Thursday, December 4, 2008

MBA > IT Certifications

Background:
Several years ago I was presented the opportunity to pursue my MBA at a significantly reduced tuition rate. Despite the savings through tuition remission provided by my employer, it was still expensive and therefore meant not spending that money on other career pursuits such as IT certifications.

Since that decision, I have self-taught any IT skills that I needed while I pursued my MBA, switched employers, had two daughters and a few other things.

The Problem:
I believe that the combination of IT and MBA is a significant and unique differentiator. Unfortunately, "unique differentiator" is very rarely listed on job postings where a variety of certification acronyms are. Please don't get me wrong, I understand the level of expertise a certification represents and I understand the desire of employers, and specifically the HR departments, to find candidates which fit a profile (usually the profile of someone who just left). Unfortunately (and I realize the irony of the next statement), a few letters appended to the end of your name does not effectively mean anything. This is not necessarily the fault of the potential employee as they've obviously made some amount of effort to obtain the letters, but it doesn't necessarily mean competence, on the job knowledge, or any real ability to solve an IT problem.

As HR (or the automated application matching computer systems) trys to match acronyms on postings with acronyms on resumes, high schools, technical training schools, vocational schools, community colleges, book publishers and training websites have found a potentially huge revenue stream. High school students take classes and are taught to pass the CCNA exams and are considered qualified for jobs despite no practical or on the job knowledge or skills.

A colleague of mine pursuing his CCNA met a young guy at a certification testing center who was testing for one of the highest Cisco exams available. The young man admitted that he had no practical experience, did not feel comfortable with actual equipment and was fearful of failing the lab portion of the exam. He had never managed a network.

Why MBA:
Not wanting to be pigeon-holed into programming, or databases, or networking, I decided to be an IT generalist; a jack of all trades who focuses more on IT's ability to impact the business. The fact of the matter is that their are innumerable resources to help with every conceivable technology problem (forums, books, Google, blogs, etc), but there are very few IT specialists who can analyze a business or a business process, help determine the problems, determine the solutions, construct proformas and executive presentations, plan the project and lead the solutions team.

Saturday, October 11, 2008

Enabling Domain Password Changes in OWA 2003

Problem(s) Addressed:
  • Users of Outlook Web Access do not receive notification of soon-to-expire or expired passwords and lack the ability to securely change their domain password without VPN technology.
  • Outlook Web Access no longer displays the ‘Gold Bar’ notification of expiring passwords

Solutions Presented:

Step 1) Enable Password Change Button within the OWA Options
Step 2) Configure OWA to handle already expired passwords or requirements to change password on next login
Step 3) Enable ‘Gold-Bar’ notification within OWA

Step 1) Enabling the Password Change Button within OWA Options:
1. In Administrative Tools, open Internet Services Manager (IIS)
2. Right-click the default Website and create a new Virtual directory
3. Follow the creation wizard using IISADMPWD in the alias box
4. In the directory box. type c:\winnt\system32\inetsrv\iisadmpwd and then click Next
5. Verify that only ‘Read’ and ‘Run’ Script check boxes are selected , click Next and Finish
6. Right click and verify virtual directory has only basic authentication (default) and change the application pool to ExchangeApplication Pool
7. Start Registry Editor (regedit) and browse to HKLM\System\CurrentControlSet\Services\MSExchangeWeb.
8. Find the OWA key or create a new key ‘OWA’ if one does not exist
9. Locate the DisablePassword value and change data to 0. If value is not present, create a new DWORD_Value to add the DisablePassword subkey (and set to 0)
10. Stop and restart IIS (interrupts OWA service)

Step 2) Configuring OWA to handle expired passwords or password change requirements:
If you are not running Windows 2003 SP1, you must apply the 833734 hot fix to handle accounts with already expired passwords . After applying the hotfix:
1. Open a command prompt and type type regsvr32 c:\windows\system32\inetsrv\iisadmpwd\iispwchg.dll
2. Change directory to C:\inetpub\AdminScripts
3. Type cscript.exe adsutil.vbs set w3svc/passwordchangeflags 0 (Enables password change through SSL connection)
4. Type cscript.exe adsutil.vbs set w3svc/PasswordExpirePreNotifyDays 0 (Delays password expiration notifications until password is expired)
5. Stop and restart IIS (interrupts OWA service)

Step 3) Enable the Golden Bar expiration notification within OWA:
1. Open the Active Directory Schema MMC and note the Operations Master Role
2. Use the ADSIEdit tool and Choose Connect To and choose Schema as the naming context making sure you are connecting to the Operations Master server identified above.
Expand the Schema container making sure all attributes are displayed. Find the attribute named PwdLastSet (cn=Pwd-Last-Set) and select properties. In the list find isMemberOfPartialAttributeSet and change this to True. Choose OK.

The Purpose Driven Blog

I've tried a blog before....four posts in and it was an utter failure (probably because those four posts occurred over several months and consisted of the words 'Test' and 'This is my first blog post'). The problem was purpose. As life has gotten busier I have found myself forgetting the day to day IT solutions that I, or my company, have developed or embraced. This is rather unfortunate as I've had a wide variety of IT experiences. So, this blog intends to be somewhat of a personal wiki...a living resource where I can reference the cool things I've found, learned, or developed. Whether it is useful for someone else is something I can only hope for but realize that I'm one of approximately one hundred gagillion blogs by IT guys (and gals) talking about the stuff we do.

I hope to include commentary and thoughts on some of my passions and unique perspectives on the business of IT...namely how business can/should adopt new technologies, or at a minimum, adopt Web 2.0 concepts such as hive intelligence, user generated content, social collaboration, transparency, and open source initiatives to gain competitive advantage in IT, Marketing, Brand Development, etc.

Every now and then, if I find something particularly humorous and indicative of my personality, passion, or sense of humor, I reserve the right to post it.