Sole's Blog

Archive for the ‘Security’ Category

So I was asked the question, how do You publish the new Windows Server 2008 and 2008 R2 editions of Terminal Server, including the RD Web and RD Gateway (GW) services. And on top of that still use the ISA 2006 as authentication with Forms Based Authentication (needed in this case for RSA keys). Sounds easy enough right? Wrong!

Well once You get your head wrapped around the limitations, which of course are always hard to find documentation on, then it is easy enough. Basicly the RD Web service is easy enough to get working, simple next next next, will get You there with little trouble.(The RD Gateway on the other hand…)

Configure a ISA 2006 rule, with relevant web listener (or existing if appropiate), allow the /rdweb/* paths, use FBA authentication, use NTLM delegation of authentication to the internal webserver, configure the webserver (RD WEB) to use NTLM, install relevant SSL certificates to ISA and webserver, and presto it works! It even works with SSO if needed, and the user is only prompted by the ISA forms and not a second time by the RD Web site.

So far so good! A small hint before we go on, if You want to add multiple connections to other Terminal Servers in the RD Website, Read the rest of this entry »

Next week will be busy, Microsoft is releasing several security updates.

“You hereby receive this month’s Advance Notification. Next week we are posting 13 security bulletins, of which 8 are critical. Rebooting is known to be necessary for 6 of this month’s bulletins.”

The full details of the updates can be viewed at http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx (corrected link to october – not september)

To subscribe to update information or see other updates go to http://www.microsoft.com/technet/security/current.aspx

Knowing what will be updated, before all the servers start downloading and installing can be quite helpfull to predict problems due to updates.