Church IT Podcast Discussions Episode 10, June21 , 2007
JASON
Hello everybody. Today is Thursday, June 21, 2007, this is Episode 10. We are a bimonthly live interactive podcast with Church IT staff and volunteers, just to get together and discuss news, tips, tools, technology, best practices as they related to church organizations and what we can do to further God’s Kingdom. We meet live every first and third Thursday of the month at 2:00 pm. Check out www.churchitpodcast.com My name is Jason Powell, I’m the IT Director at Granger Community Church and I’ll drive today.
First off, if you’re in the chat window, stick your name, blog address, church name, so forth into the chat window. Unfortunately, when I asked for the chat logs, although I’ve been told that they will give you the chat logs, the engineer now says that couldn’t give me chat log, so I’m trying to take screen shots of who is present.
Today is going to be open. Last time about volunteers was great, please check it out, it was very helpful.
Let’s start with Kool Tools. Any local IT Roundtable updates? Then Tony had mentioned doing a little chat on intranet stuff. Tony will lead us in that. Then I’ve got a couple of email questions. So if you’ve got something jump in.
I didn’t not put a reminder on my blog for today, I think that explains why we only have a handful of people. Please help spread the word. If anybody is interested in leading these things when I’m not available, let me know.
Kool Tools – what, technology wise is making you smile.
Sp
I’ve got a couple of online password generators that help when we are creating service accounts, etc. I’ll put those two links up here. One site, GRC, gives some research. There’s another one from another website that I use when creating new accounts, especially service accounts, it makes things a lot easier.
Jason
I’m going to ask a question. Are [Time Stamp00:05:51] there any of you guys that keep your users password? When you create an account of change someone’s password, do you hang on to those passwords so you can log on as that user later-on?
Sp
We don’t want to know their passwords. Unless we should ask for some reason, but they create their password and no one is to know it.
Tony
We do a minor variation of that, when we first set up an account, because we are handing that account off from person to person internally, we create a list with the initially created IT password that we use for ourselves, and Jim creates a spreadsheet that prints out a password thing from that document, so we then hand them this fold-up sheet in a sealed envelope when we give them the password, but from that point on, we expect them to change it and we never expect to know it again. If we need to go back in or get on their machine or something, we will call them ahead of time and say, We are going to change your password, we will leave your new password in your voice mail.” We do not keep people’s passwords.
Sp
Do you force them to change their password on first log-in?
Tony
No we don’t. We do the rotating passwords expire every 60 or 90 days. If a new staff member keeps their same password, then yes we do know what it is if we go look it up. It’s a rarity, but at the same time, that’s when people have the most problems and want the most help from us so sometimes it’s a bonus. But if they want to change it day one, they can, we don’t force them to.
Chris
When I got here, everybody was given passwords and not allowed to change them, and in the last year, that has been changed. We now do it like I did it at my previous company. Everybody has a common password that they use to log onto their computer the first time and on first log-on they have to change it. After that, every 90 days it has to be changed, and I [Time Stamp00:09:04] enforce 7 characters or more to keep them from doing pathetic passwords but I didn’t turn on the require hard passwords thing because that drives everybody crazy.
Jason
If you read the stuff, it doesn’t make sense to create these hard passwords. Everything I read says to create phrases. So we’re requiring 10 characters, something unique, not “I’m the Senior Pastor” but something like “I like to eat green pickles” you can type it really fast and try to hack that! It’ll take you a long time. In the school system, our typing teacher had a 21 character password and she could type it faster than I could my 8 character password. In a staff meeting, they recognized her as having the best password and gave her a $2 dollar bill.
Tony
Thinking back to your typing teacher, if he/she were to type the quick brown fox jumped over the lazy dog, is that a complex password?
Jason
If you tried to put up a dictionary attack or a brute force attack against that… They wouldn’t tell me what it was but it was some phrase, 21 characters, but even if it was the quick brown lazy fox thing, still…
Tony
Right, I bet that meets all the complexity requirements, it’s just a bad thing for a typing teacher.
Jason
Microsoft wants you to have a special character and a number and a uppercase and a lowercase.
Tony
We often tell people to pick their favorite Bible verse and then tell us where it is. Like 1:1 is a great password. The other thing I tell people is put the digit first instead of at the end. So a I Samuel 1:1 is a whole lot better than John 3:16. That way at least people have a chance. But password management is still a pain in the neck. The day after passwords change, please call because they forgot it.
Jason
Exactly. So we are probably the only church [Time Stamp00:13:01] that keeps track of passwords. It’s good and bad.
Sp
I’ve got one to throw out there. Our Senior Pastor wants me to know his password, because he wants everybody to fix his computer without him having to be around.
Jason
That’s one nice thing about us knowing everybody’s password, if they are not here, or you are at home, you can fix whatever. The other thing we find by knowing everybody’s password, it has the sense of big brother, they know we have access, people know it is not their computer, everything could be monitored, we don’t monitor. At some point we will probably have to change this.
Sp
There could be an issue from an audit standpoint. My wife is an IT auditor and like you kinda lose deniability with access to accounts. I don’t keep passwords so that nobody from the financial team can say that I was in there playing around without them knowing about it. Not that that is likely, but it gives me deniability.
Jason
Yeah, if there is nastiness to knowing everybody’s password, that’s it right there.
Sp
I think the other thing is a security issue, if you have someone from your IT team leave, you theoretically have to reset every password in the church.
Jason
Right. But at the same time, we are IT. There is nothing we can’t cover our tracks. The whole deniability, if you really wanted to, you could go in and monkey around in the financial stuff and cover your tracks very very well. Although you may not know the password, you could get that. You are domain admin, I could hop right into a user folder, see all that information.
Sp
Most people don’t know how much power we have.
Jason
That brings up another question, should they know how much power we have, or does that shoot you in the foot.
Sp
What I’ve always said, our church financial person said the other day and said something about all this, I’ve always [Time Stamp00:17:56] told people that IT people don’t have real power, we have perceived power because we have a use-once and never use again kind of power, unless you are milking the company. Otherwise we don’t’ have any power, we are not different than a cashier, we handle money/data but it is not really ours. Morals and ethics should kick in.
Jason
Just gotta trust your IT staff. In the school system I came from, in the IT world, I was still considered part of the school union and the administration were trying to pull me out of the union, which they could never do, long story, the reason they wanted to do that was because as IT staff, I had full power to look at any Board grievance or Board data that the school union would love to get their hands on. All sorts of crazy documents, but it’s the trust issue. One, I’m busy as it is, I don’t have time to go poking around in users folders, that doesn’t even cross my mind. You just gotta trust your IT guys.
Sp
I’m just curious if you guys are similar. There are several areas in our system, like our financial system, no one on staff but myself has access to the super admin account for example, the rest of the IT staff doesn’t have that because I don’t want them to, there can be no questions to who made the changes, ya know.
Sp
I don’t even have access to set Quickbooks passwords, that’s our Senior Accountant, so at least I don’t have access to those systems. He is not an administrator on the network and I don’t have access at all the Quickbooks.
Ed
Even if you don’t have the SA account, being a domain admin, I could back that up and take it home and play with it all I wanted. Or even just do an ftp transfer to have it off-site if I really wanted the information. Now being able to change the information is a different thing but being able to get it undetected, I could do [Time Stamp00:21:45] it.
Tony
We’ve talked about this before, we realize there are two different things that are sometimes in conflict with each other. WE have a very strong drive to protect the network, data integrity and security, and we have to say that supercedes privacy but it doesn’t mean we don’t have a respect for privacy. We go so far out of our way to protect everybody’s data and say we never look at your stuff unless there is an overwhelming reason to do it. That’s just our own integrity that we have to deal with. And we gotta answer to each other if we violate. That. Then the flip side of that is that we area so particular about both security and privacy, we area always pushing that to the users who sometimes don’t think there is a need to be concerned about privacy and confidentiality. We have to go to our users all the time, ya know, people who process contributions, and say, “When you walk away from your computer, you really do need to lock it first.” And that just doesn’t occur to them.
Jason
And in your unique situation where you are using outside consultants to do IT, that adds another layer of flexibility. Now you’ve got an outside consultant that has domain admin access.
Tony
Danny, we have an atheist contractor who has domain rights. What’s really sad, I trust our atheist contractor better than I trust some of our staff members, not our IT staff, our other staff. That’s all I’ll say on that.
Jason
We had a new recent hire in the HR region, and to think he found out recently that I had access, I was looking for a particular file, someone passed it along, it went to HR. I called him and said I was looking for this particular spreadsheet with blah information on it, he said yeah it’s in a certain folder but you won’t have access to it and I’m like, “well I’m looking at it right now.” So that was a good teaching tool. They know we can see everything. So I wondered if periodically we should go to Senior Management and remind them what kind of power we have, not in any pressure sort of way, just a friendly way for them to keep it on their radar.
Tony
I know we’ve talked to some of our about email and email security, and here again we take both sides of it, because of security and data integrity, we reserve the right to go into your email, but also because we value your privacy, we don’t take that right unless we really have to. And we joke with our users because everybody thinks we’re reading their email all the time – are you kidding! I have enough trouble keeping up with my own email! Why would I want to go read yours? But it is a good reminder, we might do it if we had to.
Jason
And we’ve probably all got stories of having to do some unpleasant stuff. In the school system, I was giving a presentation and my network administration came in and whispered in my ear that he really needed to talk to me, and then my boss, the business administrator and gives me the come hither motion and says we’ve got a crisis, short wrap-up of the story. The request was for me to archive every single email our superintendent had sent out in the last month, commandeer his computer, laptop, take all his emails and print them out and put them into a binder. That was strange! I start sweating, they got the school board president to come in and ok it. Not a fun day.
Ok, let’s move on. Let me throw these out from an email. Sean writes what are some option for VPN, would you talk briefly about how VPN can be set up as far as connecting it with an active directory for user authentication? Are they looking for high-quality VPN. I think the VPN set up [Time Stamp00:29:37] is beyond what we can talk about today.
Sp
We’re using Avica [?].
Sp
I’ve been playing with SSL Explorer, which is an open-source SSL based VPN product. It’s available as a virtual machine if you want to play with it. It’s cool because it doesn’t require all the stuff Microsoft VPN requires, it just has to have an SSL port open.
Sp
We are using that too, it’s great.
Sp
With SSL Explorer, can you limit what machines can VPN in?
Sp
I think it is user based, I haven’t tried to do anything with machine limiting.
Sp
You can authentic from any web browser.
Sp
What does it open up to your internal network?
Sp
Whatever you want it to. You can either open the whole network, they’ve got a next client which is a little java based thing that’ll open the whole network, or you can control like volunteers, whatever you want them to have access too.
Jason
They’ve got a pay version of that too. Is that just for support?
Sp
I think for full access and support, you have to go to the pay version. If you just want granular access, it’s free.
Jason
I would recommend people look at SSL VPN as opposed to traditional VPNs these days. We’re looking at the Sonic Wall VPN, we have a Sonic Wall volunteer, that makes a big change for us. Big help.
Sp
We’re also looking at Juniper SSL firewall.
Jason
I like it but the price was giving me a coronary.
Sp
But it’s slick though! I have one they let us borrow.
Sp
Is anyone using SSL VPN on issued laptops? Or only for volunteers?
Sp
We’re just using SSL.
Jason
I’d like to move away from VPN as much as possible. But we’re not there yet. I think we’re getting a Sonic Wall SSL VPN. We’ll see.
Next email question: I would like to find out what other churches do if their IT [Time Stamp00:34:37] guy leaves or gets fired or just loses their password, to make sure they don’t get locked out of their servers. We’ve discussed getting out IT guy to create a second admin account that someone else has the password for, but he is worried about someone else using password and messing something up.
Sp
I think it is interesting while we were all talking about password, some of us were typing back and forth an answer. I was the only IT person at my last post, and whenever the admin password changed, we sealed it in an envelope and gave it to one of the officers, in this case, just seal it, give it to the person above you. If somebody gets fired, gets angry, there are a lot of ways to take the system out.
Sp
Part of that question was about having your account locked out, and if I were an evil person who wanted to write a virus or attack somebody’s network, I think a fun way to do that would to be write a script that would look at your active directory and enumerate all the accounts which you can do because everybody who’s on the network has read-only so they can read the accounts, then just fire off an attempt to log onto something using everybody’s account but using a password of one character so it would lock out everybody’s account on the network. Then you would have to shut that machine down, but you’d have to find it first, so you could theoretically lock everybody out.
Music interrupts in the background. Andrew is writing the script now. Ha Ha!
Jason
At least in the school system we had a back up account, there were only two of us who knew what that was, it had some ridiculously long password, so if somebody hacked the main account, we still had that back up account.
Sp
Isn’t the built-in admin account domain in active directory, isn’t that one that you can’t lock out? If I remember correctly that [Time Stamp00:38:53] is one account you could use to get in even if all your admin accounts were locked out. I know you can log in interactively at the box with the built-in admin account.
Sp
So you’re saying if you’re using a lock-out policy, that you could still strong-arm the admin account, which is be default a domain admin account, you can try to hack that one without ever locking it out.
Sp
Yes, that’s why they say to rename it. It still holds all the keys.
Sp
I didn’t realize it couldn’t be lock-out.
Sp
I don’t know if that affects remote. I’m sure we can check that and find out. It locks out after so many bad password attempts.
Jason
Question is are you going through logs, do you have anything that tells you when that occurs?
Sp
We don’t, except for the default security logs, but if you’ve ever poured through those, they are easy to read. I don’t know if anybody’s got a cool tool that tells you that. We don’t. And we’ve had somebody get their account locked-out, so we looked through the logs and it took us a while to find anything out.
Jason
What’s a good centralized log tool of sorts that will give you stuff you need to know and not bother you with the rest of the stuff. It would be awesome if we could get something letting us know that someone has been locked-out, we could call and see how we could help.
Sp
I’ve got a plug for What’s Up Gold then. You can tell it exactly what event Ids you want it to raise an event, you can tell it to do whatever you want. I love it. It tells me when a server goes down, for how long, when it comes back up. It’s been wonderful. It’s watching every SNMP on my network, except for workstations, I don’t care about that.
Tony
On that event log, does it have a default setting, because my problem is I don’t’ [Time Stamp00:44:01] know what I want to look for until after it happens and I wasn’t looking for it?
Chris
I’ll see if I can post something on my blog about good common stuff to look for. I’m still buddies with the guys I used to work for, they have a list, I’ll get it. They spent a lot of time on the phone with What’s Up.
Sp
I played with What’s Up Gold, will it do WMI? It only does SNMP right?
Chris
No, it will do WMI but you have to buy the Pro Premium or whatever the upper-end product is. It will do WMI.
Jason
The pricing is not too bad.
Chris
They will give a good deal for church or school.
Jason
Looks like Dean at ACS is using it. Good stuff.
We’d be willing to pay your guys for their list. I want the fast track. I want everything fast track. We’re getting ready to do some SAN Melody here on sight and they are gonna fast track us big time, so they are ready. I like companies that are all about helping me figure out how to do stuff.
Other questions?
Chris
I’m curios as to what everyone is using for sans; I called Beta Core today, I’ve been talking to everybody, I’m curious what san they are using.
Jason
Equal Logic.
Sp
Equal Logic
Tony
We would probably do Equal Logic if we do it again.
Jason
Chris, I can give you the research I did.
Tony
I’ve got Scott Ehly sitting here with me and we had talked about maybe a little Intranet Sharepoint stuff. Scott is being the unfortunate go-to on Sharepoint, he’s really a good guy.
We’ve been playing with Sharepoint, we even brought in a third-party contractor to help us play with Sharepoint, and we love it! Except we can’t figure out how to make it useful, we’re in that Catch 22, we believe it can do wonderful things, it’s too much like Windows, too many ways to do things, same with Sharepoint – so many pieces [Time Stamp00:49:32] and parts. If I just want to do something basic, how do I start, how do I get it there. We have taken our old intranet and duplicated into our new intranet and now I’m questioning that. Scott did exactly what I asked him to do, and I want to shoot him for it. We’re trying to find something that makes Sharepoint compelling, maybe we shouldn’t.
Scott
One good point, what we’re looking for, perhaps somebody who has already gone down this road, if you can tell us a few things to try. One of the first things we are trying to implement is the knowledge base and it can be anything from a document library to a document workspace to a wiki and I can see benefits to all of them, and the best thing we’ve got going right now is basically putting all three of them out there, see who uses what, and get rid of the stuff they don’t, but if anybody has already done some of this, we’d love some advice.
Tony
I noticed that Barry Buchanan posted on his blog the success he is having with Sharepoint, but it wasn’t a huge “all the right answers” but we are still looking back at how to communicate with our staff, keep the history there, how do make everything findable, how do you put everything you want on the front page and not clutter it?
Sp
We are using Sharepoint. We started out with our Production Ministry, let me preface that with we are using Sharepoint in two different capacities, we have an internal Sharepoing site we are using just for our intranet and if you just look at what we’re using as a homepage, you’d probably thing it’s pretty boring for an intranet but it’s getting the job done. Our Contact stuff is all there, all the common forms and everything everybody needs. We tell people to go look at the intranet first. We have another one we set up using forms-based authentication, I wouldn’t recommend it to anyone, and that one is on the web, our ministries have started using. We laugh because now all of a sudden all these ministries want to use it, our Production Ministry used it and now everybody wants to use it. It has mushroomed as different ministry leaders see the value of it.
Jason
Does it fall on IT to do user permissions and all that stuff or do you try to farm that out to the departments?
Sp
We do a dual, if somebody doesn’t have a clue, we do it, but we have several that are very savvy, we teach them then let them run it totally on their own.
Jason
On the outside access, we want both a staff intranet and a volunteer central.
Sp
We did it by doing two totally separate sites.
Jason
What about the licensing part for outside access. Do you have to do external licensing?
Sp
We went through the licensing, apparently there are 3 major ways to go about it. One is the portal license, but they do have a special license that is x number of dollars [Time Stamp00:54:51] for a totally public site, you can go without it, ethically you need to have it. It’s just a piece of paper.
Jason
That external Internet connector license is big dollars even for charity pricing, so we’re looking at the forms-based authentication stuff. I want to have a piece of paper that says what we are doing, I haven’t found anybody that can answer that. Probably Microsoft I”ll get different answers.
Sp
We haven’t gotten a clear answer either, we have a processor license, I’ve been playing with Forefront and I’ve gotten a host of different licensing answers on that.
It is not going to be on charity pricing.
Sp
I blogged on that a few weeks ago. A lot of these new products are going open value because they need Software Assurance. They were only offering it through an open value which they do not do charity licensing for. They are nesting more and more products that will only be open value.
Jason
Sorry Tony, back to the Sharepoint thing, I can send you the taxonomy that we’ve worked up for what we kinda want Sharepoint to look like. What I’m trying to get rid of the is whole idea of file duplication. One stop shop for everybody. We looked at having a volunteer and a staff Sharepoint site, but my problem is I’d have two different places for a staff member to look for a document. So we’ve designed a skeleton of what we think a good volunteer and staff portal looks like. We’re trying to figure out what it looks like and what pieces, it will do a ton of stuff. The other thing I would recommend is getting your Communications and web people involved so it’s not just an IT product, typically us IT guys aren’t the best at figuring out the touchy-feely stuff. We want our Sharepoint site to not be cluttered and friendly.
Tony
Yeah, I don’t care [Time Stamp01:00:16] what you think of Sharepoint, I want to know what Kim thinks of Sharepoint. That would be the answer.
Jason
Right now, it keeps coming on and off the radar. Now we are to the point where we know it is coming, let’s talk about, spell out, very easy terminology to take to the Senior Management to say here’s why this is going to be a huge win for the church and for the volunteers. Let’s hire somebody outside to do the heavy lifting and let us just be involved in the design stage. I just want to be able to tell somebody here’s what it needs to do and function as. I’m not there yet. I need to create the document for Kim explaining how it will do all the things I want it to do. We’re looking at Sharepoint, is there a way to pull everybody into the same place so I don’t have a base camp log in for our Helpdesk guy who is involved in the drama department and something else. If they all have a base camp site, he could have a different user name and password for each of those sites. We just want to get it all in one place.
Tony
Well Jason maybe we need to have a follow up conversation sometime for all of us relating to how do you save documents so that select people can get to them. And I’m thinking back to the good old days of PC docs where everytime you saved a document it made you make a lot of decisions at that point, and I would love to have the concept of our users have no clue where to save until we give them possibilities. I want them to have a bucket that everything goes into, but they just tag it so that some people can get to it, others can’t, it could be internal, external, other check boxes and have something behind the scenes magically do all that for you. And I think Sharepoint has that capability in it but it is still something the user has to do unless we tie something [Time Stamp01:03:50] into the file save dialogue that forces them to do the right thing.
Sp
On the short term, I have found that the search is very powerful, and the only drawback so far is the interface with the search, which is design after an Internet style search where you want to find a document kinda like a finding a web page, anybody searching for something to edit does not get the same interface they would get if they went to the document library. So finding info for viewing purposed is simple, finding info for edit and modify purposes becomes rather difficult. What we are hoping to do is create a custom web part of the search result that allows you an edit button or is set up in the same structure as if you were in the document library depending on whether you had the privileges to edit them.
In general, you want to set your document library up to be a check-in requirement, so if you click on it, you automatically checks it out for you or tells you that it is already checked out.
As far as the actual problem of where do you put a document, it really comes down to is it private or not, that still doesn’t matter a whole lot because the search is really powerful, it’s been working well for us.
Tony
Jason, the search you are using can only search Sharepoint. So you’re stuck, instead of having documents on your file system, you have to have them in Sharepoint, which changes your back-up plans.
Jason
Have you played with Office 2007, does it act the same way if I click a link and I’ve got Office 2007 installed?
Sp
That’s the biggest dilemma right now, we are in the process of putting that up and there is so much promise. I guess that’s what’s frustrating Tony the most, it appears that it will do all sorts of wonderful things but we’re not up to the point where we’re doing that much integration [Time Stamp01:07:08] with the Office system.
Jason
I’m loving the Office 2007 connection, I click on a document and it asks what I want to do with it and when I’m done, it publishes it back up. I can make provision notes.
Tony
We gotta go. Thank you.
Jason
We’ll get Sharepoint back on the loop, I’m sure there are a bunch of us trying to figure that out. Maybe we can get the guy from Willow to talk to us about what they are doing with Sharepoint.
I can stick around a little longer. Any other things for quick discussion?
I wanted to come back to Forefront real quick. Was that you talking about that Chris? Tell me about Forefront. I’ve downloaded it but when I saw what I had to do to make it run, I put it off.
Chris
Yes, that was a whole night, I was sitting on the couch loading all the stuff. I like the way you deploy it, it is flexible in terms of deployment. Something new, it actually uses the Windows update server for deployment. What’s interesting is I’m having a hard time gauging how good of a job it is doing because the local system, there is nothing to open. It just kinda sits there. I don’t know, I haven’t been able to nail down some final pricing but I haven’t been able to do that either. It’s still slick once you have it all set up. We are using a group, controlling who we deploy it to. It’s been easy once you get it set up. But I haven’t got a virus yet so I don’t know about that.
Sp
You said the deployment is through update services?
Chris
Yes. You just gotta spend a couple of hours getting ready to do the deployment.
Sp
Are you running that on a physical server or a VM?
Chris
The database is housed on a physical server, my software update services runs on a physical box, everything else is virtualized.
Jason
I’d be curious to see what kind of performance load, our Norton stuff is a hog, maybe we want to switch to ABG or one of those guys.
Sp
Chris McGuffin is using ABG and really likes it.
Sp
I’ve heard some good things about Trend Micro but don’t have personal experience with it.
Chris
We don’t know what we’re doing with Sharepoint yet, it just mushroomed.
Jason
That’s my fear. I want to know how to do it from the beginning. We want to know how to have the staff and volunteers interact with it. We’re gonna play with it with some test users.
Chris
I know I want to eventually have an intranet and an extranet with views of the same data. Have you seen that? You can use a forms-based log in for your volunteers but still have Windows user account accessing the exact same database. You don’t have to use the external connector, you have to put a server out on it’s own and connect first server mode. I think at any given moment, there are probably 6 different people who aren’t on the server.
Jason
Right, and I don’t want them to go through the pain, especially the pain.
If it’s better than base camp... Our people our now chomping at the bit.
We should call Jack, he keeps in constant contact with the base camp people. He’d be one of the guys wanting to do some crazy customization with Sharepoint.
I’ve got way more questions about Sharepoint than I have answers.
It’s good to know you’ve got it running Chris. At least you’ve got people using it.
Jason
Our website is .net and we could use the same user names and passwords for website and Sharepoint. A single authentication store, that part, for all the volunteers. Sometimes a staff person complains [Time Stamp01:20:01] that they can’t do everything they want to do. So far, if you are creating sub-sites, it is different to role data up.
Jason
There are a lot of Sharepoint plug-ins. Web parts.
Chris
There are horrible! Useless. The helpdesk one is a nightmare.
Jason
There is a website where you can buy a plug-in to buy customizations to do things like put custom color on calendars. I don’t have time to figure out how to do all that.
Jason
We should wrap this dude up. Thanks Chris for the Sharepoint information, very helpful.
Chris
I’d be glad to show it to you. The real value for us was the calendar part so each ministry could have a calendar.
Jason
One of our ideas was user account stuff, generic accounts, where someone could come in a look at things, different levels of permissions. How do you do those permissions?
Chris
Anybody accessing it has to have an account. They can create their own account, they would contact the ministry they are trying to become part of.
Jason
Did you see that Script Logic has a Sharepoint Permissions viewer application? Go to their website. You can manage permissions, which can be ugly inside Sharepoint. Script Logic. Sharepoint Explorer.
[A bit of jumbled conversation finishing up Sharepoint]
Jason
We are getting about 2000 online views of our services a week, from all over the place. It’s neat to here about the life changes just because people shared a video cast.
Chris
We have 3 different Windows media sessions, a high bit rate, a low bit rate, an audio only, and one of our services we translate to Spanish and stream that out.
I’m preparing to role our Real time Flash.
Jason
Would you consider you guys to be pretty savvy on Windows media encoder? I need a resource.
Chris
Yes.
Jason
Ok, we’ll keep talking about this, but if everyone else needs to turn off, anyone can come back and listen to it, glean data, later. Great. Thanks!
[Jason and Chris dialogue just a few minutes then turn the recorder off].
www.fusionbyfire.com
We can talk about all this some other time.
Topics discussed in Episode 10
- Much discussion surrounding all things passwords
- IT staff can see everything on the network! How do you communicate that to users/management? Should you?
- VPN discussion ... SSL Explorer is free
- Handling Admin passwords
... Andrew Mitry gives us a demo of his on-hold music :-)
- What event log ID's do you monitor? What's a good tool to do so? Chris loves WhatsUpGold
- Little bit of SAN discussion
- I failed to remember to get Sharepoint in the discussion sooner ... sorry Tony :-( ... discussion about who's doing what with Sharepoint
- How do you decide where to save a document?
- Chris Kehayias and I yak a long time after everyone else leaves (I went ahead and kept recording) about Microsoft ForeFront, Sharepoint, Windows Media Services/Encoder, etc
Go listen to the Episode 10 or the other podcasts HERE
Put on your calendar ... right now ... the next talkcast will be July 5th. Any particular topics you'd like to have discussed July 5th?
If you'd like to place the church IT podcast player on your blog/website feel free to do so. Here's the simple code snippet to use:
<script type="text/javascript" src="http://www.talkshoe.com/resources/scriptsLib/tsBadges.js"></script>
<script type="text/javascript">TSDynamicBadge160I('6983');
//TalkShoe only supports one dynamic badge per web page.
</script>
Uploading ....