Tips on providing remote support to other countries

One of the largest challenges of providing support for international companies is supporting operations in other countries, especially one’s you have never physically seen.

In my new role, I am responsible for looking after IT support and operations for the Asia-Pacific region and until we build our IT support model and employee staff, I am the first stop for the guys on all issues.  One issue we are working on as I type this post, is we have had a network switch in our Singapore office die. While we have a guy locally that can do the leg work for us, but he doesn’t have a great understanding of networks or systems, which is fine as he is an administrative guy.

The first problem was we had the switch replace by Cisco, however, Nathan (Singapore) doesn’t have the skills or the rights to install the switch configuration. Jim (Cambridge) sent Nathan a package which contained a Cisco console cable and a USB/Serial port adapter. Our first goal was to connect the switch to a laptop and use Microsoft Office Communicator 2007 to remote control the laptop and allow Jim to install the configuration.

Below are some of the issues we ran into:

• Nathan had a spare laptop but didn’t have administrative rights.
• When Nathan tried to connect the USB/Serial port adapter, he wasn’t able to as he required administrative rights to add new hardware to Windows.
• No one on the call had administrative rights to the machine or the domain to override this.

We worked around this by finding a docking station which had a serial port. This allowed us to do away with the USB/Serial adapter and the associated hardware install issues.

Once this was connected, Jim was able to establish a connection to the laptop via the screen sharing utility in MS Office Communicator 2007. Once established, he was able to use Hyperterminal to connect to the switch and install the configuration.

Here are some tips that may help you in resolving issues for remote users:

1. Learn the phonetic alphabet!
   This is a core skill in effectively communicating with someone who has a strong accent or where English isn’t their first language. Asking people for thing like serial numbers, computer names or even tricky employee names can be easily spelt using this form of communication. LEARN THIS to memory, you will thank me later. You can find a copy of the phonetic alphabet and their pronunciations at http://en.wikipedia.org/wiki/NATO_phonetic_alphabet
2. Look at their screen
   I have been teaching this to my staff ever since I have had staff! The old saying “a picture paints a thousand words” is correct. Nothing worse than trying to guess what is on their screen or having someone trying to tell you want they are seeing. There are lots of screen sharing technologies out there. I have used internal systems such as Microsoft Office Communicator which is an internal IM client with screen sharing capability, Remote Assistance that’s built into Windows, VNC which is freeware and Proxy Pro back in the days when it was a Funk Software product. The other option is if your company has a subscription to a meeting service such as WebEx, you can use this to set up “meetings” between yourself and your user. The advantage of this is that it works across all types of networks and you don’t need to be connected to any internal networks, internet access is all that is required. I CANNOT STRESS THIS POINT ENOUGH
3. Slow down and describe every step
   One thing new guys to IT support tend to do is do everything at 100 miles an hour. You need to learn to slow down. You will have issues with people who struggle to understand your accent, trouble where English isn’t their or your first language etc.  Slow down and describe every step. It sounds frustrating and sometimes it is, however, it is an important step. Sometime you will need to go down to a very fine level of description. In the scenario above, we had to describe that difference between a console cable and an Ethernet cable.

   Example ‘the light blue, very flat cable with network like connection on one end and a monitor type connection on the other is the Cisco serial cable’

4. Use other material to help describe situations
   When trying to work out how we can workaround the “new hardware install” issue we had using the USB/Serial converter, I found the service tag number and looked up the Dell support page to find an instruction manual. In the instruction manual it had a list of specs and didn’t list a console port but it did list a docking station port. By having this intimate knowledge of the hardware, it is able to help you picture the environment to provide a better description to the users
5. Document and Share
   Trust me when I say this, YOU WILL do this again. You will have the same situation pop up, it may not be tomorrow or in 6 months time but you will have it again. Also, make sure to share your process with your staff and colleagues. They will also run into similar situations and be thankful for prior knowledge.

I would love to hear tips from other people with similar experiences.

Adobe Acrobat X cannot save files – read only or in use

I had an interesting issue at work today that seemed quite difficult to resolve.

All of our employees have Acrobat X Pro on their laptops and one user was reporting that every time he would modify a PDF, it would complain that it’s either read only or currently in use.

I confirmed that the file was on the user’s home directory and there wasn’t in use by anyone else. I also confirmed that his Read/Write/Modify permissions were correct and he was able to edit other files in the same folder. What I ended up finding was that on his laptop in Windows Explorer (Windows 7) was that he was running the preview pane. It appears Adobe looks at the preview pane as an “Open” file and therefore wouldn’t allow the PDF to be saved.

If you run into this issue, disable the preview pane in Windows Explorer and everything works again!

Lee

Cisco Unified Communications Manager – why do you make my life hard!

That pic is so true sometimes!!

In my company we use Cisco Unified Communications Manager and after support an array of PBX style phone systems, I think its fantastic! It’s quick to make changes, its EXTREMELY comprehensive in functions.

So what don’t I like? Documentation!! Its very hard to find good documentation on CUCM. Sure the admin guides are there but they can be so difficult to go through and sometimes even harder to find on the Cisco website. Why do you have so much documentation on CM4.x/5.x but little user guide doco on CUCM 7x+???

The real reason for this post is to give a shout out to the guys at netcraftsmen.net. They are a US based Cisco consulting company and have a really cool blog on CUCM and other Cisco technologies.

Check it out:  http://www.netcraftsmen.net/resources/blogs/tags/70/

Why I Will Never Shop At Another Woolworths Store!

So this post has been a couple of weeks in the making.

It first started off just before christmas when I went off to Dick Smith to buy the wife a new Kindle for christmas. I pop into the store and they have one left. “Fantastic!” I thought and went to pay for it. I put in my Visa Debit Card and found that there was no credit option available and they I remembered that Woolworths decided that they don’t make enough money off people and stopped accepting Visa debit cards. Now the reason I couldn’t use the savings feature is that a) I lost the PIN and b) I haven’t got a new PIN for this card as it’s the account we use to buy big items such as presents, renovation tools etc and I don’t want the ability to pull cash out of an ATM on this card and I probably wouldn’t be able to control myself. Anyways, I had to use a different card and transfer the money back once I got back to the office. Ok that’s fine.. I can get over it!

Well no I can’t! For christmas, my Mum and Dad give us a couple of pre-paid Visa cards so we can do whatever we like and the wife really wants a new airless spray gun. “Sweet” there’s a Masters on the way home. So off we go to Masters and find the gun and a few other items. $180 later we are at the register and I pull out the pre-paid Visa debit card. “Nope… can’t use that! As its pre-paid its a debit card and Woolworths stores do not accept Pre-Paid Visa” is what I am told by the assistant. So we left with $6 worth or parts that I needed and went across the road to Bunnings where they we HAPPY to accept our pre-paid Visa card and even saved $30 in the process.

Is that it???

Well.. no.

We decided to go down to the Gold Coast for a family NYE celebration and we had a tray of mangos and like any Australian, the wife and I think “Mango Daiquiris”. So on our way down, we decide to pop in to BWS and get a little bit of the adult stuff for the daiquiris to be hit with the dreaded “sorry no visa debit cards here” again… that was my final straw!

Moral of the story is that I vowed never to shop at a Woolworth store… plus I think the Coles stores are nicer to shop in anyway

I am curious to know if I am the only one who feels this way.

BYO mobile devices… can this work in corporate society?

 

In this day and age we talk about lots of topics but the one that has seem to have gained the most attention lately is climate change. Now you are probably wondering, “what on earth does climate change have to do with BYO mobile devices?” and the answer is quite simple… Waste!

According to mobile muster, Australia has 26 million mobile phone subscribers and Australia has 15.09 million working age people (15-64 yrs old). These figures give us a mobile phone to person ratio of 1.7:1. According to IDC Australian’s buy 12.74 million phones per year and 57% of these are smart phones.

My question is, why do we business still buy phones for employee’s if they already have them?

There are a few reasons I can think of to start with:

1. Employee’s should have to pay for work call’s out of their own pockets.
2. Companies can get better call rates by having larger accounts.
3. Companies can control the data stored on those devices easier

Now the last reason is the one I really want to discuss. As an IT Manager, one of your primary concerns is security. Are you security controls and policies in place? Is your network locked down? Is your business continuity plan up to date? These are easy enough to do. One of your primary sources of IP theft is from employees. This can be unintentional such as losing a Blackberry or Laptop at an airport to intentional theft by taking your Blackberry with you when you leave and using your companies contacts to steal sales in a new position.

For years this has been quite easy to control with policies and tools such as Blackberry Enterprise Server which allows you to remotely wipe devices and render the device useless. But what do we do now when we have business leaders demanding access to better technology such as iPhones, iPads, Android and WP7 devices? We need to look to other solutions!

There are a couple of different ways you can integrate these devices into your environment:

1. No controls. Open up your environment to ActiveSync (pop3 or imap)
2. Virtual Private Network (VPN)
3. Mobile Device Management (MDM)
4. Containerised App

Now straight up I would say no to the first option. First of all there is open access to your environment and anyone could potentially have access. It also does not allow you access to the device with your IP data on it.

VPN is an option. It allows you to securely access your corporate network with your device, however, you once again have the issue of not being able to control whats stored on these devices or apply access policies. Its a valid connection method, but I would again say no to this.

The first real choice is Mobile Device Management (MDM) like Air Watch or Mobile Iron. MDM is usually an application you either run inside you network on a server or in the cloud which acts as a bridge between your mobile device and your infrastructure. MDM allows you to assign all different policies such as internal web access, mail/contact/task/calendar control, what apps are allowed on devices etc. It also provides functionality such as remote wipe and shutdown incase a device is lost or stolen. Usually MDM is not tied to a specific device type and allows you to control different platforms from the one application.

The other option (and the one I am in favour off) is using a containerised app such as Good for Enterprise. It’s like a hybrid between MDM and they way BlackBerry controls its devices. You have a web based application in your environment and its once again the bridge between your device and your infrastructure (similar to BES). It allows you to set conditions on the device such as disable camera etc but instead of using the native apps for Mail and Calendar, the device has a self-contained app installed that contains all your mail, contacts, tasks, calendar and even a web browser that allows you to access your corporate intranet and other sites.

So which is best for BYOD?

My choice is containerised app such as Good. It allows you to provide all the functionality of infrastructure to your employee’s devices without taking over their devices. Its not platform specific, its easy to use. Once an employee leaves or is terminated, they leave with their own device, an empty app and the company has saved themselves $$$ on handset, lost IP and environment from more redundant handsets that go to landfill.

Now the challenge is convincing finance departments that call expensing is better than everyone having 2 handsets

This isn’t a hugh in depth look into BYOD and more my personal opinion, but tell me what you think?

 

 

What a build! Fibre, WiMax, 4G its anyones guess..

One of my jobs as an IT Manager and the local network focal for the region is to relocate offices to new locations. In August this year, my company started the process of finding a new location as our existing site is to be demolished come December 31 2011.

Now for people in the know, relocations from an IT perspective, can take a long time and this is usually down to things like:

• Do they have a datacentre?
• Are they down/upsizing?
• Is this a location closure and are they relocating the function to another site?

Etc…

For our case the question was, does our Telco have fibre at our new location?

Now for people that haven’t relocated an office and use connectivity such as fibre, you need to realise that telcos in Australia require 3+ months notice to get these works completed. The reasons for this can be:

• Do they have fibre in your location?
• If not, how far do they have to run fibre for the build?
• Does it require road works and the associated government and council permits?
• Do they have enough equipment and capacity in the local Point of Presents?
• Are you planning a move during their network embargo over the Xmas holiday period?

All of these can cause major headaches in office relocations and these are just the ones we have run into.

Unfortunately for us, our first location we scouted and tried to lease fell through. Ok no problems, its early September and we still have 4 months. A couple of weeks later we have found our final location but there is still a lot of negotiation going on between our US based parent, our international real estate agency and the local landlord.We are now at our T – 3 month mark and we still do not have a lease.

What do we do?

1. We could order a circuit based on the site chosen and hope for the best that the lease is actioned and signed.
2. We wait for a signed lease before ordering our circuits.
3. We talk to our telco and find out whats involved in our build to see if we have some wiggle room in our timeframe before ordering and hope we can push them hard to make the date.

We decided on option 3. We spoke with the telco and gave them our timeframe and new location and asked the question, “easy or hard?” They came back to us and said there was fibre in the building next door so they would only need to make a short run to get it into our building.

Excellent!! Well so we thought… we decided to hang off another couple of weeks before ordering. There was too much risk of the lease negotiations falling through again to spend the time and money to implement.

8 weeks before the move, after speaking with management, we decided the risk was low enough that we could order the circuit… this was going to be really tight. We prepared management for the fact that this may not go according to plan. We decided to form plan B.

Plan B:

What else can we do? We contact our telco account manager to see what could be built and installed in a very short time frame. “Lets look into ADSL?” we say. The telco comes back with “no DSL available at this site”… bummer.. what’s plan C.

PlanC:

Did someone say WiMax? I must admit this didn’t really pop into my head straight away as WiMax isn’t a massive technology in Australia. Our telco pre-sales engineer told us they have a partnership with Clear Communications and they can deploy WiMax solution in our office in Melboure. “Fantastic” we cry and “how long?” we asked. “This can be installed within your move timeframe” we were told.

Excellent! Or so we thought…

We filled out the paperwork and sent it in. A couple of days later we receive a call saying that the telco’s lawyers cannot accept this contract as its with a 3rd party and doesn’t work with our parents head agreement.

Plan D:

So to recap, we don’t know if our fibre service will be available in time, we don’t have availablilty for Plan B in our area, Plan C is being flung around like Will Smith’s daughters hair between the telco and our parents lawyers.

So come 3pm Friday (move day) we don’t have plan A, B or C and I look across at Don our Snr Network Engineer and say “what are we going to do this weekend because it doesn’t look like we are building a network any time soon!” Our brains start ticking over and I suggest something a little desperate… “According to Telstra’s maps, they have 4G at the new location? What if we bought a 4G USB dongle, found a suitable router and built a VPN back to the Brisbane office?” Don says its worth a shot and my PM Jim asks “How Much?”

So we head off to the local Telstra shop to procure a 4G card. We found out in the store that there is no suitable router available yet and won’t be till 2012. So we did a little bit of reading and found an article on Whirlpool with a capability list telling us what didn’t work and there was nothing that did. Ok, what else? We thought some more and realised we had a IBM xSeries server spare that we were going to ship back to Brisbane with Windows Server 2003 running on it. Now I remembered back to my old MCSE 2000 days and remembered the Routing and Remote Access Service (RRAS) and how it supported NAT based routing between 2 NIC’s. Perfect!! Server based NAT router.

So after 3hrs of slogging back and forward with the Telstra Shop and my Telstra Account manager, we managed to procure a 4G dongle and a 15GB service. Apparently you require letterhead to make a business purchase even though I am authorised on the account. It was a bit of a pain but in the whole scheme of things it was minor. Meanwhile, at around 6pm, I received a call saying we have a signed contract for the WiMax service. It will be installed in 1 weeks. Ok cool, doesn’t help right now but we still have our Plan D for the meantime.

So Saturday night of the move weekend, we rack up all the switching, routing, wireless access points for the proper network and cable everything up nicely. We then decide to rack up the Windows server and see if we can get the internet working. Surely enough in 20 minutes we are powered up and online and pulling down 9Mbps and pushing up 5Mpbs! Not bad at all. We decide to draw a little plan up on the white board of our we would configure in this network device. We decided that we would just setup internet access for the office and they can use their  individual SSL VPN account for all their work access. After 20 minutes we have the Windows server acting as a NAT based router delivering 9Mbps of internet to 20 users.

We sit back and think… “thats pretty cool” but there was this little thing spinning in both Don and my minds and we both looked at each other and said, “Are you thinking what I am thinking?” and just like in the movies said “lets build a IPSEC VPN between Melbourne and Brisbane!” Ok maybe they aren’t that nerdy but you get the idea. Lucky for us, Don brought over a Juniper SSG5 firewall that supports IPSEC tunnels and we went about building a tunnel. We had a bit of work to do on the Brisbane end to get that side running, but after a couple of hours, we actually had a working VPN, across a 4G wireless service providing all of our corporate services such as DHCP, DNS, email, web, files, intranet and even believe it or not Cisco VOIP access to our Cisco Unified Call Managers!

This was truely an amazing experience and a long 16 hr day but it goes to show you with some thinking outside the square, you can pull of near miracle.

The wonderful world of Mac printing

At work after 12months of legal backwards and forwards, we have finally received our new MFD, a Ricoh Aficio MP C2051 multifunction device and by all first reports, its a very slick machine. All the usual print, scan, copy, fax, email etc. The functionality and usability has got to be up there with some of the best I have used and seen over the past 12 yrs.

However…

How well does it print with from my Macbook Air?

To start with, let me preface by saying printing is not my strong suit!! Not by a long shot.

I started by downloading the latest Mac OS X driver from Ricoh and installed it. Being a Mac, all they have are postscript drivers. Ok cool, that doesn’t worry me, never has before. I install the print driver, point it to the IP address and fire off a test print (1 page). I walk over to the MFD to see 60 pages printed and counting. I quickly cancel the job and investigate further.

After speaking with the trainer yesterday, she says “did you get the MFD with PS software?”, to my reply “didn’t know it was any option!” “Thats ok… it won’t cost much.” So I called our Ricoh sales rep today who informed me it was a small upgrade of $524 ex GST. Now I am the only user of Mac in the office and I just cannot justify spending that on one person to print… especially considering my printing is usually only personal.

So to off to google I go to see a few people with the same issues but different model Ricoh’s. I stumble across a page on the Linux Foundation forum where someone has been using a mix of Ghostscript, foomatic-RIP and HPIJS drivers from the HP Linux Printing and Imaging Project. Install the packages, which have been compiled into nice DMG installs. I add a new printer and select a HP Color Laserjet 8550 (YES HP DRIVERS!!) and point it to the MFD IP address.

I fire of a test print, select colour, select duplex and sure enough, there is 1 sheet of paper in the printer, with colour printing on both side of the sheet!! I am really happy with the solution, its not perfect but for what I print, its very much good enough.

So to do this install yourself, follow the steps below:

1. Download the 3 packages from the following Linux Foundation site. Install in the order of hpijs, foomatic, ghostscript.
2. Go to the printer control app by pressing CMD + Space, type Print in Spotlight and hit enter.
3. Add a printer, add the IP address, from the Print Using drop down, select “Select Printer Software” and choose “HP Color LaserJet 8550 hpijs”
4. Click ok and add the printer.

Slow Windows network browsing with Mac OS X Snow Leopard

Since February I have been a Mac user in a heavily dominated Windows/UNIX enterprise network. As Mac is not a supported platform in our organisation, it has been up to me to create clever and creative fixes to the hybrid environment. My MacBook Air is completely integrated in to AD with LDAP for authentication and I am running Office 2011 with outlook for email access to our Exchange 2007 environment.

Over the past couple of months, I have been finding it very difficult to access network shares. Some of the shares on the LAN are fine but as soon as I travel, I have to use creative solutions involving RDP, SSH and FTP to transfer files to and from my Mac. Today I am in our Melbourne office and I am trying to get a file from our US file share without any luck even connecting to the share. After a little research I came across an article from MacWorld regarding some tweaks to Snow Leopard that can resolving some SMB issues. I have just run these tweaks and after a reboot, all my shares have popped up connected, and browsing is a dream!! I wish I found this months ago!!!

Below is a modified version of the MacWorld tips that worked for me:

1. CMD + Spacebar to get to spotlight
2. type Terminal
3. In Terminal, enter sudo /Applications/TextEdit.app/Contents/MacOS/TextEdit /private/etc/smb.conf
4. Change the following lines from ‘yes’ to ‘no”
   • use spnego = yes
   • stream support = yes
   • ea support = yes
   • darwin_streams:brlm = yes
5. Save the file and reboot your Mac
6. Now when you connect, you should have a lot better response time to your Windows shares.

Wishlist

Everywhere around the week before Xmas is the usual mad Christmas ring around. The conversation goes something like this, “hey, how’s things? What do you want for Christmas?”… “nothing.”

So this year, I’ve decided that I’m going to you my blog to collate a Christmas whishlist and the people can choose what they would like get. Now some of these are massive and I do not expect anyone to buy these but they are for me as a goal to achieve.

My Wishlist:

1. Canon 5D mark ll (B&H – everyone’s gotta have a dream)
2. 3x Phottix Atlas wireless flash triggers (Phottix Atlas Online Store) Sorry one is no good… 2 is a great start but 3 is best
3. Manfrotto 496RC2 Ball head tripod mount (Cameras Direct)
4. To be updated in the future

You’ll Love How A Leica Is Made

How cool is this. I love photography and anyone who is serious will know who Leica is and what they stand for. Its an amazing process they go through to build a lens and you can really start to understand and appreciate the costs associated.

Lee

• Hey There!!

  One of my goals as an IT Manager is to move IT from the business basement and to be seen as a core function of any business and "not just another cost centre". Hopefully you will enjoy my articles and if you have comments or suggestions, let me know via email, twitter or facebook!

  Please note: These comments, post and other items are purely my expressions only and do not reflect any organisation I am affiliated with or work for.

• Recent Posts

  • Tips on providing remote support to other countries
  • Adobe Acrobat X cannot save files – read only or in use
  • Cisco Unified Communications Manager – why do you make my life hard!
  • Why I Will Never Shop At Another Woolworths Store!
  • BYO mobile devices… can this work in corporate society?

• Tag Cloud

  4g 2011 android apple bali byo c2051 C2051 mac os x printing camera Christmas Cisco cool shit elope good enterprise good technology google ios juniper lee leica lens lte mac mac os x MP C2051 photography presents printing remote office ricoh Ricoh Aficio MP C2051 routing and remote access smb snow leopard ssg5 steph telstra vpn wedding windows phone 7 windows server 2003 windows shares wishlist wp7 Xmas