Wednesday, January 31, 2007

PowerShell for Vista and why I discovered that two days delayed - or: How to rebuild the pim.vol file

I normally update all my RSS feeds on my Vista PC. The feeds are stored in Outlook 2007, replicated to our Exchange server and finally synchronized to my Qtek 8310 SmartPhone. I normally check the feeds first on my phone, so short ones or uninteresting entries can be deleted when I have a few minutes to spare.

But today, I browsed the feeds from my PC and I realized, that synchronization to my phone must be broken. I read that PowerShell - finally and long waited - was RTW for Vista (get x86 version here). BTW: I just love that the file name starts with Windows6.0 - :)

So over to the phone. Synchronization would not even start!! I could start it from within the inbox, but got an error. Last time I got a similar error, I unsynched my email and resynched again, but this time that was insufficient. I also asked a question about freeing up or moving the PIM.VOL file but did not get any feedback.
Well, I tried to unsynchronize everything - but it still behaved weird on the resync, so I decided to jump out into it - I renamed the PIM.VOL file to PIM.OLD, restated the phone and voila, I got a brand new PIM.VOL. I deleted PIM.OLD, setup synch and everything worked. And my PIM.VOL file is now 'only' 1.5MB compared to the old 2.1MB. This leaves 1.69MB free on the phone. So nice to always have a backup of the important data on the Exchange server.

So, let's get PowerShell on Vista and maybe my XP laptop will gather more dust now...

Microsoft Hosting Days

Microsoft are once again at a "World" tour (Except for Denmark and Iceland where I'm currently delivering four HMC Architectural Design Sessions). It's called Microsoft Hosting Days and the agenda is primarily around Software-as-a-Service (SaaS) and the new capabilities in upcoming versions of WBH/HMC -

.. learn how to capitalize on the growing demand for Software-as-a-Service (SaaS). This multi-track seminar will give you the knowledge and tools you need to expand your business whether you are a pure Hoster, Telco, Independent Software Vendor (ISV), Reseller (VAR), or System Integrator.
  • The latest news about the growing opportunities for SaaS on Windows technology.
  • A wide range of business opportunities available with Microsoft Hosting solutions, including Windows-based Hosting for Applications, Hosted Messaging and Collaboration, and Hosted CRM.
  • Aligning your business with Microsoft’s product roadmap – so you can maximize benefits from the planned testing, release and availability of Microsoft products and services, especially with SharePoint 3.0 and IIIS 7.0.
  • Using best practices to sell SaaS offers or business-class e-mail to small and medium-sized businesses.

Description of the different hosting solutions from Microsft

FYI - here's a short description of the current offerings from Microsoft -

Windows-based Hosting
The Microsoft Solution for Windows-based Hosting version 4.0 provides a highly efficient operating platform for service providers of all sizes. The solution includes tools and partner applications that Web hosters can take advantage of to develop and deploy in-demand customer site features such as blogs, forums, and photo galleries.

Hosted Messaging and Collaboration
The Microsoft Solution for Hosted Messaging and Collaboration version 3.5 enables service providers to host enterprise level e-mail and collaboration services for small and medium-sized businesses. Service providers can deploy value-added services such as team site hosting, instant messaging, and hosted mobile messaging for mobile device users - along with Exchange-based mail services.

Windows-based Hosting for Applications
The Microsoft Solution for Windows-based Hosting for Applications version 1.0 takes advantage of the Windows infrastructure and operations platform to enable ISV application hosting. This solution is focused on helping ISVs expand revenues and markets by taking their on-premise applications online as a hosted service.

Hosted Microsoft Dynamics CRM 3.0 Solution
The Hosted Microsoft Dynamics CRM 3.0 Solution is a Windows-based solution that enables service providers to capitalize on the growing business demand for customer relationship management (CRM) services. This solution enables service providers to host the Microsoft Dynamics CRM 3.0 application - a full-featured CRM product that is beyond the abilities and resources of many smaller businesses to deploy and operate.

Source - Windows Based Hosting 4.5 beta documentation.

WBH for Applications 1.5 and WBH 4.5 Beta

Microsoft has released the beta documentation for both of the following products that are currently under development.

Windows Based Hosting for Applications 1.5 is for ISV's that want's to enable their solutions for Hosting (Download).

Windows Based Hosting 4.5 (Download) contains the following updates to WBH 4.0

Windows Server 2003 R2
The infrastructure components of the solution now run on Windows Server 2003 R2, which extends the Windows Server 2003 operating system in important ways. Web platform features include support for .NET framework 2.0 and ASP.NET 2.0 applications as well as 64-bit support for Internet Information Services (IIS) 6.0.
A new licensing model that allows customers to get more value out of server virtualization.

SQL Server 2005
The solution incorporates fundamental advancements in database technology and security with SQL Server 2005. When compared with SQL Server 2000, the latest version of the comprehensive database platform of the solution provides:New features to easily support service offerings differentiated by additional capabilities rather than just database size and quantity.Support for 64-bit platforms so service providers can scale servers to any client's needs.

SQL Server Hosting Toolkit
This tool enables hosters to more easily deploy SQL Server databases for customers.

ASP.NET 2.0 support
ASP.NET 2.0 encapsulates common Web tasks into application services and controls that you can easily reuse across Web sites. With these basic building blocks, ASP.NET 2.0 allows developers to write up to 70 percent less code for faster development of rich Web sites and applications.

ASP.NET AJAX framework support
Hosters can now offer developers a richer environment on which to build interaction-rich, cross-browser Web applications.

Support for 64-bit computing
As the majority of new server shipments today contain 64-bit processing power, the solution has also moved forward with 64-bit computing support. The solution has been tested with and supports 64-bit versions of Windows Server 2003 R2 and SQL Server 2005.

Support for Windows SharePoint Service version 3.0
This version introduces improved administrative tools including a server farm-based Central Administration user interface. Also new in this release are the availability of 40 new application templates which hosters can use to enhance service offerings for small to medium business customers.

Source - Windows Based Hosting 4.5 beta documentation.

Saturday, January 27, 2007

Robocopy replaces Xcopy in Vista

Just noticed the following in Xcopy, when I was moving some files to my USB drive .

C:\Users\dlt>xcopy /?
Copies files and directory trees.

NOTE: Xcopy is now deprecated, please use Robocopy.

I've been using Robocopy for years and years - and it's a powerful tool for synchronization, migration, backup and much more so it's about time it get's its credit worth ;-)

Friday, January 26, 2007

Public Certificates supporting SAN's for LCS and Exchange 2007 - update #2

I promised earlier in Using LCS 2005 with multiple domains that I would get back to you with a list of Commercial Certification Authorities that supports Subject Alternate/Alternative Names (a.k.a SAN or SubjectAltNames). These types of certificates are required for making autoconfiguration of Office Communicator work in Enterprise deployments of LCS (Using DNS and SRV records). For more info on autoconfiguration look at Shawn Mahans webcast and the article mentioned in the start. SAN's are also required for supporting Autodiscovery in Exchange 2007 (e.g. one certificate serving both and Find a bit more information on this subject on the Exchange Ninjas Wiki.

These are my findings -

Verisign - VeriSign has a MPKI (Managed PKI) SSL offering, that includes the ability to issue certificates with multiple domain names. Its part of their Enterprise offering though, so you will need to contact their sales for help on getting an enterprise account before being able to order it.

GlobalSign - When I checked last week "... yet to be launched; expected timescale is 4-6 weeks." when I checked in September 2006 it was "... in the pipeline for the coming months".

Entrust - Has a "Entrust Unified Communications Certificates (UCC)" for Exchange Server 2007 and Live Communications Server that can be ordered directly from their website (Source).

Geotrust - Has a "Power Server ID" supporting up to four server names (That is three in SAN's, which in LCS means three in total). Find it here.

If you know other than the above please let me know and I will update the post.

LCS and Windows Server 2003 R2 known issue #2

FYI - As I wrote in a posting earlier there is a known issue with MMC 3.0 in R2 and Live Communications server 2005.

I just discovered that Microsoft has created a KB article on the problem/solution called "A blank Live Communications Server 2005 MMC snap-in appears when you start the Live Communications Server 2005 administration tool" - you can find it here.

Wednesday, January 24, 2007

OCS 2007 Videos

Microsoft has created two promotional Office Communicator Server 2007 videos, that are now available for public download.

There are two videos on Office Communications Server 2007 and on Office RoundTable.
The videos center on use of the technologies by the staff of a fashion magazine.

The videos are pretty funny and shows both Office Communicator and the new version of LiveMeeting in use. Find them here.

Tuesday, January 23, 2007

PowerShell output strangeness

When I run batch jobs, I normally use a stub (here simplified) like this –

Set name=%~n0
Set log=%temp%\%name%.log
Set recursive=%1
If not defined recursive %0 yes >”%log%” 2>&1

In this way, I can ensure that I capture all output, including stderr (stream #2) in stdout (stream #1).

So I adapted the same approach with PowerShell – and got into problems. Actually, at first, I thought that I had made a work-around and would simply stick to that, but as it resurfaced, I decided to narrow it down and find the real problem.

The problem appears like this error message –

The OS handle's position is not what FileStream expected. Do not use a handle simultaneously in one FileStream and in Win32 code or another FileStream. This may cause data loss.
out-lineoutput : The OS handle's position is not what FileStream expected. Do not use a handle simultaneously in one FileStream and in Win32 code or another FileStream. This may cause data loss.

So how do I generate this message? Simply run this script with the above batch wrapper –

copy-item fds fdsaf

The abstract from the log generated is -

C:\>powershell -command .\x.ps1
Copy-Item : Cannot find path 'C:\Documents and Settings\Administrator\fds' because it does not exist.
At C:\Documents and Settings\Administrator\x.ps1:2 char:10
+ copy-item <<<<
out-lineoutput : The OS handle's position is not what FileStream expected. Do not use a handle simultaneously in one FileStream and in Win32 code or another FileStream. This may cause data loss.

Note, that removing the start and/or the end line, makes the error *not* appear.

So, how should this wrapper work with PowerShell? Well, from what I can figure out, PowerShell never writes to stderr, so everything can be captured by redirection stdout with >. Even output from write-host get captured.

But, anyway - this seems a minor bug in PowerShell.

Monday, January 22, 2007

Office Communicator Mobile and Certificate chains

If you plan on deploying Access Proxies for external access to Office Communicator and maybe Office Communicator Mobile then you should be aware with a certificate issue (a.k.a. design flaw) in Communicator Mobile.

The problem is that CoMo isn't able to use intermediate certs by following certificate chains correctly. If you have a certificate issued directly by e.g. GlobalSign Root CA, then there's not a problem. But if you'r certificate (like ours) has the following chain

- GlobalSign Root CA
- GlobalSign Partners CA
- TDC Internet Root CA
- TDC SSL Server CA

Then there's a problem (As opposite to ActiveSync Windows Mobile, which works perfectly fine with the above certificates).

The solution is to either disable CRL checks in registry (Not "nice") using one of the many registry tools like regeditSTG or to load the entire chain in the Windows Mobile device. The latter can be done using e.g. sslchainsaver and its ability to create xml files that can be cab'ed (Follow the articles in the posting).

According to my sources the issue will be fixed in CoMo 2.0 which supposedly is a post OCS 2007 release.

Friday, January 12, 2007

New look and feel

As announced in the post Look & feel of msgoodies on August 17th we would "soon" make the transition to the new blogger - which is finally out of beta (Actually a bit ago - but some blogs couldn't be transferred due to blogger "issues").

Now we finally are here with a new stretched template that greatly enhances the web viewing of msgoodies (Even though we believe most of our readers use RSS feeds like Per and I) including our "problem child" code snippets.

Also it introduces a much better way of sorting our posts into categories (Allthough we haven't categorized all posts as of yet) and better interface for administration.

We will soon transition the blog to custom domains, so the blog will be reachable trough both and

Hopefully this will give us more time/desire in the future for posts on our primary interests. I know Per is up to new posts (He is doing magic with PowerShell) and I have a lot of catching up to do on Live Communications Server/LCS.

Wednesday, January 10, 2007

Freeing up space on your SmartPhone 5

It is just a mystery where the space went, isn't it? My phone has 17.95 MB storage but only 1.18 MB available - and I just cleaned it up! Can somebody please explain this to me?

Well, if you use java apps (midlets), you can move them off to the storage card so that storage is saved. Currently, I only use one, Opera Mini. The interface is not that good, but browsing is much faster than PIE.

The procedure for moving the java apps have been ripped of a newsgroup entry I found and is credited to scudo -
  • Close the Java applet
  • Create registry string value pointing to your new location e.g. HKEY_LOCAL_MACHINE\SOFTWARE\Tao\JMM\DataPath "\storage card\Application Data\Tao\intent"
  • Move directories and files from \Application Data\Tao\intent to \storage card\Application Data\Tao\intent (use File Explorer with ActiveSync)
  • Reboot mobile

I decided to repeat the procedure here, as it was hard to find.

PS. If someone knows if pim.vol can be moved, deleted or resized I would like to know.

Great Windows Mobile 5 utilities

Came across these nifty tools the other day from maniac (Danny Baumann, I presume).

The coolest of the small utilities is called CellPhoneSwitcher and is based on a very clever idea – make the phone change settings depending on the cell the phone is connected to! I wish I have had that idea.

In this way, you can turn on wireless automatically when you come home and turn it off when you leave. You can do the same with a lot of other settings as well -
  • Change profile
  • Change Bluetooth status
  • Execute a program
  • Vibrate (short for entering the cell, long for leaving it)
  • Change the home screen
  • Show a message
    Play a wave sound
  • Change the phone's wave volume
  • Notify Automatic Keylock (which must be installed separately)
  • Switch Wifi (Wifi-enabled WM5 phones only)
  • Enable flight mode

See for yourself, the downloads are found here .

Thursday, January 04, 2007

How secure are you from spear phishing attacks?

How easily am I tricked? I don't know, not too easily I hope. At least I have never been tricked on the internet. But don't we all think of yourselves that we are not easily tricked - and isn't it just a matter of how smart the trick is being made? You should ask yourself this interesting question as well.
I'm working in a small organization which I do not consider an easy target. Not so much because we work with IT and security, but more because I normally have a pretty good idea what I should expect to receive from my fellow workers. And again, as they normally write to me in Danish, that narrows it down as well (for the same reason most spam is easy to spot as it is in English). But those of you working in large and/or multi-national and/or high-profile organizations should read the "DoD Battles Spear Phishing" post by Robert Hersing. Robert asks this question -
So how would YOUR organization fair against a spear phishing attack
like the ones hitting the DoD?? Are your employees aware of the threats
posed by seemingly legitimate emails with seemingly 'innocent' / 'safe'

Wednesday, January 03, 2007

Why PowerShell is important

In his last post of 2006 (the first of 2007 in my timezone, does this guy never sleep?) Jeffry Snover, PowerShell Architect, posted a very good and precise description of why PowerShell is so important. The core of this is the Admin Development Model and I have extracted the most important part here as I think this explains it so good -

One of the things that motivated us to develop PowerShell was the belief that we (Microsoft) had been doing a poor job supporting the Admin Development Model.

All the effort seemed to have gone into treating Admins as GUI-only users or as though they were developers that couldn't handle the complexity of parenthesis. I never quite understood the thinking there. On the one hand, you expect the admin to comprehend the mind-numbing complexity of WMI and ADSI but on the other hand, you invest in a language that allows them to avoid typing the parentheses in an IF statement? Was that really the problem? Don't get me wrong - for what it is, VBScript is great but at the end of the day, a lot of VBScripting is full blown systems programming with a simplier syntax. There is nothing wrong with that. The vast majority of Admins are super smart folks that can do systems programming WHEN THEY HAVE THE TIME TO.

Therein lies the problem. Systems programming takes a lot of time and effort and is pretty formal. The Admins I know don't have a lot of spare time because they run around with their hair on fire. When your hair is on fire, you need a bucket of water and systems programming is not that bucket of water. What admins need is a set of tools that match the reality of their work. Admins need an interactive shell.

An interactive shell that allows them to quickly, easily, and iteratively investigate and manipulate their systems. Since the nature of admin problems/issues change constantly, they need to easily compose solutions by leveraging a set of base, domain-specific, commands and a then set of powerful, domain-independent, utility cmds. Bruce Payette once said something to the effect that, "the lifespan of 95% of the scripts in the world start at the prompt and end at the carriage return".

Once you have an interactive shell that supports great compositional scripting, then, depending upon the problem and the odds that you'll want to do that operation again, Admins save that script into a file and run it instead of having to figure it out/type it every time. Over time, they may decide to generalize the script so that it can deal with more and more situations. Later they may choose to make it more formal and do better error handling. Sometimes, they'll want to make it part of their formal management of production servers at which point they'll want it to be very formal, leveraging types/constraints, rich error handling, digital signatures and all that.

This range of activities, from interactive shell, to quick and dirty scripting, to formal production scripting is what we call the Admin Development Model. (Note that model of work is NOT limited to Admins - many people use this but it is critical for Admins.) PowerShell is very focused on supporting the Admin Development Model. That is why we have an interactive shell.
That is why we struggled hard to find the right balance in our syntax and semantics between interactivity and scriptability. That is why we support
a wide range of scripting styles from quick and dirty (bash-style) scripting to more advanced (Perl-style) scripting to more formal .NET programming. We wanted to ensure that you could learn a single tool and then decide how you were going to use that tool to solve the particular problem at hand.

It is NOT the case that beginners will do the simple stuff and experts will do the sophisticated stuff. We expect everyone will do do everything at some point in time - it is question of the problem they are trying to solve and the skills they have at the moment. (e.g. The highest end of scripters are still going write lots of quick and dirty, ad hoc scripts - because that is the right tool for lots of situations.).

The great thing about having a single tool to do this is that it becomes economical
to invest in learning the capabilities of the tool because it can be leveraged in so many situations. It also increases the pool of people that form the community that help each other solve problems. It also makes it easier to grow your career, as you gain expertise and become more productive and opens up more job opportunities than expertise in a very narrow toolset provides (this is another reason why we leveraged .NET - learning .NET makes you more marketable. If you are a hiring manager leveraging PowerShell - the job is more attractive to people and there is a larger pool of experienced people to hire from.)

PowerShell supports the Admin Development Model because it allows PowerShell to be the right tool for the right job for the maximal range of problems and lays the groundwork for a large and vibrant ecosystem.

- Jeffry Snover