Search Results

Search found 112 results on 5 pages for 'forefront'.

Page 2/5 | < Previous Page | 1 2 3 4 5  | Next Page >

  • Access FTPS from behind Forefront TMG

    - by Maxim V. Pavlov
    I have a web server on which IIS 7 host an SSL-enabled site. The client in am trying to connect with is behind the corporate Forefront TMG. The app is Total Commander - a file manager shell, that has the ability to connect to SSL FTP by putting a checkmark over SSL/TLS in the FTP connection settings. When FTP Access Filter in FF is enabled, my connection attempt fails on Negociating TLS step of FTP connection. The same happens even if I enable Allow Active FTP in the filter's settings. But when I disable the FTP Access Filter on FF completely, I am able to connect fine. How to configure FF TMG to allow FTPS?

    Read the article

  • Migrating 2008 AD to Windows SBS 2011 and Forefront TMG 2010

    - by Tong Wang
    Our company has two physical servers: a Dell R710 with 4 NIC and a Dell R410 with 2 NIC. Right now, we have Windows server 2008 R2 installed on R710 with AD setup to host our domain. I am thinking to install both SBS 2011 and TMG 2010 on the other R410 running on Hyper-V. As I am fairly new to Windows Server technology, I'd like to check with you fellow Windows admins and see what is the proper way to install SBS 2011 and TMG 2010 and how to migrate the 2008 AD. Your advice and help will be highly appreciated.

    Read the article

  • How to resolve 'No internet connectivity issues' with a Virtualised 2008 R2 Server using Forefront UAG

    - by user684589
    I have spent some considerable time reading up on as many possible blogs and articles as I can to help me solve why my VM (Running on Hyper-V) for DirectAccess has suddenly stopped being able to access the internet. The VM setup shares the same internet connection on which I have written and submitted this question so I know that the actual underlying internet connection is fully functional. Previous to last week the DirectAccess was fully functional and had no issues. This is a recent problem which was led up to by a number of consistent crashes on the DA machine when access was attempted. Upon reboot all seemed well until recently. I am not certain whether it is relevant, but previously to this I had a number of power issues where the entire VM host shutdown unexpectedly leaving around 8 VM's in a bad way. Upon restart, the UAG DirectAccess machine was unable to access its configuration service (although the service was started) but this seemed to relate to the Light-Weight Active Directory Service AD LDS which had a corrupted database. Having repaired this database, I restarted the service and could subsequently reconnect to the configuration service again. For good measure I re-bound the network adapters (virtualised through Hyper-V) and DirectAccess claimed to be all happy again. However as it stands my machine is still unable to access the internet showing the "No internet connectivity" exclamation mark for the external facing NIC. I have also tried removing the adapters, disabling, re-enabling and the problem persists. The intranet part of the VM CorpNet seems to be fully functional as before and I'm running out of ideas. Any input would be greatly appreciated. I am not an advanced Domain Administrator so please be gentle.

    Read the article

  • SSO to multiple websites from Sharepoint website

    - by Aico
    We have an intranet based on Sharepoint 2010. In this intranet we have several links to other webservers within the same Active Directory, for example a link to our Outlook Web Access site on our Exchange 2010 environment. We have three different setups which visit this Sharepoint environment and the other webservers: Windows 7 clients that are a member of the Active Directory Home pc's that connect through a SSL VPN appliance Standalone thin clients (Windows 7 embedded) within the corporate network The goal is to let people only sign in once. In the first group this isn't a problem because the AD Integrated Authentication works fine and the Windows logon is passed on to Sharepoint and the other webservers. The second group is also working fine because of the LDAP integration that the SSL VPN appliance uses. The third group is however experiencing issues. They need to enter their credentials everytime they click a link to another webserver. They first need to enter credentials for accessing the Sharepoint environment. When clicking the link for their webmail they have to re-enter their credentials, and so on. Can someone tell me what the best solution would be to also get SSO working fine for the third group? Some extra information: We also have a Forefront TMG server in our environment. I read somewhere that Forefront might be part of a solution for this problem, but not sure how. Maybe someone here can help me? Look forward to some help. Best regards, Aico

    Read the article

  • Request bursting from web application Load Tests

    - by MaseBase
    I'm migrating our web and database hosting to a new environment on all new machines. I've recently performed a Load Test using WAPT to generate load from multiple distributed clients. The server has plenty of room to handle the traffic load, but I'm seeing an odd pattern of incoming traffic during the load tests. Here is the gist of our setup: Firewall server running MS Forefront TMG 2010 on Win 2k8 server Request routing done by IIS Application Request Routing on firewall machine Web server is a Hyper-V VM on the Database server (which is the host OS) These machines are hefty with dual-CPU's with six cores (12 total procs) Web server running IIS 7.5 Web applications built in ASP.NET 2.0, with 1 ISAPI filter (Url Rewrite) in front What I'm seeing during the load tests is that the requests all come through in bursts. Even though I have 7 different distributed clients sending traffic loads, the requests come through about 300-500 requests at a time. The performance monitor shows nearly all of the counters moving through this pattern, where a burst of requests comes in the req/sec jumps to 70, the queued requests jumps to 500, the current requests jumps up, the CPU jumps up, everything. Then once it's handled that group of requests, it has a lull for nearly 10 seconds where nearly nothing is happening. 0-5 req/sec, 0 queued requests, minimal CPU usage. Then after 10 seconds of inactivity, another burst comes through, spiking all of the counters once again. What I can't figure out is why the requests are coming through in bursts when I know that the load being generated is not sent that way, especially considering the various load-generating clients sending traffic all in different intervals with random think time's between each request. Is there something in the layers between Hyper-V or perhaps in the hardware which might cause this coalesce of requests together? Here is what i'm looking at, the highlighted metric is Requests/sec, but the others critical counter go with it: Requests Queued (which I'd obviously like to keep as close to 0 as possible). Any ideas on this?

    Read the article

  • Putting a Windows DC, Exchange in a DMZ

    - by blsub6
    I have one guy at my company telling me that I should put FF:TMG in between my main Internet-facing firewall (Cisco 5510) and put my Exchange server and DC on the internal network. I have another guy telling me that I should put the Exchange server and DC in a DMZ I don't particularly like the idea of having my mailboxes and DC's usernames/passwords in a DMZ and I think that Windows authentication would require me opening up so many ports between my DMZ and my internal network that it would be a moot point to have it out there anyways. What are some thoughts? How do you have it set up?

    Read the article

  • 'The RPC server is unavailable' when converting a physical ISA/Forefront TMG machine to virtual (P2V) in SCVMM

    - by Goran B.
    When I try to convert a physical ISA/TMG machine to virtual using SCVMM, i keep getting an error in the Collect machine configuration step ('Scan Now' button): VMM is unable to complete the request. The connection to the agent MACHINE_NAME was lost. Ensure that the computer MACHINE_NAME exists on the network, WMI service and the agent are installed and running and that a firewall is not blocking HTTP and WMI traffic. ID: 3157 Details: The RPC server is unavailable (0x800706BA) Firewall rules allow for RPC traffic from the SCVMM machine to ISA/TMG machine.

    Read the article

  • Single-Signon options for Exchange 2010

    - by freiheit
    We're working on a project to migrate employee email from Unix/open-source (courier IMAP, exim, squirrelmail, etc) to Exchange 2010, and trying to figure out options for single-signon for Outlook Web Access. So far all the options I've found are very ugly and "unsupportable", and may simply not work with Forefront. We already have JA-SIG CAS for token-based single-signon and Shibboleth for SAML. Users are directed to a simple in-house portal (a Perl CGI, really) that they use to sign in to most stuff. We have an HA OpenLDAP cluster that's already synchronized against another AD domain and will be synchronized with the AD domain Exchange will be using. CAS authenticates against LDAP. The portal authenticates against CAS. Shibboleth authenticates with CAS but pulls additional data from LDAP. We're moving in the direction of having web services authenticate against CAS or Shibboleth. (Students are already on SAML/Shibboleth authenticated Google Apps for Education) With Squirrelmail we have a horrible hack linked to from that portal page that authenticates against CAS, gets your original plaintext password (yes, I know, evil), and gives you an HTTP form pre-filled with all the necessary squirrelmail login details with javaScript onLoad stuff to immediately submit the form. Trying to find out exactly what is possible with Exchange/OWA seems to be difficult. "CAS" is both the acronym for our single-signon server and an Exchange component. From what I've been able to tell there's an addon for Exchange that does SAML, but only for federating things like free/busy calendar info, not authenticating users. Plus it costs additional money so there's no way to experiment with it to see if it can be coaxed into doing what we want. Our plans for the Exchange cluster involve Forefront Threat Management Gateway (the new ISA) in the DMZ front-ending the CAS servers. So, the real question: Has anybody managed to make Exchange authenticate with CAS (token-based single-signon) or SAML, or with something I can reasonably likely make authenticate with one of those (such as anything that will accept apache's authentication)? With Forefront? Failing that, anybody have some tips on convincing OWA Forms Based Authentication (FBA) into letting us somehow "pre-login" the user? (log in as them and pass back cookies to the user, or giving the user a pre-filled form that autosubmits like we do with squirrelmail). This is the least-favorite option for a number of reasons, but it would (just barely) satisfy our requirements. From what I hear from the guy implementing Forefront, we may have to set OWA to basic authentication and do forms in Forefront for authentication, so it's possible this isn't even possible. I did find CasOwa, but it only mentions Exchange 2007, looks kinda scary, and as near as I can tell is mostly the same OWA FBA hack I was considering slightly more integrated with the CAS server. It also didn't look like many people had had much success with it. And it may not work with Forefront. There's also "CASifying Outlook Web Access 2", but that one scares me, too, and involves setting up a complex proxy config, which seems more likely to break. And, again, doesn't look like it would work with Forefront. Am I missing something with Exchange SAML (OWA Federated whatchamacallit) where it is possible to configure to do user authentication and not just free/busy access authorization?

    Read the article

  • Best practice for Exchange 2010 HA topology considering 6 x Exchange licenses and TMG 2010

    - by MadBoy
    What would be best topology considering that: 6 x Exchange 2010 Standard Licenses 2 x Separate locations that are supposed to support redundancy in case of link problems 4 x Forefront TMG 2010 with Forefront Security and Forefront Protection/Security Multiple locations worldwide using those Exchange. Most locations will be connected with VPN Tunnel (the ones hosting Exchange for sure). I was thinking something like this: Location MAIN (about 70-100 people): 2x TMG 2010 in NLB 1x Exchange 2010 CAS/HUB Role 2x Exchange 2010 Mailbox Role (Active + Passive) Location SUPPORT (about 20 people): 2x TMG 2010 in NLB 1x Exchange 2010 CAS/HUB Role 2x Exchange 2010 Mailbox Role (Active + Passive) Management wants to make sure that in case of problems in main location (power failure, link loss etc) second location can support all traffic from around the world and vice-versa. We have 6-7 locations and more comming up (not big ones but like 10+ people per each location). I do know that CAS/HUB is single point of failure (and no NLB), but i simply lack more licenses to do some redundancy on that. What do you think about this approach? What would be better approach according to you?

    Read the article

  • visio 2010 with office 2010 prerelease version install error

    - by antony.trupe
    I installed Microsoft Office Professional Plus 2010 Beta. When I attempt to install Visio Premium 2010 Beta, I get the following error. Setup is unable to proceed because of the following errors: Microsoft Office 2010 does not support upgrading from a prerelease version of Microsoft Office 2010. You must first uninstall any prerelease versions of Microsoft Office 2010 products and associated technologies. Correct the issues listed above and re-run setup. Here's the list of Microsoft products I currently have installed: Microsoft Forefront Client Security Antimalware Service(1.5.1981.0) Microsoft Forefront Client Security State Assessment Service(1.0.1725.0) Microsoft Office Professional Plus 2010(14.0.4763.1000) Microsoft WSE 3.0 Runtime(3.0.5305.0)

    Read the article

  • Microsoft Blacklists Google, Windows 8 Integrated Security

    According to researcher Brian Krebs, millions of surfers were affected by the error which was caused by two of Microsoft's antivirus solutions in the form of Microsoft Security Essentials and the business-related Microsoft Forefront. Both received updates as part of Microsoft's traditional Patch Tuesday on February 14, and those patches are believed to be the cause behind Google's incorrect blacklisting. The false positive alert specifically tagged the search site as being infected with the infamous Blackhole Exploit Kit, which reportedly gives cybercriminals the power to create their own bo...

    Read the article

  • Digitally Signed Malware on the Rise

    Brought to the forefront in 2010 with Stuxnet, the infamous worm aimed at sabotaging industrial infrastructure, the use of stolen digital certificates is relatively new. Stuxnet's creators digitally signed its rootkit components with stolen certificates from JMicron and RealTek, a pair of semiconductor manufacturers. The worm's existence and complexity caught the security community by surprise. In fact, many researchers predicted that malware creators would begin adopting the same technique to work around driver signature enforcement employed by Microsoft in its 64-bit versions of Windows V...

    Read the article

  • Realtime antivirus software for Windows Server 2008 R2

    - by Robert Koritnik
    Microsoft's Forefront Client Security doesn't install on Windows Server 2008 R2. I'm talking specifically about FCS without update server that updates via Windows Update: clientsetup /nomom This installation doesn't work on a server operating system. Hence the question. So the question is: Which realtime antivirus is Windows Server 2008 R2 installable?

    Read the article

  • Is it possible to configure TMG to impersonate a domain user for anonymous requests to a website?

    - by Daniel Root
    I would like to configure Forefront Threat Management Gateway (formerly ISA server) to impersonate a specific domain user for any anonymous request to a particular listener. For example, for any anonymous request to http://www.mycompany.com, I would like to serve up http://myinternal as though MYDOMAIN/GuestAccount were accessing the site. Is this even possible in ISA/TMG? If so, where do I go to configure this?

    Read the article

  • Migration from Exchange to BPOS - Microsoft Assessment and Planning (MAP) Toolkit Link

    - by Harish Pavithran
    The Microsoft Assessment and Planning (MAP) Toolkit is an agentless toolkit that finds computers on a network and performs a detailed inventory of the computers using Windows Management Instrumentation (WMI) and the Remote Registry Service. The data and analysis provided by this toolkit can significantly simplify the planning process for migrating to Windows® 7, Windows Vista®, Microsoft Office 2007, Windows Server® 2008 R2, Windows Server 2008, Hyper-V, Microsoft Application Virtualization, Microsoft SQL Server 2008, and Forefront® Client Security and Network Access Protection. Assessments for Windows Server 2008 R2, Windows Server 2008, Windows 7, and Windows Vista include device driver availability as well as recommendations for hardware upgrades. If you are interested in server virtualization planning, MAP provides the ability to gather performance metrics from computers you are considering for virtualization and a feature to model a library of potential host hardware and storage configurations. This information can be used to quickly perform "what-if" analysis using Hyper-V and Microsoft Virtual Server 2005 R2 as virtualization platforms. http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=67240b76-3148-4e49-943d-4d9ea7f77730

    Read the article

  • The Island of Lost Apple Products

    - by Jason Fitzpatrick
    While Apple has has a mountain of commercial successes, every once in awhile the crew in Cupertino strikes out. Here are some of the less successful and prematurely retired Apple products from the last two decades. Courtesy of Wired, we find nine of the least favorably received products in the Apple portfolio. Pictured here, the QuickTake Camera: Life Span: 1994 – 1997 Back in 1994, Apple was actually at the forefront of digital photography. The QuickTake Camera’s photos (640 x 480 at 0.3 megapixels) were borderline unusable for anything other than your Geocities homepage. But technology has to start somewhere. Still, Apple killed the line after just three years. And while the iPhone and other smartphones have replaced most people’s digital cameras, Apple could have had a reaped the benefits of the digital point-and-shoot salad years. 6 Ways Windows 8 Is More Secure Than Windows 7 HTG Explains: Why It’s Good That Your Computer’s RAM Is Full 10 Awesome Improvements For Desktop Users in Windows 8

    Read the article

  • Azure Florida Association: New user group announcement

    - by Herve Roggero
    I am proud to announce the creation of a new virtual user group: the Azure Florida Association. The missiong of this group is to bring national and internaional speakers to the forefront of the Florida Azure community. Speakers include Microsoft employees, MVPs and senior developers that use the Azure platform extensively. How to learn about meetings and the group Go to http://www.linkedin.com/groups?gid=4177626 First Meeting Announcement Date: January 25 2012 @4PM ET Topic: Demystifying SQL Azure Description: What is SQL Azure, Value Proposition, Usage scenarios, Concepts and Architecture, What is there and what is not, Tips and Tricks Bio: Vikas is a versatile technical consultant whose knowledge and experience ranges from products to projects, from .net to IBM Mainframe Assembler.  He has lead and mentored people on different technical platforms, and has focused on new technologies from Microsoft for the past few years.  He is also takes keen interest in Methodologies, Quality and Processes.

    Read the article

  • "En 2020, 80% des applications tourneront dans le cloud", déclare Microsoft, en expliquant que les DSI devront s'adapter à ces changements

    "En 2020, 80% des applications tourneront dans le cloud", déclare Microsoft, tout en expliquant que les DSI devront s'adapter à ces changements Au premier jour des TechDays 2011, nous avons pu rencontrer Jérôme Trédan, Directeur produits serveurs et infrastructure de cloud computing chez Microsoft France. Sa mission : encadrer une équipe de chefs de produits sur toute les lignes de produits serveurs, dans 3 grands domaines : les infrastructures (Windows Server, System Center et toute l'offre de sécurité de la gamme Forefront) ; l'axe des plateformes applicatives de Microsoft (SQL Server, Biztalk, .Net) ; et la partie infrastructures cloud computing (qui se développe très rapidement avec Windows et SQL Azure).

    Read the article

  • How do they do that? Transparent foreground on a web page

    - by Jim Beam
    You know how sometimes you are on a good site and you click a button (like to submit a form) and the form doesn't go away, instead, the foreground becomes transparent and it contains a message of some kind, or another page. The message is at the forefront but the previous page is still mostly visible behind it - how do they do that? I'm assuming it's an Ajax-esque trick.

    Read the article

  • SSH tunnel over http proxy with blocked 443 (SSL)

    - by Evgeny Zhulenev
    Is it possible to create an SSH tunnel over http-proxy when https access is denied? I had such configuration in .ssh\config Host home User root Hostname *my-home-pc-with-ssh-access-allowed* Port 8090 ProxyCommand corkscrew db-isa-01 8080 %h %p ~/.ssh/.corkscrew-db-isa-auth IdentityFile ~/.ssh/id_rsa Where db-isa-01 is my corporate proxy server. Today the admins blocked all https access and allowed it only for few servers on the white list. I used this command to create a tunnel: ssh -D 7070 -o 'GatewayPorts yes' -A -q -g -t root@home and now it doesn't work. As I can understand, that's because our proxy denies all https connections Proxy could not open connnection to ***: Proxy Error ( The specified Secure Sockets Layer (SSL) port is not allowed. Forefront TMG is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. ) P.S. I use Windows 7, and corscskrew with cygwin, so Linux solutions not suitable for me.

    Read the article

  • How to make Outlook Calendar reminders pop up in Windows 7

    - by thursdaysgeek
    I'm just starting to use Windows 7 and I want to know how to make my Outlook reminders pop up and show themselves. They keep opening discretely, quietly as just another Outlook entry on the taskbar. And I keep overlooking them, because they pop up behind everything else. How do I make them less easy to overlook? (Yeah, usually you don't want obnoxious apps that push themselves to the forefront. But there are a few places where I do want that, and Outlook calendar reminders are one of them.)

    Read the article

< Previous Page | 1 2 3 4 5  | Next Page >