Storm watch

Hurricane Isaias is making itself known. Wind gusts are pounding the house, making it shake like a freight train. The girls are up, Missus let them start a movie this morning despite my protests. She woke up early because of the storm and apparently isn’t planning on doing any work till later this morning.

Alerts have been popping up on my phone all morning as our managed servers have been going dark across the board. Internet and power have been dropping across the region as the storm makes its way across the area. It’s not really that much more work for me, since there’s not much I can do about it. Hopefully I’ll be able to get some work done on my two main goals at work: converting a client over to Microsoft’s mobile device management, and building a C++ build pipeline for some embedded controller software.

The RMM vendor that we work with integrated IBM’s MaaS360 product into their offerings two years ago, and we signed on one of our clients for it. It was a bit more involved than we expected for such a small deployment. We had to get a management certificate issues from Apple, which wasn’t too bad, but then we had to manage eleven Apple IDs, one for each user, before we could even enroll the phones. This involved downloading a special management app and profile. The client wanted content filtering on the phones, which meant the deployment of MaaS’s Secure Browser, which involved several more steps. Then we thought we were done, and I just ignored the deployment until about a month ago.

The client contact me about installing a new service app on the phone, and after figuring out how to login to the management portal I found that nine out of the elven mobile devices hadn’t checked in, some in over eighteen months. After contacting my RMM vendor for some support and getting frustrated at their lack of knowledge, I started searching for solutions. I new Microsoft had been offering some options through O365, and since most all of our clients are 365 clients, I thought that any solution that can be managed through it would be a plus. What I found is that the latest MDM offerings, included free with O365, actually gives us a lot of what we need, which is security profiles on the device itself, and the ability to control the software installed on the device. I did a quick test with our O365 tenant and my personal device, and I’ve been holding on to a client phone for about a week to test and document procedures so that they can setup the rest of the devices. I’ve been talking to other MSPs in our network, and let me say that there’s a lot of interest in the fact that I’ve been able to setup federation between O365 and Apple Business Manager.

The other project I’m trying to work on involves setting up automated deployments for a development project. The developer workstations are based off of an Ubuntu 16 VirtualBox image with a custom IDE and hardware libraries installed. The process to setup runs about five or six pages, and hasn’t been replicated by the client, so I’m hoping to go through the document and create a full script that can be replicated to set things up for new employees, or whenever the developer config changes. I’d like to get them up to Ubuntu 18, at a minimum, but the eventual goal is to make sure that we have a build process that exists outside of the IDE and can be automated via a build job as part of the version control process.

The problem I was running into is that my own computing resources are kind of limited right now. I already run my Windows workstation in a Ubuntu KVM instance, so running another VirtualBox wasn’t really an option. So I decided to use some of my Azure credits that I get from my Microsoft Service Provider benefits. I recently used an Azure VM to stage an on-prem domain deployment, scripting it out using Desired Configuration State (DCS). I was able to validate my AD and DHCP scripts on the Azure server, then copy the files down to the on prem server, run them, and have my deployment up and running in about an hour. The scripts will need some improvements before it’s really useful, but it’s a start.

So before I got started yesterday, I decided to explore deploying my VM via the Azure CLI. I went through a couple exercises yesterday to practice, and today I’m ready to get started with the actual projects.

A couple days ago, a marketing employee at Zombie made a comment to me that they were thinking about becoming a technician, and I told her to look at cloud engineer tracks, cause AWS and Azure jobs are among the highest paying and in demand, besides data scientists. Spurred by my own comments, I started exploring the training options for AWS, and started going through the AWS Cloud Practitioner track. The exam is only $120, and why not. I actually prefer AWS over Azure cause of the pricing — good luck finding a $15 a month Azure VM! — and want to really have a handle on it since that’s where I’ll probably be focusing my own entrepreneurial projects. I’m still locked into Microsoft at work, so learning Azure is going to help me, but everything Microsoft does is convoluted and complicated.

Will having a handle on both AWS and Azure make me a double threat? Doubtful, since I wager most large shops will use one or the other, not both, but that’s just my situation now. So I’m stuck between the two. Jack of all trades, master of none.

Leave a Reply

Your email address will not be published. Required fields are marked *