Archive for December, 2007
There are times when a blog post by someone just completely echoes your own feelings and JP Rangaswami has one of these for me. I spend a lot my thinking time, thinking about the nature of my use of Social Networking and the value of it. Why Blog, why use Facebook and why use Twitter and aren’t I putting too much information about myself out there into a big bad world for people to exploit. There is also a perceived wisdom that your business side is one thing and your private life is something entirely separate.
Perhaps because like JP Rangaswami we come from a culture that does not necessarily have these nice neat boundaries where much of what we do is a communal activity, where our lives are pretty much “open books” for people to prod and explore. In my experience doing business is one of the ultimate social activities and not an opportunity to adopt a persona or alter ego. Come see my world, my life, come see what drives and motivates me, what makes me laugh or cry, come see that I will absolutely do my utmost to support you, come see that I am just me and that I am real and come do business with me if you like what you find out.
After this issue was identified in a recent Newsgroup post, I checked my installation of WSS 3.0 on SBS 2003 and sure enough I had to enter my authentication credentials three times to open a Word document in a Sharepoint Document Library eventhough Windows Integrated Authentication was employed in a domain environment. Whilst this behaviour can be exhibited if you have basic authentication enabled on your Web Application (see KB871155), this was not the case for me.
It seems this issue is related to KB932118 and Persistent Cookies not being shared between IE7 and Office Applications in Vista. The workaround for Sharepoint is to place your WSS Site in the Intranet Zone and disable protected mode only for the Intranet Zone. This is due to the tighter security employed by IE7.
Have you tried the BBC iPlayer yet? I just installed it the other day to watch the Extras again and I’m pretty impressed. I know many people haven’t been too bowled over by it for various reasons and the Opensource Community was not happy that they couldn’t use it on Linux. You have to install the Download Manager and then you can download a programme from the last 7 days. If you don’t start watching it, then you have 30 days but if you start watching it then you have 7 days before the file is automatically deleted. The Extras was 400MB to download which on my broadband link took just over an hour (approx 100 kbytes/sec). The downloads are performed using a peer-to-peer technology called Kontiki which until I searched for it, didn’t realise it was owned by Verisign. As it’s a P2P network your computer can be used as a download “Peer Source” if you so choose. The content is pretty high quality so playing it full screen makes for a good experience.
Gone are the days where you competed on the basis that you kept your protocols and communication mechanisms a secret. So, it was good to see that Microsoft is going to make it’s Windows Protocols available to Samba Developers. I know Dave has already blogged on this but you might want to check out Sam Ramji’s background on this agreement at the Port25 Blog. You might also want to check out the Samba Announcement on this. Whilst I might argue with Dave on some points, I think we both agree that this is the right outcome and the sort of pragmatic approach we want to see from the Opensource World.
The Windows Protocols (or at least those implemented by Samba) are SMB (Server Message Block) and CIFS (Common Internet File System). The SMB protocol was documented by IBM back in the 1980s and CIFS was developed as a publicly available enhancement to SMB by Microsoft and a number of other Vendors. So, to say that these Protocols were never in the public domain is not quite true but over time Microsoft made enhancements for its various OS products without publicly documenting this.
I know Dave mentions that licensing of these Protocols has been available before the EC Judgement but Groklaw has an article stating that SUN Microsystems wrote to Microsoft back in 1998 asking for documentation to allow SUN to write software which was interoperable with Active Directory, but this request was turned down by Microsoft. SUN then lodged a complaint with the EC and thus was started the process which eventually ended in the recent verdict. Now whilst I agree with Dave the end results are not what consumers probably want or have taken up, ultimately Microsoft was found guilty of abusing its position in the market place and this was found by “due process”. This has also previously been the case in the US and the anti-trust case taken by the US Government. So unless we think that the US Government and the EC are just out to get Microsoft we need to learn from these things. I believe Microsoft is learning and attempting to move forward in a more positive and open way – it will take time. It needs people like Dave to explain within Microsoft why there should be closer working with Opensource Projects such as Samba (as the Port25 guys are doing) – not everyone gets it in Microsoft!
The other day I received an Amazon Gift Certificate from Vlad for the work that I do within the SBSC. I was really touched by this gesture and his sentiments. It was a really kind and generous thing.
One thing about Vlad is that he always actively supports and encourages IT Pros across the Globe and not just in his own backyard of the US of A.
I knew I couldn’t be upset at him for long and I have re-subscribed to Vladville, eventhough I know I’m going to disagree with him sometimes, but I’ve come to learn that’s okay and we do need to be made uncomfortable now and again.
I have met Vlad in person and I do get what he’s about. He is someone I would chose to spend time with not because of “Vlad the Icon” but because of “Vlad the Person”!
I just saw that Katie and Vlad are having a baby and congratulations to them. There’s nothing like the birth of a baby to put things into perspective and I remember after the birth of my first, my son Jeevan, I felt life was complete. If I never achieved anything more, then that would be okay.
I just learnt this evening that a friend of mine passed away last week through an illness he had been battling for some time. I met him through business and doing some work for him. We became friends and as he was a fellow Sikh we had another bond to link us. He was the same age as me and had two kids the same age as mine. It was an honour to know him over the past few years and he showed amazing courage in the face of such adversity, whilst continuing to run his business. What can someone say at such a time other than to know what things are really important in life. We are all on the same journey and I’ve always believed that how we face death is as important as how we face life.
So, to my friend, “Sat Sri Akal” and “Waheguru ji ki Khalsa, Waheguru ji ki Fateh”
Sometimes you learn from your mistakes and this was one of them. I had configured the SMTP service on Windows Server 2003 to send mail out from a MOSS 2007 deployment via 1and1’s SMTP servers (using authenticated access). A few days ago I received an email from them that this account had been sending out a lot of Spam and that the account was being temporarily blocked. After investigating this, I realised that the SMTP service had been configured by me to be an Open Relay! Doh! The mail queue folder had over 80,000 messages waiting for delivery with something like 800MB worth of Spam. I then configured it to only accept connections from the IP address of the MOSS Server and only to relay for this IP address. I then had to clear out the Mail Queue by deleting all the Spam messages in there as well. I had only recently set up the SMTP service and just goes to show you how quickly an Open Relay SMTP Server will be used by Spammers given the chance. I also changed the SMTP service to route via DNS rather than forward through 1and1’s SMTP Server. You live and learn!
There are some really good new articles from MSDN looking at Forms Based Authentication on Sharepoint, which are linked to on the Microsoft Sharepoint Products and Technologies Team Blog.
There are a couple of caveats that I’ve come across with FBA and they are :-
- The Sharepoint index crawler/search facility does not work with FBA, so you have to extend the Web Application and use this zone for Windows Authentication and set your content source to point to this extended web application. An extended web application still uses the same content databases as your original application.
- Sharepoint Designer doesn’t authenticate against FBA so again you need the above for this.
The Port25 guys have a really good paper on using Windows to manage Linux Identities. It relies on Samba on the Linux client side, Linux’s Pluggable Authentication Modules (PAM) and Identity Management for Unix under Active Directory Services on Windows Server 2003 R2. The Linux client is made a domain member of the Windows Server.
The latest version of Samba (v4) is looking to provide a full Active Directory domain controller but I don’t think Microsoft will be writing a paper on this.