FYI
| 
| | | | Rene Chavez | Product Manager InterScan Web Security Suite | | 10101 N. De Anza Blvd Suite 200 Cupertino CA 95014 | | Office: 408.850.1017 | Mobile: 714.585.6098 | | |
"The information in this email, and any attachments, may contain confidential information and is intended solely for the attention and use of the named addressee(s). It must not be disclosed to any person(s) without authorization. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are not authorized to, and must not, disclose, copy, distribute, or retain this message or any part of it." If you have received this communication in error, please notify me immediately
From: David Huang (PARTNER ISV) [mailto:Huang.David@microsoft.com]
Sent: Tuesday, September 07, 2010 7:28 AM
To: David Huang (PARTNER ISV)
Subject: Microsoft Premier TAM Newsletter for September 2010
(bcc to distribution)
Microsoft Services Premier Support
TAM Newsletter – September 2010
Microsoft news and product information from microsoft.com and product team blogs
How Microsoft does IT
· Deployment Planning, Architecture and Guidance on System Center Service Manager Microsoft IT implemented System Center Service Manager to improve their IT service management which provides built-in processes for incident and problem resolution, change control, and asset lifecycle management. Service Manager automatically connects knowledge and information from System Center Operations Manager, System Center Configuration Manager and Active Directory.
· Deploying Windows 7 Using System Center Configuration Manager 2007 and OSD Microsoft is the first enterprise organization to use Windows 7 on a large scale, and that includes deployments using the System Center Configuration Manager 2007 Operating System Deployment (OSD) feature. OSD provides administrators with a tool to create images that can be deployed to managed and unmanaged computers. The OSD user interface, and features such as driver management and the User State Migration Tool (USMT), have been significantly enhanced.
· Operating a Global Messaging Environment by Using Exchange Server 2010
To support the changes to the architecture, the Exchange Messaging team re-organized the internal support teams and processes. This involved organizational changes, modifications to the change control process, and the addition of new monitoring tools.
Security
· More information about the DLL Preloading remote attack vector We released Security Advisory 2269637 notifying customers of a remote attack vector to a class of vulnerabilities affecting applications that load DLL’s in an insecure manner.
Microsoft Cloud Services
· How to Monitor BPOS Uptime and BPOS Outages/Maintenance A frequent question I receive is how to monitor the availability of BPOS and how to access BPOS service notifications. There's a few good techniques and resources out there.
· Microsoft Exchange Online for Large companies I was reading this interesting article today on CIO.com about Dow Chemical and their move from Exchange 2003 to Exchange Online or BPOS (Business Productivity On-Line Suite). The perception has been that Exchange Online is just for small and medium sized companies. This article explains the considerations that Dow made before making the decision to convert to Exchange Online.
· Microsoft Government Cloud Application Center Connects Customers with Windows Azure Partner Solutions State and local governments evaluating a move to the cloud should have a central location where they can find partners and solutions with the right cloud-based solutions to meet their business needs.
· New Windows Azure Security Overview White Paper Now Available Windows Azure must provide confidentiality, integrity, and availability of customer data, while also enabling transparent accountability.
Windows Desktop and Server – 7 / 2008 / Vista / 2003 / XP
· Join Us For Our Next Virtual Roundtable - Migrating from IE 6 on IE 8 on Windows 7: Strategy, Standards, and Support Deploying Windows 7, but still running Web applications based on Internet Explorer 6? Join us live at 9:00 AM Pacific Time on Thursday, September 30, 2010 for a virtual, interactive roundtable discussion on migration strategies, standards, and support for organizations moving from Internet Explorer 6 to Internet Explorer 8.
· Tools To Make Working With Internet Explorer 6 in Windows 7 Easier Over the past few months, many of you have shared with me your need to continue to be able to offer support for Internet Explorer 6 specific application while rolling out Windows 7 and Internet Explorer 8 into your organization. Suggestions for walkthroughs, papers and application compatibility lists were made by many of you. Based on those conversations, I am very happy to offer the following resources to help you.
· ACT: Suppressing Elevation Prompts for Legacy Applications With Windows 7 and Windows Vista being widely used these days, we see a lot of requests from customers about legacy application interaction with User Account Control (UAC). Today we’ll go over how we can use the Application Compatibility Toolkit to suppress elevation prompts for legacy applications which actually doesn’t require Admin privileges to run.
· The Mystery of the Missing Memory -or- It Pays to Know Your Hardware Recently I was working a case with a customer who was running Windows Server 2008 with 160 GB of physical RAM installed. Problem was, about half of the memory was missing in Windows. In Task Manager we could only see 80 GB as being available, but it did show the full 160 GB installed.
· Introduction to the new Sysinternals tool: RAMMap I’d like to talk a bit about a new tool that allows us to examine a vital performance resource: physical memory.
· How to Prevent Local Administrator from Turning OFF bitlocker If we want to prevent local admins not to turn OFF or Suspend bitlocker, we can achieve this easily by implementing the 2 steps in this blog post.
· Issues Resulting in Bitlocker Recovery Mode and Their Resolution Specific operations or actions will cause Bitlocker to go into Recovery Mode and ask you to enter the 48-digit Recovery Key. This can be caused by several things, and a complete list can be viewed here , but today I am going to go over the most common issues.
· Directory Services: Using AD Recycle Bin to restore deleted DNS zones and their contents in Windows Server 2008 R2 Beginning in Windows Server 2008 R2, Active Directory supports an optional AD Recycle Bin that can be enabled forest-wide. This means that instead of requiring a System State backup and an authoritative subtree restore, a deleted DNS zone can now be recovered on the fly. However, due to how the DNS service "gracefully" deletes, recovering a DNS zone requires more steps than a normal AD recycle bin operation.
· Microsoft’s Support Statement Around Replicated User Profile Data The purpose of this article is to clarify exactly which scenarios are supported for user data profiles when used with DFSR, DFSN, FR, CSC, RUP, and HF. It also provides explanation around why the unsupported scenarios should not be used. When you finish reading this article I recommend reviewing http://blogs.technet.com/b/askds/archive/2009/02/20/understanding-the-lack-of-distributed-file-locking-in-dfsr.aspx
· The Case of the Enormous CA Database Today I want to talk a little about Certification Authority monitoring and maintenance. This topic was brought to my attention by a recent case that I had where a customer’s CA database had grown to rather elephantine proportions over the course of many months quite unbeknownst to the administrators.
· Don’t mess about with USMT’s included manifests! Today I talk about the importance of the included USMT component manifests and how things can get gross when they are not available to Scanstate and Loadstate.
· Forcing Afterhours User Logoffs I want to answer a common customer request—how to force users to logoff at the end of the day. The scenario requires a bit of an explanation, so let’s get started.
· Moving Your Organization from a Single Microsoft CA to a Microsoft Recommended PKI I want to talk about what appears to be an increasingly common topic: migrating from a single Windows Certification Authority (CA) to a multi-tier hierarchy. I’m going to assume that you already have a basic understanding of Public Key Infrastructure (PKI) concepts, i. e., you know what a root CA is versus an issuing CA, and you understand that Microsoft CAs come in two flavors – Standalone and Enterprise. If you don’t know those things then I recommend that you take a look at this before proceeding.
· Remote Desktop Services: Using the Remote Desktop Services BPA to analyze a Remote Desktop Gateway implementation The tool was designed to help in determining configuration and operational problems in Remote Desktop Services.
· Don’t Fence Me In: VDI, Session Virtualization … or Both? I wanted to discuss a question that is important to our large base of session virtualization customers: How do you decide between virtual desktop infrastructure (VDI) and session virtualization? And if you have already successfully deployed session virtualization, should you replace it with VDI?
· MDOP: New AGPM and DaRT Videos You can find a series of new step by step videos for both Advance Group Policy Management (AGPM) and the Diagnostics and Recovery Toolset (DaRT) on the MDOP video page.
Virtualization Technologies
· Items of interest from VMworld 2010 This post is designed to bring some of the show to you, assuming you're not attending and queuing up to a session 45 mins before the start. See also: Why Does Microsoft exhibit at VMworld?
· Hyper-V: Looking at Dynamic Memory Performance Counters With Windows Server 2008 R2 SP1 we have added a number of new performance counters for dynamic memory. These counters allow you to get some extra insight into what is actually happening with memory on your Hyper-V server.
· Using PowerShell to find the virtual processor to logical processor ratio of Hyper-V Today our documented guidance is that we support up to 8 virtual processors for each logical processor in the physical computer – and that for best performance under most reasonable circumstances you should aim for a ratio of 4 virtual processors per logical processor in the physical computer. The problem with all of this? We do not provide any simple way to find out what your current ratio is.
· App-V: New KB: Supported command line options for the Microsoft App-V 4.5 Management Server installer
SQL Server
· Windows 7 AppCompat changes and SQL Server client and setup hangs Windows 7 and Windows Server 2008 R2 include many changes to the core operating system. This blog post is targeted at resolving the impact on SQL Server client drivers and SQL Server setup of one breaking change in Windows 7 and Windows Server 2008 R2.
· Watch new PowerPivot Videos on TechNet Wiki The 4-part video series on how user identity is established for different PowerPivot ops is now available on the TechNet Wiki.
· Optimizing CREATE SET in Cube Calculation Scripts In this blog we will describe an important optimization that you should apply to cubes that are processed often and have CREATE SET commands in the calculation script. We will describe the measurements you can make to determine if this may affect you and also provide solutions that can make your cube be much more responsive to users.
· Query performance and table variables Frequently, we see our customers using table variables in their stored procedures and batches and experience performance problems.
· Microsoft Services Launches New Offerings for Mission Critical Customers Customers running mission critical solutions have asked Microsoft to provide higher levels of service and support for their environments, given the potential negative impact to their business if an incident or outage occurs to their mission critical solution. With that in mind, Microsoft Services today announced an enhanced Premier Mission Critical add-on for customers running business critical solutions on the Microsoft platform.
Exchange Server
· Mark Russinovich: The Compound Case of the Outlook Hangs This case was shared with me by a friend of mine, Andrew Richards, a Microsoft Exchange Server Escalation Engineer. It’s a really interesting case because it highlights the use of a Sysinternals tool I specifically wrote for use by Microsoft support services and it’s actually two cases in one.
· Exchange 2010 SP1 FAQ and Known Issues The starting point for SP1 setup/upgrade should be the What's New in SP1, SP1 Release Notes, and Prerequisites docs. As with any new release, there are some frequently asked deployment questions, and known issues, or issues reported by some customers. You may not face these in your environment, but we're posting these here along with some workarounds so you're aware of them as you test and deploy SP1.
· Exchange 2010 SP1 and Support for FIPS Compliant Algorithms
· Exchange 2010 SP1: Database Integrity checking Since the earliest versions of Exchange Server, the Information Store Integrity Checker (ISInteg) has offered Exchange administrators a way to check mailbox and public folder database integrity. ISInteg checks and fixes Exchange database errors that may prevent the database from mounting, prevent the user from logging on or from receiving, opening or deleting email. Curious to know what changes are coming to ISInteg in Exchange 2010 SP1? Let's take a look.
· Exchange 2010 Cross-Forest Mailbox Moves We are seeing some trends where quite a few customers are migrating mailboxes to a new Exchange organization, in a different Active Directory (AD) forest. This blog post is aimed at helping to explain the fundamentals of what is required to move mailboxes across forests so that you can be prepared with the correct data, make better plans, and successfully perform a migration without encountering painful problems.
System Center
· OS Imaging via Web Page OSD is a powerful imaging tool but setting up systems to be imaged may require a user have access to the SCCM console. This often means that the SCCM staff gets assigned the task of imaging. Wouldn’t it be cool if the OSD users could setup imaging themselves without having to use the SCCM console? Yeah, I thought so too.
· CM: Announcement: Updates to “How to Configure ISA SSL Bridging for System Center Configuration Manager Internet-Based Client Management” The ISA documentation How to Configure ISA SSL Bridging for System Center Configuration Manager Internet-Based Client Management has been updated.
· DPM: How to properly configure DPM 2010 for successful client side recoveries Setting up System Center Data Protection Manager 2010 I feel like a kid on Christmas morning! So many new features and “toys” to play with. I don’t know what to open first. Since it is something that can affect all the users here, I think I will unwrap client protection first.
· Three new DPM 2010 whitepapers and two datasheets are now available I am happy to announce three new whitepapers, each around protecting a different workload.
· Opalis: Announcing the Opalis Customer Evaluation Program The System Center team is pleased to announce the Opalis Community Evaluation Program (CEP). The goal of this program is to provide customers with a streamlined approach to evaluating Opalis.
Office SharePoint Technologies
· Collaborative Note-Taking with SharePoint 2010 and Microsoft OneNote However, it seems that one of the unsung heroes of the new Office Web Apps is Microsoft OneNote. I use it almost daily to take notes and brainstorm about projects, and many of my peers do as well. To help illustrate why we like this so much, here are a few scenarios.
· SharePoint User Adoption: The Four Stage Model I really like frameworks—a representation of reality that provides a simplified way of thinking about a topic. I propose the Four Stage Model of User Adoption as a framework to guide user adoption efforts. See also: User Adoption Strategies: Overcoming Roadblocks to Change and User Adoption in SharePoint Implementations.
· Use custom content types to trigger document retention policies Our client was looking for a solution that would ensure that documents stored electronically followed the same document expiration and retention policies as the hard-copy versions currently stored onsite.
Microsoft Office System
· Microsoft Office 2010 File Compatibility Have you been looking for a tool to help you assess compatibility of your existing Office files and macros as you prepare to deploy Microsoft Office 2010? We have recently released the tool to help you identify potential concerns before you migrate. The Office Migration Planning Manager 2010, referred to as OMPM, has been released to help you assess and migrate documents for Office 2010.
· Access: Power Tip: Scale Access Chart objects at runtime I've recently discovered an easy way to scale Access Chart objects at runtime to fit the form window, and I'd like to share it with you.
· Going beyond Web Macros: Using Event Receivers & .NET with Access Services One challenge in Access Services is ensuring that the logic behind various objects will be portable between Access itself and the SharePoint site hosting the Access web database. To that end, the Access team has used macros to support the goal of portability. In practical terms, this means we cannot use VBA behind the Access objects in context of a web browser.
· Excel: =VLOOKUP (uhh…now what?) On Office.com, the term “VLOOKUP” frequently bubbles up in our list of high-volume search queries.
· Got lots of text in a cell? Make it readable Sometimes, I find I have text in a cell that spans far past its own column or…yikes, maybe even off the screen.
· Posted Thu, Jun 10 2010
· by 
· Outlook: Conditional Formatting: Highlight your most important mails This week I wanted to share another tool for making sure the right email messages stick out when you’re reading down the message list in your Inbox. This advice comes straight out of the Outlook Best Practices – a series of guidelines to help you be as productive as possible with Outlook.
· Suggested Contacts: Never lose an email address Last week I needed to send an email to a contact at Contoso, a company we partner with on marketing materials. Unfortunately, I had not emailed my contact in about a year and I couldn’t remember her name, let alone her email address. Since we had only exchanged a few emails I had neglected to add her to my Outlook contacts. However, with Outlook 2010 I was still able to find her email address quickly using Suggested Contacts.
· PowerPoint: The Bad, the Good, and the Icon From traffic signs to your smartphone, you rely on icons (officially known as pictograms) for quick visual orientation and identification. When used right, they overcome language barriers and offer a quick and easy decryption.
· Project: Change the font and color of text on the Gantt chart Many people know how to use bar styles to change the color of the bars on the right side Gantt chart. But I bet you don’t know how to use text styles to change the text on the left side of the Gantt Chart, and other sheet-like views. Let’s take a look at this.
· Visio: External Data Authentication White Papers The Visio team is pleased to announce the release of two new white papers which will help Visio Services administrators choose and configure the right external data authentication mechanism for their data connected diagrams.
· Office Web Apps: Clip Art, Charts, Themes and Printing - Need We Say More? The latest updates to Office Web Apps add some much requested functionality to Word Web App, Excel Web App and PowerPoint Web App.
· Updates to Office Web Apps The Office Web Apps have been refreshed on SkyDrive and in Hotmail with several new features.
Forefront
· New video available about using PowerShell to export and import Forefront Protection 2010 for SharePoint configuration settings If you are managing multiple SharePoint servers with Forefront Protection 2010 for SharePoint (FPSP) installed and would like to share your FPSP configuration settings among your various installations, you can use PowerShell to export the settings from one configured instance of FPSP and then import the settings into other instances of FPSP.
· UAG: Authenticating to UAG with an email address instead of user ID I recently had a customer ask about how to do SSO with an email address and not the samAccountName. Knowing that Forefront Unified Access Gateway (UAG) is VERY flexible, the answer is of course yes, and this blog outlines how.
Microsoft Dynamics
· CRM: FAQ: Using the newest version of Microsoft Dynamics CRM Help We've updated the Microsoft Dynamics CRM 4.0 help several times. You can download the latest version.
· Two way integration between Microsoft Word and Microsoft Dynamics CRM 4.0 We recently released a very cool two way integration between Microsoft Word and Microsoft Dynamics CRM, and I thought you might be interested to check it out!
· GP: Microsoft Dynamics GP 2010 RTM "CoreMR" VPC is NOW AVAILABLE!! It is with great excitement, we are announcing the availability of the first of two Microsoft Dynamics GP RTM VPC images. The VPC that is available starting today is called “CoreMR.” Many of you have been waiting for a new and improved RTM version of Microsoft Dynamics GP 2010 VPC’s and we are here to say that the first VPC is finally here
· NAV: Microsoft Dynamics NAV Compatibility with Microsoft Office 2010 and Microsoft SharePoint 2010 With the release of Office 2010 and SharePoint 2010 the relationship between internal line of business applications and business productivity software is stronger than ever. There have been added many exciting new features, which will bring value to many customers, including those customers that are using Microsoft Dynamics NAV today.
Other Information
· The Enhanced Mitigation Experience Toolkit 2.0 is Now Available For those who may be unfamiliar with the tool, EMET provides users with the ability to deploy security mitigation technologies to arbitrary applications.
· Windows Live: Hotmail now supports push email, calendar, and contacts with Exchange ActiveSync Hotmail is making it easier for you to stay up-to-date and be productive on your phone. Starting today, you can get your email, calendar, and contacts pushed automatically to your phone using Exchange ActiveSync (EAS).
· Windows Live Sync to be named Windows Live Mesh In our beta release, we brought the best of Windows Live Sync and Live Mesh together. With the addition of remote access and cloud storage, we understand that the new program does more than sync files. So following the beta period, we’ll be using the name Windows Live Mesh going forward, which we feel best reflects our broader goal of allowing you to access your stuff across your devices.
· Family Pack Returns in time for the Anniversary of Windows 7 All summer long we’ve given you some great reasons to purchase a new PC and make the move to Windows 7, an operating system loved by a whopping 94% of folks who use it! Here’s one more: starting October 3 in the U.S., Windows 7 Family Pack will be available for purchase at participating retailers and online at the Microsoft Store. Purchasing the Windows 7 Family Pack gives you three upgrade licenses of Windows 7 Home Premium for the low price of $149.99.
· How to: Easy Steps to Help Keep Your Munchkins Safe Online I plan to write a few times on keeping your kids safe online over the next couple months. To kick things off, I wanted to share what I was able to do in my house very quickly to ensure my kids are protected, with just a few easy steps using Windows Live Family Safety.
· Windows Phone 7 – Released To Manufacturing We’re very excited to say that we’ve reached the biggest milestone for our internal team – the release to manufacturing (RTM) of Windows Phone 7! While the final integration of Windows Phone 7 with our partners’ hardware, software, and networks is underway, the work of our internal engineering team is largely complete.
· New Ceton Digital Cable Tuners Make TV in Windows 7 Awesome
Microsoft Developer Information
· Windows Live and Activity Streams Did you know that Microsoft’s Windows Live has been actively embracing the emerging Activity Streams open standard?
· Using the Expression Web SEO Checker Expression Web 4 provides a new reporting tool: the SEO Checker, which helps you optimize the pages in your site for discovery and indexing by search engines. Pages that follow good Search Engine Optimization (SEO) guidelines rank higher in search-engine results, helping people find your site more easily.
· Windows Phone 7 Jump Start Training Today we are publishing the first in our training content led by our MVPs. Rob Miles and Andy Wigley led an incredibly well received live training course about a month ago, focused on getting developers trained up on building amazing applications and games for Windows Phone 7.
· SDL: Microsoft SDL and the Creative Commons I am happy to announce that from this point forward, Microsoft will be making our publicly available SDL documentation and other SDL process content available to the development community under a Creative Commons license.
· Microsoft Cloud Services: Sandboxed Solutions and BPOS SharePoint 2010 Developers should be getting ready for Sandboxed Solutions in BPOS SharePoint 2010. Follow the link for information.
· VSTFS: Lab Management General Distribution Release is now available We are happy to announce that the General Distribution Release for lab management in Visual Studio 2010 is now available. A couple of weeks back, we announced the general availability of lab management, licensing changes, and what’s changed since RC. You can review these here.
Monthly Reminders of Good Information Sources:
Microsoft Premier Online https://premier.microsoft.com The Microsoft Premier Online (MPO) site is a secure Web site for the exclusive use of Premier Support customers. Note some of the links below may only be available to Premier Support customers. If you currently have Premier Support and don’t have access to MPO, please let your TAM know. Your TAM can get you access to the site.
Premier Twitter: Microsoft Premier is now on Twitter! This account will share new proactive offerings and product information, links to important articles on TechNet or Microsoft Blogs, important lifecycle updates, and security alerts. Start following us today by visiting here!
Support WebCasts
List of Upcoming WebCasts: http://www.microsoft.com/events/webcasts/upcoming.mspx
List of Previous WebCasts for on demand viewing: http://www.microsoft.com/events/webcasts/ondemand.mspx
See the Top Ten List of the most popular webcasts.
Recent Security Bulletins (Security Bulletin Archives)
Last 5 Published or Updated Security Advisories:
Microsoft Security Advisory (2269637)
Insecure Library Loading Could Allow Remote Code Execution
Published or Last Updated: 8/31/2010
Microsoft Security Advisory (977377)
Vulnerability in TLS/SSL Could Allow Spoofing
Published or Last Updated: 8/10/2010
Microsoft Security Advisory (2264072)
Elevation of Privilege Using Windows Service Isolation Bypass
Published or Last Updated: 8/10/2010
Microsoft Security Advisory (2286198)
Vulnerability in Windows Shell Could Allow Remote Code Execution
Published or Last Updated: 8/2/2010
Microsoft Security Advisory (2219475)
Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution
Published or Last Updated: 7/13/2010
For the entire list of published Security Advisories, visit the Security Advisory Archive Web site.
For the latest information and resources, see https://premier.microsoft.com
