0 minutes Less than a minute read

ADFS Content on TechNet Wiki

Over on the Ask the Directory Services Team blog on TechNet they have a good post on a few wiki entries for dealing with ADFS and troubleshooting.

2 minutes read

Certificates and ADFS 2.0

One of the problems with pushing all this data back and forth between Token Services and clients and Relying Parties is that some of this information really needs to encrypted.  If someone can eavesdrop on your communications and catch your token authorization they could easily impersonate you.  We don’t want that.  As such, we use certificates in ADFS for EVERYTHING. The problem with doing things this way is that certificates are a pain in the neck.  With ADFS we need at least three certificates for each server: Service Communication certificate: This certificate is used for SSL communications for web services…

0 minutes Less than a minute read


WinFS has been puttering around my idle thoughts lately.  Yep, weird. Why is it still available on MSDN and TechNet subscriptions? Food for thought.

2 minutes read

Putting the I Back into Infrastructure

Tonight at the IT Pro Toronto we did a pre-launch of the Infrastructure 2010 project.  Have you ever been in a position where you just don’t have a clear grasp of a concept or design?  It’s not fun.  As a result, CIPS Toronto, IT Pro Toronto, and TorontoSQL banded together to create a massive event to help make things a little more clear.  To give you a clearer understanding of how corporate networks work.  Perhaps to explain why some decisions are made, and why in retrospect, some are bad decisions. Infrastructure 2010 is about teaching you everything there is to…

8 minutes read

How UAC Actually Works

This post has had a few false starts.  It’s a tough topic to cover, as it’s a very controversial subject for most people still.  Hopefully we can enlighten some people along the way. From a high level perspective, the UAC was developed to protect the user without necessarily removing administrative privileges.  Any change to the system required a second validation.  On older versions of Windows, an application running with administrative credentials could change any setting on the box.  Viruses and malware became rampant because of this openness, given that the average user had administrative credentials.  Most average users balked at…

3 minutes read

Techdays 2009 – VIP Pricing

As budgets get tighter, Tech·Days is the perfect way to get the Tech·Ed experience without the travel expense, with two days of skill-strengthening education to help you position yourself for success by: Learning the technology—with a customizable agenda from over forty sessions across five technical tracks on both current technologies and new products, like Windows® 7 and Microsoft® Exchange 2010; Connecting with Experts and Peers—with Birds-of-a-Feather lunches and the new Windows 7 Zone, you’ll have lots of opportunities to share your ideas with those who know the products best; and Apply what you learn—with a Learning Kit packed with products…

2 minutes read

Protecting Data in Transit between applications and SQL Server

Alright, so you’ve just implemented Transparent Data Encryption on your database.  Your database is extremely secure.  The data, not so much.  You see, the problem is this: the data travels unencrypted between SQL Server and your application.  Whoops.   To enable SSL Encryption on the server side, there are a couple of fairly simple steps involved: In SQL Server Configuration Manager, expand SQL Server Network Configuration, right-click Protocols for <server instance>, and then select Properties. In the Protocols for <instance name> Properties dialog box, on the Certificate tab, select the desired certificate from the drop down for the Certificate box,…

1 minute read

TorontoSql.com, TorontoSql.net, TorontoSql.org just registered

Boredom is a bad thing!  Especially when you are putting off work.  So what do I do to waste my time?  Check out local user groups.  The websites at least.  A few days ago I posted a few links to some promising groups.  To my disappointment there really aren’t that many Microsoft oriented user groups in Toronto.  I wouldn’t call it a bad thing.  More of an opportunity.   I have determined that TorontoSql.com, TorontoSql.net, and TorontoSql.org were not registered.  So for $30 I registered all three of them.  Now I have to put them to good use.  Currently they…

1 minute read

On-Disk Data Structures in SQL Server

Just some links to read.  Carefully.  There’s a lot of information.  These posts were made by Paul S. Randal on www.sqlskills.com.  I’ll do a more thorough job of weeding out information when I’m not strapped for time. Inside the Storage Engine: Anatomy of a record Inside the Storage Engine: Anatomy of a page Inside the Storage Engine: Anatomy of an extent Inside the Storage Engine: IAM pages, IAM chains, and allocation units Inside The Storage Engine: GAM, SGAM, PFS and other allocation maps Search Engine Q&A #20: Boot pages, and boot page corruption Search Engine Q&A #21: File header pages,…

1 minute read

Toronto and Area User Groups of Interest

Since moving to Toronto I have been looking for user groups that I think I could benefit from.  So far I have found a couple of interest:   TSQL.CA – Toronto SQL Server User Group – http://www.tsql.ca/Default.aspx?base Toronto .NET User Group – http://www.torontoug.net/ ISSA Toronto (Information System Security Association) – http://www.issa-toronto.org/    I’m still looking, but these look promising.