Aimless Ramblings from a Blithering Lunatic . . .

Just another Microsoft MVPs site

Month: October 2006

Vista RC2, IE7 and SBS Self-Signed Certs

Yes Virginia – there is a Santa Claus . . .    oh wait, wrong story . . .

So as I mentioned in my previous post, I took the plunge and installed Vista RC2 on my primary production machine, and so far it’s going well . . .  granted a bit of a learning curve – but well worth it.

Like a lot of SBSers out there, we’re making extensive use of self-signed SSL certificates for accessing RWW, OWA, ActiveSync, etc.  Well, if you’re being a good little tech and running Vista as a non-admin, and you haven’t had much experience with IE7 yet, you might be trying to figure out just how to get those certs installed . . .

The first thing you notice when browsing to a site using a self-signed certificate, is that you don’t get to see the site right away – rather, IE7 gives you a full page warning insted of the old Security Warning pop-up.  So, you click to continue to the website, and you’ll notice that your address bar has changed to a deep red indicating the security risk with this site.  If you click on the ‘Certificate Error’ in the address bar, you can view the certificate.  But viewing the certificate – you notice one minor problem . . .   you don’t have an option to actually install the cert!

The thing is, you need to have administrator permissions to install your cert.  So here’s the trick . . .   click on Start | Programs.  Right-click on Internet Explorer and select ‘Run as Administrator.’  When prompted, enter admin credentials, and IE opens.  Navigate to your site, on the warning page select to continue to the site, then click on the Certificate Error in the address bar, and then view the certificate.  Now you have the option to install the cert.  But slow down there, young grasshopper . . .    if you just click through the add cert wizard like you do in XP, it’s not going to work for you.  You see, by default the add cert wizard is going to install the certificate for just the current user – and since we’re running IE as Administrator – you guessed it – the cert gets installed for the Administrator account – not yours.  So how do you get around this?  When you’re running the import cert wizard, you’re going to want to specify a location for the certificate:

Click Browse, the click to select ‘Show physical locations’ – then scroll up in the list, expand Trusted Root Certification Authorities and select Local Computer.

 Click OK, then finish the import certificate wizard.  Close IE (after all, you don’t want to be browsing as an admin)

Open IE, navigate to your site and voila!  There you go . . .

The Winds of Change . . .

Can you believe that this Wednesday, October 25th – marks the 5 year anniversary of the launch of Windows XP?  5 years!  Wow, no wonder things have been pretty comfortable and cozy on the help desk front – work with an OS for that long and you’re bound to know it inside and out.

But alas, progress marches on and we’re in for a whole new learning curve on the desktop (or more accurately, our users are in for a whole new learning curve, and we’re in for a completely revamped traning ciriculum)  

First, IE7 RTM’d last week – and there’s a bit of a learning curve there as well (honestly, how many of you cussed like a sailor the first time you tried to install a self-signed cert?)  I’ve been running the beta for several months now, and have become addicted – especially with the full-screen functionality when using web apps.  And I will admit that yes, IE is not only my primary browser, it’s the only browser I currently have installed.  Sure, I’ve read Vlad’s rants – but what can I say, I actually like IE  (yeah, I know – I’m sick & twisted). 

With IE7, Microsoft has been pushing out tons of add-ins, and free little applications, all using the Windows Live branding.  One of which being the Windows Live Writer, that I am actually using for the first time to compose this post.  So far, I have to admit that I’m impressed with this.  If you want to take a look, you can get it here – or read Vlad’s thoughts on it here  (after all, we all know that Vlad has a clear-cut opinion on EVERYTHING    )

And then we have Office 2007.  Of course, with what I do on a daily basis, Office for me is pretty much defined by Outlook, with Access and FrontPage (oops, SharePoint Designer) being a distant second & third . . .   I’ve also been running the Office beta for several months – and was totally sold until a few hiccups with the Beta 2 Technical Refresh (B2TR) – which resulted in Outlook crashing when I tried closing it, and getting a corrupt OST every time I opened Outlook . . .  this has been resolved – but more on that later.  So far the built-in RSS capability in Outlook, combined with the new kick-ass shared calendars view, the To-Do bar, and ease of adding Exchange accounts (users only have ONE choice to make – then it automatically detects the username, email address, and finds the Exchange server on the LAN – no more having to walk users through typing in the internal FQDN of their Exchange, blah, blah blah . . .  (at least, it worked that slick on a domain PC on the LAN)  Of course, there’s much more to Office 2007 – but those are the tidbits that affect me on a daily basis

Finally, our biggest change right around the corner is Vista.  Again, I’ve been running beta builds for quite some time – but admittedly on my home PC that I rarely ever use for anything besides the occasional web browsing.  Well, I was a few builds behind, and decided to take a serious plunge into the Vista experience – so I reinstalled my primary machine (Acer TravelMate C314XMi tablet) with the Vista RC2 bits yesterday . . .    I did download & run the Windows Vista Upgrade Advisor before starting the process – which was great for identifying what hardware and software I might have issues with.  So far, I have to admit that based on my previous experience with various Vista beta builds, I am very impressed.  The installation was painless – with all of the required information being entered up front, and the rest of the process being completely automated – reboots and all. 

After having lived through the migration experience from Win98 to 2000 Pro, and then from 2k to XP – I’m still scarred from application incompatibility, and driver issues (most notably a glaring lack of drivers) . . .   But, that doesn’t appear to be the case with Vista.  So far, I’m only having a couple hardware issues – most are pretty insignificant, but one – while not necessarily a show-stopper, is close.  My integrated Intel 2200BG wireless adapter is not cooperating.  Vista includes drivers for this wireless adapter, and it is installed, and when enabled it detects available wireless networks.  However – it refuses to connect to any secured network (WEP or WPA-PSK) – and while it will connect to an unsecured network – the connection only holds for ~5 minutes until it’s dropped and the adapter reports that there is no signal for that network any more.   Tad bit annoying . . .  especially since I only ever work wirelessly at home.  But on the flip side – my Verizon Wireless aircard works flawlessly.  As for the minor hardware issues – my function buttons to enable / disable things like WLAN & Bluetooth, or shortcuts to email, web, etc. are not working – neither is the On-Screen Display for these buttons, or my generic function keys (so I need to figure out how to disable NumLock when I’m in a remote assistance session  )  And finally, while my sound worked – Vista kept complaining that the audio drivers were not compatible with Vista – so I downloaded the Vista beta drivers for AC’97 audio from Realtek’s website – and I’m good to go.  (Of course, dealing with Realtek’s slow download site was a bit annoying in itself – almost 2hrs to download 26MB)

What really surprised me was that there were drivers for our printers here at the office.  Granted, they aren’t anything overly special or bleeding-edge – but again, I remember the issues obtaining print drivers in the past.  Adding our HP LaserJet 4200tn was a snap – I entered its IP, and Vista did the rest – queried the printer, determined the make/model and selected the appropriate driver and voila!  Now, it wasn’t quite that simple installing our Okidata C5150n color laser – Vista tried querying the printer – but wasn’t able to get the info it needed – so I had to select the driver the old-school way.   Now, the driver list didn’t include a driver for the Oki C5150n – but it was available via Windows Update – so all is well.

On the application front – so far just about everything is behaving itself.  Naturally, Office 2007 B2TR is playing very nicely with Vista – but the latest versions of other necessities like Adobe Reader, Java engine, Flash player, etc. all installed and ran without a hitch.  Notably, some of the little things that I use and depend on daily are working without issue.  The AutoTask for Outlook add-in installed and is running perfectly (which is a huge relief since that would have been a show-stopper for me if it didn’t) – and the AstTapi driver (that let’s me dial out from Outlook using our Trixbox phone system) is working nicely as well.

A few applications required a workaround to cooperate – most notably the Firewall Client for ISA 2004, and the connectcomputer wizard for SBS 2003.  You can get the details on getting these to work over at Sean’s blog – here and here . . .

The only application that is throwing me a bit of a fit is QuoteWerks – which is throwing an error when it tries to log in to its back-end SQL database – so I can’t really do anything . . .   but if I absolutely need to access a quote, QuoteWerks is installed on our Terminal Server – so I can get to it there. 

Finally, performance-wise – I have to say that this machine boots up and shuts down WAY faster than it did with XP Pro – and overall performance seems to be right on par, if not better than XP Pro. 

So, here’s to change !