I see that Mary Jo mentions that a major revision to the Microsoft Live Search 2.0 will be released on September 26th.  I can neither confirm nor deny the date (primarily as I am not on the Live team and would be making up any date I gave you ;)

At the Company Meeting last Thursday, however, I can tell you that the Live Search team gave the best demo of the day BY FAR.   One of the Product Managers came up on stage wearing a black shirt with white letters that said RELEVANCE.   He then demonstrated the awesome new features of Windows Live search relating to relevance, index size, instant answers, and some pretty sweet unannounced new capabilities (I can't wait until they go live).

  I have been playing with the beta internally, and I think it will win us some converts.  I am a big fan of the Live folks, who happen to have the most responsive team on internal discussion lists.  Whenever an employee pings the list with When I query for <whatever> on Live, the result I need is number 4 on the results page, while Google or Yahoo have it as number 1 or 2, someone on the team comes right back with an explanation for the existing result, and a description of what changes they are making to increase the relevancy for that search in the upcoming release.  My personal opinion is that search is something we are getting ready to get very very right.

I'll quit gushing now :)

So my main business computer recently switched from a Dell Desktop to an HP NC8430 laptop.  I am traveling more and more, and it is very nice to be able to log in from a local library or coffee shop and stay on top of email.  The NC8430 has a TPM chip (allowing me to run BitLocker Drive Encryption), so I do not lose sleep overnight that a lost or stolen laptop will leave me responsible for a Microsoft loses information on 50,000 customers headline.  I did not notice a slowdown on the computer after enabling Bitlocker, which makes the full volume encryption ever so much more palatable.

The other neat feature of the NC8430 (being a business-class laptop) is that it has a built-in Smart Card Reader, meaning that I do not need to carry around a long external smart card reader when VPN-ing into work.  I just pop my card in the side and connect right up.  Quite convenient. 

I ran into an interesting question from a former co-worker of mine recently relating to smart cards.  He accepted a position close to where he grew up as a Network Admin for the Army base there.  The military, for the most part, has switched their logins away from username/passwords to Smart Card login.  After having done so, my friend was running into an interesting problem.  He could authenticate to the domain with no problems using his Smart Card, but could not join any computers to the domain.

The dialog box indicates User ID/Password or Smart Card. If we use a username/password combo, all is well. If a smart card is used, then an error is displayed on the Windows XP Professional workstation stating the following:

“Logon failure: Unknown user name or bad password”

A netmon capture revealed the following:

NETLOGON: LMT Token = WindowsNT Networking
NETLOGON: LM20 Token = OS/2 LAN Manager 2.0 (or later) Networking
NETLOGON: Unknown Type
NETLOGON: Opcode = 0x0019

I pinged an internal Discussion List for the solution, which turned out to be:

XP doesn't support domain join via Smart Card -- Vista does though.

Moral of the story... before you wholesale replace the authentication mechanism for your domain... set up a lab environment to make sure that everything works as you expect it to.  Unfortunately for my friend, this change was made before he was hired.

While the marketing folks trumpet the "flashy" new features of Microsoft releases, sometimes it is the engineering under the hood that makes the biggest difference in day-to-day operations (such as the added support for joining computers to domains with Smart Cards).

More information on Smart Cards:

• Microsoft Smart Card Reference Guide
• The Smart Card Deployment Cookbook

Ran into an interesting issue when trying to upload a spreadsheet from Excel 2007 into SharePoint 2007.

To do so, you would normally click on Site Actions --> Create --> Import Spreadsheet.  In the past, I have found this to be the easiest way to create and populate a SharePoint List.  however, when doing so today, I got the following:

Import to Windows SharePoint Services list

Method 'Post' of object 'IOWSPostData' failed.  ?!?!?!

Fortunately, I found the solution over on Travis' blog.

Importing lists from Excel 2007 returns a Method 'Post' of object 'IOWSPostData' failed dialog. Again, not really a problem with WSS 3.0 but rather the result of a failed Application.SharePointVersion() call in the Excel Add-In which results in Excel attempting to use the IOWSPostData.Post() method to publish the Excel range which is used with SharePoint Team Services 1.0. By forcing the version lookup result variable to 2 or greater, Excel will use SOAP to communicate with WSS 3.0 and the publish request will be successful. To make this change, open the Excel Add-In EXPTOOWS.XLA locate in C:\Program Files\Microsoft Office\Office12\1033 by default*. Press Alt+F11 to display the Visual Basic code editor and search (Ctrl+F) for the line lVer = Application.SharePointVersion(URL). Comment out that line with a single quote and add the line lVer=2 so your Intialize() method should now look like this:

Sub Initialize(List, Title, URL, QuickLaunch)
    strQuickLaunch = QuickLaunch
    aTarget(iPublishURL) = URL
    aTarget(iPublishListName) = List
    aTarget(iPublishListDesc) = Title
    'lVer = Application.SharePointVersion(URL)
    lVer = 2
End Sub

If the Application.SharePointVersion(URL) method is successful then lVer for WSS 3.0 will equal 3. Save your changes and try importing your list in to WSS 3.0 again.

*Note: If you are using 64-bit Windows, the XLA file is actually under: C:\Program Files (x86)\Microsoft Office\Office12\1033\. If you are running Windows Vista, you will need to run Excel as administrator in order to save the modified file back.

After doing so, I am now able to import a spreadsheet into a SharePoint list with no problems.  Huzzah!

That having been said, I now see that there is an Excel Add-on that will specifically allow for two-way-synchronization between spreadsheets in Excel and Lists in SharePoint.  In fact, I blogged about it previously (maybe I should ready my own posts!).  After installing the add-in, there is a new "Export Table to SharePoint List" option in Excel:

The resulting table in SharePoint is actually an Access Web Datasheet as opposed to a SharePoint List.  It works great as a datasource (especially with the two-way synchronization), but is plug-ugly for customer-facing lists.

Depending on your needs (whether you need a datasource or a customer-facing list), you may use either of the options above.  Enjoy!

Are you a starving student?  Would you like a copy of Microsoft Office 2007 Ultimate for cheaper than MS Employees can pick it up at the Company Store?

I honestly think that Office 2007 is the best product we have released in a long time.  I am a student myself, and Office 2007 makes it incredibly easy to make awesome looking documents.  It also makes Bibliographies and Works Cited a snap... you enter your references into Word, and then just pick the format (MLA, APA, etc) and it will generate your bibliography on the fly.  Need to change format? Just select a different format and you are all set to go.

OneNote is also killer for taking notes and doing research.

I really am trying to stay away from marketing/press release type postings, but this is a killer deal.

http://www.theultimatesteal.com

What's included in Office Ultimate 2007

• Access 2007
• Accounting Express 2007
• Excel 2007
• InfoPath 2007
• Groove 2007
• OneNote 2007
• Outlook 2007 with Business Contact Manager
• PowerPoint 2007
• Publisher 2007
• Word 2007

Official Press Release:

As part of Microsoft Corp.’s commitment to education, the company is introducing a promotion inviting students who are actively enrolled at educational institutions and have a valid e-mail address from the institution to purchase Microsoft® Office Ultimate 2007 at a student price of $59.95 (U.S.). “The Ultimate Steal” promotion will run in Canada, the United Kingdom and the United States starting today and in France, Italy and Spain starting Sept. 20, 2007. The promotion will end April 30, 2008.

Office Ultimate 2007 is the premium Office suite and provides students with a comprehensive set of tools that can help them create high-quality documents, gather and consolidate lecture notes and other information, stay organized, find what they are looking for quickly, and easily collaborate with colleagues and professors across geographical boundaries.

“We’re listening to students who have told us they need Microsoft Office for their studies and want more flexible ways to get the latest version,” said Alan Yates, general manager of Worldwide Education at Microsoft. “We’re committed to providing accessible and affordable technology to students so they can meet their academic goals. The Ultimate Steal is the latest in a long history of providing compelling academic offers for students.”

Authentication is an interesting component of network security.  In order to be granted (or denied) access to a resource, a user must be uniquely identified. In other words, a user must be able to prove that they are who they say they are. 

This is critical in a business (and elsewhere) so that (amongst many reasons); confidential information is displayed only to users with permission to view the information, logs can affirmatively identify who has accessed specific data files, banks can ensure that the person requesting a funds withdrawal is on the list of approved users for the bank account, etc.

Authentication is separate from Authorization, which determines what an authenticated user is allowed to access.

Typically, authentication is based off of one or more of the following:

• Something you have (Smart Card, Token, etc)
• Something you know (Password, PIN, etc)
• Something you are (Fingerprint, DNA, Retinal Patterns)

Authentication must be able to uniquely identify a user, using a shared secret.  The key word being secret...  Once your authentication credentials are no longer secret, they can no longer uniquely identify a user.  A password that is written on a sticky note and placed under a keyboard is no longer secret.  A smart card that is lost is no longer secret.

In this post, I would like to cover the last one.  Many new laptops are coming with Fingerprint readers that will allow you to log onto your computer without a password.  Just swipe your finger over the reader and you are logged in.

Great for convenience, horrible for security.  They work fine for Joe Home User with a computer used to store pictures of Fluffy the Cat, but should NEVER be used as the sole method of authentication in an enterprise environment.

You see, fingerprints are not secret.  You leave them around everywhere you touch.  Your "secret" is on your keyboard, on your iPod, on your door handle, on your table, on your car.  It is a relatively trivial task to lift a fingerprint and reproduce it.  Put that reproduction on a gummy bear or some ballistics gel, and as Mythbusters showed... you can now "authenticate" to most fingerprint scanners on the market.

There are a few other problems involved with using fingerprints as authentication...

• They work just as well separated from their owners as they do when attached
• Your options for revoking a fingerprint are quite limited
• Your options for replacing a fingerprint are nonexistent

The solution?  Multi-factor authentication.  Use a smart card with a PIN.  The certificate on the smart card can be revoked if compromised, and the PIN can be changed.  A token along with a password will only allow login with both factors present.  Even passwords and passphrases are quite secure.  You can read more than you ever wanted to know here. 

• High School French and  Real French are two different languages
• Everyone smokes
• Everybody drives a Peugot, a Renault, a SAAB, a Mercedes, or an Audi.  Even the taxis.  I have not seen an American or Japanese automobile yet.
• Foie Gras is not as good as everyone said it would be
• Cheese is offered with everything
• Charles de Gaulle Airport is ridiculously huge. 12.5 square miles.
• Ordering food is a crapshoot
• Dark Chocolate goes very well with espresso
• Food portion sizes in the US are really out of control
• The French do dessert right
• Bottled water comes "Wiz Gas" or "Wizout Gas"

If you are a standard user, the following post will not help you, but if you are a power user with multiple Windows Vista Keys sitting around from MSDN, TechNet, Betas, Roadshows, Retail...

You may run into the problem (when flattening and rebuilding a box) of not knowing WHICH key (from your drawer of installation media and keys) goes with which computer.  If you have not yet formatted the box (and the OS in question is Vista, simplly pull up a command prompt and type slmgr -dlv

This will cause the Software Licensing Service to pull up up a nice view of your current license information, amongst which is a partial Product Key.  That should help you find the right key for the right computer, so you don't have to call up the licensing number and explain why your Vista installation is changing hardware.  Good times!