Windows Server – Install and Configure NDES
KB ID 0000947 Problem NDES, is the name for what we used to call MSCEP, which was an ‘add-on’ for the Server 2003 family of servers. In Server 2008 it was renamed to NDES. It is a role service that runs on a Certificate Services Server, and is used to create a registration authority (RA) that can issue certificates from your PKI infrastructure to network devices, i.e. Routers, Firewalls and Switches. Solution Installing...
Duo: Migrate from LDAP to LDAPS
KB ID 0001647 Problem With the impending ‘turning off’ of cleartext LDAP queries to Windows Server, I wanted to make sure my new Duo deployments were already using LDAPS. I got LDAP deployed very quickly and easily, but making the ‘swap’ to LDAPS proved to be massively problematic. Normally I find Duo a pleasure to deploy, but their technical documentation just confused me for this and I went running up some...
VMware Horizon – Replacing Certificates
KB ID 0001547 Problem I deployed Horizon v7 a while ago for a client, they messaged me to say their wildcard cert was about to expire, could I replace it in the Horizon infrastructure. On logging in, sure enough; Connection Server Details Status: The service has a minor issue SSL Certificate: About to expire {Date} {Time} This is why I like VMware, it’s picked up the problem, and pointed me in the right direction, (the...
VMware: ISO Upload or Deploy OVA Fails ‘Undetermined Reason’
KB ID 0001499 Problem I see this a lot! Usually I assume I just need to change browser, here the error is in Chrome. You can see this if you attempt to upload an ISO file to a datastore, or attempt to deploy an OVF file. Error The operation failed for an undetermined reason. Typically this problem occurs due to certificates that the browser does not trust. If you are using self-signed or custom certificates, open the URL below in a...
Cisco WLC: EAP-TLS Secured Wireless with Certificate Services
KB ID 0001420 Problem Ah certificates! If I had a pound for every time I’ve heard “I don’t like certificates”, I could retire! The following run through is broken down into the following parts; Setup the Cisco WLC (WLAN) Setup NAP (RADIUS). Setup Certificate Auto Enrolment. Setup Group Policy to Deliver the Wireless Settings. Note: If you are scared of certificates, sometimes it’s easier to setup password...