If this is Thursday, it must be time for Thursday Trivia– Maestro style!
Tony’s produced another excellent writeup, this time featuring the second day of our Maestro training festivities (activities? either one works) here in Boston. A few additional notes come to mind.
First, I must confess to a degree of envy for the beautiful Nikon lens that Tony has been using to take pictures, although I would quite like it if he would take pictures of something other than me. I suppose you can’t have everything you wish for. (Ed. note: the actual lens Tony is using is this one. The one I linked to in the preceding sentence is the rough equivalent for my camera, which is why I got them mixed up.)
The RBAC session went quite well, though it ran longer than I wanted to. RBAC is one of the key areas where Exchange 2010 differs significantly from Exchange 2007. Most Windows administrators are so used to the standard Windows security model, which uses discretionary access control, that the concept of access control based on roles seems very foreign. When I teach RBAC, there are a few principles that I focus on to help keep the most important things at the forefront. First, RBAC role assignments are additive. If I assign you three different roles, you will have the ability to do anything that any of those roles allow. This is a big change from the standard Windows model, with its rules about most restrictive permissions.
Second, I often liken RBAC to sculpting using stone. When you create a new role, you can only take away from the entries that the parent role holds. A child role cannot contain role entries that were never present in the parent. This, again, is quite unlike the standard Windows model.
Third, understanding how the “triangle of power” works is key to understanding RBAC. I will probably include a quick review in tomorrow morning’s review session.
After I finished RBAC, Tony embarked on a lengthy disquisition on the mailbox replication service. This is another major difference in Exchange 2010, and he covered it thoroughly. After a quick lunch of hotel Italian, I covered the high points of the Exchange 2010 transport system. I think the students were probably glad to be on more familiar ground, as the transport system still has a lot in common with previous versions.
The afternoon labs went quite well. I was able to help one student fix a nagging problem with the CAS servers in his production system, resulting in him being able to use Outlook 2011 with his Exchange 2007 system. He was happy, as was I. It’s always very rewarding to be able to teach people things that they can immediately apply to their work environments. After all, that’s why we are here. Abstract knowledge is wonderful, but concrete, practical knowledge is better in my book.
(Speaking of book: Tony’s Exchange 2010 Inside Out is due to be released December 1. In related news, I am no longer the holdup in its production!)
One of the interesting things about this class is that we give the students a reasonably complex virtual environment to work with. This has its challenges, including the requirement for students to bring fairly powerful laptops. However, when I compare this class to other classes I have taught where the instructors provided the equipment, I like this model better. Students are confident in the quality of the equipment because it’s theirs. None of the instructor staff has had to spend any significant amount of time helping students with hardware issues, something that often happens when using rental equipment or equipment provided by a venue. In addition, students can take the lab environments with them when they leave for the day, so if they want to work on the more at home, or next week when they are back in their offices, they can easily do so.
After the class was over, we left the hotel with fellow MVP Lee Benjamin to have dinner at a nearby restaurant. The food was quite good, the service was excellent, and the vintage clothing worn by the waitstaff was remarkable in its variety, a most welcome change from the doll clothing worn by weight staffs at most other restaurants. On the way back to Lee’s car, I spotted a plaque marking the location of the first long distance telephone call. I thought that was worth a picture, and the results are below or did I am pleased with how well the brick turned out using the built-in flash on my iPhone.
Now I’m off to do a bit more editing work on Tony’s book, along with some last-minute changes to my slides for tomorrow. I’m covering exchange unified messaging, as well as server sizing, scaling, and planning. Should be a fun day!