Home

Advertisement

Customize
Jul. 2nd, 2009 @ 11:41 pm Microsoft Certified IT Professional (MCITP) on Windows Server 2008
Current Location: Glen Burnie, MD
Current Mood: awake
Tags: , , , , , ,

2009 June:  An "Exciting" Month (meaning little sleep)

June was an "exciting" month.  By "exciting" I mean I was so busy with professional details (much less personal) that I slept a median of three (3) hours an evening.  It started on Monday, June 1st around lunch when one of my bosses informed me my initial "risk assessment" (not my place to say more) so I could start at federal client next Monday.  That meant I had 48 hours to pack up my "mobile office" (as I call it) for temporary relocation so I drive up Thursday and arrive by Friday to be badged and sworn in.  I spent the weekend looking for housing and was slammed with the job and related, relocation administriva over the first three (3) weeks of the month.

June was also the month I scheduled four (4) new Microsoft certification exams for myself, and was required to take them by June 30th.

It started in late April with an offer from Prometric.  For those of us Microsoft Certified Professionals (MCP) who had not sat an exam since prior to 2007, a coupon was offered for $100 off of the exam fee.  Microsoft exams are typically only $125, so this meant the cost was only $25 and nearly free.  Even better was the lack of limits on how many times the coupon could be applied.  The only catch was that the exams had to be sat by June 30th.

So timing was everything here.  I signed up for a full Microsoft track, plus one additional exam down another.  Being slammed with temporary relocation and a new job, I was rushed to take the four (4) exams in the final week of June (23rd - 30th), while working handling other details.

The Microsoft Certified IT Professional (MCITP) Program

The one track I signed up for was part of the not entirely new Microsoft Certified IT Professional (MCITP) program.  The MCITP replaces several "system administration" and "technology" certifications, unifying them under a single acronym.  The MCITP designation actually began after SQL Server 2005 was released, and now encompasses Windows Server 2008 and other products.  Specifically, the following programs are replaced: 
  • Microsoft Certified Systems Administrator (MCSA)
  • Microsoft Certified Systems Engineer (MCSE)
  • Microsoft Certified Data Base Administrator (MCDBA)
  • Microsoft Certified Desktop Support Technician (MCDST)
In fact, the Microsoft certification programs have been separated into five (5) separate foci:
  • IT Professional (MCITP) replacing the separate MCSA, MCSE, MCDBA and MCDST
  • Professional Developer (MCPD) replacing the separate MCAD and MCSD
  • "Advanced," the new Master (MCM) and Architect (MCA) programs (the latter being a 2-week, on-campus engagement)
  • Application Specialist (MCAS) for Home and Office replacing Office Specialist (MOS)
  • Trainer (MCT) and the Learning Consultant (MCLC)
The administrator/technologist MCITP program also introduces the indivudal Microsoft Certified Technical Specialist (MCTS) title for supporting exams that feed into MCITP titles.  The titles of the exams themselves are prefixed as such with "TS", with the final, qualifying, "PRO" exam for each program.  E.g., several TS exams may be required and shared between different MCITP tracks, but then there is at least one, dedicated "PRO" exam finale for the MCITP track.

For those that are traditional engineers and engineering technologists, this means an end to the use of the term "engineer" (which may be reserved in various locales) for Microsoft.  Of course, traditional architects may still have a complaint (in some locales).  As a traditionally educated engineer with some software engineering experience, I thought this was of note, and I have to commend Microsoft for removing the long-standing issue of "engineer" v. "technology" in titles.

MCITP: Server Administrator and Enterprise Administrator

Microsoft has replaced the MCSA and MCSE with a pair of tracks for Windows Server 2008, although Microsoft's FAQ states that the pair are not replacing the prior MCSA and MCSE programs 1:1.  Probably one thing to point out, which probably clarifies this, is that you can only upgrade from the MCSE on Windows Server 2003.  There is no upgrade path for the MCSA on Windows Servrer 2003.

MCITP "Administrator Common" (2 exams)The 070-640, now retired and replaced by the 083-640 in the US, and the 070-642 represent the "core" Technical Specialties (TS) of the new MCITP program for System and Enterprise administration.  The 083-640 exam, introduced 6 months earlier, has "performance-based components" -- the first ever by Microsoft.  These are not unlike the "practicum" approaches in the Novell NCLP and CLE programs where you connect to a remote, live, real server.  This is not the same as the "simulation" portions of select, other Microsoft exams.  Microsoft has stated that it plans to add more 083 exams to replace 070 equivalents.  Sadly, only the latter digits show up on your transcript (no proof you actually sat the exams with "performance-based" components).

I talk more about my "experience" with the 083-640 later in this entry.

MCITP Server Administrator (+1 exam)MCITP Enterprise Administrator (+3 exams)And here are the two levels of the new MCITP for system and enterprise administrators.  As you'll note from the above, the "Enterprise Administrator" adds detailed Client (Vista/Office) and Application (IIS/Services) over the "Server Administrator," along with a different "PRO" exam covering the wrap-up of those added details.  While the "Server Administrator" does dive into some client and application details, including design in the "PRO" that touches on both.

Regarding upgrades, Microsoft offers no Windows 2000 upgrade track, and no MCSA on Windows Server 2003 upgrade track.  Only those MCSEs on Windows Server 2003.  And unlike prior upgrades from NT 4.0 to 2000 and 2000 to 2003, the upgrade exam does not reward the new certification.  The "upgrade" exam only replaces 070-640, 070-642 and 070-643, the TS "Server" exams, but neither the TS "Client" nor the PRO exams.  The resulting track then becomes ...

MCSE on 2003 (only) "Upgrade" to MCITP Enterprise Administator (3 exams total): 
The 070-649 exam replaces the 070-640, 642 and 643 exams.  In other words, you're only "upgrading" to select, individual "Technology Specilist" titles on 2008, not the full MCITP title.  Although there is no MCSA path, I guess it's possible to "upgrade" to the MCITP: Server Adminstrator by taking 070-646 "PRO" with the 070-649, but then you're talking two (2) of three (3) exams, and the upgrade only saves you one (1) exam for the "Enterprise Administrator."  In any case, it's clear that Microsoft is trying to differentiate the MCITP from the MCSA/MCSE prior.  I just don't know what they expect people to think.

My Experiences With the New MCITP Program

As I mentioned before, I originally scheduled the exams with Prometric for Florida in May.  I was going to sit the exams on Saturdays in June.  Unfortunately, the relocation changed that, and I actually had to call them to reschedule for a different state.  Prometric's web-based interface does not let you reschedule along state lines, which has been a major issue for myself in the past (and even caused me to forfeit some exams and have some issues with Cisco on the timing of my CCDP).  The administriva kept causing me to push back my exams until the very last week in June, where I finally just ignored sleep for study and sat them.

Originally I scheduled 070-640, 642 and 646 in the "Server Administrator" track, and then the 070-620 Vista Client to start the "Enterprise Administrator" track.  I figured I'd work on the "Enterprise Administrator" later in the year.  In any case the $400 savings on four (4) exams made it worth it.  When I reschedule my exams from Florida to Maryland at the start of June, I found out that the 070-640 could not be rescheduled.  After the Prometric representative dealt with the extensive administriva on the matter, she informed me I would have to sit the new 083-640 version with performance-based components.  I was actually excited to finally see Microsoft adding such.

Timing with work finally led me to schedule the following exams on these days, literally the last week of the month, as the Prometric coupon required sitting (or forfeit of the registration) by June 30th (although it said the registration was good for a year under the confirmation number, it would not let me schedule at any site beyond June 30th).
  • 070-646 on Tuesday, June 23rd -- my 12th ever Microsoft exam
  • 070-620 on Friday, June 26th -- my 13th
  • 083-640 on Monday, June 29th -- my 14th
  • 070-642 on Tuesday, June 30th -- my 15th
I assumed the "PRO" exams would be easiest, so I scheduled the 070-646 first.  Some might disagree, but from my prior experience on my MCSA/MCSE, the "design" exams are always easiest in my view.  Why?  They test layout, integration and other things of various Microsoft services and support.  If you really understand Microsoft's architecture, which you should if you've been working on NT since the original 3.1 beta -- much less the decisions and differences from OS/2 and VMS prior, and the Michigan LDAP / Netscape iPlanet, MIT Kerberos and other "code grab" that became Active Directory -- it's not difficult.  I only had to learn the new services and where
they fit in the "Microsoft Solutions Architecture."

Sitting the 070-646 and 070-620 exams

Although I had been studying Windows Server in general whenever I could on my 17" notebook (I love having a true desktop replacement with dual-500GB drives and 4GiB of DDR3 memory so I can run a lot of virtual machines), I had stupidly studied the 070-642 materials instead of the 070-646 exam the week prior.  I realized this just before lunchtime on the 23rd itself, the day of the exam, so I added a few PTO hours to cram from the 646 manual.  Thank God I downloaded the CDs from the Microsoft Study Kit, including the PDF version of the book.

I passed 070-646 with over a 900 out of 1000 (933).  I have yet to not pass a Microsoft "design" type exam without coming with 7-8% of perfect.  Despite not giving the 646 my full attention, it didn't make much difference.

In all honesty, and this is on me, I "blew off" studying for the Vista Client in 070-620.  My attitude started when the Virtual PC 2005 image of Vista Enterprise would not work under Virtual PC 2007.  So between work and preparing for the 083-640 on Active Directory with the new "performance-based" components, I only gave Vista marginal study without hands-on.  In all honesty, I don't use Vista much.  It's only on my personal notebook, it's the "Home Edition" anyway, hence why I wished the Vista Enterprise VHD would have worked.  That's Microsoft for you.  I use Linux desktops far more at work and home and at a client, if I have to use Windows, it's always XP Professional (let alone I'm largely running from Cygwin under it, and using open source software).

When I sat the 070-620, anything that was Server interaction related, I slammed dunked.  I did know my remote access and wireless components as well.  But the multimedia and other "consumer" components, I bombed ... badly!  The score sheet's "graphical breakdown" showed where, well under 50% in those portions.  Yes, I don't use Vista at home at all for multimedia and "consumer" stuff, only Linux (and that's been the case for the past 12 years).  And that cost me, as I scored only 644/1000, where 700 was passing.  It was my 13th Microsoft exam, the only the second time I didn't score at least an 82% overall.  While I squeaked by on the 070-214 MCSA Security exam without study with a 783 or so, just over the minimal passing, back in 2003, this time I clearly failed by 5.6%.

It was the first Micrsooft I had ever failed, my 13th ever Microsoft exam.  Thirteen is supposed to be my lucky number, as I was born on Friday the 13th.  Guess it really is the opposite when you pass all the others.  ;)

Welcome to 083-640 and the "Lost Connection"

Putting that aside, I focused on studying for the 083-640 throughout the weekend.  From the 646 exam I already knew about the "Domain Level" differences between 2003 and 2008 (I already knew 2000 v. 2003 from experience), and laughed at the fact that the "Forrest Level" differences between 2003 and 2008 are nothing (I honestly sure wish I knew when talking to one client who said they couldn't install Red Hat Directory Server and the AD sync because they use 2008, a domain can be 2003 in a 2008 forrest and lose *0* functionality).  I played with the GPO changes and laughed at various details about Security Objects that require "shadow groups" (defeating the purpose of the option given limitations in AD's OUs and other things -- hack after hack after hack, that's what the test is about!).  I felt ready.

When I sat the 083-640 exam, it was given in three (3) parts:
  • 65 minute lab 1
  • 65 minute lab 2
  • 60 minute, traditional 30 Q&A
Each lab cannot be returned to after you hit "Done."  You are given tasks in each lab, you are on a physical system and can do them in any order (just like the Red Hat exams) and when you hit "Done," you're done with it (Red Hat exams reboot the system, so the system has to be "as is from a clean boot" when scored).

What I saw before and when I entered the first lab shocked me.  First I got a pop-up from the local program telling me that I needed to click a checkbox and accept when a security window popped up.  Sure enough, I got a NTLM -- yes, 15 year-old NT Lan Manager (NTLM) security pop-up -- saying that I trusted the connection, overriding the default because it was, in fact, not trusted.  With all the study I had put into, all while digesting all of the Microsoft marketing on, Read Only Domain Controllers (RODC), Lightweight Directory Services (LDS) and, most notably, Federated Services (FS) -- things that were designed to allow AD to "feed" things and "be more secure," all without opening up AD itself with all its RPC and other services, using secure links, modern hashes, etc... -- I got a NTLM prompt!

And then it got comical.

The screen came up.  It had serious latency.  Not only that, the "pick" looked familiar, darn familiar.  No, that's not Terminal Services pick in RDP.  No, that's not Citrix's XenApp ICA protocol and presentation either.  And then the repainting of the screen told me the truth.  Yes, that's framebuffer, dumb framebuffer, and the all-too-familiar VNC pick!  Oh yeah, this isn't a Microsoft solution.  It's a 3rd party, pass-thru NTLM authentication, VNC framebuffer based solution.

And that's where the frustration kicked in.

Normally, the tasks they give you here would only take 10 minutes, possibly only 5, if you knew what you were doing.  If you have to look through a few minute items or launch a couple of programs or -- even more so -- expand those detailed policies to find the few policy objects you want to modify, but don't remember the exact hiearchy to get there, maybe 10-15 minutes on a local system.  But no, were remote, major latency, and the screen paints like garbage.  That's why they give you 60 minutes.

It gets better ... "lost connection."

I made it through the first lab, probably a little frustrated between the lack of sleep, general dislike of the format and disappointment.  This was especially the case after taking so many Red Hat exams on physical, local hardware, or at least having a "command line" that works well over a VPN (and such is the case in the EX436, clustering, where you have a half-dozen systems, and some operations cannot be done on the 1-2 physical, local systems).  I would later hit myself in the head when I realized where I should have gone in the menu.  The darn latency kept me from exploring options, and I know I configured 2 things wrong that I should not have, and would have easily discovered had I been able to "play" on a local system.  But then I hit the second lab.

After the first 20 minutes into the second lab, it "lost connection."  It sat there with a green silon type back-forth, back-forth trying to re-establish connection.  All-the-meanwhile the locally executing, right-hand side of the screen kept counting down both the lab time remaining, as well as entire exam time remaining.  After 5 minutes I notified the local proctor.  He was very nice (I had visited the same location before), but it took me a good 3-4 minutes to get him to realize that this new, first of its kind (exact words from Microsoft's blogs) 083 exams were using a remote system.  So he contacted his Prometric/Microsoft people.

After answering various questions of when I started the exam -- the remote servrer is tied to its windows from various locations -- they had him reboot the local computer.  Because of the same reality, that multiple testing locations are hitting the same, remote server and the access slots are "windowed," I lost those 15 minutes!  What was around 40 minutes remaining became 25 minutes, and there was nothing the Proctor could do about it.  You'd figure they'd "buffer" in some extra time per session for these types of situations, but they do not.  And so I re-entered the exam with about 23 minutes remaining.  I tried to focus on just continuing on, but after 2 minutes, I just hit "Done" in disgust.

The traditional section then came up and I went through it very fast.  It was typical Microsoft, a really "great answer" with "one little thing wrong" and then a "poor answer" but "the only one that worked."  Typical.  I didn't check my answers.  At this point I was just frustrated.  I kept my wits about me.  In fact, when the Proctor said, "well, what can I say, it's Windows," it did make me laugh.  It certainly wasn't his fault and I just wanted to try to "give it my best" to finish.  But I wasn't going to spend much time checking my work, and I was even debating if I wanted to sit this exam again.  I'd much rather have only 15 minutes per lab on a local system than 65 connecting over the Internet, but alas, this is the reality of the format that Microsoft is pushing.

I hit my final "Exit Review" and got my result.  No way, I passed with a 783/1000 (700 was required).  In all honesty, I "knew what I was doing" in the virtual labs.  Although one cannot talk about the exam, I knew how to do 100% of the lab content, and it was just a matter of remembering where that one box in that one tab under that one MMC pane was (if in a MMC) -- something that is not easily done in such a remote environment over an Internet connection without frustration.

When the "evaluation/comment" questions came up, they hit the point home.  It explicitly asked about the lab v. traditional portions, including any technical difficulties (including "crashes"), interactive feel, etc...  I know Microsoft beta'd this test for 6 months (as 070-117 IIRC) before starting to offer it 6 months earlier before making it mandatory in the US starting in June.  But this is a really poor setup, and I assume it's leveraging the same Prometric/Novell engine.  In fact, on Tuesday, I meet a former Novell-SuSE employee with a NCLP+CLE at my clients HQ office and we talked about this.

Although he had never sat 083-640, he said the NCLP+CLE use the same.  More surprising to me, he commented how he loves the RHCE format much better, with a physical system, and the fact that Red Hat can cram in a lot more "real testing" in 3 hours than the Prometric remote connection could allow in 12.  Nice to hear that "independent, unbiased" viewpoint, let alone from a former employee of a Red Hat competitor who has sat the competiting Linux certification program.

Once again, I want to stree that the 083-640 and its "performance-based components" are not the same as the "simulations" on some Microsoft exams.  In the "simulations," they are running local, only take 5 seconds to launch, and you can't click outside of select windows and bars.  With the 083 series "performance-based components" of remote labs, you have a full, real system running at the other end (Microsoft stated the system is running as a virtual guest), and you can do anything on them.  That's the easiest way to compare.

Finishing off with the 070-642:  MCITP Achieved

Tuesday was my wife's birthday.  Between the 070-646 and 083-640 studies, and my error in going through much of the 070-642 book prior, I took the time to sleep well Monday night and didn't rush the morning of my wife's birthday.  I glanced through the topics of the 070-642 materials at lunch before heading out in the afternoon.  Because it was my wife's birthday, I didn't get overly anal with reviewing my answers, and left things to my original judgment.  I think I only looked at four (4) inter-related questions in my review, and got out very early.

It took way too long after I hit Exit Review for the score to come up.  As a joke, I told myself, "well I got a 832" and then said, "either that, or I didn't pass with a 632."  Right after those brief few seconds, the score came up, "833/1000" (700 passing).  I guess I knew what I knew and it was good to go with my first instincts.  The score sheet's graphical breakdown also explained what I knew, and what frustrated me.  DNS and DHCP always frustrate me on Microsoft exams because they use non-standard terms (let alone change them every 2 version) and the questions are always poorly worded in general in ways you'd never proceede in a production network.

E.g., everyone knows that you need to 1) define at least one DHCP scope and 2) active a DHCP server in Active Directory before starting DHCP on a server.  What Microsoft loves to do is throw you questions that test if you've ever been stupid before with that (I can't talk about the exam or questions, but read into what type of questions could be used to test if you've been stupid before).  Methodical people like myself always follow practices, and never do this.  It's one thing to test troubleshooting.  It's another to test people on how Microsoft products break when you don't follow practices.  Again, it's not troubleshooting in my opinion, but alas.

Refocusing on my RHCA, then possibly CEH/CISSP, then MCITP: Enterprise Administrator

I'm still waiting on my official Microsoft transcript to show the MCITP: Server Administrator.  It's clear it takes at least 3 days (if not a full week) for anything to come through:
  • +1 day for the Prometric transmit from Microsoft (and you know when they do it because the MCP site goes down with "Server Error" as they remove access from the public network -- yeah, still like that after 5+ years ;)
  • +1 day for the Microsoft system to take the 3 digit exam suffix and apply the proper MCTS
  • +X day for the Microsoft system to put 640, 642 and 646 together as the MCITP title

When I passed EX436, Red Hat immediately issued the Certified Datacenter Architect (RHCDS) at the same time as the "Clustering and Storage" certificate of expertise, let alone that was just a few hours after the exam.  It went into the on-line validation.  I guess that's you get for controlling the system, end-to-end, although it was already late on a Friday on Arizona time and the grading was done by someone even later on EDT.  Red Hat states it can take up to 3 weeks for results, but 3 hours is not uncommon at all (and 3 days in the worst case).

I'm sure a lot has to do with the fact that both Prometric and Microsoft are using back-ends that are so outta date, and not always under the control of themselves (or even using their products in the case of Microsoft).  One of the advantages of Red Hat "eating its own dogfood" -- both internally as well as avoiding partners who do not "eat open source as their dogfood," is that things get done and done right.  I'm not saying everything that every Red Hat partner does is always open source, and even Red Hat has acquired firms that produce software for Windows in addition to Linux and/or MacOS X that requires use of proprietary components at times in development and test.  I'm just saying that the whole 083 "performance-based experience" has left me with a greater appreciation for how Red Hat tests, which was also noted by a former Novell-SuSE employee as well.

For now, I'm refocusing on studying for my EX442 retake.  Out of the six (6) Red Hat exams I've taken -- RH301 (cold turkey, exam-only, back in 2003), RH301 (again for re-cert in 2007), EX401, EX432, EX436 and EX442, I failed the EX442 on the first shot with a 66.7%, with 70% passing.  I'm not looking to retaking it, but the next time it's coming to the DC area (which may be only one of two for the rest of the year) is July 24th.  So I have three (3) weeks of study.  The only remaining RHCA exam after that (assuming I pass the EX442 on the second try, let alone 2 years after I took the course), is EX333 which does not return to DC until October.

After the RHCA, I plan on taking the Ceritifed Ethical Hacker (CEH) and finally getting around to putting in the paperwork and sitting the CISSP.  I've put the CISSP off way too long.  I know the CEH is newer, but I heard it is not difficult to pass with study.  I know there is the crash course for it, but I've found plenty of materials, including several material free via my IEEE CS membership access to Element K.  Same for the CISSP, although I've had several colleagues who were studying for the CISSP, took it, and then told me I'd have no difficulty passing it.

Post-American football season and into the winter, I suspect I'll get around to retaking the 070-620, and then taking the 070-643 and 647 for the full MCITP "Enterprise Administrator."  After my "experience" with 083-640, I'm desiring to sit the 070-643 before they turn it into an 083-643 "experience" as well.  I'm all for performance-based testing, but I want a local system (or at least a command line into a remote, not a pig of a GUI over framebuffer and that latency).  I'm also wondering if I should just wait for Windows 7 and the "Client" version of that exam, instead of bothering with Vista.

We'll see.  Until then, there's another acronym to put on my resume, and the continued explaination that the MCITP replaces the MCSA/MCSE.  As always, my resume reads various statements such as ...

"Certifications do not represent and should never replace any requirement for experience.
In fact, certifications may be found attached to applications who have no experience whatsoever.
Experience must always be evaluated independently of certifications, and in the context of the available position.
Vendor agnostic experience, based on understanding of technologies, are always preferable to product-tied certifications (or even vendor-agnostic certifications for that matter).
Do not filter candidates based on certification alone or your hiring managers and technical leads may miss the most qualified candidates"

About this Entry
Leave a comment
Permanent Link

Add to Memories
Tell a Friend

Advertisement

Customize