Here is a little tidbit that I've been meaning to post for some time now (sorry the move kinda had me side tracked).  Anyhow, I was working with MS support on a Windows Server 2003 certificate template issue.  To show the escalation engineer that the issue was reproducible, I replicated (or at least thought I replicated the issue just before leaving for Japan) using a 2008 based CA within my home lab.

Read more

This weekend I went with Maiko and two of our friends to a Tokyo neighborhood called Kichijōji (吉祥寺).  I hadn't been there yet, so I wasn't sure what we would find.  Needles to say, it was a pretty interesting place which was dominated by a large and dynamic shopping area. This was not just another boring department store or Ginza-like area.  Kichijoji is crazy busy, and full of life.

Read more

If you may have remembered, I once made the following comment in a previous post of mine: "Interestingly, enough this was also what GreenBorder did before they were purchased by Google."  In that post I happened to be talking about a favorite program of mine called Sandboxie.

Well, with the release of Chrome... the truth has recently surfaced to as why Google snatched GreenBorder up.  Naturally, I had my suspicions after Chrome first releases given the "sandboxing" that Chrome was doing.  As I said in the past... I just haven't gotten around to doing a deep dive, thus I haven't really dug into the technical aspects of this new browser.  But, then again... I'm also a little concerned with Google becoming the gatekeeper for everything.  So, I'm going to wait a bit to see where this goes.

Anyhow, it wasn't until reading through a portion of this article on ars technica and seeing something that seemed very familiar that the little light went on.  For you see, as the author points out (using fancy language), one of Chrome's security features is to intercept and rewrite API calls.  **Ding** That is pretty much what GreenBorder hence why Google purchased them.  :>)

Disclaimer

Well, the truth is... I actually know some of the members of the development team.  I used to work with them at a little company called New Moon Systems.  That being said... these guys are a really good at understanding the internals of Windows development.  So, when it comes to the question in the article about whether or not Google reverse engineered Windows, I just need to smile.

Read more

Ok, I about busted a gut when a co-worker of mine brought this can of interesting food in for me from Akihabara.  The can of food is called Oden （おでん）.  As you can see from the following picture, there is an interesting little guy on the front whose name is Gates-chan.  Yes, that is supposed to be good old Bill Gates!

Not to be confused with a traditional Japanese food, these Oden food cans are apparently very popular within the Japanese Otaku culture.  In fact, there is one vending machine in Akihabara that is very famous for dispensing Oden food cans, from which this can most likely came from.  :>)  On my next trip, I will try to take a picture.  Also, on an interesting side note… there are many different foods that you can get in an Oden can.  These foods range from Oden-currey, Oden-bread, Oden-ramen, etc…

The whole concept is just buy, pop, and eat!

Wow, this has been one crazy weekend.  My Friday night started out by riding the train from Tamachi station to Shibuya station.  I thought the train was crowded when I first got on, but by the train arrived at Shibuya station it had become a sardine can.  So, there I was, cowered in the corner, not needing to hold on to anything because "other bodies" were holding me up.  In other words, crazy packed...

Read more

As promised, this is the first in a series of postings about my daily experiences while living in Japan and the many technological marvels that I'm sure to discover while here.

Please note that these posts are in addition to my normal "Microsoft and Technology" based posts.  In other words, I'm doing this because I thought that is might be interesting to talk about how a run of the mill IT Geek adjusts to living outside in a very foreign land.  Ok... disclaimer, Japan is not that foreign.  I've been to Japan numerous occasions for either business, vacation, or to see family.  :>)  In either case, my experiences should make from some interesting reading.

Anyhow, moving on...  Actually living and having to function in Japan has been a very eye-opening experience.  Granted it's only been a week, but I've started to notice things at a completely different level then from my past "short stays" here.  For starters, I've been very dependent on my wife for a number of different things.  For example, just getting an Internet connection installed at your house can be daunting task if you don't have a native speaker in tow.  And, this isn't because you can't do it, Japanese customer service is amazing and most people here will do almost anything to help you.  Instead, trying to do certain things yourself is very time intensive, not to mention the numerous chances for miscommunication about what you are actually buying.

Read more

We crossed the International Date Line about an hour ago and I ran out of movies to watch.  Considering that I have a couple hours to kill, I figured it might be a great time to write up my next post.

I typed this on Tuesday during our flight.  But, I only just now got around to posting this entry.  This is a long story and I will explain in my next post.

Let's see, last time, I was talking about my move, a little about Chrome (no I haven't installed it yet), and my need to better protected personal information (in other words eat my own dog food).   I also believe that in my last post, I needed to explain the solution I was devising to achieve my data protection goal.

That being said, let's summarize my requirements.

Read more

Well, we moved out of our house and this week I have been focusing on getting everything ready for our move to Japan next Monday (September 8^th).  That being said, the vacation is over, and it's time to start blogging again.  :>)

To start things off, I figured I talk about Google Chrome.   After all, it seems like just mentioning it will guarantee someone will read this post (HA, seriously enough people!).  Anyhow, I haven't had the chance to really look at it.  But, I wasn't really surprise about the announcement.  Instead, it was just a matter of time before Google did this, and in doing this they have:

Read more

In case you have noticed, I haven't been blogging that much lately.  No, I'm dropping off... instead there is a really good reason.  Changes are in the works, and I've been a bit busy putting those changes into place...

As of September 8^th, I'll be moving to the land of the rising sun (Tokyo - Japan).  That being said, I have been taking care of a number of personal items over the past few weeks, hence the low number of postings on my blog.  Anyhow, after completing the move, I've decided to change the format of blog around to spice things up.  The following is a summary of these changes:

Read more

For bloggers there is a constant push to post content.  In some cases, the content is new, original, and even sometimes funny.  However, there are also some cases that the push is either too demanding or for certain monetary reasons that a blogger might choose to turn to a set of dubious activities:

Read more

I ran into an interesting problem today.  Basically, a whole bunch of machine accounts got deleted from a domain.  Because the machine accounts where spread across numerous OUs, the sheer numbers delete accounts, and the duration between deletion and realization, doing some type of restore would have proved interesting.  So... the question was posed.  How can one remotely make a large number of machines re-join the domain once their accounts have been deleted from the directory?

Read more

I ran into an interesting problem the other day.  Basically, one of the admins at my client site needed to a Server Authentication certificate for an OCS pool he was bringing online.  Naturally, considering this is OCS, the certificate needed a bunch of Subject Alternative Names (SANs).  So, I told him to submit a CSR and I would get it approved.

However, there was just one problem.  When he submitted the request, the Windows CA barfed stating:

"Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Certificate Services policy: WebServer/MyCustomWebServer"

Read more

Hey now... I blogged about VMware's foray into the PowerShell realm last year.  Looks like earlier this week VMware finally "released" their Infrastructure Toolkit.  You can download the toolkit here: Link

Read more

Yup, I can agree with that statement...  After all, I consider FDE as a default pillar in any good information loss protection framework.

Yet for some reason, it seems that most IT shops have now become entranced within the data loss protection (DLP) hype.  Thus, DLP has now become everyone's favorite silver bullet.  And, a lot of DLP companies are preying on this fallacy by pushing their products as end-all solutions to IT shops desperately seeking to fulfill, regulatory compliance needs, an executives whim, or even possibly used to correct holes found after their latest security incident.

Read more

In my last post, I told the tale about my travels with UAC and Pre-Vista/2008 Ready Applications.  In tonight's post, as promised, I'm going to attempt to explain why UAC and Pre-Vista/2008 Ready Applications interact they way they do (in a semi fairytale format).  Hopefully... you all like it.  :>)

Read more

In tonight's post I provide a background story about UAC and Pre-Vista/2008 Ready Applications.  In my next post, I will then go over the technical reasons for why UAC and Pre-Vista/2008 Ready Applications interact the way they do.  Enjoy...

UAC has always been a pain in the butt for me.  However, un-like most people the source of my pain is a little different.  Thus, rather than griping about everyone's favorite UAC pop-up, I get annoyed when dealing with Pre-Vista/2008 Ready Applications.

***cough*** ipconfig **** anyone!

Read more

You had to see this one coming. After all, I wrote a book about it. However, I'm still amazed at the number of people that don’t know what PowerShell is. So, here is my pitch, hopefully people take notice: Those of us that have suffered through the Windows Script Host era, and glued together Windows command-line tools can now rejoice in something that is powerful.

Read more

NetworkWorld just recently launched their Google Subnet.  Hurray!  I'm not sure if any Microsoft Subnet lurkers have peered across the pasture or not.  But, if you did, ya might have noticed another Kopczynski blogging there.  No, I didn't take an alter ego.  Instead Garett happens to my brother.  Talk about a small world.  :>)

It should be interesting to read what he has to say about Google.  Garett can often take a very philosophical approach to things and his thoughts about subjects can be insightful.  I also can't predict if we will disagree about things as I'm sure he will be lurkering on my blog and I on his.  :>)

Some time ago, I posed and attempted to answer the question: How much space does Credential Roaming really take?  Based on the information that I provided in that post, you can get an idea for the amount of space all those wonderful credentials are now taking up in your Active Directory ntds.dit file.

With that in mind, a couple months ago I was posed with a challenge: How do you clean up credential roaming?  Basically, I had a client that had implemented credential roaming, were not use it, and the roaming aspect of credential roaming had gone a little haywire.  At the end of the day, credential roaming had ballooned their ntds.dit file by about 1GB and we now had to clean up the mess.  To complete this job we did the following tasks:

Read more

Over the past two months or so, I've had the privilege to participate in the PowerShell v2 CTP feedback program.  Last week, was the final week for the program and based on my experiences I wanted to give the PSH team some love (details following).

While working at CCO, I've had the chance to participate in a number of different Microsoft product testing and feedback programs.  That's part of what we do at CCO.  It seems like every couple of weeks or months we are downloading, installing, playing with or even deploying a next generation product from Microsoft.  Needless to say, my experiences with the different product groups have varied from being hands-off to very hands-on or someplace in between.

Read more

Hurray, Hyper-V has been released.  Yes, I'm sure every blogger and newsy person on the planet is posting something about Microsoft's release today (as they should).  But... how many of those posters have been testing Hyper-V since the fall of last year.  :>)

Anyhow, as a general rule, I don't talk about (beta and RC) products I'm currently testing.  That way I don't violate any NDAs.  However, now that Hyper-V has been released to the masses the veil of non-communications can finally be removed.

Read more

There has been something bugging me lately about PowerShell.  Actually, this something has probably always bugged me.  But, when I saw this series: "Hyper-V WMI Using PowerShell Scripts" on the Virtualization Team's blog.  I for some reason became annoyed.

Here is the thing.  In my opinion PowerShell has become stuck in a WMI Quagmire.  For some reason, the default approach has become to "PowerShell-ish" a script that uses WMI to complete a systems management task.  In other words, rather than creating a set of cmdlets, WMI becomes the vehicle to complete the tasks at hand.

Read more

A couple weeks ago, my friend Alex Lewis sent me some information about something called goosh.org.  This interesting use of Ajax is designed to have Google emulate a UNIX shell.  I'm not exactly sure how useful this is to a command line jockey.  Additionally, I don't think you will be managing your Google Apps with this anytime soon.  But, the interface does bring forth a very fascinating use case for everyone's favorite search engine.

Read more

Ok, considering that my last two posts have been about Vista, and, the comments I've been receiving on those posting haven't really been that thought inspiring, (in fact, I'd almost go as far to say that the posters are most likely Microsoft lurkers), I thought it might be appropriate to delve into a belief of mine that I hold very dear. But, before doing that let's level the playing field.

Read more

I had several comments to my last posting "Are you ready to deploy Vista 64-bit? " These comments indicated that Vista 64-bit was a champ. Considering that my last posting was not necessarily my opinion. I wanted to weigh in on the comments that I have received.

Read more

Recently, a friend of mine (name will be with held for certain reasons) went on a tirade over the pain and suffering he endured while attempting to deploy Vista 64-bit. He was very passionate in the account of his deployment effort and conclusion that Vista 64-bit was "currently" not a deployable version of Windows. So, because he felt so strongly about this conclusion and had suffered so greatly from his encounter, I offered to immortalize his tale provided he wrote up a summary.

Read more

I recently experienced a very interesting scenario related to the failure of an organization (a client of mine) in keeping some of their IT systems semi-up-to-date. The scenario (like many of my projects these days) is PKI related. At this client we (the team that I work with) are in the process of re-building their PKI which involves establishing a new trust hierarchy and issuing a number of certificates to their systems.

Read more

Every once in a while, I like to digress and talk about things that I think are cool. Well, actually I do that all the time, after all that is the point of blogging. But, in this case, the topic (or site) I would like to talk about is an item which really illustrates just how much of an equalizing democratic force the Internet can be. The site I'm referring to is called opencongress.org.

Read more

Yup, Stardock released Windows Blinds 6.0 some time ago. Needless to say, when I was asked to do a review of the 6.0 release, I was intrigued. After all, I spent many hours playing "Galactic Civilizations II" and had beta tested "Sins of a Solar Empire". So, I already had a warm spot in my heart for Stardock. Thus when presented with this opportunity to play with a product that can "improve" upon Vista's really uninspiring look it seemed like the right thing to do.

Read more

I won't keep you in suspense. I'll go ahead and name them right here, at the top of my post -- the six free security tools that all IT folks should know about and use. (But, you'll have to click through this nifty mult-page post to let me explain my choices.) And the winners are ... MetaSploit, Splunk, Google (don't laugh -- it's true!), KeePass, Helix and Netwox. Now read on to learn why ...

MetaSploit

Read more