What is your big story?

Have you seen the Chipotle video called The Scarecrow?

It is very interesting, to me at least, and possibly the few million folks who have taken the time to look at it. I think it is possibly interesting for reasons that are not so obvious.

Sure, the message of locally sourced, more organic, fresh and healthy, less chemicals and preservatives resonates. It is a good story, and most of us want to be healthier and want our kids to be healthier. And sure the viral nature of the video and how Chipotle used a relatively innovative approach to marketing is very interesting. Really, at the end of the day, Chipotle wants to bring more people into their stores. They did not produce this video and the game and the other sort of subversive content to make the world a better place, they want to and need to get butts in seats and sell burritos, right?

What has my attention here is telling a bigger, broader story. Not telling people how great Chipotle is (which it is IMHO), barely mentioning the brand at all, barely mentioning even the market place Chipotle plays in is very purposeful. It is tapping the new world order of marketing. It is using the social media reality to spread a bigger story. It is touching more and more and more people with the story and they all will remember Chipotle. The next time they drive past a Chipotle they will think "hey, I haven't been there in a while. I think I'll stop in". At least that is the goal.

This is not intended to be cynical in anyway. I think telling a bigger, broader story can help an organization keep focused on core values, mission and vision.

The company that currently employs me is a great company. Some incredible technologies and technical leadership that has real vision. I joined this company to be a part of that technical vision and to idealistically help form that vision and be a part of its evolution. At the end of the day we sell widgets. We talk often of typical case studies, like companies that sell refrigerators. The don't sell refrigerators, they sell cold beer. Of course the example above abstracts this even further.

How many software companies, regardless of what they actually have, sell Security? It was the term that every Independent Software Vendor marketing team wanted to get into the message. "We make you more secure!".

Today it is Cloud! ISVs around the world are rapidly trying to wrap a message around Cloud, whatever that means. Cloud is not simple, it has lots of moving parts. The goal is to abstract some of the complexity and allow organizations to focus on what to deliver instead of the fabric. Some concepts are worked out in this post on Cloud definitions.

The above two examples are jaded. They are typical marketing of a message because people are searching for those specific messages. Not because it is a belief that is where a message fits.

Finding the broad message, what is important to your company, what makes your company tick, aligning that with something that is important to an incredibly broad audience is the challenge. Doing so with integrity and honesty without being contrived is the key to success.

We make the complex simple. We help IT people spend more time with the families, we save marriages <g>. Drawing a picture of a world that has been dominated by large mega companies. Showing how those companies continue to build larger and larger complex solutions is important. It is that legacy that we fight against. These large companies selling super complex solutions are just trying to move themselves forward. They need to have customers who buy their story. And for most IT people their world is so confusing they don't know where to look. It can be easier, it can be simpler, it can be more cost effective and you don't have to give up functionality or scenarios. You just need to embrace the vision of solving complex problems simply. And stop buying into the story that the only way to solve complex problems is to utilize complex solutions. Just not true.

"We cannot solve our problems with the same thinking that created them." Albert Einstein

Group Policy 101: Troubleshooting

This is not intended to be an exhaustive walk through of Group Policy troubleshooting. It is really just a summary of a specific experience.

I realized when discussing this with my colleague Heather that it could make an interesting post. What we found interesting was that we typically *assume* some baseline knowledge when we work through tricky situations with our customers. We shouldn't. We should make sure to check all of the basics and walk people through common steps.

So, here is the story

I was working with a customer who was having issues with getting Specops Deploy to work as they expected. Now, even though this was troubleshooting Specops Deploy it demonstrates the same steps for just about any third part extension to Group Policy.

In the first 30 seconds of our discussion I realized that seeing what he was looking at going to be key to me helping out as efficiently as possible.

My customer, let's call him Bob, shared out his desktop.

I connected to Bob's desktop and he was showing me multiple systems. a full client running Windows 7, a Virtual Machine running Windows 7 on Huper-V a couple of servers. The full client was running fine and the Virtual Machine was not processing Group Policy, at least that was the report from Bob. We really only needed to look at the client that wasn't working.

"It's just not working, it should work without questions, I didn't do anything wrong just followed the steps... I'm really frustrated" said Bob

"No problem Bob, we'll get to the bottom of it" I said (with as little doubt in my mind as I could muster). Supporting folks is difficult in that you can't be as honest as possible or you quickly turn into that obnoxious IT guy Jimmy Fallon played on Saturday Night Live (Nick Burns IT Guy).

We looked at the Programs and Features Control Panel on the client that wasn't working. Everything looked fine.

OK, so this looks fine... what's next?

"Alright Bob, do we know if GP is working on this machine?" I asked.

"Sure" he said "what do you want me to check?"

"Open up an elevated command prompt and run gpresult /R" I requested.

All the GPOs that should have applied to the computer did! So it is clear that GP is setup right, it 'seems' to be working but we know there is something wrong.

"OK Bob, that looks good, lets take a look at the event logs, specifically the GP Operational Log."

"hmmm, you'll have to show me that one, I'm not sure I know what you are talking about" said Bob

"No problem Bob, it is a bit buried. It is full of great Group Policy information and all the other noise is filtered out... its a great place to look for issues"

"You can find it in the Event Viewer under 'Application and Services Logs\Microsoft\Windows\Group Policy\Operational, make sure to open the Event Viewer as Administrator."

Bob clearly hadn't seen the Operational Log before so this could be a good learning experience! But he found it and got it opened for us to look at. I requested Bob run GPUpdate /Force on the client so we get a fresh set of GP related events at the top of the screen.

"OK, now see those Events with Event ID 4016? Those are individual Client Side Extensions (CSEs)starting up. 5016 Events are fired when the specific CSE completes. Go through the 4016 events beginning at around 6:05:48PM and see if you see a CSE for Specops Deploy. We have already seen that it is configured correctly in GP and GPResult says GP processed correctly" I told Bob. I wanted to use this to help him understand how he can better troubleshoot GP by himself. He seemed happy with the mini-lesson.

"It's not there." he said.

"Strange, Programs and Features shows it installed, GP processing is working fine without error but there is not a specific event showing the Specops Deploy (or other third party extension) executing. do me a favor Bob, let's look at one more thing before we reinstall the CSE." I suggested.

"I want to look at the CSE registrations in the Registry on the client. Can you open up regedit.exe? Navigate down to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions. this is a list of all Group Policy CSEs registered on this client. Now let's navigate down to see if the Specops Deploy CSE is registered in there."

We looked and didn't find it.

"OK Bob, looks like something went south with the installation of the CSE, don't know why but its not there" I said

"You know when I did the install I decided to extract the individual CSE from a larger package. I had done some clicking around and messing with it to learn what I was deploying. I guess I could have messed something up."

"No problem, I'd suggest go ahead and reinstall the CSE. Make sure to get a current good version and deploy it as intended, there is some good guidance in the Specops Deploy documentation. I've got to jump on another call. Go ahead and reinstall and let's catch up in the AM to see how it worked out!" I suggested.

"No problem Kevin, thanks for your help talk to you tomorrow."

I got an email from Bob in about 15 minutes. He had reinstalled the CSE and everything worked fine. he was happy for the additional information on the GP Operational log, the GPExtensions registration in the registry and the GPResults report.

Ultimately it was pretty straight forward but it is always great to get back to the basics of Group Policy. It is a very logical system and if you follow the troubleshooting steps you will find what it is that ails you!