I'm trying something new here during my TechNet Event in Des Moines.  Rather than writing down the questions, I'm going to type them (which for me is faster) right into this new blog entry.  I'm connected to the Internet, so I'll post this right after the session this morning.. and then I'll have no excuse for not answering these in this post as an update later today or sometime tomorrow.

If the answers aren't here when you see this - check back later.

And - THANK YOU, DES MOINES!  You guys were a lot of fun, and asked very good questions!

-Kevin

---

Questions -

"If I have an application error - I want it reported to some other party (the company who wrote the application) or in-house team.  Can it be done?  (Is this a part of the Windows Installer, perhaps?)"

While I haven't seen any way to redirect this, I did find the MSDN page all about taking advantage of Windows Error Reporting for your own applications; so that your developers can pull reports on your applications directly from Microsoft.  "Using the WER service is like having thousands of testers reporting bugs on your company's applications." 

You, as the user of an application, should hope (or request) that the developer of your application has already plugged in to using the WER engine at Microsoft.

CLICK HERE for the details.

NOTE also that, while Microsoft doesn't charge developers for this service; we do require that the development organization have a digital certificate that we can use to verify authenticity.  There will be some cost associated with buying that certificate from VeriSign or some other reputable certification authority. 

 

"How does your PC determine it's on a new (or same) network as one you've been on before?  IP addressing may be the same - so will it think you're on the same network?"

Well, I found a lot of great articles online about what Network Awareness is, the benefits of Network Awareness, and even how to take advantage of the Network Awareness APIs if you want your own applications to be network aware and change their behaviors accordingly.  But nowhere did it say specifically how Vista is able to detect and recognize a network from a previous connection in order to allow services such as the Windows Firewall Service to apply the appropriate network profile (Public, Private, Domain).

 A coworker of mine, Dan Woodman, did a little searching in the registry and found where Windows records the different networking profiles. 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList contains "Signatures" and "Profiles" keys that appear to have the definitions of all of the networks you've connected to. 

In the Signatures information, you see the SSID for wireless networks (or some other more generically assigned name like "Network 6", the MAC address of default gateway, and a DNS Suffix (when applicable).  So.. it would appear that based on those items, the network is able to be uniquely identified and recorded for future.  There is also then a Profile GUID which then uniquely points to a key under the Profiles entry - where the network Category is defined (0 = Public, 1 = Private, and 2 = Domain).

Dan also found this article with even more detail about now Network Location Awareness works.

 

"I have programs that come up 'unclassified' and blocked at startup.  How do I fix that?"

The problem you are experiencing is a safety feature.  UAC (User Account Control) will not let programs run at startup if they require elevation.

I've been told that the workaround for this is to either take them out of startup and launch them via the task scheduler, or to convert those applications to a service.

I'll post links to specific KB or other info as I get it.

 

"What are the licensing options and subscription fees or rules for Microsoft Forefront Client Security?"

Forefront Client Security is bought as a subscription.  You buy the software on a month-by-month basis; and that's both the client security software as well as the server management software. 

The Microsoft Forefront Client Security: How To Buy site has the details, as well as an estimate on what the retail costs will be.  (The software will be available for purchase after July 1st.)

Also note - in addition to buying the standalone software, you can also get the Forefront Client Security Agent as a member of a product suite: either the full Forefront Security Suite, or the Enterprise CAL (Client Access License).

 

"When is the RTM on the SCCM?"

Currently we're looking at "Late Summer 2007" for the RTM (Release to Manufacturing) of System Center Configuration Manager 2007 - the next version of what is currently known as SMS.