How about Forefront TMG 2010

Hi everyone

I wonder if anyone knows what the next version of Forefront TMG ... Currently there are new versions of Windows, Office, Exchange, SharePoint, etc (or at least are about to begin) but TMG 2010 there is no news. Will there will be a new version!? Or there will not be a new versionas Deb says in this article: http://www.techrepublic.com/blog/window-on-windows/the-demise-of-threat-management-gateway-is-microsoft-backing-away-from-the-edge/4387

Regards,

---

  Jimcesse  Principal: http://sysadmin-cr.com/  Alterno: http://blogs.itpro.es/jimcesse  

Reply:

Hi,

please read the posting of Nick Gu:
http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/thread/0e6af2cf-2c18-408e-8da6-2f751181026a/

---

regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.nt-faq.de

------------------------------------
Reply:

Hi Marc thanks for your response...

After seeing the information that you suggested, which is a new doubt ... What about customers who pay a certain update (Software Assurance) for a version of TMG may never go out !?

---

  Jimcesse  Principal: http://sysadmin-cr.com/  Alterno: http://blogs.itpro.es/jimcesse  

------------------------------------

SQL Server 2012 Data Tools Report of Project Tasks Gantt Chart Data

How do I access data stored in a Project Task SharePoint 2010 list - Gantt Chart, if the data is two level or more down stored in Summary Tasks?

So I have build a project management tools, farily simple but it's what we need, inside a Project Tasks web part. I have three levels of Summary Tasks in places, showing smaller projects with their respective tasks within a larger project containing a series of Summary Tasks. In SharePoint 2010 enabling the Tree View shows the hierarchy of my project, with different Summary Tasks assigned to different groups, many of them with their own Summary Tasks (or sub-Projects if you will).

I want to aggregate data accross the larger project in a Report using the SQL Server 2012 Data Tools, running in Visual Studion 2010. But I cannot access any data in the web part, or list data, below the first level. So in my case, I can only see the several Summary Tasks making up my larger project.

How do I access the deeper data in the web part list using the Report builder running in the Visual Studio Data Tools? Is there a reference to how to build queries to access this data? I know the dat is there, but I can't retrieve it.

Thank you.

Radu

---

Radu P.

Reply:

Any word on this? Thanks.

---

Radu P.

------------------------------------

A method to cleanup a connector space in a lab environment

Testing a configuration in a lab environment is very important.
Prior to bringing a solution into production, you should make sure that it works by testing it with a representative set of objects.
Next to ideal test data, you should also include miss-configured objects into your test procedure to make sure that you are not running into bad surprises later in your production environment.
After extensive testing, you may have objects in a connector space you need to get rid of.
There are several options to accomplish this.
In this article, I'm discussing an implementation I have developed to automate the cleanup process in a lab environment.

Conceptual background information

After extensive testing, I found myself often in a situation where I had to get rid of some of my test objects in order to get back to a "clean" state of my test environment.
In cases like this, I have often just:

• Deleted the content of the target connector space
• Deleted the objects in the target data source
• Redeployed my test objects

However, cleaning up a connector space this way involves many manual steps and I was wondering if I could find a method to automate this process and to use ILM do delete the affected objects in my target data source.

In the article called "Understanding Deletions in ILM", you can find all conceptual information you need to understand how deletions are processed in ILM.
I highly recommend reading this article if you haven't done this yet before you proceed with this section.
In essence, if you need to delete an object in a data source from ILM, you need to:

1. Stage a deletion on the affected object
2. Export the deletion request to your data source
3. Import the deletion from the target data source

Staging a deletion on an object requires a processing chain in ILM that "removes a link relationship between a metaverse object and a connector space object during the outbound synchronization phase".
You can implement such a processing chain by using an operational management agent.
The following picture outlines this scenario:

Using an operational management agent to stage a deletion on an object requires two processing cycles:

1. In the first cycle, the object from the operational management agent needs to join to the related metaverse object.
2. In the second cycle, the operational object needs to delete the metaverse object to get the deletion staged on the target object.

 

Designing the operational management agent

The design of the operational management agent is extremely simple.
There is no attribute flow required since the objects of this management agent are only used to trigger some object level operations.
At a minimum, each object requires an anchor attribute.
As you have already learned, we need to link our operational object with the managed metaverse object as outlined in the following picture:

This means, the only synchronization rule, you need to configure for the operational MA is the join synchronization rule. The most robust join implementation is based on a unique identifier. In case of our scenario, the best attribute value for this purpose is the GUID of the related metaverse object. This means that the anchor attribute, which is in our scenario called "ID", should have the same value as the metaverse GUID of the managed object. This configuration enables you to configure a very simple join rule that is based on

• ID as Data source attribute
• Direct as Mapping type
• Any as Metaverse object type

With our current design, you can establish robust joins to our managed object as outlined in the following picture:

However, next to joining to managed objects, we also need to delete the metaverse object.
The simplest method to do this is to import deletions for the operational objects.
When a deletion for an object is imported and synchronized, the following happens:

1. The operational object is deleted in the connector space, which removes the link to the metaverse object
2. The link removal during the inbound synchronization phase triggers the object deletion rule
3. The object deletion rule deletes the metaverse object, which removes the link to the managed object
4. The link removal during the outbound synchronization phase triggers the deprovisioning synchronization rule
5. The deprovisioning synchronization rule stages a deletion on the managed object

The following picture outlines this process:

For a data structure that is as simple as the structure of our operational objects, it is sufficient to use a text file as data source.
However, there are some considerations in conjunction with file management agents and processing deletions.
To import deletions for all objects in a file based management agent, you can't just delete all objects from the source data file and run a full import on a file MA.
ILM interprets an empty data file as broken data source and generates an import error.
To get around this, you can add one placebo object to your source data file and delete all objects besides the placebo object to import deletions for all other objects.

Important
In general, it is a bad practice to treat a "not existing" object as an indicator of a deletion. While connector space objects that have not been reported by the data source are deleted during a full import, this is feature was implemented to ensure data consistency - not to track deletions.

A better method to track deletions is to add a delta column to the source file and to populate this attribute with a value that indicates a deletion to ILM.
As a positive side effect of this implementation, you can use the same data file for the delta and the full import.
The delta column is ignored in case of a full import, which is why the system interprets each record at least as an add. 

This method enables you to configure the following run profile sequence on your operational management agent to get the required deletions staged:

1. Full Import
2. Full Synchronization
3. Delta Import
4. Delta Synchronization

For a complete cleanup sequence, you can configure one run profile that contains all four run steps.
However, for the initial testing, it is probably better to configure four separate run profile and to verify that the solution works as expected.

To summarize, as operational management agent, you need:

• A Delimited text file management agent.
• A source data file with two columns:
  • ID – this is the anchor attribute that has the same value as the GUID of the managed metaverse object.
  • ChangeType – this is the change type attribute used to indicate deletions for the processed object.
• A join synchronization rule that links an operational object with a metaverse object that has the anchor value as object-id.

You can configure a management agent like this in 10 minutes; it is really easy.

Defining the implementation strategy to generate the source data file

Designing the operational data source was relatively simple; however, getting the required source data in a supported manner seemed to be a challenge.
I was looking for a method I could use for all my scenarios without the need to modify the provisioning code.

When you look at the developer reference, you will find an interesting class called MIIS_CSObject in the WMI Provider Reference.
As indicated by the name, this class enables you to extract object information from a connector space.
One attribute that is exposed by this class is the "MvGuid" attribute of a metaverse object, which is exactly what I was looking for.

However, how do you get to an MIIS_CSObject?
The answer is by querying.
The MIIS_CSObject class supports the following, restricted set of queries:

• Search for a connector space object with a specified GUID.
• Search for a connector space object joined to a metaverse object with a specified metaverse GUID.
• Search for a connector space object with a specified domain and account name in Active Directory, a global address list, or a Windows NT domain.
• Search for a connector space object with a specified domain and user principal name in Active Directory, a global address list, or a Windows NT domain.

From all these options, only the search with a specified connector space GUID seemed to be applicable for this scenario.
However, this query has introduced another problem - the need to provide the connector space GUID of the managed object as search parameter.

ILM provides in CSExport a command-line tool to export objects from the connector space of a management agent in ILM to a file in .xml file format.
This tool has some options to filter the exported data.
For example, you can configure CSExport to only export disconnectors or to only include the synchronization hologram in the drop file.
For more details on CSExport, see the ILM Help.

To summarize, one option to retrieve metaverse GUIDs of connectors in a connector space is to;

• Use CSExport to generate a XML drop file, which contains the connector space GUIDs of the objects of interest.
• Use a WMI based query to extract the metaverse GUID of the managed objects.

 

Implementing the strategy to generate the source data

At this point, you are aware of a possible implementation strategy to extract metaverse GUIDs in a supported manner.
Now, we need to look into an option to automate the process of generating the source data file.
With PowerShell, Microsoft has introduced a command-line shell that includes a powerful scripting language.
It is very simple to run a command-line tool such as CSExport from a PowerShell script.

To run CSExport, you need:

• The path to the tool
• The arguments to run this tool
• Some parameters to define how PowerShell should run this tool

If the location of ILM is not included in your local path variable, you need to provide the complete path to CSExport.
You can calculate the path by reading a registry key.
For ILM, this key is:

hklm:\SYSTEM\CurrentControlSet\Services\miiserver\Parameters  

This key has a string value called "Path" to store the location of your ILM installation.
CSExport is stored in the Bin subfolder.
To calculate the CSExport path, you can use the following script code:

set-variable -name RegKey -value "hklm:\SYSTEM\CurrentControlSet\Services\miiserver\Parameters" -option constant   $csExportPath = ((Get-ItemProperty "$RegKey").Path) + "Bin\CsExport.exe"   

At a minimum, you need to provide the name of the affected management agent as argument for CSExport.
To keep things simple, you should also provide the path to the XML drop file, which should:

• have the same name as the script
• be stored in the folder of the script

PowerShell has a special variable called $MyInvocation that stores some information about the script.
For example, to retrieve the path of your script, you can read the $MyInvocation.MyCommand.Path property.
Using this property, you can calculate the path of the drop file by replacing the ".ps1" suffix with ".xml".
CSExport generates an error if the target XML file already exists.
This is why the script code, should delete the file if it exists prior to running CSExport:

$appName = ($MyInvocation.MyCommand.Path).substring(0,($MyInvocation.MyCommand.Path).length - 4)  if(test-path "$appName.xml") {remove-item "$appName.xml"}  

When PowerShell has finished running CSExport, you should examine the ExitCode parameter to see whether an error has occurred.
All returned values other than 0 indicate an error.
In the script, I have added a special handler for an incorrect management agent name since this was the most common error.
In terms of parameters that define how PowerShell should run this CSExport, I've configured the script to hide command-line shell when running the tool.
You can remove the related settings if you don't need them.

The next step is to process the XML drop file.
In the script, I'm only processing objects of a specific type.

$obList = $xmlDoc."cs-objects"."cs-object" | where-object { $_."object-type" -eq $ObjectType}   

For each matching object, the script issues a WMI query to ILM to retrieve the MvGuid attribute of the object.
If the attribute has a value, the script writes it into a data file:

$mvguid = (get-wmiobject -namespace "$NameSpace" -computer "." -query "$WmiQuery='$($_.id)'").MvGuid  if($mvguid.length -gt 0) {..}  

The following script code block shows the complete script to generate the source data file for the operational management agent:

#--------------------------------------------------------------------------------------------------------------------   set-variable -name MaName -value "<MA NAME>" -option constant    set-variable -name ObjectType -value "Person" -option constant   set-variable -name RegKey -value "hklm:\SYSTEM\CurrentControlSet\Services\miiserver\Parameters" -option constant    set-variable -name NameSpace -value "root\MicrosoftIdentityIntegrationServer" -option constant   set-variable -name WmiQuery -value "Select * from MIIS_CSObject where Guid" -option constant  #--------------------------------------------------------------------------------------------------------------------   $appName = ($MyInvocation.MyCommand.Path).substring(0,($MyInvocation.MyCommand.Path).length - 4)   if(test-path "$appName.txt") {remove-item "$appName.txt"}   if(test-path "$appName.xml") {remove-item "$appName.xml"}  #--------------------------------------------------------------------------------------------------------------------   write-host "Starting process:"    write-host "- Exporting data, please wait"    $csExportPath = ((Get-ItemProperty "$RegKey").Path) + "Bin\CsExport.exe"    $startinfo = new-object diagnostics.processstartinfo    $startinfo.filename = $csExportPath   $startinfo.arguments = """$MaName"" ""$appName.xml"" /o:b"    $startinfo.UseShellExecute = $false    $startinfo.CreateNoWindow = $true    $process=[Diagnostics.Process]::Start($startinfo)    $process.WaitForExit()   if($process.ExitCode -Eq -2146232832) {throw (new-object Exception "Management agent not found")}    if($process.ExitCode -Ne 0) {throw (new-object Exception "Csexport Eror: $process.ExitCode")}   #--------------------------------------------------------------------------------------------------------------------   write-host "- Retrieving data, please wait"    """ID"",""ChangeType""" | out-file -filepath "$appName.txt" -encoding "ASCII"  #--------------------------------------------------------------------------------------------------------------------   [Xml]$xmlDoc = get-content "$appName.xml"   $obList = $xmlDoc."cs-objects"."cs-object" | where-object { $_."object-type" -eq $ObjectType}    $i = 1   $matches = 0   $obList | foreach-object -process {   $x = ([int]($i/$obLIst.length * 100))   write-progress -activity "Retrieving data" -status "Please wait" -percentcomplete $x `   -currentoperation "$i of $($obLIst.length) objects processed"   $mvguid = (get-wmiobject -namespace "$NameSpace" -computer "." -query "$WmiQuery='$($_.id)'").MvGuid   if($mvguid.length -gt 0) {   """$mvguid"",""Delete""" | out-file -filepath "$appName.txt" -append -encoding "ASCII"   $matches++   }   $i++   }   write-host "- Number of objects added to the data file: $($matches)"  #--------------------------------------------------------------------------------------------------------------------   write-host "Command completed successfully"  #--------------------------------------------------------------------------------------------------------------------   trap [Exception]    {    Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred   Exit   }  #--------------------------------------------------------------------------------------------------------------------  

 

Implementing the solution

To implement the solution outlined in this article, you need to perform the following steps:

1. Generate the source data
2. Modify the target MA
3. Configure the operational MA
4. Modify the object deletion rule
5. Configure Run Profiles
6. Perform a cleanup sequence

The following sections provide more details about these steps.

Generating the source data

The heart of this solution is the source data for the operational management agent.
In this article, you find the script code to generate this data.
You should run this script first and determine whether it creates the desired results.

Modifying the target management agent

All, you need to do on the target management agent is to configure the deprovisioning synchronization rule to "Stage a delete on the object for the next export".

 

Configuring the operational management agent

In the section called "Designing the operational management agent", I have already outlined all you need to know about the configuration of the operational management agent.
To recap, you need:

• A Delimited text file management agent.
• A source data file with two columns - ID and ChangeType:

  

• ID – this is the anchor attribute that has the same value as the GUID of the managed metaverse object:

  

• ChangeType – this is the change type attribute used to indicate deletions for the processed object:

  

• A join synchronization rule that links an operational object with a metaverse object that has the anchor value as object-id:

  

 

Modifying the object deletion rule

The object deletion rule need to be configured to delete a metaverse object, when a connector from the operational management agent is disconnected:

As mentioned earlier, this is necessary to get the deprovisioning synchronization rule triggered on your target object.

Configuring Run Profiles

To test a cleanup sequence, you need to have the following run profiles configured:

Management Agent	Run Profile
My Operational MA	Full Import
My Operational MA	Delta Import
My Operational MA	Full Synchronization
My Operational MA	Delta Synchronization
Target MA	Export
Target MA	Delta Import

The configuration of run profiles is a very easy task.
For the full import and the delta import on the operational management agent, you use the same source data file.
Before configuring the run profiles, you should copy the data file to the MaData folder of your operational management agent. 

Performing a cleanup sequence

To perform a cleanup sequence, you need to perform the following steps:

1. Full import on the operational management agent
2. Full synchronization on the operational management agent
3. Delta import on the operational management agent
4. Delta synchronization on the operational management agent
5. Export on the target management agent
6. Delta import on the target management agent

 

Fine-tuning the implementation

With the solution outlined in this article, you have a basic framework to cleanup a connector space in a lab environment.
When you have tested a cleanup sequence successfully, you should look into options to fine tune the implementation.
For example, when you have verified that the script to generate the data file works as expected, you could move the script to the MaData folder of you operational management agent and extend it with script code to start the run profiles.
That way, you can fully automate the process of cleaning up your connector space.
It is also advisable to filter the processed objects more granularly.

Summary

The solution to cleanup a connector space in a lab environment I have outlined in this article is definitely not meant to be a silver bullet.
The suggested process has some limitations and can take a while to complete.
This is why you should first run the provided script to determine whether the implementation works for you.
However, since it is possible to fully automate the cleanup process, this implementation can free up some time and might also help to motivate you to do more testing.

Additional Information

For more information, please see:

• Design Concepts for Advanced Solution Components
• Understanding Deletions in ILM
• The Microsoft Identity Integration Server 2003 Technical Reference.
• Planning Synchronization Rules for MIIS 2003

 

About the author

For more than 15 years, I am working in the directory world.
I took my first steps in this area in the early '90s, when Windows NT was close to be introduced to the public.
Back in 2002, I ran into a product called MIIS and got addicted to it.
The incredible flexibility of this product in combination with the complexity of data synchronization is something that fascinates me.
Whenever I'm learning something new that seems to be "not exactly easy", I'm immediately thinking about how to make the "new stuff" digestible for others.
In essence, I have to admit that I really like teaching…

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

• Edited by Markus VilcinskasMicrosoft employee, Moderator Thursday, July 9, 2009 12:40 AM

Reply:

Not sure if I'm grasping the overall design here; so you create a new MA that is just used to stage deletes on your test data? Is that the basic idea?

------------------------------------
Reply:

Bingo - you got it right.

Cheers,
Markus

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

------------------------------------
Reply:

By the way, please let me knwo if you have more questions...
Creating a new MA "just to" sounds a bit - you know what I mean.

Folks, who are dealing with bulk deletions in FIM might not call this "just to" :o)



Cheers,
Markus

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

------------------------------------
Reply:

I guess one question would be, since you've run into this problem as well (it's been a major issue for us) and you're on the FIM team, why not put in a RFE for a WMI call to reset the state of the MV and CS to a known state?

------------------------------------
Reply:

Ahhhh - I don't think, it is that simple - although I understand what you are getting at.
You can reset your system to a known state by using database backups.
If you look at the scriptbox, you will find an example for this.

We just need to differentiate between a cleanup of certain "dirty" objects – which is what this solution is about – and a restore to a "known good state" – which involves more than just a WMI call (I think) – because someone has to define what the "good state" is. You can do this with database backups…

I hope, this makes sense.

Cheers,
Markus

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

------------------------------------
Reply:

Yes, the database restore idea is very close, other than you lose the changes you made to the MAs. This is why it doesn't work for us at least, we would lose the changes made to MAs we're working on. If there's some way to restore only the MV and the CS, that would be a major improvment for us.

(On a side note, we could show you how our enviroment is setup if it's something you'd be intrested in. Mike has our contact info.)

------------------------------------
Reply:

Now you made me really curious :o)
What kind of changes to the MAs that you would lose are you refereeing to?

Also, have you looked at MIISInfoBackup yet?

Cheers,
Markus

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

------------------------------------
Reply:

The flow rules, which attributes to import, the data source, filters.. the normal things one would need to configure when developing. These would be lost once you restored the backup.

As for MIISInfoBackup, I took a look, though I don't see a way to restore the data, it appears to only backup the data?

------------------------------------
Reply:

Ahhh – I see what you are getting at.

In my opinion, this is exactly why you need a combination of backups and cleanup processes. The problem is that you are dealing with two types of data:

• The identity data
• The identity management data

You can't just take a current snapshot of the identity management data (synchronization rules, etc.), combine this with a previous state of the identity data and move on.
At a minimum, this would require a full sync because your current management configuration might process your data differently, which means your "old good state" of identity data might actually be outdated…

What I'm getting at is that a backup of your environment needs to be planed and it is not an isolated "single-step" activity.
I don't think – at least, I can't envision how that would look like – it is technically possible to implement a "single-click-implementation" that includes all possible variations of changes.
Let me clarify this, by technically possible, I mean "in a meaningful" way. Y
ou don't want your system to spend 90% of its time on transaction logging…

It is also hard to define what a "good state" is. In the article "About exports", I'm covering a typical issue in conjunction with exports.
If nothing is exported, although it was expected to be, many people assume a mistake made by ILM. However, in most cases, it turns out to be a problem of the synchronization rule configuration.
So, the system didn't make a mistake – it was just not configured to produce the expected results.
With a database backup, you can get as close to your one-click experience as it is possible.
It is true, that a previous snapshot does not include your most recent identity management data configuration.

MIISBackupInfo takes a snapshot of your current configuration.
To import the data back into a server, you should be able to use the Import-MIISServerConfig cmdlet from the Identity Lifecycle Manager 2007 FP1 Sync Engine Configuration PowerShell Commandlets.

To summarize, I belief that a combination of database backups, identity management data exports and cleanup processes is necessary to keep a system up and running.
Now granted, this is just my personal view on things and I might be wrong.
On the bright, you can always file a bug when you think that an important component is missing that is blocking you from getting a job done.

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

------------------------------------
Reply:

You can't just take a current snapshot of the identity management data (synchronization rules, etc.), combine this with a previous state of the identity data and move on.
At a minimum, this would require a full sync because your current management configuration might process your data differently, which means your "old good state" of identity data might actually be outdated…

Yes, that makes sense, you could just do full syncs on all of the MAs after the restore. That's strait forward enough.

What I'm getting at is that a backup of your environment needs to be planed and it is not an isolated "single-step" activity.
I don't think – at least, I can't envision how that would look like – it is technically possible to implement a "single-click-implementation" that includes all possible variations of changes.

Right, I belive we're on the same page here; I was using the term "known state" to suggest that a "good state" would have to be determined on a case by case basis.

A WMI call to delete the CS of an MA would have been one solution, though the problem is that with the ADMA you need directory hierarchy in place. (I think in ILM2 some things have changed here?)

Thanks,

cs

------------------------------------
Reply:

Cove,

I'm afraid, I didn't get your last comment.

The reason for not having a WMI call to delete a CS is more related to what a CS delete does – and this is independent of the type of a connected data source.
As you know, a CS delete is not just a "delete * from table".
A deletion of a CS is like processing an imported deletion for all objects of a connected data source.
As a side-effect of this, you may not just end-up deleting a CS, you might in the worst case delete your entire metadirectory.
This is because deleting the CS object may kickoff a complete synchronization chain – which it typically does.

What I'm getting at is that something that looks like a simple WMI call, can actually trash everything, you are working with right now.
Also, aren't WMI calls supposed to be fast? A complete CS deletion can take forever…

This has not changed in FIM or ILM 2.

Like always, this is definitely not an approach to turn you down :o)
I'm just trying to convey the current thinking, which might be wrong…

Please don't forget to use connect to open a bug if you disagree with something.

Cheers,
Markus

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

------------------------------------
Reply:

Hi Markus,

I implemented your cleanup solution in my ILM2/FIM RC0 test environment (originally your suggestion about another topic ), and I would like to ask you a couple of questions.

To clean up a connector space with this method it's in any case necessary to cleanup previously the connected system, right?
Yet some MAs consider an empty connected system as invalid (e.g. a SQL Server MA); what should I do in those cases? I tried clearing the connected system and inserting a dummy object (e.g. person with PERSON_ID = 0), but maybe there is a better way.

What about MAs for which it's not possible to define a Delta Import profile (like SQL server...)? I tried with a Full Import, and things seemed to work, do you see any inconvenience in using a Full Import when a Delta Import is not available?

Thanks,
Paolo

------------------------------------
Reply:

Paolo,

originally, I've developed this solution to do FIM cleanups.
I had a group of objects I needed to get rid of and didn't want to do this manually in the portal, which is why I have developed this solution…

So, to answer your question, you can actually use this method to also cleanup your connected data source.
This is what the operational MA does – it stages deletions on the objects you want to get rid of.

It is possible to define for SQL delta imports.
If you haven't done this yet, you should take a look at

• Generating Delta Views Using Snapshots
• Generating Delta Views Using Triggers

Cheers,
Markus

---

Markus Vilcinskas, Technical Content Developer, Microsoft Corporation

------------------------------------
Reply:

Hi Markus,

   How can i export mv objects to delimited text file? I just created a SQLMYTableMA(SQLServer) to import from my sqlserver table to metaverse and that works fine and then created a new  FILEMA (Delimited text MA) to export from metaverse to a text file and ran the profile but unfortunately nothing has happened.

can you please tell me where I'm going wrong?

------------------------------------
Reply:

Saibaba,

You will need to enable provisioning and provide ILM with the corresponding provisioning DLL. You will find examples in the TechNet library and the ILM online help. Alternatively, you can download the MIIS resource kit and use the provisioning assistant to generate the necessary code for you. A final alternative is to upgrade to FIM and use the codeless provisioning feature provided with FIM.

Paul.

---

Paul Loonen (Avanade) | MCM: Directory 2008 | MVP: FIM2010

------------------------------------

IE ( Font

I am looking for very specific answers to the following question.  There are many discussions regarding fonts in this forum but none really answers the question I am about to ask.

The fonts in my IE command bar, favorites bar and status bar have become grainy and blurry.  There must be something I pressed wrong (it was not like that before as I remember)  but for the life of me, I cannot find the controls that affect these settings.  I have used Personalization a thousand times. Clear type tunings as well but to no avail.  Is it possible to really control these appearances?  It cannot be a Windows setting as my Firefox is fine.

Many thanks to anyone giving a specific answer to this question.  It has become very annoying

Loharam

---

Loharam

• Moved by JOshiro Friday, August 3, 2012 6:34 PM IE question (From:Live Connect)

Reply:

 Hi Loharam, please post this question in the IE forum instead:

http://answers.microsoft.com/en-us/ie

------------------------------------

The value expression for the textrun ' ' contains an error: The querry returned no rows for the dataset. The expression evaluates to zero.

I have 50 or 60 reports.  I was running through them today, documenting the controls & parameters when one of the reports started throwing this warning on two text boxes.  There is nothing special about these boxes.  We use similar expressions in all of our reports.  The warning wouldn't be so annoying except that MS changed VS so now this warning doesn't come up when I run the report in question.....it comes up when I run ANY report in the project.  Again, it just started flashing the warning today, after I'd run several dozen reports in the project.  I'd like to make the warning go away but it's not critical.

=sum(Fields!Transaction_Count.Value)

=sum(Fields!Sales_Order_Count.Value)

Reply:

Hi John !

You may avoid the warning message using below expression ;

=IIF(SUM(Fields!Transaction_Count.Value) IS NOTHING OR SUM(Fields!Transaction_Count.Value) = 0, 0, SUM(Fields!Transaction_Count.Value))

Please let me know if this helps. Hopefully i have answered you correctly.

Thanks, Hasham

------------------------------------
Reply:

John,

Apart from Hasham suggestion, I would try using this expression:

=sum(iif(IsNothing(Fields!Transaction_Count.Value),0,Fields!Transaction_Count.Value))

=sum(iif(IsNothing(Fields!Sales_Order_Count.Value),0,Fields!Sales_Order_Count.Value))

If you want to sum up money datatype, you would need to convert it to double, like so:

=sum(iif(IsNothing(Fields!Sales_Order_Amount.Value),CDbl(0),CDbl(Fields!Sales_Order_Amount.Value)))

I'm just using example field name, Sales_Order_Amount.

Good luck.

---

Think out of the box

------------------------------------
Reply:

Both solutions occured to me, however I am curious.  I use such a calcualtion hundreds, if not thousands of times throughout my reports.  Why would SSRS pick on two random colums to dislike?

------------------------------------
Reply:

Hi John !

Its just surprising that you didn't encounter it yet. The thing is whenever it evaluates to Nothing you should handle this with IIF statement.

Thanks, Hasham Niaz

------------------------------------
Reply:

When you said occurred, does it solve the problem or not? This happen when your query bring back null value of the field, and you need to handle them in expression. Or you could change your query to pad zero when null using isnull function.

---

Think out of the box

------------------------------------
Reply:

The thing is, the values brought back are NOT null...unless it encountered a null value along the way while it was summing.

------------------------------------

SQL Server 2012 NT_Authority|System, sysadmin is not checked by default.

In all the previous versions of SQL Servers prior to SQL Server 2012, the settings for sysadmin in NT_Authority\System is checked by default but for SQL Server 2012 this option is not checked and due to this we are facing problems with our application. Can I know why this option is not checked by default?

Thank you

Raju

Reply:

Hi,

Security enhancements in the SQL Server Database Engine include provisioning during setup, new SEARCH PROPERTY LIST permissions, new user-defined server roles, and new ways of managing server and database roles.

To enhance role separation, BUILTIN\administrators and Local System (NT AUTHORITY\SYSTEM) are not automatically provisioned in the sysadmin fixed server role. Local administrators can still access the Database Engine when in single user mode.

SQL Server now supports Managed Service Accounts and Virtual Accounts when installed on Windows 7 or Windows Server 2008 R2. For more information, see Configure Windows Service Accounts and Permissions.

The protection of operating services under a per-service SID is now extended to all operating systems. For more information, see Configure Windows Service Accounts and Permissions.

---

Ahsan Kabir

------------------------------------
Reply:

Well SQL Server only assigns this accoun sysadmin if you are running services under local system account. If you are using dedicated domain account then this is not added as sysadmin.

---

Regards,

Basit A. Farooq (MSC Computing, MCITP SQL Server 2005 & 2008, MCDBA SQL Server 2000)

http://basitaalishan.com

------------------------------------

ADMT Password Migration

Hello, I am
working on a inter forest migration where the client has migrated user accounts
with passwords. For several high profile employees, they want to reset the
target account password, login as the user, and verify the profile and other
aspects of the user experience are OK. It is known that the ADMT PES will not
migrate a password if it has not changed on the source forest/domain account throwing
the message:<o:p></o:p>

Did not try
to copy the password for CN=Test Account1, since the source password has not
been changed since the last migration of this user.<o:p></o:p>

So I was
wondering if anyone knows how to edit the ADMT database with something like the
SQL Management Studio or a similar tool to make the ADMT think that the
password is fair game for migration and will copy it again even though the
source account password has not changed.<o:p></o:p>

Thanks!<o:p></o:p>

Reply:

Honestly, I don't know and I don't think manually editing the database is supported! 

Since you are changing the password in the target, why do you need to re-copy the old password again?  I might be missing some context here.

---

Santhosh Sivarajan | Houston, TX
http://www.sivarajan.com/



This posting is provided AS IS with no warranties,and confers no rights.

------------------------------------

Azure DB Silverlight management interface

Firstly, I'd like to say it's great having Azure and the one less headache of managing hardware and networking configuration!

I used to use SQL Server Management Studio and Visual Studio Professional to write my SQL statements and Stored Procs.

With Azure,  I found much to my detriment that I am forced to use the Silverlight interface to create stored procedures. The issue being that the Silverlight Azure DB interface only allowed for one lot of 'undo' / CTRL+Z

I pasted from clipboard what I thought was a backed up version of the procedure I was writing. As it happened, it was a similar stored procedure and continued editing without realising it was the wrong stored procedure that had been pasted in.

Anyone else found the Silverlight inteface a bit restrictive and caused a few issues they weren't expecting?

Reply:

Were you aware that you can still use SQL Server Management Studio to manage Azure databases?

It requires at least 2008 R2, or the new 2012 RC, but it works just fine.

Connect to the Azure DB using the full connection string, that looks  like <YourServerName..database.windows.net>

Make sure you use SQL Authentication, and put in your username and password...

SQL Server Management Studio will hook right up to it.  Right click on Stored Procedures / New Stored Procedure... and...

You're good to go.  It's a much richer experience than the Silverlight console.

-Adam Hoffman

Windows Azure Blog - http://stratospher.es

Twitter - http://twitter.com/stratospher_es

• Edited by Adam Hoffman Sunday, January 6, 2013 4:33 AM

------------------------------------
Reply:

Make sure that you firewall allows port 1433 when you are connecting from management studio.

Here is the blog with simple steps to connect to sql azure with management studio.

---

Please mark the replies as Answered if they help and Vote if you found them helpful.

------------------------------------
Reply:

Thanks Adam.

Just discovered this. The Visual Studio 'connect to database' doesn't allow for modifications so I assumed that SQL Server Management Studio would have the same result.

------------------------------------
Reply:

Thanks Veerendra

------------------------------------

"Redirect" in outlook 2010 ?!

"The Bat" has a splendid feature called " redirect " where you can redirect any of received messages. It's very usefull. Will this feature be included in outlook 2010?

Reply:

"The Bat" has a splendid feature called " redirect " where you can redirect any of received messages. It's very usefull. Will this feature be included in outlook 2010?

Redirect has been in the Outlook Rules Wizard for a long time.

---

-B-
http://www.officeforlawyers.com
Author: The Lawyer's Guide to Microsoft Outlook

------------------------------------
Reply:

You got me wrong. Suppose you received a message yesterday and you want to redirect it to another address today . How do you do it?

------------------------------------
Reply:

Redirect rule only works with Exchange server accounts AFAIK. I don't think that will change.

If you want to redirect, attach the message to a new message. The recipient opens the attachment and replies to it.  Or open the message and resend. See http://www.outlook-tips.net/archives//2004/20040329.htm for details.

There is at least 1 redirect tool - see http://www.slipstick.com/addins/mail.asp for links.

---

Diane Poremsky [MVP - Outlook]
Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com

------------------------------------
Reply:

Is it reasonable to use an application which requires you to pay for features included in other email applications? Is it so difficult for MS to add such features to her well-known mail software?

------------------------------------
Reply:

Outlook has its list of features. The Bat has its list of features. Some features are common to both products. Some are different. You pay your money and you take your choice. That's the free market.

---

Simon Jones http://pcpro.co.uk

------------------------------------
Reply:

You got me wrong. Suppose you received a message yesterday and you want to redirect it to another address today . How do you do it?

CTRL+F. 

---

-B-
http://www.officeforlawyers.com
Author: The Lawyer's Guide to Microsoft Outlook

------------------------------------
Reply:

Yes, I would use "Forward" too but that doesn't "lie" about where the email came from.

"Redirect" sends the email on to someone, pretending it came directly from the person who sent it to you, so that when the recipient clicks "Reply" the resulting email is addressed to the original sender and not you.

---

Simon Jones http://pcpro.co.uk

------------------------------------
Reply:

There is a free Redirect Messages utility that can manage this and more.

---

Alexey Kuznetsov,
Relief Software
More than 70 free add-ins for Outlook

------------------------------------
Reply:

same problem but now annoyed

outlook 2003 and 2007 allowed a "resend"  that achieved exactly the purpose - the purpose being, (for those who think "forward" is the same thing) to forward the message in such a manner that the receiver had all the functiionality of the original recipient - eg hit reply and the "to" address is the original sender not the person who forwarded it to you and all header information is intact.

Microsoft even gave you a polite little "from XXX on behalf of xxx" so you knew who it came from and how it got there.

Now why have they stuffed that up in 2010?

2010 only appears to do the same thing EXCEPT the fuctionality is now the same as forward - hit reply and you are replying to the farwarder not the originator... !!! what FFFing use is that!!!

------------------------------------
Reply:

Are you using the Resend feature? When i use Resend to 'redirect' a message then reply, it goes to the correct address.

What type of email account do you use? Some mail servers won't allow you to use other address and will change it to the account owner's address.

---

Diane Poremsky [MVP - Outlook]
Outlook Daily Tips | Outlook & Exchange Solutions Center
Subscribe to Exchange Messaging Outlook weekly newsletter

------------------------------------
Reply:

I realize this thread is a little old but I'm using Outlook 2010:

1. Open received email
2. Click, "File"
3. Click, "Info"
4. Click, "Message Resend and Recall"
5. Click, "Resend this Message..."

• Edited by thepip3r Friday, April 27, 2012 1:17 PM

------------------------------------
Reply:

I stumbled over this hint today (looking for a way to "redirect" in Outlook 2010), and tried it. Worked insofar as my Outlook did what it was told. But our company Exchange server refused it.

I tried to redirect a message I received myself (from a client, i.e., outside of our company/exchange server) to our support (inside); I guess the Exchange Server can only allows this inside its scope (and there a special right must be granted)?

------------------------------------
Reply:

When you redirect, you are resending from the original sender. You do not have send as rights for that address (and can't be assigned them) so you can't redirect the message. You could forward it as an attachment - the person you forward to can reply to the attached message or drag it from your forward and drop it in their inbox.

---

Diane Poremsky [MVP - Outlook]
Outlook Daily Tips | Outlook & Exchange Solutions Center
Subscribe to Exchange Messaging Outlook weekly newsletter

------------------------------------

Benefits of SQL 2012

We are about to upgrade a farm from MOSS 2007 to SP 2010. Currently the plan is to use SQL 2008 R2 for the content DBs. Are there any compelling reasons to use SQL 2012? i've been looking for a white paper that might describe the benefits of 2012 for a SP Farm, but i cannot find one.

TIA for any thoughts.

Dean

---

Dean MCTS-SQL 2005 Business Intelligence, SharePoint 2010, Configuration

Reply:

You might benefit from different high availability options like AlwaysOn, or BI features like new version of powerPivot. Also PowerView (replacement for reporting services integration) is a huge benefit of SQL 2012.

---

Marek Chmel, WBI Systems (MCTS, MCITP, MCT, CCNA)
Please Mark As Answer if my post solves your problem or Vote As Helpful if a post has been helpful for you.

------------------------------------

TMG 2010 SP2 RU2 - HTTPS Upload Timeouts

Hi Folks

I am hoping someone can assist us with an upload issue we are seeing. We have a TMG Array that reverse publishes a SharePoint Server Farm. The problem we are seeing is that when a large file uploads (120MB) gets to 99% we receive a page could not be displayed error as follows:

Error Code 10054: Connection reset by server

• Background: When the gateway or proxy server contacted the upstream (Web) server, the connection was ended by the upstream server

It appears that the completetion web page is never received and thus the file upload fails. We dont appear to have this issue with smaller files <50MB.

When we upload the file from the internal network bypassing the TMG we have no problems at all. We have already tuned all the IIS timeout options and increased various settings in the sharepoint web.config file but this still happens. This would very much appear to be a timeout with TMG of some kind, does anyone have any ideas on this one and if there are tweaks I can make to our TMG listeners or rules that would help?

We use FBA with LDAP Pre-Auth for authentication.

TIA

Adam

"Sharepoint foundation Site Search" in new site collection using "Microsoft template" is not returing any result

Hi,

I am using Sharepoint foundation 2010, In a team Site . Serach is working fine.

but when i am creating new site collection using "Microsoft Commerce Template" search is not returing any result.

pls help me on this issue .

Thanks,

eStore

• Edited by estore2009 Friday, August 3, 2012 12:39 PM

The "Show off your Virtual Business Card" thread

So now that the VBCs have been launched, lets show them off.

Log into the Virtual Business Card builder site and create your card. Once you are finished, you can come back here and share them.

Unfortunately you cannot embed the interactive ones on this site so you will just need to link to them using the create link buttons in the thread editor toolbar

So I will get the ball rolling with mine.

My interactive card here and my full profile here

---

Blog: http://www.certsandprogs.com

70-536 Objectives List with MSDN Links
70-505 Objectives List with MSDN Links
70-562 Objectives List with MSDN Links
70-433 Objectives List with MSDN Links

Reply:

Hello,

My Interactive card is here and my profile here

Lets hope that with the next forum software update it will be possible to embed the card into the  .sig,
that would be a cool feature.

Rob.

------------------------------------
Reply:

You can see my card here and my full profile here 

---

MCP, MCDST, MCTS x 4, MCITP x 2

Please don't forget to mark this post as an answer if it is the solution to your problem!

If you like trance music, please listen to my radio show, by subscribing to the Trancendance Podcast, or by listening to the show as it airs on the third Wednesday of every month at 4pm (London Time)on www.slinky.fm

View my MCP Certifications

------------------------------------
Reply:

Here is my VB card and my profile .

Hopefully I can fill up the contents of "My Certifications" tab over time :-)

Peter

---

Peter Moss, P. Eng.
Software Engineer/Architect

------------------------------------
Reply:

Here is my card and my profile.

Now, if I could just get through the 83-640.  For what ever reason that one is intimidating me to no end.  It's holding up my 70-865 and 70-686.

Mike

------------------------------------
Reply:

Hi Rubel / Niall ,

Please update below information.

 

Microsoft Certification Program Update by

MSFT Learning update

Published Date: 05/20/2010
Expiration Date: 06/30/2010
Geography: Worldwide

You spoke, we listened! Over the next few months we’ll introduce enhancements to the Microsoft Certification Program—all based on your feedback:
 

1.      Events and opportunities to connect with employers seeking MCPs

2.      Reintroduction of MCP wallet cards

3.      MCP e-store improvements

4.      MCP Member site enhancements

5.      Payment through PayPal when ordering certificates

 

 

 

------------------------------------
Reply:

you say re-introduction of wallet card - when is this likely to happen please?

love the vbc option but the wallet card is fantastic from a client stand point as they are more inclined to trust this.

 

many thanks, Damian.

• Edited by Damian Lynch Friday, May 21, 2010 8:47 AM spelling was terrible :)

------------------------------------
Reply:

Damian,

 

We are not sure the exact date. We will post you update when we have from Microsoft.

---

Sachin Shetty| MCP|MCTS|MCITP| Please remember to mark the replies as answers and Vote as helpful if they help and unmark them if they provide no help.Thank you in advance.

------------------------------------
Reply:

Here's mine

 

View my MCP Certifications

------------------------------------
Reply:

And here is mine profile:

https://www.mcpvirtualbusinesscard.com/VBCServer/toniu/profile

And BC:

https://www.mcpvirtualbusinesscard.com/VBCServer/toniu/interactivecard

(just fishing for a couple of views for my IT Grand Prix team. :))

------------------------------------
Reply:

Here is mine: 

Javascript card

Profile

---

MCPD, MCITP, MCTS, MCSD.NET, MCDBA

------------------------------------
Reply:

A Good write up.

you are very helpful

---

san diego mls lcd wall mount weekly car rental

------------------------------------
Reply:

HEY AM NEW HR ...... RECENTLY I COMPLETED MY MCSE ...

https://www.mcpvirtualbusinesscard.com/VBCServer/apurwaraj/profile

---

WANT TO BE DA VINCI OF TODAYS WORLD

------------------------------------
Reply:

Definitely, the old plastic card definitely has their own glamor among student community. They can simply take out the card from their wallet and flash it among friends. The cards were definitely a motivating factor for writing and attending Microsoft exams.

I am writing this from my personal experience of managing mitcampus (www.mitcampus.com)wherein certifications for microsoft, cisco, and redhat such as MCITP, MCSE, CCNA, RHCE, MCP certifications are taken by students. You should see the student's face when they receive their pocket cards ..

 

Arunjith | Manginng Director | MIT Campus Trivandrum

------------------------------------
Reply:

This is my one

https://www.mcpvirtualbusinesscard.com/VBCServer/websfarhan/profile

------------------------------------
Reply:

My interactive card is here and my full profile is here

---

---

Kind Regards,
Waleed El-Badry

 

------------------------------------
Reply:

Hello,

That's fine, What is the other Virtual Business Card builder advantages?

---

If you are looking for the best san diego audio visual services, search no where, Gotuwired is the best company in the business with a huge list of satisfied clients.

------------------------------------
Reply:

Hello,

My Interactive card is here and my profile here

Rich

------------------------------------
Reply:

Here's mine, a bit feeble compared to some, but only really starting out on MS Certs.

BC

Profile

---

Mark Railton, MCTS, MCP

------------------------------------

ProjectCustomFieldsRow how get Title?

Not found property Title (or Name) for ProjectCustomFieldsRow 

http://msdn.microsoft.com/en-us/library/websvcproject.projectdataset.projectcustomfieldsrow_members.aspx

How get this property?

Reply:

Hi There--

While you are creating a new row for project level custom field in Project data set, you will need to set the MD_PROP_UID which is the LT_UID of Custom fields dataset.  If you are setting a text value, you will need to have the TEXT_VALUE, if that is a lookup value, set the CODE_VALUE.

Custom field Name will be stored in Custom fields table as MD_PROP_NAME.

Please see Brian's excellent article to understand :
http://blogs.msdn.com/b/brismith/archive/2010/08/25/project-server-adding-custom-fields-to-projects-and-tasks-using-the-psi.aspx

Hope that helps.

---

If you found this post helpful, please "Vote as Helpful". If it answered your question, please "Mark as Answer". Thanks, Amit Khare |EPM Consultant| Blog: http://amitkhare82.blogspot.com http://www.linkedin.com/in/amitkhare82

------------------------------------

I dot want to disturb my logshipping can I use copy_only

I need one confirmation:

I have logshipping as DC-DR Solution.

Can I take copy_only full backup of logshipped database?

I dot want to disturb my logshipping

---

Thanks

Reply:

Hi,

Yes, You can take copy_only backup from primary for sure and it will no break the backup chain. Also, even if you take the full backup without COPY_ONLY option, log shipping will not be affected. Copy_Only is used for not to disturb the differential backup chain.

---

- Chintak (My Blog)

------------------------------------
Reply:

taking a full backup on a log shipping configured server will not disturb the log shipping, you are taking backup with copy_only it your SQL Server 2005 or  2008 /R2,

---

Ramesh Babu Vavilla MCTS,MSBI

------------------------------------
Reply:

Thanks

---

Thanks

------------------------------------

IP Spoofing from VPN Clients with an TMG Array

Hi,

As you all know TMG can generate a lot of alerts. Sometimes you can just ignore them, as even mentioned in the alert description. In the days I have implemented TMG at several customers one alert in particular is bugging me. I have recently found the issue. But I wonder if Microsoft is aware of this issue or whether there is something you can do about it. Allow me to explain..

Suppose you have an TMG array of two array-members with the following configuration.

• Each array-member has three network interfaces; one External Network, one Internal Network and one Intra-Array Network.
• NLB is enabled on the External Network and Internal Network.
• Intra-Array communication is enabled on the Intra-Array Network.
• VPN Client functionalitey is enabled.
• Each TMG array-member has a DHCP scope range.
• VPN Clients have a TMG Firewall Client and use WPAD (Web Proxy Automatic Detection) as well.

Although everything seems to work fine TMG is filled with IP spoofing logging and generates the following alert description.

Description: Forefront TMG detected a possible spoof attack from the IP address x.y.z.h. A spoof attack occurs when an IP address that is not reachable through the network adapter on which the packet was received. If logging for dropped packets is enabled, you can view details of this attack in the Firewall log in Forefront TMG log viewer. If the IP address belongs to a VPN client, this event may be ignored.

I have investigated this and found exactly what is causing this. To explain you I created the following simplistic example which makes it easier to explain.

Please note that these IP Addresses and subnets above are not real, for security reasons they are changed for this example.

As you can see TMG01 has a DHCP Scope Range of 172.16.251.1 - 172.16.251.254, and TMG02 has a DHCP Scope Range 172.16.252.1 - 172.16.254. What happens is the following...

Because TMG uses an Intra-Array Network each TMG array-member will automatically create a static route to one and another which points to the Intra-Array interface of the other array-member. If you would do a route print 172.16.252.* on the TMG01, you get the following result...

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination  Netmask         Gateway                Interface              Metric
172.16.252.0               255.255.255.0  222.222.222.202   222.222.222.201  10

This look fine. But... for example, when a VPN Client 172.16.252.51 (established on the TMG02) tries to establish a connection with a proxy.yourdomain.local [172.16.1.254] NLB address or directly to 172.16.1.1 [TMG01] it will be routed through the Internal Network interface from TMG02 to TMG01. TMG01 will therefore see this traffic as IP spoofing! TMG01 would expect it to be routed through the Intra-Array interface, which it doesn't.

A very easy way to check this issue is to establish a VPN connection. Check which TMG array-member you are connected with. And then ping the internal IP Address of the other TMG array-member. You will now see a IP Spoofing apearing in the logging and alerts. And in the SCOM dashboard if you have implemented that as well.

Although this may sound logic. This can cause a lot of Denied Connections, logging, confusion and affect performance. TMG does its job, but from another point of view the VPN Client behaves normal. In fact, something is not right.

I think this is an issue that should be addressed with the Forefront TMG team. There must be something they can do about it. Or is there a solution?

---

Boudewijn Plomp, BPMi Infrastructure & Security

• Edited by Boudewijn Plomp Friday, August 3, 2012 10:51 AM

Split for format

Hi folks

Just to add to this.  If we do the following in order:

• Install Office (without Outlook)
• Rerun Office Installation

Then the proofing tools are added.  That would be OK but they are a Lotus Notes house and actually like Notes client.

Weird huh?

• Split by Max Meng Monday, August 6, 2012 1:52 AM Split for format

MDS web site displays The Microsoft SQL Server license has expired.

We are running the RTM version of SQL Server 2012. Just installed MDS. However, when browsing to the website  we get the license has expired message. The box has been upgraded from the RC0 release some time ago. None of the other SQL Services show any problems with the license.

Any ideas gratefully received

Andy

The MDS trace log is below:

MDS Error: 0 : Service started successfully,  Assembly version: 11.0.0.0, file version: 11.0.2100.60 ((SQL11_RTM).120210-1917 )
    DateTime=2012-08-03T07:41:37.8437555Z
MDS Error: 0 : ApiContractVersion: 5102
    DateTime=2012-08-03T07:41:37.8593569Z
MDS Start: 1 : Service.InitializeExpirationStatus
    DateTime=2012-08-03T07:41:37.8593569Z
MDS Information: 0 : Evaluation period days remaining code: 4294967040
    DateTime=2012-08-03T07:41:37.9997695Z
MDS Stop: 2 : Service.InitializeExpirationStatus
    DateTime=2012-08-03T07:41:37.9997695Z
MDS Start: 1 : HostContext.GetHostContext
    DateTime=2012-08-03T07:41:38.0933779Z
MDS Information: 0 : The host context is detected to be ASP.NET.
    DateTime=2012-08-03T07:41:38.0933779Z
MDS Information: 0 : Successfully set culture to 'en-GB'.
    DateTime=2012-08-03T07:41:38.1089793Z
MDS Stop: 2 : HostContext.GetHostContext
    DateTime=2012-08-03T07:41:38.1089793Z
MDS Start: 1 : RequestContext.InitializeRequestContext
    DateTime=2012-08-03T07:41:38.1089793Z
MDS Start: 1 : RequestContext.InitializeDatabaseContext
    DateTime=2012-08-03T07:41:38.1089793Z
MDS Stop: 2 : RequestContext.InitializeDatabaseContext
    DateTime=2012-08-03T07:41:38.7954409Z
MDS Start: 1 : RequestContext.InitializeCurrentUser
    DateTime=2012-08-03T07:41:38.7954409Z
MDS Verbose: 0 : Successfully obtained the current Windows principal from the host context.
    DateTime=2012-08-03T07:41:38.7954409Z
MDS Information: 0 : Successfully obtained the current windows identity: Name=SAGEUKXX\xxxx.xxxxx, SID=S-1-5-21-2318973911-2711420513-2258497652-55350 from the windows principal.
    DateTime=2012-08-03T07:41:38.7954409Z
MDS Information: 0 : Session support is enabled for the current request for user SAGEUKXX\xxxx.xxxxx.
    DateTime=2012-08-03T07:41:38.7954409Z
MDS Start: 1 : RequestContext.IsExistingSession
    DateTime=2012-08-03T07:41:38.7954409Z
MDS Stop: 2 : RequestContext.IsExistingSession
    DateTime=2012-08-03T07:41:38.8266437Z
MDS Information: 0 : MDS user information needs to be refreshed for user SAGEUKXX\xxxx.xxxxx.
    DateTime=2012-08-03T07:41:38.8266437Z
MDS Start: 1 : RequestContext.RefreshAndLoadCurrentUser
    DateTime=2012-08-03T07:41:38.8890493Z
MDS Start: 1 : RequestContext.GetDirectoryGroupMemberships
    DateTime=2012-08-03T07:41:39.2634829Z
MDS Stop: 2 : RequestContext.GetDirectoryGroupMemberships
    DateTime=2012-08-03T07:41:39.3258885Z
MDS Start: 1 : PrincipalInfo.TryGetPrincipalInfo
    DateTime=2012-08-03T07:41:39.3414899Z
MDS Information: 0 : Principal name SAGEUKXX\xxxx.xxxxx was parsed into domain name SAGEUKIE and account name xxxx.
    DateTime=2012-08-03T07:41:39.3414899Z
MDS Start: 1 : PrincipalInfo.TryGetPrincipalFromActiveDirectory
    DateTime=2012-08-03T07:41:39.4506997Z
MDS Start: 1 : PrincipalInfo.GetDirectorySearcher
    DateTime=2012-08-03T07:41:39.4663011Z
MDS Information: 0 : Attempting to create a directory searcher for domain SAGEUKIE.
    DateTime=2012-08-03T07:41:39.4663011Z
MDS Stop: 2 : PrincipalInfo.GetDirectorySearcher
    DateTime=2012-08-03T07:41:39.4663011Z
MDS Information: 0 : Principal xxxx found by directory searcher.
    DateTime=2012-08-03T07:41:40.1527627Z
MDS Stop: 2 : PrincipalInfo.TryGetPrincipalFromActiveDirectory
    DateTime=2012-08-03T07:41:40.1527627Z
MDS Stop: 2 : PrincipalInfo.TryGetPrincipalInfo
    DateTime=2012-08-03T07:41:40.1527627Z
MDS Information: 0 : Information for SAGEUKXX\xxxx.xxxxx was obtained from the external security directory. MDS information will be updated for the principal, if needed.
    DateTime=2012-08-03T07:41:40.1527627Z
MDS Information: 0 : MDS user information for SAGEUKXX\xxxx.xxxxx is up to date with the external security directory. No updates are needed.
    DateTime=2012-08-03T07:41:40.1683641Z
MDS Verbose: 0 : Populating user group information for the current user.
    DateTime=2012-08-03T07:41:40.1683641Z
MDS Verbose: 0 : Updating user group information for the current user.
    DateTime=2012-08-03T07:41:40.1995669Z
MDS Start: 1 : RequestContext.RefreshMdsGroupMemberships
    DateTime=2012-08-03T07:41:40.3711823Z
MDS Verbose: 0 : Populating function privileges for the current user.
    DateTime=2012-08-03T07:41:40.3711823Z
MDS Stop: 2 : RequestContext.RefreshAndLoadCurrentUser
    DateTime=2012-08-03T07:41:40.4023851Z
MDS Start: 1 : RequestContext.CacheUser
    DateTime=2012-08-03T07:41:40.6676089Z
MDS Information: 0 : Active MDS user information should be considered current for 20 minutes.
    DateTime=2012-08-03T07:41:40.6832103Z
MDS Information: 0 : A new session or conversation is starting for yfjy501wvvnb1pgwxgvszu00.
    DateTime=2012-08-03T07:41:40.7768187Z
MDS Stop: 2 : RequestContext.CacheUser
    DateTime=2012-08-03T07:41:40.7768187Z
MDS Information: 0 : User SAGEUKXX\xxxx.xxxxx successfully authenticated to MDS.
    DateTime=2012-08-03T07:41:40.7768187Z
MDS Stop: 2 : RequestContext.InitializeCurrentUser
    DateTime=2012-08-03T07:41:40.7768187Z
MDS Stop: 2 : RequestContext.InitializeRequestContext
    DateTime=2012-08-03T07:41:40.7768187Z
MDS Start: 1 : HostContext.GetHostContext
    DateTime=2012-08-03T07:41:41.1512523Z
MDS Information: 0 : The host context is detected to be ASP.NET.
    DateTime=2012-08-03T07:41:41.1512523Z
MDS Information: 0 : Successfully set culture to 'en-GB'.

    DateTime=2012-08-03T07:41:41.1512523Z
MDS Stop: 2 : HostContext.GetHostContext
    DateTime=2012-08-03T07:41:41.1512523Z
MDS Start: 1 : 
                  Begin operation: ExecuteRequest
                  Host info:       http://n0xxxx1:80/MDS/default.aspx
                  User Name:       SAGEUKXX\xxxx.xxxxx
                  Time:            08/03/2012 08:41:41
    DateTime=2012-08-03T07:41:41.4476789Z
MDS Verbose: 0 : Request message:
<SystemSettingsGetRequest xmlns="http://schemas.datacontract.org/2004/07/Microsoft.MasterDataServices.Services.MessageContracts" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
  <International i:nil="true" xmlns:a="http://www.w3.org/2005/09/ws-i18n" />
  <SearchCriteria xmlns:a="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09">
    <a:Group i:nil="true" />
  </SearchCriteria>
</SystemSettingsGetRequest>
    DateTime=2012-08-03T07:41:41.6504971Z
MDS Error: 0 : Evaluation period has expired.
    DateTime=2012-08-03T07:41:41.6973013Z
MDS Stop: 2 : 
                  End  operation: SystemSettingsGet
                  Host info:       http://n0xxxx1:80/MDS/default.aspx
                  User Name:       SAGEUKXX\xxxx.xxxxx
                  Time:            08/03/2012 08:41:41
    DateTime=2012-08-03T07:41:41.7597069Z
MDS Verbose: 0 : Response message:
<SystemSettingsGetResponse xmlns="http://schemas.datacontract.org/2004/07/Microsoft.MasterDataServices.Services.MessageContracts" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
  <OperationResult xmlns:a="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09">
    <a:Errors />
    <a:RequestId>9f76917d-763c-446f-a592-be087fef975a</a:RequestId>
  </OperationResult>
  <SystemSettingsGroups xmlns:a="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09" />
</SystemSettingsGetResponse>
    DateTime=2012-08-03T07:41:41.8533153Z
MDS Error: 0 : LogError : The Microsoft SQL Server license has expired.
    DateTime=2012-08-03T07:41:41.9001195Z

• Changed type Ed Price - MSFTMicrosoft employee Tuesday, December 23, 2014 1:12 AM

thanks to the person

the kapersky virus removal work for i install sp3 thanks alot

Windows 7 with Service Pack 3 ！！！？

Recent days I found turn on/off Windows Features shows a blank list

I followed some instructions http://blogs.msdn.com/b/astebner/archive/2009/01/09/9303167.asp

installed an update pack called Windows6.1-KB947821-v22-x64.msu and checked the log files %windir%\Logs\CBS\CheckSUR.log shows no errors detected

=================================
Checking System Update Readiness.
Binary Version 6.1.7601.21645
Package Version 15.0
2012-07-31 20:49

Checking Windows Servicing Packages

Checking Package Manifests and Catalogs

Checking Package Watchlist

Checking Component Watchlist

Checking Packages

Checking Component Store

Summary:
Seconds executed: 306
 No errors detected

I also run sfc /scannow shows no errors

after all this step done I found out my OS information as pic shows

Reply:

Very odd indeed!

I'd love to see an MGADiag report of that system, If you wouldn't mind? (download and save to desktop - http://go.microsoft.com/fwlink/?linkid=52012 )
 Once saved, run the tool.
Click on the Continue button, which will produce the report.
 To copy the report to your response, click on the Copy button in the tool (ignore any error messages at this point), and then paste (using either r-click/Paste, or Ctrl+V ) into your response.

---

Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

------------------------------------
Reply:

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-YG69F-9M66D-PMJBM
Windows Product Key Hash: /kehptF9HHVxM5d8dUnqgcfndXw=
Windows Product ID: 00426-OEM-8992662-00497
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.3.0.001
ID: {98C8B8AA-B1C5-4753-9F53-74B653EE0B5A}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.120503-2030
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]
File Mismatch: C:\windows\system32\wat\npwatweb.dll[Hr = 0x80070003]
File Mismatch: C:\windows\system32\wat\watux.exe[Hr = 0x80070003]
File Mismatch: C:\windows\system32\wat\watweb.dll[Hr = 0x80070003]

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{98C8B8AA-B1C5-4753-9F53-74B653EE0B5A}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.3.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-PMJBM</PKey><PID>00426-OEM-8992662-00497</PID><PIDType>2</PIDType><SID>S-1-5-21-1407121233-1790849287-4282149348</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite C805</Model></SYSTEM><BIOS><Manufacturer>Insyde Corp.</Manufacturer><Version>1.50</Version><SMBIOSVersion major="2" minor="7"/><Date>20120419000000.000000+000</Date></BIOS><HWID>A4DB3407018400FE</HWID><UserLCID>0804</UserLCID><SystemLCID>0804</SystemLCID><TimeZone>中国标准时间(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSQCI</OEMID><OEMTableID>TOSQCI00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

Spsys.log Content: 0x80070002

Licensing Data-->
软件授权服务版本: 6.1.7601.17514

名称: Windows(R) 7, Ultimate edition
描述: Windows Operating System - Windows(R) 7, OEM_SLP channel
激活 ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
应用程序 ID: 55c92734-d682-4d71-983e-d6ec3f16059f
扩展 PID: 00426-00178-926-600497-02-2052-7601.0000-1982012
安装 ID: 010403703441412574113513837952795702329436207885244263
处理器证书 URL: http://go.microsoft.com/fwlink/?LinkID=88338
计算机证书 URL: http://go.microsoft.com/fwlink/?LinkID=88339
使用证书 URL: http://go.microsoft.com/fwlink/?LinkID=88341
产品密钥证书 URL:http://go.microsoft.com/fwlink/?LinkID=88340
部分产品密钥: PMJBM
许可证状态: 已授权
剩余 Windows 重置计数: 3
信任时间: 2012/8/1 17:41:03

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Not Registered - 0x80040154
Admin Service: Not Registered - 0x80040154
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: MgAAAAEAAQABAAEAAAACAAAABAABAAEAonZ0HYRG3nJgIx4XYj1aKbL7TKFyir5BLnM=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
  ACPI Table Name    OEMID Value    OEMTableID Value
  APIC            TOSQCI        TOSQCI00
  FACP            TOSQCI        TOSQCI00
  HPET            TOSQCI        TOSQCI00
  BOOT            TOSQCI        TOSQCI00
  MCFG            TOSQCI        TOSQCI00
  WDAT            TOSQCI        TOSQCI00
  UEFI            TOSQCI        TOSQCI00
  ASF!            TOSQCI        TOSQCI00
  SLIC            TOSQCI        TOSQCI00
  SSDT            INSYDE        CR CRB  
  ASPT            TOSQCI        TOSQCI00
  MSDM            TOSQCI        TOSQCI00
  FPDT            TOSQCI        TOSQCI00
  SSDT            INSYDE        CR CRB  
  SSDT            INSYDE        CR CRB  

------------------------------------
Reply:

Interesting - the install is counterfeit.

The Key in use is the infamous Lenovo Stolen Key.

How you managed to get it to activate, I have no idea - but the only reason that it's not showing as non-genuine is that it has never been validated, and the WAT update is not installed.

You need to reformat and reinstall using genuine media and Key

---

Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

------------------------------------
Reply:

My hard disk broken last month, and I got a newer hard disk with Home Basic version installed from Toshiba Service Center.

Then upgraded to ultimate version using the key found on internet.

Is that any chance install WAT update to fix the problem? I'm not willing to reinstall OS.

------------------------------------
Reply:

For what version and edition of Windows is the machine licensed, *according to the COA Sticker* on the case (or inside the battery compartment)?

Do you have an Upgrade license for Ultimate?

Persuading the Lenovo Key to activate on ANY machine takes an Activation Exploit of some kind - and such exploits often do a lot more than they say on the tin, and come complete with malware, backdoors, etc..

In all such cases, I really do recommend a reformat/reinstall, as it's the only way to be sure that the system is malware-free (such exploits hook into the system at a very low level). Having said that, if your COA is for Ultimate, then you can change the Key to the one on the sticker using the command 'SLUI 3' which will bring up the change key wizard, and take you to activation - you may need to activate by phone.

---

Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

------------------------------------
Reply:

Thx a lot.

------------------------------------
Reply:

You're welcome - sorry about the bad news.

---

Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

------------------------------------