Anyone who has ever worked in a IT helpdesk environment will know that probably 50% + of calls are related in some way or another to the user getting there password wrong, and locking out there account. No mater how much you educate the users, this will always happen, especially if you enforce a complex password policy (and i hope you do!)

I have seen on the odd occasion where thre is something more at work. The user could be happily logging on in the morning, working for a bit when suddenly there account is getting locked out, and as far as you (and they) can tell everything should be fine. You can unlock the account, they carry on working for a bit but then it happens again. There are a few things it could be:

• Someone is trying to use that users account, doesn’t know there password and so keeps locking it. This could be malicious or another reason
• The user has logged onto another machine, and not logged off. Then, if the user has changed their password while the other machine is logged in, it could be requesting resources using the old (and now incorrect) password. Every time it tries to get a network resource that requires authentication it will cause a bad password attempt
• Similar to the above, but the user is logged into a terminal server session an not logged out. For none console sessions on terminal servers users have access to, its always a good idea to enforce an automatic log off after a period of inactivity
• The user could have a connection to a network resource (such as a mapped drive) , that is using old credentials. Personally i’ve never seen this on XP, but it did see it on Win95/98

So, we know what can go wrong, but how the hell do we find out what machine the account lockout is occurring on?

(more…)

I was reading a very interesting article on coding horror the other day (http://www.codinghorror.com/blog/archives/001006.html) about browser wars.
This got me thinking about how much Microsoft must be worrying about how the enhancements in browsers and related technology will effect there business model.

When you think about it, most there money comes from selling operating systems and Office products. Now, browsers are becoming more and more the platform of choice to write applications on. it makes sense really.

The app will run on any device with a net connection (including phones, pda’s etc), you can almost guarantee it will work, there is no need for the user to install software, updates are easy to roll out, ease of distribution, the list go’s on and on.

While as it stands there aren’t to many office based application that can challenge the MS office in the features category, there are certainly very capable alternatives out there, the main one being Googles offering, Google docs (http://docs.google.com/). All the documents are saved online, so you can give other people access to them and wherever you are in the World you will always have access to your data. (more…)

Just a quick post after my rant yesterday, seams like Microsoft is already working on a new version of Internet Explorer , at least according to the IE developer blog. You can read the entry at http://blogs.msdn.com/ie/archive/2007/12/05/internet-explorer-8.aspx

There is no mention of new features or anything yet, but keep checking back as i’m sure they will post the latest info there first.

We have installed a copy of Windows 2003 beta 3 to do some testing with, mainly to see if the terminal server side of thing has improved any.

We have a problem using DTP packages over a terminal server connection, when moving pictures around pages it takes about half a second or so to respond, some of the documentation from Microsoft says there have been quite a few improvements, so we decided to check them out.

The first hurdle was installing it! The installer is for DVD, and most of the boxes we could install it on to test didn’t have a DVD drive. We tried installing it as a virtual machine on a VMWare server, but it would not go onto here at all.

In the end we had to pull a DVD reader out of another machine, and load it using this. Does this mean in future servers are going to have to ship with DVD readers as standard if Microsoft is going to be shipping its server OS’s on DVD?

Anyway, we finally managed to load up the server, and after a bit of head scratching managed to join it to our domain. Hunting round the config screens we managed to find how to install it as a terminal server, so we could start doing our testing.

The documentation Mr Gates and Co. said that there was now a feature where a user could run an application on the terminal sever as if it was on there desktop. We weren’t sure how this was going to work, but it sounded like a good idea, we found where it was configured and added wordpad as an application to run in this way. There was a wizard to run that created the connection to the application so I ran that, and it generated me a .rdp file, witch i wasn’t really expecting it to do.

Still full of hope and optimism, I copied the .rdp file to my desktop and ran it, expecting something cool to happen. I logged into the terminal server, and all that happened was wordpad ran up as soon as I logged in. That was it. When I closed wordpad the terminal server connection closed its’ self. Now, maybe I was expecting something a bit special, but I cant see that solving anyone’s problems!

I had a look at how this amazing leap forward in thin client architecture was accomplished, and found in the .rdp file the wizard had created, all it was doing was launching the app on start up, as illustrated here

Windows Server 2008 introduces new functionality in Terminal Services to connect to remote computers and applications. Terminal Services RemoteApp completely integrates applications running on a terminal server with users’ desktops such that they behave as if they were running on an individual user’s local computer; users can run programs from a remote location side-by-side with their local programs

We continued doing some more testing by installing QuarkXpress on the server, and seeing if there were any noticeable improvements to the picture handling, but there appeared to be very little difference between this version and what 2003 does. Maybe its time to start looking at Citrix.

Anything else interesting I find on 2008 server ill blog about here