Great trick to use when creating a presentation in PowerPoint. 

If you start out when planning your presentation by just firing up PowerPoint and adding slides, it can be difficult to keep track of the overall flow of the presentation.  If only you could create an Outline in Word, and then automagically have that outline turned into a presentation!

You can. :)

In Word 2007, click on the "View" tab, and then  on the "Outline" document view.

Next, create an outline of your presentation. Level 1 in the outline will become slide titles, and Levels 2,3,etc will become the content of the slide.

Now... If you were using Word 2003, the option we need would be under File --> Send To --> Microsoft Office PowerPoint.  Unfortunately, this option was not used enough in Word 2003 to make it to the ribbon.  We'll have to manually add it to the Quick Access Toolbar.

So, in Word 2007, hit the drop down next to the Quick Access Toolbar (titled, appropriately enough, "Customize Quick Access Toolbar".

Choose "More Commands", and then select "All Commands" under "Choose Commands From".  Scroll all the way down to "Send to Microsoft Office PowerP...", select that option, and hit the "add" button.

Now, our Quick Access Toolbar has the "Send to Microsoft Office PowerPoint button added.  Click it.

PowerPoint will fire up and create slides right from our outline.  Change the theme and you are ready to start presenting!

Fedora 9 was released last week, which you can download here: http://fedoraproject.org/get-fedora.html.  What's new?  Highlights from the release notes include:

• GNOME 2.22. GNOME now includes a webcam photo and video creation utility called Cheese, improved network filesystem support, a new international clock applet, Google Calendar support and custom email labels in Evolution, a new Remote Desktop Viewer, improved accessibility features, and PolicyKit integration.

• KDE 4.0.3

• Xfce 4.4.2

• NetworkManager 0.7 provides improved mobile broadband support, including GSM and CDMA devices, and now supports multiple devices and ad-hoc networking for sharing connections.

• The Fedora installer, Anaconda, now supports partition resizing for ext2/3, NTFS filesystems, creating and installing to encrypted file systems, improved Rescue Mode with FirstAidKit, independent locations for the second stage installer and the software packages. A redesigned, larger netboot.iso image now features a second stage installer partly for this reason.

• PackageKit, a new set of graphical and console tools, with a framework for cross-distribution software management, has replaced Pirut in this release of Fedora. The PackageKit graphical updater is available instead of Pup. Behind PackageKit, the performance of yum has been significantly improved.

• Ext4, the next version of the mature and stable ext3 filesystem is available as a option in this release. Ext4 features better performance, higher storage capacity and several other new features.

• This release of Fedora uses Upstart, an event-based replacement for the /sbin/init daemon.

• Firefox 3 brings a number of major improvements including a native look and feel, desktop integration, the new Places replacement for bookmarks, and a re-worked address bar.

• OpenOffice.org 2.4, with many new features, is available as part of Fedora 9.

• Fedora 9 features a 2.6.25 based kernel.

• Kernel crashes can be more automatically reported to http://www.kerneloops.org/ and diagnosed in a friendly way via the kerneloops package installed by default. Crash signatures are commonly referred to as oopses in Linux.

• Work on the start-up and shutdown in X has yielded noticeable improvements.

Will this be the installation that "Just Works" out of the box?  Nope.  Same problem that Ubuntu 8.04 has within Virtual PC... "An unrecoverable processor error has been encountered.  The virtual machine will reset now."  Good times!

Fortunately, from our work with Ubuntu, we know the solution.  On the main boot screen, hit [Tab] to edit the options. Add noreplace-paravirt to the end of the boot parameters, and hit enter.

There we go... Fedora is able to boot the kernel and start up anaconda.  The problems I noted in my previous Fedora Posts (Fedora Core 6, Fedora 7, and Fedora 8)  of no mouse and messed up graphics seems to have been fixed.  Very Nice!

Stepping through the installer options is relatively plain-jane, until you get to the hard drive partitioning screen.  Is that an "Encrypt system" checkbox I see?  Why, yes it is!  I am guessing that this is a Bitlocker-esque feature, although I can't make heads or tails of how exactly this feature works on the Fedora Encrypted Filesystem Support page. Enabling the feature is easy enough, you just check the box and enter a passphrase twice. 

Does it work with a TPM? Backup to a USB key? Escrow your key into your LDAP directory for safekeeping?  Beats the heck out of me... I wasn't ever prompted for anything relating to those safeguards.  I don't even know what encryption algorithm it uses.

After hitting "Next" a few more times, Fedora finishes installing with no problems.  After rebooting, however, unless you are SUPER-quick on the keyboard, you will hit the unrecoverable processor error. You'll need to hit any key, and then "a".  As before, add noreplace-paravirt to the end of the boot parameters, and hit enter to continue booting.

As mentioned before, I chose the option to encrypt my boot drive.  The screenshot below is the highly intuitive user interface asking me to enter my passphrase.  What else could "Enter LUKS passphrase for /dev/sda2" possibly mean?

Finally... the hallowed Fedora boot screen.  Looks pretty nice!

After a final few questions (creating user, re-confirming my time preferences), I am asked to send my Hardware Profile to Fedora.  This is actually a great idea!  Perhaps if enough people send a profile showing that they are running on Virtual PC/Virtual Server, some of these silly bugs requiring workarounds (such as Fedora 8 requiring "i8042.noloop" and Fedora 9 requiring "noreplace-paravirt") could be fixed before the OS releases.  Heck, Virtual PC is free.  No incremental cost is involved in adding it to the test matrix!

After logging into the desktop, and checked for updates.  A mere 5 days after release, there are already 22 bug fixes and 4 security updates, including a network-exploitable remote memory leak in the kernel.  Good times.

Looking around, it seems that I must have missed the option during the initial install of the OS to include KDE, which I prefer to Gnome.  To be honest, I have absolutely NO idea where to install KDE once Fedora is up and running.  I went into Administration --> Add/Remove Software, but it finds no software at all to install.  You would think it has something to do with the Repository Sources, but my only options there are various Fedora ones. (Fedora 9 - i386, Updates, etc). 

According to the Software sources help, "At this time, PackageKit does not offer a way to add new repositories to your system.  It only allows you to enable or disable known repositories".

Oh well.  No KDE for me.

Other than that, Fedora seems quite plain-jane (as I mentioned earlier with the installer).  The simplicity is nice, but nothing really stands out that would make anyone want to switch from Vista (or Ubuntu, or Mac OS X).  I wonder if this is a side effect of the fact that Red Hat is leaving the desktop Linux business.

One final reminder... to make sure that you do not have to enter the noreplace-paravirt each time you boot up, go edit your /etc/grub.conf file to add that parameter at the end of the line that looks something like kernel /vmlinuz-2.6.25.3-18.fc9.i686 ro root=dev/VolGroup00/LogVol00 rhgb quiet.  If you ever update your kernel, you'll have to do it again.  Oh well... maybe Fedora 10 will fix this issue.  I'll keep my fingers crossed...

I was playing around with Trika's skydrive (wait a minute, that sounded better in my head)... and see that she has uploaded three very nice looking posters showing the various courses, tests and certifications available for SQL Server 2008, Visual Studio 2008, and Windows Server 2008.  Apparently she was running short on green by the time she got to the Windows Server 2008 poster...

Download the PDFs here: http://cid-17971e0c952a3d0a.skydrive.live.com/browse.aspx/MSFT_Certification

I see over on Matt's blog that MBSA 2.1 has been released, with the following new features:

• Windows Vista and Windows Server 2008 compatibility
• New revised user interface
• 64-bit support
• Improved Windows Embedded support
• Compatibility with Microsoft Update, Windows Server Update Services 2.0 and 3.0, the SMS Inventory Tool for Microsoft Update (ITMU), and SCCM 2007.

What is MBSA 2.1?

Microsoft Baseline Security Analyzer (MBSA) 2.1 is an easy to use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common administrative vulnerabilities and missing security updates on your computer systems.

What new features are included in MBSA 2.1?

MBSA 2.1 provides full support for the latest Windows Update Agent (WUA) clients installed by Microsoft Update and Windows Server Update Services (WSUS) servers. MBSA 2.1 also provides an updated graphical interface for Windows Vista and Windows Server 2008, full-64-bit installer, MBSA tool and vulnerability assessment (VA) check support, as well as revised and updated VA checks for SQL Server 2005 and Windows XP Embedded platforms.

Download here: Microsoft Baseline Security Analyzer 2.1

Read the FAQ here: MBSA 2.1 Frequently Asked Questions

Read more about MBSA here: Microsoft Baseline Security Analyzer Home

Just a random bit of knowledge to share here :)

If you open the Advanced Attributes of a folder (right-click on it, choose properties, then click Advanced...), you have the option at the bottom of the window to either compress the contents to save disk space, or encrypt the contents to secure data.

Judging by the check-box options instead of radio buttons, you might think that you can select both options, but you cannot.  Bad UI aside, why is this?

According to Wikipedia's article on File Compression (http://en.wikipedia.org/wiki/File_compression):

Lossless compression algorithms usually exploit statistical redundancy in such a way as to represent the sender's data more concisely with fewer errors. Lossless compression is possible because most real-world data has statistical redundancy. For example, in English text, the letter 'e' is much more common than the letter 'z', and the probability that the letter 'q' will be followed by the letter 'z' is very small.

<snip>

However, lossless data compression algorithms will always fail to compress some files; indeed, any compression algorithm will necessarily fail to compress any data containing no discernible patterns. Attempts to compress data that has been compressed already will therefore usually result in an expansion, as will attempts to compress encrypted data.

So... compression algorithms work their magic by finding redundant data, and replacing the redundancy with a smaller bit of data that can be expanded out to represent that redundant data (yes, the word "redundant" was quite redundant in the previous sentence).  However, data that has been encrypted by a good encryption algorithm should be indistinguishable from random data. 

If there are redundant patterns in the encrypted file, the encrypted data may be subject to cryptanalysis techniques such as Frequency Analysis.  The Encrypting File System (EFS) within Windows uses FIPS 140-evaluated Microsoft Cryptographic Service Providers,so your encrypted data is safe.  Attempts to compress this encrypted data would actually cause the file size to INCREASE.  Good times!

Read more about the Encrypting File System and associated best practices here and here.

It looks like we have posted nearly 17 hours of training videos for enterprise search on TechNet. The presentations provide details about key enterprise search capabilities in Microsoft Office SharePoint Server 2007.

• Module 1: Workshop Overview
• Module 2: Enterprise Search Overview
• Module 3: SharePoint Search 2007 Walkthrough
• Module 4: Search Architecture and Deployment Scenarios
• Module 5: Crawl and Query Processes
• Module 6: Relevance Ranking
• Module 7: Customizing the End-User Experience
• Module 8: Developing Search Solutions
• Module 9: Business Data Catalog Search
• Module 10: Extensibility and Integration for Search
• Module 11: Search Administration
• Module 12: Security for Search
• Module 13: Performance Scalability and Capacity Planning for Search
• Module 14: Search Operations

As I mentioned in an earlier post, the recently released Microsoft Operations Framework (MOF) v.4 is extraordinarily helpful from a practical standpoint in running your IT organization.  I'm glad to see that they just released the job aids and templates that accompany the documentation available with MOF.  From the Microsoft Operations Framework Job Aids page:

Microsoft Operations Framework 4.0 is designed to help IT professionals quickly access useful, relevant content. It contains practical guidance—not just theory—and its streamlined approach makes it possible to use either the entire framework or one process from a particular service management function (SMF).
In a similar fashion, these job aids are intended to provide tools that IT professionals can put to immediate use. Job aids are most often in the form of templates and examples; these items can be tailored to meet the needs of specific organizations and activities.
The job aids are packaged by MOF phase, so IT pros can choose the tools that are likely to be most useful given the task at hand. Here is a list of what is available within each package:

• Manage
  • Change Management Forward Schedule Template
  • Request for Change Template
  • Risk Template Tool
• Plan
  • Operating Level Agreement Template
  • Operations Level Agreement
  • Privacy Policy Sample
  • Service Level Agreement Template
  • SIP Service Catalog Sample
• Deliver
  • Functional Specification
  • Migration Plan
  • Site Deployment Project Plan
  • Test Cases Workbook
  • Test Plan
  • Test Specification
  • Training Plan
  • Vision Scope
• Operate
  • Incident Management Ticket Template
  • Operations and Services Description Template

This collection of job aids will be expanded on an ongoing basis, supplying tools for IT professionals to use throughout the IT service lifecycle.
Send questions or feedback to us directly at mof@microsoft.com

Download the job aids here.

The latest version of the links below can be found here, or download a PDF version here.  Don't ask me where they got that US-Army-looking-font in the PDF... it probably wouldn't have been my first choice ;)

One of the best parts of working at Microsoft is the amazing discussions and debates that take place on our internal Discussion Lists.  A few months ago, the greatest security minds at Microsoft were undergoing a hot and heavy debate on Security by Obscurity.  Does it make sense to rename the Administrator account?  Change the listening port for well known services such as SQL?  In the midst of my debate, I courageously joined the discussion with my opinion...

"Hey!  This debate would make for a great story in TechNet Magazine!"

One thing led to another, their people talked to... someone else's people, and before you knew it... Voila!  Roger Grimes, Jesper Johansson, Steve Riley, and Aaron Margosis are duking it out in the cover story of the June TechNet.  Good times!

June 2008

Security: The Great Debate: Security by Obscurity

Security by obscurity involves taking measures that don't remove an attack vector but instead conceal it. Some argue that this is a bad practice while others claim that as part of a larger strategy, every bit counts. The debate is quite heated, and some of our finest security experts face off, explaining security by obscurity and presenting both sides of the debate. Jesper M. Johansson and Roger Grimes

Security: New Elevation PowerToys for Windows Vista

Michael Murgolo is back with an update to his Elevation PowerToys. You'll find enhanced Run as Administrator functionality that works with third-party scripting tools, a way to replace a handy Windows XP feature removed from Windows Vista, and many more useful tools. Michael Murgolo

Security: Advances in BitLocker Drive Encryption

Windows Vista SP1 and Windows Server 2008 introduce important changes to BitLocker, including support for data volumes and improved protection against cryptographic attacks. Byron Hynes explores the new features, demonstrates how to use BitLocker on a server, and discusses some of the recent media coverage affecting BitLocker. Byron Hynes

Security: Application Lockdown with Software Restriction Policies

When you want to reduce the total cost of ownership of the desktop machines in your organization, application lockdown can be a great help, letting you limit IT issues related to unsupported applications. See how you can use software restriction policies and Group Policy to control the applications being run throughout your IT infrastructure. Chris Corio and Durga Prasad Sayana

Security: Managing the Windows Vista Firewall

The recent update to the Windows Vista Firewall offers some impressive new features that make it a compelling choice for the corporate environment. Jesper Johansson gives a brief overview of the evolution of the Windows Firewall and delves into enhancements—such as new rules and profiles, domain isolation, and encryption—that will have administrators taking a closer look. Jesper M. Johansson

Security: Secure E-Mail Using Digital Certificates

Secure Multi-Purpose Internet Mail Extensions let you hide information in transit, validate senders, and authenticate messages. Learn how to secure e-mail using digital certificates and how to troubleshoot problems you may encounter on your S/MIME system. Matt Clapham and Blake Hutchinson

Wow.  Microsoft Research's WorldWide Telescope must be seen to be believed.  Make sure your kiddoes are handy, because they will love this.

Experience it here:

http://worldwidetelescope.org

A picture is worth a thousand words...

"An unrecoverable processor error has been encountered.  The virtual machine will reset now."

It looks like Ubuntu isn't the only one with this problem... Fedora 9 releases tomorrow and according to this post, it has the same error in Virtual PC.  Whatever happened to Linus' Law? (given enough eyeballs, all bugs are shallow).  I guess enough eyeballs writing kernel code are not doing so on Virtual PC.  ;)

Fortunately, the fix is covered in the comments (and summarized by Robert) from Arcane Code's excellent article, aptly named Installing Ubuntu 8.04 under Microsoft Virtual PC 2007.

Using guidance from a number of participants on this blog I’ve successfully managed to install Ubuntu 8.04 on two separate PC’s running VPC 2007 and I have it running at 1152 X 768 @ 55Hz with working sound.

The notes below are nothing original, they are just summarized from previous entries and maybe clarified.

To get the CD to load,
Press F4 to select an alternate starting mode. When it pops up, change to Safe graphics mode and press Enter.
Select F6 and add “noreplace-paravirt” to the end of the command line and press Enter.
Now pick “Try Ubuntu…” (should already be selected) and press enter. Do NOT pick the Install Ubuntu option,

Once Ubuntu is loaded from CD, select install from the desktop and it’ll build the system on the VPC disk.
After you press restart, it just kind of hangs there. I shut the VPC session down and told it to save state, then started it again and it booted fine.

Once it gets to GRUB, interupt the boot and add the “noreplace-paravirt” to the kernel boot line.

1. Press “esc” while grub is visible.
2. You should now see 3 entries to select from. Leave the first one “Ubuntu 8.04, kernel 2.6.24-16-generic” selected and press “e”.
3. On the next page, select the second entry that reads “kernel /boot/vmlinuz…” and press “e” again.
4. You will see a command line that ends with “xforcevesa”. Hit “space” and add “noreplace-paravirt” (without the quotes) to that line and press “enter”.
5. You are now back at the previous selection screen with the entry “kernel /boot/vmlinuz…” still selected. Now press “b” and it should boot correctly.

Once Ubuntu has loaded, open a terminal window (Applications. Accessories, Terminal) and on the command line enter “sudu nano /boot/grub/menu.lst”
Enter your password and page down to near the bottom and locate the “kernel /boot/vmlinuz… in the “Ubuntu 8.04, kernel 2.6.24-16-generic” section

Move the cursor to the end of the line after xforcevesa and add “noreplace-paravirt” (no quotes)
Ctrl + O to write out, enter to accept the name, Ctrl + X to close

While you’re editing, you might as well fix the sound while you’re at it.

sudo nano /etc/rc.local

At the end of the # lines, but before “exit 0″, type on a new line (again without quotes) “modprobe snd-sb16″
Ctrl + O to write out, enter to accept the name, Ctrl + X to close.

Reboot Ubuntu. The reboot should be clean, and the sound icon should come up without an error indication.

Screen size is a little tricky. Go to http://arcanecode.wordpress.com/2008/04/07/installing-ubuntu-804-beta-under-virtual-pc-2007

Find the entry from pb dated April 27 and cut the xorg.conf file from this entry and past it into the Ubuntu text editor. (Applications, Accessories, Text Editor). Save the file as xorg.conf in your user folder.

Open a terminal window.

Backup the old version of xorg.conf
sudo cp /etc/X11/xorg.conf /etc/X11/xorg.conf.backup

Copy the new one you created to the same location
sudo cp xorg.conf /etc/X11/xorg.conf

Reboot.

When Ubuntu reboots, your get a black screen with a X in the middle, then you’ll get a dialog message to saying “Ubuntu is running in low graphics mode, screen and graphics card coud not be detected”.

Take the option to configure graphics mode.
In the drop down where it says plug & play, select “Monitor 1280 X 1024″.
Select 1280 X 1024 @ 60Hz as your resolution.
Select Test
You should get a larger ‘gray’ window with option to keep the confguration. Select the option to keep it.

Ubuntu will start as normal and will be exactly the same size as before. Before you reboot, take alook at /etc/X11/xorg.conf …. it’s not the one you just created. Creating the new one appears to force Ubuntu to create a new one with more options.

Reboot again and you shold have a Ubuntu session runing at 1152 X 768 @ 55Hz.

Last couple of things…. in System, Preferences, Sound, set the playback options to ALSA. It’s pretty crappy but works better than OSS and certainly better than Auto detect which generates a stream error when you try to play MP3’s or movies.

Whew!  That's a lot of text.  I'll leave you with the new Ubuntu desktop background, which is pretty cool in a orange-brown-must-be-the-new-black kind of way.

I have been agonizing over this post for the last week and a half. I do my best in this blog to not post entries designed just to make me look smarter... I hope that you can use these posts to make your life easier, do your job better, and maybe have some more time to spend with the kiddoes.  This particular post is about the release of MOF (Microsoft Operations Framework), one of the best kept secrets at Microsoft. However, most of the announcements about its release that have come out in the last week have been (necessarily) acronym/buzzword-heavy.  From the release announcement on the MOF blog:

The practical guidance in MOF 4.0 features processes; governance, risk, and compliance activities; management reviews; and best practices from Microsoft Solutions Framework (MSF). Finally, to ensure industry alignment, MOF 4.0 supports the best practices found in frameworks such as ITIL, CoBIT, and ISO 20000.

Best Practices was used twice in two sentences there, so you know this must be something that piques my interest :)  I will try to ensure that I answer the question "Why do I care?" in the post below.  In short, as you/your company/your network progress in maturity from a few computers in a workgroup to a network with a helpdesk, change management policies, and alignment to the business; wouldn't it be helpful to have a guide with the best practices in establishing these functions?

Enter... MOF.  As you can see in the graphic below, MOF touches on quite a bit.  If you are the CIO/CTO of a company, it is possible that you will have experience with all of the areas below.  If you are Joe IT Pro, it is likely that you only work in one particular area.  Wouldn't it be helpful if there was a guide you could read in 20-30 minutes that would let you know the Roles, Responsibilities, and Deliverables of any particular function within a well-run IT organization?

Whereas the previous version (v.3) of MOF went into an AMAZING amount of detail about people and process, the Service Management Functions (SMFs) of MOF v.4 are designed to be read in a relatively short amount of time, and give you everything you need to start working in that area. You no longer need a PhD in Organization Psychology, or a Master's in Project Management to start working on a project or planning for risk.

Why do you care?  That entirely depends on your experience, what change initiatives are underway in your company, and where you may fit within those initiatives.  I'll tell you why I care... Recently, I have been working with a number of Junior Project Managers.  While they had worked on "projects" before, they did not have a knowledge of formal project management methodologies, such as those used by the Project Management Institute.  While different project management methodologies name their phases differently, the basic progression is the same.  For reference, the PMI and MOF phases are as below:

I decided to dive into the "Deliver" phase of MOF to level-set my PM on my expectations for project processes and deliverables.

Rather than have my new PM start by reading the Project Management Body of Knowledge (PMBOK) (which could cure the most severe case of insomnia), I had her read through the MOF documents for Envision, Plan, Build, Stabilize, and Deploy.  Each document introduced her to key terms used in a project.  For example:

At this point, we had a common language to discuss the progress of the project.  Next, the document provides useful reference diagrams walking her through the creation and approval of various deliverables.  We now have a good understanding of what documents (Vision/Scope, Functional Specification, Master Schedule, etc) I would expect at which phase of the project, along with who is responsible for each deliverable, and what approvals are needed at each milestone.

At each step of the way, activities and processes list Best Practices to follow.

Best practices:

· Establish fixed schedules. Internal time limits (time-boxing) keeps the project team focused on prioritizing features and activities.

· Use bottom-up scheduling. Estimates for IT projects should be made by those who will do the work. Bottom-up estimating provides better accuracy, accountability, and team empowerment. The result is a schedule that is fully supported by the entire project team.

· Prioritize by using risk-driven scheduling. Risk assessment by the team identifies which features are riskiest. Problems requiring major changes to the architecture can be handled earlier in the project, thereby minimizing the impact to schedule and budget.

Add buffer time to project schedules to permit the team to accommodate unexpected problems and changes. The amount of buffer to apply depends on the amount of risk. By assessing risks early in the project, the likeliest risks can be evaluated for their impact on the schedule and compensated for by adding buffer time to the project schedule.

Finally, we finish up with a review of the key questions that need to be answered, along with the inputs and outputs.  It does not get any simpler than this.

Best of all, MOF is free.  And Awesome.  You can read it online here: http://technet.microsoft.com/en-us/library/cc506049.aspx or download in Word format here: Get the Microsoft Operations Framework 4.0.  The MOF team has also setup an online forum here: http://forums.technet.microsoft.com/en/MOF4/threads/

MOF guidance is contained in 23 documents:

• The MOF 4.0 Overview describes all of the MOF content and its goals. It is the ideal starting place for someone new to the framework or an executive looking for the big picture.
• Four MOF phase overviews have been written primarily for IT managers and directors seeking a better grasp of IT service strategy. The overviews provide an introduction for the phase, describe the service management functions contained within, and detail the management reviews performed during the phase.
• Sixteen SMFs contain specific activities and workflows designed primarily for the IT professionals who will be implementing the activities.
• A glossary gives definitions of terms used frequently in MOF.
• A spreadsheet maps earlier versions of MOF to version 4.0.

I have only scratched the surface of what is included in MOF.  If there is any particular aspect of MOF that you would like me to dive into, please post in the comments and I will write a follow-up post. For other perspectives:

Techlog overview of the MOF announcement

System Center blog MOF announcement

To watch the on-demand Day 2 keynote webcast, click here:  mms://wm.microsoft.com/ms/msnse/0804/33036/MMS2008-Day2-Keynote-bradand.wmv

It's that time again!  Wife's away, and I'm installing Linux distros for fun.  :)  Feel free to click on any of the images below to see them at full size.

Our friends at Novell recently released the second beta of OpenSuse 11 (although all the screenshots in this post are from Beta 1.  It took forever to download, and I am not going to re-download for a beta rev :)  As the installer reminds us, this is a beta.  Expect no support!

You can see what has changed since 10.3 here, although the highlights are:

• Linux 2.6.25, AppArmor 2.3, Xen 3.2.1 RC1
• Alsa 1.0.16
• glibc 2.8 branch
• binutils 2.18.50 SVN
• gcc 4.3 branch
• gdb 6.8
• Perl 5.10
• ConsoleKit 0.2.10
• CUPS 1.3.7
• D-Bus 1.2.1
• NetworkManager 0.7 SVN
• PackageKit 0.2.0
• PolicyKit 0.7
• PulseAudio 0.9.10
• Samba 3.2pre2
• X.org 7.3

• themed installation
• rpm payload switch to lzma (results in smaller rpm packages)
• DVD uses images for installation (speed-up)
• new installation work flow
• libzypp uses a new much faster solver
• German language support on CD media
• Sax2 and YaST Qt frontend are ported to Qt4

The themed installation is quite pretty, and you can't go wrong with Qt.  Suse is also the only distro I have found that JUST WORKS with Virtual PC.  No funky kernel arguments needed for the mouse to work and the graphics to display properly.  They are also not shy about using color in their installer.  Kudos!

For your desktop, OpenSUSE gives you the choice of GNOME, KDE 3 or 4, or XFCE (along with the naked look, if that is your ball of wax).  I have always been partial to KDE, and version 4 adds some neat new features (it has also been ported to QT, uses less memory, and is faster)

Flash, Java, and Acrobat are installed by default, which should probably help with the girlfriend Linux acceptance factor when Youtube comes into the equation.

I wonder where they got the icon for their music package installation screen?  It looks remarkably similar to the much-better-looking iTunes logo... 

I'm just saying...

After finishing the install, I ended up with a strange kernel initialization error of some sort.  Urrrggghhh.  I downloaded the CD (rather than the DVD) of beta 2 (as it did not require BitTorrent).  The rest of the screenshots are from the beta 2 CD.  Even after installing, the Desktop looks very similar to the LiveCD, which may be a side-effect of installing from the CD instead of the DVD.  In any case, KDE4 has some new widget thing.  I did not like widgets from Konfabulator, I did not like them from Apple, I did not like them in Vista, and I do not like them in OpenSuse.  The stupid fade effect in the "Add Widget" dialogue box is particularly egregious.  Bleh!

Shortly after closing the widgets, I got to see OpenSUSE's crash handling system.  I have to admit, I like the one in Vista much more.  It is less obtrusive, and keeps a log of old problems, so that if a fix is ever found in the future, you are notified.  As far as I can tell, this crash handler does not even have a "Send to KDE" button that will submit the dump to KDE. 

In a BIG UI step-up from other distributions such as Ubuntu, OpenSUSE labels its applications in plain English ("Web Browser", "Word Processor", etc).  In the land of Linux, where there are 59 versions of any given program (all cleverly named something like KMusiOggGimperor), your standard end-user has NO CLUE what the program does.  Awesome job here!

OpenOffice is pretty much the same as it ever was... a clone of Office XP.  I understand that Open Office.org 3 will solve cancer, cure world hunger, and make you sandwiches when you are hungry, but the version included with OpenSUSE 11 is pretty blah.

The music player (Amarok) shows the reason that Linux is not yet ready for my wife... how the heck should she know whether her music files are kept in /bin /etc /sbin or /mnt... 

The UI once you have finished the First-Run Wizard is not much better.  It looks like it has a ton of bells and whistles, but does not hold a candle to iTunes or Zune in terms of UI.

All-in all, a fairly good experience.  It is clearly a beta product, and many of the errors that I experienced should be fixed once the final version is released. The fact that I can install OpenSUSE without any tweaking of kernel parameters is always a good thing.  There are some great features (as mentioned above) that make OpenSUSE usable for newbies, but has some features such as Amarok that would drive anyone mad.  I look forward to revisiting this distro once it finally releases in June.

Currently Listening to: Hide and Seek by Imogen Heap

...and awesome as always!  Check it out here.

Windows Administration: Active Directory Backup and Restore in Windows Server 2008

Windows Server 2008 and the new Windows Server Backup utility bring many changes and welcome enhancements to backing up. Here is an in-depth guide to backing up and restoring Active Directory in the new server OS. Gil Kirkpatrick

Windows Administration: Designing OU Structures that Work

Too many administrators underestimate the importance of having a well-designed Organizational Unit structure. Find out why having a sound OU strategy is important and determine the best OU structure for your organization. Ken St. Cyr

Windows Administration: Extending the Active Directory Schema

Many applications that rely on Active Directory define their own changes to the schema. But it's important that these changes don't impact other applications. Get an overview of extending the Active Directory through the classSchema and attributeSchema objects. Vikas Malhotra

System Center: Introducing System Center Mobile Device Manager

The new System Center Mobile Device Manager provides a complete set of tools for managing Windows Mobile devices through an MMC snap-in or via Windows PowerShell. Find out how this vital tool will allow you to manage mobile devices, increase security, and deliver mobile VPN capabilities. Matt Fontaine

System Center: What's New in System Center Essentials SP1

Service Pack 1 introduces significant enhancements for System Center Essentials 2007. Explore some of the key changes that will improve the user experience and streamline administration. Pete Zerger

One of the coolest features of Office 2007 is SmartArt.  It makes it incredibly easy to create great looking diagrams to show a process, cycle, hierarchy, or relationship.

During some business planning recently, however, I had the need to actually COMBINE two different diagrams to show a relationship between two related processes.  However, in Word, I found that I could not combine the two.  The "Segmented Cycle" was exactly what I needed on the inside of my chart, and the "Block Cycle" was exactly what I needed on the outside.  However, when I dragged one over the other, they would NOT overlap. Both diagrams would just swap places.

It turns out that this is expected behavior. Each diagram type knows what type of shapes belong there and how the shapes related to each other, so adding other arbitrary shapes or diagrams isn’t possible. 

Fortunately, there are two possible workarounds.  The first is to use PowerPoint, where you can overlap Smart Art all day long, and group/ungroup with no problems. 

The second is to position two Smart Art objects, or a Smart Art object and other shapes, in a way that they appear together on a page (just fine for my needs)which requires both objects to be floating. To make the Smart Art floating, right click it (its border, not an individual shape) and change the Text Wrapping to something other than Inline (e.g., Square or Tight).  Once the images are “floating”, you can size them and position them over each other. 

A few years ago, at my first IT job, my manager told me that there was a server at Microsoft, and all day long it created objects in a test Active Directory Domain.  "This server has been running since Windows Server 2000 was released" he said, "and it still has not hit a limit on the number of objects AD can hold".

I'm pretty sure he was talking out of his arse at the time, but we really do test the limits of our software at Microsoft (both upper and lower).  Some limits are hardware driven (such as the limits of the 32-bit address space), some are hardcoded limits, and some are practical limits (such as how long it would take to restore in the event of a hardware failure).  As noted at Tomek's blog, the Active Directory Maximum Limits article was recently updated, so check it out if you are curious how many Group Policy Objects can be applied to a user account, or why each Active Directory domain controller can only create 2,147,483,393 objects during its lifetime (and how to work around that limitation).

Because why wouldn't you?

Best Practice Guide for Securing Windows Server Active Directory Installations

Best Practice Guide for Securing Active Directory Installations and Day-to-Day Operations: Part 1

Best Practice Guide for Securing Active Directory Installations and Day-to-Day Operations: Part 2

Windows Server 2003 Deployment Kit: Designing and Deploying Directory and Security Services

Windows Server 2003 Security Guide

Windows Server 2008 Security Guide

Achieving Autonomy and Isolation with Forests, Domains, and Organizational Units

Active Directory Security Technical Implementation Guide (Non-Microsoft Guide)

http://iase.disa.mil/stigs/stig/active-directory-stig-v1r1.pdf

Just saw the following on Trika's blog.  GREAT opportunity to share your technical/certification knowledge with others!  Signing up right now...

Check this out: MCP mentors is a cool new program some people around here are cooking up, through which our certified community helps others get started in IT. To participate in this pilot, it makes most sense if you are in eastern U.S. or Canada, so you're in the same time zone. But more on that later...

Share your stories and help build the MCP community! Become an MCP Mentor.

As an experienced MCP, you have many stories--of both successes and failures. There was the time when the new guy brought down the entire system. The time you spent an entire week troubleshooting that elusive problem. And the time you completed your task in record time. Microsoft Learning invites you to share your stories, skills, and experience to make a difference in someone's life as an MCP Mentor.

HOW IT WORKS
The MCP Mentor Program matches an experienced Microsoft Certified Professional (you) with someone new to IT and studying to pass their first Microsoft Certification exam (your mentee). Through the program, your real-world perspective, technical skills, and community connections can help others overcome the experience gap to complete a path to proven skills, new career opportunities, and confidence.

As an MCP Mentor, you will share real-world experience with your mentee about objectives that are covered by the Microsoft Certification exam, helping to build self-confidence about his or her technical skills and preparedness. You will meet regularly with your mentee by phone or e-mail. In addition, you and your mentee will have access to an online community to share best practices, tips, and study tools. The online community also helps you and your mentee connect with other IT professionals of diverse experience, perspectives, and backgrounds.

VOLUNTEER FOR THE PILOT AT WALTER REED ARMY MEDICAL CENTER, UNITED STATES
Microsoft Learning is running a pilot of this program in conjunction with the IT Academy that is associated with Walter Reed Army Medical Center. The soldiers in this IT Academy program are recovering from recent injuries and waiting to find out if they will be discharged from the military. Most of these soldiers enter the IT Academy program with little or no experience in IT.

The MCP Mentor Program is not intended to be a replacement for training, but instead to supplement training. An experienced MCT supports these soldiers in their preparation. But these soldiers would benefit greatly from the kind of 1:1 mentoring relationship that you can provide. We need volunteer mentors to help these soldiers build the skills that are validated on their target exam(s), enter the IT profession, and join the MCP community. We are specifically looking for:

- IT professionals (vs. developers) with experience on MCDST exams 70-271 and 70-272 <corrected typo immediately after pressing publish. argh>

- Commitment of 2-4 hours per month over a 3-6 month period

- Local to mid-Atlantic United States preferred <edited 4/16...SEE NOTE FROM PROG. MNGR IN COMMENTS: YOU CAN PARTICIPATE REMOTELY!!!!>

HOW TO PARTICIPATE
If you are interested in volunteering, go to http://connect.microsoft.com and enter this Invitation ID to fill out an application survey: MNTR-CGPX-QQKK. If you have questions about this program, you can contact the MCP Mentor Program administrators at mcpmntr@microsoft.com.