AU and WU will now continue to honour the blocking mechanism that prevents the offering of Windows XP SP2 until Tuesday 12 April 2005.
Accoring to Microsoft, "beginning on Tuesday 12 April 2005 AU and WU will deliver SP2 regardless of the presence of the blocking mechanism. Note that this is also the scheduled day for a monthly cumulative security update".
This briefing contains both a developer and an IT Professional track, and concludes with Steve Ballmer giving a key note. The developer track will be a little more in depth than for the IT Pro track, but both should provide solid advice and guidance.
I hope to see you there!
Microsoft are in the process of updating Microsoft Solutions Framework, as part of the ongoing work on Whidbey, and Visual Studio. Details have been sketchy, but we're beginning to see some details. For reasons I can't quite totally work out, Microsoft has released part of MSF 4.0 via GotDotNet Workspaces. You can obtain the first deliverable, MSF Agile. This material is delivered as a sort of web site, with a root page (ProcessGuidance.html), which points to other documents.
MSF Agile is "a scenario-driven, context-based, agile software development process for building .NET and other object-oriented applications. MSF Agile directly incorporates practices for handling quality of service requirements such as performance and security. It is also context-based and uses a context-driven approach to determine how to operate the project. "
Three key changes from MSF 3.0 are:
1. The lifecycle for each iteration is slimmed down to just three phases: Plan, Develop, Test.
2. The roles change too, with only 5 roles: Architect, Business Analyst, Developer, Project Manager, and Tester.
3. Finally, the work products are different. New artifacts include: Threat Model Data Flow Diagram, and Quality of Services Requirements List. The Vision Statement is still included!
It looks an interesting approach. I'll have to read more about it to discern the deeper differences.
Cool stuff!
Sadly, this is not available for Windows.
This raises two questions. First, why wan't this available at the same time as SP2? One could go deeper and ask why wasn't MBSA simply rolled into SP2, but I'll pass on that one. The second question is: where's the updated Application Compatibility Tool Kit?
XP SP2 is running reasonably well on my main workstation, but now that SP2 is out, I feel it time for a complete rebuild from the ground up, if only to get rid of all the little bits of random beta stuff still on this box!
This is a bit of a shame - as the product looks most useful. Ahh - the joys of beta software!
As an aside, it seems to me that WinFS, with it's longer term ability to make searching fast and flexible, has generated some real short-term competition. Products like Lookout and Recall provide today what Longhorn may deliver some years down the road - and thus far, these are free. No, they are not as grand and glorious as the vision WinFS (and all of Longhorn) will one day become. But they're tools that help me today to manage the information overload that seems to be much of my working day.
I have found (and installed) an interesting application called BlogJet. It is a cool Windows client for my blog tool Blogger and other tools.
You can get a copy here: http://blogjet.com/.
It is not free :-(
For planning purposes, if you've done any widescale deployment of interim beta versions of SP2, it probably makes sense to assume you can't upgrade the earlier version. Thus, allow time to deinstall and then reinstall SPs.
For me, the SP installation process has been relatively painless and thus far, I've had no real problems with any of these machines. So far, so good!
OneNote SP1 shipped yesterday and I've already downloaded and installed in on my personal machines. In a blog entry yesterday, Chris Pratley suggests that there will be "some awesome power toys out soon". And today (well today my time), the first two toys are now available for download.
As I write this the OneNote Power Toys page at microsoft.com is not yet up. But the two toys are directly downloadable. These two toys are:
One example of a working Wiki is the dotNetInfluencers Wiki. The idea is to have a place where some of the leaders in the .Net Community can document their activities and provide information and reference material for others.
A neat idea! I hope it takes off.
You can download the Performance Monitor Wizard from the Microsoft download site.
Using Google to search for a term this morning, I came across the W3Schools Online Web Tutorials site. This site has a number of on-line tutorials on:
I've been meaning to do some more digging into XML and it looks like some study time is calling!
I'm really pleased to let you all know we've persuaded Bill English and Todd Bleeker to come on over to the UK and teach their SharePoint Summit. This will be an intense 5-day look at the Share Point technologies from both administrator and developer points of view.
Details of these two summits are at:
I am quite excited about the ideas we're having around QA Academy. It's got its own web site, http://www.qaacademy.co.uk/ which continues to evolve. The basic concept is short focused training for mid to upper management, run by the best in the business. The aim is to improving effectiveness both soft and technical skills areas.
Let me know what you think!
Go to the Download page to download a free copy of Lookout V1.2
My key takeaway from the partner conference, and this interview, is that the partner model has totally changed big time. And this means lots of change for the partners. The focus is now on points and competencies where Partners earn points based on doing things as described on the Partner Points Page. Competencies become a key way to earn the points needed for Gold status. As a supplier of training, we look to train both MS customers and MS partners in many of the competency areas.
To some degree, the interview clarified the issue over his call for all partners to sign up for IW competencies. Jeff makes the point that the new partner programme is just getting going. We'll have to see where we are in 6 months. We certainly live in interesting times.
There are 2 critical patches, 4 important patches, and 1 moderate.
Get downloading!
The BCC (04) programme is now over - but the material lives on. Microsoft have now released this material in e-learning format. If you navigate to the Security Clinics elearining page on http://www.microsoftelearning.com, you can get FREE access to this material.
But to make matters even better - Microsoft have now added security to the individual assessments to their set of assessments. These assessments are at http://www.msmeasureup.com/test/home.asp#1. Great stuff!!
The thing I most like about this page is that none of the tools are MS tools, but external tools. I'm familiar with a couple of these tools, but the rest are new to me - looks like more hours downloading and playing!
As if they were reading my mind, Novell are offering a nice set FREE DVDs containing SUSE Linux plus goodies. Head over to Novell's Customer Communities - Linux Resource Kit Order Form page and order. The cool thing - it's free, even outside the USA. It's not going to make me a convert, but more skills are clearly a good thing.
To use this service, you go to the transmission page, and enter the email address to receive notification of the file available for transfer. The recipient then gets an email, containing a URL on YouSendIt's servers. I just transferred a small PPT file and it's available at http://s11.yousendit.com/d.aspx?id=BF2CA0E2E83AC30C57A9E9D731C378E8. It will get deleted within 7 days (i.e. by 10 July!).
The idea is cool, and I can certainly see a use for it. But there are a couple of interesting questions. First, what is the business model for these guys? I mean, what is going to be their return on letting me mail someone 1gb of data at a time for free? While I like free, there really is no such thing as free these days - someone's got to pay for the servers and the bandwidth needed. Does the adware on the site pay for this? The second question is over security of data. While I don't mind sharing a picture or two - and having it out on the internet - but what other use might be made of this information or data? How do I know that it will only go to the people I actually send it to? The site has a nice security policy, and offers transfers via SSL. This latter feature is one that makes me vaguely nervous as it could be a potential attack vector, bypassing perimeter and network defenses.
What ever the answer, this service does seem to work, and as long as it's free, it's a neat way of sending large files to people across the internet.
After the drummers, the room went dark, and the next speaker came onstage and started to give his talk. He said he did not care if there were lights on - because he was blind. He first threw away his mouse (what value is a mouse to someone who is blind?)then gave a short demo of a screen reader and braille bar. When you see both MS software and the web, through the 'eyes' of a blind person, it makes you realise just how much visual appeal there is. And how useless it is to the blind. It was a short, but effective reminder that the development community does need to remember all the user community, not just the sighted. The rest of the keynote was interesting and animated, but these two things did rather stand out.
CHT038 Microsoft and Open Source
Tue, Jun 29 14:45 - 16:00 Room: S
Thomas Lee , Steven Adler , Bradley Tipp
Many customers have questions about Microsoft�s view of Open Source and its ability to coexist and interoperate in a Microsoft environment. The session aims to answer your questions about Open Source and provide information and guidance on Microsoft�s position on Open Source.
This session will be repeated a total of 4 times during TechEd.
The format of this will be to get the audience to post the questions - what do YOU want to know today - and for Brad and Steven to put forward the Microsoft view of things, with me keeping score, providing a more independant view, and trying to keep the conversation on topic and flowing. If you have any specific questions you'd like to ask, or have asked, then post to me - either by email, or via a comment on this blog.
We've done these sessions in the past (at TechEd Barcelona and at IT Forum) and they were a lot of fun. Hope to see you there!
The TechEd Bloggers site publishes Blog posts made by registered bloggers that somehow relate to TechEd. The bloggers first have to register their blog, which is pretty simple, at http://techedbloggers.net/SubmitBlog.aspx and there after any TechEd posts made will get published at the TechEd Blogger's site. Sadly, not all the TechEd related blog posts actually end up on the site. I've had a few of my that never made it, nor any clue why not! Oh well...
The TechEd Blogger team have provided a set of RSS feeds for posts, an OPML directory of all the bloggers, plus links to blog related stuff.
A nice site, with some useful information. For Euro-geeks, probably worth watching over the next few weeks.
This will be fun!
On mondy, 3 of my QA colleagues Olga Londer, Dave Wheler and Andy Thomson and I will give a pre-conference session entiitled .NET for IT Professionals .
During the week, I'll be working with Steven Adler and Bradley Tipp to discuss Microsoft and Open Source. We're giving this sessin 4 times during the conference, so please come along!
Finally, I'm going to be leading two Birds of a Feather sessions, one late on Wednesday and the other early Thursday morning. These sessions are titled "MSF and MOF - What's In It For Me?" and should be lively.
In the final edition of The .NET Show: Longhorn Fundamentals the archtect of MSH talks about it and what it can do. Jeffry Snover and Jim (bad hair) Truher are my heros!
If you want to see a cool product, and a mega-cool demo, watch this session! I want this product.
I was sort of surprised by Microsoft putting this material onto the web, but am very pleased that they have done so! The UK TechNet site is getting increasingly useful to UK IT pros (and of course to all IT Pros around the world with Internet access!).
I regularly get asked for the slides, so I've put them up on my website. A small note - these presentations are BIG, even though they are already zipped up. I'm working on compressing them a bit more but they will still be big!
Enjoy - the'll be up there until I get a bandwidth cap!
The article also explains why an update package may have more then one copy of a given file. Each update will have a copy of the relevant file for each "cardinal point" in the file's lifecycle. The cardinal point, a new term to me, are the main releases of the file (ie RTM and for each Service Pack). So copies of a file will exist for RTM, SP1, SP2 (when it exists) as well as for a given hotfix.
An interesting read!
I found a neat tool at http://www.pluralsight.com/keith/security/sample_pwm.txt" which should help. This is clearly better than c:\passwords.txt!
There is an impressive amount of content for doiwhnload. For those of us who are not living right on the bleeding edge, this is really useful information, and I'll probalby end up spending time watching some of these
The majority of these seminars appear to be at the 200 level (technical overview) bur there are some deeper talks at the 300 level.
Thanks to my MVP buddy Oli Restorick for pointing this out!.
A new version of this tool kit is meant to be coming out with Windows XP SP2, but I've seen no signs yet of a beta copy.
There are several ways around this problem. Some firms 'peer' - firm A hosts the records for firm B, and firm B hosts the records for firm A. There are also third party (i.e. for fee, not for free!) companies which provide this service. I'm currently using DNS Made Easy. DNS Made Easy provides you with primary and secondary domains, and can provide mail services for your domains. The price per year is quite modest. Worth a look of you want to set up your company's web site and don't want to host DNS as well (or if you just want a reliable secondary).
GPMC SP1 fixes bugs found in GPMC sample scripts, GPO reporting, and in the Migration Table Editor (MTE). Interestingly, Microsoft have also addressed bugs found from Dr. Watson crash data. There's also a fix to the GPMC RSoP wizard to work when Internet Connection Firewall (ICF) is enabled on the computer running GPMC.
GPMC rocks! Oh - and here's something a lot of people seem not to know: you can use GPMC to manage a Windows 2000 AD. You can't run GPMC on a Win2k box, instead, run it on a WIndows XP box attached to the domain.
As many of you know, I'm a fan of the Grateful Dead and it's many offshoots. I've just been listening to some really cool tracks from an upcoming Jerry Garcia release. The studio has released a number of the tracks on streaming audio and the sound quality is pretty good. The on demand steam comes from a Windows 2003 server with Direct 9.
Well - it's Sunday morning and I'm listening to this stream, and looking at the patch status of my boxes. Turns out I have to reboot the ISA server. Just as I hit the reboot button, I realised I'd loose the Jerry Garcia stream. I thought it would be interesting to see just how good the buffering was. My ISA server runs on a little Dell Dimension 4600, and took 46 seconds to reboot (according to uptime.exe). During the reboot, the player did not miss a beat! I was amazed - this is cool!!
So go get the beta and play - I've found it very stable and I like the new features!
In general, I totally agree with the decisions to make server 'different' - remove games, etc, etc. If anything, I was highly vocal in the beta forums to make it so!! But having said that, I still run Server on my laptop and really would like to get some of the workstation functionality. I've worked out most of the tricks to make Server behave sensibly (eg play sound, burn CDs, etc), then I stumbled over the site: How to convert your Windows Server 2003... to a Workstation!
This is pretty much the definitive source on how to get your server OS to run like a workstation. If you are a geek like me, this is a great site. But remember: this stuff is NOT supported!!! It is, however, cool!
MSH is an all new approach (from Microsoft!) to a command shell. MSH (Monad Command Shell) combines the very best of the key command shell concepts from Unix (e.g. the pipeline, proper control structures, variables, etc.) with .NET (objects with meta-data and evidence). Microsoft demonstrated this at PDC last October, and provided a first look. Google for the impressions - I know I was excited!
Since then, a lot of good thinking, and development, has been done and
MS have released an updated version of MSH to testers. I've been playing
with it bit and I'm blown away. It needed an update to the .NET
Framework. But most surprisingly, I was able to remove the earlier PDC
version of the .NET framework, and deploy the updated version flawlessly
- and without a reboot.
The first think I noticed is that the syntax has changed in one big way.
In the PDC version, cmdlets and verbs were separated by the "\"
character. It's been changed to the "-" character. At first sight, this
looks strange. I guess I've always seen the "\" as a separator while "-"
is not - in my COBOL days, variables like process-get would have been
just fine. I guess I'll have to get used to that!
I continue to be impressed at the very clean and slick architecture of
both the cmdlet and the cmdlet provider. Cmdlets, the heart of MSH, are
little programs that do useful things. They take input, and create
output - via the MSH pipeline (or stdin/stdout). Cmdlets provide both a
great development environment and to provide consistent user
experience.
The Cmdlet provider architecture take this one step further.
Cmdlet Providers expose a set of base classes to the MSH Provider
architecture. This architecture includes standard cmdlets that act on
the classed exposed via a provider. Each cmdlet provider offers a
consistent name space that can be navigated by a huge number of standard
cmdlets.
If this sounds Greek, think in terms of there key cmdlet providers: the
registry, the file system and the active directory. With these cmdlet
providers you can obtain information about the components of these data
stores in a consistent way. For example, you can type 'DIR' in the
context of any of these providers and get a list of their children (OUs
in AD, keys in the registry, and files/folders in the file system
providers).
So what you ask? Well, with the registry provider, you could write a
script to open an OU in the AD, get all the children (e.g. computers,
users, etc.) and use the properties of those objects to perform some
administrative function. You could do a bulk password reset, for
example.
Cmdlets take as input .NET Objects and produce objects. Thus a cmdlet
can use the .NET Framework to access the objects consumed and produced.
The cmdlet can obtain all the necessary meta-data about the object,
which sure beats the prayer-based parsing you used to have to do.
One very neat aspect of the latest version of MSH is the
win32-to-ShellObject.msh script. This cmdlet takes 2 arguments: a
command and a hash table consisting of a regex production rule
to find objects and a set of regex produce rules to find the
properties of those objects. This enbles the cmdlet how to parse the output of the command. For example, this is a
sample script shipped by Microsoft to handle the ipconfig command:
MSH seems to me to combine the very best from the Unix world, with the
rigour of .NET. Microsoft really, really, really should consider
delivering this before Longhorn ships! I can see three reasons for
shipping early:
1. It helps in the battle against Linux/Unix. It's just one less
argument against Windows - we now have the most powerful shell approach
in the world, based on .NET. If you get the inside techies excited about
.NET the rest will follow.
2. It really helps in the migration. Yes, SFU is cool, but it needs to
be rolled out, and requires (yet another) another service to run. I'd
like to see migration to an all-Windows environment as quickly as
possible.
3. It provides a consistent way of doing all administration. Consistency
is something that most administrators like, love, and sometimes find
missing.
MSH is cool...
#
The regular expression, stored in $ipconfigTemplate, tells the cmdlet
how to parse the output of ipconfig /all, and how to package that into
an object for later in the pipeline.
/********************************************************************++
# Copyright (C) Microsoft Corporation, 2003
# Project: Monad Shell
# File: get-ipconfig.msh
# Contents: Convert the output of ipconfig.exe to MshObject
# History: 20-March-2004 kumarp Created
#
--********************************************************************/
# the template for ipconfig output that covers both the no-arg case and /all case
#
$rxIpAddress = '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+';
$ipconfigTemplate =
@{ 'ObjectHeader' => '^([^ \t][^:]+):$';
'Fields' => ( @{ 'Pattern' => "^ Subnet Mask (`. )+: (?
@{ 'Pattern' => "^ (Autoconfiguration )?IP Address(`. )+: (?
@{ 'Pattern' => "^ DNS Servers (`. )+: ?(?
'Type' => 'string';
'Array' => 1;
'MultiLine' => 1;
'Name' => 'DNSServers';
'MLPatterns' => ( "^[ ]+(?
},
@{ 'Pattern' => "^ Default Gateway (`. )+: ?(?
@{ 'Pattern' => "^ DHCP Server (`. )+: ?(?
@{ 'Pattern' => "^ Primary WINS Server (`. )+: ?(?
@{ 'Pattern' => "^ Secondary WINS Server (`. )+: ?(?
@{ 'Pattern' => '^ Connection-specific DNS Suffix (`. )+: ?(?
@{ 'Pattern' => '^ Description (`. )+: ?(?
@{ 'Pattern' => '^ Physical Address(`. )+: ?(?
@{ 'Pattern' => '^ DHCP Enabled(`. )+: ?(?
@{ 'Pattern' => '^ Autoconfiguration Enabled (`. )+: ?(?
@{ 'Pattern' => '^ NetBIOS over Tcpip(`. )+: ?(?
@{ 'Pattern' => '^ Lease Obtained(`. )+: ?(?
@{ 'Pattern' => '^ Lease Expires (`. )+: ?(?
);
};
call-command win32-to-ShellObject.msh 'ipconfig.exe /all' $ipconfigTemplate;
A neat set of feeds are now available from the Daily Telegraph. This is cool in that I can get the key headlines into my RSS reader - and pretty much do away with hard copy news papers.
Today, this feed is free - but I can't help wondering if there isn't a way that the Daily Telegraph might be able to charge for some of this? Personally, I'd be happy to pay a small fee per article, say 1-2p.
At TechEd last year, Scott Charney said "By the end of the year, instead of eight installer technologies we will have two, one for operating systems and one for applications." I was asking Steve for his views on this.
At last year's summit Robert Scoble won $1 from Steve, and had it signed, for asking a good question. So somewhat cheekily, I asked if the question was worth a buck? He said sure, reached into his pocket, fished around, and then said: "This might be your lucky day" - handing me over a $20. Thinking quickly, I got him to sign it too. When I get back to England I'll post the photo of the bill. I'm not sure how to get him his $19 in change - all suggestions welcome.
You gotta love this company.
I'll post more details on the sessions later!
Sawmill runs as a web server (on a local port) and can read my web log hit logs and gives me a great view of the traffic. What I find most interesting is where I'm getting hits from - I can see other blogs that refer to mine, etc.
Sawmill is a neat product!
OneNote is an incredibly cool tool - it reminds me a bit of some of the outlining tools I used in the mid-80s. I use OneNote today fairly heavily to organise my thoughts. I suspect that if I ever get a tablet, I'd use OneNote a lot more!
I particularly love Myth 2: Sans Serif Fonts are Always More Legible Online. It turns out that there are other factors to consider, including the legibility of the page design, line spacing and width, word/character spacing, type size, plus whether tricks like ant-aliasing is being used. So sure, type font is important, but so are the other factors. When we forget this, our communication suffers.
You can download a trial copy. If you like it, you can purchase the license and upgrade your trial copy to a full version. This product was so good in beta, that as soon as I noticed it, I bought it over the web and am now a very satisfied customer.
One interesting thing - I ordered the product for over the web download and activation, with a US$ credit card, but with a UK address. The site charged me VAT (at the correct rate of 17.5%). But when I entered my VAT number (I'm still VAT registered) and the VAT disappeared. This makes it easy - no VAT to pay or recover. But I like FeedDemon enough that I'd have paid the VAT inclusive price.
The joys of trans-national e-purchasing!
Just more proof, as if it's needed, that users need to keep bang up to date and that defense in depth is a useful strategy. I suspect a lot of home users will get stung by this, and won't even know how it happened.
Sadly, this tool does not work on Windows Server 2003, which has updated the CD burning facility. The tool only works on Windows XP.
Basically, what is clear by this virus/worm is that even smart people can do dumb things at times. With that in mind, I have no hesitation in passing on the advice I got from MS. If it helps just one person, its worth.
So why not take a quick peek at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/alerts/mydoom.asp.
This new version provides better language (ie non-American!) support, plus support for Exchange 2003, MS Office, Microsft Java Virtual Machine, B iztalk, Commerced Server, Contene Management Ser ver and Host Integration Server, MSXML, MDAC. MBSA solves a number of other problems too!
A useful upgrade, but where's SUS 2, MSI 3, etc??
The format is not overly friendly. For example, to install the DNS console, you'd type:
msiexec /i adminpak.msi ADDLOCAL=FeDNSConsole /qb
The tool links MSIL code on demand putting together only the required classes and methods. The tool then builds a minimum set of the Microsoft .NET runtime to ship with your application. This usually results in installation size substantically smaller and faster then traditional .NET apps.
And by linking them this way, it's easier to obfuscate the code. A neat tool!
I was able to give some of these events in 2003 (and will be giving more in 2004). In December, I gave a talk on patch management and SUS. You can get a recording of this session athttp://www.placeware.com/cc/emea/view?id=msft0912cs&pw=RMG9GT. This uses PlaceWare, so to see the full webcast, you will need to load some software (you will get prompted for it).
The overall UK technet site is http://www.microsoft.com/uk/technet/learning/ - enjoy!
Thomas
Most of this document describes details of what has previously been disclosed. The details are nevertheless interesting reading!!
The client is hard coded to go to a server every 22 hours (less a random amount of up to 20%). Thus in 'steady state' each clinet will ask for updates every 17.6 to 22 hours. But what if you want to push out an update a bit faster how can you do it? Turns out there are 2 ways - neither of them very pretty. GPO Workaround
1. Assign a temporary GPO to the appropriate part of the Organizational Unit structure and use security filtering to ensure it applies to the appropriate computers.� Note that this temporary SUS GPO should be of a higher priority then the SUS GPO which is normally in use.�
2. The policy settings within this GPO should be configured to disable the AU client and change the default Group Policy refresh interval for computers to 5 minutes.
3. Force DC replication to occur so that all domain controllers have a copy of the new group policy object.
4. Wait up to 120 minutes for all clients within the OU to refresh Group Policy (default GPO refresh time for domain members is 120 minutes).
5. Amend the policy settings within the new GPO policy so that the automatic updates client is enabled and set to automatic download and automatic installation. Automatic installation should be set to occur 1 hour from the current time.
6. Force DC replication to occur so that all domain controllers have a copy of the changed group policy object.
7. Wait for all the SUS clients to refresh the updated SUS GPO settings (which is now happening 5 minutes).� Once the GPO takes effect, the automatic update clients should begin to download the new update from the SUS server. Installation will begin once the specified time is reached.
8. Once the update has been successfully installed on all target computers, delete the temporary GPO used to make all these changes. Servers will fall back to the existing AU download and installation options once they refresh their Group Policy settings.
----------- Net Stop/Start method
1. From the cmd.exe prompt: net stop "Automatic Updates"
2. Delete HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\LastWaitTimeout (if it exists)
3. Delete HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\DetectionStartTime (if it exists)
4. Make sure that HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\AUState=0x2
5. Net Start "Automatic Updates"
While most folks reading this will not be likely to get hit by such tricks, the average user may well be. Let's get the patch for this, and get it applied quickly!
Many fine hours of reading ahead!
The problem occurs if you install Microsoft Windows SharePoint Services (STS as it used to be called), which from 3 days ago, fails with a fairly obscure error message. You also get this problem if you try to provision a new virtual server or you try to create a new content database when you are running Windows SharePoint Services by using MSDE (the KB appears to be inaccurate on this point).
The error is caused by a bug in the code that verifies the signatures of DLLS installed with SPS. All installations of Windows SharePoint Services experience this behavior after November 24, 2003. And guess which product installs this component by default? Small Business Server. Ouch!
Problems hapen. But the workaround is interesting: Set the date in the Date and Time Properties dialog box to a date that is between May 24, 2002 and November 23, 2003. That's right, lie to the OS. Trustworthy computing, maybe not, but it works. OH, be careful to not set it too far adrift, or you might trigger product activation.
My view of WPA is further diminished.
This attack comes close on the heels of both an attempt to hack the Linux kernel, and and an attack at the Free Software Foundation. These hacks show two things: First that security is everyone's problem (not just for customers of Microsoft) - attackers do not play by any rules and will attack pretty much anything that is not totally locked down. Second, it proves, yet again, that any OS can be installed insecurely.
What the Linux bigots often fail to remember is that security requires three things: people, processes, and technology. Even the most secure technology can be defeated by poor processes or by people not doing the right things. This is not a Microsoft vs Linux thing, but more a simple recognition that security of your systems is only as strong as the weakest link.
Both techs I talked to were cheerful, but the responses bore no relationship to my questions. They had a script and totally had to follow it - any deviation was met with a refusal to go further. It took forever, and in the end, they were unable to help in time - so I go another hard drive from another source and made do with that. Next week, when I settle down a bit, I'll call again and get the disk replaced. See CNN.com for full details of this story
As it turns out, MS also formally used Copenhagen and IT forum to announce the availability of Open and Royalty-Free License For Office 2003 XML Reference Schemas.
This is a good step forward!
Each provider provides a drive, which in turn contains containers, and items. Containers, of course, can contain more containers and items. Each item is some fundamental data structure, as surfaced by the provider. If, for example, you built a DNS provider DNSProvider.dll), a particular server could be identified by a different "drive", which could then be enumerated to list all the zones on that DNS server. For example, you could do something like:
new/provider -Provider DNS -assembly DNSProvider.dll
new/drive -name MyDNSServer -Provider DNS -root ns1.kapoho.net
ls
This would then list all the zones defined on the DNS server ns1.kapoho.net, as well as some information (eg when created) about those zones. You could then navigate to a zone (cd \cookham.kapoho.net and enumerate the resource records in a zone.
This is incredibly powerful stuff. You could easily create a wealth of providers such as ones for IAS, IIS, ISA, Exchange, etc. Once created, they can easily be used in MSH command scripts.These should be relatively easy to write (at least the read/only bits!) and could be added easily. And since they are just plug-ins, there is no reason why a particular provider has to come from Microsoft. Cool!
