Experience Matters: How Patch Management and Zero Touch Change Organizations

My deepest thanks to the Amsys and Datajar teams for the invitation to speak at this year’s MacAD Conference in Brighton. It was a real joy to spend time with Mac Admins from all over talking about how experiences matter. This presentation was a joy to write. It’s not like other conference vendor presentations, because these topics really aren’t specific to JumpCloud. Good IT Philosophy shapes products, and the vision that I’m espousing here, backed by data, is what we’ve already built and what we’re building in the future.

What follows here is the IT Code I’ve settled on, and I think it’s instructive.

As an IT Professional, I will do my best to –

  • Preserve company data from carelessness and compromise
  • Protect my people from attack and their occasional inattention
  • Defend the integrity of our organization against bad policies, poor security, and short-sightedness.
  • Empower your people with knowledge.

Making a difference for your coworkers’ experience is how you make your coworkers’ like working with IT, as much as that’s possible in 2022.

My Part of the Six Colors Apple Report Card

Today, Six Colors released their annual appraisal of Apple in the eyes of their panel of experts. This is my very first year being part of the panel! Here’s what I said:

Related to Apple Hardware, I gave Apple a 5, saying:

“The 2021 MacBook Pro [is] the most important product Apple has released since the 2012 MacBook Pro sported the first Retina display on an Apple laptop. Apple has redeemed some poor choices, and built a product that’s suited for the Pro moniker. Great work, Apple”

Related to the iPad, I gave Apple a 4, saying:

“iPadOS remains a second class citizen in terms of adoption, focus and attention for Apple, and that makes the best-in-class hardware seem a bit less shiny. No question that the new iPad mini is the best device to carry the moniker, but it still isn’t quite enough of a workhorse. Until the software catches up with the hardware, the iPad is going to be a pretty niche player.”

Related to Apple Wearables, I gave Apple a 4, saying:

“In 2021, I changed jobs, and suddenly had to spend a lot more time on videoconferences. My podcasting headphones were deeply uncomfortable after a few hours of wear. I visited an Apple store for an iPhone repair and tried on a pair of AirPods Max. I swore audibly, and an Apple employee came to check on me to make sure I was okay. I was okay—they fit like a dream, they moved the right way, they didn’t pinch where the temples on my glasses met the ear cup, they sounded incredible. I was so mad that I was about to spend $549, but when you wear them 6-8 hours a day, every day, and they cause you no pain or confusion? That’s money well spent.”

I will also say that I am really enjoying Spatial Audio in my office, and that I hope this comes more places. It is actually something I deeply enjoy.

Related to Services, I gave Apple a 4, saying:

“I remain a happy customer of the Apple One bundle. This is a good product, composed of some excellent items (iCloud, Apple Fitness+, Apple TV+), some okay items (Apple Arcade, Apple Music, Apple Card), and AppleCare remains a product in Apple’s lineup.”

Related to HomeKit and Home Automation, I gave Apple a 2, saying:

“Apple needs a better story here, but the HomePod mini is a solid entrant in the home speaker line. The poor, neglected HomePod, though, is suffering service and experience degradation that needs to be addressed. I am hopeful for a new standard with new material to help uncloud the picture, but we’re still a long way from good.”

Related to Software, I gave Apple a 3, saying:

“macOS Monterey is an incremental improvement, but there’s a long way to go here. Apple only just expanded bike directions for Maps beyond a few core cities, and they have a long way to go to bring the Maps experience to an appropriate level of experience everywhere they promise it. Overall, the Mac’s software is aging poorly. Calendar, Mail and Contacts remain stuck in a much earlier, much less interesting world of personal information management. Mail cannot scale to meet the needs of modern mail experiences, and that’s, frankly, a bit criminal in this world. While Monterey is an improvement over Big Sur — especially for organizations that support Macs at scale as part of business environments — there’s a long way for Apple to go. It feels as if the bold Apple is gone, and it’s replaced by a meek Apple, afraid of making big strides.”

Related to Developer Relations, I gave Apple a 3, saying:

“We need better relationships between MDM developers and Apple, with more give and take, more conversations, more impactful input, and a better cadence for partnerships. I know that my take is different than many, but I’m a different sort of developer in my day job than most. When it comes to the App Store, Apple has some hard choices to make, lest they risk having the whole thing slip right through their fingers in the form of federal regulation of their spaces.”

Obliteration Behavior and the Mac Admin

The single best feature of macOS Monterey, in the eyes of the Mac Admin, is without question the arrival of Erase All Contents & Settings (styled EACS, pronounced “Eeks”), which allows a Mac Admin to restore a properly-equipped Mac computer to the Setup Assistant with no user data remaining in 5 minutes or less. This feature is a massive time-saver for Mac Admins, a huge boon to the average user looking to part ways with their device quickly and securely, and represents a huge step forward for return to service workflows.

What does EACS require to work?

EACS requires a few conditions in order to work correctly:

  • The Mac computer must be running macOS 12 Monterey at the time of operation
  • The Mac computer must have an Apple silicon process, or an Intel processor with a T2 coprocessor

What documentation does Apple provide?

Apple provides some good documentation around this feature. For end users that want to erase their Mac computer, they can trigger EACS directly from System Preferences. Apple has provided additional documentation for MDM vendors related to the Erase Device command.

What happens if things don’t go as planned with EACS?

In the event that EACS does not complete as expected, what the system does will be determined by the default behavior, and the ObliterationBehavior command argument as supplied by the MDM. During EACS, there is a preflight conducted on the system, and that preflight can succeed (which will result in EACS), or it can fail, which will conduct the assigned ObliterationBehavior.

If the command is sent with the behavior set to DoNotObliterate, the system will just error back to the MDM, but do nothing to the device. There are very few scenarios that I can imagine where this behavior is desirable, but if you happen to have one of those, changing the Erase Device command to include this behavior.

If the command is sent with the behavior set to ObliterateWithWarning, the device will log an acknowledgement with the MDM before completing the task, which will erase the device completely, OS included. Under this circumstance, your MDM will understand that the device was not in a state where EACS was possible, and that the device is in a state where it would be totally wiped.

If the command is set without a behavior set, the device will execute the default behavior, which will log an error with the MDM, including an ErrorChain, before completing the task, which will erase the device completely, OS included.

I can’t quite derive the importance of the difference between ObliterateWithWarning and the Default behaviors, as both items will result in a wiped system, but the logging will be slightly different. I will update this post if that becomes clearer.

Resolved

I’m not great at New Year’s Resolutions.

My failure rate is a whole lot like a set of OKRs – designed to be stretched thin, aspirationally crazy, and audacious, and sometimes even just pipe dreams. I get parts of resolutions done, but the whole thing never happens. And, like many groups that adopt OKRs, that’s just fine.

When I think about what I want for 2022, things fall into buckets: what I want to do, how I want to be, and what I want to see.

What I Want To Do in 2022

I want to have an effect on my community. 2021 meant a lot of advocating for road safety in our part of DC, because of two deaths that happened in our neighborhood that didn’t need to, and more than 35 more that happened elsewhere in our city. I want to move the needle toward safer streets. This past week, we raised $100,000 in a day for WABA, and I want to work toward their goal of safe streets for everyone in DC in 2022.

I want to focus on giving back to my professional community, as well. The Mac Admins community is an incredibly special part of the world. This group of tens of thousands of IT professionals across the world is the best online community that I know of: Mac Admins share their code, their knowledge, their focus, their troubleshooting tips, their wisdom and their work. I want to help make the Mac Admins Community build a home that will last.

I want to keep building great tools for Mac Admins at JumpCloud. In 2021, I made a huge change and left my consulting practice to join the team at JumpCloud. Nine months in, I feel like I’m finally starting to understand our process, so I can chart a successful course in the new year. In that time, though, we’ve launched iOS management, and built a bunch of things that will start to come out in January. I want to make JumpCloud a top tier platform for managing Macs at scale. I know there’s a lot to do here. If you want a great challenge, we’ve got more than 50 positions open right now.

How I Want To Be in 2022

Look, I know it’s probably trite, but I think a lot about the darts scene from Season One of Ted Lasso. The mantra of “Be Curious, Not Judgmental” is a really great aspirational statement. Highlighting our own curiosity, and taking away unexplored judgments is a solid way to start. May we all hit our two triple twenties and a bullseye. Barbecue Sauce.

Something I started in 2021 was taking my son to school by bike, on the back of our cargo e-bike. I want badly to continue this through 2022. Miles that I bike are close to free, cause no environmental harm, let me be a closer part of my community, and they make my mind and body sharp. I want to ride 2,500 miles in 2022. Riding is a great way to get out and be active. Get a bike, go for a ride.

Saving your voice for the right moment is going to be a theme. Using my voice for good, for the benefit of many, is its best use. Now, I’m not here to say “Talk Less, Smile More” because that’s antithetical to the point. All our voices are needed. What we need is a little less snark and side-eye, and a little more empathy to the conversation. I’m trying real hard to be the shepherd, Ringo.

What I Want To See in 2022

This is where I get into dreaming, and where I expect that reality will have different ideas than my dreams.

I want to gather with my colleagues again. Since starting with JumpCloud in April, I’ve met less than a percent of my coworkers in person. Since JNUC 2019, we haven’t gathered in quantity as a community of Mac Admins. I am hopeful that MacADUK 2022 will break that streak, and I look forward to being in Brighton in late March.

I want better stories to tell about Mac Management in 2022. We got some new options to explore with iOS for User Enrollment in 2021, and I hope that Declarative Management arrives in some form on macOS in 2022. Admins are still missing some pretty pivotal options for controlled management, chief among them is allowing screen sharing easily with remotely installed tools. Walking a user through approving PPPC profiles is a lengthy process, full of frustration for all parties. This could get a lot better, and it should.

I want better leadership in my community. Doing the right thing is easy when it’s popular. A lot of the hard choices that face our city aren’t so clear cut. A city with half a billion dollars in surplus shouldn’t be clearing homeless encampments with forklifts. A city with half a billion dollars in surplus shouldn’t be struggling to make safe streets. Many of these things are harder without statehood for DC, and I hope that’s on the horizon, as well.

Lastly, and this is probably the most important thing: I want to see you succeed in 2022, also. One of the things that has been hardest for me over the last five years has been the erosion of community everywhere. For a group of people here, the cruelty of their actions has been the point. You can’t counter that with more cruelty. You have to raise all the boats with your high tide. It doesn’t seem just, but becoming the dark side isn’t either. To that end: if there’s something you’re working on that you want to talk about, I’m happy to focus on your work for the Podcast or even just chat about it. Reach out. I want to see you have a joyful and successful 2022.

Happy New Year, everyone. May we all be curious, not judgmental. Do no harm, but take no shit. Keep the faith. Do good work. May your year be joyful, your cup be full, and your body and mind be healthy. Onward. Forward.

Making Safer Streets Benefits Everyone

The last two years, I’ve done more bike riding than ever before. The pandemic made bicycling the best way to get around in a lot of ways. We were all short on exercise, we still wanted to get out and see people, but it wasn’t safe to hang out indoors. Several neighborhood parents and I started a bicycling group that would go out on the weekends — and also Wednesday nights! — and go for a ride in the city.

Here in the world of IT, we know that Steve Jobs famously called the Mac a “bicycle for our minds.” It was a way to speed forward, to use a machine to amplify our own energies. As freeing as using a Mac has been for my life, career and profession, using a bicycle has been that for my body. On my bike, I’m immersed in my community, I see friends and neighbors, I wave at the folks I see, and my knees never ever give me trouble out there. It’s a freedom I can’t get elsewhere.

As the time has stretched on, we’ve had our kids join us sometimes, including a bunch of kids joining for this Fall’s Cider Ride.

What’s been challenging, though, especially over the last year, is getting around on my bike safely. The streets of DC can be very hostile to people who aren’t in cars. DC’s Vision Zero campaign over the last five years has somehow made things worse, and cyclists and pedestrians and other road users have paid the price.

What we need are safer places to bike, walk, scoot, roll and drive. And that’s why my family is partnering with WABA for a year end campaign. My family is backing up their end of year campaign, and we started with a big donation: $10,000. That’s a drop in the bucket for what they need, but it was what we could afford this year to make streets safer. We got together with 20 families and turned that $10,000 into $35,625.

If my work has ever touched you, I’d hope you could join us in making our streets safer here in DC. However, I know that most of you are all around the world. If you wanted to donate to a road safety organization in your community, that would be just as delightful.

Turning Off Work with iOS 15 Focus Modes

I can’t tell you how to disconnect from work.

I honestly have a pretty bad relationship with downtime, likely caused by 15 years of bad habits and consulting clients whose idea of boundaries is letting you sleep in your own home for the holidays. But, as part of an effort to create a healthier relationship with work and rest, I’m taking some time at the holidays to relax, to decompress and recharge, to spend time with loved ones and projects that don’t involve screens.

The best way to disconnect from work is, of course, not to have any. Much like the most secure computer is one that’s off and in the desk drawer, this is an ill-fitted solution to our current era. So, we’re left trying to figure out how to handle this experience.

Thankfully, our most personal devices have some new tools in iOS 15 to help turn off work without severing the ties that bind us to our social groups that live in our phones. Those of us of a certain age have made whole communities out there on the internet, separated by geographic distance, but still part of our lives. I’m fortunate to have great friends in Canada, Australia, England, Scotland, France, Switzerland, and other parts of the world, and they are a rich part of my life.

Step One: App Separation

First up, you’re going to need to identify what’s work and what’s not. Work for me is Gmail, Slack, Jira, Github, Lattice, Zoom, JumpCloud Protect, and the Google suite of apps.

“But Tom,” I hear you say, “my friends live in the Mac Admins Slack!” Mine too! And I don’t plan on logging out there. I have a set of Work Slacks that can live in the Slack EMM app! The EMM app is meant for work use and has additional controls for enterprise admins. I moved my Work Slacks over to that app, which meant that I could have social Slack and work Slack in separate places. Sometimes, this is an inconvenience, but rarely.

Once you’ve got a set of apps that you can clearly identify as work, it’s important to move them to their very own page on your device, because that’s how iOS 15 works its magic.

Here’s my set of Work apps. There are many like it, but this one is mine.

Step Two: Defining Personal Focus

You may remember that Apple added Do Not Disturb mode way way back in iOS 6. It was a simple switch to essentially prevent a phone from making noise when it shouldn’t. Five years later in iOS 11, Apple added Do Not Disturb While Driving, which added some new controls for use associated with vehicles. The flexibility of these features were… lacking.

The next step is applying some Personal Focus settings. Apple made some major improvements in iOS 15 regarding Focus Modes. This new system is a good way to define a Do Not Disturb mode, a Driving mode, a Personal mode, a Sleep mode, and a Work mode. You can also add more modes, but we’ll talk about that later.

Focus modes are setup in the Settings app under the main menu’s Focus item.

Focus Settings screen

Tapping on the Personal focus mode will let you configure a number of settings:

  • Contacts who can reach you
  • Apps that can alert you
  • Whether or not to tell people that you’re in a focus mode
  • Hide Notification Badges
  • Select Custom Pages to show or hide
  • Whether to Dim the Lock Screen
  • Whether to Show Silenced Notifications on the Lock Screen
  • Set a Schedule or Automation for Activation of the Focus Mode
My personal focus mode

For my Personal Focus Mode, I wanted to make sure that all my normal iMessage contacts could come through, as well as other key applications that are part of just living life in 2021: bank apps, personal calendars, messaging and calling apps, travel-focused apps, home automationm and other fun tasks. Setting allowed notifications lets you keep hearing from the things you care about without having to also hear from work.

Step Three: Hiding That Pesky Work Screen

Gathering up your work apps into a screen or two will let you do the next magic: hiding them from view.

From the Personal Focus screen, tap the Home Screen menu, and turn on Custom Pages.

Here, you can select which pages show and which do not, which is why it’s essential to put your work apps together.

Deselect your Work apps screen, then hit Done.

Once you’ve de-selected your Work apps screen, you’re ready to use your new Personal Focus mode and spend time away from the apps that you use for work.

Step Four: Other Settings

There are a few other settings here that will help you out with Focus modes and I want to go over them here.

Dim Lock Screen: Dimming your Lock Screen gives you a plainer experience on at the lock screen. A 90% or so opaque black window over your normal lock screen, the time and date, focus icon, and your messages. It’s a signal to you that the phone is in a focus mode and maybe you don’t want to be paying attention to it?

Silenced Notifications: You can put your silenced notifications — you know, the ones you don’t want to get? — on the Lock Screen anyway. Don’t do this. Don’t be that person. Cool? Cool.

Turn On Automatically: Okay, this one will make sense when we’re out of the woods with the Pandemic, and you can set this to turn on automatically when you get home from an office. Since we’re largely working from home these days, this doesn’t make a ton of sense based on location, BUT, you can set it to hours of the day. Turn off work at 6pm on weekdays? A good plan for a restful evening NOT thinking about Work, hopefully.

Add Time-Sensitive Notifications: Apple also added the concept of a time-sensitive notification to iOS 15, which can be allowed to break through your Focus mode on an app by app basis. If you turn this on, be sure to go into the Notifications screen in Settings and turn off your work apps for this feature.

Turn off Time Sensitive Notifications for your Work apps if you want to leave Time Sensitive Notifications on elsewhere.

Step Five: But What If I Need To Work?

I almost don’t want to put this in here. I want you to get the downtime you need, friend, and that means not checking in if I give you a loophole. If you can feel your willpower slipping, just think about getting another hour’s nap, or another show on Netflix, or a game with your kids. Do that first. THEN come back and let’s talk about this next part.

Cool? Cool.

I’m encoding this in ROT-13 so that you can read it if you feel you need to.

Vs lbh ernyyl jnag gb purpx va jvgu jbex, lbh pna hfr gur cubar’f frnepu shapgvba gb svaq gubfr nccf, be tb gb gur ncc yvoenel srngher ol fpebyyvat nyy gur jnl gb gur evtug-zbfg fperra. Gur nccf ner fgvyy cerfrag ba lbhe qrivpr, naq lbh pna fgvyy trg gb gurz vs lbh zhfg, ohg V whfg jnag lbh gb xabj: vg’f bxnl gb gnxr oernxf, naq lbh fubhyq gnxr oernxf. Vg’f urnygul naq tbbq. Ohg, fbzrgvzrf lbh whfg tbggn chapu guebhtu, naq lbh pna fgvyy tb svaq gubfr nccf vs lbh unir gb.

Decode this by going to ROT13.com

Happy Holidays, enjoy your family, and please take a break. We need you ready for 2022.

MacSysAdmin 2021: User Trust & IT Codes of Ethics

This year’s MacSysAdmin was my first as a speaker, and only my second as an attendee. I hope very much to make it to Gothenburg in 2022 as conferences begin to happen! I was privileged to continue my talk from the Mac Admins Conference, Three Paragons of IT, with a talk called User Trust & IT Codes of Ethics. This talk is a sequel to the previous talk, and it builds on the concepts that IT operates within the values and contexts of its organization. IT is a representation of your values, not exempt from them. This talk covers what your IT department needs to do in order to represent your values to your coworkers.

Title Slide: User Trust & IT Codes of Ethics – Responsible Management is Human-Centric
User Trust & IT Codes of Ethics Video

In this talk, I reference a number of codes of ethics:

These codes are a good place to start but they may not completely represent your organization’s values. Tailor them to your needs! It’s critical

I also talked about supplying your organization with SLA documents and Checklists, and I wanted to supply a couple templates here. They’re not right for your organization, they’re draft and they’re meant for PretendCo, which doesn’t exist. I present them here as samples that you can adapt and change.

It’s Time To Change The System.

My community suffered an unspeakable loss on Monday night, when Allie Hart, age 5, was biking on a crosswalk behind her Dad. A DC Connect van only saw her father, and not her. She succumbed to her injuries on the scene. Her death is one of many cyclists and pedestrians deaths this year at the hands of drivers. Most of these aren’t intentional deaths, caused by people who actively want to run people over. They’re caused by people who are careless, who aren’t paying attention, and happen to be encased in two tons of Detroit or Hermosillo steel.

I’ve been thinking a lot about this subject because it’s keeping me up at night. I bike with Charlie often, he rides on the back of our e-bike, or on his little bike when he feels up to it, but mostly he rides with me. Two weeks ago, as we went to school, a driver who wasn’t paying attention pulled into traffic, almost on top of me. I screamed. She stopped. It was half a second from me being severely injured or killed, along with my son.

We tolerate so, so, so much negative behavior from our systems. No, worse than that, we’re excusing negative behavior because it represents a status quo we’re not willing to upset. We nurture, intentionally or otherwise, outcomes by pretending that if we just acted slightly differently, those outcomes wouldn’t exist.

That’s not how systems work.

Systems can produce negative results, but systems can be altered to account for a negative result.

In IT, if a system is producing data loss, it can be altered to make backups, store multiple copies, or have redundant features. We file bug reports with vendors, we file bug reports against our own processes, we work to make changes in increments to resolve the issue. It doesn’t always fix it the first time, but these processes iterate and change.

Our city has a flaw – one could argue our whole nation does – and it’s too reliant on cars, too congested with them, and entirely too willing to tolerate road deaths, like Allie Hart, as black swans.

What are you tolerating in your own life that’s clearly the negative outcome of a system that you can influence? What are you letting slide in favor of the status quo that’s absolutely making your life, and the lives of others, worse?

It’s time to change the system and deal with it. This far, no further. Draw lines. Make changes.

Feedback Request: Tell Apple to Expand IDPs for Managed Apple IDs

The 2021 Apple Worldwide Developers Conference showed us a lot of great things that Apple has been working on. Included in Apple’s plans are improvements and focus around the iOS User Enrollment workflows for adopting MDM for BYOD devices. This is a welcome development that gives organizations the ability to enforce a few lightweight restrictions (A PIN code! Automatic Lock! Managed Open In!) without having to enroll into a full MDM with the possibility of corporate overreach on personal devices.

There’s a challenge here, and this is where I need your help.

User Enrollment requires a Managed Apple ID in the hands of the user. Currently, there are two ways to create a Managed Apple ID. You can manually fill out the form in Apple Business Manager, or you can federate your domain with Azure AD. This isn’t ideal for organizations that aren’t using Azure AD generally speaking. There are a lot of other IDPs out there. Okta. OneLogin. My very own JumpCloud. These are organizations that should have the ability to provide both SCIM provisioning and identity federation.

Apple handles feature requests in a novel way, via Feedback Assistant. This system allows them to receive feature requests and bug reports in the same system, and allows them to group issues and respond to them based on need. I’m here to encourage the community to let Apple know they want to federate Managed Apple IDs with other IDPs.

First step is logging into Feedback Assistant with an AppleSeed for IT Apple ID. You can use the same Apple ID that you login to Apple Business Manager with. Once you’re logged in, it’s time to create the Feedback:

Start your Feedback in the Enterprise & Education section. If you don’t see the Enterprise & Education section, check to make sure the top left says the name of your organization (for Developer accounts) or Personal (for Managed Apple IDs).

Writing feedback to Apple is a lot like writing feedback to your team. You want it to be actionable, you want it to be specific, and you want the reasoning to be clear and concise. In the product world, this is a User Story. As an IT manager, I want to allow my staff to sign into company resources on their personal device in a safe container, but I don’t want to manually create Apple IDs, or add another IDP to our workflow.

Provide a clear title that lays out your concern. In my case “Federate Managed Apple IDs with JumpCloud”. Set the area you’re seeing an issue with to Apple Business Manager.

The next piece is up to you. I can see this as a Suggestion, or an Incorrect/Unexpected Behavior. You choose.

Using the latter flags it as a bug that is preventing business activity, and requires an impact statement. Suggestion is a ‘nicer’ way of handling this.

The Feedback here is an art, and every organization needs to approach it organically. There are a couple of major points to make:

Apple has placed a huge emphasis on User Enrollment for BYOD Devices in Enterprise. They see BYOD devices as an important area for development. A major feature of iOS 15, and of MDM development, is tied to User Enrollment.

I would align feedback to the effect of:

“As an organization, we want to encourage the adoption of User Enrollment to our MDM. We believe that our corporate data should be safe on our employees’ iPhones and iPads, and that our organization should be allowed to set some basic guidelines for access to that data around security. To that end, we want to support User Enrollment, but we have XXX people, and manual creation of Managed Apple IDs is a dealbreaker for our IT department, and federation and provisioning with our Single Sign On Provider, JumpCloud, would allow us to implement this feature in a manner consistent with our IT goals and requirements.

Our current user count is XXX and we currently spend $XX,XXX on Apple products, and estimate that our XXX employees spend approximately (XXX times $800) per 2 years on personal iPhones.”

It’s important to provide impact dollar amounts so that categorization can be done on the feedback request.

Once you’ve written your story, submit your feedback! If you wanted to do me a favor, let me know about your Feedback Request.

Dispatches from DC

Thursday morning bright and early we discovered an emergency alert – a pipe burst in NW DC and that caused a pressure drop in our part of town, meaning our water was no longer safe to drink. Boil Order! At least two days of boiling anything we wanted to drink, cook with, or water the cat with.

Last night, we were invited by another playgroup parent to join them at the Friday Evening Parade at Marine Corps Barracks Washington on the Hill. The Barracks sit right in the middle of Capitol Hill, 8th St SE. One minute you’re walking by storefronts and restaurants, the next you’re on the block with dress-uniform Marines and Naval officers saluting everyone who comes as a guest to the post.

The guests of honor were three Medal of Honor recipients. The only one I remember currently is Hershel “Woody” Williams, namesake of the USS Hershel “Woody” Williams (ESB-4).

The parade opened with the arrival of the President’s Own Marine Band, and then the Marine Drum & Bugle Corps. Each was in fine form, but I think the Drum & Bugle Corps had the edge. They played both Sousa, and Queen’s Bohemian Rhapsody, but I think the highlight of the night for me was both Scotland the Brave, and the Shosktakovich fanfare, complete with cannon fire, played to close the concert.

The President's Own
The President’s Own, photo by author

At the end of the night, the Marines brought the 1801 15-star/15-stripe flag down while the band played. A lone bugler sounded taps from the rampart at the top of the barracks, and the VIPs and citizens alike turned out along 8th Street near the old lamps. Privates in dress uniforms stood their posts along the corners and gates, and the oldest continuously occupied home in Washington remained, standing ever-faithful watch over our fair city. As if to exhale, after being a successful host, the breeze blew north off the river, cooling the August night as we walked on the bricks that have been in the ground as long as this city has been here on the banks of the Anacostia.

The Commandant's House
The House of the Commandants, photo by author.

Life in Washington is a mix of things. We are a city like any other, with poverty and affluence, peace and violence, development and decay. We are like much of the United States that way. This was a week of contrasts in a city of contrasts. A boil order in our house, and a perfectly-ordered performance, one of hundreds done over decades with traditions centuries old.

Complexity can be its own beauty, and this city has plenty of it. Not far from those barracks are neighborhoods where development isn’t attractive to business because it doesn’t remake enough of the neighborhood to satisfy economic needs. Violence can be rampant because opportunity is limited, and despite a near-blanket ban on guns, they’re everywhere.

The critiques of DC aren’t new to me. They come from people who see anything less than suburban or rural order and sparseness as dirty and undesirable.

There’s beauty in those neighborhoods too, and it is just as complex. Go-go and street music, community gardens amid the projects, street art with incredible depth and technique. This city’s life is complicated. The Evening Parade at the Barracks isn’t the city’s only standing ceremony, or even its longest. The parade may be larger than most, but social clubs like the Capital Checkers Club, and the Brookland Literary and Hunting Club have kept the pace and peace of our city.

This is a complicated place, without question, but when it is beautiful, it is beautiful beyond measure.

And it wouldn’t be DC if we weren’t as complicated and beautiful as the nation we are capital of.