2008 - Page 5 of 35 - markwilson.it

Defining custom presence states for Office Communicator

Posted on Friday 14 November 2008Monday 25 February 2013 By Mark Wilson

This content is 17 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Custom presence states in Office Communicator Last night, Garry Martin pinged me on Office Communicator and was very excited about something… as it happened, that something turned out to be the new features in Office Communications Server 2007 R2. He was also keen to show of the new custom presence tags he’d created and even I (the great instant messaging cynic) have to admit that they are pretty cool (I may find IM a distraction but presence awareness is a valuable tool).

Why bother? Well, if you have to ask that question then this mod is probably not for you but I do find that there are different levels of busy in life and sometimes the default states are just not enough.

I decided to implement this on my PC too and it’s quite simple. First up you need an XML file:

Coffee Anyone?

Yes, I really am busy…

Customer Presentation

In my case, this is called presence.xml and I’ve saved it in my Documents folder.

Then you need a registry key to access it:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Communicator] @="" "CustomStateURL"="file:///C:/Users/username/Documents/presence.xml"

Restart Office Communicator and the new states are there for selection.

I can’t claim any credit for this – the original details came to me from Tom Laciano (aka LCS Kid)’s blog post on OC Custom Presence States and Brett Johnson’s post which highlights the availability of an HTML application to do the hard work for you, via Garry. Tom’s blog post also mentions a couple of limitations in that you can’t have yellow (away) custom presence (why not?!) and that you have to sign in with one of the default states before selecting a custom one.

At the moment I just have the three custom states that are in the example XML above but, after the day I’ve just had, I feel like adding another one – “Trying to process my Inbox to zero”…

TechEd EMEA 2008: a round up of some of the Windows Server content

Posted on Friday 14 November 2008Friday 14 November 2008 By Mark Wilson

Imagine the situation (purely hypothetical of course) – you work for a large company where the overseas travel approval process requires signoff at such a senior level that, even with a really good business case for conference attendance, it’s just too difficult to get approval…

Well, I didn’t make it to TechEd EMEA IT Pro this year (or any year recently – although that’s normally down to family commitments and this year the conference was a week earlier) – and that’s why there has been precious little TechEd content on this blog. I did spend a good chunk of this week catching up on my RSS subscriptions though and I came across some write-ups on some of the sessions that would have been of interest to me – sadly there are many more that I have missed.

For highlights from the keynote, see Geert Baeke’s review and also Sander Berkouwer’s recap of day 1.
Geert has also blogged in detail on branch office infrastructure and Clustered Shared Volumes as they relate to Windows Server 2008 R2. He also has a Windows Server 2008 R2 overview (I wrote one a couple of weeks ago and there is a beta version of Microsoft’s own reviewer’s guide too).
Aaron Parker covered the work anywhere infrastructure (and I was briefed on remote desktop services too).

Maybe I’ll make it to TechEd EMEA in Berlin next year but, in the meantime, videos from TechEd EMEA and the other TechEd events help around the world may be found at TechEd Online.

Installing Windows from a USB drive

Posted on Thursday 13 November 2008Monday 20 July 2009 By Mark Wilson

Last week I downloaded the milestone 3 build of Windows 7 and installed it in a virtual machine. Then I heard how Windows 7 has been tuned (compared with Vista) to run on lower-specification hardware so I decided to install it on my aging Compaq D510SFF, which is not going to give me blinding performance (particularly for graphics) but does at least have a 2.4GHz Pentium 4 CPU, 2GB of RAM and a 320GB hard disk so it shouldn’t be too bad either.

I downloaded the 32-bit version (previously I’d used 64-bit), burned a DVD, popped it in the drive and booted:

Problem #1 – this PC has a CD-R drive and I have a DVD ISO.

The only DVD drives I had available were in my server (which I don’t want to take down right now) and in my work laptop (a slimline drive – with a strange connector on the back) so I went shopping for hardware:

Problem #2 – my local branch of Maplin had sold out of DVD drives and PC World didn’t have any brown box ones (just the overpriced ones in a pretty box).
(Problem #2a – markwilson.it has been spending too much on hardware recently and the bank balance is not looking too good. Spending money on components for an aging PC does not make too much sense.)

Back to the drawing board. I could PXE boot to a Windows Deployment Services server but I didn’t really want to go to the effort of setting all that up so, after checking I hadn’t missed anything obvious with my trusted colleagues Dave and Garry, I turned my attentions to USB booting the PC.

Problem #3 – the largest USB drive I have is 1GB – and a DVD .ISO is much bigger than that.

I decided to see if I could use a USB hard disk and it turns out I can – this is how it works. The advice is based on Vista but it works for later releases of Windows too:

Make some space on a hard disk for a new partition. I shrank the existing volume in Disk Management to give me 32MB of free space but I could have just wiped the drive too.
Dive into the command line and fire up diskpart.exe, issuing the following commands:
- list disk (to see the available disks and see which one I had just created 32MB of free space on)
- select disk number
- clean (skip this if you do not want to wipe the disk clean – i.e. if you want to keep data on other partitions)
- create partition primary
- select partition number
- active
- format fs=fat32 (I later read that NTFS would work too but FAT32 worked for me on a relatively small partition like this)
- assign
- exit
Copy the contents of the Windows installation DVD to the new partition with xcopy dvddrive:\*.* /s /e /f harddrive:\
According to the blog post from Kurt Shintaku that I used for reference, that should be enough but that doesn’t actually create a boot sector. Dave Glover’s post on the subject alerted me to the presence of the bootsect.exe utility from the \boot folder on the installation DVD and bootsect /nt60 harddrive: successfully updated the bootcode on my USB hard drive.
Boot the PC from USB and install Windows.

And so does Windows 7 run well on that old PC? I wish I could tell you but, unlike everyone who got their copy from PDC, those of us signed up via Microsoft Connect are under NDA… grrr. What I can say is that, if you’re not bothered about high-end graphics, then even Vista will run on a PC like this… and based on what’s already been said by Microsoft I wouldn’t expect 7 to be any worse and it may even be slightly better.

Identity and security developments at Microsoft

Posted on Thursday 13 November 2008 By Mark Wilson

In amongst all the exciting new product announcements for new Windows releases and cloud computing platforms it’s all too easy to miss out on some of the core infrastructure enhancements that Microsoft is making. Last week I got the chance to catch up with Joel Sider from Microsoft’s Identity and Security group – a new organisation at Microsoft formed to address the issues of identity and security (which are really two sides of the same coin) and which, until recently have been treated as individual point solutions.

Joel explained to me that, with a single business group and a single engineering group, Microsoft is able to focus on the complete product stack, from System Center and Identity Lifecycle Manager (ILM – formerly MIIS), through Forefront security to the Windows platform, including Active Directory, Rights Management Services (RMS) and Network Access Protection (NAP).

Two of the products under the umbrella of the identity and security group have been in the news recently:

A release candidate of Identity Lifecycle Manager “2” is available now. Due for final release in the first half of 2009, ILM “2” provides self-service for employees, enhanced administration and automation for IT professionals, and extensibility for developers. In developing this product, Microsoft’s focus was in allowing IT departments to set policies for access, empowering end users and knowledge workers to perform actions and tasks (e.g. reset passwords, manage group membership, etc.). Until the release of this product, such actions would have required the use of third party products (e.g. Quest Active Roles Server and unlike MIIS, which was powerful but had a limited user interface, the focus with ILM is on providing an intuitive management interface and self service capabilities whilst still allowing extensibility (e.g. for audit and compliance purposes). ILM uses a concept of sets to group objects (e.g. “All people”) and then a workflow (authentication, authorisation, or action) may be applied to complete a number of steps (e.g. in a password reset scenario to answer a number of security questions; or approving membership of a group and sending out a notification in a group membership scenario).
Intelligent Application Gateway (IAG) service pack 2 is also due for release shortly. Originally available only in hardware appliance form, the former Whale Communications product can now be run as a Hyper-V virtual machine to reduce costs and increase flexibility in the infrastructure. In addition, IAG supports access from non-Microsoft browsers (e.g. Firefox) and platforms (i.e. users running Linux and Mac OS X) and has additional optimisers for recently released applications. (For those who are unaware of IAG’s capabilities, it provides granular access to specific applications via an SSL VPN with support for almost any application but optimisations for those which it has an awareness of – that’s the “intelligent” part of IAG).

Other significant developments taking place within the identity and security group include: the Windows Azure .NET Identity Framework (codenamed Geneva) which provides a Microsoft.NET identity access control service; Windows Cardspace; and the Forefront integrated security product (codenamed Stirling) which will combine the various disparate Forefront components.

From my perspective, I’m really encouraged to see Microsoft working to provide a more focused approach. As I’ve written before, many of Microsoft’s identity and security products are the result of acquisitions and, whilst it’s important not to lose the features and functionality that made these products successful in the first place, they also need to be tightly integrated to avoid the inevitable confusion caused by feature overlap and conflicting goals. It seems to me that Microsoft is working towards providing a sensible and logical identity and security portfolio for customers and partners.

Why using an iPhone with multiple mail accounts is not as simple as it should be

Posted on Wednesday 12 November 2008Friday 14 November 2008 By Mark Wilson

Whilst balancing childcare duties with work commitments last week, I was working some pretty irregular hours but wanted to keep tabs on my e-mail – so I connected my iPhone to the Exchange Server at work.

Nothing unremarkable there – iPhone v2.0 software includes Microsoft ActiveSync support and it worked – as it should. Unfortunately it still leaves a lot to be desired – not on the Exchange Server side but with Apple’s mail client implementation. For a company which is so focused on user experience, they don’t appear to have thought too much about this one…

You see, I have two mail accounts – one for home/small business (using Google Apps Email) – and one for work (using Microsoft Exchange Server 2007). The iPhone lets me configure multiple accounts and both work well – especially Exchange Server which has excellent push e-mail support (I often hear a message arrive on the phone before I see the notification on my Windows PC), remote wipe (according the the iPhone and iPod Touch Enterprise Deployment guide – I’ve not tested wiping my device from Exchange just yet but I can see the option there!) and more.

Mobile device view in Exchange Server 2007 web access - showing an iPhone

My problem is that, even though the mail client supports multiple accounts, switching from one Inbox to the other involves navigating five screens (out of one Inbox and up to the account level, then back to the Accounts screen, into another account, and finally into the other Inbox).

That’s not all – Apple seem to think that the reason for having multiple accounts is to bring all of my e-mail into one place – but surely if that’s what I wanted I would forward one mailbox to the other and access a single Inbox? Instead, I deliberately keep my work and private life separate (albeit on one device). The iPhone updates the new message indicator on the home screen to include the sum of all accounts (fair enough) but it only seems to allow me to set one signature for all accounts – and I want to use different contact details (e-mail address, phone number, job titles, etc.) for different accounts.

You see that’s the trouble with Apple products: they look great; they’re really simple to use (mostly) but sometimes you can oversimplify things and impact on flexibility.

Building a branch office in a box?

Posted on Wednesday 12 November 2008Wednesday 12 November 2008 By Mark Wilson

For many organisations, branch offices are critical to business and often, rather than being a remote backwater, they represent the point of delivery for business. Meanwhile, organisations want to spend less on IT – and, as IT hardware and software prices fall, providing local resources improves performance for end-users. That sounds great until considering that local IT provision escalates support and administration costs so it makes more financial sense to deliver centralised services (which have a consequential effect on performance and availability). These conflicting business drivers create a real problem for organisations with a large number of branch offices.

For the last few weeks, I’ve been looking at a branch office consolidation exercise at a global organisation who seem to be suffering from server proliferation. One of the potential solutions for consolidation is using Windows Server 2008 and Hyper-V to provide a virtualised infrastructure – a “branch office in a box”, as Gartner described it in a research note from a few years ago [Gartner RAS Core Research Note G00131307, Joe Skorupa, 14 December 2005]. Windows Server 2008 licensing arrangements for virtualisation allow a server to run up to 4 virtualised operating system environments (with enterprise edition) or a single virtual and a single physical instance (with standard edition). It’s also possible to separate domain-level administration (local domain controllers, etc.) from local applications and infrastructure services (file, print, etc.) but such a solution doesn’t completely resolve the issue of maintaining a branch infrastructure.

Any consolidation at the branch level is a good thing but there’s still the issue of wide area network connectivity which means that, for each branch office, not only are there one or more Windows servers (with a number of virtualised workloads) to consider but also potentially some WAN optimisation hardware (e.g. a Cisco WAAS or a Riverbed Steelhead product).

Whilst I was researching the feasibility of such as solution, I came across a couple of alternative products from Cisco and Citrix which include Microsoft’s technology – and this post attempts to provide a high level overview of each of them (bear in mind I’m a Windows guy and I’m coming at this from the Windows perspective rather than from a deep networking point of view).

Cisco and Microsoft Windows Server on WAAS

When I found the Windows Server on WAAS website I thought this sounded like the answer to my problem – Windows Server running on a WAN optimisation appliance – the best of both worlds from two of the industry’s largest names, who may compete in some areas but still have an alliance partnership. In a video produced as part of the joint Cisco and Microsoft announcement of the Windows on WAAS solution, Cisco’s Vice President Marketing for Enterprise Solutions, Paul McNab, claims that this solution allows key Windows services to be placed locally at a reduced cost whilst providing increased flexibility for IT service provision; whilst Microsoft’s Bill Hilf, General Manager for Windows Server marketing and platform strategy, outlines how the branch office market is growing as workforces become more distributed and that the Windows on WAAS solution combines Windows Server IT services with Cisco WAAS’ WAN optimisation, reducing costs relating to infrastructure management and power usage whilst improving the user experience as services are brought closer to the user.

It all sounds good – so how does this solution work?

Windows on WAAS is an appliance-based solution which uses virtualisation technologies for Cisco WAAS and Microsoft Windows Server 2008 to run on a shared platform, combined with the advantages of rapid device provisioning. Whilst virtualisation in the datacentre has allowed consolidation, at the branch level the benefit is potentially the ability to reconfigure hardware without a refresh or even a visit from a technician.
Windows Server 2008 is used in server core installation mode to provide a reduced Windows Server footprint, with increased security and fewer patches to apply, whilst taking advantage of other Windows Server 2008 enhancements, such as improved SMB performance, a new TCP/IP stack, and read-only domain controllers for increased directory security at the branch.
On the WAAS side, Cisco cite improved application performance for TCP-based applications – typically 3-10 times better (and sometimes considerably more) as well as WAN bandwidth usage reduction and the ability to prioritise traffic.
Meanwhile, running services such as logon and printing locally means that end user productivity is increased.

Unfortunately, as I began to dig a little deeper (including a really interesting call with one of Cisco’s datacentre product specialists), it seems that this solution is constrained in a number of ways and so might not allow the complete eradication of Windows Server at the branch office.

Firstly, this is not a full Windows Server 2008 server core solution – only four roles are supported: Active Directory Domain Services; DHCP server; DNS server and Print services. Other services are neither supported, nor recommended – and the hardware specifications for the appliances are more akin to PCs (single PSU, etc.) than to servers.

It’s also two distinct solutions – Windows runs in a (KVM) virtual machine to provide local services to the branch and WAAS handles the network acceleration side of things – greatly improved with the v4.1 software release.

On the face of it (and remember I’m a Windows guy) the network acceleration sounds good – with three main methods employed:

Improve native TCP performance (which Microsoft claim Windows Server 2008 does already) by quickly moving to a larger TCP window size and then lessening the flow once it reaches the point of data loss.
Generic caching and compression.
Application-specific acceleration for HTTP, MAPI, CIFS and NFS (but no native packet shaping capability).

All of this comes without the need to make any modifications to the existing network – no tunnelling and no TCP header changes – so the existing quality of service (QoS) and network security policies in place are unaffected by the intervening network acceleration (as long as there’s not another network provider between the branch and the hub with conflicting priorities).

From a support perspective Windows on WAAS is included in the SVVP (so is supported by Microsoft) but KVM will be a new technology for many organisations and there’s also a potential management issue as it’s my understanding that Cisco’s virtual blade technology (e.g. Windows on WAAS) does not yet support centralised management or third party management solutions.

Windows on WAAS is not inexpensive either (around $6,500 list price for a basic WAAS solution, plus another $2,000 for Windows on WAAS, and a further $1,500 if you buy the Windows licenses from Cisco). Add in the cost of the hardware – and the Cisco support from year 2 onwards – and you could buy (and maintain) quite a few Windows Servers in the branch. Of course this is not about cheap access to Windows services – the potential benefits of this solution are much broader – but it’s worth noting that if the network is controlled by a third party then WAN optimisation may not be practical either (for the reasons I alluded to above – if their WAN optimisation/prioritisation conflicts with yours, the net result is unlikely to result in improved performance).

As for competitive solutions, Cisco don’t even regard Citrix (more on them in a moment) as a serious player – from the Cisco perspective the main competition is Riverbed. I didn’t examine Riverbed’s appliances in this study because I was looking for solutions which supported native Windows services (Riverbed’s main focus is wide area application services and their wide area file services are not developed, supported or licensed by Microsoft, so will make uncomfortable bedfellows for many Windows administrators).

When I pressed Cisco for comment on Citrix’s solution, they made the point that WAN optimisation is not yet a mature market and it currently has half a dozen or more vendors competing whilst history from in other markets (e.g. SAN fabrics) would suggest that there will be a lot of consolidation before these solutions reach maturity (i.e. expect some vendors to fall by the wayside).

Citrix Branch Repeater/WANScaler

The Citrix Branch Repeater looks at the branch office problem from a different perspective – and, not surprisingly, that perspective is server-based computing, pairing with Citrix WANScaler in the datacentre. Originally based around Linux, Citrix now offer Branch Repeaters based on Windows Server.

When I spoke to one of Citrix’s product specialists in the UK, he explained to me that the WANScaler technologies used by the Branch Repeater include:

Transparency – the header is left in place so there are no third-party network changes and there is no need to change QoS policies, firewall rules, etc.
Flow control – similar to the Cisco WAAS algorithm (although, somewhat predictably, Citrix claim that their solution is slightly better than Cisco’s).
Application support for CIFS, MAPI, TCP and, uniquely, ICA.

Whereas Cisco advocate turning off the ICA compression in order to compress at the TCP level, ICA is Citrix’s own protocol and they are able to use channel optimisation techniques to provide QoS on particular channels (ICA supports 32 channels in its client-server communications – e.g. mouse, keyboard, screen refresh, etc.) so that, for example, printing can be allowed to take a few seconds to cross the network but mouse, keyboard and screen updates must be maintained in near-real time. In the future, Citrix intend to extend this with cross-session ICA compression in order to use the binary history to reduce the volume of data transferred.

The Linux and Windows-based WANScalers are interoperable and, at the branch end, Citrix offers client software that mimics an appliance (e.g. for home-based workers) or various sizes of Branch Repeater with differing throughput capabilities running a complete Windows Server 2003 installation (not 2008) with the option of a built-in Microsoft ISA Server 2006 firewall and web caching server.

When I asked Citrix who they see as competition, they highlighted that one two companies have licensed Windows for use in an appliance (Citrix and Cisco) – so it seems that Citrix see Cisco as the competition in the branch office server/WAN optimisation appliance market – even if Cisco are not bothered about Citrix!

Summary

There is no clear “one size fits all” solution here and the Cisco Windows on WAAS and Citrix WANScaler solutions each provide significant benefits, albeit with a cost attached. When choosing a solution, it’s also important to consider the network traffic profile – including the protocols in use. The two vendors each come from a slightly different direction: in the case of Cisco this is clearly a piece of networking hardware and software which happens to run a version of Windows; and, for Citrix, the ability to manipulate ICA traffic for server-based computing scenarios is their strength.

In some cases neither the Cisco nor the Citrix solution will be cost effective and, if a third party manages the network, they may not even be able to provide any WAN optimisation benefits. This is why, in my customer scenario, the recommendation was to investigate the use of virtualisation to consolidate various physical servers onto a single Windows Server 2008 “branch office in a box”.

Finally, if such a project is still a little way off, then it may be worth taking a look the branch cache technology which is expected to be included within Windows Server 2008 R2. I’ll follow up with more information on this technology later.

Deleting a Live Meeting from Outlook without sending a cancellation request

Posted on Tuesday 11 November 2008 By Mark Wilson

Sometimes Live Meeting is infuriating. I recently sent a meeting invitation to a colleague for a webcast I’m running later this month and he then sent a new invitation to several of our colleagues (including me), which I duly accepted but that left two near-identical appointments in my calendar. I wanted to delete the original but Live Meeting’s calendar integration would only let me send a cancellation or leave the request as it was.

No problem – just send a cancellation with an empty recipient list. Outlook complains that there are no recipients, then asks if you want to save the meeting. Click yes to save and what actually happens is that the delete request is processed, removing the meeting altogether(which is what I really wanted to do).

Confusing – yes, possibly. But it saved me from cancelling a meeting with my colleague and then him thinking I was cancelling the one with 100 more people confirmed… then multiple calls/e-mails to explain what was happening.

Trusting a self-signed certificate in Windows

Posted on Tuesday 11 November 2008Tuesday 11 November 2008 By Mark Wilson

All good SSL certificates should come from a well-known certification authority – right? Not necessarily (as Alun Jones explains in defence of the self-signed certificate).

I have a number of devices at home that I access over HTTPS and for which the certificates are not signed by Verisign, Thawte, or any of the other common providers. And, whilst I could get a free or inexpensive certificate for these devices, why bother when only I need to access them – and I do trust the self-signed cert!

A case in point is the administration page for my NetGear ReadyNAS – this post describes how I got around it with Internet Explorer (IE) but the principle is the same for any self-signed certificate.

First of all, I added the address to my trusted sites list. As the ReadyNAS FAQ describes, this is necessary on Windows Vista in order to present the option to install the certificate and the same applies on my Windows Server 2008 system. Adding the site to the trusted sites list won’t stop IE from blocking navigation though, telling me that:

There is a problem with this website’s security certificate.

The security certificate presented by this website was not issued by a trusted certificate authority.

Security certificates problems may indicate an attempt to fool you or intercept any data you send to the server.

We recommend that you close this webpage and do not continue to this website.

Fair enough – but I do trust this site, so I clicked the link to continue to the website regardless of Microsoft’s warning. So, IE gave me another security warning:

Security Warning

The current webpage is trying to open a site in your Trusted sites list. Do you want to allow this?

Current site: res://ieframe.dll
Trusted site: https://mydeviceurl

Thank you IE… but yes, that’s why I clicked the link (I know, we have to protect users from themselves sometimes… but the chances are that they won’t understand this second warning and will just click the yes button anyway). After clicking yes to acknowledge the warning (which was a conscious choice!) I could authenticate and access the website.

Two warnings every time I access a site is an inconvenience, so I viewed the certificate details and clicked the button to install the certificate (if the button is not visible, check the status bar to see that IE has recognised the site as from the Trusted Sites security zone). This will launch the Certificate Import Wizard but it’s not sufficient to select the defaults – the certificate must be placed in the Trusted Root Certification Authorities store, which will present another warning:

Security Warning

You are about to install a certificate from a certification authority (CA) claiming to represent:

mydeviceurl

Windows cannot validate that the certificate is actually from “certificateissuer“. You should confirm its origin by contacting “certificateissuer“. The following number will assist you in this process:

Thumbprint (sha1): thumbprint

Warning:

If you install this root certificate, Windows will automatically trust any certificate issued by this CA. Installing a certificate with an unconfirmed thumbprint is a security risk. If you click “Yes” you acknowledge this risk.

Do you want to install this certificate?

Yes please! After successfully importing the certificate and restarting my browser, I could go straight to the page I wanted with no warnings – just the expected authentication prompt.

Incidentally, although I used Internet Explorer (version 8 beta) to work through this, once the certificate is in the store, then ~~all browsers~~ any browser that uses the certificate store in Windows should act in the same manner (~~the certificate store is not browser-specific~~ some browsers, e.g. Firefox, implement their own certificate store). To test this, I fired up Google Chrome and it was able to access the site I had just trusted with no issue but if I went to another, untrusted, address with a self-signed certfiicate (e.g. my wireless access point), Chrome told me that:

The site’s security certificate is not trusted!

You attempted to reach mydeviceurl but the server presented a certificate issued by an entity that is not trusted by your computer’s operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site.

Chrome also has some excellent text at a link labelled “help me understand” which clearly explains the problem. Unfortunately, although Chrome exposes Windows certificate management (in the options, on the under the hood page, under security), it doesn’t allow addition a site to the trusted sites zone (which is an IE concept) – and that means the option to install the cerficate is not available in Chrome. In imagine it’s similar in Firefox or Opera (or Safari – although I’m not sure who would actually want to run Safari on Windows).

Before signing off, I’ll mention that problems may also occur if the certificate is signed with invalid details – for example the certificate on my wireless access point applies to another URL (www.netgear.com) and, as that’s not the address I use to access the device, that certificate will still be invalid. The only way around a problem like this is to install another, valid, certificate (self-signed or otherwise).

I’m a what?

Posted on Monday 10 November 2008Tuesday 11 November 2008 By Mark Wilson

Yesterday evening, I was watching Channel 4‘s satirical political show, “Bremner, Bird and Fortune“, when a Microsoft “I’m a PC” ad ran in one of the breaks. I was surprised – firstly because I thought the campaign was US-only (although I must confess that I don’t watch much commercial TV anyway) but also because it seemed to miss the point that 1 billion PC users run Windows. All we got was Sean the Apple PC guy lookalike, followed by lots of people saying “I’m a PC” and the final “Windows – Life without Walls” graphic.

As for this being effective or not – for me the question was answered when my wife – a middle class 30-something marketing professional (presumably in the demographic that these ads are aimed at) – said something to the effect of “I don’t understand! Why I’m a PC?”

That’s just one example of why these ads don’t work: the Mojave Experiment made a point (until Microsoft shot themselves in the foot with all the Windows 7 news and speculation about a 2009 release effectively killing Vista off prematurely); Windows without Walls works (especially with the recent web services announcements); Gates and Seinfeld – probably best not yo go there; but as for I’m a PC? It’s fine to be highlighing all the things that a billion people do with PCs… but this campaign is just not hitting the mark.

[Update: 11 November 2008]: In conversation, Garry Martin made a very good point that I failed to comment on in the original post: if you’ve seen the Apple ads, then I’m a PC makes sense and show that PCs are not dull and boring but that they are used for many exciting and worthwhile things across the globe; however, many people in the UK have not seen those ads.

As far as I know, Apple’s Mac vs. PC ads didn’t run on TV here (although there were some UK versions produced which may have done for a short while) – either way they are more of an Internet thing for geeks/Mac fanboys and so most people miss the point entirely – resulting in a confused response to I’m a PC.

Access denied when echoing files using SyncToy

Posted on Monday 10 November 2008Monday 10 November 2008 By Mark Wilson

Whilst Windows Live Mesh and FolderShare provide me with an effective means to keep files and folders in sync, some of my devices do not run Windows or OS X (e.g. my NetGear ReadyNAS) and I’ve been using the SyncToy v2.0 tool for data that I just want to copy from one location to another (e.g. backing the file data on the notebook PC that I use for work up to a file share).

Unlike FolderShare/Live Mesh, which automatically keep folders in sync, SyncToy is intended for performing on-demand tasks (e.g. backups), as described by Gina Trapani at Lifehacker (and by yours truly a couple of years back when it was still at v1.2).

A few days ago, I was echoing the contents of a large directory to a remote share, but was mystified by some files which would not write to the remote volume. I had full NTFS access to the files but SyncToy produced an error which said:

Error: Cannot write to the destination file. Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)) Copying C:\Users\username\filename

After a while, I worked out that the problem files all had the read-only attribute set and that removing this allowed SyncToy to copy the files successfully. I can only assume that the problem was the echo (i.e. file copy, rather than two-way sync) and that the file attributes were being written before the file copy took place, resulting in insufficient permissions to write the file contents.

markwilson.it

get-info -class technology | write-output > /dev/web

Year: 2008