kill the noise

I’ve been asked by a few people how I keep up with everything going on in Twitter and Facebook.  Simple answer: I don’t.  It’s impossible, and I would completely wear myself out trying to wade through all the noise in those worlds to ever hope of finding something of value. If you want to use Facebook or Twitter as tools of communication and connectivity, you have to be intentional about killing off the noise.

Here are some guidelines that I follow to keep noise down.  If you have any to add, feel free to speak up.

On Twitter:

I use Twitter clients that allow me to sort people I follow into groups. I have 4 groups: Friends/Locals, NewPointe staff, people that I want to learn from, and CITRT folks.  Not everyone that I’m following is in those groups either, and that’s OK.  If someone posts a tweet that’s a big deal, chances are that it’ll get re-tweeted enough to the point where I’ll see it.

Rarely will I “follow back,” or follow someone simply because they started following me. You may think that’s rude and self-centered, and you’re certainly entitled to your opinion.

I turn off email notifications (except for direct messages). I mean, it’s cool that I’m getting followed by one more person, but I don’t need an email to tell me that, and it’s just as likely that someone un-followed within the same 10 minutes.

On Facebook:

My Facebook status is synced to Twitter.  Let me stress that the ONLY reason my Facebook status gets updated is because Twitter Facebook app does it for me, otherwise my feed would be a barren wasteland of “…”

I became extremely intentional about cutting the noise out of my main Facebook feed.  If someone’s feed contains a consistent array of low-to-no-value stuff (“wondering what type of ice cream to buy!”), a barrage of silly apps (“What kind of <insert_noun_here> are you?”), or if they constantly invite me to be a pirate or gangster or whatever, chances are I’ll hide them from my feed.  I’m also a big fan of “blocking all invitations” from people who love to invite their whole friends list (or spamvite) to take a quiz or become a fan of something.

I receive absolutely NO email notifications from Facebook. None. I mean, have you SEEN that list of email notifications you can possibly receive from Facebook? Good grief, you could DROWN in that amount of email. Do yourself a favor and turn that stuff off.

Adding SSL to ServiceDesk

One of this year’s short-term projects was getting our installation of ServiceDesk plus set up with SSL.  I had an opportunity do to this last night with a cheap SSL cert from GoDaddy ($25 for a 2-year cert…can’t argue with that), so I thought I’d go through the process here in case anyone wants to go this route, or in case I ever need to go this route a second time.

- cd to <ServiceDesk_Home>\jre\bin ( if you’re running Windows, ServiceDesk_Home will be commonly C:\AdventNet\ME\ServiceDesk)

- Generate your keystore:

keytool -genkey -alias <your_alias_name> -keyalg RSA -keystore sdp.keystore

Note: Your alias can be whatever you want it to be, just be sure to remember what it is because you’ll need to reference it later.  For simplicity’s sake, we’ll name the alias domain.com for now.

When you create your keystore, you’ll get a few prompts along the way.  A couple of them are worth talking about:

Enter keystore password: Put a password here.  This will allow the Tomcat web server to access your keystore.
What is your first and last name? DON’T put your first and last name here. This is actually where your common name (CN) goes.  As always with common names, use the EXACT FQDN that your users will type to access your site. (servicedesk.domain.com)

The rest of the prompts will be standard SSL questions — organizational unit, organization name, city, state, and country.

- Next, you need to generate the CSR:

keytool -certreq -keyalg RSA -alias <your_alias_name> -file certreq.csr -keystore sdp.keystore

This will generate a CSR and put the file in <ServiceDesk_Home>\jre\bin.  Use that CSR to get your cert from GoDaddy.  Make sure you select ‘Tomcat’ as your web server when downloading your certificate.

The ZIP file that contains your certificate will also contain three other files:

gd_bundle.crt – GoDaddy bundle certificate (we won’t be using this)
gd_cross_intermediate.crt – GoDaddy cross-intermediate certificate
gd_intermediate.crt – GoDaddy intermediate certificate
servicedesk.domain.com – The SSL certificate for your server

You’re also going to need GoDaddy’s root certificate.  I used the Legacy ValiCert root certificate and had zero problems.  You get get it here. Now we’re ready to start importing certificates.

- Import your root certificate:

keytool -import -alias root -keystore sdp.keystore -trustcacerts -file valicert_class2_root.cer

- Import your cross intermediate certificate:

keytool -import -alias cross -keystore sdp.keystore -trustcacerts -file gd_cross_intermediate.crt

- Import your intermediate certificate:

keytool -import -alias intermed -keystore sdp.keystore -trustcacerts -file gd_intermediate.crt

- Finally, import your server’s SSL certificate:

keytool -import -alias <your_alias_name> -keystore sdp.keystore -trustcacerts -file servicedesk.domain.com.crt

- Move the sdp.keystore file you created from <ServiceDesk_Home>\jre\bin to <ServiceDesk_Home>\server\default\conf

- cd to <ServiceDesk_Home>\bin and run the following command to change the port and protocol that Service Desk’s web server runs on”

changeWebServerPort.bat 443 https

-Finally, fire up your favorite text editor and open <ServiceDesk_Home>\server\default\deploy\jbossweb-tomcat50.sar\server.xml.  Find the single occurrence of “keystorepass” and change its parameter to the password you used when you created your keystore.

- Restart your ServiceDesk Plus installation.

That should be it.  Open up a web browser and go to the FQDN of your ServiceDesk server (don’t forget your https://)  You should get your login page without any certificate prompts. Congratulations!

One little extra I did on our ServiceDesk installation was to install IIS on the server and have it answer port 80 and forward it to https://servicedesk.ourdomain.com … that way I don’t have to tell users to remember their https, thus making the change as transparent as possible.

I hope this works for anyone who decides to use it.

9 steps towards standardization

Why 9 steps?  Because that’s how many different models of PC we’ve eliminated from production so far this year.

One of my goals this year was to make as big a leap as possible towards standardizing NewPointe on one laptop model and one desktop model.  At the beginning of this year we had fourteen different desktop and laptop models on our office, and five different manufacturers:  Dell, HP, Lenovo, Compaq (old-school) and E-machines (yes, E-machines…gross).  I’d list them here, but I don’t have the complete model list in front of me and I sure can’t remember it (here’s your sign, Dave!)

After doing a few hours of homework and looking over what we could afford, how much we need to buy, and what machines we could possibly keep, we ended up replacing all of our laptops with Dell Latitude E5500s, and we replaced 75% of our desktops with Dell Optiplex 755s.  So in the end, our model layout looks like this:

Desktops: Dell Optiplex 755, HP dx2200
Laptops: Dell Latitude E5500, Dell Latitude D820, Lenovo ThinkPad T61

From 14 models down to 5…that’s a HUGE deal from a support standpoint.  Standardization makes it easier for me to train, and easier for our end-users to learn because now that they all have the same model of machine (for the most part) they can also learn from each other (shared knowledge is powerful!)

If you haven’t made a move towards standardizing your equipment, you should give it a serious look.

WiFi-enabled thin clients for F1 Check-In

With the increase of visitors at NewPointe, we decided a few weeks ago to deploy additional check-in stations to help with traffic flow.  One of the challenges in this project was to make these stations wireless so that they could be moved as needed.

To make this happen, I ordered 4 HP t5730 thin clients with PCI expansion units, Proxim 802.11a/b/g PCI cards, and all the usual F1 Check-In goodies. Most of our office staff is out on vacation this week (which is a great time to IT guys to get projects done), so I decided yesterday to put one of the stations together so I could create a master image and also so I could document the process.

So, for your geeky reading pleasure, here is the build process for making/imaging/prepping a F1 Check-In station our of a HP t5730 thin client with WiFi capabilities.

A couple thoughts before reading:

• Fellowship Technologies does not support Windows XPe, and therefore the processes described below come with no guarantee or warranty from Fellowship Technologies or myself.  I’m just telling you what’s worked for me.
• Proxim WiFi cards are not a must.  I used them because we use Proxim APs. However, an 802.11a wireless connection is a must if you want to have any hope of F1’s Check-In app working well in a crowded room.
• I did not discover all this by myself.  Credit is heavily due to the following folks:
  • Sid Emory from Fellowship Technologies for hanging in #citrt and helping to bring all this about.
  • Justin Moore, for creating/blogging the original documentation on for F1 Check-In on t5730s.
  • Ian Beyer, for killing off several brain cells while discovering how to get .NET 3.5 to install on his t5730.

That being said, let’s get started.

1. Attach the PCI expansion unit to the thin client using the included instructions.
2. Get all your peripherals connected except for the Zebra printer…we’ll do that later.
3. Power up. Hold the shift key down when you see the Windows boot logo and keep it held down until you see a login prompt.
4. Log in as Administrator. Password is ‘Administrator’.
5. Change the Administrator password.
6. Disable the Sygate Security Agent, and don’t turn it back on. Ever.
7. Disable EWF. Commit the overlay if prompted, and reboot.
8. Log in as Administrator again.
9. Download and install drivers for your WiFi PCI card. For our Proxim a/b/g cards, I installed both the drivers and the Proxim Client utility, but elected to use Windows Zero Config to make the actual WiFi connection. It works quite well, and you can still use the Proxim Utility to get diagnostic info from the card.
10. Get your WiFi card pointed at the proper SSID. In my experience so far, once you do this with Windows Zero Config, your selection will stick even when you image the system.
11. If you need to, download and install drivers for your touch screen.
12. Download drivers for the Zebra printer. Open the self-extracting file so that you can extract the driver files, but cancel the installer program once it starts. Connect your printer via USB and use the Add Hardware Wizard to load the driver files.
13. If you want to make any other minor adjustments, this is a good time to do it. This is where I turned on SNMP and set the community string so I can monitor these units readily if the need arises. Also, go ahead and set the machine’s hostname if you’re not planning on imaging it.
14. Reboot. While you’re at it, go find yourself a flash drive that is at least 2GB. You’re about to need it.
15. Log in as Administrator again (if you logged in as User accidently, you can just hold the shift key down while logging out, and you’ll get a login prompt.)
16. Insert your flash drive and make note of what drive letter gets assigned to it.
17. In Control Panel > System, click on the Advanced tab and open your Environment Variables. Make the following changes:
    1. In User Variables, change your TEMP and TMP values to ‘d:\’ (where d: is the drive letter that was assigned to your flash drive.
    2. In System Variables, change your TEMP and TMP values to ‘d:\’ (where d: is the drive letter that was assigned to your flash drive.
18. Go to http://support.microsoft.com/ph/548 and download the latest version of the .NET Framework. Run the installer. Installation will be SLOW, but it should work. Why? The .NET install package is 200-some MB when it’s compressed, and when the install process tries to expand that payload to TEMP/TMP, it chokes up the flash drive. However, since we changed the location of TEMP and TMP in our environment variables, the installer has a whole 2GB of space to work with.
19. Go grab a cup of coffee or a Danish (or both) while the install runs. You’ve earned it.
20. Once the .NET installation is done, reboot.
21. Download and install the F1 check-in application. Do NOT start the F1 check-app after installation. From a working check-in station you need to grab “C:\Program Files\Fellowship Technologies\Fellowship One Check-in 2.5\<latest version>? and copy that over to your thin client. The folder <latest version> will be comprised of 4 numbers separated by decimals, such as “2.5.0.9”
22. On your thin client, remove any shortcuts automatically created by the F1 installer and create a new shortcut to “C:\Program Files\Fellowship Technologies\Fellowship One Check-in 2.5\<latest version>\FellowshipTech.Application.Windows.CheckIn.exe” I dropped this shortcut in “C:\Documents and Settings\All Users\Desktop” so that it was universal.

Side note: If you’re a geek (and you must be if you’re still reading), you want to know why we just did the last two steps.  Justin Moore explains it well…

By default, the F1 check-in application launches AppStart.exe which runs an update process to grab any patches/fixes from the F1 servers. This update process relies on the BITS service in Windows, which is NOT included in the HP t5730 XP Embedded image.

23. Enable EWF and reboot. Let the system automatically log in as User this time.
24. Start the F1 Check-In app and verify that it works. You’ll most-likely get an error about a printer not being available. This is because F1 defaults to LPT1 to look find a printer. Once you get to the menu, you’ll be able to select the printer you want to use. You may want to set up a “test activity” or adjust the schedule of an existing activity so that you can do just that.

Once you’ve tested everything to satisfaction, your thin client is ready to be imaged! There are a lot of different ways to go about this. I went the easy/slower route and used the HP ThinState Capture utility in the Control Panel. Do use ThinState, you’ll need a flash drive that’s 2GB or larger. Simply follow the instructions and you’ll be good to go. Also note that once you image your master machine, it will automatically sysprep on the next boot, so you’ll need to follow the prep instructions below as if you were copying the image to a new system.

When you build a new check-in station using this image, there’s some light prep work that will need to be done before it’s ready. Here’s what you’ll need to do.

1. While windows is starting, hold down the Shift key until you get a login prompt. This will give you a login prompt instead of automatically logging you back in as User.
2. Log in as Administrator using the password you picked out before imaging. (You DID change your password, right?)
3. Verify that your WiFi card is connected to the proper SSID.  It may take a minute or two.
4. Change the hostname of your thin client if you need to.
5. Right-click the EWF icon in the System Tray and select Commit.  Reboot the machine.
6. When the thin client reboots, let it log back in automatically as User.
7. Start the F1 Check-In app. You’ll be asked to verify your church. Do so and then open an activity so that you can print a couple test labels.
8. Exit the Check-In app. Log out of Windows while holding the shift key.
9. Log in as Administrator.
10. Right-click the EWF icon in the System Tray and select Commit. What this does is commit to flash any changes that were made while the system was running. This is important because the credentials you entered at the church verification screen fall into this category. If you didn’t commit this info to flash, you’d have to enter F1 credentials every time you start Check-In.

All done! Your check-in station is now ready for action.

I’d love to know whether or not this works for you, and I’d also love to know if you tweaked this process to make it better.  Drop a comment if that’s the case.

Light work

Note: This post is a personal spiel re: the past week and a half and the challenge of Christmas Eve lighting that was wrapped up in it.  And just so you know, it’s LONG.

For someone who was embarrassed about going so long without posting on his blog, I did an excellent job of not posting lately.  Don’t think I haven’t been bored though.  The past two or so weeks, many NPCC staff (including myself) and volunteers have been gearing up for Christmas Eve.

So what was the IT guy doing on Christmas Eve?  About a month or so ago, Danny asked me if I would be interested in setting up and programming some rented intelligent fixtures for our Christmas Eve services.  Now I’ve run lights before here and there, and by that I mean I’ve set scenes with plain old dimmers and 4 fixtures with I-Cue units on them.  I never dreamed I would be programming intelligent lighting gear, or fixing it for that matter. (more on that later)

Set-up

The fixtures (or “luminaires” if you’re fancy) arrived on December 15th: Four Studio Spots and 3 Studio Colors.  I spent Monday getting our board configured and Tuesday getting familiar with the lights, and on Wednesday Dave B. and Vince came out to help get the lights mounted on their assigned bars.  See, I’m a recovering acrophobic, and we don’t have a catwalk, so at this point I wasn’t mentally able to make it up 20-some feet in a wobbly scissor lift with a 40-pound light fixture in my hands.  Vince and Dave B. shrugged off such things and mounted 5 of the 7 fixtures; we left two on the stage for some “surface-to-air” light.  Once everything was set, it was time to start programming.

Programming

I had already listened to the two songs that were going to require the largest amount of programming (TSO’s “Christmas In Sarajevo” and a pop-rock-STOMP-esque version of “O Come O Come Emmanuel”), so I had a decent vision for how I wanted things to look already. Now that lights were set and I could actually SEE stuff, it was time to nail all that down.

For the next few days (and nights), the lighting desk became my office.  Like I said, this was my first experience with intelligent fixtures, and the last time I ran lights at all was LAST Christmas Eve.  Things started out pretty slow, but just like riding a bike, you re-get the hang of stuff pretty quick, and so before too long I had “Sarajevo” programmed from start to finish, and by Monday the 22nd, I had just about finished both of the “big songs,” and things were looking good for programming to be done by Tuesday afternoon, but some unexpected stuff started to happen.

Unexpected Hindrances and Helps

On Tuesday, it became very apparent that one of our fixtures was beginning to malfunction.  One of the Studio Colors we had mounted upstage began producing the wrong colors, and even after homing the fixture repeatedly, continued to do so.  What was strange was that each time the fixture was homed, it would produce a different wrong color.  Not being one that understood the mechanics of these things very well (yet), I began speculating on what could be the problem.  Was it a loose belt? Had the belt jumped teeth or something? Was the motor rotating too fast?  Too slow?  I knew that I could program around the problem, but I also knew I didn’t want to leave the lights running for 24 hours in order for that programming workaround to be effective.  All the while, I had been tweeting my experience about this because at the time I needed some way to vent.  This was extremely disheartening, and it was frustrating to have done a load of programming only to face the prospect of having to correct every scene because of a single fixture.

To my surprise, a little later I got a direct message from Jonathan.  He works in the Tech Arts department at Granger Community Church, and he had sent me his phone number, along with a message to call him if I wanted help with troubleshooting.  For the next hour or so, I passed information to Jonathan, Doc and Mike (all tech/lighting dudes at Granger) about what I was seeing and experiencing with the fixture and in turn, all three of them played a major role in helping me get familiar with the inner workings of the fixture.  After some troubleshooting, some testing, a hunch or two and even more testing, “Studio Color 1,” as I’ll call it, was giving us accurate colors again.  The culprit?  A stepper motor that controls the frost wheel had gone bad and was moving too slow. This issue created a domino effect that prevented the yellow and magenta filter wheels from homing properly.  The fix…home the frost wheel by hand and then disconnect the offending motor.  The yellow and the magenta wheels homed perfectly after that.

With Studio Color 1 back in action, programming resumed and went on through the night.  Finally around 3am on Wednesday, everything was done.  Normally I would be beat about this time, but it actually took me awhile to calm down enough to fall asleep after I had gotten home.  The day had been extremely full of highs, lows, and more highs, and after all that, it was DONE.  Apart from positioning for vocalists, there was no more programming to do.

Christmas Eve

…easily one of the most amazing times I’ve had at NewPointe.  God was truly present with us that night, and it was evident in everything that happened.  From music and technical to ushers and parking, God made himself evident by allowing everyone on the team to be on their A-game that night so that the message of Christmas and the Gospel could be presented to over 4200 people.    During the 4:30 service, the auditorium was actually filled to capacity and we ended up piping A/V to our KidStuf venue in order to utilize it as an overflow.  That is a HUGE win for the Kingdom!

I don’t know if I’ll have the opportunity to do anything of this magnitude again, but at the risk o
f sounding conceited, I counted this as a win. Not just a personal win, but it was a win for our volunteers, a win for NewPointe, and a win for the Kingdom overall.  As much as the lighting was a personal win, there’s some serious thanking that needs to happen:

NPCC Service Programming: You guys rock, end of story.  Thanks for continuing to move things forward and making weekends at NewPointe awesome.  Thanks for allowing me the opportunity to be a part of something God-sized and for setting me and the rest of the tech team up for a win.
Dave Beachy and Vince Beachy:  Those fixtures still wouldn’t be mounted without your help!  Thanks for making yourselves available and going to altitudes that I’m still not comfortable with!  Dave, thanks so much for doing the footwork that was needed to even get these lights in the building!
Jonathan Bartkowiak, Doc, and Mike from GCC:  You guys are a total example of how the body of Christ, specifically the “capital C” Church, is meant to operate.  You had your own Christmas Eve services to prepare for and took time to help a tech guy from another church get his lights back in order, and I am extremely grateful.  Thanks so much.
Jessica Mast: Thanks so much for understanding how I’m wired and what I’m passionate about, and for cheering me on and encouraging me as I take on the stuff I’m wired to go after, even though it means late nights sometimes.  You’re awesome.  I love you.