VMware Workstation – ‘Linked Clones’ from Templates
Linked Clones KB ID 0000953 Problem VMware Workstation, is a great test tool, if i need to take a look at some new software, or plan how I’m going to do a job, and I don’t have access to the ESX server, or test bench, it’s a great tool to have on my laptop. If you build machines form scratch, every time you need one it can take a while. To address that you can create a template and deploy machines from that. To...
Windows ‘Always On’ VPN Part 2 (NPS, RAS, and Clients)
KB ID 0001403 Problem Back in Part One, we setup the AD (Groups,) and the Certificate services that will knit everything together. Now we need to configure an NPS server that acts as a RADIUS server for our remote clients, And a RAS Server that our remote clients will connect to. Step1: Network Setup Microsoft have an alarming habit of telling you to connect DMZ assets to the LAN. In their defence I’ve seen some documentation...
VMware VIM (vCenter) Where to put the sysprep files in Server 2008?
KB ID 0000420 Problem For newer servers I don’t really use templates anymore, but if you are deploying a lot of 2003 Windows servers in vSphere, then they can save you some time. Back in the days of vCenter 2.5 you just uploaded those sysprep files to the relevant folder in, C:Documents and SettingsAll UsersApplication DataVmwareVmware Virtual Centersysprep But that location no longer exists (since Server 2008). Solution The...
Windows Server – Secure RDP Access with Certificates
KB ID 0000944 Problem This ensures that traffic that is sent over an RDP connection to a server is protected by TLS/SSL Encryption. IT DOES NOT stop clients connecting to an RDP server if they do not have a trusted certificate. If you need that level of security, that should already be done by 802.1x. Solution Create an RDP Certificate Template 1. On the domain CA Launch the Certification Authority Management Console > Certificates...
Cisco – Automatic Re-enrollment Fails to MSCEP/NDES
KB ID 0000970 Problem I’ve covered setting up NDES at length in the past, but what happens when your issued certificates expire? If you are using them for all your VPNs what then? Well thankfully you can get your devices to automatically re-enroll and before they expire, for example to renew the cert at 80% of its lifetime you would use the following; crypto pki trustpoint PNL-TRUSTPOINT enrollment url...