Angular 2: Getting Started With Visual Studio 2015

My “Angular 2: Getting Started” course on Pluralsight details how to get started with Angular 2. To provide guidance that works on any platform (Windows, OS X, and Linux), the course uses Visual Studio Code as the editor. However, there are many developers that prefer to use Angular 2 with Visual Studio 2015. This post shows you how.

The biggest challenge in providing guidance for using Angular 2 with Visual Studio 2015 is that there are too many options.

  • Do we use TypeScript? If so, do we use a TypeScript project in Visual Studio 2015?
  • Do we use ASP.NET? If so, ASP.NET version 4.6 (current version) or ASP.NET Core 1.0 (previously known as ASP.NET version 5.0 and currently in beta)
  • Do we use MVC? If so, MVC 5 (current version) or MVC 6 (currently in beta)?
  • Do we use more JavaScript-ish tools such as npm? Or try to do everything with Visual Studio tools?
  • Do we use the command line? Or try to do everything within the Visual Studio 2015 IDE?
  • And so on …

The plan is to cover several of these options, starting with the most basic steps required to use Visual Studio 2015 with Angular 2.

Using a Visual Studio 2015 TypeScript Project

For this first technique, we’ll cover how to set up and run the “Angular 2: Getting Started” files using a TypeScript project in Visual Studio 2015.

1. Download the starter files from my GitHub repo: https://github.com/DeborahK/Angular2-GettingStarted

    If you are not familiar with using GitHub, just click on the “Download ZIP” button as shown below. Then unzip the files.

image

2. Open Visual Studio 2015 and create a new project: File | New | Project.

3. Select the TypeScript project template and name the project “APM” for Acme Product Management.

image

4. This creates several TypeScript sample files. Delete app.css, app.ts, and index.html.

image

5. In file explorer, open the cloned or unzipped `APM – Start` folder if you want to start with the project starter files. Open the `APM – Final` folder if you want to work with the final files from the course.

image

image

6. Copy all of the files from within the folder shown above (except the .vscode folder) to the APM project file you just created with Visual Studio.

image

7. Click the “Show All Files” button in the toolbar of Solution Explorer.

image

8. Select to include the api and app folders and the index.html, package.json, tsconfig.json, and typings.json files into the project. If desired, click “Show All Files” again to hide the remaining files.

image

9. Right-click on the package.json file and select: Restore Packages

image

10. Open the Output window (View | Output) to watch Visual Studio 2015 run npm and install Angular 2 and its dependencies.

So even through we are using a Visual Studio 2015 menu option (Restore Packages), Visual Studio is running the Node Package Manager (npm) to install all of the packages defined in the package.json file.

image

11. If npm finishes successfully, it should appear like this (see below) in the Output window.

image

12. Right-click on index.html and select Set As Start Page.

image

13. Press F5 to run and the application appears in the selected browser.

HOWEVER … you won’t be able to edit and continue. And if you edit and try to refresh the browser, you will most likely see a 404 message.

I have not yet figured out the magic required to provide edit and continue using Visual Studio 2015 directly … but you can get edit and continue if you stop debugging and run the application using a script instead of F5 following these additional steps:

14. Display the Package Manager Console (View | Other Windows | Package Manager Console).

15. Type `cd APM` in the Package Manager Console to change to the directory containing the APM project.

NOTE that if you used a different directory name for your project, type that instead. And if you have a space in the name, it will need to be enclosed in quotes: cd “APM – Start”

16. Type ‘npm start’ into the Package Manager Console.

This will launch your default browser and watch for changes. You can then edit any of the project files (AND SAVE!). The browser will then update automatically and reflect your changes.

By following the above steps, you can follow along with the course using Visual Studio 2015 instead of VS Code. Just be sure to follow steps 14-16 above each time you reopen the project to restart the script that watches for changes and refreshes the browser.

It would be great to hear from you on whether these steps worked for you. Follow me on twitter: @deborahkurata

Enjoy!

Leadership – Three types of mentors for personal growth

John Maxwell shares an excellent article on the value of mentors in building leadership skills

http://www.johnmaxwell.com/blog/the-three-types-of-mentors-every-person-needs-to-help-them-grow

 I’m not a self-made man. It took a lot of people investing in me to get me where I am today. You may wonder: Who helped you, John?

Mentors – A mentor is someone who teaches, guides and lifts you up by virtue of his or her experience and insight. They’re usually someone a little farther ahead of you on the path—though that doesn’t always mean they’re older! A mentor is someone with a head full of experience and heart full of generosity that brings those things together in your life.

Started Close to Home — My first mentor was my father, Melvin. His investment into me as an individual was the foundation for everything I’ve achieved. My father’s encouragement, observation and advice helped shape everything from my mindset to my belief about the future. Without him, I’m not sure where I would’ve ended up.  But not every mentor in my life was a family member! There came a time when I had to seek mentors beyond my family tree in order to be successful. That required me to have the self-awareness necessary to choose mentors who could help me be the best version of myself possible.

For me, there have been three types of mentors:

1. Those Who Knew Me and Knew They Made a Difference — The greatest example of this type of mentor in my life was Coach John Wooden. I intentionally sought Coach out to learn about teamwork, leadership, vision, and character. I’ll never forget how much work I put into our first meeting—I came armed with pages of questions that took me hours to write! And the preparation paid off; not only did I come away from that initial meeting with a thousand ideas to consider, I also earned the right to sit down again with Coach Wooden several more times before he passed away.

2. Those Who Knew Me and Didn’t Know They Made a Difference — For me, the greatest example of this in my life is Kurt Campmeier, who introduced me to the concept of having a personal growth plan way back at the beginning of my career. Kurt’s influence on my life and work is far greater than the amount of time he spent with me, but time isn’t always equal to impact. For years, I don’t think Kurt had any idea of the impression he’d made on me. But a few years ago, my team tracked him down, and I had the opportunity to see him again and thank him.

3. Those Who Didn’t Know Me and Yet Made a Difference — And that intentionality extends even to those mentors whom I’ve never met. That may sound strange, but the truth is that all of us have access to long-distance mentors we may never meet in person! Speakers, books, magazine articles, webinars – the list of available mentors is endless.

Be Intentional about Finding Your Own Mentors — No one gets to the top alone. We all have help. It’s why I’ve made mentoring such a crucial part of my growth—and it’s why I mentor people along the way. It’s the inspiration for my Maximum Impact Mentoring call each month, and the reason I continue to write and speak to audiences each year. I want to help as many people as possible become all they can be.

TeslaCrypt 4.2 Released with quite a few Modifications

Version 4.2 of the TeslaCrypt Ransomware has been released according to TeslaCrypt researcher BloodDolly. This version was released today and contains quite a few modifications to how the program runs. The most notable change, though, is the revamp of the ransom note.  The ransom note, shown below, has been stripped down to basics with only the necessary info to connect to the payment servers.

http://www.bleepingcomputer.com/news/security/teslacrypt-4-2-released-with-quite-a-few-modifications/

Windows Server 2016 TP5 Cumulative Update

An update – KB 3157663 – should be installed BEFORE installing any roles, features or applications into a TP5 system.

 

Finding the update isn’t easy – no links from the TP5 pages and doesn’t show in search on Bing or if search microsoft.com

 

You can find it here:

https://support.microsoft.com/en-us/kb/3157663

 

Lets hope RTM is a bit more organised

Removal instructions for Snail Translator

What is Snail Translator?

The Malwarebytes research team has determined that Snail Translator is adware. These adware applications display advertisements not originating from the sites you are browsing.

https://forums.malwarebytes.org/topic/182418-removal-instructions-for-snail-translator/

Windows Server 2016 TP5 now available

Microsoft have released Technology Preview 5 (TP5) of Server 2016 today.

 

Its available from MSDN and the evaluations site

 

Lots of new stuff to try out

New variables with the variable cmdlets

 

So you have some data in csv format:

column1 column2 column3 column4
——- ——- ——- ——-
a1      b1      c1      d1
a1      b2      c1      d1
a1      b3      c1      d1
a2      b3      c1      d1
a2      b4      c1      d1
a2      b3      c1      d1
a3      b5      c1      d1
a3      b6      c1      d1
a3      b7      c1      d1
a4      b5      c1      d1

 

In a variable $cd

 

You want colum1 and column2 in a new variable

 

Simplest way is probably

$new1 = $cd | select Column1, column2

 

The *-Variable cmdlets don’t get out much so I thought examples using them would be useful

You could also use the New-Variable cmdlet

New-Variable -Name new2 -Value ($cd | select Column1, column2)

 

Set-Variable also works

Set-Variable -Name new3 -Value ($cd | select Column1, column2)

Malware – Hewlett Packard releases Enterprise Cyber Risk Report 2016

Hewlett Packard has released their Enterprise Cyber Risk Report for 2016 as shared below.  As key themes, it is noted that older vulnerabilities that are actively circulating are sometimes the most popular means of attack.

https://isc.sans.edu/forums/diary/Highlights+from+the+2016+HPE+Annual+Cyber+Threat+Report/20985/

http://techbeacon.com/resources/2016-cyber-risk-report-hpe-security

HP released their annual report for 2016 that covers a broad range of information (96 pages) in various sectors and industries. The report is divided in 7 themes, those that appear the most interesting to me are Theme #5: The industry didn’t learn anything about patching in 2015 and Theme #7: The monetization of malware.

Theme #5 — According to this report, the bug that was the most exploited in 2014 was still the most exploited last year which is now over five years old. CVE-2010-2568 where a “[…]  local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file , which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010 […]” [2] is still the top vulnerability for 2015 (29% in 2015 vs. 33% in 2014), see the pie chart on page 32 showing the Top 10 CVE for 2015, where the oldest CVE is from 2009.  The Top 3 targeted applications and platform where: Windows, Android and Java which isn’t a huge surprise.

Theme #7 — This doesn’t sound really new and not that surprising, in 2015 malware needed to produce revenues. HP noted a significant increase in malware targeting ATM, banking Trojans and ransomware targeting every operating systems in particular smartphones. Some of the well-known ransomware families include Cryptolocker and Cryptowall where the malware author will request a ransom to decrypt password encrypted files but once paid often fail to provide the key. Obviously, the best protection is to regularly backup your files (and more importantly test the backup as well) in case you ever get caught by this.

Microsoft Security Updates – APRIL 2016

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release:

https://technet.microsoft.com/en-us/library/security/ms16-apr.aspx

https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+Summary+for+April+2016/20935/

https://isc.sans.edu/mspatchdays.html?viewday=2016-04-12

http://blog.talosintel.com/2016/04/ms-tuesday.html

From Talos INTEL OVERVIEW Patch Tuesday for April has arrived with Microsoft releasing their latest monthly set of security bulletins to address security vulnerabilities in their products. This month’s release contains 13 bulletins relating to 31 vulnerabilities. Six bulletins address vulnerabilities rated as critical in Edge, Graphic Components, Internet Explorer, XML Core Service, Microsoft Office and Adobe Flash Player. The remaining seven bulletins address important vulnerabilities in Hyper-V, Microsoft Office and other Windows components.

FROM ISC OVERVIEW — Among today’s Patches, here is my personal “patch ranking” by order of urgency:

1.MS16-050: This is essentially Friday’s out of band Adobe Flash patch. Adobe stated that it is already used to spread ransom ware. So don’t wait on this one.
2.MS16-039: Exploits are available for two of the vulnerabilities, and it is “no user interaction arbitrary code execution”. This is the second one you should patch fast.
3.MS16-037/38: This time, the Internet Explorer patch only fixes 6 vulnerabilities. But still, due to the large attack surface, browser vulnerabilities always need to be taken seriously.
4.MS16-042: Code execution without user interaction in MSFT office will always find someone to write an exploit.
5.MS16-040:  Another large attack surface (XML Core Services) vulnerability. Exploitability is only rated as “2” however.
6.MS16-041: This one is a bit tricky to pin down, but I rate it right after the XML Core Services due to the large attack surface (and a bit lower as it requires user interaction)
7.MS16-044: Wasn’t sure if I should rate this above ’41’ or not. I rated it lower in the end as it does require user interaction.
8.MS16-045: Only affects HyperV and the attacker needs to already have some access

Malware – German nuclear power plant cleans up infections

By design, the nuclear power controls are isolated from public networks.  A German nuclear power company discovered a number of malware infections on the business side of their network. USB devices pose some risk, as sometimes “targeted attacks” my cross over if plugged into the private side controlling the plant itself.

http://www.reuters.com/article/us-nuclearpower-cyber-germany-idUSKCN0XN2OS

A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility’s operations because it is isolated from the Internet, the station’s operator said on Tuesday.  The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE (RWEG.DE).

The viruses, which include “W32.Ramnit” and “Conficker”, were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said.  Malware was also found on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant’s operating systems. RWE said it had increased cyber-security measures as a result.

W32.Ramnit is designed to steal files from infected computers and targets Microsoft Windows software, according to the security firm Symantec. First discovered in 2010, it is distributed through data sticks, among other methods, and is intended to give an attacker remote control over a system when it is connected to the Internet. Mikko Hypponen, chief research officer for Finland-based F-Secure, said that infections of critical infrastructure were surprisingly common, but that they were generally not dangerous unless the plant had been targeted specifically.

Exchange 2010 EMC not opening “The WinRM client cannot complete the operation within the time specified”

When I open the Microsoft Exchange EMC on a server, the following error message displayed.

Initialization failed

The following error occurred when getting management role assignment for ‘domainname.local/MyBusiness/Users/SBSusers/Administrator’:

Processing data for a remote command failed with the following error message: The WinRM client cannot complete the operation within the time specified. Check if the machine name is valid and is reachable over the network and firewall exception for Windows Remote Management service is enabled. For more information, see the about_Remote_Troubleshooting Help topic.

Click here to retry

There are no additional errors in the Eventlogs. The server is running Exchange 2010 SP2. No proxy configured. Windows update is up-to-date. Windows firewall is off.

Exchange is still functioning but there is no management of the service.
The first lead I found here, suggested antivirus.

https://social.technet.microsoft.com/Forums/exchange/en-US/a675a48e-75a3-43c7-b99b-ec86527adb1d/emc-initialization-failed-with-winrm-error-exchange-2010-sp2?forum=exchange2010

As the site is using Trend Micro Worry Free Advanced, I opened the TMWF console, created a new Server container, dragged the server into it from the old container, refreshed the client on the server and can now access the EMC.

Now that I know what caused it, looking over the Trend Knowledge base reveals http://esupport.trendmicro.com/Pages/Unable-to-access-Exchange-2010-Management-Console-.aspx

The issue of not being able to open the Exchange Management console can occur when there is no Internet Connection after a server restart.
This can affect any server coming up without an internet connection as the default configuration of the virus software on the server is configured to look at the internet before allowing connection to the EMC
You can change this behaviour by following the steps in the Trend KB article.

The issue occurs because the Proxy hooks the Exchange 2010 management console query URL and it fails to get score from the Internet because there is no connection.

To resolve the issue:

  1. Ensure that the Exchange Server has Internet connection.
  2. Log on to Worry-Free Business Security (WFBS) web console.
  3. Go to Security Settings > Add group.
  4. Under Group type, select Servers.
  5. Specify a name for the group.
  6. Click Save.

Note: The created group will have the default settings if the Import settings from group check box is unticked.

  1. Disable the Web Reputation and URL Filtering feature for the newly created group.
  2. Go to Security Settings, then select the new group.
  3. Click Configure.
  4. Select the Web Reputation tab and unmark Enable Web Reputation for In-Office and Out-of-Office.
  5. Click Save.
  6. Select URL Filtering and unmark Enable URL Filtering.
  7. Click Save.
  8. Move the Security Agent of the Exchange 2010 Server in the previously edited group.
  9. Go to Security Settings and select the server group where Exchange Server 2010 is listed.

Note: This step refers to the Exchange Server Client/Server Security Agent and not the Messaging Security Agent.

    1. Drag and drop the selected Exchange Server to the group you created.

 

Spybot Search & Destroy Weekly Update – April 27, 2016

2016-04-27
Adware
++ Ad.Albrechto ++ Ad.GearScroll + Ad.Melondrea ++ Ad.PursuePoint + Ad.QvodPlayer + Inbox.Toolbar + Pinballcorp.Appbundler
Malware
++ Fraud.MalwarePatrolPRO ++ Fraud.WinIFixer
Spyware
+ AdRotator
Total: 2617990 fingerprints in 829128 rules for 7637 products.

https://www.safer-networking.org/about/updates/

Removal instructions for EasyDocMerge

What is EasyDocMerge?

The Malwarebytes research team has determined that EasyDocMerge is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.
is a Mindspark/Ask toolbar now known as IAC Applications.

https://forums.malwarebytes.org/topic/182375-removal-instructions-for-easydocmerge/

Decrypted: Kaspersky releases free decryptor for CryptXXX Ransomware

How to Enable or Disable Screen Edge Swipe in Windows 10

If you Windows 10 PC or device has a touchscreen, you could swipe in from a screen edge to invoke a system UI below.

•Swipe in from the right side of your screen to open the action center.
•Swipe in from the left to view all your open apps in task view.
•Swipe in from the top to view a full screened app’s title bar while tablet mode is on.
•Swipe in from the bottom to view the taskbar in full-screened apps while tablet mode is on or when the taskbar is auto-hidden.

This tutorial will show you how to enable or disable users from swiping in from the screen edge to invoke a system UI in Windows 10.

Read more…

Facebook – 21 Highly Advanced User Features

PC Magazine highlights numerous advanced features that are somewhat hidden to users in 21 slides that illustrate those special techniques

http://www.pcmag.com/slideshow/story/324797/21-hidden-facebook-features-only-power-users-know/

Facebook is the principal digital public square of today. Well, it’s the principal digital public square for those of a certain age (i.e. post-college, the young’ns aren’t into it!) But Zuck & Co’s site is still an extremely integral virtual venue and will continue to be for some time.

While Facebook’s business model has evolved away from just Facebook.com to include its mobile incarnation and other associated apps, the old familiar website is still the preferred venue for many. And why not? Facebook.com one of the most advanced public-facing websites out there.

Facebook is a magnet for some of the top engineering talent in the world, so it stands to reason that the company would boast one of the world’s most complex and multi-faceted websites. It rivals many standalone software apps with the sheer amount of personalization, tweaks, and tinkering available to visitors.

In fact, there are so many things you can do on Facebook.com that you probably don’t know about them all. And we’re not even talking about the third-party Facebook apps or browser add-ons, we’re talking about all the official, baked-in, easily accessible functions that are just a few clicks away. As you’ll see in our slideshow, there are even some functions that appear to be leftovers from bygone eras that we’re not even sure Facebook still knows are there. Take a look and awaken your inner power user social super star.

SpywareBlaster Database Update – April 26, 2016

12 Internet Explorer
0 Restricted Sites
0 Firefox

17426 items in database

http://www.brightfort.com/downloads.html

Firefox 46.0 Released: April 26, 2016

April 26, 2016
Version 46.0, first offered to Release channel users on April 26, 2016

We’d also like to extend a special thank you to all of the new Mozillians who contributed to this release of Firefox!

New

Improved security of the JavaScript Just In Time (JIT) Compiler

GTK3 integration (GNU/Linux only)

Fixed

Correct rendering for scaled SVGs that use a clip and a mask

   Various security fixes

Screen reader behavior with blank spaces in Google Docs corrected

Changed

WebRTC fixes to improve performance and stability

Developer

Display dominator trees in Memory tool

Allocation and garbage collection pause profiling in the performance panel

Launch responsive mode from the Style Editor @media sidebar

Developer Information
HTML5

Added support for document.elementsFromPoint

Added HKDF support for Web Crypto API

https://www.mozilla.org/en-US/firefox/46.0/releasenotes/

Apple iPad Pro 9.7 in-depth review

Another in-depth review of the Apple iPad Pro 9.7 is shared below

http://www.slashgear.com/ipad-pro-9-7-review-on-the-road-with-the-laptop-killer-25437649/

I’ve tired of tablets, and I’m not alone. The glorious days of finger-computing arrived, certainly, but it was big-screen smartphones that benefited most from them, and persuading new or existing tablet owners to take the plunge or upgrade has proved harder than manufacturers expected. Apple’s answer is the iPad Pro, straddling segments by trying to be not only the best tablet on the market, but a legitimate replacement to your notebook too.

Apple hasn’t stinted on the hardware, with perhaps one exception. The iPad Pro 9.7 has the same dimensions as the iPad Air 2, but a much improved display: Apple says it’s 40-percent less reflective, 25-percent brighter, and has 25-percent more color saturation, but the big difference to my eyes is the True Tone technology. Think of it as the next step up from auto-brightness. True Tone uses extra sensors hidden in the bezels to look at not just the ambient light levels around you, but the color of the light too.

On the edges there are the four speakers we saw on the first iPad Pro, also doing their clever auto-orientation flipping depending on which way you have the tablet positioned. Bass is a little less present than on the 12.9-inch model, but it’s still some of the best audio I’ve heard from a slate.

Then there’s the camera. Personally, I’ll reach for my phone rather than the nearest tablet to take any meaningful pictures, which means the 12-megapixels of the iPad Pro have been somewhat wasted snapping receipts and documents as an impromptu scanner. Still, the ability to record 4K video is impressive.

What it isn’t is a cheap way to do that. The cheapest 9.7-inch iPad Pro is $599 for the 32GB version. 128GB will set you back $749, and 256GB comes in at a hefty $899. If you want WiFi + Cellular – and most travelers will – then you’re looking at a $130 premium.

PowerShell team announcements

A few announcements from the PowerShell Team that I’m catching up on.

 

The Microsoft.PowerShell.Archive module is now open source

https://blogs.msdn.microsoft.com/powershell/2016/04/25/the-archive-module-is-now-open-source/

 

The archive module was introduced in WMF 5.0. Its now available on the PowerShell Gallery for installation on WMF 4.0. Any future updates will be through the gallery.

 

The version in the gallery is 1.0.1.0 as opposed to 1.0.0.0 that ships with WMF 5.0

 

You can now view the contents of files directly in the PowerShell gallery

https://blogs.msdn.microsoft.com/powershell/2016/04/21/view-file-content-feature-is-available-on-the-gallery/

 

A DSC toolkit for working with Amazon Web Services (AWS) is now available

https://blogs.msdn.microsoft.com/powershell/2016/04/20/aws-dsc-toolkit/

 

WMF 5.1 will become available when Windows Server 2016 ships

https://blogs.msdn.microsoft.com/powershell/2016/04/06/windows-management-framework-5-0-updates-and-wmf-5-1/

 

WMF 5.1 will contain the changes and bug fixes introduced since WMF 5.0 shipped. Many of these have been available on Windows Insider preview builds

Recent Comments

Archives