where {$_.IPEnabled -eq $True}).DefaultIPGateway
switch ($gwa) {
  '192.168.1.1' {
    $location = 'Norfolk'
    $loccode = 'NOR'
    break
  }
  '192.168.2.1' {
    $location = 'Chicago'
    $loccode = 'CHI'
    break
  }
  default {
    $location = 'NewYork'
    $loccode = 'NYC'
    break
  }
}
switch ($cff) {
   3 { $ff = 'D'; break }
   4 { $ff = 'D'; break }
   5 { $ff = 'D'; break }
   6 { $ff = 'D'; break }
   7 { $ff = 'D'; break }
   8 { $ff = 'L'; break }
   9 { $ff = 'L'; break }
  10 { $ff = 'L'; break }
  11 { $ff = 'L'; break }
  14 { $ff = 'L'; break }
  default { $ff = 'X'; $ousub = ''; break }
}
try {
  $tsenv = New-Object -ComObject Microsoft.SMS.TSEnvironment
  $loc = $tsenv.Value("DeviceLoc")
  if ([string]::IsNullOrEmpty($loc)) {
    $newName = 'CRP'+$ff+$csn
  }
  else {
    $newName = $loc+$ff+$csn
  }
  $tsenv.Value("OSDComputerName") = $newName
  Write-Output 0
}
catch {
  Write-Output "not running in a task sequence environment"
}

Conclusion / Summary

This is only a small sample of all the variations and scenarios many of us encounter.  Other variants include setting the Organizational Unit (OU) path, adding the device to domain security groups, and so on.  I would like to thank John Warnken for the script code he posted on TechNet, which makes it so much easier to deal with the progress bar UI when using custom forms.

I’d also like to say that you shouldn’t look at these and think you need to immediately put them into use.  Test labs are one thing.  But production requires serious review and planning to determine what really makes the most sense.  For example, a lot of customers I work with have persistently used a location code for device names, but when they really assess the business environment, they find many devices roam to different locations, or don’t really stay in any “official” location (home, hotel, on the road, etc.)  And when pressed to explain how the location code provides real value, many don’t have a rationale besides, “it’s how we’ve always done it”.  So think it through.  Ask if you really need to do something like this and if so, why.  Then work on the how aspects.

Do you have other/better examples you’d like to share?  Post a comment below.  Thank you for reading!

Technology

Windows 10 Soup Sandwiches

Version 2.1 (I lost Version 1.0 somehow, from the old blog, but it was focused on Windows 7, 8.1 anyway)

An ad hoc collection of wine-infused recipes to help smoosh Windows 10 like a ball of clay, or like a soggy sandwich.

Disable Windows Firewall (MDT, SCCM)

Disable Windows Firewall (GPO)

Disable Windows Defender (GPO)

Deploy .NET Framework 3.5 with Feature on Demand (GPO)

Enable Controlled Folder Access (GPO)

Create Shortcuts on Desktop, Start Menu (GPO)

Disable IPv6 (GPO)

Configure, Start, Stop Windows Services (GPO)

Block and Disable Cortana (GPO)

Set default Web Browser (GPO)

Waste Time Customizing the Start Menu and Taskbar (GPO, Script, MDT, SCCM)

Configure OEM Support info and Company Logo on Support page (GPO)

Block Windows Store and Store Apps (GPO)

Remove Store Apps during Imaging (MDT, SCCM, etc.)

Remove OneDrive from File Explorer (GPO)

Show File Extensions in File Explorer (GPO)

Show Hidden Folders and Files in File Explorer (GPO)

Show File Explorer Menu Bar (GPO)

Expand to Current Folder in File Explorer (GPO)

Customize and Push BGInfo to Desktops (script)

Customize and Push BGInfo to Desktops (GPO)

Destroy and Annihilate SMBv1 by any means necessary

TLS Configuration Guidelines (hotfix, registry, GPO)

Create and Configure a Group Policy Central Store

Updates 2.1

Add Domain User to Local Administrators Group (GPO)

Add Domain Users to Remote Desktop Users on Servers (GPO)

Modify Registry Key Permissions on Domain Computers (GPO)

Create Scheduled Tasks using Group Policy (script, GPO)

Configure PowerShell Settings using Group Policy (GPO)

Prompt for Computer Name / OSD Variable in Task Sequence (script)

Mass Upgrade Windows 10 using PowerShell (script)

Replicate MDT Boot Images to multiple WDS/PXE servers (script)

Set Google Chrome as Default Browser (GPO)

More to be added (version will be updated too)

Personal, Projects, Scripting, System Center, Technology

Random Thoughts and Stuff

While packing for travel I was having a conversation around the “state of IT” with a friend. So I figured (A) it might be worth jotting down some of the key points, and (B) do it before I fly out, in case some underpaid mechanic forgets to tighten that one bolt that holds the engine onto the wing.  Actually, who am I kidding, that mechanic probably earns more than I do.  Anyhow…

this is rambling, so drink plenty of medication and smoke your wine before continuing.

(travel-packing sidenote: Oreo is 15 years old, and like most humans, used to hate my guts.  Eventually, as daughter number 3 moved out, and I became her sole source of attention and food, she has become my friend.  She follows me around all day.  Every time she sees my suitcase out the night before I travel, she does this.  I’ll need to go over that ball cap with a ball of tape in the morning.)

The Future of SCCM and MDT and EMS

This is admittedly a Microsoft-centric topic. The discussion mentioned above was about “how long” will SCCM and MDT be “of interest” to consumers?  Obviously, I do not own a real crystal ball.  I only have a Dollar Tree knock-off, and I don’t have access to real business data, therefore I rely upon what scientists often refer to as ‘shit talking‘.

I’ll admit, after day 1 at MS Ignite this year, I was feeling the angst.  For example, while riding the bus back from the conference center to the hotel, staring out the window, I kept thinking “why, why, why did I leave app-dev to move into this infrastructure rat race?!  wtf was I thinking?!” and “I hope my dog isn’t chewing up my last pair of flip flops right now.”  It really felt like the job market for anyone walking around a typical IT shop today, would be dried up to around 10% of that volume within 5 years.  And who really knows?  It could go in any direction.  I think everyone is in agreement that there is already a major tectonic shift in play, with traditional operations moving into software-defined operations.  The thought of learning things like JSON, Git, VSTS, on top of PowerShell and Azure, is adding wrinkles to quite a few faces I see.

The mere mention of “new certs” is probably having a measurable effect on the sales of alcohol, tobacco and firearms, which should keep these guys employed for a long time.  For many I’ve known over the years, the feeling is like being shoved onto a rollercoaster by your drunk buddies, against your will, and now you’re approaching the top of the first peak in the run.

After 3 more days, and soaking up session content, food, beer, and more importantly: engaging vendors in deep discussions out on the expo floor, my initial expectations of SCCM/MDT doom were relaxed quite a bit.  Mainly out of realizing the following points:

  • The majority of imaging work I see being done at most mid-sized and large customers is refresh of existing hardware.  The mix of new vs. reuse is cyclical at most larger shops, due to budget cycles and SLA’s about hardware refresh programs.  So at various times in a given year, there’s more new imaging, but for the remainder of the year it seems to be more refresh/reuse.
  • Most of the (above) people I’ve spoken with are very interested in AutoPilot, but quite a few hadn’t yet been allowed access to the preview at the time I spoke with them (I think most are now seeing it in their portals)
  • In-place upgrades are still a minority (far too low in my opinion)
  • The description of “automatic redeployment” got their attention, but most are still tied to the comfort of a “clean wipe and load” for various reasons.
  • Ultimately: Regardless of what anyone says, things which “work” have a very VERY tough time dying in the IT world.  Hence why so many machines still run XP.  I’d also wager my tombstone that Windows 7 will easy to find running on machines in 2027.  That’s because I’m planning to be cremated on a Walmart grill.  But that’s beside the point.

The weeks after Ignite I’ve made it a point to casually interview my customers to get a feel for where they see the biggest and most immediate changes coming.  It’s a delicate thing to ask, since it can easily smell like a sales pitch.  Sales pitches have a distinct odor that is often confused with bus station toilets or dead cows laying in the sun.  However, most of them are well aware of my dislike for sales people in general (some of my friends are in sales, so there are exceptions).

  • The biggest hurdles they have today are keeping up with device models and drivers, patching, moving to some new system for IT operations (ticketing, change mgt, etc.), and endless training of each new-hire who is replacing three who just left.  See what I did there?
  • The single biggest complaint about imaging in general revolves around drivers.
  • There’s still quite a bit of frustration and confusion I hear around Intune capabilities.  Some is related to Intune agent vs. agentless, management; Some is around app deployment capabilities; Some is inventory reporting.

Windows 10

I still spend way too much time explaining Windows 10 servicing models and the naming convention.  They were just starting to grasp CB, and CBB, but now “Semi-Annual” and “Semi-Annual Targeted” are leaving them in one of two modes: pissed off or chuckling.  The most common response I hear from the former is around the constant renaming of things in general.  “Active, Live, Visual, and now CBB, then Semi Annual Targeted, WUS, then WSUS”, and so on.  Their words, not mine.

I’m always surprised to find so many shops still heavily invested in MDT and doing very well with it.  The other interesting thing is that the majority of them assume they’re doing everything wrong and are panicked when I arrive that I’ll redline their papers.  In fact, most of them are doing very well.  They’ve read the blogs, the tweets, bought the books, watched the videos, done the TechNet labs, and so on.  A few have been lucky enough to attend training and/or conferences as well, but that’s a very small percentage.

The pace at which organizations are getting their Windows 10 rollouts moving is gaining speed and volume.  However, the Office aspect has thrown a wrench into quite a few (see below)

Office

This reminded me of a discussion I had at Ignite with the Office team on the expo floor.  It was around the issue of third-party extensions (add-ons) for Office, and how many are produced by small shops which do not stay current with Office versions.  The result I’ve continued to see is a fair amount of shops who can’t upgrade Office until the third-party vendor puts out an update or a new version.  Then there’s the cost factor (is it free or not?).  In many of those cases, the hold-up triggered the IT department to wait on other projects such as Windows 10.

The number of Access applications interfering with Office upgrades has dropped significantly for me in the past 3 years.  Not just the projects I’m working on, but also from reports I get from other engineers and customers.  That’s a good thing.

Controls vs. Controls

I’m still seeing a continued reliance on inefficient control mechanisms with regards to device and user configuration management.  Way too much effort put into the imaging side, and not enough on the environment side.  Way too much on the “nice to have” side, vs. the “gotta have” side.  Not enough attention is being paid to ‘baseline’ and ‘continuous’ control models, and when to use which one, and how best to apply tools for each.  For example, hours and hours spent on wallpaper, shortcuts, and folders in the imaging process, being manually adjusted with each update cycle, rather than letting Group Policy Preferences step in and mop that shit up with one hand.

I’ve had fairly good results convincing customers to drop the continuous meddling with reference images, instead, (at least trying to)…

  • Change the data storage process to keep users from storing anything valuable on their device
  • Remove as many non-critical configuration controls as possible
  • Move continuous controls to the environment (GPO)
  • Move baseline controls to the environment wherever possible (GPP)
  • Move remaining baseline controls to task sequence steps

There are obviously exceptions that require mucking with the install.wim to make a new .wim, but I’m finding that’s only REALLY necessary in a small percentage of the time.  The vast majority of controls I see are voluntary and serve little functional or operational benefit.  Things like hiding Edge, Forcing IE, hiding Cortana, forcing Start Menu and Taskbar items, etc.  Just educate users to avoid them.  Treat them like adults and who knows, maybe they’ll stop urinating on your office chair.  Try it and see.  The worst you’ll get is whining (you get that anyway), but the best (and most likely) outcome is less work for you and less risk of something breaking.

Role and Salary Compression

It not only continues to thrive, it seems to be accelerating its pace.  Almost every customer I meet tells me how they’re expected to do more with fewer people, less training, less budget, and shorter time constraints.  Most haven’t had a significant raise in a long time.  This seems more prevalent at companies which are publicly-traded than those which are not, but it affects both.  Personally, I see a correlation with public organizations and cost reduction priorities over innovation and revenue increase.  Then again, I have no formal training in such matters, so again, I’m probably talking shit.  Again.

Intune

Speaking of Intune.  I’ve been spending more time with it this past week, along with Azure AD, and AzureADPreview powershell module.  I’ve always like the concept of what Intune and EMS are aimed at. The mechanics are still frustrating to me however.  There are plenty of design quirks that drive me batshit crazy.  Like devices / all devices vs. Azure AD devices, and the differences in how provisioning an app for iOS or Android and Windows, from the Windows Store no less.  As Ricky Bobby would say, “it’s mind-bottling”.

Then again, I’m not at all a fan of the “blade” UI paradigm.  The Blade model is (in my humble, semi-professional, almost coherent opinion) marginally efficient for direct touchscreen use, but for mouse and keyboard it blows chunks of post-Chipotle residuals.  I’m sure that will infuriate some of you.  But that’s just how I feel.  Drop-down menus, panels, heck, even ribbons, are more efficient in terms of hand and finger interaction (mouse, touchpad) for operations involving closely related tasks (settings, options, etc.)  Ask yourself if moving ConfigMgr to a blade UI would make it better?  Or Office?  If you think so, try switching to another brand of model glue.

Back to Intune.  I would really look forward to seeing it mature.  Especially in areas like agent vs. agentless device management (it’s very confusing right now, and the differences are weird), AutoPilot, Redeployment/Reset, and expanding the features for deploying applications, remote management (TeamViewer, etc.), and GPO-to-MDM migration.  I’m thinking Windows desktops and laptops of course (if you hadn’t already figured that out).  Phones are great, but nobody, who isn’t masochistic, is going to write a major app using their phone most of the time.  Auto-correct and latent-rich touch screen typing, would cause most PowerShell, C# or Ruby code writers to massage their head with a running chainsaw.

I think I digressed a bit.  sorry about that.

Other Stuff

I’ve spent some after-hours time keeping my brain occupied with scripting and app-dev projects.  I’ve been doing Windows 10, Windows Server 2016, MDT and SCCM lab builds and demos for months, along with real implementation projects, and starting to burn out on it all.  I needed a break, so I’ve managed to get a few things done and few in the pipeline:

I ran across a couple of (seem to be) abandoned Git projects focused on DSC for building ConfigMgr sites, but none of them appear to be factored into a template construct.  Meaning?  That they’re still built on specific parameters, or require extensive customization for various roles, configurations, environments.  I’m still poking at them and forked one to see what I can make it do.  In the meantime, I’m moving ahead with CM_BUILD and CM_SITECONFIG being merged into a new CMBuild PowerShell module.  So far so good.  And when that’s done, I’ll go back to see what I can in that regard with DSC and applying that towards Azure VM extensions.

I’ve come to realize that there’s 4 basic types of southern dialect in America:  Fast, Slow, Twangy and Crooked Jaw.  Think about it, and you’ll see that’s true.

The shortest distance between two points is often the most expensive.

If you never fail, you’re not trying hard enough.

If you fail most of the time, you’re probably in the wrong career path.

I’m on travel next week.  Expect more of the same stupid tweets about mundane stuff.  If you tire of me, unfollow me.  I don’t mind.  It’s just Twitter after all.  I will do my best to keep my camera ready for anything interesting.  I need to watch some air crash documentaries now, to get my mind relaxed for tomorrow.

Cloud, databases, Scripting, System Center, Technology

My Favorite Ignite 2017 Sessions

Just a heads-up: Not all of the sessions I attended or enjoyed most are posted yet.  And some sessions might not have been recorded (expo area mostly).  Also, some of the videos have flaky audio.  Enjoy!

[ PLACEHOLDER FOR ASK THE EXPERTS: WINDOWS 10 DEPLOYMENT AND SERVICING SESSION ]

[ PLACEHOLDER FOR BRANCH CACHE SESSION (when it becomes available) ]

[ PLACEHOLDER FOR EXPERT LEVEL WINDOWS DEPLOYMENT SESSION (when it becomes available) ]

Personal, System Center, Technology

I Finally Got a Nap after MS Ignite 2017

Microsoft Ignite 2017.  Orlando Florida.  September 2017

It’s been a week indeed.  This post might be humorous, and it might not be.  My brain is still re-assembling after a busy week and finally getting some much-needed sleep.  This is a rambling post, so I won’t blame you for skipping it (TL/DR), but if you’re ready, here goes…

20170925_125013_HDR

20170925_124650_HDR

20170927_113535_HDR

20170928_215445.jpg

20170928_140923

20170926_091919_HDR.jpg

The Travel

I flew into Orlando on Sunday.  As I left, my cat gave me the finger and my dog took a dump on the floor near my suitcase, which is how she lets me know she’ll miss me.  All good.  My air travel frequency had died down since July, but I was happily surprised that it was one of the first flights in a while without a single screw-up.  In fact, we arrived ten minutes ahead of schedule.  I stayed at the Renaissance Hotel, which was very very nice, and the staff couldn’t have been more nice.  The flight back home was uneventful as well, and I arrived at midnight to a tiny little airport with my wife waiting in the car outside.

The Techy Stuff

There was a lot to absorb this year at Ignite.  There were plenty of announcements, rumors, corrected rumors, re-corrected rumors, rumors about corrected rumors, and some incredible events that played out, which I had no idea would happen.

There was plenty of discussion about Configuration Manager, the new Intune/EMS capabilities, and co-management of devices.  There were also quite a few sessions and discussions around Windows AutoPilotWindows AutoPilot, and Automatic Redeployment, as well as Tenant-Locking.  There was plenty going on about Azure Cloud Shell (PowerShell), SQL Server 2017 for Linux, updates to Azure Automation, updates to Intune and EMS, Office 365, SharePoint, a new infrastructure platform for Skype for Business, and the big news about Teams moving into a central role.

OVERALL: The sessions I attended were all very well done.  Even with the occasional glitches, everyone recovered quickly and kept moving without a hiccup.  The audiences seemed to be on board with the topics, content and demos as well.

Some interactions that stuck in my mind:

  • Leaving the first AutoPilot session to speak with the Lenovo folks at their expo booth, and the “device management guru” said “No. We’re not committed to AutoPilot, but we are evaluating the benefits and potential.” Then the next day, after session 2 I stopped back for a follow-up and he said “Oh, yeah, we’re in.”  Must have got a delayed memo.
  • One training services vendor rep at the expo kept repeating “we’re not the Toyota of training, we’re the gold-plated Lexus of training.” I immediately went into blank stare mode.
  • I had a great conversation with the SQL Server 2017 folks about the possibility of someday, somewhere, somehow, that we might see support for automating Maintenance Plans via PowerShell.  Not yet, it seems.  But there are ways around it with duct tape and chewing gum.
  • Nice discussion with the Fujitsu folks about their liquid-cooled (immersed) server rack.  The best part was the incredible language barrier.  Note to this vendor, smart as they may be, try to add some staff that speak the native language of the conference location, wherever that may be.  Example:
    • Me: “Have you calculated the return rate to break-even point between air-cooled and liquid cooled?
    • Them: “Yes, it is liquid.”
    • Me: “How much power does the coolant pump draw compared with fans?
    • Them: “Yes, it is liquid.
    • Takeaway:  Cleaner components due to no air-flow dust accumulation, and lower power consumption per time-unit compared with air-cooling fans.  The rack itself is smaller due to not having air-flow channels or fans.  The trade-offs include increased purchase cost and weight, as well as added space for the pump unit.
  • A rambling Twitter thread with David James about where the line between “big” and “small” customer device-management environments might exist, and the ramifications of how best to manage devices in each realm.  More on that another time/post.
  • The “deep dive” sessions on Windows Server 2016 network services changes, BranchCache/PeerCaching by Andreas Hammarskjold, and Windows Deployment and Servicing by Ami Casto, Johan ArwidmarkMikael Nystrom, and Michael Niehaus, were all indeed “deep”, and well-worth pushing the brain as hard as possible to keep up, let alone absorb the information fire hose.  If you watch nothing else from Ignite, at least check these sessions out.
  • I didn’t make it to any Mark Russinovich sessions, but I did catch a few by Don Jones and  Jeffrey Snover.
  • I missed a few sessions I really wanted to attend, due to conflicts with other sessions, nagging work-related phone calls, emails, and Teams chatting, etc.  Such as two PowerShell sessions by Stephen Owen.  But I was fortunate and honored to meet him in person as well as his wonderful wife, before the week was over.  So I can’t complain.
  • Other sessions I attended in Windows Servicing, Azure, Office 365 (Microsoft 365 now), SharePoint, Teams, PowerBI, Containers, and PowerShell were all very good.  I can’t wait for everything to get posted for viewing online.

The Semi-Techy Stuff

My daytime brain power was really really off this year.  After weeks of finally getting settled into a consistent exercise and sleep routine, even with work travel, I suffered a setback that week.  I was not an interesting person to converse with during the day.  At night I felt fairly normal, or abnormally normal.  Or normally abnormal.  Eh.

Until the closing Friday, I averaged maybe 3 hours of sleep each night.  The conference center was kept at a nice and cozy 48 degrees F.  And the combination of insufficient sleep, forgetting to pack long pants and long-sleeve shirts, an unbalanced diet, inconsistent caffeine and hydration intake, and random work-related emails, along with frequent offensive messages from insane coworkers and former coworkers, left me in a zombie state.  At least I didn’t do this.

Quite a few people approached me, all very friendly, and I tried my best to be friendly and talkative, but my brain kept saying inside, “Hey dumb-ass, you know how you didn’t go to bed until 3am and then got up at 6am?  Yeah, I’m not doing that shit anymore.  Let’s find a nice hard surface to make you do a face-plant.”

Sidebar

I watched the new Jerry Seinfeld show on Netflix.  At one point he commented on being able to speak to a group, but not an individual.  That’s exactly how I felt that week.  It was very surreal.

Some years ago, I used to do a fair amount of public-ish speaking. I say public-ish because it was mostly to captive audiences (corporatey stuff). I did speak at one CAD vendor mini-conference back in 1998, to a room of about 500, and it was a blast. If I have an agenda, I can ramble to a crowd, but ad lib not so much.  Anyhow, I got a case of decent wine, and a Chinese-made Swiss army knife as a token of appreciation.  Not sure what happened to the knife.

I have found, through quasi semi pseudo scientific research, that it’s not so much how MUCH sleep I get, but WHEN I get that sleep.  Even a shifting of sleep-wake periods by a half-hour can throw my entire pea-sized brain into a woodchipper.  My normal sleep cycle is 2 A.M. to 9 A.M. (my company and most of my customers are in the Pacific time zone, but I live in Eastern time zone, so it makes my neighbors really curious).  During the conference my sleep cycle shifted to 3 A.M. to 7:30 A.M., and yes, my math also suffered.

/Sidebar

After each day I would try to get a power nap in.  Usually, I’m great at power naps. My dad taught me the trick and it’s always worked.  However, it only works when people don’t call your phone just when you get your heart rate down.

The Personal Stuff

Some of the other interesting moments…

  • Getting to meet amazing people like Stephen Owen, Ami Casto, Johan Arwidmark, Mikael Nystrom, Andreas Hammarskjold, Maurice Daly, and Jordan Benzing
  • A conversation with a valet at the hotel.  Just a cool exchange of funny stuff and both of us went our separate ways in a great mood.
  • A two hour late-night conversation with George, a colleague who shares many of the same life experiences as I:  marriage, dysfunctional families, cancer, brain tumors, the effects of sleep and diet, religion, politics, work stuff, and so on.  I live in an exceptionally red area of a red state, so the opportunities to have a rather unbiased discussion are few.  Anyhow, it was fantastic.

The Random Stuff

  • Compared with Ignite 2016, I had nothing as unusual or random during the after-hours time this year.
  • I was also reminded of something a homeless guy said to me at a conference in Vegas, back in my Autodesk days:  He patted my arm when I was standing on a corner during a lunch break, and when I turned he said “you might be a nobody going nowhere, but it’s getting there that matters.  Don’t forget to pay attention to getting there.”  Then he tried to sell me a plastic water bottle for a dollar.  But it was the thought that counts.

Final Thoughts

  • I was very much caught off-guard by people wanting to meet me at the conference this year.  I wasn’t expecting that at all, which some found to be surprising.  While I appreciate the attention, I wasn’t ready for it either.  So, I hope that if you did run into me that you allow me to do better next time.  If there is a next time.
  • I heard quite often that people think I’m some sort of “weirdness-magnet”; that I somehow attract unusual events, but I don’t think that’s true.  I suspect that I just notice small things more often than most others do.  Human and social idiosyncrasies.  For example, standing in a grocery store checkout line, waiting in a doctor’s office, or riding a bus.  I typically stop to talk with people who are normally ignored in our society: The people who give directions at the conferences, store clerks, bus drivers, hotel staff, airline staff, TSA agents (well, sometimes), police officers, homeless people, random people, Uber and Lyft drivers; anyone who can’t run fast enough to escape my death ray of chatty-ness.  The stuff that most people don’t see while staring at their phones.  Basically: I’m really not that special.

And now I have to re-bond with my dog.  She’s mad at me again.