Office Web Viewer

While Skydrive’s been able to display Office documents in your web browser for what seems like ages now, check this out:

Do you have Office documents on your website or blog that you want your readers to view even if they don’t have Office installed?  Would you rather view a document before downloading it?  To give your audience a better experience, try the Office Web Viewer.

What is the Office Web Viewer?

It’s a service that creates Office Web Viewer links.  Office Web Viewer links open Word, PowerPoint or Excel files in the browser that would otherwise be downloaded. You can easily turn a download link into an Office Web Viewer link to use in your website or blog (e.g., recipes, photo slide show, a menu, or a budget template).

Some benefits of the Office Web Viewer include:

  • You don’t need to convert Office files for the web (e.g., PDF, HTML).
  • Anyone can view Office files from your website or blog, even if they don’t have Office.
  • It keeps eyes on your website or blog, because readers don’t need to download the file and they stay in the browser.
  • One link will work for computers, tablets, and mobile phones.

Yup, it’s a service which creates viewable links to Office documents, in a browser.

Come to the Windows 8 and Windows Server 2012 Premier Roadshow

Australian Premier Support customers: Join us for an overview of the new stuff in Windows Server 2012 and Windows 8!

This series of events will run for the entire day in each city and showcase 4 sessions of about 90 minutes, on a range of Windows Server 2012 and Windows 8 client topics. All topics will be presented by the best Premier Field Engineers across Australia and New Zealand.

Except they got me for Sydney! I’m covering the new Networking features.

Windows Server 2012 – Networking

Connect from anywhere, more working and less waiting, better network management via cost-aware networking. Sound interesting? This session provides a general overview, including many of the improvements to DirectAccess, BranchCache, and general networking improvements in Windows 8 and Server 2012.

Details and signup:


And if you’re at Tech.Ed 2012 AU, you can catch Darth Chad and I presenting on the enhancements to Windows Server 2012 DirectAccess.


Is it time for you to reset your online identity?

Lots of account hacking activity in the news recently. The Blizzard hack (via RPS) caught my eye because of some of the wording used to describe it:

“Some data was illegally accessed, including a list of email addresses for global users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to accounts.”

Now, I’ve trained my parents never to use the same password on any websites connected with billing information. That’s a no-brainer.

But I’ve always lied on those secondary verifiers because it just seemed like I should. It’s intuitive to me that I’d want to have different verifiers for each website *despite* them offering the same set of questions.

But I wonder if others are as careful? The recent publicized Apple/Amazon combo hack suggests that some combinations might be unavoidable, but that doesn’t mean you can’t take other precautions.

Have you used the same “mother’s maiden name” verification information across websites? Could the compromise of information you supplied to a “throwaway” website lead to compromise of a really important one?

If so, it might be time to go through all the websites you use most frequently, and change the information there. Yes, all of it. Then write down your new lies somewhere you can find them.

Secrets should be shared between you and each website – not between you and every website.

Because until we get to an identity metasystem, where every single website doesn’t rely on independently re-verifying every single detail about your life, anything you share with any website may eventually become public information.

Scary thought.

A weekend’s worth of tips in the Windows 8 Consumer Preview

Just some notes recording what I’ve picked up from a couple of days using the Windows 8 Consumer Preview on my main desktops:


The hit target for the Start button is the very bottom left corner – like, the four pixels in that region. Just slam the mouse there and click – when you get used to it, it’s cool!


The sides of the screen work consistently that way – each is a slam-to-any-corner, then mouse up or down to get to the functionality on that border. This makes it fast without permanently cluttering screen space (I haven’t tried multimon yet).

Task switching – slam to top-left, then drag mouse straight down. (Or, bottom-left-as-in-Start, and slide up). Has grown on me greatly; I often now have a metro app side by side with the Win32 stuff/desktop. Alt+Tab still works.

imageCharms – slam to top-right or bottom right, then drag down or up, but be quickish, it fades! Or just Win+C.

Charms are important – each app has its own Settings (Win+I to skip the Charms menu step) now, and you print (for example) through the Devices charm by picking the Printer. Share through the Share charm. And so on.

On Settings – you can get to Settings (as in, that big list of Win8 style settings) by going Charms, Settings, More Settings (at the bottom). It’s arguably easier just to hit your username and Change Picture.

Drag straight down (violently!) from the top to throw away (i.e. terminate, I think) any Metro app. Otherwise, drag it to the region you want it in.


Start-and-type to search and run programs still works like in Windows Vista and 7 – you just hit Start and without waiting for anything, type a bit of the name of the program you want to run, and it searches for it. Ctrl+Shift+Enter probably still elevates that program to Admin. The difference from Windows 7 is that there’s no search box before you start typing. Well, that and there’s a full-screen list of programs.

Tip: The Start screen goes away as soon as you’re running a Win32 app, just like the old Start menu*. If all you run is Win32 apps, it’s big, sure, but it’s fluid.

If you’re still Win+R ing to Run apps, that works too.


imageimage The Remote Desktop Metro app behaves subtly differently from the MSTSC Win32 app when remoting to a Win8 target.

I’d summarize this as: the Metro one is optimized for fullscreen touch interfaces (and won’t entirely capture your mouse when in fullscreen – if you mouse to the bottom left, you get the local OS start menu), while the MSTSC version works basically how it always did. Plus extra buttons and stuff. If you were working on a touch-only device, swiping for the local start menu makes a lot of sense (how else are you going to escape!?)

As I’m working on a touch-enabled desktop but mostly keyboard-and-mousing, I tend to prefer the MSTSC behaviour over Remote Desktop Metro.

If you’re using Win8 MSTSC, it’s faster to click the (new) Start button in the MSTSC connection bar (at the top of the windowed desktop) than try to hunt for the lower left pixel if it’s windowed, at least right now, as far as I can tell, YMMV, cheques may not be honoured. Just connect Fullscreen, and slam that mouse around!

As long as you’re capturing the Windows key in your RDP session, other handy non-hunting tips: Win+C = Charms, Win+I = Settings


* except again, it’s full screen. I’m OK with that – it wasn’t like I scrutinized the Start menu every time it appeared.

Note: Tristan has no inside information on Windows 8, he’s experiencing the Consumer Preview along with the rest of the world.

RemoteFX (with Hyper-V) is a serious business tool. For games.

The Setup

My downstairs PC (on the dining room table) is an HP Touchsmart all-in-one Core 2 Duo Intel Integrated Graphics 965-based box, which makes it absolutely abominable for games.

Upstairs, my internet connection plugs into my Hyper-V host (actually, a TMG instance on it), and I’ve a sort-of-gaming PC set up next to that, which has a nice video card, and chair, and half-assembled steering wheel.

I’ve GigE running all over the place.

Back to the downstairs PC, though: I once tried Borderlands on it, and at the lowest settings, I could’ve made a faster PowerPoint deck. Pretty sure my WP7 phone has more 3D graphics grunt.

The Problem

Recently, I’ve been playing a lot of Jagged Alliance, because it seems like there’s just so much of it about, and I really loved the earlier incarnations.

But to play Jagged Alliance Online, or Jagged Alliance: Back In Action, I’ve needed to move from downstairs, where I like to hang out in the dining/living room, to upstairs, or The Man Room, where I’m quite isolated from my girlfriend, the TV, and the small family of woodpeckers that’s moved into the dining room table.

The Solution: RemoteFX!

The Hyper-V box got upgraded to a Core i7 (from a Q6600) with 16GB RAM recently. This means SLAT/EPT is available, which means that I now have the possibility of sexy 3D GPU graphics without actually crippling the performance of the VMs running on it.

Also, it got me thinking about RemoteFX:

Could I get reasonable 3D gaming performance from the Hyper-V host, using the downstairs box as just a screen?

Not having used RemoteFX before, I did some research. Then some more research. Then some more. Everyone and their dog was trying it with an unsupported GPU (“for business purposes”… suuuuure), but there were some success stories around, so I persevered despite not really understanding what I was doing. (It’s a good quality. Honest.)

Note: This should not be taken as endorsement or condonement of using an unsupported GPU. If stuff just randomly stops working, or a driver update breaks this, there’s no recourse. So if you need a supported, working, supportable solution, DO NOT DO THIS. (yes, just like Xbox Live through TMG).

I jammed an Nvidia 9400 (or something; the only spare PCIe card I had) in the server as a proof of concept (depending on what you read, you either need more than one card, or the Intel isn’t a suitable RemoteFX GPU anyway).

  • Pre-work: Disabled Live Mesh’s Remote Desktop support (it installs a video adapter driver that I’m pretty sure isn’t WDDM and I didn’t want to fiddle around with it; RDP is fine)


  • Installed the RemoteFX role (Virtualization Host)
  • Created a Hyper-V VM and Installed Windows 7 Ultimate X64 SP1
    • Uses the External Hyper-V network (my internal home LAN, with DHCP, a proxy, etc)
    • 2 procs
    • 4GB RAM (was 2GB, but figured I had the RAM spare, might offset the slow disk I’ve got it on)
  • Installed the RemoteFX adapter into the VM  (if you’re following this as a guide DO NOT DO THIS NOW)
    • (1600×1200 (client res is 1680×1050; close enough))
    • Noted that the refresh of the VM properties was now quite slow. Driver? Whizbang feature thing? Comes and goes.
    • Screamed and cursed while shutting the VM down again because I’d forgotten to enable Remote Desktop first, and the Hyper-V remote window won’t connect to a RemoteFX enabled VM.
    • Removed remoteFX adapter from VM.
  • Enabled Remote Desktop in the VM
    • Remoted into the VM to check it worked
    • it did!
    • Checked that my Remote Desktop settings on the client were all up to eleven (LAN, full experience, 32-bit colour)
  • Shut down the VM and re-installed the RemoteFX adapter
  • Faffed around with Cap drivers and reboots. Short version: didn’t need one
  • Used the Group Policy Settings to un-balance RemoteFX performance as much as possible (only ever likely to be me using it at once)

To CAP or not to CAP?

The literature commonly refers to installing the RemoteFX Cap Driver because most servers don’t use WDDM drivers for their inbuilt video cards.

Mine did have a WDDM driver (the i7 has Intel Integrated HD Graphics)… but I didn’t know that, so I assumed it was XPDM and installed the Cap driver; turns out I simply didn’t need to, and there was much installing and uninstalling of the cap driver, with reboots required. (Which take out my house’s Internet connection).

In short: looks to me like if your inbuilt server adapter is WDDM, no need for the CAP driver. But like I said – I removed the ?XPDM? Live Mesh adapter before starting.


It worked, but the 9400 didn’t support new niceties like Shader Model 3.0, so BIA was out. And JAO ran too slowly for my liking. And the card was ollllld. So assuming that’d be the problem, I figured I’d try a new one.

A new video card

So I bought a new ATI/AMD Radeon HD 6770 1GB card (and a 6790 for the gaming PC…) for $140, and dropped that into the Hyper-V box.

(Yes, I know it’s unsupported. Yes, I know there are special GPUs for this. No, I can’t help you if you run into trouble with this.)

At this point, I tried installing drivers, but it didn’t seem to work initially, possibly because I still had the Cap driver installed (there was screen blanking). Eventually, after several uninstall-reinstall cycles, it just worked. I didn’t (as of 12.1 Catalyst) need different drivers; I didn’t install Catalyst Control Center on the successful run, but I don’t think it was that anyway.

The Event Log messages about nonworking GPUs disappeared, and I had a working RemoteFX host again. (Moral of the story: if you are using a cap driver, and you need to add or change a video card, disable the cap driver first).

How does it go?

It goes alright!

Some games react weirdly to RDP-style inputs (particularly the mouse); some games have glitches they don’t otherwise have with the synthetic 3d adapter.

I would not try playing most FPSs via RemoteFX (you’re instantly dealing with input lag plus network lag plus rendering time on the server and the client, plus that mouse-movement-is-display-mouse-movement thing).

Also, keep in mind: this is a screen remoting protocol; if your box can’t do smooth full-motion 3d on its own, or smooth full-screen video, doing smooth full-motion 2d-of-3d might put a fair load on it as well. If Aero is jerky on the box (it is on the Touchsmart), that’s about the best-case frame-rate you’re likely to get from RemoteFX or anything for that matter. There are performance counters to track where bottlenecks are.

Quick summary of games I’ve tried:

I can now play Jagged Alliance: BIA on my downstairs PC pretty reliably, which is all I wanted to do in the first place. I do it a lot right now. I use 1280×720, 30Hz (seems to respond better), 2xaa, 4xAniso (or 4x whatever that last setting is), and Vsync.

JAO has some graphical weirdness (blank world map and face tiles) which fixes itself up when you play with the 9 and 0 keys (graphics detail level). Again, can now play it on the Touchsmart, which is incapable of playing it on its own.

Company of Heroes looks great, and with all the settings turned up to max, I got a “Great” score on COHmark. Can’t remember the numbers, but better than I expected. Haven’t played with it extensively yet.

I tried Civ IV, and it was the first time I’ve played it… it worked pretty well.

Frozen Synapse didn’t work at all, just crashed to desktop.

Deus Ex: GOTY – man, that game’s a pain to configure these days, what with its software rendering default and 16 bit colour! ugh! – it doesn’t really work well, input issues once the video issues are fixed.

In summary: awesome for the downstairs PC

It’s not a solution that allows me to dedicate the full unfettered power of the GPU to a single client (at least, I haven’t worked out how), but with a nice, grunty GPU in the server box, it’s nice that I won’t have to replace the touchsmart until Win8 comes out (bevel-less touch is important), and then I’ll get me one of those sexy new HP all-in-ones, and maybe play games locally again for a while. Or maybe stick with the thin screen/lots of bandwidth solution!

ATI Video Blurring on Media Center

I upgraded the drivers for my ATI/AMD Radeon in the Media Centre after 1 year of old version-ness, and suddenly video smearing and odd fleshtones are back for standard def TV.

(Why oh why oh why won’t ATI just leave my video (and historically, HDMI overscan/underscan) settings alone!?)

The usual TRDenoise and DXVA_thingy hacks didn’t seem to improve it this time, though.

Anyone got a newer set of tweaks that doesn’t make TV look like it’s being viewed through a soft-focus vaselined lens?

Or is it possible to configure good-looking video through the UI now?

I think what I want is simply a faithful rendition of what’s in the transport stream, but I’ll accept *better* image quality, sure!

Hotmail Aliases

The Hotmail team blogged about email aliases earlier this year – I didn’t know either technique was available, so thought I’d republish the ADHD version here.

Ultra-short version: You can add a tag (essentially) to your hotmail email address and use Sweep (mail rules) to manage emails to that address, or you can create a full-blown additional email address.


Let’s say your email was (Aside: why and not Cos I don’t want anyone getting spammed when a bot reads this post)

Plus-sign-based Email Address Uniquification

See the Hotmail feature docs for more details.

Actual aliasing – adding email addresses

Hotmail allow 5 aliases to be created each year (to a max of 15) – essentially, new, linked email addresses.

So the person getting this one would have no clue it’s in any way related to your preposterousexample address.

Nice. Not sure how I’ll use it yet. Possibly forgreatevil(

IRacing vs TMG 2010


About a week ago, I signed up for iRacing again, after letting my subscription lapse back in, oh, looks like 2008. Time flies!

Since then, I’ve been trying to get updates to install, but I’ve been having no luck with it – the update web page would just vanish when I ticked the updates I wanted and clicked Update.

(Actually, that’s the second symptom – at first I suspected a WPAD problem, as the update window would hang on a blank address, but after disabling proxy settings, that stopped, and I simply didn’t get the updater working.)

One full OS reinstall (well hellooo crazy/hot SSD), UAC, Windows Firewall and AV shenanigans, and a bunch of file- and security-related fiddling later, I was trawling through the IracingService log (Iracingservice.out) and noticed a bunch of network-looking errors, including a 10054 socket error.

TMG logs also noted the 10054 (connection forcibly closed by remote host), so I got to thinking: Could this be another XBL-style HTTP/TCP thing where the Web Proxy filter gets upset?

In short: yes!  Cue obligatory “see-it-works-now” screenshot:


Oooooh. Ahhhhh.

Fixing It

I used a variation on the Xbox Live HTTP technique, to disengage the Web Proxy filter from, but constrained it by source IP (just my home gaming machine) and by target IP.

Toolbox Objects:


  • RacingPod – Your client computer IP. It’s fixed, right? This can be skipped if you’re using DHCP, just specify the internal network – the Computer Set for Iracing will still “partition off” the relevant requests.

Computer Set:

  • IRacing IPs: the IP address of (ping or nslookup for the current IP). I could have used a Domain Name Set, but I didn’t want to incur possible name resolution overhead on any HTTP request that might have matched these conditions. It will break when the IP changes, but I’m OK with that for now.

Protocol Definitions:

  • Xbox HTTPTCP/80 Outbound , not based on HTTP base definition, not bound to the Web Filter . (That’s the important part). I’m reusing a protocol I created earlier for something else. See if you can guess what?

Rules (in this order)

  • Iracing Special HTTP – Access Rule,
    • Action: Allow
    • From: RacingPod
    • To: IRacing IPs
    • Protocol: Xbox HTTP (only)
  • Iracing Block Regular HTTP – Access Rule,
    • Action: Deny
    • From: RacingPod
    • To: IRacing IPs
    • Protocol: HTTP (only) – that’s regular HTTP, not the new special Xbox HTTP

These should be considered inseparable rules – move them as a single unit (shift-selecting allows you to move whole blocks of rules up and down, by the way – to quickly move these to the top, shift –select the other rules above them, and r-click Move Down that group). Put them ahead of any general Allow rules – they will only affect traffic to Iracing’s Member site, only for the HTTP protocol, and should be very, very quick to process.

See the Notes on the Xbox post for the nitty-gritty on why this works. (This’d probably also work for ISA Server 2006 and ISA 2004, if it’s a problem for them, by the way).

Caveat Racer

Threat Management Gateway probably isn’t called Fluffy Home Network And Gaming Gateway for a reason. It’s designed to mitigate possible security threats for corporate environments, not to get all UPnP-laissez-faire and cosy with strange remote hosts. But it’s kinda fun to force it to.