Searching for my lost shaker of salt

Today I began the adventure of converting one of my oldest .NET 1.1 apps to 2.0 with the intent of doing it the "new" way (and not just the way I normally do things).  As expected, the first task is to get the membership registration/login working.  I must say the whole new model feels very strange.  Potentially cool, but very strange.

Take for example the idea of adding custom attributes to a user.  Normally this would involve the common User class, making a public property, blah, blah, database, whatever.  Instead, you add what properties are applicable to the Profile and via magic they are loaded and stored for you.  Here's a sample of my web.config that is using this:

profile>
  <properties>
    <add name="DateCreated" type="date"/>
    <add name="NotifyEmail" type="bool"/>
    <add name="EmailActiviationCode" type="string"/>
  </properties>
</profile>

ASPNET automagically makes a class for you to use, so anytime you want to access these properties its a simple matter of:

Okay, weird but I'll give it a go for now.  But I really, really want to revert to the comfort of my own custom objects and factories!!!

Not that I'll be able to comment on that further, as I finally overcame a major issue just getting database access to work correctly.  Anyone who has been to a Microsoft presentation of late has seen their Application Settings web applet that does a lot for you, including provider selection, user and role management, etc.  Pretty nice.  But say you want to do something that isn't covered in the script, such as not require "question and answer" password retrieval.  This is where the fun begins.

First off, you must specify a custom provider.  Relax, you don't need to learn the whole new provider class model and crank code until midnight tonight, you need to define a new provider [it would be nice if this distinction was made a bit clearer in the docs].  Specifying a custom provider is a relatively simple matter of defining the following section in your web.config:

membership
    userIsOnlineTimeWindow="20"
    defaultProvider="TipsMembershipProvider">
  <providers>
    <clear/>
    <add name="TipsMembershipProvider"
      type="System.Web.Security.SqlMembershipProvider"
      connectionStringName="LocalSqlServer"
      enablePasswordRetrieval="false"
      enablePasswordReset="true"
      requiresQuestionAndAnswer="false"
      applicationName="Tips"
      requiresUniqueEmail="true"
      passwordFormat="Hashed"
      maxInvalidPasswordAttempts="5"
      minRequiredPasswordLength="7"
      minRequiredNonalphanumericCharacters="1"
      passwordAttemptWindow="10"
      passwordStrengthRegularExpression="" />
    </providers>
</membership>

In your machine.config all the default providers are set up to use a local SqlExpress database and make everything easy for you.  That's fine for vanilla apps, but not where customization is necessary (e.g. the real world).  My calling <clear/> you are removing from the AppDomain any prior provider definitions so only yours are visible.  This is really important, especially for online shared hosts.  And you see on the bolded line that I said I don't want to require question and answer as part of my user creation process.

That's it, right?  Simple!  No.  Enter frustration.

There is a nice overload to the Membership.Create user call that sets a user to unauthorized and returns an enum of what error occurred.  Two of the paramters is for question and answer, which, as you see below, I left to empty strings:

The gotcha is that you cannot use this overload if you intend NOT to use question and answer parameters.  Instead, you are forced to use exception handling to catch for illegal user creations, and respond accordingly.

I suppose it could have been worse (not being able to change behavior vs. scrapping the entire membership model), but it could have been better and more intuitive.

http://www.thedifferenceisobvious.com/game.aspx

Gotta love the Microsoft marketing department.  Test your perception skills and see if you can identify the differences between two pictures, then enjoy information on VS2005 while the next level loads.

IE Spell is a nice add-on for Internet Explorer, especially for me who writes long blog entries directly into the browser.  Just install it, and it spell checks every text control on a webpage.  Sweet!

The good news is everything is installed and working well.  The fun news is learning how to use things in a low-privilege environment.  The benefits are real, and will be a cornerstone of the next version of Windows (Vista), but until then this is not for the faint of heart.

First off, visit this page Aaron Margosis's weblog.  It contains all the links you'll need to make everything work and a lot more information than I am going to provide below.

Here is my simplified version of what I've done to date.  This is done from the context of a fresh operating system install, but this is not a requirement.  In fact, things may go smoother if you take an existing installation and "convert" it to a low-privilege account.

First task is simply get everything installed using the default Administrator account.  This means install the operating system, all its various patches.  I installed all my development tools (VS2003, VS2005, Delphi 5), databases (MS SQL 2000 & 2005, Oracle 8i), and office applications under this account too as I knew they would work under other "users" well.  This marks a minor mindset change I needed to get into; its my computer not attached to a domain, but I had to remember under what user what was running.

Next add your main user account that you will be spending most of your time with.  Make it a limited user.  XP required me to create another Admin account first for some strange reason.  Now I have an Administrator and an Admin user.  Weird.

Log in with your new account and let Windows do its magic to make everything.  Now the fun begins.  Any icons that are on your desktop you can't delete, because they belong to the "all users" group, and only admins can delete things that span multiple accounts.  Here is where life gets challenging and I nearly ditched this attempt.

There are two ways to address this challenge.  One is to use Fast Account Switching and just toggle between an admin account and "you".  This is easy, perhaps best suited for a non-technical home user but not me.  The "big" trick is to get a Windows Explorer shell working that has Admin rights while logged in as "you".  This is where learn about a little program called "runas" they allows a program to run under a different security context.  Once this is set up you can make all your changes much easier.  There will still be times when its more practical to log in as admin and get stuff done.

The instructions on how to set up Windows Explorer under admin mode were a little confusing (or, I didn't read them fully) so I'll offer these steps.

1. Log into the Admin account
2. Launch the Windows Explorer.
3. Select Tools | Folder Options from the menu.
4. Under the View tab, scroll down and ensure the "Launch folder windows in separate process" checkbox is checked.
5. Read the section entitled "How do I tell my admin windows from my normal windows?" from this post to set up the easiest way to tell when you are running Windows Explorer as an admin.
6. Log back into "your" account.
7. Create a new shortcut on your system with a target that reads:

C:\WINDOWS\system32\runas.exe /user:admin /savecred %SystemRoot%\explorer.exe

The first time you run this it will ask you for the Admin account's password, but the /savecred flag stores that password.  You will now have a Windows Explorer window running with admin rights, which lets you do pretty much anything. 

This is also the way to get pesky applications that demand admin rights to work properly.  For example, I do not autostart IIS and SQL Server (as they take up too much CPU/memory when just playing games) so need to manually start and stop them.  Below is a batch file I run to handle this.

msdev.bat

@echo off
set action=start

if not "%1"=="" set action=%1

runas /user:admin /savecred "net %action% MSSQLSERVER"
runas /user:admin /savecred "net %action% w3svc"

So when I want to spin up my Microsoft development environment, I simply use the Run feature off the start menu and type "msdev" (assuming you put that batch file somewhere in the user's path).

I'll say again, this was a royal pain to go through but now that the work is done there is little left to do.  Most of the pain was finding the set of instructions that best fit what I wanted to do and general problem solving.  Of course, next step is to fully set up my development tools in this environment, but that is for another day...

So maybe I am the last person in the galaxy to figure this out, but with my forementioned huge hard drive I decided to see if I could shortcut the typical 3-4 hour install time for VS2003 and just copy the CD's to the drive and install from there.  Two words; oh, yeah!  It will take less than 5 minutes to install this!

One little lesson learned; I copied each CD to its own subdirectory, which produced some errors.  Just copy each CD to the same directory (responding "ok" to overwriting existing directories) and you'll be fine.

Oh, and in the time it took to write this I went from 50% install to done.  That's cool!!!!

This weekend was designated as the weekend to reload my OS on my Dell I8600 laptop.  Primary reason is I was a bad-boy and loaded BOTH Beta 1 and Beta 2 of VS2005 directly onto my machine without using Virtual PC.  And then I realized I hadn't reloaded it since I got it in September of 2004--- which is a big deal as I tend to need a reload every 6 months!

Right off I knew I was going to have issues with backing up and restoring my data.  I have been using a 40G USB 1.1/Firewire drive for backups for quite a while and felt comfortable using the Backup utility that comes with Windows.  This past week a client from long ago asked me to look at something and guess what?  Yep, couldn't get it off the backup.  It was showing up perfectly in the catalog, but it would restore 0 files.  While there may be something I'm missing, I was smart enough once upon a time to burn those older files to CD so it was not as disastrous as it could have been.

I spent not too much $ at newegg.com and picked a Venus USB 2.0 drive enclosure and 250GB hard drive.  For the same money (about $160US) I could have purchased an all-in-one, but this way I could get a nicer enclosure and the hard drive I wanted.  I've had nothing but good experiences with IBM/Hitachi drives, and this enclosure has both a power switch (so I can leave it hooked up, but inactive) and a silent fan.  Has worked out well thus far, and I have more space than I know what to do with right now.

Part two was using Acronis True Image.  A friend recommended it and he was right on the mark.  This is a great app.  Not only do you get a free, full features 15-day trial, but its worth the $.  You can image your drive without rebooting into a custom DOS app, you can map a share to an image for easy file access, and a whole lot more I've haven't tried yet.  Thus far I've baselined two images during the reinstall, one right after all the drivers and updates were installed and another after most of my apps were installed.

What is going to big the big adventure is I'm taking the "least privilege" plunge and will create my main account as a normal user.  I'll have a lot to blog about in the coming days!

Normally Enterprise Library configuration files live in the main project directory next to your other configuration files.  However, at run-time the application often looks for those configuration files in the same directory, and that is not the main project directory (its the debug or release directory).  This is the quick and easy way to copy all of these configuration files is with a post-build event. 

copy $(ProjectDir)*.config $(ProjectDir)$(OutDir)

The WeProgram.NET User Group in Newport News, VA will be holding their own Visual Studio 2005 launch event on January 10.  Nerd-working begins at 6:30 PM, with the presentation by Darrell Norton beginning at 7:00 PM.  This will likely be our last meeting for a while, so we hope to see everyone there!

The group has changed meeting days, to the FIRST Thursday of the month (instead of the last) which makes this coming Thursday meeting day.  And it will be a great one;

Exploring Service Oriented Architecture
by Kevin O'Connor

We will be meeting at our alternate location (where Mike Richardson did his) at 4600 Cox Road.

Pizza and soda's will be provided as always, thanks to Fahrenheit Technology.  Hopefully someone (Frank!!!) will remember to bring the swag box so we can have a give-away or three...