Archive
System Center Virtual Machine Manager – Self Service Ownership Bug
At the office, I use Microsoft System Center Virtual Machine Manager 2008 R2 to manage a few dozen Hyper-V servers hosting around 150 virtualized services. SCVMM allows me to manage all the servers across different high-availability clusters and physical locations easily from a single console, and also facilitates users managing their own virtual machines through the Virtual Machine Self Service portal, a nice web front-end to the management interface that doesn’t require the desktop console to be installed.
In order to allow a virtual machine to be managed by self-service, that virtual machine must be assigned an owner through its properties. This is typical for Active Directory-integrated services and objects such as managed Virtual Machines – but comes with a quirk that makes it almost useless, at least in my company’s needs.
Shown above, the virtual machine’s owner is assigned to a domain universal security group. This is also a very common configuration, supported by other Microsoft products: assigning ownership of a resource to “Engineering”, and adding members to the “Engineering” group allows all the users in the group to access that resource.
Unfortunately, SCVMM doesn’t correctly handle security groups. Assigning a virtual machine to a group is a valid assignment – but prevents that virtual machine from being managed, because the group does not have a valid “group login” to use (you use your own logins in a security group, and the Active Directory manages permissions for that group) and SCVMM blocks transitive ownership to the group members. In other words: unlike every other Microsoft product, a member “Bob” who is a member of the “Server Access Group” will not be able to manage a virtual machine whose ownership is assigned to that very same group. The correct behavior, would be to allow every member of the group to manage every virtual machine associated with that group. It’s frustrating finding out that you cannot assign a virtual machine to a security group and have it work, but even more-so because it doesn’t follow the behavior of every other similar product.
In my company, we have a stack of application servers that are self-administered by some of our software engineers to break as often as they want while testing early builds of our application. It makes sense to allow any of them the ability to manage the virtual machines at a hardware level, but because of the broken group mechanics, it would have been impossible to do this and I’d have needed to pick a single engineer for the task. Because that would unfairly load one individual, I tend to handle most virtual machine maintenance myself using the console. The self-service portal sits idle.
A new service pack for SCVMM is due out shortly (following up on Server 2008 R2 SP1 which introduced important new features into Hyper-V), hopefully it will address this glaring oversight.
Windows DNLA support, and some thoughts for the future.
Microsoft recently announced that a new crop of high-end audio receivers, specifically the Onkyo TX-NR3008 and TX-NR5008 are Windows 7 Certified with DNLA.
The Onkyo TX-NR5008 receiver, costing $2700.
The Windows Blog talks about the exciting new possibilities this opens with the Play To technology:
In the case of the receivers, you can easily play music from your PC to these devices with just the right-click of your mouse. If you haven’t used Play To before, just open Windows Media Player or Windows Explorer. Right click on your audio track and select “Play to.” The Play To session will open and you’ll be enjoying your favorite media on your Onkyo receiver. You can also select the “Play to” button above the now playing list in Windows Media Player.
They’re so close to having a killer app that would make the Windows 7 PC the center of any multimedia system, single or multi-room by leveraging the power of the local network, but this implementation is too far off the mark to be worthwhile. A receiver should be a universal sink for audio, not just a receptacle for certain authorized actions and content types. Here’s what I propose that would make it better:
1. Ability to redirect the sound mixer’s final output to the receiver over the network. Ideally, this would result in the receiver appearing as an audio output device in the mixer through its network connection. All audio from the computer could then be directed through the receiver, without actually having to hook them up together except through a network connection. (Bonus points for Wireless-N support.)
2. Revisions to the Windows sound model to actually allow for multiple outputs. I suspect this is disabled for reasons relating to DRM, but I picture something like a visual mixer that lets me make many-to-many mappings between audio producing applications and audio output devices, graphically. I’ve made a mock-up of what I think this could look like, showing multiple sources and multiple applications.
I picture being able to drag and drop applications between the sections to move them; perhaps right-click and drag to clone an application’s audio output stream so it can be sent to multiple devices. Clicking the “X” button would remove the audio source from that output if the option is available.
Just think about it: a Windows 7 PC could become the entire center of a multi-room networked entertainment system. Drag and drop to send audio from your MP3 collection out to the networked receiver in the garage or your kids room…set every stereo in the house to the same music by cloning an output stream multiple times and sending it to every device simultaneously…and the possibilities grow further if it’s expanded to video.
This is what I’d like to see Windows do for audio. As it stands now, I just hook my receiver up to the computer directly because no network audio solution has worked well enough for me. It’s mainly because the network audio applications are too focused on media files and not audio streams. Networks are getting faster and more ubiquitous, it’s time to shift the focus back to the network from the media itself to really enable some innovation.
Bing vs. Google on Downloading WinRAR [Winner: Google]
I’m fighting with the beta of System Center Virtual Machine Manager 2012, a Microsoft utility for managing cloud computing resources. It’s a fight I shouldn’t have to engage in as Microsoft requires a pre-requisite that can’t actually be opened by the default tools installed with the operating system, the Windows Automated Installation Kit which is helpfully delivered as an ISO instead of something that can be opened natively.
WinRAR, a well-known and well-respected file compression utility is my go-to utility for opening ISOs as it will extract them into a folder with a single click. It’s also a program I never seem to have the installer on hand for, so instead of digging around for my department’s installer I go find the web page. Bing is the default search engine for Internet Explorer on Windows Server 2008 R2 SP1 and I used it to search for “winrar”, expecting to be quickly taken to a download site. Instead, I received a search result page entirely devoid of what I was looking for.
That’s a screenshot of the data area of the browser, from the server in question. There were three results displayed on the first page (it didn’t want to scroll). Zero of these results are links to download WinRAR, or are even to the company that even produces WinRAR. Two of the results are sponsored advertisements to a WinRAR competitor, and one is the Wikipedia entry about the software. (The page extends to the right as well, with 5 more advertisements I cropped from the screenshot, none are links to the author’s web site.)
I was so shocked by this absolute lack of results I had to open a tab with Google on the same machine and search that way:
The very first result is the official homepage of WinRAR, complete with a quick link to Download. Perfect! The second result is the same as the “Download” quick link from the first result. The third result is another domain name for the same company, as is the fourth. And it continued with several more links to reputable download sites (CNet, etc.), and finally the Wiki entry.
It’s no surprise that less than 1 in 10 web searches are on Bing when it can’t accurately return results for something that’s been around for years, has an excellent reputation and is very widely distributed. Winner in this unexpected challenge? Google. But I would like to thank Bing for a nostalgic trip back to the early days of web search in the ’90s when there were zero good options out there. I’m very glad that’s not the case anymore.
Bing Travel is excellent, it’s a shame their web search is pretty much useless.
Share this:
Like this: