Unable to edit the specified E-mail address policy. E-mail address policies created with legacy versions of Exchange must be upgraded using the 'Set-EmailAddressPolicy' task, with the Exchange 2007 Recipient Filter specified.

• Department
• Company
• CustomAttribute1, CustomAttribute2, ... , CustomAttribute15

• For all your Exchange users and groups, make sure Exchange mailbox alias field does not contain spaces or characters other than a to z (uppercase or lowercase), digits from 0 to 9, !, #, $, %, &, ', *, +, -, /, =, ?, ^, _, `, {, , } or ~. One or more periods may be embedded in an alias, but each one of them should be preceded and followed by at least one of the other characters. The @ symbol is not allowed in an alias.
• For all your Exchange users, make sure the UserPrincipalName (aka Logon name) is "user@domain.com" and not just "user". I have seent that this problem is usually found on users that are created in Active Directory by Cisco Unity.
• Make sure your display names do not contain leading or trailing white spaces, i.e. the first and last characters in a display name cannot be a white space.

Usually these kind of problems are found in large environments where user provisioning is automated by a third party application or script. If any of the above conditions apply, Exchange Management Console (or get-recipient shell command) will warn you of inconsistent Active Directory objects.

• You use WSUS 3.0 to manage updates in your organization.
• You have Windows XP Service Pack 2 (SP2)-based computers or Windows Server 2003 Service Pack 1 (SP1)-based computers that have Internet Explorer 6 installed.
• You do not want to upgrade Internet Explorer 6 machines to Windows Internet Explorer 7 at this time.
• You have configured WSUS to auto-approve Update Rollups for installation.

See the Microsoft KB article for more information.

This is a humorous video of Bill Gates' last day at Microsoft shown during Microsoft CES 2008. Starring Bill Gates, Brian Williams, Steve Ballmer, Matthew McConaughey, Robbie Bach, Jay-Z, Bono, Steven Spielberg, George Clooney, Jon Stewart, Kevin Turner, Hillary Clinton, Barack Obama, Al Gore, Ray Ozzie and Craig Mundie.

1. Ensure the key name doesn't end in ".bad"
2. Ensure the RefCount value is 0
   
3. Ensure the State value is 0

Outlook displays a message that it has blocked the attachment:

1. On the desktop running Outlook, open Registry Editor.
   
2. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\xx.x \Outlook\Security where xx.x is your Outlook version number (9.0, 10.0, or 11.0)
   
3. Add a new string named Level1Remove
   
4. Add value to this string with all the extensions that you want to unblock, separated by a semicolon. (For example: .mdb;.url ) Remember to put the dot before the extension.

It should, however, be kept in mind that unblocking a particular file type introduces new risk, as the user can also receive a malicious file of the same type from another user or the internet and he/she might inadvertently open it.

For Outlook 2007, you need to insert the string in the following key HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security. If the key path doesn't exist, you can create it.

Thats' right. No more /console switch on the Windows Remote Desktop Connection tool, MSTSC.exe, starting from Windows XP Service Pack 3, Windows Vista Service Pack 1 and Windows Server 2008.

This is because of the design enhancements in Windows Vista and Windows Server 2008, by virtue of which you cannot connect to Session 0, which is the default session. Running services and user applications together in Session 0 poses a security risk because services in Session 0 run at elevated privileges and therefore can be targeted by malware that attack by attempting and exploiting a privilege escalation.

The new generation of the Windows operating system mitigates this security risk by isolating services in Session 0 and making Session 0 non-interactive to the user. In Windows Vista (and Windows Server 2008), only system processes and services run in Session 0. The first user logs on to Session 1. Subsequent users log on to subsequent sessions (Session 2, Session 3 etc). This means that services (like printer drivers loaded by spooler service, UMDF drivers, user/window interactive services, etc) never run in the same session as users' applications and are therefore protected from attacks that originate in application code. [More info]

Session Zero in Windows XP/Windows Server 2003: The first user logs in to Session Zero itself.

Session Zero Isolation in Windows XP SP3/Windows Vista SP1/Windows Server 2008: First user's Session is not within Session Zero, a separate session is created, thereby improving security.

Since there is no longer the ability to connect to Session 0, the /console switch is no longer required. But, what if I want to connect to Session 0 on a Windows Server 2003/XP or earlier machine using RDP 6.1? Let's find out.

When I typed "mstsc /?" on my Windows Server 2008 machine, these are the options that are available to me:

Notice that the /console option is not available, but there is a /admin option. The /admin option lets you connect to Session 0 on a remote computer that doesn't have Windows Vista SP1, Windows XP SP3 or Windows Server 2008 or later installed.

However, if you try to pull the /admin switch on a Windows Server 2008 or Vista SP1 machine, you get an error "An unknown parameter was specified in the computer name field".

The TCP/IP standard for Internet communication, was established as a standard on January 1, 1983. In short, this is the networking technology that the world has been talking on for the past 25 years!

TCP/IP has been the glue that sticks computers, networks and people together, enabling seamless communication across disparate geographical locations, cultures, climates, languages and regions spanning the entire globe. Over the years, TCP/IP has helped load millions of websites, transport trillions of ideas, thoughts and emotions, news and information across the barriers of time and distance. If it weren't for TCP/IP, the world today would have been very different.

More on TCP/IP can be seen at http://january-1-tcp-ip.blogspot.com/

"Remote Desktop cannot verify the identity of the computer you want to connect to."

This is good, but it's rather annoying to be notified each time you want to connect to a server! To turn off the warning,
- Open the Remote Desktop Connection application and click Options.
- On the Advanced tab, select the option Always connect, even if authentication fails.

• Deep integration with existing Microsoft technologies from System Center, Windows, Office, and Visual Studio product families
  
• Enabling new scenarios via a powerful self-service portal to reduce helpdesk costs
  
• A Configuration Management Database (CMDB) that provides an authoritative view of your managed IT infrastructure and services, including all relevant information about current and desired state, past history and future plans, associated incidents and problems, and related change requests.
  
• A core set of automated IT processes that map to the ITIL-based Microsoft Operations Framework (MOF)
  
• An extensible platform that enables customers and partners to extend the product with Management Packs and Microsoft Operations Manager

I downloaded the System Center Service Manager Beta 1 from Microsoft Connect. I am planning to evaluate this product along with Nitrogen, as I mentioned in my earlier post.

The Beta requires that you install .NET Framework 2.0, a series of hotfixes for .NET 2.0, SharePoint Server 2007, and SQL Server 2005 SP2. You also need to create a Shared Services Provider (SSP) on SharePoint Server 2007 before you can start installation of Service Manager.

You can always tell a Windows 3.1 user by the way he closes a window, even in Windows Vista. A Windows 3.1 user almost always closes a window by double-clicking on the left of the window. That's because, back in the times of Windows 3.1, there was no close button on the right of the window.

Take a look at the left of a window in Windows 3.1:


The box with the big dash is called the control box and clicking on it will yield a menu showing options to minimize, maximize and close. Double-clicking on the control box closes the window! And that's where it all began.

A user can activate the menu by pressing Alt+Spacebar. Why? Because the big dash on the control box is actually a representation of the spacebar. The MDI child window also has a control box, but with a smaller dash. So, how do we activate this menu? Yup, you guessed right - Alt+Hyphen!

It is rather interesting to note that the 'double-click-on-the-left-to-close' functionality is still available in Windows Vista, and probably forever in every release of Windows. The Alt+Spacebar and the Alt+Hyphen features are still available too, even though the control boxes don't bear the dashes anymore. As for me, yes, I do close windows from the left at times. Ahem.

Eid Mubarak!