Sunday, May 3, 2015

98% As Good As Sex Chocolate Chip Cookies

Because if they were better than sex, you're doing sex wrong.

2 1/2 C + 2TBSP all-purpose flour
3/4 C granulated white sugar
3/4 C packed brown sugar
7 oz. semi-sweet chocolate chips
7 oz. dark chocolate chips
1/2 C butter-flavored Crisco
1/2 C + 1 TBSP I Can't Believe It's Not Butter Margarine
1 TBSP milk
1 TBSP vanilla extract
1/2 C finely chopped pec
1 tsp baking soda
1/2 tsp salt
3 TBSP Egg beaters / egg whites (or 1 large egg)

Digital Scale
Ice Cream Scoop or large spoon
Non-stick cookie sheet
Parchment paper
Nylon spatula
1.      Pre-heat oven to 375 degrees.
2.      Sift all dry ingredients together except chocolate chips.
3.      In a stand mixing bowl, mix all wet ingredients, and then slowly pour in dry ingredients.
4.      Stir in chocolate chips with a wooden spoon.
5.      Using an ice cream scoop, measure out approximately 80g of dough.  Making them within 5g of each other ensures even baking time.  Should make 16 cookies, taking “nibbling” into consideration.
6.      Place dough in balls approximately 2 1/2 inches apart on tray.
7.      Bake for 9 minutes; remove from oven and let sit on sheet for an additional 2 minutes before transferring to parchment paper with a nylon spatula.

Thursday, February 20, 2014

The *real* math behind the beer tab tax comparison

I wrote this a while ago for a Facebook post a few years ago as a reply on some vitriol spewed by Glenn Back, basically regurgitating the beer tab analogy to our tax system.


Too bad Mr. Beck (along with most of the world) doesn't understand how progressive taxes really work, and how the American tax system in particular works.  There are some key facts that he has elected to leave out.  But before we get to what's missing from Beck's mischaracterization of taxes, a quick primer on the American progressive taxation system.

There are five main different systems of taxes in the US: sales taxes, payroll taxes, income taxes (standard and the alternative minimum tax), and capital gains taxes:

Sales Tax

Pretty easy.  It's a flat tax determined by your state and applied to products that you purchase. It's consumption based and regressive.  Consumption meaning, you pay it on the things you purchase or consume; regressive meaning that it disproportionally affects those with lower incomes.  The only method to legally avoid this tax is not to buy stuff.  In most states, unprepared food (groceries) is exempt from sales tax, while prepared food (restaurants) is not.
Payroll taxes 

Wage earners pay these.  It's your combined Social Security and Medicare tax. The current rates are 4.2% for SS tax (up to the first $110,100 of earned income) and 1.45% for Medicare (no earned income limit).  These taxes only applies to wages, not to investment or dividend income.
Income Taxes
This is the most complex of the taxes.  The standard tax is currently divided into 6 brackets for two filing statuses: Married Filing Jointly (MFJ) and Single (S):
Bracket, Income range for MFJ, Income range for S
10%, $0-$17,400, $0-$8,700
15%, $17,400-$70,700, $8,700-$35,350
25%, $70,700-$142,700, $35,350-$85,650
28%, $142,700-$217,450, $85,650-$178,650
33%, $217,450-$388,350, $178,650-$388,350
35%, Over $388,350, Over $388,350

The AMT is a lot more complicated and applies to about 4% of US households in a given tax year and kicks in around $175,000 (give or take), and is always a moving target because Congress changes the income threshhold.  Since it applies to such a small portion of people, we're going to ignore it for this discussion and treat those people like normal tax payers.

Captial Gains tax
Taxes on investment income (dividends, sales of stocks/bonds).  It is currently 10% or 15%, depending on qualifying investments and such.

As to the parts that Beck (and other commentators) either doesn't know or conveniently leaves out:

  1. Everyone pays taxes (depsite the claims that half the population doesn't pay any).  They may, however, get rebates and deductions that make their overall tax liability zero, but before those get applied, everyone pays taxes.  One of those credits for lower-income and middle-income earners is the Earned Income Tax Credit, the expanse of which championed by the patron saint of the Republican Party, Ronald Reagan in the Tax Reform Act of 1986.
  2. Everyone pays the same rates on their earned portion of income.
  3. When politicians are talking about "the rich pay less taxes" or "making everyone pay their fair share," they're not talking about income derived from salaries or wages.  What they're talking about is the primary source of income for the wealthy--investments.  If you have an income of $400,000 per year, and you receive that income as wages, you'll pay something in each of the six tax brackets.  If that income comes from investments, you're going to be paying the 10% or 15% rates.
So, let's take a look at three individuals, and assume that neither have any deductions or exemptions (because this is an FB post and they have limits.  Also, I'm not an accountant or tax professional, so I'm not going to run really complicated numbers). 

Individual 1 is a Joint filer with a salary of $84,000.  Individual 2 is an investor whose $168,000 income came solely from sales of his long term stock holdings.  Individual 3 is a "high-income wage earner," with wages of $400,000.
 Individual 1's tax liability looks like this:
Income (Salary) $84,000
FICA (4.2%), -$3,528 ($84,000 * 4.2%)
10% Bracket, -$1,740 ($17,400 cap * 10%)
15% Bracket, -$7,955 (($70,700 minus first $17,400) * 15%)
25% Bracket, -$3,325 (($84,000 minus first $70,700) * 25%))
Total liability: $16,548 on a total income of $84,000, or 19% of Individual 1's income is taxed
 Individual 2's tax liability looks like this:
Income (sale of stocks) $168,000
FICA (4.2%), $0 (only applies to earned income)
n% Bracket, $0 (only applies to earned income)
10% Capital gains liability, $16,800
Total liability: $16,800 on an income of $168,000, or 10% of Individual 2's income

In this example, Individual 2 had *twice* as much income and was taxed only $452 more (or paid half as much tax proportional to their income).
 Individual 3's tax liability looks like this:
Income (Salary) $400,000
FICA - SS (4.2%), -$4,624.20 ($110,100 * 4.2%)
FICA - Medicare (1.45), -$4,203.55 (($400,000 minus $110,100) * 1.45%)
10% Bracket, -$1,740 ($17,400 cap * 10%)
15% Bracket, -$7,955 (($70,700 minus first $17,400) * 15%)
25% Bracket, -$18,000 (($142,700 minus first $70,700) * 25%)
28% Bracket, -$20,930 (($217,450 minus first $142,700) * 28%)
33% Bracket, -$56,397  (($388,350 minus first $217,450) * 33%)
35% Bracket, -$4,077.50 (($400,000 minus first $388,350) * 35%)
Total liability: $117,927.25 on an income of $400,000, or 29.5% of Individual 3's income

As you can see, the tax system is unfairly weighted against wage-earners (as opposed to people who derive their income from investments).  Why should one type of income be "preferred" over another?  Individual 2 gets a pretty sweet deal in this case.  Individual 2 wouldn't pay the same dollar amount in taxes as individual 3 until he gets to $1.17 million in income (he'd be paying the same 10% capital gains tax).  When Democrats are talking about the wealthy paying their "fair share," *this* is what they're talking about, not some silly math on a beer tab.

If we took Glenn's beer tab example and applied the US's real wage distribution against it, it would look dramatically different.  According to the Tax Foundation (, I think it would look more like this:
 1 - $2.30
 2 - $2.30
 3 - $2.30
 4 - $2.30
 5 - $2.30
 6 - $19.18
 7 - $19.18
 8 - $19.18
 9 - $19.18
10 - $11.80

That being said, persons 6-9 (who represent the 50th through 99th percentile or the middle class) pay 75% of the bill, while the bottom 50% and the top 1% pay roughly the same percentage.

In other terms, 40% of the people pay 75% of the bill, and 60% of the people pay 25% of the bill.  Not terribly fair.

Saturday, January 25, 2014

Flaky, Chewy Brownies

This morning, I had a craving for brownies.  Like 1am craving.  What's a guy to do when this urge hits and the normal ingredients (a.k.a. "the box") aren't available?

Improvise.  And make the best damn brownies ever.

  • 12 oz semi-sweet chocolate chips
  • 1 stick unsalted butter
  • 1/2C + 2 T solid coconut oil
  • 1/2 tsp salt
  • 4 eggs
  • 2 tsp vanilla
  • 2 1/2C powdered/confectioner's sugar
  • 1 1/4C all-purpose flour
  • 1 T water
  • Baking spray (non-stick spray with flour)
  • Wire whisk
  • Large mixing bowl
  • Rubber spatula
  • One 9"x11" or two 8"x6" glass baking dishes
  1. Pre-heat oven to 325 degrees F.
  2. Grease with the baking spray.
  3. In a medium Teflon saucepan, begin heating the chocolate chips, butter, and coconut oil, stirring occasionally.
  4. In a large mixing bowl, beat all four eggs, vanilla, and water with a whisk. Fold in the powdered sugar and salt.
  5. Remember to stir the chocolate chips.
  6. Continue stirring the batter.  Add in the flour.
  7. Remove the melted mixture from heat.
  8. Stir the egg and flour mixture until it's as smooth as it can be, until your hand hurts, or for about 2 minutes.
  9. Slowly add the melted chocolate chip mixture to the mixing bowl.
  10. Stir some more until the mixture is smooth.
  11. Pour the batter into the baking dish(es) and place them in the oven.
  12. Set the timer for 25 minutes and grab a Disaronno.
  13. At the 25 minute mark, stick a wooden toothpick, chopstick, or skewer in.  If it comes out super-gooey, add another two minutes.
  14. Lather, rinse, repeat, but don't get any soap in the brownies, because that will suck.
  15. When the wooden insertion tool comes out mostly clean (not all the way clean--it's kind of an art at this point), take the brownies out of the oven and set on a wire rack to cool.
  1. Once they've cooled so you can cut them, do so.
  2. Pour a cold glass of milk.  Rum optional.

Monday, September 16, 2013

Copy attribute from one field to another with PowerShell

This week, while prepping two different customers for single-signon to Office 365, I ran into the same issue--the userPrincipalName attribute was correctly populated (, but the email address was blank.  So, to rectify this problem, I put together a script that reads the UPN attribute and then copies to the the mail attribute.

Leave me a comment if you find it useful!

# Populate "mail" attribute with UPN
Import-Module ActiveDirectory

Get-ADUser -LDAPFilter '(userPrincipalName=*)' `
-Properties userPrincipalName,mail | Select-Object * | `
ForEach-Object { Set-ADObject -Identity `
$_.DistinguishedName -Replace `
@{mail=$($_.userPrincipalName)} }

Tuesday, August 6, 2013

Managing via WinRM

What is WinRM?

WinRM, for those of you not in the know, is really the Microsoft answer to an age-old problem in the Windows world--remote command and task execution.  It's the Windows equivalent of the Unix rsh, a native implementation of the PsExec (albeit, with the added complexity that seeps into nearly all Microsoft technologes).  It's built on SOAP, so it's intended to be firewall-friendly.

The quick guide to enabling it:

On a server you wish to enable WinRM managment, open an elevated command or PowerShell prompt and run winrm quickconfig.  Answer "Yes" to create the listener and open the necessary ports in the Windows Firewall.

Once that's done, you may need to set the configuration to allow you to connect to it and issue remote commands.  You can do this by by opening an elevated command or PowerShell prompt and entering one of the following command examples:

Add a single trusted remote management host

winrm set winrm/config/client '@{TrustedHosts="server1"}'

Add multiple trusted remote management hosts

winrm set winrm/config/client '@{TrustedHosts="server1,server2"}'

Make every host trusted (not advised)

winrm set winrm/config/client '@{TrustedHosts="*"}'

Now What?

Let's say you want to execute a command against a WinRM host.  To do this, use the command winrs.

For example, to open a command prompt on server2, you would run:

winrs -r:server2 cmd

For a whole bunch of other stuff you can do with WinRM, please see the following (much more technical) articles:

Happy remoting!

Tuesday, April 23, 2013

Handy Office 365 PowerShell Cmdlets

Here are some handy Cmdlets that you may find useful when managing Office 365.

- Connect to the Microsoft Online Services interface for account management tasks.
import-module MSOnline
$cred = Get-Credential
Connect-MSOLService -credential $cred

- Connect to the Microsoft Exchange Online interface for Exchange-related tasks.
$cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $Session

- Set Office 365 passwords for all accounts to P@ssword1 and clear Change Password Flag (not valid for ADFS customers)
Get-MsolUser | Set-MsolUser -NewPassword P@ssword1 -ForceChangePassword $False

- Set Office 365 passwords for all accounts to never expire (not valid for ADFS customers)
Get-MsolUser | Set-MsolUser -PasswordNeverExpires $True

- Set Time Zone to Eastern Time and Language to English (US) for all users
get-mailbox -Filter {RecipientTypeDetails -eq 'UserMailbox'} | Set-MailboxRegionalConfiguration -Language "en-US" -TimeZone "Eastern Standard Time" -DateFormat "M/d/yyyy" -TimeFormat "h:mm tt"

- Get a user's mailbox permissions on a selected mailbox
Get-MailboxPermission -Identity <> | Where {_.User -like '*user*'}
Get-RecipeintPermission -Identity <> | Where {_.Trustee -like '*user*'}

- Get a list of Directly-granted rights, excluding "SELF"
Get-Mailbox | Get-MailboxPermission | Where-Object { ($_.AccessRights -like '*full*') -and ($_.IsInherited -eq $false) -and -not ($_.User -like '*nt authority\self*') }
Get-Mailbox | Get-RecipientPermission | Where-Object { ($_.AccessRights -like '*send*') -and ($_.IsInherited -eq $false) -and -not ($_.User -like '*nt authority\self*') }

- Set Shared Mailbox quota at 4.5GB
Get-Mailbox -RecipientTypeDetails SharedMailbox | Set-Mailbox -ProhibitSendQuota 4500MB -ProhibitSendReceiveQuota 5000mb -IssueWarningQuota 4400mb

- Get Distribution Group Members
$Groups| foreach {
 $Report=Get-distributionGroupMember -identity $_.identity| select @{Name='Distribution Group'; Expression={[String]::join(";", $GroupName)}}, DisplayName, PrimarySmtpAddress
$Reports | Export-csv -NoType -Path .\"output.csv" -ErrorAction SilentlyContinue

- Add Alias Domain to All Mailboxes (not valid for ADFS customers)
$users = Get-Mailbox
$aliasdomain =
foreach ($a in $users) {$a.emailaddresses.Add("$($a.alias)@$aliasdomain")}
$users | %{Set-Mailbox $_.Identity -EmailAddresses $_.EmailAddresses}

- Set Usage Location to United States for All users
Get-MsolUser | Set-MsolUser -UsageLocation "US"

- Assign "Exchange Online Plan 1" License to All Users for organization TestOrg
Get-MsolUser | Set-MsolUserLicense -addlicenses "testorg:EXCHANGESTANDARD"

- Force Removal of deleted mailboxes from Recycle Bin
Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force

- Get All User Mailbox Sizes
Get-Mailbox -Resultsize Unlimited | Get-MailboxStatistics | Select-Object DisplayName,TotalItemSize

- Convert User mailbox to Room Mailbox
Set-Mailbox -Identity ConferenceRoom -Type Room

Set-MailboxFolderPermission -Identity ConferenceRoom:\Calendar -user Default -AccessRights Author
Let me know if there are other tasks you might like to see demonstrated!

Thursday, April 11, 2013

Cannot create Exchange Online Migration Endpoint with Exchange 2007 Server using only NTLM Authentication

I've been battling an issue for a few days now and finally stumbled upon a workable solution via PowerShell.


Client has an existing Exchange 2007 deployment.  The OWA instance is configured to only use NTLM authentication.  ExRCA ( comes back clean, and I can proxy log in to any mailbox on the server.

When configuring the migration endpoint through the EAC, I would receive an error that the migration endpoint could not be discovered, even after entering the credentials, server, and RPC proxy server values manually.


The solution ended up with my old friend PowerShell.  You can create migration endpoints through it using the New-MigrationEndpoint cmdlet.  The key was forcing the authentication to NTLM.

New-MigrationEndpoint -ExchangeOutlookAnywhere -Name NewEndPointName -ExchangeServer EXCHSERVER.DOMAIN.local -RpcProxyServer -Credentials (get-credential -EmailAddress -SkipVerification -Authentication NTLM

Wednesday, August 29, 2012

Error uninstalling Exchange Server 2003: One or more users currently use a mailbox store on this server.

So, you're transitioning your Exchange 2003 environment to an Office 365 environment and desparately want to drop kick your Exchange 2003 server out the door.  After migrating everyone's email, you open ESM, delete all of the mailboxes and start to uninstall Exchange.  But then, this frustrating message shows up:

The component "Microsoft Exchange Messaging and Collaboration Services" cannot be assigned the action "Remove" because:
- One or more users currently use a mailbox store on this server.  These users must be moved to a mailbox store on a different server or be mail disabled before uninstalling this server.

Thanks for leaving me the fun part of trying to guess who you think still has a mailbox.

Fortunately, there's an easy way to do this.

Let's say your server name is EXCH01.

  1. Launch Active Directory Users and Computers.
  2. In the navigation pane, right-click on your domain and select Find from the context menu.
  3. In the Find Users, Contacts, and Groups window, click the Advanced tab.
  4. Click the Field button, point to User, and then select Exchange Home Server.
  5. Set the Condition field to Ends With.
  6. Enter the Exchange mailbox server you're decommissioning in the Value field (in our example, EXCH01).
  7. Click Add.
  8. Click Find Now.
  9. Once the list of users is displayed, you can right-click on the user, select Exchange Tasks, and then select Remove Exchange Attributes from the list of options.  Acknowledge the warning, and repeat for each user.
  10. Restart Exchange setup.

Monday, August 27, 2012

Re-create BITS and Windows Update Services for Windows 7

So, you had a bit of nasty malware.  You're almost back to square one, but have now found yourself in the unfortunate position of having missing services--specifically the Background Intelligent Transfer Service and Windows Update services.

Never fear.  These, too, can be recreated in the event that your System Restore points are borked.  Copy/paste the commands into an elevated command prompt.

REM Recreate Windows Update / BITS Services for Windows 7
sc create BITS DisplayName= "Background Intelligent Transfer Service" binpath= "c:\windows\system32\svchost.exe -k netsvcs" Start= delayed-auto depend= EventSystem/RpcSs
sc create wuauserv DisplayName= "Windows Update" binpath= "c:\windows\system32\svchost.exe -k netsvcs" Start= delayed-auto depend= RpcSs

Sunday, August 19, 2012

Bloody Queen Mary

This is a Bloody Mary (it's technically a Caesar because of the clam juice) that will make you famous.  Or at least, a legend in your own mind.

4 1/2 oz Clamato Juice (or a 2:1 mixure of tomato:clam juice)
1 1/2 oz your favorite gin
1 tsp celery salt
1/2 tsp black pepper
1/2 tsp Tabasco sauce
1/2 tsp Lea and Perrin's Worchestershire sauce
1 drop Beano's Horseradish sauce
Juice of 1/4 lime

Combine all ingredients and shake vigorously.  Pour into a Collins or highball glass, and garnish with a deli pickle spear (don't you dare use a dill), rind of the squeezed lime, and leafy celery heart, and a couple of queen olives.