Get a Free Windows Azure One Month Pass

Microsoft is offering a free one month trial of their Windows Azure platform for you to use with no credit card required.  This is a great way to experience Microsoft's Platform as a Service (PaaS) to see what it is and what it can potentially do for you.

PaaS delivers a computing platform (Windows) and a solution stack (your application) from the cloud for your business and/or customers.  Microsoft Azure offers both Windows and SQL as PaaS offerings.

The free offer website also has links to videos about the Azure cloud computing platforms, virtual labs, demos and more.

How to Create Certificates with a Longer Validity Period

So, you have your own Windows Certificate of Authority (CA) server and you want to create some new certificates that are valid longer than the default certificate templates.  You duplicate the User Certificate, and set the validity period to 5 years.  You issue a new user certificate using the new template and discover that the certificate expires two years from today.  What's up with that?

The validity period of any certificate generated by a Windows CA is the lesser of these three values:

• The remaining lifetime of the root CA server 
• The value specified in the certificate template
• The value specified in the CA server registry (default is 2 years)

So even if you set the certificate template validity period to 10 years, certificates issued using this template will be valid for a maximum of two years with the CA's default settings.

Increasing the CA Lifetime
Most root CAs are typically valid for 5 years. To increase the lifetime of the root CA, create or edit a text file in %SYSTEMROOT% called CAPolicy.inf with the following text:

[Version]
Signature=”$Windows NT$”

[certsrv_server]
RenewalValidityPeriod=Years
RenewalValidityPeriodUnits=10

Adjust the values above as needed, save the file, and restart the CertSrv service. Then renew the CA Certificate using the same public and private key pair.

Warning: If you generate a new public and private key pair you will need to reissue all your old certificates, so don't do it unless that is your intent.

Setting the Maximum Validity Period in the Registry
The default certificate validity period configured in the CA's registry is 2 years. To view the current registry value, run the following commands from a CMD prompt on the CA:

certutil -getreg ca\ValidityPeriod
certutil -getreg ca\ValidityPeriodUnits

To configure the registry value to 5 years, run the following command from a CMD prompt on the CA:

certutil -setreg ca\ValidityPeriodUnits 5

Adjust the value above, as needed. Then restart the CertSvc service to affect the changes.

Fix for OWA always uses Light Mode for some users

This article explains the difference between OWA Light Mode and Premium Mode and why some users may only see the Light Mode client, even though they haven't selected it at logon.

Exchange 2007 Outlook Web Access and Exchange 2010 Outlook Web App offer two different modes for viewing OWA - Premium Mode, with all the bells and whistles that Internet Explorer can muster, and Light Mode, which provides fewer features and is sometimes faster.  You would usually use the Light client if you are on a slow connection or using a computer with unusually strict browser security settings.

If you are using a browser other than Internet Explorer 6 or later for OWA 2007, you can only use the Light client.  OWA 2010 supports the full Outlook Web App experience (aka Premium Mode) on Internet Explorer 7 and some other browsers on Windows, Mac, and Linux computers.  To check out all the supported browsers and operating systems for OWA 2010, click here.

Here's a comparison between the Outlook Web Access 2007 Light and Premium clients:

And here's a comparison between the Outlook Web App 2010 Light and Premiun clients:

Normally, users will default to use the Premium Mode client if they are using IE6 or better for OWA 2007 or IE7 or better for OWA 2010.  However, you may hear complaints from some users that they always get the Light Mode client, regardless of whether they selected to use it or not when they logged in.  This happens if the user selected to use "the blind and low vision experience" when logging into OWA for the first time.

To disable this mode and allow IE to use the Premium Mode, have the user login to OWA and open Options in the upper right corner.  Then select Accessibility and clear the checkbox for Use the blind and low vision experience, as shown below.

Now have the user sign out of OWA and sign back in.  They should be using OWA Premium Mode, providing they are using a supported browser.

How to Turn Off the Outlook 2010 Social Connector

Outlook 2010 features a new Outlook Social Connector that integrates Outlook with several social networking sites, such as Facebook, Twitter and My Space.  The idea is to provide a pane at the bottom of each message that shows the recent social networking updates from the senders and recipients in each message.  Outlook 2010 will also pull photos or avatars of the senders and recipients from these social networks to provide a fuller, richer and more personal messaging experience.

For more information about the Outlook Social Connector, see Announcing the Outlook Social Connector on the Outlook product team's blog.

While this might be a good idea for home users or businesses that are more open to social networking, I find that most corporate networks block access to social networking sites like Facebook, Twitter, and My Space.  This renders the Outlook Social Connector useless and takes up valuable screen real estate, as shown below.

If you happen to click the "People Pane" (highlighted in red above) it expands to show more information from the configured social networking sites, taking up even more room.  Here's how to get rid of it.

On the Outlook 2010 main screen click the View tab, then People Pane, then select Off.  Viola!

Comprehensive Guide on Addressing Exchange Calendaring Issues

Rand Morimoto wrote a great article for Network World about Exchange calendaring issues.  Rand is the president of Convergent Computing, the company I work for.  His article covers lost appointments, duplicate appointments, odd delegate issues, etc.  This article is based on the real-world experience we as a company have gained working with many organizations of all sizes.

I wanted to add a few comments of my own, to follow up on to Rand's excellent article.

Another factor that can cause calendar issues for delegates is Cached Exchange Mode, which can cause an artificial delay in updating calendar information. For example, the boss (using Entourage, which doesn't have Cached Mode) may accept or alter the same appointment that the assistant (using Outlook in Cached Mode) accepts or alters. The default Cached Mode settings may cause a delay of up to a minute before the assistant's calendar item is updated on Exchange. Who wins is anybody's guess.

By the way, my recommendation is to adjust the Cached Mode latencies to 1 second using Group Policy. There is virtually no network performance impact and it solves a lot of issues, especially "perceived performance" issues.  See http://support.microsoft.com/kb/870926/%20target=.

Regarding BES, RIM is making quite a few changes recently due to inconsistency problems (especially in calendaring). BES 5.0 SP2 is supposed to make huge performance improvements so that BES IOPS are now equal to Outlook (see http://flaphead.com/archive/2010/07/24/bes-5-0-sp2-blackberry-user-exchange-2010-iops-now-equal-to-an-outlook-client.aspx). The rumor is that BES 6.0 will completely re-architect BES to use Exchange Web Services (EWS) rather than MAPI.

That said, BES changes versions as often as we change socks. I find that most orgs are WAY behind on BES versions from the current version, so they can't take advantage of these improvements. And as with any other technology with massive changes, it will probably introduce a new set of unknown problems.

Being that calendaring issues are 99% due to client issues (Outlook, Entourage, BES, iPhone, etc.), I expect that most of these issues will go away as the clients move toward using EWS. The problems documented in Rand's article occur because of the way the clients handle calendaring/email objects. If the client software lets Exchange handle these objects using standard EWS APIs, the problems will diminish/disappear.

Windows 7 Downgrade Rights

Downgrade rights enable customers to continue running Windows Vista or Windows XP after obtaining a Windows 7 license. Downgrading is simple, and this resource makes it straightforward for you to understand the process.

Customers must:

• Purchase a PC preinstalled with Windows 7.
• Accept the Windows 7 Software License Terms.
• Perform the downgrade or authorize an Original Equipment Manufacturer (OEM) to perform it.
• See additional details and FAQ.

The Downgrade Process
Follow these steps to downgrade to a previous version of Windows:

• Obtain genuine Windows XP Professional or Tablet PC Edition and a corresponding product key.  The media should come from a prior legally licensed version from the OEM or Retail channels. Additionally an end user, who is licensed separately through Microsoft Volume Licensing (VL) programs, may provide their VL media and key to their system builder to use to facilitate the downgrade on only their systems.
• Insert Windows XP Professional or Tablet PC Edition media in the CD drive and follow the installation instructions.
• Type the product key. If the software was previously activated, you will not be able to activate it online. In this case, the appropriate local Activation Support phone number will be displayed. Call the number and explain the circumstances. When it is determined that the end user has an eligible Windows license, the customer service representative will provide a single-use activation code to activate the software. Please note that Microsoft does not provide a full product key in this scenario.
• Activate the software.

Also see the Step-by-Step Guide and FAQ for Windows 7 for customers.

OEM Versions of Windows 7 Eligible for Downgrade
Only certain OEM versions of Windows 7 include downgrade rights:

• Windows 7 Professional and Windows 7 Ultimate include downgrade rights to Windows Vista Business and Windows Vista Ultimate.
• Windows 7 Professional and Windows 7 Ultimate temporarily includes downgrade rights to Windows XP Professional, Windows XP Tablet PC Edition, or Windows XP x64 Edition.
• Other OEM Windows 7 versions (for instance, Windows 7 Home Basic and Windows 7 Home Premium) do not include downgrade rights.

TechEd 2011 Welcome Video from Atlanta's Mayor

Microsoft TechEd 2011 will be hosted in Atlanta next year, and Atlanta's Mayor would like to welcome you in this video.

Aaron Nelson, a SQL architect in Atlanta, posted the following information about the convention center where TechEd will be held:

So how on earth can over 10,000 IT Pros fit into a single convention center in Atlanta and it not be cramped? Pretty easily actually because:

• The Georgia World Congress Center is accessible to 80 percent of the American population in two hours or less (via car, train or the World’s Busiest Airport).
• Or maybe that it’s easier to fly direct to Atlanta than any other place on earth.
• The Congress Center’s Building B exhibit halls are more than twice as long as Atlanta’s highest skyscraper is high (which happens to be the tallest building in the Western Hemisphere outside of New York and Chicago). From one end of these halls to the other, the earth curves 3/4 inch.
• As many as 125,000 people have attended a single event at the GWCC.
• For relevance sake: that’s approx. 50x larger than the PASS Summit
• Or… Larger than every PASS Summit and every SQL Saturday ever held, COMBINED.
• The lobby of Building C alone is large enough to hold the Titanic.
• Building C: entrance lobby is over 1,000 feet long, 80 feet wide and over 90 feet high
• Titanic: 882 feet long, 92 feet 6 inches wide, and 60 feet 6 inches from the waterline to the main deck.
• Heck there’s over 90 acres or 3.9 million square feet throughout the GWCC

Sounds like it will be quite a spread!  I just wish they gave us Segweys.