Last week, I attended Microsoft TechEd IT in Orlando, Fla. Although there didn't seem to be as much enthusiasm as I've seen in previous TechEd conferences, there were still plenty of IT people there. Microsoft estimated the total attendance at about 9,500. There were definitely some gems for those who did attend.The TechEd attendee site provides a bit of insight into the types of content that users really want to see when they come to a conference like this. (Unfortunately, the site is only accessible to attendees, so I can't link to the pages.) One of the site's features is a session demand graph that shows, in relative terms, how many people have added a particular session to their personal calendar. Since there's no requirement that attendees use their calendar -- they can simply walk into any session -- it's not a precise count, by any measure. But it does indicate the sessions that interest at least a subset of the people who come to TechEd.

Most of all, users come for practical, detailed technical information. In order, the most-booked sessions at TechEd were MGT253, Introduction to Windows PowerShell; CLI360, Tricks of the Windows Vista Masters; CLI366, The Case of the Unexplained; SEC372, Windows Security Boundaries; SEC375, A Hacker's Diary: Why I Can Hack Your Passwords and How You Can Stop Me; and SVR353 Wait, Don't Turn Off IPV6: A Guide For The Reluctant. I saw all but one of these, and have to agree that they all deserved to be seen.

Several of those sessions benefitted from presenter star power. CLI366 and SEC372 were given by Mark Russinovich, who combines the rare qualities of technical guru and socially adept presenter. SVR353 was given by Mark Minasi, another excellent presenter. I wasn't familiar with J. Peter Bruzzese, who gave CLI360, and didn't catch the session, but the slides from the presentation were informative and funny.

The most eye-opening session I saw was SEC365, The Spy Who Hacked Me. The presenters, Rudolph Araujo and Alex Smolen from Foundstone Professional Services, walked through a scenario where a bank was totally infiltrated by hackers using techniques like cross-site scripting (XSS) and SQL injection. The hackers even reset user passwords, then tapped the voice-over-IP gateway to listen in on the calls where the IT department gave the users their new passwords!

The entire Service Oriented Architecture (SOA) track got little love on attendee schedules. Several of the lowest-rated sessions were related to SOA and mainframes. Another low-demand track was the one on Microsoft Dynamics, the company's customer relationship management (CRM) software. Sometimes I think Microsoft may put these sessions on the schedule in hopes that it will drum up business, rather than inform the practitioners.