Products_ContentManagement

Going Serverless: Office 365

Recently I just completed a project for a small church in Kansas. Several months ago, the senior pastor asked me for a quote on a Windows server to provide authentication as well as file and print share services. During the conversation, a few things became clear:

  1. Their desktop infrastructure was completely on Windows 10. Files were being kept locally or in a shared OneDrive account.
  2. The budget they had for this project was not going to allow for a proper server infrastructure with data protection, etc.
  3. This church already uses a web-based Church Management System, so they’re somewhat used to “the cloud” already as part of their workflows.

One of the key features provided by Windows 10 was the ability to use Office 365 as a login to your desktop (Windows 8 allowed it against a Microsoft Live account). Another is that for churches and other nonprofits, Office 365 is free of charge for the E2 plan.

I set about seeing how we could go completely serverless and provide access not only to the staff for shared documents, but also give access to key volunteer teams and church committees.

The first step was to make sure everybody was on Windows 10 Pro (we found a couple of machines running Windows 10 Home). Tech Soup gave us inexpensive access to licenses to get everyone up to Pro.

Then we needed to make sure the internet connection and internal networking at the site was sufficient to take their data to the cloud. We bumped up the internet speed and overhauled the internal network, replacing a couple of consumer-grade unmanaged switches and access points with a Ubiquiti UniFi solution for the firewall/router, network switch, and access points. This allows me and key church staff to remotely manage the network, as the UniFi controller operated on an Amazon Web Services EC2 instance (t2.micro). This new network also gave the church the ability to offer guest wifi access without compromising their office systems.

The next step was to join everyone to the Azure domain provided by Office 365. At this point, all e-mail was still on Google Apps, until we made the cutover.

Once we had login authentication in place, I set about building the file sharing infrastructure. OneDrive seemed to be the obvious solution, as they were already using a shared OneDrive For Business account.

One of OneDrive’s biggest challenges is that, like FedEx, it is actually several different products trying to behave as a single, seamless product. At this, OneDrive still misses the mark. The OneDrive brand consists of the following:

  • OneDrive Personal
  • OneDrive for Business
  • OneDrive for Business in Office 365 (a product formerly known as Groove)
  • Sharepoint Online

All the OneDrive for Business stuff is Sharepoint/Groove under the hood. If you’re not on Office 2016, you’ll want to make the upgrade, because getting the right ODB client in previous versions of Office is a nightmare. Once you get it sorted, it generally works. If you’ve got to pay full price for O365, I would recommend DropBox for Business as an alternative. But it’s hard to beat the price of Office 365 when you’re a small business.

It is very important to understand some of the limitations of OneDrive for Business versus other products like DropBox for Business. Your “personal” OneDrive for Business files can be shared with others by sending them a link, and they can download the file, but you can’t give other users permission to modify them and collaborate on a document. For this, you need to go back to the concept of shared folders, and ODB just doesn’t do this. This is where Sharepoint Online comes in to play.

Naturally, this being Sharepoint, it’s not the easiest thing in the world to set up. It’s powerful once you get it going, but I wasn’t able to simply drop all the shared files into a Sharepoint document library — There’s a 5000-file limit imposed by the software. Because the church’s shared files included a photo archive, there were WAY more than 5000 files in it.

Sharepoint is very picky about getting the right information architecture (IA) set up to begin with. Some things you can’t change after the fact, if you decide you got them wrong. Careful planning is a must.

What I ended up doing for this church is creating a single site collection for the whole organization, and several sites within that collection for each ministry/volunteer team. Each site in Sharepoint has 3 main security groups for objects within a site collection:

  • Visitors (Read-Only)
  • Members (Read/Write)
  • Owners (Read/Write/Admin)

In Office 365, much as it is with on-premises, you’re much better off creating your security groups outside of Sharepoint and then adding those groups to the security groups that are created within Sharepoint. So in this case, I created a “Worship Production” team, added the team members to the group, and then added that group to the Worship Site Owners group in Sharepoint. The Staff group was added to all the Owners groups, and the visitors group was left empty in most cases. This makes group membership administration substantially easier for the on-site admin who will be handling user accounts most of the time. It’s tedious to set up, but once it’s going, it’s smooth sailing.

Once the security permissions were set up for the various team sites, I went into the existing flat document repository and began moving files to the Sharepoint document libraries. The easiest way to do this is to go to the library in Sharepoint, and click the “Sync” button, which then syncs them to a local folder on the computer, much like OneDrive (although it’s listed as Sharepoint). There is no limit to how many folders you can sync to the local machine (well, there probably is, but for all practical purposes, there isn’t). From there it’s a matter of drag and drop. For the photos repository, I created a separate document library in the main site, and told Sharepoint it was a photo library. This gives the user some basic Digital Asset Management capabilities such as adding tags and other metadata to each picture in the library.

So far, it’s going well, and the staff enjoys having access to their Sharepoint libraries as well as Microsoft Office on their mobile devices (iOS and Android). Being able to work from anywhere also gives this church some easy business continuity should a disaster befall the facility — all they have to do is relocate to the local café that has net access, and they can continue their ministry work. Their data has now been decoupled from their facility. I have encountered dozens of churches over the years whose idea of data backup is either “what backup?” or a hard drive sitting next to the computer 24×7, which is of no use if the building burns to the ground or is spontaneously relocated to adjacent counties by a tornado. The staff doesn’t have to worry about the intricacies of running Exchange or Sharepoint on Windows Small Business Server/Essentials. Everything is a web-based administrative panel, and support from Microsoft is excellent in case there’s trouble.

If you’re interested in how to take your church or small business serverless, contact me and I’ll come up with a custom solution.

ProQu24

Controlling Audio With ProPresenter

Our church is a small one. So its not always especially easy to fully staff our tech booth, and sometimes, one must fly solo, which adds to the workload, and sometimes stuff gets forgotten, like unmuting microphones for the choir or the person reading the scripture.

Fortunately, there is some tech than can help us in this regard. We use ProPresenter for our graphics presentation, and an Allen & Heath QU-24 console for our audio. The Qu-24 is connected to the Mac that runs ProPresenter via a USB cable, which shows up in the Mac as a 32 in/32 out audio device, as well as a MIDI device. This is primarily to be able to use the console as a multitrack and DAW interface, but it also lets us play back audio from ProPresenter media cues without ever leaving the digital domain, and saving us a couple of inputs on the board (although there’s no shortage of those). But because it’s also a MIDI device, this gives us some options with ProPresenter’s $99 MIDI module add-on. The Qu series boards can also do MIDI over IP (in fact, the Qu-Pad remote control app for iPad uses MIDI over IP to work its magic). If you’re using MIDI over IP with a Mac, you’ll need a special driver for the Mac. No driver is needed for USB.

First, a few resources we’ll need:

In the Qu Series, mutes and mute groups are controlled by a sequence of a Note On/Off message. The specific note determines the channel or mute group being controlled, and a the velocity value determines if it’s being turned on (Muted) or off (Unmuted). Velocity values below 64 turn the mute off, and above turn it on.

Meanwhile, over in ProPresenter, since Version 6, we have the ability to add MIDI Note On/Off cues to a slide. See where this is going? Unfortunately, ProPresenter doesn’t have the ability to do anything other than MIDI notes in a slide at the moment, so we can’t get really crazy with starting recordings or anything else requiring non-note MIDI messages.

So how do we know what notes emulate button presses? The documentation provides this handy method:

OK, this requires thinking and math. Not so helpful. This is where the MIDI monitor comes in. Download it and run it, and it shows everything coming across the MIDI interface. Push the button you’re interested in, and lo, MIDI Monitor helpfully shows you what note you’re interested in:

In this case, G#4 is the mute group for our choir. A4 is the mute group for the speaking mics on the chancel. A1 is the lectern mic.

Screenshot 2016-11-20 13.51.30So now, to be able to add a cue at the beginning of a song the choir is singing, I simply have to add two cues to the first slide to turn on the choir microphones:

  • NOTE ON, G#4(80), 63
  • NOTE OFF, G#4(80)

Then I can add a slide at the end of the playlist entry that then turns them back off, or add these to the beginning of the next playlist entry:

  • NOTE ON, G#4(80), 127
  • NOTE OFF, G#4(80)

Likewise, when someone is at the lectern reading scripture, I can unmute that channel automatically using the corresponding note number, and mute them again when they’re done.

On the flip side, you can also use note on/off commands to control ProPresenter. So you *could* also use the Mute, SEL, and PAFL buttons on unused channels to trigger things in ProPresenter (you also want to make sure that you don’t overlap these with the mutes and mute groups that you are actively using so as not to inadvertently advance a slide when hurriedly muting a channel). ProPresenter also conveniently tells you what the last note sent was, so you can actively push the button you want to use, make a note of its number, and put it in the action you wish.

 

Another approach you can take is to create a presentation in ProPresenter containing blank slides with the various functions you wish to use. Then you can copy these slides into presentations and add a Go To Next timer to them to automatically advance to the next slide. I would also recommend using slide labels and colors to clearly identify what each slide is doing:

Screenshot 2016-11-20 13.47.55

 

If you have controllable lighting and your lighting console also has MIDI capability, This comes in handy as well. And if you’re really a one-man band, and like to do things like pads underneath certain worship elements, you can use this to trigger those as well. But if you get to that point, you may want to look into QLab to control all of them at the same time.

So there you have it: a quick and easy way to automate some of your workload with the Qu series boards. If you’ve got another board that you use, let me know in the comments if you do (or would like to do) something like this. Would also love to hear if anyone is using hardware MIDI controllers like the Novation LaunchPad and how you have it set up.

Additional Info:

Summary of MIDI Messages (midi.org)

Microsoft Azure

Nonprofit Tech Deals: Microsoft Azure

Last week while I was at the Church IT Network National Conference in Anderson, SC, a colleague pointed me to a fantastic donation from Microsoft via TechSoup: $5000/year in Azure credit. At a hair over $400/month, this means you can run a pretty substantial amount of stuff. Microsoft just announced this program at the end of September, so it’s still very new. And very cool. Credits are good any time within the 12-month period, so you don’t have to split them up month by month. They do not, however, roll over to the following year.

The context of the conversation was for hosting the open-source RockRMS Church/Relationship Management System, but Wowza Streaming Engine is also available ready to go on Azure. And many other things. (and for those of us in the midwest, Microsoft’s biggest Azure datacenter is “US Central” located in Des Moines, as Iowa is currently a very business-friendly place to put a huge datacenter)

If you’re a registered 501c3 non-profit (or your local country’s equivalent if you’re outside the US), head on over to Tech Soup to take advantage of this fantastic deal.

As an added bonus, if you have Windows Server Datacenter licenses from TechSoup or that your organization purchased with Software Assurance, each 2-socket license can be run on up to two Azure compute instances each with up to 8 virtual cores, reducing the cost of your instances even further (as standard Windows instances include the cost of the Windows license at full nonprofit prices.). This also applies to SQL Server.

Here’s the process:

  1. Read the FAQ.
  2. Register your organization with TechSoup if you haven’t already done so.
  3. Head over to Microsoft’s Azure Product Donations page and hit “Get Started”
  4. At some point in the process you’ll also want to create an Azure account to associate the credits with. If you’re already using Office 365 for nonprofits, it’s best to tie an account to your O365 domain.

NACBA Admin Day

Here’s the list of resources from this morning’s presentation on Social Media 201 at the KC chapter of #NACBA Admin Day. I’ll add stuff periodically if I run across anything particularly interesting.

And, of course, it wouldn’t be complete without a plug – if your church has any IT needs that aren’t being met, head on over to my company at nerdherd.net

VMWare opens academic pricing to non-profits!

This just in from my Dell rep, and confirmed by several in the CITRT Twitterverse: VMWare has opened up their academic pricing to non-profits. Jason Powell has the pricing information at his blog. The relevant bits from VMWare:

Definition and Requirements of a Non-Profit Entity for Eligibility to Participate in the VMware Academic Buying Program:
The following U.S. Non-Profits under U.S. Tax Code 501(c) are eligible to participate in the VMware Academic Buying Program.

  • Non-Profits are defined under U.S.Tax Code 501(c)(3) as an organization which is organized and operated exclusively for one of the following purposes:
    • Religious
    • Charitable
    • Scientific
    • Literary
    • Educational
    • In the prevention of cruelty to children or animals
    • In the testing for public safety
    • Fostering national or international amateur sports competition
  • Non-Profits under U.S. Tax Code 501(d) Religious or Apostolic Organizations
  • Non-Profits under U.S. Tax Code 501(e) Cooperative Health Services provided to Hospitals
  • Non-Profits under U.S. Tax Code 501(f) Cooperative Service Organizations of Operating Educational Organizations providing cooperative investment services for Educational Organizations
  • Non-Profits under U.S. Tax Code 501(k) Child Care Organizations which supply child care to children with working parents
  • Non-Profits under U.S. Tax Code 501(n) Charitable Risk Pools which pools insurance risks of 501(c) (3) Organizations

Not all nonprofits qualify, of course:

U.S. Organizations not eligible to participate in the VMware Academic Buying Program:

  • U.S. Tax Code 501(c) 1 Non-Profits as defined as Corporate Organization under Acts of Congress, or as Instrumentalities of the United States.
  • U.S. Tax Code 501(c) 2 Non-Profits as defined as Title Holding Corporations for Exempt Organizations, or those who hold title to property owned by Exempt Organizations.
  • Organizations filed under 501(c) (4 through 27). This includes:
    • Teachers’ Retirement Fund Associations
    • Domestic Fraternal Societies and Associations
    • Fraternal Beneficiary Societies and Associations
    • Social and Recreation Clubs
    • Business Leagues, Chambers of Commerce, Real Estate Boards, etc.
    • Labor, Agricultural, and Horticultural Organizations
    • Civic Leagues, Social Welfare Organizations, and Local Associations of Employees
    • Political organizations
    • Labor or fraternal organizations
  • Other Organizations not eligible:
    • Organizations that are an integral part of local government or have governmental powers
    • Hospitals not wholly owned by a University
    • Health Management organizations (HM)
    • Preferred Provider organization (PPO)
    • Non-profits that are not charitable organizations or act as non-profit lobbying groups
    • Private Foundations
    • Academic facilities that qualify for Academic status.

If you’re not in the US, same sort of deal applies, if your organization is equivalently defined as non-profit under your local tax codes. Contact your VMWare reseller for details.

Round Table Session 1 Notes

Cool Tools:

  • BombBomb
  • RoyalTS
  • RDTabs
  • MRemote
  • LovelyCharts
  • SpiceWorks
  • Kiwi/SolarWinds
  • Likewise
  • Mobiscope

Volunteers in IT:

  • How do we recruit volunteers?
  • Volunteer Fairs
  • Be clear about requirements
  • Background checks
  • This is a production environment, not a training ground
  • As leaders, we need to define the scope way ahead of time
  • Give your volunteers a tour, show the blinkenlights
  • Good opportunity for people out of work to keep skills sharp, feel valued
  • Weekend Announcements

Offsite Backup

  • Backups are for the weak of faith — bryson
  • What needs to be backed up, how often – not an IT decision, but a business decision
  • Control/security of offsite data
  • What’s the most important to leadership in case of a disaster?

Arena Check-In

Now that a lot of the back end of our Arena Check-in system is in place and ready to go, I’ve been focusing my efforts on the fun part… Themes!

This school year’s theme is “Go Fish”, so I set about seeing if I could come up with something fun, without hiring an external designer/illustrator to do something for us. Here’s what I’ve got so far:

Main Screen

Phone Lookup Screen

Family Screen

Still a work in progress, haven’t done the buttons yet (as anyone familiar with the default Arena theme has already spotted), but it’s coming along.

I’ve got 4 different scenes to wotk with for the fish, and the original art is vector-based, so I can move fish about as needed to get out of the way of text – I think I can even make them swim from one illustration to the other via the miracle of the Windows clipboard.

The artwork is from iStockPhoto, from a designer who goes by the username totallyjamie. The font is Chaloops Medium from Chank!.

CITRT expands northward (and westward)!

I had a great chat this morning with Gregg Hatton-Fearnley, the IS/IT director at Centre Street Church here in Calgary.

The main purpose of my meeting with Gregg was to introduce myself and tell him about CITRT. CSC is the second largest church in Canada (the largest is either in Toronto or Winnipeg, he couldn’t recall which). Like most people who hear about CITRT, he was quite enthusiastic about the idea, and was bemoaning the lack of funds in his budget to go to the fall event at Seacoast. I have high hopes of seeing him at spring RT, though.

CSC has got a great facility which, as most of us have experienced, they practically had outgrown the day they opened the building. I was very impressed with Gregg’s openness and transparency about some of the big challenges he faces – he shared a lot for a first date! 🙂

Unsurprisingly, his biggest hurdles aren’t so much technological as they are human. (Has anyone else had problems getting the Worship Arts people to play nice on the network? Yeah, thought so. Wasn’t that the whole point of MinistryTECH? )

The other really big challenge CSC faces is personnel. The Calgary job market is tremendously competitive, with entry-level fast food workers fetching a starting wage of $15/hour, and a low-level network admin commands a 6-figure salary. It’s hard enough finding people to work for church wages in a sane job market, it’s got to be ridiculously hard to do in Calgary, especially when Big Oil is snapping up all the IT people it can, and for huge money.

CSC is also a recent addition to Fellowship One’s growing list of customers, and I got to experience some quirks of the check-in system on Saturday night when Andrea and I went to check out.

CITRT is truly an international bunch now… We’ve got Canadians and Australians on board too. I hope to see Gregg on IRC or the Talkcast soon 🙂

Naturally, no church visiti is complete without pictures from the facility:

This is the projector set for one of the side screens. This thing is a monster. Hard to tell from the picture, but each one is about the size of a coffin. These are mounted in the tech booth at the back of the 2400-seat sanctuary. The throw on these is a good 200 feet, possibly more.

CSC's projectors for one of the side screens

The video control room:


Video Switcher:

A decorative waterfall in the narthex. The sculpture in the middle can be removed to turn it into a baptismal pool. The “chandeliers” nearby each have about 32 dimmer channels and are built to support stage lighting as well.

The other side of the narthex: