We use roaming profiles on our network which is handy for a number of reasons. It’s easy when users use another computer than their normal one, or want to log on to a laptop for a presentation or meeting (a couple of which we share). It’s also handy as an administrator since I can basically swap out their (faulty) computer with another without much interruption (I also use automated application distribution).

While for the most part roaming profiles do the job, there are a number of problems. The most notable is that when the profile gets large, logon and logoff takes a long time, as Windows insists on copying everything, even if it hasn’t changed. There are also obscure errors that can happen when processes remain open during logout (”\\server\user\profile.pds not found”), or when a logoff or login happens when not on the network (think laptop users that use ’suspend’ mode a lot).

I’ve been trying to find ways around them, but the best suggestions seem to be:

• Keep your profile ’small’Why should I have to do this? More importantly, why should I force my users to do this? Maybe 6 years ago, a few megabytes was a reasonable size for a profile, but nowadays, I have individual pictures that are a few megabytes each. User data has grown in size, the ability of Windows to handle a large profile hasn’t.
• Redirect Desktop, My Documents etc to network sharesThis is a great tip for desktop systems, but not for laptops, and certainly not for hybrid environments where users interchangably use both. While ‘offline files’ theoretically takes care of this, in reality it causes many more problems. If two users log on to a system, that system will forever try to synchronize files for both of their profiles - no matter whose profile you’re in. This obviously fails, as user A doesn’t have access to user B’s network shares. In my experience, it’s also not very smart, often failing to see a network server even though explorer does, or randomly switching to offline mode for no apparent reason.
• Redirect Desktop, My Documents etc to local (non-roaming) foldersThis makes the settings for a profile roam, but obviously not the files. Switching between computers means you lose your stuff, not to mention it doesn’t get backed up on the server.

With these ideas in mind, I’ve tried to figure out a way to get around the limitations and bugs (which existed in NT and continue to exist in XP, with no signs of going away) while preserving the useful traits of roaming profiles and offline files.

The best solution I’ve come up with so far is to use a file synchronization program (like AllwaySync or the open-source FullSync) to do the transfers. Basically, I would redirect the ‘big’ folders (Desktop, My Documents, Application Data, Start Menu) to local paths only so they don’t roam with the profile, and then use the sync program to keep them synchronized to folders in the user’s home directory on the network.

AllwaySync in particular has some features that make this very useful: it can synchronize at logon/logoff, as well as on intervals or even watch for changes and synchronize ASAP. The ability to synchronize while working brings a number of benefits: for laptop users that use suspend at the end of the day instead of logoff (me!), the files are still pushed to the server (to be backed up, or available if you forget your laptop the next day); it’s possible to be logged in to two computers at once, and have a file you save show up in your My Documents folder relatively quickly; and if something happens to your computer before you logoff (power failure, or worse) then at least most of your stuff should be copied to the server.

So you may be wondering why I’m writing this article as a theoretical idea instead of as a how-to. Well, there are some shortcomings that need to be overcome. AllwaySync (as of 4.6.1) has a bug, where it is unable to copy read-only files to a linux server (it copies to a temp file first, then tries to move it, so in case it’s interrupted you don’t get a partial file — linux doesn’t allow moving a file with no write permission, while Windows does). As there are a number of read-only files stored all over the place, I cannot do a full synchronization. The XML configuration file for AllwaySync is also incredibly confusing and complex, which may make it more difficult to generate automatically for use. I’m not as concerned about this though.
I’m not sure if FullSync will fit the bill or not, but I will investigate. It doesn’t look to be as full-featured as AllwaySync though. If anyone has any other suggestions, please let me know.

I will post again about this, hopefully as a how-to once I find a solution that works. I just wanted to get this out there to gather some feedback, and so I don’t have to explain the why part again, once I figure out how to do it. :) Keep watching for updates here.

There’s a lot of sites using captchas these days in an effort to prevent spamming and other automated attacks/uses of services. The idea is you have to type in the usually distorted text you see in a picture in order to proceed, and only a human would be able to read the text.

Apparently spammers have found a way to get around this by having people do the work for them. They post the captcha on one of their own sites, usually promising access to porn or warez or something of that nature, then everytime an unsuspecting internet user types in the code on their site, they use that to bypass the check and send their spam. It’s actually pretty clever.

One obvious way to combat this is to expire the captchas after a certain period of time (likely a few minutes). If it’s expired by the time they submit, then present a new one to validate. Even better would be to do it using AJAX right before the submission is made, and expire after just a few seconds. I’m sure there are probably at least some sites doing this now, though I’ve never seen one done with AJAX.

Something else I’ve never seen done before though is putting the name of the site in the captcha. This doesn’t in any way prevent it from being displayed on another site, but at least it makes it a bit less appealing to use this hack. If an effort is made to raise public awareness that you shouldn’t enter information for a captcha with another site’s name on it, then it may even lower or completely get rid of this hack.

At this point, neither of these ideas have been implemented (to my knowledge), but hopefully someone will read this and get inspired.

Digg this

Something that seems to be missing from searches is time. Search engines base their results on relevancy, which makes finding newer methods of doing something difficult.

For example, I will search for how to do something in linux, like configuring a RAID array. There is a ton of information on this, but the most relevant hits you get are about configuring raidtools. Mdadm has replaced raidtools as the tool of choice, but since raidtools has been around so long, and there are so many old pages that link to it, it scores the highest. I’m sure there’s millions of other examples of this on other topics too.

Google has an advanced search where you can specify pages modified in the last x months, but it doesn’t really help much. One of the pages returned when I limit the search to the last 3 months has a revision history typed out at the top of it, and it shows the last update in 2003. MSN has a "Search builder" function, where (among other options) you can specify how important it is to be recently updated, popular, and a relevant match. This still doesn’t bring up really relevant results. Yahoo is the only one of the three that actually does return an mdadm-related result as #1 when you search within the last 3 months. (I should point out that both Google and Yahoo return this same page as #5 and #6, respectively, but my point here is that someone who knows nothing about it is probably going to pick #1 or #2, and implement raid with the older raidtools method).