Windows Server 2012 – Deploying SSTP VPNs
KB ID 0000819 Problem SSTP gives you the ability to connect to your corporate network from any location that has an internet connection, and is not filtering https. This port is usually open for normal secure web traffic. Traditional VPN connections require ports and protocols to be open for them to work, which makes a solution that runs over TCP port 443 attractive. Thoughts: While I can see why this is a good idea, Microsoft has...
Windows Server – Secure RDP Access with Certificates
KB ID 0000944 Problem This ensures that traffic that is sent over an RDP connection to a server is protected by TLS/SSL Encryption. IT DOES NOT stop clients connecting to an RDP server if they do not have a trusted certificate. If you need that level of security, that should already be done by 802.1x. Solution Create an RDP Certificate Template 1. On the domain CA Launch the Certification Authority Management Console > Certificates...
Install and Configure Remote Desktop Services (Web Access)
KB ID 0000104 Problem Originally we had TS Web in 2003, and while I had a little play with it, it basically just gave you RDP over web, which would have been good if it ran over HTTP or HTTPS, but it didn’t. Also, as anyone who has ever done a complex Google search for “/tsweb” will testify, left a nice big security hole in to your servers. With the release of Server 2008 we got TSWeb 2008, this was a whole different...
Windows Mail can’t connect to Exchange
KB ID 0000662 Problem Seen when trying to connect the Windows 8 mail client to Exchange 2010 (that is using a self signed certificate). Error Unable to connect. Ensure that the information you’ve entered is correct. Solution This is a right pain! My Exchange 2010 server is using a self signed certificate, and even though the Windows 8 client trusts my domain CA, and it has imported the cert that Exchange is using, it still would...
Exchange / Outlook – Security Alert – “The security certificate was issued by a company you have not chosen to trust”
KB ID 0000454 Problem Out of the box Exchange 2007 and 2010 comes with a “Self Signed” digital certificate. That’s OK for getting you up and running but your Outlook clients may start to see the error below. Error: Security Alert Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the sites security certificate. The security certificate was issued by a...