Linking VSO to your Azure Subscription and Azure Active Directory

I have a few old Visual Studio Online (VSO) accounts (dating back to TFSPreview.com days). We use them to collaborate with third parties, it was long overdue that I tidied them up; as a problem historically has been that all access to VSO has been using a Microsoft Accounts (LiveID, MSA), these are hard to police, especially if users mix personal and business ones.

The solution is to link your VSO instance to an Azure Active Directory (AAD). This means that only users listed in the AAD can connect to the VSO instance. As this AAD can be federated to an on-prem company AD it means that the VSO users can be either

  • Company domain users
  • MSA accounts specifically added to AAD

Either way it gives the AAD administrator an easy way to manage access to VSO. A user with a MSA, even if an administrator in VSO cannot add any unknown users to VSO. For details see MSDN. All straight forward you would think, but it I had a few issues.

The problem was I had setup my VSO accounts using a MSA in the form user@mycompany.co.uk, this was also linked to my MSDN subscription.  As part of the VSO/AAD linking process I needed to add the MSA user@mycompany.co.uk to our AAD, but I could not. The AAD was setup for federation of accounts in the mycompany.com domain, so you would have thought I would be OK, but back in our on-prem AD (the one it was federated to) I had  user@mycompany.co.uk as an email alias for user@mycompany.com. Thus blocked the adding of the user to AAD, hence I could got link VSO to Azure.

The answer was to

  1. Add another MSA account to the VSO instance, one unknown to our AD even as an alias e.g. user@live.co.uk 
  2. Make this user the owner of the VSO instance.
  3. Add the user@live.co.uk MSA to the AAD directory
  4. Make them an Azure Subscription administrator.
  5. Login to the Azure portal as this MSA, once this was done the VSO could be linked to the AAD directory.
  6. I could then make an AAD user (user@mycompany.com) a VSO user and then the VSO owner
  7. The user@live.co.uk MSA could then be deleted from VSO and AAD
  8. I could then login to VSO as  my user@mycompany.com AAD account, as opposed to the old user@mycompany.co.uk MSA account

Simple wasn’t it!

We still had one problem, and that was user@mycompany.com was showing as a basic user in VSO, if you tried to set it to MSDN eligible flipped back to basic.

The problem here was we had not associated the AAD account user@mycompany.com with the MSA account user@mycompany.co.uk in the MSDN portal (see MSDN).

Once this was done it all worked as expected, VSO picking up that my AAD account had a full MSDN subscription.


Source: Rfennell

Installing AirServer on Windows

It’s no secret that I’m a fan of AirServer over AppleTVs for classrooms. The ability to mirror a faculty iPad to a large projector screen turns it into a power educational tool. I even have AirServer installed on an HTPC at home. My extensive use of this software means that I need to be able to install and activate the software in a reproducible way for our classroom computers. What you may not know is that installing AirServer on Windows is not as straightforward as we’d like.

This isn’t entirely AirServer’s fault. The AirPlay protocol (and processing power limitations of your iOS device) mandate that the video streams sent from  your device keep the original encoding of whatever that current random app is showing. AirServer depends on the operating system’s ability to decode these video streams. The variety of video types used in various iOS apps far exceeds what codecs are included out of the box with Windows.

I expect that AirServer could, of course, package the most-used of these codecs with their software (and I expect they do this to some extent already), but there are way too many to get them all in one place, and doing so would add licensing costs to the product that I’m happy to avoid. In order to reliably mirror your device there are still some common and uncommon codecs that you’ll want to be able to handle at the operating system level, as well as an additional networking standard you’ll need to support. In short, there are prerequisites that’s you’ll need to get the most out of AirServer that are not included in the software’s installer. I think AirServer could do more with their Windows installer to make these easy to acquire, but until then I’ve got your back.

While I do need to install AirServer more than most, it’s still not all that often. To avoid mistakes, I keep copies of the prerequisites in the same network folder where I keep the AirServer installer itself, and arrange things in a way that encourages success. Here’s what that folder looks like:

AirServerFolder

Note how I’ve renamed files so that there is an intuitive flow for the installation process. We’ll go through the steps indicated one by one. AirServer itself has an automatic update mechanism, but most of the other items do not. I want to make sure I’m not pushing obsolete (and possibly insecure) software to my classrooms, and so the first step (Step 0) is to make sure that each of the items I’m using is the most recent (read: fully-patched) version available. I’m considering replacing several of the actual download packages with shortcut files to the download page for the project, to ensure I always get the latest version.

This brings us (at last) to the prereq’s themselves. The full list is available here. The first is Bonjour Print Services for Windows. The documentation says that iTunes is enough, but I’ve had better results when I ensure that the Print Services package is installed. Note that I don’t deploy iTunes to my classroom computers. For home machines, that would be an okay addition. Print Services is a free download from Apple, and it allows your Windows computer to support the multi-cast DNS protocol. I have strong feelings about this protocol that are not fit for public print, but for better or worse you need this for anything Apple, including AirPlay mirroring. This is the most important prerequisite. Without it, AirPlay just won’t work. Next up is QuickTime, also from Apple. You may even already have this one installed, but you’ll need it for the basic compression/decompression used for video rendered and compressed by iOS itself, as well as some app content.

The remainder are various open codec packages for use with Windows DirectShow. The packages combined allow you to play almost anything. Be sure to pick the correct x86 or x64 installer, depending on your operating system type. I also need to mention here that there is a current bug in the iOS YouTube app (YouTube videos still play through iOS Safari) and that some apps use copyright protection for their content and just will not mirror, even on a real AppleTV.

Now at last we come to installing AirServer itself. As you run through the installer, I need to call out a few of the options. The first is that you should NOT activate AirServer during the install process. This is especially important for my classrooms, where I need to support many users, but even on your home computer, if you have more than one user account that may want to use AirServer, do not activate at this time. The other option is whether you want to have AirServer run in the background automatically. For my classrooms, where many users log in and out throughout the day, I’ve found this option can cause problems. If you are the only (or primary) user on the machine, where it’s less common to be logging others in and out of the computer, it’s probably safe to let it run in the background.

Now at last AirServer is installed. However, it’s not activated yet, and won’t let you mirror. So let’s take care of that. To do this, you’ll need your license key. You’ll also need to start a command prompt. When the command prompt is open, enter the following commands:
"%ProgramFiles%App DynamicAirServerAirServerConsole.exe" activate <<License Key>>
"%ProgramFiles%App DynamicAirServerAirServerConsole.exe" set name <<MirrorName>>

Replace “<<License Key>>” with your license key, and “<<Mirror Name>>” with the name you want to show on your iPad or iPhone when you open up the AirPlay control panel to start mirroring. If you don’t activate and set the name in the console, it will only activate for the current user. When other users try to use the software, they’ll have to reactivate it and set their own name. The key will be saved, and they’ll be successful… at first. But it’s a step they shouldn’t have to take, and soon you’ll run out of activations for your license. The console method activates it once for every user on that PC.

Learn to Code in Swift – New iBook special price Nov 19-21, 2014

FrontCoverLowRes

My latest book, “Learn to Code in Swift” is now available in the iBooks Store! It’s an enhanced iBook that contains 20 instructional videos. To celebrate, we’re running a special between Nov 19-21 at $14.99 (reg. $24.99). If you want to learn to create apps for the iPhone using best practices with Apple’s new and powerful language, this is the place to start! https://itunes.apple.com/us/book/learn-to-code-in-swift/id942956811?mt=11

All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

WatchKit is Here! Creating Apps for the Apple Watch



Apple delivers its first version of WatchKit. Check out the highlights!

http://www.iphonelife.com/blog/31369/creating-apps-apple-watch-new-watchkit-sdk

All the best! 
Kevin McNeish 
Author: iOS App Development for Non-Programmers book series 
Twitter: @kjmcneish 

New Remote Desktop Connection Manager 2.7 Released






Microsoft released a new version of Remote Desktop Connection Manager (RDCMan) 2.7 to the public today.



RDCMan is a central place where you can organize, group, and manage your various Remote Desktop connections. This is particularly useful for system administrators, developers, testers, and lab managers who maintain groups of computers and connect to them frequently. I probably spend more time in RDC Manager than any other application during the day.



The previous version 2.2 was last released in May 2010, so this is a very welcome update. Previous versions lacked some functions and caused excessive CPU utilization on some computers, especially those with Nvidia GPUs. RDCMan was written by Julian Burger, one of the principal developers on the Windows Live Experiences team.



RDCMan 2.7 version is a major feature release. New features include:



  • Virtual machine connect-to-console support.
  • Smart groups.
  • Support for credential encryption with certificates.
  • Windows 8 remote action support (charms, app commands, switch tasks, etc).
  • Support for Windows 8, Windows 8.1 / Windows Server 2012, Windows Server 2012 R2.
  • Log Off Server now works properly on all versions.

Important Upgrade Notes: You should know that when you upgrade, RDCMan will be unable to read any saved encrypted passwords. You will need to re-enter your saved encrypted passwords after installation.


The workaround is to set the “Store password as clear text” checkbox in RDCMan 2.2 for preexisting groups and/or servers. When you upgrade to version 2.7, RDCMan will read the existing passwords and will encrypt them. “Store passwords as plain text” is no longer an option in version 2.7.






Source: Expta

Video card issues during install of Windows 8.1 causes very strange issues

Whilst repaving my Lenovo W520 I had some issues with video cards. During the initial setup of Windows the PC hung. I rebooted, re-enabled in the BIOS the problematic video card and I thought all was OK. The installation appeared to pickup where it left off. However, I started to get some very strange problems.

  • My LiveID settings did not sync from my other Windows 8.1 devices
  • I could not change my profile picture
  • I could not change my desktop background
  • I could not change my screen saver
  • And most importantly Windows Update would not run

I found a few posts that said all of these problems could be seen when Windows was activated, but that was not the issue for me. It showed as being activated, changing the product key had no effect.

In the end I re-paved my PC again, making sure my video cards were correctly enabled so there was no handing, and this time I seem to have a good Windows installation


Source: Rfennell

Spybot Search & Destroy Weekly Update – November 19, 2014

2014-11-19

Adware
++ Ad.PayPerInstallBox + Firseria
Malware
++ DrBoan
PUPS
+ myPCBackup + OutBrowse
Spyware
+ AdRotator
Trojan
+ Win32.Agent.ekyu ++ Win32.Bladabindi.aj + Win32.Downloader.HicrazykA ++ Win32.Injector.bcc + Win32.Ramnit.B ++ Win32.Silly
Total: 2601707 fingerprints in 812513 rules for 7372 products.

»www.safer-networking.org/about/updates/

Just when you think it is safe..

Azure fails..

Oops. So this is why I couldn’t get to some websites. It is just one more sign pointing to the fragility of new ways. Nothing is ever 100% reliable and that applies to the cloud as much as anything else. You can read more about it here.

http://www.bbc.com/news/technology-30111575# 

Being an old-timer, I am bound to be sceptical, but the laws governing systems and devices haven’t changed since the old days and never will.

That is not to say that I would want to return to the old days because I don’t, but at the same time, my faith level in systems runs low just like it always did.

Smile

Update Tuesday – part two.

So, yesterday there was a large update of some 724mb waiting in the wings. It was KB3000850 which is apparently the November 2014 rollup.. See here,,

https://support.microsoft.com/kb/3000850?wa=wsignin1.0

Not surprisingly, some are claiming doom and gloom and a system which no longer works. I can’t say the same for mine as it is working perfectly at this moment in time

The update took a while to download, and the initial installation seemed to take forever, clicking over 1% every minute and a half. It was getting late and I was in two minds to NOT WATCH because a watched ‘updating computer’ never updates. I think that once beyond maybe 30%, it seemed to fly and I was able to ascertain reliability before turning in for the night.

Smile

Out-of-band release for Security Bulletin MS14-068

On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows.

We strongly encourage customers to apply this update as soon as possible, following the directions in the security bulletin.

More information about this bulletin can be found at Microsoft’s Bulletin Summary page.

Tracey Pretorius, Director Response Communications

http://blogs.technet.com/b/msrc/archive/2014/11/18/out-of-band-release-for-security-bulletin-ms14-068.aspx

Microsoft Security Bulletin Releases Issued: November 18, 2014

Summary
The following bulletin has been released.

* MS14-068 – Critical

The following bulletins have undergone a major revision increment.

* MS14-066 – Critical
* MS14-NOV

Bulletin Information:

MS14-068 – Critical

https://technet.microsoft.com/library/security/ms14-068
– Reason for Revision: V1.0 (November 18, 2014): Bulletin
published.
– Originally posted: November 18, 2014
– Updated: November 18, 2014
– Bulletin Severity Rating: Critical
– Version: 1.0

MS14-066 – Critical

https://technet.microsoft.com/library/security/ms14-066
– Reason for Revision: V2.0 (November 18, 2014): Bulletin revised
to announce the reoffering of the 2992611 update to systems
running Windows Server 2008 R2 and Windows Server 2012. The
reoffering addresses known issues that a small number of
customers experienced with the new TLS cipher suites that were
included in the original release. Customers running Windows
Server 2008 R2 or Windows Server 2012 who installed the 2992611
update prior to the November 18 reoffering should reapply the
update. See Microsoft Knowledge Base Article 2992611 for more
information.
– Originally posted: November 11, 2014
– Updated: November 18, 2014
– Bulletin Severity Rating: Critical
– Version: 2.0

MS14-NOV

https://technet.microsoft.com/library/security/ms14-nov
– Reason for Revision: V2.0 (November 18, 2014): Bulletin Summary
revised to document the out-of-band release of MS14-068 and,
for MS14-066, to announce the reoffering of the 2992611 update
to systems running Windows Server 2008 R2 and Windows Server
2012. See the respective bulletins for more information.
– Originally posted: November 11, 2014
– Updated: November 18, 2014
– Version: 2.0

Return of the Netbook..

HP will slap my hands for the title, but it looks like a Netbook, is the same size as a traditional Netbook, is low powered by comparison to a regular notebook, and in my world, that constitutes a NETBOOK.

The HP Stream 11 is not a Netbook (yeah right). Officially, it is a Happy Place, a rather bright happy place that will make you stand out from the crowd.. even in almost total darkness. See below..

HP NetbookApart from the colour, you might be forgiven for thinking that this is just a very bright HP Mini 210, but you would be wrong. Where the old one had an Intel Atom processor, this one has a Celeron.

The Mini 210 had a 10.1” screen , but this one is 11.6” capable of HD, and you get a 32gb SSD + free cloud storage which is not quite the deal of the original 320gb SATA drives in the Mini 210.

I am not knocking the Stream 11, by the way, just the fact that it is not officially a Netbook.

The Happy Place also features ports much as the Mini 210 did, but this time you get USB 3.0 and HDMI, a reputed battery time of around 8 hours, and Bluetooth.

It’s all good, way better than a tablet or Chromebook, and if pink puts you off, there is a baby blue option. Sorry, there is no black model as that would look almost identical to the late Mini 210, and we can’t let that happen, can we.

What does all of this improvement over earlier Netbooks cost? More good news as it comes in at $199, considerably less than its ancestors.

Smile

Apparently we now have third Tuesday patching day

Out today is

1. a rerelease of MS14-066 to Server 2012 and Server 2008 R2 to fix a cipher problem that was causing performance issues with Access/SQL, problems with Amazon load balancers.

2. and out of band patch for Kerberos – critical to domain controllers and especially 2008R2 and lower.  Attacker would have to have credentials on the domain first in order to exploit and gain admin rights.

3.  A large Windows 8.1/server 2012 r2 update that (my understanding) is backporting some of the Windows 10 security enhancements back to Windows 8.1.  http://support.microsoft.com/kb/3000850

I would install number 1, wait on 2 and 3.

 

Microsoft Announces Upcoming Updates to Surface Pro 3

 

Some good news, Microsoft has announced upcoming updates to the Surface Pro 3 on TechNet. In particular, there are some WiFi updates that hopefully will fix some of the horrific issues that have plagued some customers since launch.

http://blogs.technet.com/b/surface/archive/2014/11/17/information-on-the-upcoming-updates-for-surface-pro-3.aspx

 

sp3upcoming

 

Note in particular:

Wireless Network Controller and Bluetooth driver update (v15.68.3066.135)
  • Enables better throughput after waking from sleep and connecting to an 802.11AC network.
  • Ensures Infra scan list is not empty while connected to a wireless display adapter.
  • Resolves an issue connecting to Cisco 1242 access points.
  • Ensures device reconnects properly to a hidden SSID using a 5Ghz DFS channel after waking from sleep.
  • Adds customer-requested functionality to prefer 5Ghz connections when both a 2.4ghz and 5ghz connection are present with the same SSID.

Too bad Microsoft didn’t have the common sense to post this information in the Answers Community Forums where users are begging for relief.

How to Enable or Disable Built-in Elevated Administrator Account in Windows 10

The hidden built-in elevated “Administrator account” is a local account that has full unrestricted access rights to the PC.

This tutorial will show you how to enable or disable the hidden built-in elevated Administrator account in Windows 10.

Read more…

One fix for Quickbooks' enormous QBSearchIndexerError.txt file


This is for Google; it’s apparently a common problem, with no results as far as I can see.




The issue: Quickbooks 2014 (and possibly other editions) generates an enormous file, %TEMP%QBSearchIndexerError.txt, containing reason after reason why something didn’t go write building a search index, and this file can easily grow to fill the hard drive (mine today was almost 100GB).




This is lousy error handling by Intuit, which comes as a surprise to exactly nobody.




In my case, the error said:



Exception raised in IndexData
--Exception Data START--
Time: 11/17/2014 4:53:46 PM
Lucene.Net
checksum mismatch in segments file
   at Lucene.Net.Index.SegmentInfos.Read(Directory directory, String segmentFileName)
   at Lucene.Net.Index.IndexFileDeleter..ctor(Directory directory, IndexDeletionPolicy policy, SegmentInfos segmentInfos, StreamWri
ter infoStream, DocumentsWriter docWriter, HashSet`1 synced)
   at Lucene.Net.Index.IndexWriter.Init(Directory d, Analyzer a, Boolean create, IndexDeletionPolicy deletionPolicy, Int32 maxField
Length, IndexingChain indexingChain, IndexCommit commit)
   at Lucene.Net.Index.IndexWriter..ctor(Directory d, Analyzer a, Boolean create, MaxFieldLength mfl)
   at QBSearchIndexer.SearchDataIndexer.get_Writer()
   at QBSearchIndexer.SearchDataIndexer.WriteDocument(String searchIndexData, String searchStoreData)
   at QBSearchIndexer.SearchDataIndexer.AddDocumentToLuceneDataStore()
   at QBSearchIndexer.SearchDataIndexer.IndexData(Object obj)
--Exception Data END--



… a few bazillion times while it ran through my 100M Quickbooks db file, and since this process normally refreshes every 30 minutes, it doesn’t take long for this to fill the drive. Ugh.




Running a file verify on the .QBW file didn’t make any difference, nor did a rebuild of that same file. Ugh.

For this particular error, the fix was straightforward:




  • Close Quickbooks

  • Delete the %TEMP%QBSearchIndexerError.txt file. If the file is in use, look in Task Manager for dbextclr11 and kill it.


  • In the directory holding your .QBW file and look for the associated SearchIndex folder (such as STEVE.QBW.SearchIndex); delete all the files found there.


  • Launch Quickbooks and nav to Edit:Preferences, then Search → Company Preferences, then click [Update Now]. This ought to rebuild the indexes without error, though it might take a few minutes.


  • Verify that the QBSearchIndexerError.txt file isn’t out of control.




This worked for me, but there are lots of other kinds of errors that may not have the same easy fix. It may be that turning off indexing may be the only real way to address this, save for running the gauntlet with Qiickbooks support



My environment:




  • Quickbooks Pro 2014

  • Windows 7 Professional, 64-bit

  • Running as a non-admin user (no auto-elevate)

  • Single-user QB with the data file on my workstation


  • Source: Unix

PowerShell books = Deal of the Day

Manning’s Deal of the Day for 18 November 2014 includes PowerShell in Depth, second edition and PowerShell and WMI

Visual Studio 2015 Preview–Package Manager

One of the changes coming with VS 2015 is how NuGet packages are managed. In VS2013 you got something like this when managing packages for a solution.

VS2013_ManageNuGet

This UI provides some useful information.

  • What packages are installed and in which projects
  • What packages have updates
  • What packages are available

In VS2015 you get a completely different UI.

VS_2015_ManageNuGet

One of the first things to notice is that it is no longer a modal dialog but a regular document window. Getting around in the UI can be a little confusing at first so let’s take a look at how to access all the information we had in previous versions.

Installing Packages

Installing packages is done from this single window by either selecting a common package from the left side or by searching from the top. Notice that the configured package sources is at the top now rather than broken up in a tree structure.

Once you have found the package you wish to install you need to ensure the Action on the right side is set to Install (the default). Unlike VS2013 you can also select the specific version to install. With VS2013 if you wanted to install anything other than the latest you had to use the console. Now you can select the appropriate version all within the same UI. Finally you can select the project(s) to install the package into. Currently it shows all projects in the solution and doesn’t provide any way to select or unselect all projects. Additionally the project list is current not ordered so you may need to hunt around in larger projects.

When you are ready to install click the Install button and it will run through the install process. If you’d like to see a preview of the changes then use Preview instead.

Dependencies

One of the new features is how dependencies are installed. It is under Options. Currently the options include getting the lowest or highest version of a package or getting the highest minor version of the dependent package. This is useful when you want to use the latest packages but not necessarily jump to a higher, and possibly incompatible, version. You also have the option of determining what happens if file conflicts occur.

Managing Packages

One of the confusing things I ran into when first working with the new UI was how to determine what packages are already installed. This is useful when you’re trying to diagnose issues. To get to the installed package change the Filter combo at the top to Installed. Now you will only see the packages that are installed.

The Action options have changed as well. You can now update to a different version or uninstall the package from one or more projects. As before you have Options if you want to control dependent packages.

Updating Packages

While you can select each package under Installed and update them manually this is slow. Instead consider changing Filter to Update Available to get a list of packages that have updates. As before you can then select each package and manage them normally. At this time there does not appear to be any way to update all packages at once. But this is just a preview so hopefully this feature will be added before release. Overall I really like the new package manager.

Removal instructions for Security Alert

What is Security Alert?

The Malwarebytes research team has determined that Security Alert is adware. These adware applications display advertisements not originating from the sites you are browsing.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F161094-removal-instructions-for-security-alert%2F

Removal instructions for Breaking News Alert

What is Breaking News Alert?

The Malwarebytes research team has determined that Breaking News Alert is adware. These adware applications display advertisements not originating from the sites you are browsing.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F161102-removal-instructions-for-breaking-news-alert%2F

How to Enable to Show Search Box or Icon on Taskbar in Windows 10

If you have the latest version of Windows 10 Technical Preview build 9879, then there is a new feature available that allows you to turn the search icon on the taskbar into a search box instead. This feature is disabled by default.

This tutorial will show you how to enable this feature to be able to show either the search icon or search box on your taskbar in Windows 10.

Read more…

Recent Comments

Archives

ï»ż