joeware - never stop exploring... :)

Information about joeware mixed with wild and crazy opinions...


Microsoft MVP… To be or not to be.

by @ 1:47 pm. Filed under general

Every year I have to submit my "accomplishments" from the prior year to see if I still "rate" as a Microsoft MVP. This is the first year since becoming an MVP in 2001[1] that I have been pinged to be more specific about what makes me valuable enough to be an MVP. I think that could mean that I am on the edge or perhaps over the edge and on my way out. We shall see as the next award cycle when I learn every year if I am still good enough is Oct 1.

I really enjoy being associated with the MVP program. It was always good being able to evangelize and share my voice as a person a lot of folks know as a true honest voice with serious technical chops being able to see behind the curtains at Microsoft a little and assure people that they are good people and trying to help. Also being able to provide feedback internally with minimal hoop jumping has always been a great thing as well. I can no longer recall how many bug fixes and documentation fixes I have submitted over the years mostly all of which started after I became an MVP and started to feel some small sense of ownership over what they published and a sense of "I want this to be right because my name is associated with these folks".

I hope I get awarded again, but if the Directory Services Product Group no longer feels I am a valuable external real world deep tech expert that is entirely their decision to make and I appreciate the time we have had together. 🙂


[1] Funny story. When I was first awarded the MVP I didn’t know what it was and I refused it. The guys running the program at MSFT had to call me and talk me into accepting it. I was quite busy at the time ripping Microsoft to shreds in the newsgroups and other forums for doing stupid shit while I was simultaneously helping people protect themselves from the stupid shit. I refused because I thought they wanted to bring me in to get some level of control over me and what I posted. They assured me that wasn’t the case so after a few weeks I accepted and have been quite happy since being associated with the program. However I do realize that little by little over time I started to worry more about the NDA and what they could say I learned via NDA sources versus on my own and was less and less likely to post the dark underside and badness because NDAs are serious shit and I didn’t want to have to debate with them what I figured out on my own versus what I didn’t learn from NDA. Realistically I haven’t learned a whole lot from the NDA conversations, if anything it has been more useful so I could better respond to deeper more direct questions their folks have had of me.

Rating 4.60 out of 5


Mike Kline

by @ 8:27 pm. Filed under general

It is with great sadness that I share with the joeware community that Mike Kline passed away on February 24th.

Mike was a great guy. He worked for Microsoft as a Premier Field Engineer, was a DS MVP like myself for years prior to working for Microsoft, a very strong proponent and long time evangelist of the joeware site and tools, and although I never had the opportunity to meet him face to face – a friend.

I have no details on what happened (whether sick or accident or ??) but I wanted to take a moment to share this sad news for those who may have knew him or had enjoyed his comments, blog postings, etc.  

Mike will definitely be missed. My thoughts go out to his family for this loss.


Mike’s digital presence:

Rating 4.60 out of 5


How Completely Messed Up Practices Become Normal

by @ 4:25 pm. Filed under general

Absolutely awesome article.

As far as I can tell, what happens at these companies is that they started by concentrating almost totally on product growth. That’s completely and totally reasonable, because companies are worth approximately zero when they’re founded; they don’t bother with things that protect them from losses, like good ops practices or actually having security, because there’s nothing to lose (well, except for user data when the inevetible security breach happens, and if you talk to security folks at unicorns you’ll know that these happen).

The result is a culture where people are hyper-focused on growth and ignore risk. That culture tends to stick even after company has grown to be worth well over a billion dollars, and the companies have something to lose. Anyone who comes into one of these companies from Google, Amazon, or another place with solid ops practices is shocked. Often, they try to fix things, and then leave when they can’t make a dent.

Google didn’t go from adding z to the end of names to having the world’s best security because someone gave a rousing speech or wrote a convincing essay. They did it after getting embarrassed a few times, which gave people who wanted to do things “right” the leverage to fix fundamental process issues. It’s the same story at almost every company I know of that has good practices. Microsoft was a joke in the security world for years, until multiple disastrously bad exploits forced them to get serious about security. Which makes it sound simple: but if you talk to people who were there at the time, the change was brutal. Despite a mandate from the top, there was vicious political pushback from people whose position was that the company got to where it was in 2003 without wasting time on practices like security. Why change what’s worked?

The data are clear that humans are really bad at taking the time to do things that are well understood to incontrovertibly reduce the risk of rare but catastrophic events. We will rationalize that taking shortcuts is the right, reasonable thing to do. There’s a term for this: the normalization of deviance. It’s well studied in a number of other contexts including healthcare, aviation, mechanical engineering, aerospace engineering, and civil engineering, but we don’t see it discussed in the context of software. In fact, I’ve never seen the term used in the context of software.

Rating 3.75 out of 5


Enabling Adware Killer in Windows Defender

by @ 11:26 pm. Filed under general

To activate the adware killer feature in Windows Defender an entry in the registry under

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\ Windows Defender\MpEngine

with a DWORD named “MpEnablePus” with the value “1”.

Rating 4.00 out of 5


Awarded 2015 Microsoft MVP for Directory Services

by @ 7:16 pm. Filed under general


I tricked Microsoft again… I have been awarded the Microsoft MVP award for Windows Server Directory Services for 2015. Every year starting in and since 2001 now.

Doesn’t much matter at work though. I still have people who have never even logged into a production Domain Controller who feel their opinion has the same technical weight as my knowledge. It would be funny but when it all goes to shit they expect me to rush in and fix their bad decisions.


Rating 4.73 out of 5


Slide Deck from DEC 2008 Dean and joe Show

by @ 8:41 pm. Filed under tech

This slide deck was previously available on From the Directory Experts Conference in 2008.


Rating 3.00 out of 5


About Damn Time Microsoft – Split Brain DNS on Windows Server DNS

by @ 8:23 am. Filed under tech


Suppose the career website of is hosted at . The site has two versions, one for the internal users where internal job postings are available and is available on a local IP The public version of the same site is available on public IP In absence of DNS policies, the administrator had to host these two zones on separate Windows DNS servers and manage them separately. Using DNS policies these zones can now be hosted on the same DNS server.


In Windows Server 2016 Technical Preview 3, the DNS policies support has been extended to Active Directory backed zones. Active Directory integration inherently provides multi-master high availability capabilities to the DNS server. Inearlier blogs, we had seen how to configure DNS server policies for different scenarios on file backed DNS zones. But as many of our customers use Active Directory environment, it was needed that the traffic management capabilities of DNS policies were extended to the Active Directory integrated zones. In a previous blog, we discussed how DNS policies and zone scopes could be used to setup a split brain DNS system on a single Windows DNS server.  Split brain DNS deployment has been a long standing conundrum for DNS administrators. A DNS deployment is said to be split-brain (or split-horizon) when there are two versions of a single zone, one for the internal users and one for the external users – typically users on the public internet.


I have personally been asking Microsoft for a BIND VIEW like capability since probably 2002/3.

Rating 4.50 out of 5


Great deal on Electric Tankless Water Heater

by @ 1:00 pm. Filed under alternatives

I had a tankless water heater in my old house and I have missed it considerably. The daily deal (next 14 hours) at Amazon happened to pop up with a tankless I have been looking at at Home Depot for about $240 less than Home Depot so is only $360 right now so I jumped all over it. Sharing with you guys in case you are in the market.

Rating 3.00 out of 5


40% Off Selected LifeStraw Products Amazon Daily Deal

by @ 11:54 am. Filed under general

This is very cool stuff.

Out hiking and need water but afraid to drink from local sources? Get the lifestraw water bottle and fill it and drink with confidence. Going to a country where you aren’t sure about the water supply (hello my friends going on vacations to exotic places or traveling to those low cost centers for work!!!)

OH, and if you are Amazon Prime, you can select slower shipping but get a $5 credit for Amazon Pantry!!! Say you buy 2 or 3 water bottles or straws or some mixture, order one at a time and select the slower shipping for each one individually. That has worked in the past for me for when they would give Amazon Digital Media discounts for selecting slower shipping. So if it works for this, 3 straws ordered individually at $14.29 each would all be eligible for an additional $5 credit on Amazon Pantry.

Removes minimum 99.9999% of waterborne bacteria (>LOG 6 reduction) and surpasses EPA standards for water filters

  • Removes minimum 99.9% of waterborne protozoan parasites (>LOG 3 reduction) and filters to an amazing 0.2 microns
  • Filters up to 1000 liters of contaminated water WITHOUT iodine, chlorine, or other chemicals

LifeStraw Go Water Bottle with Integrated 1000-Liter LifeStraw Filter

Rating 3.00 out of 5


Local Admin GUIs On a Server Are Poison

by @ 12:52 pm. Filed under tech


"Local Admin GUIs on a server are poison. It’s like heroin, you know your first shot oh so nice and then all of a sudden your life is ruined and you end up dead."

  – Jeffrey Snover… Trying to keep people from dying from local admin GUI poison since 2001.

  – joe

Rating 4.50 out of 5

[joeware – never stop exploring… :) is proudly powered by WordPress.]