Life in the Key of E

Many years ago, sometime during high school, I set out to learn guitar. This was in the days before YouTube, so all I had to work with was an antique book of my dad’s. Utilizing that, and eventually the internet, I picked up four or five chords and was feeling pretty good about myself. E (or perhaps E minor, I forget which I learned first) was instantly my favorite. When I played it the sound just resonated with me. As time went on I would learn a couple of basic songs, but mostly I would just wing it, combining different cords to make up a tune. Often this revolved around E.

After a couple of decades I’m still at basically the same skill level that I attained in college. Sure my strumming has improved and I picked up a couple of tricks, but I’ve learned no more chords and still for the life of me cannot remember any actual songs. This has been a source of great frustration for me. I don’t like to fail, and it has bothered me to no end that my mastery never reached the level of others I know. Most guitar players can pick one up and play a favorite song or two, even those that know fewer cords than I do. The majority of my time with the guitar is spent simply playing the E chord, with variations thrown in by lifting one finger to make it E minor. I think it sounds pretty good, and I thoroughly enjoy jamming out in this way, but I definitely feel like a loser in regards to the guitar.

In recent years God has allowed me to see how this parallels my life. I’m a very thought-oriented person. Because of this, I tend to decide who\how I should be and then set out to make that happen. I will work tirelessly in pursuit of the course of action I believe to be best, and throw myself headlong against any obstacle that threatens it. To the great surprise of my adult self, that doesn’t always mean success. There are areas that I was certain were to be my primary focus but I’ve seen very little growth or success in them over the years. This is especially sad because I was doing them in service to God, for His Kingdom. However, there are areas I’ve completely ignored that have flourished without me even paying them direct attention. Those taken-for-granted skills and interests developed naturally despite being secondary in focus. It’s almost like I couldn’t help but be good in them. You might say they just resonated. And, funny enough, they also opened more opportunities to speak with people about Jesus than any of the areas I had tried to force open.

So, what am I trying to say? Follow your heart and be the truest version of yourself? No, that crap comes from Disney movies. Your heart is wickedly deceptive and can’t be trusted to steer itself (Jeremiah 17:9). What I am saying is that you were fearfully and wonderfully made by an infinitely wise God. Seek Him, be yourself, and let Him use it in mighty ways. Don’t feel like you have to pattern yourself after this pastor, or that leader, or some successful person. “God is most glorified in us when we are most satisfied in Him.” (Piper) Be satisfied in Him, content with the strengths and weaknesses He’s given you, and play your song. Even if you don’t know a “real” song like the cool kids.

Quickly Copy AD Group Memberships To A New User

I recently moved into a new role and needed to to be added to a number of AD groups. An often-used method for this is to model a new employee’s permissions after someone already in the same role. For one or two groups it is relatively simple to just do this manually, but as you can imagine it quickly gets tedious when several are involved. For this reason, I whipped up the following PowerShell snippet to ease the pain.

This works by:

  1. Pulling the list of AD groups that user1 is a member of.
  2. Selecting only the memberof property and expanding it to make sure the list isn’t truncated.
  3. Looping through each of the groups to:
    • Extract only the group name from the Distinguished Name (which is the format it comes in from the previous command).
    • Use the extracted group name with Add-ADGroupMember to add our new user to that group.

 

get-aduser user1 -Properties memberof | select -ExpandProperty memberof | ForEach-Object -Process {$groupName = ($_ -split ',*..=')[1]; Add-ADGroupMember -Identity $groupName -Members user2}

Giving God Control(?)

Many times we tell God that we’re giving Him control, then continue trying to drive life ourselves. It’s like asking an expert to guide you through a new city, then holding onto the steering wheel the entire time. Below is an excellent portrayal of this attitude in action by my talented sister Lauren Adlman.

Why God

I’m proud to introduce the first collaborative effort between myself and my sister, Lauren Adlman. This is a cartoon reminding us that the very things we see as failures and shortcomings God is using for His perfect will, and ultimately for our good.

SQL Server “Failed to open loopback connection”

TLDR: If you have the SQL Browser Service disabled then you must also have Shared Memory enabled, otherwise SQL Server can’t communicate with itself.

While setting up a sandbox Always On Availability Group cluster recently I ran into some unexpected behavior. The first sign of problems was that SQL Agent would not start. The service seemed to start just fine but then would immediately crash. In order to troubleshoot that I went to the SQL Server logs, which failed to load. Never in my career has opening the logs been an issue, so my curiosity was piqued. I decided to try running the stored procedure xp_readerrorlog manually to see if that would work. That returned this error:


Failed to open loopback connection. Please see event log for more information.

When Googling for more information, I came across several posts where DBA’s had encountered this error. However, almost every one of them seemed to have hit it for different reasons, and none helped resolve my situation. The most common cause of this error seems to be the one covered by Pinal Dave’s post, concerning version 13 of the ODBC driver. I experimented with that to no avail. This honestly became one of those situations where I became so frustrated that I just had to walk away from it for the day.

The next morning I was idly sipping coffee and just kind of looking over the event logs, and something about how the instance name was listed in the Windows event logs struck me as odd. It wasn’t explicitly specifying the port, and I was using a non-default port with the SQL Browser Service disabled. On a whim I enabled the service and, voila, everything worked. This struck me as odd because it is very common to disable the browser service for security purposes, and I’d never seen it interfere with other SQL Server functionality. I even reached out to #sqlhelp on Twitter (a very useful tip, btw), but no one seemed to have encountered a situation where disabling the browser service caused that type of behavior.

In the end, it was a conversation with my coworker (Todd Libeau) about the issue that sparked the light to resolution. You see, much of the purpose of this sandbox cluster is to see how far it can be locked down. But, as we all know, on that journey you will eventually hit a point where excess security leads to a loss of functionality. So it was in this case. He mentioned that he’d always assumed the Shared Memory protocol was used for that local server communication. Sure enough, I had disabled every protocol other than TCP/IP unless it was proven they were absolutely necessary (turns out it is). I reconfigured the nodes to have Shared Memory enabled and the SQL Browser Service disabled, and all was right with the world.

It makes sense in the end. If the server can’t reach itself by the default Shared Memory locally, it’s going to try and use TCP/IP. But it will not account for the non-default port on its own, instead relying on the SQL Browser Service to handle that. With that service disabled, there’s simply nowhere for it to go.

God Wants Only Your Good, Even When It Doesn’t Feel That Way

One thing that has surprised me as a parent is how often interactions between my kids and myself mirror my relationship with God. Parenthood really gives you a unique opportunity to be on the flip side of the interaction, where you’re now the one trying to work for the good of someone who you love deeply but has no ability to understand the reasons behind your actions.

This weekend we were unexpectedly provided with the opportunity to see this play out in an even more potent form than normal. As a family, we’ve become very active in (nay, addicted to) Pokemon Go. There was a special event, so we charged up everyone’s phones and tablets and headed out to catch them all. It was a great day, things were going smoothly. We’d just stopped at a drink machine to get a little refreshment and were headed back up the hallway of a local church to meet my sister-in-law. A few steps is all it took. My four-year-old son, Caleb, took off running to close the ten feet or so between him and mom. And then he fell. Straight down, with no time to react, he landed directly on his face with both hands to the sides. Screaming ensued, as did parental panic, and Pokemon was over. One of his front teeth was clearly knocked back significantly.

Thankfully our pediatric dentist office has someone on call for emergencies (we didn’t even know they did that), so after describing the situation to the dentist on the phone we headed over there. Long story short, there are two options and the one which makes the most sense is pulling the affected tooth. Caleb wails like he’s getting a root canal when they just clean his teeth, so we knew we were in for fun. We tried to talk it up as much as possible to sooth his fears, but he knew something was up. We hated the thought of it, but still, it had to be done. As we laid him back he was of course scared, and the dentist applied some stuff to numb the area. I kept asking him to look into my eyes, forcing myself to smile and telling him I loved him. I tried asking him about his favorite Pokemon, though he was having none of that. We watched as the dentist pulled a large needle around his back where Caleb couldn’t see it (have I ever mentioned I hate needles?). Still I kept my focus on Caleb’s eyes, both of us assuring him that we loved him and that the dentist was helping make him better. The pediatric dentist was awesome and applied the needle without Caleb seeing it. It didn’t hurt him, but he could feel something was being done so his fear and panic rose. Still we held him, stroked his hand, and told him how this was going to make him better, and how much we loved him.  Finally the moment of truth came. The dentist maneuvered the pliers into place, again very slyly. Seeing what was coming, we told him one last time the dentist only wanted to help him, that we loved him, and that he would be okay. As before, Caleb was numbed but could tell something was happening, and let out a scream the likes of which you’ve never heard (and that dentist will never forget). A few seconds later, which seemed to last an eternity, the tooth was out and Caleb was sitting up in mommy’s arms. We told him it was all over and that now he’d be better and able to eat.

I walked away to check on our eldest, who was in the playroom waiting, and I was physically sick. In fact both me and Amanda were, but we forced it down in order to be there for Caleb. He will likely never know how we felt during that half hour and thereafter. He doesn’t understand how emotionally wrenching it was to make a decision for his health, knowing that it would mean physical pain in the immediate and probably emotional pain long-term as it takes years for the adult tooth to grow in (kids can be cruel). He can’t know how much it hurt us to hold him down, forcing him to participate in something he was scared of and didn’t understand. He didn’t have insight into how nauseous and light-headed we felt actually watching what was going on in his mouth (that he couldn’t see), and wishing there was any other way. Within five minutes he was up and playing, no noticeable difference other than gauze hanging out of his mouth. He was even running to get toy tokens for his suffering, as we begged him to be careful and avoid any further accidents. But two days later I still see his bloody mouth when I close my eyes. I hear his screams and my heart breaks all over. I know without a doubt that we made the right decision, and seeing his recovery and happy play confirms that. But I will always be plagued by dad-guilt for having to put him through it and participate in it. My wife had trouble sleeping that night, and every once in a while we just stop and talk about how horrible it was.

And so it is with God. I know times that I’ve been in pain, facing situations that seemed completely unnecessary. There was no discernible purpose or uplifting silver lining. It just hurt, plain and simple. I saw in the Bible and heard from Church that God loved me, that He wanted the best for me, that it was all for my good. But I felt how Caleb must have lying there, looking through his teary eyes at his dad saying the same thing.  “You say that, but I don’t believe you. If you really loved me you’d put a stop this.” But to truly care for Caleb I had to see him healed, and God also allows for lesser pains in our lives in order to accomplish the saving and healing of our souls. After we got home I took Caleb to the side and assured him that mommy and I love him and Carson more than anything in this world, and that we would never do anything that wasn’t for his good. God does the same for you. No matter the hurt, no matter how cruel you think it is that he’d want you to give up some part of your life, whether you understand what’s going on or not, He loves you in a deep and tremendous way. He hurts with all of your hurts, and I’m sure He longs for the day when you can see all the intricacies behind what seems at the moment like simple indifference. Even greater than my pain of watching Caleb lose a tooth, He watched His Son die in order to accomplish your salvation. Just as Jesus Christ trusted God the Father in that trial, being fully convinced of His love and plan to work for good, we can trust God in the same way and walk forward in confidence knowing that our situation is in His loving hands, no matter how we feel.

Kindle Fire HD8 Review

Background: I recently found myself wanting to replace my iPad Mini 2. It’s around four years old and starting to become sluggish enough to be frustrating. Given the incredibly low price of Amazon tablets on Prime Day, I decided to take a risk and try out the Kindle Fire HD 8. Below are my impressions after using it for a couple of weeks.

The Good

The Price. Being prime day, I was able to get the tablet for $50. Throw in a 64gb SD card plus a cover and altogether the total was around $80, which is the normal selling price of the tablet. Even if it weren’t on sale, you have to consider that to replace my old iPad with the current equivalent it was going to cost me $300, and that is without expanded storage or any accessories. Right away I’m feeling good about this purchase because of the low initial investment.

The Support. Amazon has now retired the “Mayday” feature, but they still have excellent support built right in. I was having a minor issue where custom playlists were not showing up in Amazon Music. You simply go to the Help app and from there you’re able to request assistance by either email or phone under the “Contact Us” section. The representative contacts you, so you don’t have to wait on hold, and helps you with whatever issue you may have. I’ll admit that at first it sounded like a very low-level call center tech, but nonetheless he was able to resolve my issue quickly. This seems like a great feature for the not-so-tech-savvy folks you may want to gift this to.

The integration. One of the reasons I was willing to take a risk on a Kindle tablet is that we’ve become pretty big users of the Amazon ecosystem. I listen to Amazon music frequently. My family watches Amazon Video. And of course we do a ton of shopping on Amazon (who needs Walmart parking lots, am I right?). Being an Amazon product, all of these are first class citizens on the Kindle Fire. Not to mention Alexa, who is quickly becoming like a family friend around our house.

The Hardware/Performance. For $50, there is respectable hardware in this device. The screen is crisp and clear, the apps run well (mostly), and moving around the tablet is smooth (mostly). More on the mostlies in a moment. Also, coming from a completely closed-off iPad, having the option to expand storage with an SD card was a very welcome feature.

The Bad

The Apps (or lack thereof). Number one, chief issue with Amazon tablets is the lack of apps. There’s just no way to spin it. You won’t find any of the Google products you likely rely on, like Youtube. Microsoft ones are hit and miss (Outlook but no OneNote). There are many popular ones that are present, like Facebook, but easily twice as many that aren’t. You can mitigate this by installing the Google Play Store, or using sites like APKMirror. But, (a) this requires a higher technical skillset than many users are comfortable with and (b) it potentially opens you up to vulnerabilities by bypassing the Amazon app store (you have to enable the installation of apps from unknown sources). Where you fall on the techy spectrum and your views on convenience vs customization will affect how much of an issue this is for you. I found it workable but annoying.

The Operating System. Amazon’s Fire OS is really just a modified version of Android, and it’s a complete mess. Forgive me if I sound biased coming from a mostly iOS background, but stepping into Android feels convoluted and disjointed. Don’t get me wrong, there are things about it that I grew to like. But overall I still prefer iOS by far. This is not only because of the greater consistency and aesthetic appeal, but also for security and privacy reasons. Being Android at its heart, Fire OS is victim to all the same issues Android has (ie I’ve never had to install antivirus on a tablet before). I do, however, feel that privacy is more in the users’ hands with the Fire tablets than those completely pre-stocked with Google’s apps and framework.

The Interface. Jumping off of the OS point, the custom interface of Fire OS leaves a lot to be desired. In fact, it would actually be much better if they just left it at stock Android instead of adding their own customization. I realize that much of the intent is to focus you in on Amazon content. (That is, after all, why these are so cheap. They want it to be a gateway to Amazon services.) I would argue, however, that their confusing interface actually makes this more difficult. Want to watch something on Prime Video? You go to the Video tab, right? Wrong. That tab will advertise videos to you, but it doesn’t list your watchlist, etc. I found it much easier to simply go to the actual Prime Video app, which felt more full-featured and more readily presented what I was looking for. In fact, I moved it and everything possible to the Home page so that I could avoid flipping through the various tabs. They aren’t at all customizable, and after a short time became something I avoided completely. Part Android/part Fire OS issue, I always felt like there were multiple ways of accessing similar things and rarely clear rules as to which should be used. On a less important note, there are a litany of small UI issues that are more preference than anything else (ie I still don’t know how to copy/paste correctly).

The Performance. Before I comment on this, let me remind you that this is a $50 tablet. That being said, if you’ve used tablets of a higher caliber then there is a certain level of responsiveness you’ve become accustomed to, even without realizing it. I had rosy eyes going into this experience due to price, Amazon integration, and some of the other points mentioned above. This area was the smelling salts, as it were, that awoke me to reality. Remember how I said “mostly” in the good performance section? When you first turn on the device things are very smooth, surprisingly so in fact. However, as you begin to install apps and put it through its paces that experience quickly withers. It doesn’t become unusable, but noticeably less smooth. My biggest irritation was when exiting apps back to the Home screen. There would be a delay in the icons appearing on the screen. This may sound like a small deal when you read through this, but think about how many times you perform that action throughout the course of using a tablet. Overall this leads to a noticeable amount of lag that is consistently presented to you. Also, in many apps there was a surprising amount of choppiness. One of the reasons I wanted something newer was so that games and such would perform better. However, when I went back and compared the Fire HD 8 to my 4-year-old iPad mini, it was actually performing worse. Hearthstone had run, albeit not perfectly, on my iPad but was almost unusable on the Kindle. Even simpler games like Candy Crush were annoyingly laggy on the Kindle but ran smoothly on the older iPad. Not what you’re looking for in a new device experience.

Conclusions

So, what does all of this mean? Do I think the Kindle Fire HD 8 is a good tablet? Yes. Do I think it’s one for me? No. In fact, I’ve gone back to using my iPad Mini. I’ll likely save up and buy a newer Mini to replace it. Why? Mostly ecosystem, experience, and apps. If you’ve used a tablet that performs well then using a laggy one feels like going backwards. Also, on iOS I have access to the ecosystem that all my other devices use as well as a rich app store. Whether you’re invested in either the Apple or Google ecosystems, you’re going to struggle adjusting to Amazon’s app selection.

That being sad, this doesn’t mean the Kindle isn’t a great device for others. I think it would be a fantastic device for someone who (a) is buying a tablet for the first time and doesn’t have any previous expectations and investments into other ecosystems or (b) simply wants to consume Amazon services. It’s also great if you want something cheap to get beat up. Full disclosure, we have two of the cheaper Kindle Fire 7 tablets that my kids use. For simple children’s games, etc, they’re just right. I’ll likely save this one for when one of theirs dies and let it be a nice upgrade for them.

Could I make the Kindle Fire work? Yes, but I prefer the iPad. And sometimes preference is all it comes down to.

List the Manager Emails for AD Group Members with PowerShell

Below is a quick script I’ve been working on for a colleague. Its simple purpose is to query an AD group then display each member’s username and the email address of their manager. Hopefully this will help others accomplish this common task with ease.

(Update 04/11/2018)

I modified the script to include the employee’s full name and also to sort the output by that name. Additionally, the way I was handling the variable members and naming bothered me. I knew it could be better. So I did some more research and cleaned that up utilizing the -ExpandProperty option for select.

#################################################################################
#Script to pull the members of an AD group and display their manager's email.
#Author: Landon Fowler 
#Date: 04/11/2018
#################################################################################

#Pull in the desired group name as a parameter 
Param 
( [Parameter(Mandatory=$True,Position=1)] 
[string]$ADGroup ) 

#Import the necessary PowerShell module 
Import-Module -DisableNameChecking -Name ActiveDirectory -Cmdlet Get-ADUser

#Create an empty object for display 
$display = @() 

#Get a list of the AD group members 
$groupMembers = Get-ADGroupMember $ADGroup 

#Loop through each user and add their username and manager's email to the display
foreach ($user in $groupMembers) { $manager = Get-ADUser $user -Properties
Manager | select -ExpandProperty Manager $objDisplay = New-Object System.Object 

#Test whether the Manager field has a value, and if it does proceed 
if ($manager) 
   { $managerEml = Get-ADUser -Identity $manager -Properties emailaddress |
   select -ExpandProperty emailaddress $objDisplay | 
   Add-Member -type NoteProperty -name EmployeeName -value $user.Name $objDisplay
   | Add-Member -type NoteProperty -name Username -value $user.SamAccountName
   $objDisplay | Add-Member -type NoteProperty -name ManagerEmail -value
   $managerEml $display += $objDisplay 
   } 

#If the manager field was empty or null, inform that no manager was present 
else 
   { $objDisplay | Add-Member -type NoteProperty -name EmployeeName -value
   $user.Name $objDisplay | Add-Member -type NoteProperty -name Username -value
   $user.SamAccountName $objDisplay | Add-Member -type NoteProperty -name
   ManagerEmail -value "No Manager" $display += $objDisplay 
   } } 

#Display the completed display object 
$display | sort EmployeeName

Getting Started with PowerShell Desired State Configuration (DSC)

As I’ve mentioned in other posts, Desired State Configuration (DSC) is a powerful technology with a lot of potential. However, due to how new it is and how rapidly it’s evolving, it can be difficult to get started and figure out how to accomplish your specific goals. My intention here is not to give an exhaustive look at the ins and outs of DSC (I’m not qualified to do that), but rather to give you the tools to get started and be successful with it .

Step 1: Get a Baseline

After years of cobbling together information, then having to go back later and relearn how to do it the right way, I’ve learned the value of getting the framework right from the start. If you have a strong framework in mind for how something is built and how it’s intended to be used, then building useful things on top of it is much easier. I had the same experience when learning DSC. There is a lot of information on the internet about it, but much of it is “old” and out of date. Also, everyone has their own opinions for how it should be used. Eventually I came across two videos on Microsoft Virtual Academy that put everything into perspective. They are taught by “Jeffrey Snover, Microsoft Distinguished Engineer and inventor of PowerShell,  along with Windows PowerShell MVP Jason Helmick”. This is a fantastic starting point for diving into DSC and I can’t recommend them enough.

Getting Started with PowerShell Desired State Configuration (DSC) – Microsoft Virtual Academy

Advanced PowerShell Desired State Configuration (DSC) and Custom Resources – Microsoft Virtual Academy

Step 2: Working With New Resources

Now that you know all about DSC and how it can be used, it’s time to put that knowledge to work. You eagerly download the module you want to use (let’s say xSQLServer, for example) and are ready to have machines install SQL for you. The first inclination is probably to google it to see how it’s used, which will lead you to github or PowerShell Gallery. Those are great for getting information about the package and its change tracking, but not much use for actually implementing the module. So here you are with a brand new toy and no manual.

Examples

The first thing to do with a new module is always check for an examples folder. Your module was probably installed in C:\Program Files\WindowsPowerShell\Modules.

Opening the examples folder within that module will reveal a list of scripts made by the creating team for various scenarios they see the module being used in. Your mileage may vary depending on the module you’re using and who made it, but generally those produced by Microsoft have useful information. This is where I obtained the example file that my last post, “Installing SQL Server Using Desired State Configuration“, was based on. Again, how much explanation is included within each script is completely up to the discretion of the creator. That’s why it’s important to first watch the videos linked above. Then, whether there is proper documentation or not you can make sense of it yourself.

(Upon further inspection, the examples are sometimes also available on the github site.)

Interrogating Resources

Even when you have an example file that closely matches your needs it’s likely that you will still want to customize it. Many times, the module you are working with will have a resource you need but not an example of it listed in the file. Or you simply want to know what all you can do with the module. As usual, it’s PowerShell to the rescue.

Using PowerShell we can easily find which resources are available to us in a module using Get-DscResource.

After finding a resource that interests us, we can dig further down into its specifics. In order to get more than cursory information, it s necessary to expand the properties field.

From this information we can tell which fields are available to us, what their data types are, and which ones are required.

It should also be noted that you can discover these from right within ISE as well. This is the improvised method that I used before discovering the PowerShell cmdlets above. If you type anything within the resource block that it doesn’t recognize, intellisense will automatically suggest the proper fields to use by hovering over the angry red line.

And, if all else fails, in the end resources are just PowerShell scripts. You can go to their folder and open them like any other file (ie C:\Program Files\WindowsPowerShell\Modules\xSQLServer\DSCResources\MSFT_xSQLServerLogin).

Step 3: Be Brave

Armed with all of this knowledge there is but one thing to do, be brave. Start putting some configurations together, make mistakes, then use the lessons learned to make better configurations. This is an exciting technology in which things are rapidly moving and changing. In fact, within days of my last post (and while writing this one) I discovered that xSQLServer had been retired in favor of SqlServerDsc, and I’d had no idea.

So get at it, make your own creations, keep your eyes open daily for changes, and let me know if you have any questions. I look forward to learning with you.