Windows Server – Enable LDAPS
KB ID 0000962 Problem Note: Starting with Windows Server 2019, LDAPS (LDAP over SSL/TLS) is enabled by default, assuming a Server Authentication certificate is installed on the Domain Controller. Active Directory is built on LDAP, I’ve known this for a long time, but other than it’s a directory protocol that’s about all I did know. Like any directory, if you want information when you query the directory it returns a...
Windows Server – Install and Configure NDES
KB ID 0000947 Problem NDES, is the name for what we used to call MSCEP, which was an ‘add-on’ for the Server 2003 family of servers. In Server 2008 it was renamed to NDES. It is a role service that runs on a Certificate Services Server, and is used to create a registration authority (RA) that can issue certificates from your PKI infrastructure to network devices, i.e. Routers, Firewalls and Switches. Solution Installing...
Duo: Migrate from LDAP to LDAPS
KB ID 0001647 Problem With the impending ‘turning off’ of cleartext LDAP queries to Windows Server, I wanted to make sure my new Duo deployments were already using LDAPS. I got LDAP deployed very quickly and easily, but making the ‘swap’ to LDAPS proved to be massively problematic. Normally I find Duo a pleasure to deploy, but their technical documentation just confused me for this and I went running up some...
VMware Horizon – Replacing Certificates
KB ID 0001547 Problem I deployed Horizon v7 a while ago for a client, they messaged me to say their wildcard cert was about to expire, could I replace it in the Horizon infrastructure. On logging in, sure enough; Connection Server Details Status: The service has a minor issue SSL Certificate: About to expire {Date} {Time} This is why I like VMware, it’s picked up the problem, and pointed me in the right direction, (the...
VMware: ISO Upload or Deploy OVA Fails ‘Undetermined Reason’
KB ID 0001499 Problem I see this a lot! Usually I assume I just need to change browser, here the error is in Chrome. You can see this if you attempt to upload an ISO file to a datastore, or attempt to deploy an OVF file. Error The operation failed for an undetermined reason. Typically this problem occurs due to certificates that the browser does not trust. If you are using self-signed or custom certificates, open the URL below in a...