DTCPing & DTCTest–Useful Toolbox Items

Posted on February 22, 2012 by Dan Toomey

When configuring BizTalk in a multi-server environment, getting the Microsoft Distributed Transaction Coordinator (MS DTC) settings right on all participating servers in the group is critical. If you don’t, you’ll run into all sorts of errors that don’t always explicitly point to DTC issues.

This article by James Shropshire gives some helpful advice about using these two free tools from Microsoft to troubleshoot issues with MS DTC:

http://www.remotedbaexperts.com/Blog/2011/01/troubleshooting-biztalk-dtc-issues-with-dtcping-and-dtctest/

Yesterday, the DTCTest proved very helpful in identifying issues at a client where they had used an unsupported cloning tool to create the BizTalk and the SQL server images, which left both with the same CID (these must be unique). Fortunately, the problem was solved by running the following two commands:

msdtc –uninstall

msdtc –install

More information about this can be found here:

http://msdn.microsoft.com/en-us/library/aa561924.aspx

Posted in BizTalk | Tagged DTC | Leave a comment

Creating TMG Firewall Rules for Azure Service Bus

Posted on February 19, 2012 by bill

As Mexia starts doing more and more Azure work, I am getting asked more frequently about firewall rules for accessing the Azure Service Bus.

At first this seemed a weird question to me, to communicate with Azure Service Bus it is all outbound traffic, but more and more companies lately are restricting outbound traffic, for example the default Microsoft Threat Management Gateway (TMG) outbound rule only allow 80 and 443.

So for my own reference and for others that may get asked the same question, here are the steps for create an TMG outbound firewall rule for Azure Service Bus:

In the TMG Management Console under Web Access Policy, we need to define the network object that represents our BizTalk or Windows Server that needs to access SB

We also need to create a Protocol rule that defines that SB Traffic, TCP 9350 to 9354

We then need to create the Web Access Policy for Azure ServiceBus

Protocols HTTP, HTTPS and the ServiceBus Protocols we defined earlier

The Source of the Traffic we defined earlier

The destination of the traffic, in our case the external interface on our TMG Server

Once the Web Access Policy is created you will have to activate the change to the TMG Server

The new Web Access Policy is now active, you BizTalk or Windows Server will now have access to the Azure Service Bus

Posted in Azure, BizTalk, TMG | Leave a comment

WCF Extensibility: IEndpointBehavior implementation Gotcha

Posted on January 31, 2012 by matthew

I feel like an utter amateur for falling down on this one but I am providing my story here in case anyone else out there is pulling their hair out for the same reasons.

I was keen to modify the exported wsdl on a WCF service and checked out the many articles out there in the ether to fast-track my efforts. I managed to build a simple HelloWorld service (with client console) and added in the plumbing to implement both IWsdlExportExtension and (in my case), IEndPointBehaviour.

After I felt I had everything in place and (seemingly) configured correctly I tested the service by browsing to it and visually checking the wsdl – no, my modified wsdl wasn’t showing. No errors, just no change in the service description.

I put traces in each of the IWsdlExportExtension and IEndPointBehaviour methods and when I’d hit the service, nothing was coming out in the trace – again, no errors, no output and no change in the wsdl. Frustration Plus.

I thought I’d change tack and get my worker class to implement IServiceExtension instead (just to see some kind of change in behaviour). I modified the configuration appropriately and this time saw that each of my IServiceExtension methods were getting hit…something was happening!

After the umpteenth magnifying-glass-close scrutiny of my service web.config (and after combing over an excellent blog by Carlos Figueira) I noticed a discrepancy – the “name” attribute of my “service” node included the service namespace but the name was slightly off – “HelloWorld” instead of “HelloWorldService” in this case. No match on name, no pointing to the behaviour I had configured!!! I made the change and voila – everything worked – methods getting hit, wsdl getting modified and emitted as expected.

I’ve included my web.config snippet below.

<system.serviceModel>

</behaviorExtensions>

</extensions>

</behavior>

</endpointBehaviors>

</behavior>

</serviceBehaviors>

</behaviors>

</service>

</services>

</system.serviceModel>

Also for some excellent references on WCF extensibility check out some of Carlos’ blogs:

http://blogs.msdn.com/b/carlosfigueira/archive/2011/10/06/wcf-extensibility-wsdl-export-extension.aspx
http://blogs.msdn.com/b/carlosfigueira/archive/2011/04/05/wcf-extensibility-iendpointbehavior.aspx

Hope this helps!

Matt Warwick

Posted in Mexia | Tagged IEndPointBehavior, WCF, Wsdl | Leave a comment

Customising a BAM Tracking Profile

Posted on December 18, 2011 by Dan Toomey

Anyone who has used the Tracking Profile Editor (TPE) in BizTalk to map field values to their BAM activity definitions knows how simple and easy the interface is to use. You simply right-click on the orchestration shape that sends or receives the message, select “Message payload…” to see the schema for the message, and then click & drag the schema node onto the activity property that you want to assign the node value to:

Easy, right? Of course. But unfortunately, like most things in life, the trade-off of simplicity is some significant limitation in functionality and/or flexibility.

In the example case above, the “B2GResponse” record is a repeating element in the schema (maxOccurs=”unbounded”). While the TPE will very happily let you save and deploy the tracking profile, you will discover that a record with multiple “B2GResponse” nodes incurs a runtime error, as evidenced by this event log entry:

The “AmbiguousXPathException” thrown states “The result set for the XPath expression ‘<xpath expression for the target “PpsrBatchId” node>‘ contains more than a single node.”

Moreover, the actual node value is never recorded, even though BAM does (very politely) create the record despite the error (it just inserts NULL into the “PpsrBatchID” field):

Essentially the XLANG engine cannot map a repeating value to a single column in the BAM activity table. Makes sense, right? Even though we know in this case that “PpsrBatchID” node will contain the same value from every record, we can’t expect the BAM runtime to infer this for us. What would be nice is if the interface allowed you to specify a specific index for the node from which to draw the value from; it doesn’t (simplicity vs. functionality).

One obvious solution would be to re-design the message schema and elevate the “PpsrBatchId” value to a single node occurrence at the message level. However, we don’t always have this option to customise messages.

It doesn’t have to end here, though. Often the limitations offered with a simple GUI tool can be overcome by looking at what’s under the covers. In this case, with a little bit of “hacking”, we can manipulate BAM to parse the value out of a specific instance of a repeating field.

First we have to understand what the TPE does. When you save a tracking profile, it creates an XML file with a “*.btt” extension. This can then be deployed either through the TPE GUI or by the BTTDeploy command line tool:

“%BTSINSTALLPATH%tracking\bttdeploy.exe” “.\ ProcessRegistrationsResponse.v0.2.btt”

If we inspect the *.btt XML file, we can easily divine its structure:

Essentially, we see a “Dimension” element for each BAM activity field with a “DataLevel” sub-element that defines the source of the data. In the case of example TPE above:

<?xml
version=“1.0“
encoding=“utf-16“?>

</Dimension>

</Dimension>

<DataLevel
Name=“PpsrBatchID“
SourceTypeSelected=“Orchestration Payload“
TargetAssemblyName=“MyClient.Ppsr.Orchestrations, Version=1.0.0.0, Culture=neutral, PublicKeyToken=d9cf9d5c9f7e687e“
OrchestrationReference=“MyClient.Ppsr.Orchestrations.ProcessRegistrationsResponse“
ShapeID=“67801549-63ff-4db0-affa-abed2e387b22“
MessageName=“msgB2GResponsesIN“
MessagePart=“responses“
SchemaName=“MyClient.Ppsr.Schemas.Internal.PpsrDB.Veda.TableOperation_dbo_B2GResponse+Insert“
MessageDirection=“Out“
SomXPath=“/*[local-name()='<Schema>' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/TableOp/dbo/B2GResponse']/*[local-name()='Insert' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/TableOp/dbo/B2GResponse']/*[local-name()='Rows' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/TableOp/dbo/B2GResponse']/*[local-name()='B2GResponse' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/Types/Tables/dbo']/*[local-name()='PpsrBatchID' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/Types/Tables/dbo']“
XPath=“/*[local-name()='Insert' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/TableOp/dbo/B2GResponse']/*[local-name()='Rows' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/TableOp/dbo/B2GResponse']/*[local-name()='B2GResponse' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/Types/Tables/dbo']/*[local-name()='PpsrBatchID' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/Types/Tables/dbo']“ />

</Dimension>

</Dimension>

</TrackingProfile>

Notice the highlighted XPath statement that defines where to retrieve the data from for the “PpsrBatchId” field. Here we have the opportunity to manually edit the XPath, instructing BAM that we only want the first record instance by using the XPath “position()” function:

“/*[local-name()='<Schema>' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/TableOp/dbo/B2GResponse']/*[
...
/*[local-name()='B2GResponse' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/Types/Tables/dbo' and position()=1]/*[local-name()='PpsrBatchID' and namespace-uri()='http://schemas.microsoft.com/Sql/2008/05/Types/Tables/dbo']“

Now we can save & deploy the BTT file, and the next time we run the process…

Bingo! We can now see the value entered in the table.

Lesson learned: when the simplicity of a GUI tool restricts your ability to do something slightly more advanced, it pays to dive under the covers and see what really makes it work. You’ll often be rewarded with the ability to customise the behaviour.

Posted in BizTalk | Tagged BAM, TPE | Leave a comment

BizTalk Server 2010 R2 is part of Microsoft’s overall Azure Integration Strategy

Posted on December 9, 2011 by Dean Robertson

It’s finally here folks! After much hand-wringing in the community over the future of BizTalk Server, Microsoft have continued their commitment to their premier on-premises integration platform and announced the release of BizTalk Server 2010 R2.

The main areas of improvement are:

1. Platform Support for Windows Server 8, SQL Server 2012 and Visual Studio 2011.

2. Improvements to the accelerator packs for HL7, HIPPA and SWIFT

3. Better adapter connectivity for DB2 and IBM systems

4. Performance improvements for batch processing, ordered send ports and scale-out host configurations.

5. Even tighter integration with the Windows Azure ServiceBus for cloud-scale integration solutions.

6. Changes to the licencing model to allow cloud-based hosting from a SPLA partner.

Fundamentally these aren’t big changes to the overall BizTalk Server platform, but it demonstrates an on-going commitment by Microsoft to on-premises integration solutions for customers that can’t (or wont) move their systems to the cloud in the future.

Further, by ensuring that BizTalk Server is 100% compatible with the Windows Azure ServiceBus (using the Azure relay & messaging bindings with the WCF adapter), Microsoft are positioning themselves really well for any combination of the following solutions:

Pure On-premises Integration

BizTalk Server
Windows Server AppFabric

Hybrid Integration

BizTalk Server
Windows Server AppFabric
Windows Azure AppFabric

Pure Cloud-based Integration

Windows Azure AppFabric

I think this is a really smart strategy by Microsoft, and those integration consultancies who play in this space would be wise to maintain their on-premises BizTalk expertise so they can deliver all three types of solutions to their customers.

I know we are.

Posted in Azure, BizTalk, Window Server AppFabric, Windows Azure AppFabric | Leave a comment

Do you know about the Windows Azure Discovery Pack?

Posted on December 6, 2011 by Dean Robertson

Mexia are currently deep-diving on the Windows Azure platform because, like Microsoft, we are “all in” with the cloud.

We know that the future of system integration will involve the cloud in one way or the other, and as integration specialists working with corporate & government clients, building Hybrid Integration Platforms using both Windows Azure AppFabric Middleware AND BizTalk Server is now our raison d’être.

However explaining the cloud to our customers has not been as easy as our decision to follow Microsoft into the cloud.

Interestingly, we’re finding that the main pushback isn’t technical because they generally already know that the cloud gives them immediate agility, better server utilisation and a managed infrastructure service.

The main resistance points that we’ve had are:

1. Perception of unquantifiable risks (information security, service uptime etc), which is tackled here.

2. Real unwillingness to uproot their business’ IT systems while everything is stable, which is tackled here.

3. Perception of unpredictable costs, which is tackled here.

The third & final resistance point is an interesting one, mainly because I genuinely think some of our customers genuinely LIKE buying servers and having control over their environments. I think this is because provided they can quantify the expense of buying their own infrastructure (however high it is), and as long as they are still making money, why turn everything upside down and change the way they do things?

This is clearly bonkers, however, it’s one of the resistance points we face and we have to know how to deal with it.

Enter stage left the Windows Azure Discovery Pack!

As you can see it’s a current promotion by Microsoft that gives you a 6 month block of Azure hours for half-price, plus free training, plus free consulting (from Mexia or your preferred Windows Azure partner).

The website also says the offer expires June 30^th 2012, but Microsoft’s effervescent Azure marketing specialist Margaret Synan explained to me that if you buy a DP before Xmas 2011, you’ll have time to purchase another one before the offer goes away. This means you’ll have effectively locked in the 50% discounted Azure pricing for 12 months!

Talk about a way to quantify your Azure costs.

The Discovery Pack is really worth considering if Azure goodness is on your company roadmap for 2012 and you want to control your costs whilst you climb aboard the juggernaut!

Get it while it’s hot, and tell them Mexia sent you! Smile

Posted in Azure, Marketing, Mexia, Training, Windows Azure AppFabric | Leave a comment

Windows Azure BizSpark StartUp Camp

Posted on November 16, 2011 by Dean Robertson

If you’re an aspiring young Queensland company building a cloud-hosted service or product, then you could do far worse than to attend the Windows Azure BizSpark Startup Camp in Brisbane on 2-4th December 2011.

Mexia participated in the Melbourne event early 2011 and we loved every bit of it. You get free Azure developer training, one-on-one developer mentoring from Azure MVP’s such as Steven Nagy, and advice on how to commercialise your idea.

If you’re a Microsoft BizSpark member you can also pitch your idea to a panel of investors & technical gurus, all of whom have real world experience launching technical products into the marketplace.

It doesn’t get much better considering the price, and I heartily recommend the investment of your time to go along.

Posted in Azure, Mexia, Training, Windows Azure AppFabric | Leave a comment

OAuth Certificate Authentication with ACS

Posted on October 31, 2011 by Ben Simmonds

Summarises our experience authenticating callers with the Windows Azure AppFabric Access Control Service (ACS) using X.509 certificates.

Here’s the scenario. A consumer (Alice) wants to publish a message to the Azure AppFabric Service Bus, however before doing so, somehow needs to prove that she is in fact Alice. Taking a certificate based approach, requires Alice to craft a SAML token which among other things states “i’m Alice” (relying party scope), and signing this token with Alice’s (private key) certificate. If Alice were to deliver this token to ACS (https://yournamespace.accesscontrol.windows.net/v2/OAuth2-13), and a relying party, rule group and service identity with Alice’s public key had been configured, ACS in return would give Alice another token (a SWT token by default) signed with a specified signing key, which Alice could use from that point to prove identity.

In short, we are providing a token, with the intent of receiving another token in return. The token returned by ACS is potentially very powerful, and can be used to authorise access to resources in many downstream systems.

To establish this relationship between ACS and consumers, consumers need to have an X.509 certificate that uniquely represents them as the consumer. A self signed (makecert.exe) certificate in this instance is perfectly fine. Next the public key for this certificate needs to be exported (.cer) and provided to the ACS administrator. It’s important to note here that the private key (.pfx exports contain both the private and public keys) portion of the certificate should always be kept confidential. ACS only requires a consumers’ public key in order to verify their digital signature.

The OAuth sample in the OAuth2 folder for the Access Control Service Samples and Documentation contains many gems for doing this. Such as crafting SAML2 tokens, and populating the necessary OAuth HTTP headers, and so on.

This sample illustrates how to authenticate to Windows Azure AppFabric Access Control Service (ACS) using the OAuth 2.0 protocol by presenting a SAML token signed by an X.509 certificate. This certificate corresponds to a ServiceIdentity configured on ACS, and ACS issues a SWT with a nameidentifier claim of the ServiceIdentity. This SWT is used to authenticate to an OAuth 2.0 protected resource. This sample conforms to draft 13 of the OAuth 2.0 protocol.

When doing this for the first time, or when things don’t work out, its awesome to be able to inspect the HTTP conversations that take place with ACS. As you would expect, ACS enforces the use of SSL. SSL tunnels present a huge problem in terms of tracing. Fiddler fortunately comes to the rescue. Fiddler works by placing itself as a man-in-the-middle proxy between the client and server, as a result it also needs to provide a certificate for SSL requests. As this is not recognized as valid certificate, .NET throws an WebException at System.Net.HttpWebRequest.GetResponse() and no traffic shows up in Fiddler. To still be able to check accuracy of the programmatic requests with Fiddler, it is possible to directly add a new delegate, which always returns true, basically disabling certificate validation from deep within the framework libraries.

To get up and running with Fiddler and SSL tracing:

- Tools > Fiddler Options > HTTPS > Decrypt HTTPS Traffic

- Add this line of code to the .NET code responsible for transmitting the SAML token to ACS :

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

First attempt to run the code, I got a simple HTTP 400 back. Fiddler showed the following.

    HTTP/1.1 400 Bad Request
    Cache-Control: private
    Content-Type: application/json; charset=utf-8
    Server: Microsoft-IIS/7.0
    Set-Cookie: ASP.NET_SessionId=mxla1kuojr1udh0u2sho21i0; path=/; HttpOnly
    X-AspNetMvc-Version: 2.0
    x-ms-request-id: 8718c3e7-a3ee-4cf0-af1f-951a09dfd9fe
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Content-Type-Options: nosniff
    Date: Mon, 24 Oct 2011 05:27:12 GMT
    Content-Length: 1113

    {"error":"invalid_grant","error_description":"ACS50008: SAML token is invalid. ACS50006: Unable to verify token signature. The following signing key identifier does not match any valid registered keys: SecurityKeyIdentifier\r\n    (\r\n    IsReadOnly = False,\r\n    Count = 1,\r\n    Clause[0] = X509RawDataKeyIdentifierClause(RawData = RAW_DATA_GOES_HERE)\r\n    )\r\n. \r\nTrace ID: 8718c3e7-a3ee-4cf0-af1f-951a09dfd9fe\r\nTimestamp: 2011-10-24 05:27:13Z"}

ACS50006: Unable to verify token signature. The following signing key identifier does not match any valid registered keys. The error message spells it out. ACS could not find ANY valid certificates. Using the ACS Management Portal, go to Service identities, and drill into the identity of concern. If the status of the certificate is anything but valid (e.g. because its expired, etc) you will get this error. The certificates provided for the OAuth2 sample in the Access Control Service Samples (16 May 2011 update) all expired as of 16 Sep 2011, and will result in this exact error.

To get the samples working, I created my own self signed certificates.

makecert -r -pe -n "CN=mexia" -b 01/01/2000 -e 01/01/2099 -eku 1.3.6.1.5.5.7.3.3 -ss My

I then exported the public key portion (.cer) of the certificate, using the certificate manager MMC snap-in (certmgr.msc).

Using the ACS Management Portal, upload the exported “.cer” against the service identity.

If everything lined up, you should get a HTTP 200 containing a SWT token in return from ACS. An essence, a rather elegant alternative to using shared secrets to figure out who’s who.

    HTTP/1.1 200 OK
    Cache-Control: public, no-store, max-age=0
    Content-Type: application/json; charset=utf-8
    Expires: Mon, 24 Oct 2011 06:03:44 GMT
    Last-Modified: Mon, 24 Oct 2011 06:03:44 GMT
    Vary: *
    Server: Microsoft-IIS/7.0
    Set-Cookie: ASP.NET_SessionId=qz0cuqmk1nxt01wxehbqvq25; path=/; HttpOnly
    X-AspNetMvc-Version: 2.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Content-Type-Options: nosniff
    Date: Mon, 24 Oct 2011 06:03:45 GMT
    Content-Length: 606

    {"access_token":"http%3a%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2fnameidentifier=OAuth2SampleX509Identity&http%3a%2f%2fschemas.microsoft.com%2faccesscontrolservice%2f2010%2f07%2fclaims%2fidentityprovider=https%3a%2f%2fbensimmonds.accesscontrol.windows.net%2f&Audience=https%3a%2f%2foauth2RelyingParty%2f&ExpiresOn=1319439825&Issuer=https%3a%2f%2fbensimmonds.accesscontrol.windows.net%2f&HMACSHA256=uaSF%2fojN%2f4SBQd5p1IYurRu0B5hc6Pdz4uC9ChvqFE4%3d","token_type":"http://schemas.xmlsoap.org/ws/2009/11/swt-token-profile-1.0","expires_in":"3600","scope":"https://oauth2RelyingParty/"}

As an aside, the following error response was returned from ACS when using a self-signed certificate created with makecert using the following switches:

makecert -n "CN=mexia" -pe -ss my -sr LocalMachine -sky exchange -m 96 -a sha1 -len 2048

    makecert -n "CN=benjaminify" -pe -ss my -sr LocalMachine -sky exchange -m 96 -a sha1 -len 2048

    HTTP/1.1 400 Bad Request
    Cache-Control: private
    Content-Type: application/json; charset=utf-8
    Server: Microsoft-IIS/7.0
    Set-Cookie: ASP.NET_SessionId=hxi2tbkn404lihcndxnuka35; path=/; HttpOnly
    X-AspNetMvc-Version: 2.0
    x-ms-request-id: 00dc92c8-9a72-4f0f-8b38-c5581a5cfcc5
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Content-Type-Options: nosniff
    Date: Mon, 24 Oct 2011 05:56:55 GMT
    Content-Length: 286

    {"error":"invalid_grant","error_description":"ACS50008: SAML token is invalid. ACS50017: The certificate with subject \u0027CN=benjaminify\u0027 and issuer \u0027CN=Root Agency\u0027 failed validation. \r\nTrace ID: 00dc92c8-9a72-4f0f-8b38-c5581a5cfcc5\r\nTimestamp: 2011-10-24 05:56:55Z"}

Unlike the above working example, this will create a self-signed certificate associated with a issuer called “Root Agency”. ACS will spit the dummy (ACS50017) if the root issuer cannot be verified/trusted.

Posted in Azure, Windows Azure AppFabric | 1 Comment

Mexia Welcomes Ben Simmonds into the Fold

Posted on October 16, 2011 by Dean Robertson

We are extremely happy to announce that Ben Simmonds has started with Mexia today, based in Canberra as a Senior Integration Specialist focused on building hybrid integration platforms using BizTalk Server and the Azure AppFabric Middleware stack.

He is an extremely bright and talented young developer, whose passion for technology shows through in every conversation you have with him.

Ben represents Mexia’s first permanent member of staff to be based in Canberra, and will help build a team of like-minded integration specialists that work with our Federal Government clients with their integration platform needs.

You can get in touch with Ben directly on bens@mexia.com.au or get him on Twitter at @benjaminify.

Welcome aboard mate, we’re very happy to have you!

Posted in Mexia | Leave a comment

Mexia Enters the Next Phase of Our Growth

Posted on October 7, 2011 by Dean Robertson

Mexia was founded in 2008 with a vision to provide specialist architectural & technical consulting services in enterprise integration, with a laser-focus on Microsoft BizTalk Server and Windows Server AppFabric. Obviously that focus has now extended to include the fantastic new capabilities of the Azure AppFabric Middleware Services, but as a business we are still committed to excellence in purely system integration and business process automation.

However being good at technology and being good in business are two very different beasts, and after starting in 2008 it took me a while to realise that I would need some help on the business side of things.

In early 2009 I was introduced to iLab in Toowong, Queensland, which is a Queensland State Government-funded business incubator that “…turns technology start-ups into successful global ventures”.

In exchange for an extremely modest monthly fee with no long-tem obligations, I was introduced to the exciting, challenging, potentially complex world of entrepreneurialism.

iLab has several fantastic good things going for it: CEO briefings, networking, introductions to solicitors & accountants, sales training, cheap co-location office space etc etc. But by far and away the best thing that iLab offered me was the once-a-month Mentor Meetings with a panel of successful entrepreneurs who volunteer their time to help the next generation of young guns to come up through the ranks.

When Mexia joined iLab I had a mentor panel hand-picked for me, with their real world experience being evaluated against the range of experience & skills that I would be needing access to. This service alone was worth it’s weight in gold.

The Mentor Meetings are run every month like a real Board Meeting where, apart from grilling me on financial performance, strategy, market positioning, HR strategy etc, they teach you how to walk & talk like a grown-up company.

I’ve said it once and I’ll say it again until I’m blue in the face – if you’re new to business get yourself some mentors!

Mexia has been part of the iLab incubator program now for 2.5 years, and as a business I don’t know where we’d be without them. They’ve nurtured and supported me whilst I went through the journey from complete novice to (mostly)competent businessman, and have ensured that Mexia now has the strategic & operational foundations from which we will surely grow & succeed in the marketplace.

Since 2008 Mexia has grown from just me and a laptop, to having:

7 full-time staff (and counting)
clients in almost every state in Australia
an amazing business partner (Mathew Coleman)
a formal Board of Directors, and
a crystal clear vision of who we are, what we do, and where we’re going.

However, as in life all good things must come to an end, and we’ve decided it’s time for Mexia to ‘graduate’ from iLab and move out into the real world. We’ve grown up, and just like our kids, we need to move out of home.

So yesterday I had my final iLab Mentor Meeting, and as usual it was an intense, challenging, rewarding and fulfilling experience.

If it wasn’t for these guys sitting around the table Mexia would not be the quickly-growing company that it is today.

From left to right around the table:

Chris Tia
Andrew Campbell
Calvin Treacy (and the Chairman of Mexia’s new Board of Directors)
David Clarke
Paul Watts
Mathew Coleman (my new business partner & Mexia’s National Projects Director)

NB: I’d also like to say a special thanks to Colin Kinner, Anne-Marie Birkill, Peter Allison, Michael Good and Helen Vince for for their respective roles in Mexia’s time at iLab.

Just like you can’t tell someone what it’s like to have kids until you’ve had them, you can’t tell someone what it’s like to start & grow a business until you’ve lived through the emotional stress-coaster yourself. These guys “get it”, and we have a bond forged through a shared appreciation of having to make payroll every fortnight with never enough money in the bank

So this post is an indulgent THANK YOU from me to my iLab Mentor Panel. It’s been a privilege to have you all pick apart my (our) business every month. I feel sad today for the end of this fabulous process, but I also feel so incredibly proud!

Posted in Mexia | 5 Comments

Home Legal Privacy Webmaster