|
|
How to create custom Client/Server Application SSLVPN template for Remote Desktop with Full Screen and Console Access
Created by Idan in 9/27/2010 8:55:11 PM
Before you begin IAG is an Application Aware SSLVPN Product, IAG allows to you customize web pages, requests / responses, http headers, URL's, perform smart link translation ( HAT - H ost A ddress T ... Read More..
|
How to configure IAG 2007 to work with Winsyslog 9.0
Created by Idan in 9/29/2010 10:02:35 AM
Before you begin The following article describes the technical procedures for implementing Winsyslog 9.0 and configures IAG to send events to Syslog Important to know! The download version of Winsysl... Read More..
|
How to configure two different portals (secure and nonsecure) with the same IP/FQDN based on source IP address or Network - ISA IAG integration
Created by Idan in 9/29/2010 11:36:48 AM
Before you begin The following technical article was written based on the following customer requirements: Only one SSL Certificate Only one FQDN name (DNS entry) and one external IP (I used internal... Read More..
|
How to configure IAG KCD in Load Balancing Architectures (IIS 6.0 / 7.0)
Created by Idan in 9/29/2010 12:55:46 PM
Before you begin So what is the problem with Kerberos Constrained Delegation (KCD) in Load Balancing Architectures? and how we are going to solve it? When ISA/IAG request Kerberos ticket on behalf of... Read More..
|
How to Configure Remote File Access Single Sign On (SSO) with Kerberos Constrained Delegation (KCD) Before SP1 - PART 1
Created by Idan in 9/29/2010 1:11:51 PM
Before you begin If you don't any have prior experience with the Kerberos protocol ( RFC 1510 - http://www.ietf.org/rfc/rfc1510.txt ), please read this article from Wikipedia first Kerberos (Protocol... Read More..
|
How to Configure Remote File Access Single Sign On (SSO) with Kerberos Constrained Delegation (KCD) Before SP1 - PART 2
Created by Idan in 9/29/2010 1:20:52 PM
This is part 2 of the File Access KCD configuration procedures document Configuration Procedures (Continued) Move forward to the "Shares" section Choose the relevant share Press Apply Configure the I... Read More..
|
How to create custom Generic Multi Servers SILENT SSLVPN template for Client/Server application Access
Created by Idan in 9/29/2010 1:29:36 PM
Before you begin When using the default "Generic Client App (Multi Servers)" template to publish Client/Server Applications with Microsoft IAG, by default the end user will get the following popup Th... Read More..
|
HTTP 401 Error message when configuring KCD architecture
Created by Idan in 9/29/2010 1:37:43 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Symptom When configuring KCD (Kerberos Constrained Delegation) on ISA/IAG server, users that were trying to authenticate, prompted for a c... Read More..
|
How to Backup IAG
Created by Idan in 9/29/2010 1:41:23 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin You need to know what to backup In order to backup the IAG server you have to backup the following components: IAG SSL Ce... Read More..
|
How to restore NEI (Network Engines) Appliance with factory default or last image
Created by Idan in 9/29/2010 1:46:10 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin NEI (NetworkEngines) come with Acronis pre-installed on the Appliance. In some cases you want to restore the appliance to... Read More..
|
How to customize IAG Application Firewall error pages
Created by Idan in 9/29/2010 2:08:26 PM
Before you begin Intelligent Application Gateway 2007 (IAG) is not a regular SSL VPN product, IAG includes Application Firewall functionalities that protects internal published web applications throu... Read More..
|
|
|
How to configure transparent (Kerberos) Integrated Windows Authentication (IWA) in IAG as Internal Authentication Gateway
Created by Idan in 9/29/2010 3:02:40 PM
Before you begin Microsoft released a new feature in IAG SP2 that will allow you to use IAG as internal transparent authentication, authorization, network and application gateway to protect your inte... Read More..
|
Microsoft IAG SSLVPN Project - Design Document [Template]
Created by Idan in 9/29/2010 3:10:39 PM
[Type the company name] Microsoft IAG SSLVPN Project - Design Document [Template] Document Changes Tracking Num Author Date Document Version Changes 1 Idan Plotnik 10/28/2008 V 0.1 Document Creation ... Read More..
|
How to open different Terminal Servers based on user’s parameters in Active Directory
Created by Idan in 9/29/2010 3:28:30 PM
Authors: Idan Plotnik, Security Engineer AND Ofer Nissim, Solution Architect, HP Date: 11/11/2008 Before you begin The following article explains the technical procedures need to implement so you wil... Read More..
|
Error "No map file was found for this station" when importing IAG configuration
Created by Idan in 9/29/2010 3:36:59 PM
Before you begin The following technical document explains how to solve the error "No map file found for this station" when importing IAG configuration from Backup These are the errors you will see: ... Read More..
|
How to create different portals based on source IP address and custom scripts
Created by Idan in 9/29/2010 3:43:22 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin This article explains how to set different portal base on source IP address, for example: You want your internal or VPN u... Read More..
|
How to recover NEI (Network Engines) IAG Appliance that not loading
Created by Idan in 9/29/2010 5:40:17 PM
Author: Ofer Nissim, Solution Architect, HP Date: 13/11/2008 Before you begin Lately, I had a few cases with IAG NEI appliances (NS-1000) that didn't boot with windows. The appliance OS Loader is boo... Read More..
|
How to create custom Generic Browser-Embedded App SILENT SSLVPN template
Created by Idan in 9/29/2010 5:45:29 PM
Authors: Idan Plotnik, Security Engineer and Roy Barkai, IT Department, The Phoenix Group http://www.fnx.co.il Date: 26/7/2009 Before you begin When using the default "Generic Browser-Embedded App" t... Read More..
|
How to configure IAG KCD in Exchange 2007 Load Balancing Architecture
Created by Idan in 9/29/2010 6:46:18 PM
Before you begin This article demonstrate how to the configure SSO via KCD in Exchange 2007 Load Balancing architecture (NLB) Important to know! This document describe the procedures you need to impl... Read More..
|
How to configure IAG 2007 custom End-Point Security to check Registry Value
Created by Idan in 9/29/2010 6:55:19 PM
Before you begin This article describe the technical procedures to add custom End-Point Security detection script that validate Registry value on the remote client computer Important to know! To modi... Read More..
|
Video test
Created by forefrontforums in 10/13/2010 9:30:46 PM
|
How to configure IAG 2007 custom End-Point Security to check Registry Value
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin This article describe the technical procedures to add custom End-Point Security detection script that validate Registry value on the remote client computer Important to know! To modi... Read More..
|
How to configure IAG KCD in Exchange 2007 Load Balancing Architecture
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin This article demonstrate how to the configure SSO via KCD in Exchange 2007 Load Balancing architecture (NLB) Important to know! This document describe the procedures you need to impl... Read More..
|
How to create custom Generic Browser-Embedded App SILENT SSLVPN template
Created by forefrontforums in 10/13/2010 9:30:46 PM
Authors: Idan Plotnik, Security Engineer and Roy Barkai, IT Department, The Phoenix Group http://www.fnx.co.il Date: 26/7/2009 Before you begin When using the default "Generic Browser-Embedded App" t... Read More..
|
How to recover NEI (Network Engines) IAG Appliance that not loading
Created by forefrontforums in 10/13/2010 9:30:46 PM
Author: Ofer Nissim, Solution Architect, HP Date: 13/11/2008 Before you begin Lately, I had a few cases with IAG NEI appliances (NS-1000) that didn't boot with windows. The appliance OS Loader is boo... Read More..
|
How to create different portals based on source IP address and custom scripts
Created by forefrontforums in 10/13/2010 9:30:46 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin This article explains how to set different portal base on source IP address, for example: You want your internal or VPN u... Read More..
|
Error "No map file was found for this station" when importing IAG configuration
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin The following technical document explains how to solve the error "No map file found for this station" when importing IAG configuration from Backup These are the errors you will see: ... Read More..
|
How to open different Terminal Servers based on user’s parameters in Active Directory
Created by forefrontforums in 10/13/2010 9:30:46 PM
Authors: Idan Plotnik, Security Engineer AND Ofer Nissim, Solution Architect, HP Date: 11/11/2008 Before you begin The following article explains the technical procedures need to implement so you wil... Read More..
|
Microsoft IAG SSLVPN Project - Design Document [Template]
Created by forefrontforums in 10/13/2010 9:30:46 PM
[Type the company name] Microsoft IAG SSLVPN Project - Design Document [Template] Document Changes Tracking Num Author Date Document Version Changes 1 Idan Plotnik 10/28/2008 V 0.1 Document Creation ... Read More..
|
How to configure transparent (Kerberos) Integrated Windows Authentication (IWA) in IAG as Internal Authentication Gateway
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin Microsoft released a new feature in IAG SP2 that will allow you to use IAG as internal transparent authentication, authorization, network and application gateway to protect your inte... Read More..
|
|
|
How to customize IAG Application Firewall error pages
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin Intelligent Application Gateway 2007 (IAG) is not a regular SSL VPN product, IAG includes Application Firewall functionalities that protects internal published web applications throu... Read More..
|
How to restore NEI (Network Engines) Appliance with factory default or last image
Created by forefrontforums in 10/13/2010 9:30:46 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin NEI (NetworkEngines) come with Acronis pre-installed on the Appliance. In some cases you want to restore the appliance to... Read More..
|
How to Backup IAG
Created by forefrontforums in 10/13/2010 9:30:46 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin You need to know what to backup In order to backup the IAG server you have to backup the following components: IAG SSL Ce... Read More..
|
HTTP 401 Error message when configuring KCD architecture
Created by forefrontforums in 10/13/2010 9:30:46 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Symptom When configuring KCD (Kerberos Constrained Delegation) on ISA/IAG server, users that were trying to authenticate, prompted for a c... Read More..
|
How to create custom Generic Multi Servers SILENT SSLVPN template for Client/Server application Access
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin When using the default "Generic Client App (Multi Servers)" template to publish Client/Server Applications with Microsoft IAG, by default the end user will get the following popup Th... Read More..
|
How to Configure Remote File Access Single Sign On (SSO) with Kerberos Constrained Delegation (KCD) Before SP1 - PART 2
Created by forefrontforums in 10/13/2010 9:30:46 PM
This is part 2 of the File Access KCD configuration procedures document Configuration Procedures (Continued) Move forward to the "Shares" section Choose the relevant share Press Apply Configure the I... Read More..
|
How to Configure Remote File Access Single Sign On (SSO) with Kerberos Constrained Delegation (KCD) Before SP1 - PART 1
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin If you don't any have prior experience with the Kerberos protocol ( RFC 1510 - http://www.ietf.org/rfc/rfc1510.txt ), please read this article from Wikipedia first Kerberos (Protocol... Read More..
|
How to configure IAG KCD in Load Balancing Architectures (IIS 6.0 / 7.0)
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin So what is the problem with Kerberos Constrained Delegation (KCD) in Load Balancing Architectures? and how we are going to solve it? When ISA/IAG request Kerberos ticket on behalf of... Read More..
|
How to configure two different portals (secure and nonsecure) with the same IP/FQDN based on source IP address or Network - ISA IAG integration
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin The following technical article was written based on the following customer requirements: Only one SSL Certificate Only one FQDN name (DNS entry) and one external IP (I used internal... Read More..
|
How to configure IAG 2007 to work with Winsyslog 9.0
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin The following article describes the technical procedures for implementing Winsyslog 9.0 and configures IAG to send events to Syslog Important to know! The download version of Winsysl... Read More..
|
How to create custom Client/Server Application SSLVPN template for Remote Desktop with Full Screen and Console Access
Created by forefrontforums in 10/13/2010 9:30:46 PM
Before you begin IAG is an Application Aware SSLVPN Product, IAG allows to you customize web pages, requests / responses, http headers, URL's, perform smart link translation ( HAT - H ost A ddress T ... Read More..
|
Video test
Created by forefrontsupport in 10/13/2010 9:39:10 PM
|
How to configure IAG 2007 custom End-Point Security to check Registry Value
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin This article describe the technical procedures to add custom End-Point Security detection script that validate Registry value on the remote client computer Important to know! To modi... Read More..
|
How to configure IAG KCD in Exchange 2007 Load Balancing Architecture
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin This article demonstrate how to the configure SSO via KCD in Exchange 2007 Load Balancing architecture (NLB) Important to know! This document describe the procedures you need to impl... Read More..
|
How to create custom Generic Browser-Embedded App SILENT SSLVPN template
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Authors: Idan Plotnik, Security Engineer and Roy Barkai, IT Department, The Phoenix Group http://www.fnx.co.il Date: 26/7/2009 Before you begin When using the default "Generic Browser-Embedded App" t... Read More..
|
How to recover NEI (Network Engines) IAG Appliance that not loading
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Author: Ofer Nissim, Solution Architect, HP Date: 13/11/2008 Before you begin Lately, I had a few cases with IAG NEI appliances (NS-1000) that didn't boot with windows. The appliance OS Loader is boo... Read More..
|
How to create different portals based on source IP address and custom scripts
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin This article explains how to set different portal base on source IP address, for example: You want your internal or VPN u... Read More..
|
Error "No map file was found for this station" when importing IAG configuration
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin The following technical document explains how to solve the error "No map file found for this station" when importing IAG configuration from Backup These are the errors you will see: ... Read More..
|
How to open different Terminal Servers based on user’s parameters in Active Directory
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Authors: Idan Plotnik, Security Engineer AND Ofer Nissim, Solution Architect, HP Date: 11/11/2008 Before you begin The following article explains the technical procedures need to implement so you wil... Read More..
|
Microsoft IAG SSLVPN Project - Design Document [Template]
Created by forefrontsupport in 10/13/2010 9:39:10 PM
[Type the company name] Microsoft IAG SSLVPN Project - Design Document [Template] Document Changes Tracking Num Author Date Document Version Changes 1 Idan Plotnik 10/28/2008 V 0.1 Document Creation ... Read More..
|
How to configure transparent (Kerberos) Integrated Windows Authentication (IWA) in IAG as Internal Authentication Gateway
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin Microsoft released a new feature in IAG SP2 that will allow you to use IAG as internal transparent authentication, authorization, network and application gateway to protect your inte... Read More..
|
|
|
How to customize IAG Application Firewall error pages
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin Intelligent Application Gateway 2007 (IAG) is not a regular SSL VPN product, IAG includes Application Firewall functionalities that protects internal published web applications throu... Read More..
|
How to restore NEI (Network Engines) Appliance with factory default or last image
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin NEI (NetworkEngines) come with Acronis pre-installed on the Appliance. In some cases you want to restore the appliance to... Read More..
|
How to Backup IAG
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Before you begin You need to know what to backup In order to backup the IAG server you have to backup the following components: IAG SSL Ce... Read More..
|
HTTP 401 Error message when configuring KCD architecture
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Author: Ofer Nissim, Solution Architect, HP Date: 11/08/2008 Symptom When configuring KCD (Kerberos Constrained Delegation) on ISA/IAG server, users that were trying to authenticate, prompted for a c... Read More..
|
How to create custom Generic Multi Servers SILENT SSLVPN template for Client/Server application Access
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin When using the default "Generic Client App (Multi Servers)" template to publish Client/Server Applications with Microsoft IAG, by default the end user will get the following popup Th... Read More..
|
How to Configure Remote File Access Single Sign On (SSO) with Kerberos Constrained Delegation (KCD) Before SP1 - PART 2
Created by forefrontsupport in 10/13/2010 9:39:10 PM
This is part 2 of the File Access KCD configuration procedures document Configuration Procedures (Continued) Move forward to the "Shares" section Choose the relevant share Press Apply Configure the I... Read More..
|
How to Configure Remote File Access Single Sign On (SSO) with Kerberos Constrained Delegation (KCD) Before SP1 - PART 1
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin If you don't any have prior experience with the Kerberos protocol ( RFC 1510 - http://www.ietf.org/rfc/rfc1510.txt ), please read this article from Wikipedia first Kerberos (Protocol... Read More..
|
How to configure IAG KCD in Load Balancing Architectures (IIS 6.0 / 7.0)
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin So what is the problem with Kerberos Constrained Delegation (KCD) in Load Balancing Architectures? and how we are going to solve it? When ISA/IAG request Kerberos ticket on behalf of... Read More..
|
How to configure two different portals (secure and nonsecure) with the same IP/FQDN based on source IP address or Network - ISA IAG integration
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin The following technical article was written based on the following customer requirements: Only one SSL Certificate Only one FQDN name (DNS entry) and one external IP (I used internal... Read More..
|
How to configure IAG 2007 to work with Winsyslog 9.0
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin The following article describes the technical procedures for implementing Winsyslog 9.0 and configures IAG to send events to Syslog Important to know! The download version of Winsysl... Read More..
|
How to create custom Client/Server Application SSLVPN template for Remote Desktop with Full Screen and Console Access
Created by forefrontsupport in 10/13/2010 9:39:10 PM
Before you begin IAG is an Application Aware SSLVPN Product, IAG allows to you customize web pages, requests / responses, http headers, URL's, perform smart link translation ( HAT - H ost A ddress T ... Read More..
|
Problem with UAG SP1 RemoteApp Single Sign On
Created by Idan in 1/13/2011 1:39:56 PM
Hello guys, just wanted to share this strange issue with RemoteApp SSO K I've had a support call for SSO problem through UAG SP1 when publishing RemoteApps, after analyzing the system I saw this stra... Read More..
|
Installing Forefront Endpoint Protection 2010 (FEP 2010)
Created by Ohad in 1/18/2011 1:22:13 AM
This document will describe the steps and configuration for installing Forefront Endpoint Protection 2010 Server on a one-server topology . The available prerelease version only supports one server t... Read More..
|
Installing Forefront Endpoint Protection 2010 (FEP 2010)
Created by Ohad in 1/18/2011 7:51:14 PM
This document will describe the steps and configuration for installing Forefront Endpoint Protection 2010 Server on a one-server topology . The available prerelease version only supports one server t... Read More..
|
Forward (Sending) the Logged in Username to the back-end server using the Authorization Key via HTTP Header or Query String
Created by Idan in 1/18/2011 9:21:53 PM
Access the following custom folder: \von\InternalSite\inc\CustomUpdate Under the CustomUpdate folder, create an . inc "hook" as follows: PostPostValidate.inc For example: For an HTTPS trunk named "Po... Read More..
|
How to convert IAG 2007 Virtual Appliance Machine from Hyper-V to VMWare workstation and VMWare ESX
Created by Idan in 1/20/2011 4:03:54 PM
Before you begin I have heard this question so many times "Can I use IAG 2007 Virtual Appliance machine in my VMWare environment?", so my answer is ... yes, but lets first install Hyper-V :) if the c... Read More..
|
Single Sign On (SSO) between domains without trust relationship using UAG 2010 and custom ISAPI filter
Created by Idan in 1/25/2011 10:46:34 PM
Before you begin I'm very excited to announce that now we have the ability to perform full SSO between forests without trust relationship! For more information contact us info@ForefrontSecurity.org o... Read More..
|
Microsoft Forefront Protection for SharePoint 2010 (FPSP) Services Description
Created by Idan in 2/18/2011 4:21:05 PM
Introduction The following document describe all Forefront Protection for SharePoint (FPSP) 2010 services and they role in the architecture By default in the Server Security Views Dashboard you will ... Read More..
|
How to customize the Forefront UAG 2010 Logon Page (InternalSite) to Right to Left (Hebrew)
Created by Idan in 3/16/2011 7:59:27 PM
Introduction Our customers asking us to translate the login page to Hebrew and change it to right to left and we have seen some technical problems with it The following short technical document will ... Read More..
|
IAG Bug out-of-memory exception from HttpParser
Created by Idan in 5/4/2011 1:43:57 PM
I've just had an interesting debugging session, just wanted to share the info with you all … We have 8 identical IAG servers and this error occurs only on one server: ERROR: CExtECB::OnRead(server:80... Read More..
|
Securing ActiveSync with ActiveSync Protector on Forefront UAG / IAG / TMG / ISA
Created by Idan in 5/8/2011 11:51:25 AM
ActiveSync Protector is an add filter for Forefront (ISA / IAG / TMG / UAG) improving ActiveSync security Background Companies now realize that securing ActiveSync is as important as securing any rem... Read More..
|
Gartner Directory Server Magic Quadrant
Created by Idan in 7/5/2011 8:43:18 PM
I don't know why Gartner didn't release a new Magic Quadrant for Directory Server but I believe that Directory Services is the most critical server and service in each organization and cloud architec... Read More..
|
UAG RemoteApp SSO with custom or other LDAP repository
Created by Idan in 7/5/2011 10:29:48 PM
Hello there If you are using for example Netscape LDAP Server repository and you want to allow SSO to RemoteApp do the following: Create the following file TrunkName0PostPostValidate.inc in the follo... Read More..
|
Error uploading files when publishing flash based (uploadify) web app with UAG 2010
Created by Ohad in 10/24/2011 3:06:47 PM
Hello, In one of my sessions on site I found an interesting issue with when publishing flash based web application for upload files, basically it's a bug but I found a workaround that works great The... Read More..
|
UAG SP1 Update 1 TMG SP2 Rollup1 – ISASTRL Service hang / starting status
Created by Idan in 2/5/2012 10:43:56 AM
Hello Guys, I wanted to share the solution to this problem with you all … Problem : The environment: UAG SP1 Update1 + TMG SP2 Rollup 1 KB2649961 The TMG service ISASTRL (Microsoft Forefront TMG Cont... Read More..
|
Android devices (ActiveSync) cannot sync with Exchange 2007 through Exchange 2010
Created by Idan in 2/6/2012 9:15:06 PM
The scenario is a mixed environment Exchange 2010 and Exchange 2007. ISA / TMG is publishing 2 URLs. One URL mail.corp.com for OWA redirecting to the Exchange 2010 CAS Server (Integrated authenticati... Read More..
|
Thanks for Ben Ari for giving me credits in his new book “Mastering UAG 2010 Customization”
Created by Idan in 3/5/2012 11:56:57 PM
I just came back from the MVP summit @ Microsoft, it was great to see all the MVPs together and all the relevant people that makes such an amazing work! Just got an email from Erez Ben Ari (Ben Ben-A... Read More..
|
UAG Bug: The RADIUS Attribute parameters are invalid. Error message: The value of “Attribute Type” must be bigger than 0 and must not exceed 255.
Created by Idan in 3/11/2012 9:00:23 PM
Hi Guys, If you tried to configured RADIUS repository on UAG 2010 SP1 Update 1 … you saw this error message when you press "Ok" to finish the process This is a bug … to solve this issue you need to i... Read More..
|
Event 10113 UAG DirectAccess (DA) - block inheritance
Created by Idan in 3/18/2012 6:55:44 PM
Hi Guys, While implementing DA in array architecture with external load balancing (Alteon) I had a problem activating the UAG configuration I saw the following event in the application event viewer T... Read More..
|
Error 116: “Logon Error” + Error 152: "ADFS User Group - You have authenticated successfully using AD FS, but your user name or group cannot be locate
Created by Idan in 3/22/2012 11:16:38 AM
Hi Guys, I had this problem few times while debugging UAG machines … so I decided to share it with you The problem is happening when you try to access a UAG portal that does not publish or configure ... Read More..
|
UAG 2010 SP1 Update 1 Rollup 1 Hotfix 4.0.1752.10020
Created by Idan in 3/22/2012 3:44:06 PM
Direct Download link: http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2475733&kbln=en-us Description of the Service Pack 1 Rollup 1 hotfix package for Unified Access Gateway 2010 Microsoft ha... Read More..
|
Expose Directory Services (LDAP) for address book / contacts to the internet – allowing iPhones to search contacts
Created by Idan in 3/22/2012 5:17:50 PM
Hello Guys, I wanted to share this issue with you and talk about all the security issues / threats when exposing the LDAP services to the internet Short intro … I had an on-site session with a custom... Read More..
|
UAG 2010 SP1 Update1 Rollup1 DirectAccess Event 4653 – An IPsec main mode negotiation failed
Created by Idan in 3/27/2012 12:34:42 AM
Hi Guys, I just wanted to share this issue after debugging DA environment that had a problem to open the second tunnel with the following event: An IPsec main mode negotiation failed. Local Endpoint:... Read More..
|
AD FS 2.0 – Automating Home Realm Discovery page for ADFS through UAG 2010
Created by Idan in 4/15/2012 4:46:22 PM
Hi Guys, I really happy that finally AD FS become more and more common I think that I'm working with ADFS for more than 6 years now … I remember a meeting in Microsoft Seattle back in 2006 with the l... Read More..
|
Interesting “Attack” on Active Directory ?
Created by Idan in 4/19/2012 4:15:03 PM
Hi Guys, I must share this with you! I had a strange issue while working on site today … in a middle of a work day, somehow … users / administrators were unable to: Remote login through UAG (via SMSO... Read More..
|