OCSP Server – Bad Signing Certificate On Array Controller
OCSP KB ID 0001145 Problem I had a client ring in the other day, they have a three tier PKI solution on Windows Certificate Services, that I put in about a year ago, it has been running fine, but now they were seeing some errors. Bad signing certificate on Array controller. The following errors were also being logged; Event ID 23 Log Name: Application Source: Microsoft-Windows-OnlineResponder Date: 12/01/2016 08:44:01 Event ID: 23...
Certificate Services – Disable CRL Checking
KB ID 0001144 Problem Sometimes the services on your CA server will stop and complain about not being able to see your CRL, and some times the service will just refuse to start with the following error; The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613 CRYPT_E_REVOCATION_OFFLINE). Solution OK the way to fix this permanently is to fix your CRL and make sure...
Deploying Windows ‘Web Application Proxy’
KB ID 0001142 Problem This is part of a larger piece of work Im putting together on publishing Remote Desktop Services with Microsoft Web Application Proxy. This article is simply to guide you though the process of installing the Web Application Proxy role. In a later article I will run though configuring it to work with Active Directory Federation Services, and Remote Desktop Services, to present secure RemoteApps. Solution Before...
Publishing Remote Desktop Services With Web Application Gateway
KB ID 0001143 Problem Getting this article to completion has been a bit of a journey! This is the final post that will stitch together all the others I’ve posted over the last couple of weeks, that will enable you to publish your RemoteApps with ‘Remote Desktop Web Access’, and have that service presented securely from your DMZ. I’ll be using Active Directory Federation Services, (you don’t have to, but...
Remote Desktop Web Access – Connection Error
KB ID 0001141 Problem Eleven days! That’s how long it took to fix this, after seven days, I bit the bullet and logged a call to Microsoft. I spent hours on the phone to the Remote Desktop Team, The Web Application Proxy Team, and the Networking Team. I replicated the error by building a complete new domain, PKI, ADFS, Remote Desktop Deployment and Web Application Proxy Server. Then today I got a call from the...
Installing vSphere VI Client on Server 2012 Fails – Error 28173
KB ID 0001139 Problem If you attempt to install the VI client, (in this case on a 2012 R2 Datacenter Server), you may see this error; Error 28173. Setup failed to enable Microsoft .NET Framework 3.5 Refer to Microsoft KB article 2734782 and 3002547 which may help you resolve the .NET failure. You will need to enable this feature in Windows Server Manager before installing vSphere Client. Solution I’ve had problems with .NET on...
Windows Server 2012 R2 – Deploying Remote Desktop Services
KB ID 0001136 Problem I’ve had to do a rollout of Remote Desktop Services on Server 2012 R2, and publish it with Active Directory Federation Services and Web Application Proxy. I’m a little rusty on RDS and needed to deploy a few roles, so for my proof of concept I deployed RDS on TWO servers. Below is a run though and my notes on deploying RDS ONLY (I’ll put the links to other articles at the bottom of this post as...
Publish CRL Error – Access Denied 0x80070005
KB ID 0001135 Problem Seen when attempting to publish a CRL on a Windows Certificate Services Server. Access is denied. 0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED) Solution The problem is the COMPUTER ACCOUNT attempting to publish the CRL, (i.e. the Windows Certificate Services Server), needs rights to the physical folder the CRL files live in, like so; Related Articles, References, Credits, or External Links...
Windows Firewall – Enable ‘Ping’ / ICMP Echo Reply
KB ID 0001134 Problem By default all modern distributions of Windows come with their client firewall enabled. Which is a good thing, most corporate networks simply disable it using the rationale that they have a corporate firewall and security software etc. Again thats fine, but what if you want to leave it on, and still be able to ping that host to see if its alive. Solution The firewall exception is already written for you, you...
Event ID 27 – “The description for Event ID 27 from source e1iexpress cannot be found”
KB ID 0001130 Problem I was seeing intermittent network drops on my Server 2012 R2 servers, so when I took a lot in the logs this was what I found; Log Name: System Source: e1iexpress Date: {time} Event ID: 27 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: {host-name} Description: The description for Event ID 27 from source e1iexpress cannot be found....