Monthly Archives: November 2011

Dealing with Non Disclosure Agreements

Lately I’ve been talking to a lot of start-ups, all of which have in their back pocket some kind of NDA that they either want me to sign personally, or want me to sign on behalf of Readify. Of course it isn’t just start-ups that have NDAs, our customers have NDAs as well, and our partners (such as Microsoft).

The purpose of an NDA is to allow two organisations to freely discuss business plans and the information that informs those plans (whether they are technical in nature or not) whilst creating legal ramifications for one or both organisations abuse access to that information.

Personally, I think every time someone asks you to sign an NDA, you should say “What, don’t you trust me? That’s the great way to start a business relationship.” – to which lawyer types would likely say its all about protecting your own interests should the worst happen.

If you are the recipient of an NDA there are some very good reasons for you to not sign the document before you have an initial discussion:

  1. There may be a conflict of interest and signing the NDA prematurely might compromise your ability to execute on your own interests.
  2. Exposing yourself to silly litigation situations for even minor infractions, especially true of you get into a situation where one side isn’t happy with the other side.

In the past I’ve signed NDAs and not thought too much about it. But I’m going to start to ponder them a bit more these days especially since people are coming to me wanting something from me, rather than the other way around.

Here is a great article on ReadWriteWeb on the topic of why a VC won’t sign your NDA.

Windows 8 + Hyper-V + SSD = Happiness!

One of the great things about work for Readify is that you get to work across the full range of the Microsoft application development environment including not only the core .NET framework, but also platform products such as Dynamics CRM, and SharePoint. The problem with working at Readify is that you need to be ready to go with one of these platforms at relatively short notice, and some of them, to put it simply, just don’t play well together.

I also spend a fair bit of time on e-mail, using the standard productivity tools that you’d find in most corporate environments. I value my mobility so I don’t really want to use Windows Server 2008 R2 with Hyper-V as my desktop operating system, so I was really excited when Microsoft said they were including Hyper-V in Windows 8.

For the last month or so I’ve been running Windows 8 as my primary operating system. I’d be lying if I said there weren’t any issues but overall its perfectly usable if you are a developer and can deal with “bugs”.

In order to cope with these issues I’m heavily using Hyper-V in Windows 8. I have two Virtual Machines defined and each has multiple snapshots of systems in various configurations. Here is my Windows 7 Hyper-V image snapshots.


And my Windows 2008 R2 Hyper-V image snapshots.


Whilst not expanded, in the Windows 7 stack I have a number of additional snapshots for various client environments. For Windows 2008 R2, I’m playing with CRM 2011 so I carefully built up the VM so I managed to get a SharePoint 2010 development environment along the way (since CRM 2011 now integrates with SharePoint 2010).

Overall its been a pretty good experience. My laptop is an Quad Core i7 and has 8GB of RAM, and I think I could use an extra 8GB but the hardware enhancement that really made it possible was the 512GB SSD. Prior to this I was using a 128GB SSD and whilst the performance was great, it just didn’t have the capacity to pull this off.

Other than video graphics performance, using Hyper-V off an SSD is a great experience. And I’ve got the added advantage that when I do get a new laptop which is a bit beefier that I’ll be able to pick up these images and just move them across.

For those working with tools like SharePoint and CRM, doing this kind of VM shuffle isn’t new, but with SSD prices coming down the ability to get high performance storage which is usually the problem with these setups – the experience is getting a lot better.

Application Emails & Office 365 Send Limits

In our environment at Readify we have a mail-gateway in a private environment that we use to route e-mails from various internal systems onto our cloud hosted environment (was BPOS, is now Office 365). Due to the e-mail problems we had last week those e-mails queued up, and queued up, to the point that we had thousands of the e-mails sitting there.

When we finally switched that mail gateway to use Office 365 we got a flood of e-mails, followed by a series of errors inside our various systems. Turns out that we were hit by a policy around sending limits inside Office 365. We raised a support case but unfortunately this can’t be configured. I guess they are trying to mitigate the risk of people using Office 365 as a spamming platform.

In our case its completely legitimate. We have a lot of systems that generate unique e-mails to various users. Most of those e-mails come from one account ( to signify that they are machine generated. Incoming e-mail to the mailbox is periodically checked for issues but hopefully the e-mail address discourages it. The kinds of systems that use this are:

  1. Team Foundation Server
  2. SharePoint
  3. Dynamics CRM
  4. Heaps of custom applications.

As I said, it appears this can’t be changed. We only hope that we won’t be impacted again since the volume of e-mail that was queued up was a result of days of delay. That said, this limit could be an issue for larger organisations wishing to use Office 365 where internal systems need to interact with mailboxes and send personalised e-mails.

The URL that outlines the policy on the Office 365 site simply suggests that you set up an on-premise mail server. In our case I guess we can probably add our mail gateway as an entry to our SPF records and get it to route mail directly. Its kind of a shame that you have to do that however.

A Better Way

For developers building applications that send customised e-mails on a regular basis, you might want to consider using a service such as Mailgun or the Amazon Simple Email Service. I’m not sure which is better since I haven’t used either (good old SMTP relay is usually good enough for me) but these tools do add an extra level of reliability around detecting issues and allow for corrective action, where SMTP relays, or more precisely programs that use them just drop bad messages like a hot potato, even if it is a transient issue.

P.S. After some searching for how this problem is generally addressed by Windows Azure customers I came across a link to this other service – Elastic Email.

BPOS to Office 365 Migration Notes

Over the course of the last week Readify has migrated from BPOS to Office 365. For most BPOS customers this should be a non event since Microsoft will work with you to drive the migration process and all you’ll have to do is look after the local client side issues – so normally I would recommend that you wait for Office 365 to come to you courtesy of the Office 365 migration teams that are now moving customers.

A Customer Driven Migration

Our situation was a little bit different however. We adopted BPOS quite early and in our rush to move onto it we didn’t stop to think about which AD domain we were going to associate with the environment. At the time we had two AD domains in use within Readify. We decided to associate with our old one since that is where most of the users were at that point in time. What we didn’t realise was that once associated you were really locked into using that domain unless you wanted to completely remove your user accounts and start the AD synchronisation again (note: I’ve heard that there is a way around this now, but it certainly wasn’t available when we first asked).

Anyway – so our migration was a little bit more complicated because not only did we want to move from BPOS to Office 365, but we also wanted to start synchronisation with a completely new AD domain which was now the home for user accounts, security groups etc.

In the end our migration wasn’t really a migration at all. We simply created a new Office 365 account, and used the MigrationWiz tool to copy mailbox content across from BPOS into freshly minted mailboxes at Office 365. The plan started simple but we hit a stumbling block which resulted in a full day e-mail outage, and no rollback path.

What cooked our goose?

Basically what happened was that there was a resource record in BPOS that was somehow incorrectly located inside the BPOS AD environment. This stopped us removing it, and the associated SMTP proxy address which still tied it to the domain name. So even though we had disassociated the address from all users, removed the domain name from BPOS and requested the clean-up of the FOPE (Forefront) environment in Microsoft Online Services, we were still blocked from verifying the domain in Office 365.

We attempted to re-associate the domain name in BPOS, however for some reason the e-mail routing rules in FOPE (presumably) didn’t get re-established properly so we ended up with bouncing e-mails – so our rollback was cut-off. After a conversation with the support team at Microsoft we decided the best course of action was to move forward by removing our BPOS environment completely. This meant that we had to step up the actual mailbox migration which we were hoping to do in the background for users whilst Office 365 started to receive new e-mails.

The MigrationWiz tool is good, but it can’t alter the laws of physics, there was only so much data we could pull out of the BPOS environment. Interestingly transfer into Office 365 was several times faster than transfer out of BPOS so we suspect that there was some throttling going on there. We also had a few users with big mailboxes (mea culpa).

A Devine Hack

Eventually we got all the data across and we gave Microsoft the green-light to decommission the BPOS environment. Unfortunately that item sat in the queue for way too long and we were looking at our second day of an e-mail outage. That was when our system administrator, Nathan, had the bright idea of setting up an external e-mail relay that would translate addresses to the addresses that get associated with an Office 365 instance automatically. This largely worked although a few of our external facing DLs weren’t mapped so we weren’t running at 100%, but at this stage I was happy with 50% Smile Outbound e-mails also went out with and later (which we had successfully verified earlier).

The Plea for Help

This was the status quo for most of last week but the job wasn’t finished so I got back onto Microsoft’s case about cleaning up our BPOS environment. After a fairly disappointing call to Microsoft support I put this tweet out to the Internet. That certainly stirred up a bit of a hornets nest. Its not that I have any particular sway within Microsoft but I’m usually pretty pro Microsoft (I like them as a company), it was unlike me which is why I think it got some attention.

Simultaneously we also reached out to some other contacts within Microsoft who were associated with Office 365 and asked for help and this is really what got the ball rolling for us. We got a local contact who managed to find someone in the US who could look directly at the problem for us rather than going through 2-3 layers of support with no real access. Once we got access to these people it took less than 36 hours to nail the problem which had been blocking us for around five days.

Suggestion for Improvement

I think that if there was one improvement that I hope Microsoft would make to Microsoft Online Services, especially BPOS/Office 365 it would be to make it possible to get access to these people without a series of secret handshakes. What took over 20 phone calls to get no where was resolved with 2-3 phone calls to the right individuals. Customers and partners need a panic button of sorts.

On the other hand Windows Azure support has been consistently good, when you make a request they usually know what you are talking about and can help you when you have problems. When you think about the products involved however that makes a lot of sense. BPOS/Office 365 sits on top of Exchange, SharePoint, and Lync – all of which have very specific requirements around DNS/AD – whereas Windows Azure is somewhat independent of all that, at least for the core services.

Credit Where Credit Due

At the height of my disappointment with the experience we were getting I put out that tweet I mentioned earlier. After that the troops within Microsoft did rally to get our problem solved. Specifically I’d like to thank the following people at Microsoft (in no particular order):

  1. Steven Wilks
  2. Andrew Pasco
  3. Lee Hickin
  4. Vajira Weerasekera

They took the time to look into the issue and respond to some e-mails, take phone calls which makes a huge difference.

In Summary

Internally within the Readify support team, last week is already being referred to as “hell week”. I hope I never have to go through anything like that again. But we now know a lot more about the way the internal support organisation at Microsoft works and the importance of finding someone who understands the problem and can show some empathy. It taught me that Readify’s own application support offering has to have as few layers as possible between the engineers and the customers.

I’d like to make a big shout out to a few of the Readify guys, including Andrew Harcourt, Tatham Oddie, Nathan Thomas, Robert McCann, and Tien Phan – all of who spent time after hours working through the problem. Hopefully I haven’t missed anyone.

On transparency at Microsoft.

Scott Hanselman has posted up an article about transparency in business. He cites an example of Tivo and some specific issues that he and the Tivo user community are having, but also points out that its a broader issue affecting lots of businesses, including Microsoft – his employer.

The good news is that people like Scott are out there listening, and even if they can’t publically reveal any information about a particular topic, they are probably agitating internally to fix some of those transparency issues.

On the topic of Microsoft I think that there are a few areas where they can give us developers a bit more visibility into what they are thinking, these are some right off the top of my head, yours may vary:

  • In application purchases on Windows Phone 7.
  • Strategy around a replacement for Windows Mobile for enterprise applications (e.g. Logistics)
  • What is the application model going to be for WP7 moving forward, are we going to see a HTML+JS bundle like we have on Windows 8? Great if you do, but let us know!
    • And what does this mean for Silverlight?
  • What about WPF? It is so heavily baked into Visual Studio that it is clearly going to be around for a while. Is it still a preferred platform for heavier engineering style applications for Desktops/Workstations?
  • When are BPOS to Office 365 migrations actually going to happen, its only about 12 months late already (random I know, but this is hurting me right now).
  • When is Dynamics CRM Online going to get federated identity support…

These are all things that developers/consultants can speculate about, and then advise customers, but a roadmap would help reduce risk of reimplementation costs occurring down the track. Somewhere in Microsoft there is a marketing manager taking hints from the Apple playbook around secrecy – but for a company like Microsoft, in the dominant market position that it is in, I don’t think it works.

All that said, I think Microsoft is doing great things with their platform, for such a large organisation they do seem to be pulling in generally the same direction. Not bad for a company that is more like 100 smaller companies with a central payroll department…