See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Blog du Tristank
So terrific that 3 of 4 readers rated it "soporific"
Extra Bits Of A Personal Nature
Forefront Threat Management Gateway
IT Pro / Sysadmin
Stuff That Broke For Me
Tales from the Road
Windows Server 2008
Windows Server 2012
x64 Early Adoption
Browse by Tags
Blog du Tristank
Two easy ways to pick Kerberos from NTLM in an HTTP capture
When tracing authenticated HTTP traffic, you'll often see a Windows client use the Negotiate protocol to authenticate itself to a Windows web server. In the past, I've surprised my friends and amazed casual onlookers by being able to instantly surmise which authentication protocol was actually in...
2 Aug 2006
Windows Server 2003 SP1 Automatic Updates Blocker
Like XPSP2 before it, Windows Server 2003 Service Pack 1 is going to be distributed via Automatic Updates. The start date for automatic updates is July 26, 2005 . If you'd rather move at your own pace over the next year, you'll want to look at the Blocking Toolkit , and the following information...
22 Jun 2005
New Feature: RDP over SSL with Windows Server 2003 SP1
Release Candidate 2 for Windows Server 2003 SP1 is available to test from microsoft.com, which means RTM can't be that far away! A new feature in SP1 (at least, present in the RC2 build of SP1) that's been causing some confusion is RDP over SSL - a new option for Terminal Services that should provide...
24 Feb 2005
ISA Server and RADIUS: Two Domains And No Trust
A question from Ashok: I've been trying to find out if one can use RADIUS to authenticate web proxy clients on another domain that is not a member of ISA domain. So I have an ISA 2004 Std with SP1 on domain A, say, and then have another internal network which connects to domain B. The question...
14 Dec 2005
TmgAdConfig (aka ADConfig, ADConfigPack)
To avoid you tearing your hair out trying to find it: The tool TMGADCONFIG .exe is included in the ADCONFIGPACK .exe download, available from this location , which extracts to the Program Files(x86)\Forefront TMG Tools\ADCONFIG folder by default. I was chasing it down with great vengeance and furious...
11 May 2010
ISA Server 2006 TCP Retransmits
Health Checks I perform ISA Server Health Checks for Premier Support (via Premier Field Engineering) as part of my role. I’ve seen something a few times recently that I thought it might be helpful to call out, while poking around in the Performance Monitor TCPv4 counter area. The Problem ...
14 Oct 2009
ISA Server and RADIUS: Two Domains And No Trust, But This Time ISA's A Member Of One
Following on from yesterday's post where the ISA Server wasn't a member of either domain , this time we're looking at how you'd configure a more seamless (eg, not prompted for credentials left and right) experience for the users in Domain A, while making the poor users in DomainB provide their credentials...
15 Dec 2005
Slow DNS = Slow Proxy (or: How To Skip Name Resolution)
Today's tip: When your rules require any degree of name resolution (which typically means that an access, routing or publishing rule is filtered by some kind of computer or domain set), you're a slave to the speed of DNS' response, at least until the response is cached. ISA Server 2000 and ISA Server...
19 Dec 2005
ISA 2004: Publishing a RADIUS Server
Newsgroup question: I don't want ISA to actually do the RADIUS stuff, but I want to publish a RADIUS server (in Microsoft land, that's called IAS - Internet Authentication Service - if you're running Windows Server) behind ISA so that we can authenticate remote RADIUS clients. Poking around through the...
4 Feb 2005
Netmon vs Chimney
I recently encountered TCP Chimney for the first time in the wild. Short version: Chimney is an offload technology that allows the NIC to deal with up to X TCP connections, with any overflow being handled by Windows. All good: get the NIC dealing with more networky stuff, and reduce CPU use. Excellent...
23 Jul 2007
KB Highlight: Connectivity Problems with MS05-019
There's a KB article that pretty much covers it: http://support.microsoft.com/default.aspx/kb/898060/ . For my money, a really good KB article, with detailed symptoms that allow you to quickly diagnose the problem from a network capture. MS05-019 was re-released this month, and the update contains...
23 Jun 2005
The Windows Defender Blog
Finally , someone in marketing decided that a product name could be both functional and cool! Windows Defender has to be the best product name since, oh, um, Proxy Server 2.0. Sort of. The Antimalware team (I read it as "animalware" twice , curse my eyes) have just started blogging, so go check 'em...
7 Nov 2005
ISA Server Product Team Blog : Blocking VML with ISA 2004 & ISA 2006
The VML issue is still a hot topic in internal discussion. If you're an ISA Server admin, please take a look at the following information to help mitigate the risk: http://www.microsoft.com/technet/security/advisory/925568.mspx discusses a vulnerability in the VML parsing dll which can result in an unpleasant...
26 Sep 2006
Some Useful ISA Tools
Susan 's really firing on all cylinders at the moment (I heartily recommend subscribing to her blog even if you're not an SBS'er, as she covers pretty much everything), and posted about a bunch of useful "big land" ISA tools , including the long-awaited CacheDir equivalent for ISA 2004. Looks like...
22 Jul 2005
Checking the ISA 2004 Version
The ISA In SBS Blog has a tip on ISA 2004 version numbering that covers how to check SP1 is installed quickly through the MMC. For ISA Server 2004 Standard Edition, the RTM version is 4.0.2161.50. To round out the versiony goodness, Enterprise Edition RTM is 4.0.3439.50.
23 Jun 2005
Get Involved with the ISA Server Community! (and win stuff!)
ISAServer.org is (IMHO) the premier ISA Server community site, and they're running a competition in which you could win a signed copy of Tom and Deb Shinder's new book, Configuring ISA Server 2004 . There's a variety of ways in which you can enter (one of which is referrals to their site... um, OK, I...
13 Jan 2005
ISA: How To Publish Apple Remote Desktop
Question : I'm trying to get Apple Remote Desktop to function through ISA Server. The standard definition of udp 3283 send/receive does not work. Any ideas? Answer : Assuming Apple Remote Desktop needs only the one port (based on this article it seems like that's the case), here's how I'd go about setting...
6 Oct 2004
And the Windows Server 2003 x64 version is out there too!
Versions of Microsoft Windows for AMD64 and EM64T are now available: Windows Server 2003: http://www.microsoft.com/windowsserver2003/evaluation/trial/default.mspx MSDN Subscriber Downloads have both versions available now, under Windows Server 2003 and under Windows XP Professional (not the SP2...
30 Mar 2005
ISA 2000: Web Publishing a .Net Web Service
There's no real trick to it, apart from the good old Web Publishing authentication part. Short version: Treat the published website exactly as you would a real web server, don't try to treat it like a proxy (submitting proxy authentication credentials is not the right way to authenticate when you...
28 May 2004
What's a Private IP Address?
Private IP addresses are defined in RFC 1918 (a very readable RFC, for my money, and quite short to boot). The RFC defines three ranges: 10.0.0.0 -> 10.255.255.255 (10.0.0.0/8 - an A class network in oldspeak) 172.16.0.0 -> 172.31.255.255 (172.16.0.0/12) 192.168.0.0 -> 192.168.255.255 (192.168...
5 Nov 2004
ISA 2000: Handling Apps That Don't Like Proxy Authentication
Quite often, we're faced with a situation where an application has its own Web Proxy client mechanism, and that mechanism has various issues, like: It doesn't support NTLM authentication, and only NTLM is enabled on the ISA Server It doesn't support more than one Proxy-Authenticate header ...
25 Jun 2004
DNS Resolution for Internet-Facing Servers: Clingy
NB Ahead of time, anytime I'm referring to a “primary” or “secondary” DNS server in this blurb, I'm referring to their relative positions on the client , not the “primary/master/secondary/slave/AD-integrated” mode of the server . You might have spotted that I spend...
2 Apr 2004
ISA 2004 vs HTTP Compression
Been a while since a dedicated ISA post, so Happy New Year to my ISA-focused readers! I spotted this post in my ISA Server watch list, from the new Port 80 Software blog. As they mentioned, we've published the mother of all KB articles on how the HTTP Filter in ISA 2004 behaves with compressed (Gzip...
13 Jan 2005
ISA 2004 EE: UnicastInterHostCommSupport is enabled by ISA
Quickie: When used to configure NLB for an array, ISA Server 2004 Enterprise Edition enables the NLB parameter UnicastInterHostCommSupport , available in Windows Server 2003 SP1 and later. This means that all other things being equal (eg, your rule set permitting it), two unicast hosts with NLB enabled...
14 Nov 2005
SetSPN improvements in Windows Server 2008! W00t!
Update: Most recent SetSPN ramblings (short: use -S instead of -A). All this stuff is based on a prerelease (RC1) version of Windows Server 2008 and may change before final release. Cheques may not be honoured. I had a happy moment one night in India when the trainer for our IIS 7.0 TTT course...
21 Dec 2007
© 2014 Microsoft Corporation.
Privacy & Cookies