May 21, 2012

Posts Comments

Virtual Selection : Cloud Constructs for Rapid Prototyping/Testing

February 16, 2011 By 20 Comments

Check out that title. Pretty awesome way to sound smart, right? Well this blog post is another one of my long winded ones and concerns my recent 6 week side-project. So a little warning in advance: This is a long read and a minder-bender in spots. Have a hot or cool drink and some time before you start. I think you will enjoy the ending.

The Idea

I am a firm believer that virtualization and cloud computing are creating new paradigms to approach innovation, operation, and execution within information technology. I find myself inspired by ideas and concepts that would be impossible before the advent of virtualization as a common approach to logical abstraction of x86 compute, storage, and networking. In my feeble mind, I see endless possibilities not only in automation. I also see possibilities in creating intelligent systems; able to respond in way much more organic that we may have thought possible.

It is from this belief that this new idea came to me. The lifecycle of applications and infrastructure has been both very a manual and managed process. Creation, changes, and death (decommissioning) are all things that can be automated; but require prerequisite knowledge to orchestrate correctly. You would specifically know the quantity, scope, and configuration of physical or virtual servers prior to building for an application. Likewise, configured settings and metadata for the application would have been tested and discovered through intense integration and regression cycles by development/quality teams beforehand. All of this would be wrapped around processes and models (ITIL, COBIT) with the goal of ensuring control and accountability.

And I am not proposing that the model above is inherently wrong. Rather, I just think that it may be possible we are missing opportunities for the infrastructure to work for us.

virtselect [Read more...]

Filed Under: Featured, Slider_Featured, Tools, VirtualAppliances Tagged With: , , , , , , , , , , , ,

New Utility: Domain Group Expiration Tool

January 7, 2009 By 3 Comments
Typically Active Directory is managed using th...
Image via Wikipedia

I wrote this tool out a of this simple request:  Why can’t a user’s membership to a domain group expire like their domain accounts can?

At my current employer we frequently need to grant temporary access for a few hours or days to resources.  However, this functionality is not built into Active Directory by default. The issue is that when you grant someone temporary membership to a group there is a real problem about removing that membership. Temporary access is based on a human element instead of an automated process.

As an example, what if your Director of Development comes to you and wants you to grant access to a individual. He/She needs this person to have VC access for group of VMware servers while another person is out sick. So you grant them access, a week goes by and you forget. Now you have an extra user with access they should not have.

But if when you added that user to the group, what if  you could assign a day and time when they lose that access? You could set and forget. This would eliminate auditing and having to keep reminders on these requests.

This tool is two parts. A PHP front-end that is used for submitting requests and a VBS script on the back-end for processing, logging, and alerting on requests. This tool provides the following:

  • Granularity on expiration down to the minute
  • Email alerts to requester and user-defined list (ISO, Managers, admins, etc) for processed additions and removals
  • Request form auto populates with users and groups from domain (no typing)
  • Uses DHTLM Calendar for Date/Time picking

Instructions for installation are found inside the README.
You can find the tool here: Domain Group Expiration Tool

dget

If you found this useful or have questions drop me an email or post your comments here.

Filed Under: Tools Tagged With: , , , , , ,