:::: MENU ::::

MinistryTech Session 2


Jason Powell

Information Technology Director

Granger Community Church – 90 staff and Personnel



180 clients, 13 servers (on server and desktop hardware)



Limited Capital for Server Deployment

Server Sprawl … on workstation hardware

PowerEdge Servers were under utilized

Server Management

Disaster Recovery

Rack  Space, Power, A/C

Need a solution that would allow agility


Vmware Server


Convert Physical to Virtual

Multiple purposes isolated from each other on the same hardware.

Improved Disaster Recovery


Fast and Simple Deploying of new servers

Great for a Testing bed

“Bad stuff”- Its so easy to bring a new server online – licensing

“Bad Stuff” – drive space




“I had some memory issues with my laptop but I didn’t have my screwdrivers to fix my laptop since I couldn’t take them on the plane since I might stab someone in the throat with them.” – Jason Powell

MinistryTech Session 1

Tony Morgan
10 Reasons Why Techies Scare me
Chief Strategic Officer – Communications and Multi Site Ministry and IT
New Spring Church, Andersen SC
NewSpring is a church of 8300 in a town of 25k


“I am a gadget guy, so I understand you, but I am not one of you” – Tony Morgan


  1. Techies assume everyone thinks like a techie

Because people use technologies, doesn’t mean they think like techies

The Body of Christ is gifted very differently and not everyone is wired like those in IT

Building relationships will allow users to become IT cheer leaders


  1. You scare me because you don’t bend on standardization

“Some people want to use a mac, they want to pay twice as much to use a computer, I don’t know why”

Only adhering to standardization might be compared to legalism of the Pharisees

Standardization for the fire department is a great thing. But remain flexible when you ‘lock into standards’


  1. Techies scare me because they hire the best geek rather than the best leader

In ministry our tendency is to hire the person with the best ‘talent’  (tech, music, speaking, care, etc.)

Sometimes people with the talent aren’t great leaders, a leader can translate the specifics of the ministry to the whole.


  1. Techies scare me because they want more staff

Ministry has limited resources (money, people, space, things etc.)

How are we going to engage volunteers

Howe are we going to empower other staff to champion the technology.


  1. Techies scare me because they want more money for more technology

Show me the investment we are making will give me a cost savings or will have an impact on ministry.

Help your leaders help you do the homework to see the big picture


  1. Techies scare me because you don’t document processes.

You need to equip the ministry to run smoothly after you aren’t in the picture.


  1. Techies scare me because you implement technology solutions without considering the strategic systems.

If you have the right people and tech, but not strategy it becomes a hindrance to the person you are ‘helping’

When you have the right strategy, and people but not right tech, you are irrelevant.

Tech is important to connect and communicate to today’s culture.

Example: registration processes that are paper and then data entry is done… that is a disconnect from the culture.

When you get the right tech, people and strategy you make decision making easier, tech easier to use, tech invisible to the user and a seamless process.


  1. Techies scare me because they implement technology solutions without communicating with the team.

Warn, Inform and communicate with those who aren’t techies

You have to be about the people.

Just because I write the best email ever, people don’t always get it.

An outline of steps doesn’t always communicate to everyone.

How do I communicate with the teams I am supporting.


  1. Techies scare me because you focus on implementation without creating systems for training and support.

Do your users hold the mouse upside down and wonder why the courser isn’t going where they want.

A little handholding may go along way.

Everyone learns at different paces.

New Technology paralyzes people when no one walks them thru the changes.


  1. Techies scare me because you let technology drive the ministry rather than letting ministry drive the technology.

“Sometimes the greatest technology you are trying to implement smells like poop” – Tony Morgan

Techies create a great hullabaloo about technologies but the technology might still smells like poop.


Don’t miss connecting with your culture.

Ministry Tech OKC Day 2

 Our day was filled with tours of 4 churches today: LifeChurch.TV, Henderson Hills, Church of the Shepard, and Crossings Community Church. The day was great to meet new people and see how others are doing Church IT. Here are some photos from the day.

Even LifeChurch.TV has rats nests.  This is the back of some production equipment from in their Internet campus studio.

Wiring at the LifeChurch Internet Campus

Photos of the LifeChurch.tv Edmond Auditorium
LifeChurch.TV Auditorium LifeChurch.TV Auditorium

Video Editing Suites at LifeChurch.TV

LifeChurch.TV video editing suite LifeChurch.TV Studio

LifeChurch.TV Green Screen Studio 

A map of the locations that view the services from LifeChurch.tv
Map of LifeChurch.TV viewers  

The Entry of Henderson Hills Baptist Church
Henderson Hills entry 

The Auditorium of Henderson Hills
Henderson Hills Auditorium 

A aviom control cable on stage at Henderson Hills
Aviom Wiring at Henderson Hills 

Our Group at Lunch (Pictured: Clif, Ian, Jeremie, Andrew, and Matt)
eating at Taco Bell  Taco Bell 2

Church of the Shepard Celebration Center
Church of the Servant  Church of the Servant

Clif and Team “near” Jesus
Clif and Team Close to Jesus 

The fountain at Church of the Shepard
Church of the Servant 

More Church of the Shepard
Church of the Servant -  Church of the Servant Student Center

Crossings Community Church
Crossings Community Church  Crossings Community Church

Crossings Community Church  Crossings Community Church

Crossings Community Church 

Michael Foster and the Checkin systems at Crossings

Crossings Community Church

The “Snow Blowers” at Crossings… (I don’t think they get much snow)

Crossings Community Church 

 All in all it was a great day, we met a lot of Church IT people and saw some really cool facilities.  It continues to amaze me how different each local church is and how care and minister to their communities.

OKC travel Day one

ministryTECH 2 image  

We left Peoria around 11:45 this morning and traveled to Chicago.  Our Flight from Chicago was delayed and the the gate mysteriously changed, but the flight was good and we made it to OKC safe and sound. (imagine a photo here of our missing plane)

We met up with Clif, Ian and Matt from Church of the Resurrection in Kansas City.  They picked us up at the airport with excellent timing (if only we had planned that) and went to dinner at a local place called the Cattleman. (imagine a photo of the cattleman here)

Jeremie had Catfish, I had a fillet both were very very good.

We arrived at our Hotel and all is good.  Check-in was quick, and our room is very clean and should suit us well especially for the price

 We arrived to find the Sleep Soundly package as a little gift from the Crown Plaza… it included a clip for the curtains, ear plugs, a sleep CD and a eye mask that Jeremie had to try out.

 Sleep Mask

The wifi here isn’t exactly ‘high speed’ but the connection to EVDO is working well.  Especially when Ian leaves his phone charging in your room with the wifi router running.
OKC EVDO Speed Test

So why are  you imagining all the photos, for some reason my phone was saying it was saving photos but… none where there when I got to the hotel.  So after a hard reset and deleting the DCIM folder all is well.


Tomorrow AM we start tours at the area churches… More photos to come.

Hotel is Booked OKC here we come

I finally was able to successfully bid for our hotel for MinistryTech and the Spring RoundTable. I booked the rooms on priceline and used the free re-bidding strategy I learned from Mark Moreno and biddingfortravel.com.

We had to expand our search for a hotel a little further than I wanted, but when you are booking 8 rooms for four nights you have to give and take a bit I guess.  Final results Crown Plaza Hotel OKC for $ 62.00 per night.  You will find the likes of Jermie Kilgore, Jason Powell, Tony Dye, David Szpunar, Mark Moreno, Clif Guy, Ian Beyer, and Justin Moore at the Crowne Plaza Oklahoma City.

Installing Wildcard SSL Certificates

  • Our SSL certificates were up for renewal so we began to investigated the most cost effective methods for our multipe SSL certificates.  We had two seperate certificates for SSL-VPN and our our Exchange server and expected to have needs for additional certificates.  This lead us to the decision of purchasing a Wildcard Certificate which allows us to use it for anything that is a sub domain of our primary domain name.

We have a SSL-VPN 2000 but Sonicwall doesn’t really have any documentation addressing use of the wildcard certificates on this appliance.  Their documentation is fairly straight forward of how to request and import a normal certificate so but makes no mention of using a Wildcard Cert.  Since the SSL-VPN’s certificate was going to expire sooner than our Exchange server’s and since process to import a certificate in the Sonciwall is a little more complex Windows IIS6 we decided start with the request from the SSL-VPN box.

The process to request and install the Certificate on the SSL-VPN 2000 is as follows:

  • Create a Backup of the SSL-VPN Appliance
  • Go to the System > Certificates page and click on the Generate CSR button.
  • Complete the CSR window. 
  • Enter the Fully Qualified Domain Name as *.domain.org
  • Enter your organization’s name as registered name with the State. 
    • Our first submission to the CA failed because we entered the organzation name as Northwoods Community Church but the CA required our request to be entered under the name Northwoods Community Church, Inc. We were told that this was the case because of the liablity value was higher with a Wildcard Certificate than with the inexpensive SSL certificates.
  • Enter and Document the request password.
    • You will need this when you import the certificate.
  • Save the csr.zip file from the SSL-VPN console to your local workstation.
  • Unzip the csr.zip and save the server.key file for use after you receive your certificate from the CA.
  • Open the server.csr file with notepad and copy the contents of the server.csr file to the CA web interface to make your request.
  • After the domain.org.crt file is received from the CA copy the .crt file and the .key file that was created during your csr request to a comon directory.
  • Rename the .crt file server.crt and zip the directory.
  • Be sure the .zip file is named certkey.zip
  • Login to the SSL-VPN Appliance, Go to System > Certificates.
  • Click on ‘Import certificate…’ button.
  • In the pop-up that appears, select the ‘certkey.zip’ file you just created and click on import.
  • If it is successful, the screen will now say ‘pending’.
  • Activate the certificate by clicking on Configure icon next to new cert.
  • You will be prompted to enter the password you entered when creating the CSR. Enter this and click on the Submit button. The screen will now say ‘inactive’.
  • This next step will reboot the box.
  • Select the Enable radio button next to the new certificate and click on the Apply button in the upper-right-hand corner.
  • After the reboot, your certificate is now active.

To install the certificate on an additional server, in our case a IIS6 web server,  you will need import the certificate as a .pfx. 

  • Download the cerficiate from your web browser to a .cer file going to the website that is using the SSL cert and choose view the certificate.
  • Go to the details tab and choose copy to file and save the certificate as a .cer format.
  • To import the certificate into IIS you will need to convert the .cer file to a .pfx file.
  • Convert the files using OpenSSL
    • After installing OpenSSL Click START > RUN then type cmd.exe.
    • You need to navigate to the path where you installed your OpenSSL binaries.
    • Within this directory chdir to bin
    • Type the following commands to convert the .CER to .PEM format:
      • openssl x509 -in <drive:pathtocert>.cer -inform DER -out <drive:pathtocert>.pem -outform PE
      • openssl.exe pkcs12 -in<drive:pathtonewcert>.pem -out <drive:pathtocert>.pfx -nodes
    • Take the exported .pfx file and save it in a location where you can access it from your IIS server.
  • Open IIS and go to the properties of the web you are configuring with the SSL certificate.
  • Go to the Directory Secuirty Tab and select Server Certificate under Secure Communications.
  • Choose Import a certificate from a .pfx file
  • Enter the password you gave the .pfx file when you created it.
  • After the certificate is imported rerun the wizard and Choose to ‘Assign an existing certificate’ to the site and choose the new certificate that you just imported.

You should now be able to browse the second web server and the SSL wildcard certificate should be activated.  Save the .pfx file for future use and it can be imported into a future webserver to utlize the wildcard certificate.

Tearing out walls… great fun!

We have lived in our house for just over 15 months, while it is a relativly new house there has been alot of work needing to be done since the previous owner basically did no work.  Last year my father-in-law and i installed 700 sqft of hardwood flooring and Natalie and I finished painting the main floor last fall… so finally the house is looking good… well except the basement.  We have our family room in part of the basement so we spend a fair amount of time there.

Well my parents and in-laws are in for Easter weekend so what a great time to start a project.  We have always wanted to change the layout in the basement so this weekend was the start of the project.  We didn’t like the fact when you go downstairs you imediatly stop at a door and wall… so I started practicing my hammer throwing. 




The work continues…. more photos of the progress to come.

HTC Touch Review part 2

Its been about 3 weeks that I have been using the HTC touch.  And believe it or not, and for those who know me well, I have only gone thru 3 handsets in that period.

Historically I have gotten my money’s worth out of my handset purchases and the HTC Touch is really no different.

This post is more about the support provided by Sprint to resolve the issues with the HTC touch.  I have spent about 3.75 hours on the phone with different Sprint representatives in the past week. 

I first had issues with the handset always roaming rather than using normal service.  While traveling to Ohio to got to the Sonicwall RoadShow I was sitting in the car with Jeremie.  JK’s phone (a HTC Mogul) would have EVDO data service and full signal… mine roaming and one bar. 

I took the phone to the Easton Town Place location in Cols, OH and after a little arm twisting they exchange the phone.  The customer service rep (named NII) said I needed all the accessories and the box to do a warranty exchange.  I obviously objected and told him he could keep the box from my new phone… After a little discussion I was walking out of the store with my new Touch… not roaming I’ll add… all was well…or was it.

That night after waiting the 4 hour customary period to kick off the data, I noticed my handset wouldn’t provision with the data services… a 1 1/2 hour support call ended after the customer service person had asked to have my phone hard reset 3 times and it didn’t resolve the problem.

The next am I called again… another hard reset and the device is declaired bad.  So they say I need to go to store to exchange the phone again.  Well since we were leaving CMH after our Sonicwall RoadShow I had no choice but to wait until we drove thru INDY on the way home to swap my phone. 

We arrived in Indy and two wonderful ladies at the Sprint location swapped out my phone again… this time even giving me some of the goodies (cables, headphones etc) and the box.

When we arrived home 4 hours later… still no data.  Another hour on the phone and Sprint tech support tells my my Data is one account and my Voice is another account… they assure me they will fix it… and ask me to call back the next morning.

I connect again with tech support and wait another 4 hours.. no data.  Finally another 45 minute support call and data is working again.

All this to say, if you can find the right Customer Service or Tech Support person from the hold queue you are in good shape… otherwise prepare to repeat your story a few times.

I would say the past few days have given the Touch some serious use… battery life is still really great, except when you have been roaming for an extended period of time.  When roaming for a large portion of the time you can kill the battery in less than 8 hours of standby.

The call quality is great, you can hear all callers very clearly and the quality of the blue-tooth radio is good… very strong connection to the Jabra250 headset.

The one beef with the Touch, the QWERTY keyboard isn’t used except in totally random text entry fields… HTC, let me choose which input device I want to use.

Sonicwall Roadshow

Jeremie and I had the opportunity to travel to Ohio for a Sonicwall Roadshow.  This event was designed to educate those using the Sonicwall product line specifically about the new E-Class UTM hardware.  Since we are looking at the E-Class 5500 as a possible option for our load balancing needs it was a no brain-er to travel to the Roadshow. 

Some highlights from the trip:

I had reserved a rental car from the Enterprise website and found out the next morning that the transaction didn’t complete, and there was no reservation.  The best part of this experience was the individual at the desk at Enterprise tells me “Even if you had a reservation we don’t have any cars, so it really doesn’t matter.”  So Budget Rental car here we come…

A rental car with a bunch of tech stuff powered on… GPS, Cell Phones teathered to laptops for web browsing, IPod etc.

- Dinner at Red Robin Restaurant (home of the bottomless fries!!) with my parents.

- Fixing all my parent’s computer issues… Actually the list was short…configuring both Tivos to connect to the Wifi since we had changed the encryption to WPA and configuring Dad’s new laptop to connect to the Wifi .

Roadshow was good, a little more ‘sales pitch’ than I had hoped but informative but we still learned some things:

- Single Sign-On with Content Filtering only works with Windows machines, if you are rolling this out to all users and you have some Macs on the network that aren’t running a virtual Windows machine this will require a default policy for unauthenticated users.

  • - There is some major development going into the CDP.  They are bringing to market a CDP that has removable drives and is much more expandable than the existing product line.
  • - We were able to give our list of our top 5 causes of heartburn with the CDP to David K. (the CDP Territory Sales Manager) who is going follow up with us to find some ’work arounds’ and then help get our concerns on the development road map.

- David K. mentioned we can work toward some possible options for non-profits for off site CDP replication that aren’t as crazy expensive as the current Sonicwall services

- After meeting with some of the E-Class engineers we have a strategy to quickly install and test the E-Class to determine if it is a ’real’ LB option for us.

- Lunch Jeremie and my Mom at the busiest Wendy’s in the state of Ohio.  This Wendy’s location is in the lower level of The Ohio State University Medical Center.

- Dinner with David, Ruth and Nathan Szpunar at Donatos (one of the best Pizza places)

13 hours of driving, 5 hours of Roadshow a worthwhile trip.

ChipPC goes home

Our demo of ChipPC has concluded, and oviously if we are returning the hardware there were more cons than pros.


  • The device is just really cool.  A thin client that can fit in the palm of your hand.
  • POE (Power Over Eithernet) is a really nice feature.
  • The ChipPC demo pack was loaded with goodies:
    • ChipPC, Wall Plate, POE injector, POE tester, an assortment of needed cables and connectors.
  • Not much if any heat output and low power consumption.


  • We were very unimpressed with the level of followup we received from the company.  It was like pulling teeth to get answers as to what the product included, how to configure it and if add-ons were avaliable.
  • We asked several times and we still don’t know if you can configure the ChipPC to boot into a RPD or Citrix session.
  • Excalabur is a managment tool they provide, but no one really wanted to talk much with us about it and how much it would cost or if it was the right tool for our application.
  • The device runs WindowsCE

Overall it is a nice product but more expensive than the other thin clients we are evaluating and not the best solution for our installation.  Thanks ChipPC for a good demo.