Would you like to provide your users with accessibility to your company’s e-mail system no matter where they are? With Microsoft Outlook Web Access for Exchange Server, they’ll never be more than a browser (with frames support) away from their Inbox. They can have secure access to their Inbox and calendar from any PC with Internet access in the world.
This article appears courtesy of TechRepublic’s TechProGuild, the subscription Web resource for IT administration and support professionals. Among other great benefits, TechProGuild offers in-depth technical articles, e-books, and weekly chats moderated by industry experts on hot topics such as the latest OS developments and career advancement. Sign up now for a FREE 30-day trial of our TechProGuild service.
Outlook Web Access (OWA) became available with Microsoft Exchange version 5. Basically, OWA is intended to supplement Microsoft Outlook. It gives users remote access to many of the core components and functions of the client that they use in the office. Unfortunately, most administrators don’t know about it, so they don’t use its great features. In this Daily Drill Down, I’ll discuss how you can put these helpful features to work in your organization.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

Outlook Web Access requirements
For your server, you’ll need the following components:

* Pentium 6/200 single processor
* 256 MB RAM
* Network connection to Microsoft Exchange Server
* Microsoft Windows NT operating system with Service Pack 4 (SP4) or later
* Microsoft Internet Information Server (IIS); Exchange Server 5.0 supports IIS 3.0 only, but Exchange Server 5.5 supports IIS 3.0 or later
* Active Server Pages (ASP), which are available on Microsoft Windows NT 4.0 Service Pack 3 CD-ROM
* Active Server components (which come with Exchange Server 5.0) or Outlook Web Access components (which come with Microsoft Exchange Server 5.5)
* Exchange Server 5.0 Service Pack 1 (SP1) or Microsoft Exchange Server 5.5 Service Pack 2 (SP2); SP1 and SP2 provide enhanced Outlook Web Access components

For your client, you’ll need an Internet browser that’s capable of displaying Active Server Pages. You’ll also need Internet Explorer 3.02 or later (or any third-party browser that’s capable of supporting frames).

Outlook Web Access recommendations
As with most of Microsoft’s server-based products, you ought to dedicate at least one server to performing the foundation that’s needed by Internet Information Server and Outlook Web Access Server components. Microsoft recommends that Outlook Web Access and Microsoft Exchange Server not be installed on the same machine. (Please note that Windows NT Challenge/Response (NTLM) authentication isn’t supported.) Microsoft also recommends that you use load balancing hardware or software in order to serve users better and to improve server response and availability.

The Microsoft Outlook Web Access server performs most of the processing for connected clients. The OWA Server also handles the entire load that’s required by active client connections. Supporting one client on the Outlook Web Access Server is similar to running one instance of Microsoft Outlook. Thus, to support the connections and requests, the Outlook Web Access Server must run many active MAPI sessions to the Microsoft Exchange Server. The overhead that’s created by the Internet browser running on the client computer is small, but the session that’s created by the client connection to the Outlook Web Access Server consumes many resources on that server. Keep this information in mind and plan the potential load on the Outlook Web Access Server accordingly.

When you plan any project, you must address scalability. To ensure that OWA maintains a semblance of scalability and to allow for organizational growth and changes, Outlook Web Access and Internet Information Server must reside on a dedicated server that’s separate from other Exchange Servers. As the number of clients increases, the load on the Outlook Web Access Server will increase, and you’ll need to add more servers. You can add more OWA Servers without affecting the existing Microsoft Exchange Server or the mailboxes in your organization.

When you need to add another Microsoft Outlook Web Access Server to your organization, load balancing makes the process much easier. Load balancing, which is available in hardware and software variations, allows multiple servers to process and handle requests that are intended for a single IP address. Load balancing has several benefits. First, users will need only one URL to access their e-mail accounts; the load balancing software or hardware will determine which Outlook Web Access Server handles the request. Another benefit is its continued availability. If a user makes a request and a member of a server load balancing team is down, the request will be directed to another server automatically. In some cases, load balancing software or hardware can distribute the load that’s placed on servers by noting which servers are busiest at the time of the request and then by directing the new request to a less burdened machine.

To satisfy general load-balancing requirements, Microsoft recommends that you use Windows Load Balancing Service (WLBS) as a load balancing software solution and Cisco’s LocalDirector as a load balancing hardware solution. WLBS supports up to 32 servers; LocalDirector supports up to 64,000. However, WLBS won’t work in OWA scenarios because WLBS uses round-robin DNS: When a request is made to a DNS server, the DNS server points the request to the next available member of the WLBS team. It doesn’t consider server load. Round-robin DNS works only with stateless ASP applications. Each user request is sent to the next server that’s a member of the WLBS team, but the new server interrupts the user’s ASP session. That means that users who try to access their e-mail via the OWA Server must log in every time they make another request.

Functionality
With Microsoft Outlook Web Access for Exchange Server, access to a user’s e-mail account is no longer restricted to a particular operating system. As long as the browser being used supports frames, access to important information is possible. OWA provides a true cross-platform messaging and application collaboration system. OWA is a MAPI application that’s composed of binary, HTML, and ASP script files. The scripts use Collaborative Data Objects (CDO) to access mailbox and public folder information that’s stored on the Microsoft Exchange Server computer. OWA also uses Microsoft Active Server Pages on the Internet Information Server. JavaScript and Java control, which are downloaded to the user’s Internet browser on demand, generate HTML pages.

Although the browser uses the downloaded JavaScript to perform some of the processing on the client computer, the Microsoft Outlook Web Access Server handles most of the processing that the Outlook Client usually completes. This server processing includes MAPI sessions, client logic, state information, address resolution, rendering, content conversion, and Remote Procedure Calls (RPC) communications with the Microsoft Exchange Server. The Exchange Server receives and completes requests that the Outlook Web Access Server makes. (These requests resemble requests from any MAPI client.)

The process
Here’s what happens when users open messages in their Microsoft Exchange Server Mailboxes using a browser with Outlook Web Access. First, a browser with the Outlook Web Access client sends a request to a Microsoft Internet Information Server and the OWA Server. This request includes a cookie that identifies the browser and the user. IIS accepts the request and hands it to Active Server Pages (ASP) for processing. ASP verifies that the cookie points to a valid ASP session and that the user making the request has logged on properly. Next, the Internet Services API (ISAPI) filter determines which language to use when displaying messages in the browser. Then, ASP opens the script that’s named in the URL and executes any server-side Microsoft Visual Basic script it contains. These scripts use CDO to open the message that’s in the user’s Microsoft Exchange Server Information Store. The message GUID is passed on within the query string of the URL. Next, The CDO rendering library (Cdohtml.dll) converts the requested message into HTML format, and IIS sends the HTML to the browser. Finally, the browser renders the HTML, including the embedded JavaScript.

Outlook Web Access security
You can configure Outlook Web Access to support one or more of several different types of authentication. As usual, there are advantages and disadvantages to many of these configuration options. The following configurations will authenticate OWA users:

* Anonymous
* Basic (clear text)
* Basic (clear text) over Secure Sockets Layer (SSL)
* Windows NT Challenge/Response (NTLM)

Anonymous authentication
If Outlook Web Access is set up to accept an anonymous connection, any user with access to the OWA Web page can use Outlook Web Access without specifying a Windows NT account name or password. When a user accesses OWA and makes an anonymous connection, Internet Information Server logs on the user with an anonymous (guest) account, which is a valid Windows NT user account. The default IIS user account is IUSR_computername. Be aware that anonymous authentication grants access only to resources that are anonymously published, such as public folders and directory content. Table A summarizes the advantages and disadvantages of using anonymous authentication.

Table A

Basic (clear text) authentication
When using basic (clear text) authentication, a user who tries to connect to OWA must supply a valid Windows NT account username and password. The user’s account and password are transmitted as clear text over the network to the Internet Information Server/Outlook Web Access Server. Validating users with basic (clear text) authentication gives them the ability to access an unlimited number of resources that are located on machines other than the Outlook Web Access Server. A user can access e-mail on one Microsoft Exchange Server and public folders on another Microsoft Exchange Server.

Since basic authentication transmits clear text passwords across the network, Microsoft recommends that you also use SSL. SSL encrypts all information that passes through IIS. Table B summarizes the advantages and disadvantages of using basic authentication.

Table B

Basic (clear text) over SSL
When using basic authentication over SSL, a user must specify a valid Windows NT user account name and password in order to access OWA. Usernames and passwords are transmitted as encrypted information over the network to the Internet Information Server/Outlook Web Access Server. Basic authentication over SSL allows users to access an unlimited number of resources, which may be located on machines other than the Outlook Web Access Server—just like basic (clear text) authentication does. Table C summarizes the advantages and disadvantages of using basic over SSL authentication.

Table C

Windows NT Challenge and Response (NTLM)
Windows NT Challenge and Response requires a user to specify a valid Windows NT user account name and password in order to access the OWA Server. The username and password are sent from the browser to the IIS as encrypted information. All information that the user wants to access must reside on the same server as IIS and the Outlook Web Access Server. Windows NT Challenge and Response authentication isn’t supported if IIS and the OWA Server are located on the same machine that contains Microsoft Exchange Server. Table D summarizes the advantages and disadvantages of using Windows NT Challenge and Response.

Table D

Multiple users
If multiple users are going to share the same computer and use it to access e-mail via OWA, Microsoft recommends that you disable local caching. Doing so lessens the chances that a message a user accessed via Outlook Web Access still resides on the local disk, where the wrong user could access it. Microsoft also recommends that you disable the Save Password option in Internet Explorer in order to lower the chances that a nosy user will access another person’s e-mail account.

Outlook Web Access installation
Below, I’ve provided a step-by-step guide that will explain how to install Microsoft Outlook Web Access. The test machine is a Windows NT 4.0 Server with Windows NT Service Pack 6a, Internet Information Server 4.0, and Active Server Pages installed.

1. Insert the Microsoft Exchange 5.5 CD-ROM into the machine on which you plan to install Outlook Web Access.
2. In the Setup Selection window, select Set Up Server And Components.
3. In the Choose And Install window, select Microsoft Exchange Server 5.5.
4. Accept the End User License Agreement.
5. In the Exchange Server Setup box, select Complete/Custom.
6. Make sure that the Outlook Web Access option is the only one that’s checked and click Continue. If you haven’t installed IIS 4.0 and/or Active Server Pages yet, you’ll be notified via a pop-up screen. (Setup won’t continue. You’ll have to stop setup and install the missing component(s).) Then, start these steps over. Please note that IIS 4.0, which can be found in the Windows NT 4 Option Pack, requires Internet Explorer 4.01 or later.
7. Exchange Server Setup begins and explains that it will stop the Internet Information Server Service.
8. Microsoft Exchange Server Setup prompts you for the name of the Microsoft Exchange Server to which the Outlook Web Access Server will connect.
9. Files are copied to the local computer. Services that OWA needs are stopped and started, and Outlook Web Access is installed.
10. Upon completion, a pop-up window appears and lets you know if all is well.
11. You’re finished.
12. To test your setup, open your browser, type the name of the computer that’s running Outlook Web Access in the address line, and press [Enter]. (The address probably will be something like https:://computername/exchange.)
13. You’ll be prompted for your username and password. You may need to include your domain name, too (such as domainname\username). Don’t check Save This Password, since that would allow anyone to access your mailbox from your computer.
14. You’ll be welcomed to your Inbox.
15. After successfully reading and sending some e-mail messages, remember to log off and close your browser. That way, you can be certain that no unauthorized users will view your mail.

Conclusion
Microsoft’s Outlook Web Access provides a quick and easy method of increasing the accessibility of your company’s e-mail system. Configuring OWA properly gives you a solid and secure method of remotely accessing e-mail. Of course, you must consider the variables when you’re implementing OWA. All Microsoft installations will be unique to your organization, so you should customize OWA accordingly. For more information on tuning and enhancing the performance of IIS and ASP, please point your browser here.

Microsoft Corp. Chairman Bill Gates has announced he is moving aside to let company president Steve Ballmer take the reins as the company’s chief operating officer. Gates, who will remain chairman, now has the title of chief software architect.

The announcement came amid reports that lawyers prosecuting the government’s case against Microsoft are pushing to split the company into two or three separate companies. However, company officials say yesterday’s change was planned long before Microsoft’s legal troubles.

How is the announcement being interpreted, and what will the change mean for Microsoft? Here are 10 links that explain yesterday’s news.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

* ·  The New York Times gives a thorough overview of yesterday’s announcement . Included is an analysis of Microsoft’s struggles with Internet competitors. The Times also has an article that quotes Ballmer as saying that the breakup of Microsoft into smaller companies would be “reckless.”
* ·  The Washington Post ran a profile of Ballmer this morning that quotes one Microsoft official as calling him “Microsoft’s ‘heart and soul.’“
* ·  MCNBC, which is partially owned by Microsoft, has a lengthy story on Ballmer that includes a “Ballmer-Gates Partnership” timeline.
* ·  If you have a multimedia player, you can listen to a report on National Public Radio’s All Things Considered that includes comments by Ballmer on the breakup.
* ·  Some of the most comprehensive coverage of the announcement has come from CNET, which includes an analysis of Gates’ continuing role in Microsoft as well as Microsoft’s move to Internet-based software.
* ·  A story in the Financial Times focuses on the challenges that Gates will face as the company’s “software architect” in a changing software environment .
* ·  You can also check out a press release on the announcement from Microsoft that includes numbers for the media and investor relations.
* ·  And while it’s not a free site, if you subscribe or have a trial subscription to The Wall Street Journal Interactive Edition, you can check out a thorough analysis of yesterday’s announcement.

What do you think about Steve Ballmer taking on the day-to-day working of Microsoft? What changes do you think are in store for Microsoft? How will this affect consumers? Post a comment below.

Microsoft Corp. Chairman Bill Gates has announced he is moving aside to let company president Steve Ballmer take the reins as the company’s chief operating officer. Gates, who will remain chairman, now has the title of chief software architect.

The announcement came amid reports that lawyers prosecuting the government’s case against Microsoft are pushing to split the company into two or three separate companies. However, company officials say yesterday’s change was planned long before Microsoft’s legal troubles.

How is the announcement being interpreted, and what will the change mean for Microsoft? Here are 10 links that explain yesterday’s news.

* ·  The New York Times gives a thorough overview of yesterday’s announcement . Included is an analysis of Microsoft’s struggles with Internet competitors. The Times also has an article that quotes Ballmer as saying that the breakup of Microsoft into smaller companies would be “reckless.”
* ·  The Washington Post ran a profile of Ballmer this morning that quotes one Microsoft official as calling him “Microsoft’s ‘heart and soul.’“
* ·  MCNBC, which is partially owned by Microsoft, has a lengthy story on Ballmer that includes a “Ballmer-Gates Partnership” timeline.
* ·  If you have a multimedia player, you can listen to a report on National Public Radio’s All Things Considered that includes comments by Ballmer on the breakup.
* ·  Some of the most comprehensive coverage of the announcement has come from CNET, which includes an analysis of Gates’ continuing role in Microsoft as well as Microsoft’s move to Internet-based software.
* ·  A story in the Financial Times focuses on the challenges that Gates will face as the company’s “software architect” in a changing software environment .
* ·  You can also check out a press release on the announcement from Microsoft that includes numbers for the media and investor relations.
* ·  And while it’s not a free site, if you subscribe or have a trial subscription to The Wall Street Journal Interactive Edition, you can check out a thorough analysis of yesterday’s announcement.

What do you think about Steve Ballmer taking on the day-to-day working of Microsoft? What changes do you think are in store for Microsoft? How will this affect consumers? Post a comment below.

Microsoft on Thursday divulged a few more details about its upcoming Internet Explorer 7, and admitted that its implementation of tabs — one of the most-requested new features — will be just “catch-up” to rivals such as Firefox and Opera.
Tony Schreiner, a Microsoft developer with the IE team, posted a lengthiest-yet description to the Redmond, Wash.-based company’s blog of how tabs will be implemented in the upcoming IE 7.

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

The browser is expected to roll into beta sometime this summer.

“Our philosophy for tabbed browsing is to keep the user in control of the experience,” claimed Schreiner at the start of the blog. He then went into detail on some of the tab features IE 7 will sport

Tabs will be turned on by default, Schreiner confirmed. In some situations, windows will continue to open in new, separate frames rather than in a new tab, but ordinary pop-ups will open in a new foreground tab.

“This seems to correlate with scenarios where showing a window on top of the current window is desirable, such as replying to posts on message boards and getting a close-up view of items on shopping sites,” said Schreiner.

Users will be able to open links in a new tab by middle-clicking on a three-button mouse, or Ctrl-clicking links. Keyboard shortcuts will be available for switching between tabs — Firefox, for instance, uses Ctrl-Tab — and users will be allowed to open tabs in the background or foreground, or open them in a new window.

At the moment, the plan is for each tab to operate on its own thread (as will each frame). Each tab is on a separate thread, and the frame is also on its own thread. Schreiner admitted that this would boost the memory footprint of IE, but argued that it would the browser to “feel faster and provide an overall better user experience.”

One of the more surprisingly lines in the blog, however, is an admission that IE is behind the times, something many users — and all Firefox proponents — have been saying for months.

“This core functionality is largely catch-up to other browsers which support tabs,” said Schreiner. “[But it’s] a necessary foundation for future work.”

Schreiner wouldn’t spill the beans on every aspect of tabs in IE 7. When blog readers posted queries about such features as moving tabs (to better arrange the tab lineup) and asked how tabs would look, Schreiner deflected the questions. “The UI and configurability are something we can’t really talk about right now,” he said. “[But] there will probably be another blog post about this closer to or shortly after Beta 1 release.”

In my post on free software titles that can be used to make money in consulting, one product that came up from TechRepublic members in this discussion (and others) is FreeNAS. FreeNAS is a software storage operating system based on FreeBSD that supports all of the major storage networking protocols. Right there is the big difference between it and some of the other products; FreeNAS is focused on storage networking protocols. This includes, but is not limited to, Common Internet File System (CIFS) as is used for Windows networking, FTP, NFS and iSCSI.

FreeNAS is very flexible, as it can be installed on direct hardware or within a virtual machine. Be sure to check Donovan Colbert’s tip on how to configure it as a VirtualBox virtual machine for a synchronization service. This is just the nature of FreeNAS, it can do a lot of different protocols and use cases for storage networking. As the name implies, it is free; and that is a good thing. In fact, features such as replication, deduplication, and other smart functionality that drive these solutions adds incredible value to the customer seeking free storage software.

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

FreeNAS isn’t new either, in fact I’m three years late in introducing FreeNAS here as Justin Fielding did just that in 2007 on this very blog.

The biggest area in which FreeNAS can’t help free software seekers is fibre channel storage management. While block storage is available via the iSCSI initiator and target functionality; the name is FreeNAS not FreeSAN.

Today, FreeNAS has a number of options available for easy-to-run use. This includes flash or embedded types of installs for USB sticks, small hard drives, and virtual machine appliances. To be fair, the free storage appliances such as FreeNAS and others like it are not on my priority list. The VMware Compatibility Guide dictates what products are on the supported configuration list for my virtualization platform of choice. For FreeNAS, the storage protocol is iSCSI and, like other products, iSCSI for VMware virtualization may work with products not on the support lists. However, this is not an area you want to rely on for a production workload, unless it is an acceptable risk. Mark it a call to diligence to trade off the costs of a supported solution with the free package that works for you.

See the companion gallery, “Configuring FreeNAS for CIFS storage connectivity.”

What is your opinion of FreeNAS? Share your comments below and tell me what you’d like to covered.

The Microsoft Knowledge Base (MSKB) is by far the most comprehensive resource for troubleshooting Microsoft products. It’s a database of support information that encompasses the entire range of Microsoft software and hardware. Love it or hate it, the MSKB is a masterpiece of documentation, and once you familiarize yourself with it, you can harness its power to make your support tasks easier.

The MSKB comes in two forms: an online version, which you can find at Microsoft’s Support Web site, and a local version available to Microsoft TechNet subscribers. With the TechNet program, individuals and organizations pay an annual fee to have the Knowledge Base, service packs, Microsoft Resource Kits, and other support tools sent to them on CD or DVD. The online MSKB is free.

Although the local and online MSKBs contain basically the same information, their search mechanisms are quite different. Here, I will explain how to efficiently use the online version. If you’d like to learn more about the local MSKB, check out my previous article.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

Accessing the online MSKB
Microsoft’s Support Web site, shown in Figure A, allows you to search the MSKB in several ways. You can search by entering a word or phrase in the Search The Knowledge Base text box to the left of the page, or you can perform a more detailed search by clicking Advanced Search And Help.

Figure A
Microsoft’s Support Web site is your gateway to the online MSKB.

The site’s exact layout is determined by your geographic location (and so are the types of search options available). The U.S. site often defaults to the Advanced Search options, while the UK and Middle Eastern sites default to displaying only the Simple Search options.

Since I’ve found that the Advanced Search options more often provide the information I need, I recommend you use them. These options may appear either on the left side or center of the screen. The layout of these options is also determined by your geographic location, but both sets of options (shown in Figure B and Figure C) work equally well.

Figure B
These Advanced Search options will be displayed in the center of the screen.

Figure C
These Advanced Search options will be displayed to the left of the screen.

Tips for international users
I guess the term international user refers to any user outside the United States (myself included). To accommodate international users, Microsoft’s Support Web site should automatically adapt itself to the language and locale currently configured on your computer.   If this doesn’t happen and you are presented with a site you cannot understand, you can manually change the site’s language by clicking the International Support link located on the bottom-left corner of the page. This configuration will be saved in a cookie on your machine, and each time you access Microsoft’s Support Web site, it will be displayed in the language you chose.
Searching the MSKB
Let’s look at various ways to locate the information you need quickly and effectively. If you’re lucky, you may already have an article’s Q-number (e.g., Q123456). Every MSKB article is assigned a unique Q-number, and this unique identifier is the easiest way to find a specific MSKB topic. If you have a Q-number, simply enter it into the text box under Search The Knowledge Base and click the green arrow button.

But often, it’s likely that you won’t have a Q-number when you begin your search and will have to start from scratch. The easiest way to do this is by searching for a word or phrase.

Use exact phrases
You’ll usually want to search for exact phrases when attempting to troubleshoot an error message, error code, log entry, memory address conflict, and even cryptic hexadecimal codes. Searching for exact phrases is fairly straightforward; simply enter the text as your search string, select The Exact Phrase Entered from the Using drop-down list, and click the Go button (the green arrow). For example, searching for the exact phrase WINWORD caused an invalid page fault in MSO9.DLL yields several workarounds for this problem.

A word of caution: Do not use quotation marks to group search terms into a sentence. Unlike Internet search engines, such as AltaVista, Google, Yahoo, or Microsoft’s own TechNet InfoViewer, the online MSKB completely ignores quote marks contained within the search string.
Write it down
The first rule of troubleshooting error messages is to write down the message. Save yourself some time; don’t rely on users’ vague descriptions of alerts. Having the exact wording can turn a potentially exhausting troubleshooting nightmare into a neat, quick fix.
When a problem yields no error message
There are always times when you just can’t provide one exact, fully formed sentence that describes the information you need. This is particularly true when the problem you’re trying to fix isn’t accompanied by an error message, or you’re trying to find out more information about a general issue rather than a specific error message.

This is where the Select A Microsoft Product drop-down list becomes handy. Before entering your search terms, select the product to which your search relates. This feature narrows the results by filtering out irrelevant topics. For example, if you’re tracking down a Windows 2000 user access problem, select Windows 2000 from the list to prevent your results list from being flooded with articles about Microsoft Access.
Don’t limit yourself to individual applications
You’ll find product suites and specific applications in the products list. For example, the MSKB article “XL: Error Message: Too Many Different Cell Formats” (Q213904) applies to any version of Excel 97 or later, including Mac editions. Hence, it would be listed under each of the following products: Office 97 for Windows Suite, Office 2000 Suite, Excel 97, Excel X for Mac, Excel 2000, and so forth.
Use creative search strings
Describe the problem’s observable symptoms. Avoid overly technical descriptions; instead, describe the problem from the user’s point of view. Refer to interface items, menu items, window titles, and so forth. If a particular search string fails to yield the information you need, rephrase the string using synonymous words until the results become relevant. For example, use the words stops responding instead of hangs, or use set up instead of install.

Some symptoms can also be described with several different terms, all of which are equally valid. The terms greyed out, grayed out, and disabled can all be found in various MSKB articles describing similar conditions.
Try various word forms
One of MSKB’s most annoying shortcomings is that the search engine doesn’t provide stemming. In other words, it doesn’t have the capability to search for alternate grammatical forms of search terms. For instance, the article “Remote Access Service (RAS) Error Code List” (Q163111) won’t be returned if you queried titles only for RAS error codes, because the word code appears in the article’s title instead of codes. To get around this problem, you often have to use various forms of your search terms, such as display, displays, displaying, and displayed.
Fine-tune your searches
As with any search system, two factors control the number of hits: the number of search terms provided and the search scope. The search scope can be set by selecting the appropriate radio button, Title Only or Full Text, which narrows or broadens the results, respectively. Also, try adjusting the search string. Unless set to Any Of The Words entered, the search engine treats search terms as if they had the and operator between them. So more search terms impose more limitations on the search engine and yield fewer results.

Browse your search results
There are various ways to browse the results. At the top of the results page, you should see the tabs shown in Figure D. Using these tabs, you can browse the search results page in three views: Refine Your Search, Preview Articles, and View Results Only.

Figure D

If you have a relatively fast Internet connection, I recommend using the Preview Articles mode, which provides a split-screen interface. It allows you to skim through articles without losing touch with the result set. Alternatively, you can press [Shift] and click the articles’ title links to open the articles in a new window for a quick peek.

Express search using Google
My final search tips come from my fellow TechRepublic members. In response to my previous article, member Uber Geek suggested setting Google to search Microsoft’s Support Web site, superseding TechNet’s internal search mechanism. Because Google usually provides the results considerably faster than Microsoft’s search, this little trick can save you loads of time. Member Gbakken posted a follow-up and offered a link that leads directly to a Google Web page that is set to search Microsoft’s

Microsoft should be concentrating on securing Windows instead of trying to challenge security software companies, according to research firm Gartner.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

Microsoft has bought two antivirus companies and an anti-spyware company–the latter acquisition has already produced an anti-spyware application for Windows–since Chairman Bill Gates launched the Trustworthy Computing Initiative. That effort changed the company’s coding practices to make security developers’ first priority.

But Microsoft has missed an opportunity to make it clear what role it wants to play in the security market, by not stating its intentions, Gartner analyst Neil MacDonald said in an advisory published Friday. The company needs to “articulate whether it plans to be a leader in consumer and enterprise security solutions across desktop, server and server gateway,” he said.

“Microsoft’s overriding goal should be to eliminate the need for (antivirus) and (anti-spyware) products, not simply to enter the market with look-alike products at lower prices,” MacDonald added.

In the advisory, MacDonald predicted that Microsoft will launch a combined antivirus and anti-spyware product by the middle of 2005. That software will directly compete with established products such as Norton Antivirus from Symantec, he said.

“This move will challenge antivirus vendors that depend heavily on revenue from consumers–such as Symantec–and vendors that derive substantial revenue from upselling enterprises to antivirus product suites that include desktops and servers, such as McAfee and Computer Associates,” MacDonald said.

James Turner, security analyst at Frost & Sullivan, told ZDNet Australia that Microsoft’s security strategy is a “commercially sensitive” area and that the company is not obliged to reveal its strategy.

“The fact is that Microsoft have purchased a number of security-oriented companies–anti-spyware and antivirus. You don’t buy a number of companies for the fun of it. This is part of a long term strategy,” Turner said.

Additionally, Turner said Microsoft’s attitude to security has changed since the launch of its trustworthy computing initiative. He pointed to the company’s response to the recent attack on MSN Messenger.

“You don’t just judge a company by what they say, you also judge them by what they do. Microsoft’s recent clampdown on MSN Messenger to repair the vulnerabilities there is a clear sign that Microsoft can mobilize very quickly when something is completely within its control. If Microsoft was ignoring security, the market would punish it and so would the legal system,” Turner said.

Gartner’s MacDonald also rapped Microsoft’s decision to create an updated version of Internet Explorer (7.0) for Windows XP only, hinting that motive for the decision could be to push corporate customers into upgrade their systems from Windows 2000.

“The decision to restrict IE 7.0 to the XP platform also suggests that Microsoft wants to force users of older platforms to upgrade, if they want improved security,” he wrote. “If Microsoft wishes to be seen as a responsible industry leader in maintaining security for its products and its customers, it should provide IE 7.0 for Windows 2000 users.”

MacDonald said that Microsoft should rebuild IE with security in mind from the bottom up, rather than make “evolutionary” security improvements to the browser software.

The Gartner advisory concludes with recommendations that are likely to cause some concern to traditional antivirus vendors.

The research firm suggests that corporate customers demand that their antivirus provider offers an enterprise-class solution–including anti-spyware–at no cost by the end of this year. It also advises businesses to demand a “converged desktop security product with antivirus, anti-spyware, personal firewall and behavior blocking at a total price no more than 20 percent higher than what you now pay for standalone (antivirus).”

So there I was trying my best to get a midlevel Microsoft manager to take the bait.
“Does Microsoft now feel confident it’s found a way to slow the rise of Firefox–maybe even win back some lost customers?”

Earlier in the day, Microsoft Chairman Bill Gates was onstage at the RSA Conference in San Francisco to unveil a beta of an updated version of Internet Explorer, a Web browser that’s been begging for new security features–let alone a facelift–for ages.

Microsoft promoted the introduction as a big deal. Naturally, I thought my interlocutor would jump at the opportunity. C’mon, I thought, run some jive about how IE is all ready to rout those pests from the Mozilla Foundation once and for all.

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

Instead I was left high and dry. All I got was marketing mumbo-jumbo about how the company strives to do good by its customers and that’s the ultimate payoff–and so on and so forth.

Maybe that’s the standard PR practice “going forward,” as the jargon-meisters are wont to say. But Microsoft wasn’t always so reluctant to speak frankly. In fact, the company was damn good at sticking it to the competition.
The competition from Firefox is forcing the company to step things up.

During the early 1990s rivalry with IBM’s OS/2, Microsoft pulled out all the stops to make sure reporters were convinced the world was a better place because of Windows. Microsoft’s marketing prowess came in handy because IBM had a better product. The reason OS/2 failed was because Big Blue was utterly inept at making its case.

Company executives were too high-minded to call a spade a spade. Instead, IBM excelled at putting reporters to sleep with mind-numbing recitations of all its customer advantages. Maybe it was a corporate culture thing, but Microsoft was faster, smarter and meaner–and it paid off. Management knew what was on the line: nothing less than control of the PC desktop and the potential billions of dollars in future revenues that would accrue to the winner.

A similar scenario played out later in the decade during the so-called browser wars. Microsoft executives had no compulsions about trashing Netscape–publicly or privately–to reporters. (Was it really true that Marc Andreessen was “a cheeseburger-addicted frat boy,” as I recall hearing during one singular briefing back then.)

Again, the stakes were high. Netscape sought to replace Microsoft Windows with its Navigator Web browser as the de facto application development platform for personal computers. Had the strategy succeeded, Gates and Microsoft CEO Steve Ballmer today would be pumping gas for a living.

History obviously worked out differently. IE ultimately caught up and then surpassed Navigator. The company’s aggressiveness also ran afoul of antitrust statutes and Microsoft wound up in a drawn-out court battle with the U.S. Justice Department.

Firefox poses the latest challenge. The Mozilla folks say they have registered more than 25 million downloads since the release of Firefox 1.0 last November. Not too shabby a performance, even if some of those 25 million happen to be multiple downloads. Full disclosure: Yours truly switched from IE to Firefox last fall and hasn’t regretted the decision for a second.

Microsoft’s brass remains low-key, but the competition from Firefox is forcing the company to step things up. The beta version of IE 7 for XP SP2 will be ready later this summer. For Microsoft, which fought tooth and nail over the years to keep the browser fused to the Windows operating system, this is quite a big deal.

It’s a gamble, but it’s also a sensible idea. The next version of Windows is due out sometime in 2006, and Microsoft is notorious for missing shipping dates for the release of operating systems. Microsoft can’t wait another two years to answer the challenge from Firefox. But if the interim browser update fails to stem the tide, get ready for a flood of verbal pyrotechnics coming out of Redmond.

Microsoft Corp. announced that Microsoft Dynamics AX is positioned as a Leader in the Magic Quadrant for ERP for Product- Centric Midmarket Companies 2010, a research report published by Gartner Inc. In the same report, which this year evaluated global enterprise resource planning (ERP) products specifically tailored for companies with 100 to 999 employees, and with annual revenue between $50 million and $1 billion, Microsoft Dynamics NAV is recognized as a Niche Player.

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

Microsoft Dynamics AX has a long track record of customer success and has experienced above-average growth rates in the midmarket. The solution features an friendly and easy-to-learn and -use Microsoft Office-like user interface, and RoleTailored dashboards. Microsoft Dynamics AX further provides a flexible architecture and solid foundation for partners to develop vertically specific solutions.

“We believe being recognized as a Leader demonstrates our commitment to enabling dynamic businesses,” said Crispin Read, general manager of Microsoft Dynamics ERP, Product Management Group, at Microsoft. “Our focus on simplicity, value and agility is key to maintaining our position as a leader in the ERP industry.”

Microsoft’s broad partner ecosystem provides a wide variety of individual solutions built on Microsoft Dynamics NAV, a highly configurable solution, to serve the specific needs of local and industry-vertical customers.

While Microsoft Dynamics NAV is targeted at midsize organizations with specialized and locally relevant business needs, Microsoft Dynamics AX supports global midsize and larger organizations operating in multiple locations, as well as organizations looking for a single ERP solution to manage subsidiaries, divisions and branch entities while maintaining a separate headquarters solution.

Organizations around the world benefit from Microsoft Dynamics ERP solutions:

Microsoft Dynamics AX

-Patagonia, a global provider of outdoor apparel and gear, worked with Microsoft Gold Certified Partner Sunrise Technologies to implement Microsoft Dynamics AX 2009. Together with the partner solution, Patagonia was able to cut costs associated with growth by two-thirds, improve inventory turns by up to 30 percent and fill by up to 10 percent, respond quickly to changing market demands and trends, eliminate redundant data entry and manual tasks, and enable business managers to now receive forecast results in one day that before used to take a couple of weeks to reach them.

-Peet’s Coffee & Tea, a premier specialty coffee and tea company in the United States that is poised to sustainably manage its significant growth, increased transaction traffic across multiple channels, improved reporting capabilities and Federal Drug Administration and Securities and Exchange Commission compliance, and started receiving meaningful, accurate information with a combined solution using Microsoft Dynamics AX and Junction Solutions.

There’s a new IT career path at Microsoft Services for project management professionals, spelling potential for 150 new project management positions paying “in line with the industry,” according to Christian Jensen, worldwide PMO program manager at Microsoft.

The new role, available to both internal and non-Microsoft employees, also indicates that project management expertise within the consulting industry is in more demand than ever. That’s because those interested in the jobs (search on project management at Microsoft.com/careers), or consultants considering expanding client services to compete with Microsoft’s new service branch, will need to have the Project Management Professional (PMP) Certification from the Project Management Institute (PMI).

Consulting division prompted new role
Last January, Microsoft chose PMI’s PMP certification program as its certification choice for the consulting aspect of Microsoft Services.

The PMI program beat out notable competitors, such as the CompTIA IT Project + and the International Project Management Association’s Certificated Project Manager and Certificated International Project Manager.

Microsoft’s consulting arm, where the new PM positions live, employs 4,000 of Microsoft’s nearly 55,000 employees.

In creating its PMI relationship, Microsoft joins the ranks of other corporations such as Unisys Corporation, KPMG, IBM, and AT&T that officially recognize the PMP as the official certification for project management professionals.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

Microsoft said it went with the PMP because of its global distinction. The PMI has more than 100,000 members in 125 countries, 54,000-plus of whom have the PMP, according to a PMI spokesperson.

The new positions
Microsoft Services’ project management title developed out of a need to meet the increasing demands of customers. Previously, product managers filled the PM role, but as more project teams required greater project management expertise, the company decided to create four new PM job grades, according to Jensen.

The job levels, Project Manager I to Project Manager IV, have specific responsibilities, roles, and training requirements, as outlined below.

Project Manager I
Responsibilities:

* Manage teams of up to five people, or the equivalent of $500,000 in time and materials from project revenue
* 65 percent of time spent on projects
* 20 percent on proposal development
* 15 percent on mentoring

Training/Experience:

* Microsoft Solutions Framework (MSF)
* PMI Certified Associate Project Management
* Project Management Basics for Team Leads (PMBTL)
* Project Management for IT Professionals
* Microsoft Project Fundamentals
* Performance Xcellence/Problem Solving Methodologies (Six Sigma)
* Up to 5 years managing projects

Project Manager II
Responsibilities:

* Manage teams of up to 10 people, or the equivalent of $1 million in services revenue
* 60 percent of time spent on projects
* 20 percent on proposal development
* 15 percent on mentoring
* 5 percent on quality improvement

Training/Experience:

* PMI Certified Project Management Professional
* Advanced Areas of Knowledge in Project Management
* Fundamentals of Six Sigma
* Up to 10 years managing projects

Project Manager III
Responsibilities:

* Manage teams of up to 20 people or the equivalent of $2 million in services revenue
* 55 percent of time spent on projects
* 25 percent on proposal development
* 15 percent on mentoring
* 5 percent on quality improvement

Training/Experience:

* PMI Certified Project Management Professional
* Six Sigma and Project Improvement
* Up to 15 years managing projects

Project Manager IV
Responsibilities:

* Manage teams of up to 40 people or the equivalent of more than $2 million in services revenue
* 50 percent of time spent on projects
* 15 percent on proposal development
* 15 percent on mentoring
* 20 percent on quality improvement

Training/Experience:

* PMI Certified Project Management Professional
* Enterprise Programs for Project Management
* More than 15 years managing projects

Jumping on the career track
To get on the project management career track, candidates need to be extremely technical and have obtained at least a senior consultant designation at Microsoft Services. The senior consultant has three distinct career paths—management, technical, or project management.

Microsoft employees are able to get on the PM career path by working with their manager and Microsoft’s Global Skills Profiler, a tool in its Microsoft Professional Development Framework. The framework is used by full-time, part-time, or temporary Microsoft employees.

The Global Skills Profiler assesses people across nine project knowledge areas with zero to four ratings. First, the worker does a self-assessment, and then the manager evaluates the employee. The two scores are compared and contrasted to arrive at an agreement that helps the worker identify strengths and weaknesses and lay out a career development path, including the steps necessary to achieve it.

Going for the PMP
One of those steps for getting hired as a PM grade II to IV is achieving the PMP—described as “an arduous process” by manager of professional development programs at PMI, John Roecker, E.D.D.

First, PMP candidates have to verify, via essay questions, the number of years of experience they have in nine knowledge areas and five process areas of the PMBOK, the PMI’s tome of project management knowledge. Each year, a set of applications is randomly selected and audited to keep applicants on the straight and narrow.

Then the applicant must study for a four-hour test. Classes offered through local, independently incorporated PMI chapters can cost $1,000 for 40 hours of classroom time, said Roecker. Applicants are also given extensive homework and advised to study the PMBOK guide.

Finally, the applicants sit for the PMP certification test, which costs $405 for PMI members, $555 for nonmembers. (A membership to the PMI is $119 annually.)

Project management pay
While Microsoft’s Jensen declined to reveal the pay scale for the four project management employment grades, he said, “Each package would be really tailored to the individual” and includes a base salary, performance rewards, equity investment/stock perks, and even an automobile, in some countries.

According to a PMI 2000 survey, professionals who obtained the PMP made a mean total of $5,000 or six percent more on average than those without the certification on a global basis. In the United States, the mean differential in wages for those with and without the PMP was $9,000, or 10 percent.

Pros and cons of the Microsoft PM career
The time and labor commitment to the PM career path shouldn’t be taken lightly, and the new PM job role at Microsoft should also be given serious consideration. Microsoft’s Jensen is quick to share both the up and downsides of a career as a PM at Microsoft.

Along with the potential for extra earning power, a PM at Microsoft can enjoy the support of colleagues in ways not offered at other companies. Microsoft has a Services Business Management Process portal where all consultants can go to access records on consistent and repeatable processes.

“Wherever you are in the [project development] process, the consultant can go there and grab the tools and resources they need to support the place that they’re at in the process at that time,” said Jensen.

Two sets of frameworks are available to support the consultants: the Microsoft Solutions Framework, used in the development and delivery of a solution, and the Microsoft Operations Framework, used after a solution is delivered to provide service-level and operational agreements to sustain the version of the project that Microsoft has rolled out to the customer.

While all that support is certainly helpful in an employee’s day-to-day work, there are inevitable, unpredictable hiccups of doing business on a global level.

The difficult parts of the job happen when unexpected organizational changes arise, such as an executive project sponsor leaving. Bankruptcies and political upheavals also add to a project’s uncertainties and a PM’s stress level.

“That’s a challenge, and sometimes we don’t know that those will be coming,” said Jensen. “I don’t think a lot of us expected Enron or Kmart. But we have a continuous risk management process, so some of those things we can see in the near future.” That’s definitely more than a lot of companies offer—an early warning shot about potential trouble spots with clients.

From an outsider’s perspective, working with Microsoft on establishing its project management career path has been exciting and rewarding for Roecker.

“I have really enjoyed working with Microsoft as we have developed the professional development program, being rolled out internally to all their project managers,” said Roecker. “To go beyond that…we will be growing the relationship with Microsoft.”

In addition to the critical security threats from Microsoft that I covered in last week’s column, the Redmond software giant has also issued a flurry of medium-level security threats that Windows administrators need to be aware of.
Details

MS04-018, “Cumulative Security Update for Outlook Express,” is caused by a failure of Outlook express to properly handle some specifically malformed e-mail headers. This is a DoS threat and Microsoft reports having seen published exploits but hasn’t received any reports from customers that have been compromised by the exploit. This threat is covered by CAN-2004-0215

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

MS04-019, “Vulnerability in Utility Manager Could Allow Code Execution,” is a local elevation of privilege threat that can’t be exploited remotely. MSBA will report if your system needs this update and Systems Management Server (SMS) can help deploy it.

MS04-020, “Vulnerability in POSIX Could Allow Code Execution,” is an unchecked buffer vulnerability in the Portable Operating System Interface for UNIX. MSBA will report if your system needs this update and SMS can help deploy it. This threat is covered by CAN-2004-0210.

MS04-021, “Security Update for IIS 4.0,” is a buffer overrun vulnerability in the redirect function that can allow remote execution. MSBA will report if your system needs this update and SMS can help deploy it. This threat is covered by CAN-2004-0205.

MS04-024, “Vulnerability in Windows Shell Could Allow Remote Code Execution,” replaces MS03-027 for Windows XP (but not for the other affected operating systems). This threat is covered by CAN-2004-0420.
Applicability

MS04-018 applies to all versions of Outlook Express from 5.5 through 6, including operating systems from NT 4.0 through Windows Server 2003.

MS04-019 affects all versions (and all Service Packs) of Windows 2000.

MS04-020 affects all versions of Windows NT 4.0 and all versions of Windows 2000 (and all its service packs).

MS04-021 affects Windows NT Workstation 4.0 Service Pack 6a and Windows NT Server 4.0 SP6a (but only with IIS installed as part of the NT 4 Option Pack).

MS04-024 affects all versions of:

* Windows NT 4.0
* Windows 2000
* Windows XP
* Windows Server 2003

Windows 98, 98 SE and ME may be affected by all of these threats, but since none of these flaws are a critical threat to those operating environments, updates are not provided by Microsoft (which limits support for discontinued operating systems to critical-only updates).
Risk level – Important to moderate

MS04-021 and MS-024 are both remote code execution vulnerabilities that allow a remote attacker to run arbitrary programs and take complete control over the vulnerable systems. I would rate these as critical rather than the moderate rating Microsoft has given them.

MS04-020 is a local elevation of privilege threat and can’t be exploited remotely or without detailed information about the system and access to it.

Although MS04-019 can allow someone to take complete control over a system, it is rated a moderate threat because it can only be exploited locally by a legitimate user. This is not a remotely executable threat or one that could be executed by a complete stranger.

MS04-018 is considered only a moderate denial of service threat because successful execution would cause only Outlook Express to fail, not the operating system or other applications.
Fix – Apply the patches/updates provided

Please check the Microsoft bulletins before taking any action on these vulnerabilities, because several of the bulletins have been updated multiple times.

A partial workaround for MS04-018 is to disable the preview pane (View, Layout, and uncheck View Preview Pane). This doesn’t completely remove the threat, but it does make it easier to remove the offending message.

There is no workaround for MS04-024.

As mentioned above, Windows 98, 98 SE, and ME are no longer supported except for critical threats, so no patches are available for those operating systems. Also, Windows NT Workstation 4.0 has also just passed out of normal support, but Microsoft already had a number of these patches prepared for that operating system and has included fixes for it in these updates.
Warnings

MS04-019 (Utility Manager bulletin) – In addition to fixing the vulnerability, applying this update will eliminate access to context-sensitive help from the Utility Manager.

MS04-021 (IIS 4.0) – There is apparently a problem updating with the ISAPI filters running (see knowledge base article 873401). That’s what Microsoft says. Actually the problem is a complete crash-and-burn, so I’d pay attention to this knowledge base article if I were applying this patch. The IISLockdown tool installs URLScan and will protect against this vulnerability. See the workarounds section of the Microsoft bulletin for directions on configuring the tool. Also, the workaround using URLScan will block all incoming requests larger than 16K. IIS can be disabled or stopped in IIS Manager or removed, but this will also block other Internet services, such as the IIS SMTP service.

MS04-024 (Windows Shell) – Active X features may be limited by some of the recent IE patches and this patch refines some previous changes in IE 6 Service Pack 1 that may prevent other cross domain vulnerabilities. The update can prevent attackers from moving code execution from the Internet Zone to the more permissive Local Machine security zone.
Final word

As for the problem in Outlook Express, MS04-019, I don’t believe this software belongs on any business system. In fact, I don’t even use the full version of Outlook because it is tied to, or is the source of, so many vulnerabilities. Thus, my personal best practices would have avoided this problem entirely. None of my clients use Outlook Express and if any of them use Outlook, it is against my advice.
Also watch for …

* Secunia has released an advisory for an unspecified mod_ssl 2.x (mod-proxy) threat in Apache that the security vendor has rated as highly critical because of the widespread critical applications in which Apache is used. No further details were available but the vendor that reported the threat recommends immediate update to version 2.8.19-1.3.31.
* Beagle/Bagle is once again showing its teeth. Fast-spreading and virulent, the latest incarnation of Beagle/Bagle (the one known as Beagle.AG at Symantec) has its own SMTP mail engine and opens a backdoor at TCP 1080. Click here for a number of Beagle removal tools.
* According to a CNET news.com report, the new Atak mass-mailing worm actually watches for antivirus software activity and, when it begins a scan, Atak shuts down so it won’t be discovered. It doesn’t carry a dangerous payload but Atak is part of the new generation of worms that are intended to spread spam. F-Secure’s lead virus specialist says that while many viruses and worms attempt to hide, this one is exceptionally good at it.
* In the “it had to happen someday” category, you can now place bets (they are actually a kind of futures options) on an Irish sports betting site (tradesports.com) about when the next big worm or virus attack will take place. See this ZDNet UK story for more details and get your bets down early!
* There is a Gentoo php update that is rated highly critical. It addresses two apparently unrelated vulnerabilities that can allow an attacker to completely compromise a system. See the full advisory here. Another moderately critical vulnerability in Opera for Gentoo Linux 1.x has been patched. The impact of this threat is phishing related. See this Gentoo-announce report and this Gentoo Linux Security Advisory for more details.