Rodney from Microsoft Canada forwarded me this, to get it pushed out to as many people as possible. 

In case you have been living under a rock for the past month you have most likely heard about the DNS cache exploit recently discovered by Dan Kaminsky.  This might be one of the most severe flaws discovered as it was cross platform affecting everything from Windows to Linux, UNIX, Cisco IOS etc....  It was so big in fact that all the major vendors worked together to get the patch issued on the same day.  The flaw would allow an attacker to insert a malicious DNS record into the cache.  As an end user you type in www.technet.com and rather than get the proper IP address the cache delivers the malicious IP address sending you to ????  You can find out more on the details of the flaw at Dan's blog.

You should also make sure that you are patched.  Make sure that your upstream ISP DNS servers are patched by calling them or using Dan's DNS Checker at the top of his website.

So why all of a sudden a rush to ensure you are patched?  Well the patches issued by the vendors have been reverse engineered and exploit code has been published!  Dan has said many times that this is an extremely easy to launch exploit that could be implemented in seconds.

MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230)

KB953230 - Vulnerabilities in DNS could allow spoofing

Go. Read. Patch. Now.

And when you are done, copy and paste this blog post to your blog, email it to your IT Pro buddies, get the word out!

If you have links to the patches from other vendors, please leave a comment with the URL!

So the weekend did not go as planned, but I am still very Energized by its outcome!

Friday's trip to the Microsoft offices was cancelled for me at the last minute due to an issue at work that needed my attention. Disappointing in that I did not get to interact with the Program Managers I had hoped to...but work comes first.

I still was able to fly out late Friday afternoon and participate in EnergizeIT! I got into Toronto at about 10:45 and headed to the hotel to drop off my bags and over to the convention center to drop off my server and gear for setup. As we are driving up to the event center, there are about 1000 (no lie!) Anime convention attendees walking the streets in full costume going to the hotels and restaurants around the area. Apparently we were sharing the building with as many as 5000 Anime North 2008 attendees, most of who were in full costume all the time. More on that later.

After a few minutes more onsite, we headed back to the hotel. It is now 1:15 AM and when I try to turn the TV on in my room, it does not work. After some tech help from the front desk (me telling them I tried everything...move me) I get a new room. It is now 2:00 and we have to leave for site at 7:00. I run through my presentation, make some more notes and drop off at about 3:30-4:00. Up at 6:30 and off to the event at 7:00 sharp!

Energize had a different setup this year. The stage was in the center of the room so the event was in the round. This is cool as everyone gets a clear view of the stage. They also have 10 big screens setup around the entire space so everyone has a way of seeing close up what is going on. All the speakers were invited to have a private breakfast with Phil Sorgen, the President of Microsoft Canada and at 9:00 it is off to the big rooms for the event. Rock concert lights and pounding music get the day started as a version of ACDC's Thunder Struck (Energized! remix) plays. A T-Shirt toss starts the days off as people cheer loudly to get some free swag. The morning is a large group session for all attendees with presentations from the IT Pro and Developer Evangelist teams, Phil Sorgen with the Microsoft Canada awards, a presentation on the changing face of IT careers, and the EnergizeIT Demo Competition.

The Demo Competition was 3 great presentations on how to use Microsoft technology in a fun way. I was on team Shell Shocked and as part of the demo we “bribed” attendees to vote for the demo by throwing out more T-Shirts, some with copies of Vista Ultimate or Office inside. This was a great way to hype the crowd and keep people interested in the presentations. A little fun thrown in the middle of the day made for a great experience. The Powershell demo also included the largest Rickroll in Canadian history to date. Next up is the boxed lunches and off to make my first presentation.

My presentation was an overview and demo on the soon to be released Windows Small Business Server 2008. This is a product I am passionate about and as such it was fun to give an insight into a beta product for some equally existed participants. I like to make presentations interactive, and as such took a lot of questions throughout the 70 minutes and really had a dialogue with the people in the room. This was my first experience presenting at a Microsoft event of this sale and it was fabulous. People responded well to the presentation; ask questions before and after, so I took that as a good indication.

I also made a joint presentation with Mitch Garvis from Toronto on the choice between SBS2008 and the new EBS2008 product, and when to use each later in the afternoon. This was a completely unscripted presentation, with the slide deck consisting of 8 slides thrown together over lunch but I think it was a great dialogue with the participants on the fit for both of these products and why as a consultant I will want to know and use both of these in my practice. Anyone who knows or has met Mitch will agree that he is an imposing figure, at 6’3” and 265 (I am being kind here!) he is a presence just as he walks in the room. His physical size is dwarfed by his personality though. He is always on and as a professional presenter and teacher, he has this game mastered. It is a bit intimidating to co-present with Mitch, but think we delivered a great presentation that was enjoyed by all….including us!

The event is winding down now and the best part of the day has began as far as I am concerned….it is off to the restaurant for the post event meal and some drinks and then to the hotel lounge for some more drinks and the hockey game. The best part of becoming an IT Pro UG lead and MVP is the chance to interact with the Microsoft staff and other leaders from across Canada. Over the next 7 hours we had the best time winding down, laughing at each other and bonding as a national community. And to a great extent finding new jokes about the fact the event was next to the anime event…..what is the difference between a geek and a nerd? $60,00 a year in income and not living in your parents basement at 32! This is the reason why I go to these events!

Now for my personal reviews of the event:

Pro’s:

·         The event space was so much better than last year by making the event in the round

·         The demo challenge was awesome and hopefully will become a yearly tradition…..maybe we can have the user groups involved in the challenge and make it a national event

·         Having 11 tracks and 33 presentations in the afternoon made for a diverse group of attendees and topics to be in a single forum. This was a big improvement over the agenda from last year

Con’s

·         The fact there was no physical demo labs and only virtual ones where people could download the material from wasn’t as good as in the past….and a bit confusing for the attendees

·         The recognition awards do not have anything to do with the user group community. Awards are given for Developer and IT Pro people and groups for solutions they achieve based on Microsoft technologies but there is nor recognition in a forum like this for the work done at the community level by user groups across the county.

·         The morning presentations go from a euphoric high with the opening of rock music and shirt giveaways, through some not so slick presentations and then end with the euphoric demo competition….they need to work the flow a little bit to keep the morning energy higher while still delivering some information…think Ballmer at MIX008 when he is asked about the monkey boy…you can still deliver the message with a whole lot of excitement…ENERGIZED!

So that was my 34 hours in TO in a nutshell….great time and great event but even greater people

Cheers

Will

So the weekend has finally come and it is time for EnergizeIT! It is going to be a crazy few days for me. I am hosting the EnergizeIT! Security Bootcamp here in Regina tomorrow night at 6:00 through the Regina IT Pro User Group. This is a great event and one that I am happy to have been able to help bring to Regina with Microsoft.

With new products being launched,  new technologies being introduced and increased pressure to ensure good security across the board, it’s hard to know what the best way is to get up to speed and make sure you’re ready for this wave of opportunity.  Being able to bring noted Microsoft security experts Kirk Munro and Kai Axford to Regina to interact directly with IT Pro’s here is a big thrill and to include the opportunity to choose a certification study kit, including one book and one exam voucher, from one of the following four different books for everyone attending is a bonus:

- MCSA/MCSE Self-Paced Training (Exam 70-299): Implementing and Administering Security in a   Microsoft Windows Server 2003 Network
- MCTS Self-Paced Training Kit (Exam 70-640): Configuring Windows Server 2008 Active Directory
- MCTS Self-Paced Training Kit (Exam 70-642): Configuring Windows Server 2008 Network Infrastructure
- MCTS Self-Paced Training Kit (Exam 70-643): Configuring Windows Server 2008 Applications Infrastructure

Directly from this event I am getting on a plane and flying a red-eye  to Toronto to participate in Influencer Days at the Microsoft office. I arrive in TO at 6:15 AM and will head directly to Microsoft's office from the airport on no sleep. This event is an opportunity for user group leaders and MVP's from across Canada to gather and interact face to face to help create an eco-system of IT user groups across Canada and get direct interaction with Product Managers from different divisions of Microsoft as well as the IT Pro and Developer Advisors for Canada.

I was fortunate enough to attend last year and it was a great opportunity to learn from some people who have been leading the Canadian IT Community movement for a number of years. This leads to EnergizeIT! on Saturday. It is hard to explain what this event is like. 2500 computer geeks celebrating being a geek. It is a fantastic day and has a real rock concert feel to it. Big screens, live video feeds, big presentations and topics with top presenters from around the world……and somehow I get to be one of the presenters. The theme really is “get your geek on!”

I will be blogging about the entire experience throughout the weekend to share the experience with everyone who is not able to attend and to try and encourage people to attend this event next year by vicariously living through the blogasphere this year.

I have to give a presentation next weekend in Toronto as part of EnergizeIT!, so I have been preparing my slides, doing research and a bunch of dry runs...including one with Damir from Microsoft and Mitch from the IT Pro Toronto User Group via LiveMeeting. I give lots of presentations now between work, the Regina IT Pro User Group and CIPS so it is not a big deal for me. But I have been thinking twice about my style in the last few days.

I had the pleasure of bringing Jeff Sandquist to Regina last week for the 2008 CIPS Regina Spring Seminar. For those unfamiliar with Jeff, he is the Senior Director of Evangelism for Microsoft, and a guy originally from Estevan, SK. I have been following Jeff's work for a couple of years now, after stumbling across the fact he was from Saskatchewan when reading his blog. Jeff made a 60 minute presentation on Evangelism, his teams work and how he got to where he is today on 8 slides in PowerPoint and 2 short videos. Even better was the fact none of his slides has bullets. He honestly had 1 slide up for 30 minutes, and it took to the end of those 30 minutes to get to the slide. The great part was the fact the slide was a picture of a Channel 9 squishy toy! Jeff's presentation was really a series of stories that came across more as a conversation with pictures than a presentation.

This got me to thinking about the presentation I was about to make. Now granted, I am doing a product demo on the release of Small Business Server 2008 coming later this year, so they are not quite the same style of presentation but how can I turn that into a conversation. I recently did the Heroes Happen {here} Community Launch in Regina, presenting on the new Windows Server 2008. I had 40 slides in 1 hour and 2 very short product demos. It was very clinical, and did not engage the audience the way I would have liked. I don't want the presentation at EnergizeIT! to be the same. I attended the event last year and found some of the afternoon sessions to be the same.....Death by PowerPoint.

So now I am sitting here cutting slides from my presentation and working on speaking notes to turn the presentation into a conversation on my experiences with the Small Business Server product line over the last 9 years and how the newest release compares in features and usability. I want the presentation to be a two-way conversation with the audience to understand if they are business people, Microsoft partners looking to expand their market through this product or IT Pro's working with SBS.  This combined with some heavy emphasis on a hands-on product demo should make the presentation fun.

We will see how it goes!

| View | Upload your own

Regina has a chance to participate in a national security tour specifically geared towards the recently launched Windows Server 2008. May 22^nd at the SaskTel Auditorium we will have the opportunity to first hand discuss security within the Microsoft platform of products with subject matter expects.

Register now

With new products being launched,  new technologies being introduced and increased pressure to ensure security across the board, it’s hard to know what the best way is to get up to speed and make sure you’re ready for this wave of opportunity. And even if you do know your “stuff”, how to prove that to your boss or clients?

Join us at the Energize IT Certification Bootcamp where we will take you through hot topics such as Windows Server 2008 and Virtualization Security as presented at this year's Energize IT event in Toronto and discuss certification paths available along with tips and suggestions on how to approach exams.  Be ready ahead of the curve and show what you know through certification.

By joining us at this event, you will have the opportunity to choose a certification study kit from one of the following four books:

1. MCSA/MCSE Self-Paced Training (Exam 70-299):
Implementing and Administering Security in a Microsoft Windows Server 2003 Network
2. MCTS Self-Paced Training Kit (Exam 70-640):
Configuring Windows Server 2008 Active Directory
3. MCTS Self-Paced Training Kit (Exam 70-642):
Configuring Windows Server 2008 Network Infrastructure
4. MCTS Self-Paced Training Kit (Exam 70-643):
Configuring Windows Server 2008 Applications Infrastructure

About the Presenters:

Kirk Munro started his professional career in 1997 as a developer at FastLane Technologies Incorporated, where he worked on an advanced scripting language called FINAL (FastLane Integrated Network Application Language). 10 years later while working at Quest Software he returned to his scripting language roots and became a Poshoholic when he started working with PowerShell and PowerShell-based applications like PowerGUI. Today he is a member of the PowerGUI team and spends all of his professional time using PowerShell and helping others use PowerShell through newsgroups, online forums, events, and his Poshoholic blog.

Kai Axford (CISSP, MCSE-Security) is a Senior Security Strategist in Microsoft’s Trustworthy Computing Group.

A nine-year Microsoft veteran, Kai is responsible for discussing and recommending security solutions for both private and public sector organizations. In addition, he conducts Chief Security Officer councils worldwide, taking executive feedback and affecting change within Microsoft’s security products and processes.

Kai started with Microsoft in 1999 as a Server Support Engineer and then moved on to become an IT Pro Evangelist, focusing on his peers through the Microsoft TechNet Events program. Kai has delivered more than 200 security presentations on a variety of topics, including digital forensics, security management, and incident response. He is a frequent speaker at security conferences, executive meetings, and business seminars around the world.

Kai is currently pursuing an MBA in Information Assurance and is a member of ISSA, INFRAGARD, ASIS, and the North Texas Electronic Crimes Task Force. He was the recipient of the 2006 “Rising Star” award from the Information Security Executive council. Kai is interested in security management and hopes to become a Chief Security Officer one day.

Prior to Microsoft, Kai served as a leader in several real-world operations with the U.S. Army's elite 75th Ranger Regiment. Originally from Wisconsin, Kai is a huge NFL Green Bay Packers fan.  He is based in Dallas, Texas with his lovely wife and a (very wet) yellow Labrador.

Cheers! 

Wednesday April 30th saw the Regina.net User Group and Regina IT Pro User Group co-present the community launch for Windows Server 2008, SQL Server 2008 and Visual Studio 2008. The 3 sessions were hosted by local community members Gary Pronych (VS2008), Vance Petriew (SQL2008) and myself (W2K8) and sponsored by EDS Canada and Solvera Solutions. The event was located at the University of Regina in the classroom building; this brought back some memories of my years wondering the halls in 1984, 85, 86 when I was taking CS100, CS110, etc.

The event was pretty well attended as we had 80 register for the event and at least that many turn up. We decided to make the presentations 1 hour long and repeat them twice so people could attend 2 sessions over the evening. I personally think this was a great idea as my big issue in attending events like this is which ones to miss and attend. I cannot speak on the content of the other session, given I was presenting all night, but my sessions we very well attended. Server 2008 is a very big product update and to squeeze any type of overview into the product as well as a couple of live demos was a very difficult thing. I had 41 slides for a 1 hour presentation, and to be honest only really presented information on about 30 of them. I was able to include a brief overview of the new management console and of the core installation, but nothing too detailed. I will be presenting a couple of deeper dives into specific topics related to Server2008 (Hyper-v, AD Security and Group Policy the most likely starting points).

So, what was good about the event? The fact that the Regina.net User Group and Regina IT Pro User Group worked together to present an event that was geared towards all of every IT Professional at some level was great. I hope that we are able to that again. The fact a couple of local vendors stepped up to sponsor the event and cover the cost of the food was fantastic. The space was great, lecture halls with built in high-end AV equipment are awesome from a presenter’s perspective and theatre seating means everyone can see. Seeing students out for the event, this is very important to the success of the industry as a whole.

What was bad; the space. The U of R has great rooms, but no parking and a bit of a drive from downtown where most of the attendees work. I personally go a parking ticket while in there presenting, so I am sure others did as well. The food wasn't that great. We had to use the U of R catering service and to be honest it was disappointing. The fact we tried to cram what should have been a half or full day series of topics into a 2 hour evening event sucked and the more over the fact that Microsoft skipped over Regina as a whole in the actual product launch. It would be nice to have had this event supported by Corp. They were kind enough to give some prizes to give away in the form of TechNet subscriptions. I was able to leverage some additional prizes from my contacts in Microsoft to make the experience better for the event attendee.

Based on the evaluation forms handed in at the end of the night, people were satisfied with the event as a whole. There were some comments about the level of detail and the fact we started the 2nd session a little late as people moved between rooms. If I had to rate the event, I would have given it 7.5, good but with room for improvement.

cheers

will 

I had the pleasure a couple of weeks ago of co-hosting the Community Connection event here in Regina, sponsored by Microsoft, CIP, ICTC and ACCC as part of the launch tour for Server2008, Visual Studio 2008 and SQL 2008. As part of this event I was able to participate in the afternoon presentation to about 50 SIAST and high school students as well as the evening session for IT Professionals. There was a sound message delivered as part of these presentations, there is an immediate and short range need for a large number of people to enter the field.

The numbers presented by ICTC indicate a 33,000 person shortage for 2008 and 89,000 in the next 3 to 5 years. Those numbers are staggering when you look at the enrolment numbers in computer programs across Canada. In Regina, there are currently 12 declared CSS students at the University of Regina, with 20 people attending SIAST Wascana campus’s networking class, and another 20 in SIAST Palliser campus for the programming class. Those numbers are not reassuring when you are looking to hire staff. I recently attempted to hire a QA Developer and a .net Developer. We had approval to make this happen as fast as possible and in the end I was hard pressed to find any candidates from Regina. We ended up interviewing people in Calgary, Winnipeg and finally ended up hiring the .net developer from Halifax.

What seems to be the market condition at this time in Regina is the consulting firms are having employees jump around between them to take on various new postings, but few if any new people actually are entering the workforce. This will really lead to a problem in the next 3-5 years when the baby boomers start to retire. My personal take away from the Community Connection was to find a means of encouraging enrolment in the school programs around the province, and find a way to increase the public’s awareness of this need.

In Saskatchewan, we are experiencing a bit of a renaissance in terms of population growth, economic growth and revitalization in general. One of the by-products of this boom is a need to fill professional and trade positions to meet the demand. In the case of the nurses and teachers, they have a collective bargaining group in the form of a union to lobby on their behalf to encourage the government to hire more positions as well as to market to the general public, and the current high school students in particular of the need for these professionals. This is lacking in the IT sector as we all work for different companies and organizations. Far be it from me to preach the virtues of a union, but I do believe that there is a need for a common voice to represent the technology profession in Saskatchewan at some level.

Within Saskatchewan, there is an organization that could do this. SATA is a non-profit organization that has a large membership of corporations and companies with IT interests. The downside is that this organization has mainly made its mandate to present information as to why the outsourcing of IT jobs by the government is the right choice to make. Funny enough, most of the membership companies are consulting firm who would be the beneficiary of these practices. That does not make them the right voice for the industry in my mind.

This then leads me to the second option, CIPS. As an organization, it is exclusively made up of volunteers with no paid or full-time staff. They would have a great deal of trouble in finding the leadership to take on this task. It requires statistical analysis, marketing, lobbying the provincial government at different level, the education institutions as well as making presentations around the province to perspective students. It is a giant undertaking and one that a volunteer organization can’t do effectively.T

his then leads me to my third option. For those who have been following my blog since the start of the year will know that I have been looking for a means to become a Technology Evangelist within my own community and how to turn this into a profession; this may be the opportunity to do just that. Who it is that would sponsor such a position (or non-profit organization)? That is the part of the mission I need to work out, but I now have a starting point to work towards my goal.

I will keep you updated as I continue to work this all out.

Will

It is a great honour to say that I have been given the MVP Award from Microsoft. I am in good company.

Looking back in the last year it's been really fun. I have spoken in the community this year as part of the Regina IT Pro User Group as well in my role as VP for CIPS. This has provided me the opportunity to interact and share experiences with a lot IT Professionals in Regina and area. It is from this interaction that I have gained the greatest insight into the industry.  Just this month I was able to co-host the CIPS/Microsoft Community Launch Event and became very inspired by this event and the afternoon event at SIAST specifically for students. I want to spend a great deal of time and effort this year lobbying at different levels within Government, corporations, and educational institutions to see the need for people to enter the profession. Specifically I want to start by speaking at high schools to encourage students to consider a career in IT, there is plenty of opportunities with great salaries and benefits that they just don't know about.

Many thanks to everyone who I have been able to engage with during this trek. I look forward to seeing many of you at the MVP Summit!!! And above all, many thanks to my close friends in the MVP community.

For as much as I give back to the community, I learn even more from my peers. And I thank you for that.

Will

Rodeny Buike from Microsoft asked me to write a blog posting for the CanITPro site at technet.com. The following is the post I wrote with help from the team who deployed the SharePoint technologies onsite for me, Nick Pearce, Jereme Watts and Vance Petriew.

SharePoint Powers SaskEnergy

Will Craddock is the president of the Regina IT Professionals group and is part of the IT team at SaskEnergy.  SaskEnergy is Saskatchewan's natural gas distribution company, a provincial Crown corporation with roots of more than half a century in Saskatchewan.  About 8 months ago Will mentioned the SharePoint 2007 deployment they we planning and I got him registered with the IT Pro Momentum program which is a program aimed at supporting early adopters.  Recently I asked Will how the project was going and he said SharePoint had been deployed and agreed to share the experience.

------------------------------

How is SaskEnergy using MOSS 2007?

We are using MOSS as a presentation layer for our internal communications with employees at this time. Our first utilization of the product was to build a proof of concept application to collect employee’s time, attendance, expense, and mileage information for a specific pay period and interact with our ERP (JD Edwards Enterprise One) in the collecting, displaying and posting of this information. This POC was done as part of the Momentum program for early adopters at Microsoft. After successfully building this POC, utilizing custom web services to interact with JDE, we moved on to investigating production solutions that fit the SharePoint development path.

Our intranet is now being redesigned and will be deployed in small pieces over the next couple of years based on MOSS. This allows us to take advantage of the content management, document management and workflows native to MOSS 2007 to enhance the user experience. Our first production solution based on MOSS was deployed in December; it took student applications submitted from our external facing website via a form and through a SharePoint timer process, grabs them and moves them to SharePoint for internal review.

Here is a brief view of what we accomplished:

• Created an ASP.NET application to accept new student applications.
• Created a WCF JobApplication service using the Web Services Software Factory that:
  • Accepts new job applications and stores them into a SQLServer 2005 database
  • Returns all job applications that have been submitted as of a certain date/time. The reason for having an intermediate SQLServer is due to a one-way-trust relationship between the web domain and internal corporate domain
• Created a MOSS job applicant document library within a Human Resources portal complete with custom views so that staffing advisors can quickly discover eligible job applicants, and organize applications by experience level, interest, and diversity candidates.
• Created custom content type for the job application library.
• Created a MOSS timer job that requests job application data from the JobApplication service and stores the data in the document library.
• Created a WCF service proxy used by both the ASP.NET and MOSS timer job further providing reuse between tiers.
• Used Enterprise Services security and logging code blocks in the WCF service, ASP.NET, and MOSS applications.
• Created a MOSS solution package to easily deploy the portal, library and timer job to dev, test, and production. This was key, especially during testing when there were a lot of changes taking place.
• Use MSF4ASD and Visual Studio Team System 2005 and MS Project 2007 as the philosophy and toolsets for running the project.

This was the first time SaskEnergy deployed all of these technologies into production. Elapsed time took about 2 months. I'd guess that if we were to condense all of the development and testing time, we'd be able to say that a team of 3 guys took 3 weeks. Not bad considering we also had to come up with a bunch of our development process and toolsets.

The XML data architecture, service layer, and MOSS pieces will be easily reused as HR expands their need from student job applications to general job applications. The driving approach to the design was trying to keep as much SOA thinking as possible. There's not a way we could have created this solution in that time frame with our 'old' toolsets - not even close.

What was the driving force (technically) for deploying MOSS 2007?

The driving force for us technically is the quickness to delivery SharePoint provides in developing and delivering solutions. In a common and repeatable interface we are able to deliver so many different functional features that allow portals to be delivered any number of initiatives. From a development perspective this is a very big thing for us as we have standardized around building .net applications and this just becomes another tool in the box for us. The great thing from a technical perspective is the ease of implementation. We have put in a farmed solution in separate environments (DEV, UAT, and PRD) all on a virtual platform (VMWare).

What were some challenges you faced before deploying MOSS 2007 and how were they addressed?

In the creation of the DEV environment, we experienced issues around the establishment of the farm. Specifically the issues were around Security, Kerberos, and the certificate server within the SharePoint environment. We worked through many of these issues with the aid of the SharePoint Administrators Guide written by Bill English as we refined out Architecture in an iterative fashion until we were satisfied it was working correctly.

After implementing the certificates and the certificate server, we were not able to pass the tokens back and forth as some of the services would not start or stop. We engaged Microsoft through the Premier Support area to help us resolve this issue. We provided them all the information on the issue, documentation and etc and they provided various product experts as we rebuilt the environment with their input as this error had never been seen given the architecture was following the Microsoft best practices.

During the installation and configuration of the Microsoft Office SharePoint Server 2007 platform at SaskEnergy, a couple major problems arose.  Because SharePoint 2007 is a very new product, there was little or no Microsoft documentation or tools available to troubleshoot the problems we were having.  The Microsoft website had no solutions for the problems and a search of popular SharePoint blogs showed that other people in the world were running into the same issues.  In order to learn more about SharePoint, Jereme Watts (SaskEnergy’s SharePoint Admin onsite through Solvera Solutions) attended a SharePoint conference in Las Vegas.  While there, he learned that our SharePoint architecture at SaskEnergy was considered to be excellent and far more advanced in comparison to many other installations.  Unfortunately, he was not able to determine the reasons for the problems being experienced with SaskEnergy’s multi-server SharePoint environment.

After returning, Vance Petriew (SaskEnergy DEV Network Support and SQL Admin onsite through EDS Canada) and Jereme Watts spent many hours narrowing down the issues and documenting the test procedures.  Progress was made but no solutions were found.  In the mean time, SaskEnergy called upon Microsoft and utilized a Premier Support call to help speed up resolution to our problems. 

Upon being contacted by Microsoft within a day of placing the call, we were asked to provide our server documentation and troubleshooting steps used to arrive at our analysis of the problem.  The Microsoft consultants were very impressed with our thorough documentation and methodical testing procedures.  Because they could easily see that we had done our homework, they did not hesitate to bring in the real Microsoft Engineers who wrote SharePoint, Kerberos and Windows Server to help find us a solution.    During the 20+ hours on the phone with the various Microsoft Engineers, we methodically worked through the different divisions in Microsoft responsible for certain aspects of their products.  We gathered many network traces to analyze how each server request and response was being handled between the different products. 

During the troubleshooting with the Microsoft engineers we learned a few key points that are not written in any book or documentation.  These points were key factors in finding a solution.

When one Service Principal Name is configured to point at two service accounts, Kerberos authentication reverts back to NTLM authentication.
DNS records for SharePoint sites need to be defined at the root of the DNS tree in order to have SharePoint crawl websites properly.  This is due to the way SharePoint handles and truncates DNS entries inside the application.

In addition to the undocumented features listed above, there were a few other very useful results we learned during troubleshooting.

• The entry point for crawling a site needs to be defined by a wildcard.
• Reliable Kerberos authentication only works when Kerberos is forced to use TCP communications instead of UDP.
• Kerberos Service Principal Names are only defined on IIS Application Pool service accounts.

One of the comments we heard from the Microsoft consultant made us smile.  The consultant had tried getting Kerberos authentication to work with his SharePoint installation and couldn’t do it.  His configuration kept reverting back to NTLM authentication.  This confirmed in our mind that configuring SharePoint 2007 to use Kerberos authentication was a very difficult task which is also echoed across the many SharePoint blogs on the web.  SaskEnergy is now one of the few places that have been able to make this work.

Overall, working methodically through this issue with Microsoft was beneficial on both sides.  They were obviously as interested in our problem as we were since they brought in their highest level engineers to find a solution.  During the process, the Microsoft engineers identified a couple items to take back to their teams to improve.  On the SaskEnergy side, we learned that our configuration was very close to being correct and that our architecture design is solid. 

Also of note is how pleasant the Microsoft support team was to work with over the phone.  They were always courteous and answered our questions politely even after 20+ hours of collaboration.  When we finally figured out the last piece to the puzzle (the DNS issue), Microsoft was very generous in their praise towards our team and confirmed that the solution made sense.  The whole experience with the Microsoft premier support was excellent and worthy of very high ratings.   

What were some issues you faced with the actual deployment and how did you address them?

Our deployment to production has been very smooth as we were able to take care of all the issues in the DEV and UAT areas. This speaks to how this methodology works as effectively in the IT Pro world as it does in the Development world.

What is the “killer feature” that you found in MOSS 2007?

We love all the features of SharePoint, consistent information management, template driven, document management, workflow, enterprise search, the speed to deliver a product but what really is the killer feature is the product suite. We can find many products that do one or two of these things well, but none that covered the entire suite well. I admit that other products are stronger at the niche specifics, but dollar for dollar they do not compare when you are looking at the price for an entire solution. So the killer feature in SharePoint is “SharePoint”…it is the plumbing for the house in a box; you just need to add the fixtures for it to work