Saturday, September 6, 2008

Some principles

Some principles which I strongly believe in (no particular order). All common sense, nothing new, nothing unique or inspiring. But things I believe in, and apply to any postings given here - now or in the future.

Never run as administrator/root. There’s really no need. Applications that “require” it, are (in my opinion) broken. Much can be done with RunAs. All can be done with sudo. Just because you don’t know how to do something as a non administrator, doesn’t mean it can’t be done.

Separate data from system. Keep data at least on a seperate partition (I never use C: for data in Windows, just system and application installations), and where possible, on a different disk (servers obviously an appropriate RAID level). If you use VMWare or any virtualization, the option for seperate disks makes it trivial. It means recovery is easier and less stressful.

Servers are not workstations. Production servers do a role. They’re not a plaything. They’re not for casual use or browsing the internet etc. That said, Windows Server 2008 is a nice OS on a laptop.

Backups. Just do it. If it’s part of your job, then there isn’t anything more important to do at that time. If at home, do it. Work out what’s best for you, but do it.

Restores. Backups are useless if you can’t restore from them. Sample restores at least once per week.

Patch. OS has become pretty easy and reliable these days. Now all those apps - office, firefox, thunderbird, real player (use an alternative), quicktime (use an alternative), java (ugh), flash, acroread (use foxit) etc etc. Especially if it’s a plugin for a browser. Patch it.

Firewall. Use them. And when something doesn’t work “because of the firewall”, figure out why and a solution, which isn’t “turn off the firewall.”

Documentation. If this stuff is your job, then you document it. All changes. Don’t care that it’s boring. Don’t care that it’s tedious. Don’t care that you have something else you’d rather do. Document.

Testing. In these days of virtualisation, there’s little excuse for not having a test environment for testing those changes before production.


If you work in Windows administration, John Craddock and Sally Storey are probably known to you for some of the seminars they have given on Active Directory, and the Active Directory Forestry book.

They’re providing seminars under the title XTSeminars. I hope to be at the Windows Server 2008 one in November. If you have training budget left, haven’t been before and want something deeper than typical Microsoft courses, well worth taking a look at.