THE OFFICIAL BLOG OF THE SBS DIVA

I thought you might be interested in the 2nd annual Microsoft Small Business Summit - a FREE online event designed to support the efforts and goals of small business. You'll find more information about the Summit at http://www.sbsummit.com.

Actually more like I thought you'd be interested to know that Dana Epp is speaking at the online sbsummit....  :-)

http://blogs.technet.com/eileen_brown/archive/2007/01/31/old-to-new-reference-guides.aspx

Exchange Goddess Blogger Eileen Brown blogs the links to the old to new stuff... you know ...the ribbon bar learning curve guidance.

search terms that I'll use in the future to find this...

Eileen   Ribbon   Office 2007

In addition to my SBSism, I'm also a Patchaholic and write on Patching issues for Brian Livingston's WindowsSecrets newsletter... as such I always keep an eye out for Patching issues... which is why there's a lot of patch related stuff in the blog as well... yeah ...yeah....I know I used a flaming headline and cheap shot the other day but I'm still ticked off at Apple for forcing John Q Public into going through an insane patch installer for Quicktime to get the update (as that's the only way that software installer will do it's magic).

Patches from vendors should have two basic tenants....

1.  Don't hurt.
2.  Be easy to install.

But that's not the point of this post about Apple's latest patch offering.... This one caught my eye on Donna's blog...

The Apple Store (U.S.) - AirPort Extreme 802.11n* Enabler for Mac:
http://store.apple.com/1-800-MY-APPLE/WebObjects/AppleStore.woa/wa/RSLID?mco=9BFE4FC5&nplm=D4141ZM%2FA

BetaNews | Apple Offers $1.99 802.11n Upgrade:
http://www.betanews.com/article/Apple_Offers_199_80211n_Upgrade/1170176139

"The Cupertino company claims that it had to offer the capabilities in this manner due to finance laws, commonly referred to as GAAP, which they say require a charge for significant feature enhancements. But many Wall Street analysts have said that is not the case."

To the Corporate folks at Apple.... Please state the FASB number that you are using for this guidance?  If it is not a FASB, then perhaps an Emerging Issues Task force resolution?  Because, quite frankly I've gone through the gambit of FASBs, EITF,  Pronouncements, Abstracts, Publications... and I don't see a one that "requires" you to charge for significant feature enhancements.  Perhaps I missed a recent pronouncement that came out?

To the best of my recollection, there is no such rule that GAAP ...and that's generally accepted accounting principles folks.. not " finance laws"..... that requires a firm to charge for anything. GAAP is historic in nature... it follows the transaction, the recording of it, not the pricing decisions around it.  While basic fundaments of cost and business savvy may lead a firm to making a business decision to charge for a feature update like this.... and it's quite novel in that.... the Financial Accounting Standards Board is not the reason this patch has a fee.

To the PR folks at Apple.. and to the more insanely stupid folks at this Ad agency.... knock it off.

If you want to charge for it... then do it... but don't blame it on GAAP. 

http://www.beginningtoseethelight.org/efsrecovery/

Okay so you set up EFS... and then you moved a computer ...say you joined a domain or something... are you totally and utterly ...well... screwed now that the EFS certificate has gotten messed up.... not exactly... there's a tool from PSS called "Reccerts" and you can check out the tools at www.elcomsoft.com 

But read that document... you may have options... but bottom line before you detach a computer or join it.. ASK the person .. "do you have any encrypted documents or folders on this computer"... just to be on the safe side.... 

Ken... you are a definitely a geek.

http://azsmbitthoughts.blogspot.com/2007/01/why-oh-why-did-i-stay-up-to-get-vista.html

Mary Jo Foley proclaimed that us beancounters could care less about new technology... and to a certain extent she's right.  But as was pointed out by the better half of this gentlemen.... Vista right now is more for the home user and enthusiast.... because once the boss has it at home.... he'll then push to get it in the office. 

Businesses DO NOT upgrade lightly.  Nor should they. 

Enthusiasts - Ken.. this is you.. the person who would get up at midnight for a piece of software that you probably already downloaded from TechNet. 

People are reporting that there aren't the hundreds of folks in the stores but I think what this really showcases is how the distribution of content is vastly changing.  Why should I get up, get dressed, for a midnight anything if I can just download the thing?  And I'm not talking about an illegal bittorrent either... when's the last time you got your software in a box with a huge manual?  Just today in fact I purchased software and it was totally online and downloadable.  Who gets cdroms anymore... I burn in so many iso's on dvds and cdroms these days it's unreal.....there's more buzz about when the Action pack will show up than there is about Vista in Best Buy.

http://www.microsoft-watch.com/content/vista/the_ultimate_question_answered.html

To Joe Wilcox?  Yeah I'm concerned that when those key partners of Microsoft talked about 'versions' all they talked about was "Consumer" because Home Premium WILL NOT join a domain ...and SBS works the best when they are.  I bought Ultimate because I have a Tablet PC and need those features.  Last year I insanely signed up for (not all mind you but some) of Windows XP with SA to get Vista Enterprise with Bitlocker and some of the other SA goodies that were hinted at.  We should surf over to the Dell Small Business site and see what is being offered there.

When you get to the business side.... we'll see if Bitlocker pushes the Vista sales... it's too bad it's not in that Vista Business edition.  Some argue that they are glad it's not as not enough of us know how to de-crypt anything (more on that in the next blog post).  Some argue that it should be in all versions.  I think it will be a key business tool in the future... or should be anyway....

But yeah... ribbon bars... new stuff... change is hard... we don't like it..... do we?  And I think this also showcases we 'upgrade' when we 'upgrade' the hardware for the vast majority of us normal folks.

Signed version of Vista, 'eh Ken? Okay so that's a tad bit on the cool side....  ;-) 

...and from the Dell Web site......

....<sigh>

Hilton reports in the SBS2k listserve.... 

If you are running NOD32 with XMON enabled (the Exchange Server plugin)
and have the 2022 update downloaded and running, then Exchange
Information Store will fail. Disable XMON, restart Exchange, and wait
for an updated database. This issue has been reported to ESET.

http://support.microsoft.com/default.aspx?scid=KB;EN-US;823166
The fix is to ensure that you exclude additional log files such as the Exchsrvr\server_name.log directory.
....while you are at it.. review this one too....
http://support.microsoft.com/default.aspx?scid=KB;EN-US;822158

As of this writing... which is .. I think... at 5:30 pacific time assuming my time zone and what not is correct.....the KB926505 that is the 'patch' to help Vista's join the domain of SBS 2003 better isn't yet live... http://support.microsoft.com/kb/926505/en-us ...but parts are now being released... the first is the patch needed for ISA (and in particular 64 bit machines)....the next is the companion document....I'd print it out and read that one first....

http://www.microsoft.com/downloads/details.aspx?familyid=25bb5f65-4734-4268-b2b1-1606dceac06f&displaylang=en&tm
This update addresses issues described in Microsoft Knowledge Base article 930414: Update Rollup for Small Business Server 2003 Running on ISA Server 2004 (http://support.microsoft.com/kb/930414).

http://www.microsoft.com/downloads/details.aspx?familyid=46e95c56-1a4c-45bd-8d69-5f41ff8f1f22&displaylang=en&tm
This document describes the "Update for Windows Small Business Server 2003: Windows Vista and Outlook 2007 compatibility (KB 926505)" for the Microsoft® Windows® Small Business Server 2003 server software with Service Pack 1 and Windows Small Business Server 2003 R2. The update enables you to join client computers that are running Windows Vista to your Windows SBS network.

UPDATE - as of 6:39 looks like they pulled it back...well it was there... I'm getting this from my "raw feed" from the RSS download site so sometimes we get things a bit "live since the bits aren't yet ready ...they are probably getting then sync'd up....hang loose.... it may be back up there...but looks like no 'fix up patch'... but just be a bit patient... it will be there....

http://blogs.technet.com/netmon/archive/2006/11/22/network-monitor-3-0-has-released.aspx

First off if you haven't downloaded this and played with it... go... do ...now.

Follow the blog... http://blogs.technet.com/netmon/ Okay?

In remoting in to check something in the office I learned a few things...

1.  Doing a netmon while RWW or VPNing means you get a "chatty" connection.  Not exactly the wisest thing to do when you are looking for a very specific traffic you are wanting to trace.

2.  Installing it remotely on the server means that you break the VPN connection for a moment as it slides into the NIC stack (or whatever magic it does)...and the minute you do it you go.. duh.. should have thought of that one....

3.  Hmmmm.. for whatever reason I have an old netbios query request going out for the name of the old server... hmmmm...I'll have to investigate why that's happening...

4.  And last but not least: 

oh... looks like a new computer is doing that Master Browser thingy... you know... this: http://www.eventid.net/display.asp?eventid=8003&eventno=680&source=MRxSmb&phase=1 

Where it's best if your server is the "head cheese" ..but not your workstations.. http://www.pmg.com/tip_archive/99_1.htm In a server, this "head cheese" value is set to "YES" already...

This value is at:

Type regedit in the Open box, and then click OK.
Locate, and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters

But if your workstations are throwing off that setting.. especially something new coming into the firm... whereas the server should ALWAYS be yes, the workstation...well we're going to change that to be a no or "false"

We'll reboot and see if that does the trick...

hmmm.. though I'll have to see why my workstation is still looking for the old SBS 2000 era server....

If MiniMicrosoft wrote a Security blog.... this would be it:

http://infosecsellout.blogspot.com/

Just a reminder that on your WSUS you probably will see .NET 3.0.  Until I need it.. I'm saying "NO" to this one and declining for all groups until I really see a need for .NET.  Our default SBS web sites need to be on .NET 1.1 and I'm in no mood to be flipping sites back to 1.1 in case .Net 3.0 decides to smoosh on top of them tonight thank you very much....

Download details: Small Business Accounting 2006 Document: Installing and Configuring Small Business Accounting 2006 and Office Accounting 2007 on Windows Small Business Server 2003:
http://www.microsoft.com/downloads/details.aspx?familyid=1193e3f3-b626-4264-af3e-8c4f190caa69&displaylang=en&tm

Download details: Microsoft Office Outlook Tool: Time Zone Data Update Tool for Microsoft Office Outlook:
http://www.microsoft.com/downloads/details.aspx?familyid=e343a233-b9c8-4652-9dd8-ae0f1af62568&displaylang=en&tm

To install this download:

1. Before running this tool, make sure that you have installed the Windows patch that contains the most up-to-date time zone definitions or you are running Windows Vista with the most up-to-date time zone definitions.
2. Download the file by clicking the Download button (above) and saving the file to your hard disk.
3. Double-click the tzmove.exe program file on your hard disk to start the Setup program.
4. Follow the instructions on the screen to complete the installation.

Instructions for use:
After you are done installing the tool, it will automatically launch for you.

1. Verify your default Data File is selected and Update to reflect changes to Windows time zones is selected, and continue through the rest of the tool.
2. If you need to run the tool again, then launch tzmove.exe (located in the \Program Files\Microsoft Office\Office12\Office Outlook Time Zone Data Update Tool\ folder.)

Note that if you have created non-recurring appointments on your Calendar since you updated your Windows time zones, you should click the Details button once the tool has reported that its scan is complete and uncheck any such appointments before continuing. Additionally, after running the tool, make sure to go to your calendar and review your calendar items to ensure that they appear at the correct times.

This is the standalone mailbox tool...and I'm not sure I understand what it's doing?

http://blogs.zdnet.com/microsoft/?p=220

Mary Jo says... "Accounting software isn't something that will make use of the fancy Aero graphics that are part of Vista. And like lawyers, accountants don't strike me as folks who strive to be on the cutting edge of technology."

No Mary Jo but we need to be on the cutting edge of security... and THAT's what Quickbooks 2007 finally does for us.  And it's about time that we as an industry and you as taxpayers that depend on Accountants start standing up and demanding that our Accounting software means SECURE software.... and Mary... that Quickbooks 2007 running without admin rights is the start.  It's the shot across the bow for my industry to wake up and start demanding secure software, software that is reviewed for appropriate handling of Social Security numbers.. for proper protection of our clients personal identity information, for all the right things we should be doing both in our packaged software and our Web 2.0 stuff that we are using on the web.

No, Mary, my accounting profession doesn't have to care about the fancy graphics... but the goodness of supporting non administrator rights is something we SHOULD care about.  The Quickbooks 2007 version is a fantastic thing... Vista or no Vista.

To you it's a Vista upgrade.. to me... it's the tipping point of non administrator rights to being the new normla.  Quickbooks no longer is the "non admin" punching bag of the software industry (even Mark Minasi referred to it in his audio set). 

Well guess what.... now they are the example of a vendor doing the right thing.

Run the Secunia Software inspector on your computer and you might find that you have insecurity in places you didn't realize... run a full scan and see....

If you have Macromedia Flash in the 'normal' place, use this tool http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_14157 to remove all flash from the normal places and then reinstall Flash 9.

Run the Secunia inspection tool and you find that Steve Jobs doesn't care about the security on your system because he doesn't make it easy AT ALL to patch for a security issue with Quicktime... 

This installation of Apple QuickTime 7.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 7.1.3.130, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 7.1.3.191.

Update Instructions:
Update to version 7.1.3.191 or later.

Currently, it is NOT possible to download a secure installation from the Apple.com download page. Therefore, in order to secure your installation you need to take the following steps:

Step 1)
Run the "Apple Software Update" application.

This application is normally installed together with Quicktime, if this is not the case, you will need to re-install Quicktime by downloading it from Apple.com again.

Step 2)
Select and install the available update called "Security Update 2007-1".

If your "Apple Software Update" application is not up-to-date, then you will asked to update this first.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23540 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.

Yes boys and girls... there's an easy to get downloadable version for Mac machines... but for Windows... you need to install the insecure 7.1.3 and then go through the programs Software update tool to get the fixed bits.  You cannot install directly a patched and fixed Quicktime version.

The only way I was able to get patched was to uninstall the Quicktime I had to reinstall with the software updater..when I went to install the 7.1.3 from the Apple web site, it said I had a newer version, yet Secunia indicated I was insecure. Launching Quicktime and having it look for updates inside the program itself indicated that it was up to date.  Secunia was the only one insisting that I wasn't up to date and in fact still had vulnerable parts on my machine. Again, the ONLY way I was able to Quicktime patched was to uninstall it completely, install a vulnerable version and THEN update it by launching the separate software updater tool.

Look for that Icon in your program listing and ensure you launch that to install the update.

From the Apple bug project... The only potential workaround would be to disable the rtsp:// URL handler, uninstalling Quicktime or simply live with the feeling of being a potential target for pwnage

Unbelievable.... nice one Mr. Jobs...thanks for caring so much for my security...

P.S. ... okay okay yeah... I know that the headline is a cheap shot... and I'm sorry about that but come on.... the way one has to get patched for this is unreal... the updater program is just "out there" on the menu bar.  If you are an admin you have to follow Eric Schultz's hackup way to get the patch as he discussed on www.patchmanagement.org, if you are a normal end user who opted to not install the updater program, you won't get patched and it then requires admin rights....I don't know which is worse... Microsoft's patch SVCHOST.exe issues or Apple's requiring us to go through hoops for this one....obviously having an unpatched vulnerability still on your machine that can be nailed "from remote" is a lot worse that CPU issues that do have patches and workarounds.

http://www.cbsnews.com/stories/2007/01/26/60minutes/main2401726.shtml

At the office the gang are starting to get High Def TV...and they are hitting the 'geek' issue... where they need help to install what used to be "just" TV.  Well it's not "just" TV anymore.

Simple is hard....and everyone is finding that the manuals for the technology are near impossible to understand...

http://60minutes.yahoo.com/segment/36/get_me_the_geeks

http://blogs.technet.com/jocarpenter/archive/2007/01/28/uk-sbsc-symposiums.aspx

That sounds REALLY cool!

If you are... check it out!

..had to go to Best Buy tonight and already they had Vista on laptops in the store.... and one girl looking for a computer was more interested in making sure that the laptop had a web cam than what operating system it was running... it did however make her say "oh, how pretty" in reference to the desktop wallpaper....

...it's like my Sister this morning who announced she would have to get a new laptop (hers is about 5 years old) because when she went to the Disney web site to download their new set of screensavers, it proclaimed that her system was below the recommended system specs http://disneyparks.disney.go.com/disneyparks/en_US/index?name=Gallery it's the ones that are tied to those new photos done by Anne Leibovitz http://www.usatoday.com/life/people/2007-01-25-disney-ad-campaign_x.htm

Well needless to say... when the system can't run the Disney screensaver.. there's a hardware upgrade in our future... No screensaver ... http://disneyparks.disney.go.com/disneyparks/en_US/index?module=DownloadsFlashModule&section=ScreensaverDownload that means there's not a happy sister...

And some of us small businesses are wacko enough to "CHOOSE" software assurance so they could get it too you know....

Dear Susan Bradley

As part of your Software Assurance benefits package, you can now receive and use Windows Vista Enterprise operating system. Vista Enterprise is the premium business desktop operating system optimized for medium-sized and large, global organizations, and is available only through Software Assurance.

In order to receive your media, please access and activate your benefit here: https://licensing.microsoft.com/eLicense/L1033/default.asp.

Information about Windows Vista Enterprise

Windows Vista Enterprise provides enhanced data protection, advanced support for improved application compatibility and enhanced virtualization scenarios, and enables global operations to roll out a single worldwide desktop image by including all Windows languages.

To view all of the benefits you are eligible to receive visit the Microsoft Volume Licensing Site at: https://licensing.microsoft.com

If you do experience any problems accessing the MVLS web site or have any questions, please contact our support center via email: mvlshelpa@msdirectservices.com where your issues will be quickly and efficiently handled.

Yours sincerely,
The Microsoft Volume Licensing Services Team