A tale of three road tolls: part 1 (the Dart Charge)

London’s orbital motorway, the M25, is not a circle (as many people suggest) but has a short section of trunk road joining the ends and crossing the River Thames east of London. That road, the A282 Dartford Crossing, has an associated charge which, until recently, was collected at toll booths.

Originally the tolls were to be removed on 1 April 2003 under the original Private Finance initiative (PFI) scheme contract that was used to finance the Queen Elizabeth II bridge but instead, under the 2000 Transport Act, the A282 Trunk Road (Dartford-Thurrock Crossing charging scheme) Order 2002 allowed the continuation of the crossing fee, which officially became a charge and not a toll.

Since 30 November 2014 the toll booths have been removed and replaced by an electronic charge [update: there are some overnight journeys that are not charged], but that’s not without its issues, as I found when I travelled to Dartford and back a few weeks ago.

Dart charge warning letter and PCNI hadn’t used the route for years, but had heard about the changes (I even contacted the operator to see if my new tag for the French motorways, also operated by SANEF, would work – it won’t!). I also saw the signs advising me to pay by midnight the next day (confusingly using the same symbol as the London Congestion Charge, which is unrelated). Unfortunately, faced with congestion, delays, a stressful day with a difficult customer and an equally stressful journey home (total driving time for the day was 6 hours for around 180 miles – a pathetic average speed considering it was mostly on motorways!) – and I forgot.

It was an honest mistake and, when I realised a few days later, I called the Dart Charge contact centre. Aided by some extremely patient and helpful people, I was told not to worry, to wait for the penalty charge notice and that I would be given a chance to pay (without penalty) on my first infringement. But I’d travelled both ways! In turns out that’s OK too – just pay all outstanding charges on receipt of the first notice.

I was also told how I could sign up for automatic payment in future (a facility I tested on a journey to France a few weeks later) – if only the official government website for the Dart Charge made that clear but it’s one of those sites that’s been so over-“simplified” that it’s no longer clear.  The warning letter is equally confusing: because my PCNs arrived on different days (and I needed to pay before leaving the country on Easter holidays!), I couldn’t see how to pay all outstanding charges in one hit online. Luckily the contact centre for the Dart Charge came to my rescue again!

Gov.UK suggests setting up an account but doesn’t mention the advantage of doing so is to provide a pay-as-you go facility. Indeed the only reference to payment in advance is by post! There’s actually better advice in the Daily Telegraph article about the changes!

So, if you are planning to use the Dartford Crossing (by bridge or tunnel), I recommend signing up for an account and paying as you go by credit or debit card to avoid a lot of stress (and potentially hefty fines). Definitely worth it!

Speaking at Milton Keynes Geek Night (#MKGN)

For the last few years, I’ve been heading into Milton Keynes once a quarter (and on a couple of other occasions too) to attend the Milton Keynes Geek Night, organised by Richard Wiggins (@richardwiggins) and David Hughes (@davidhughes). Last time I had the crazy idea that I might speak at a future event. Furthermore, Richard took me up on the offer. Gulp.

So, unaccustomed as I am to public speaking, I’ll be doing a little 5 minute talk on 9 June 2016 to represent some of the geeks of Milton Keynes who are neither designers nor developers. I haven’t written the presentation yet, but the synopsis is below:

Would you move all of your IT services to the cloud? Many organisations are moving all, or part of, their IT infrastructure and applications to the cloud. In this talk, I’ll share some of my experiences from helping to first migrate and then transform, enterprise IT services, using a mixture of infrastructure-, platform- and software-as-a-service technologies.

Tickets for MK Geek Night 17 have sold out but you can get on the waiting list (and talks are recorded and posted on Soundcloud). Please be nice to me.

Retired: Mark’s Office 365 Resource Centre

18 months ago, I created “Mark’s Office 365 Resource Centre” using the public site from my Office 365 subscription. Over the last few months it’s fallen by the wayside as my focus has recently moved towards Azure (and Office 365 public websites are a deprecated feature) so I decided to move it here.  This content is no longer maintained, but may still contain some useful links.

New functionality

See also Office 365 Updates on the Office Blogs.

Planning and Deployment resources

Technical resources

Training and certification


To license Office 365, costs are provided on the Microsoft Online Services Customer Portal. These are ordered and paid for directly by customers (although trial tenants may be created by partners though the
FastTrack portal). Customers with Enterprise Agreements have additional options including not just the Office 365 plans but ‘add-on’ and ‘bridge’ licenses for on-premises Office and CAL Suites.

Information for partners

Tips, tricks and more from my blog

There are a few posts missing from this list, because I consider them to be out-of-date (although they are still available):

Useful to know

(Including tips and tricks from elsewhere on the web):

Bits and bytes (downloads)

Ad blocker detection

Ad blocking has become increasingly common on the Internet. We all hate those sites that place obtrusive ads in the middle of content (Forbes, ZDNet, I’m looking at you!) but for many sites it’s fairly passive content – simple images, banners, etc. placed above, below or to the side of the main content. We might not particularly like it – the ads are not always intelligent (how many times have you bought something and then seen ads for the site where you already made a purchase based on the cookies on your computer?!) – but nothing in life is truly free and the websites that offer advice, etc. that help fix our problems are often at least part-funded by ads.

My blog currently has over 2000 posts written over a 12 year period. Some are good, some are bad. Some are rants, some are really useful with lots of positive comments saying words to the effect of “thanks for sharing this”. A few years ago, I used to make about £50 a month from Google ads. With hosting charges of around £100 a year, plus domain name registrations of about £25 a year, that gave me some profit to go towards IT equipment and let me write more blog posts. I even set up a company for my writing and consulting. Then along came Google’s Panda algorithm change which de-emphasised blogs in search results. Almost overnight, I saw 90% drop in revenue.

My company ceased trading a while ago – and my day job now means that I can’t continue it for contractual reasons – but, to be honest it had long since become more effort than it was worth.

I now make about £60 a year from ads and maybe a few more pounds from referrals. The UK Government takes 42% of this in tax. I write less content than I used to (I’m a busy guy but I’m also less motivated to do so). My website hosting costs far outweigh the revenue of the site but the ads help a little. This blog is nothing more than a labour of love.

On the last site redesign, I moved my ads to the bottom of the page. I also added a notice asking people not to block the ads. Now I’ve upped the ante a little by using Pat O’Brien‘s Ad Blocking Advisor WordPress plugin to display a notice when the site detects ad blocking. I’m not ad-blocker-blocking because you can still read the content, but I do ask people with ad blocking software to reconsider:

“It looks like you use ad blocking software in your browser. I devote a lot of time to this website and the advertising doesn’t even cover my hosting charges but it helps a little. Please support this website by adding it to the whitelist in your ad blocker. Thank you!”

Ironically, I had to install an ad blocker to test the website functionality!

Professionalism at last: Chartered IT Professional (CITP) status

Mark Wilson, BSc (Hons) MBCS CITP. It’s got a nice ring to it. Except that I almost never use letters after my name (in fact, one of my customers complemented me a few days ago for not doing so – although I did point out to him that my email signature is auto-generated in software and so I don’t have the option!).

Regardless of the above, today, I received official notification that I’m now a Chartered Information Technology Professional (CITP). This accreditation is awarded by the British Computer Society (BCS), who describe it as:

“Aligned with The Skills Framework for the Information Age (SFIA), the UK Government backed competency framework, CITP is the benchmark of IT excellence.”

It’s been a bit of a journey to achieve professional status, so I thought I’d write a quick blog post about the process, just in case that’s helpful/useful to others.

The application process

My journey started around a year ago, whilst I was still working at Fujitsu, where all Distinguished Engineers had our BCS membership fees paid and were encouraged to apply for Chartered status. Unfortunately I had resigned by the time the invoice arrived and Fujitsu reneged on the promise to pay my CITP application fee, but I decided to make the payment myself and continue with the process.

As part of my application (including a copy of my CV and an experience statement), I had to demonstrate that I had been working for at least 3 of the last 5 years at SFIA level 5 (or above!). I also provided details of supporters who had known me and my work over that period.  I was reasonably confident that I work at that level – Fujitsu regraded many of their technical staff using SFIA shortly before I left and I was judged to be at level 5 (although there was some disagreement about whether I was a domain architect or a solution architect – I’ll save that for another blog post!)

Breadth of knowledge test

The next stage is the Breadth of Knowledge (BoK) test. The BCS describe this as:

“This stage involves a formal testing of core knowledge across the breadth of IT. The test comprises multiple choice questions which cover a broad range of sectors and topics.”

I had six months to complete this stage of the process. which is an exam undertaken at a Pearson Vue test centre. I can’t say much about the exam (it’s subject to a confidentiality agreement) except that if you truly are working at level 5 (i.e. reasonably senior roles) you probably have a broad enough experience of IT to be able to answer (or at least guess) most of the multiple-choice questions. There’s also some mock questions on the BCS website that give you a flavour of things – as well as a published syllabus and an extensive reading list, which I’m afraid I ignored…

The hardest part of the exam is that, in addition to an overall pass mark of 50 out of 75 questions, it’s necessary to score at least 8 out of 15 in each of the 5 sections.  In mock tests I was a bit close to the 8 and I couldn’t work out why. In the final exam I did OK in all areas.

Skills assessment interview

With the exam out of the way, the next stage is the skills assessment – a formal interview involving a 10-minute presentation and subsequent questioning. Again, the BCS offer guidance – and it’s worth reading it closely – the presentation shouldn’t be a rehash of your CV, or repeat other information in the application – but should:

“Deliver a clear and concise presentation of professional work for which you were personally responsible and which demonstrates your competence. Your presentation should be based on an area(s) from the SFIA skills within your chosen specialism.”

I had six months to prepare for, book, and carry out the skills assessment, which is conducted remotely using Citrix GotoMeeting. When I finally booked my appointment, I was pleased to find that there were weekend slots available. Unfortunately GotoMeeting wasn’t behaving for me when it came to starting the interview, but I did join early, the assessors were patient, and a reboot plus an analogue telephone line let me work around the issues…

The hardest thing for me in preparing for my interview was identifying which specialism most closely aligned to my work (I do find SFIA rather arcane in that regard) and that comes through in my presentation, embedded below (although the slides have limited value without the supporting script, I’m afraid).

I was also concerned that the assessors may not feel I was working at level 5 (even though Fujitsu had previously graded me at that level, that might not match the BCS view). Thankfully my answers to questions must have been sufficient because, about 10 days later I was contacted to say I had been successful, although formal notification would be slightly delayed.


Overall, it’s been a long, challenging process – one with time limits and a need to fit around my work (along with technical exams, blogging, and family life!). It’s also debatable whether the application fee and increased membership fees (albeit tax-deductible) will really make a difference in my career. I’m told that some Government departments reward CITP status with additional pay; sadly the private sector doesn’t seem to hold CITP in quite the same regard.

For me, I felt that some of my friends are chartered in their fields – be they surveyors or accountants – and I wanted to be able to similarly demonstrate professionalism in my field. I’d also like to hope that some of my customers will recognise that having a Chartered IT Professional work with them on their IT strategy and on transformation projects demonstrates the level of experience that they expect.

Right, one more time. The last time I’ll do this for a while, I suspect…

Mark Wilson, BSc (Hons) MBCS CITP

Chartered IT Professional

iOS activation requires a SIM (after upgrade)

Unless you’ve been hiding under a rock for the last couple of days, you probably noticed that Apple had a big event yesterday, and that they also released iOS 9.3.

My son, being the 11 year-old geek that he is, updated the old iPhone 4S that the boys use as a dumb iPod Touch (i.e. not as a phone) so, surprise, surprise, the update was quickly followed by a call of “Daaaaad!” (from his younger brother).

After an update, iOS goes through a welcome sequence. Unfortunately though, that sequence includes activating the device – and if it’s an iPhone it expects to see a SIM.

There appears to be no way around this; however I happened to have some spare giffgaff SIMs around (even better they were the “3-in-1” type that fit standard SIM slots, micro SIMs and nano SIMs). It didn’t matter which network (the device was unlocked anyway) or whether the SIM was active – just the presence of the SIM was enough to get past the activation stage and start using the device again.

Checking for a Windows 10 Mobile update on Windows Phone 8.1

I have a Nokia Lumia 830 for work, running Windows 8.1 Update 2 (with the Lumia Denim updates). That’s fine but, working for the UK’s number one Microsoft partner (as I do!), I want to be running Windows 10 Mobile.  I haven’t been messing around with developer builds but now Microsoft has started the rollout, I’m hoping to upgrade soon.

Unfortunately, there’s nothing appearing for me when I check for system updates:

Charlie Maitland (@CplCarrot) responded and tipped me off about the Upgrade Advisor Windows Phone app though. That gives me more information – it seems that I need to wait for my mobile operator to approve the update (so I hope Nothing Nowhere EE get a move on…).

[Update 5 May 2016: for further reading, see Brian Burgess’ post on upgrading Windows Phone 8.1 to Windows 10 Mobile]

Extending Azure network security with a Barracuda NextGeneration F-Series firewall

I’ve been working on a project to move a customer’s IT infrastructure and application services to the cloud – in this case Microsoft Azure and Office 365.

Azure allows the creation of sophisticated virtual networks with multiple virtual networks, subnets, load balancers, network security groups (NSGs), VPN connections over the public Internet or using a dedicated MPLS link. It also operates with high levels of security (more details in the Microsoft Trust Center).

My customer is a public sector organization and had some specific security requirements that needed a greater level of monitoring of traffic between subnets than we could provide with Network Security Groups alone – essentially the ability to perform logging and to provide application-level awareness. The customer’s security team were keen that it should be possible to identify malicious activity and we confirmed that NSGs have minimal monitoring without any deep packet inspection.

So, in this case, we needed to turn to a network virtual appliance (NVA) solution. The Azure Marketplace has a variety of NVAs, including products from major player like Checkpoint, Cisco, Fortinet, F5 networks, Sophos, etc. The one we selected though (partly from technical requirements, and partly based on advice from Microsoft) was the Barracuda NextGeneration F-Series firewall.

I’m no network architect, but from my position in the world of Microsoft technology, just needing a network solution that could provide the flexibility, reliability and security that my customer needed, the Barracuda solution looks pretty outstanding. We’ve got an advanced firewall with Intrusion Detection System, VPN concentrator and proxy server – all in a single appliance running in Azure under a bring your own licence arrangement.

There’s a great video from Microsoft Channel 9 and Barracuda, talking about the NextGeneration F-Series firewalls, including some of the capabilities available if we put another device on-premises for VPN failback, etc. Well worth a look if you’re considering implementing an IaaS (or indeed PaaS) solution on Azure.

A few tips for easier expense claims with Concur

Since our company switched Expenses systems from Xero to Concur a few months ago, I’ve been having a monthly rant about the amount of time it takes to submit an expense claim (typically 3-4 hours a month).

Finance teams may be more efficient but what about the rest of us?

There are a few tips though that can help with the form-filling. And I am trying to spread the load by doing things as I go…

  1. First up, use the ExpenseIt app. This goes further than the normal Concur apps by performing some analysis on a picture of a receipt and pre-populating some of the metadata for the claim.  It’s not perfect, but after photographing a pile of receipts I can make some edits in the app whilst travelling/watching TV/in a couple of minutes whilst waiting for a conference call to start and then bulk upload.
  2. Once the expenses are in exported to Concur, I bulk edit as much as I can. Fields like project code, business purpose and customer name can be edited for several receipts at once.
  3. Receipts that arrive electronically (e.g. PDFs of parking receipts, train bookings, etc.) can be emailed to receipts@concur.com – and as long as they come from your registered email address they will be available automatically for attaching to a claim.
  4. Mileage claims for journeys can be bulk-entered from the quick expenses form.
  5. If at this point there are any receipts that have warnings, there’s no getting away from the need to individually edit them and add things like the type of meal.

It’s still far from streamlined… but a few tips like this save me a lot of time. Sadly the ExpenseIt app is not available for Windows Phone…

Short takes: ADFS certificate expiry; Azure Authenticator setup on Windows Phone; checking if a MSOL tenant name exists

Some more snippets of randomness pulled together to make a blog post…

ADFS certificate expiry

One of my colleagues spotted this in a customer’s Office 365 tenant recently:

Office 365 - Renew your certificates

Thankfully, it wasn’t one we were managing… but I did feel the need to flag it to the incumbent service provider. If this happens to you, my colleague Gavin Morrison (@GavinMorrison) flagged a potentially useful blog post from Jack Stromberg about renewing ADFS Certificates.

Azure Authenticator Setup on Windows Phone

Whilst setting up additional authentication for Office 365 (in effect, Azure AD MFA) I found that I couldn’t add an account until the Windows Phone Azure Authentication app had enabled push notifications. Despite repeatedly enabling it in Settings, completing setup of the account needed a phone reboot, at which point it was ready for me to scan a QR code and continue.  Even then the option to allow notifications doesn’t seem to stick!

Checking if a Microsoft Online Services tenant name exists

My colleague Gareth Larter found a neat trick this week for checking if a Microsoft Online Services (MSOL) tenant exists (e.g. for Office 365).

Gareth’s advice is to browse to https://login.windows.net/tenantname.onmicrosoft.com/FederationMetadata/2007-06/FederationMetadata.xml and, if you get an error, it should show “No service namespace named ‘tenantname.onmicrosoft.com’ was found in the data store” at the bottom right meaning that the tenant name is available:

On the other hand, if you get a bunch of XML data returned, then that tenant already exists.