Back to London

Phew! I was in Seattle this week for training – part of new employee orientation and now am on my way back home for a few hours and then I get back on a plane and haul ass to Delhi. I am at the airport right now, on a red eye (I hate those, since I cannot sleep when I am travelling). Home sweet home… err… I should probably say… Home messy home…

Enterprise Library

Microsoft released the Enterprise Library based on ACA.NET which our engineering guys here at Avanade, work their butts off! Enterprise Library features new and updated versions of application blocks that were previously available as stand-alone application blocks. All Enterprise Library application blocks have been updated with a particular focus on consistency, extensibility, ease of use, and integration.

The application blocks that comprise the Enterprise Library are the following:

  • Caching Application Block. This application block allows developers to incorporate a local cache in their applications.
  • Configuration Application Block. This application block allows applications to read and write configuration information.
  • Data Access Application Block. This application block allows developers to incorporate standard database functionality in their applications.
  • Cryptography Application Block. This application block allows developers to include encryption and hashing functionality in their applications.
  • Exception Handling Application Block. This application block allows developers and policy makers to create a consistent strategy for processing exceptions that occur throughout the architectural layers of enterprise applications.
  • Logging and Instrumentation Application Block. This application block allows developers to incorporate standard logging and instrumentation functionality in their applications.
  • Security Application Block. This application block allows developers to incorporate security functionality in their applications. Applications can use the application block in a variety of situations, such as authenticating and authorising users against a database, retrieving role and profile information, and caching user profile information.

Different applications have different requirements and you will not find that every application block is useful in every application that you build. Before using an application block, you should have a good understanding of your application requirements and of the scenarios that the application block is designed to address.

You can also get some more information on Tom’s blog.

IWAM Account Is Not Granted the Impersonate Privilege for ASP.NET 1.1 on a Windows 2000 Domain Controller

Recently at work a someone was playing around with AD, and could not get impersonation working in ASP.NET – even hardcoding the userid/pwd did help, and all the time he got an Access is Denied error. After searching high, low, etc. he did find this issue. Interestingly I have never seen this, because well one, I have been working on Windows 2003 Server for the last few months, and two more importantly, my dev box, has not been a Domain Controller! (Why you would want one is another story).

So, it turns out there is a bug and you may experience the behavior when the user account that you use to run the program does not have the Impersonate a client after authentication user right (the SeImpersonatePrivilege function). When you upgrade Windows 2000 Server Domain Controller to SP4, the user account (IWAM) is not granted SeImpersonatePrivilege, and then programs that use impersonation may not work correctly. When you request an ASP.NET 1.1 page, you may receive the following error message: Server Error in ‘/iwamtest’ Application.

Access is denied.
Description An unhandled exception occurred during the execution of the current Web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details
System.ApplicationException: Access is denied.

Source Error
An unhandled exception was generated during the execution of the current Web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace
[ApplicationException: Access is denied. ]

System.Security.Principal.WindowsIdentity._ResolveIdentity(IntPtr userToken) +0 System.Security.Principal.WindowsIdentity.get_Name() +71 System.Web.Configuration.AuthorizationConfigRule.IsUserAllowed(IPrincipal user, String verb) +100 System.Web.Configuration.AuthorizationConfig.IsUserAllowed(IPrincipal user, String verb) +81 System.Web.Security.UrlAuthorizationModule.OnEnter(Object source, EventArgs eventArgs) +178 System.Web.SyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute() +60
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87

Workaround: To work around the problem, manually assign Impersonate a client after authentication to the IWAM account. To do so, follow these steps:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Domain Controller Security Policy.
  2. Click Security Settings.
  3. Click Local Policies, and then click User Rights Assignment.
  4. In the right pane, double-click Impersonate a client after authentication.
  5. In the Security Policy Setting window, click Define these policy settings.
  6. Click Add, and then click Browse.
  7. In the Select Users or Groups window, select the IWAM account name, click Add, and then click OK.
  8. Click OK, and then click OK again.
  9. To enforce an update of computer policy, type the following command: secedit /refreshpolicy machine_policy /enforce
  10. At a command prompt, type iisreset.

More Information: http://tinyurl.com/6yfx3

[Listening to: Vertigo – U2 – How to Dismantle an Atomic Bomb [Bonus Track] (03:15)]

2004 Year-End Google Zeitgeist, Search patterns, trends, and surprises

Based on billions of searches conducted by Google users around the world, the 2004 Year-End Zeitgeist offers a unique perspective on the year’s major events and trends giving you this aggregate look at what people wanted to know more about this year. Check it out.

[Listening to: 04 dupatta (bhangra mix ) – – (05:04)]

Windows Updates: More or Less?

Mary Jo Foley has has uncovered an interesting trend up in Redmond: contradiction when it comes to Windows. It seems that the Longhorn team has seven versions on tap, but the company as a whole is paring back Windows versions, folding Home, Pro and others into one SKU. Microsoft is sending mixed signals as to whether it will field more or fewer Windows releases; but she bets there are more, more, more.

The Windows team likes to pride itself on holding its cards close to the vest. But sometimes, that strategy backfires, as it did this week on the Longhorn front.

Microsoft execs have been making a concerted effort not to talk publicly about Longhorn. But that hasn’t stopped others from doing so. And this week, there were lots of conflicting Longhorn leaks:

  • Microsoft has at least seven Longhorn variants on the drawing board, including new small-business and an “uber” Windows variant, according to one Windows-watching site. (There’s no Windows Longhorn Reduced Media Edition on the list, but Microsoft’s still in denial about that one.)
  • Microsoft is paring back the number of Windows releases and is folding the Home, Professional, Tablet and Windows Media Center releases into one single Longhorn SKU, according to another reporter.
  • Microsoft is readying the next two Windows Media Center releases and doesn’t seem to have plans to fold any of the Media Center functionality into other Longhorn SKUs at all, according to a third site.

So, which of these, if any, is true? The Windows client team won’t say. Officials are clinging to the tired line that “it’s too early to talk yet about packaging plans for Longhorn.” But wouldn’t you like to hear more about good old Windows XP instead?

Our sources say that the truth lies at the intersection of all of these reports. We hear Microsoft is thinking about more Windows releases, not fewer — the same way that the Office team and the Visual Studio teams are thinking about ways to broaden their products’ appeal by rolling out more variants.

The “uber” Longhorn release mentioned above — that allegedly will include all of the features of the includes all of the features from the Home, Premium, Pro, Small Business, and Tablet PC Editions — is Microsoft’s trial balloon, our tipsters say.

Microsoft has made no secret of the fact that it is highly likely to add more of its Tablet PC operating system features to the base Windows platform, going forward. And it’s leaning toward doing the same with Media Center.

In fact, the core Windows team is constantly re-examining which features from these two SKUs (Tablet and Media Center) Microsoft should fold into the base-level platform. If a certain market heats up sooner than Microsoft might have anticipated (say, digital photography), Microsoft will be more likely to incorporate Media Center’s digital-photo-handling functionality into the core Windows platform, the Windows client team has said.

At this point in the cycle, Microsoft should have a pretty good idea of what Longhorn will look like, at least if the company is still expecting to ship the final Longhorn product(s) next year. (Our sources say 2006 is still the due date, most likely Q3.) We’re not optimistic we’ll see a Longhorn beta much before the Professional Developers Conference in October, but maybe we’ll be pleasantly surprised.

Testing .NET Application Blocks (Version 1.0)

A little while ago while I was one of the industry advisors for the PAG group at Microsoft. One of the last things I did in that capacity was provide input to the the Testing App blocks for MS. Microsoft has finally released this and can be downloaded here.

Testing .NET Application Blocks covers many testing areas that were used during testing and verification of the various application blocks provided by Microsoft’s patterns & practices group, such as functional, globalization, performance, integration, and security. The guide uses code examples, sample test cases, and checklists to demonstrate how to plan and implement each type of test; the guide also recommends tools to use to run the tests. It covers test considerations to be taken into account when customizing these application blocks or integrating them with your own applications.

Because this guide focuses on testing NET application blocks, its scope does not include user interface (UI) testing or database testing. Although the guidance is developed within the context of Microsoft patterns & practices application blocks, it still applies to testing .NET code in general.

[Listening to: Nach Deutschland – The Bourne Supremacy – The Bourne Supremacy (02:40)]

Try not to do it again guys. Oh, and thanks for the Gmail accounts

Google’s prime directive remains intact. The Securities and Exchange Commission ruled Thursday that the company’s missteps in not registering millions of options and not keeping quiet during the pre-IPO quiet period were not “evil” but “very naughty.” Practicing semi-tough love, the SEC levied no fine but extracted a solemn promise from Google never to do it again. The company’s general counsel, David Drummond, took the bulk of the wrist-slapping over the failure to register more than $80 million in employee options, a move the SEC said he knew would let Google keep a lot of financial information under wraps. The commission also let slide a big Playboy interview with founders Sergey Brin and Larry Page that appeared during the pre-IPO period in which company execs are supposed to be seen but not heard (see “Google guys to Playboy: They’re real and they’re fabulous … no, our options, you idiots“). Marc Fagel, assistant district administrator of the SEC’s San Francisco office, told the L.A. Times the agency wanted to give Google a public scolding to as a warning to others, but didn’t fine it because the violation did not cost investors money and company executives cooperated with investigators. And investors? Way, way past all of this.

[Listening to: Yeh Tara Woh Tara – Swades – Swades (07:09)]

Reflector SQL Server 2005 Addin

Denis has an addin to Reflector for SQL Server 2005 (Yukon). that can be used to browse .NET assemblies stored in a SQL Server 2005 (Yukon) database. You can connect your local Reflector installation to a remote SQL Server instance, list the databases and its assemblies and download them directly into .NET Reflector. Once my issues with Whidbey are resolved, I will check this out.

[Listening to: Track 02 – New Artist (38) – New Title (38) (04:48)]

Linux Vulnerabilities Creep Toward the Desktop – another FUD?

LinuxInsider writes about the Linux vulnerabilities creeping towards the Desktop. Though the question is this another FUD? Smells like one…

As Linux increasingly hits the enterprise and consumer mainstream, a growing number of security threats are emerging which prey on holes in applications and files managed by desktop users.

According to some industry observers, a focus on digging bugs out of end-user applications makes perfect sense – not just as a means of protecting users, but as a method for wresting converts away from Microsoft.

[Listening to: Track 01 – New Artist (38) – New Title (38) (05:09)]

Best Method names?

Brad Adams had a recent post discussing best method names ever. It is quite hilarious and interesting to find some methods that are used such as the FDangerouslyCommitToDiskCacheButNotActuallyToDisk, SetMetafileBitsBetter, PrestoChangoSelector, (all Windows) etc. My personal favourite are ZombifyActivationContext (in XP+) and die_you_gravy_sucking_pigdog() (FreeBSD).

[Listening to: ChhodNaRe(Rimix) – – (05:01)]

Not All Tsunami Donations Deductible

Interestingly, there is a story highlighting the fact that all your $$$’s (or £££’s as I am in UK now), are NOT tax deductible – which came as a bit of a surprise to me. For example, the American Red Cross has received close to $152 million in donations for tsunami survivors. If you gave to them, your contribution is tax deductible. But if you donated to the International Red Cross it’s not. That’s because most international groups are not authorized by the IRS to accept tax deductible donations. To simplify things the IRS says go to the websites of US AID and the USA Freedom Corps. All the charities listed on those websites are qualified to give you a tax break. You can also check the IRS website. On the home page click on charities, then click on the “New Search Features” and enter the charities name. If it comes back with a listing you know you’re okay with the IRS. Also keep in mind that if you have donated to an eligible charity for tsunami victims this month you can still take the deduction on last years taxes.

Live and Learn

Incase you have been extra vigilant you might have noticed a new category called Live and Learn. This as the name suggests is a category, where I can post my screw up of life be it technical in nature or anything else – the idea being I should be able to get back to it and reflect and hopefully learn from it! If not, then, well I would just be getting more creative in my excuses won’t I? 🙂 For those who know me, will know that most of my entries would probably fall in this category. Oh, ya, this ofcourse in true to tradition was inspired by a true life incident – which would be up here one of these days soon. 🙂