Einbetten von Office-Dokumenten in Word

Um eine bestimmte Zeichnung z.B. von einer Visio-Datei in ein Word-Dokument einzubinden, sollte man zunächst das Office-Dokument verknüpfen. Dazu unter ‘Einfügen\Objekt’ eine Verknüpfung zu dem jeweiligen Objekt erstellen. Anschließend diese Verknüpfung bearbeiten, indem die Zeichnung ausgewählt wird und [SHIFT]+[F9] gedrückt wird. Dadurch wird das Kommando für die Verknüpfung angezeigt und kann bearbeitet werden.

Soll nun aus der Datei MyFile.vsd die Zeichnung Picture 1 eingefügt werden, so muss folges eingetragen werden:

   { LINK Visio.Drawing.11 "C:\\MyFile.vsd" "Drawing\\~Picture 1" \a \p }

Dabei muss auf jeden Fall der vollständige Pfad zu der VSD-Datei angegeben werden, und Backslashes im Pfad müssen escaped werden.

Integrated Windows Authentication in Mantis

Update: a new post is availbe, with an updates patchfile for Mantis 1.2.1!

The more tools are being used in an enterprise environment, the more logins and passwords need to be memorized. A first step is to use LDAP based authenticatin. In MS Windows based networks this offers to ability to manage all users in the Active Directory, so the users only have to use on username/password. But the user will still have to enter this into a login-screen in order to access the application.

Using SSO the user is always identified by already existind credentials. In the best case, the logon credetials of the operating system are being used. Since Active Directory is based on the Kereberos authentication protocoll, this offers the ability to use kerberos based authentication in other applications, and thus re-using the existing windows authentication.

The Internet Explorer is capable of using the windws logon-credentials to authenticate users on certain webservers. But with a slight modification this can also be used on an Apache running on a linux box. How to setup Apache to allow kerberos authentication is explained in another article. Once Apache is setup correct, Mantis needs to be slightly modified to use the information supplied by the kerberos authentication. My modifications are all based on the current development-release of mantis 1.1.0a2.

Modifing Mantis

Basically three files need to be modified: core\authentication_api.php, login.php and config.inc.php.

  1. In config.inc.php I switch from LDAP authentication to HTTP_AUTH, since I wand the webserver to handle the authentication. Also I introduce a new configuration setting sso_user_regex. This is needed, because I need to extract the username from the user identified by the webserver. So I use this handy little regex to do this for me:
             $g_login_method    = HTTP_AUTH;
             $g_sso_user_regex  = '/^(.*)@ACME\.COM$/i';

    This regex would extract the username portion for users of the domain “ACME.COM”.

  2. Next would be to modify login.php to extract the username from the authenticated user, if the user was detected using “Negotiation” (which is the case if IWA was used). So I apply my previously defined regex to the “Remote-User” variable of the server to get my mantis username. So we have to insert some code at line 32:
          if ( isset($_SERVER['REMOTE_USER'])) { #  $_SERVER['AUTH_TYPE'] == 'Negotiate' )
            preg_match(config_get('sso_user_regex'), $_SERVER['REMOTE_USER'], $user_match);
            $f_username = $user_match[1];
          }
  3. The last step is to add an additional condition to the authentication_api.php to prevent from trying to authenticate the user with the mantis user database using the username and password. This would only work, if the username and password would be supplied by the webserver, but using IWA we only have the username (the password is not transmitted in IWA, only the logon-challange). So this would only work if Basic Authentication would be used instead of kerberos authentication. So validating username and password with the mantis user database is restricted for HTTP_AUTH by modifing line 121:
          if ( HTTP_AUTH != $t_login_method && !auth_does_password_match( $t_user_id, $p_password ) ) {
          # if ( !auth_does_password_match( $t_user_id, $p_password ) ) {

So this should be all, to get Integrated Windows Authentication running. Below is a patchfile to apply the changes of authentication_api.php and login.php.

Attached you’ll find a patch-file to modified the corresponding files. To apply the patch you simple need to execute (assuming you have patch, and you’re executing it within your install-directory of Mantis):

   patch < iwa_sso.patch -p0

Download: iwa_sso patch

Profiling .net Applications

If you want (or need) to get some more in depth information of your application you will need to run some profiling on your application.

The first thing would be to consult the Windows performance monitor. This offers you to monitor several measures. This could be from cpu or memory consumption as well as bytes written to the hard drive or the network. All measures can usually be limited to a single process, so that you can only monitor your own application. But the performance monitor also offers .net specific measures. More information can be found on the Perfmon website on Microsoft.com.

With the freeware profiler nprof you can keep exactly track of what you application is doing. Most information is aquired using reflection and the profiling API. This way you can figure out what methods have been called and how often as well as how much time these calls consumed.

Last you can also add some tracing capabilities to your application. Some informatin about this can be found on a blog entry on msdn.com.

Network Profiles

When you own a laptop and you work in different environments you might know this scenario: you hook up your laptop to a new network and first of all you have to reconfigure your network settings. Best case would be all networks use DHCP to broadcast all necessary settings, but that’s not always the case. And there might be some features that cannot be made available using DHCP like adding special network folders or printers.

Fiddling with your setup each time you change your location, is quite annoying and error-prone. So you might come up with the idea to write a little script to do just the job. But how can you change network-settings from e.g. VBScript? Well, adding network-shares and -printers is no problem, but how to change an network interface from DHCP to a static IP? OK, so you have to use netsh, there seems to be no other way to manipulate network (interface) settings from within a script. But netsh is so ugly, because of it’s syntax … Well, one naive way of using netsh would be to dump the current config to a file. This way you will just have to configure your interfaces once manually and then just restore the dumped configurations. Creating a dump of the current configuration can be done by netsh interface dump >config1.txt, and a restore can be achieved by netsh exec config1.txt.

Well, I just discovered a little application called Net Profiles, that could just solve this problem. You can manage different profiles, and you just need to apply the profile. This is quite handy.

Generating Passwords

Generating passwords is always an issue. Nowadays passwords are needed everywhere, and having just this one secret pass, that is being used to secure everything is not that secure anymore. A password can be compromised quite easily, especially on the Internet you never know how secure passwords are actually stored.

So you will have create some random password, that makes also brute-force-attackes more complicated. But just starring at the keyboard does not do the job, so most likely you will need to find some software to generate those passwords for you.

After writing some simple VB6 application myself I figured, that the features of my app are quite limited and looking at google showed me, that there are already a whole bunch of this kind of applications available. So why write another …

So I came about two quite interesting ways to create new passwords. First you can use
Password Generator, which is a standalone VB6 application. Except for the VB6-runtime nothing else is required, not even an installation :). Besides generating passwords and choosing which character sets should be used to generate passwords (lower- and upper-case letters, numbers, special characters …) there are already predefined sets for passwords (for e.g. WPA2-keys, Windows 2003 passwords).

The other possibility to get a new random password is to use some web-based application like PC Tool’s Secure Password Generator. This offers the flexibility to generate a new password from everywhere! The website also offers SSL, so that the newly created passwords is not immediately compromised by a sniffer 🙂

BitDefender Freeware Edition

Die Freeware Edition von BitDefender umfasst nur einen On-Demand-Scanner keinen On-Access-Scanner. Die Version, die man im Internet downloaden kann umfasst immer die Features der Pro-Version, die man für ein Jahr benutzen kann. Danach kann man sich registrieren oder “Fortfahren”.

Bei der Auswahl von “Fortfahren” ist das Bitdefender Icon weiterhin Tray sichtbar, aber alle Features die nur in der Pro-Version enthalten sind werden deaktiviert. So zum Beispiel auch der On-Access-Scanner. Obwohl also das Icon im Tray angezeigt wird, wird der Scanner nicht weiter im Hintergrund ausgeführt. Lediglich der On-Demand-Scanner funktioniert weiterhin. Bedauerlicherweise lassen sich aber auch keine Updates mehr downloaden, weil auch das ein Feature der Pro-Version ist.

Fazit: ich habe BitDefender deinstalliert und durch die Free-Edition von AVG ersetzt. Die kann soweit alles (On-Demand, On-Access, eMail-Scan, automatische Updates), lediglich im Vergleich zu BitDefender ist AVG nicht auch Deutsch verfügbar.

Problems with ATPhoto and Plone 2.5.2

I use the ATPhoto product to add a photo-album to my websites. What I like about ATPhoto is, that it features a slide-show, but even better is the capability to identify the orientation of pictures and rotate them accordingly. This is neat, especially when you’re dealing with a lot of images taken by a digital camera that puts the orientation information into the EXIF-data. Another nice feature is the bulk-upload. You can zip your pictures and upload the zip-file instead of uploading each picture individually.

Well, anyway! So I had the currently available version of ATPhoto (1.0 alpha buld 53) installed. But after upgrading Plone to 2.5.2 I got an error when clicking on the individual images.

Unfortunately there is no newer version of the ATPhoto product available (is it still being developed, or should I lookout for some new product? Well, by now Plone features some basic photo-album features out of the box, since version 2.1.x). But luckily there is a bugfix at the subversion-repository available. There is also a collective issue that covers this problem.

To install the new version you have to completly remove the old installation (I would recomend move the atphoto folder to some temporary location) and then place the HEAD-revision of the subversion repository in the atphoto folder.

After restarting Plone my photo-album worked again, just like before 🙂

Backup von Thunderbird

Nachdem mein Thunderbird seit ein paar Tagen etwas mukken macht, ist es an der Zeit einmal dringend nach einem Backup zu schauen. Da ist mir als erstes das Thundersave in die Hänge gefallen.

Damit lassen sich alle Daten von Thunderbird einfach in zwei ZIP-Archiven sichern (jeweils eins für das Programm- und das Profilverzeichnis). Dabei wird für jedes Backup ein eigener Ordner mit einem Zeitstempel angelegt, so daß man seine Backups auch gut wiederfindet und ggf. alte Backups löschen kann bzw. auch zu vor älteren Version zurückspringen kann.

Tydirium – Der Star Wars Film

Tydirium ist ein Fanprojekt, welches eine weitere Episode der Star Wars Saga erstellt hat. Es handelt sich dabei um ein ausschließlich ehrenamtliches Projekt, wobei das Ergebnis allerdings alles andere als amateurhaft aussieht.Durch den Einsatz von computer-animierten Sequenzen wirkt die gesamte Szenerie sehr realistisch und echt. Das Fanprojekt hat es auch schon ins Fernsehen geschafft, wo bereits in verschiedenen Sendungen über das Projekt berichtet wurde.

Leider ist seit längerem nichts neues Bekannt geworden. Auf der Homepage des Projekts gibt es einen Trailer zum Download ebenso wie einige Hintergrund-Informationen zum Making-Of. Wann eine endgültige Version des Films veröffentlicht wird, steht allerdings noch nicht fest.

Battlestar Galactica – The Game!

Fanprojekte werden immer Umfangreicher. Nachdem ja bereits vor einiger Zeit das Fanprojekt Tydirium für Star-Wars gestartet wurde, gibt es nun für einen weiteren Sci-Fi-Klassiker ein Fanprojekt.

Wie auch schon bei Star-Wars, steht auch diesmal eine Neuauflage eines Klassikers im Mittelpunkt: Battlestar Galactica. Dieses Fanprojekt hat allerdings keine neue Episode gedreht, sondern die Handlung in einem Computerspiel erfasst. Der Name des Spiels ist Battlestar Galactica: Beyond the Red Line.

Wer die zweite Staffel der neuen Serie noch nicht gesehen hat, der sollte mit der Demo vorsichtig sein, um nicht etwas gespoilt zu bekommen.

Die Demo gibt es als Torrent-File, andere Download-Links lassen sich der offiziellen Ankuendung entnehmen. Leider ist das ganze zur Zeit nur als Windows-Version verfügbar. Allerdings musste ich feststellen, daß der Download per Torrent doch sehr langsam war, und per HTTP/FTP wesentlich schneller ging.

Gamplay

Das Spiel erinner sehr stark an FreeSpace. Da mag daran liegen, daß es sich im wesentlichen um die gleiche Grafik-Engine handelt. Ansonsten ist die Geschichte aus der zweiten Staffel der Serie eingeflossen.