March 2010. I've been with my company for about a month. The first week I had to use my own personal laptop. After that I inherited a well-traveled Dell Precision M630 Mobile Workstation. A miracle of engineering, the M630 manages to stuff more heavy superfluous packaging into a larger chassis than any computer manufacturer ever dared to do before. Big gorgeous screen, real graphics card, decent processor. Not bad all around.
But now it's March and I have an email, "your new computer is here. Drop off the loaner and we'll get you set up." Great news! Knock on a locked door, hand my loaner to the man who opens it, door closes. Proceed to twiddle thumbs at desk for next two hours.
Nodding off, a voice from behind, "Here you go." No explanations, no talk, just "here it is." It helps when you seek out your IT people and talk about your old life doing their job.
"The dashboard was full of esoteric lights & dials & meters that I would never understand — but there was no doubt in my mind I was in a superior machine." That's a quote from Hunter S. Thompson, but it accurately describes my feelings in the moment I held the machine for the first time. Rounded edges and beautiful blue glow from the status lights. Like a Cadillac convertible, it also weighed a ton. Considering my new role included extensive travel, I made a note there and then to purchase a good laptop backpack.
The next 30 minutes with the machine was one of the largest let downs in recent memory (#firstworldproblems). Strike one, is that XP? But it has a Vista logo sticker...what...oh, okay; IT policy. Wait, the logo is really big, log in and yes that's right, my dim bluish 17" LCD is 1440x900. The M630 was 1920x1200. The difference is really more than real estate as I can see the pixel pitch and it makes text look terrible. Even worse, the software I need to be able to demo has some GUI overflow with less than 1024 pixels in the y direction. Plus, it's imaging related, so grainy is not an adjective you want customers using. Okay, so what is on the screen is a little disappointing. At least it has guts, right...right?
- Core 2 Duo, 2.4 GHz, Dual Core - Meh
- 4GB DDR2 800 - Okay
- Nvidia Quadro 3700M, 512MB - Yeah!
- Real 6 pin Firewire 1394a - Booyah!
- 160 GB, 5400 RPM - UNACCEPTABLE
I've learned to deal with the limitations of the hardware. It's not fun, but you learn to get used to pushing the power button and then going and getting a cup of tea. Slow hard drives are fun this way.
A series of events pushed me down my bad modification road. First, I was working with some networking things. Odd things weren't working, like SSH or WINS and Bonjour discovery. Okay, what's the issue? McAfee HIPS, installed by ePO along with VirusScan and such. I don't have anything against McAfee and ePO is truly powerful stuff, but the high command decided I should not have the ability to change firewall exemptions. Being a former IT guy in an ePO environment, I did the only thing that made sense at the time; frminst /forceuninstall. Replace with Microsoft Security Essentials.
I ambled along for a while with XP. I really tried. I even did some Rainmeter prettiness (Metro UI aka WinPhone7 theme at the time). Installed and used some slicker fonts including the Windows Vista/7 standby Segoe UI. I continued to have real issues finding the combination of hotkeys, nVidia panels, and Display properties every time I had to do a presentation. Eventually, it all wore thin. XP just wasn't cutting it. Problem was, the machine was joined to a domain I wasn't sure I had privileges to rejoin. I found some forum posts about Lotus migrations (arg, Lotus; that will be another post). There was also the small matter of not having the product keys for Office. This kept me at bay for about 6 months. That's when an opportunity fell into my lap. Going through the packets that came with the machine, out flopped the Windows XP and Windows Vista discs. Sure enough, there was a Vista product key on the bottom of the laptop.
I had discs to go up (and back if I had to), and a big external to backup my data to. If all went pear-shaped, I could just nuke the machine and have IT rebuild it and I could put my precious ones and zeros back. Took the machine home one weekend and babysat an Upgrade install. Much to my surprise, all went swimmingly. Took 4 hours to do a 70 minute install, but that was expected considering the piss-poor platters that perturbed me daily.
Fun fact, Vista today kicks more ass than should be allowed in "failed" technology. Service Pack 1 turned the half-aborted Quazimoto into a sprightly marathon man. Not a sprinter thanks to the hard drive, but good God that new network stack does some real magic. Network drives were quick, Lotus was a whole new class of speed. Even better; monitors, projectors, and televisions were detected and put to work with unflappable ease, and application windows lept around as if on springs fueled with cocaine. Life was good. I even got a big drive for my desk and started using Windows Backup a la Time Machine complete with previous versions. Particularly useful as previous versions saved me twice from overwritten working files that were better than the final ones and a full restore brought me back after a registry crippling install-gone-wrong.
It's almost two years later now. Vista was a great companion, but in the end I just made the next step. My work bought Windows 7 Ultimate for me to put on a test workstation as I studied for my MCTS. After I got the MCTS and had other plans for the workstation, it just made sense to put 7 to work day-to-day. So for the second time in two years I did an upgrade install.
In the end, my status is this:
Windows XP -> Windows Vista Business (x86) -> Windows 7 Ultimate (32-bit)
Why not 64-bit? Because our VPN doesn't have a 64-bit client that works with our gateway. (Tried stuck at home one day, 7 64-bit client was a no go, but I did find a Leopard client that I shoehorned on to Snow Lion). Also, our software doesn't have a 100% 64-bit release yet, so to fully support all the modules and hardware I need to run the 32-bit copy natively.
Last week I dumped Microsoft Security Essentials, dug into IT's fileshare (which I once found in my address bar autofill for My Computer), and ran the FramePkg.exe. This gave my machine back to the gods of ePO. The nice thing about ePO is that the way its collections are run, my machine should pop right back into the tree like it never left. Much like AD, the only thing an interested party may stumble on is that my kernel version is NT6.1 not NT5.1. Most people don't go looking for those things, so it should go unnoticed. I was happy to see that after Collect & Send Props, Get Policy, Enforce Policy and a restart that I had Virusscan and HIPS again; but this time I could make exemptions and temporarily disable both when needed.
Why did I dump MSSE? Because I saw a popup in the notification area that said "MSSE has determined your Windows is not valid, click here to fix this issue." Now I'm no dummy, I don't click things without knowing where they go. No equation wether malware patched MSSE, clever internet popup, or sheer incompetence in Microsofts continually terrible Genuine Software campaign made MSSE worth keeping. And that made it a good idea to load up McAfee to do some scanning. On top of that, my Windows Firewall domain policy was OFF thanks to GPOs expecting HIPS to be there instead of Windows Firewall.
In the end, I'm back to nearly full compliance. Sure I'm running a completely different OS than my computer was delivered with, but everything else is right down the party line. Now one last conundrum, when I turn this machine back in, what do I do? Do I shrug and feign ignorance? DBAN the thing and feign paranoia?
In the end, I think I'll just send my IT guys this link and let them chuckle at my crassness. Nothing to correct, nothing to punish right?
Much love,
Mark and BeastieBox2.0
A series of events pushed me down my bad modification road. First, I was working with some networking things. Odd things weren't working, like SSH or WINS and Bonjour discovery. Okay, what's the issue? McAfee HIPS, installed by ePO along with VirusScan and such. I don't have anything against McAfee and ePO is truly powerful stuff, but the high command decided I should not have the ability to change firewall exemptions. Being a former IT guy in an ePO environment, I did the only thing that made sense at the time; frminst /forceuninstall. Replace with Microsoft Security Essentials.
I ambled along for a while with XP. I really tried. I even did some Rainmeter prettiness (Metro UI aka WinPhone7 theme at the time). Installed and used some slicker fonts including the Windows Vista/7 standby Segoe UI. I continued to have real issues finding the combination of hotkeys, nVidia panels, and Display properties every time I had to do a presentation. Eventually, it all wore thin. XP just wasn't cutting it. Problem was, the machine was joined to a domain I wasn't sure I had privileges to rejoin. I found some forum posts about Lotus migrations (arg, Lotus; that will be another post). There was also the small matter of not having the product keys for Office. This kept me at bay for about 6 months. That's when an opportunity fell into my lap. Going through the packets that came with the machine, out flopped the Windows XP and Windows Vista discs. Sure enough, there was a Vista product key on the bottom of the laptop.
I had discs to go up (and back if I had to), and a big external to backup my data to. If all went pear-shaped, I could just nuke the machine and have IT rebuild it and I could put my precious ones and zeros back. Took the machine home one weekend and babysat an Upgrade install. Much to my surprise, all went swimmingly. Took 4 hours to do a 70 minute install, but that was expected considering the piss-poor platters that perturbed me daily.
Fun fact, Vista today kicks more ass than should be allowed in "failed" technology. Service Pack 1 turned the half-aborted Quazimoto into a sprightly marathon man. Not a sprinter thanks to the hard drive, but good God that new network stack does some real magic. Network drives were quick, Lotus was a whole new class of speed. Even better; monitors, projectors, and televisions were detected and put to work with unflappable ease, and application windows lept around as if on springs fueled with cocaine. Life was good. I even got a big drive for my desk and started using Windows Backup a la Time Machine complete with previous versions. Particularly useful as previous versions saved me twice from overwritten working files that were better than the final ones and a full restore brought me back after a registry crippling install-gone-wrong.
It's almost two years later now. Vista was a great companion, but in the end I just made the next step. My work bought Windows 7 Ultimate for me to put on a test workstation as I studied for my MCTS. After I got the MCTS and had other plans for the workstation, it just made sense to put 7 to work day-to-day. So for the second time in two years I did an upgrade install.
In the end, my status is this:
Windows XP -> Windows Vista Business (x86) -> Windows 7 Ultimate (32-bit)
Why not 64-bit? Because our VPN doesn't have a 64-bit client that works with our gateway. (Tried stuck at home one day, 7 64-bit client was a no go, but I did find a Leopard client that I shoehorned on to Snow Lion). Also, our software doesn't have a 100% 64-bit release yet, so to fully support all the modules and hardware I need to run the 32-bit copy natively.
Last week I dumped Microsoft Security Essentials, dug into IT's fileshare (which I once found in my address bar autofill for My Computer), and ran the FramePkg.exe. This gave my machine back to the gods of ePO. The nice thing about ePO is that the way its collections are run, my machine should pop right back into the tree like it never left. Much like AD, the only thing an interested party may stumble on is that my kernel version is NT6.1 not NT5.1. Most people don't go looking for those things, so it should go unnoticed. I was happy to see that after Collect & Send Props, Get Policy, Enforce Policy and a restart that I had Virusscan and HIPS again; but this time I could make exemptions and temporarily disable both when needed.
Why did I dump MSSE? Because I saw a popup in the notification area that said "MSSE has determined your Windows is not valid, click here to fix this issue." Now I'm no dummy, I don't click things without knowing where they go. No equation wether malware patched MSSE, clever internet popup, or sheer incompetence in Microsofts continually terrible Genuine Software campaign made MSSE worth keeping. And that made it a good idea to load up McAfee to do some scanning. On top of that, my Windows Firewall domain policy was OFF thanks to GPOs expecting HIPS to be there instead of Windows Firewall.
In the end, I'm back to nearly full compliance. Sure I'm running a completely different OS than my computer was delivered with, but everything else is right down the party line. Now one last conundrum, when I turn this machine back in, what do I do? Do I shrug and feign ignorance? DBAN the thing and feign paranoia?
In the end, I think I'll just send my IT guys this link and let them chuckle at my crassness. Nothing to correct, nothing to punish right?
Much love,
Mark and BeastieBox2.0
No comments:
Post a Comment