Best practice for licence server for RDS Farm & Certificate errors

Similar Messages

• Server 2012R2- RDS Farm Certificate Miss-Match on Session Hosts

  Hi Guys,
  I've another RDS2012R2 issue. Internal and external domains do not match. External: domain.com.au; Internal: domain.com.net.
  I'm getting certificate miss-match errors when connecting to the Farm/RemoteApps.
  I have performed the follow fixes:
  Change published FQDN for Server 2012 or 2012 R2 RDS Deployment (http://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80). This resolved the original issue where I was getting a certificate miss-match error externally
  for the FQDN of the server.
  Updated the RDP-Tcp certificate used on the Session Host Servers. This was to resolve an issue where using mstsc to RDP to the farm externally(via gateway) would give a Certificate is not trusted error on the RDSH side.
  Now whenever RDWeb is used to launch a RemoteApp or the farm, I get a certificate miss match error as the RDSH server is called RDS1-TCC.domain.com.net and the certificate is for remote.domain.com.au.
  I rolled back the last change so that RemoteApps and the Farm would work successfully internally without certificate issues. How do I go about resolving the certificate errors?
  For extra background details see my orignal thread, It was marked as answered when only 1 out of 2 issues was resolved. http://social.technet.microsoft.com/Forums/windowsserver/en-US/b664ddaf-6c11-49e2-8a69-0df3b8ef13a1/server-2012r2-rds-farm-with-xp-and-windows-vista-clients?forum=winserverTS
  Cheers,
  Ben

  Hi Ben,
  Thank you for posting in Windows Server Forum.
  In your case, I can suggest you to check that the certificate must match the FQDN of the server. If you are creating SSL certificate then it must be signed by trusted authority and also the certificate must be stored under “local computer/personal store“.
  Also you can buy the certificate from 3rd party which is wild card certificate and only 1 certificate can be used for your network. Please check below links for more information regarding certificate issue.
  1. Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
  2. Configuring RDS 2012 Certificates and SSO
  3. Windows 2012 RDS Certificate mismatch
  Hope it helps!
  Thanks,
  Dharmesh

• Best practice to define length for varchar field of table in sql server

  What is best practice to define length for a varchar field in table
  where field suppose Remarks By Person  varchar(max) or varchar(4000)
  Could it affect on optimization in future????
  experts Reply Must ... 
  Dilip Patil..

  Hi Dilip,
  Varchar(n/max) is a variable-length, non-unicode character data. N defines the string length and can be a value from 1 through 8,000. Max indicates that the maximum storage size is 2^31-1 bytes (2 GB). The storage size is the actual length of the data entered
  + 2 bytes. We always use varchar when the sizes of the column data entries vary considerably. While if the filed data size might exceed 8,000 bytes in some way, we should use varchar(max).
  So the conclusion is just like Uri said, use varchar(max) or varchar(4000) is depends on how much characters we are going to store.
  The following document about varchar in SQL Server is for your reference:
  http://technet.microsoft.com/en-us/library/ms176089.aspx
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Best practice on Oracle VM for Sparc System

  Dear All,
  I want to test Oracle VM for Sparc System but I don't have new model Server to test it. What is the best practice of Oracle VM for Sparc System?
  I have a Dell laptop which has spec as below:
  -Intel® CoreTM i7-2640M
  (2.8GHz, 4MB cache)
  - Ram: 8GB DDR3
  - HDD: 750GB
  -1GB AMD Radeon
  I want to install Oracle VM VirtualBox on my laptop and then install Oracle VM for Sparc System in Virtual Box, is it possible?
  Please kindly give advice,
  Thanks and regards,
  Heng

  Heng Horn wrote:
  How about computer desktop or computer workstation with the latest version has CPU supports Oracle VM or SPARC?Nope. The only place you find SPARC T4 processors is in Sun Servers (and some Fujitsu servers, I think).

• Best practices to reduce downtime for Database releases(rolling changes)

  Hi,
  What are best practices to reduce downtime for database releases on 10.2.0.3? What DB changes can be rolling and what can't?
  Thanks in advance.
  Regards,
  RJiv.

  I would be very dubious about any sort of universal "best practices" here. Realistically, your practices need to be tailored to the application and the environment.
  You can invest a lot of time, energy, and resources into minimizing downtime if that is the only goal. But you'll generally pay for that goal in terms of developer and admin time and effort, environmental complexity, etc. And you generally need to architect your application with rolling upgrades in mind, which necessitates potentially large amounts of redesign to existing applications. It may be perfectly acceptable to go full-bore into minimizing downtime if you are running Amazon.com and any downtime is unacceptable. Most organizations, however, need to balance downtime against other needs.
  For example, you could radically minimize downtime by having a second active database, configuring Streams to replicate changes between the two master databases, and configure the middle tier environment so that you can point different middle tier servers against one or the other database. When you want to upgrade, you point all the middle tier servers against database A other than 1 that lives on a special URL. You upgrade database B (making sure to deal with the Streams replication environment properly depending on requirements) and do the smoke test against the special URL. When you determine that everything works, you configure all the app servers to point at B and have Streams replication process configured to replicate changes from the old data model to the new data model), upgrade B, repeat the smoke test, and then return the middle tier environment to the normal state of balancing between databases.
  This lets you upgrade with 0 downtime. But you've got to license another primary database. And configure Streams. And write the replication code to propagate the changes on B during the time you're smoke testing A. And you need the middle tier infrastructure in place. And you're obviously going to be involving more admins than you would for a simpler deploy where you take things down, reboot, and bring things up. The test plan becomes more complicated as well since you need to practice this sort of thing in lower environments.
  Justin

• Best Third party Fax Server for integration with SOA

  Hi
  Which is the best third party fax server for integration with SOA ??
  I am having requirement to configure Fax for client..
  Edited by: 910947 on Feb 16, 2012 4:12 AM

  i am having following option
  Using Java API like InterFAX
  or
  Using Fax Server like SilentFax or RightFax
  or
  Using Virtual Fax Server like GreenFax or myfax
  Which is the best solution, i should go for that will best fit with my SOA Suite???

• Enable Custom Authentication for License Server for Packager Server

  How to enable processing of Custom Authentication for License Server for Packager Server?
  Please give examples.

  If I understand your question, you want to use the Flash Access Manager and/or the Watched Folder Packager (both are components of the Reference Implementation) to package content for a license server that uses Custom Authentication. To accomplish this, you need to use the Flash Access SDK to create a policy that specifies Custom Authentication is used.  For example:
  Policy pol = new Policy(false);
  LicenseServerInfo licServer = new LicenseServerInfo(AuthenticationType.Custom);
  pol.setLicenseServerInfo(licServer);
  // set rights and other policy attributes
    Once you create the policy, place the policy file on the Packager Server, and you can use this policy to package content.

• Best Practice setting up NICs for Hyper V 2008 r2

  I am looking at some suggestions for best practice for setting up a hyper V 2008 r2 at a remote location with 5 nics, one for managment vlan and other 4 on the data vlan.  This server will host  2 virtual machines, one is a DC and the other
  is a member local DHCP server.  The server is setup now with one nic on the management Vlan and the other nic's set to get there ip from the local dhcp server on on the host.   We have the virtual networks setup in Hyper V to
  point to each of the nics using the "external connection".  The virtual servers 'DHCP and AD" have there own ip set within them.  Issues we are seeing,  when the site looses external connections for a while they cannot get ip
  addresses from the local dhcp server anymore.
  1. NIC on management Vlan -- IP Static -- Physical host
  2. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V  -- virtual server DHCP
  3. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V -- Virtual server domain controller
  4. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V -- extra
  5. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V -- extra
  Thanks in advance

  Looks like you may be over complicating things here.  More and more of the recommendations from Microsoft at this point would be to create a Logical Switch and then layer on Logical Networks for your management layers, but here is what I would do for
  you simple remote office.  
  Management NIC:  Looks good (Teaming would be better, but only if you had 2 different switching to protect against link failures at the switch level.  Doesn't seem relevant in this case however.
  NIC for Data Network VLAN:  I would use one NIC in your case if you can have the ability to Trunk multiple VLANs at the switch level to the NIC.  That way you are setting the VLAN on the VMs NIC that you want to access and your
  Virtual Switch configuration is very simple.  On this virtual switch however, I would uncheck IPv4 and IPv6.  There is no need to give this NIC an address as you are just passing traffic through them from the VMs that are marked with VLAN tags.  Again,
  if you have multiple physical switches in the building teaming could be an option, but probably adds more complexity than is necessary for a small office. 
  Even if you keep your Virtual Switches linked to separate NICs unchecking IPv4 and IPv6 makes sense. 
  Disable all the other NICs
  Beyond that, check your routing.  Can you ping between all hosts when there is not interruption? What DHCP server are they getting there addresses on normally?  Where are your name resolution servers (DNS, WINS)?  
  No silver bullet here, but maybe a step in the right direction.
  Rob McShinsky (VirtuallyAware.com)
  VirtuallyAware - Experiences in a Virtual World (Microsoft MVP - Virtual Machine)

• Best Practice : Creating Custom Renderer for Standard Component

  I've been reading the docs and a few threads about Custom Renderers. The best practice seems to be to create a Custom Component where you need a Custom Renderer. Is this the case?
  See [this post|http://forums.sun.com/thread.jspa?forumID=427&threadID=520422]
  I've created several Custom Renderers to override the HTML provided by the Standard Components, however I can't see the benefit in also creating a Custom Component when the behaviour of the standard component is just fine.
  Thanks,
  Damian.

  It all depends on what you are trying to accomplish. Generally speaking if all you need is for the user interface output to be changed then a renderer will work just fine. A new component is usually made in order to provide some fundamental change in server side functionality not related to the user interface. - Ponderator

• Best Practice Advice - Using ARD for Inventorying System Resources Info

  Hello All,
  I hope this is the place I can post a question like this. If not please direct me if there is another location for a topic of this nature.
  We are in the process of utilizing ARD reporting for all the Macs in our district (3500 +/- a few here and there). I am looking for advice and would like some best practices ideas for a project like this. ANY and ALL advice is welcome. Scheduling reports, utilizing a task server as opposed to the Admin workstation, etc. I figured I could always learn from those with experience rather than trying to reinvent the wheel. Thanks for your time.

  hey, i am also intrested in any tips. we are gearing up to use ARD for all of our macs current and future.
  i am having a hard time with entering the user/pass for each machine, is there and eaiser way to do so? we dont have nearly as many macs running as you do but its still a pain to do each one over and over. any hints? or am i doing it wrong?
  thanks
  -wilt

• BPC 5 - Best practices - Sample data file for Legal Consolidation

  Hi,
  we are following the steps indicated in the SAP BPC Business Practice: http://help.sap.com/bp_bpcv151/html/bpc.htm
  A Legal Consolidation prerequisit is to have the sample data file that we do not have: "Consolidation Finance Data.xls"
  Does anybody have this file or know where to find it?
  Thanks for your time!
  Regards,
  Santiago

  Hi,
  From [https://websmp230.sap-ag.de/sap/bc/bsp/spn/download_basket/download.htm?objid=012002523100012218702007E&action=DL_DIRECT] this address you can obtain .zip file for Best Practice including all scenarios and csv files under misc directory used in these scenarios.
  Consolidation Finance Data.txt is in there also..
  Regards,
  ergin ozturk

• Best Practices: iPad/MacBookPro synching for video production in education

  My organization just bought 14 Macbook Pros and 14 iPads Minis. Our goal is to have students in single-day classes use the iPads to film something, then synch/export the video to a MacBook Pro where they can then edit that video in iMovies. Once that single-day class is over, all of the video will (likely) be deleted and new students come in a couple days later and start fresh. I'm trying to figure out the best practices for this to make it as painless as possible for all involved.
  So, matching AppleIDs for each pair? One AppleID for all devices and manual synch through iTunes? Dropbox/cloud synching instead of iTunes?
  All of these devices are brand new. I have already started prepping the MacBook Pros, but have not even turned on the iPads since I'm not sure which AppleID I should attach to the iPads -- I assume the first AppleID on an iPad will accept the iLife apps much the same way they do on the MacBook Pros.
  Any help is appreciated.
  Thanks
  Jack

  well the most important fact to accept is that ALL DRIVES WILL FAIL.  It's just a matter of when.  I can tell you about a nightmare situation with g-drives (before Hitachi bought them).   What format are you shooting?  If you shoot on tape, you can always recapture as long as you captured with abort clips on dropped frames on make new clip on timecode break are enabled.  But that's gonna take "real time."  If you shot on a chip based format, backing up the chips in multiple places (and I mean multiple) can provide a sense of security.  But if you need to be able to get back to work immediately if you have a drive fail, having a back up of your media or if you've stored it on a redundant raid is crucial.  I also seriously recommended having a clone of your startup drive so if your startup (boot) drive fails, you can get back to work quickly. 
  https://discussions.apple.com/docs/DOC-2494

• Best practices when carry forward for audit adjustments

  Dear experts,
  I would like to know if someone can share his best practices when performing carry forward for audit adjustments.
  We are actually doing legal consolidation for one customer and we are facing one issue.
  The accounting team needs to pass audit adjustments around April-May for last year.
  So from January to April / May, the opening balance must be based on December closing of prior year.
  Then from May / June to December, the opening balance must be based on Audit closing of prior year.
  We originally planned to create two members for December period, XXXX.DEC and XXXX.AUD
  Once the accountants would know their audit closing balance, they would have to input it on the XXXX.AUD period and a business rule could compute the difference between the closing of AUD and DEC periods and store the result on an opening flow.
  The opening flow hierarchy would be as follow:
  F_OPETOT (Opening balance Total)
      F_OPE (Opening balance from December)
      F_OPEAUD (Opening balance from the difference between closing balance of Audit and December periods)
  Now, assume that we are in October, but for any reason, the accountant run a carry forward for February, he is going to impact the opening balance because at this time (October), we have the audit adjustments.
  How to avoid such a thing? What are the best practices in this case?
  I guess it is something that you may have encounter if you did a consolidation project.
  Any help will be greatly appreciated.
  Thanks
  Antoine Epinette

  Cookman and I have been arguing about this since the paleozoic era. Here's my logic for capturing everything.
  Less wear and tear on the tape and the deck.
  You've got everything on the system. Can't tell you how many times a client has said "I know that there was a better take." The only way to disabuse them of this notion is to look at every take. if it's not on the system, you've got to spend more time finding the tape, and adding "wear and tear on the tape and the deck." And then there's the moment where you need to replace the audio for one word from another take. You can quickly check all the other takes (particularly if you've done a thorough job logging the material - see below)_.
  Once it's on the system, you still need to log and learn the material. You can scan thru material much faster once it's captured. Jumping around the material is much easier.
  There's no question that logging the material before you capture makes you learn the material in a more thorough way, but with enough selfdiscipline, you can learn the material as thoroughly once it's been captured.

• Best practices with LDIF Development for RBAC?

  I'm currently working on enforcing RBAC (Role Based Access controls) in OID that may be subject to change every few months. What I've currently been doing is writing LDIF files to make changes to the existing RBAC once the changes have been finalized.
  Unfortunately, now we have ended up with a growing list of LDIF files that must be run in sequential order if we were to build a new environment. Any defects or development errors that slip through developer unit testing must be handled in the same manner.
  What is the best practice process for performing this type of development? Would it make more sense to have one LDIF file that removes all of the RBAC enforcement (via ldapmodify -c), and then a separate file that will install the latest and most up to date version? I've also considered just using one LDIF file, appending any updates to the end of it and using the ldapmodify command with the -c parameter

  With regard to the 29.97/30 thing, you'll find that video people are idiosyncratically imprecise about that. We say 60 when we mean 59.94, we say 30 when we mean 29.97 and we say 24 when we mean 23.976.
  We're quirky.
  Whenever somebody says one of those nice, round numbers, you can assume they're really talking about the corresponding ugly fraction.
  Unless they're film people, in which case +24 means 24, dangit.+

• Best practice MPLS design/configuration for small service provider

  We are a small regional service provider and did not have MPLS supported on our network.  To start supporting MPLS, I’d like to get opinions and recommendations on the best practice configuration. 
  Here is what we have today –
  We have our own BGP AS and multiple /24s.
  We are running OSPF on the Cores and BGP on the Edge routers peering with ISPs.
  We peer with multiple tier-1 ISPs for internet traffic. We do not provide public transit.
  What we want for phase one MPLS implementation –
  Configure basic MPLS /vpn functionality.
  No QoS optimization required for phase 1.
  We have Cisco ME 3600X for  PE. Any recommendations will be appreciated.

  Not sure what kind of devices or routers you have in your network but looks for if you have support for labeled multicast for MVPN support. That will avoid other complexity of using other control protocols (like PIM) in core.
  PE redundancy can be obtained by BGP attributes, CE-PE connectivity can be tunned using IGP or VRRP/HSRP...
  You can have mutiple RSVP TEs for various contract traffic and you can bind various kind of traffic to different RSVP Tunnels based on contract or service with your customer.
  RSVP-TE with link/node protection design will be of great help to achieve quicker failover.