Alexander’s Blog

My students are often looking for good technical resources and tools for troubleshooting. In general, here are my recommendations when it comes to looking for answers on the Web, especially if you are a network administrator or help desk support professional.

1. Use Bing search engine. Don’t be scared. Bing is a serious contender among search engines. It’s much improved and people have started to really like it.

2. Don’t just go to Google, instead use the special search engine for Microsoft resources that is offered by Google: http://www.google.com/microsoft. If you search a KB article on Microsoft’s site and can’t find it, go to google.com/microsoft and chances are you will find the KB article, which will point back to Microsoft’s own site.

3. Looks for answers on TechNet,  Microsoft newsgroups and forums.

4. If you’ve tried other resources and can’t find an answer, go to an MVP’s Web site or blog. For example, for solutions to Outlook, find an Outlook MVP’s Web site or for SharePoint solutions look for a SharePoint MVP’s blog or Web site. The MVP blogs/sites are located at: http://www.mvps.org/links.html.

5. Go to kbalertz.com for knowledge base articles.

6. For event ID errors, go to eventid.net. The annual subscription is practically free (only $24/year).

You may have heard about Google’s new browser called Chrome. I thought about installing it so I can evaluate it. But then I thought about all the privacy violations that Google has been criticized by security experts over the years and decided to do a little research first. I have to admit, I am pretty hesitant when it comes to installing anything made by Google, whether it’s their toolbar, Web browser or anything else. I stumbled upon this article on TG Daily: Chrome is a security nightmare, indexes your bank accounts. In Google’s defense, I should point out that at the time the article was written, Chrome was still in beta. However, the article raises some interesting points and it’s the fact that Google is once again in the middle of a privacy controversy that caught my attention. Here are a few quotes from the article.

After playing around with Google’s brand new Chrome browser, we’ve discovered that its history search box will fetch all types of data - even text from HTTPS-protected financial sites like Washington Mutual and Capital One.  With a few utterly simple keywords like balance, account and Sept., everything from balance information, account numbers and even how much you spent at Costco can be pulled up.

To see all of this in action, just open up Chrome and log in to your favorite financial website.  Like most important sites, it should be protected with HTTPS/SSL encryption and that should be evident in the address bar of the browser.  Do the stuff you would normally do like look at your balances and gawk at your latest transactions and then open up a new tab in Chrome by clicking the “+” symbol.  In the right-hand history search box, enter a few keywords and see what they get you.  Surprised?  I bet you are.  No luck?  Then try something simple like oh Visa, Mastercard, balance and account.  Also try out the names and abbreviations of months like September, Sept and Sep.

And on Guardian’s Web site I read the following:

The history search feature means you can find all your financial, medical and other secrets from the browser without going anywhere near the secure site. Or someone else can. If you have a PC where someone else can access it — for example, in almost any office — then it’s a recipe for disaster.

The Electronic Frontier Foundation has a different concern. It says, according to CNet’s headline, We’re concerned about Google’s Omnibox. There’s a privacy issue because anything you type in gets sent back to the Google mothership, and it’s storing some of it. The ways to avoid that include (1) turn off auto-suggest; or (2) use a default search engine that isn’t Google; or (3) use porn mode. Any one will do.

Sorry, I forgot to include the (mercifully short) story of the day: you can crash Chrome by typing :% in the address bar. I expect someone will figure out how to crash it remotely, if they haven’t already done so….

According to Google their browser is supposed to “make the web faster, safer, and easier”. Safer? Really? Funny I just switched my default search engine from Google to Live Search as I mentioned in yesterday’s blog post Goodbye Google, Hello Live Search!. And no I didn’t do it because of privacy concerns, I did it because I liked Live Search better.

In July I wrote an article Microsoft Surges with TechNet/MSDN Search. In that article I documented my observations, talked about some cool features and listed the areas that needed improvement. Microsoft has been making considerable changes to it’s search engine lately and seems to be more committed to offering consumers search capabilities that rival competitors, such as Google. Recently, I decided to give Live Search a try. The last time I used Live Search, a long time ago, I wasn’t too impressed so I was hesitant at first and definitely skeptical. Anytime Microsoft, or another vendor, tells you to try their new improved product you know they are trying to sell you their product so if you are skeptical that’s natural.

I made Windows Live my default search engine on December 1 and in this article I am documenting my observations. Keep in mind that I have only used Live Search for ten days as my default search so my experience is rather limited. However, I wanted to document my experience because when I wrote the article about TechNet and MSDN Search in July , I clearly stated that I do not prefer Live Search over Google, at least not at that time.

So what changed my mind that I wanted to give Live Search a serious try? Well, the simple fact that Microsoft made tremendous improvements in TechNet/MSDN Search, which impressed me, and I assumed that Microsoft must have made significant changes to Live Search over the past several months. Also, at the last MVP Global Summit Steve Ballmer told us that Microsoft is making improvements to Live Search and asked us (MVPs) to give it a try and then give our honest feedback. So here’s my honest feedback.

For me, the easiest way to compare and contrast two products is to use them both for the same task. And that’s exactly what I did with Live Search. I used the exact same search for both Google and Live Search to better compare the two search engines.

General Observations

Here are some general observations after running same searches on both engines. This list in the following table is not in any particular order.

There are some areas where Live Search blows away Google out of this world, like searching for images. Look at the side-by-side comparison of the two graphics below to get a better idea. With Live Search I can simply move my slider down and it automatically takes me to the next page. Unlike Google search, there is no need to scroll down to the bottom of the page, click Next, wait for the images to load and then start this procedure over for the next page. If you want to search among thousands or even hundreds of images, Live Search is the way to go. Google allows you to refine your images by selecting options from a drop-down button at the top of the page, while Live Search allows you to refine searches by options such as size, aspect ratio, color, style, face, etc. Live Search options are more intuitive and will be easier to navigate and understand by most users.

Live Search Example:

Google Search Example:

In Live Search, when you hover over an image, you get several options including the size of the image. The four zoom options further enhance image searches. Another thing I noticed is that images look much crisper in Live Search. I haven’t spent time to further research this and it may be due to the fact that Live Search has a much cleaner and sharper look to it, while Google feels too messy and the ads definitely add to the clutter.

There is a typo of sorts in Live Search screen. At the time of writing, the cashback link in the upper right hand corner should be spelled Cashback with an uppercase C, just like the rest of the links.

Conclusion

My overall impression about Live Search is that it has made significant improvements since I last used it. I consider it a serious competitor to Google. After using it for 10 days, and mind you it’s only 10 days, I believe an average user is not going to find a significant difference between the two search engines. More sophisticated users will find pros and cons in both search engines. Because I primarily work with Microsoft products, I would prefer to use Live Search just for that reason alone even though I realize that that’s no guarantee for better results.

I like Live Search for aesthetics and clarity, I didn’t notice a significant speed difference in either of the search engines, and the most important factor in search for me is relevance. Well, I didn’t find either of the two search engines having any significant edge over the other in relevance of search results. As far as searching for images, Live Search is light years ahead of Google. For all these reasons, I’ve decided to switch to Live Search for now. I will use it for a while and see how I like it. If I find significant deficiencies I will report back with my findings. Until then, goodbye Google and hello Live Search.

NextGov has reported on the security issue that concerns not just the folks at the Internal Revenue Service (IRS) but all of us who pay taxes in the U.S.

“The Internal Revenue Service found more than 1,000 unauthorized Web servers connected to its networks, leaving the agency’s systems open to hackers, according to a report released on Thursday by the IRS inspector general.

In September 2007, the IRS Computer Security Incident Response Center scanned the agency’s Web servers and identified 2,093 that had at least one security vulnerability. When the center matched those servers to the IRS database of registered Web sites and servers, an inventory of systems that the agency uses to perform security maintenance and apply patches, it found 1,811, or 87 percent, were not listed in the database.

Of the unregistered servers, the IRS identified 661 that were used for legitimate agency business, leaving 1,150 servers being used for potentially unauthorized activity, according to the report.”

Read the entire story here.

If you’ve configured your SharePoint site with a specific URL (host header), e.g. http://webportal and then later decided that you want to change it to another URL, such as sharepoint.seattlepro.com, you can use the Alternate Access Mapping feature of Microsoft Office SharePoint  Server (MOSS) 2007. Here’s how.

1. Start SharePoint 3.0 Central Administration.

2. Click on the Operations tab.

3. Under Global Configuration section click on Alternate access mappings.

4. Click on Show All in the upper right-hand corner and then click on Change Alternate Access Mapping Collection.

5. From Select An Alternate Access Mapping Collection window, click the URL that you would like to change, e.g. http://webportal.

6. Click Edit Public URLs.

7. Change the URL listed in the Default box to the one you want. For example, change it from http://webportal to http://sharepoint.seattlepro.com.

8. Click Save.

9. The next step is to update the information in Internet Information Services (IIS). Start IIS Manager. In our example, we will assume you are running IIS 7.

10. Highlight the Web site whose URL you want to change.

11. In the Actions pane click Bindings (or right-click the Web site and select Edit Bindings).

12. Highlight the entry in the Edit Site Binding window and then click Edit.

13. In the Host Name box enter the new URL that you would like to use. For example, sharepoint.seattlepro.com.

14. Click OK, then click Close.

15. Go to the command prompt and run iisreset to restart Internet services.

16. You should now be able to use the new host header and access the site with the new URL (e.g. http://sharepoint.seattlepro.com).

NOTE: If your Web site needs to be accessible from the Internet and you are using Microsoft ISA Server, or another firewall, you need to make sure that you update the DNS server and the ISA Server rule that allows you to access the Web site from the external network. For example, you need to add a host record for sharepoint.seattlepro.com in a DNS server that is accessible from the Internet and add the URL sharepoint.seattlepro.com on the Public Name tab of the ISA Server rule that is publishing the Web site.

Using Alernate Access Mapping to Configure a Different URL for Internal Use

If you want to use a different URL for the intranet site internally (e.g. http//intranet), you can add that URL in step 6. On the Alternate Access Mappings page, instead of clicking on Edit Public URLs, click on the link Add Internal URLs. In the Add Internal URL box type the URL that you want to add, e.g. http://intranet, then click Save. You still need to go to IIS Manager and in step 13 add a Site Binding for intranet. Your site bindings will look like this.  Notice that you don’t need to type http:// in the Host Name box. Simply type the host header that you want to use (in our case its intranet).

Make sure you don’t forget step 15 after modifying the bindings. That’s it. Now your users can access the intranet site internally by typing http://intranet and externally by typing http://intranet.seattlepro.com.

This is one of many examples of how Alternate Access Mappings can be used in MOSS 2007. It demonstrates how the end user may type a different URL to access the site then the URL that is received by the Internet Information Services (IIS). With Alternate Access Mapping you can also associate multiple internal URLs with a single public URL, using one of 5 different authentication zones: Default, Intranet, Internet, Custom, and Extranet.