Jump to closing Curly Brace!

I maintain a few projects with a few spaghetti functions.

It’s really common to see something like:


//And then sixteen pages of text before the closing brace


If you click either brace, it highlights its counterpart, which is great when they’re on the same page, but not when they’re many scrolly pages and many brace-pairs apart…

So I wondered if there was a way I could jump between them (16 pages is an awful lot of scrolling)

Yes! Ctrl+] !

Thanks SO!

Windows 8 UX Fundamentals–free virtual training

I’ve been working on the Windows 8 Application Excellence Lab circuit recently, helping push Metro-style apps from good to great!

Metro apps look visually simple, but conveying your app’s information in a simple and visually appealing manner isn’t just a matter of “removing stuff”. The best apps look simple, present information appealingly and effectively, and delight the user with their interactive behaviours.

Why tell you this? Well! There’s some free virtual training coming up with the Windows UX team:

Windows 8 UX fundamentals–free virtual training

On 14th June from 9am to 5.30pm PST, the Windows User Experience team is running sessions on how to design great apps that use the platform in cool ways and follow UX guidelines. After the training, you’ll be able to design and build experiences that follow the tenants of great apps, use intuitive information architecture patterns, and use best practices for designing flexible layouts, touch, contracts, and much more.

Sure, for Aussies, it’s an early start and finish, but if you’re looking to brush up your Windows 8 application, or just interested in thinking about how you might construct a deconstructed app, it’s worth a look!

More at the Windows 8 developer blog.

A weekend’s worth of tips in the Windows 8 Consumer Preview

Just some notes recording what I’ve picked up from a couple of days using the Windows 8 Consumer Preview on my main desktops:


The hit target for the Start button is the very bottom left corner – like, the four pixels in that region. Just slam the mouse there and click – when you get used to it, it’s cool!


The sides of the screen work consistently that way – each is a slam-to-any-corner, then mouse up or down to get to the functionality on that border. This makes it fast without permanently cluttering screen space (I haven’t tried multimon yet).

Task switching – slam to top-left, then drag mouse straight down. (Or, bottom-left-as-in-Start, and slide up). Has grown on me greatly; I often now have a metro app side by side with the Win32 stuff/desktop. Alt+Tab still works.

imageCharms – slam to top-right or bottom right, then drag down or up, but be quickish, it fades! Or just Win+C.

Charms are important – each app has its own Settings (Win+I to skip the Charms menu step) now, and you print (for example) through the Devices charm by picking the Printer. Share through the Share charm. And so on.

On Settings – you can get to Settings (as in, that big list of Win8 style settings) by going Charms, Settings, More Settings (at the bottom). It’s arguably easier just to hit your username and Change Picture.

Drag straight down (violently!) from the top to throw away (i.e. terminate, I think) any Metro app. Otherwise, drag it to the region you want it in.


Start-and-type to search and run programs still works like in Windows Vista and 7 – you just hit Start and without waiting for anything, type a bit of the name of the program you want to run, and it searches for it. Ctrl+Shift+Enter probably still elevates that program to Admin. The difference from Windows 7 is that there’s no search box before you start typing. Well, that and there’s a full-screen list of programs.

Tip: The Start screen goes away as soon as you’re running a Win32 app, just like the old Start menu*. If all you run is Win32 apps, it’s big, sure, but it’s fluid.

If you’re still Win+R ing to Run apps, that works too.


imageimage The Remote Desktop Metro app behaves subtly differently from the MSTSC Win32 app when remoting to a Win8 target.

I’d summarize this as: the Metro one is optimized for fullscreen touch interfaces (and won’t entirely capture your mouse when in fullscreen – if you mouse to the bottom left, you get the local OS start menu), while the MSTSC version works basically how it always did. Plus extra buttons and stuff. If you were working on a touch-only device, swiping for the local start menu makes a lot of sense (how else are you going to escape!?)

As I’m working on a touch-enabled desktop but mostly keyboard-and-mousing, I tend to prefer the MSTSC behaviour over Remote Desktop Metro.

If you’re using Win8 MSTSC, it’s faster to click the (new) Start button in the MSTSC connection bar (at the top of the windowed desktop) than try to hunt for the lower left pixel if it’s windowed, at least right now, as far as I can tell, YMMV, cheques may not be honoured. Just connect Fullscreen, and slam that mouse around!

As long as you’re capturing the Windows key in your RDP session, other handy non-hunting tips: Win+C = Charms, Win+I = Settings


* except again, it’s full screen. I’m OK with that – it wasn’t like I scrutinized the Start menu every time it appeared.

Note: Tristan has no inside information on Windows 8, he’s experiencing the Consumer Preview along with the rest of the world.

IE10 Compat Inspector

There’s an very handy-looking new tool that can be used to quickly determine a site’s compatibility with IE10.

I set it up with Fiddler on one of my machines, and can now enable a pop-up item in Fiddler under the Rules menu.

I wasn’t familiar with Fiddler’s rules engine before… more investigation is needed!

IUSR vs Application Pool Identity – Why use either?

(pasted from my email clippings. I’m on holiday right now, catching up on paperwork!)

The TLDR version is: using AppPoolIdentity as both the App Pool Account and Anonymous user account lets you have multiple isolated anonymous websites on one box.

IIS 7.x and upwards (as of Win2008 R2 and Windows 2008 SP2, also in IIS 8.x in Windows Server 2012 and IIS 10.x in Windows Server 2016) supports a new Application Pool account type, called an ApplicationPoolIdentity. This low-privileged account can be used to isolate distinct sets of anonymous website content, without requiring the administrator to set up a unique account for each website manually.

So whereas the default IUSR anonymous account is per-server, an ApplicationPoolIdentity is per-app-pool, and IIS creates one app pool per site, by default when the GUI is used to create a site.

So by setting the ApplicationPoolIdentity as the anonymous user account for a site, you can isolate content and configuration for that site so that no other sites on the same box can access it, even if it’s an anonymous site.

And now, the long version!


Before I start: Terminology disambiguation corner (because App Pool Identity is a horribly overloaded term nowadays):

  • Application Pool Account = the account used to run the App Pool, whether custom user, NetworkService, LocalService, AppPoolIdentity or LocalSystem
  • ApplicationPoolIdentity = the new account type that has a unique App Pool Name-based identity SID (S-1-5-82-SHA1{App Pool Name})

Also, a reminder that process identity is the basic “RevertToSelf” identity for a process, and that thread identity can be different from process identity via impersonation or explicit logon.

So, any or all of the threads in a process might be someone other than the process identity, but if any call RevertToSelf or somehow lose their token, they’ll snap back to acting as the process identity. (Which is the ultra-short version of why you don’t want that being LocalSystem or another privileged account.)


App Pool Account:

The when-not-impersonating/process identity; used to start the app pool and to read web.config files; pretty much needs permissions to everything.

On IUSR vs Application Pool Account as anonymous:


  • IUSR has the same SID on every machine.
  • IUSR is appropriate if you run one anonymous website on the computer.
  • You secure your content to IUSR with NTFS permissions, and that website can access it.
  • If you run two websites with the anonymous account as IUSR, they can access each other’s content.
  • For low-security applications and intranet sites, that might be OK.

App Pool Account as Anonymous

The alternative is to use an App Pool Account as the Anonymous account (so a thread doesn’t bother putting on its IUSR clothes on anonymous requests)

  • ApplicationPoolIdentity has the same SID on every machine with a common config (because the SID is a hash of the name), so has the same benefit as IUSR for content security, only specific to the app.
  • It’s an appropriate choice if you run multiple anonymous websites and need isolation of content.
  • Other appropriate choice: creating an explicit user account for each App Pool and using that as anonymous.
  • (i.e. the anonymous Coke application should never be able to read the Pepsi application’s files) (arguably always the case with multiple anon websites on the one box)

Using the App Pool Account as anonymous is a good idea because it allows you to secure your content at the NTFS level for just COMPUTER\Coke or IIS AppPool\Pepsi, and be assured that Windows file system security will prevent one company’s anonymous app from reading (or otherwise affecting) its competitor’s anonymous content.

Using the AppPoolIdentity as the App Pool Account in this case is just a simple, no-hassle way of having a common user account on all machines that share the IIS configuration (or at least the name of the app pool), without having to faff about creating or replicating Windows users and worrying about their permission level.

The bit I’m less confident on but still fairly sure I’m right:

When it gets to off-box (eg database) resources, you’re out of IIS-land and into app framework (ASP.Net)-land; short version is that if your token isn’t delegable (for eg, comes from an NTLM auth), it’ll fail to be passed to the next hop, and you’ll end up with process identity and any limitations/benefits it incurs.

Ooh! The Web Farm Framework for IIS 7.x!

ScottGu has the detail of (and a walkthrough for) the Web Farm Framework, which looks to make high-uptime application publishing, deployment and maintentance a snap.

Last month we released a beta of the Microsoft Web Farm Framework. The Microsoft Web Farm Framework is a free product we are shipping that enables you to easily provision and mange a farm of web servers.  It enables you to automate the installation and configuration of platform components across the server farm, and enables you to automatically synchronize and deploy ASP.NET applications across them.  It also supports integration with load balancers – and enables you to automate updates across your servers so that your site/application is never down or unavailable to customers (it can automatically pull servers one-at-a-time out of the load balancer rotation, update them, and then inject them back into rotation).

The Microsoft Web Farm Framework is a 1 MB download, and can be installed on IIS 7 and above. It is available for free. You can download the first preview of this beta here: x86 / x64.

I’ll be checking it out (when I’m back from China).

Don’t Use Office Applications (or GDI+, or System.Drawing, or WinInet) in a Server Application (or ASP.Net)

Johan posted a timely reminder of a long-standing perennial support call generator in his post Office Automation .

Adding one more option to the list of possible workarounds – direct XML-based production/manipulation of an OOXML (or ODF, for that matter) document (Word, Excel, Powerpoint?) might get you where you need to go.

Now, to get the laundry list out of the way, here’s a quick top-of-the-head list of other technologies best kept away from your shiny new ASP.Net application:

  • Outlook automation on the server isn’t a good idea at all, which is why CDO (or these days, DAV for Exchange Server) is preferred.
  • The Word/Excel/Powerpoint/Outlook programmable Object Models typically drive the application itself rather than manipulating data files directly, so should be avoided too.
  • Tom posted a while back on the perils of System.Drawing/GDI+ in ASP.Net applications. The same goes for WPF, last I heard.
    • We do use System.Drawing as a demo of in some of our IIS 7 demos (most recently seen in the PDC IIS 7 demo that included watermarking using System.Drawing), and elsewhere – it’s an effective demo, but the caveats are as documented.
  • WinInet (the core HTTP engine used by Internet Explorer) is another old, old case of the same designed-for-client paradigm (which led to the creation of WinHTTP (and in .Net land, HttpWebRequest etc)).

I’m not saying any of the above don’t typically work – most of the time, whatever you’re doing might work fine (I personally wrote a bunch of charting and drawing controls years ago in ASP.Net before discovering this), but when it doesn’t, our options are limited in how we’re able to help.

.HDMP and .MDMP files

Just a quickie – the rule is blog what you know, but I figure my speculation might be good enough here.

A friend gave me an HDMP file and asked what I could make of it. After the usual “I could make a hat! Or a brooch! Or a dinosaur!” type stuff, I realized it wouldn’t open anyway.

In my experience, most .HDMPs come with matching .MDMP files. I think of these as Minidumps (in the “real” mini sense – just information about threads and thread stacks), and Heap dumps (everything else the process knew or cared about in User mode).

This HDMP wasn’t openable in the debugger directly, but if its corresponding MDMP was present in the same folder at the same time, I reckon it woulda.

The feared WER-wolf produces these files in pairs (that’s Windows Error Reporting, kids, don’t be too scared, except that it invalidates everything we used to know about AEDebug registry keys and similar, but that’s another story for another time), and that’s how I’ve analyzed them in the past. I remember hearing of some sort of merge operation that needed to happen between M and H dumps, but I’m reasonably certain I haven’t bothered with that (I assume I’m lazy by default), so I think the debugger just does it for ya.

Now I’ve written that, I’m going to go look for references to support my assertions!

949180    How to create a user-mode process dump file in Windows Server 2008

(At the bottom – mini and heap dumps – yay me!). Think that’s enough for today. Hugs!