Testing System Center Cross Plaform Extentions

May 4th, 2008 by Daniele Muscetta

I am testing the beta bits of the cross-platform extensions that were released on Microsoft Connect 

This post wants to describe my limited testing so far – I hope this can benefit/help everyone testing the beta for some stuff that might currently not be incredibly clear – unless you attended the MMS class, at least :-))

I started out with the White Paper that has been posted on the web, which describes the architecture pretty well, but from a higher level (with diagrams and the like). Then I downloaded the beta bits, which contain another document about setting the thing up. It is pretty well done, to be honest (especially if you consider that it is beta documentation for a beta product!), but it does not really go all the way down to troubleshooting things a lot, yet. I will try to cover some of that here.

I installed the agent manually – it’s just a RPM package, not much that can go wrong with that. There is a reason why I did not use the push discovery and deployment of the agent, which you will figure out reading later on. Once installed, I tried to figure out how things were looking like on the linux machine. It is all pretty understandable, after all, if you look around on the machine (documented or not, linux and open source stuff is easy to figure out by reading configuration files and the like, and by searching on the web).

Basically the “agent” is not properly an "agent" the way the windows agent is, since it does not really "sends" stuff to the Management Server on its own: It consists of a  couple of services/daemons, based on existing opensource projects, but configured in their own folder, with their own name, and using different ports than a standard install of those,  not to conflict with possible existing ones on those machines.

The Management Service uses these services remotely (similar to doing agentless monitoring towards a windows box) using these services. The two services are:

 scx-services commands

It is easy to figure out how they are layed out. Even if undocumented, you look at the processes

SCX processes

and you can figure out WHERE they live (/opt/microsoft/scx/bin/….) and where their configuration files are located (/etc/opt/microsoft/scx/conf …).

SCX Configuration

The files are self explanatory, and the documentation of the opensource projects can be found on the Internet: 

for wsmand

for cimd


I still have to delve into them properly as I would like to, but I already figured out a bunch of interesting things by quickly looking at them.

Agent Communication someone must have decided to “recycle” the 1270 port number that was used in MOM2005 :-) Basically openwsman listens as a SSL listener (with basic auth – connected via PAM module with the “regular” unix /etc/passwd users, so you can authenticate as those without having to define specific users for the service). So all that happens is that the Management Server asks things/executes WS-Man queries and commands on this channel. The Management Server connects every time to the agent on port 1270 using SSL, authenticates as “root” (or as the specified "Action Account") and does its stuff, or asks the agent to do it. So the communication is happening from the Management Server to the agent… not the other way around like it happens with Windows "agents". That’s why it feels to me more like an “agentless” thing, at least for what concerns the “direction” of traffic and who does the actual querying.

For the rest, the provided Management Packs have “normal” discoveries and “normal” monitors. Pretty much like the Windows Management Packs often discover thing by querying WMI, here they use WS-Man to run CIM queries against the Unix boxes.

The Service Model is totally cool to actually *SEE* in action, don’t you think so ?

Service Model


A few more debugging/troubleshooting information:

I searched a bit and found the openwsman.org documentation and forum to be useful to figure some things out. For example I banged my head a few times before managing to actually TEST a query from windows to linux using WINRM. This document helped a lot.

Of course you have to solve some other things such as DNS resolution AND trusting the self-issued certificates that the agent uses, first. Once you have done that, you can run test queries from the Windows box towards the Unix ones by using WinRM.

For example, this is how I tested what the discovery for a Linux RedHat Computer type should be returning (I read that by opening the MP in authoring console, as one would usually do for any MP):

winrm enumerate http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem?__cimnamespace=root/scx -username:root -password:password -r:https://centos:1270/wsman -auth:basic

If you need to test the query directly *ON* the linux box (querying the CIMD instead than WSMAND), the WBEMEXEC utility is packaged with the agent (under /opt/microsoft/scx/bin/tools ). It is not as easy as some windows administrators (that have used WBEMTEST or WMI Tools in the past) would hope, but not even that bad. Just to run a few queries to the CIM daemon locally it is not really interactive, so you need to create a XML file that looks like the following (basically you build the RAW request the way the CIMD accepts it):



<?xml version="1.0" ?>




<IMETHODCALL NAME="EnumerateInstanceNames">






<CLASSNAME NAME="SCX_OperatingSystem"/>








Once you have made such a file, you can execute the query in the file with the tool like the following:

./wbemexec -d2 query.xml


As you can see from here, CIMD uses HTTP already. This differs from Windows' WMI that uses RPC/DCOM. In a way, this is much simpler to troubleshoot, and more firewall-friendly.


I have not really found an activity or debug log for any of those components, yet… but in the end they are not doing anything ON THEIR OWN, unless asked by the MS…. So the “healthservice” logic is all on the MS anyway. Errors about failed discoveries, permissions of the Action Account user, and anything else will be logged by the HealthService on the Windows machine (the Management Server) that is actually performing monitoring towards the Unix box.

It really is *just* getting the WMI and WinRM-equivalent layer on linux/Unix up and running– after that, everything is done from windows anyway!

After this common management infrastructure has been provided, 3rd parties will be facilitated in writing *just* MPs, without having to worry about the TRANSPORT of information anymore.


As you have probably noticed from the screenshots and commandlines, I don’t have a “real” Redhat Enterprise Linux or “supported” linux distribution… Therefore I started my testing using CentOS 5 (which is very similar to RHEL 5) – the agent installed fine as you can see, but I was not getting anything really “discovered” – the MP had only found a “linux computer” but was not finding any “RedHat” or “SuSe” or any other "Operating System" instances… and if you are somewhat familiar with the way Operations Manager targeting works, you would understand that monitors are targeted at object classes. If I don't have any instance of those objects being discovered, NO MONITORING actually happens, even if the infrastructure is in place and the pieces are talking to each other:

 CentOS not discovered

Therefore my machine was not being monitored.

In the end, I actually even got it to work, but I had to create a new Management Pack (exporting and modifying the RHEL5 one as a base) that would actually search for different Property values and discover CentOS instead as if it were RedHat:

CentOS Discovered 

After importing my hacked Management Pack the machine started to be monitored. Here you can see Health Explorer in all of its glory:


Of course this is a hack I made just to have a test setup somewhat working and to familiarize myself with the SCX components. It is not guaranteed that my Management pack actually works on CentOS the way it is supposed to work and that there aren't other – more subtle – differences between RedHat and CentOS that will make it fail. I only modified a couple of Discoveries to let it discover the "Operating System" instance… everything else should follow, but not necessarily. One difference you see already in the screenshot above is that I am not yet seeing the hardware being monitored, so my hack is already only partially working and it is definitely something that won't be supported, so I cannot provide it here. Also, this is a beta, so I I think that the Management Packs will be re-released with following beta versions, and this change is something that would need to be re-done all over again. Also, the unsupported distribution is the reason why I installed the agent manually in the first place, as the "Discovery Wizard" would not really "agree" to go and let me install the agent remotely on an unsupported "platform!".

But I could not wait to see this working, while waiting two business days (we are on a weekend!) for confirmation that I am allowed to actually download a 30-day-unsupported-Trial of the "real" RedHat Enteprise Linux, so I cheated :-)




The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my own personal opinion. All code samples are provided "AS IS" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

A Rant about Openness

May 2nd, 2008 by Daniele Muscetta

It is interesting to see that a bunch of open source projects written on and for the Microsoft platform grows and grows, and also nice to see that a lot of Microsoft employees are very active and aware of the open source ecosystem, rather than being stuck with only what the company makes. Phil Haack, in a post about an interview to Brad Wilson,  wisely writes:

"[…] What I particularly liked about this post was the insight Brad provides on the diverse views of open source outside and inside of Microsoft as well as his own personal experience contributing to many OSS projects. It's hard for some to believe, but there are developers internal to Microsoft who like and contribute to various open source projects. […]"

In fact, being made by Microsoft people or not, the list of open source software on CodePlex keeps growing too. Mentioning CodePlex and interviews, another interesting one is that of Sara Ford, Program Manager for CodePlex posted on Microspotting. But Microspotting is awesome in general. My favorite quote by her:

"[…] Hey. My name is Ariel and I'm the person you thought would never work at MSFT […]".

In fact, just as I do, she is running that blog on WordPress, posting her photos on Flickr, using a RSS feed on Feedburner and in general using a bunch of things that are out there that might be seen as "competing" with what Microsoft makes. In fact, this attitude towards other products and vendors on the market is what I am mainly interested in. Should we only use flagship products? Sure, when they help us, but not necessarily. Who cares? People's blogs are not, as someone would like them to be, a coordinated marketing effort. This is about real people, real geeks, who just want to share and communicate personal ideas and thoughts. I had a blog before being at Microsoft, after all. Obviously I had exposure to competing products. My server was running LAMP on Novell Netware in 2002 – after which I moved it to Linux. It is not a big deal. And if I try to put things in perspective, in fact, this is turning out to be an advantage. I am saying this, as the latest news about interoperability comes from MMS (Microsoft Management Summit): and that is the announcement that System Center Operations Manager will monitor Linux natively. I find this to be extremely exciting, and a step in the right direction… to say it all I am LOVING this!!! But at the same time I see some other colleagues in technical support that are worrying and being scared by this – "if we do monitor Linux and Unix, we are supposed to have at least some knowledge on those systems", they are asking. Right. We probably do. At the moment there are probably only a limited number of people that actually can do that, at least in my division. But this is because in the past they must have sacrificed their own curiosity to become "experts" in some very narrow and "specialized" thing. Here we go. On the opposite, I kept using Linux – even when other "old school" employees would call me names. All of a sudden, someone else realizes my advantage.  …but a lot of geeks already understood the power of exploration, and won't stop defining people by easy labels. Another cool quote I read the other day is what Jimmy Schementi has written in his Flickr profile:

"[…] I try to do everything, and sometimes I get lucky and get good at something […]".

Reading on his blog it looks like he also gave up on trying to write a Twitter plugin for MSNLive Messenger (or maybe he never tried, but at least I wanted to do that, instead) and wrote it for Pidgin instead.  Why did he do that ? I don't know, I suppose because it was quicker/easier – and there were API's and code samples to start from.

The bottom line, for me, is that geeks are interested in figuring out cool things (no matter what language or technology they use) and eventually communicating them. They tend to be pioneers of technologies. They try out new stuff. Open Source development is a lot about agility and "trying out" new things. Another passage of Brad's interview says:

"[…] That's true–the open source projects I contribute to tend to be the "by developer, for developer" kind, although I also consume things that are less about development […] Like one tool that I've used forever is the GIMP graphics editor, which I love a lot".

That holds true, when you consider that a lot of these things are not really mainstream. Tools made "by developer, for developer" are usually a sort of experimental ground. Like Twitter. Every geek is talking about Twitter these days, but you can't really say that it is mainstream. Twitter has quite a bunch of interesting aspects, though, and that's why geeks are on it. Twitter lets me keep up-to-date quicker and better (and with a personal, conversational touch) even better than RSS feeds and blogs do. Also, there are a lot of Microsofties on Twitter. And the cool thing is that yo can really talk to everybody, at any level. Not just everybody "gets" blogs, social networks, and microblogging. Of course you cannot expect everybody to be on top of the tech news, or use experimental technologies. So in a way stuff like Twitter is "by geeks, for geeks" (not really just for developers – there's a lot of "media" people on Twitter). Pretty much in the same way, a lot of people I work with (at direct contact, everyday) only found out about LinkedIN during this year (2008!). I joined Orkut and LinkedIN in 2004. Orkut was in private beta, back then. A lot of this stuff never becomes mainstream, some does. But it is cool to discover it when it gets born. How long did it take for Social Networking to become mainstream? So long that when it is mainstream for others, I have seen it for so long that I am even getting tired of it.

For some reason, geeks love to be pioneers. This is well expressed in a digression by Chris Pratley:

"[…] some of them we will be putting out on officelabs.com for the general public (you folks!) to try so we can understand how "normal" people would use these tools. Now of course, as we bloggers and blog-readers know, we're not actually normal – you could even debate whether the blogosphere is more warped than the set of Microsoft employees, who comprise an interesting cross-section of job types, experiences, and cultures. But I digress. […]"

But I have been digressing, too, all along. As usual.

Popfly Virtual Earth Mashup on Moonlight

April 12th, 2008 by Daniele Muscetta
Popfly Virtual Earth Mashup on Moonlight

Installed moonlight on Ubuntu from source by following these instructions (there are some typo's but they are understandable and correctable).

All in all, even being still under heavy development, what Miguel de Icaza has achieved (with moonlight, just like with mono) is amazing.

After I posted the above picture on Flickr, John Montgomery was amazed to see PopFly (his creature) working on moonlight, and he linked to me from his blog.

Conversation about Blogs with a customer

March 28th, 2008 by Daniele Muscetta

I usually don't like mentioning specific facts that happened to me at work. But work is part of life, so even if this is mostly a personal blog, I cannot help myself but write about certain things that make me think when they happen.

When I end up having conversations such as this, I get really sad: I thought we had finally passed the arrogant period where we had to spoon-feed customers, and I thought we were now mature enough to consider them smart people and providing cool, empowering technologies for them to use. I also thought that pretty much everybody liked Microsoft finally opening up and actually talking TO people… not only talking them INTO buying something, something – but having real conversations.

I get sad when I find that people still don't seem to be accepting that, and wanting back the old model, instead. Kinda weird.


The conversation goes as follows (words are not exactly those – we were speaking Italian and I sort of reconstructed the conversation – you should get the sense of it anyway):



Me: "The SDK service allows you to do quite a lot of cool stuff. Unfortunately not all of that functionality is completely or always easily exposed in the GUI. That is, for example: it is very EASY to define overrides, but it can get very tricky to find them back once set. That's why you can use this little useful tool that the developer of that SDK service has posted on his blog…"

Cust: "…but we can't just read blogs here and there!"

Me: "Well, I mean, then you may have to wait for the normal release cycle. It might be that those improvements will make it in to the product. That might happen in months, if you are lucky, or maybe never. What's wrong if he publishes that on his blog, bypassing the bureaucracy crap, and makes your life easier with it RIGHT NOW?"

Cust: "It is not official, I want it in the product!"

Me: "I see, and even understand that. But right now that feature just isn't there. But you can use this tool to have it. Don't worry: it is not made by some random guy who wants to trojan your server! It is made by the very same developer who wrote the product itself…"

Cust: "It is not supported, what if it breaks something?"

Me: "So are all resource kit tools, in general. written by some dev guy in his free five minutes, and usually unsupported. Still very useful, though. Most of them. And they usually do work, you know that much, don't you?"

Cust: "But why on a blog?"

Me: "What's wrong with this? People are just trying to make customer's life easier by being transparent and open and direct in their communication, just talking RIGHT to the customers. People talking to people, bypassing the prehistoric bureaucracy structure of companies… the same happens on many other sites, just think isatools.org for example… those are just tools that a support guy like me has written and wants to share because they might be useful…"

Cust: "But I can't follow/read all the blogs out there! I don't have time for it"

Me: "Why not? I have thousands of feeds in my aggregator and…"

Cust: "I don't have time and I don't want to read them, because I pay for support, so I don't expect this stuff to be in blogs"

Me: "Well, I see, since you pay for support, you are paying ME – in fact I am working with you on this product precisely as part of that paid support. That's why I am here to tell you that this tool exists, in case you had not heard of it, so you actually know about it without having to read that yourself on any blog… does that sound like a deal? Where's the issue?"

Cust: "Sgrunt. I want something official, I don't like this blog stuff"



I thought this was particularly interesting, not because I want to make fun of this person. I do respect him and I think he just has a different point of view. But in my opinion this conversation shows (and made me think about) an aspect of that "generation gap" inside Microsoft that Hugh talks about here:

"[…]4.30 Hugh talks about a conversation he had with a few people inside Microsoft- how there’s a generation gap growing within the company, between the Old Guard, and the new generation of Microsofties, who see their company in much more open, organic terms.[…]"

Basically this tells me that the generation gap is not happening only INSIDE Microsoft: it invests our customers too. Which makes it even more difficult to talk to some of them, as we change. Traditions are hard to change.

Ca(p)tching Cats and Dogs

March 9th, 2008 by Daniele Muscetta

I read on Jeff Atwood's blog about most strong Captcha having been defeated. Also, on top of visitors getting annoyed by it, the Captcha plugin I am using has gone unmantained lately. And, one way or another, I am getting comment spam again. Which is something I really hate as you know what I would love to do to spammers

I am seriously considering giving Asirra a try. It is an interesting project from Microsoft Research for an HIP (Human Interaction Proof) that uses info from petfinder.com to let users set apart pictures of dogs from those of cats. There is also a WordPress plugin, in the best and newest "we want to interoperate" fashion that we are finally getting at Microsoft (this has always been the way to go, IMHO, and BTW).

Anyway, what do you think ?

Welcome www.powershell.it!

January 4th, 2008 by Daniele Muscetta

I just read from Jeffrey Snover about this newly born Italian PowerShell community site.

I just created an account for myself on the site… as you know I like PowerShell, so even if I usually prefer writing stuff in english, I will try to hang out there and see how can I contribute to it.

After all, I am italian… :-)

Merry XMas

December 22nd, 2007 by Daniele Muscetta

This post is to write down some thoughts before Christmas, along the lines of what I have written yesterday in an email to a lot of colleagues (and I definitely forgotten some of them because there are too many great people I've worked with… so if you are one of the forgotten ones and you are reading this: I'm sorry!).

The last few months have been very busy with work. As much as I enjoyed them anyway, and learned a lot in the process and from the people I worked with, I now really want to enjoy these few coming days of Christmas holidays and RELAX and spend some quality time with my family and friends.

So I wish the same for all of you: that you may spend a Merry, relaxing Christmas, and have a great start for a grand, brilliant new year!


As a side note, having been very busy I have blogged a lot less. Blogging implies that I already have a sort-of-well-formed thought, that should span a few lines or paragraphs, otherwise I don't find it worth it. That does not mean I don't have small ideas or other things I like to share when I come up with them. That is why I am using microblogging and Social Networking a lot lately, so I remind you that even if this blog's builtin feed only includes the REAL FEW blog posts, then I also have another (very "chatty") feed that you can use to "follow me" and that one includes all of the following combined feeds: my status messages from Facebook, my Twitter messages, my pictures on Flickr, the stuff I read somewhere else and then share on Facebook, the places I visit and mark on 43Places and the goals I achieve, want to achieve, or I simply talk about on 43Things, as well as the REAL posts on this blog. It is my implementation of what has been called a "lifestream" by other bloggers.

Monitoring Syslog with OpsMgr 2007

November 9th, 2007 by Daniele Muscetta

I had missed it… finally guidance on how to collect and monitor UNIX syslog in System Center Operations Manager 2007 has been published!

This is much more sysadmin-oriented than what was availble before (that remais of course still relevant, but more from a Management Pack developer's point of view, who wants to know how things work "behind the hood").

Using Live ID to authenticate to WordPress

November 2nd, 2007 by Daniele Muscetta

Yesterday I've been hacking a bit with the Windows Live ID SDK and I wrote a very small and simple plugin for WordPress that enables you to login in to WordPress with your passport Live ID.
I had read in various places that such a plugin would be welcome… I looked around and found none yet (if anyone has instead already written something like this and I missed it I will happily waste the simple stuff I did for something more advanced/well written… just let me know :-)).
I took a look at a similar experiment, and eventually even found that there is some conceptually similar plugin written to work with OpenID. The wordpress openid plugin is much more complex and much more advanced than what I did, tough. It will let you log in with just ANY OpenID user, it will automatically create a user for you on that wordpress installation and associate it with your ID, even just for the purpose of commenting, etc.

But in my blog I don't require or need people to actually log in to do anything. I actually like anonymous/free comment. A CAPTCHA takes care of spammers and I am fine with it so far. Probably for a big site with a lot of users it might make sense, but for my blog so far it doesn't. But there's one thing for which this is instead useful: I have always been worried, when logging in through HTTP (thus, without SSL) to my blog from networks I don't manage or completely trust, that my password could be sniffed over the wire and stolen. Live ID solves my problem by letting Microsoft validate my identity: I have associated my Live ID to the blog's main user account(=myself), the one writing this post. So the plugin in its current form is used as a replacement of the login form (the standard wp-login.php wordpress form CAN still be used if you like, of course, you just don't HAVE to. Also the use of xmlrpc will still require local user/pwd combination.). Anyway, this new form will authenticate you thorugh Live ID and then check if your Live ID is associated to any local user. If it is, it will log you on to wordpress with that account. Otherwise it will inform you that you are successfully logged on to passport Live, but unfortunately there is no corresponding local account for you, and that it would need to be set up. Setting it up is as difficult as adding a line to the database… probably adding a form or a property page would be nice, but in my case I just did it with a query:

INSERT INTO `wordpress`.`wp-usermeta` (
`umeta_id` ,
`user_id` ,
`meta_key` ,
NULL , '1', 'LiveID', 'f11fa1d3e82c68776f94a3a5c459b70b'

which adds an extra "property" for the first user (admin) called 'LiveID' which contains your Live ID (the one above is not my real one, in case you were wondering). When you are authenticated by LiveID and you get back this value, the plugin checks in this table which WordPress userid in the database has been associated with this Live ID and – if it finds one – it authenticates you as that user. Of course you should not have duplicates.

My code is mostly based on the SDK PHP Sample, with some modification to integrate it in WordPress as a plugin. Of course I removed the file that is used as "user database" and used wordpress DB instead.

There's a ton of things that could be improved. I just did not put any more effort and time in it. As you might know if you read this blog, I am not a full time developer. Actually I shouldn't write code at all for work and I am mainly considered an "infrastructure" guy. Anyway, I would like to code more and even if I am not supposed to, I always try to find stimulating situations that require a bit of integration, thinking out of the box, some scripting, etc…

[updated: november 3rd 2007] You can download the sample plugin "AS-IS" here: liveauth.zip . This has only been tested and only works with WordPress 2.3.x serie (but should also work with earlier versions – not tested)

[updated: march 30th 2008] WordPress 2.5 has changed the way the authentication cookie is generated, therefore here is an updated version of the plugin that works with the new secure cookies: liveauth02.zip
I should really invest some more time in this and clear up the code. I should also make an interface to make the configuration easier, and maybe make a version that works on both 2.3 and 2.5 branches. I am not sure when I will have time for that, though…

[updated: april 20th 2008] I have released version 0.3c of the plugin which now finally includes a simple configuration page, and should work on both WordPress 2.3 (and older) and on the 2.5 brach. Please visit the new Windows Live ID Authentication WordPress Plugin Page.

The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my own personal opinion. All code samples are provided "AS IS" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Live Photo Gallery and Flickr

October 25th, 2007 by Daniele Muscetta

I actually read this (Live Photo Gallery  allowing you to post to Flickr) a couple of days ago in an internal mail, and – even tough I Love Flickr – I have been extremely quiet and cautious and I did not blog about it. In fact I felt like waiting about blogging this GREAT new, because I thought that it was internal-only, confidential information, and I was worried that someone would tell me off :-(

In the end it turns out that I did not have to wait or be worried, since the cat was already out of the bag!!!

[As a side note, it happens a lot of times that stuff gets public much earlier than when I actually read that internally. In those internal communication it very often is still considered "confidential" when the whole world is speaking about it…. I don't get this whole "confidentiality" thing in these days of porous membranes…]

.Net Framework CODE is going to be available!

October 4th, 2007 by Daniele Muscetta

I am amazed and excited to read that Microsoft has decided to release the source code of the .Net libraries.

Scott Guthrie writes:

"[…] One of the things my team has been working to enable has been the ability for .NET developers to download and browse the source code of the .NET Framework libraries, and to easily enable debugging support in them. […] VS 2008 will include support to automatically retrieve the appropriate .NET Framework source files on demand from Microsoft. This means that the source code for the ASP.NET GridView and BaseDataBoundControl classes above do not have to already be installed on the machine before we started the debugger. Instead, when we use F11 to step into their implementation VS can automatically download the source files from Microsoft and open it within the IDE. […]"

WOW. This is so cool, and a further step in the right direction.

Thanks to Alessandro for having picked this up, as I read it on his blog, and I thought it was an information worth spreading!!!

Facebook implemented a user.setStatus API!

October 1st, 2007 by Daniele Muscetta

Finally, you CAN change your Facebook status programmatically in a way that is supported!

Some months ago Christian discovered a hack to change your Facebook status. Some other people also used it and extended it. I also ported it to C# and made a winform using its unofficial method.
Suddenly after, Facebook asked us to take down the code, as it violated their terms of service.

It has taken a while, some struggles, but now they finally recognized the need for federated status, and implemented a user.setStatus API.

Twitter is the first to pick it up, so now you can update twitter and have your status propagate in Facebook!

Well done, guys!

When I'll have some time I might think of rewriting my app using the SUPPORTED method, maybe finally writing that Live Messenger plugin… it would be nice :-)
When I'll have time…

Ubuntu on Virtual PC 2007

September 26th, 2007 by Daniele Muscetta

Ubuntu on Virtual PC 2007

Ubuntu on Virtual PC 2007, uploaded by Daniele Muscetta on Flickr.

This was a VMWare "virtual appliance" with Ubuntu that I was using for testing. As I mostly use Virtual PC or Virtual Server, I found it annoying having to switch to VMWare player to use that specific machine, and I could not be asked to install a new one. So I converted the .VMDK to .VHD format (the other way around than it is described on this article ).

After that, I had to change GRUB's configuration to inform it that the SCSI disk (/dev/sda1) was all of a sudden become an IDE one (/dev/hda1), and then I also had to reconfigure X.

After that it runs like a charme!!!

Windows Live Install on 2003 Server ?

September 13th, 2007 by Daniele Muscetta

Windows Live Install on 2003 Server ?

I used to have Windows Live Writer and Windows Live Messenger on my Windows 2003 Server box. Now, this new fantastic integrated setup says it won't install on this operating system. Ridiculous. You read the release notes, and in fact it only says Windows XP and Vista.

I see.

Well, I happen to use a Windows 2003 Server at home – the same machine for day to day use (like writing this post or checking private email) and doing some study/testing. I don't have loads of machines. I don't actually have money for a new machine (even if I would really need a new one to test stuff).
I try to do more with less.

Well, if this does not install, what am I supposed to do ?
I want to chat with people, which means I'll keep using Pidgin on this machine. That way I also have my GTalk, ICQ and Yahoo buddies all in one place. And it eats up much less memory that the "real" live messenger. And without advertisements. How nice.

I am sorry when my employer does this kind of stupid things. This is not interoperability. It does not even work on OUR operating systems!

As for Windows Live Writer, read Phil's post. It seems like FrontPage, all over again.
For writing this post I've used Flickr.
Since I happen to post quite a bunch of photos or images on my blog, I find it ideal. The ONLY thing Flickr is missing, when used as a blogging tool, is the ability to post tags/categories too. Otherwise it would be perfect.

ITPro vs. Dev: there is no such a thing.

September 11th, 2007 by Daniele Muscetta

Dave Winer wisely writes:

[…] I've been pushing the idea that every app should be a platform for a long time, that in addition to a user interface, every app should have a programmatic interface. For me the idea came from growing up using Unix in the 70s, where every app is a toolkit and the operating system is a scripting language. Wiring things together is an integral part of being a Unix user. It's why programmers like Unix so much […]

It is entirely true. The limits are blurry, IMHO. In the Unix world it is common to find full-fledged "applications" which have been written by the ground up by people that were doing SysAdmin tasks, and those "applications" are usually just… scripts. Simple shell scripts, or something more evolved (PERL, PHP, Python) it does not really matter.

I am so tired of the division traditionally made in the Microsoft world between "Developers" and "IT Professionals". We even have separate sites for the two audiences: MSDN and Technet. There are separate "TechED" events: for"Devs" and for "IT Pros". There are blogs that are divided among the two "audiences"…

There aren't two different audiences, really. There are people, with various degrees of expertise. There is no such a thing as a "developer" if he doesn't know a bit how the underlying system works. His code is gonna suck. And there is not such a thing such a "IT Pro" that builds and integrates and manages systems if he does not have the palest idea of how things work "behind the GUI". He's gonna screw things up regardless of how many step-by-step (click-by-click ?) procedures you spoon feed him.

That's why automation and integration are best done by people who know how to write a bit code.

The PowerShell folk GET IT.

Facebook status change is not a crime

September 6th, 2007 by Daniele Muscetta

TechCrunch has been speaking to Christian about his PHP code that he had to pull down, my C# code I had to pull down (about which I also posted a comment this week), and the others who did. you can read what they wrote about it at http://www.techcrunch.com/2007/09/06/facebook-opening-up-but-on-its-own-terms/

It's nice to see things called by their real name

September 3rd, 2007 by Daniele Muscetta

Facebook Terms of Service state that it is forbidden to "[…] use automated scripts to collect information from or otherwise interact with the Service or the Site […]"

For this reason, I had to pull down the code of the small application I had previously released, which was "logging" into the mobile web application "pretending" to be a mobile browser and change your status. Big deal!!!

I am quite sure there are a lot of people writing "official" applications (that is using the "platform API" and so on) that are collecting A LOT of information about users who install their applications. They are being sent the info about the visitors by facebook, they are storing them, they might do whatever they please with (study it, sell it to spammers, to marketers, to making-money-assholes) and nobody will ever notice because it is on their servers and nobody can check that.

But a script that changes your status from remote – since this is not a functionality they CHOSE to expose in their API – then THAT is a big issue. Doh!
It's just plain ridiculous, but that's it.

Sure, the terms of service for app developers say a bit more in this regard:

4) Except as provided in Section 2.A.6 below, you may not continue to use, and must immediately remove from any Facebook Platform Application and any Data Repository in your possession or under your control, any Facebook Properties not explicitly identified as being storable indefinitely in the Facebook Platform Documentation within 24 hours after the time at which you obtained the data, or such other time as Facebook may specify to you from time to time;

5) You may store and use indefinitely any Facebook Properties that are explicitly identified as being storable indefinitely in the Facebook Platform Documentation; provided, however, that except as provided in Section 2.A.6 below, you may not continue to use, and must immediately remove from any Facebook Platform Application and any Data Repository in your possession or under your control, any such Facebook Properties: (a) if Facebook ceases to explicitly identify the same as being storable indefinitely in the Facebook Platform Documentation; (b) upon notice from Facebook (including if we notify you that a particular Facebook User has requested that their information be made inaccessible to that Facebook Platform Application); or (c) upon any termination of this Agreement or of your use of or participation in Facebook Platform;
You will not directly or indirectly sell, export, re-export, transfer, divert, or otherwise dispose of any Facebook Properties to any country (or national thereof) without obtaining any required prior authorizations from the appropriate government authorities;

Are we sure everybody is playing by these rules, when every facebook "application" really runs on the developer'server ? How do you know that they are really storing only what you want them to store, and deleting what you want them to delete ? Everybody knows how difficult it is to really "delete" digital content once it has come into existance… who knows how many copies of this database/social graph are floating around ?

Of course that is not an issue because people don't talk about it enough. But a script that changes your status – now, THAT is a very terrible thing.

I just don't get this "politically correctness". It must be me.

Oh, no… look! It's not only me!
I had read this post of Dare, but I problably had overlooked the last bit of it…. because he did point out this Hypocrisy going on:

Or (5) the information returned by FQL about a user contains no contact information (no email address, no IM screen names, no telephone numbers, no street address) so it is pretty useless as a way to utilize one’s friends list with applications besides Facebook since there is no way to cross-reference your friends using any personally identifiable association that would exist in another service.

When it comes to contact lists (i.e. the social graph), Facebook is a roach motel. Lots of information about user relationships goes in but there’s no way for users or applications to get it out easily. Whenever an application like FacebookSync comes along which helps users do this, it is quickly shut down for violating their Terms of Use. Hypocrisy? Indeed.

He then insists in a more recent post in calling things by their name:

I will point out that 9 times out of 10 when you hear geeks talking about social network portability or similar buzzwords they are really talking about sending people spam because someone they know joined some social networking site. I also wonder how many people realize that these fly-by-night social networking sites that they happily hand over their log-in credentials to so they can spam their friends also share the list of email addresses thus obtained with services that resell to spammers?
how do you prevent badly behaved applications like Quechup from taking control away from your users? At the end of the day your users might end up thinking you sold their email addresses to spammers when in truth it was the insecure practices of the people who they’d shared their email addresses with that got them in that mess. This is one of the few reasons I can understand why Facebook takes such a hypocritical approach. :)

Thanks, Dare, for mentioning Hypocrisy. Thanks for calling things by their name. I do understand their approach, I just don't agree with it.

I did pull my small application off the Internet because I have a family to mantain and I don't want to have legal troubles with Facebook. Sorry to all those that found it handy. No, I cannot even give that to you per email. It's gone. I am sorry. For the freedom of speech, especially, I am sorry.

I will change my status more often on Twitter.

43things Facebook app

August 28th, 2007 by Daniele Muscetta

WOW I already have 13 (thirteen) users for my Facebook application showing your goals pulled from 43things!

Sure, gapingvoid has got 700+ users in 3 days, I know. But hey, he's famous, and I don't see the point of cluttering my already busy Facebook profile with a cartoon. I do read him and generally like his cartoons, and I am in the "friends of the blue monster" group (so to say I like him).

But I prefer reading him in my "normal" aggregator.

I think Facebook apps should rather "inject social objects" (where did I read this definition? sorry I cant recall it or I would appropiately link to you… I swear).

There are of course other similar applications that just pull comics in your profile (like Dilbert, Garfield, etc) but again – I think this is all stuff that YOU are interested in, and thus should just go into your aggregator – so YOU can read it; on the opposite your profile in Facebook should talk about YOU and things YOU are doing, for example. Occasionally they can be YOUR posts or they can even be someone else's posts that you read and want to share/let other people see (that's why I pull in my Google Reader's shared items for example – things I read and want you too to see). If this includes importing other social objects/information from other social networks, like the music you are listening to on last.FM, or the photos you published on Flickr, then it is fine. That's why I wrote an app that shows the things you want to do, pulled in from 43things.com and one that shows the places you want to visit pulled in from 43places.com. Because I felt those social objects from another network were missing. In fact a user commented "[…] Glad someone finally took a step forward to create this, though :) […]".

But of course what I wrote about which kind of applications you should or shouldn't have in your profile, remember that this is just my personal opinion rant, and everybody is free to put whatever stuff he/she likes onto his/her profile, in the end :-)

Open Source Projects and Microsoft

August 24th, 2007 by Daniele Muscetta

This CNet article about CodePlex has some VERY interesting points:

[…] Bayarsaikhan has posted the top 25 most active open-source projects on Microsoft's Codeplex site. Looking at the list, it looks like Microsoft developers spend their time doing much the same as the rest of the Java/other world: play games and make the Web world pretty with AJAX. You can see the top project interests below in the Codeplex tag cloud.

Codeplex is interesting to me for several reasons, but primarily because it demonstrates something that I've argued for many years now: open source on the Windows platform is a huge opportunity for Microsoft. It is something for the company to embrace, not despise.

And it does several things well (better than Sourceforge, in my opinion) […]

Facebook Mobile is not working for Italy

August 21st, 2007 by Daniele Muscetta

Facebook Mobile is not working for Italy

Facebook mobile is not working from mobile operators not in the US, I suppose.
I can't even log on to m.facebook.com with my WIndows Mobile SmartPhone.
I can't send status updates through SMS.

I can't even send them by mail, or I get the following back:

Facebook Mobile is not working for Italy

So, now, I am updating Twitter.
Twitter can be updated with an SMS even from Europe. Or it can be updated with a bot running GTalk. Very easy, can do it from everywhere.

I then wrote a small command line application (based on the same "hack" as the one described before) that runs every five minutes from the scheduler on my server and keeps the two in sync.

I wrote it in C# as a Console application because that's usually what I do when I want it to run it both on my windows machines and/or on my Linux server (with MONO). I already used this approach in the past and I found it to be successful. As long as you keep the application simple enough and check out the documentation for the implemented classes on mono, it runs without modification both on windows on the "real" .Net framework and on Mono on Linux. i just copy the executable and I am ready to go.
Not this time, though.
I am hitting what seems to be a bug in mono. I might be able to find a workaround, but I haven't had the time to dig in the issue yet.
I posted some info about this on this forum.