The Charlotte SQL Server User Group meeting will be held online on August 20th at 12 Noon (EDT). They'll have as the speaker SQL Server MVP Brad McGehee. From the front page:

Don't miss our August 20th online meeting with renowned SQL Server MVP, Brad McGehee. Brad is an experienced DBA and noted founder of SQL-Server-Performance.com. His topic will be "Introducing the SQL Server 2008 Performance Data Collector."

If you are interested in attending, please confirm your attendance with Peter Shire, president of the Charlotte SQL Server User Group.

Like a lot of folks my age (in their 30s), I grew up on comics, both comic strips in the newspaper and comic book magazines. Here are the "geek" comics I follow nowadays on-line:

• UserFriendly.org
• xkcd
• Dork Tower

I used to follow the Heroes Happen Here {Comic Series}, but that one is done. If you're reading this and follow a different one that is a good stress reliever for you, post it in the comics. I'm looking for others. As far as non-geek, I also get Snoopy, Dilbert, and B.C.

The following events are for August 21, 2008, in downtown Columbia, SC.

• Morning - Momentum: IT Execs
• Morning - TechNet: Vista, PowerShell, Group Policy
• Afternoon - MSDN: WPF, Vista (for Developers), Visual Studio 2008 and Microsoft .NET Framework 3.5 SP1
• Afternoon - TS2: Partners

As has widely been announced in the SQL Server community, SQL Server 2008 has RTM'ed. It's now available for download from MSDN and TechNet. Here are some readings from around the community:

• Buck Woody: On-Demand webcast for installation and upgrade to SQL Server 2008
• Aaron Bertrand: What version should SQL Server 2008 report back
• SQL Server Samples Blog: New samples available
• Brian Knight: Some reasons to upgrade
• Zain Naboulsi: Additional resources to learn more about SQL Server 2008
• Denis Gobo: A conflict with Visual Studio 2000 without SP1 beta (SP1 RTMs next Monday)
• Sean McCown: No upgrade path for SQL Server 2005 x64 Enterprise system and a follow-up post

I had to redo SPNs today because we swapped out service accounts on some of our non-production SQL Servers. I wanted to verify that connections in bound were being made with Kerberos. If you've ever dealt with this, if the SPNs are wrong you usually get an SSPI error, but just to be safe, I wanted positive confirmation that the connection was Kerberos. Here's the quick and dirty query to show the connections and the mode by which they are connecting:

SELECT
       s.session_id
    ,  c.connect_time
    ,  s.login_time
    ,  c.protocol_type
    ,  c.auth_scheme
    ,  s.host_name
    ,  s.program_name
FROM sys.dm_exec_sessions s
  JOIN sys.dm_exec_connections c
    ON s.session_id = c.session_id

If you have a lot of connections you'll probably want to filter by host_name or by the login, but I didn't have a need to for what I was doing.

A little while ago Paul Nielsen tweeted about having free Euro-style SQL stickers. All one had to do was email him with your snail mail address and he'd send him your way. He's still offering to send out free stickers. If you are interested, you can see what one looks like at his web site:

SQL Server Bible

He announced in the latest SQL Server Bible eNewsletter (you can sign up for it at his web site) that you can get your very own sticker by emailing him at pauln {at} sqlserverbible {dot} com. He sent me two stickers which came in last week. One went on the back of my wife's van. Put it on right before church this past Sunday. There's probably two in our church that would get it, but still. Speaking of which, this is what he's written on his home page about the sticker:

cool, vinyl sticker, suitable for a notebook lid. want one? 

The other one did fit perfectly on the cover of my Dell XPS laptop, which I happened to get in white. So now instead of a Dell logo, you see SQL. Looks great! Get your sticker before he runs out!

EDIT: As a follow-up, Paul has written a blog post about it. He asks that you put "Euro SQL Sticker" as the subject of the email.

The SANS Internet Storm Center has a great handler post about working at the Abuse department for an ISP:

Securing a Network - Lessons Learned

The handler, Deborah Hale goes into detail about some of the issues faced. Things like end users not having up-to-date antivirus, mail servers getting blacklisted and then it be a tedious process to get them unblocked, to the insecurity of small business customers without full-time IT staff and the risks they pose. Loved the point about reviewing logs (point #1). Often in security your logs are your best friend.

In the current issue of Redmond magazine there's an interesting story in the Never Again column. It's titled:

Listen to the People You Hire

The situation is one that's familiar to a lot of IT folks, there's a problem, they've got a reasonable solution, but management feels that an outside opinion needs to be brought in to bring light to the situation. The third party comes in, offers the same opinion that the in-place  IT folks have been stating all along, and then proceeds to offer their own services to fix the problem. They then come in, the solution delivered isn't right, and the existing IT staff is left to pick up the pieces. Meanwhile, the consultants have exited with a sizable chunk of money... more than if the IT personnel had been allowed to solve the solution in the first place.

I'm not against consultants or consulting. When needed expertise is lacking within an organization, such as when a company is gearing up on a new technology, bringing in knowledgable consultants to help implement the solution and provide training and education makes a lot of sense. Another case is when there's a particularly challenging problem that for a regular IT staff that simply requires a domain expert, a good consultant can mean success. And finally there are cases where consultants can be brought in to augment staff, if the situation permits it and would actually benefit from such a move (see Brook's Law), to provide additional workers to complete a project.

The article naturally heaps the blame on the consulting solution and in the situation described with the facts presented, I would have to agree. However, the concluding shot was this:

The bottom line is that if you don't trust your network administrators and heed what they're telling you, you need to hire new ones. 

Based on how the article read out, this doesn't make a whole lot of sense. The problem wasn't that the network folks were untrustworthy. They were. The problem was that management didn't trust them. Hiring new network administrators wouldn't have solved the issue. Management had to learn to trust the people it had employed. Given that, I would amend the final line to read something like this:

The bottom line is that you should trust your network administrators and heed what they're telling you unless they've given you reason not to. If they have, you need to hire new ones. 

If you've hired good people, trust them and invest in them. This gives them a reason to care about the organization and about the job they do. Often they can save the organization money and pain if they are worth their salt. If they aren't trustworthy, they're going to cost everyone in the long run, so you need to replace them. And by the way, trustworthy people are going to know when they need help. And they won't be disagreeable to bringing folks in. After all, they care about the organization they work for and understand that they are valued and respected.

The network scanner Nmap has a new version out, 4.68. The GUI interface (Zenmap) which comes with the Windows installer version is pretty sharp. A lot of changes in this version.

 I just did a test run and it correctly identified OS and services on the boxes I just hit against. Used Zenmap and while it is a simple and straight-forward interface, it works.