Yesterday Microsoft Announced officially that there will be no new future full version of Microsoft UAG. Server 2012 and 2012R2 will cover some of the UAG features as Direct Access and basic secure application publishing. This was quite expected especially after the TMG retirement and the new web application proxy that was introduced in Server 2012 R2.For more details on the latest changes to the Forefront family, please check the below articlehttp://blogs.technet.com/b/server-cloud/archive/2013/12/17/important-changes-to-the-forefront-product...
Wednesday, 18 December 2013
Friday, 13 December 2013
A lot of companies nowadays are trying to move all their clients from the old windows XP platform to either Windows 7 or Windows 8. By April 8, 2014 there will be no more support for Microsoft Windows XP, this includes windows updates, security updates, fixes and normal support. Although XP was a great product, Its highly recommended to move to a newer and more supported OS as Windows 7 or Windows 8.1. Its not recommended to run a 10 years old OS nowadays with all this new security challenges.Client migration is real problem but also the...
Saturday, 7 December 2013
While checking the WSUS Products and Classifications i noticed that some products as the System Center Service Manager is not listed, also i noticed that the System Center 2012 R2 Products are not listed at all even with the latest updates (I am running WSUS on Windows server 2012 R2).Upon checking the Microsoft Update Catalog on the Internet, i noticed that Service Manager is not listed/published on the Catalog as well, this explains why SCSM updates are not listed in the WSUS. For the current state WSUS is not designed to give SCSM under Products...
Friday, 6 December 2013
Aging and Scavenging is very crucial and important for Active Directory Integrated zone, it should be carefully planned and configured. We recently faced a problem when a System Admin reported to me having two DNS records having the same IP address in the DNS Active Directory Integrated zone.The first thing that came to my mind was to check the Scavenging settings however they both (Refresh and Non-Refresh) seem to be fine compared to the DHCP release...
Tuesday, 3 December 2013
A weird behavior was noticed on few Hyper-V host machines, these machines are mainly Dell Rack servers as the powerful R720 Model. These servers came with mix of Network adapters (based on your configuration) as the Broadcom built in adapters and extra Intel cards. The behavior noticed was that Virtual machines that are connected to the Broadcom NICs has poor performance and user login takes several minutes on these specific machines. VMs connected to the Intel Network card login normally and has better performance.When I moved the VMs connected...
Saturday, 30 November 2013
Microsoft Releases frequent Cumulative updates for Lync 2013 servers and Most of these updates requires updating the Lync 2013 SQL Backend database. In this article I will discuss how to update the SQL Express backend database after installing a new Lync 2013 Cumulative update or specific Rollup that requires DB version update.First to check the status of the Database after installing the cumulative update and whether you need an update, you need to run the below two commands from elevated Lync Power Shell.PS C:\> Test-CsDatabase -ConfiguredDatabases...
Wednesday, 27 November 2013
Good news for all Microsoft UAG 2010 users, Service Pack 4 (SP4) was released officially yesterday to support Microsoft Latest Operating system Windows 8.1 and Internet Explorer 11 (IE 11). This new SP4 provides other important features as the support of Remote Desktop Connection RDC 8.1 and the Remote Apps published from Remote Desktop session Host on Windows 2012 or 2012 R2.The Link to download the Latest SP4 is as follows:https://www.microsoft.com/en-us/download/details.aspx?id=41181For More details about features and fixes included in this...
Wednesday, 20 November 2013
I published a recent article on migrating/moving VMs from 2008R2 to 2012R2 Hyper-V host (you can check it at http://itcalls.blogspot.com/2013/11/how-to-migratemove-virtual-machines.html ), after successfully moving these VMs we faced another problem trying to backup them. We were using the latest DPM 2012R2 and we noticed that it added these VMs as offline only and for some reason it can't take online backup of them.After some investigation...
Tuesday, 19 November 2013
We were recently working on a project with my team to move and migrate several 2008R2 virtual machines from 2008R2 SP1 Hyper-V Host to the latest Hyper-V 2012R2 host and we faced a lot of troubles since the old import and export is not working anymore and not supported.Hyper-V Virtual machines that used to be exported from Server 2008R2 Host were utilizing the version 1 WMI namespace which resulted in an export file (.exp) which was used to represent the exported virtual machine. When Server 2012 was released version 2 of WMI namespace was introduced...
Monday, 21 October 2013
Windows Management Instrumentation (WMI) is a key core windows management technology. It provides a consistent approach to carry day to day management operations with programming or scripting languages.I recently started getting WMI failures on daily basis on my 2008R2 domain controllers accompanied by several scripts failure and DNS performance degradation.Also I noticed that the Configuration Manager SCCM evaluation rules on this domain controller...
Thursday, 17 October 2013
Recently the SCOM server (One of your best friends on the network) started reporting the error "AD CS not configured for Revocation checking of all certificates", SCOM reported Event 128 as a warningEvent 128 is normally reported when someone try to use Certificate Request with all time-valid CA certificates to request a certificate. However y default CA doesn't support such request and event 128 gets reported.After checking this issue and consulting Microsoft tech support, this issue will normally occur only after renewal of CA certificate. When...
Saturday, 7 September 2013
I Purchased few weeks ago the Microsoft Surface Pro tablet, its a very nice production tablet that really enables remote users to run their production applications and workloads. There are still some room of improvement to get promoted as the number one choice of tablets for business users. From my point of view the three main things that need improvement are the Battery Life, 3G/4G connectivity option and better Camera.Surface Pro comes with windows...
Tuesday, 27 August 2013
Its common that sometimes few admins miss the renewal of some key certificates in their Microsoft internal PKI (Public Key Infrastructure), this is due to the fact that its a bit of manual task and you need to set manually some Outlook reminders (My favorite method) or run schedules tasks to remind you before the Certificate expiration date.However if you a user that logs frequently on this CA (Certificate Authority) server we can enable...
Monday, 19 August 2013
I recently passed with couple of scenarios where one of the issued Certificates in Microsoft PKI infrastructure solution has validity period shorter than the period already configured on the template of this certificate. The main reason of changing and increasing the validity period/years for several specific certificates is to avoid frequent renewal process. The scenario i passed by recently was when a user duplicated one of the templates and...
Tuesday, 13 August 2013
Its highly recommended when building your Microsoft PKI (Public Key Infrastructure) to have your Root CA offline after issuing the Enterprise Sub CA certificates. Its recommended to minimize the access to the Offline Root CA as possible. The Root CA is not a domain joined machine and can be turned off without any problem.One of the Key issue is the CRL generated from the Root CA, you need to set the CRL interval for a large value so that we...
Monday, 5 August 2013
Recently i was trying to delete/Remove one of the old computer groups under WSUS Console - Computers - All Computers. This Group was an old group with no members/Clients or any pending approvals any more. I tried removing it from the GUI by Right licking the object and Delete but the server hanged and i got connection error as shown below.This problem might occur in WSUS servers utilizing the internal DB which has several...
Wednesday, 31 July 2013
Microsoft WSUS administrators sometimes tend to select all given Products (Options - Products and Classifications) and by time the WSUS content folder grows dramatically till it fill all disk space. If the WSUS administrator tries to uncheck or deselect unneeded products later on, this won't save or minimize the current space.So how do the WSUS updates gets downloaded/Propagated on the WSUS server ?WSUS server contacts the Microsoft Update servers and will only downloads the metadata (Not complete Full Update Package)The Binaries or the actual...
Friday, 26 July 2013
After upgrading our domain Controllers, DNS and DHCP servers to the latest Windows Server 2012, I noticed that our Windows 7 UAG DirectAccess clients are not able to RDP (Remote Desktop/MSTSC) to the new Server 2012 Domain Controllers. The same client can ping the 2012 Domain Controller and 2012 DNS server without any problem however all RDP traffic fails.The weird thing was that at the same time these clients (Windows 7 DirectAccess UAG clients) can ping and RDP/MSTSC any other Windows 2012 member server without any problem at all.I did some intensive...
Wednesday, 24 July 2013
I recently started getting the above mentioned Logon warning Message (Check below screen shot) while logging on my old 2003 and 2003R2 servers using Remote Desktop. I was using a fairly new Windows 8 Laptop.This warning is mainly related to trying to redirect the smart card to the RDP session. This issue didn't occur with Server 2008 or 2008R2 because the driver store in 2008 and above is huge and incorporates a lot of drivers while mostly the 2003...
Tuesday, 2 July 2013
I am pleased to announce and share with you all that I have been awarded the prestigious Microsoft Most Valuable Professional (MVP) award in the Enterprise Security Area. It was a very exciting moment opening and going through the congratulations email.Attached is the exact mail that I received.“Congratulations! We are pleased to present you with the 2013 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively...
Friday, 31 May 2013
I am a big fan of Microsoft DirectAccess technology, for those who are not aware of DirectAccess, Its Microsoft new Remote connectivity solution where users on the Internet get Intranet connectivity to their corporate network without installing any client or initiating any software like old traditional VPN.Microsoft DirectAccess is purely based on IPV6 and Lync 2013 is fully supporting IPV6 and Lync 2013 clients using DirectAccess should work without...
Thursday, 25 April 2013
A couple of month ago i was asked by the Hack Insight Magazine editor to write an article on the famous BackTrack 5.0 R3. Hack Insight - a line of Hack Insight Press which is the new publication devoted to IT Security. Its a good Magazine with different security articles on different platforms.It was a new experience and i was really excited with this kind of publication. I picked the Wireless WEP cracking as i can see many people still adopting it, this article will show how easy to crack a WEP key using BackTrack.My Article was published on the...
Monday, 22 April 2013
After a successful implementation of the Microsoft Lync 2013 we faced a problem with our legacy Windows XP machines that are still existing on the network and need to access the Lync 2013 server. This was not possible because Lync 2013 client is only supported on Windows 7 or Windows 8. The Lync Web client doesn't support all features especially the Audio/Video conference features on XP machines (Greyed out). As a solution we tried using Lync 2010...
Saturday, 9 March 2013
A lot of IT Professionals are moving to Hyper-V and they need to keep updated with all Hyper-V hotfixes, updates and Service Packs. The Below links are for Hyper-V on both Windows 2012 and Windows 2008R2. Some of these updates/fixes are intended to fix specific problem, so don’t apply them unless you have this specific issue. 1. Windows 2008R2 Hyper-V http://social.technet.microsoft.com/wiki/contents/articles/1349.hyper-v-update-list-for-windows-server-2008-r2.aspx 2. ...
Thursday, 7 March 2013
After the install of UAG 2010 SP3, all of the portal applications worked fine except for the File Access application. I tried several options with the application, removing it and adding it back but never worked till I asked my friend Ben Ari (UAG Senior Escalation engineer) as I thought it was depreciated. It turned out to be a glitch or bug after implementing the UAG 2010 SP3 and to fix you need to do the following: 1. ...
Tuesday, 5 March 2013
The UAG 2010 SP3 was officially released on Feb 20, 2013 as promised by the UAG team to resolve several issues mainly to support Microsoft new systems and applications (Windows 8, Server 2012, Exchange 2013, SharePoint 2013...............etc). Thanks UAG team.Download Link: http://www.microsoft.com/en-us/download/details.aspx?id=36788Release Notes: http://support.microsoft.com/kb/2744025I will discuss my SP3 installation process and my comments for a successful implementation in another Post. One of the...
Subscribe to:
Posts (Atom)
