Matevž Gačnik's Weblog

During preparation for a work presentation for a complex project (designing transport level secure, distributed, endpoint independent web services) I needed to install some benign certificates to an IIS 6 machine. All hell broke lose when I did it and (production) machine failed completely. IIS Admin service would not start, UDDI Services went down, nothing worked.

After numerous hours of trying to fix at least IIS I got an idea of what was wrong.

Apperently the MachineKeys folder, which holds machine account private keys was screwed. No matter how hard I tried reinstalling IIS nothing worked. The solution was in manually deleting MachineKeys folder, encrypting it and setting appropriate permission set.

So, if you are ever in a situation where IIS Admin service would not start causing one of the following errors and you suspect MachineKeys is the reason for it, consider the steps below:

• The system cannot find the file specified.
• The handle is invalid.
• Not enough storage is available to process this command.

Try this:

• Uninstall IIS
• Backup files in MachineKeys folder (c:\documents and settings\all users\application data\microsoft\crypto\rsa\machinekeys)
• Delete MachineKeys folder
• Create new MachineKeys folder
• Assign Administrators group, SYSTEM account full permissions
• ENCRYPT THE DAMN FOLDER (Properties, Encryption)
• Copy keys if necessary
• Reinstall IIS

Good luck.

W3C yesterday released a v1.1 of complete XML data model and serialization syntax stack. You can get XML Infoset 1.1, XML Namespaces 1.1 and XML 1.1 specifications.

Now the fun begins.

Congratulations guys. You were better in the final of European Handball Championship.

Slovenia : Germany = 25 : 30

I'm currenlty involved in designing a client application for a big hotel chain. The application is able to show rich media (MPEG II digital TV, MPEG II video on demand, Windows Media video on demand, WMV-HD, music, live webcasts, you name it...).

The problem we faced on friday was connected to the way WM services allow a client (WM Player 9) to cache streamed contents. It was actualy not a functional but rather a performance problem, because the application architecture is designed in a way that allows client computers to reflash their HD partition at every reboot. Since a lot of video content was cached (hundreds of megs), reflashing time increased.

Two ways to get rid of client side caching:

1. Allow client side caching property in Windows Media Services / Windows Server 2003
2. URL encoded parameter in query string (ie. http://wmedia/mymedia.wmv?wmcache=0)

This got my attention today:

Ultimately, I think the question is really a distraction. One of the great strengths of XML is that the instances exist independently not only from individual schema definitions, but also independently from the schema language of the day. [From: Don Box]

True indeed. In case of industry shifting to RelaxNG (very unlikely), instance documents would survive nicely. As long as there is a schema, that describes an instance document, everything is fine. When the connection is lost somehow, we can't talk about instances any more.

XML without a defined schema is no better than CSV. It's not even easier to parse.

I just bought a new George Michael single - Amazing, which is distributed as a Windows Media 9 audio using DRM protection. The process works flawlessly:

1. Enter credit card number, pay $3
2. Get PIN number
3. Download the single
4. Open the single using WMP9
5. Go through WMP personalization process, get license
6. Enter PIN
7. Store license
8. Play

This gives me more control of what I own. Bye bye ITunes...

We'll see how this works out. I have been at the PDC, seen Doug's talk and I agree that this allows schema to be versioned over time. What is bothering me is the structural extension of the schema itself, just to support versioning.

And yes, I know this is the only way, since W3C didn't pay attention to versioning in the first place. It still bothers me, since I like my content models clean.

What happened with Clemens?

It was a nice show (I watched via live Webcast), but someone was missing. :)

Well, until today (and I don't know why) I had a concept in my head, that WSDL operation names need to be unique.

I'm really glad that guys from a big local mobile operator helped me clear things up (actually, they helped me lead myself into a no-exit alley). It happened today, during my web services day, a part of a bigger .NET training course.

I reread the spec. It says:

Since operation names are not required to be unique (for example, in the case of overloading of method names), the name attribute in the operation binding element might not be enough to uniquely identify an operation. In that case, the correct operation should be identified by providing the name attributes of the corresponding wsdl:input and wsdl:output elements.

Polymorphic methods are my friends again. I was mislead about the WSDL serialization details in that scenario.

Enough said.

Christian Weyer admits he's not the only one thinking that SoapScope is that great.

My priorities go like this:

1. Excellent Testing Tool
2. BP 1.0 Complience Verifier
3. Great VS Integration

Keep it up.

It happened. Mindreef released a new version of its excellent tool - SoapScope 3.0.

Web services diagnostics has never been so efficient.

I just forked out for a new plasma screen.

This baby will be installed in my living room in two weeks time. Used to present ideas on the big screen and of course DivX and DVD.

I had an 'Inside CLR' workshop today. Some attandees had really good questions and some good comments.

I really liked the comment that in-memory instance representation layout can be controlled using the StructLayoutAttribute attribute. I was sure that it's compiler default was AutoLayout, specified by Auto attribute in type metadata. One always learns new things when talking about deep subjects.

I am redelivering this workshop in a few months.

(Some) PDC sessions are available at: http://microsoft.sitestream.com/PDC2003.

Have a fun weekend.

Proof:

Steps to reproduce:

1. Install Longhorn
2. Install Longhorn SDK
3. Install IIS 7.0
4. Do a aspnet_regiis.exe -i to install ASP .NET and enable it in IIS manager

Default wire level format of the request is (WS-Addressing goop present):

<?xml version="1.0" encoding="utf-8" ?>
<env:Envelope xmlns:env="http://www.w3.org/2001/12/soap-envelope">
 <env:Header>
  <wsa:Action xmlns:wsa="http://schemas.xmlsoap.org/ws/2002/12/addressing">http://www.tempuri.org/quickstarts/hosting/client</wsa:Action>
  <wsa:MessageId xmlns:wsa="http://schemas.xmlsoap.org/ws/2002/12/addressing">uuid:eddab546-ff51-491f-805a-c497c8918543;id=1</wsa:MessageId>
  <wsa:To env:mustUnderstand="true" xmlns:wsa="http://schemas.xmlsoap.org/ws/2002/12/addressing">http://bit:6666/webservices/hello/hello.msgx</wsa:To>
  <wsa:ReplyInfo xmlns:wsa="http://schemas.xmlsoap.org/ws/2002/12/addressing">
   <wsa:To env:mustUnderstand="true">uuid:6572af77-a988-4e80-8bd2-59d036139ae4;id=1</wsa:To>
  </wsa:ReplyInfo>
  <wsa:Path env:mustUnderstand="true" env:role="http://www.w3.org/2002/12/soap-envelope/role/next"
   xmlns:wsa="http://schemas.xmlsoap.org/ws/2002/12/addressing">
   <wsa:Request>
    <wsa:Forward>
     <wsa:Via wsa:Role="http://bit:6666/webservices/hello/hello.msgx" />
    </wsa:Forward>
    <wsa:Reverse>
     <wsa:Via />
    </wsa:Reverse>
   </wsa:Request>
  </wsa:Path>
 </env:Header>
 <env:Body>
  <Root d3p1:type="d3p2:String" xmlns:d3p2="http://tempuri.org/System" xmlns:d3p1="http://www.w3.org/2001/XMLSchema-instance"
   xmlns="http://schemas.microsoft.com/serialization/2003/02/DefaultDocumentElement">Aaaa!</Root>
 </env:Body>
</env:Envelope>

Can't get one of my solutions to work on a Windows Server 2003 based server. Client works fine, but server side X509-based decryption fails with an error that should not happen (Cannot find the certificate and private key for decrtyption).

Everything installed and correctly setup. Even permissions. :)

Since even the official Microsoft newsgroup didn't help, I'm really stuck. The funny thing is, that if I disallow access to private key and/or remove the certificate, error message changes giving me a clue that WSE looks at the cert unsuccessfully.

This is what was bugging me when I was at the PDC. Since I wasn't able to bring it home, I wrote some emails asking about the local availability.

It turns out that the new Motorola SmartPhone will be available in Slovenia in about two weeks. EUR 700, with no plans for any operator chipping in.

It happened. My laptop died on me and thankfully it wasn't a hardware failure, but my self assurance in knowing everything about the drivers I installed. A few months ago I turned off the Restore feature of XP, gaining a few hundred megabytes via deleted restore points. Well, it was a mistake done once, and it hurt a lot.

I needed to reinstall it completely and it took me two days to tweak everything back. I'm running the divine Windows Server 2003 now.

During the reinstall phase I played with the thought of dumping VMWare 4 and installing the new Microsoft Virtual PC 2004 (I'm currently using 8 VMs, not concurrently). I managed to read through the official newsgroup and found a lot of problems regarding Linux installations, so I decided to give it a little time. Being a Microsoft oriented person, I like to follow the other platform too. When the time comes, I'll change the setup to be run from my main server, and not locally on my laptop. It seems to me, that there are only a few places without internet access around anyhow.