Steven JW Kennedy

My Blog

Archive for the ‘General’ Category

Test post using iPad

Posted by Steven Kennedy on December 8, 2011

This is a test posting using the WordPress iPad App and an Apple Bluetooth keyboard. Creating a post this way isn’t to bad. Not sure how much control I have over the post in terms of text formatting and or inserting graphics.

Some text formatting; bold, italic

Interesting. It shows the html tags, it’s not WYSIWYG 😦

Posted in General | Leave a Comment »

YLSNED: You Learn Something New Every Day

Posted by Steven Kennedy on February 28, 2011

Seems that this is a known acronym. I’ve decided to use it because I already have two posts who’s titles are; You learn something new every day and You Learn Something New Every Day. This could get confusing so I’m going to prefix each one with YLSNEV: and then a unique title. Hopefully make it easier to identify each of the entries.

Posted in General | Tagged: | Leave a Comment »

AD RMS: Microsoft Active Directory Rights Management Service

Posted by Steven Kennedy on February 22, 2011

Ever since Microsoft came out with their Rights Management Service, now called AD RMS, I’ve been interested in using it. However, in the early days the setup and use of it was not that user friendly. Microsoft have, to a large part, taken care of that. Not only is it easier to setup and use it can be integrated with Microsoft Exchange and SharePoint. I’ll be posting separate posts about my adventures in getting AD RMS working with both Exchange 2010 and SharePoint 2010.

So, last week I installed a new virtual image with AD RMS on it. The installation of the server side of the software was pretty straight forward, I just follow the installation instructions to add the AD RMS role.

For my setup, being as it’s at home, I just used self signed certificates, which cause a number of pop-ups as you use AD RMS. More on that in later posts on using AD RMS. Suffice to say, if you have a valid certificate authority it’ll make deployment and use of AD RMS easier and less intrusive to users.

One issue I did run into is the distribution of policy templates. You not only need to define a location for the templates, that all users can get to read, but you also need to setup the clients to be able to read these templates, in order that they can make use of them. For Windows Vista and Windows 7 this is somewhat easier as the AD RMS Client is part of the Operating System. For Windows XP you have to install an AD RMS client explicitly. In my case I’m currently using Windows 7 Enterprise 32bit.

So my home setup consists of a Windows Server 2008 R2 server with the Active Directory Rights Management Service role enabled. Windows 7 client with Office 2010.

Once I’d installed RMS, and made sure it and the server had all updates applied I went and created a folder to put the RMS Policy Templates that I’d be creating. I took the easy way out and used the ‘Public’ folder on the RMS server; \\RMS\Users\Public, where RMS is the host name for the server hosting the AD RMS role. I then used the Active Directory Rights Management Services console to point AD RMS to this folder. In the console select Rights Policy Templates, indicated by the 1 on the screen shot. Then click on the link Change distributed rights policy templates file location, indicated by the 2. In my case as I’d already done this the location is shown as \\RMS\Users\Public, indicated by the 3.

Policy_Template_files_location - annotated

Once you click on Change distributed rights policy templates file location you’ll be presented with a dialog box, like the one below, to enter the location you wish to use. In the screen shot below it’s showing the location I’d already set. If you haven’t previously set a location then the Current templates file location: will be blank


Once I had this setup I could go ahead and create Policy Templates. Again, this is pretty straight forward but it’s worth noting here that to apply AD RMS to something, like an email, Word document etc. you have say who it is that’s getting the rights. This is done via email addresses. So you either have to provide explicit email addresses, of your users, or use distribution lists. You can also use Windows Live ID’s if you enabled them during installation, or even use Active Directory Federation Services if you enabled that functionality during installation. In my case I only enabled Windows Live ID. It’s seems fairly obvious that it’s best to use Distribution lists, that way you only need to update the DL’s membership without having to update the policy. Also, defining the policy with a DL means that you don’t have to re-distribute the policy every time you update the membership of the policy.

This leads to something else you should consider when setting up AD RMS. naming conventions. You should come up with something for the policy names and for any associated DL’s that the policies use. I’ll touch on this in a separate posting as this one is getting quite long as it is.

Once you have a policy template defined you can check the templates file location to see if it’s there. You can also have other users look at the location to make sure that they have read access t the location and the template files located there.

That’s the first part of making an AD RMS template available. The second piece is for the client to access it. This is where I ran in to an issue. I was able to use Word and Outlook to select a template but only the default, provided ones. The templates that I’d defined weren’t showing up. I’ll go in to that in my next post, AD RMS: Client side.

Posted in AD RMS, General, Server 2008 | Tagged: | Leave a Comment »

Ken Olsen, co-founder of Digital Equipment Corporation Dies

Posted by Steven Kennedy on February 14, 2011

A friend gave me a call late last week to talk and during the call let me know that Ken Olsen, the co-founder of Digital Equipment Corporation, DEC to those of us who are old enough to have used their computers.

For those to young to remember DEC produced the PDP and VAX line of mini computers. Mini computers were the next generation computers of their day, taking over from Mainframe systems. I first ran in to Mini computers at University, an HP mini (I’ve forgotten the model) and a PDP, both in the engineering lab.

When I started working for a living I started as a software engineer working on aircraft flight programs but after 2-3 years I transitioned in to what is known today as IT. It was as a member of the ‘IT’ department that I first came across, programmed and managed both PDP and VAX computers. I continued managing VAX for a number of years, through the introduction of Personal Computers, both WinTel and Apple and their integration with VAXes using DEC Pathworks. The introduction of email using Decmailworks and the use of DECNet for communication between computers. When I eventually left the engineering side of IT in 2003 VAXes where still in use even though by that time DEC was no more, having been sold to Compaq which was subsequently acquired by HP.

The VAX line of computers, and the associated operating system, VMS, was one of the best multi-tasking operating systems I worked with. This in conjunction with it’s clustering capability made it a very nice platform to work and run.


News Articles:

Posted in General | Tagged: , | Leave a Comment »

Problem with iWeb/MobileMe Comments

Posted by Steven Kennedy on February 1, 2011

First posed on my MobileMe blog.

I’ve having problems with the Comments feature of iWeb/MobileMe. That is, using iWeb to create and manage a web site, including a blog, on MobileMe, at

Seems that whenever anyone, well me, goes to the site and tries to add a comment to a Blog entry it’s hit or miss as to whether or not I’ll be able to add a comment.

A previous post, Comments not working!, provides details as to what I’m seeing, along with some screen shots. Now, I’ve been able to look at the source for both a ‘good’ comment and a ‘bad’ comment. That is, the pop-up that displays both when the comment functionality works and when it doesn’t.

I captured the source in both cases and then did a comparison and found a number of differences, which I’ve shown below. I’ve also taken this information and provided back to Apple via the iWeb Feedback site.

What I’ve seen is a number of places where the ‘bad’ version of the source shows the use of “/WebObjects” as part of a URL. The ‘good’ comment source code doesn’t have this as part of the URL. In addition there where three other differences between the ‘good’ source and the ‘bad’ source. I’ve included them below as well. Click on the image to display a enlarged version

One wonders at the differences. Give the likelihood of MobileMe having multiples servers and internet access points, for redundancy and load balancing,  what’s the possibility that one or more of those servers hasn’t been updated properly, especially in the light of Apples move from to

I’ve put the text version of the differences between the two source files for a ‘good’ and ‘bad’ comment. Due to the constraints of iWeb I wasn’t able to insert it as a text table, as is shown in the image above. I’ve highlighted the difference in the ‘Bad’ source by highlighting it in red.

Please note! that some of the lines below extend to the right and might be truncated on your screen. This blog theme doesn’t support horizontal scrolling bars. Switch to full screen, or reduce the browser zoom factor to see all of the text.

Line No  9

Good’ Source: <link rel="stylesheet" type="text/css" href="/Comments.woa/Contents/WebServerResources/English.lproj/styles/ComposeComment.css">

Bad’ source: <link rel="stylesheet" type="text/css" href="/WebObjects/Comments.woa/Contents/WebServerResources/English.lproj/styles/ComposeComment.css">

Line No  27

Good’ Source: <SCRIPT language=JavaScript src="/Comments.woa/Contents/WebServerResources/composeComment.js"></SCRIPT>

Bad’ source: <SCRIPT language=JavaScript src="/WebObjects/Comments.woa/Contents/WebServerResources/composeComment.js"></SCRIPT>

Line No 34

Good’ Source: src="/Comments.woa/Contents/WebServerResources/English.lproj/images/comments_header.gif">

Bad’ source: src="/WebObjects/Comments.woa/Contents/WebServerResources/English.lproj/images/comments_header.gif">

Line No 73

Good’ Source: <div class="leftcolumn"><img src="/i/ma/1/spacer.gif" height="26" width="1" alt="" border="0"><br><div id="verificationImage"><img name="iv" width="188" height="45" id="iv" border="0" src="/WebObjects/Comments.woa/32/wr?wodata=7946055742852725589"></div></div>

Bad’ source: <div class="leftcolumn"><img src="/i/ma/1/spacer.gif" height="26" width="1" alt="" border="0"><br><div id="verificationImage"><img name="iv" width="188" height="45" id="iv" border="0" src="/WebObjects/Comments.woa/47/wr?wodata=-6995371556710623281"></div></div>

Line No 87-89

Good’ Source: <div class="SeparatorBottom"><img src="/i/ma/1/spacer.gif" height="1" width="1" alt="" border="0"></div>

<input type="hidden" value="" name="s_wJmF">

<a href="javascript:authenticate(‘s_wJmF’)" style="text-decoration: none;">

Bad’ source: <div class="SeparatorBottom"><img src="/i/ma/1/spacer.gif" height="1" width="1" alt="" border="0"></div>

<input type="hidden" value="" name="s_llJU">

<a href="javascript:authenticate(‘s_llJU‘)" style="text-decoration: none;">


Line No 94 & 95

Good’ Source: <script>var res = 24*4;

document.authform.s_wJmF.value = ”+res;

Bad’ source: script>var res = Math.max(Math.sqrt(3*27), Math.ceil(9.01));

document.authform.s_llJU.value = ”+res;

Posted in General | Tagged: , , | Leave a Comment »