Apr 112011

Well, it’s been ten months since my last post on this topic.  I believe if my site was The Consumerist, their response would fall into the ‘Taking it Seriously’ category.  For those of you interested in this topic, the  transcripts are below. (edited for the removal of sensitive or redundant information. Emphasis (bold) is mine.) If you’re not interested in the topic, skip this post if you know what’s good for you because I’m posting customer service correspondence. There will be a captioned cat at the bottom, so this post has THAT going for it.

Short version: If you’re logged into more than one computer with their Single Sign On (SSO) tool and you change your password at one of those computers the other SSO tool stays signed in, stops working, and offers no notification that this has happened. Outlook just shows you this lovely popup that explains everything very eloquently.

As I have been with this service for a while, we’ve had a chance to experience the password change cycle, and would like to ask for a change in function for the process.

I allowed my password to expire to experience how often the user would be notified, and how they would be notified. I tested on XP and Win7 desktops, which performed pretty much the same in this task. I received a systray notification about once per day telling me my password was expiring.

When my password expired, I did NOT get a ‘Hey, you’re expired now’ popup. Email just stops working when it expires. Outlook displays ‘Need Password’ in the bottom right, and you will get the credential popup from Outlook. The former is easy to miss, and the latter is VERY confusing in appearance to a user since the server name is nearly unidentifiable to them. Many people think they are now supposed to log into that popup box in Outlook, and never look at the Sign-In tool again!

Worst of all, the Sign In tool box still shows you as being signed in (solid blue, no red x)! We have trained our users that a solid blue Sign in tool means they are properly signed in. This behavior also occurs if a user changes their password at home, then arrives to work and wonders why their email isn’t working despite the sign-in tool saying they are signed in.

I would like to request that the sign in tool does a better job of checking its current credentials, and that its icon change in a way that notifies the user that they are no longer properly signed in. Also, either a systray popup notifying them that their password has expired/changed, OR disabling the Sign-In tool’s Auto-minimize feature when the password is expired (since many users seem to just click systray balloons away)
Thank you for your consideration.

We take the issue very seriously and understand the inconvenience. However, at this time the design of the system is to warn users only when their password is about to expire. Single Sign On will stay signed in even after the password expires, until the user signs off. Once the user signs off, it will prompt them to change their password. I do understand the inconvenience with programs like Outlook that constantly check for credentials every time it query’s the server.

I see that this issue has been submitted to the Development Team and is being considered for a future release of the BPOS Service. It may have an improvement when Office 365 is released later this year.

I recognize what you said in your previous communication: “However, at this time the design of the system is to warn users only when their password is about to expire.” I hope it IS being strongly considered for a change in behavior. A SSO tool that doesn’t track the user’s current authentication status across multiple machines is lacking in my opinion. Part of the utility in your service is the ease with which we can set users up with their work email at a desktop at work, a laptop, and their home computer. This advantage becomes a headache as soon as a user changes their password at one of these locations, and the other locations fail to automatically notice they are no longer authenticated.

Take the Google Talk application as an example. I have it installed on three machines. If I change my password for Gmail at any location, when I log into another location I’m nearly immediately shown a prompt to enter my current password. This is the kind of behavior I’d expect from a SSO tool.

Thank you for your response. We greatly appreciate feedback with issues like this from our customers, as it helps us tailor the product into a more user friendly, streamlined product. I apologize that we do not have an immediate fix for you, but it is being strongly considered for future updates and versions, including Office 365.

Well, if you made it this far, you’re either very interested or you fell asleep and your nose is on the Down arrow key. I promised a captioned cat picture, and I’m following through dammit!

This information about the Sign in tool is true as of v 1.0.1427.040.

Apr 072011

This one had me chewing my teeth for a few days, but it looks like it’s been worked out.  The issue is that a user will try to insert a PDF into a PowerPoint file (any version 2003/2007/2010), and they receive the following error:

The Server Application, source file, or item cannot be found, or returned an unknown error. You may need to reinstall the server application.

PDF to PPTX Error

You can try to insert via Insert Tab—>Object—>Adobe Acrobat PDF or dragging and dropping the PDF directly into the PowerPoint file.  The fix for this I found after posting to the Adobe forums. Disable Protected mode if you are running Adobe Reader X. (this is accurate as of v 10.0.1)

Disable protected mode manually by choosing Edit > Preferences > General tab and deselecting Enable Protected Mode. The fix wasn’t immediate for me oddly enough.  It made the “Create New” button work for inserting, but not “Create From File”.  This behavior ended after a day, perhaps a reboot is in order after changing the setting.  Either way, it worked!

Let me know if you’ve had a different experience. More importantly, update the Adobe forum threads discussing this if you have additional info to add.

Jan 272011

The Operation Failed: Outlook 2007

So, I had a lot of fun troubleshooting this one. The user has a new HP ProBook laptop running Windows 7 and Office 2007. The symptom is that they can not consistently send an email with more than one addressee. When the user sends an email with more than one address, as soon as they hit Send, they receive the error “The operation failed.” This symptom persists on both email accounts associated with the Outlook profile. (A POP3 and an Exchange account)

Searching on this error, I found many variations to its cause, and a lot of proposed solutions. What worked for me, was uninstalling the entire HP ProtectTools suite, and then performing a Repair operation on Office from Add/Remove Programs. I think that approach might be a bit heavy handed, but I was short on time at the moment, and the suite was only interfering with the user’s work, not augmenting it.

If I have the opportunity to work on this again, I’m going to start with HP’s Privacy Manager that hooks into Outlook and installs a toolbar.  Many of the posts I read seemed to have the common theme of killing a third party application that was trying to augment Outlook. If you have this problem, and come across a more elegant solution than nuking HP ProtectTools from orbit, let me know!

May 262010

This is a point of some mild irritation for me. First, I’ll explain what is installed on your computer, and their password requirements.

When you use the MSOL service, you install their Sign In tool. This tool’s purpose is to manage the various applications you have available to you as part of their BPOS suite, and to log you in automatically. It’s very similar to something like the Google Talk client when you remove the “Talk” part of the client’s function. It logs you in, and provides updates to your online service.

Next, is their password requirements:

– At least 7 characters.  [No arguments here.]

– A combination of Upper and Lower case letters. [yay!]

– At least one number or symbol. [Perfect. More secure than my bank which actually disallows symbols]

– Cannot change your password more than once in 24 hours. [Eh?  I know this is to defeat people who change their passwords multiple times to get back around to their original password. But read the next bullet…]

– Cannot re-use your previous 25 passwords. [TWENTY FIVE??? With the previous bullet item in effect, this rule effectively just tracks your ability to track your progress through 25 combinations of Password01 through Password25. This adds nothing but trouble for IT who has to explain why their email password is impossible to remember. My prediction: Everyone in the company has a Post-It note stuck to their monitor with a number between 1 and 25 written on it… If we’re lucky.  In reality, it’ll probably be the whole password.

I thought I’d take some time and add a few more helpful rules.

– You may not use any letter or number that you used in your previous eleven password changes.
– Submit your identity for a background check and home inspection so we can be sure you’re not using a family member/pet name or birthday.
– Hold the laser in your mouse up to your eye for a retina scan

Ok, I’m feeling a little better. Moving on to a new complaint. We all know how users can be about changing their passwords.  They wait until the very last day, often only changing it when Windows refuses to let them log into their computers without doing so.  (I certainly do this with my domain login.) With the Sign In tool, you receive daily notification at about two weeks out that your password is expiring. No problem there. My problem lies in what happens when your passwords DO expire.

  1. Your email just stops sending/receiving.
  2. The icon in your system tray that reports that you are signed in still says you are signed in, and never provides a popup letting you know your password has expired.
  3. Outlook throws the following helpful box up at you:

Ah, good old RED001.local.  Users know what to do with that, don’t they?  Don’t get me wrong here, users had to ignore 10-20 notifications that this day was coming in order to get here, but that is what users do. Software needs to be tolerant of this. I have a request in with Microsoft to improve how their tool works and I’ll update this when I get their response.