New Hope for Unemployed/Underemployed IT Professionals in Michigan
by Michael Yockey on Feb.20, 2010, under Jobs and Employment
This post goes out to anyone in the state of Michigan who is looking for IT employment that pays bills and provides sustainable employment.
Michigan’s economy has been been particularity hit hard by the recession caused by the credit crunch, improper meddling with the housing market and the losing auto industry to other rivals other than the big three.
Enterprise employment in the IT sector for Michigan has been defined by the automotive industry; specifically Ford, Chrysler and General Motors. With the global recession less people are purchasing vehicles, which means less manufacturers are buying parts from parts suppliers. Ford, GM and Chrysler are now outsourcing more and more production from outside the United States (The Chevy Aveo, Pontiac G8, Chevy Camero, Saturn Aura/Astra, Ford Fusion, Ford Fiesta, all new Fiat based Chryslers are all foreign cars made overseas or in Mexico). More consumers are turning to US manufactured “foreign” vehicles from Honda, Toyota, Nissan etc. These manufacturers do not generally support union labor, and thus generally are not interested in building facilities in the state of Michigan. The exception to this is Toyota, who has a tech center in Ann Arbor, and Hyundai (who has a tech center in Ypstilanti).
This in turn affects the support divisions in companies; and the first people to get laid off are people who do not directly contribute to revenue of a company. This includes janitorial staff, IT professionals and other support staff.
This has lead to many highly skilled enterprise and SMB IT professionals being laid off and out of work. I personally know of someone who worked for Michigan Caterpillar. He is a highly skilled VoIP professional with over 25 years of information and telecom experience. He has over 15 vendor certifications (CCNA, Avaya certs etc). He can’t seem to find anyone who will hire him in the state of Michigan. It is not that he is not skilled or employable, it is just that there is probably another 200 professionals who have his skill level competing for the same jobs. He now works for a pizza place making $9 an hour with come occasional IT contracting on the side because his unemployment ran out. He cannot move due to a mortgage and children.
Well hope is here in some capacity at least. Two major corporations have announced major information technology hiring initiatives for the state of Michigan. I will highlight these two companies in this blog post.
General Electric Corporation
Which is the massive corporation that runs multiple business lines; from TV/movie/video game production (NBC/Universal Studios), to aircraft engines, to private label credit cards, to wind turbines to light bulbs. Just about every consumer in the United States has used or purchased GE products and services.
General Electric announced 6 months ago that they were building a massive new Information Technology and Collaboration center in Van Buren TWP, MI. This new location takes over the former Visteon Village, which was massively downsized. The concept for GE is to improve GE’s information technology infrastructure to improve communications and collaboration within the company. The company is hiring close to 1,200 IT professionals for paid, employment positions (not contracting – which means paid benefits). The center is called the “Advanced Manufacturing & Software Technology Center”.
GE has set up a website with information on the new facility, with links to apply to jobs posted. GE is posting new jobs every day with the overall goal, according to the Ann Arbor News, to hire 1,200 IT professionals. The jobs posted range from all over the place; to Exchange Administrators, to Business Analysts, Project Managers, Storage Administrators, Unix Admins, Solaris Administrators, Web Developers, Graphic Designers and more.
General Electric was voted the 16th best place to work for recent college graduates by Business Week in 2009.
Link to the Ann Arbor News article
Ascension Health
Ascension Health is one of the largest Catholic based health organizations in the United States. In the state of Michigan the organization has Providence Park Hospital in Novi, and the St. John Health System in Detroit, MI. The company’s IT operations are served by both Ascension Health Information Services and by outsourcing.
Ascension has decided recently to end part of their outsourcing operation and has decided to hire internally for multiple positions. They are planning on hiring over 1,000 IT professionals in the United States by the end of 2009 with an unspecified amount in Michigan.
In Michigan alone Ascension is serviced by AHIS in the Warren and Troy, MI areas. Currently not many job openings have been posted as of yet. I had the opportunity of meeting a senior level IT manager for Ascension at the Walsh College IT Career Exploration Night. She told me that Ascension is in the process of ending their outsourcing IT contract for certain operations and that they are looking to hire over 1000 IT professionals nation wide for a variety of different jobs.
Blackberry Enterprise Server now supports Exchange 2010
by Michael Yockey on Feb.13, 2010, under Exchange Server, portable use
The newest version of BES now supports Exchange Server 2010; You still cannot use Blackberry Professional, so this may be a non-cost effective solution to small and medium businesses.
I am playing around with BES 5.1 SP1 on Windows Server 2008 R2 currently. Pretty impressed with the features over BP 4.1.
Move from Small Business Server 2003 to Server 2008 R2 and Exchange 2010
by Michael Yockey on Feb.10, 2010, under Exchange Server
In the next couple of weeks I will be posting a few blog entries on the way to move from a small business server 2003 organization to a Windows Server 2008 R2 and Exchange 2010 organization. These new server technologies form Microsoft significantly increaee prioductivity, availability and performance over Exchange 2003. Why would I want to move to Exchange 2010 over 2003?
- 64 bit OS. I can build a very powerful server and can utilize over 4GB of ram due to the fact that it requires Windows Server 2008 SP2 x64 or Server 2008 R2 X64. You can utilize terabytes of ram, which could run a very powerful Exchange Server.
- The full version of Outlook Web Access works on Firefox, Opera, Chrome as well as Internet Explorer. I do not advocate using IE as a web browser due to potential security issues with IE. Outlook Web Access is significantly improved over 2003; even if running on Internet Explorer.
- You can now modify other user’s calendars, contacts, e-mails if allowed permission through delegation on Outlook Web Access. In Exchange 2003 you can see another user’s calendar, contacts or e-mail by manually specifying the directory, IE http://www.companyname.com/username/calendar (or contacts, tasks, notes. leave blank for e-mail access). You cannot write or change their shared item however.
- Users can now give non high-level permissions (if granted by the administrator) themselves. You can add groups, new users etc right from OWA!
- Performance is significantly faster.
- Exchange Web Services (which is also available in Exchange 2007 SP1 or later) allows Mac OS X 10.6 and Microsoft Entourage 2008 Web Services Edition (free download from Microsoft.com/mac) to synchronize with the Exchange Server significantly faster vs. running WebDAV. Entourage 2004 on the Mac takes nearly 6 to 7 times longer to sync vs Microsoft Outlook 2003 to an Exchange 2003 server.
- Unified Messaging allows faxes, voicemails (if you have a VOiP PBX)
- Significant improvements in mobile device management, such as remote wipe, data provisioning vs Exchange 2003. Remote Wipe and pin locking were added as a service pack to Exchange 2003 in 2005.
There are several pitfalls of going to move to Exchange 2003 to Exchange 2008. These pitfalls include:
- Exchange SBS 2003 runs off of Windows Server 2003 or 2003 R2 in an x86 environment. Depending on your motherboard support, you can only use up to 4GB of ram on a 32 bit version of Windows Server and Exchange Server (Physical Address Extension gets around these issues sort of; support is very limited to certain motherboards). This deeply can cause issues now that it is common for users to have multi-gigabyte mailboxes. Hopefully you have enabled quotas, correct?
- Exchange 2007/2010 relies heavily on Powershell 2.0; this is like learning a new programming language. Microsoft is trying to push Powershell into everything, including offering Windows Server 2008/2008 R2 as a text only mode. Trying to go after the Unix market I guess.
- You cannot do an in-place upgrade from Exchange 2003 to 2010 (or to 2007 for that matter). The reason for this is that the domain structure of Exchange 2003 is VERY different than 2007 or 2010. Exchange 2003 can sync with an Exchange 2000 or Exchange 5.5 organization through the use of public folders, front end and back end stores. Exchange 2007/2010 uses Hub transports and has NO support in synchronizing with Exchange Server 2000 or 5.5. Exchange 2007 and 2010 are also 64 bit only; it is impossible to upgrade a 32 bit binary to a 64 bit application. You must migrate.
- You should definitely build or buy a new server. Exchange 2010 and Windows Server 2008 R2 should be built on a powerful server running server-class components (dual sockets, high availability server grade PSU, ECC Registered memory, AMD Opteron or Intel Xeon platforms). You will need a new server to tinker with and get working first before you migrate.
- Make sure any supporting software; IE Timeslips, backup software, Blackberry etc work with Exchange 2010. BES 5.1 etc
- Blackberry Enterprise Server 5.1 SP1 DOES NOT support Exchange 2010 as of yet. Supposedly Exchange 2010 support will be coming out in 1Q 2010.
- EMC Retrospect 7.7 Backup Software (newest version) will install and will work on Windows Server 2008 R2 and Windows 7. It cannot understand Exchange mailbox stores yet though, because MS changed the roles of the MB stores in 2010. EMC has stated that Exchange 2010 will be supported around June of 2010.
- Blackberry Professional 4.1, which is free with one user CAL, is similar to BES. It has cheaper CAL costs and doesn’t require dropping $1,500 just for the server software. It however is NOT expected to be upgraded to support Exchange 2010 as of now. Blackberry Professional currently is not available in a 5.x version. Deploying Exchange 2010 in an environment with Blackberry Pro will require probably upgrading to BES 5.1 SP2 ($1,500 plus CALs) OR will require losing functionality and security and just going with an ActiveSync client for Blackberry.
You will also need to make sure that you have a MailHop setup, like DynDNS’s mailhop backup, so when you are switching your Exchange data over you will be able to still receive mail. This requires some working knowledge of MX, or Mail eXchange, records so that when you do the transition you will not lose any new incoming mail.
I will be going through some tutorials and some explanation of the process of moving to Exchange 2010 and Windows Server 2008 R2 from Windows Server 2003/Exchange 2003 in the near future.
Virtulization of Windows Server on Mac OS X Server
by Michael Yockey on Feb.08, 2010, under Virtualization
Ultimate Mac OS X Server SMB deployment
Many small businesses that work in the Art, scientific, video editing, desktop publishing and some web development fields rely on the usage of Mac OS X computers in order to run their creative type businesses.
According to Adobe, over 40% of Adobe’s revenues come from the sale of Mac OS X software products.
But the issue persists that despite wanting to run a pure Mac OS X environment, the reality is that organizations will have to run Windows XP, Windows Vista or Windows 7 in order to facilitate capabilities that are just not available or are severely lacking in Mac OS X.
YYS faced this in 2005 when we were evaluating the usage of our time and billing system. We were using an outdated package for Mac OS 9. It was obvious that Mac OS 9 support was going to be completely eliminated; Apple had eliminated Mac OS 9 support with the introduction of Intel based Apple computers. We had to move to the Windows version of the application, which was updated and completely supported. In addition the accounting software options for Mac OS X are very bleak; Quickbooks Pro as an example is far behind the Windows version. Mac OS X users can only get the generic version of QBP; there is no legal version, or POS version etc for Mac OS X. Many times Intuit will not update the Mac version every year; leaving vital updates (such as new tax tables) not available to Mac users.
If you are running a network that absolutely does not need to run Mac OS X, but has to run Windows then it does not make financial sense to support two platforms, no matter how much the artists, movie people or Mac fan boys in your organization will complain. It will be significantly more expensive to maintain a mixed environment vs. a single domain environment. Mac hardware is significantly more expensive and is far less expandable than equilivent (in hardware) Windows machines. Keep this in mind if you are a startup company. You cannot exactly go out to MicroCenter as an example and buy a replacement motherboard or power supply for a Mac Pro because it is not ATX and is proprietary.
You may like the coolness factor of running Macs, but if you have to run Windows in any decent capacity (more than one virtual machine etc) then the advantages of running Mac OS X maybe null and void. There are plenty of alternatives to Final Cut Pro/Logic/Aperture/DVD Studio Pro. Adobe Creative Suite is faster and more capable running Windows than Mac OS X (example: Photoshop CS4 for Mac OS X does not support TWAIN scanning plugins, though CS3 did?). You have to evaluate as a business owner if the expense and labor of maintaining two platforms is worth it. Are the users are so good at the Apple professional platform that re-training them on a competitive product would be cost-prohibitive?
With the advent of Intel processors on Mac OS X and very powerful hardware for mainstream use, users are now able to virtualize Windows environments on their Intel Mac computers. This is a great way to run Windows applications without having to purchase new hardware; costs are lower than buying a new machine and energy consumption (productivity per kilowatt, revenue per kilowatt etc) are much better with virtualization.
The issue comes with administration of the Virtual Machines. Virtual Machines run full versions of Windows. They must be maintained, updated, patched, locked down etc. like normal Windows computers. They must have anti-virus and security software deployed; it is recommended to run enterprise grade solutions for this setup.
You can run virtual machines, but without running a Windows server component to manage and lock down the virtual machines you then will have issues with rogue software installations, virus issues, malware infections, phishing attempts and unpatched computers. For one or two virtual machines this may not be that big of a deal for a SMB admin. When you start talking 5, 10, 15, 20 virtual machines then you have an issue maintaining all those virtual machines.
The recommendation of this article is to deploy a server based virtual machine environment from VMware or Parallels on a Mac OS X Server Computer running Windows Server 2003/2008/2008 R2 or Small Business Server 2008. You can then deploy and manage your Windows virtual machines.
Advantages of running Windows Server in a virtual machine environment:
- The Mac Pro or XServe is more than capable enough of handling the load of running Windows Server 2003/2008 or Small Business Server. If you load up a Mac Pro with 12 or 16GB of ram it will be more than capable of running Mac OS X Server and Windows Server 2008 simultaneously. The Core i7 Xeon processors in the Mac Pro have Intel Vx Virtualization acceleration technology to improve performance. A dual CPU (8 core) Mac Pro will give the best performance.
- You can now lock down, maintain, patch and deploy group policy to your virtual machines. You can install software updates through Group Policy and Windows Software Update Services (WSUS).
- You can now have Microsoft Exchange Server capabilities if you demand or need those capabilities. Small Business Server is a cost effective solution to deploy Exchange and SQL server. Exchange is far more capable than the built in E-mail, Calendar and Contact servers on Mac OS X Server 10.6.
- Single Sign On capability to allow one username and password for vpn access, e-mail, wifi, Mac OS X logins and Windows logins through the “Golden Triangle” LDAP domain authentication method and the use of RADIUS.
Currently in Mac OS X there are two ways to accomplish Virtualization:
- Client only. This is currently the least expensive way to accomplish virtualization. A free tool, such as Oracle-Sun MicroSystem’s VirtualBox for Mac OS X, would work very well. Virtual Machine files are maintained and stored on the individual Mac computers. The Server will maintain it’s own virtual hard disk file to run Windows Server.
- Please note VirtualBox does not support advanced features of Windows 7, such as Flip3D or Aero Glass due to poor support of 3D acceleration. Parallels or VMWare Fusion (paid products) are recommended if these features are needed.
- Please note that Virtual Box hard disk files cannot be opened in VMWare currently. Please keep that in mind when considering your deployment.
- Client/Server. Such as VMWare vSphere (enterprise virtual machine appliance) or Parallels Server. This allows the virtual hard disk files to be stored on the server and accessed from the Macs on the network. Ideal for users on Mac desktops.
I recommend going client/server because the virtual machines can be individual assigned to any Mac computer and can be moved in case if the Mac stops working, crashes, won’t boot up etc. It will be much easier to backup the virtual hard disks as they can be directly backed up on the server.
If you choose to go with the client/server method please note that all virtual machine traffic will be going across your network. For this reason I can only recommend using this method with the virtual hard disks loaded on the server if you have a Gigabit network with at least Category 5e wiring or using 802.11N for wireless access. “Startup” time on the virtual machine can be exceptionally slow if you are running on a 100BT network or especially an 802.11G network. You also want to be aware that virtual hard disks invoke real hard disk reading and writing on your server’s hard disks; I would highly suggest running a hardware RAID 5 or RAID 6 setup on the Mac Pro or XServe if you are going to host virtual hard disks. Multiple users starting up virtual machines can really task the hard disk(s) on the server. RAID 5 and RAID 6 with a dedicated hardware raid controller will provide fault tolerance and performance over RAID 1 or a single hard disk.
A virtual hard disk should not be loaded on the server for laptop users if they need access to Windows applications from outside the office; that is unless the organization wishes to allow Remote Desktop Protocol support on the individual virtual machines so the laptop users can access them remotely.
This is only a skimming of the possibilities of virtualization on Mac OS X.
Topics on how to set up Windows Server, Group Policy, Mac OS X Server etc are beyond the scope of this posting. Some resources for learning about these topics include: Apple Mac OS X Server documentation, AFP548.com, searchwindowsserver.com, smbnation.com, searchexchange.com and Microsoft TechNet.
Case for and against iPhone usage in the Enterprise/SMB
by Michael Yockey on Feb.08, 2010, under portable use
The case for and against the iPhone in the enterprise and SMB markets
Once upon a time there were only three choices for smartphones. You had the variable Palm OS, Windows Mobile and the tried and true Blackberry smartphones.
The Blackberry is loved enterprise wide for it’s keyboard, messaging capabilities, direct push synchronization (and not with just Exchange; it works with Novell Groupwise and Lotus Domino Server as well) and it’s durability.
Palm was loved because their phones were cheap and worked (Palm Centro). Palm has since abandoned the severely outdated Palm OS in favor for Linux based Web OS.
And Windows Mobile, which at the time (a few years ago) was much more advanced than anything else on the market. I remember when I got my Dell X51v Windows Mobile 5 smartphone in 2005 to test out Exchange Server 2003 capability with mobile phones. I was blown away with the capability and “coolness” of the device.
The 2007 came around and the iPhone came out. Apple fanboys came out in droves to camp out in front of AT&T and the Apple Store to buy the much anticipated device. This was the first major smartphone to use a multi-touch capacitive touchscreen. The first to have a marketplace so users had one area to buy things from (iTunes music store).
Corporate execs started telling their IT departments to allow them to use the iPhone. I had a couple of my users wanting an iPhone. I convinced them at the time however that running an iPhone was a security risk to the organization due to lack of security policy, no Exchange Server support and no remote wipe capabilities. Now with iPhone OS 3.X on the iPod touch, the new iPad and the iPhone, organizations can now safety implement an iPhone into their organization.
This posting will weigh the pros and cons of running a iPhone OS (Mac OS X) based portable device in an SMB and Enterprise based environment.
Pros:
There is no doubt that the iPhone has the wow factor. Now the iPhone allows some enterprise based capability it can safely be used in an organization that deploys Microsoft Exchange Server 2003, 2007 or 2010.
- Exchange ActiveSYNC capabilities; e-mail, calendar, contacts, tasks. Direct push with notifications to the user.
- Remote Wipe capability; through pin locking and initiated remote wipe from the mobile admin site (Exchange 2003) or the Exchange Admin tool in Powershell or Exchange System Manager (Exchange 2007, 2010).
- Security policy acceptance that meets or exceeds the capability of Windows Mobile 6.X devices. Remote wipe can be done without the consent of the user. Windows mobile requires user consent unless if pin locking is enforced.
- Pin locking means that user has to enter in a unique 4 digit pin number when the device is turned on or comes out of sleep. This enforces the user to require device security on their phone. If an incorrect pin is entered in a certain amount of times the device is then immediately wiped and Exchange Server is notified that the device has been wiped.
- Full capable web browser with zoom capabilities. Works well with normal and mobile (WAP) web sites. Pinch zoom capabilities (capacitive touch screen) for zooming.
- No known viruses for iPhone OS. App purchases are regulated and enforced by Apple through the iTunes store. Apple checks all apps for security vulnerabilities and potential abuse.
- Lots of applications. Capacitive touchscreen for pinch zoom capability. Many applications can be used for business use. Largest application collection of any mobile platform.
Now the cons:
1: This is a huge one: Soldered battery. Recent Apple products that are portable all now use a soldered battery (all iPods, all iPhones, all iPads) or a very difficult to replace internal battery (Macbook/Macbook Pro models from 2009 and later). Apple claims that this allows them to make batteries with unusual shapes that allow them to be placed into tighter spaces. Lithium Polymer cells can be shaped into odd shapes allowing this capability. This can theoretically increase battery life between charges.
The problem with soldered batteries is that enterprise and SMB users can no longer carry more than one battery in the field. In addition the user cannot easily replace their internal battery in their iPhone without breaking the device. Apple knows this and that is part of their marketing; the user will get frustrated and will replace the device with a new one. Apple is counting on this in fact to help boost the company’s bottom line. Other companies like Plantronics (Bluetooth headsets) and Creative Labs (portable media players) practice this as well.
I cannot send a user a battery if they are having battery troubles. The only recourse for the user is to go to the Apple store (locally – if there is one) and to request a repair. Apple will charge $100 to replace the internal lithium ion polymer battery in the iPhone; but what they don’t tell you is that this service is not done on site do to the delicate nature of the repair (soldered to the circuit board). The device must be sent in to Apple’s authorized service centers. They will give you a loaner phone, which you then must re-load all your items and re-iniate Exchange services. You must also do a hard reset and let the IT admin that your device needs to be wiped on the previous phone.
A couple weeks later you will get your refurb or your original phone back with the new battery.
Optionally you could send it in to some other repair center or attempt to get out a soldering iron on a delicate $500 device (price without contract).
Adding to the issue is that the organization cannot necessarily keep additional batteries on hand. The organization also cannot usually just go out and buy additional iPhones to have on hand due to depreciation and the high cost of buying a non-contract iPhone.
In addition AT&T and Apple forbid iPhone users from buying insurance from LockLine (AT&T’s provider of insurance). So a failing battery repair has to be purchased at full retail price.
With every other cell phone on the market you can easily remove a door and replace the battery. HTC, Sony Erricson, Sanyo, Samsung all use lithium polymer batteries in their devices that are easily user replaceable. A user can go buy one in the field. Apple’s policy is bad for consumers, horrible for the environment (increases e-waste) and bad for business (increases costs dramatically). It is my opinion that a soldered battery only benefits Apple themselves and their bottom line.
From a business prospective you have to weigh the possibility that if the phone breaks in the field due to a battery issue that you will not be able to help the user right away. A loss of communication could result in a potential loss of hundreds or thousands of lost dollars in productivity and possible revenue.
2: AT&T’s network.
It’s no secret that AT&T’s 3G data network coverage is significantly worse than Verizon Wireless or Sprint in coverage. Verizon and AT&T have been duking it out for the past few months with TV ads that push their perspective. AT&T does have higher theoretical network bandwidth through HSPDA, but their data coverage map is significantly worse than Verizon Wireless. In addition AT&T charges for data roaming, which will be required in certain situations (such as in northern Michigan, parts of Iowa etc) that would not be required for Verizon due to higher 3G coverage.
If Apple allows Verizon to carry the iPhone then this will become a non issue.
3: Apple’s cut of the profits
Apple is the only known cell phone manufacturer that demands a cut of the monthly bill for all users. This is why there is specific iPhone plans for AT&T; and these plans are more expensive than the normal AT&T plans. The unlimited iPhone plan is $149.99 a month. The Unlimited Sprint plan is $99 a month as a comparison. Sprint offers unlimited cell phone calls to any carrier from $69 a month on any of it’s cell phones.
4: Device must be activated in iTunes. Apps can only be deployed using iTunes.
This may or may not be a con, depending on the size of the organization. Apple requires activation of iPhones through iTunes with a wired USB connection to a PC or Mac computer. Mass activations cannot be done, even with the iPhone Enterprise Tool download form Apple.
Apple in addition requires users to use iTunes to install apps on their devices. Administrators cannot push/update/deploy software over the air like you can with Windows Mobile (through Systems Management Server for Windows Mobile) or with Blackberry Enterprise Server with a Blackberry device.
For large organizations this is a major issue; Apple does allow internal development of applications through the iPhone enterprise deployment tool, but users still have to use iTunes to download and install the application or to update the application. Organizations who build or buy specific applications can see how this is a major hurdle; you cannot rely on users to download and install apps themselves. This keeps versioning and systems development lifecycle in constant limbo because the IT team cannot easily manage these devices remotely.
5: No insurance allowed
If a user destroys, loses or just has an iPhone that stops working out of warranty then the organization must pay full retail ($599) for an iPhone, or risk buying a used one on eBay or Craigslist. The user will be eligible for an upgrade if the phone is at least 2 years old however.
The iPhone is the only known cell phone that cannot be insured by a carrier’s insurance plan. Apple DOES offer AppleCare on the iPhone, but this service does not cover theft, loss or accidental damage.
6: Cost per month.
Due to Apple’s demand for a cut of the month AT&T bill the cost of AT&T’s iPhone plans are higher than a non iPhone plan. An unlimited iPhone plan is $129 a month with text messaging and data included.
The iPhone can be “Jailbroken” to run on T-Mobile’s network if the cost per month is an issue. T-mobile’s network coverage is even worse than AT&T’s however.
7: Soldered memory
The iPhone does not use MicroSDHC expansion like 95% of other cell phones on the market. Again this is by design in marketing to “force” a user to live with the limited space on the phone or to upgrade to a larger capacity model if needed.
Android phones, Windows mobile, Blackberries etc have MicroSD expansion, allowing up to 16GB of usable space for music, pictures etc.
8: No non-camera models available.
This is very important for companies that work in non-disclosure, high security and classified situations (US government work, military work etc). RIM makes several non-camera Blackberry models.
9: No physical keyboard available
Studies have shown that physical keyboard input is significantly faster and more efficient for most users on mobile devices. Apple does not currently offer a model with a keyboard.
The iPad will have an optional external keyboard available from it. This keyboard uses the Apple Dock Connector; there is no word yet on whether or not this full sized keyboard will work with the iPhone or iPod touch.
Conclusion:
IT administrators and business decision makers must make the decision to whether or not the potential pitfalls and much higher cost (per month, per broken replacement, per battery replacement) are justifiable with the pros with the device (capacitive touchscreen, accelerometer, advanced remote wipe etc).
Blackberry currently offers full enterprise capability through Blackberry Enterprise Server. For companies who need full control of their smart devices I can only currently recommend Windows Mobile 6.1/6.5 or Blackberry. Only these devices can be totally locked down, controlled, remote wiped (the whole device) and application can be updated and installed remotely over-the-air.
More woes on the AFP Firefox issue
by Michael Yockey on Feb.01, 2010, under Bugs and crashes
There is an update on the FireFox hosted AFP issue that I have uncovered:
When users are rolled back with Firefox 3.57 (by installing FF 3.57 over 3.6) the following issue occurs:
You launch Firefox and you get an error that states “XML scripting is not working; Firefox cannot open the window”.
This basically means that the plug-ins for Firefox 3.6 are still in the user’s Firefox profile directory. These new plug-ins are not compatible with Firefox 3.57. You will have to manually go into the user’s home directory and remove their profile folder and extract a specific file. The issue is that the user will have to be able to have access to their bookmarks. If you delete the profile folder their bookmarks are gone, though that is simpler to do.
To solve this issue do the following. This guide assumes you have the users home directory stored on an AFP server and you have open directory logins:
- The Firefox profile is located here according to Mozilla: http://support.mozilla.com/en-US/kb/Profiles . The Mac OS X Directory is located at /~username/library/application support/Firefox.
- Find and COPY the places.sqlite file. This is the Firefox bookmarks and history database. This file is very important to back up.
- Now take the user’s Firefox profile and TRASH it.
- Now either have the user launch Firefox with their Open Directory login, or change their password and login yourself. Open Firefox and then after it full loads quit the program. Copy the places.sqlite file back into the Firefox profile folder. You will have to do this manually for every user unless if you make an AppleScript to take care of this.
- The program will now work again.
The second option is to go into Retrospect or TimeMachine (or whatever backup solution you use) and restore the user’s profile direct to a point in time before Firefox was updated to 3.6 and then subsequently reverted back to 3.57. How to use backup software is way beyond the scope of this blog posting.
I have updated my Firefox posting on the Apple Support Forums to help with this work-around.
Firefox 3.6 final public build does not work on AFP hosted home directories
by Michael Yockey on Jan.26, 2010, under Bugs and crashes
Some of you are Mac OS X admins and are in charge of pushing out software updates. It is important however that you test these updates in all scenerios before deploying them to workstations.
I tested the newest Firefox 3.6 update on all of our Windows XP systems and a few of our Mac OS X systems. Guess which system had more problems? The Mac OS X Systems.
I have identified an issue, which I posted in the Mozilla bug database, about how Firefox 3.6 interfers with Open Directory based logins. Mac OS X Open Directory (which is Apple’s implementation of LDAP based domain system) allows something called “roaming logins” which places the user’s home directory (Pictures, documents, desktop, Library etc) on the server. This creates problems with some programs as the user doesn’t have administrative access to the Library folder located on the main hard disk drive.
Roaming logins are great on OSX because you can have a user sit at one workstation, and if that station is down or not working then the user can get up and hop onto another computer and their experience, desktop, preferences etc will be available on a different computer.
Firefox 3.6 appears to have broken compatibility with home directories stored on an AFP server. This is not the first time this has happened.
So for now, don’t deploy Firefox 3.6 to computers with AFP hosted home directories. This also might be an issue if you have your Macs authenticate to a Active Directory login (Windows Servers, Mac desktops; no Mac server) and if their home directory is stored on an SMB (Server Message Block; the file sharing protocol for Windows systems).
The program will either not load (bounce on the dock and do nothing), will show only the Firefox pull down menu and nothing else or will spin the beach ball.
I am sure Firefox 3.61 will fix this issue more than likely. You can see my BugZilla post here.
Exchange Server Vs. Google Apps Enterprise
by Michael Yockey on Jan.26, 2010, under Cloud Computing
In the constant quest to lower prices and provide more enterprise type features for the small business many small businesses are looking to cut costs anyway they can. One of the way small businesses cut cost is to move to a cloud based system over a dedicated server system. This blog posting will compare and contrast the benefits and limitations over one such popular cloud service; Google Apps Enterprise vs. The vernable Microsoft Exchange Server 2003/2007/2010 system.
One major application and task for a SMB is the need to have e-mail, calendars and contacts available ant any given time. Many SMB’s will use what is called a Collaboration package to help assist the company in achieving this goal. Many companies will use one of the following packages to accomplish this task:
- Lotus Domino Server
- Novell Groupwise, Open Enterprise SUSE Linux Server
- Apple Mac OS X Server 10.6/10.5 (V-Cal, CalDAV sync)
- Microsoft Exchange Server 2003/2007/2010
Most organizations will choose to go with Exchange Server 2007 or 2003 over other solutions. The particular reason for this is that Exchange Server can cost-effectively be installed using Windows Smalll Business Server 2008/2003 or can be hosted. Exchange can also support pushing data to mobile devices; such as iPhones, Blackberries (with the use of Blackberry Enterprise Server), Android devices or even regular “dumb” phones that support and license the Exchange ActiveSYNC protocol.
The costs of maintaining and servicing a on-site server or servers can be daunting to a SMB however. Allot of SMB’s just don’t want to spend the money. Sometimes the motivation is to eliminate additional personal to improve cash flows. Sometimes it’s security related.
Typically a SMB will consider the use of Small Business Server 2003 or (for new installations) Windows Small Business Server 2008. SBS 2008 combines the most commonly used Microsoft architectures and services under one roof. This includes File Sharing, Active Directory, Group Policy extensions, login scripts, SQL Server, Exchange and Windows Software Update Services.All these services are licensed through the SBS 2008 CAL, or client access license. One SBS CAL gives you a new user right to all of these services.
The cost of setting up a new server, with backup options, proper SERVER GRADE components and licensing can easily cost $2500 to $3500. Typically you would use something that would be a server motherboard, 24×7 certified SATA hard drives in raid, a raid controller, 8-16GB of ram plus a dedicated hard disk or tape backup system and software. You then need to pay for CALS for additional users if you need more than 5 users at a time.
In an SMB you will need a server anyway. Only very small organizations, such as a single ice cream stand or a barber shop, could get away with running a single desktop. So the actual issue mostly is cost and labor.
Into the Cloud….
Running a cloud based system for your e-mail, calendar and contacts offers many benefits. Gmail enterprise offers:
- E-mail, calendar, contact synchronization. Syncs with Thunderbird (2.x only right now) and Microsoft Outlook with an added plug-in
- Web based Microsoft Office or Open Office like capability of editing word processing, spreadsheet and presentations
- 25GB of storage per user
- Google provides security, all data is encrypted with SSL encryption.
- They maintain the servers and pay for the electricity.
- Exchange ActiveSYNC push for iPhones and Windows Mobile Devices. POP3 for Blackberries and proprietary Google Sync direct push for Android and WebOS phones.
- ability to share and allow people to check someone’s e-mail, contacts and calendar. In Exchange we call this “delegation”.
Cloud is great for small businesses. You can have enterprise features for $50 a user per year and you can have basic features you would need without building a server. Cloud is awesome for very small companies (say 3-4 users) or for large companies that don’t care about some enterprise features (explained below).
What is not good about cloud is that the feature set is still far behind Exchange and Microsoft Outlook connectivity. I shall explain:
- You already may have a SBS 2003 or SBS 2008 machine. Exchange is included. SQL is included if you have the premium version. Sharepoint is free.
- OpenOffice.org can be downloaded and legally installed on as many machines as you want if you do not wish to pay for MS Office licensing. You will need MS Outlook 2003/2007/2010 at a minimum to have full exchange features in a desktop application however.
- Despite that Google Apps licenses Exchange ActiveSYNC, Google Apps Enterprise doesn’t support REMOTE WIPE for phones. This means as an administrator I cannot remotely wipe a phone in the case if the phone is lost or stolen. This is especially an important feature for those who work in the medical field, banking or educational field. Stolen sensitive information is much more valuable than the device that was lost or stolen. This is a major limitation to Google Apps. This is true for Windows Mobile, Android
- While Blackberries can connect to Google Apps and share PIM data, that solution still requires Blackberry Enterprise Server, which still requires Exchange Server, SQL Server and Windows Server. Remote Wipe is supported because it is initiated by the Blackberry Enterprise Server’s administration console. You can also use the free Gmail apps available for download from Google (click link above). This doesn’t support remote wipe however.
- WebOS phones (Palm Pre, Pixi) can be remotely wiped, but this cannot be done in a centralized administration interface. The user registers their device with Palm and then initiates the wipe themselves. As we know as IT people, not all users can be trusted to do this on their own.
So the question for SMBs remains. Do you want to live with the limitations of cloud computing with Google, or do you want additional overhead by running your own server? For users with sensitive data the answer is clear; only direct Exchange or hosted Exchange is acceptable to keep sensitive company information from being exposed on mobile devices. Windows Server is still a critical component of the desktop experience to lock down and keep users safe from themselves. SBS includes all the tools you need to deploy enterprise capability.
Because of the inherent legal liabilities of having loose data on cell phones, YYS has chosen to run Exchange. Remote Wipe and device encryption security policies cannot be done through Google Apps at this time, so the cost savings is not worth the risk of liability.
Welcome to Mac PC SMB
by Michael Yockey on Jan.21, 2010, under Welcome & Misc
Welcome to Mac PC SMB.
Hello all. This is the very first post on MacPCSMB.com. This site is devoted to helping small and medium businesses add value to their IT infastructure without having to spend enterprise type budgets.
We all know as IT professionals that deal with small businesses that IT systems and integration usually fall far behind that of large enterprises. The reason for this is quite simple: small business professionals are not IT people. They have to run their business. They are not familiar with the ins and outs of technology. For example, it is common to find some businesses that still use Windows 98 or NT 4.0 or 2000 running Internet Explorer 5 or 6.
As IT professionals we know that running Windows 98, ME or NT 4.0 is extremely irresponsible. No IT Professional would every allow their business to run an operating system that has serious known and exploited security holes. Windows 98 and ME support was ended by Microsoft in 2005; there are zero security patches for that system since that time. A malicious piece of malware could easily invade and overtake those systems and cause numerous theft of information.
But SMB’s don’t always understand the importance of IT systems, why maintenance is important, why backups are important and why having an IT professional is important. The role of you, the IT admin or contractor, is to show these businesses the value of IT and that IT doesn’t have to be very expensive to be valuable.
See more about this site in the about section.
