I was greeted several hours ago with some very unsettling, tragic, and somber news.  Though it has taken some time for me to internalize the weight of the event and for the news to settle in, I feel greatly privileged to have had a close association with Jason Walker and his family.  Jason, a friend and associate on many levels, tragically passed away this morning.

Jason's influence has impacted all those with whom he came in contact.  Jason was a great friend who was, as a mutual friend said, a force of nature.  I can't help but think that his life was cut short and his potential not yet fully realized.

I still can't believe that it happened.  I can't believe I'm referring to my good friend in the past tense.  I vividly recall the very first time we met.  Even now - especially now - it seems like just yesterday.  I am so grateful that we had the opportunity to share many special moments together and with his family.  Our families have made it a tradition over the past year or so to go out to dinner and/or a movie and pass a delightful evening together.  Those memories will endure forever.

Most of my interaction with Jason was at a professional (or at least a technical) level.  His influence and impact as Vice President of our local Utah .NET User Group was felt every single time, every single meeting.  He will be deeply missed.

Jason loved life and enjoyed it immensely.  Despite the last two years in which he endured much due to a motorcycle accident, his miraculous recovery demonstrated his spirit and his positive, upbeat outlook on life.  He constantly shared his rejuvenating spirit with everyone.

Jason leaves behind a beautiful family (wife and two children).  Our thoughts are with his family at this time, as we reach out to offer a consoling hand.  Ours is the desire to help in any way we can.  On that note, and as a very small gesture, we are wanting to set up a special fund in memory of Jason for his family in this, their time of need.  I'll be publishing any and all details of that fund in the coming days as more information becomes available.

Here's to you, Jason.  I believe I speak for all when I say that you will be missed.  You were a great friend and I will always look back at our association with fondness, longing, and great memories.  You are loved.

Yesterday I posted that Microsoft released SQL Server 2005 SP2 last week.  This morning I noticed that my friend Craig had made a similar post a few days ago.  It's funny that this morning I was going to check to see the status on VPC 2007 and lo and behold, Craig beat me to the punch there as well.  Oh well.  I'm a big advocate of virtualization and have used VPC 2007 in its beta form for months, and VPC 2004 prior to that on a daily basis.  It's free to download and use.

Couple that with Invirtus' stellar VM Optimizer and you've got some great software.

Just a few days ago Microsoft released SP2 of it's SQL Server product.  Download it here.  If you're running Vista you'll want this update as pre-SP2 isn't supported on Vista.  Now I'm waiting for one more update (the VS.NET 2005 SP1 for Vista) before I officially make the switch on my primary development machine.

Deploying a web application and a database to a single server is pretty straightforward.  In fact, it's quite common.  However, for a variety of reasons, it may be necessary to separate the database from the web application into two (or more) physically separate machines.  Many a developer may be caught unawares by potential database authentication issues that may arise in this scenario.

If your web application accesses the database directly, with its own set of credentials, your task may not be too complicated.  You may simply need to make sure that Sql Authentication is enabled on the SQL Server.  If Windows Integrated Security is required, there are ways you can accomplish this as well, such as by programmatically impersonating a user, or perhaps by using a COM+ package with a specific identity.

If, on the other hand, your application needs to flow the end user's credentials (e.g. the browsing user's credentials) to the database there are some other things you'll need to consider.  This type of application is common place in a corporate intranet where a user logs on to his machine and can then navigate to a company portal without requiring an additional logon.  The authentication simply happens behind the scenes between the browser and the site.

Due to restrictions imposed by how NTLM works, however, if you must use integrated security and your database server is physically separate from your web application you will be unable to access the database through the website (though you would if you connected directly).  This is because NTLM causes the server to authenticate the client.  The client security token is authenticated by the web server.  When the time comes to connect to the SQL Server as the user, the database server will attempt to authenticate the client (in this particular connection the web server is the client).  The web server will not have the client token so authentication fails.  Essentially, you're given one network/machine “hop“ with your credentials.

This is where Kerberos comes into play.  Kerberos will allow your credentials to flow further, giving the database server the ability to ascertain your security token and grant you access.

If you're developing an ASP.NET application and need this functionality, there are a few things you should have in place to allow for the client credentials to flow across multiple machine boundaries like this:

• Make sure impersonation is set in the web.config via <identity impersonate=“true“ />
• Make sure that the website is set for Windows Authentication / Integrated Security (not anonymous).  If you set for Basic Authentication, the client will be prompted to login upon connecting and the web server will contain the security token and will then, upon attempting to query the database, make its one allotted network “hop“...but that defeats the purpose of the single sign-on we achieve with Windows Authentication.
• Make sure that the machine is trusted for delegation.  This is accomplished in the Active Directory Users and Computers console.
• Make sure that your connection to the remote database is using Named Pipes.

While troubleshooting this scenario you may encounter an error such as “Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'”.  In such an event it is possible that Kerberos is enabled but you're accessing the remote SQL Server via TCP/IP.  Make sure that your connection string specifes to use Named Pipes.

Tonight's User Group presentation went better than last month's, though still not as smoothly as I would have liked.  The demo gods weren't on my side several times tonight.  Despite that, the event worked out for the best.  We held the Utah .NET User Group meeting at a new facility (provided graciously by Digital Draw Network) and sponsored by SOS Technical; it worked out quite well.  Our topic this evening was .NET Serialization.  We addressed serialization from various angles, experimenting with Binary, SOAP, XML, and custom serialization.  In addition we explored creating a custom IFormatter and even touched on versioning of serialized objects.

All in all it was a lot of fun and we had a good time.  I wish I could have done better, but then again, I always do.

Oh, and as an aside, our gathering at Denny's afterwards is getting bigger and better every time.  We had many people show up and it was a blast.  I really look forward to the 'after event' event.

Time has once again flown by!  We're ready to move into February's installment of the Utah .NET User Group on Thursday, February 8th, 2007.

Neumont University, who has been so generous of their time and facilities has a school event that night which occupies both of the rooms we usually meet in. A huge thanks goes out to Digital Draw Network (DDN) for stepping up to the plate and offering space for the User Group to meet :) And - most conveniently - DDN is located in the same office park.

Directions:

When you turn on River Front Parkway off of 10600 South, rather than turning into Neumont, proceed a few buildings down. You'll reach a round-about in the road. Follow that around and turn into the parking log of 10897 South.

Time: 6:00 PM
Date: February 8th, 2007
Place: Digital Draw Network, 10897 South, River Front Parkway, Suite 300

DDN has arranged that the building doors will be open until 6:30. We are very excited about the prospect of meeting there. In fact, due to the multitude of scheduling conflicts for '07, we'll be evaluating the location for future meetings as well. We express our gratitude to DDN for the offer. Additionally, we've arranged to have internet connectivity in the new location (though perhaps not for the first meeting due to the short scheduling notice).

Invite your friends, co-workers, colleagues, enthusiasts, peers, inferiors, and anyone you'd like to attend. The event is free to all.

This month's meeting will focus on .NET Serialization and will be sponsored by SOS Technical.

It'll be a great time! See you there!

I had the opportunity yesterday (at least for the afternoon) to attend the Windows Vista/Office 2007 launch here in Salt Lake City.  While I couldn't make it to the IT portion of the event I was fortunate enough to be on-hand for the more developer focused event and rub shoulders with many good friends.

Pat Wright, Justin Long, Ani Babaian, Kerry Larson (sp?), and I manned a Utah Community table, handing out flyers that advertised user groups and communities in the valley.  We had a lot of interested people come by and some great conversations.  I also had a great time seeing some of my friends from my days at Microsoft :)

While I was not able to actually attend the sessions I had a great time which only got better after the event as many of us (Ani, Harold, Rob, Scott, Craig, and I) went out to dinner and had a great time.

Oh, as added incentive, every attendee of the event received a fully-functional version of Office 2007 Professional.  Very cool.  I was able to acquire a few extra copies to be handed out to the Utah .NET User Group meetings.

Well, it's official.  After many, many hours of hard work I'm finally almost done.  What started out about 7 years ago to be a simple "finish the basement" project is now to the point where I can sit back and look at the fruits of my labors.  In reality, the project didn't take too long to complete (a few months at best), but the fact that the months were spread out over several years made it a tad frustrating and far too lengthy (sounds like some software projects).  In all, I (with the occasional help of family and friends) added about 1300 sq feet to the house consisting of 1) a bedroom, 2) a home theatre/recreation room, 3) a storage room, 4) a craft room, and 5) and office (with an adjoining bathroom)

I guess the reason I'm blogging this is today marks the first day where I'm actually in the new office and working.  Over the weekend I was able to get all of the electrical work done in the basement.  Sure, there are still some loose ends to finish.  I still have a little touch-up painting to do.  I still have to wire up the ethernet, speaker wires, and cable lines.  But it's functional and that's the key.

Prior to today I was taking up a small, much needed bedroom upstairs as my office.  It was filled to the gills with books, papers, boxes - in short, it was a constant and complete wreck.  Moving from a small 11'x11' room to a 13'x23' room is SOOO liberating - and long past due.  I don't have any furniture down here yet.  In fact, my 'desk' is a piece of particle board sitting atop some food storage boxes.  So I'm sitting here on the floor :)  I'm anxious to get started building my desk - I've had this affinity my entire life for custom woodworking/carpentry, and that's a project I've long been anticipating and planning.

Anyway, this long, extended, after-hours project has led to me not having any time for "coding for fun" as all of my free time since December has been consumed in finishing the project.  Many of my personal projects had been put on hold to see the basement project come to completion.  I hope to see that change somewhat over the next few weeks.

...Almost done :)

I was reviewing a post that I made last week and wanted to quickly follow-up with an addendum.  In that post I mentioned using DTS (Data Transformation Services) to effectively pull information from one SQL Server to another, providing an observation about SQL Server and MSDE/SQL Express version interoperability.

Additionally, I went so far as to say that I am able to run my DTS package (which is technical a code package more than an actual, saved package - read COM automation) from a SQL Express 2005 communicating with a SQL Server 2000/2005 server.  This is accurate, but not the complete picture.

I failed to mention that out-of-the-box, it won't work.  That is, the DTS automation components are not, by default, installed when you install SQL Express 2005.  If you're needing to support DTS on a SQL Express 2005 machine, you'll need to install the Microsoft SQL Server 2005 Backward Compatibility Components which can be downloaded here.

Once that piece is installed, it should work fine.  I didn't want to leave this out there and have someone come back and say "hey, what you told me didn't work" because, frankly, I get enough of that ;)