Browse by Tags
All Tags »
ISA Server (RSS)
So, we all know that ISA 2006 doesn't work on Windows Server 2008 . Massive architectural changes to the IP stack, blah blah, etc, etc. People (uh, yeah, just "people") have been asking about what's to become of ISA Server for a while: "There's
Read More...
This question came up today (well, actually, it was about four weeks ago I started typing this, but bear with me), and it's been a little while since I've rambled about authentication protocols, so let's enjoy a nice, calm discussion on a Monday Tuesday
Read More...
What can we say about MaxUserPort that hasn't already been said? Not a lot, it would seem. He's a beautiful dancer, perhaps? Ahh, such gentle humour, and nary a kitten drowned anywhere. But TCP port shenanigans are fairly frequently misunderstood, so
Read More...
All this stuff is based on a prerelease (RC1) version of Windows Server 2008 and may change before final release. Cheques may not be honoured. I had a happy moment one night in India when the trainer for our IIS 7.0 TTT course discussed some of the Kerberos-related
Read More...
This week, a pointer to a solution to a problem I occasionally hit. Windows Vista (and by extension Windows Server 2008, I assume) utilizes a new EVTX log format for event log exports. It's XML-based, natch. Problem: Everyone's Favourite Log Digestion
Read More...
I recently encountered TCP Chimney for the first time in the wild. Short version: Chimney is an offload technology that allows the NIC to deal with up to X TCP connections, with any overflow being handled by Windows. All good: get the NIC dealing with
Read More...
Back from another holiday (I call it the Arnold Rimmer technique) I've been trying to collect, rework and refurbish my thoughts on web-based Kerberos stuff in a personal Wiki. You're welcome to peruse it with the usual disclaimers that I'm frequently
Read More...
Ya don't. You can't win. But there are alternatives to fighting. Why Not? Windows Kerberos doesn't work in an Internet scenario, it's intranet-only. the client machine must be a member of the same Active Directory forest as the target site. You just can't
Read More...
It's been ages since I touched on anything wibbles-related , but I realized I'd neglected a very common query: If one of my applications is under load, will Network Load Balancing route/move/transfer all the additional load to the other server? No . As
Read More...
Over here . Works with all ISA Server versions to date, and with Windows Vista client, importantly! x64 and x86 versions included. Safe when taken as directed. via Josh and KB article 929556 .
Read More...
Dr Tom calls out an excellent method of bouncing users from an "entry" URL to the right one (his example is bouncing someone from mail.example.com to mail.example.com/exchange, but it should work for others too). http://blogs.isaserver.org/shinder/2006/09/12/clev..
Read More...
The VML issue is still a hot topic in internal discussion. If you're an ISA Server admin, please take a look at the following information to help mitigate the risk: http://www.microsoft.com/technet/security/advisory/925568.mspx discusses a vulnerability
Read More...
How you pick NTLM from Kerberos when all you have is a trace.
NTLM: 2 round trips to authenticate, short Negotiate blobs on requests.
Kerberos: single round trip to authenticate, huge Negotiate blob on the request.
Read More...
Yep, forget the RC - ISA Server 2006 is done , and the trial version is now available for download (requires registration)! The fully functional trial software offers you the opportunity to experience the new features and functionality of ISA Server 2006.
Read More...
The ISA team just released the latest version of the ISA BPA to the web - here's the list of enhancements from the mail announcing it internally. If you see bold in an odd place, that's my emphasis. The ISA Server Sustained Engineering team is excited
Read More...
