We have been doing a migration from an older print server to a new one. I worked with the print server administrator to write a script that would make it easier to migrate workstations over to the new server. He had already duplicated the printer shares from the old server to the new one. We just needed a way to point the workstations to the new server. Here is what we wanted the script to do:

• read all network printers into an array
• read default printer into a variable
• delete all network printers that start with \\OldPrintServer
• add back all of the printers in the network printers array but use \\NewPrintServer as the servername
• If the original default printer was a network printer…set it back to that same name on the new server.

Here is what I came up with. There may be issues with line wrapping below. It is also available for download.

‘***********************************************************
‘***********************************************************
‘   Print Server Migration Script
‘
‘    Author:            Jarvis Davis
‘    Company:        Campus Crusade for Christ
‘    Creation Date:    May 29, 2008
‘
‘    Purpose:        To migrate workstations from one print server to another
‘                         while maintaining the same printer names and default printer.
‘
‘    Assumption:        This is assuming that you have already migrated the printer
‘                    objects from one print server to another, and that the printer
‘                    share names have stayed the same.
‘
‘***********************************************************
‘    General Flow:
‘    * read all network printers into an array

Read the rest of this entry »

As part of the SCCM system that I am implementing, I am trying to streamline and automate as many functions as possible. I currently have an SCCM Task Sequence set up that can run a complete computer install (partition disk, format, install Vista, apply device drivers, install programs, install updates, etc) with no administrative input. One aspect that I am not able to automate is adding the domain user to the local administrators group on the workstation. I don’t want to use Group Policy to add a group…I don’t want everyone to be an admin on all workstations. I want to limit it to just the user being an admin of their single computer.

I had hunted for a way to do this in as fast a way as possible, which rules out using the GUI…it needs to be scripted. I tried it in VBscript, but simply could not get it to successfully add a user who was in a sub-domain. It would work for the top domain, but not for the sub-domain.

So I switched my thought process to PowerShell. I don’t know that I will ever go back. I had a working script in probably ten minutes. I then modified it and gave it some better logic, but even that went quickly. Honestly, the part that took the longest was learning the syntax for PowerShell. The script is below. You can also download it here. (PDF…my hosting provider doesn’t allow script or txt file uploads.)

###################################################################
# Name:            Add2Admin.ps1
# Author:        Jarvis Davis
# Company:        Campus Crusade for Christ
# Creation Date:    April 2, 2008
#
# Purpose:        To quickly and easily add/remove a domain user to/from
#            the local administrators group on a computer
#
# Inputs:        It accepts the first four strings after the script name
#            and puts them into variables Read the rest of this entry »

After switching to Vista (18 months ago…beta 2), I realized that my logon script wasn’t running anymore, but I didn’t really pay attention to it until this week…I’m needing to roll out Vista computers to some users at the office…so I need the logon scripts to work. In doing some research I found out why they don’t work. I won’t do a full write up of the reason, but basically it has to do with User Account Control and whether or not the user is a local admin on the computer. You can read a decent description of the issue here.

To get the logon script to work in this instance, you need to use a script named launchapp.wsf (scroll all the way to the bottom of that link) that you can get from the Technet site. That script is one that you use to launch your logon script. It schedules the script to run as a task as the interactive user. It works well…but there are a few issues that I read about and experienced personally.

First, launchapp.wsf does not work for an XP client. So…if a user logs in on a Vista computer and an XP computer…the logon script will work on one or the other…but not both. Or if you are using a GPO to assign your logon script, then it will only work for either XP computers or Vista computers.

Second, if you run multiple scripts (or the same script multiple times), the first will run, but the others will fail. This is because launchapp.wsf creates a scheduled task with a name of “Launch App As Interactive User”. It fails because it can’t create the second task with the same name.

So, I set out to fix those two issues. First, let me say that I am not a great scripter. I understand VBScript. I can write it…I’m not great, but I am adequate. One aspect of script writing that I am very good at is copying something that someone else wrote and massaging it to fit my purpose. That is what I did to fix these problems…a combination of massaging others’ code and writing some of my own.

To fix the issue of launchapp not working with XP, I added a section of code that determines the OS. If the OS is XP, it runs the logon script normally. If it is Vista, it runs it via scheduling the task.

Fixing the multiple scripts / multiple runs issue was more difficult. What I was able to deduce is that the issue is a missing setting in the original launchapp.wsf that you can copy off of the Technet site. Basically when the task is scheduled, it doesn’t expire. I dug through and found the property to set (EndBoundary). I set the script to make the task expire in two minutes. To do that I had to find a way of adding two minutes to the current time and format the date/time to fit the way that EndBoundary requires.  Once adding that to the launchapp script, it wasn’t a problem.

You can download my modified version of Launchapp (PDF…my hosting provider restricts what kind of files I can upload…TXT is not one of them.). The pages that I used as reference material, or that I copied code from can be found here, here, here, here, here, here, here and here.

Let me know if it helps or if you have suggestions of how to improve it.

I heard back from Covenant Eyes about the crashes that I had been experiencing. This is an issue that was introduced with an upgrade that they released on January 17. They are still working on fixing the issue, but they did send me a link to be able to download the prior version. The version that introduced the crashing issue is 4.2.7c. I have downgraded CE to version 4.2.6b which was working without crashes.

If you have been having issues with CE crashing, not staying logged on, etc, you might want to try uninstalling the current version and using 4.2.6b until they resolve the issues. They will email me when they get the issue resolved, and I will post here again.

I’ve made no secret that I dislike our corporate anti-virus software. Had a really good conversation with our guy who manages the system yesterday (Jeff), and he isn’t completely happy with it either…he just ran out of time to evaluate other options before the contract was going to expire and needed to be renewed.

Anyway, I just found out from Jeff that Panda removed the silent install switch from the installer. They did WHAT? For IT guys installing software on lots of machines…the silent install switch is a must. We use it to be able to install software in the background with no user interaction. This makes it easy for us to scale a deployment…to automate it so that we can push the installer to a large number of computers at once without having to be concerned about whether a user sees what is going on or not.

And Panda removed that option. Lovely. Let me add it to my growing list of reasons I dislike Panda Anti-virus.

One nice feature that I have enjoyed in Vista is the Reliability Monitor. (Press the Windows key and start typing “reliability” in the “start search” area on the Start Menu. Then click on Reliability Monitor.) This feature will give you a history of how stable/unstable your computer has been. It will list success and failures per day for each of the following categories:

• Software Installs and Uninstalls
• Application Failures
• Hardware Failures
• Windows Failures
• Miscellaneous Failures

This is great for troubleshooting what is going right/wrong with a computer. In particular…have you ever asked a user whose computer is going nuts the question, “Have you installed anything recently?” Of course their answer is always, “No.” Well…open up Reliability Monitor to find out the real answer. Hmmm…it looks like right about the time you started having problems that you installed WeatherBug. “Oh yeah…I forgot about that one.”

I have been using Reliability Monitor to watch a couple of troublesome apps that I have running on my computer. I’ve watched my reliability index drop from 9+ down to a low of 2.92. I’m having issues with our corporate antivirus (Panda…stay away from it in my opinion.) as well as Covenant Eyes. CE worked great up until an update that they pushed out in mid-January. It’s been crashing a lot since then…frequent instances of nmSvc.exe stopping working. They had an incremental upgrade today…hopefully that will resolve the issues.

Anyway…I’ve been monitoring that, but when I checked the chart this morning, I noted that there had been no updates in the last seven days. Hmm…that’s odd…so I started digging. One of my first stops was to look at the System Event Log to see if there were any errors related to Reliability Monitor. Instead what I got was a message that it couldn’t read the data in the event log. For all appearances, it appeared that the event log is corrupt.

After choosing to clear the event log (without saving changes…it wouldn’t let me because of invalid data), I kicked off the RACAgent task (Task Scheduler, Task Scheduler Library, Microsoft, Windows, RAC…change view to show hidden tasks). When I went back into the Reliability Monitor I could now see the data for the last week.

That is a bit odd/frustrating…instead of reporting that in the monitor as an error, it gacked and hung the monitor.

For anyone who read my post on Network Solutions being evil…they finally released the hold on my preferred domain and I was able to purchase it this week. If you are viewing this in a web browser, you can see that you are now on verbalprocessor.com instead of verbalprocess.wordpress.com. Both will continue to work, although the wordpress.com one is simply a pointer to verbalprocessor.com.

If you are seeing this in an RSS feed, update your feed URL to verbalprocessor.com/feed.

This weekend I was all set to register a permanent domain name for my blog. It would still be hosted here at wordpress.com, but would have my personalized domain name instead of verbalprocess.wordpress.com. I knew there were lots of domain registrars out there, but went blank on all of them except for the one that is doing a fair amount of TV advertising…godaddy.com…which I refuse to use because of their insistence on using sex to sell their services.

So I did a quick Google search for “domain registration” to remind myself of other registrars. One of the first ones in the list was Network Solutions. Okay…(my mind said) that’s one I can trust…they were after all the first registrar back in 1993. So I did a search off of their home page to see if the domain name I had chosen was available. [Warning...don't do this at Network Solutions' website. Keep reading to find out why.] Sure enough, their site came back telling me that the domain name was available. So the next step…

I headed back to my wordpress.com dashboard and started going through their process of having them register the domain name and link it to my blog. I kept getting an odd message…it wouldn’t register the domain…it acted like the domain was already owned by someone.

So I sent a message to WordPress.com support (which I found out is only available from 8am-4pm Pacific Time). The message came back from them that “It looks like another registrar is holding onto this domain.” They pointed me to a whois page that showed the following, “This domain is registered through Network Solutions.” WHAT?

I checked another registrar…sure enough it came back that my chosen domain was taken. But if I go back to Network Solutions, the domain is available…ONLY through them. That flipped the switch in my mind. I thought I remembered some news articles about some registrar domain tasting. Sure enough…it was Network Solutions…see articles here, here, here, and here . They started this practice in December 2007. There has even been a class action lawsuit brought against Network Solutions and ICANN because of this.

Did Network Solutions actually buy the domain? No. They are using the five day grace period to keep it with themselves for four days. This also opens up this domain to being sniped up by folks doing domain kiting…which would effectively keep me from ever getting it. Because of this practice, there is no way that I will ever knowingly give Network Solutions any of my business. 

Is it the end of the world that I can’t get my domain name right now? No. Is it an unethical practice for Network Solutions to engage in? Absolutely yes. Would it be good for everyone who reads this to register a complaint with the Better Business Bureau (of which Network Solutions is a member)? I’ll leave that to your discretion…but I will provide a link to do so.

In the end…Friends don’t let friends use Network Solutions.

[Update: After waiting five days, I was able to register the domain that I wanted.]

I realize the picture below is pretty bad…it was taken with my phone in less than optimal lighting. At first glance it doesn’t appear to be anything exceptionally unusual. It’s just a computer where someone is setting up an ODBC connection to a database.

What made this one comical to me is that the monitor that this ODBC setup was taking place on was a giant flat panel monitor hanging above the baggage claim carousel in the Wichita airport.

Dude…next time you might want to turn off that screen before you go advertising your database server’s name and other info to everyone waiting on their luggage!

And yes…I blacked out the server name…just in case. I really don’t want a visit from Homeland Security! Although honestly, the picture was such low resolution that you couldn’t make it out anyway.

A friend emailed me this morning asking for a recommendation about online backup options. I knew that I had posted before on this topic, so I was just going to forward the links to him. But in reading the two posts (here and here), I realized that I never posted the follow up that I said I would. Well…better late than never.

For people who don’t feel confident in doing technical things, I would still recommend Mozy.com. Also, if you have more than 33GB of data, Mozy is your most cost effective backup solution.

For those who can handle a small amount of technical setup, you can use the service that I use. My data is using Amazon’s Simple Storage Service (S3). The data is on saved on the same servers that run Amazon.com, and as a result have the same geographically dispersed backup system. They did have a recent outage, but nothing was lost. And honestly…for backup purposes, I was never concerned. The liklihood that I am going to need to pull something out of my online backup during an outage is extremely slim.

All that said…I have about 12.5 gig of data in my online backup (digital pictures and music make up the majority of the space). I think my charge from Amazon last month was $1.99.

The program that I use to upload/synchronize/download/encrypt my data is JungleDisk. It costs $20 for a lifetime license…and you can install it on all of your computers. So…I paid $20…I have it on my work laptop and my home desktop. Both of them are backing up. The nice thing is that if my wife needs one of the files (digital picture maybe) from my backup, she can go to the S3 backup through JungleDisk and pull it out. If I need a file from her backup, I can do the same thing. That has been very handy. It has an automated backup function, and is just all around very easy to use.

One really nice thing is that it is so cheap to simply try out. JungleDisk has a 30 day trial. And you only pay for the amount of space you use on S3. So even if you tested it with a gigabyte of data, you would only spend 25 cents for the first month.

One thing to be aware of…choose a good encryption key. Don’t use a simple encryption phrase…your data security is only as good as the encryption key. And…once you choose a key…don’t lose it. If your computer dies, and you don’t remember the encryption key…no one can help you…you just lost your data. Also…having dealt with a similar issue when my cousin died recently (link, link and link), it’s not a bad idea to let someone that you trust know where they can find the password/encryption key/etc in case you die. Your spouse/family might need it to be able to get to your data.

If you have worked with Windows systems for long, at some point you have seen the infamous 80004005 error code. It seems to pop up everywhere. Problem is that it is a bit infuriating to try to figure out what it means.

Last year I was at the Microsoft Management Summit, and Johan Arwidmark was giving a presentation on Operating System Deployment. During the presentation, he mentions that error code. He then asked the audience if we would like to know what it meant. Since all of us had seen it and been frustrated by it, all of our ears perked up. What does that crazy code mean?

Johan then let us know. In his characteristic deadpan delivery he informed us that it means:

“That thing you were trying to do…it didn’t work.”

When I arrived in Oklahoma on my trip to my cousin’s funeral, one of the big tasks was getting into my cousin’s computer. She had left it turned on and locked. She had changed the passwords for every administrator account on the computer to passwords that no one else knew. In particular, there were four programs running on her computer that my aunt was really wanting to be able to see what was on her computer screen. We figured one was probably a web browser, one was her instant messenger program, one was possibly her Bible program, and the fourth was an unknown.

Since I am the computer guy, they asked me to see if I could get into it. Because we didn’t know the password to any of the admin accounts, it wasn’t possible to simply change the password and log in. We also didn’t want to shut the computer down, because that would lose whatever was on her screen. That left us with guessing passwords. Over the course of two days, we probably entered three hundred potential passwords…everything we could think of related to Christianity, Lutheranism, her EMT studies, her boyfriend, other family members, birthdates, as well as some of the more common simple passwords (qwerty, 12345, asdfjkl, the word ”password”, admin, a blank password, her username, etc). All to no avail. (BTW…side note…if your password is any of the common ones listed, don’t bother…anyone wanting to get into your computer will be in it within half an hour anyway. Change it to something that will actually be useful. Personally, my passwords are typically sentences…around 24-35 characters.)

I had let my aunt know that a Plan B…if we couldn’t guess the password…was to shut it down and I’d take the hard drive out, pull off the password files (SAM database and System registry hive), and crack the password offline. On Friday night we got to that point. I threw the drive into an external USB enclosure, and pulled those two files out of c:\windows\system32\config. I then downloaded and installed Cain on my computer and started the cracking process. The initial pass did not crack the password, so I loaded a dictionary file that I have used when doing password auditing for the organization I work for. That dictionary file has 1,425,824 “words”…essentially any combination of characters that you want to run through a password cracker. I don’t remember where I got the original version of that file, but it is an almost 16MB text file. Less than ten minutes later, we had her password…laryngoscope. Definitely not one that we would have guessed any time this year.

That leads me to another statement. If you don’t maintain physical security of your computer…you have no security. I couldn’t guess Carrie’s password, but once I took the hard drive out, I had all of her files within minutes. Now…if the files are encrypted…that’s a whole different ballgame. Without the encryption key, I’ll never read the files.

For the last few years, my cell phone has been a PDA phone. My first PDA phone was a Treo 650. Very nice phone. At some point last year, I had the opportunity to switch to a Windows Mobile 5 based phone (PPC6700) for no charge…essentially I could sell my Treo 650 for the same amount I could buy the PPC 6700 for. No brainer…right?

I will say that I did enjoy a few things about the phone. I liked the large slide out keyboard, the touchscreen, voice dialing, internet access. It was difficult to make a one handed phone call with. A friend of mine calls it the “tree phone”…if you try to make a call while driving…you will hit a tree.

There was one particular aspect of the phone that I despised…battery life. Standby time could be summed up as “you dang well better plug it in at night.” Talk time? How about using one percent of battery per minute talking?  Oh yeah…those times are with everything but the phone turned off. Wi Fi is turned off. Bluetooth is turned off. Not connecting to the EV-DO data network. If you turned those things on…it was much worse. Battery life made the phone just simply unusable.

I’ve been looking at other PDA phone options for a while. Because I’m with Sprint, I restricted my looking to phones offered by them.  I hadn’t found one that I thought would be better, so I kept holding off. Then in December I noticed that Sprint had a new phone…the Motorola Moto Q 9c. After doing a bit of research I found a few interesting tidbits. Read the rest of this entry »

A year or so ago a co-worker of mine had his Dell Latitude laptop at home. He had a webcam hooked up to it and was attempting to get his infant son to smile/laugh/something into the camera so that his grandmother on the other end could see it. So he is bouncing the kid attempting to get the smile/laugh, and the kid throws up on the laptop…just puked all over it. He quickly puts the kid down, unplugs the computer, takes it apart, cleans it out, but it was too late…it was toast. The next day he calls Dell’s tech support and told them exactly what happened…didn’t even try to fudge it…”my kid puked on the computer.” The response? “Let’s see…you have CompleteCare. No problem. We’ll send the parts to the technician, and he’ll come to your house to fix it tomorrow.” No questions asked…simply “we’ll fix it.” Very nice!

A couple of weeks later my co-worker was in a meeting with our corporate Apple rep. I’m pretty sure that it was our Apple rep along with the regional sales manager also, but I’m not totally sure about that aspect. Anyway, my co-worker told them about what happened with his computer and how Dell responded. He then asked them, “What would Apple do in this situation?” Apple’s response?

“We would sell you a new computer.”

Let me repeat that in case it went by too fast for you…

“We would sell you a new computer.” No apologies. No qualifications. What awesome customer (no) service!

I like the fact that the computer that I am writing this on (Latitude D830) has complete warranty. If something flips out, I will have someone coming to my location the next day to fix it, and I’ll be back up and working. I depend on my computer too much to risk being unable to do my job while I ship the computer off for repair service. For that matter, I had another co-worker who was on his way out of the country one time and had the following experience. This next quote is a correction from my original post. He saw my original post and replied with the correct story via e-mail. I copied in his email with his permission…and left his name out per his request.

“I was flying to Japan. The night before, in Orlando, certain keys would no longer work - to the point where I couldn’t even log in to the machine. I did what I could that night but couldn’t fix it. The entire keyboard was hosed. I called Dell during my layover in Dallas and a tech came to the residence I was staying at in Portland. He replaced the keyboard before I flew out of the country the next day.

“Obviously I don’t believe Dell is perfect b/c, as a veteran tech, I have had my share of frustrating experiences with them. Still, this is one of my favorite stories about excellent customer service.”

Oh…and before someone replies with the tired old comment of “Macs don’t break.” Just stop. We all know that’s not true. Don’t even think about throwing that garbage around. I work around entirely too many of them to believe that.

Now…I know this story is likely to annoy a few Mac fanatics. I am not trying to flame bait the Mac community. This post is simply relaying actual events and actual conversations that my company has had with Dell and Apple. But based on the response to my previous posts that highlighted a security issue with Leopard and the attitude of certain Mac users, I know that a bit of flame response is a possibility. If you feel you must…go ahead…I have thick skin; I can handle it.

Last week, I mentioned a security issue in Leopard (and got a lot of response). This week I take Microsoft to task over something less severe, but a lot more annoying to me. Windows Media Player 11 and DRM (Digital Rights Management). In previous versions of WMP, there was an option to back up the licenses for any music you had bought and then restore on a new computer or after a rebuild.

For some reason that defies logic, Microsoft quietly removed the ability to back up licenses in WMP 11. That’s right…no ability to back up the licenses. So…you’ve bought 100 songs online. The licenses are safely locked away on your computer. Your hard drive crashes…or you get a new computer…or you decide to rebuild your computer. You can copy the music files over…but they won’t play without the licenses. Not exactly customer friendly. Microsoft’s “solution” to this problem? You can find it at this link. Basic gist is to re-download the licenses from where you bought the music…but oh yeah…not all stores allow you to re-download the licenses…you’re just out of luck.

I’ve got a few words for Microsoft.

DRM - Dumb. Rotten. Move.

I have been happy to see that Wal-Mart and Amazon have started to sell DRM free music…256K MP3 in Wal-Mart’s case. Not sure what level of MP3 Amazon is selling. I’ll be going there from now on. Both of them are limited to music put out by EMI or Universal. (Was going to buy some Toby Keith songs the other night, but backed off for now because they weren’t available as MP3s.) Ars Technica had a good article on this recently.

From time to time I have had a need to run a program in the context of the Local System account instead of my user account. Typically this is in troubleshooting a program…a program that runs as Local System. It doesn’t do me much good to troubleshoot that program if the program is running under my user account’s security context. I need it to run as System…which has more rights…most of the time. I have had to use this a few times while working with SMS 2003 and SCCM 2007. Both of them run as the local system account.

So…how do we do that? In XP, 2000, Server 2003…you can do this very simply. You will need to be logged in with an account that has administrator privileges. Open a command prompt (Start, Run, CMD). At the command prompt type the following line. Replace 01:23 with the current time in 24 hour format + one minute. i.e. if it is 3:42 in the afternoon, enter it as 15:43.

at 01:23 /interactive cmd.exe

This schedules a task to run cmd.exe at the time you specify. When the CMD prompt pops up, it will be running as Local System. Be very careful. Note: you will only see this if you are at the console of the computer…so if you are connected to a server via Remote Desktop, you will not see the prompt come up unless you are connected to the console. I’ve been bit by that more than once…today as a matter of fact.

Now…what about Vista? I was bummed to see that this did not work in Vista. Good for security…bummer for me. So tonight I set out to find a way to do this. Cool thing is that the answer was actually pretty easy…and can be found on Microsoft’s site. Download PSTools from SysInternals. Microsoft bought SysInternals in 2006. Extract the files. You will use the file named PSexec.exe. 

You still need a CMD prompt, but there’s an extra step… You will need to find the shortcut to the CMD prompt (Start, type CMD in the search box and wait for it to locate it…should be pretty fast). Once it locates it, right click it and choose to “Run as administrator”. (Do this even if your user account is an admin.) Once this opens, change directory til you get to the folder that contains PSexec (unless psexec is in a folder in your PATH already). This is where the magic happens…type the following line. (-i is for interactive, -s is to run as system)

psexec -i -s cmd.exe

The command prompt will look like:

Once you hit enter, another command prompt will open that will be running as the system account (NT Authority\System).

NOTE: you can use these instructions to run any program as System. If you had a dire need to run Calculator or Solitaire as Local System…you could do that…just replace cmd.exe with the executable file for the program you want to run. I will also say again…be careful. Don’t do this unless you really need to…and unless you are prepared to take responsibility for anything you might mess up by doing so!

Have fun! Actually…who am I kidding? This isn’t meant to be fun…it’s meant to be useful. Now…go get some work done. ;-)

Just received a comment from Jon at Geek Stuff referencing my Why I Do Not Want a Mac post as well as the comments left by “max”. It prompted me to read the post on Jon’s blog that the comment came from. Wow…what a well written post. Thanks Jon.

Definitely saw a spike in hits and comments from my two Mac posts yesterday. In particular I apparently got under the skin of “max”. He first responded to the post on Why I Do Not Want a Mac…a post where my reasoning was because of how some Mac fanatics treat PC users with disdain. It wasn’t an attack on the technology or on Mac users…it simply stated a truth about the way that some Mac people treat PC users. Max then proceeded to comment on quite a few other posts…

Well, max, you did a great job of being an example of the Mac fanatic. You attacked PC Users, the fact that I go to church, my sofa, my gun ownership, my Peyton Manning post, the fact that I desire to protect my wife, my sense of humor, my sense of humor again, the fact that I enjoy hunting, and you defended a guy who cared more about his DVD player than his child. You did such a great job, that I have to wonder if you are just trying to bait me into attacking back. Sorry bud…even if you treat me with disdain, I will treat you with respect. I’m not perfect in this regard, but my desire is to treat people in a loving manner regardless of how they treat me. Why? Short answer…because you are worth being treated with respect. Long answer…I’ll refer you again to the C.S. Lewis essay from my original post.

I’m not really sure why you felt the need to post so many comments on my blog, but honestly I welcome your comments. I’m more than willing to have a dialog with you…just use my contact page with a real email address. Somehow I doubt you’ll take me up on that, but the invitation stands. Regardless…I hope you have a really good day today.

A bit of background…I’m an IT professional. My expertise is in the arena of enterprise level systems management. I have been working with Microsoft systems for approximately thirteen years. Occasionally I’ll get asked something similar to “why don’t you want a Mac”, “don’t you wish you had a Mac”, etc. Normally I just politely answer that, no…I don’t want a Mac…and go about my business.

I’ve been considering this blog post for a while and finally decided to write out the primary reason that I do not now…or any time soon…want a Mac.

Primarily…the reason I do not want a Mac…certain Mac users…not all of them…just the arrogant ones. Everyone knows the ones I’m talking about. They aren’t just Mac users…they have joined the Cult of Apple. They proselytize on behalf of a computer. (To paraphrase “Fake Steve“.) And…way too often…they treat non-Mac fanatics like they are idiots…people who simply aren’t bright enough to see that Apple is in all ways superior.

It can’t possibly be that some people actually prefer a PC. It can’t possibly be that Microsoft has ever done anything right. Can’t possibly be that there are valid reasons for a user to want a Windows system instead. And heaven forbid…don’t dare say that Windows might actually be better at something than a Mac…that’s heresy punishable by a flogging with iPod earbuds. No…the simple answer for Mac Cultists is that Windows users are just stupid. Give them a condescending pat on the head and send them away…maybe they will get a real computer someday.

And as for Apple…the company seems to want to foster that mindset. Their “I’m a Mac, I’m a PC” commercials certainly lend themselves to this.

Now I have to say…not all Mac users are like this. I am referring to the Mac cultists. Those who are snobby about their computer choice. Those who treat non-Mac people with disdain. Those who can’t speak of a PC except with a condescending tone of voice. Perhaps they don’t realize that they are treating people this way. Perhaps they simply don’t realize what they sound like. It might do them good to read this essay by C.S. Lewis on how we should treat those around us. (It would do all of us good to read that article…I know I need to be reminded often…even as I write this post.) And honestly…when people act like that…they just aren’t a lot of fun to be around. I’m not an idiot…I just have a different computer preference.

If you want to win people over to using a Mac…you’d be more successful by being nice.

So…with all that said…do I want a Mac? Simply…no.

Mac’s new Leopard operating system included an “upgraded” firewall. However, according to security researchers (Leopard Has More Holes Than Spots), it’s not exactly an upgrade. Matter of fact it had some serious issues. Such as shutting off by default (even if you had the firewall turned on before upgrading). Such as having fewer options than the previous version for what to allow or block. Such as the “block all” firewall option not actually blocking everything.

Apple has since released a flury of patches to fix many of the issues, but it begs the question…why on earth did they think it was a good idea to turn OFF the firewall by default? Again…going back to a statement I made in my iPhone vulnerabilities post…didn’t they learn anything from mistakes Microsoft made in the past and fixed years ago…going back to XPSP2?

Another note: the patches that Apple released on November 14-15. There were 41 (yes, forty-one) patches released on the 14th to fix issues in OS X and Safari. Another three patches on the 15th to address firewall issues. [Note: in the comments below, nak mentioned that these numbers may be incorrect. I got the numbers from the article linked to above. I honestly don't know who is right...nak or the article.] Never heard any uproar about that. Now…if Microsoft released 43 patches over a period of two days to fix a single OS…I am positive that there would have been all kinds of bad press about the “demon software giant” that keeps releasing shoddy software and has to release 43 patches in two days to fix it. In particular, I am confident that Mac users would have been gloating about the “idiots” running Microsoft software.

However…Apple gets a pass. No uproar. Nothing. Heck…I didn’t even know that there had been that many patches until an hour ago. For certain my Mac friends weren’t about to say anything to me!

Anyway, thinking about all of this finally got me motivated to write a post I’ve been contemplating for a while now…Why I do not want a Mac. And my reasoning has absolutely nothing to do with the technology…