Microsoft

International Technology Frustration

We live in a world where our communications are sent around the world in sub-second times thanks to services like Twitter, Facebook and WhatsApp. Thanks to Facebook, LinkedIn and other people hubs we are closer connected to those around us without geographic discrimination and thanks to all of this high-speed communication and information transfer, we discover news and new information faster than ever before.

Taking all of this into consideration, why is it, that we are still in a world where one country takes the glut of the new technology releases without them officially seeing the streets of foreign lands only assisting to line the pockets of the lucky few who are able to import and export these technologies and sell them in the foreign lands via channels like eBay at exorbitant prices.

In the technology arena, Microsoft are one of the worst offenders for doing this. There’s been a number of releases over the years including but not limited to the Zune, Surface Pro, the Microsoft Band and the Wireless Display Adapter for screen Miracast that have been released and neither of them have been released outside of the borders of the US and Canada. Why is it that these highly sought after devices are only being sold in the US and not sold worldwide via Microsoft’s normal retail channels?

I remember when the Surface Pro first launched and I waited months to get one officially in the UK but it never came so I ended up importing one from the US with the help from a former co-worker. Back when Zune was a thing, I happened to be in the US on a long bought of work with my family in tow so I decided to buy one whilst I was there. I for one, would snap up a pair of Wireless Display Adapters and a Microsoft Band the day that they went on sale if they did ever appear here in the UK but I’m not holding out much hope which leaves me with the remaining option to buy them via eBay sellers.

The Microsoft Band is in high demand right now and whilst there a few of them on eBay UK for sale, the price is riding higher than retail and given that the device isn’t officially available here in UK, you don’t know how your warranty will be effected.

The Wireless Display Adapter isn’t quite so hot, largely because other competing products are available in the UK such as the Netgear PTV3000 and as a result of this, if I wanted one, I’d have to buy one from a seller on eBay US and pay whatever import and duty taxes the British government deemed appropriate and then pay whatever handling tax DHL or UPS levy on the shipment for the privilege of advancing my customs payment for me.

All this behaviour results in is a reduced consumer experience because there are devices out there that we want and the companies making them aren’t making them available to us so middle-men fill the void lining their own pockets with profit and driving the retail price up for consumers like you and me. I know that beaming a packet of data down an undersea fibre is obviously easier than arranging shipping and stocking of physical goods, but my point here is that with all of this technology to tell us what is happening around the world, to let us see what we could have, it’s akin to teasing a kid with a lollipop, waving it in front of their face and showing them it, videoing you licking it and playing it over and over again in their face. The kid will end us crying and wanting the lolly and you’d likely give in and let them have it after enough tantrum so why can’t companies see the same logic?

If the trend of devices only being released into the US and not being made available in Europe and the UK (and let us not forget our friends in Australia and New Zealand) continues then I think anything relating to the devices should be applied with IP filters to block people from outside of the availability regions from seeing, hearing or reading anything about it. At least that way, we wouldn’t have the lolly being waved under our noses to tempt us without the opportunity to ever have the lolly.

Prometric Microsoft Exam Vouchers

The team at @TechNetUK have just answered probably the most important question to any IT Pro in the Microsoft space out there with a blog post at http://blogs.technet.com/b/mpn_uk/archive/2014/09/01/pearson-vue-to-deliver-mcp-exams-for-microsoft.aspx and that is the subject of exam vouchers.

As you may or may not know, recently, Microsoft announced that Pearson Vue will be taking over the responsibility of managing the testing and certification for Microsoft exams as of September 2014 and the whole thing has left people wondering what will become of any pre-paid exam vouchers they may have.

Any pre-paid exam vouchers that you may have for Prometric and you will want to read the article to understand your dates and deadlines to use the vouchers before they get retired.

If you are in the business of taking Microsoft exams and certifying for Microsoft technologies, you really should be using exam packs and pre-paid vouchers if you haven’t done so previously. With the cost now £99 per exam, you can get a three exam pack with a discount of around 15% and you normally get Second Shot included with the pack which means you get a second chance to take each exam if you fail for any reason in the first instance.

I’ve got an outstanding exam voucher for transitioning my MCSA Windows Server 2012 to MCSE Windows Server 2012 which I really need to find the time and energy to crack on with and pass so that I can move on to bigger and better things so this could just be the inspiration I need to get the job done. Time to put the Tom Clancy novels down and get my study on I think.

The Forgotten Cost of Microsoft Azure Networks

We all know cloud services cost money, that’s a no brainer because we are consuming resources in somebody else’s environments, but what happens when you forget about it?

I was looking at my Microsoft Azure subscription today to see how I was doing for billing this month and the bill was higher than I expected. When I looked through the consumption charts in the Account Portal, I was shocked to see £20 of consumption against the Azure Network Gateway. Sometime ago, I had configured the Azure Network Site-to-Site VPN to test the feature against my ASA firewall at home. Once I had played with it for a while and verified I had a good configuration, I disabled the IPsec tunnel at my end as there was no point in keeping the connection up for the sake of it.

Problem was, I forgot about the Azure VPN Gateway which is a required item to enable the Site-to-Site VPN to function. I had accidentally left it running, consuming resources as it pleased without me actually reaping the service it offered.

Azure Gateway Hours

Sure, the cost is not significant, but it’s still a cost I’d rather avoid as I’m sure anyone out there paying up for cloud services would avoid. Money for nothing as Dire Straits famously said.

Needless to say, the VPN Gateway is now deleted and when the time comes that I want to use the Site-to-Site VPN, I’ll need to redeploy it and re-configure the Pre-Shared Key and IP Address for the tunnel endpoint on my ASA but that’s worth doing for a £20 a month saving on my Azure bill. Let this be a lesson to us all. Remember what you deploy and remember to clean-up after yourself when you’re finished with it.

Microsoft User Experience Virtualization (UE-V) 2.0 Review

In this post I’m going to show you Microsoft User Experience Virtualization (UE-V) 2.0 which is a really nice product from Microsoft for customers with access to Microsoft Desktop Optimization Pack (MDOP). MDOP is available as a free entitlement to customers with Software Assurance on their Windows Enterprise Desktop licenses. UE-V is designed as a 21st century replacement to Roaming Profiles.

Roaming Profiles Backstory

I’ve been a long time fan of Roaming Profiles whether you use them as a means to deliver virtual desktop infrastructure (VDI), a means to allow users to logon to multiple conventional desktops throughout a business or as a crude method to centrally backup user data so that if their laptop or other computing device fails, simply logon to a new machine and you get back the same experience.

Lots of people have hated on Roaming Profiles for their misgivings which they do indeed have: slower logon times, issues with the synchronisation of the profile between multiple machines and the occasional profile corruption issues. Some of the stigma with Roaming Profiles is alleviated when you combine it with folder redirection, another technology which I am a fan of however it’s still not perfect.

Roaming Profiles and Windows 8.1

Roaming Profiles have defiantly taken a back seat in Windows 8 and Windows 8.1. Log in to a Windows 8 or Windows 8.1 machine using a domain account that is setup with a Roaming Profile and you will quickly see that even when you connect a Microsoft Account (MSA) that some things just don’t work properly. Despite all my attempts to correct it, the OneDrive immersive UI app just never worked properly and Sync Settings between multiple PCs is completely disabled with all of the options greyed out to prevent their use.

I wasn’t too bothered about the lack of Sync Settings previously. This is mainly because of the fact that I work from home on a machine joined to my home domain with my other PC, a Surface Pro tablet connected to the same domain with the same roaming profile so my settings would sync in that manner but in a scenario where I could be using a work computer joined to a work domain means I wouldn’t have any sync activity between home and work. If you use a Surface RT or a Surface 2 running Windows RT you are in the same situation as even on the same network, you cannot domain join Windows RT leaving you with no sync options.

The lack of the OneDrive app did leave me feeling a little bit at a loss but not so much as I could quickly access OneDrive using the website and OneDrive worked just fine on my Windows Phone but the real kicker arrived with Windows Phone 8.1 Preview and tab sync for Internet Explorer. I’m a tab abuser and I commonly am known to have in the region of 20 tabs open all for various work and non-work related things all in various states of read and unread so being able to sync these tabs between my desktop from day job, my Surface for intensive evening browsing or my Windows Phone for casual pickup browsing hurt.

Introducing UE-V

User Experience Virtualization (UE-V) came to my attention a year or so ago when I was working with Application Virtualization (App-V), also from MDOP but I’d never seen the reason to try it out when Roaming Profiles worked for me but with the now lack of Internet Explorer tab sync between my devices, it made me want to have a go and see if it could improve my roaming experience by any amount.

Whereas Roaming Profiles captures the entire Application Data Roaming folder from the user profile and copies the changes back and forth between the clients and the server hosting the profile share and logon and logoff, UE-V works with a client-side agent which reads application data from a UE-V User Settings share at application runtime and writes back changes at application close.

Features of UE-V

The changes are captured per-application and not for the profile as a whole which means the change delta sync is very fast to converge, isn’t dependant on the user logging on or off whilst connected to the corporate network and working in tandem with Offline Files sync provider on the client allows for users to make changes to application settings which get written back to the share as soon as the agent detects a connection to the network making this a technology which could work really well with DirectAccess remote access technologies. This silo approach to sync also means that in the rare event of any corruption occurring whilst synchronising would be limited to only effecting one application and not your whole profile. All of these settings are sent back to the server in small files with the format .pkgx and are structured in an easy to understand hierarchy per application.

UE-V User Settings Packages

Because UE-V works not by operating at a roaming profile but instead as a man in the middle, monitoring your applications, tracking changes to settings and recording them to the central store, it doesn’t interrupt the way Windows handles profile state. For Windows 8 and Windows 8.1 users this means that you can connect an MSA to a domain user account and the options for Sync Settings are available and work and also that native apps like the OneDrive app work and sync properly which was my main driver for taking UE-V for a test drive.

UE-V Agent

This per-application nature of UE-V is perhaps also it’s Achilles heel dependant on the nature of your user base. Because UE-V works with applications and not profiles, it needs to know about your applications. For default Microsoft applications such as Notepad, WordPad, Calculator and Windows 8 immersive UI applications such as Weather, Sports, Finance and the like you can enable and disable the sync of settings for these applications out of the box either via the client manually or with a Group Policy Object using the UE-V ADMX file from the Microsoft Desktop Optimization Pack Group Policy Administrative Templates download. UE-V natively supported Office 2007 and 2010 also however Office 2013 is not natively supported but more on that in a minute.

To support custom applications including Office 2013, you need XML files to provide application definitions. These definition files can either be generated by you as an administrator for your custom line of business (LOB) applications using the Microsoft User Experience Virtualization Generator application or you can download XML files generated by others from the TechNet Gallery and hope that they fit your need. Microsoft thankfully provide an official set of XML files for Office 2013 for UE-V 2.0 which you can get from the TechNet Gallery in the form of either the Microsoft Authored Office 2013 (32-bit) UE-V Template or the Microsoft Authored Office 2013 (64-bit) UE-V Template. Standard community issued XML files can be obtained from the main list on the TechNet Gallery here.

Deploying UE-V

Deploying UE-V is really simple and because the .pkgx files generated for each application are typically very small and are transmitted across the network in a much friendlier approach that a giant squirt of traffic as you would have observed with Roaming Profiles it required little planning or infrastructure on either your SMB file share server or your network capacity.

The UE-V agent is installed using an .msi file which means you can install it via a Group Policy Software Installation policy, using a Computer Configuration startup script from a Group Policy Object, via System Center Configuration Manager or any other deployment toolkit which can accept an .msi file. You could even use System Center Updates Publisher (SCUP) 2011 to generate a custom update for the .msi file and deploy it using Windows Server Update Services (WSUS) if you have that implemented instead of a full product suite like SCCM and the GPO approach doesn’t take your fancy.

Configuration of the agent is done via Group Policy ADMX settings with settings that can be applied on a per computer or a per user basis allowing you to hone your deployment as you see fit for the business needs. If you are using System Center Configuration Manger you could use the System Center 2012 Configuration Pack for Microsoft User Experience Virtualization download from Microsoft to fully integrate the management of UE-V and SCCM into a single pane of glass.

In terms of the SMB file shares, in it’s simplest form, you need two shares. One for user settings packages and one for your XML custom templates. Permissions on the custom templates share simply need to be read for Domain Computers as the client runs in the context of the computer. Permissions on the user settings packages share where user data will be written requires similar permissions to a Roaming Profiles share: Permissions for your users, Domain Users for arguments sake to Create Folders at the root of the share and then Full Control for Creator Owner for sub-folders to allow users to own their own folder.

Creating custom XML files is pretty simple and painless so long as you have a reference computer with the applications you want to capture settings for installed. A simple event of launching the application to allow UE-V to monitor registry and file locations accessed by the application, close the application and then save your XML file is about as hard as it really gets.

UE-V XML Generator

Deployment of the XML files to the agents is a simple case of copying the files into the share you created earlier.

UE-V Template Store

Microsoft had the foresight also to include an option in the UE-V ADMX Group Policy extension which allows you to enable sync for either an administratively controlled list of Windows immersive UI apps or you can enable the setting to include all unlisted Windows immersive UI apps so that any app the user installs from the Windows Store or any app you develop as a business and sideload using your Enterprise rights for sideloading will be tracked too.

UE-V ADMX Settings

With a suitable selection of XML files imported into the Template Store, the client will on it’s next schedule, sync with the store and begin to include any new templates as I previously eluded to as shown below.

Roaming Profiles and UE-V Co-Existence

UE-V and Roaming Profiles can co-exist perfectly which makes migration super simple. In any environment, you can simply roll out the UE-V agent to your clients, setup your Group Policy with the appropriate settings to point users to the correct SMB file shares for both their own personal settings to be stored and a second share for your custom XML definitions. Once deployed, you can let UE-V sync application settings for users whilst the Roaming Profile is still in effect and when you have decided that you’ve let the overlap run it’s course, pull away the Roaming Profile attribute from a users Active Directory User Object. The profile for that user will be converted back from a Roaming Profile to a Local Profile and UE-V will have already captured all their application settings and will now operate as the single version of authority for application settings.

For me personally, I’m not the kind of user with a long list of applications. I found with some monitoring that I had all the applications I needed for UE-V to be successful for me in sync within about a week of normal working practice. One the week was up, I pulled the Roaming Profile attribute from my user object, free of the Roaming Profile logon delay and associated lack of Sync Settings in Windows 8.1 to be left with a Local Profile and all the Sync Settings I could ever want available.

In an environment with a long list of applications you may need a month or more to successfully overlap the deployment of the two but either way, it’s totally achievable and with the right amount of overlap your users probably won’t event notice the change. I’m still using Folder Redirection with Offline Files to keep my Documents are other vital folders protected but I think that feature will be a given for any company, it’s the profile that’s the real issue here.

The Future for UE-V

Microsoft have just recently made the UE-V 2.1 Beta available via Microsoft Connect. I haven’t yet tried this as it was made available only a few days after I deployed UE-V 2.0 here but I will be looking at it soon. The release notes promise better control over some of the settings requested through customer feedback from UE-V 2.0 and includes native support for Office 2013 so you don’t need the custom XML templates for it any longer.

UE-V certainly has a good future and if you are in the market for a Roaming Profiles replacement I would definitely look at it.

Microsoft EMET 4.1 Review

Microsoft Enhanced Mitigation Experience Toolkit (EMET) is something which has seemingly been around for years, a little known and less travelled piece of Microsoft software. In this post, I’m going to explore what EMET is, what it has to offer and briefly how it works.

What is Microsoft EMET

Microsoft EMET (Enhanced Mitigation Experience Toolkit) is a piece of software which can be deployed to assist in a defence-in-depth strategy to protect computers running Microsoft Windows. EMET employs deep hooks into applications monitoring them as they run looking for suspicious activities. Because EMET monitors code activity for patterns common to attacks, it is heuristic in it’s nature which means there are no definitions to keep up to date like anti-virus software which work by protecting against known attacks. EMET isn’t looking for the known but instead, for the unknown.

Believe it or not, EMET has been around for sometime although it’s largely never heard of. Even me as a Microsoft bigot hadn’t heard of EMET until about six months ago when I accidently stumbled upon it.

EMET has been available since 2009 in the dawn of Windows XP with new versions slipping out on a regular basis. The current general availability release is version 4.1 Update 1 and there is a version 5.0 available in Technical Preview. The current version 4.1 Update 1 supports operating systems from Windows XP Service Pack 3 all the way up to Windows 8.1 and Windows Server 2012 R2. Version 5.0 Technical Preview only supports Windows Vista Service Pack 2. Whether this is down to the end-of-support for Windows XP and therefore a purely commercial withdrawal from Windows XP is unknown but in that EMET is a 32-bit process even on 64-bit installations of Windows, it would be nice to think that there is some evolution happening and not just iteration.

Who is Microsoft EMET Designed For

EMET is not designed for home use due to the potentially complex nature of it’s configuration. You could safely deploy EMET at home if you left it in it’s default state protecting Office, Adobe Reader and Java but I probably wouldn’t recommend it without knowing what you are doing. EMET is designed for enterprises who want to add an additional layer of defence and protection to their client computers in addition to anti-virus and firewall software.

What Does Microsoft EMET Protect

Out of the box, EMET will protect Internet Explorer, Microsoft Office, Adobe Reader and Oracle Java but due to the way in which EMET is built, it can be extended to protect any application you desire but this needs to be taken with caution. Enabling certain mitigation hooks can cause applications to crash if EMET believes a certain operation is malicious when in fact it is desired behaviour. Microsoft have a list of known issues with EMET and application compatibility at http://support.microsoft.com/kb/2909257. There are various threads on the TechNet Forum discussing other compatibility issues with EMET.

The key takeaway is that you need to test EMET thoroughly before widespread deployment. Enabling mitigations in EMET can easily break an application or a whole system if you enable mitigation for an application which is key to hardware or operating system function (such as the known issue with ATI Video Drivers for example).

Reading the Microsoft Security Research and Defence Blog at http://blogs.technet.com/b/srd/ you can read some pretty complex and deep dive information on how that various mitigations in EMET work, how EMET has been able to thwart some of the more recent exploits from day zero. I for one don’t at this moment in time understand the what SEHOP means or how that protects me, I just know that it does although I do intend to read up on these various protection types.

What Does Microsoft EMET Cost

Nothing, it’s free for anyone who wants to download and install it. It’s worth noting that currently, only EMET version 3.0 is available for support through the Microsoft support channel of Microsoft Premier Support for enterprises. This is a very good reason to make sure you test the deployment of new mitigations in EMET before deploying them but I would consider whether deploying EMET 3.0 is the right thing to do regardless of support. EMET 3.0 is quite an old version and misses out on the newest certificate trust pinning feature.

Microsoft EMET Client Deployment

Microsoft EMET is installed using a traditional .msi file which can be manually installed or can be deployed with Group Policy Software Installation, System Center Configuration Manager or a third-party application management solution.

Microsoft EMET 4.1

The client when launches shows the current status for the four main protection types, DEP, SEHOP, ASLR and Pinning. DEP is a protection type which should be quite common for most system administrators as a Windows feature since Windows XP however SEHOP and ASLR will likely require some research. Pinning is a new feature in EMET 4.1 which allows you to protect against certificate man in the middle attacks. EMET locks the signature of trusted certificates such as those for Microsoft Windows Live, Office 365, Skype, Facebook and Twitter. This is a really nice feature and one that I’m personally a fan of although I would like to see more certificates listed by default such as Google.

If you opt for the EMET 5.0 Technical Preview, there are additional new features also but being a Technical Preview, you are even further beyond the scope of support so do this at your own risk for sure.

Microsoft EMET 4.1 Custom Certs

The Apps configuration list allows you to enable and disable mitigations for specific applications as well as define custom applications to be protected by EMET.

Microsoft EMET 4.1 Custom Apps

Microsoft EMET Client Configuration

When configuring EMET you have a number of options. You can either do this per client manually, using Group Policy with the provided ADMX file or with a configuration export. A configuration export gives you the most flexibility however it requires you to have a reference computer configured with EMET to your current specification. Once configured, you can export the configuration to a file which you can then import to other EMET clients automatically using System Center Configuration Manager for example.

Configuration using Group Policy is simple and allows you to control almost everything such as the status for system-wide protections and to configure user-defined application protections including which mitigations to apply for them however it does not appear to allow you to configure the certificate trust pinning. I’ve used Group Policy in my scenario as it was the easiest for me to implement and administer.

Microsoft EMET 4.1 GPO

Is Microsoft EMET Worth Deploying

This is a good question and one I considered before I deployed it at home for myself and I came to the conclusion of yes. Windows 8.1 is a good operating system with lots of protections included out of the box such as Windows Defender and Windows Firewall. It is regularly updated and patched to address performance, security and other issues by Microsoft closing holes as they are found and the success of the Windows Update service means that this patching is commonplace and reliable. System Center Endpoint Protection 2012 R2 which I use as my anti-virus protect does a great job of scanning for known viruses but as was said in a recent interview with a top dog from Symantec, anti-virus is “dead” (http://www.engadget.com/2014/05/06/symantec-declares-antivirus-dead/). Protecting systems at as many other levels as is viable and logical to do so therefore makes a lot of sense and a product which is free from Microsoft can only help to do this.

On my PC at home I have EMET running in the recommended security configuration and the process is consuming 14.9MB of memory. On my fairly standard desktop PC with 8GB or my Surface Pro tablet with 4GB RAM, 14.9MB is nothing to even think twice about and for that little bit of memory consumption, it’s a little extra piece of mind keeping me safe at all times.

If you try out EMET for yourself or if you have used it previously, please get in touch and let me know what your personal experiences are. I’d like to hear from anyone with previous experience with EMET due to the somewhat unknown nature of this product.

Microsoft Ordered to Release Dublin Server Data

An article went live on BBC News this morning (Microsoft ‘must release’ data held on Dublin server) which I hadn’t seen initially and was brought to my attention. The subject of the article is a US court case where a judge has ruled that Microsoft must hand over email records for a mailbox which is held on one of the servers in the Dublin, otherwise known to Microsoft Azure fans as the North Europe region.

Data sovereignty has always been an issue plaguing people considering a move to consume public cloud services and this case looks set to throw the whole debate up into the air once more.

The US government argue that they should be allowed to access the data in terms similar to those of a subpoena which grants them the right to request documents held in any country by the person subpoenaed however Microsoft contest against this and comments from the EU Commission agree with Microsoft. I’m in the camp of the Microsoft, the EU and the consumers among us all that if my data resides in outside of US jurisdiction that the US shouldn’t be able to just walk in and a take a copy. In all honesty, they probably already have a copy thanks to the NSA but unfortunately for them, that wouldn’t be admissible in court as evidence. Anybody else watch the Good Wife recently?

I really hope Microsoft battle this one through and that the EU member states back Microsoft in any appeals they make. The record and the law needs to be set the record straight with the US on the subject of data sovereignty. This is defiantly going to be a hot topic to watch out for.

Ballmer Leaving Speech Video

I saw the news last night that a video had leaked online of Steve Ballmer and got a chance to look at it today. Pretty emotional speech and quite restrained for Steve. I’ll be sad to see him leave Microsoft I think and he’s done so much for the company I love most. I hope that Microsoft can replace him with someone equally as energetic and enthusiastic about the company as he is. If you haven’t seen it, the  video on YouTube is below.

 

http://www.youtube.com/watch?v=38pWRi_LqV0

 

Advanced Malware Cleaning with Mark Russinovich

Mark Russinovich has been one of my life heroes since first finding out about his SysInternals tools and the work he does. I make it one of my best efforts to follow his blog, read his Windows Internals book series and read content by him – Not because I have a homo-erotic obsession with the man, but because the tools he produces and his knowledge of the Windows Kernel is truly amazing and it’s no wonder why Microsoft bought his company of the day not to be able to absorb the company but to be able to absorb the man himself.

Paul Thurrott posted a link on his blog to a video from a Windows Spotlight session recorded by Mark about Advanced Malware Cleaning. I have never seen this video before I must confess. I have now since watched the video and it’s an excellent resource and even showed an old diagnosis dog like myself a few tricks, however a lot of the steps in the document are not for the faint hearted: Interupting the Windows Kernel and Reloading the Kernel from Disk to unload malware in memory.

You can get to the video at http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=359. While on the site, I highly recommend anyone of a security disposition watches the related video over on the right by Marcus Murray entitled Knowing the Enemy – A Lightening Demonstration on How Hackers Attack Networks.

In less than 20mins, he demonstrates how to create a trojan horse using applications you can freely download from the Internet, how to hide that trojan inside a legitimate application like Word or PowerPoint and then once you have the trojan running, how you can use that trojan to attack an entire network and collect the passwords for every user in a domain.

Windows 7 Laptop Battery Issues

Due to a growing amount of chatter on blog sites and the like, Steve Sinofsky, President of the Windows and Windows Live divisions at Microsoft – Head of Windows 7 has posted on the Engineering Windows 7 Blog about the problems.

http://blogs.msdn.com/e7/archive/2010/02/08/windows-7-battery-notification-messages.aspx

Having been a user of Windows 7 since Build 7000 – The first Beta, I have had no such problems with the batteries as a result of Windows 7, but as a result of the batteries themselves.

I use a Dell Latitude D630 which is about 18 months old now. From new, I could get about  five hours usable battery life from my extended life 9-Cell Dell battery, however over time (While running XP and Vista) this degraded to about three hours as is to be expected when the laptop is connected to a docking station for the majority of the day. The battery continued to worsen and it got down to about two hours before Build 7000 became available.

Read more…

The Case of The Failed SharePoint Server 2007 Indexing

As my LinkedIn profile will kindly tell you, I’m working on a SharePoint deployment for Vocera to replace our current aged and disorganised ECM (Enterprise Content Management) system.

I was very confused one day to discover during my proof of concept and design stages that the indexing and crawling in SharePoint stopped working. I originally blamed this on myself for moving from an internal model to a external model by making some changed to the Shared Services Provider (SSP), however I discovered today this is untrue.

http://social.technet.microsoft.com/Forums/en-US/sharepointsearch/thread/84f93fbe-f4a6-4683-b25b-b595b9006ad7

This most helpful Microsoft TechNet Social forum page explains how the cause is a .NET Framework 3.5 Family update that makes changes to the authentication model and providers in SharePoint.

Follow the instructions in the post from Sandeep Lad to resolve your issues.