When using SharePoint with a proxy server such as ISA, you will need to configure SharePoint Alternate Access Mappings (AAM) if the external address and the internal address are different. For example, if your internal address is http://wssserver/ and your external address is http://wssserver.domainname.com/. Here is a simple guide to configuring AAM on MOSS or WSS Server.

1. Open up your SharePoint Central Administration on the server running SharePoint.
2. Navigate to Operations under Central Administration.
3. Open up Alternate access mappings under Global Configuration
4. Click Edit Public URLs
5. Select your Alternate Access Mapping Collection (your web application)
6. Then enter the respective URLs that the application will be accessed via.
7. I usually do an iisreset /noforce after this.

I found that the other tutorials on the internet wern’t straight to the point, and it was hard to understand them. Hopefully this clears things up for Sharepoint novices out there!
Brennan

I recently went about the task of installing Mac OS X on my ThinkPad T43. I installed both Leopard and Tiger, so I will layout pretty simply how to install either on your T43. First of all the disclaimer: I will not be responsible for what may happen to your laptop, or the grey hairs you may get doing this. And you are only supposed to do this if you are an Apple developer and or have a license for the OS you are installing.

It is actually pretty cool to show off to your buddies that you are running OS X. My computer specs are the following:

IBM ThinkPad T43, Intel 915GM Graphics Chipset, AD1981B Sound Chipset, 2GB DDR2 RAM, and 60GB HDD.

Now onto the fun stuff. Firstly, the steps that are the same for Tiger and Leopard.

• You must use the paperclip trick to short out pins 6 and 12 on your VGA out. Just bend a paperclip into a U shape, with ends long enough to touch the contacts on both sides. Look at the following diagram to see which pins. Alternatively, you can take apart your laptop and solder the pins together from the inside like I did.

• Now you must back up all your data onto an external HDD, because we will be formatting the entire drive.
• Also, disable all CPU power management features in the BIOS because this slows the computer down quite a bit.
• We are done the initial setup stages.

Leopard:

• Download the install ISO from the green demon, or the pirate of the internet seas. Make sure you get the Kalyway 10.5.1 ISO and not any of the ToH ISOs. I repeat ToH WILL NOT WORK!
• Fire up the computer using the burnt DVD, and press enter when it asks you for startup options.
• Now, get a beer, and wait for this thing to boot up. If you get stuck on a blue screen with no cursor, that means that you did the paperclip mod wrong.
• Open up Disk Utility from the top menu, and create one partition (and name it whatever you want)
• When you get to the setup options screen, select SSE2 System, the MBR Bootloader, and also the Azalia Audio package.
• Wait for the computer to finish installing, and then restart your computer.
• Everything except the wireless and Quartz Extreme should be working now (No GMA900 leopard support yet).
• Go to http://code.google.com/p/iwidarwin/ and download the latest 10.5 Stable package.
• Run this in your terminal

  sudo -s
  chmod -R 755 /System/Library/Extensions
  chown -R root:wheel /System/Library/Extensions
  rm -rf /System/Library/Extensions.mkext (if exists)
  rm -rf /System/Library/Extensions.kextcache (if exists)

• Reboot, and everything should be working at this point.
• Enjoy.

Tiger:

• Download the XxX 10.4.11 ISO from your favorite ’source’.
• Put DVD in, reboot, and press enter at the prompt to start the install.
• As same as Leopard, if it stalls at the blue screen without a cursor, it means that your did the paperclip trick wrong.
• Open up Disk Utilitiy from the top menu, and create one partition (and name it whatever you want)
• For the install, Select the NoEFI Package, the 8.9 SSE2 Kernel, and the GMA900 package, but NOT the fixer.
• Wait for the install to finish, then reboot.
• Once running, you will probably notice that not much is working, don’t worry we’ll fix that.
• Insert the Install DVD, and install the GMA900 Fixer and the AD198x package. You may have to dig in the install DVD to find the latter package. Once installed, reboot.
• You should not notice that you have working QE+CI, and also working sound.
• Now, download the Broadcom Ethernet Kext file, and extract it to wherever you can remember. You will need to copy this file over from another computer because ethernet/wireless isn’t working yet.
• Now, run the following commands.

  sudo -s
  rm -rf /System/Library/Extensions/IONetworkingFamily.kext
  mv /PathToFile/IONetworkingFamily.kext /System/Library/Extensions
  chmod -R 755 /System/Library/Extensions
  chown -R root:wheel /System/Library/Extensions

• Now reboot, and you should have fully working ethernet, with the exception of your MAC address being 00:00:00:00:00:00. You can set your MAC Address by using the command:

  ifconfig en0 ether <MAC Address>

• Go to http://code.google.com/p/iwidarwin/ and download the 10.4 Installer (Stable), and install the package. Reboot, and you should have working wireless (although you can only connect to unencrypted or WEP APs).
• Enjoy!

If you have any questions, feel free to ask via comments or just send me an e-mail.

Brennan

I recently was required to install BlackBerry Enterprise Server (BES) on our corporate network. I did the usual configuration following the step that I found on the BB site here.
I then proceeded to make an ISA Firewall Rule that enabled outbound acccess from the bes server (a computer object) to external on port 3101. I also created the corresponding inbound rule on port 3101 as well just to be extra sure.
I followed the steps word for word (or so I thought), and tried syncing a BlackBerry to the servers, and it just timed out on me. So then I went back to the drawing board, and realized that I didn’t setup my permissions on the Active Directory (AD) user accounts properly. So I uninstalled the server, followed the following steps:

1. Local Administrator rights on the BlackBerry Enterprise Server
2. Local Security Policy permissions for the BlackBerry Enterprise Server service account
3. Microsoft Exchange permissions at the Administrative Group level
4. Microsoft Exchange permissions at the Microsoft Exchange Server level
5. Send As permission at the Domain level
6. Database permissions for managing the BlackBerry Configuration Database

And reinstalled the server. Still no avail. I looked into the logs and noticed this line in the BES_DISP logfile:

IPPa] {User Name} Forwarding status to BES Agent (S61887304_001), intTag=5, extTag=1
[30222] (03/20 16:20:19.482):{0×898} {User Name} MTH: contentType=OTAKEYGEN, sizeOTA=216, sizeOTW=216, TransactionId=-941432706, Tag=2
[30310] (03/20 16:20:19.482):{0×898} {User Name} Forwarding internal data to device, contentType=OTAKEYGEN, routing=S61887304, device=301D4AC4, size=258, cmd=0×3, ack=0, TransactionId=-941432706, intTag=8, Tag=2, Submit=1
[30375] (03/20 16:20:19.576):{0×8A0} {User Name} Packet returned as FAILED – could not be delivered to device, Tag=2

After doing some research, I found out that you NEED to have the BES option on your phone which can only be set by your carrier. To find out if you have this or not, just go to options -> advanced settings and see if theres an option for Enterprise Activation anywhere. If there isn’t, that means that you do not have the BES package. To get this, just phone your carrier, and ask them to add BlackBerry Enterprise Services (BES or pronounced B’ezz) to your account and you should be good to go!
Brennan

I recently started to notice that I’m having an awful shortage of RAM after upgrading to the latest version of iTunes. I remember back when I was using 6.x iTunes used no more than around 30 MB of RAM. Now that I have an iPod touch, I have to upgrade to 7.6. I don’t mind upgrading at all. As a matter of fact I am an upgrade freak. But when that upgrade causes the program to use 200MB of RAM, that’s an issue. My specs are:

* Intel Core 2 Duo E8400 @ 4.0GHz
* 4GB Crucial Ballistix Low Latency RAM
* nVIDIA GeForce 9800GTX * 2
* 6356 Songs with around ~85% with Cover Art

I use Adobe Illustrator, Photoshop and Dreamweaver… frequently simoultaneously. And I can’t have software hogging up already scarce RAM.

How is everyone else’s RAM usage using iTunes 7?

Another one my wonderful fixes/tutorials on what Microsoft should have flippin documented in the first place. But I guess they can’t test and document everything eh?
Well heres how you get ISA 2006 and Outlook Anywhere with Exchange 2007 to work nicely using NTLM Authentication.

WARNING: You must have OWA and Outlook Anywhere running on different web listeners.

1. First Configure your Firewall Rule authentication method to “No authentication, but client may authenticate directly”
2. Then set your Web Listener to HTTP Authentication with Basic and Integrated authentication methods selected.
3. Go to the Exchange Management Console and make sure that Outlook Anywhere is set to NTLM Authentication mode. You can do this under the “Server Management” area.
4. Go to the IIS Management Console, and make sure that Integrated Authentication is enabled for your Outlook Anywhere Web Site (usually “Default Web Site”)
5. Switch over to NTLM Authentication in Outlook, and you should be rockin!

By the way, this isn’t as secure as using Basic authentication because ISA is just passing the session through to the Exchange server, and not proxying everything. But I’d say not having to type your password everyime is worth that sacrifice.
Brennan

Some of you may be having a hard time configuring CRM 4.0 and ISA 2006. All seems well when you use the web client, but when you try to configure your Outlook Client, you get:

“The request failed with HTTP status 401: Unauthorized ( The server requires authentication to fufill the request. Access to the Web server is denied. Contact the server administrator. ).”

I finally found a solution(s)!

Method 1:

1. Run the following SQL command (replace addresses with yours (address:port)

   USE MSCRM_CONFIG

   Update DeploymentProperties SET NVarCharColumn = ‘my.crmserver.inet:80′ WHERE       ColumnName = ‘AsyncSdkRootDomain’

   Update DeploymentProperties SET NvarCharColumn = ‘my.crmserver.inet:80′ WHERE  ColumnName = ‘ADSdkRootDomain’

   Update DeploymentProperties SET NvarCharColumn = ‘my.crmserver.inet:80′ WHERE ColumnName = ‘ADWebApplicationRootDomain’

2. Run regedit on the CRM host computer, and navigate to HKEY_CURRENT_USER\SOFTWARE\Microsoft\MSCRMClient. You now have to update the following keys
   • IntranetDiscoveryUrl
   • IntranetServerUrl
   • IntranetWebAppUrl
   • PlatformRoot
   To point to your External CRM URL.
3. Enable just Basic HTTP Authentication on the Web Listener in ISA
4. In the Authentication tab of the Firewall Policy for the CRM, select “No authentication, but client may authenticate directly”.
5. In the To tab of the Firewall Policy for the CRM, make sure “Foreward original host header” and “Requests appear to come from the original client” is selected.
6. In the Users tab of the Firewall Policy for the CRM, make sure it is “All Users” Instead of “All Authenticated Users” (CRUCUAL STEP)
7. Apply the settings in ISA.
8. Now go to “Internet Settings” on the client computer, and navigate to the security tab.
9. Click custom level on the trusted site, and scroll to the very bottom and select “Automatic logon with current user name and password”.
10. Add the CRM url to the trusted sites without the prefix (aka. not http://crm.company.com and just crm.company.com).
11. Navigate to http://crm.company.com and type in your login credentials. AND CLICK REMEMBER PASSWORD.
12. Run the configuration wizard, and it should work *smile*

Method 2:

1. Download the Internet Facing Tool from Microsoft.
2. Extract the downloaded file to drive:\Program Files\Microsoft Dynamics CRM\Tools
3. Run the tool.
4. In the IFD boxes, type in your EXTERNAL URL and in the internal box, type in your INTERNAL URL.
5. Select whether to use HTTP or HTTPS for both the IFD Address and Internal address.
6. Apply, and reboot!
7. Now go to “Internet Settings” on the client computer, and navigate to the security tab.
8. Click custom level on the trusted site, and scroll to the very bottom and select “Automatic logon with current
9. user name and password”.
10. Add the CRM url to the trusted sites without the prefix (aka. not http://crm.company.com and just crm.company.com).
11. Navigate to http://crm.company.com and type in your login credentials. AND CLICK REMEMBER PASSWORD.
12. Enjoy!

If you don’t have any internal users, I’d recommend using Method 1, and if you want SSL and/or want to differentiate between external and internal users, use Method 2.

Brennan