During an implementation project I found myself in a situation where authentication on my ADFS environment failed, due to the impossibility to perform CRL checking. At that moment we didn’t have access to the outbound proxy yet, so I had to temporarily disable CRL checking for the relying parties. I used the following commands:
Posts Categorized: Microsoft
I replaced my internal CA and needed to replace all certificates, including the machine certs on my server core machines. I had to replace the domain controller certs, and some machine certs.
So another management console installation problem today. This time SQL.
I encountered a SQL server with multiple instances that was using a lot of memory. Some of the instances were not limited in their memory usage. I found a nice SQL query to lookup how much memory the instances were actually using.
I had some issues installing an Operations Manager console on a machine. All prereqs were met, but still it failed and started rolling back during installation on Windows Server 2012R2.
Unable to add the ARP entry: Threw Exception.Type: System.ArgumentException, Exception Error Code: 0x80070057, Exception.Message: C:\Program Files\Microsoft System Center 2012 R2\Operations Manager
So this is one of those topics why I actually started this blog. I’m preparing our environment for a big upgrade off all Citrix Receivers, implement Storefront and decommission our last two webinterface servers. A nice job which already gave me quite a headache. So in this tut I will try to give you the complete tutorial how to implement NSGW with Storefront so the Receiver can actually SSO, and all traffic is routed through the NetScaler Gateway.
I’m testing a little bit with one of my Terminal Servers and noticed I could not connect through RDP with a normal (non-admin) user. Admin users fine but normal users were terminated immediately. I reviewed all settings for a while but couldn’t find the issue. Eventlog gave me a nice warning:
The Desktop Window Manager has exited with code (0xd00002fe)
So this is kind of nerdy but it’s also very cool. And poorly documented, so it’s nice figuring it out. Keeps me off the street 🙂 It is possible to use Google Authenticator as a second factor to authenticate to your NetScaler. And it’s not really hard to implement as well. So if you read Citrix’s blog about it you will see they’re using OpenOTP. The rest of the document is incomplete and give you very little instructions how to install. I will try to write a complete tutorial on how you can acchieve it. Let’s go!
Today I ran into an issue authenticating to Office 365. The required app Multi-Factor failed to activate.
The solution however simple. In the Notifications section of your iPhone allow Multi-Factor to send push messages. Don’t know why they where disabled; the app never asked me to allow. After rebooting your phone the activation process should work.
I’m not really into timesyncing but I ran into an issue on my network that my time was off 10 minutes on my DC’s and servers. With the w32tm /query /source command I could see that my machines all were using the DC with the PDC emulator role enabled. The DC was using the VM IC Time Synchronization Provider as time source.