Los Angeles Identity & Access Management User Group

04-26-16 09-57

I gave a talk on Monitoring the IAM stack at the LA IAM UG–the Presentation is online for review.

The meeting was well attended & the conversation after my talk was definitely the most informative part of the day.




“Department of Engineering and Maintenance”



So I have been thinking about why we call it Engineering and Maintenance. I think the answer may lie in the understood need for continuous improvement.

images (1)

More importantly, I think that the issue is that Engineering needs to remain always grounded in reality & connecting it to the maintenance of a running system we force this to occur.


As we move to systems that are actually engineered real time by agents unaware of requirements the challenge of staying grounded is only going to increase.

Tim Fargo

Analyze your mistakes.


You’ve already paid the tuition, you might as well get the lesson.

Installing the Administrative User Interface

CA Communities has a new article which includes screen shot of Admin UI install.


Installing the Administrative User Interface

CA Communities has a new article which includes screen shot of Admin UI install.

Pasquale Russo wrote the piece which is clear and to the point–he covers Solaris [which I miss], but does have some warnings about how to do this in other environmnets.

I st

Snowflakes & How Systems Learn

I am really drilling down on Configuration Drift.



I am of the general opinion that most CD is caused by good intentions & that a little diversity in the environment is likely good for stability [a kind of Simian Army if you will].


In any event, one of the serious struggles about have a less then zero tolerance for CD Variance is that it leads to challenging provisioning issues–defining the Gold Standard from a pile of snow flakes can be a very non exact science & documenting all the tunings that went into a system is proving to be a very difficult archival challenge.


One of the resources I have started to use to uncover some of this is the great Stewart Brand‘s How Buildings Learn. Like so many other areas, Brand’s work has deep resonance for many of the challenges I am facing and provides very concrete guidance on the factors that should be used to dig my way out.

“Yes, and…”: Engineering Improvisation

My transition from  Manager of IAM Operations to Manager of WAM Engineering has been extremely enlightening in a lot of ways. Moving away from the daily operational challenges has allowed me to have a much more level headed view of what was going well and what was not going so well. Seeing how new management handles challenges has shown me that initial goals impact long range behavior in a lot of very complex and interesting ways which I will likely detail in  a later post.


But what I have seen most clearly is that in OPS your default setting is always no, more likely NO! In Ops, you are trained to be pessimistic, conditioned to be cautious, and almost militantly detailed in the area of things that can go wrong. Even as the organization transitioned to DEVOPS this remained true–I often saw my role as the “guy who says no” even when I was closing more change records then anyone else on the team. I was always very focused on making sure that I did not ever impact running production systems.

Engineering does not require this almost paranoid thinking. In Engineering we move at a much slower rate. In Engineering we are free to explore less then optimal solutions to see if there is hidden value. I as continue to redefine the space after DEVOPS in which the user is the System Engineer–allocating resources as they see fit, designing capacity, assigning risk scores, and managing their own ecosystem–I am really starting to see where the simple DM Tip of “Yes, and” really comes in handy.


All DM’s are trained to avoid the “yeah, but”, the “no”, the “your character does not work that way” for the sake of cooperative story telling. For improvisation.


Engineering allows for a level of Engineering which Operations does not tolerate.

One of the things I hear is people saying “I get what you are saying…” this is a very strong “yes, and” way of moving design discussions foreword which I will continue to work on daily as this new field continues to reveal itself to me.