musc@> $daniele.rant | Out-Blog

I have been busy trying to write a new frontend for this blog that uses .Net. I already blogged about it here. In the last couple of weeks I have been adding stuff - permalinks using mod_rewrite, I finally show the comments properly, I have added categories and category archives (as in http://www.muscetta.net/dotnet/tag/coding). There is even an RSS Feed.

The layout is still crap, but I sort of like it being so light weight, so that is not on my priority list so far. Moreover, I am a crap designer.

Before that, tough, I still have to add important functionalities like the possibility to POST comments (which needs a new CAPTCHA, etc, so it will take me a while), and I am having issues with text encoding (it does not show the accented characters properly, yet).

But I am having fun doing it.

So at one stage I was testing the RSS reader capabilities of Outlook 2007, and I imported an OPML file with roughly 500 feeds! Of course I was NOT interested in reading ALL of them, and it was causing quite a bit of work to do on my machine to fetch them all and sync the content in my mailbox…

So I figured out it was possible to remove the subscription (from the Tools menu -> Account Settings -> RSS Feeds) but the folders were left there. Now, I didn't want to have those 500 folders in my mailbox, and I did not even want to die by right-clicking, pressing "delete", confirming…. all of this 500 times! No way.

So I wrote this little PowerShell script, I guess it *might* be helpful to someone at one stage, who knows ?

[System.Reflection.Assembly]::LoadWithPartialName('Microsoft.Office.Interop.Outlook')
$oApp = New-Object -COM 'Outlook.Application'
$rss = $oApp.GetNamespace("MAPI").GetDefaultFolder("olFolderRssFeeds")
forach ($folder in $rss.Folders)
{
$folder.Delete()
}

Please note that if you don't have the Office Interop Assemblies installed on your machine, you can't use the first line. As a result, you will have to change the third line hardcoding the number that represents the RSSFeeds folder, so it would become:

$rss = $oApp.GetNamespace("MAPI").GetDefaultFolder(25)

Note: I found out (later, of course) that there is a much more general post on this subject (that is, automating Outlook through PowerShell): http://www.leeholmes.com/blog/GettingThingsDoneOutlookTaskAutomationWithPowerShell.aspx

Ballet, uploaded by jyothi76 on Flickr.

This is an old picture (1983) of the ballet school my wife was attending when she was a little girl. Can you figure out who she is in the pic ?

You can build complex web-mashups in minutes.

Read on an interesting review at programmableweb.com and, obviously, more info at the official site http://www.popfly.ms

Some days ago some of my colleagues (most of them in Milan) who have a blog, decided to gather together to talk to each other and to share experiences about blogging, technology, Microsoft, etc.
What they basically did for now was to make a list of all italian Microsoft blogger.

I could not attend, as it turns out I am the only guy in Rome, among all of them.
That is strange. What is also strange is being all of a sudden in a list of *Microsoft* bloggers. I had never thought of myself like a *Microsoft* Blogger. Sure enough I work at Microsoft, but as my disclaimer says it clear "The content of this site are my own personal opinions and do not represent my employer’s view in anyway.". I just feel like I am myself. And I also have a blog. MUSCETTA.COM has been online for 5 years now, and I have only been working for Microsoft for less than three years now.
For sure, I do blog about technology, also Microsoft technology. Of course, I also talk and write and blog about NON-Microsoft technology. In the past I did try to get an official blog (which I called a "corporate blog") but then I preferred to keep using my own domain, just because a lot of what you find here is often personal, politically incorrect and even - yes, I am gonna write it - open source.

Don't get me wrong, I love being at this company, because there's a lot of brilliant people and you cannot find anywhere in any other company such a huge mix of techies that rock so much and are so passionate about what they do! Those other bloggers in that list are this kind of people.

This said, this will stay my random and personal thoughts' basket. I like being in the community, but don't take my word for "official" please. Those you find written here are just my ramblings written from the couch after dinner.

There is not a lot of documentation for System Center Operations Manager 2007 yet.
It is coming, but there's a lot of things that changed since the previous release and I think some more would only help. Also, a lot of the content I am seeing is either too newbie-oriented or too developer-oriented, for some reason.

I have not yet seen a tutorial, webcast or anything that explains how to create a simple unit monitor that uses a VBS script using the GUI.

So this is how you do it:

Go to the "Authoring" space of OpsMgr 2007 Operations Console.
Select the "Management Pack objects", then "Monitors" node. Right click and choose "Create a monitor" -> "Unit Monitor".

You get the "Create a monitor" wizard open:

Choose to create a two-states unit monitor based on a script. Creating a three- state monitor would be pretty similar, but I'll show you the most simple one.
Also, choose a Management pack that will contain your script and unit monitor, or create a new management pack.

Choose a "monitor target" (object classes or instances - see this webcast about targeting rules and monitors: www.microsoft.com/winme/0703/28666/Target_Monitoring_Edit… ) and the aggregate rollup monitor you want to roll the state up to.

Choose a schedule, that is: how often would you like your script to run. For demonstration purposes I usually choose a very short interval such a two or three minutes. For production environments, tough, choose a longer time range.

Choose a name for your script, complete with a .VBS extension, and write the code of the script in the rich text box:

As the sample code and comments suggest, you should use a script that checks for the stuff you want it to check, and returns a "Property Bag" that can be later interpreted by OpsMgr workflow to change the monitor's state.
This is substantially different than scripting in MOM 2005, where you could only launch scripts as responses, loosing all control over their execution.

For demonstration purpose, use the following script code:

On Error Resume Next
Dim oAPI, oBag
Set oAPI = CreateObject("MOM.ScriptAPI")
Set oBag = oAPI.CreateTypedPropertyBag(StateDataType)
Const FOR_APPENDING = 8
strFileName = "c:\testfolder\testfile.txt"
strContent = "test "
Set objFS = CreateObject("Scripting.FileSystemObject")
Set objTS = objFS.OpenTextFile(strFileName,FOR_APPENDING)
If Err.Number <> 0 Then
Call oBag.AddValue("State","BAD")
Else
Call oBag.AddValue("State","GOOD")
objTS.Write strContent
End If
Call oAPI.Return(oBag)

[edited on 29th of May as pointed out by Ian: if you cut and paste the example script you might need to change the apostrophes (“) as that causes the script to fail when run - it is an issue with the template of this blog.] [edited on 30th of May: I fixed the blog so that now post content shows just plain, normal double quotes instead than fancy ones. It seems like a useful thing when from time to time I post code...]

The script will try to write into the file c:\testfolder\testfile.txt.
If it finds the file and manages to write (append text) to it, it will return the property "State" with a value of "GOOD".
If it fails (for example if the file does not exist), it will return the property "State" with a value of "BAD".

In MOM 2005 you could only let script generate Events or Alerts directly as a mean to communicate their results back to the monitoring engine. In OpsMgr 2007 you can let your script spit out a property bag and then continue the monitoring workflow and decide what to do depending on the script's result.

So the next step is to go and check for the value of the property we return in the property bag, to determine which status the monitor will have to assume.

We use the syntax Property[@Name='State'] in the parameter field, and we search for a content that means an unhealthy condition:

Or for the healty one:

Then we decide which status will the monitor have to assume in the healty and unhealty conditions (Green/Yellow or Green/Red usually)

Optionally, we can decide to raise an Alert when the status changes to unhealthy, and close it again when it goes back to healty.

Now our unit monitor is done.
All we have to do is waiting it gets pushed down to the agent(s) that should execute it, and wait for its status to change.
In fact it should go to the unhealthy state first.
To test that it works, just create the text file it will be searching for, and wait for it to run again, and the state should be reset to Healthy.

Have fun with more complex scripts!

Someone in america has Patented some Yoga exercises and techiques.

[...] In Sanskrit, "yoga" means "union." Indians believe in a universal mind - brahman - of which we are all a part, and which ponders eternally. Everyone has access to this knowledge.

Knowledge in ancient India was protected by caste lines, not legal or economic ones. The term "intellectual property" was an oxymoron: the intellect could not be anybody's property. [...]

It is on most newspaper today, read on for example at Herald Tribune.

This patent and copyright thing is becoming more and more ridiculous every day.

An interesting interview with a personality of the security community of some years ago has been published by Antonio `s4tan` Parata. It is very interesting to read from RFP's words an analysis of how the view of people has changed regarding security.

I particularly enjoyed the following passage:

[...]
Antonio “s4tan” Parata (ap): Hi Rain Forest Puppy, many thanks for this interview. You are considered one of the fathers of web security and the inventor of the SQL injection attack. Anyway in the year 2003 you decided to publicly retire from the security field (to get more infos http://www.wiretrip.net/rfp/txt/evolution.txt). Can you briefly sum your decision?

Rain Forest Puppy (rfp): My decision to retire from the public eye was based on a lot of reasons; overall, the amount of resources & energy required to release and maintain advisories and tools was just getting to be too large. It wasn’t fun anymore–and why pursue a hobby if you’re not enjoying it?

Plus, the security industry was becoming commercialized. Advisories and exploits are now bought and sold; performing security research in the first place can land you in legal waters. The intellectual value of the security research performed has been reduced to a single severity rating, which…if not high enough…causes the entire research to be dismissed. I really enjoy security from the intellectual angle; to me, it’s all just a big mental challenge…a puzzle, if you will. So when the creativity and intellectual aspect of it started to fade away, I decided to go with it.
[...]

I do back up this point of view: "why pursue a hobby is you're not enjoying it ?".

Creativity and intellectual aspects of security do still interest me, just the market around changed. That's also part of why I started doing more System Management again - at least I have fun thiking and thinkering, integrating, scripting and composing….

[...] The intellectual value of the security research performed has been reduced to a single severity rating [...] I really enjoy security from the intellectual angle; to me, it’s all just a big mental challenge…a puzzle, if you will [...]

His point is expressed beautifully.

But he does not only talk about the Security community and market, he also has some interesting thoughts on open and closed source software:
 

ap: You are the author of the libwhisker library (http://www.wiretrip.net/rfp/lw.asp), widely used to create assessment perl scripts. What do you think about nowadays products related to web application assessment? What about some open source software (like parosproxy or nessus) changed to closed-source?

rfp: I have to choose my words carefully, because I very recently started working for a security software vendor.

Having had open source projects, I will say this: it is very hard to bootstrap a development community, and achieve the same level of polish, quality (as in QA), and implementation thoroughness as a commercial product. This isn’t necessarily because commercial software vendors are better coders; the dynamics are just different.

Open source coders are usually working on their own donated time. That means contributions are often catch-can and best-effort. Open source (when not sponsored by a commercial entity) are typically limited in resources (with time being the critical one).

[...]

All I care about is whether the tool works and/or gets the job done. I’ve spent so much wasted time trying to get a screwdriver to do a hammer’s job, and vice versa. I really don’t care if a tool is open source or commercial; I let the job dictate the tool, and not the other way around. Of course, there are certain artificial restrictions on this (like price limitations), but in general, I think there are some things that currently only exist in free & open source tools, and there are some things that currently only exist in commercial tools.

So use both wisely and get the best of both worlds.

[...]

Read the complete interview here: http://www.ush.it/2007/05/01/interview-with-rain-forest-puppy/

Purble Place is a new educational game that ships with Windows Vista (even with Starter and Home Basic editions) that can help teach colors, shapes, and pattern recognition.

My kid absolutely LOVES it, especially the section of the game where you have to make and decorate cakes :-).

Digital Printouts.
I often find it funny to use the old reflex camera with films, but I mostly use it as if it was a digital one: I make many shots, some are good some are bad - I don't bother printing them, I just let it develop and I scan the pictures I like from the film (several ones are even posted here this way).
I have even been talking about this with fellow flickerer's: www.flickr.com/groups/romamor/discuss/72157600009019234/p…

On the opposite, it often happens that I want to print some photos made with the digital camera. So I take them to the shop on the Compact Flash, or more often on a USB pen drive.

Today, tough, something strange happened: the machine they use to print digital photos (some very big professional system for printing on photographic paper with a proprietary application which manages it) hanged while it was trying to load this one photo which was on the USB pendrive.

The guy at the shop got panicked: he said a week earlier a guy got the machine infected with a Virus through his USB pen, and he had to stop working for three days, spend a lot of money to get the system reinstalled…

I tried to tell him to close the application but he did not even get what I was talking about. He was saying that the system was not responsive… I was pretty sure the system WAS responsive, it was just the APPLICATION which was hanging, and since it looked like an NT-based system I tried to guide him through CTRL+ALT+DEL, to start "Task Manager", kill the application (this whole procedure took several minutes, and I had to show him which keys I was talking about as he was abel to find "ALT" but he had never hear of CTRL, left alone "DEL"). It was a Windows2000 Professional… so I wondered how did he logged in if he did not know that key combination….. I asked how did he get in when he started the machine…. "it opens automatically" he said. I see. I though it must be configured for autologon then. After killing the application he asked "how do I get out of this now??" "This" being Windows Explorer… I mean, the desktop. I pulled out my USB pendrive he was afraid of, I helped him reboot. He was nervous and he said it took much longer than normal to start up (I don't believe ONE word of it, it just took much less time than my laptop with Vista takes to start up… but he was worried and that makes one anxious and makes time flow slower). He was afraid and nervous that the "thing" could have been broken somehow by trying to load a JPEG…
NOTHING made him confident about me: I tried to reassure him I am an IT Professional, that I work for Microsoft (unfortunately I did not have my business cards with me today, that would have probably helped!), that I put my hands on much more complex and "missioncritical" systems, that I would not bring him any virus whatsoever and I am paranoid about computer security…
Nothing. Nothing worked to re-assure him that there wasn't anything to worry about my pen…

While the machine started I saw it doing AutoAdminLogon with Administrator… with a password of TWO characters.
Oh my god!
Then he wonders that he gets viruses from strangers. He runs as Administrator all the time!!!

But then I though and asked… "is there maybe a LIMIT on the SIZE of the file?". "Of course there is!".
Right.

Since the photo I wanted to print is actually a composition made of two photos pasted together, and each of the original was a 8 Megapixel photo, the resulting is a 16 Megapixel picture, a JPG file of roughly 8 megabytes in size. Well, this days it isn't much anyway. We nearly have cameras which produce files with that high resolution…
..but if THAT application has a limit… WHY on earth doesn't it CHECK for the bloody SIZE of the file BEFORE trying to load it ?

I mean, those are professional systems which - he said - cost around 150 THOUSAND of Euros… which they let run with an application which does NOT do any input checking/validation, runs the whole time as Administrator… while letting people bring in their own CD-ROMs, USB pens, flash memory cards….
and they expect it to be safe?

Now the guy was panicked and wouldn't let me plug my pen in the machine again.

Then he's keeping his shop closed in the afternoon since it is saturday, and I need that photo (and other ones) printed for tomorrow, because tomorrow it is my grandad's 91st birthday and I wanted to bring them printed for him and framed as a present!

Morale: I have to find another place to print them in the afternoon, in a rush, because some company sells print systems which are written like crap, which need to run as Administrator and won't do any input validation in their code. This is one of those situations where a design flaw matters.