March, 2007

  • Preview Handlers for Outlook 2007

    Download preview handlers for Outlook/Vista

    • XPS Preview Handler 
    • MSI Preview Handler 
    • CSV Preview Handler
    • ZIP Preview Handler
    • BIN Preview Handler
    • XAML Preview Handler

    Want to know more check the ProExchange UG site :


    Technorati tags:
  • Windows Server 2003 SP2 Released to Web

    We released the Windows Server 2003 SP2, you can download it from windows update or just download it from here

    What's New in SP2?


    A new event log event has been created to address certain situations in which the Cluster service account becomes excessively restricted by domain policy.

    The new event ID is 1239. The event text includes troubleshooting information. You can also refer to article 871236 in the Microsoft Knowledge Base ( ) for further information.

    Data access components

    XmlLite is new with Windows Server 2003 SP2. XmlLite is a fast, low-level, native XML parser with a small memory footprint.  For more information, including the Programmer's Guide and API reference, see the MSDN Web site ( ).

    Distributed systems

    New options have been added to the Dcdiag.exe Domain Name System (DNS) tests. These new options are /x and /xsl:xslfile.xsl or /xsl:xsltfile.xslt. They generate XML tags when the tests are run with the /test:dns option. You can use this new output mechanism to more easily parse the verbose log that the DNS tests generate.

    To direct the XML output file to XMLLog.xml, use the /x option. For example:

    dcdiag /test:dns /v /e /x:XMLLog.xml

    File systems

    Icacls.exe is an upgrade of the Cacls.exe tool in Windows Server 2003 SP2, and can be used to reset the access control lists (ACLs) on files from Recovery Console, and to back up ACLs. Also, unlike Cacls.exe, Icacles.exe correctly propagates the creation of inherited ACLs and changes to them.

    Microsoft Message Queuing

    The default storage limit for message queuing has been changed to 1 gigabyte (GB). If you choose to have a storage limit of more than 1 GB, you can change the storage limit setting in Microsoft Management Console (MMC) on the General tab of Message Queuing Properties.

    Networking and communications

    This version of Windows Server 2003 SP2 includes an update that enables you to simplify the creation and maintenance of Internet Protocol security (IPsec) policy. This update enables you to use an IPsec "Simple Policy". For most environments, the installation of this update allows you to reduce the number of IPsec filters that are required for a Server Isolation deployment or for a Domain Isolation deployment. You can reduce the number of IPsec filters from many hundreds of filters to only two filters. For more information about this update for Windows Server 2003 and Windows XP, see article 914841 in the Microsoft Knowledge Base ( ).

    Group Policy support for non-broadcasting networks and Wi-Fi Protected Access 2 (WPA2) settings has been added to the Windows wireless client in Windows Server 2003 SP2. This update allows the Windows wireless client to accept additional wireless Group Policy configuration options. These new settings include support for WPA2 parameters and non-broadcast networks.

    The Windows wireless client now supports WPA2, which enables you to take advantage of high levels of standards-based connection and encryption security. New security features include:

    Non-broadcast network profiles are now marked with a flag to improve the security of the Windows wireless client.

    Windows will not automatically connect to a peer-to-peer network, even if it has been automatically saved in the preferred network list. You must manually connect to a peer-to-peer network profile.

    Windows Deployment Services

    Starting with this version of Windows Server 2003 with SP2, Remote Installation Services is replaced by Windows Deployment Services. You can use Windows Deployment Services to set up new computers through a network-based installation without having to be physically present at each computer and without having to install directly from DVD media. For more information about Windows Deployment Services, see the Windows Deployment Services Update Step-by-Step Guide ( ).


  • Agenda of academic track on Dev&IT Pro days

    There is a Microsoft Developer & IT Pro Days offering for the Academic Community.

    During the"
    Developer & IT Pro Days 2007 - Satisfy your technical curiosity", Walter Stiers from our Academic Relations team will host an Academic track. He just finalized the agenda of his track and asked me if I could blog about it.

    Here it is:

    Academic Days - Day 1 - 28/03/2007
    07:30 - 08:45 Welcome & Registration / Partner Expo
    08:45 - 10:15 Opening Keynote (Dev & IT Pro days)
    10:45 - 12:00 Dirk Daelemans Vista & Office 2007 in Education
    12:00 - 13:00 Lunch
    13:00 - 14:15 Antonio Zurlo Deploying and Managing a Windows-Based High-Performance Compute Cluster
    14:30 - 15:45 Carrie Longson UX:
    Building Schools of the Future. How technology can support learning in 2012
    16:15 - 17:30 Benoît Haut & Frédéric Debaste
    HPC for fluid flow modelling in a Chemical Engineering Department : from archaeology to industrial processes
    17:45 - 19:00 Antonio Zurlo Case study - HPC in Financial Services.

    Academic Days - Day 2 - 29/03/2007
    07:30 - 09:00 Welcome & Registration / Partner Expo
    09:00 - 10:15 Brecht Kets
    Gaming in curriculum: XNA
    10.45 - 12.00 Martin Timmerman Embedded development tools: ECLIPSE vs Windows Embedded CE 6.0 Platform Builder
    12:00 - 13:00 Lunch
    13:00 - 14:15 Chad Z. Hower
    Microsoft .NET MicroFramework
    14:30 - 15:45 John Lefor Microsoft Innovation through European Collaboration
    16:15 - 17:30 Fotini Kaklamanou, Gérard Leblanc, Walter Stiers
    Academic Relations Team : MD-AA & Imagine Cup
    17:45 - 18:45 Closing Keynote (Dev & IT Pro days)

    You still can register


    Note: The High Performance Computing session given by Antonio Zurlo is also very interesting for our IT Pro audience.

  • Calendar Printing Assistant for Outlook 2007

    Ever tried to manage the agenda of your team with Outlook? I had to do it several times when I was a project manager. When I had to manage the agenda of the project team and to make my planning. Ok there is Group calendaring and now there is some Calendar overlay feature within Outlook 2007. Yesterday a colleague of mine showed me the Calendar Printing Assistant for Outlook 2007. I immediately installed this tool to play with it.

    This is really a neat tool, It detects which calendars you have in the calendar tab in Outlook and you can than create different views going from daily to monthly or even yearly views. For each view there are different templates available.

    Once you have the template you want, you can print the different calendars.


    This tool can be downloaded for free. 


  • Longhorn:: 10 Reasons to look at Windows Longhorn Part 5: Server Core

    When I talked about the server management improvements in the first part of this series I explained that we have defined different server roles and features. Now with the introduction of Windows Server Core which is a minimal installation of Windows Longhorn server.

    What I mean with minimal installation is that we only install the core server functionality without any extra overhead. The server core can be used for the following server roles:

    • Dynamic Host Configuration Protocol (DHCP) server
    • Domain Name System (DNS) server
    • File server, which includes:
      • File Replication service
      • Distributed File System Replication
      • Distributed File System service
      • Network File System
      • Single Instance Storage
    • Domain controller, read-only domain controller, and Active Directory Application Mode (ADAM)

    At RTM time there will be additional roles like Media server, Print Server and Virtualization with the Hypervisor technology.

    Beside those roles we do support some additional optional features like:

    • Microsoft Cluster Server
    • Network Load Balancing
    • Subsystem for UNIX-based applications
    • Backup
    • Multipath I/O
    • Removable Storage Management
    • BitLocker™ Drive Encryption
    • Simple Network Management Protocol (SNMP) service
    • Telnet client

    The choice to install a server core or a full server is done during the setup,a there is no upgrade, downgrade path. You cannot migrate from a Windows 2003 to server core, you cannot upgrade from server core to full server, all these operations require a reinstall.

    Because we don't install all executables and dll's we will have a much smaller footprint than with a full server. We even don't have the explorer, Internet Explorer, no CLR, etc ...

    A server core can be a headless server, no need for keyboard or mouse, but it's still manageable from the console. The other options to manage the server core is through remote MMC consoles, Terminal Services, WinRS.

    Look at the sexy interface :)


    Can you imagine which interface you will get when you are connecting through the Terminal Services :)


    Once you installed the server there are several tasks you need to perform to have it completely up and running, here are some of them:

    • Set Administrator Password
      • ­CTRL+ALT+DEL and click Change password
      • ­net user administrator *
    • Activate
      • ­Slmgr.vbs –ato
    • Configure Static IP Address (if required)
      • ­Netsh interface ipv4
        • ­show interfaces
        • ­set address name="ID" source=static address=StaticIP mask=SubnetMask gateway=DefaultGateway
        • ­add dnsserver name="ID" address=DNSIP index=1
    • Join a domain (if required)
      • ­Netdom

    Note: The slmgr.vbs is a script that can be used remotely and is also installed onto Windows Vista.

    I must admit that any scripting knowledge will be welcome to manage a Windows Server core. For example to change the display resolution you can either open the registry and change a registry key or use WMI to change it. Server core will be available for the x86 and x64 versions of Longhorn server.

    We see that customers who has a lot of servers to maintain will use this kind of servers due to the lower patch and management needs.

    Previous Posts in this series:

    Part 4: Server Hardening

    Part 3: Internet Information Services 7.0

    Part 2: Windows PowerShell

    Part 1: Server Management Improvements

    Technorati tags: , ,
  • Full IT Pro Session List for Dev & IT-Pro Days 2007

    My colleague David Boschmans blogged about the Full Developer Session List for Developer & IT-Pro Days 2007. I wanted to give you the same information for the IT Pro sessions. 

    I finalized the IT Pro agenda this week and it's online as we speak. Below you can find all the IT Pro - oriented sessions, session level and the speakers listed. 

    In the Virtualization Pre-conference Ronald Beekelaar will be delivering following sessions:

    1. PRE-VIR301 Microsoft Virtualization: Today and Tomorrow
    2. PRE-VIR302 Managing a Mixed Virtual/Physical Environment: Tools and Techniques
    3. PRE-VIR303 Microsoft Virtualization Deep Dive
    4. PRE-VIR304 Notes from the field: Practical advice on adoption, deployment and migration

    During the main conference we will have 3 Level 20026 Level 300 and 4 Level 400 sessions for the IT Professionals :

    • ITP201 Microsoft Business Intelligence overview - Jake Zborowski & Ashvini Sharma
    • ITP206 The Microsoft Exchange Server 2007 IT Pro Experience - Jill Frank
    • ITP207 PowerShell Chalk Talk: The first 4 minutes - Bruce Payette
    • ITP301 Creating high impact Data Warehouse with Integration Services and Analysis Services - Ashvini Sharma
    • ITP302 Enterprise Reporting with SQL Server Reporting Services - Ashvini Sharma
    • ITP304 Designing and deploying Performance Management applications with Office OBA - Jake Zborowski
    • ITP305 The Identity Metasystem, InfoCards and Microsoft CardSpace -Steve Plank
    • ITP307 Windows Server "Longhorn" Terminal Services: What's new Overview - Arlindo Alves
    • ITP308 An Administrator's Guide to Internet Information Services (IIS) 7 - David Lowe
    • ITP309 Windows SharePoint Services (WSS) and Microsoft Office SharePoint Portal Server (SPS): Upgrade and Migration - Kimmo Forss
    • ITP310 MOSS 2007 Configuration of Excel Services, SSO &  Data Connections - The Mac Guyver Techniques ! - Gunter Staes
    • ITP311 Search in SharePoint Server 2007 - Architecture, scalability and deployment - Kimmo Forss
    • ITP312 Data Protection Manager (DPM) v2 - Technical Overview - Frank Vosberg
    • ITP313 Software as a service: Microsoft SoftGrid Application Virtualization - Olivier van Noort & David Stoeckel
    • ITP315 DMZology Is it dead? Does it live? What do I really need to know?  Fred Baumhardt
    • ITP316 High Availability in Exchange 2007  - Jill Frank
    • ITP317 Migrating to Exchange Server 2007: Why, How and When - Ilse Van Criekinge
    • ITP318 Optimizing Windows Vista & Office 2007 Deployments  - David De Backer
    • ITP319 Windows Vista reliability and management improvements - Tony Krijnen
    • ITP320 Group Policy Deep Dive: Managing Features, Troubleshooting, Settings with Windows Vista - Kurt Roggen
    • ITP321 SQL Server in 2007: Working with Vista and SQL Server SP2 - Bob Beauchemin
    • ITP322 Thinking PowerShell - Bruce Payette
    • ITP323 Server Core: Running a Minimal Server - David Lowe
    • ITP324 What's New in Windows Server Longhorn -David Lowe
    • ITP325 Deploying  SCOM 2007. Dos and Dont's - Eric Denekamp
    • ITP326 Introducing Microsoft Forefront Security for Exchange Server and Sharepoint Server - Sasa Radosevic
    • ITP327 Microsofts vision on real-time communication integrates text, voice, video and data - James O'neill
    • ITP328 Remote access with Intelligent Application Gateway - Amit Ben-Ari
    • ITP329 System Center Configuration Manager 2007: Deployment - what you need to know - Kim Oppalfens
    • ITP401 Session 1: Is Your IT Infrastructure Secure? - John Craddock & Sally Storey
    • ITP402 Session 2: Securing Your Network - John Craddock & Sally Storey
    • ITP403 Session 3: Locking Down Servers and Workstations - John Craddock & Sally Storey
    • ITP404 Session 4: Vista Technologies - John Craddock & Sally Storey


    The full agenda with the exact scheduling will be published soon here: overview - day 1 - day 2.

    We have reached 1100+ registrations and it's less then two weeks before the start of the event. If you aren't registered yet, you can still do so here!


    Technorati tags:
  • Longhorn:: 10 Reasons to look at Windows Longhorn Part 6: Network Access Protection


    Network Access Protection provides limited access enforcement components for the following technologies:

    • Internet Protocol security (IPsec)
    • IEEE 802.1x authenticated network connections
    • Dynamic Host Configuration Protocol
    • Virtual private networks (VPN)
    Administrators can use these technologies separately or together to limit noncompliant computers.


    How NAP works:


    1. Client requests access to network and presents current health status

    2. DHCP, VPN or Switch Router relays health status to Microsoft’s Network Policy Server

    3. The Network Policy Server validates this against IT-defined health policies

    4. If the machine is policy compliant, it’s given immediate access to the corporate network

    5. If the machine is not policy compliant, it is put in a restricted VLAN and given access to fix up resources to download patches, configurations, signatures, etc. Repeat 1-3.

    On the Network Policy Server (NPS), administrators set the policy against which computer compliance will be measured before granting connecting computers access to the network. On the image below you can see which protection you can select onto the NAP protected client. For example you could decide that the client computer needs a firewall enabled, Antivirus enabled and up to date, Spyware protection enabled and up to date and if your client computer is updated through the WSus server we can enforce that the updates must be applied.

    NAP Scenarios:

    • Check the health and status of roaming laptops
    • Ensure the health of desktop computers
    • Determine the health of visiting laptops
    • Verify the compliance and health of unmanaged home computers


    Network Access Protection is not designed to secure a network from malicious users. It is designed to help administrators maintain the health of the computers on the network.



    Previous Posts in this series:

    Part 5: Server Core

    Part 4: Server Hardening

    Part 3: Internet Information Services 7.0

    Part 2: Windows PowerShell

    Part 1: Server Management Improvements

  • Longhorn:: 10 Reasons to look at Windows Longhorn Part 7: Failover Clustering

    With Windows Longhorn we will change the name of clustering technology. Let's look back at what the cluster terminology was:


    When we first introduced the clustering technology in Beta we called it ­Wolfpack.
    In Windows NT 4.0 we called it Microsoft Cluster Service (MSCS), lot's of people still use this terminology.

    With Windows 2000 Server and Windows Server 2003 we called it Server Clustering. Because we introduced a new clustering technology called Windows Compute Cluster server we had to change the name in order to avoid confusion.­

    Now it will be Windows Server Failover Clustering (WSFC).


    We aim to simplify the cluster installation and management, increase security and stability. Before installing the actual cluster you will have to validate the hardware against a set of tests.

    These tests include specific simulations of cluster actions, and fall into the following three categories:

    • Node tests: Check if the servers meet specific requirements
    • Network tests: Test if the planned server meets the Network requirements like the requirement of two separate subnets.
    • Storage tests: Check whether the storage correctly supports the necessary SCSI commands and handles simulated cluster actions correctly.

    Once the tests are completed successfully we can start the installation, we have simplified the setup so that the administrators can create the cluster in a few steps, we will also support scripting to automate the installation.


    The new management console is based on our MMC technology and let you manage multiple clusters within one central console.

    Some other management improvements:

    • Use the Volume Shadow Copy Service to capture backups: Full integration with the Volume Shadow Copy Service makes it easier to back up and restore cluster configurations.
    • Troubleshoot a cluster: Instead of working with the cluster log, administrators can use Event Tracing for Windows to easily gather, manage, and report information about the sequence of events that occurred on the cluster.

    We also made improvements to the cluster infrastructure to maximize the availability:

    • Configure a cluster so that the quorum resource is not a single point of failure: For example, in a two-node cluster, an administrator can specify that if the quorum becomes unavailable, the cluster continues running as long as the copies of the cluster configuration database on the two nodes remain available.

    Windows Server Failover Clustering will have an improved security model:

    • Cluster Service now runs in the context of the LocalSystem built-in account
      • No more Cluster Service Account (CSA)
    • No more account password management
    • No need to pre-stage defined user accounts

    We will now have better support for geographically dispersed clusters, the nodes doesn't have to reside onto the same network subnet and we can control the heartbeat timeout, these changes in functionality will let you create clusters without the need of hardware to create V-Lans over  WAN network.



    Previous Posts in this series:

    Part 6: Network Access Protection

    Part 5: Server Core

    Part 4: Server Hardening

    Part 3: Internet Information Services 7.0

    Part 2: Windows PowerShell

    Part 1: Server Management Improvements


  • Funcast:: BI: The Mac-Guyver Techniques SQL Server Reporting Services

    Watch the latest recorded funcasts:

    BI - The Mac-Guyver Techniques : SQL Server Reporting Services

    In this webcast, we introduce Microsoft SQL Server 2005 Reporting Services.  You will understand the report life cycle, and see how to create, publish, manage, and deliver reports using the new tools and features in SQL Server 2005 Reporting Services. You'll also discover tips and tricks for creating interactive reports & the integration with Sharepoint.

    View Recording
    Technorati tags: , ,
  • Microsoft Global Hosting Summit 2007

    I just received a mail from Heather Schwenk through my blog about the  Microsoft Global Hosting Summit 2007. Here is an excerpt of that mail that I wanted to share with you:


    Today at the Microsoft Hosting Summit, Microsoft announced updates to two solutions for hosting service providers: Microsoft Solution for Hosted Messaging and Collaboration (HMC) Version 4.0 and Microsoft Solution for Windows-based Hosting Version 4.5.

    Following are key highlights:

    • The solutions take advantage of the enhancements to Microsoft Exchange Server 2007 and Windows SharePoint Services 3.0, improving communications and information sharing, and work productivity for SMBs.
    • Utilizing Microsoft Exchange Server 2007, HMC 4.0 provides anywhere access for users, built-in protection from spam and viruses, and operational efficiency for IT administrators.
    • Windows-based Hosting Version 4.5 leverages SharePoint 3.0, which provides 40 customized templates designed to help address specific business needs, such as time management, accounting, and project tracking, and new tools to create Web-based content, such as blogs and wikis.

    In addition, video clips from the Microsoft Hosting Summit 2007 that highlight these new solutions will be available at


    Microsoft Solution for Hosted Messaging and Collaboration Version 4.0 will be available worldwide in April 2007. More information is available at

    Microsoft Solution for Windows-based Hosting Version 4.5 is available immediately. More information on Windows-based Hosting can be found at


    Thanks Heather for sharing this information with me US!

  • Longhorn:: 10 Reasons to look at Windows Longhorn Part 8: Branch Office Deployments

    In part 5 of this series I talked about the server core and which impact it can have when we look at security. Because there is a smaller footprint there is less to patch and thus less security risks. This can be a valuable server to put into a branch office, take the possibility to encrypt the hard drives with the Bitlocker technology into consideration and you have a secured server. No need to put this server into a secured room, drives are encrypted and not readable when accessed from another computer, most of the branch offices don't have any these server rooms.


    You now know the first improvement for the Branch Offices, but there are more. Take the Read only Domain controller for example.

    An RODC hosts a read-only replica of the database in Active Directory Domain Services (AD DS). Before Longhorn server when the users from the branch offices needed to authenticate they had to do it with a Domain Controller over the WAN links. Another alternative was to put a Domain controller at the branch office. However this was not a good solution because most of the branch offices doesn't have the adequate security for the domain controllers.

    Furthermore, branch offices often have poor network bandwidth when connected to a hub site. This can increase the amount of time required to log on. Now RODC will give the possibility to deploy a Domain Controller the remote site without to be concerned about the physical security. Because there is only read-only replica of the database and by default all attributes are replicated except the account passwords. However this can be defined through group policies, you can specify which accounts that are allowed to replicate the passwords.


    Another security feature within the RODC is the possibility to assign an Administrator that can do a local logon without being a Domain Administrator, this will also limit the security risks.


    RODC functionality addresses these problems:

    • Administrator role separation
    • Unidirectional replication
    • Credential caching
    • Read-only Active Directory database

    Another new feature is the Restartable Active Directory. With the Restartable AD we can stop the AD services so that we are able to apply the updates to the Domain controller or for example  do and offline defragmentation of the AD without the need of restarting the server. Because most of AD Domain controllers hosts other services, we do not impact the availability of other services like DHCP or DNS.

    When AD is stopped on a server it behaves it two ways, first the server will be in a Active Directory Restore mode, the AD database is offline, further the server behaves as it is a member server of a domain and users can still logon through another domain controller.


    If you take the combination of a Server Core, Read Only Domain Controller and Bitlocker technology you have a secured server with a limited footprint.



    Previous Posts in this series:

    Part 7: Windows Failover Cluster

    Part 6: Network Access Protection

    Part 5: Server Core

    Part 4: Server Hardening

    Part 3: Internet Information Services 7.0

    Part 2: Windows PowerShell

    Part 1: Server Management Improvements


  • Outlook 2007 PDF Previewer

    With Outlook 2007 you don't have to open Word or Excel to view an attachment in a mail. But you can use the built-in previewers.

    Foxit PDF preview handler released a pdf previewer which works with Outlook 2007 running on Windows Vista.


    Download Foxit PDF Preview



  • iPhone interface on a PocketPC

    Watch this cool video on how our Windows Mobile platform can be customized.

  • Funcast:: BI: The Mac-Guyver Techniques : SQL Server Analysis Services

    This week Gunter Staes delivered his second Funcast - about SQL Server Analysis Services.

    View Recording


    Next Session - 14/03/2007

    The next session will be held on February 28th - BI - The Mac-Guyver Techniques : SQL Server Reporting Services

    In this webcast, we introduce Microsoft SQL Server 2005 Reporting Services.  You will understand the report life cycle, and see how to create, publish, manage, and deliver reports using the new tools and features in SQL Server 2005 Reporting Services. You'll also discover tips and tricks for creating interactive reports & the integration with SharePoint.


    The registration for this session is not live yet but as soon as you can register I will post it on this blog.

  • IT-Talks UG Meeting - 10/3

    IT-Talks organizes a UG meeting about Windows Vista deployment.


    Wat: Windows Vista Deployment up close
    Zaal Classics Harelbeke
    Zaterdag 10 Maart


    • 10u00: onthaal + opstarten virtual labo
    • 10u30 – 17u30: Windows Vista Deployment up close (Spreker Manu Verzelen: IT-Talks)


    Go ahead and check their website to be a member of this UG and to join the next event.


    Technorati tags: , ,
  • TechNet Funcast: BI: The Mac-Guyver Techniques 14/3 - 21/3

    Gunter Staes will be delivering the next Funcast sessions in his BI The Mac-Guyver Techniques:

    BI - The Mac-Guyver Techniques : SQL Server Reporting Services - 14/3

    In this webcast, we introduce Microsoft SQL Server 2005 Reporting Services.  You will understand the report life cycle, and see how to create, publish, manage, and deliver reports using the new tools and features in SQL Server 2005 Reporting Services. You'll also discover tips and tricks for creating interactive reports & the integration with SharePoint.

    When: 14/3 from 16:00 - 16:40

    Register Here


    BI - The Mac-Guyver Techniques : SQL Server Analysis Services & Microsoft Excel 2007, better together

    This webcast shows how to use Microsoft SQL Server 2005 Analysis Services and Microsoft Office Excel 2007 to build an enterprise-level data analysis solution. We show you how to develop server-side business rules and unified views of business data for one version of the truth, while at the same time providing end users with simple, self-service flexibility user experience in Excel. All this to make accurate decisions quickly.


    When: 21/3 from 16:00 - 16:40

    Register Here


  • TechNet Funcast: BI: The Mac-Guyver Techniques - 04/04

    Gunter Staes delivered another Funcast SQL Server Analysis Services & Microsoft Excel 2007, better together

    View Recording


    Next he will be delivering the next Funcast session in his BI The Mac-Guyver Techniques:

    BI - The Mac-Guyver Techniques : Microsoft Office SharePoint Server 2007 - Excel Services

    The new Excel Services in Microsoft Office SharePoint Server 2007 puts Excel spreadsheet calculation and rendering on the server. Excel Services enables managed and secure distribution of Excel reports, and the ability to incorporate spreadsheets into business intelligence dashboards and portals, protect the proprietary information in spreadsheets and build custom applications with Excel-based logic. This session explains Excel Services' basic concepts and architecture in combination with Single Sign On (SSO) & Centrally managed Data Connections. After this session you will be able to understand the concepts so that you will be able to set up a Excel Services in a secure & well managed way.


    When: 04/04 from 16:00 - 16:40

    Register Here


    Technorati tags: , , ,
  • TechNet Evening: "Technical Overview of Longhorn Server"

    This week I have done a TechNet evening about Longhorn server and one of the attendees Steve Rosa made a really good and complete wrap up of what I have been talking about during this two hour session.

    Steve is new in the blogosphere he started blogging back in February and will focus on Microsoft infrastructure products, Citrix, VmWare and other things.


    Keep us informed Steve.

    Read the TechNet Evening wrap up

    Technorati tags: , ,
  • TechNet Funcast:: From Zero to provisioning in (under) 30 minutes

    A few weeks ago Paul Loonen Architect @ Avanade delivered a Funcast about MIIS and how he could provision an AD from SQL database.

    User lifecycle management using Microsoft Identity Integration Server (MIIS) is demonstrated. As such, HR information that is stored in SQL Server database will be used to manage user and group information in Microsoft Active Directory, including the provisioning and de-provisioning of such objects. It will be shown that all of this can be accomplished using a minimum of effort by leveraging the tools delivered with the MIIS platform.


    Here is the recorded webcast.

    Technorati tags: , , , ,
  • Longhorn:: 10 Reasons to look at Windows Longhorn Part 3: IIS 7.0

    This week I was preparing for my TechNet evening session about longhorn server and I was looking at what we have done with the Internet Information Services 7.0. It's more than just a webserver , it's an easy to manage, deploy and extend platform.

    Talking about IIS 7.0 to a IT Pro audience we have to mention the following improvements:

    • Unified, Distributable Configuration Model
    • Administration Tools
    • Powerful Diagnostic Capabilities
    • Modular Architecture

    Lets have a look in detail what those improvements mean:

    Unified, Distributable Configuration Model

    Say goodbye against the metabase and enjoy the easy to understand and well structured webconfig.config and applicationhost.config XML files. The config files share the same syntax of the ASP.Net configuration files, in fact the configuration of both can coexist in the same file. With IIS 7.0 we can now store the web.config file within the same location of the application or site content. Welcome to a world of Xcopy, just use the Xcopy tool to copy the configuration, content and applications from site to other web servers.

    It's easy to change the configuration of the sites,applications , just go to the configuration properties in the config file. For example you can go to the <sites> section, scroll to the site you want to change and for example the bindings from port 80 to 81.

    Another improvement many admin's will love is the delegated administration. You will be able to specify which configuration items can be changed. Open the IIS manager and go to feature delegation. There you can select which item you want and set the rights to Read Only, Read-Write or just inherit the settings. You are able to define the security  for all sites or create security settings site by site. Another tool to change to configuration of an IIS Web server is appcmd.exe. This tool can also be used to delegate the administration. 

    Here’s how you unlock the custom errors configuration for all sites:

    appcmd unlock config –commitPath:APPHOST –section:httpErrors 

    The next step in admin delegation is to define which user can administrate the website.  


    Note that configuration locking alone can’t secure your configuration system – you need to ACL configuration files appropriately.  Locking and file ACL’s together make a complete configuration security story.

    This is a great feature that many administrators and developers will love.

    Administration Tools

    In the previous section I briefly mentioned the IIS 7 manager. The complete new IIS Manager offers a new, more efficient tool for managing the web server. It provides support for both IIS and ASP.NET configuration settings.

    IIS7 supports a new command line tool for administering the server. This powerful utility makes it easy to read and write configuration values, and access site and application pool state information, all from the command prompt

    Powerful Diagnostics Capabilities

    With the built-in diagnostics and tracing tools troubleshooting has never been easier.

    One of the most important features which helps improve IIS7 troubleshooting support is the Runtime Status and Control API (RSCA), which is designed to give detailed runtime information about the server from deep within IIS7. With RSCA, it is possible to inspect and manage various entities including sites, application pools.

    IIS7’s Automatic Failed Request Trace Logging feature enables the server administrator to define error conditions for IIS to look out for. Error conditions can range from “slow” or “hung” requests, to the familiar status codes IIS sends back during error conditions like “Server 500 Error”. Once configured, if IIS7 detects an error conditions, it can automatically log detailed trace events of everything that happened during the request which led up to the error.

    Instead of seeing a terse error code, you’ll now see detailed information about the request, what potential issues may have caused the error, and how to fix it.


    Modular Architecture

    IIS has been designed to let you decide which feature you want to install. We have modularized the WebServer with up to 40 modules that can be individually installed. This also means that we can dramatically reduce the attack surface and lowering the footprint requirements.

    Because of this modularity we can deploy different servers for different roles. It will also facilitate the ability to the community to build and deploy new features.


    Additional Improvements

    • IIS 7 features all built on public APIs
      • Enable community to extend, replace, and add functionality
    • Deeper integration across IIS and ASP.NET
      • ­ASP.NET services now work for all types of applications and content
    • Native Win32 and .NET Framework APIs
      • Harness developer productivity with .NET
    • Seamless support for 3rd party extensions
      • Extend configuration, admin tool, event logging

    IIS 7 is a great web-platform and is already available for Windows Vista. You want to have more in depth information about IIS 7 go check the IIS.Net website.


    Previous Blogposts in this series:

    Part 2: Windows PowerShell

    Part 1: Server Management Improvements

  • Longhorn:: 10 Reasons to look at Windows Longhorn Part 4: Server Hardening

    With Windows Vista we've improved the security of the platform dramatically, because Windows Vista and Longhorn server share the same code base they will also share some of the security features. If we look at server hardening we can talk about how we segmented the services, boot process and binary image protection, device installation control and Windows Firewall with advanced Security.

    • Windows service hardening is key to securing Windows Server Longhorn. Compared to previous versions of windows, you’ll find that we’ve increased the number of security layers between the user and the system kernel. The first thing we've done is reduced the size of the high risk layers. This means that the amount of code that has to run at the kernel level has been significantly reduced. We wanted to remove the number if drivers running in kernel-mode for example we removed the audio and printer drivers from the kernel and let them only run in user-mode. The second thing we did is to segment the services so that not all parts of that services are running in high privileged mode but in a lower user privileged which will improve the security.
    • Windows Server Longhorn implements code integrity through something called operating system file protection. Essentially what this does is every time the system is brought online, every file that is loaded into the OS is checked against a known good state of that file. This is done through a certificate or a manifest of what the checksum of that file is, and if they don't match it will halt the system from booting and enter a recovery process.
    • The built-in Windows Firewall is another area that has been improved. The Windows Firewall with Advanced Security in Windows Server Longhorn is a stateful host-based firewall that allows or blocks network traffic according to its configuration and the applications that are currently running to provide a level of protection from malicious users and programs on a network. The advanced security functionality of Windows Firewall includes support for both incoming and outgoing traffic.
    • In Windows Server Longhorn we are giving you control over removable device installation. This addresses the concern of end users stealing enterprise information on a USB flash device. So now you will have the ability to control, through the Hardware ID of this device. You will be able to control which device can be installed or not by using group policies.

    Previous Posts in this series:

    Part 3: Internet Information Services 7.0

    Part 2: Windows PowerShell

    Part 1: Server Management Improvements