A Blog for Graymad

Musings about ASP.NET and more...by G. Andrew Duthie

  • New weblog

    I’ve got a new blog, on the MSDN blog server that I’ll be using for my blogging while I’m a Microsoft employee. Not sure whether I will continue updating my weblogs.asp.net blog or not, but most of my blogging energy will be directed at the new blog. The new address is: 

    http://blogs.msdn.com/gduthie/

    Visit early…visit often.

    Read more...

  • Now running under WPA...

    It took me a while, but I’ve finally upgraded my home network to use WiFi-Protected Access (WPA) instead of WEP for securing my wireless connectivity. The upgrade was complicated by a laptop with a built-in WLAN adapter that didn’t support WPA (I switched to using the wired connection on that one) and a wireless bridge that was the wrong hardware revision to support an upgraded firmware patch to enable WPA (a Linksys WET54G). The good news is that after a few frustrating phone calls to Linksys, they allowed me to swap my wireless bridge for the later revision, which supports WPA via a firmware update. I got the new unit today, updated the firmware, configured my router (WRT54G), bridge, and TabletPC to use WPA, and all is working quite nicely. If only it was as easy getting WPA-enabled hardware as it was to configure the settings…

     

    Read more...

  • Nifty solution to some of the problems of least privilege

    One of my fellow Microsofties has come up with a neat solution to some of the hassles of running your workstation using a non-admin account. My advice for getting around things you can’t do as a non-admin has long been to simply run programs from a command prompt that you’ve started with RunAs, using the credentials for an account with admin privileges. The problem is that some programs don’t play well in this scenario, particularly install programs that run based on specific settings for the user installing the program. When you run programs like this, they (and/or their settings) end up associated with the admin account you’re using, rather than your less-privileged account.

     

    Aaron Margosis has come up with a way to fix this that’s quite easy to use. His solution is to create a batch file that adds your less-privileged account to the Administrators group, using the credentials of an existing admin account, then spawns a new command prompt using the account that you just added to the administrators group. The batch file then removes your less-privileged account from the Administrators group.

     

    By doing it this way, Aaron’s solved two of the tricky parts of elevated privilege…keeping the scope small (only the command window has the elevated privileges, until/unless you spawn other programs from it), and making sure that profiles of apps that you install are associated with YOUR account, rather than the admin account you’re using). I’ve only played with this briefly, but it looks to be quite a nice solution to a vexing problem.

     

    The download available from Aaron’s blog also includes a batch file for setting yourself up as a Power User, in case you’d like to further limit the privileges you’re granting yourself. There are still some caveats with Aaron’s approach, so make sure you read his entire post and understand what the batch files are doing before you use them, but with that caveat, I think this is a great addition to our security toolbox!

     

    Read more...

  • Lookout 1.2 Available for download

    Despite the concerns of some that Microsoft was taking it away from the community by acquiring the company, Microsoft has made Lookout, an add-in for searching through Outlook email stores quickly, available for download from the Microsoft download center. Enjoy!

    UPDATE: Apparently, the old link is dead, but the download can now be found at http://www.lookoutsoft.com/Lookout/download.html (via http://sandbox.msn.com/). Thanks to Niclas Lindgren for the update on the whereabouts of the download.

    Read more...

  • Red pill

    So...

    The big announcement that I hinted at last week is that, as of today, I have assumed the role of. NET developer evangelist with Microsoft, working in the East region. I want to say thanks to all the folks who've helped me develop the skills to get here, particularly my friends at INETA and ASPInsiders. I'm looking forward to helping folks in my new role. Though it may take me some time to get up to speed, feel free to ping me via the Contact link if I can be of assistance.

    UPDATE: I'm ashamed to admit that I forgot to thank a very important group of people...the MVPs. Between my leads, my fellow ASP.NET MVPs, and others I've met through the program, I learned a good deal, and had a lot of fun. Thanks to Ben, John, and the rest for honoring me with the award, and for being great colleagues and friends.

     

     

     

    Read more...