Monday 23 February 2009

Kerberos, Delegation and SQL Reporting Services

Here is a very quick overview of the Service Principal Names (SPNs) you need set-up to get SQL Reporting Services working.

Assumptions:
  • Domain Functional Level is "Windows 2003".
  • SQL Reporting Services and SQL Server (the database engine) are installed to different machines.
  • Your domain is "acme.com".
  • The account running SQL Reporting Services is "acme\SQLReportingServices" (it does not matter which account SQL Server is running under).
  • SQL Reporting Services should NOT be run under a system account ("Local System" or "Network Service").
  • Your SQL Server machine name is "SQL01".
  • Your SQL Reporting Services machine name is "RPTS01".
  • The SQL Server instance holding the database is running on the default port (1433).
You should create four SPNs with "setspn.exe" as follows:
  • setspn -a MSSQLSvc/SQL01:1433 acme\SqlReportingServices
  • setspn -a MSSQLSvc/SQL01.acme.com:1433 acme\SqlReportingServices
  • setspn -a http/RPTS01 acme\SqlReportingServices
  • setspn -a http/RPTS01.acme.com acme\SqlReportingServices
You can substitute values to match your environment given the assumptions above. Note the capitalisation of the Service Class prefixes of the SPNs ("MSSQLSvc" and "http"). These are important.

After you have set-up the SPNs, the "acme\SQLReportingServices" account should be trusted for delegation against those SPNs. This is done in the Properties of the User Account object in Active Directory.

Please note it is best practice to set SPNs against dedicated Domain accounts rather than machines (as per above example). Having SPNs registered to Domain accounts allows you to enable Kerberos delegation in a load balanced environment. If your SPN is registered against a machine you can't delegate from other machines so you can't load balance. Services you wish to enable for delegation should not run under "Local System" or "Network Service". If the service is running under such an account, you have to set the SPN against the machine which limits your options for load balancing.

"setspn.exe" is available in the Windows Server 2003 Support Tools, more information here:


Delegation with Kerberos can be tricky at times. It makes complete sense when you get your head around it but the initial learning curve can be steep. The first thing to do is understand your network "hops". A "hop" is a call between services on which the clients credentials will be passed on the clients behalf.

A great document for understand and troubleshooting Kerberos can be found here:


Saturday 21 February 2009

Clone Detective for Visual Studio

I found this cool add-in for Visual Studio, its called Clone Detective and it detects duplicate code in your Visual Studio Solution. You can find it here:


The short video on the site is well worth watching. Be aware that installing this add-in seems to wipe your existing Visual Studio settings so back these up first.

Monday 16 February 2009

Microsoft's "My Phone" beta registration is open

Here is the link:


Waiting list only at the moment, unless you have a promotional code but I don't know where you get those.

Monday 9 February 2009

Silverlight does not support delay-signing

Grrr.

It seems that Silverlight does not support delay signing of assemblies. This is a pain because our projects use the Guidance Automation Toolkit in Visual Studio to enforce certain best practices. One of the fundamentals to our process is that developer builds are delay signed (with an assembly version of "0.0.0.0"). I've got to circumvent that to fit Silverlight into our set-up.

Tuesday 3 February 2009

Team Foundation Server - label deletion when deleting builds

In TFS 2008 SP1 a feature has been introduced to allow you to retain Labels even when the associated build is deleted (either manually or via Retention Policies).

There are a couple of blog posts here:
Neither post is very explicit in that the particular web.config in which you need to add the setting, can be found here (assuming default installation):

%systemdrive%\Program Files\Microsoft Visual Studio 2008 Team Foundation Server\Web Services\web.config

Monday 2 February 2009

Extending the evaluation period for Windows Server 2008

Recently I have been experimenting with Windows Server 2008 64 bit, to see how useful Hyper-V might be.

I have found that you can extend the evaluation period beyond the initial 60 days. You get an evaluation period if you skip adding a Product Key during the install. To see how long you have remaining of you evaluation period, type the following at the command prompt:

slmgr.vbs -dli

This will present you with a dialogue box. To extend you evaluation period by an additional 60 days, type the following at a command prompt (you need elevated privileges for this):

slmgr.vbs –rearm

A dialog box will confirm this evaluation period has been extended. This process can be repeated 3 times giving you up to 240 days evaluation if you include the initial 60 days. For more information see the Microsoft Knowledge Base article here:


This also works with Windows Vista.

Sunday 1 February 2009

February News

With the beta release of Windows Azure and Windows 7, the forthcoming release of Internet Explorer 8 and many new or updated developer tools, these are eventful times. Here’s a roll-up of what’s been happening.

Microsoft News

  • Microsoft have released a Beta version of Windows 7 to the public which is getting very favourable reviews. This beta is regarded as feature complete and is relatively stable. Microsoft are not adding any major new features over Windows Vista aside from a completely new Task Bar interface to make Window management far easier. Improvements are focused on performance. This is for two reasons. Firstly, Vista was heavily criticised for being very sluggish and secondly, sales of Netbooks are growing and Microsoft will want their flagship operating system to run on them. Note that the general availability of the Windows 7 Beta will end on February 10th. The new features that have been added in this version of Windows are covered in some detail by Microsoft watcher, Neowin. It is understood there will be no second Beta release and the operating system will go straight to Release Candidate. This is a statement of confidence from Microsoft and a clear signal to partners that this edition of Windows is coming soon.
  •  Anyone who missed the news from the Professional Developers Conference last October should catch up on Windows Azure, Microsoft’s new services platform for The Cloud. My write-up can be found here.
  • Microsoft have also announced the availability of Internet Explorer 8 Release Candidate 1 which is widely expected to be the last release before the final version. IE 8 has far better support for open internet standards such as those defined by the standards body, W3C. On paper this sounds brilliant, in practice it will risk breaking those millions of web sites explicitly designed to work for earlier versions of Internet Explorer. Historically, web sites have been designed to work on Internet Explorer at the cost of other browsers owing to its overwhelming market share. Microsoft have provided a “compatibility mode” in IE 8 so that it behaves the same as older versions of the browser.
  • It was impossible to escape news that the United States of America has a new president. The inauguration was probably one of the most photographed events in history owing to the one million plus people who turned up to see it in person. Microsoft’s Photosynth technology has was used to provide a 3-D view of the event using photographs uploaded by the public. Photosynth is a project that came out of Microsoft Research and has been built with Silverlight, Microsoft’s platform for building cross platform Rich Internet Applications. Silverlight is compatible with Windows, Mac, Linux and works on Internet Explorer, Firefox and Safari web browsers making it a compelling platform. Take a look at some other “Photosynths”.
  • Microsoft’s Surface technology is being used to co-ordinate security for the Super Bowl in Tampa, Florida on 1st February. Surface is an interactive table top display technology that has some interesting applications, it is built on the Windows Presentation Foundation (WPF) that was introduced with .NET Framework 3.0.
  • Microsoft are rumoured to be launching brand new mobile services as competition to Apple’s MobileMe offering. Called “SkyBox”, it allows user to sync or share phone information such as contact and data and provides back-up and restore features. This is a further expansion to Microsoft’s Software + Services vision, of which Windows Azure, Windows Live and Office Live have already been launched.
  • Developers should look at the latest MSDN Flash for details of upcoming web casts, events, new downloads and a look at Visual Studio 2010 and the .NET Framework 4.0. You can subscribe to the MSDN Flash email.

Articles & Blogs

Downloads and Tools

  • Microsoft have pushed out a Release Candidate for the ASP.NET MVC Framework. Version 1.0 is likely to ship next month. The current beta release already has a go-live licence.
  • There is a January release of the Windows Azure SDK CTP. This refresh provides better Visual Studio integration with the tooling.
  • There is also a January release of the Oslo SDK CTP.
  • For people who use ReSharper, version 4.5 has entered the Early Adopter Program (EAP) and you can use this without affecting your existing version 4.1 installation using the Visual Studio hive.
  • Microsoft have released version 1.0 of the Web Platform Installer. This is a tool which installs free editions of Microsoft’s entire Web Platform stack including Visual Web Developer 2008 Express Edition, SQL Server 2008 Express Edition and the .NET Framework. This probably not a toolset you would typically use for enterprise level development but is a useful answer where licence costs are an issue or for very small scale projects.
  • Microsoft have released the source code and unit tests for the managed Silverlight 2 controls. This is of great use if you wish to extend these controls or build new ones as it shows you the inner workings of Silverlight. This is similar to last year’s release of the source code for the .NET Framework Base Class Libraries.
  • Microsoft have put a page onto MSDN that gives a comprehensive listing of all current supported Microsoft SDKs, this page will be updated.
  • The open source JavaScript library, JQuery, that ships with now ships with Visual Studio and ASP.NET has seen a release of Version 1.3.1. A JQuery cheat sheet is also available.
  • LINQPad is an excellent LINQ tool, it will even let you interactively query SQL databases.
  • Download Internet Explorer 8 RC1 for Windows XP and for Windows Vista/Server 2008.
  • Chirp is a beautiful Twitter client written in WPF.

And Finally...


About Me