Service Packs (SPs) have long been an quick litmus test to determining where you are when assessing needed upgrades. You could almost ignore CUs (Cumulative Updates) and use the SP to define where you are and you needed to go. 2008R2 SP3? You’re pretty much all patched up. 2012 SP1? Got a ways to go. But that’s about to change with SQL Server 2017 as Microsoft is doing away with Service Packs, and just releasing sequential updates as CUs.
Microsoft wants to move to a more “agile” method, allowing them to get more updates out faster. Releasing many smaller CUs is faster-to-market and means less patching of odds and ends with hotfixes.
Also, this will just simplify the whole process. Instead of saying 2017 SP3 CU2, it will simply be 2017 CU26 (I just made these up. I am not clairvoyant now, but I will be in the future).
There will be two tracks for updates, the main CU path and a GDR (General Distribution Release) path. GDR path is just security updates (maybe a system-breaking hotfix once in a while). This path will be entirely separate from the normal CU path and you will not be able to jump back and forth between them*.
When Will I Get These CUs?
2012/2014/2016 are all still on the old model. Starting with SQL Server 2017 you’ll see this new servicing model. After RTM, SQL2017 will get a new CU every month for the first year, but will slow down after that. Microsoft’s reasoning is that most of the major fixes are in the first year, so they want to keep ’em coming during this critical phase. For the remainder of the four years of mainstream support, this pace will slow to one CU every quarter.
If you’re on Linux, it’s the same deal. You’ll be able to pull these CUs from the same repositories that you get SQL Server from. This is kind of a big ‘duh’ but I felt it need mentioning.
Sure there is! Lots of odds and ends for you to know. Like:
CUs will accommodate localized content (they didn’t before)
CUs will still be released the same time every month
That’s the week of the 3rd Tuesday, but you knew that
You don’t have to be on a specific CU to be supported.
CUs will not contain any “net new” features.
CUs can be uninstalled from Windows
In Linux, install and run the container from a previous CU to do a rollback
And that’s it. Happy patching!
*You can go from the GDR path to the CU path, but not back again. Once you’re on the CU path, you’re there for good.
While I’m putting together my big update on Inventory Manager, I thought I’d take some time to throw confetti into the air. There may be some excited clapping as well. I warned you.
I largely see myself as platform-agnostic. While I think that certain companies do individual products well, I also believe it’s fair to say that none of them do everything well. I use Android phones and Apple tablets, Linux for home (mostly) and Windows at work. Heck, I’ve got a Roku and a Chromecast because they both do things that the other doesn’t. I’m all over the map, but all over the map is a great place to be, especially in the tech industry now.
Despite all of this, I have to admit I am partial to Free Open-Source Software (FOSS). Give me a choice between Ubuntu and Windows, and all other things being equal, I’ll choose the Debian-based option. I’ll admit my biases.
So, when MS started moving in this direction I was happy. I wanted to see this trend continue, and boy has it. First of all…
When Microsoft announced that .Net was going open-source, I was cautiously optimistic. I’m not a big .Net coder, but I could see the benefit and was hopeful that MS would continue down this path. This lead to some cool things that I thought I’d never see in a million years, like .Net running on Redhat.
There’s understandably some cynicism about Microsoft’s true intentions, as well as their long term goals, but this is the cross-over that I’ve been wanting to happen for a while. Blending the strengths of RHEL with .NET on top is a great start. If the .NET development platform can be ported, why not parts of the Windows Management Framework? We could even one day see…
I didn’t always like Powershell, in fact prior to Powershell 3, I just referred to it as PowerHell. Since 4.0, however, it’s no secret that I’m a fan; one look at my github will tell you that. I like its logical approach to (most) things and that it works for simple scripts quite easily, while being a powerhouse (no pun intended) behind the scenes.
This shell coming to OSX and Linux will be a boon for both systems. While I am, and will probably always be, a bash scripting guy, Powershell in Windows just makes everything so gosh-darn easy. If I could whip up a PS1 script with a few imported modules and attach it to a cron job with ease, then I think everybody wins, mostly me. But, if I decide that I want to use bash instead, that’s okay because…
This isn’t a one way transition. Microsoft is making a trade, bringing one of the most widely used shells to Windows. This not only makes scripts more portable, but also knowledge.
Have some ultra-fast Linux bash script that works wonders? Super, you now have it Windows, too. Wrote a script to do some directory work in Powershell? Great, you now know how to do it in Linux.
There are very few downsides to this, other than the obvious security issues and that it isn’t truly a stand-alone shell (it’s part of Ubuntu on Windows). In any case, it allows interoperability between software from different systems. This is great now that…
This isn’t technically going open source, as it will run inside a container, but the idea that this will now be possible and supported is like something out of my greatest dreams.
I have a maybe-controversial opinion that SQL Server is the best relational database system out there. For all its faults, I’d rather use SQL Server 2005 SP1 than Oracle 12c. Just the way I feel, and for reasons I won’t go into here. I hope the things I like about SQL Server translate to the Linux environment.
The fact that Ubuntu is supporting this with Microsoft is great. I can’t wait to use my favorite OS with my favorite database engine on the same system.
There are other items I’ve glossed over, but these are the big ones to me. Soon, we will be able to run SQL Server on Ubuntu Linux with cron jobs executing Powershell for a .Net application that resides on an RHEL box. *excited clapping* (I warned you.)
There are a lot of free materials out there for learning Microsoft products, and suprisingly (or not?) a lot of them are from Microsoft themselves. I thought I’d take a moment to organize and collect my list of free resources in the hopes that not only will it help me organize and find what I need, but also help others of you who don’t know about this stuff.
The one main source I’m using here is the MSDN MSsmallBiz blog with posts by Eric Ligman. There are a massive number of titles to look at, but I’ve not seen them compiled into one place. Keep in mind that some of these are older and all the links may not work. I will update this list in the future if I find new/interesting free education materials in this genre.
The last group contains quite a few of the previous two sections (but not all, I’ve found). Most are in PDF or DOCX (word) format with a few in portable and non-portable formats thrown in.
MS Office – Powershell 4.0 (this stuff is really good) – CRM – Quick Start Guide group – even more SQL Server 2012
If you’re looking for information on specific Microsoft technologies or if you’re gearing up for an MS cert, check out the Microsoft Virtual Academy. They’ve got kind of a neat gamification thing going on where you get points for completing certain courses.
I’ve stated before that the Mongo environment I am most familiar with is based in Windows. Since MongoDB is Linux-native, this presents its own set of challenges. These include things like not being able to send Mongo output to the syslog (as of 2.6.5) since there is no syslog in Windows, requiring regular intervention to make sure logs don’t get unmanagble in size as well as other odds and ends.
In the case of this post, I want to talk about Kerberos authentication and troubleshooting with a mongod running in Windows, specifically post-2008. This is not a complete tutorial, as you can walk through the one in the mongodb documentation for Windows. This is meant as an addendum for issues and roadblocks I have discovered along the way.
So, why would you want to do this? Why even bother using GSSAPI instead of using the MONGODB-CR, the default? If you’re a Windows-shop, this places the onus of security within Active Directory and within the existing security infrastructure. In the event of say, an audit, you can point to AD as the central point of authentication and this frees up the DBA from being responsible for a separate security infrastructure beyond the roles of users within the DB. If a user gets canned and their AD account is disabled, they won’t be able to log into Mongo.
Setting up Kerberos is a little bit beyond the scope of this article, but you’ll want to make sure that that part is done and you can authenticate with it. In any decent-sized environment this will usually be done already as lots of software uses Kerberos for authentication. This will require an appropriate AD user who can authenticate with Kerberos. I will be assuming that the user doing the administration on the database is the one logging in (which makes sense because you’ll need to log into Windows with the account to authenticate with the database with that account).
If you’re using mongod as a service, then you’ll want to set up SPNs for your account at the command line. SPNs are a combination of Service/ServerwithFQDN:Port ADAccount
Example: setspn -A mongodb/mongoserver.someplace.com:27017 MongoServiceUser
To list all of the spns associated with a particular server use: setspn -L mongoserver.someplace.com
Next, as in the tutorial listed above, start the mongodb without Kerberos authentication enabled (either using –noauth or just MOGNODB-CR) and create a user in the $external db. Note that the username MUST be in lower case and the REALM in Upper Case. This is true for all users you add. AD/Kerberos will reject them otherwise.
If you’re having difficulty getting mongo to authenticate properly, the first thing you’ll want to do is check the mongodb.log file. This is the one that I was mentioning that you have to rotate at the beginning of this post, and is usually located in the mongo directory under \logs\. This will tell you generally what is going on from mongo’s perspective.
Example: 2099-11-11T12:00:100.000-0000 [conn22] GSSAPI authentication failed for someuser@SOMEPLACE.NET on $external ; AuthenticationFailed SASL(-13): authentication failure: saslServerConnAuthorize: Requested identity not authenticated identity
If that doesn’t tell you what you need to know, then you can turn on Kerberos Event Logging in Windows. This populates the Security Event Log with Kerberos information. You’ll be looking for Error Code: 0xd KDC_ERR_BADOPTION or the like. You may see Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED but from my experience this is a red herring and shouldn’t affect most applications attempting to authenticate with Kerberos. To enable Kerberos Logging, follow the instructions below (pulled from https://support.microsoft.com/kb/262177):
Add the following registry value:
Registry Value: LogLevel
Value Type: REG_DWORD
Value Data: 0x1
Note: Make sure you turn this off when you’re done logging as it consumes resources. If you have a lot of authentications via Kerberos you will see a significant performance degradation.
If this isn’t giving you what you need, you can use the klist and klist tgt from the command line. klist will show you all the cached Kerberos tickets and klist tgt will tell you hex of the tickets and your service/target/client/domain etc. You’ll need to use a search engine to determine what’s useful from these for your particular situation.
This is by no means a concise troubleshooting guide, but it should point you in some direction or another. At the very least it will arm you with the most amount of information before you head off to talk to support if you can’t fix it on your own.
*To do this simply add the lines below to your config file: authenticationMechanisms=GSSAPI
Point your mongod instance to this file. F:\mongod --config F:\Directory\configfile.conf --service
I tweeted the other day about Google’s new Chrome Office Viewer Extension (COVE?) that was in beta. It would allow users to see Office documents (as in the Microsoft kind) right in their web browser window. I excitedly talked about how it may move me to Chrome, because I do open a lot of web-hosted word processing documents. It sounded exciting!
Moving from one browser to another would be a herculean task for me, but I was willing to do it for such a neat feature, if it worked as advertised. While importing bookmarks are no big deal, moving my encrypted passwords (some to sites that I don’t even remember I used) and tying a Google account to it are not something that I particularly wanted. But I was willing to give it a try.
I downloaded Chrome on my laptop and desktop and set about getting the extension. However, I have been unable to get the extension to install. Google has disabled it for the two operating systems I use the most: Windows 8 and Ubuntu Linux. I even tried launching Google Chrome in Windows 8 Mode, but to no avail. While this is beta, I can’t be the only one who uses these two OSes, or just one of them exclusively.
This left me rather disappointed and solidified me more into the Firefox camp, where all my stuff resides anyway. Maybe I’ll keep Chrome around for a bit longer just to see what’s changed since I’ve last used it, or wait until the Office Viewer gets a proper release, but Firefox is still sitting pretty in my book. I’ll stay there and possibly try again when this comes out of Beta.
With the headlines about Windows 8 Killing PC sales, and the laundry-list of complaints from tech websites about problems with the OS, you’d think that Windows 8 was the worst thing since, well… Vista. But it’s not. I promise you it isn’t.
It’s old-hat by now. Microsoft releases a new operating system, tech people throw a fit, but a year or so later it’s the standard. That’s the way it was with Windows XP and Windows 7. We’ll ignore Vista for the moment, since that OS had objectively bad implementation, as Microsoft’s move away from that titling system has shown.
When Windows 8 first came out, I kept well enough away. If there’s one truism about OS releases, it’s that you wait for the first round up major updates before you even consider installing it. I have lots of work that I need to get done on my computers and excluding a few test machines, I don’t have time to dink around with drivers and install problems.
One day, my Windows 7 machine crashed hard. After a laborious reinstall process, it turned out to be a hardware issue that I won’t go into here and it got me thinking that it might be time to take the plunge. I had previously had a upgrade from XP to Win7 meaning that I had to install XP first, and then upgrade to Win7 should I need to do a full reinstall. This was a cumbersome method, but I was strapped for cash at the time I made the purchase and I really needed to move away from XP.
So, I bought a System Builder version of Windows 8 and reformatted my recently installed Windows 7 to start over. The install was pretty clear, and guided me elegantly from start to finish with a fluidity that I honestly didn’t expect. I really didn’t have any problems of note on my custom-built rig. I was off and running… kind of.
I’d only used Windows 8 on a display in a store, and for a short bit way back in the developer preview version. Aesthetically speaking, it was largely unchanged, but boy was I lost. The main screen was pretty straight-forward, with all the apps listed across the sliding panel and the “Store” to purchase them in.
Where it really lost me though, was the desktop. See, in the new version of Windows, the desktop is kind of an app on your Start Menu. You click it and you’re taken to the old familiar Windows7-ish desktop you’re probably familiar with, sans the Start Icon. Notification area, Recycle Bin, QuickLaunch, etc are all listed there as per usual. This caused me some problems that I’ll talk about in the Not So Neat section of this post.
I shrugged my shoulders at the desktop and returned to the Start Menu, adding/removing apps to and from it, getting rid of ones that I probably will never use. Sorry, but I’m not ever going to click on the “Shopping”App. Once I had everything, including my two backgrounds and color scheme customized, I was ready to actually start using it. I forced myself to work with it for about a month to give it a chance to impress me (or not!).
As step one I think it’s fair to go through some of the big things that were important to me that I like about Windows 8. There’s a lot of little stuff that it does well, but these are the things that were important to me and maybe others.
First of all, it’s faster. Not in a blazing-your-socks-off kind of way, though it is a definite performance boost. Being someone who upgraded a laptop from XP to Vista, I can tell you that this came as a surprise. This is the first OS I’ve ever upgraded where the upgrade was faster than the previous version. Keep in mind that I had a fresh install of Windows 7 on the exact same hardware prior to wiping and upgrading to Windows 8.
The user interface, while a whole different ballgame from previous versions of Windows, was pretty easy to get the hang of. All apps seemed to work independently of each other, much as you’d expect from a App-architecture and most of them functioned pretty well. Most. (See below for more details) I also had no problem pulling all of the software I’ve used on my Windows 7 system or getting Windows Store equivalents.
All in all, this is the smoothest upgrade I’ve gone through with Windows.* For the most part, everything worked pretty darn well.
Not So Neat
It’s not all sunshine and roses. As with any OS, even those I like, I had a few problems. Win8 has a weird way of going about some things and I try to keep separated what I find genuinely frustrating and what is just different to me. Some things are just fine, but they’re different now and I need time to get used to that. I try pretty hard to avoid crotchety old man syndrome.
The learning curve is a bit of a mess. As strange as it sounds, if you’ve never used a computer before, you’re likely to pick up 8 faster than someone like me who’s been using the Windows platform professionally for a while. At least for your particular needs.
Keyboard shortcuts and the behind-the-scenes stuff has remained relatively unchanged but the layout has altered so drastically that even a week after I started using it I was still lost. I’d open up windows only to close them when I realized that I was heading in the wrong direction for what I wanted to do. I can’t count the number of times I’ve opened the Start Menu just to close it immediately when I figured out that I can’t use it for what I needed.
This leads me into my next complaint, that the interaction between the app-driven Start Menu and the desktop, to use a friend of mine’s description, is janky. If you’re on the desktop and you want to open something that’s in your Start menu, you have to go to the menu and open it. No problems there, but if it’s a desktop-based application, then you go back to the desktop to load it. It’s a full-screen back-and-forth that, while generally smooth, is time consuming and feels inefficient. So far, the only way to get around it is to have an icon in the QuickLaunch or on the Desktop, which kind of defeats the purpose of the really neat (are we calling it Metro now or what?) Start Menu system.
Those Start Menu apps also force full-screen. You can drag them off to one side, a process called “snapping” but some apps don’t support this feature as well as others. It’s best to just keep your apps in full screen most of the time. This isn’t terribly annoying, since most people are used to this now from mobile OS’s, but having multiple pieces of software open becomes hard to manage after a while.
Some apps, like Skype as of this writing, turn themselves off if you go to other software. If I’m using Skype to talk to someone and then I go to a full-screen desktop application, it will cut off the sound. There is a possibility that this is a problem in the Skype app, it was pretty rushed and looks it, though judging from the way that other Windows Store apps act, I’m not so sure. Skype is owned by Microsoft, so it should work perfectly in their new OS, right? Right?
So, after all is said and done, would I go back to Windows 7? Not a chance. Even with its janky nature sometimes, Windows 8 is a step in the right direction. Microsoft needed to do something radical to stay relevant, and this is the OS they needed to make. Short the weird desktop/Start Menu transition, the fundamentals are all there… and then some.
In the future, as with all Operating Systems, there are going to be improvements maybe even some heavy shifts to address some lingering issues (Check out what’s coming in Windows Blue). But, as a release that could have been horrible or have had no attempt to reinvent the OS at all, I can’t complain that much. So far, this is the most I’ve LIKED a new OS redesign in a long while (don’t even get me started on Ubuntu’s Unity), so I guess that’s something. But rest assured, this ain’t no Vista.
*For the curious, the worst was from Win98 to XP. It was just a big nightmare from start to finish. Keep in mind that this too had a lot in common with the Windows 7 to 8 transition in that it was a fairly radical (for the time) change in OS architecture.