Confused Amused

http://googlemac.blogspot.com/2008/05/mac-os-x-1053-sync-google-contacts.html

Very nice addition. Now I can actually keep my iPhone and Google contacts in sync.

http://windowsvistablog.com/blogs/windowsvista/archive/2008/05/27/microsoft-demonstrates-multi-touch.aspx

Oh good, Microsoft is really blowing us away here. First they showed off Surface last year, multi-touch on something table-sized. Now they’ve incorporated it into a laptop-size across all of Windows. Keep in mind this is something without a release date, and yet Apple’s been doing this pretty seamlessly on the iPhone, roughly 10% the size of a laptop screen for almost a year now. So by the time this even hits the consumer market it will be a 2-3 year old technology. And this is supposed to impress us? Oy.

http://blogs.technet.com/isablog/archive/2008/05/23/isa-server-2006-service-pack-1-features.aspx

Looks pretty nice, the feature I liked most is that SAN certificates are now supported.

Link: And that’s without having to install the stupid SaveAsPDF add-on. Yay.

Recently a few of the folks I work with that use Macs noticed Entourage 2008 was having trouble using Exchange 2007 Web Services properly (as it advertised it would). I tried it out from home and verified the same thing, that the Out of Office Assistant and Free/Busy lookups didn’t go so well. I’ve been meaning to get around to building an OS X 10.5 virtual machine so I could hook it into my VM environment and do a packet trace to see what was going on, but it seems like I won’t need to anymore. Just update your friggin’ client to SP1 and EWS works properly. They’ve also added support for Autodiscover. I haven’t had a chance to play yet, but I wonder what kind of lookups and certificate restrictions Entourage has compared to Outlook.

So, moral of the post - problems with Entourage 2008 for Mac and you’ve got an Exchange 2007 environment? Upgrade your clients to SP1.

The mixed reports that I’ve read up to this point didn’t really nail down whether or not SSTP as a VPN protocol was going to be included in SP3. Last night I updated one of my machines to SP3 and confirmed it is not present. That’s a bummer. That’s an incredibly useful protocol and would have been extremely handy to backport to XP, but instead it’s still only supported for Vista or Server 2008 clients. Lame. I’m sure Microsoft didn’t want to give anyone more reason not to upgrade to Vista.

For the most part, installing certificates on Windows is no easy task for an end-user. A combination of mmc and trying to put the cert in the right store is a much, much longer process than is needed. This post should show you how to export a certificate from the Trusted Root Certification Authorities store as a .reg file that you can distribute to end-users. You could also use it as part of a batch file or VBScript to silently import the certificate.

Click Start | Run and enter mmc. Press OK.

Click File | Add/Remove Snap-In and press the Add button.

Choose Certificates and press Add.

Choose Computer Account and press Next.

Leave Local Computer selected and press Finish.

Press Close and OK.

Expand the Certificates\Trusted Root Certification Authorities folder and look for the [CA Name] certificate. It may be listed twice. Double-click to open the properties.

Click the Details tab. Scroll to the bottom and examine the Thumbprint. Take note of the first few characters.

Click Start | Run and enter regedit. Press OK.

Expand HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates. Look for a key name starting with the same characters as the thumbprint. The certificate data is stored in the blob value.

Right-click the key name and choose Export.

Save the .reg file some place safe.

You can also use this method for some of the other certificate stores. The other useful store I use frequently is the Personal store. Just replace the ROOT in that registry path with MY to find the certificates there.

This evening I downloaded the Microsoft Stirling Threat Management Gateway (TMG) product, the newest iteration of ISA to try out. I fired up a spare VM I had lying around and ran the installer. Strangely enough, the "installer" dumped setup files in a folder for me. I had to go dig for them and launch another setup. Good start! After clicking the install link it chugs along for a few seconds and comes back with Installation Failed. No reason, no explanation, nothing. How handy! I poked around in the log files generated by setup but nothing stuck out. I updated the machine completely thinking it was a .NET 3.5 SP1 deal or something along those lines. No luck.

I guess when all else fails, look at the system requirements, right?

I was trying to install on an x86 Server 2003 VM. Oops.

A few weeks ago Michael Wagner posted an entry on the Communicator Team Blog about the 3 different stages enhanced presence can actually be in. Prior to that I had assumed that it was either an on or off deal, but there’s a nice little limbo state in the middle to confuse you further. I had the opportunity to play with these different states recently so I figured I’d share what I experienced because it differed slightly from Michael’s post.

The same rules apply:

• Stage 1 - The user account Enhanced Presence setting is unchecked. This is accomplished by enabling a user for OCS 2007 or migrating a user from LCS 2005.
• Stage 2 - The user account Enhanced Presence setting is checked, but they have not signed in with Office Communicator 2007. This is accomplished by manually checking the box "Enhanced presence" on the user account.
• Stage 3 - The user account Enhanced Presence settings is checked and the user has signed in with Office Communicator 2007.

Here’s what I found a client was able to log in to, depending on their stage.

Stage 1

• Communicator 2005
• Mac Messenger 6.0.3
• 3rd-party clients (Trillian, Miranda)

Stage 2

• Communicator 2005
• Communicator 2007
• Communicator Web Access 2007
• Mac Messenger 6.0.3
• 3rd-party clients (Trillian, Miranda)

Stage 3

• Communicator 2007
• Communicator Web Access 2007

Takeaways

• Moral of the story is that once a user signs in to Office Communicator 2007 there’s no going back. The only fix is to delete their account from OCS and re-enable it, but they will lose their contact list and access level preferences.
• If you migrate users from LCS 2005 they will not be able to sign-in to a 2007 client unless you enable their account for enhanced presence. I know it’s counter-intuitive because most of the documentation states that you can’t use OC 2005 if you’re enabled for enhanced presence. Not true, you can continue using OC 2005 until you sign in once to OC 2007. The big gotcha here is why users couldn’t log in to OC 2007 after being migrated successfully - it’s because you have to manually set the enhanced presence.
• Oddly enough, that only seems to be required for migrated users. For a new user who had never been on LCS, simply creating their OCS account allows them to log in to OC 2007 without enhanced presence being checked. This behavior really confused me, but it must be a difference in how the user creation process is handled for an OCS pool as opposed to an LCS pool.
• Michael’s post states that you can’t log in to CWA 2007 unless you’re at Stage 3. I found this to be false. You can’t login to CWA 2007 until you reach Stage 2.

Granted, this has probably been going on for awhile now, but since I tend to use my Apple products on the Mac at home it’s the first time I’m seeing it. The software update I was offered this morning includes Safari being checked by default even though I have never had Safari on my PC. I’m usually a fan of Apple stuff, but this just sucks. If I want the freakin’ browser I’ll download it myself, thanks. I expect an update to be for the products I currently have, not some other product I’ve never installed. I know it’s the Microsoft way, but does Apple have to fall into this crap too?! Very disappointing.