Just a quick note: the sample Windows Folder Web Part for WSS 2.0 and SPS 2003 that I posted some time ago is now available for download again from the GotDotNet 'User Samples' area. I re-posted it here after I received several emails pointing out that the GotDotNet 'Code Gallery' area where the web part was originally posted had been closed down. Many thanks to those who sent feedback pointing this out.
It looks like the web part has proved popular, as just before the GotDotNet Code Gallery area was closed down I took a screenshot with the download counter standing at 8133 downloads! Wow, I hope that the solution was useful for all those who downloaded it. Please refer to my original blog post for more details.
Ready for something completely different?
Ever seen the movie 'Minority Report'? One step closer. Microsoft just announced a new product, "Microsoft Surface". You have to watch the videos to appreciate this.
Great stuff; especially as I was thinking about buying a new coffee table anyway. I'm guessing that these won't be available at staff discount for some time though.
... sounds like 'cancelled' to me for 2007! Shame - especially as I was planning to go!
http://msdn.microsoft.com/events/pdc/
Still, it's for technology reasons - the dates fall inconveniently between technology release waves. Maybe we should keep the 'social' aspect alive and still have the party at Universal Studios?
(Suggestions for 'business justification' gratefully received.)
For those who have been building or evaluating records management solutions using Microsoft Office SharePoint Server 2007 (MOSS), you may be aware that MOSS was recently submitted to take the DoD 5015.2 certification test. Adam Harmetz explained why the DoD 5015.2 certification might be relevant for some customers in a post on the Records Management Team Blog a while ago.
Good news - it was just announced that MOSS has passed the test, and received DoD 5015.2 Certification. Hurrah! You can now see MOSS on the Joint Interoperability Test Command list of certified records management applications (meaning that it's official :-)). The capabilities will be made available via an add-on later this year.
The solution has been developed by using the supported MOSS object model - so in theory, anyone could have built the solution given enough time. I think that this is a good example of the power and capability of the solutions that can be created by building on the MOSS platform. Whilst Microsoft chose to address this particular US standard because it is widely recognised, hopefully this shows that MOSS-based solutions can be adapted to meet differing standards. For example, in Europe the upcoming MoReq2 standards look as though they will be increasingly important in the near future. I wonder whether there are any partners looking to build a similar 'compliance pack' for MoReq? (Just my speculation by the way :-)).
If you've not heard of DoD 5015.2 yet, or you do not have a specific need to be compliant with that standard, you probably don't need to think about installing the components.
[UPDATE 5th June 2007]: There is a great white paper that was published by the partner that developed the DoD 5015.2 certification solution for MOSS, describing the new functionality that will be added, here: Military Grade Compliance for SharePoint 2007 (published in January 2007).
There is also now a post about the certification by Adam Harmetz, ECM Program Manager on the ECM Team Blog here.
An entirely new version of the Communicator client application for Live Communications Server has just been released, this time specifically for mobile devices. Microsoft Office Communicator Mobile is for Windows Mobile-based devices, and extends the reach of LCS 2005 so that you can stay connected and in touch with your contacts even while out of the office. What's more you can download the client for free (assuming you've already purchased LCS 2005 Client Access Licenses of course ;-)
Communicator Web Access has also been available for some time.
Via Mark Deakin. (Mark writes about Unified Communications and Mobility technologies, so be sure to check out his blog if you're interested in this area!)
The SharePoint product development team at Microsoft have recently launched the SharePoint Team Blog, where they will be talking about the upcoming releases of the product set. Already published are posts from the Corporate VP of the Office Servers product group, and the General Manager of SharePoint Portal, Search, and Content Management, so make sure to subcribe!
I have just posted a sample SharePoint web part to GotDotNet (note: since moved to MSDN Code Gallery), which I've called the "Windows Folder web part". This is the result of a project I worked on some time ago which I'm now able to share.
What does it do?
The Windows Folder web part allows users to store files within a standard Windows (NTFS) folder in a shared network location and display a list of those files in a SharePoint page via a consistent ‘document library’-style interface.
This means that if your users need to work with file types that do not work well when stored within SharePoint, you can now continue to store them in NTFS, but users can locate them in SharePoint alongside the rest of their files that are stored within SharePoint, via a consistent interface. (Note that NTFS does not natively support all the SharePoint features such as check-in, check-out, version history etc so these options are not available for files accessed via the Windows Folder web part.)
The initial requirement for which I developed this solution was for a company which was migrating all user files from NTFS to SharePoint, but were heavy users of Microsoft Access, with hundreds of small databases stored in NTFS used for various adhoc custom purposes. They would often have multiple users reading and editing data from an Access database simultaneously. When accessed via SMB (i.e. over the local network), Access is capable of handling this type of 'simultaneous access' pretty seamlessly. However, if accessed via HTTP (such as if stored within SharePoint), due to the stateless nature of HTTP, each user perhaps unknowingly downloads a local copy of the database. Any editing they perform happens only on their local copy. If they even realise this, there is no easy way to synchronise their changes back to the version stored in SharePoint and resolve any conflicts. My solution - keep doing it the old way behind the scenes but pretend to store them in SharePoint :-). This way users still have a single place to go to find all their files.
I'm sure you can think of other scenarios where this could be useful. Note that even with this web part available, you should continue to store most file types within SharePoint to take advantage of check-in, check-out, version history and all the other benefits SharePoint adds over NTFS. Use this solution only when there is something blocking you from otherwise using SharePoint.
Sounds hard to manage?
This is the cool bit: When a SharePoint site administrator adds the Windows Folder web part to the site, a new NTFS sub-folder representing the site is automatically created underneath a 'root' NTFS shared folder (configured by the server administrator when first installing the web part). The NTFS security ACLs for each sub-folder are automatically synchronised to match the list of SharePoint users for the site, so the site administrator experience is simply to "drag and drop" the web part. New users added later to the SharePoint site will also be added to the NTFS folder next time the site admin visits the site.
Works best (most securely) if Kerberos authentication is used.
Where can I get it?
You can download the entire solution from GotDotNet the MSDN Code Gallery, including install files, source code and full documentation (hence I'm not going into great detail in this post as to how it works :-). Please note that the solution is only provided "as is", i.e. as a sample with no support provided, and I'd encourage you to evaluate it thoroughly and make any changes required before deploying into production to determine if it meets your needs and security requirements. If you review the source code you may find that you can improve it in some (possibly many ;-) ways - if so please go ahead - I'd welcome any feedback on the solution or advice on how it could be further improved! Hope that you find it useful. If you have any questions, please post them on the GotDotNet MSDN Code Gallery message board (or use the contact form on this blog).
[UPDATE: 3rd Sept 2007 - changed the hyperlinks from this article to point to a new download location after the GotDotNet CodeGallery was phased out - solution is now located in the GotDotNet User Samples area. Thanks to those who pointed out the original links no longer worked.]
[UPDATE: 22nd Feb 2008 - changed the links again after the whole of GotDotNet was shut down :-), code was migrated to the MSDN Code Gallery.]
All the sessions from PDC05 were video recorded - and the recordings have now been posted on a public website here: http://microsoft.sitestream.com/PDC05/
There was some extremely valuable stuff discussed at PDC that hasn't been well captured elsewhere - if you're anything like me even if you were at PDC there were far too many sessions to catch half the stuff you were interested in, so now's your chance to catch up :)
Also you can still download the slide decks seperately here: http://commnet.microsoftpdc.com/content/downloads.aspx
Some great new LCS 2005 sample code has been released recently to cover some commonly-requested messaging scenarios:
Role Agent for Microsoft Office Live Communications Server 2005
Role Agent is a sample Microsoft Windows service application that implements a role-based messaging agent for managing sessions and for brokering and dispatching instant messages between users and members of a defined group.
Group Alerts Sample for Microsoft Office Live Communications Server 2005
The group alerts sample application provides a simple user interface for sending instant messages to the online members of an Active Directory group or distribution list and its subgroups.
Recently I enthused about the planned RTC Presence Toolkit, which would provide an easy way for developers to add integrated communications and presence to their own applications. The toolkit has now been published as the "Presence Controls for Office Communicator 2005".
If you're already using Office Communicator as your client interface you'll be familiar with the new 'Gumdrop' icons which indicate presence - these can now be used in your custom applications, complete with action menus. "Suck them and see" :-)
Microsoft has now formally announced the "RTC Presence Toolkit" at the Worldwide Partner Conference 2005. If you were at my presentation at the Office Developer Conference UK last month, you saw a demo of the beta version - which is variously referred to as the "Persona" control and the 'Gumdrop' control due to the new icons used by Office Communicator :-)
The toolkit will make it way easier for developers to add presence, communications and contextual collaboration to their own applications. Gumdrops everywhere! The toolkit should hopefully be released in July - keep watching for the release to msdn!
If you attended the Office Developer Conference in the UK last week, in the beautiful surroundings of Heathrow airport :-), you may have seen me presenting on the second day. I gave two presentations on the Server Track about developing applications using the Live Communications Server platform:
- Live Communications Server - Architecture and Client Automation
- Real Time Communications Client Applications
I took the opportunity to use one of my own earlier blog code examples on Windows Messenger tabs as a demo during the 'Client Customisation' section of my talk - except I updated the tabs for the new Office Communicator client. Happily tabs are still supported in Communicator, although there are a couple of changes to be aware of - I'll add a new blog post detailing this shortly - or you can find full details in the Office Communicator Planning and Deployment Guide (which is a great resource by the way).
There was a lot of interest in the telephony integration features of the new Office Communicator 2005 client - looks like an area that is really going to take off in the near future as more companies start taking full advantage of their existing telephone systems. In particular my presentations were focused on three key messages: Ubiquitous presence, instant communications, and contextual collaboration. Adding these to your own applications is about to become a lot easier with the release of a new control from the product team... more soon! Hopefully if you attended those were the messages you took away. Personally I learned that talking for two and a half hours gives you a very sore throat :)
I'll hopefully be finding time to blog a lot more often over the next few months to cover these exciting new areas! As you may have noticed "more often" would probably mean more than once a month judging by recent frequency, but let's see how it goes [:p]. If you were at the conference and would like to follow up with further questions, or have a suggestion for a future blog post you'd like to see, please send me feedback using the site options.
If you're at TechEd Europe 2005 this week in Amsterdam, you will be able to find me in the Ask The Experts room - I'm on the SharePoint stand, although I'll happily talk about LCS and Communicator too if you'd prefer [:D]. I'll be there during these time slots:
- Tuesday 5th July 15:00-17:30
- Thursday 7th July 15:00-18:00
- Friday 8th July 12:00-14:15
See you there!
You may find that the downloaded compiled help file (.chm) version of the SharePoint Portal Server Administrator’s Guide (found here on microsoft.com) will no longer open correctly after applying the latest batch of Windows XP security updates released last week on 14th June (http://www.microsoft.com/technet/security/Bulletin/MS05-026.mspx). This isn’t specific to the SPS admin guide, but potentially any downloaded .chm file (although the WSS admin guide seemed to work fine).
The solution is to right-click the .chm file, click Properties, and click “unblock”. The guide will then open correctly. See this support article for more details: http://support.microsoft.com/kb/902225
Might save a few minutes of head-scratching :-)
You may have seen Bill Gates announce the new Office Communicator 2005 product recently (if not, you can watch a recording). This is the future of comms - and you could try it now by signing up for the beta programme! (instructions here)
Mayur has written a great overview of the new software here. I'm sure there will be plenty of reasons for further posts about Communicator over the next few months - watch this space!
Here's the blurb from the product site:
Microsoft Office Communicator 2005 is an enterprise messenger that integrates communications capabilities (including instant messaging, rich presence, PC-based voice and video, Voice over Internet Protocol (VoIP), and enterprise telephony) with productivity and other communications applications.
Microsoft Office Communicator 2005 will be the recommended client for Microsoft Office Live Communications Server 2005, which provides a standards-based, enterprise-grade, instant messaging (IM) solution and an extensible, real-time collaboration platform to connect people, information, and business processes seamlessly in real time.
The File Transfer feature of Windows Messenger allows users to transfer files between desktops. Wait, bear with me, there's more...
To help ensure that the file being transferred is safe for use, Windows Messenger 5.1 performs a check each time a file is transferred from one client to another. This check is conducted even before the recipient accepts the file transfer, thereby helping to eliminate any chance of downloading a potentially unsafe file. If the file is determined to be of an unsafe file type, the file transfer is not performed.
What happens during the check actually depends on the version of the Windows operating system being used:
For Windows XP Service Pack 2:
The “Attachment Execution Services”, part of the operating system, are called to verify the safety of the file. You'll find developer info on this subject here and here.
The security policy Microsoft Management Console (MMC) snap-in (Secpol.msc) is used to control which extensions are considered executable file types.
To view or modify the extensions that are considered executable file types
• Run Secpol.msc.
• Expand Software Restriction Policies, and then double-click Designated File Types.
Note: To view the Designated File Types property page, the Software Restriction Policies node may need to be created. To create the Software Restriction Policies node, follow the instructions that appear when ‘Software Restriction Policies’ is expanded.
For Windows XP Service Pack 1 and Windows Server 2003:
The AssocIsDangerous function is called to verify the safety of the file.
For Windows XP RTM and Windows 2000 Server Service Pack 4:
The file extension is checked against a static list of known unsafe file extensions:
"ade", "adp", "app", "asp", "bas", "bat", "cer", "chm",
"cmd", "com", "cpl", "crt", "csh", "exe", "fxp", "hlp",
“hta", "inf", "ins", "isp", "its", "js", "jse", "ksh",
"lnk", "mad", "maf", "mag", "mam", "maq", "mar", "mas",
"mat", "mau", "mav", "maw", "mda", "mdb", "mde", "mdt",
“mdw", "mdz", "msc", "msi", "msp", "mst", "ops", "pcd",
"pif", "prf", "prg", "pst", "reg", "scf", "scr", "sct",
“shb", "shs", "tmp", "url", "vb", "vbe", "vbs", "vsd",
"vsmacros", "vss", "vst", "vsw", "ws", "wsc", "wsf", "wsh"
In all cases, if the file is not determined to be of an unsafe file type, the file is transferred directly to the recipient (peer-to-peer) using a TCP connection over a fixed range of ports. The file does not pass through the Live Communications Server. The file is transferred across the network in plaintext (without encryption) and with only minimal authentication.
Recommendations for deploying a secure system:
• Use Windows Messenger 5.1 and Live Communications Server 2005
• Use Windows XP Service Pack 2
• Use TLS for client-server connections
• Enable the 'Require SIP high security mode' Group Policy setting for the user’s GPO
• An Anti-Virus software solution should be deployed to client desktops to add further protection against unsafe files. 3rd party server-based Anti-Virus solutions which integrate with Live Communications Server 2005 are also available to perform anti-virus scans of the files during file transfer between users. For more information about partner solutions, see the Microsoft Partner site.
Note also that the file transfer feature can be disabled on a per-user basis via the "Prevent file transfer" option in Group Policy.
- Thanks to Chris Araman for assistance with these details
