Press "Enter" to skip to content

Author: Roger Delph

Learning Node.js

Node.js has interested me for the past year, but with the program that I’ve been running for the past nine months I haven’t had a lot of time to invest in learning anything, let alone a new language and thought pattern. I’m excited that I’m finally taking the time to begin learning Node.js as I find the idea of using JavaScript on both the client and server side intriguing. I’m going in with no real expectations of the platform but want to learn something new.

I’m excited to start this journey. Node.js gives me the opportunity to learn a new platform and focus on advancing and refining my JavaScript knowledge. I’ll update my posts as I find useful modules and packages, and with general progress updates.

Never.Stop.Learning.

The Cliff

done_signOver the past seven months, I’ve had the opportunity to work on a security and compliance project that is truly once in a career. The project was of a scale that I have never worked on with a core program team over twelve people and an execution team that numbered in just over a couple thousand. I was averaging over eighty-plus hours a week and had to context switch between technical engineering at the “deck level” to executive briefings and status updates and everything in between.  It challenged me like at no other time in my career.

Two weeks ago, we implemented the final change that closed the project, and since that time I have been reflecting at what we accomplished, and while yes I’m impressed by that, I’m more impressed with how we accomplished it.  In the past few weeks I’ve cut my work hours in half, my responsibilities have drastically reduced and I feel as though I’ve fallen off a cliff.

My reflections on my experiences in this project and many, below are a few of the highlights:

  • Running into the fire we designed a path forward, seeking the expertise around the organization
  • The team built consensus and buy-in as we moved forward, we didn’t have time to do this beforehand.
  • Never underestimate the value of a great Program Manager or Project Manager, never overestimate the damage of a bad one.
  • Firefighting brings out the best in everyone, levels, and titles disappear and a comradery that is battle forged emerges.
  • We must be flexible, but never with our core principles.
  • Always approach leadership with a solution to the problem, be specific in your asks of leadership and know the direction you want to take before approaching them.
  • We must all ask for help. I didn’t do this nearly enough.
  • Communication and PR is not a part time role in a large project, hire a dedicated resource the value will show itself almost immediately.

I am grateful for everyone who supported me during the project, gave me advice, brought me a drink when I was in back to back meetings, and generally was understanding.

In the words of West Wing’s President Bartlet, “What’s Next?”

Chef NTPD Cookbook Released

Automation has always been a passion of mine. I have worked with Microsoft’s Systems Center Configuration Manager (SCCM) in the past for Windows, but over the past few years I’ve wanted a cross-platform configuration tool. My search led me to Chef, and finally within the past month I’ve been able to start reading and learning Chef.

I started my journey to learn Chef at https://learn.chef.io/. The tutorials and documentation is top notch. I was surprised with how quickly I picked up the syntax and structures of a recipe and cookbook. While learning Chef I decided to create a cookbook for configuring the NTPD service.

The cookbook would need to install and configure the NTPD service on a CentOS (or Red Hat) server, and should be fully configurable by an attributes file to make deployment and changes easier. The attributes file must contain all the swithces and configuration options for the service including:

  • Switches for configuring different modes (client, peer server, etc.)
  • Logging options for the NTPD service and time drift logs
  • The NTP Servers to synchronize time against

The default attributes file configures the service to be a standard client and is fully hardened with the Red Hat and NIST standards. I went overboard on the comments, and the attributes file is self-explanatory with a bit of basic NTPD Service knowledge.

As part of the process, I learned a lot about unit testing Ruby, automated build pipeline with Travis CI, Chef’s own food critic for code style, and Vagrant for creating a local virtual test lab. I’ll write more about these components in later blog posts.

You can check out the cookbook in the Super Market: https://supermarket.chef.io/cookbooks/ntpd, or you can pull a copy from my GitHub at: https://github.com/rogerdelph/cookbook-ntpd.

Overall I enjoyed the experience of learning Chef, and highly recommend it. Check out my cookbook and let me know what you think!

Agile Inceptions for Projects

Agile methodology has been changing the technology industry for the past decade, and over the past few years I’ve been applying more and more agile structures and principles to infrastructure, security and project management.  The last several projects I’ve been involved with we have been using an “Inception” style kick-off.  This has allowed us to align all our teams and stakeholders to the project goals, identify potential roadblocks and create the deployment milestone mapping. It has worked far better than traditional kick-off and planning meetings of the waterfall era.  This post will walk you through a typical inception, the activities we’ve been using and hopefully provide you with framework that you can use and modify to your own needs.

Change is a Constant, Embrace It

Around here, however, we don’t look backwards for very long. We keep moving forward, opening up new doors and doing new things… and curiosity keeps leading us down new paths. - Walt Disney

The quote above is one of my favorites and embodies one of my core tenants and beliefs. Change is going to happen. As leaders one of our roles is to usher change into an organization be it through technology, process, the people we hire or by our actions and our inactions. Change is how we leave our mark on an organization.

When approaching an opportunity to effect change, I tend to sketch out answers to the following questions:

  • Why do we need to improve?
  • Why are we doing what we are doing today?
  • What is the desired outcome/end state?
  • What is the business benefit of the change?
  • What are the likely roadblocks?

This allows me to know why and where we are in the position we are in today and why and where I want us to be in the future. The how is missing. It’s missing because it’s easy to get lost in the how.  Once I know the direction then I can start thinking of “how we get there”.  This also allows me to involve others without having created a path and therefore not tainting their thoughts with my own. It also gives others the ability to embrace the change as their own, and they now have a stake in its success.

The preference should always be given to building consensus and buy-in when implementing change.  This does not mean you seek permission, but you lead others to your position and shared ownership of the change emerges. The alternative is to affect change by dictatorial fiat, and while your change may be implemented you will be the first under the bus if anything goes wrong.

My Geek Code

When I first started out in IT, I was lucky enough to find Wil Wheaton’s original site that contained a BBS called “Teh Soapbox”. This site lead me to a little known Geek Code standard. Yes the standard is out of date, but seriously its the Geek Code!  If you don’t know how to decode the code then check out the site.


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CM/E d- s++:++ a C+++(++++) BLH++ P+ L+>$ E--- W+++
N--- o- K+++ w++++>$ O++ M++ V-- PS++ PE++ Y++ PGP t+++
5-- X+ R++ tv++ b++ DI++++ D---- G+++ e h- r+++ y+++
------END GEEK CODE BLOCK------

I have included this code block on nearly every personal website that I have created, and thought it was about time to include it here.

Formatting Strings in Powershell

Formatting strings in PowerShell is easy, just include the variable inside the string and it does it automatically, right? What about when you are using variable values (i.e. $ds.count)?
Then you have to write an ugly line of code like:

I’m sure your thinking, ah that’s not too bad. But what if you had four or five value strings to put together? There is a better way to concatenate strings with variables values, it’s called Formatting a String. This is accomplished through .Net, and looks like:

And it works with more than one value:

The basics of the String.Format Method is to provide an indexed set of overloads into the string. Each overload is represented by the {0} notation, where the number inside the curly bracket is the indexed location of the overload. To read more about the method, check out the MSDN Article.

Creating XML Documents from Powershell

We all know I have OCD when it comes to formatting. Using the built in PowerShell cmdlets (Export-XmlCli) to export XML left me with a mess of an XML Schema that I couldn’t apply a XSL Transform to. I needed something that would allow me to control the schema, and insert the XSL declaration. After doing quite a bit of online searching and research, I decided to try using the .NET class System.XML.XmlTextWriter. The code sample below is the basic snippet using the class and creating a document.

A couple of notes:

  • $filepath will need to be set to the full file path, using “.\” will not work.
  • If you are creating a complex file, you will want to note which tag you are closing with the WriteEndElement.

Service Accounts, A Necessary Evil

Service Accounts are a necessary evil in systems administration. They tend to be shared across members of a team, have access to sensitive data and critical infrastructure. Yet, most companies have minimal safeguards in place for these accounts, and even less policy and procedure in place to govern these accounts. Service accounts don’t need to be a security threat, with a few simple Group Policy Objects and a little planning these can be the most secure accounts in your domain.

Disable Autorun GPO

In my past life as a consultant, I ran across an unusual exploit that was created when someone added an autorun.inf to the root of the company shared drive. This exploit infected the systems with malware that was easily removed, but it could have been worse. As a result, I have created the following GPO to disable autorun at all of my clients, and is one of the first things I check when I start at a new company.

The settings for the GPO are located under Computer Configuration | Policies | Administrative Templates | Windows Components | AutoPlay Polices. The two settings are:

  • Default behavior for AutoRun: Do not execute any autorun commands
  • Turn off Autoplay on: All Drives

This policy is not invisible to your users! If your users have become accustomed to autorun working on certain DVDs, or CDs they may think something is wrong with their system. As always, communicate with your users about the changes you are making.