Upgrading Steps for DotNetNuke from DNN 4.x.x to DNN 6.x.x

image

Specifically we wanted to take a version of DotNetNuke from 4.9.1 to 6.1.3 today and actually found that it worked perfectly.

We did take some steps that helped a lot. This may be of value to some of you.

Before we Began

1. Backed up the entire file system for the website.

2. Backed up the database on SQL server for the site in question.

3. Ensured we had a HOST login account that worked.

4. Ensured the server we were running on (Windows 2008 R2) was patched and running .Net Framework version 3.5 SP1.

5. If your site is busy, work out a way to stop the traffic. One way is to add a portal alias, like test.domain.com in your DNN website. Setup a DNS entry to that test.domain.com points to the IP address of your DNN web server. In IIS, setup a Binding, so that test.domain.com will answer for your site.

Then access the site on test.domain.com and check you can login, etc.

Then remove the binding in IIS for www.domain.com (temporarily while you play upgrade).

This way, the site will not answer normal user access, but will answer you when you go to test.domain.com.

 

Update Path

We suggest the following table for upgrading your DNN Website.

Note: If you are upgrading a version prior to DNN 4.6.2, then you will need to manually update the web.config file. After this version the updates are automatic.

 

Steps On Upgrade

On Codeplex, Click on View All Downloads

image

Find the version for the next upgrade step from the table above. Then find the Version Upgrade download link.

image

Download the .zip file to your server. Then extract the contents directly over the existing website directory structure.

You will be asked to overwrite files, Tick yes to all.

You will be asked to overwrite folders, Tick Apply to all – And continue.

Once you have extracted, hit your website in a browser, and watch the upgrade happen before your eyes.

Repeat the steps of backing up after each successful update, and download the next update package and repeat the process.

 

Tricky Bits

If you are using the XML module, on a DNN version before 5.3.0, then you should obtain the latest update of the module before moving past 5.3.0.

If you have the Ifinity URL Master module. We suggest turning it off to upgrade.

 

After Upgrade

In IIS you will wan to move the website to a new application pool that is running .net 3.5 or 4.0 Integrated. You cannot share application pools with earlier DNN versions that run on .net 2.0.

Jump into the HOST settings, and configure things like, friendly URL’s, DNN Host Menu Options, and performance settings.

If you disabled bindings (from the initial steps 5 above) re-enable them and test access.

 

DotNetNuke Upgrade Service and Support

We offer a DotNetNuke Support Service that can include the upgrading of DNN websites for you. This is especially useful if you are not confident with either .net websites or IIS server administration.

We are happy to help you evaluate the upgrade path and potential problems. The cost of the service is in effect calculated at at an hourly estimate. It should be noted that if everything goes well, and trouble free, there there is at least 1 hours work in this upgrade, usually more as there are often little bugs to sort out.

Please contact us for support here: http://www.interactivewebs.com/Services/DotNetNukeSupport.aspx

Additional References

http://www.datasprings.com/resources/articles-information/dotnetnuke-articles/upgrading-dotnetnuke-4.9-to-dotnetnuke-6.0

DotNetNuke Bulk Email on WebFarm Support Added

image 

Today we have added support to the DotNetNuke Bulk Emailer module for WebFarms.

We have identified a feature of Bulk Emailer for DotNetNuke that has caused some issues with the running of the module on a WebFarm.

There is an automatic enable feature that checks when you start a bulk email message that the scheduler for the module in the Host / Scheduler is enabled. If it is not enabled, the module will enable it.

The Problem

With WebFarms there are two processes that run at the same time.

image

This will cause duplication of sending email messages.

The solution is easy… just disable one of the schedule processes. However this will be automatically re-enabled by the module.

The Fix

To solve this we have added an option to the Bulk Emailer Settings. This option enables you to tick that you are using a WebFarm, stopping the automatic enabling of iWebs BulkEmailer EmailSchedule process.

Additional Steps Required

After you enable WebFarm mode, you will need to go into the Host Scheduler processes and disable all but one of the multiple processes for the iWebs BulkEmailer EmailSchedule.

image

The result will be that only one of the schedulers run and only one email message will be sent.

Creating a New User in Smarter Mail 9

Here are the steps to create a new user in Smarter Mail 9 Enterprise. image

Add New Email Address

1. Log into the webmail interface. webmail.domain.com as a mail administrator.

2. After Login, select the Settings Icon from the left hand menu.

image

3. Expand Domain Settings and Select Users.

image

4. From the Main Window, select New.

image

5. Fill in new user details with the following format.

User Name:  firstname.lastname

Pass: secure password

Display Name: FirstName LastName

Reply-To Email Address: firstname.lastname@domain.com

Backup Email Address: Optional (Use Existing personal address of user if filled in)

User Status: Enabled

Mailbox Size Limit: 50 MB

Enable Outgoing Mail Signing: Enabled

image

6. Click Save when complete.

Microsoft–You Suck Balls!

image

I find it absolutely incomprehensible how hard it is to purchase a Microsoft Product and actually gain access to it.

Over the years, things have always been hard, but appear to have got a lot worse.

My Experience with MSDN Subscription.

In December I receive notice that our existing MSDN subscription is due to expire, so I set about renewing it. Now with any other company, you would just enter a credit card number into a website some place and you would be done. But Not Microsoft.

Microsoft force you to purchase through a reseller (and I get that) so we set about that path.

Our previous reseller was Ingram Micro, who totally destroyed their own business by interdicting SAP some time ago, and have got nothing right since then! So we followed the Legendry Microsoft License Expert “Shane Piercy” to Dicker Data and purchased our license there. (Thanks Shane, that was the easy part).

After some weeks, Microsoft approve our license and send an email with some details.

We then login to Live.com and revalidate an email address that we have used, validated and sign in daily with for the past 10 years. This take 3 days.

We then go to the Volume License website and find the new license needs to be added. We do this, and are advised that we again need to validate our email address. This takes 48 hours (actual time was 4 days). – Remember it is computers doing all this tricky validating of email addresses by sending us an email with a link to click.

We then check back for days in the Volume License website and are advised in the FAQ that validating the license and email can take several days. Go figure!

Finally after 5 days the license appears, and we find that we need to then assign it to a user. We start doing this and fail several times before ringing their Asian America support line and chat to a helpful person who suggest a lot of things before mentioning the catch phrase “What version of IE are you using?”  – I almost blurt out… “Why would I use such a F#&!ed browser!” before explaining that I was using Chrome. Heaven forbid I was on a Mac and did not have access to IE at all.

We finally worked out that IE is required for “This Website” even though there is no detection on the website warning you of this.

So I fired up IE, and set about assigning a user to this license before I get this error.

image

Lucky I am on the phone to the Philippines at the time and ask.. “What Next?”

MS support take all my details again, and advise they will assign the license. This will take only 1 hour to complete. (Believe that when I see it).

I ask for an email address for my support dude. No, he does not have an email address, only a team address that I can use his name in and someone may forward it to him. Remember here I am communicating via a POT (Plain Old Telephone) to the number 2 (I like saying that) IT company in the world. Why can’t I email the dude, or skype, or MSN, or live chat, or SMS, or whatever.. No the only way to get him is call a POT and wait in queue like I did in the last century.

So now I wait. 30 days down, and still no access to something I have paid for. Can you frigging believe it!

The story is not over yet, but I just know I will not have access in 1 hour from now. That would be way to easy.

Microsoft – if you want to know why you are failing. It is because everything you do is 10 x harder than it needs to be. Compare this experience to Apple App store on the Mac!

You have a lot of catching up to do MS!

DotNetNuke Outlook Social Connector Setup

The steps in setting up the Outlook Social Connector for DotNetNuke on your local computer.

The steps assume that you have installed the DNN website module by InteractiveWebs called the Outlook Social Connector.

1. Close Outlook

2. Start the MSI installer “Setup_DNNSocialConnector

image

3. Select Next

image

4. Use the default path, or select one, then select – Next

image

5. Select Next when ready to proceed

image

6. Wait a bit

image

7. Select Close

image

8. Open Outlook and in the Mail view, find an email message and expand the view for the Social Connector.

image

9. Select the + symbol under the contact image, and select “on another social network” from the available list.

image

10. Select “iWebs – DNN Social Connector” from the available social connector plugins.

image

11. Fill in the connection settings for your DotNetNuke Website that has the iWebs – DNN Social Connector module installed. And admin or host account is needed. Click Connect

image

When you browse an email message from a user who is registered on your website, you will see the activity that they have taken on your site. This includes activity on security roles, DNN Forums Module, and if you have updated to our modified Documents Module, activity on that module too.

Exchange Server 2010 Outlook Autodiscovery Tricks

image

I have been trying to work out for some time, a really easy way for AutoDiscovery services in outlook to be directed to the correct address allowing for easy user configuration of services.

Without going into all the details, I have tried all the methods described in (yet another) Microsoft Whitepaper.

http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx

Had some level of success but while working through this stuff I discovered by mistake a little discussed method.

A new feature is available that enables Outlook 2007 and later to use DNS Service Location (SRV) records to locate the Exchange Autodiscover service.

Discussed here: http://support.microsoft.com/?kbid=940881

To Hell with the the WhitePaper, this works fantastically well. It is everything that I need it to be.

Captivate SCORM reporting completed but not passed

image

Captivate SCORM Problems

We have been playing in depth lately with some some of the Captivate SCORM outputs in an effort to better understand the SCORM Compliance and where Captivate falls down in this area. What we have found is very interesting and needs to be explained in detail to understand.

The Problem

Until recently, anyone who wanted to author SCORM-compliant content had few choices. Not many authoring programs existed and the technical knowledge to create compliant content was and, in fact, still is beyond the reach of most training developers. Now there are many affordable, easy to use content authoring programs to create SCORM-compliant content that can be deployed to learning management systems (LMS). Adobe, a leader in the multimedia authoring and programming industry, has recently thrown their hat into the ring and released Adobe Captivate – a SCORM-compliant authoring tool that includes screen capture, simulation, automated testing and more.

Adobe Captivate and LMS Software Working Correctly

When exporting content from Adobe Captivate, you have the option of making your package SCORM 1.2 Compliant. Specifics of the SCORM specification could fill an entire book (in fact, it does!), so let’s just say that SCORM defines what must be included in a content package (certain files which contain certain information in a certain format) and the methods that the content package must use to communicate information (student name, score, etc.) to and from the LMS. The idea is that content authoring programs and learning management systems would all be programmed to comply with the spec and therefore be compatible with each other. Unfortunately, reality has not lived up to the vision.

The SCORM 1.2 specification is long, open to some interpretation and not always logical. Developers have had to make some assumptions and, at the same time, had to predict and hope that other developers made the same assumptions! Our experience with the workings of Adobe Captivate and the development or our own SCORM-compliant LMS has given us some insight to help you get the most out of Adobe Captivate and your LMS – even if it’s not our LMS! Note that we are only focusing on SCORM 1.2. The SCORM 1.3 specification was recently released, however most learning management systems and authoring tools, even those recently released, still support SCORM 1.2 and rightfully so.

Problem 1 – Setting Captivate to be SCORM 1.2 Compliant

If you export a Captivate package that does not have any graded questions in it, it will not be SCORM-compliant. I don’t mean that it just won’t track because it has no grade to send; I mean it is not compliant. In tracing method calls from Captivate lessons, we’ve found that a lesson with no questions will not make the required call to the LMS to initialize itself upon start-up. It will make the finalize call upon exit, however any compliant LMS will throw back an error when this happens. The spec dictates that a content package must initialize itself before it can finalize itself. Makes sense, right?

A tangential problem to this is that a lesson with no questions (even if the correct initialize and finalize calls are made) has no way to tell when it’s been completed, so it does not send that information to the LMS either. This secondary problem is not an issue of compliance as the SCORM specification does not require this information to be sent, but more an issue of usability. What’s the point of making a SCORM-compliant lesson and loading it into an LMS if you never find out when your users have completed it?

Solution 1 – Captivate SCORM Solved

The resolution to both these problems is easy – just make sure that you have a graded interaction in your lesson. It can be an interaction that is actually presented as such or even a button or hot spot that you are sure your users will click while viewing the lesson. The possibilities here are endless, so be sure to test your solution, but the bottom line is that there needs to at least one graded interaction in your lesson.

Problem 2 – Passing the Proper Lesson Status Value

image

Adobe Captivate lets you choose whether to report ‘pass/fail’ or ‘complete/incomplete’ values for lesson status, but this is not an arbitrary choice. The spec dictates that this shall be determined by the lesson after querying the LMS and deciding based upon the response it receives.

When publishing with Captivate, if you select complete/incomplete, and the user fails or fails to finish the lesson, the value of ‘incomplete’ will be reported to the LMS. In the event that the user completes or passes the lesson, the value of ‘complete’ will be reported to the LMS. Likewise, if you select pass/fail, then the value of ‘pass’ will be used instead of ‘complete’ and the value of ‘fail’ will be used instead of ‘incomplete’.

Additionally, Captivate lessons never query the LMS for the value of ‘credit’, which is the element that the lesson should be using to determine whether to use ‘complete/incomplete’ or ‘pass/fail’.

Problem 2 – Solution to Captivate Lesson Status Value

Solving this problem may or may not even be necessary – it’s a rather minor issue. The best thing to do is make sure that you coordinate the credit setting you use in the LMS with the lesson status value you select here. Lessons that are for credit should use ‘pass/fail’ and lessons that are not for credit should use ‘complete/incomplete’. However, one thing to note, and this takes us indirectly to Problem #3 and beyond, is that the spec dictates that the LMS revaluate the score and change this value if you have set a mastery score. We’ll come back to this when we get to Problem #4.

Problem 3 – Passing Score in the SCORM Format

The ‘Publish’ interface in Adobe Captivate lets you choose whether to report score as a raw value or as a percentage while the spec dictates that this value must be ‘normalized between 0 and 100′ (meaning it must be a percentage score). When you choose to report this value as a raw score, your lesson is not compliant.

Adobe tells us that they put this option for a very specific reason. The spec defines 3 values relating to score and all shall be normalized between 0 and 100 – minimum score, maximum score and what they call raw score (oddly enough, the spec calls it ‘raw score’ and at the same time dictates that it be normalized – no wonder everyone is confused!). Logically, since they are required to be normalized between 0 and 100, minimum score would always be 0 and maximum score would always be 100 so why even use them? Because of this confusion, Adobe decided to allow the content author to decide whether to report score as raw or normalized.

The problem occurs when you choose to report score as raw and then load your content into an LMS that has been implemented according to the SCORM spec because it will expect to receive score normalized. Confusion ensues!

You create a Captivate lesson and choose to report score as a raw value. Your lesson has 5 questions and your user gets them all correct. Your lesson is going to report ’5′ as the score and a compliant LMS is going to interpret this as 5%. Of course, your lesson should also report a lesson status of ‘complete’ or ‘passed’ (see problem #2) which will truly confuse your user when they look at their stats and see that they passed/completed a lesson with a score of only 5%!

Problem 3 – Solution to Passing SCORM Score Correctly

This is an easy one. Unless you are certain that your LMS implements score as a raw value, always select ‘percentage’ to ensure that your lesson is compliant.

Problem 4 – Making it all Work

image  image

Take a deep breath, because problem #4 might get a little confusing. The SCORM specification instructs the LMS to change the lesson status (the same value discussed in problem #2) when certain conditions apply. When this happens, the LMS shall use the score to decide how to change the lesson status value. If you remember though, from problem #3, you may be reporting score as a non-compliant raw value, so the LMS may change the lesson status based on bad information.

To get a better understanding of this, let’s introduce mastery score. You set the mastery score by clicking the ‘Manifest’ button on the Publish Interface. mastery score is value stored in the manifest file that is included in the content package you load into the LMS. The LMS reads this value and stores it with the lesson. If you notice, Captivate instructs that this value should be between 0 and 100, or normalized.

Now the SCORM specification instructs the LMS that if mastery score is set, the lesson is being taken for credit and the lesson status is not ‘incomplete’, the LMS shall change the lesson status to the appropriate value (complete, incomplete, pass or fail) by comparing the score reported from the lesson and the mastery score that is defined in the manifest. This occurs even if the lesson has already passed a value for lesson status.

The first thing to notice is that you probably should set the mastery score to the same value that you set passing score. That way, if the LMS re-evaluates the lesson status, it will use the same value as the passing score that the lesson itself does.

Now let’s refer back to Problem #3. You had the option of reporting score as a raw value. If you chose that option, when the LMS performs this re-evaluation of lesson status, it is going to compare a raw score to the normalized mastery score. Since one value is normalized and the other is not, it should be clear that you will have some unexpected results from this.

Example

You create a Captivate lesson with 20 questions. You choose to report score as a raw value (non-complaint per Problem #3, but Captivate lets you do it), choose to use ‘pass/fail’ for lesson status, enter a mastery score of 80% and enter a passing score of 80%. Your user gets 17 questions correct.

When the lesson finalizes, the lesson reports ‘pass’ to the LMS for lesson status and ’17′ for score. Everything looks good until the LMS sees that there is a mastery score and therefore it must re-evaluate the lesson status. The LMS looks at score (’17′) and sees that it is less than mastery score (’80′), so it changes lesson status to ‘fail’. In fact, a lesson created with these settings will always have its lesson status re-evaluated to ‘fail’ by the LMS because even a perfect raw score (’20′) will always be less than the mastery score (’80′).

The root of the problem is that Captivate prompts you to enter mastery score normalized, but gives you the option to report score as a raw value. They need to be on the same scale for the re-evaluation by the LMS to work properly.

Solutions

Solution 1 – Don’t enter a mastery score. By doing this, the LMS will not re-evaluate the lesson status and you avoid the problem altogether. But don’t forget about Problem #3 and its solution.

Solutions 2 – Make sure that mastery score and score are both normalized by choosing to report score as a ‘percentage.’ You’ll notice that this is also the solution to Problem #3. If you have confirmed that your LMS expects to receive score as raw, then use Solution #3.

Solution 3 – If you must report score as a raw value, then be sure to enter a raw value for mastery score. In our scenario, instead of entering ’80′ for mastery score, you would enter ’17′. That way, when the LMS re-evaluates lesson status, both score and mastery score are on the same scale and the calculation is done correctly. While technically incorrect since the spec dictates that mastery score be normalized, we won’t worry about it because you’d only use this solution in the case that your LMS is also non-compliant because it’s expecting raw values for score. It’s a workaround.

Conclusion

We’ve seen that Adobe Captivate provides a robust solution for quickly developing online training solutions. But let’s not forget that we need to be mindful of the implementation of the SCORM specification by the LMS and how it’s going to react to our Captivate lessons.

Review the problems and their solutions and you can be sure that your Captivate lessons are going to comply with SCORM 1.2 and function properly when loaded into a SCORM 1.2-compliant learning management system.

Remote Desktop mstsc.exe slow will not start windows 7

Had a painful problem today with the mstsc.exe application in Windows 7 64 Bit Ultimate today.

image

An otherwise happy install suddenly failing to start, or if is started it would be very slow.

Once started, it would not close from the task manager, even if I killed the process with the end process.

Initially

I suspected that it was possibly a virus etc. However I found that there are a lot of people on the net with this exact problem.

I then set about a solution, and figured on out myself, that involves replacing some of the files use by the MSTSC.EXE application.

Basically there are 4 files that I replaced with the same version from another computer that was functional and healthy. They are:

Capture

c:\windows\system32\

MSTSCAX.dll

MSTSC.exe

c:\windows\system32\EN-US\

MSTSCAX.dll.mui

MSTSC.exe.mui

I would create a .zip copy for download except I fear giving out some stored connection settings in the files I already have. So sorry, you will have to find your own backup files.

 

The Bitch of it

The annoying problem is that you cannot just copy the 4 files into the two folder locations as Windows 7 in all it’s wisdom will not let you copy files there, as you are not the “Trusted Installer”.

You might be like me, Administrator and God of your computer that at any time can take to it with a hammer and replace it with a Mac, but Windows 7 knows best… so let’s show you what you have to do to hack that crap!

 

Give Permissions

First, go to the folder or set of files that you need to change permissions for, right-click on them and choose Properties.

image

Next click on the Security tab and then click on the Advanced button at the bottom:

image

Next click on the Owner tab and you’ll now see that the current owner is TrustedInstaller.

image

Now click on the Edit button and choose who you would like to change the owner to, either your account or the Administrators. If your account is an Administrator account, I would suggest just picking Administrators.

image

You can also check off Replace owner on sub containers and objects if you need to delete more than one file in a folder. Go ahead and click OK. Now you will see that the Current owner is the account you picked.

image

Click OK until you have closed all properties windows and are back to the Windows Explorer screen. Then right-click on the folder or file again and choose Properties again.

Now click on the Security tab again, but instead of clicking on Advanced, you need to click the Edit button.

image

Now click on the user name in the list that you want to change the permissions for, which should be the same as who you changed the current owner too. If the user name is not in the list, click Add, type in the name and click OK.

image

Since I had changed the current owner to Administrators, I clicked on Administrators here and then clicked on the check box next to Full Control. When you do that, all the other boxes get checked too.

Click OK once and then click OK one more time to get back to Windows Explorer. Now you can replace those files without any UAC messages telling you that you can’t! Enjoy!

Disable SSL 2.0 IIS 7 Windows 2008 64bit with CRM 2011 for PCI Compliance

PCI Failure

Today we received notification during a PCI compliance check that our Microsoft CRM 2011 server was not PCI Compliant.

image

The cause of the lack of compliance was due to the server accepting connections via an SSL v 2.0 protocol.

Synopsis : The remote service encrypts traffic using a protocol with known
weaknesses . Description : The remote service accepts connections encrypted
using S S L 2.0, which reportedly suffers from several cryptographic flaws and has
been deprecated for several years . An attacker may be able to exploit these
issues to conduct man-in-the-middle attacks or decrypt communications between
the affected service and clients . See also : http://www.schneier.com/p

Download File – ZipSource

aper-ssl.pdf
Solution: Consult the application’s documentation to dis able S S L 2.0 and us e
S S L 3.0 or TLS 1.0 instead. Risk Factor: Medium / CVS S Bas e S core : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)

Perhaps not the worlds biggest deal, as the SSL certificates in place are using the SSL 3.0 however we needed to remove the V2.0 for compliance with PCI.

The solution turned out to be no so easy… Mostly due to the fact that we are using a 64bit Windows 2008 server and Microsoft have only appeared to provide details on fixing 32 bit servers to remove SSL v2.

We did manage to get there and this is what we had to do

Remove SSL v2

You need to run the following commands at a command prompt on the server:

REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\SSL 2.0\Server” /v Enabled /t REG_DWORD /d 0 /f
REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\SSL 2.0\Client” /v Enabled /t REG_DWORD /d 0 /f
REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\SSL 3.0\Server” /v Enabled /t REG_DWORD /d 1 /f
REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\SSL 3.0\Client” /v Enabled /t REG_DWORD /d 1 /f
REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.0\Server” /v Enabled /t REG_DWORD /d 1 /f
REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.0\Client” /v Enabled /t REG_DWORD /d 1 /f

We created a batch file to make this easier.

You can download the file here, and extract the batch file. Then double click the file called: “DisableSSLv264bit.bat”.

Then Reboot the server.

Download File – DisableSSLv264bit

All it will do is run the above commands and in the registry it will add:

image

and similar sets to enable SSL v3 and disable SSL v2.

Then you can use a free test service here:

image

to check that you are disabled.

A failure like this: http://foundeo.com/products/iis-weak-ssl-ciphers/test.cfm

image

indicates something did not take correctly.

If you are using a 32 bit version of windows. (Not possible with CRM 2011) but possible otherwise, then you can use the Microsoft tool here: http://support.microsoft.com/kb/187498/en-us