Microsoft seems to be finding their marketing mojo lately, with some creative and smart ads that actually highlight the benefits of their products directly and quickly.
Windows Phone has had some great ads, but this is brilliant and long overdue.
After Apple's years of kicking Microsoft's marketing butt with the switcher ads, this is great to see. Can't wait to see how Apple responds - hopefully with some production announcements.
We recently were introduced to a great utility that a Microsoft IIS Team employee maintains called SelfSSL7. This is an upgraded version of the old SelfSSL tool that used to ship as part of the IIS Resource Kit.
Self-signed certificates have a myriad of useful purposes for internal uses in testing and staging environment, but are an awful pain to deal with using the (almost completely lacking) internal tools.
SelfSSL7 to the rescue!
Thomas has all the details at his blog below, but in a nutshell you simply download the tool, unzip and run from a command line.
For example, to create a self-signed certificate for a web server with a 5 year expiry and automatically export the whole thing to a PFX file for safe keeping, all while adding it to the local computer store and binding it to an IIS site automatically - simply execute the following at an elevated command prompt:
selfssl7 /k 2048 /v 1825 /x /f c:\SelfSSL7\my-5-year-cert.pfx /i
There is no step 2!
Such a time saver!
Updated July 2014
We're seeing an increasing trend of the following error displaying upon logon to many of our client's computers running Windows 8.0 Oddly this seems to be happening more on Windows 8 "Core" (what you receive on a consumer system), versus Windows 8 Pro or Enterprise in the corporate environment.
Windows couldn't connect to the windows all-user install agent service. Please consult your system administrator.
An investigation points to what appears to be some pretty buggy code in this particular service, which handles the installation of AppX (Metro/Tile World/Windows Store) applications. Somehow this service is crashing, and then further getting set to a Disabled state.
Most often, this problem will prevent standard (non-administrator) users from successfully logging on to the computer, or running certain Modern Apps or even Desktop software.
To fix this issue, you must be able to logon as an account that is in the Local Administrators group. Once logged on as an Admin, resolving the issue is relatively simple.
Open a Command Prompt As Administrator (this can be done from the Start Screen by searching for CMD, and then right click on the Command Prompt tile and choose Run as Administrator from the App Bar). Then, execute the following three commands:
sc config AllUserInstallAgent start=demand net start AllUserInstallAgent sfc /scannow
The first two commands change the startup type of the required problem service, and the third will check for other corrupt file issues in your Windows installation. It will take a good while to complete. When all of the above are finished (whether fully successful or not), you must then instruct Windows 8 to do a FULL shutdown, as on most new computers it performs a hybrid shutdown by default which will not reinitialise all the necessary components. Again, from the same Administrative Command Prompt type:
shutdown /s /f /t 5 Turn your computer back on after its shut down fully and the errors should be resolved. Still no word on an official fix from Microsoft yet.
Also of note, this only seems to affect original Windows 8, and not Windows 8.1. In fact, this service has been removed completely on Windows 8.1.
Now that more BB10 and WP8 devices are out in the wild, there are a few issues coming to light in regards to the connection to Exchange ActiveSync.
The most common is that users are periodically prompted for their password after having successfully synced with the server for some time. In many cases (particularly BB 10) this results in an account lockout if the user simply cancels the prompt, or doesn't enter the password successfully.
The same issues do not seem to appear when using any iOS, Android or Windows Phone 7.x device against the same servers. It's not yet clear why the implementation is different on these other platforms.
The solution - adjust the timeout settings on your Exchange server, or ISA/TMG or ASA gateways, so that the connections are held open for longer than the heartbeat interval of the ActiveSync device.
Exchange
Follow the steps in this article to ensure the correct configuration is in place for both Exchange (2003/2007/2010) and your ISA/TMG.
ISA/TM
Under the Web Listener for the EAS/OWA Rule - uncheck the "Apply session timeout to non-browser clients" setting as per this article.
Cisco ASA
Ensure any NAT rules that pass traffic to Exchange on HTTP/HTTPS have no timeouts, or very long timeout values.
Curious how all this fits together? Here's a great backgrounder on how EAS Direct Push works, heartbeat intervals, firewalls and more.
http://technet.microsoft.com/en-us/library/cc182270.aspx
It's becoming almost a ridiculous sad joke. Each new iOS release seems to bring a new round of calendaring bugs that cause havoc with Exchange and Activesync, and create no end of headaches for users and admins.
The latest example - the iOS 6.1, 6.1.1 fiasco - has taken it to a new extreme.
Apple needs to stop dripping with hubris about this stuff, and actually test their products consistently and properly. The post-Steve Jobs downward trend is sad, and concerning. One product after another is increasingly flawed.
Anyway </rant mode>
In the mean time - read about the iOS 6.1 mess here, then immediately go and update all your i-Devices to 6.1.2. Then wait for 6.1.3 or 6.2 or whatever is going to fix the lock screen bug.
iOS 6.1: Excess Exchange activity after accepting an exception to recurring calendar event
With Blackberry 10 just days away from launch, we're seeing an increasing amount of interest and confusion about how these new devices will connect with mail environments, and how it compares to previous versions of the devices and servers.
Part of this confusion is due to RIM somewhat changing the plan along the (very long) way to BB 10. Thankfully the initial impressions of the devices look solid, so we expect there to be an uptick in usage again.
BB 10 (and Playbook 2.x) devices all use Exchange Activesync (EAS) as their only supported method of syncing with email servers. This is great news for Exchange, and reduces much of the complexity of past. The biggest win is that the devices now natively support email without a BES or BIS connection - just like iOS, Windows Phone and Android. MUCH better user experience.
In the Enterprise, a BES is no longer required at all, if you simply want to connect and manage your BB 10 handhelds in a mostly unmanaged way - simply by continuing to publish your EAS servers to the public internet. Autodiscovery and all of those niceties are supported by BB10. As are EAS policies for passwords, remote wiping and the like.
It turns out quite a nice set of functionality - albeit at a pretty high price point.
Blackberry Enterprise Service is (not Server) is the new BES 10 but this has no relation to the old BES. It is simply a management tool, and is an updating and re-branding of their previous Mobile Fusion, and Universal/Blackberry device services products. The new BES will NOT talk to older Blackberry devices. Period. You will always need to keep a BES 5 server around while still using legacy devices.
Nicely, however, the BES 10 management product will manage your old devices, by pushing down policy to BES 5 and onto the devices. Likewise, it will manage Android and iOS devices with certificate management, and installable clients if desired. You can keep consistent policy across all of these, and report on them etc. Sounds quite promising.
As for syncing - where most of the confusion occurs due to the native EAS support - is what BES 10 adds to that part of the puzzle.
1. Native EAS - no BES involved
2. Native EAS with BES Management - pushes the email settings and policy to the devices (so user's don't have to enter anything, and BES policy trumps EAS policy)
3. Full BES (our name) - device connections will be routed over an encrypted tunnel through the RIM network, back into your BES and then proxied on behalf of the user into the internal EAS server. External publishing of EAS is not required. This will only function on the "Work" side of the Blackberry 10 or Playbook 2's "Balance" profiles. Casual users cannot natively get this functionality.
Overall we think the approach they are taking makes a lot of sense, and is a huge improvement over the former days of the steaming pile of Java crud that was the old BES.
It remains to be seen how well all this comes together, but if RIM pulls this off correctly, they've got a fighting chance, at not only a good device, but a great MDM product as well.
BES 10 is now available for download.
Need help with updating your environment? Questions? Contact us today for Blackberry therapy.
Another gem from Jeff over at the EXPTA blog!
Microsoft and their crazy need to make previously simple tasks complicated in Windows 8...all in the name of ease, or something.
Here's a quick tip on how to sign out, shutdown or restart Windows 8 or Windows Server 2012 from the desktop the easy way. Simply click the Windows Taskbar to give focus to the desktop and press Alt-F4