Quickly Exporting of Certificates via PowerShell

As I was doing some work with Sitecore Automation Framework, I needed to quickly export certificates from my local store.  Here is the quickest way that I could come up with.

ls | ?{ $_.FriendlyName -match "_SAF$" } | %{ Export-PfxCertificate -Cert $_ -FilePath "C:\<projroot>\infra\configuration\Local\$($_.FriendlyName).pfx" -Password (ConvertTo-SecureString -String "1234" -Force -AsPlainText) }

Maybe there is a nicer way to do that but that’s what comes to mind.

Advertisements

Sitecore 9.0.X Dependency Injection does not use latest Microsoft DI

With all of the excitement with Sitecore 9.X, sometimes it is very tempting to fire up a new project, get the latest NuGet packages and off you go, but there are a few subtle things to remember that Sitecore is embracing rather more niche dependencies and having embracing Microsoft.Extensions.DependencyInjection library from Microsoft is also one of them.

With Sitecore 9.0.X (pre 9.1), Sitecore Dependency Injection mechanism is dependent on on Microsoft.Extensions.DependencyInjection version 1.X.  If you are happen to add NuGet Package with version >2.X then you will get the following awesome message when deploying to the instance:

Method not found: ‘System.IServiceProvider Microsoft.Extensions.DependencyInjection.ServiceCollectionContainerBuilderExtensions.BuildServiceProvider(Microsoft.Extensions.DependencyInjection.IServiceCollection)’…

Please beware, to keep the version of dependencies strictly to what is provided by the version of the platform. Review carefully.

Setting up Docker on an Azure VM for Development

One of my goals for 2018 is to ramp up with using containerization as a go to approach to development.  Thus, having a solid development environment that can run Docker is certainly a must.  Just like with many enterprises, Windows 7 or Windows 8.X dominates still and thus you may end up stuck, due to Docker on Windows requirements.

Azure comes to the rescue here with Nested Virtualization feature for Dv3 and Ev3 VMs.

  1. Install a Windows 10 Pro image with Standard_D4_v3 size and make sure its location is either East or West 2.
  2. Install Hyper-V on Windows 10 Pro
    Enable-WindowsOptionalFeature -Online -FeatureName:Microsoft-Hyper-V -All
  3. Install Docker for Windows as per standard instructions.

That was easy.  Don’t forget to turn on auto shutdown for your developer VM to conserve credits.  Cheers!

Sitecore 9 is here

I have been recently delving into the Sitecore CMS due to client’s needs.  It has a pretty close community due to the fact that Sitecore folks wants people to pay money for everything but the platform is growing on me.  Thus, I want to make a few folks aware that Sitecore 9 has been announced, presumably at Symposium 2017.  It has a ton of new features but the most exciting that all of its components are supporting PAAS deployments.  It’s time to take a lap around it in Azure.

Windows Auth with local IIS developer workstation

I was just troubleshooting an issue with legacy code base on my client workstation.  It is IIS 7.5 (guess what OS i am running) with Asp.Net  4.X and v2.0/v3.5 ISAPI registered.

The Asp.Net legacy application is built using windows authentication for security purposes.  When I configured the local code base to publish to local IIS website with a custom name, the website kept on prompting me an error.  For the life of me, I could not figure out the issue.  Setting Application Pool back to “Network Service” from ApplicationPoolIdentity did not fix the issue.

After breaking my head for hours, I finally remembered this little Gem from the past with the help of Google of course.  Basically, for NTLM and Kerberos if the target IIS host is in the domain, it is very strict who is allowed to authenticate via SSPI (fancy acronym for security negotiating).  I will need to update my developer on-boarding script to make sure I either disable loop-back checking or white-list the local custom dev URLs.  Security to insanity!

Modifying user path w/o Admin rights

Just the other day I was asked by a colleague, ” if our corporate laptops are protected that we do not have admin privileges, how are you able to do any development work?  I cannot do anything”.

That’s a great question.  However, MS Windows OS has gone over a few transformations and a lot of applications are written in a way that promotes usage w/o elevation.  Yet, some basic things are still puzzling. For example, user path variable.  The system path should be protected as it is set by admin installation of programs etc, but changing path for a user to ensure that one application can be started quickly w/o knowing the full path should be simple. But, it is anything but simple.

Going to User Accounts is not an option as you will quickly get an error screen either due to elevation restriction or basic GPO set by IT.  But there is another way. You can utilize the rundll32.exe to invoke the GUI directly.


rundll32 sysdm.cpl,EditEnvironmentVariables

I’ll continue exploring more ways to manage my workstation w/o elevation as i spend more time living with new fun policy.

Office 365 Network

In case you are not aware, but the Office 365 Network on Yammer is moving to a new platform, here is the official announcement. Come checkout Office 365 Network Preview and get your profile set up and start monitoring that platform.  It looks pretty good.  Based on the Yammer pin board messages, the network is moving in September.

I am actually excited because at my company the Yammer SSO was very cumbersome and now this will be a thing of the past as the new platform, built on top of Lithium social platform, allows open search and collaboration via open identity providers i.e. Live Id or O365 Identity.

Now, I still think that the best platform for answering the technical support questions is the Microsoft Office Community forum site which, unfortunately, I am only able to monitor scarcely these days.  This new platform is more towards socializing with the developer team and other thought leaders for

Go and explore it now!