Simon May

Client and cloud

December, 2010

  • You should connect your Active Directory to the cloud

    Sound scary?  Well it’s not, but it’s critically important in spurring cloud adoption in your organisation and therefore a set of key skills for IT Professionals.  We have a technology toolset called Active Directory Federation Service (ADFS 2.0) that uses a set of secure protocols like SSL and Public Key encryption to provide Single Sign On to applications that are not hosted inside your network.  It doesn’t even require a physical connection between your Active Directory Directory Service (AD DS) and the application, or even for you to dangle your AD DS on the internet like tasty shark bait.  In fact you don’t even have to place your AD DS into a DMZ.  All this means you can provide secure single sign on…but why would you and how do you?  (hint the how is at the bottom).

    Lets take a look why.  What are the applications that your users use most frequently and easily?  Probably Word, Excel, PowerPoint…then probably some line of business apps (LOB).  How do people sign onto those LOB apps?  If you’re in a good place then they don’t need to, they just launch the app and get signed in automatically but if you aren’t then they probably need extra user names and passwords.  How many helpdesk calls does that create?  What perception of IT services in your organisation does that create?  I know, I’ve been there….the answer is usually lots of calls, poor perception.  That user experience can be better with simple AD authentication for the application.

    The pain not having single sign on with a cloud application can be extreme.  Imagine this scenario:

    what happens without ADFS

    But with ADFS 2.0 in place all that has to happen is that the user remembers their Windows password and logs in.  Just once and it’s far more secure because your organisation is in charge of the password reset policy, the complexity policy and most importantly – because they don’t have to remember lots of passwords they stop writing them down on their desks.

    We’re pretty serious about this being a major piece of the cloud for the IT Professional, so much so that both @deepfat and I took two days out a week or so ago for offsite training on how to build ADFS 2.0 infrastructures.  It’s not all that complex either…once you have an understanding of PKI.  But to make it even easier you’ll find whitepapers that take a step by step approach to the technology just here: Single Sign-On from Active Directory to a Windows Azure Application Whitepaper .  Not only is this essential for Azure it’s also essential to know for the best possible Office365 integration.

  • Arc Touch Mouse: Flat and touchy


    A couple of days ago I received the beautiful Arc Touch mouse through the post from our company store.  Got to say it lives up to what it says on the tin, it’s an Arc, it’s got touch sensitivity and it’s a mouse.  Hardware does something that not all software does in my mind, it creates an instant connection and I think it’s because of the kinaesthetic relationship that only hardware provides.   The moment you touch this mouse it feels high quality.  The flexible tail feels soft and you want to stroke it a little.  The glossy buttons are almost reflective and I found myself catching the light on it.  The scrolly bit, which includes haptics (little vibrations) to provide the feedback of a wheel in a flat form factor is cool.  In fact it’s not just haptic, it makes a subtle clicking noise so I found myself holding it next to my ear.

    That’s pretty good, sight, touch and sound all in the first few seconds of opening the box.

    Oh yeah the box is cool too, it’s got a little magnetic lid on it.  Nice.

    **At this point I’m going to point out that I didn’t smell it**

    The usb nano receiver is nice and small 18mm if you check the picture below, and if holds onto the mouse with a very strong magnet.  As you’d expect there’s no software to install, super simple.  The blue track laser has worked on every surface (including glass) that I’ve tried it on.  Love it.

    Here’s some photos of the little puppy to enjoy (all captured with my Sony a55 and 30mm macro lens).


  • How to make a wireless router

    You’re trapped by snow, you tried to escape in the car but hit some ice and and skidded into the curb at less than 10 mph and bent your wheel axle.  There’s limited mobile reception.  There’s internet but only directly connected by cable to one PC.  You’re a geek who needs to work and that involves 2 laptops.  Your wife also needs to work on her laptop and connect to work remotely.  Your hosts , providing the house to keep you warm, also need to be able to work…this was the situation I found myself in (and still do) this weekend.  The answer, turning one of the laptops into a WiFi hotspot and sharing that single Internet Connection (aka SoftAP)  And also calling the car insurance!



    So what’s involved?

    Well first off I turned a laptop into an WiFi hotspot, which is simple with the right drivers from Intel and Windows 7.  What happens here is a virtual network adapter is created to handle to the hotspot traffic.

    netsh wlan set hostednetwork mode=allow ssid=SiWiFi key=password


    Once the connection is setup you need to share whatever network connection is providing internet access with the new hotspot.  To do that simple open the adapter settings, select the sharing tab, tick the box and select your new virtual network adapter. Obviously change SiWiFi and Key= to a ssid and key that you like.  This can be used to share any internet connect, be it coming from WiFi or from Mobile or a wired connection.


    The next step is to start the new adapter and hotspot whenever you need it done with a simple command at the command line:

    netsh wlan start hostednetwork

    Finally connect to the hotspot as you would from any laptop to a wireless hotspot.


    I remembered hearing about this ages ago from Long at but I got the detail from MSDN this time around and if you don’t like the sound of this in your corporate environment then this video on Edge will help you prevent it being used in your organisation.

  • How many desktops do you support?

    My buddy @deepfat and I were just having a chat and we thought we’d see if we could work out how much kit you guys are huggin.  So we've produced a couple of posts, mines on the desktop…his is on Servers.  So here’s my magical poll….


  • Lync 2010 SDK + Christmas lights = AWESOME!

    I first saw this earlier in the week and thought it was a brilliant project, but I didn’t take much of a look under the covers as it was embedded on someone else’s site, might have been my boss’s blog.  Anyway this project uses the Lync 2010 SDK and that makes is super amazing because it shows some of the cool things you can do with great software, connected people an SDK and a bit of code.



    LED Christmas Lights as IM presence indicators from Andrej Kyselica on Vimeo.