For many years now I’ve been happily chucking around Windows XP virtual hard disks and loading them with Virtual PC. Sadly I’m going to have to turn to something modern as the virtual processor is no longer up to scratch, as I found when trying to install Windows 8.1 evaluation.
In the past this would have been a Blue Screen but they’re handled differently in Windows 8, usually with a frowning emoticon.
0x0000005D means UNSUPPORTED_PROCESSOR and the solution would be to enable No-Execute Memory Protection in the BIOS.
Virtual PC is ancient so the AMI BIOS has no such setting on any of the menus.
Off now to find a virtualisation product I like.
Back in May, DataCash was a sponsor for one of the biggest networking events for payments developers – Trans-hacktion. The 3-day Hackathon, organised by Birdback, was focused on the latest innovations in the payments and financial technology and held at the London Google Campus.
The event included demos from DataCash and other payments companies followed by hacking sessions. Teams had to hack a product that used partner APIs and present the hack in 3 minutes on the final day. The prizes up for grabs were:
|KingHacker||3D Printer & Champagne|
|1st||Pebble Watch & 1 year of GitHub Silver plan|
|2nd||AIAIAI Headphones & 1 year of GitHub Bronze plan|
|3rd||Raspberry Pi & 6 months of GitHub Bronze plan|
|API||Up Bracelet. Nintendo NES + Super Mario Game|
|AND||Berg Cloud Little Printer & 100$ AWS credit & more...|
By default, Windows will automatically update it’s internal list of trusted root authorities as long as the Update Root Certificates function is installed. This should be enabled by default and takes manual intervention to remove it.
With this component enabled, the following happens:
If you are presented with a certificate issued by an untrusted root authority, your computer will contact the Windows Update Web site to see if Microsoft has added the CA to its list of trusted authorities. If it has been added to the Microsoft list of trusted authorities, its certificate will automatically be added to your trusted certificate store.
If the component is not installed and a certificate from an untrusted CA is encountered then the following text will be seen:
This is an inconvenience for the person browsing the site as they need to click to continue. Applications, though, will be unable to proceed and will throw an exception. Example:
One or more errors were found in the Secure Sockets Layer (SSL) certificate sent by the server.
If you look at the certificate’s properties, you can see the “Issued by:” value:
This is the name of the server that issued the certificate. It is not the name of the Trusted Root Certificate Authority. To find that instead use the “Certification Path” tab.
Highlight the issuing server and click “View Certificate” button to reveal the issuing CA – in this case “VeriSign Class 3 Public Primary Certification Authority – G5”.
This must match a Trusted Root Certificate Authority certificate in the current user’s certificate store.
So turn on automatic updating of trusted root authority certificates.
For Windows Vista and above, this option is controlled through Group Policy. See the “To Turn Off the Update Root Certificates Feature by Using Group Policy” section of the following Technet article:
Certificate Support and Resulting Internet Communication in Windows Vista
If Windows Update is a blocked site then download and deploy the latest pack of root certificates from Microsoft:
Failing that, find a machine that has the latest root certificates installed and export them from there:
- Open up the Certificates console
- Right-click the required Trusted Root Certificate Authority certificate
- Choose Export from “All Tasks” to open up the Certificate Export Wizard
- Choose an export file format – DER should be fine
- Provide a file name and complete the export.
- Move the file to the machine that’s missing the certificate
- Right-click the file and choose “Install Certificate” to open up the Certificate Import Wizard
- Do not allow the wizard to automatically select the certificate store. Instead choose “Place all certificates in the following store” and click Browse
- On the “Select certificate Store” window, enable “Show physical stores” and highlight “Trusted Root Certification Authorities \ Local computer”
- Complete the import
Thanks to Gurpal Basra for his valuable input.
Daniel Halan has developed an MSMQ Viewer for NServiceBus:
I've lately been working with a scalable cloud solution, and then it's good to use a Service Bus for sending commands, events and messages around the network. Now I tried few MSMQ message viewers that are available, but they all lacked the real-time feedback that would be nice when debugging or just want to know what is happening behind the scenes. So from that a new small application grew, called "ServiceBus MQ Manager". It's a small application that will monitor queues with a set interval, and present the Events, Commands and Messages that are there, but also keeping messages that has been retrieved (deleted) from the Queue.
which you can download through a link on his blog.
I’m frequently impressed by the additions and changes to Windows as I spend more time on the Windows 8 Consumer Preview.
Here, for example, is how a the progress is now shown for a copy across my home network.
I think this is demonstrating to me how the destination is not able to keep up with the flow. I’m now intrigued to see if there is anything I need to do to improve performance.
And third for the day from Guatam is a problem managing MSMQ on a cluster.
MSMQ Management console on Win2k8 & WIn2k8 R2 Cluster not Visible
Seems that the MSMQ service on the physical node needs to run under Network Service.
Must set up a virtual cluster to test that out…
Another blog post from Guatam highlights the need to scale up some MSMQ parameters when there are many clients.
MSMQ 4 & 5 not receiving messages from Large Number of Clients
To improve performance, MSMQ caches user account information to reduce the overhead from checking if the sender of a message has adequate permissions to access a queue.
As with most caches, the size is fixed and old data is purged when there is no room left. Unfortunately, there is a potential situation where the clean-up process fails which prevents new clients from delivering messages.
To get round this blocker, make sure the cache is large enough to accommodate all possible users of the MSMQ system without needed to clean up.
This is done through the HKLM\SOFTWARE\Microsoft\MSMQ\Parameters\UserCacheSize registry value (default is 253; maximum is 4 billion).
It’s good to see my ex-colleague Guatam putting out some MSMQ content after a 10 month hiatus.
MSMQ Performance degrades over time & MSMQ LQS folder is 100s of MB.
The files in the %windir%\system32\msmq\storage\lqs folder are configuration files for the machine’s queues, or cached configuration information in the case of public queues.
Inside these text files is a collection of parameters, such as “Label”, “QueueName” and “PrivLevel”. The largest value is the “Security” parameter which contains the access permissions on the queue.
Guatam reports that sometimes this value can get out of hand, leading to larger and larger configuration files that are too big to be easily read.
One workaround is to delete and recreate the affected queues. Also disable inheritance and apply security permissions directly.