August 2004 - Posts
I was surfing around yesterday for an XML document with all of the US States in it (didn't find it, but found some other interesting utility - http://www.codeproject.com/aspnet/SDIddlStatesPackage.asp) and came across a US Government website that publishes XML Documents and Schemas used by US House of Representatives (http://xml.house.gov/)! Now I haven't really thought too hard on how to best apply this, but it's encouraging that the government is participating in the XML movement. Nice job!
Since this prompted my interest, I dug a bit deeper (ok, ok....it was only once click deep) and found this site too: http://xml.gov/
I should also add that the webpage I was developing internally for leverages this tool as well - http://www.codeproject.com/cs/database/dbhelper.asp. Basically, you point it to a database, you select from the stored procedures available for that DB, and then it generates a C# class to wrap the call to that SP. It's nifty.
greggm has an interesting post on how to configure your dev machine on WinXP to enable remote debugging for Visual Studio.NET 2002/2003 after you install Windows XP Service Pack 2. I haven't used it yet, but I'm adding this to my blog to keep it in a safe and known place :).
http://weblogs.asp.net/greggm/archive/2004/08/30/222935.aspx
Oh do I love to see a Blog entry on MPS! Rob Gillen, also of eQuest Technologies, provides a cool tidbit on using MPS to change a Active Directory user object to enable that user to forward email via [Hosted] Exchange 2003.
http://weblogs.asp.net/rgillen/archive/2004/07/28/200368.aspx
Now even though the post is related how to do this in MPS via a Named Procedure, it's still interesting to see how to a forward email for a user in Active Directory and Exchange 2003. I think I should also point out that the altRecipient could point to a contact object. That contact object can then point to an external address.
This site provides the manual way of doing this via the standard tools: http://www.msexchange.org/tutorials/MF015.html
Thanks to Jacob for his post on AuthDiag now being available from Microsoft (http://weblogs.asp.net/jacobcy/archive/2004/08/30/223112.aspx). Now since I'm pretty focused on Service Providers (but not always ;) ), I wonder how this will behave in a Service Provider Scenario. Why is that a big questions? Well it's because each Service Provider (you can hardly find 2 that do the "exact" same thing) configures and locks-down their customer's websites in a particular manner. So I'm wondering how the Service Provider can tell which "failures" that are defined by the AuthDiag tool are things that they do and want to do versus what is an actual "big issue."
The Windows based Hosting Solution 2.5 solution provides guidance on how to host website in a dedicated model (there is some code in there that does shared web hosting too, but that wasn't the focus of that solution), so I wonder how that will do when you run this tool against that. I'll report on that later.
I just ran the tool on my home development machine and saw some interesting results. I've yet to upgrade to Service Pack 2 of Windows XP, so I wonder what the results will look like then. Hmmm...sounds like an interesting future blog post....we'll see.
You can download the AuthDiag Tool from here: http://download.microsoft.com/download/6/c/9/6c96682c-8449-4112-a089-3b98c0035d0c/AuthDiag.msi
I also found an interesting MS Online Event for the tool as well:
TechNet Webcast: Using AuthDiag to Diagnose Problems with Authentication and Authorization in IIS - Level 200
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032258857&Culture=en-US
oh, so what is AuthDiag?
(From the AuthDiag Documentation)
Authentication and Access Control Diagnostics (Authdiag) Version 1.0 allows you to review, test, and correct problems with Internet Information Services (IIS) authentication and authorization. You can use Authdiag to check settings on Web sites, FTP sites, virtual directories, Web directories, and files. Authdiag can help you troubleshoot the following types of issues:
- 401.3 "Access Denied" errors caused by the following situations:
- NTFS file system authorization failures
- Required user rights missing
- Invalid permissions on registry keys
- Incorrect configuration for IIS metabase properties
- Authentication failures based on invalid configuration
- Failure of the system default permissions for IIS, based on incorrect permissions for directories such as %windir%\system32\inetsrv
- Failure within an Active Server Page (ASP) based on failed permissions
- Failure to access the home directory or FTProot because the accessing role, for example, Anonymous User or Authenticated User, does not have the appropriate permissions
Authdiag provides both user interface (UI) and command-line modes of operation. Both modes are used for troubleshooting authentication and authorization problems on a local server. Both the UI and command-line modes allow you to troubleshoot a single failure or multiple failures. Each time you run Authdiag, the tool stores all transactions in a History folder, so you have a record of the results of your queries.
I guess I should have pointed this out a while ago, but the community that I founded a year ago (http://groups.msn.com/MSProvisioningSystem) to help support the growing Microsoft Provisioning System (MPS) community has now been deleted and replaced.
The new official community for MPS (and other Microsoft Hosting related areas) can be found on the ASP.NET Forums: http://www.asp.net/Forums/ShowForumGroup.aspx?tabindex=1&ForumGroupID=29
I think it's great that Microsoft has decided to keep the community effort alive, but I also think there is always a place for a different forum. Even if the overall interest is the same. So I started another community on MSN focused on Provisioning. But I also didn't want to focus on just MPS. As I was one of the founders/builders of MPS, I still love the overall goal of the product/technology, but I also know that there is a bigger picture.
When I go out to talk with customers about provisioning, there is always the 5 minute banter of what "Provisioning" means. Some think it means deploying an OS and Application software on a box and others think of it as enabling services for users (Internal IT) and customers (Service Providers/Hosters). So why build a community just focused on MPS? Ya, that's what I thought! So I decided to build the community to focus on various technologies from Microsoft that help solve the various Provisioning Issues. This includes:
- Automated Deployment Service (ADS)
- Microsoft Provisioning System (MPS)
- Microsoft Identity Integration Server (MIIS)
- Business Desktop Deployment (BDD)
- Microsoft Biztalk Server
Each of these products and technologies provide a building block for IT Managers and Service Providers to solve their overall provisioning issues.
Here is the link to the new [Microsoft] Provisioning Community: http://groups.msn.com/Provisioning
Now the community is not full of content "yet", but over the next few months I'll be adding much new content, answer questions, and more to help get the community grow. But I really need the help of others to make the community a success. More on this later.
Conrad Agramont, Senior Architect , eQuest Technologies, Inc., * conrada@eqinc.com
I got a panic call from a customer the other day saying they were having issues with OMA working properly. Now this customer was running the Hosted Exchange 2003 solution which is a “special“ configuration of Exchange for Service Providers (same Exchange 2003 product, but with special “tweaks“ and a provisioning system to make it work for Hosters). They followed all of the steps detailed in the product documentation and everthing seemed to work so far (no errors when provisioning an organization or user/mailbox and mail was working via OWA).
When they attempted to connect to the Exchange via OMA with a device, they received a “500“ error coded from Exchange AFTER they authenicated properly. (I'll spare all of the troubleshooting details and just get to the resolution...)
Their resolution to this issue was found in this Microsoft Support KB Article (Thanks Google!!):
http://support.microsoft.com/default.aspx?scid=kb;en-us;829167&Product=exch2003
Hey, if there is a KB article (found via google), why even right a blog for it? Well I decided to do this because the KB article is focused on OWA and not OMA. And because someone else (without my google query skills) couldn't find it.
Perhaps this will help others that run into this issue.
Conrad Agramont, Senior Architect, eQuest Technologies, conrada@eqinc.com
More Posts