I’ll be speaking at Tech*Ed in June


I’m speaking at Tech*Ed North America 2008, during the “IT Professionals” week, June 10-13.  I’ll be presenting SIX (6) sessions, all on non-admin / least-privilege and the resulting application compatibility issues that arise.  (When I started my “non-admin” blog back in 2004, it was all about security.  Now that least-privilege has increasingly become the default, it has become much more about application compatibility.)


Specific dates/times and session numbers to be determined:



  • Finding Permissions Issues with LUA Buglight 2.0
    I’ve been working on an update to LUA Buglight and will discuss/demo it.  (I hope to have something you can download and run by then — can’t promise, though.)

  • Fixing “LUA Bugs” (Admin-Permissions-Required Bugs)
    Similar to the “Fixing LUA Bugs” series on my blog, but updated with more info pertinent to Vista and additional information regarding app-compat shims

  • Identifying “LUA Bugs” (Admin-Permissions-Required Bugs)
    Comparing/constrasting Sysinternals Process Monitor, Standard User Analyzer and LUA Buglight for identifying root causes of LUA bugs

  • Windows Vista App-Compat Topics: MIC, UIPI, Protected Mode IE
    Mandatory Integrity Control, User Interface Privilege Isolation, Protected Mode Internet Explorer, what they are and how they impact application compatibility

  • Miscellaneous App-Compat/Architecture Topics: Terminal Services Sessions vs. Logon Sessions; Where Mapped Drives are Defined, and More
    Some really nerdy deep-dive stuff that is actually worth knowing.

  • How We Got Where We Are: Why Windows Has Traditionally Required Admin Rights
    Vista makes a big shift in how users interact with their computers and how developers have to write code for those users.  Why couldn’t “least-privilege” have been the default from the beginning?  This session explains the decisions that were made and why those decisions made sense.  (Most sessions talk about current or near-future technologies — this is all history stuff.  I’m really looking forward to this one.)

All of them are 400-level, except the last which is a 200-level session.


Comments (5)

  1. Greg says:

    I will be there and I look forward to hearing you give your speech

  2. Aaron says:

    I know it’s early, but do you think you might make it to TechEd in Europe this year?

    [Aaron Margosis]  Too early to tell.  I’d love to go, of course!

  3. Bildos says:

    Hello Aaron, where we can download  LUA Buglight 2.0 ?

    [Aaron Margosis]  Not available yet.  Availability will be announced on this blog!