Posts tagged as microsoft

Microsoft AD RMS goes mobile

2012-01-24 by Administrator, tagged as data privacy, erm, irm, microsoft, rms, security, software

To spread the rumor, there is a new solution for mobile devices on the horizon supporting Rights Management Services (RMS) from Microsoft:

http://www.rmsviewer.com/

It is said to support iPhone, iPad and RIM Blackberry devices. Looking forward to see it on the App store

What Internet Explorer is still missing cntnd.

2011-11-09 by Administrator, tagged as microsoft, software

Remember my "What Internet Explorer is still missing" series? I think we're pretty far with IE9, right? Youtube w/o flash, isn't it something. Another feature users of other browsers are compassionately laughing about for years is integrated spell checking (yeah, I know I need it). Here we go...

http://www.zdnet.com/blog/microsoft/microsoft-internet-explorer-10-to-add-spell-checking-auto-correct/11186

Traverse Security Boundaries using Base64 Encoding

2011-08-03 by Administrator, tagged as microsoft, security, software

I often have the issue that I want to send binary code to a friend sitting behind filtering mechanisms that block a lot of content. In most cases I found a workaround base64 encoding the content and sending it either directly in the body of the mail or as simple text attachment. I even managed to get code onto a system that allowed read access to an USB stick but would not allow to copy to or from the stick. I just did cut'n'paste of the base64 content, decoded it and off it went.

Luckily, certutil.exe is part of Windows 7 and there is no need for more. I create a dead simple batch and put it on my desktop. I then simply drag'n'drop the file to be encoded onto the icon and have it saved right beside it. For convenience I also open it inside Notepad.

@ECHO OFF
certutil -f -encode "%1" "%~f1.enc"
notepad "%~f1.enc"

Stay tuned for the decodeing part...

...and here we go:

@ECHO OFF
certutil -f -decode "%1" "%~dpn1"

Map Sharepoint Permissions to RMS/IRM Rights

2011-07-01 by Administrator, tagged as erm, irm, microsoft, rms, security, software

This link explains how Sharepoint permissions are mapped to Office IRM rights:

http://technet.microsoft.com/en-us/library/cc261728(office.12).aspx

Disable RMS/IRM in Outlook only

2011-06-30 by Administrator, tagged as erm, irm, microsoft, rms, security, software

Microsoft Active Directory Rights Management Services (AD RMS) are supported by Microsoft Office since version 2003 out of the box. A whole bunch of Registry Keys allow you to configure the behaviour of the client application. If you do not want RMS to be used you can completely disable RMS inside MS Office. But what about only disabling it in Word and not in Excel?

Well, this is not possible out of the box but as a workaround you can disable GUI elements. This is done with IDs and since a new ID was added with Office 2010 here is what you need to set for Outlook 2010 (works for 2007, too - haven't checked 2003) 

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\DisabledCmdBarItemsList]
"TCID1"="9925"
"TCID2"="14954"
"TCID3"="14955"
"TCID4"="15831"

[HKEY_CURRENT_USER\Software\Wow6432Node\Policies\Microsoft\Office\12.0\Outlook\DisabledCmdBarItemsList]
"TCID1"="9925"
"TCID2"="14954"
"TCID3"="14955"
"TCID4"="15831"

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\DisabledCmdBarItemsList]
"TCID1"="9925"
"TCID2"="14954"
"TCID3"="14955"
"TCID4"="15831"
"TCID5"="20441"

[HKEY_CURRENT_USER\Software\Wow6432Node\Policies\Microsoft\Office\14.0\Outlook\DisabledCmdBarItemsList]
"TCID1"="9925"
"TCID2"="14954"
"TCID3"="14955"
"TCID4"="15831"
"TCID5"="20441"

12.0 is Office 2007
14.0 is Office 2010

TCID1-4 are Office 2007 and 2010,
TCID5 is Office 2010 only and the
Wow6432Node is for 32-bit applications (e.g. Office) running on a 64-bit OS

Hope this helps.

Cross-Platform Open-Source Video Calls and Remote Support = Jitsi

2011-05-30 by Administrator, tagged as linux, microsoft, software

I have been looking around for quite some time now to find a decent solution for cross-platform video calls. Main focus is Windows and Linux (Debian/Ubuntu flavor). I cannot really remember what the problems were in detail but something always sucked. Either video did not work at all or the client did support video on Windows but did not on Linux and so on.

I finally gave up my requirment for the solution to be open-source and decided to give evil Skype a chance. At least they got bought by Microsoft so running Skype on a M$ OS would not get any worse. But then the Skype Beta didn't really work as expected either. A workaround is required for it to detect the webcam on Linux. But once you have that configured streaming to Linux is really nice but the stream from Linux to Windows is somewhat shitty.

While researching some more on the web I stumbled upon Jitsi (formerly SIP-Communicator) again. It is a Java program that I checked out before but as described above did not really get it to work. Something abouth the ICE connection not working properly. In fact the project has its own implementation called ICE4J. One funny thing is that it seems to work much better when used with a SIP (I use iptel.org) than with a Jabber account (XMPP and Jingle). In fact, I had to disable ICE and UPnP on the Jabber account to get it working and writing these lines I just dicovered that SIP accounts do not have these settings.

Jitsi Configuration

Anway, this time I was surprised to have it detect my webcam right away no workaround required. I quickly set it up on Windows and wow... cross-platform video calling with acceptable quality. Tested it through double NAT, UMTS connection and it always worked.

I can now call back home when on the road (Windows OS) and have cool video sessions with my family (running Xubuntu). Again, things get better and better and better...

Jitsi Video Call

Wait a minute, did I mention that Jitsi also supports screen sharing? Well, If you read my last post you probably recognized that I am trying to support my dad remotely. When I did this UVNC setup I did not really think about sitting at home in front of a Linux machine. Now guess what? Right, UVNC is Windows only. Although you might be able to use another VNC viewer on the Linux box you will have a hard time to get the crypto plug-in to work.

I will now test if Jitsi is capabale to replace the UVNC approach and will report back at this very location...

Further reading: ZRTP (RTP encryption)

Update: Right after writing this post I got myself a UVC compliant webcam because I was wondering why the stream was very good in the direction to Linux but the stream to Windows was not. What can I say... this is definitely a recommendation. Even Skype now works without the workaround. Btw I got myself a Logitech Webcam C210 for around 18€

Email This for Internet Explorer

2011-01-04 by Administrator, tagged as microsoft, software

THIS ARTICLE IS WORK IN PROGRESS

The whole bookmarking, sync, interact, knowledge management, social networking thing is kind of tied to third party online services. A user not willing to participate is left out more or less.

I am trying to create my own personal management environment with a private system mainly running an IMAP/SMTP and web server. So far the server side is running fine and the main problems are the user interfaces. For example the IMAP server offers everything for a RSS feeds syncing system but the standard mail readers weren't really ment for this purpose especially not on mobile devices.

Anyyway, this little tool adds the functionality to the Internet Explorer context menu when clicked on a link to mail the destination directly to an email account. It uses the good old Blat to do so.

Email This Picture

In a way it is a little bit like the Send to Kindle or Read It Later service. But if you host your own private SMTP server no third party ever knows the articles you are interested in. Now isn't that something?

  1. Create a registry file adding the context menu entry and execute.
  2. Save the HTML code to a location sosmewhere in your user profile path on disk and edit it to fit your server and email address.
  3. Download Blat and put the files besides the HTML code
  4. Your good to go
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- saved from url=(0016)http://localhost -->

<html>
	<head>
		<title>Mail This</title>
	</head>
	<body>
	<p>This is a pure Javascript HTML file. Purpose is to be invoked from an Internet Explorer context menu (right-click) to send the link to a defined email account for later review.</p>
	<pre>
	Windows Registry Editor Version 5.00

	[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Email this]
	@="c:\\\\Temp\\\\MailThis\\\\MailThis.htm"
	"Contexts"=dword:00000020
	</pre>

	<script type="text/javascript">
	
		var strTempDir,
			strPath,
			strFile,
			strBody,
			strSMTPServer,
			strRecipient,
			strFrom;
		
		strSMTPServer = "smtp.google.com";
		strRecipient = "c@google.com";
		strFrom = "\"Email This <Email.This@google.com>\"";
			
		setEnv();
		
		createTempFile(strBody);
		
		strCommand = strPath + "\\blat.exe";

		strArguments = strTempDir + "\\\EmailThisBody.txt -server " + strSMTPServer + " -to " + strRecipient + " -f " + strFrom + " -subject \"" + strSubject + "\"";
		
		//alert( strCommand + " " + strArguments );
		runCmd( strCommand + " " + strArguments );

		function createTempFile(strContent)
		{
			var myObject,
				newfile;
				
			myObject = new ActiveXObject("Scripting.FileSystemObject");
			
			newfile = myObject.CreateTextFile(strTempDir + "\\EmailThisBody.txt", true);
				newfile.WriteLine(strContent);
			newfile.Close();
			
		}
		
		function runCmd(command, option) {

			var wsh = new ActiveXObject('WScript.Shell');
			
			if (wsh) {
				wsh.exec(command);
			}
		}
		
		function setEnv() {

			// Get Meta Info
			// strBody = prompt("Please provide addtional information", "Default");
		
			// Get temp dir
			var myObject
			myObject = new ActiveXObject("Scripting.FileSystemObject");
			strTempDir = myObject.GetSpecialFolder(2);
			
			// Get working dir
			var file = document.location.pathname; 
			strPath = file.substring( 0, file.lastIndexOf("\\") );
			
			// Get content
			var aWindow = window.external.menuArguments;
			var aDocument = aWindow.document;
			var anEvent = aWindow.event;
			var anElement = anEvent.srcElement;
			strBody = strBody + "\n" + anElement.href;
			strSubject = anElement.outerText;
			
		}
		
		</script>
	</body>
</html>

Microsoft ISA 2006 Integrated NLB Mode and VirtualBox

2010-10-08 by Administrator, tagged as microsoft, network, software, virtualization

Please remember if you are setting up an ISA Server 2006 NLB test environment that out of the box ISA server only supports unicast NLB mode. Most virtualization products like VMware (at least the last time I worked with it) and also VirtualBox only support multicast mode.

Main difference between the two modes is that unicast is a sort of hack to enable NLB by giving the same MAC address to different physical adaptors. In mulitcast mode a multicast MAC is added to all adaptors. Main advantage of the later is that mutlicast messages can be used for cluster heartbeat messages while unicast requires broadcasting of this information. So a heavy load might flood your switch infrastructure. On the other hand multicast mode requires switches supporting it and low-end devices usually don't.

Anyway, this is off topic. I just wanted to say that you need to enable multicast mode for ISA server networks if you want to test this in a VirtualBox environment. Otherwise you get unpredictable results. Once I enabled multicast mode everything worked as epxected.

One last thing. In cotrast to the documentation above I had to have NLB already enabled in the ISA MMC and virtual IPs assigned to my networks for the scripts to work.

Microsoft Download Manager

2010-05-22 by Administrator, tagged as microsoft, software

Well, I only have to bring up a painful subject and Microsoft reacts right away...

Grab the Microsoft Download Manager

UPDATE:The download page seems to be missing now but the direct linki to the software still seems to work. MSDownloadManager.msi

What Internet Explorer is Still Missing, Part #2

2010-04-19 by Administrator, tagged as microsoft, software

Some time ago in the early IE7 days I wrote an article about the definetely required functionality the Microsoft browser was still missing. IE8 then added some of the missing features.

Today, in the pre-IE9 days some things have changed but others have not. After all these years there still is no download manager integrated into Internet Explorer. The feature to resume an interrupted download is so normal these days that this fact could be the big laugh of the day.

Anyway, there is something from MS that uses the BITS feature from Windows. Sadly, it is OEM only but I am sure you will find someone with an account to grab the download. Check this link:

http://bink.nu/news/microsoft-bits-ie-plug-in.aspx

and get the download here:

http://oem.microsoft.com/downloads/bitsfiles.exe

You'll then get a decent context menu entry and a nice little GUI telling you about the download status. OK, I guess I can now omit my Windows wget port. Btw, this has been tested on a 64-bit Windows 7 Enterprise box invoked from the 32- and the 64-bit iexplore.exe. The bits_ie.exe is a 32-bit executable.

BITS Download Manager Context Menu

BITS Download Manager GUI