Daniel2ThePoint

The Microsoft Operations Framework team is pleased to announce that the Managing and Operating a Microsoft Private Cloud—How to Apply the Microsoft Operations Framework (MOF)guide is now available for beta download. This guide leads you through the process of how to manage and operate a Microsoft private cloud using the service management processes of the Microsoft Operations Framework (MOF). The guide applies MOF’s IT service management principles to that conceptual architecture and technology stack. It describes how to maximize the potential of MOF’s people, process, and technical capabilities to manage and operate a Microsoft private cloud.

Follow this guidance for a private cloud that is better aligned to meet your business needs. Employ MOF’s service management functions (SMFs) to help align IT and business goals, which can enable you to perform private cloud activities effectively and cost-efficiently. This guide focuses on the SMFs in the Operate Phase and the Manage Layer of MOF to give members of the IT service management community, IT architects, IT managers and IT pros, what they need to know about managing and operating a private cloud. Management reviews—internal controls that ensure goals are met to achieve business value—are also included.

Read more and apply for the beta on http://connect.microsoft.com

I will deliver a session on advanced WDS, MDT and SCCM during TechDays in Sweden together with my collegue Christian Lagerhorn. We will deep dive into how to extend and enhance the technologies you already purchased and know how to use! Welcome to visit us and go to the session!

There is a update rolling out with some important updates to the SharePoint Online product. One of the most exciting, I have taken the liberty to qoute here:

External Sharing Gets a Broader Reach

http://sharepoint.microsoft.com/blog/Pages/BlogPost.aspx?pID=1004

I will be joining the SharePoint connections team down in Bavaria during Tuesday 8th May 2012 - Wednesday 9th May 2012 and presenting three it-pro inspired sessions about SharePoint and security. If your company is just starting with SharePoint or you have been using it for a few years, SharePoint Connections industry recognized local & internationally renowned speakers will help you get the most out of Microsoft SharePoint. You and your team can learn  about what tools and features  will allow you to build better solutions on top of SharePoint.
 
Microsoft Director Steve Fox will present the SharePoint keynote, join him as he talks about Azure, Big Data, Cloud and O365/SSRS.  Michael Noel MCSE+1, CISSP, MVP and author of several major best selling books brings his real-world experience to the conference. Joining Michael is Asif Rehmani, MVP & MCT, co-author of the book "Professional SharePoint Designer 2007". From the Netherlands Wouter van Vugt MVP and author of the worlds first book on Open XML and author for MSDN. Microsoft SharePoint MVP and senior solutions consultant Agnes Molnar, who is a regular speaker at technical conferences around the world, also joins the line up. SharePoint Connections brings the experts and the community together, with two days and over 20 sessions for IT professionals & developers as well as no-code solutions for business managers using SharePoint 2010.

Read more and join me and other recognized speakers at: http://nccomms-events.com/sql-sp-connections/

Hello everyone. Just to let you all know why the silence on the blog. Me and my collegue Christian are working on a very exciting addon to MDT that will let you manage computers from MDT even after deployment... just to keep you interested I have attached a screenshot of the modified MMC that will let you managed clients even after initial deployment (this is just a very non-detailed teaser). The software is very much a addon and does depend on the work you already done in MDT. Will be perfect for thoose of you who think SCCM is to big and complicated (or expensive for your needs!). This will be a bare minimum system that will cover what most admins in a SMB <100 people do. More details and more posts will come in a very near future.

Today I wrote a small function to a customer that needed to get all members of a group. Including all nested ones. I threw together a small script that does just that. Requires that you have loaded the ActiveDirectory modules. Enjoy!

function Get-ADGroupNestedMember {
[CmdletBinding()]
param (
[Parameter()]
[object]$Group
)           

$argType = $Group.GetType().Name
if ($argType -eq "String") {
 $members = Get-ADGroupMember -Identity $Group
} elseif ($argType -eq "ADGroup" -or $argType -eq "ADPrincipal") {
 $members = Get-ADGroupMember $Group
} else {
 throw "You must supply a group or group name as argument (not a $argType)"
}

foreach($member in $members)
{
    if($member.ObjectClass -eq "group") {
        Get-ADGroupNestedMember -Group $member
    } else {
        $member
    }
}           

}

Welcome to a free, half-day, seminar on some of the hottest tools in the MDOP toolchest: DaRT, AGPM and MBAM: http://www.itf.se/event/vassaste-verktygen-i-ladan-

During next week I will participate in the SharePoint Connections Amsterdam 2011 event at the Meervart. I will present three sessions, two on claims and one on PowerShell.

Using Facebook, LinkedIn, MySpace or Live to sign in | DEVELOPER
SharePoint has become one of the most interesting platforms for building communities. A successful community must also have a secure and easy way of managing users and logins. By it’s native support for Claims SharePoint is able to utilize external authentication gateways or STS to perform authentication. To put it in simple words, you could login to SharePoint using Microsoft Live authentication, Facebook, LinkedIn and many more. During this presentation I will outline the components of Claims authentication by practical demos, and build a custom authentication gateway (STS) that connects to multiple external services like Live and Facebook to make it very easy for users to authenticate to SharePoint.

The event have gathered great speakers such as Mirjam van Olst, Microsoft Certified Master for SharePoint 2007 and SharePoint 2010, Wouter Van Vugt, Code Counsel Director and Microsoft MVP,  Asif Rehmani, SharePoint Server MVP and MCT, Agnes Molnar, SharePoint MVP and Senior Solutions Consultant for BA Insight, Danny Burlage, founder and CTO of Wortell, Michael Noel, MCSE+I, CISSP, MVP, Convergent Computing, Matthew Hughes, SharePoint Trainer and WCM

During the last few weeks I have been involved with a customer that needed a tool to control the boot-PIN for BitLocker as their security policy states that all hard drives must be encrypted, protected by PIN and they may not be administrators on their machines. The boot PIN cannot be set without administrative rights (local administrator) on the system, but at the same time something you need your users to know and to be in-control of. To mitigate issue/feature there is a tool floating around the net that's called the BitLocker PIN Tool. This tool uses as DOS-console to get the user to enter a PIN. While this works great with people who has moderate-high computer knowledge some users struggle with using the tool (since it's command line). So I decided to take some spare time to develop a tool for this. I call this the BitLocker PIN Service and have thrown some central-administration-support into the tool also.

The application consists of two parts. A administration service that runs in the context of the local system, and then a client to run in user-mode to give the user a GUI. The client and server is completely separated and does not live within the same dll or files in any way. All authentication, authorization and dirty-work is done within the service part of the application to ensure maximum security. The service will allow any user that is permitted (regardless if they are local admin or not) to change the boot-PIN. To get authorized you need to 1) be a member of a local group called BLPinAdmins or 2) be a member of a domain group in your default domain called BLPinAdmins_<machine name>. This ensures that you can either use local groups or domain based as you prefer. This is how the GUI looks like:

Pretty simple huh? Under protectors you can see what protectors there is. This tool only works with Demanding, and if it is not present the protector will be created. When you have hit the Change PIN >> button you will most hopefully get this dialog:

The application then terminates without any further dialogs. The application should be started from the Desktop or Start menu link if you need to change the boot PIN code. There is however some more advanced options available via group-policy (local or domain based) to ensure even better security and foremost more control of the PIN-code and enforcing how often it should be changed. First lets look at the settings:

Options are as follows:

• Local BLPin Administrators group name = if you "need" to change the group name of the BLPin users on the local computer you can set a new name here.
• Allow all users = let all users who have the logon-local privilege to set the code (shared computers perhaps?)
• Start client on logon = Start the client on each logon. This should be used in conjunction with the Force PIN-change interval. Client will quit if it is not time to set a new PIN.
• Force PIN-change interval = If the client is started and this amount of days have passed since last new PIN was set then remove the "Exit" and Control Box and then display the GUI. "Forcing" the user to change PIN.
• Domain BLPin Administrators group name = If you "need" to change the group name of the BLPin users in Active-directory you can set a new name here.

If you think this sounds like a nice tool: I'm offering this tool free to anyone who needs it without warranties or support (except for this post).
If you like the tool, please, send me a email! If you find a bug, please, send me email!
If you need source code or need a supported version that also possible for a small fee.
When bugs are found, updates are avaliable or other important information I will send it by mail to all registered users.

Download: Version 1.5 (first public release) [download]

I will be joining Steve Fox, Mirjam van Olst, Wouter Van Vugt, Asif Rehmani and many others presenting at the SharePoint Connections on Tuesday 22:nd and Wednesday 23:th in the Meervaart in Amsterdam. I have three full sessions listed below. See you there!

Visit the event website at http://nccomms-events.com/sharepointconnections/

Using Facebook, LinkedIn, MySpace or Live to sign in
SharePoint has become one of the most interesting platforms for building communities. A successful community must also have a secure and easy way of managing users and logins. By it’s native support for Claims SharePoint is able to utilize external authentication gateways or STS to perform authentication. To put it in simple words, you could login to SharePoint using Microsoft Live authentication, Facebook, LinkedIn and many more. During this presentation I will outline the components of Claims authentication by practical demos, and build a custom authentication gateway (STS) that connects to multiple external services like Live and Facebook to make it very easy for users to authenticate to SharePoint.

I'm not the first blogger to rant about Windows 8. It's been out there for over a week I think, downloadable for everyone from the Microsoft preview site. But remember the version that is released now is not feature complete, nor is it in any way, form or shape close to the finished product. It's released with the sole purpose of beeing a plattform where developers can validate their Metro apps in. Metro by the way is the new GUI that is launched with Windows 8 (if this is the final name of the product). There are sure to be some big changes before it's time for RTM.

So if you wan't to test on your real hardware but wish to keep your installation clean this is how to do it!
This tutorial works both for the Server and Client Preview version.

1. First download the Preview version from the Metro developers page.
http://msdn.microsoft.com/en-us/windows/apps/br229516

2. Download the WIM2VHD Tool
http://archive.msdn.microsoft.com/wim2vhd

3. Mount the downloaded Windows Developer Preview ISO
You can use Daemon Tools, Virtual Clonedrive or burn it to a CD and slot that in. If you are using 7-Zip you are also able to open it there. What we need inside is the file located in \sources\install.wim.

4. Convert the Install-file to a VHD
Launch a elevated prompt, then type the following, subsitute the paths with your own paths.

CScript x:\path\wim2vhd.wsf /wim:"x:\sources\install.wim" /VHD:"d:\VHDBoot\W8DP.vhd" /size=30000

5. Update boot-loader
This is the first step that is potentially dangerous for your machine. You will need to mount the vhd we produced in the previous step and install the Windows Developer Preview boot-loader. Launch a command-promt as admin and execute the following commands (on your own risk!) Replace V with the drive-letter of your vhd when it have been mounted and assigned.

diskpart
>select vdisk file=d:\VHDBoot\w8DP.vhd
>attach vdisk
>select partition 1
>assign
>exit

bcdboot.exe v:\windows

diskpart
>select vdisk file=d:\VHDBoot\w8DP.vhd
>detach vdisk
>exit

6. Save the VHD
Copy the VHD to another directory to always be able to substitue the VHD whenever you need without needing the install.wim file again.

7. Reboot
Select Windows Developer Preview in the boot menu.

Enjoy!

Have you heard? There is a mystic option witin Windows that will let you decrese the time windows boots. It takes just 5 seconds and configure and could potentially lower you boot time by 200% or even more according to some sources. As they say, if it sounds too good it probably is - and this one is. This is a hard to kill myth - I have heard it from Microsoft employees also! This myth says that you should configure the advance boot diagnostic options cpu setting to the maximum number of cores you have in your machine, thereby telling windows what number of cores to use when booting the system (and that it by default only would use one!). This option could be usefull when developing applications: to test if the product will work as expected on uniprocessor systems or to troubleshoot a erroring system. The option does LIMIT but does NOT RAISE the number of cores.

During boot your system will detect all available processors, voltages etc and maximize it's use of resources. What this option in-fact does is to configure the maximum number of processors/cores that will be used during boot. This means that you are setting a value that Windows normally auto-detects (the max value). The configuration GUI in Windows will also show Hyper-Threaded processors which could lead you to configure a value that is higher than the physical number of cores/porcessors and this in turn could lead to a crash.

According to Windows Internals the system almost imediatly initializes all avaliable processors, it does however initialize interupts, boot video, power management and system time and some other very fundamental stuff before. Processes that are not assisted by multiple processors in any case. Good reading. There have been a KB published (KB959233) which have been remove simply because it have not been true.

And to totally kill this myth: If Vista got loads of bad press about performance do you not think that this option would be enabled from the start in Windows 7?

There is no such thing as a free lunch you know..

I have been accepted into the STEP program today. If you have not yet heard abou this program: STEP is an initiative of the Springboard Series team. The Springboard Series Technical Expert Panel (STEP) Program has been created to build community and advocacy for a Windows 7, Windows Server 2008 R2, MDOP and Intune - "by the community, for the community.". This program was created so that it will expand reach beyond typically-attended Microsoft events like Tech-Ed by activating top IT Pro community influencers within the Microsoft, MVP, and MCT communities.

This program is about:
· deliver content across the globe via the advanced technical knowledge from this select "virtual" team of IT pro experts
· offer IT Pros community-created instructional tools and resources for further learning of Windows Client products
· help build a pool of highly recognized influencer evangelists in regards to Windows 7, Windows Server 2008 R2, MDOP and Intune

Today I recivied a big package from my friends over at Gemalto with loads of Smartcards (.NET Cards) and card readers etc. During the comming few days I will publish a small guide on smart-card and smart-card management using PowerShell. (Yes you can do that!). Specificly I will be talking about cards that already have drivers implemented in Windows such as the .NET Card from Gemalto. Stay tuned for updates!

Today I needed to make a nice-looking report based on a selection of data in PowerShell. I did a quick google on it and found http://pathologicalscripter.wordpress.com/out-excel/ and some code by my friend Thomas Lee (http://msdn.microsoft.com/en-us/library/bb257024(office.12).aspx) and loads of variants on theese.

However none of them worked. I quickly discovered that the first error was because I have another UI culture in my operating system than I do in Excel, and that was quickly implemented. However then I ran into a wall where the methods I called threw a "non-existing method"-exception. This after some digging was due to RPC_E_SERVERCALL_RETRYLATER error beeing thrown in COM and then generalized in .NET as a "non-existing method"-exception. I had to implement a wrapper around the call to make sure Excel was ready to handle my code. So a fresh and new variant on the Out-Excel was born.

After my Excel adventures I decided to make a similar function for word with more support for formating etc (I hate doing nice looking Excel documents as formating in excel is a ***), and also a more wide range of formats (I could do this in excel also but why would I make a ugly table and export that as pdf?). Ended up with Out-Word.

Attached you will find my DPSE-OfficeAutomation.txt (rename to psm1) module which you can load into your POSHv2 enviroment. I have tested it only with English Office 2010 in Windows 7. I have no ideas on how it will perform on any other platform and/or office and you may use this module to your own liking. If you develop it more or distrubute it please send me a note. Thank-you!

Done. Done and Done. SBS 2011 on the way. Exciting stuff. Standard edition and Premium extras released to manufacturing! http://blogs.technet.com/b/sbs/archive/2010/12/13/windows-small-business-server-2011-standard-releases-to-manufacturing.aspx

A friend of mine asked me today for a short script to clean his AD for Computer accounts that have not logged on for a certain amount of time. No problem. For this I first built a really short script of only five lines that checked the LastLogon on the computer accounts which I retrieved by Get-ADComputers. However at that moment I remembered that the LastLogon does not replicate between DCs, why I had to go out to each DC, get the accounts and then consolidate to make sure I only disabled the "really inactive" accounts (and for those who in this moment are thinking of lastLogonTimestamp that attribute does by default not have the right replication resolution to be used for this purpose.) So below is my result script, download and use.

Do you know Pastebin? Well if you don’t, it is a web based clip-board where you can store scripts and other stuff temporarily and also share it. It’s not a place for secrets but you can create your own sub-domain and your own Pastebin site. Goto http://pastebin.com to learn more about their service.

This is a short script that can take code via command line, code via file or object via pipe and publish that directly to Pastebin. No more copy-paste. Enjoy!

Today while teaching a PowerShell class I got the question about how to produce simple forms and dialogs. I just did some .net loading and away I was. During the following lab I wrote a small wapper to mimic the behaviour of VBScripts MsgBox. It's a very simple scripts, accepts four string inputs: title, message, buttons (like OK, YesNo etc) and icon (None, Hand, Warning etc). The return from the script is also converted to a simple string to make it easy to implement and compare. Use it if you like it.

Today I needed to find the changedate for some of the attributes of a specified used. The obvious answer here was PowerShell (duh!) and here is the small script I came up with as a quick and dirty (somewhat modified to be more generic than my original implementation). The scripts pulls up the default context (domain) and a random domain controller and polls that machine for metadata. The results are returned for further processing. Download the script and rename it to .ps1 and try it out!

 If you are a control freak as myself you need to know where your SharePoint boxes lives then there is actually a feature included to do just that. By creating a default container in Active Directory all installations will add a URL to the Application Discovery and Load Balancer Service for that installation to Active Directory. There is just three easy steps and some PowerShell to do it.

Steps:

• Launch ADSI Edit or your favourite tool for manipulating Active Directory. Find the System container
• Create a Container called Microsoft SharePoint Products under that node
• Modify security on the created container, give SP_Admin and/or SP_Farm Create serviceConnectionPoint permissions
  If anyone can install SharePoint and you wish to track them also instead use Authenticated_Users as permission

All new installations will now create a entry in the created Container. Old installations needs to be added manually by running the following PowerShell command:

Set-SPFarmConfig -ServiceConnectionPointBindingInformation (Get-SPTopologyServiceApplication | select URI)

 If you would like to add more URLs to the Active Directory Container like Central Admin or other important URLs then run

Set-SPFarmConfig -ServiceConnectionPointBindingInformation <WHAT-EVER-URI-YOU-LIKE>

That means that you could track both theApplication Discovery and Load Balancer Service (default) and others of your choosing.

I'm pleased to see so many people in the Community Area where GITCA, INETA and MCT Europe are represented. We have signed up many MCTs to the MCT Europe network and we are still growing almost minute by minute. There are more people here than last year and the spirits are high, there a lots of great sessions with even greater presenter. Myself I have been to the HOL (Hands-on-labs) all day and instructing on how the labs works and all the new technologies you can learn there. Later I will go to some of the sessions and give you a direct report. Stand by for video from the Community Party tonight!

I often do presentations on or about PowerShell, as most presenters I use Start-Demo.ps1 to make life easier and avoid spelling misstakes, slow typing etc. What I have done are just some very small alterations to allow me to use my clicker to advance and back-up in my demos. I use a Targus clicker and I do not know if it works towards other brands but see below to download the script. Since a clicker is quite limited in the functionality it provides (forward, back and blank) I choose just to remove the other functions as they are not needed when doing presentations.

MCT Europe gathers MCTs from all over EMEA in a non-for-profit organization working together with the Advisory council and Microsoft. Together we can share experiences, improve ourselves and the course material we teach. MCT Europe was founded in 2009 and is today represented through its chapters in 14 countries and growing every day. We even have a virtual chapter for non EMEA members as so many are joining us! You are welcome to us regardless of where you are, we find great strength in numbers!
 
As a community we are committed to extend the benefits provided by Microsoft and build even farther on them. We provide our members with hotel discounts, software and literature discounts to make the offering complete alongside all the pedagogy training, writing boot camps and whatever we can imagine and realize together. Our mission is to further and better the life of the MCT.
The official incarnation of MCT Europe was at the MCT Live Summit in York 2010. An event that we are driving to organize every year since Microsoft have committed to online summits instead. We still believe that there is need and demand for physical meetings. To meet brings us together and increases the understanding and co-operation within the community.

Please; visit our website at http://www.mcteurope.com and see what we can offer and where your help is needed.
We do appreciate every effort, wouldn’t you also? Join us now.

After presenting at both the MCT Virtual Summit and the MCT Live Summit in York this year I will also be presenting at SEF (SharePoint Exchange Forum). This time I will present on one of the topics I have come to love very much this year even if I hated it before I quite got the hang of it: Claims. I'll walk you trough claims authentication, how it works, the anatomy behind it and how you need to implement it in your enviroment. Please join SEF and listen to me and many of my collegues, visit http://www.seforum.se/Pages/default.aspx to register now!

Today I finally got time to go to the test center and write some of the exams for SharePoint 2010. So today I passed the 070-667 (TS: Microsoft SharePoint 2010, Configuring) and the 070-668 (PRO: Microsoft SharePoint 2010, Administrator). I'm still thinking about the developer certs, I'm no developer and I will never need them. It does take some time to write the exams, especially the PRO exams where the scenario texts are incredible long. I feel this completes pretty good for me together with my SharePoint 2010 Ignite Trainer appointment but let's see if I have the time soon again for some certs..

If you have been working with 2010 for a couple of months and have previous experiences with SharePoint 2007 you should be alright. The official exams are for IT-Pro:

• 70-667 TS: Microsoft SharePoint 2010, Configuring
  Microsoft Official Curriculum: Will cover configuration of SharePoint 2010 including deployment, upgrade, management, and operation on a server farm.

• 70-668 PRO: SharePoint 2010, Administrator
  Microsoft Official Curriculum: Will cover advanced SharePoint 2010 topics including capacity planning, topology designing, and performance tuning.

If you are partner see https://partner.microsoft.com/40121316?msp_id=sharepoint2010ready for more information about how to get ready.

I'm on my third week of vaccation now and the sun shines almost every day, the ocean is fantastic. I have a quota of time everyday (assigned by Wife 1.0)  for the computer, even have a sunshade for my laptop. Just wanted to remind you abou the upcomming Microsoft Camp 2010 in Stockholm and the MCT Summit 2010 in York and also to bring some attention to my last pet/hobby project: Android. I have now published a beta for my Operator Check application, check it out in the menu.. Hope to see you all soon and don't forget to go out in the sun!

I have already posted about the MCT Live Summit in York this year and the fantastic line-up of sessions, speakers and community. Well soon the early bird discount will be to a end so don't delay your registration! My fellow co-organizer Andrew Bettany is fighting the good fight and promoting the event in TechEd North-America currently under way in New Orleans. Here is a video of Joey, Andrew, Tjeerd and Andy telling you why YOU should attend - from the floor of TechEd NA 2010.

View the video at YouTube and then Register at http://www.mctsummit.eu

I will present a whole day session about SharePoint 2010 for IT-pro in Stockholm at Microsoft Sommarkollo.

The session will be in swedish and here is the swedish description SharePoint 2010 - kickstart för it-Pro: Vi tittar närmre SharePoint 2010 och de nya funktionerna som finns för it-proffs. Följ med förbi listor och libraries, in i central admin och den nya mer skalbara och feltoleranta arkitekturen, bakom kulisserna där vi som it-proffs jobbar. Tips & trix i PowerShell och automatisering, samt hur vi egentligen bör uppdatera vår befintliga miljö.

Registration and info about sommarkollo: http://www.microsoft.com/sverige/sommarkollo/default.html

MCTs and Educators from everywhere will gather in York, UK, this August for the MCT Live Summit 2010. This is a project arranged together with Myself, Andrew Bettany, MCT Europe and Microsoft Learning and lot's of sponsors. I'm really excited, the sessions have now been selected and the programme have been published, we are really excited about the selection which have been voted forward with the help of hundreds of MCTs from all over the world!! Ps. I will present some really new and exciting sessions about the IPv6 courses and about MDT/WDS and classroom installs!

Please visit http://www.mctsummit.eu and register now! Se you in york!

Have you ever needed to run a command as a different user? Perhaps they should run a command in a user context they normally cannot? Usually used for quick fixes you could create a simple script using some vb-script and expose the password or use a runas command in a batch file? But you don't want the user to have the password, right? Well the answer is a quick utility I coded up using .net 2.0:

Userexec.exe is a command line program that basically works just as runas except: it can accept passwords on the command line, and it can accept a encrypted command line. The encryption is a basic quick one but should keep average Joe from getting your password. This is NOT a best practice and probably there is a better way of solving the problem.. but anyways find it attached to my post.

            UserExec by Daniel Sörlöv, daniel@sorlov.com, all rights reserved 2010.
            
            USEREXEC USAGE:
            
            USEREXEC /u:<username> /p:<password> /c:<command> 
                    [ /l | /h | /m | /x | /a:<arguments> ]
            
            USEREXEC /e:<string-to-encrypt>

               /l   Causes the users profile to be loaded
               /h   Hides the requested application
               /m   Runs the command minimized
               /s Specifies the path on which to start
               /x   Use encrypted command line
            
            Examples:
            > userexec /l /u:mydomain\administrator /p:mypass /c:"cmd.exe"
            > userexec /e:<string to encrypt>
            > userexec /h /u:mydomain\administrator /p:mypass /c:"cmd.exe" /a:"/c auto.bat"

Use it if you need it, send me reports if something fails and perhaps I will fix it. The tools is without guarantee and without support but could be quite usefull. Download here

I bought a Android phone (HTC Desire) a couple of weeks ago and I have never been so happy with a phone ever. Extensible etc. One thing I wanted is to check which operator a contact has so it will be simple determine how much it will cost to call them.. there was no such application so I started to write one inspired by the application KtoryOperator already on the Android Market. After a couple of days, writing, adapting and changing it's ready. So if you have a swedish phone number in your contacts and wish to look it up just download the "Vilken Operator?" software from Android Market and you can check your phone book.. comments are appreciated and also bug reports (this is my first ever java-project).. send them by email!

This year there is many hot topics at TechEd North America and here is my sessions for all you fans out there.. =)

"We Come in Peace, or IPv6 Does Not Bite " Tuesday, June 8, 8:00AM, Room 353

"IPv6: Time to Wake Up!" Tuesday, June 8, 1:30PM, Room 354

"How do you build or strengthen local developer and IT Pro communities?" Wednesday June 9, 5:00PM, Room 355

Spam. We all get it in bundles, again and again, over and over.. I decided to just do some math (yes I was really bored during a chick-flick my wife "convinced" me to see)

During March the following have happened to me according to spammers:

72 relatives whom I never knew have died, leaving me about $452,000,000 USD
16 Nigerian bank executives contacted me with over $30,000,000,000 USD in unclaimed money
502 letters about cheaper Viagra
64 mails from my "bank" about my password and credit card needing changing
22 mails from "face book" about my account being deleted
47 policy changes on my mail server requiring me to download a new settings.exe file

...and all I had to do was to pay some taxes or give them my credit card number.. lucky me.. soon a millionarie..
This was just a short note about nothing but pure frustration.. =)

Live long and prosper.

Not all to seldom situations arise where you have a application where the installer just won't do as you want it to Often this is true when it comes to automation, and that makes us script and do other stuff to install simple programs in very "engineered" ways.. However there are tools to "re-package" applications, one of those are Advanced Installer. What basically is the difference to other re-packaging solutions are price. The software does not have  a nightmare price-tag as many others do and still boosts all the features others do!

Anyways; I will just walk you trough creating a MSI installer for 7-Zip. I know there already are a MSI for that but nothing is like home-made.. ;P
I love to use this tool to re-package HP-drivers for instance which are deployed as EXE and not easy to manage MSI-packages.

Get Advanced Installer (including Advanced Repackager) demo at http://www.advancedinstaller.com/download.html

Step 1. Start Advanced Repackager.
The applications runs as Administrator.
Make sure you already downloaded the EXE installer.

Step 2 Locate the package and give it some parameters.
Command line can be used to silence the install for instance. In my case repackaging 7zip
I have selected not do anything specific (yes, 7-zip already exists as a MSI but I just took a
exe installer laying around)..

Step 3: Snapshots
The packager works from snapshots, it takes one snapshot before install and one after and then
compares thees to get the "what did the installer do"-sum. You can also save a base of the
system to reuse between sessions. I feel the process is quite quick and there really is no need.

Step 4: Output and filters
The output from repackager will be a MSI and where do we want to save it..

Step 5: Performing the install..
The install will now commence. Make sure no other applications are running since they
will pollute the capture. But you are most likely to do this install on a virtual machine thats
used only for this purpose..

Step 6: Pre-install scan
The system scans and then launches the installer with the params you specified in step 1.

Step 7: The installer commences...

Step 8: After install scan..
After the installer have exited the system waits, if you wish to do some additional actions in the
system before commencing the after-install scan. Perfect for creating shortcuts etc.

Step 9: Done!
The package is done. And its almost done I think, since I have the full Advanced Installer package
it also offers to open the MSI in the studio where I can customize it even more..

Optional last step.. customize in Advanced installer..

Just a simple quick tips for all you guys out there. A couple of students have come back and asked me - "How did you enable that really nice dashbord". It's simple, easy and safe.

If you think the below is to much, then check out Wiktor Wiléns blog for a nice farm scoped feature moving this into the gui (and some other stuff also)
http://www.wictorwilen.se/Post/SharePoint-2010-Developer-Dashboard-configuration-feature.aspx

Anyways, here you go:

Via STSADM: stsadm -o setproperty -pn developer-dashboard -pv OnDemand 
Via PowerShell: (Get-SPFarm).PerformanceMonitor.DeveloperDashboardLevel = "OnDemand"

The value OnDemand can also be On or Off (On=Always shown, OnDemand=Shown of request, Off=Never shown)

In one of the primary environments I manage (at my training company) we have a training network for our students. Each week (or several times per week) new students arrive and expects a newly installed computer. Traditionally we have always used Symantec Ghost to distribute complete fat images (complete images of hard drives). The problems with this is the total amount of data to store the large and number of images to maintain. For instance: we had 5 different computer types and that's is five base images since they are not hardware agnostic. Then we have some 400 courses in our schedule which gives 5*400 images total a massive numbers of images to maintain. When we were asked to change the start URL for IE, or a patch came, we had to update ALL of the images. This was not a optimal procedure and needed not only lot's of disk space, but also lots of time. So we needed change.

That's why we decided to go with WDS, WDS gives us multicasting of the operating system and the ability to use database for configuration and that in turn make it possible to out different programs to different computers without even needing to use a single image, just scripts and config in the MDT. MDT can be built on-top of a SQL database, which can be tied into our LOB data system. MDT was selected as the primary working tool. The big problem with this solution is when we want to deploy large VHD files to be used in the courses, the file size of these are between 20 and 100GB, and after the initial multicast of the operating system MDT would simply copy the resource (VHD) from the server using SMB, this would lead to some 15 connections to the deployment share, and sending the file to all the 15 clients using unicast in a fifteen person classroom. Basically what 15 unicast transfers does is reducing available bandwith with as much as 15 times!! This leads to not being able to complete deployment within the time frame for next course.

This was no problem in ghost since we could use multicast for the full image and even for data file copies (since those images were fat). We could achieve this with MDT also by using a fat image instead of the thin image that we now use. However that would serve almost no purpose.. the images would go down by the five models but still 400 course images.. I looked for some other ways and ended up with producing Data Images and deploying with WDS using Multicast and here is how to do it:

Step 1: Capture files into Data Image

Data Images are basically WIM files with just data, no boot information, no operating system - just plain files. They are to be deployed on a excising file system and does nothing more than amend the file system. This works perfectly for me in this scenario since I just want to "install" VHD files into a directory using multicast. So first I locate the data that I need to put in a file. Example:

IMAGEX /capture C:\Course\VirtualMachines C:\Course\VirtualMachines_MS1234.wim "VirtualMachinesForMS1234"

This will produce a WIM file in the c:\course directory with the content of whatever was in the c:\course\virtualmachines directory and label that WIM VirtualMachinesForMS1234

Step 2: Add image to WDS (Multicast namespace)

This is a bit tricky, there is no "Add data image" to WDS. This is because WDS is not designed to transfer files other than install files. The WDS buils on the transport server which have the actual functionalities for transferring files. What we need to do is to create a new multicast namespace and add that file and directory to that namespace. This is done via command line on the WDS by entering

WDSUTIL /New-Namespace /Namespace-Type:AutoCast /Server:wds01.course.local
/FriendlyName:CourseVM_ms1234 /Namespace:cwm_ms1234 /ContentProvider:WDS /ConfigString:C:\Course

/New-Namespace signals that we would like to create a new namespace
/NamespaceType:AutoCast signals that we would like to create a AutoCast namespace
/Server is on which server the namespace should be created
/FriendlyName is the name which this autocast should be listed in the console
/Namespace is the actual namespace name
/ContentProvider is the content provider, you can develop your own, in my case I will use WDS
/ConfigString is the config that should be forwarded to the ContentProvider, in this case the directory in which the wim file exists

We could actually use just one namespace for all our files if we would like to but that limits the number of simultaneous courses we can install.

Step 3: Starting multicast from the deployed client using wdsmcast.exe in the task sequence

So what I do is to create a MDT application called "Virtual Machines Installer", the application will consist of ImageX.exe, WDSMCast.exe and batch file called setupVM.cmd which is the file to be called from the MDT install package. The setupVM.cmd get one parameter from environment which must be set prior via variables: the course name. This could be expanded to include more options etc but will be sufficient for my needs. I then repeat the comand as needed.

WDSMCAST /transfer-file /server:wds01.course.local /namespace:"cwm_%CourseID%"
/username:demo\user /password:demoaccount12! /sourcefile:VirtualMachines_%CourseID%.wim
/destinationfile:%TEMP%\VirtualMachines_%CourseID%.wim

Then we are done.. or you now need to do a task-sequence which includes a call to the "Virtual Machines Installer" which will pull over the file to the local machine and then perhaps we need a script to import the virtual machine into Hyper-V but that is out of scope for this short article. Enjoy wdsmcast if you didn't know about it before.  Also I have got the question, why pack this in a wim and not just transfer the files directly. One is compression but most important for me was the ability to have something that can be merged and manipulated using standard tools and to be able to group loads of files and security information in a single file. Happy multicasting! And don't forget: TechNet is your premier place for more information... goto http://technet.microsoft.com/sv-se/library/cc725964(WS.10).aspx

I have been accepted to present about IPv6 at the MCT and Educator Virtual Summit 2010! I'm looking forward to getting the message out there about IPv6. Last year I participated in several panel discussions at TechEd Europe 2009 and recorded TechEd Online discussions about IPv6. I think many are ignoring the fact that IPv6 is comming and that it is really simple to convert most of your infrastructure. So if you are a MCT or academic instructor, welcome to tune in Friday, April 09, 2010 9:30 AM-10:30 AM (UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Abstract: It's about time that you learn something about IPv6 - it's here to stay! Don't deny it any more! The protocol enables security, manageability and lots of new features but also complexity and lots of new configuration. But dont fear, we have just gotten lazy! IPv6 isn't harder than IPv4 - just different and different takes time to learn. In this session we will cover everything from simple lan deployment to native internet connections and wan considerations.

Today when surfing trough the normal "funny-links-lists" there was one link that really struck me. It's a article from 1995 about how the Internet will fail.. read it and have a good laugh: http://threewordchant.com/2010/02/24/why-the-internet-will-fail-from-1995/

Nothing could be more simple to test and lab on than powershell. However not everyone likes to install and configure stuff on their local machines and if you are one of those people here is to pretty nice 101 labs for Powershell availiable for free online..

Powershell V2: http://go.microsoft.com/?linkid=9701966
10-great scripts: http://go.microsoft.com/?linkid=8958019

They take between 10-30 minutes of your time but teaches you some good stuff.
Also don't forget to check out the rest of the online labs at TechNet Labs

Fellow IT-Pro Joachim Nässlander have mounted a campaign for IT Pros to support Haiti and help a country and people who really needs it.

Of course I'm on! We should all join. I have donated SEK 500 to the Red Cross in support of their efforts.

As one of the three authorized teachers (along with developers Tobias Zimmergren and Daniel Bugday) for Sharepoint 2010 there is much work to do! There is demand everywhere for 2010 and there doesn't seem to be time to keep up with the blog as I would like. Anyways I'm about to record four live meetings for Microsoft and I will try to get permission to post them on the blog afterwards, I will be conducting two lectures on SBS/EBS and Sharepoint 2010 at Microsoft in Sweden, and to that I will deliver Sharepoint 2010 Ignite training. So keeping busy...

I have been busy last week experimenting and trying out the new authorization model that's available in Sharepoint, namely Claims Authentication. For me I had pushed Claims forward and forward, not really checking out what is was or learning it. However with Sharepoint 2010 there really is no leaving it alone. There is a certain treashold to get up to before it's easy but once you get the hang of it is quite straight forward. In the nordics is also realy easy to implement since we have central registries with all individuals and electronic id is quite widespead. So don't forget to check it out. Here is a few links to get you started:

A 101 on Claims in Sharepoint:
http://www.sharepointsecurity.com/sharepoint/sharepoint-security/ten-part-sharepoint-claims-based-authentication-series/

Two comercial identity providers worth looking at (mainly targeting nordics):
http://signicat.com/
http://www.authify.com/

Today I got a really exciting mail from TechEd. The final evaluation results were in on the sessions this year. My session was rated the 5th of all the interactive sessions this year!! That's really exciting and fun. It makes me focus even higher on the presentations that are ahead.

Anyways there is not so much time before Christmas and I'm currenty building a deployment system with over 350 computers that will be refreshed almost nightly, the solution will be based entierly on the MDT, WDS and other "build-in" tools of Windows Server 2008 R2. The clients will be Windows 2008 R2 running Hyper-V. We will also bridge country borders with this solution. The comming weeks I will be publishing some scripts and how-to's based on the work we now do. So if you wonder why the blog is a bit quiet just now thats because I'm so into this project.

Since a couple of days the public beta of Sharepoint 2010 is out in the wild. The official name is Beta 2. Keep in mind that this is for lab only and that migration to RTM will NOT be supported by Microsoft. Here is how to do it. Use Hyper-V or other virtualization that support 64-bit guests.

1. Install a 64-bit Windows 2008 or Windows 2008 R2 machine, 32-bit is not supported any more! The machine should atleast have 8 GB of RAM to function pretty smoothly. More is recomended if you wish to test Web Applications and extensive Excel Services or Sandboxing. Web edition, Foundations, SBS is not supported nor recomended!!

2. DCPromo. Create your domain on the machine and the accounts that will be needed (SQL; Sharepoitn Services)

3. Modify the ACL for registry HKLM:\System\CurrentControlSet\Control\ComputerName and make sure users got full control over that key (because you machine is a DC).

4. Install the WCF fix that will allow the service applications to work (it's actually allowing WCF to communicate unsecured). This must be installed regardless of your operating system. For Windows 7 and 2008 R2 you need this, and for Windows Vista and 2008 you wil need this.

5. Install a SQL server, you will need 2005 SP 3 with CU 3 or 2008 SP 1 with CU 2. Cumulative updates are part-way service packs which isn't fully tested. Thats why you will have to order them by email.. but remember this is not a production enviroment.

6. Download the installer. Start the Sharepoint 2010 Pre-requisite installer, it's reachable form the installer main menu. The program will (download,) install and configure all needed supporting functionallity for Sharepoint 2010. You will need Internet Access for this step to complete.

7. Setup a new farm. Use Complete installation. Never, ever, use Standalone install. Follow the wizards, also launch Central admin when requested as you will go through the Farm configuration wizard.

8. Install Office Web Applications

9. Install Office 2010 Pro Plus, Visio 2010 and Sarepoint 2010.

10: Enable Developer Dasboard by running:
stsadm -o setproperty -pn developer-dashboard -pv OnDemand

11. Reboot. Enjoy you lab enviroment.

I was the 7:th highest rated interactive session of the whole TechEd!! Thats scary - and very nice! =) My session was about getting certified in Windows 7, the 70-680 exam to more specific. I also recorded another session about IPv6 for TechEd online. I was very tired yesterday and took every chance I got to relax in the lounge and did not attend many sessions at all.

Day two was, as all days are here at TechEd, full with really good stuff. I did not have the time to visit any sessions since I was presenting two sessions, and also recording some TechTalks and beeing on the IPv6 panel. The IPv6 panel consisted of myself, Mattias Lind, Thomas Lee, Andy Malone and Torbjörn Granheden and we discussed why we are not there yet with IPv6, how to get further with IPv6. There was lots of discussions and oppositions on the how and why we do IPv6. Expect to see loads more of IPv6 stuff from me in the future. Someone got to evangelise it! =)

Watch the Panel Discussion on IPv6 at TechEd Online here, also my meeting with Tiberiu Covaci about application security in the eye of a IT-pro is available here.

Day one was started with sessions directly in the morning, people everywhere. There is 7500 at site here in Berlin. In the last two weeks of registration 3500 participants registered for the event. Some logistical issues with that ofcause. Yesterday was a very special day. It was twenty years since the berlin wall fell and germany, and berlin was joined as one again. This history lay as a cover of expecations during the whole day. Even if it was a light rain during the evening the spirit was high. Great day to be here, a great day to experience. Fantastic stuff.

I thew myself in with Windows 2008 R2 Foundations, which is a udpated version of the Windows 2008 Foundations (was limited to Emerging Markets). It's a server, requiring no cal-licenses for windows, for up to fifteen simultaneus users. Its a product for small businesses but it does not replace the Windows 2008 solutions that are out there such as the Small Business Server. Foundations is just a bare installation, just like a standard server but with some limitations. You are limited to one socket, 8gb of ram and you cannot run Hyper-V on it, also you cannot have any cross forrest trust or be the child domain root. This product is mostly for Emerging Markets but have a general availiablity over the whole world.

After that I went down to the Community area and recorded some TechTalk sessions. After which it was "Key-note time". They unveiled that Exchange 2010 is generally available, which was of no news to most of us and thats it. Personaly I think this was one of the worst key-notes in the TechEd history, people by the hundreds walked out during the session. To bad. It could have been much better. But nevertheless Exchange 2010 was released and I think that brings time of upgrade for many of you out there..

This is really going to be a busy week, I got that already before arriving. But now when in the middle of the TLC running between engagements I kind of underestimated the task I think. Anyway, yesterday was Day Zero of TechEd, and for me that meant going to the MCT Summit at TechEd. During a couple of hours we discussed some of the new stuff thats out there for us in the learning bussiness: dMOC (Digital MOC) and Online labs.

First things first. Digital MOC. Over 70 of Microsofts courses have been adapted for the new time of electronic documentation and now offers the courses as PDF instead of the books. This have several advantages as I can see it. 1) You can have access to the materials before going to the course which can make you more prepared, 2) you are able to copy-paste between examples in the books and the virtual machine and 3) you dont have to break you back with a 700-page manual to bring home. It also saves a lot on the enviroment and thats allways a good thing! The price for the course materials actually goes down also. But the bottom line is if you prefer a book then you will have that. And if you are like me moving in to electronic documentation then you will have PDFs.

Second big thing. Online labs. This means that the training companies no-longer need to purchase and install local lab machines for use during courses but rather rent them from Microsoft the duration of the course. This means that training center will be able to step down their hardware, saving some money perhaps, and in the end lowering prices as machines are a great cost to training centers. But for students? The advantage will be that the lab will be availiable both before and after the course (the duration of lab availablity is not yet decided). Then you could really follow up and redo the labs again, or perhaps prepare for the course in advance. Online labs will be available some time under Q1 of 2010.

This year is busy at TechEd for me... I will deliver two sessions on Windows 7 Certification lead a BOF about Microsoft Communities, lead a panel debate on IPv6 and record a number of TechTalks and participate in yet another panel. And now I got a mail about my application for Speaker Idol. The Speaker Idol is a competition where you get five minutes and you are supposed to deliver the very best of best presentations you can, the best of the best then meet in a final.. wish me luck! =) See you in Berlin!

I don't know why IPv6 haven't been a big success yet. I have native IPv6 networks and loving every minute of it; but I'm almost alone about that I think. What do you think? Come and join the panel discussion about IPv6 and ask me and the other experts on the board about IPv6 and adoption. We'll try to stay clear of the technical details but rather looking on the question why are we not ready? or are we?

Date: Tuesday, November 10th
Time: 10:00-11:00
Title: IPv6 - are we there yet
Location: Community Stage in the center of the Exhibition Hall 4.2

I have never used the NewSID tool because I never had problems with duplicate SIDs (I hate doing things just because someone tells me I need to - I do whats needed so the app/solution works). So I have always felt ashamed not to follow the best practices in this area - you should do that - offen it has good reasons. Today it feels nice when Mark in a recent post explains everything about Machine SID Duplication problems and why Microsoft now changes the recomendations and retires the NewSID tools. I'll just pretend I knew that all along. =) Read the article at Mark's blog.

Here I am in Amsterdam attending a Sharepoint Ignite at Microsoft with some of the brightest guys around. Nice to have some time and deep-dive into the stuff that I don't find time for in "real life".

I was expecting to see some pre-beta code and perhaps to deep into the Technical Preview I've seen since before. But to my suprise: When starting the virtual machines it feelt almost complete: all the icons where there, most features work. And behold: the build was 14.0.4514.1009 which I would expect to be Beta 2 code or atleast a interim build on the road to Beta 2. The build is about three weeks old by looking on the dates on the files.

For me as IT-Pro there is some really nice features: Sandboxing, Unified Logging, No more SSP (well kind of.. there is "proxies/connectors" instead), Flexible delegation and administration, Tenant Administration and lots more of exciting stuff. There is even really nice features in Backup, and continuity such as support for database mirroring. In regards to security many features are the same, but I have much more granual control of who can do what. And I can have sub-administrators in Central Administration. Files can be stored externally (using SQL-FileStreams) and much more. I WILL be back on this really soon!

Read more: Official Sharepoint 2010 site, Sharepoint 2010 on TechNet, IT-Pro training in November, Developer training in November

Method #1: This method is simple.
Read the TechNet article, it's really simple: http://technet.microsoft.com/en-us/magazine/dd535816.aspx. The article describes how to format your USB key, and how to make it bootable. It's a five minute process. It does require a installation source such as a CD or ISO.

Method #1: This method is even simpler.
Just a few days ago a even simpler tool was released. The Windows 7 USB/DVD Download tool allows you to create a copy of your Windows 7 ISO file (even end users can buy ISOs) on a USB drive. To create a bootable USB drive, download the ISO file and then run the Windows 7 USB/DVD Download tool. Read more and download here

Well don't be shy about it. We all wan't to get certified in Windows 7 =). The first TS exam have been around for awhile now but if you haven't been and done the exam yet so please come and join me at TechEd Berlin and listen to my presentation on how you should go about mastering the 70-680 exam. The presentation will be held in the Certification Presentation area of the HOL where I also will be working as a TLG (Technical Learning Guide).

Tuesday 10:th November at 15.15-16.30 or Thursday 12:th November at 17.00-18.15.

Welcome to come and listen to some of the hottest sessions on Windows 7, Windows Server 2008 R2, Visual Studio 2010 and Exchange 2010 anywhere in europe! We have brought some of the communities brightest stars on our bus as speakers. We will arrive at Stockholm, Gothenburg and Copenhagen to deliver a few intense hours of knowledge. And to share SWAG with you! Who don't need a new T-shirt or try to win the lastest and coolest software? Fun for everyone =). MCT Sweden is spreading the knowledge - learn what certification is all about, how training will make you better and how Microsoft technology is evolving.

The event is free and open to everyone. Register now!

Our Get-On-The-Bus tour is inspired by the Microsoft Learning Europe tour. We will visit 3 scandinavian cities between the 4:rd and 7:th of November! If you are going to Berlin why not just jump on the bus and get free transport to Berlin and Teched where you have the chance to discuss learning, certification and technology with some of the brightest MCTs around! Read more at the MCT Sweden site or Microsot Learnings blog BornToLearn

Today there was a human mistake done in the TLD .SE zone which made the whole .se tld non-functional for many hours. The error was very simple, a missed . (dot) in a file, resulting in ".se.se" instead of ".se". I  think this brings to focus the importance if testing before putting stuff in production enviroments, something that many sysadmins take lightly on and something .SE (The Internet Infrastructure Foundation) have been ignoring for many years while the community have remarked on it. The governmental organisation PTS have been reluctant to "interfere" with .SE.  It will be interesting to se if PTS (The Swedish Post and Telecom Agency) will be carring out some investigation into how this could happen this time or yet again ignore it. How could one failed dot bring a TLD down, why were there no testing procedures in place or was it a blatant disregard of all regulations and policies by one guy who wanted to go home? Will be a interesting few days ahead..

I have used and recomended StarWind iSCSI target for some time now, it have just never disapointed me - however the latest release, 5.0, really blows my mind away. Not only have they redone the gui (which now in retrospect haven't been that intuitive before) to a truly modern interface they have also improved on their data mirroring functionality. I'm now able to create a real HA (Highly-Available) cluster. This is nothing new by itself, but the price range of Starwind does bring this product to even small businesses. The technology is a active-active synchronous mirroring where you will have multiple paths to the data and it curently supports two node clusters. Perfect for use with VMWare or Hyper-V application data. Check it out on their homepage soon; it will be released in about a week from now!

Culminis have decided to go ahead and change its name to Global IT Community Association (or GITCA for short), and will be changing it's logos and sites within the next 4-6 weeks. The name Culminis have been used for about 6 years and this name change is a fresh start and signals a strong community renewing itself.

Representing over 1320 member organizations and over 4 million IT professionals, Culminis is the world's largest international not-for-profit independent organization powered by dedicated volunteers devoted to the development and growth of the IT community by providing services to support leaders and connect user groups, associations, and student IT organizations. Culminis stands committed to the free exchange of resources, ultimately elevating the status of the IT Professional both in their industry and in the community.

The Infrastructure Planning and Design team has released two updated guides for deployment and operations: Windows Deployment Services and System Center Operations Manager. These guides, updated to reflect the features and functionalities of Windows Server® 2008 R2 and System Center Operations Manager 2007 R2, outline the critical infrastructure design elements that are crucial to a successful implementation of these deployment and operations products.

The Infrastructure Planning and Design Guide for Windows® Deployment Services guides the reader through the process of designing a Windows Deployment Services infrastructure in a logical, sequential order. Following the six steps in this guide will result in a design that is sized, configured, and appropriately placed to enable rapid deployment of Windows operating systems, while also considering the performance, capacity, and fault tolerance of the system.

The Infrastructure Planning and Design Guide for Microsoft® System Center Operations Manager outlines the critical infrastructure design elements that are crucial to a successful implementation of Microsoft System Center Operations Manager.  The guide takes the reader step-by-step through the process of designing components, layout, and connectivity in a logical, sequential order. Identification and design of the required management groups is presented in simple, easy-to-follow steps, helping the reader to design and optimize management infrastructure.

Download the IPD Guides for Windows Deployment Services and System Center Operations Manager at http://technet.microsoft.com/en-us/solutionaccelerators/ee382254.aspx.

Welcome abord! MCT Sweden (national swedish organisation for MCTs) spreading the knowledge - learn what certification is all about, how training will make you better and how Microsoft technology is evolving. Spend a few hours get the latest updates on Windows 7, Windows 2008 R2, Visual Studio 2010, the value of certification and more!

The event is free and open to everyone.

Our Get-On-The-Bus tour is inspired by the Microsoft Learning Europe tour. We will visit 3 scandinavian cities between the 4:rd and 7:th of November! If you are going to Berlin why not just jump on the bus and get free transport to Berlin and Teched where you have the chance to discuss learning, certification and technology with some of the brightest MCTs around! Read more at the MCT Sweden site or BornToLearn

Today I got selected as a TLG (Technical Learning Guide) at TechEd EMEA 2009 in Berlin. So if you are in to the labs, don't hesitate to visit the HOL-area!

Microsoft have done it again - this time free antivirus and antimalware for home users! Finally today the public download was released!

Microsoft Security Essentials provides real-time protection for the home PC and guards against viruses, spyware, and other malicious software. Microsoft Security Essentials is a free download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple. Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.

Go to http://www.microsoft.com/SECURITY_ESSENTIALS and download it and test it for yourself!

A dear collegue and friend, Tobias Zimmergren, have recently released a fantastic forum solution for Sharepoint. This is a complete one-stop-shop and have a lot of exciting features such as categories, avatar support, top-poster webpart, recent discussion webpart and a search webpart amongst other features. If you are looking for a dynamic and easy to maintain forum then don't hesitate to check out his company website and his forum solution.

If you don't already have a TechNet Plus subscription go and get one now, until the last of october you will have a 25% discount if you enter the code TNWIN7RTM when ordering. If you don't already know what Technet is then check it out at techet.microsoft.com or read more about the offer at www.TechNetPlusTryWindows7Now.com

A early release is of MS50248 is now availiable. Please contact me if you are a MCT and interested in teaching this course. In this three-day instructur-led course the student will learn how to administer a Microsoft Online Services installation. The couse will walk you trough planning, setup and maintinance of all the online services, integration components, and how to get the system availiable and working with the on-premise systems. The course requires a active Internet connection during the whole course, and a account at Microsoft Online Services. This course is intended for systems administrators who will administer Microsoft Online Services, and combining on-premise and hosted services. The course is availiable trough http://cwlibrary.mslearn.net to order by CPLSes and MCTs.

The Infrastructure Planning and Design team is working on a new guide: DirectAccess. This IPD guide provides actionable guidance for designing a DirectAccess infrastructure. The guide's easy-to-follow, four-step process gives a straightforward explanation of the infrastructure required for clients to be connected from the Internet to resources on the corporate network, whether or not the organization has begun deploying IPv6. While still at beta I would still recomend it as it is good prepparation.

Please goto Microsoft Connect and apply to participate in the beta to download.

Nu har Microsoft släppt en 90-dagars demo som man kan ladda ner direkt från webben. Det är tänkt så att du har möjlighet att testa Windows7 på all din hårdvara som du har och se att det verkligen kommer fungera så bra som löftet säger. Denna versionen är INTE uppgraderingsbar till en skarp version utan endast för testning, det är en Windows 7 Enterprise som är den vanligaste versionen. Kraven för din maskinvara?

Var hittar du då detta? Jo, på TechNet så klart (nej du behöver inte technetkonto!)

I'll be delivering a session on SBS and one on EBS at Microsoft this thursday. It's level 200-300 stuff about. I'll be focusing around new installs and upgrades, hardware and performance. Please visit. See http://www.microsoft.com/sverige/sommarkollo/default.html for more information and booking (it's FREE by the way!)

Microsoft was challenged as you all probably know to give users a "better" choice of web browser. There have been discussions about a Windows 7 E version which would not include any web browser at all and that you would need to install one your self. However they decided not to do a E version to Europe based on imput from OEMs and others. When you launch "Internet" the first time you will be given a choice of browser, the selection meue is built in IE. =)

Read more over at CNet

Tobias Weltner have just released a e-book (downloadable in PDF format) titles Mastering Sharepoint. Find it here http://powershell.com/cs/blogs/ebook/ and now there is really no excuse not to learn PowerShell! Thanks to Jeffrey Snover for the tips! 

The Infrastructure Planning and Design team has released a couple of updated guides for Windows Server 2008 R2 and the new features availiable there. IPD Guides are the foundation for any successfull implementation of Windows Server 2008 R2.  The specific guidens updated for R2 is: Active Directory Domain Services, Internet Information Services 7.5, File Services and Print Services.

The guides are availiable for dowload at http://www.microsoft.com/ipd

When I started looking at EBS I was impressed with one tool, the upgrade wizard, which checked the current infrastructure before the upgrade to EBS. I thought that Microsoft should include this in every Server OS they released - it was just that good! They didn't do that unfortunaly: they did the second best thing. The EBS team created a stand-alone product, "Microsoft IT Environment Health Scanner", which builds on the wizard from EBS.

The tool runs some hundreds of checks on your network, and the checks are based on the most common questions that were recieved by Microsoft Support Services. The software is not bound to EBS in any way so it can be used on all Active Directory networks. The main areas where testing is done is Configuration of sites and subnets in Active Directory, Replication of Active Directory, the file system, and SYSVOL shared folders, Name resolution by the Domain Name System (DNS), Configuration of the network adapters of all domain controllers, DNS servers, and e-mail servers running Microsoft Exchange Server , Health of the domain controllers, Configuration of the Network Time Protocol (NTP) for all domain controllers.

And if this tool identifies something - as I always tell my students - fix it! Yellow exclamation points perhaps looks colourful. But they are not good. Every error, even a small one, should be fixed. So get going; check your environment now:  http://www.microsoft.com/downloads/details.aspx?FamilyID=dd7a00df-1a5b-4fb6-a8a6-657a7968bd11&displaylang=en

I have discovered that SBS2008 (sometimes?) have problems with importing a wildcard cert to use as a trusted cert. I have not been able to confirm this since I only have one trusted wildcard cert, but I will try to confirm it and update this post. The cert was  issued to *.mydomain.com as it should be as it is a wildcard cert, and my SBS server was configured to use remote.mydomain.com for RWW. When trying to run the "Add Trusted Certificate" wizard the system would not let me select my trusted cert from the Personal/Certificates store on the SBS Server. However it did present me with the remote.mydomain.com certificate. There was no chaining or permission errors on the certificate and it was exportable and all extenssions were also imported.

What I did was to go into the registry and change HKLM\SOFTWARE\Microsoft\SmallBusinessServer\Networking\PublicFQDNPrefix to * instead of remote. Then ran the wizard. It now presented me with the option to use the wildcard cert instead. Selected the wildcard and then finished the wizard. Changed the registry value back to remote and everything works fine.

Swedish MCTs, this is for you: MCT Sweden and Microsoft are hosting an MCT/MVP Summit at Microsoft’s Stockholm office on August 21st and 22nd.

On the first day, hear technical presentations from product managers in multiple tracks. After a fun evening activity, learn informally on day two in Open Space sessions where participants and presenters can discuss, teach and learn. More detailed info to be released shortly on the MCT Sweden site, and there is also a request for content on the site.

The entire event will be held in Swedish and requires registration, however the event is free for all MCTs and MVPs to attend. For more information, registration and information visit MCT Sweden or email info@mctsweden.se (please remember your Transcript ID and Transcript Sharing Code if you request access to the site).

Small Business Server 2008: Small Business Server is a classic, this session is aimed at technicans about to plan, implent and administer SBS.
Date: 25/6 Gothenburg, 0900-1200 - To register click here!
Date 20/8 Stockholm, 0900-1200 - To register click here!

Essential Business Server 2008: Learn more about the EBS concept, effectiveness and gains.
Date: 25/6 Gothenburg, 1300-1600 - To register click here!
Date 20/8 Stockholm, 1300-1600 - To register click here!

Just letting everyone know that MCT Sweden (a community initiative) now have been formalized and were starting a website, blog and private native language forums. Also working on alot more features to offer swedish MCTs on the site such as online profiles and blog functionality. Amongst the fun things that we will offer in complement to what is offererd from Microsoft is:

* local swedish discounts (several about to be signed)
* real courses in pedagody and TTTs in local language
* quarterly events in stockholm, gothenburg and malmoe
* discount at accounting services (many of us are freelancers)
* social events

MCT sweden is not affiliated with any CPLS, nor are we ar religous group or anything like that. We´re just a bunch of MCTs creating some additional advantages of beeing a MCT. Maximizing the network advantages of the highly skilled professionals in the MCT programe. The group main objective is to raise the already high standards of MCTs. Providing aspects such as soft skills and other things that we need to be good at technology.

There is still lots to do and if you are a Swedish (scandinavian?) MCT and would like to participate, or help with the community dont hesitate to  vistit the website. (Mind it's still on some poor hardware so could be kind of slow at the moment)... http://www.mctsweden.se

Also; a reminder about the BBQ event the 10:th of june in Stockholm:
http://itbloggen.se/cs/blogs/daniel/archive/2009/05/21/mct-mvp-night-out-grill-and-knowledge.aspx

Today I got a bit creative and threw together a small example for my students about how you can use powershell to upload files to Sharepoint. The script doesn't have any error handling or anything of the sort, I leave that up to whomever uses the code as a bas.. . It takes a site url, and library name as parameters and then uploads the argument list. The file is also attached to this post.

1. param($site=$(throw "You must specify a site"), $list=$(throw "You must specify a list"))
2. if ($args.count -le 0) { throw "You must supply atlest one file to upload" }
3.  
4. [void][System.Reflection.Assembly]::LoadWithPartialName(”Microsoft.SharePoint”)
5. $spSite = New-Object Microsoft.SharePoint.SPSite($site)
6. $spWeb = $spSite.OpenWeb()
7. $spList = $spWeb.GetFolder($list)
8. $spFiles = $spList.Files
9.  
10. for ($i=0; $i -le $args.count;$i++)
11. {
12.  $fileInfo = Get-ChildItem $args[$i]
13.  $fileContent = Get-Content $fileInfo -encoding byte
14.  $fileName = "{0}/{1}" -f $list, $fileInfo.Name
15.  $fileMetadata = New-Object HashTable
16.  $spFile = $spFiles.Add($fileName, $fileContent, $fileMetadata, $true)
17. }

Inspired by Sharepoint MVP Tobias Zimmergren and his example of doing it in C#

I'm delivering a SBS 2008 and Home Server seminar the 29:th of may 2009 at Informator utbildning in Stockholm. There are a limited number of seats left so don't miss out on it. Go and register. Its free http://www.informator.se/product.aspx?ArticleNr=PS0908

If you can't make it for this seminar don't miss the Sommarkollo 2009 at Microsoft which features lots of speakers, about lot of topics, over several days. Open at no charge for microsoft partners. Read more about my presentations here or about the event here.

I've been busy prepping courses and delivering courses so I haven't been that around the blogs and haven't had time to share so much. But still: the sharepoint team released some information about the Sharepoint 2010 version. As expected it will be x64 only, and supported SQL will be x64 also. They have also done a lot of work to be XHTML 1.0 compatible so there is no extensive support for older readers; and thats about time in my opionion!

Read http://blogs.msdn.com/sharepoint/archive/2009/05/07/announcing-sharepoint-server-2010-preliminary-system-requirements.aspx

Swedish only posting: Invitation to MCT/MVP night out - grill and knowledge for swedish MCT/MVP community.

Den 10:e juni anordnar jag "MCT/MVP night out - grill and knowledge", klockan 1800-2230 på Gärdet i stockholm, en tillställning med både kunskap och nätverkande i sikte. Alla MCT/MVP är hjärtligt välkomna, sprid gärna inbjudan till de du känner!

Boule, eller kubb, grill och öl kommer finnas på plats. Microsoft bidrar med krubbet. Vi inleder med en presentation (ej bestämt vem ännu men ett par namn finns som jag väntar ok från), körs via Groove självklart om det behövs, sedan kubb/bouleturnering och därefter "open space" vid grillen..

RSVP senast 3:e juni via mail till daniel@sorlov.com, ange subject GRILL

This week I have been teaching a MS6434 course (Powershell) and during the students labs I always sit and try some new technologies. One thing that one of my participants brought up was how to generate random passwords and that the standard RANDOM isn't always realy random. Surely there must be a solution to this I tought and here is the resulting function:

1. function Get-RealyRandomInt
2. {
3. $randomBytes = New-Object byte[] 4
4. $(new-object System.Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randomBytes)
5. return [BitConverter]::ToInt32($randomBytes,0)
6. }

Short, sweet and truly random. Use this to your heats content. I have also wrote a small function to generate a password:

1. function Get-Password
2. {
3.  param ([int]$length=8,[switch]$noSpecialChars,[switch]$noNumbers,[switch]$noLowerCase,[switch]$noUpperCase,[switch]$includeUbiquitous)
4.  
5.  #Setup valid chars for generation of password
6.  if ($includeUbiquitous) { $chars += "L","l","i","I","j","J","O","o","0","1"}
7.  if (!$noUpperCase)      { $chars += "A","B","C","D","E","F","G","H","K","M","N","P","Q","R","S","T","U","V","X","Y","Z" }
8.  if (!$noLowerCase)      { $chars += "a","b","c","d","e","f","g","h","k","m","n","p","q","r","s","t","u","v","x","y","z" }
9.  if (!$noSpecialChars)   { $chars += "%","#","&","(",")","=","?","-","_","§",";",":","<",">","@","*" }
10.  if (!$noNumbers)        { $chars += "2","3","4","5","6","7","8","9" }
11.  if ($chars.length -le 0)  {  throw "You must cannot exclude all classes of chars, passwords without chars are not good."  }
12.  
13.  #Loop generation process for specified length and return the password
14.  for ($i=1; $i -le $length; $i++)  {  $output += $chars[$(New-Object Random(Get-RealyRandomInt)).Next($chars.Length)]  }
15.  return $output
16. }

Both theese examples can be downloaded from the attached file. 

Updated at 2009-05-20 21:45: A big thanks to Niklas Goude for correcting a spelling mistake in the variable $includeUbiquitous above. Thanks!

I have always wondered whats so great about the plastic cards you get when you check in at a hotel. Whats the magic touch? They are cheap and easy to replace when you loose them - which keys are not. So that must be the reason. Cheap price - cost savings. However something in me tells me if they are cheap they cannot be secure? Or can they? So what is on the cards? I just had to know; I took my key and read it into a magnetic stripe reader. The information on the key was:

• Room number
• Valid from
• Valid to

Okey; so the doors must be connected to some computer? No. The room number is set in the door it-self and kept safe there by a EEPROM. So how could this be used? Well I just changed the room number from my own to a collegues - it worked. Like a charm. Thats not good. But I think its to much work to just re-key for every room I wish to enter so I decided to be creative, whats on the housekeeping key? Must be more secure? Right? No. It wasn't; when I changed the room number value to 0, 9999, or -1 the key worked in both our rooms at the same time - this could be different between many systems but just a 20 minute guessing game and we were in.

I have disclosed this information to the selected hotel and they were a bit concerned, and they are looking into this right now. The equipment used was a magnetic card reader/writer (as found on http://www.hackershomepage.com/section6.htm), but lended from a POS VAR here in Sweden. Should it realy be this easy? Secure or easy? Your choice.

So what am I trying to say? Computer security starts with physical security. Because in the hotel room you leave your computer, with all the passwords to your network. If your lucky you will just get robbed of your money or laptop - but worst case scenario is that you ruin your company - disclosing all sensitive business information.

Read more on http://www.microsoft.com/sverige/sommarkollo/default.html (Swedish only)

A friend of mine, and a fellow MCT, Mattias Lind have launched a forum about a month ago. In his forums you can discuss everything about SQL. The forums are not so big today but I think that as everything Mattias does it will be very good. Go there with your questions and I'm sure you will get some great answers!

Visit his forum here: http://forum.mssqlserver.se/ or his homepage here http://www.mssqlserver.se/

I have been selected to present on SBS and EBS at the Microsoft Sommarkollo 2009 in Sweden. The Sommarkollo is a free (or has been the previous years) microsoft event arranged yearly where partners and customers to microsoft during the summer can deep dive into lots of subjects in seminars and hands on labs. As of now I have no further information than this.

Small Business Server 2008: Small Business Server is a classic, this session is aimed at technicans about to plan, implent and administer SBS.
Date: 25/6 Gothenburg, 0900-1200
Date 20/8 Stockholm, 0900-1200

Essential Business Server 2008: Learn more about the EBS concept, effectiveness and gains. Hands on labs.
Date: 25/6 Gothenburg, 1300-1600
Date 20/8 Stockholm, 1300-1600

More information when avilable will be here (I think, right now its just last years Sommarkollo): http://www.microsoft.se/sommarkollo

Finally a new version of Virtual PC, this time around the product have changed name to Windows Virtual PC and is totally integrated with Windows Explorer. There is no separate GUI any more and there is a lot of exciting features such as application publishing to the host OS (such as used for Windows 7 XP Mode). The Virtual PC requires one of the premium editions of Windows 7.

The current release (beta) is distributed as a hot fix, a single .exe file which you double click and “next-next-reboo”t. After reboot there is two new icons on your start menu Windows Virtual PC and Virtual Windows XP. I decided against installing the Windows Virtual XP system and opted only for the Windows Virtual PC install. The Virtual Windows XP is basically a pre configured Windows XP machine running virtual.

After install you will find a special folder called My Virtual Machines. This is the main “console” where you administer your virtual machines. The machines will be listed here and can be started, stopped and configured here. To add a new machine you just click the “Create new Virtual Machine” in the toolbar.

In the first step you specify a name and location for the image. This is just as in Virtual PC 2007.

Then basic settings of memory and networking. The guest can support four network connections if configured manually later on. If you check the box a shared NAT adapter will be set up.

The last dialog is to setup virtual hard disks. You can select dynamic, existing or advanced. Advanced mode lets you setup differencing disks also.

After the virtual machine is created it will be listed and you are able to left-click and set options and control the state of the running virtual machines.

The settings dialog is quite similar to the earlier versions. You are able to setup IDE controlled disks (4), network controllers, connect serial ports to physical ports, text files, etc. The most exciting features are the Auto Publish which applications installed on the virtual machine available on the host. The feature requires Integration Components to be installed.

The machines are running exactly like in Virtual PC 2007 and besides the above features. Read more and download the beta today from MSDN or TechNet. If you dont have TechNet then you will be able to find it public on http://www.microsoft.com/windows/virtual-pc/ after May 5th. You are able to download Virtual PC and Virtual XP as separate downloads.

Been busy upgrading to SP2 on a couple of sites, and doing a lot of test of new stuff while my students are doing labs. No issues as of yet with sp2. However on codeplex I found some interesting stuff:

SPMessaging - Twitter variant for your sharepoint:
http://spmessaging.codeplex.com/

Windows Live Authentication - Actually works and is quite simple to implement
http://spwla.codeplex.com/

Powershell console in sharepoint - A perfect complement to the Powershell components of iLoveSharepoint
http://sppowershellconsole.codeplex.com/

I have been working as a MCT for a while and though that it was about time that I wrote a course of my own. I selected a topic near to my heart and I ended up writing a MS50248 Implementing and Managing Microsoft Online Services which will be availiable from Microsoft within 3 months at Microsoft Courseware Library. The course is already set for delivery at the CPLS I work, but other CPLS might also be delivering the course as its a official Microsoft Courseware Library course and availiable to all for delivery.

Lots of new stuff in the Office SP2, dont forgett to update your clients also!

* Two new STSADM commands, one to check compability with vNext of Sharepoint and one to analyze ECM sites for errors.
* Lots of improvements to rendering of webparts, almost everything works in Firefox now.
* Better performance when using page varations
* Forms authentication for SPD

And lots lots more.. read the full details here.

Download WSS 3.0 SP 2: http://www.microsoft.com/downloads/details.aspx?FamilyID=79bada82-c13f-44c1-bdc1-d0447337051b&DisplayLang=en
Download MOSS 2007 SP 2: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b7816d90-5fc6-4347-89b0-a80deb27a082
Download Office Suite 2007 SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=b444bf18-79ea-46c6-8a81-9db49b4ab6e5&DisplayLang=en

Today I have finally deployed my first application "real" application to Azure and also started to port one of my blog applications to use Azure storage. In addition to that I'm using Azure as a backend for a Sharepoint procurement solution I'm involved with building. I'm very intrested in how the pricing model for Azure will be.. Read more about azure and apply for the beta at http://connect.microsoft.com if you haven't already! And no, I'm still no developer, but to understand how to better help and manage the applications that are handed down from developers to us technhans I really like to be in "their head".

To sum it up: Be there or be square. =)

If you are a MCT then be sure to attend the softskills pre-confrence event the 16:th
If you are not a MCT then please come to the TechDays event and lets meet in the lab, or the bar. =)

I'm very engaged at the moment in training at my work, and havn't had time to update the blog as offen as I would like to, but after TechDays (17-18th of March) I will be updating regularly again. I will be running some of Informators labs in the HOL area on site at TechDays. I will also arrange a pre-conference event the 16:th for MCTs so pretty busy right now. But rest azure (phun intended!) I will update soon again!

[Via Tobias Zimmergren] Microsoft have released information about SLA for the Sharepoint online service. http://www.microsoft.com/downloads/details.aspx?familyid=069df92a-4f58-45e3-bbf8-93ed6bcb61d1&displaylang=en&tm#filelist

If you dont know what Sharepoint Online is or how it could change your live read all about it in Zimmergrens blog

I will now have a Swedish only posting, since it only applies to the Swedish MCT community.

MCT Softskills 16:e mars i anslutning till Techdays

Inga företag what-so-ever är involverade i att arrangera eller driva eventet – det är från MCT till MCT

Inbjudan: Jag vill bjuda in alla svenska MCT:er till ett litet ”spontant forum” där vi möts och diskuterar sådant som angår oss som MCT:er, inte minst det nya formatet på MOC och hur vi kan få det att fungera. Det är en personlig inbjudan från mig, inga företag är involverade i att arrangera eller driva eventet – det är från MCT till MCT.  Jag har lyckats få två av Microsoft Learnings mest framstående profiler att köra sina fantastiska presentationer från MCT-summit live via videolänk. De kommer också ha en stund för frågor och svar, vilket är en fantastik möjlighet att få ”träffa MSL på riktigt”

Plats och tid: Aros Congress Center, Västerås, 16:e mars, Kl 1400-1900
Kostnad: Gratis! =) Resa och boende och middag på kvällen står du själv för!
Anmälan: Skicka mail till daniel@sorlov.com senast den 10:e mars med hurvida du kommer närvara eller inte; frågor mm.

Agenda

Välkommen & ”Det viktigaste från MCT-summit” (Kl1400-1430) av Daniel Sörlöv

Självinsikt – grupputsikt. En pedagogisk smakbit! (Kl1430-1530) av Charlotte Ljung, Pedagogik Coach från Coach-IT

Nya formatet på MOC (KonaH) (Kl1545-1630) en Öppen diskussion ledd av Tiberiu Covaci

Paus med fika (1630-1700)

Via videolänk: Bringing Your Presentation Skills to the Next Level; Preparing for a New Course (1700-1745)  av Matthew Roche, Quality Architect från Microsoft Learning

Via videolänk: Creating Powerful Presentations: Unlearning Bad PowerPoint Habits (1800-1845) av Bill Chapman, MCT Rediness från Microsoft Learning

Frivillig middag på lokalt hak (1900…)

As I headlined I don't really like the idea behind Twitter and other microblogs. But what the hell; everone else does it so why not me? Visit me on Twitter

I've been contacted by the Swedish Chapter of IAMCP (International Association of Microsoft Certified Partners) about delivering a Windows 7 introductional seminar. The seminar will be held at Informator Utbildning in Stockholm march 19th and is open till all members of IAMCP, please find more information and signup at IAMCP event calendar.

Today I started my screencast series about how to empower sharepoint using powershell. The microphone I use sucks, but still trying to learn this screenrecording stuff. =) Part 1 is a short introduction to doing some basic tasks such as creating sites and items in a list. Also I show how to load the needed assemblies. Please watch it; and send comments about the content etc to me to make theese casts better - its quite new to me to "talk and present" into a computer. =) Below the video you will find some code used in the demo.

Format: wmv
Duration: 10 minutes

#How to load assemblies for Sharepoint
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") 
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Portal") 

# Get the website collection object
$SPSite = New-Object Microsoft.SharePoint.SPSite "http://se-wks-daniels" 

# Get the root web
$RootWeb = $SPSite.RootWeb

# Creating a site and put that into $NewSite
$NewSite = $SPSite.AllWebs.Add("CPS", "PSSite", "Created in PS", 1033, "STS#0", $true, $false)

# Create new item
$SPList = $NewSite.Lists["Announcements"]
$SPListItem = $SPList.Items.Add()
$SPListItem["Title"]="New announcement!"
$SPListItem["Body"]="This announcement is done from powershell. Imagine the possibilities."
$SPListItem.Update()

Microsoft made a strategy announcement this past friday and letting us know that PerformancePoint, after the next servicepack, will be integrated into Sharepoint Enterprise License and not to be sold as a standalone product. This means that one of the big obstacles in deploying PerformancePoint is cleared: the price. BI to everyone! After April 1st there will be no more PerformancePoint stand-alone product. I can't wait until Office 14 hits the streets! It also means that Microsoft is centralizing its BI efforts into three products: Excel, Sharepoint and SQL Server. Since this is a SA benefit you can already today deploy PerformancePoint at no additional cost if you are a lucky holder of a Sharepoint 2007 ECAL SA - thats right! No need to wait! Read more on the Microsoft BI site.

Later today I will be delivering a two-hour seminar at Informator about SharePoint 2007 and the OOTB functionality in Gothenburg. The main focus is to show that the product can be used without customizing, and not only be used for simple task, but deliver full scale applications even at the enterprise level. I will also show that the system perhaps not always meets the demands.. consultant friendly OOTB as I use to say.. =) If you have the time, you are free to go by Informator Utbildning in Gothenburg the seminar starts at 16:30.

This Monday an announcement was published at the Microsoft Sharepoint Team Blog announcing the CTP of Visual Studio Excensions for Sharepoint (v1.3) which is greatly anticipated. This is said to be a interim until Visual Studio 2010 is released. Among the best features of this CTP is the ability to use it on x64 systems also! Finally! Download the CTP from here or read more on the Sharepoint Team Blog.

I will deliver some really good (if I may say so) seminars about Windows 7 and Windows Server 2008 R2, at Informator Utbildning in Stockholm and Gothenburg. Read more, and book you free attendance, on their website about the Windows 7 or Windows 2008 R2 seminar.

Back from christmas - no computers at all for 18 days. Almost the worst panic situation ever for me. =) However, on my way to the MCT Summit in Prague now and meet fellow MCTs from all of EMEA. If you are there then please send me a mail and lets meet for a beer or something. Will blogg if anything interesting pops up (I know there will be but some I think is under NDA). Otherwise see you in a week when I publish my first screencast. Live long and prosper.

When developing workflows with WSS and you need input, config or whatever. You are directed to making ASP.NET pages. In MOSS you will also have the InfoPath possibility. In WSS however it can take forever just to do a simple form. As a new alternative a cool codeplex project have been developed. Read more at Codeplex. [via: Andrew Connell]

The Sharepoint team yesterday announced the WSRP toolkit., a toolkit with resourses on how to  integrate WebSphere and other (WSRP-compliant) systems with Sharepoint. The toolkit consists of some demo code projects in visual studio, screencasts and a whitepaper on the techniques used.  Read more here, or download directly from MSDN.

I'm not dead or gone, just had a lot of work to do. Have started to record a lot of screen casts about sharepoint and powershell - which of the first will be available here soon.

Important patch have been released by Microsoft for Sharepoint Server 2007 and Search Server 2008. This patch have been distributed before in the October cumulative update. Read more.

Also; register today for the European SharePoint Best Practices Conference in London between 6-8 April. There isn't that much decided in the area about session but the line-up of speakers seems really impressive and promising. Read more.

Recently discovered a post about LinQ to SQL will be depreciated(?) in .NET4.0. Some people think this is good, and some think it's really bad. I haven't decided yet; I just have started to use LinQ to connect data to my applications... Read more and a clarification here.

Microsoft is also developing a concept called OSLO which has a lot of exciting stuff. Something I especially like as a "Curly Braces"-programmer is the M modeling language. However I don't use it as intended but rather to quickly generate really good sql... =) A video can be found here

Then to a topic which isn't really IT but rather general topic. Today I went to my local store and got news from a cashier there that three of the five cashiers just got sacked. This because the pay points have been automated and the customers now scan their goods them-selfs. Three of the five lines were closed. This is optimization of flow; they will handle a increased number of customers, they will be able have less staff. More economically liable in other words. I can see some similarity to my own optimizations in document handling and it-structures and automating tasks which today employ people - tomorrow by machines. Of-cause the greater good is served - but when Christmas is coming and you see people loosing their jobs over "optimizations" you get a bit sad. Just a short philosophical note from a techie =).

The SP2 for Office Systems 2007 was announced not long ago. Today I got positive confirmation that some MVP, and other select users, already is beta testing the upcomming SP. The official word is that it will be availiable sometime between Febuary and April. However given the circumstances that selected users already have been given a beta I would be very supprised if it wouldn't be a more generally availiable SP this side of new year. But just guessing here.. =)

 Some of the better improvements is:

• Better support for XPS, and PDF
• Performance and manageability improvements to variations in Enterprise Content Management (ECM) including STSADM commands for repairing links between source and target pages
• Improvements around processing status approvals from Office Project Web Access into Office Project Professional 2007
• Improvements to read-only content databases and index rebuild timer jobs in Windows SharePoint Services 3.0

Also; the team will also release a Upgrade Advisor which will help you to make sure that your system is ready for SP2 and list all additional task needed to be perfomed. No more guessing (or reading a lot) as with SP1. =) Will update blog as soon as I have more information.

Back from Bacelona and TechEd; one part with lots of new inspiration of things to test, do and develope, the other part is just tierd from all the tapas and social life. =) One of the nice things I was playing with the last week was content expiration policies. Offen when I do ECM projects the built-in functionalities isn't enough and previously I always turned to my developer friends for assistance but now I found a realy simple, yet good, step-by-step howto of how to create your own policies - even something that a non-programmer as myself pulled of. Read more at WinSmarts

In way of certification two new "certifications" became availiable during the TechEd IT-Pro week. Theese are not "in the same legue" as our traditional MCTS on sharepoint. It is the Certified Master for Sharepoint and Certified Architecht for Sharepoint. The following is a quote from the Sharepoint blog: "The Master program is designed to be the top-tier technical certification for SharePoint Products and Technologies for years to come. The goal of the MCM is to provide a means for training, recognizing, and developing the top SharePoint technical experts in the world. Specifically, the MCM is intended for technical professionals whose primary responsibilities include designing, building, configuring, deploying, and supporting large, often complex, MOSS 2007 environments. Building on the MCM, the MCA certification is designed for professionals who possess an additional skill set focused on the larger business strategies and technical architecture as a whole. This skill set includes the ability to communicate with business and technology leaders, to understand the customer’s current and long-term organizational and technical needs, and to design a solution to meet those needs. To receive the MCA for SharePoint, students must first graduate from the MCM for SharePoint program and will then have the option of sitting for a comprehensive Review Board interview conducted by Microsoft experts and MCA’s. " More information is availiable on the Microsoft Learning site

Lastly a quick note about the Windows Azure plattform and Sharepoint Online. This was announced two weeks ago at PDC, and re-launched again during TechEd. The services are "clould" services. Today Sharepoint Online does not build on Azure. Sharepoint online do not carry nearly as many features as the real Sharepoint (on premise) installations do. I will be back to map the diffrences in a few days. Until then please read the sharepoint blog.

If you read my blog before you probably know that I am on-site at TechEd IT-Professionals EMEA in Barcelona as a MCT-Ambassador. Have had the time to go to lots of exciting seminars and more importantly I've met lot of people who I only had contact with trough newsgroups and mail before. Haven't been bloging yesterday, since I could not find any network cable (panic!) and my wifi seems brooken. Finally found a MediaMarkt and now I'm connected via some kind of hotel-isdn-type of connection.

As a MCT-Ambassador for Microsoft Learning I'm in the Ask-The-Experts area and answering questions about learning, certifications and that kind of stuff. It's a challange to remember all of the certifications, paths and books. But very fun - over my expectations - I think it is due to all the people I get to meet.

Today I attended a seminar about what I thought to be Sharepoint External webs, optimizing and configuring etc. But the seminar was about something completely different (even if it kind of was external access - just not what I expected): it was about IAG (Intelligent Application Gateway). The IAG is a application layer security software which lives on top of ISA-server. Currently only availiable as a appliance but soon also as a virtual appliance (running in Hyper-V I would presume).

The IAG will inspect the health of a visitors computer, for example looking for anti-virus software and based on that health information restrict access to Sharepoint. Whats exciting (realy sexy actualy) is that it does limit specific functionality and not the whole site. For instance you might be able to browse the extranet while not having a anti-virus program but you cannot upload. Great stuff I think and will deep dive into this as soon as I can find the time.

Also discovered, or rather got reminded of, the large number of protocolls and ports used in Sharepoint for all sorts of communication. Could be a real challange to setup a multi-layered setup with segmentations and firewalls. One thing I learned today is that the search query from the WFE actualy use SMB for the querys (not the index transfers - already knew that).. will look into that tonight I think..

I realy hate myself for not beeing at PDC. Lots of bits and pieces of Office 14 is landing in from collegues and friends "on-scene" at LA. Currently working hard on compilling all the sceenshots, videos and other stuff I got in the mail for this blog. Will be posting a long commentary about this in a day or two when I get time of from teaching classes and realy can deep dive into all the materials. Let's just say that the things I've seen is REALY exciting! =)

Also as a side-note I'm proud to say that I got certified for EBS, took the beta exam sometime in august and just got the news that I passed. Which now means that I'm a charter member for TS: EBS 2008, Configuration. This is besides my sharepoint certifications my most valued certificate.. =) 

A quick update about SQL 2008 and how that can enhance Sharepoint 2007. The main word is compression of data in different scenarios. Backups from SQL-server can now be compressed which saves space needed for backups, which have been a big problem for us as it admins. Also the replication traffic between sql nodes in the sql cluster is compressed which makes mirroring easier and more effective if the infrastructure isn't a high-bandwith one. I have just installed my first SQL 2008 machine in production and will be updating with more info as soon as I have something fun to tell you about it! =)

More detailed information can be found at Technet.

Almost every week I welcome a new class at the CPLS where I work. Every week I have to teach people - who thougth they knew sharepoint security - some fundamental knowledge about security. This is a article to try and explain some of the main points.

Sharepoint security can be devided into three basic areas: Groups & Users, Permissions and Securable objects. Groups and users are thought to be straigt foward. Users are present in a database, and can be devided into groups. Groups do not have any permissions. Permissions are then set in access list at each securable object. A securable object is basicly list item, list, library, site or site collection.

• Groups are "global" (site collection)
  Microsoft have made it easy for us to find to People and Groups from every sites administration section. This is a bit confusing since it's easy to belive that the groups are defined for each site, however when creating a group its always created in the site collection. A group name is therefore also global "Owner" is not a good name, it does not describe what that person ownes and where - "Global Finances Site Owner" would be a better name. If you are used to WSS 2.0 there were something called Site Groups which were groups on the site level - this feature is NOT availiable in WSS 3.0.
  
  
• Group membership do not change on site level
  If you are member of the Approvers group you are a member of the approvers group everywhere in the site collection. The actual site permissions may vary, but you are always member of the Approvers group. I think the above mentioned link adds to this confusion. I think that if you where member of the Approver group that you would have Approver rights in the whole portal; so even if groups are named "Global Finances Invoice Approver" and is used mainly on the Global Finances site it's still global.
  
  
• Groups are not the same as permissions
  When you are the member of a group, no permissions is actualy assigned by the group membership. Most standard groups have default permission set. Permissions are set at the securable object level. This is made worse I think by the default groups in sharepoint as Approver: this falsely gives you the impression that if you are a member of that group you will get a specific permission; I will admit that in standard configuration this is true but not practical. What is that person to Approve? Perhaps you would create a "Global Finances News Approver" group which would be assigned the Approve permission level on the Global Finances site - but not a right to globaly approve everything.
  
  
• Access list and inheritence
  By default access lists are inherited to subordinate securable objects (except when a web application policy overrides). Groups are global, so they are not "inherited". When breaking the inheritance a copy is created of the access list; this cannot be partly inherited - either broken inheritance or not! Permission levels are also inherited, and still inherited even if we break the access list inheritance. To break the permission level inheritance that also must be broken - almost never needed. You are always free to restore inheritance - when you do: ALL subordinate permissions and access lists are also reset to inherit!
  
  
• Some accounts are special
  There is some accounts who get access even though they are not in the access lists. This is true for the Primary and Secondary site collection administration accounts. This is setup elsewhere. Members of the built in Administrators group also have access for instance.

I hope this clears up some aspects of Sharepoint security administration.
More detailed information can be found at Office Online

Just finished a installation for a customer. After thinking a bit I decided that in addition to the out-of-the-box provided iFilters the following are quite usefull and should realy cover about 90% of files. Remember that all this indexing also adds to the load of the indexer... 

A great suprise in the Office 2007 pack is the support for zip-files - I have seen some realy expensive iFilters for that.. 
Office 2007  (.docx, .docm, .pptx, .pptm, .xlsx, .xlsm, .xlsb, .zip, .one, .vdx, .vsd, .vss, .vst, .vdx, .vsx, and .vtx): http://www.microsoft.com/downloads/details.aspx?FamilyId=60C92A37-719C-4077-B5C6-CAC34F4227CC&displaylang=en

XPS havent realy had its breaktrough yet, but the iFilter will be increasingly more sought after..
Microsoft XPS (.xps): http://www.microsoft.com/downloads/details.aspx?familyid=b8dcffdd-e3a5-44cc-8021-7649fd37ffee&displaylang=en&tm

Adobe have now released a x64 filter for PDF which finaly makes us be able to remove the FoxIT PDF iFilter if you use x64 which you should..
Adobe PDF x64 (.pdf): http://labs.adobe.com/wiki/index.php/PDF_iFilter_8_-_64-bit_Support

Today I found a good article about orphans, interaction between content db and config db etc. If you have no clue about orphans, why we should avoid them, how they occur and lots more please read it - it's good start: http://blogs.technet.com/corybu/archive/2007/05/31/sharepoint-orphans-explained.aspx

Got a mail this weekend from Russell Davies asking me where to download the actual file for ShareCheck, a program you can find described here. And the answer was simply: nowhere! I had forgotten to upload the file! Stupid misstake, anyway; the file can now be found here. Don't forget to run with -whatif switch when you are testing it out!

One of the most commonly asked for feature are wildcard searches. There is lots of solutions to provide this function in atleast as many different ways. One simple and easy method I have been trying a while in my lab is WildcardSearch from Corey Roth published at CodePlex. The solution work as a dropin replacement of the CoreResultsWebpart and is compatible with almost all aspects of normal search functions in Sharepoint (which most others are not!). The solution just came out in a version 2 which now support Search Scopes. You will find the download here: http://www.codeplex.com/WildcardSearch

There are a couple of cavets and sacrifices you should know about.. http://www.dotnetmafia.com/blogs/dotnettipoftheday/archive/2008/09/18/what-you-give-up-with-full-text-sql-queries-using-wildcard-search.aspx

Once again today I stumbled on a website built on MOSS where the designer of the site haven't thought of Name ActiveX Control. The control loads on the visitors computer to access information from the installed IM about current online status. In Internet Explorer the site must be on the trusted sites list, otherwise the famous golden bar appear. For most public sites this IM status information isn't needed anyways. And I cannot seem to get over the fact that so many ignores this.

So this is my "save-the-world-from-name-activex" blog post =)

The reason that so many sites forgetts to remove this is that the author proably doesn't know it loads. This component loads silently when your on the intranet, because the Internet Explorer looks at the url and and determines that it's a trusted site, ie executing the activex without further questions. However when accessing the site via internet, and the site is not a trusted site..

Well the solution is known and have been around as long as IE almost. The solution is documented here, http://support.microsoft.com/default.aspx?scid=kb;en-us;931509. The recomended solution is number 3. If you don't like flying around to all IE owners in the world =). What this solution do is essentaly commenting out ProcessImn() and the actual call to the dll never occurs and.. no golden bar!

If you are used to MOSS it will feel like beeing run over by a truck to configure a WSS search. The WSS is very limited in the searching department, by obvoius reasons, and there isn't realy that many options. Today I got a bit of time over to setup a Search Server Express next to my development WSS-server, and I spent the day by tweaking away to prepare a seminar the comming thursday.

The Search Server Express adds to WSS by adding a Shared Services Provider (a limited one) with just ability to configure search. You are able to setup Content Sources, Crawl Rules, File Types, Metadata and Federated locations (which isn't availiable in MOSS without the infrastructure update). You will also find options on the site collection level.

So if you want to get good search right out-of-the-box without spending the money for MOSS this is the way to go. As usual there is already detailed information on technet about this. Follow this link: http://technet.microsoft.com/en-us/library/cc297193.aspx

I have been selected as a MCT-Ambassador at TechEd 2008 EMEA IT Professionals in Barcelona 3-7:th of November. Looking forward to seeing you there at the MS Learning booth!

http://www.microsoft.com/emea/teched2008/itpro/

For the sysadmins, and site owners, out there who has not yet seen the Sharepoint Training Kit this is a absolute must have to educate the hords (your users). Unfortunaly the materials are only available in English, but if your userbase understands english it's perfect. Best of all? Its based in Sharepoint. As the title says this is old news, but I think its underestimated and not deployed enough, and I haven't written about it yet.. =)

SharePoint End User Training http://www.microsoft.com/downloads/details.aspx?FamilyID=673dc932-626a-4e59-9dca-16d685600a51&displaylang=en

Found a intressting article today about the infrastructure updates and that they break picture libraries to some extent. Microsoft have acknowleged the bug and they are working on a resolution according to the author of the article. I have also tested this in my own testing enviroment and can confirm this to be true.

Read more on http://pointstoshare.spaces.live.com/Blog/cns%21AEC42F315B4528B0%212974.entry

I use Powershell to automate Sharepoint tasks quite offen. There are however some caveats about this, mainly that you have to be on the same machine as the machine you want to use as a target for the script. To solve this you can use the webservices available in Sharepoint, and I have been using this for quite some time. The only problem is that the most common method "out there" requires wdsl.exe which is a part of the .net sdk.

Today I stumbled upon a article by Lee Holmes who have constructed a method for generating the wdsl without wdsl.exe in pure powershell. This have been published for a while but usefull anyways =) I've also included it my spps-toolkit.ps1. Here's the link: http://www.leeholmes.com/blog/CallingAWebserviceFromPowerShell.aspx

Sharepoint must be one of the most complex applications to setup since it touches everything from AD-DS to Exchange and lots more. Quick tips, and best practices from Microsofts consulting team, can be found here: http://technet.microsoft.com/en-us/office/sharepointserver/bb736746.aspx

One question I offen get when delivering training for Sharepoint is about how the Sharepoint system treats our nordic charachters, such as ÅÄÖ. This is breif explanation about the problem and solution.

Problem
There is none of the setups, discs or whatever (even the nordic ones) where diacritics senitivity is turned on by default. This means that the search engine in Sharepoint treats our extra characters as accents instead of real chachters. As a Example Å is treated as accented A and Ä is also treated as a accented A. Which means that sortorders etc is not working correctly, and that search results will not match as expected.

Solution
We must tell the system that we wish to be siacritics sensitive. This is not done by GUI (CentralAdmin) but rather out trusted little helper STSADM.

The following command will deliver just that functionality:
Stsadm -o osearchdiacriticsensitive -setstatus TRUE

Also, you must rebuild the index for this to work. Se more information about the command at technet.

The problems of Sharepoint not accepting all chars in filenames (&{} etc..) sometimes brings problems when you need to migrate a large number of files from filesystem. I have not yet found any program which can be batched to make this work easy. I have found SharePrep (http://www.purgeie.com/shareprep/) but I see two problems with this software: 1) it's not freeware, 2) its not batchable (command-line). This is why I started to make ShareCheck.

The ShareCheck will traverse a directory structure and rename files which have chars not allowed by sharepoint. The program have a built-in conversion table, but you are also able to specify a external XML-file for denfinition of the conversion rules, which in turn mean that this app can be for other purposes as well. When executed the program will output a XML output which could be piped or redirected to se the results (human readable output is also availiable).

Usage of ShareCheck.exe, commandline arguments:
-path="g:\pathtomigrate": Specifies the path to files to process, if ommited current directory will be used.
-config="c:\config.xml": Specified the alternative config (se example-config.xml for defaults used when nothing specified)
-norecurse: Do not recurse subdirectories, only process the starting directory
-legacyoutput: Do not output XML, but rather a HR-text (Human Readable Text)
-whatif: Do not actualy rename the files, but just simulate what would be done

Default configuration XML (built-in and used if none is specified):
<sharecheck> (root element)
  <filechecks> (all file checks collected here)
    <startwith match="." replace="" /> (startwith is to check if a specific file starts with something and replace it)
    <startwith match=" " replace="" />
    <filename match="#" replace="_" /> (filename checks the filename for the occurance anywhere and replaces)
    <filename match="&amp;" replace="_" />
    <filename match="&quot;" replace="_" />
    <filename match="%" replace="_" />
    <filename match=":" replace="_" />
    <filename match="*" replace="_" />
    <filename match="&lt;" replace="_" />
    <filename match="&gt;" replace="_" />
    <filename match="?" replace="_" />
    <filename match="\" replace="_" />
    <filename match="{" replace="_" />
    <filename match="}" replace="_" />
    <filename match="~" replace="_" />
    <filename match="|" replace="_" />
    <filename match="/" replace="_" />
  </filechecks>
</sharecheck>

Still to-do:
* Check for long directory names as well
* Actualy implement -norecursion (it's currently broken)

Thinking of...
* Replace -whatif with -commit to always run in testmode unless specified??
* Other suggestions??

The executable are compilled for x32 and x64, its built in C# and uses .NET 3.5. The software is somewhat beta which means that you should test it before you use it in a real enviroment. No warranties, expressed or otherwise, at all - use on your own risk! The software is free, you may distribute it as you wish but please keep my info in it. Download it here.