In my work I use Remote Desktop all the time for a lot of different purposes. I connect to client production and staging servers, to development and proof of concept VPC's, to local servers and machines and even localhost. So it is a big part of my working day.

I have summed up a few tips for the daily use of remote desktop, that will make things easier and solve common problems:

1.  When you get the "Terminal server has exceeded the maximum number of allowed connections" and you can't connect to the machine in the normal way, it is normally still possible to connect to the console session of the machine: Open a command prompt and enter the following, inserting the relevant servername or ip adress where indicated:

mstsc /v:<server> /console

Use this connection to disconnect the running sessions, and then log off and connect in the normal way, to prevent problems with accessing the machine locally. More information. 

2. You can Remote Desktop to localhost. Its very usefull when testing stuff on a machine with different users. I do this all the time.

3. Remote desktop to Virtual machines, which gives a much better interaction with the machine than the VMRC ActiveX control in IE when using Virtual Server 2005.

4. Pressing CTRL+ALT+END brings up the Windows Security dialog box as a replacement to CTRL+ALT+DELETE.

5. CTRL+ALT+PAUSE switches between full screen and windowed mode, which is very usefull when running remote desktop from a remote desktop, and you need to switch between machines.

6. If your not running Vista, get the Remote Desktop update with support for multiple monitors, 32-bit color, font smoothing and higher resolutions: http://support.microsoft.com/kb/925876

7. When using Remote Desktop over the internet se the color depth to 16bit if your experiencing lag - it really helps a great deal.

8. When using multiple monitors you might have experienced that dragging a windowed remote desktop to another monitor and then resizing it to full screen doesn't resize the client desktop size. Therefore you should drag the windowed session to the desired monitor, and then close it. Set the properties for the connection to full screen, and start a new connection. This will start a remote desktop in the right size for your monitor.

As i have mentioned a few times on this blog, I am currently working on yet another Todo List application. This application is developed from the needs that has arisen from my daily work as a lead software developer, and I think its going to be quite a killer app combining instant access to add and manage work items, without lifting your hands from the keyboard with modern Web 2.0 sharing capabilities etc.

As version 1.0 is nearing its completion, I am obviously considering how to distribute this software, and I have decided that there will be something free (as in beer) and something better available at a small cost, say $19.95.

Giving stuff away for free is pretty easy, and only limited by bandwith, but as a MicroISV how do you handle payment and licensing on an international scale? I don't want to give a potential customer any excuse not to buy the software. 

Therefore I have designed it to look Vista-like, it will be Vista Certified (hopefully - see my post about free Vista certification )  and I want the process of licensing and payment to follow that notion. So licensing should be easy, and the should be plenty of payment options including any kind of credit card optimally.

I have been looking for a solution to both these matters, and I might actually have found just the thing to solve it: I stumbled across a Danish Company called Wannakey who are soon going public on the Danish stock exchange for smaller companies.

Wannakey offers license and payment management for software developers, and makes your software available for other parties to sell on their shops through the Wannakey service, and Wannakey descibe their concept like this:

• The developer delivers new and exiting programs
• Wannakey™ delivers the program for protecting and controlling sales
• The stores deliver customers to buy the products

So as a software developer you could create the software and get a developer profile at Wannakey and implement licensing with the WannakeySDK. Then you could set op a shop with Wannakey and sell from your own website, but other software vendors could also choose to market your software in their shops at your terms.

This certainly sounds appealing, and I'm going to take a closer look at this. This could very well be the solution for any MicroISV who just wants to focus on the software.

Last week I wrote a post about the IE6 VPC that is going to expire on the April 1st, with a somewhat harsh tone. Today I am glad to realize that a refreshed version has been made available for download with an expiration date of July 23^rd.

The good news is, that the VPC releases will be refreshed as long as it is necessary. The bad news is, that you need to get the new release every few months, unless you have an MSDN subscription.

The download has been reduced to just under 400 MB, and the content hasn't changed. WGA still doesn't work on the virtual machine, but if you have a specific application you need installed, let them know, an leave a comment in the Post on IEBlog and it might be adressed in future releases.

Get the new IE6 VPC

This might alreay be obvious to you, but it occured to me that my blog in the future, will be a great reference to the solutions, that i will have found at that time to everyday developing problems.

Sometimes I get stuck with a problem, that I know I have already solved once, but I can't seem to remember the exact solution - and I didn't write down the solution, when I found it.

This is where the blog is a handy lifehack tool, that keeps you logging all the problems you encounter, and the solutions you find. Other people with similar problems might find some help in your blog, but in time, so will You.

So blog persistently, it will not only help others, but you will benefit greatly from it, in the future - and your memory is probably not going to get better over time.

I recently upgraded to Vista on my developing machine, and it has worked like a charm. Although the other day I ran in to some problems with IIS7 , as I was going to do some work on a website that uses URL rewriting to make some nice search engine friendly URL's.

I published my project to localhost, and fired up a browser, and got the message: http-error 403.14 - forbidden as shown below (my Vista is in Danish, so these screenshots may by gibberish to you):

 

 

I had set my startpage as something like "frontpage" with no extension and on IIS6 i just set up a wildcard mapping to route any request through the aspnet_isapi.dll, and then handled the forwarding with internal logic.

Rather baffled i studied the message suspecting of course that it had something to do with wildcard mappings, so I opened the IIS Manager to take a look at the StaticFile handler that is mentioned in the error message.

 

 

In the IIS Manager choose Handler Mappings in the IIS section, and you will get the following screen, where we can see the StaticFile handler:

 

 

I noticed that it was set to match * and that got me thinking. What I need is really a wildcard match that passes all request to aspnet_isapi.dll, and as all the static files have extensions, I should set the StaticFile Handler to process *.*

So first I setup a new Script Map to map all requests to aspnet_isapi.dll - this is just like in IIS6.

 

 

Then push the "Request restrictions" button and you will get the screen below, where you unselect the Invoke handler checkbox.

 

 

When you press ok to the choices, you will be prompted to allow enabling of the ISAPI extension. Choose yes in the dialog.

 

 

Now we want to set the StaticFile Handler, that is currently reporting the error, to only handle files with an extension.

 

 

So now I think I'm good to go, and I try to launch my page again. But theres still seems to be a problem.

 

 

 As suggested in the message I consult the Event Log for an explanation, and i get this message:

A request mapped to aspnet_isapi.dll was made within an application pool running in Integrated .NET mode. Aspnet_isapi.dll can only be used when running in Classic .NET mode. Please either specify preCondition="ISAPImode" on the handler mapping to make it run only in application pools running in Classic .NET mode, or move the application to another application pool running in Classic .NET mode in order to use this handler mapping.

After some research I decide - that even though there may be better ways to create URL Rewriting with IIS7 - what I need is to get this application on the road in hurry, and therefore I go with the second option, and set the application to run in Classic .Net mode, which can be done by right-clicking the website in the IIS Manager and choosing Advanced options, and setting the App Pool to "Classic .Net AppPool" :

 

 

Again I'm optimistic and thinking that this should do the trick, and I refresh the page in the browser, but still there is something not quite right - no static files still? When I try to access an image file on the server I get the error: Failed to Execute URL.

 

 

At this point I am getting a little discouraged and I stare at the Handler Mapping Section for a while until i notice a little link in the menu in the upper right side that says: "View ordered list". Aha, I think, obviously the ordered list shows the order in which the handlers are being executed for a request.

 

 

The Wildcard script map we added earlier is at the top, and then the static files won't get processed by the StaticFile Handler. So what we need to do is, to move the Wildcard handler below the StaticFile Handler:

 

 

For some unexplainable reason I need to move the mapping twice in order for it to stay in the position. This happened again when I was going through the steps again while writing this walk-through. But second time you move it, it stays there. And voila, the page renders perfectly:

 

 

I would not recommend this approach unless you need a quick hack to simulate IIS6 setup, but as such it does the trick for me on my development station, where I do development that is deployed to non IIS7 servers. This solution is presented as is, and I give no warranty that it will solve your problem.

A few days ago i wrote about the new learning material that will be available shortly on Commerce Server 2007, and mentioned there was a book coming as well.

This is confirmed now, and the book will be published by Wrox and authored by Wade Wegner. Check out his blog for more info. He is probably going to be blogging about the progress, which i will be following closely, so check out his blog.

You will find most relevant posts about Commerce Server 2007 and Biztalk Server 2006, like the post of Commercer Server 2007 Webcasts and other valuable links .

I don't want to start any religious feud about which browser is best, but there is one point, that is bothering me a bit.

We have been forced to utilize virtualization in order to test web applications reliably in both IE6 and IE7 on the same machine, which is a pain in my behind. Microsoft chose to release the "Internet Explorer 6 Application Compatibility VPC Image" that allows you to run a IE6 testing environment as a VPC, without getting a license for that second install of Windows XP.

This release is of course something by way of compensation, but to my great astonishment i realize that this image expires on April 1 2007. If you look at some statistics IE6 is still the most used browser - im not sure this is a completely accurate statistic, but that doesn't matter - the point is, that IE6 is still widely used, and we as developers need to test our applications on IE6 even after the VPC expires.

I don't know about you, but I will sure feel like an Aprils Fool when this happens. I sure hope for Microsoft that they release a new version with an extended licence.

Anybody starting out with Commerce Server 2007 have been in the same situation, lacking ressources for training, as these have been virtually non-existant. This obviously leaves the learning curve rather steep, as you are pretty much on your own.

I started out with a clean install on a Virtual PC, a copy of the Starter Site and a lot of time experimenting and trying things out. Thats a pretty good way of learning, but you could really save a lot of time if you had a few training ressources to get you started, and to explain the basics.

Well this is your lucky day, because Max Akbar has just announced on his blog, that there is upcoming training material, that is in the final testing phase, and that - within two weeks - will be published to MSLearing .

Furthermore there seems to be plans for a book, so this is very exciting. If you'r working with, or have an interest in, Commerce Server - be sure to subscribe to Max's blog feed .

It so annoying. You probably know the feeling when your shopping on the internet, and you found a great webshop, and even a product that you simply must own. You have put the item in the shopping basket and you have a firm grip of your credit card when you go to the checkout, ready to pay the quoted price. And what do you see: a coupon code field!

So if you were amongst the selected few, you would have had a coupon code giving you a percentage discount of the product you have chosen. But you don't have the code, and you can't help feeling a little cheatet out of the discount, if you were to buy it anyway.

The other day my girlfriend was bying a pair of Gucci shoes, from a renowned webshop, and she asked me where she would get that coupon code, because the shoes were probably to expensive for her budget, so if she could save something, she could convince herself that i would be okay to buy them anyway.

I told her that I didn't know, but as a joke, I said that she could always use the Universal coupon code, with a referral to the good old days, where nobody thought about SQL injections. Obviously she didn't consider it funny, and demanded to get the code. I told her to write 'or'1'='1 in the field thinking that it wouldn't work. But she pressed the button, and low and behold - she got 20% discount of a $600 pair of shoes.

That left me thinkink that this must be a fluke. With all the hype about SQL injections, I was absolutely sure that it would not be possible to reproduce this anywhere else. But I was wrong. In the last couple of days I have tried this on more than 20 different shops on the internet, small and large, and 3 times i succeded in retrieving a discount from the database.

So to all webshop owners out there I would like to iterate: Make sure that text coming from user input is always validated to avoid this situation, and to be sure, tell your developers that they should always use parameterized queries or stored procedures. Its not only a question of a few people getting discounts, its much worse - people might be able to wreck havock in your database with a little more ingenuity.

Im going to leave the ethical debate about utilizing discounts that weren't intended for your, and that were provided by hacking the system, to the comments.

On a side note i would like to encourage everybody always to google for a coupon code, as many coupon codes are made available online to communities and such, and theres no reason why you should miss out on that.

Until May 1 2007 Microsoft is offering free certification testing of your software. So this is a great opportunity for the MicroISV to get the logo, and earn some partnerpoints, without spending a lot of money on it.

But is it actually realisitic for a MicroISV to comply to the demands for the software, and what are  these demands anyway? I downloaded the Certified for Windows Vista Requirements and had a brief look at what you should expect.

• First of all all processes must support User Account Control, so any application must have an embedded manifest stating the execution level, and if you need to run your application with elevated priviliges, you need to apply for a waiver from Microsoft. 
• The software must support x64 versions omf Windows Vista, which basically just means that no 16-bit components can be used, as they won't run on 64-bit versions of Windows, and if you application is dependent on kernel-mode drivers, you must supply and install these. The application doesn't have to run natively, as WOW64 will allow 32-bit code to run.
• All executable files must be signed with an Authenticode certificate. You will also need this certificate to submit your application for testing. In connection with the Vista certification program, you can aquire this from Verisign at a discounted price of $99.
• All kernel-mode drivers must have a Microsoft signature obtained through the WHQL or DRS program.
• The application should not fail to install on higher versions of the OS unless this is the intention. I should support running in multiple logon-sessions, not load in safe-mode and of course not be spyware (according to Anti-Spyware Coalition )
• Applications must use the Windows Installer (MSI) for installation.
• Applications must be installed to correct folders, and not set protected registry keys.
• Rebooting during install should be avoided, and if necessary, this should be thoroughly documented.
• Applications must install in command line in quiet mode with the switch /qn
• Component rules should be followed, for instance only one COM server per application.
• No crashes during the logo certification test, and applications must only handle known and expected exceptions.
• ISV must sign up for Windows Error Reporting, and not disable it in the application.

The conclusion is, that the document of requirements seem worse than it is. It should certainly, for a disciplined developer team, be possible to comply with these requirements, without extending the development time considerably. See the complete list of test cases with instructions, so that you can perform your own pre-tests.

You save the approximately $1000 testing fee, but you will need a Authenticode certificate at $99. Other than that, I am not aware of further cost. Although you should focus on the pre-test, because if you fail you will be billed for the test, and you can instead get a retest for free. So be sure that you won't fail using the list of test cases.

I will attempt to get my application certified for Vista, so i will be posting about the progress, and my experiences.

I like Windows Live Writer. Its very intuitive, and a great way of writing posts, even when your not online, so obviously i'm using it for this blog running dasBlog.

But during the posting of my second post, i ran in to the first problem with it. I wrote the post, read it a few times, and decided to post it. After posting I checked the post on the site, to make sure it looked right, and realized that i forgot to include a picture. So what do I do? I was logged in on the site, so i just pushed the delete icon on the webpage, and it was gone.

Great, i thought. I added my picture, and pressed publish to weblog again. But then i got the "Server error 0, Object reference not set to an instance of an object". And whatever i tried, i didn't seem to be able to upload my edited post.

It turns out that this is a know bug. If you create a post, and you delete from the Blogs userpanel, Live Writer will still have en ID associated with the post, and when trying to update, to a post ID that doesn't exist ... well you get the picture.

My workaround was to create a new post, and copy the contents to this new post, and publish that instead, and then delete the faulty draft.

Alternatively, according to a post on Peter Laudati's blog you can switch to another blog in Live Writer, if you have another configured, and then back to the original blog - this will reset the ID, and you will be able to republish as a new post. I haven't tried that approach though, but it makes sense.

I was listening to The MicroISV Show #14 featuring Don Dodge, the Director of Business  Development  on Microsofts Emerging Business Team, which is a very interesting show for any MicroISV, who might have dreamt about getting the call from Gates himself with a big cheque in his hand.

Don talks about Microsofts shopping sprees in the MicroISV mall, and lifts the vail a bit on how to get in Microsofts searchlights. Actually last year Microsoft bought 19 small companies, who primarily weren't VC funded - they basically were MicroISVs. So if your looking to get bought by Microsoft, heres a few pointers:

1. Any aquisition starts as a partnership with Microsoft
2. Get a network within Microsoft. Use the Microsoft Startup Zone to get contacts.
3. Microsoft is looking for strong developer personalities and teams, so feature yourself  as such.
4. Having a leading edge products is also a step on the way, especially if your product is covering an area where Microsoft has a weak offering. So Microsoft is looking to fill in the gaps.
5. You need to want to scale to millions of users - and not be a maverick going your own way.

So Microsoft is not looking for a quick buyout of a good idea. Rather they looking for the best innovative developer teams, who might happen to have a leading edge product and wants to create a long term working relationship with Microsoft, and maybe wants to influence Microsofts development in the future.

The dream of Bill Gates himself suddenly on the doorstep with an oversize cheque, followed by the immidiate departure to the Bahamas, is most likely not going to happen.

But if you have ambitions in that area, it is actually possible to get the attention of Microsoft, even as a MicroISV if you focus. And even if Microsoft isn't looking to purchase you, you might get great mileage out of a close partnership with Microsoft - they do know a lot of VC's and business angels, who are looking for someone like you.

As the world develops from a place where everybody would have their 15 minutes of fame, to a place  where everybody has a lifetime of 15% fame through online services and realityshows, I have chosen to follow the mob of lemmings  - they do seem to have som direction going for them - and create my own blog.

Well, I did already participate in a danish reality show about startups, so i suppose it was bound to happen some time.

Why should I read this?

You might be asking yourself, and with good reason. With more than 55 million blogs, you have a point. Does the world really need another blog?

According to the Technorati "State of the Blogosphere" more than 70.000 blogs will be created today. Is there actually enough to write about, and is anybody really reading all these blogs?

The answer in short, I think, is no. A lot of blogs are not being read by anybody, and probably only a few of us, who start blogging today, will still be blogging in a year from now.

Whereas it is true, that many blogs are not continually providing original content, if any at all, and therefore isn't generating much of an audience, the group of blogs that do create unique content, is an invaluable ressource of information, news and entertainment, that otherwise might never reach an audience.

So what can DevTalk offer, that isn't already available?

Well first of all, a little about my background. I'm a lead software developer in a danish company, focussing on the forefront of Microsoft server products, such as Commerce Server 2007, Bizztalk Server 2006 and Sharepoint Server 2007. I mostly do custom .Net 2.0 development with C#, and primarily work with logistics-solutions.

Furthermore i run a MicroISV currently developing something as antiquated as a desktop application that handles your TODO list items in a very handy way. More about that later on.

The focus of the blog will of course be the things that i work the most with, reaching to a broad interest in technology. So there will be a lot of posts about .Net development, software architecture, tools and developer relevant lifehacks. I will be posting about entrepreneurship and MicroISVs, and of course a small percent of completely personal, subjective opinions about this and that.

I will maintain the objective of 1 post a day in average.

Will there be a Podcast as well?

Actually yes. Im going all the way, and will in a few weeks be launching the DevTalk Podcast.

Topics will be roughly the same, and i will be putting out a podcast every second week to begin with. If your interested in joining me as a guest on the show, please let me know, and we'll set something up.

For now, i will say, thank you for listening - there is more to come!