Certificate Requirement for Microsoft RDS 2012

Similar Messages

• Certificate Requirement for Lync 2013 Standard Edition

  I have successfully run the setup of lync 2013 standard edition now I am stuck due to certificates required for lync 2013. when I generate a csr. it show the subjected urls for that.
  hostname.domain.com
  sip.domain.com
  diali.domain.com
  meet.domain.com
  admin.domain.com
  lyncdiscover.domain.com
  lyncdiscoverinternal.domain.com
  im.domain.com (External URL)
  so if I go for 3 party CA then I need 8 certicate only for internal lync. As I also need to connected federated partner and external user so I need Edge for again I need 3 more certificates
  web.domain.com
  a/v.domain.com
  sip.domain.com
  now when I go for these certificate it quit costly and I didn't understand why such certifcates required. can anyone help me to fix such requirement.
  Or, what are the necessary url to which I buy 3 party CA rest leave as it is.
  I also want to deploy Edge with single adopter as we have only one network so can anyone assist me to proceed it further.
  Talha Faraz Malik

  To save on the cost of your third party certificates, I would deploy an internal certificate authority to sign certificates for your internal front end.   For your third party certificate, you would only need the SANs for the edge and for your
  reverse proxy and as Edwin said, this can be a single cert with multiple SANs.
  For example, for your edge you would need:
  sip.domain.com
  web.domain.com
  You would not need A/V as this role does not require a SAN on your certificate.  On the same certificate, which you could also use on your reverse proxy, you'd likely want the following FQDNs.
  lyncdiscover.domain.com
  im.domain.com (your external web services FQDN)
  meet.domain.com
  dialin.domain.com
  You may also want to consider your internal web services FQDN and include the following so third party mobile devices can connect without needing a certificate installed:
  im_internal.domain.com (your internal web services FQDN)
  lyncdiscoverinternal.domain.com
  I'm sure that's not entirely clear yet, so feel free to ask more questions or what the purpose of each is. 
  When you say Edge with a single adapter, you mean a single adapter in a DMZ or internal?  You definably want two NICS, both in separate DMZs, but I've managed to get the edge working with a single adapter in a DMZ before.  What you don't want is
  the edge in your internal network.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Lync 2013 certificate requirements for multiple SIP domains

  Hi All,
  I am engaged with a client in respect of a Lync 2013 implementation initially as a conferencing platform with a view to enabling EV functions (inc. PSTN conferencing) in the future. They initially need to support 30 SIP domains and eventually
  around 100 SIP domains which is proving to be either not possible or severely cost prohibitive. Their current certificate provider, Thawte, can only support up to 25 SANs and have quoted them 5 figures. We tend to use GeoTrust as they are cheaper but they
  appear to have a limit of 25 SANs. GoDaddy appear to support up to 100 SANs for a pretty reasonable cost. My questions are as follows:
  Is there a way that I’m missing of reducing the number of SANs required on the Edge server?
  Use aliases for access edge FQDNs - Supported by desktop client but not by other devices so not really workable
  Don’t support XMPP federation therefore removing the need for domain name FQDNs for each SIP domain
  Is there a way that I’m missing of reducing the number of SANs required on the Reverse Proxy server?
  Friendly URL option 3 from this page:
  http://technet.microsoft.com/en-us/library/gg398287.aspx
  Client auto-configuration:
  i.     
  Don’t support mobile client auto-configuration in which case no lyncdiscover.sipdomain1.com DNS records or SANs would be required.
  ii.     
  Support mobile client auto-configuration over HTTP only in which case CNAME records are required for each SIP domain (lyncdiscover.sipdomain1.com, etc. pointing to lyncdiscover.designateddomain.com) but no SANs are required.
  iii.     
  Support mobile client auto-configuration over HTTPS in which case DNS records are required for each SIP domain and a SAN entry for each SIP domains is also required. This is because a DNS CNAME to another domain is not supported over
  HTTPS.
  If the answer to 1 and/or 2 is no, are there certificate providers that support over 100 SANs?
  How do certificate requirements differ when using the Lync 2013 hosting pack? I would think that this issue is something that a hosting provider would need to overcome.
  Would the Lync 2013 Hosting Pack work for this customer? The customer uses SPLA licensing so I think is eligible to use the hosting pack but not 100% sure it will work in their environment given that client connections are supposed
  to all come through the Edge where their tenants will be internal and also given the requirement for an ACP for PSTN conferencing.
  Many thanks,

  Many thanks for the response.
  I was already planning to use option 3 from the below page for simple URLs to cut down on SAN requirement.
  http://technet.microsoft.com/en-us/library/gg398287.aspx
  What are the security concerns for publishing autodiscover over port 80? I.e. Is this only used for the initial download of the discovery record and then HTTPS is used for authentication? This seems to be the case from the following note on the below page:
  http://technet.microsoft.com/en-gb/library/hh690030.aspx
  Mobile device clients do not support multiple Secure Sockets Layer (SSL) certificates from different domains. Therefore, CNAME redirection to different domains is not supported over HTTPS. For example, a DNS CNAME record for lyncdiscover.contoso.com that redirects
  to an address of director.contoso.net is not supported over HTTPS.
  In such a topology, a mobile device client needs to use HTTP for the first request, so that the CNAME redirection is resolved over HTTP. Subsequent requests then use HTTPS. To support this scenario, you need to configure your reverse proxy with a web publishing
  rule for port 80 (HTTP).
  For details, see "To create a web publishing rule for port 80" in Configuring the Reverse Proxy for Mobility. CNAME redirection to the same domain is supported over HTTPS. In this case, the destination domain's certificate covers the originating
  domain.”
  I don’t think SRV records for additional SIP domain access edge is a workable solution as this is not supported by some devices.
  As per the below article:
  http://blog.schertz.name/2012/07/lync-edge-server-best-practices/
  “The recommended approach for external client Automatic Sign-In when supporting multiple SIP domains is to include a unique Access Edge FQDN for each domain name in the SAN field.  This is no longer a requirement (it was in OCS) as it is possible to
  create a DNS Service Locator Record (SRV) for each additional SIP domain yet have them all point back to the same original FQDN for the Access Edge service (e.g. sip.mslync.net). 
  This approach will trigger a security alert in Windows Lync clients which can be accepted by the user, but some other clients and devices are unable to connect when the Automatic Sign-In process returns a pair of SRV and Host (A) records which do not share
  the same domain namespace.  Thus it is still best practice to define a unique FQDN for each additional SIP domain and include that hostname in the external Edge certificate’s SAN field”.
  ===================
  1. Basically the requirement is to initially provide Lync conferencing services (minus PSTN conferencing) to internal, external, federated and anonymous participants with a view to providing PSTN conferencing and therefore enterprise voice services later.
  2. The customer currently supports close to 100 SMTP domains and wants to align their SIP domains with these existing domains. The structure of their business is such that “XXX IT Services” provide the IT infrastructure for a collection of companies who
  fall under the XXX umbrella but are very much run as individual entities.
  Question:
  Would you agree that I’m going to need a SAN for every SIP domain’s access edge FQDN?
  Thanks.

• Need Epson driver for LQ-2180 for Microsoft Server 2012 R2 64 bit ..

  Hi Guys.
    We have a requirement for adding the Epson Printer LQ-2180 to Microsoft Server 2012 R2 - 64 bit. We are unable to find the exact driver in net. Please help us to find the exact driver or the compatible one .
  Thanks in Advance
  Sreekanth

  Hello,
  I have found the driver on Epson homepage. Epson Support - Drivers, FAQs, Troubleshooting, Technical Support, Documents & Manuals for Epson Products - Epson Am…
  Try to use this link directly to your printer http://www.epson.com/cgi-bin/Store/support/supDetail.jsp?BV_UseBVCookie=yes&oid=14329&infoType=Overview
  If it doesn't work, search under Printer&All-in-Ones ---> Impact and you should find your Epson LQ-2180.
  Kind regards
  Edit: Also I find the note153879 - EPSON printer model and SAP device types  , but there is not exactly your printer. But you can try to use the most similar one...

• Windows 10 Requirement for Microsoft Account

  I am trying Windows 10 Technical Preview... I tried to use skype and it requires a Microsoft account.  My options appear to be remove windows 10 or change skype.

  You can install Skype desktop version and login with any account.
  https://support.skype.com/en/faq/FA12162/how-do-i-get-the-desktop-version-of-skype-windows-8-or-abov...

• Hardware Requirements for a SCCM 2012 CAS with SQL Server Remote

  The hardware requirements for a CAS server with SQL Server Enterprise locally installed are:
  16 cores (Intel Xeon L5520 or comparable CPU)
  64 GB of RAM
  1.5 TB of disk space for the operating system, Configuration Manager, SQL Server, and all database files.
  Does anyone know what the hardware requirements are if SQL Server Enterprise is remote from the CAS server?  It's not listed.  -Shane

  Even though I am going to be strung up for even saying this, I do agree there is a use for a CAS outside of 100,000 users.  If you do indeed have distinct admins managing their own images and apps in remote
  locations then I see the benefit of a CAS.  A remote ConfigMgr console connecting to a primary site would perform poorly.  Admin A at the primary site would not experience any issues but Admin B would be in for a lot of work and waiting.  Any
  time Admin B needed to add an app or image it would have to be copied up to the remote primary site and then distributed back down.  This is not the best scenario.
  There are scenarios in company merger situations (and others I am sure) where the management of both locations has not been consolidated down to one location yet and is not going to be done as part of the deployment or upgrade.  If you had a 2007 environment
  it is going to be very hard to convince the admin at the remote location that this upgrade is going to be a good thing for him/her.  There is an option for the remote admin to RDP into a server in the primary site but the image and apps still need
  to be distributed down to the remote location.  During testing this can be very time consuming. 
  I do agree that adding a CAS adds additional complexity but in some cases such as the one I described it is the right decision. 
  Thank you for the reply. And i totally agree that in some cases a design like that is a necessary evil (but not by our personal wants). 
  We had that design with 2007 (implemented before my time), and as you predicted EU admins complained about difficulty using the console RDP-ed into a box close to the primary site. The bandwidth to and from different regions is out of scope for me so I do what
  I can with what I have. We too will be moving forward with a CAS hierarchy. 
  Administratively the other IT depts in other regions operate on their own. I dont handle any of the EU computers on a day to day basis whatsoever, etc. We're not merging but our IT shops operate with near independence. 

• Third Party CA certificate requirement for Cisco expressway C and E

  Hi All,
  We have implemented MRA solution for our customer, We had ask to procure the CA certificate from Third party CA certificate issuing vendor.
  We had shared CSR request generated from Expressway C and E application to generate SSL certificate, As per cisco document we had ask to procure “Quick SSL premium single domain” CA certificate for Expressway Series E and C server but as per the certificate issuing vendor, the application required “Quick SSL premium multi domain” as they observed extra SANs in CSR generated from the Expressway C and E applications. Need help to find out application required certificate,  who are using Third Party CA certificate for MRA solution.

  First of all, I don't see how you cant get away with single domain certificate. I have looked into this more. This is because you need to add your domain name in the SAN as detailed below.
  Secondly, I am not sure where you are going to generate the certificates from..You should generate your CSR from here..
  Go to Maintenance > Security certificates > Server certificate
  NB: Customer’s service discovery domain is required to be included as a DNS SAN in all Expressway-E server certificates
  This is what the CSR page looks like

• Hardware Requirement for SQL Server 2012 Cluster

  Hi All,
  We are going to share System Requirement document with the customer and one of the technical staff from Customer has request us to provide Microsoft Disk space requirement at least for below 2 section and why?
  Quorum & MSDTC (Both will be SAN and what will be their RAID type)
  Please share your advice.
  Regards, Sachin

  Hello,
  The quorum disk needs only to have a few MB to hold the file used for arbitration. Normally if you're needing a disk vote, it can be extremely small (100MB or less is what most SANs can do, some can only do 1 GB or greater). The actual file size is a few
  KBs.
  MSDTC holds the DTC logs, so this will be sized to how much logging and usage of MSDTC is needed and used. If you're not using distributed transactions then it doesn't even need setup.
  -Sean
  The views, opinions, and posts do not reflect those of my company and are solely my own. No warranty, service, or results are expressed or implied.

• Information required for Microsoft Azure cloud hosting

  I am looking for hosting my application on Azure cloud server and would like to inform you that my application is in ASP.NET 3.5 with database on SQL Server 2008 R2.
  Before we proceed further with Microsoft Azure cloud hosting, I would like to clarify some of my below mentioned queries:
  Hosting:
  What are the plans of hosting along with pricing and server configuration.
  How many applications we can host.
  How much space we will get.
  Can we deploy and run some exe, which we developed for sending email.
  Currently we are using InProc session. What modification will be required by the application.
  Can we point our DNS to the application we host.
  We do development on our On-Premise environment, do we also get any staging/testing server along with production server.
  Does the usage of application on staging server is chargeable.
  How many instances we will be getting for one application
  Does environment automatically increase or decreases the instances in use as per increase or decrease in load.
  SQL Azure:
  Which version of SQL Server we will get.
  Does SQL Azure is compatible with all the features and datatypes of SQL Server 2008 R2? If not then please let us know features and datatypes which are not supported by SQL Azure.
  What all SQL Server version’s database can be restored on SQL Azure.
  What will be the database size.
  Will the database will be in the same datacenter where our application reside.
  How many database we can create
  How we can take database backup, is there any control panel for that.
  How we can schedule database backups
  Can we restore our On-Premise database with the database bakup taken from SQL Azure.
  Can we connect database from our local machine with “SQL Server Management Studio”. 

  Hi SanVerma,
  Thanks for your posting!
  From your description, I think firstly you need confirm which one host service could meet your target. I suggest you could refer to this page about Azure Websites, Cloud Services, and Virtual Machines comparison:
  http://azure.microsoft.com/en-us/documentation/articles/choose-web-site-cloud-service-vm/ 
  The above link could answer your hosting questions 1,2,4.
  Hosting:
  >>3.How much space we will get.
  It depends on your size:
  http://msdn.microsoft.com/en-us/library/azure/dn197896.aspx
  >>5.      
  Currently we are using InProc session. What modification will be required by the application.
  You need use the Azure cache service or SQL Azure storage to store your session data, please see those blog:
  http://blogs.msdn.com/b/cie/archive/2013/05/17/session-state-management-in-windows-azure-web-roles.aspx
  http://azure.microsoft.com/en-us/documentation/articles/web-sites-dotnet-session-state-caching/
  >>6      
  Can we point our DNS to the application we host.
  If you use Azure VM to host your application, you could use Azure Virtual Network to deploy your DNS server, Please see this page:
  http://msdn.microsoft.com/library/azure/jj156088.aspx
  >>      
  We do development on our On-Premise environment, do we also get any staging/testing server along with production server.
  >>      
  Does the usage of application on staging server is chargeable.
  Yes, you can do this. If you use Azure cloud service stage/production environment, You could be charged. If you use single VM to host your production and staging project, you could be charged the single VM.
  >> How many instances we will be getting for one application
  It depends on your requirement, If the quota is not enough, you could contact the Azure support to increase the quota.  >>Does environment automatically increase or decreases the instances in use as per increase or decrease in load.
  Azure platform support the AutoScale. You can set the feature using code or portal.
  http://azure.microsoft.com/en-us/documentation/articles/cloud-services-dotnet-autoscaling-application-block/
  http://msdn.microsoft.com/en-us/library/hh680945(v=pandp.50).aspx
  SQL Azure: 
  >> 1.Which version of SQL Server we will get.
  Firstly, you need clarify the SQL Azure and sql server. SQL Azure is a data as a service. SQL server in VM is a VM which is installed sql server. If you wants to use SQL Server, I suggest you could refer to this pricing page:
  http://azure.microsoft.com/en-us/pricing/calculator/?scenario=virtual-machines
  >>    2.
  Does SQL Azure is compatible with all the features and datatypes of SQL Server 2008 R2? If not then please let us know features and datatypes which are not supported by SQL Azure.
  >> 3.What all SQL Server version’s database can be restored on SQL Azure.
  >>4.What will be the database size.
  I recommend you refer to those post and blog about above 3 questions:
  http://social.technet.microsoft.com/wiki/contents/articles/996.comparison-of-sql-server-with-azure-sql-database.aspx http://stackoverflow.com/questions/3235164/what-is-the-difference-between-sql-azure-and-sql-server-2008
  >>   5   
  Will the database will be in the same datacenter where our application reside.
  You could select the region when you create DB/VM.
  >>      
  How many database we can create
  Please see this page about sql azure limits:
  http://msdn.microsoft.com/en-us/library/azure/ee336245.aspx
  >>7,8
  http://msdn.microsoft.com/en-us/library/azure/jj650016.aspx
  >>9Yes, you can use the Import and export database feature:
  How to: Use the Import and Export Service in Azure SQL Database.
  >>10
  Yes.
  http://azure.microsoft.com/en-us/documentation/articles/sql-database-manage-azure-ssms/
  About how to use SQL Azure, you could refer to this page:
  http://msdn.microsoft.com/en-us/library/azure/ee336282.aspx
  Hope it helps you.
  Regards,
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Enabling Thesaurus for Microsoft Office 2012 via SCCM?

  Hi guys,
  We have Office 2012 with Windows 8.1 in our corporate environment but at the time of BOE/SOE creation, Thesaurus was left out with deployment.
  If we want to enable Thesaurus across all the PC's what the easiest way to do this?
  Via SCCM or Group Policy?
  Thanks in advance!

  To be clear:  this is an Office question, not an SCCM question.  When it comes to app deployment and configuration SCCM basically dogmatically does what ever you tell it to do so what you really need to to know is:  how will Office let me
  do this?
  The exact process is also going to vary depending on which office you have installed.  Enterprise media will let you use setup /admin for example to create configurations you can push to workstations (adding missing components like the shared features
  which I think will have the Thesaurus), Click-to-run from O365 will require the editing of a deployment xml (I'm blanking on the details but you can look it up) ... 
  .. at the end of the day there _is_ a silent way to update the deployments which will enable you to create a package/application that you can then push to workstations.  Sadly exact syntax is not as straight forward as "how do i update Office"
  ... because frankly there's lots of ways depending on the flavor.

• Which Edition of Windows is required for using SQL 2012 Always On Availability Groups

  I want to use the new feature of having 2 secondary mirror replicas. the first secondary replica will be sync the second one will be async.
  Currently I have SQL Enterprise license and Windows 2008 R2 Standard license.
  Will I be required to upgrade to Windows Enterprise license to use Always On? (since this feature depends on Windows clustering?)
  Can you please confirm if SQL Always On feature can be used on Windows 2008 R2 standard or not?
  MSDNStudent Knows not much!

  Always On is available with Standard Edition but it supports only 2 nodes. 
  AlwaysOn is a bigger umbrella which covers two features. AlwaysOn Availability Groups (AG) and AlwaysOn Failover Cluster Instance (FCI).
  FCI for 2 node is supported. You can't use AG feature in SQL Server Standard Edition
  Balmukund Lakhani
  Please mark solved if I've answered your question, vote for it as helpful to help other users find a solution quicker
  This posting is provided "AS IS" with no warranties, and confers no rights.
  My Blog |
  Team Blog | @Twitter
  | Facebook
  Author: SQL Server 2012 AlwaysOn -
  Paperback, Kindle

• Question about certificates required for publishing a script extension!

  Hi,
  I'm in the latest steps of creating my new In-Design plugin and I was studying the ways I can publish it and Adobe Exchange looks like a good option, but here they are saying:
  Paid Content must have a certified signature. (Content posted as Free will be accepted with a self-signed certificate.)Extension Manager should be able to verify the Producer’s signature. An application should be signed by a certificate issued by one of the following certificate authorities:
  Chosen Security Thawte, Globalsign, Verisign, Comodo, Usertrust, Godaddy
  And here, they say:
  blah ... so that you know that a trusted authority certificate will no longer be required. ...
  So, I'm a bit confused, my question is:
  1. is it required really to have these certificates?!
  2. If yes, how we are supposed to do this?
  Any idea would be much appreciated,
  thx, mim

• Certificate setup RDS 2012 R2

  Hi,
  I have set up an RDS 2012 R2 deployment for internal use. I plan to add a gateway server cluster for external access later (RDGW). That cluster will be placed in DMZ and use a public wildcard cert. It will connect external users to the farm. Internal or
  Direct Access (DA) users will use the Web Access servers to connect internally in the corp. LAN.
  For now, i have the following setup. Web Access role on 2 servers with DNS RR (RDWA). 2 clustered Connection Broker servers (RDCB), two Session Hosts (RDSH) and one licesning server. So a total of 7 servers (+ 2 GRGW servers in DMZ that are not set up
  yet).
  So, the issue is; I need to set up certificates. We have a CA in an AD top domain (our site is a sub.domain.com). We do not have access to that CA and need to order certs. from our corp. HQ. Ok, but what do i ask for? I need 3
  DER encoded binary X.509
  certs. That's the info i have. How can create a cert. request? See pictures below.
  This posting is provided "AS IS" with no warranties or guarantees and confers no rights

  Hi,
  Thank you for your posting in Windows Server Forum.
  Can you exactly let us know which certificate you want for your network (Self-signed or SSL)?
  As per my suggestion you can use wildcard or SAN certificate for your network which can be used for external network also. 
  If you want Self-signed certificate for internal use, you can create the certificate from Deployment properties of RDS page or IIS Manager as per below path.
  IIS Manager>Server Certificate>Create Self-Signed Certificate>Export the certificate on specified location then select the certificate in RDS installation process.
  But see that, the certificate is installed into computer’s “Personal” certificate store with its corresponding private key & it’s added under trusted root certificate authority.
  Please check below articles for detail.
  1. Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
  2. Configuring RDS 2012 Certificates and SSO
  3. Minimum Certificate Requirements for Typical RDS implementation
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• RDS 2012 - No Wildcard Certificate

  Hi all,
  I will be using indivisual certificates per component so I will have a certificate for broker.domain.com, gateway.domain.com and [email protected] These will be used from within the RDS console to deploy the certificates to the componenets.
  My question is, do I need to do anything else for the RDS Session Host servers (or will the use the certificates above)? Will i need a certificate per server and if so does it need to be in the format SessionHost1.domain.com?
  Thanks.

  Hi,
  Thank you for posting in Windows Server Forum.
  As per my research, I can say that if you have less server than you can follow the same procedure of certificate and can use that. But personally if you have more server then suggest you to purchase wildcard certificate for your environment. Because with wildcard
  certificate you just need to purchase one certificate and can use for your installed roles.
  Please check below article for more details.
  Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
  http://blogs.technet.com/b/askperf/archive/2014/01/24/certificate-requirements-for-windows-2008-r2-and-windows-2012-remote-desktop-services.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• RDS 2012 Certificates help

  Hi all,
  I am currently implementing a RDS 2012 infrastructure.
  1-2 RDS Host servers
  1 server which contains the gateway and web access role (sits in the DMZ network)
  1 licensing server
  So I have 4 RDS servers in total.
  I have a internal and a external domain so for example:
  test.com (external domain - public facing)
  internal.com (internal domain - lan users)
  1-2 RDS Host servers - INTERNAL
  1 Licensing server - INTERNAL
  1 Gateway and Web Acess server - PUBLIC
  Would purchasing a public san certificate work for my enviroment and applying to all four servers?
  If not, what would work?
  Thanks

  Hi,
  Thank you for posting in Windows Server Forum.
  You can use single SAN certificate to achieve your goal as it can serve for all server. Apart there is some basic requirement to have RDS certificate.
  Basic requirements for Remote Desktop certificates:
  1. The certificate is installed into computer’s “Personal” certificate store. 
  2. The certificate has a corresponding private key. 
  3. The "Enhanced Key Usage" extension has a value of either "Server Authentication" or "Remote Desktop Authentication" (1.3.6.1.4.1.311.54.1.2). Certificates with no "Enhanced Key Usage" extension can be used as well. 
  More information.
  Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
  http://blogs.technet.com/b/askperf/archive/2014/01/24/certificate-requirements-for-windows-2008-r2-and-windows-2012-remote-desktop-services.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support