The .NET Addict's Blog

Kevin Hoffman

Subscribe to Kevin Hoffman: eMailAlertsEmail Alerts
Get Kevin Hoffman: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: SSL Journal, Azure Cloud on Ulitzer, Microsoft Developer, CIO/CTO Update, VITO Report

Blog Feed Post

Installing Geneva Beta 2 on Windows 7

All of my machines are now Windows 7 machines, including just about all of my VHDs and virtual machines

Recently I installed the Beta 2 version of "Geneva", or ADFS 2.0. All of my machines are now Windows 7 machines, including just about all of my VHDs and virtual machines. The only time I use Win2k8 R2 is when the product I'm installing specifically requires me to do that. So when I installed Geneva on my Win7 box, I thought everything would be fine.

Then I rebooted. The "Modify STS Reference..." and "Update federation metadata" menu items that are supposed to be added to the list of available options on an ASP.NET web application were gone. They were there before I rebooted but they were gone after. I also noticed something funny with the Identity training kit install. Every single directory and file in there was marked as "read only". I would unset the read-only flag, right click the file, get properties, and sure enough, it was still set to read only. WTF?

Turns out that when I download files from the big bad scary internet, Windows 7 automatically flags them as "bad content" and they are blocked. The permissions of those files are significantly less than those of files I put onto my computer via DVD or whatever. This is actually as it should be, and it's designed to keep me from doing horribly bad things to my computer.

I uninstalled the Geneva SDK and the Identity Training Kit. I then right-clicked each of the .msi files, chose Properties and then clicked the magic Unblock button. After this, when I installed the Framework SDK, the Visual Studio extensions remained after reboot, and the files created by the identity training kit didn't have weird permission problems and the certificates installed by the lab set up actually bound to the SSL port properly.

So, the moral of the story is this: If you're going to install an MSI that you downloaded from a trusted source (like MSDN or Microsoft Downloads or, unblock it before you install just to make sure you don't run into any goofy permission issues.

More Stories By Kevin Hoffman

Kevin Hoffman, editor-in-chief of SYS-CON's iPhone Developer's Journal, has been programming since he was 10 and has written everything from DOS shareware to n-tier, enterprise web applications in VB, C++, Delphi, and C. Hoffman is coauthor of Professional .NET Framework (Wrox Press) and co-author with Robert Foster of Microsoft SharePoint 2007 Development Unleashed. He authors The .NET Addict's Blog at .NET Developer's Journal.