June 3rd, 2019

Pulling a Tyrion

I must preface that the wife and I are watching the entirety of Game of Thrones right now. Not a marathon, really. Just after work as we can. But it sure beats waiting a year between 10-episode seasons, that’s for damn sure.

Obviously Arya is my favorite character.

If you disagree, feel free to stand there in your wrongness and be wrong and get used to it.

To me, second place belongs to Tyrion. And my favorite moments of his are things like this:

And, just now, I want to pull one of those, regarding something I happened to say this evening, while talking to an old friend.

He had to get some sleep, knowing his youngest will be waking him at 6 a.m.

Me, I had a little work to finish.

Which led to:

“IT, man. IT. We build the world while you sleep.”

Or so the wise* man said.

It’s not at all untrue. “IT” is a generic term, but it only takes a moment to try to remember the world before the public internet or general-purpose PCs existed. And we** – networking, hardware, sec, ops, remote hands, pro*** consultants, l3 support, on-staff, full-stack, all of us – literally built the modern world.

*to be determined at a later date
**Obviously I didn’t participate in building early computing/Internet infrastructure when I was 4. But that’s what I do now. Feel free to whinge if you can do the same.

***pro = hired guns for companies with no on-staff, assuming they actually know what they’re doing…people pitching ‘network assessment reports’ need not apply.
In: Music/Movies/TV, OtherNo Comments

May 20th, 2019

The Case of the Unrestorable AD Account

So, funny thing happened to me today.

By “funny” I mean “so maddening I wanted to execute the original programmer so the evil bastard can’t breed.”

So, you know how when you delete an Exchange mailbox, the only warning it gives you is:

Do you want to delete “XXX”?

Turns out that also deletes the AD account.

Wait. Check that.

It instantly deletes and recycles the AD account, bypassing the tombstone waiting period.

So, I had cause to restore one this morning and I usually:

1. Open up LDP, connect everything and grab the GUID
2. Open up AD PS and run get-adobject with the -includedeleteditems switch, to make sure it’s still there
3. Restore-adobject -identity “[GUID]” [other necessary junk]

Simple.

Except I’m getting ‘Directory object not found’ or ‘Illegal modify operation’ or, ‘The requested delete operation could not be performed’ when I was ready to give up and kill the whole thing.

So, literally the only reasonable thing you can do, whether the account was deleted in Exchange on purpose or not, is to adjust the tombstone lifetime to 1, then wait until tomorrow. There’s a nice, straightforward guide on that here, if you’re not familiar.

And on another note, exactly how stupid is it that “isrecycled=true” means that something is no longer in the recycle bin. It makes logical sense with an *actual* recycling bin, as recycled items have to be removed first, but flies directly in the face of decades of training – from the same company – to read “recycled” as ‘still available somewhere’ while the word for ‘nope, you’re not getting that back’ is “deleted.”

Now, I know I could go through authoritative restore, but that was entirely too much to do after I’d wasted so much time on this nonsense, leaving it outside the parameters of “reasonable.”

In: Computers, How ToNo Comments

May 2nd, 2019

Let’s all make a note of this

Yesterday, the Attorney General of The United States said this, out loud, on camera, while sitting in front of the Senate Judiciary Committee:

“[If an investigation is] based on false allegations, the president does not have to sit there constitutionally and allow it to run its course. The president could terminate the proceeding and it would not be a corrupt intent because he was being falsely accused.”

I think we should all take note of this particular moment in time.

Because the simple-language translation of that is: “The president can do anything he wants, and if anyone ever accuses him of breaking the law, all he has to do is say ‘No I didn’t’ and it’s case closed.”

That’s not an alarmist interpretation of what just happened. It’s simply listening to the words and following the logic of those words.

To explain, in an orderly fashion:

  1. Barr is specifically referring to investigations based on false allegations.
  2. Common sense tells you it’s impossible to prove that an allegation is false until after it’s been investigated. Otherwise, it’s not an investigation at all – you’re just taking someone’s word.
  3. Barr is very plainly telling us that the president can decide an allegation is false before an investigation has been conducted or completed. And he does not have to provide independently-verified proof of an allegation being false.
  4. Therefore, the president must be taken at his word, as there are no means to validate his claim that the allegation was false.
  5. If that is true, the president has full legal authority to declare a true allegation to be false. All he has to do is lie (which is not exactly out of the realm of possibility for a politician).**

And that’s how you end up with this sort of thing:

In this country, when someone says “that person committed a crime,” we have organizations like the police and the FBI and the DOJ that are chock-full of professional investigators whose job it is to figure out whether or not an accusation is true, and whether or not that can be proven in court.

In this country, you don’t get to just say “I didn’t do that,” and then demand that the police/FBI/DOJ stop bothering you.

In this country, nobody is above the law.

At least, that’s how things worked up until yesterday.

**Seriously, just try to imagine this happening to you. Imagine you could stop the police from investigating anything you ever did, simply by claiming you didn’t do it. Now, if you’re a GOP supporter, imagine Hillary Clinton, Elizabeth Warren or Bernie Sanders having that power. Still sound like a good idea?
In: News, PoliticsNo Comments

Whois

IT guy, dev, designer, writer.

Got a degree in print journalism from UF but history dealt some bad cards to that industry, so I moved back to an earlier love: the computer.

Was recently at ZMOS Networks, but am now the Senior IT Associate at the Edna McConnell Clark Foundation.

My name is moderately common, as are a couple screen names, so always look for the logo to make sure you're reading something with official Km approval.

You can get to me directly with kyle(@)kylemitchell.org