Configuring a Certificate for ADFS on Server 2012 R2

Similar Messages

• REMOTE DESKTOP SERVICES CLIENT ACCESS LICENSES FOR MICROSOFT WINDOWS SERVER 2012 STANDARD AND DATACENTER

  I am using a window 7 professional  service pack 1 and I purchase REMOTE DESKTOP SERVICES CLIENT ACCESS LICENSES FOR MICROSOFT WINDOWS SERVER 2012 STANDARD AND DATACENTER. but  the seller did not send me any installation CD or instruction
  on how to use it.
   Please how can I use it on my window 7 professional  service pack 1.
  Thank you.

  Though Bill is absolutely correct for most CALs, Remote Desktop Services does have its own special licensing server.  I haven't installed one on 2012, yet, but here is a step-by-step guide for 2008. 
  http://technet.microsoft.com/en-us/library/dd983943(v=ws.10).aspx
  Here is a lab guide for 2012 -
  http://technet.microsoft.com/en-us/library/jj134160.aspx
  But, the explanation of your environment begs the question - what are you trying to do?  You say you have a desktop OS and you are talking about Windows Server products.  In that light, your question does not make a lot of sense.
  . : | : . : | : . tim

• Akamai Download Error for Hyper-V Server 2012 R2

  I am trying to download the Eval for Hyper-V Server 2012 R2.
  I keep getting the same error message:
  Unable to save File
  Please try again to save to a different location.
  I have tried this on multiple computers and browsers, all with the same error.
  what am I doing wrong?

  Hi leomoed,
  Yes , it is always running in the background .
  Use the Download Manager for efficient installations, time-saving features, and automatic restarting if the download process is interrupted.
  http://msdn.microsoft.com/en-us/subscriptions/bb153537.aspx
  Best Regards,
  Elton Ji
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] .

• Looking for MS SQL Server(2012 or older versions) all commands

  HI,
  Looking for MS SQL Server(2012 or older versions) all commands, i.e., all available sql server commands.
  Is there any reference manual or MS KL to get all commands in SQL Server ?
  Thanks in advance

  Thanks for link
  Sean Gallardy and Jingyang Li.
  This is is not usefull for my requirement.
  What i am looking is..SQL Server commands  like examples... DDL/DML comands...create/alter
  Examples: Insert/update/delete,truncate.......etc
  Create database,create procedure.......etc
  Alter database,shutdown,drop,create....etc
  Looking for list of all commands in one place/doc in SQL Server.
  Thanks

• Configure Web console for existing "System center 2012 configuration manager R2"

  How to configure  Web console for existing "System center 2012 configuration manager R2"

  There is no web console in ConfigMgr 2012. If you want a web console you have to look at third-party products.
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Generating Self Signed Certificate for iPlanet Directory Server for testing

  Hi Experts,
  I am unable to find how to generate self signed certificate for iPlanet Directory Server for testing purpose. Actually what i mean is i want to connect to the iPlanet LDAP Server with LDAPS:// rather than LDAP:// for Secured LDAP Authentication. For this purpose How to create a Dummy Certificate to enable iPlanet Directory Server SSL. I searched in google but no help. Please provide me the solution how to test it.
  Thanks in Advance,
  Kalyan

  Here's one I did earlier.
  Refers to Solaris 10
  SSL Security
  add a new certificate that lasts for ten years (120 months).
  stop the instance:
  dsadm stop <instance>
  Remove DS from smf control:
  dsadm disable-service <instance>
  Change Certificate Database Password:
  dsadm set-flags <instance> cert-pwd-prompt=on
       Choose the new certificate database password:
       Confirm the new certificate database password:
  Certificate database password successfully updated.
  Restart the instance from the dscc:
  DSCC -> start <instance>
  Now add a new Certificate which lasts for ten years (120 months; -v 120):
  `cd <instance_path>`
  `certutil -S -d . -P slapd- -s "CN=<FQDN_server_name>" �n testcert �v 120 -t T,, -x`
       Enter Password or Pin for "NSS Certificate DB":
  Stop the Instance.
  On the DSCC Security -> Certificates tab:
       select option to "Do not Prompt for Password"
  Restart the instance.
  On the Security -> General tab, select the new certificate to use for ssl encryption
  Restart the instance
  Stop the instance
  Put DS back into smf control:
  dsadm enable-service <instance>
  Check the smf:
  svcs -a | grep ds
  # svcs -a|grep ds
  disabled Aug_16 svc:/application/sun/ds:default
  online Aug_16 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dscc6-dcc-ads
  online 17:04:28 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dsins1

• Unable to set (ssl) certificate on a SQL Server 2012 clustered instance

  Hello everyone!
  I'm trying to encrypt the SQL Server communication with SSL but I can't add the certificate in the configuration manager. I've found and tried a lot of different explaination but none of them worked. I'll described what I've done and hope someone will point
  out what I'm missing.
  Here is my situation:
  - SQL Server 2012 Enterprise Edition. Instance name = INSTANCE, FQDN =  SQINSTANCE.mydomain.com. The instance is running under a customized service account: mydomain\sql_sa
  - Two cluster nodes running Win Server 2008R2: NODE1.mydomain.com and NODE2.mydomain.com. Cluster itself is CLUSTER.mydomain.com
  What I've done:
  1) Asked the team in charge to generate a certificate issued to "SQINSTANCE.mydomain.com" with aliases to "NODE1.mydomain.com", "NODE2.mydomain.com" and "CLUSTER.mydomain.com". I get a certificate with "p7b"
  as extension
  2) Connect on "NODE2.mydomain.com" with account "mydomain\sql_sa". Opened MMC and added the certificate under "Personnal" folder. I tried to add it with "Current user" and "Local computer" settings. Saw both
  on internet since I use a specific service account
  3) Get the thumbprint of the certificate and add it under HKLM\Software\Microsoft\Microsoft SQL Server\MSSQL11.INSTANCE\MSSQLServer\SuperSocketNetLib\Certificate. (I triple checked to remove blanks or special characters)
  4) Reboot the node
  5) Open the SQL Server Configuration Manager, go to the network properties. Certificate does not appear in the list
  I tried to check with certutil and saw the certificate in the output. Some guys talked about some private key but I don't see this particularity in my situation. I tried to check if the certificate is valid and, according to the criterias, it is.
  Does anyone can help me with this?

  Hi,
  Are you sure you've got the certificate correct?  http://msdn.microsoft.com/en-us/library/ms191192.aspx
  To use encryption with a failover cluster, you must install the server certificate with the fully qualified DNS name of the virtual server
  on all nodes in the failover cluster. For example, if you have a two-node cluster, with nodes named test1.<your
  company>.com and test2.<your
  company>.com, and you have a virtual server named virtsql, you need to install a certificate for virtsql.<your
  company>.com on both nodes. You can set the value of the ForceEncryptionoption
  toYes
  In your case, shouldn't it be created for CLUSTER.mydomain.com?
  Thanks, Andrew
  My blog...

• Configuring Volume Shadow Copies in Windows Server 2012 R2 Core

  Hello,
  I have a File Server under Windows Server 2012 R2 Core under a Lab Environment, I am trying to configure the Volume Shadow Copy on it, I tried to remote to its Disk Management via Computer Management but couldn't find the configuration for it.
  Any Ideas?
  For God, and Country.

  Hi Sheen Lim,
  As far as I know we can use cmdlets to manage the volume shadow copy in server core but can not use the server manager remotely. You can refer the following third party article
  to enable the VSS.
  Configure Shadow Copies on Server Core
  http://blogs.msmvps.com/ad/blog/2008/08/12/configure-shadow-copies-on-server-core/
  I’m glad to be of help to you!
  *** This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these
  sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use
  of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet. ***
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• SNMP OID for DHCP on Server 2012

  We recently installed Server 2012 standard on one of our servers and were trying to keep a graph of DHCP lease use. Anyway the OIDs for DHCP in Server 2008 R2 started with "1.3.6.1.4.1.311.1.3.2.1.1". If I try to snmpwalk these same OIDs on the new Server
  2012 (We the DHCP server configured and active), I get:
  Error in packet.
  Reason: (genError) A general failure occured
  Failed object: SNMPv2-SMI::enterprises.311.1.3.2.1.1
  I'm using SNMPwalk and I've never had a problem with this before. Any idea what would cause this? Thanks!
  Thanks!

  I'm having the same issue. OIDs just don't work against a 2012 DHCP server. I can snmpwalk other OIDs, just not DHCP :(
  Firewall has been disabled (and there were already adequate snmp rules allowing the traffic). Since I can query other OIDs, I'm ruling out firewall.
  Has this info been removed in 2012?

• Hardware Requirements for a Windows Server 2012 Domain Controller.

  Hi,
  I have a secondary office with 10 users with a domain controller that has reached its end of life.  We like to upgrade the current hardware to serve as a domain controller and potentially as an onsite file server that will sync with head office during
  off peak business hours.
  Any recommendations for a low cost yet reliable hardware for the above solution ?

  Hi,
  Thanks for your post.
  I think you need to meet the requirement for upgrading to windows server 2012r2.
  http://technet.microsoft.com/en-us/library/hh994618.aspx#BKMK_SysReqs
  And you could refer to the following article about windows server 2012r2 domain controller configuration
  Building Your First Domain Controller on 2012 R2
  http://social.technet.microsoft.com/wiki/contents/articles/22622.building-your-first-domain-controller-on-2012-r2.aspx
  Regards.
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• ADFS 3 (Server 2012 R2) and Chrome

  Hello,
  I just recently installed ADFS v3 on a new Server 2012 R2 instance.  I have two ADFS servers in a farm, with 2 ADFS proxy servers, each using Windows Server Network Load Balancer.
  Currently, we are federating to Office 365 and everything seems to be working great for our Internet Explorer users, however people that use Chrome seem to be having multiple issues logging in.  We are seeing the following symptoms with chrome:
  1. Internally, Chrome users are not automatically logged in.  I have tried setting the executing the following command on the ADFS farm, but the issue still persists: Set-ADFSProperties -ExtendedProtectionTokenCheck "None"
  2. Users using chrome cannot sign in at all, both trying through the proxy and the internal ADFS server directly.  When entering mydomain\myusername or
  [email protected], my password, and hit Sign In, the page simply "refreshes" and does nothing.  I don't see any errors or warnings inside of event viewer on both the proxy or internal ADFS
  farm, so not quite sure what is happening.
  I have tried running the Office 365 Single Sign-On Test from
  https://testconnectivity.microsoft.com/ and everything comes back successful, so I think this is a direct issue with ADFS 3 and Chrome.
  Any ideas?
  Thanks in advance!

  I had the same issue - the only way I found around it was to turn off extended protection in IIS
  To turn Extended Protection off, on the AD FS server, launch IIS Manager, then, on the left side tree view, access Sites -> Default Web Site -> adfs -> lsclick the Authentication
  icon, then right-click Windows Authentication and select …On the Advanced Settings dialog, choose Off for Extended Protection
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  My Blog
  LinkedIn:
  This works for ADFS v2.0, but does not work for newer ADFS versions as Microsoft no longer provides the service through IIS.

• Can't configure Identity Synchronization for Windows through Server Console

  Hi everybody!
  I am trying to get Sun Java System Directory Server EE talking with Windows Active Directory buy my progress has come to a halt getting Identity Synchronization for Windows 6 configured and working. I would appreciate any hints!
  Here are the steps I have taken:
  1. I installed Directory Server Enterprise Edition 6.3.1 using native packages, no problems there (in terms of adding resources to directory, browsing them, etc).
  2. I installed the Message Queue (3.6 05Q1) that is bundled with the zip archive of DSEE
  3. I installed Identitty Synchronization for Windows (6), that is bundled with the zip archive of DSEE
  4. Logged into Sun Java System Server Console as per instructions after install.
  Here is where I am stuck!
  I logged in, but something is really weird! Here is what my structure looks like in the default view:
  domain name
  +Server
  ++Server Group [desc: Directory Server 6.0 /opt/SUNWdsee/ds6]
  ++Server Group (1) [var/mps/serverroot]
  +++Administration Server
  +++Identity Synchronization for Windows [details are totally blank... even icon is an empty blue square!]
  This is the second time I went through the process of installing all this stuff, I made sure to pay attention to the installation instructions as best as I could, but I am very new to Solaris and unfortunately am on an extremely tight deadline.
  I am suspecting the problem has something to do with ports or directories, but my knowledge of Solaris is not even at a level where I can troubleshoot this by myself. Even if you have some advice that seems stupid to you, please let me hear it! I am pretty stupid, I might benefit from it!!
  Please, if anyone has any hints or suggestions, I would love to hear them. Like I said, I configured all this while following the installation guides, but I am worried I missed something or misunderstood something.
  Thanks in advance,
  Al
  Edited by: newtmonkey on May 25, 2009 2:05 AM

  Hello wlier, thanks for all your help with this! I really appreciate it.
  Reinstalled this whole thing, and at least I got everything under one server group... still can't access ISW though... it is listed in the leftside pane, but when I click on it the rightside pane goes completely blank.
  ~status of idsnyc is:
  -no connectors were found
  -System Manager Status: Started
  next step is "1. create an initial configuration using the product's console..."
  ~installed/configured everything as root
  ~no errors generated when I login to the console, but when I expand the hostname in the leftside pane I get the following error:
  Exception in thread "Thread-2" java.lang.UnsatisfiedLinkError: /usr/lib/mps/libjss4.so: ld.so.1: java: fatal: libnss3.so: open failed: No such file or directory
  at java.lang.ClassLoader$NativeLibrary.load(Native Method)
  at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1751)
  at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1676)
  at java.lang.Runtime.loadLibrary0(Runtime.java:822)
  at java.lang.System.loadLibrary(System.java:993)
  at org.mozilla.jss.CryptoManager.loadNativeLibraries(CryptoManager.java:1443)
  at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:912)
  at com.netscape.management.client.util.UtilConsoleGlobals.initJSS(Unknown Source)
  at com.netscape.management.client.util.UtilConsoleGlobals.getLDAPSSLSocketFactory(Unknown Source)
  at com.sun.directory.wps.ui.gui.view.PSWServer.<init>(PSWServer.java:71)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
  at java.lang.Class.newInstance0(Class.java:350)
  at java.lang.Class.newInstance(Class.java:303)
  at com.netscape.management.client.topology.ServerNode.createServerInstance(Unknown Source)
  at com.netscape.management.client.topology.ServerNode$ServerLoadThread.run(Unknown Source)
  ~If "run the Administration Server from the Server Group" means what I think it means, I can do that with no problem. I can double click on the Administration Server and configure various options, start/stop the server, etc.
  ~I just have one interface/hostname configured, and the Server Console shows the correct name
  It's like it's not making the connection to the ISW server (btw, it is listed as "isw-solaris1"... is this okay? "solaris1" is the hostname for this server). From what I understand after logging in to Server Console as Directory Manager, it should be asking me for a password to access ISW, but I don't any kind of login/password prompt.
  I should be logging in to Server Console on the port I configured during ISW installation, right? In my case, port 1390.
  We don't have a service plan and I doubt my company would want to spring the cash for it, so I'm pretty much stuck!!

• Help Configuring Transparent Gateway for Ms Sql Server

  I have Installed Oracle 9.2.0.1.0 with Transparent Gateway for Ms Sql Server.
  Followed the configuration furnished therein the Documents for Tnsnames.ora & Listener.ora.
  Connection to Sql Server 2000 is NOT SUCCESSFUL. Trace File contents from Tg4sql is furnished below :
  Oracle Corporation --- WEDNESDAY DEC 18 2002 22:32:50.625
  Heterogeneous Agent Release
  9.2.0.1.0
  HS Agent diagnosed error on initial communication,
  probable cause is an error in network administration
  Network error 2: NCR-00002: NCR: Invalid usage
  Note :- Sql Server & Oracle Server are on the same Machine running of Windows 2000 Server.
  Am i missing something !!!
  TIA

  Please guide me, would appreciate your suggestions to solve this heck....
  TIA

• SCCM 2012 R2 configure WSUS got error remote SQL Server 2012

  Hi All,
  I got question ask on when i want to configure the WSUS component it failed as per screenshot and my SCCM cant work with it.
  SCCM Server : Windows Server 2012 R2 (WSUS featured installed)
  SCCM Version: System Center Config Manager R2
  Remote SQL Server : Windows Server 2012 R2
  SQL Version: SQL Server 2012 SP1 -11.0.3153
  WSUS Error:
  SCCM Error:
  Hope you all can provide me a good solution on it I had no clue on this.
  Regards,
  Sam

  Sam,
  Recommend you 
  Remove SUP
  Remove WSUS role
  Delete the SUSDB on the remote SQL server
  Reboot the server
  Reinstall WSUS feature
  Reinstall SUP
  Take a look at my blog on installing a SUP on 2012 from the section 'Install WSUS on the remote SUP server'
  http://sccmentor.wordpress.com/2014/09/11/installing-a-remote-sup-in-sccm-2012-r2-on-windows-server-2012-r2/
  Make sure you run the Post Install tasks as well.
  Cheers
  Paul | sccmentor.wordpress.com

• Download Links Broken for english Sql Server 2012 Express

  Hi,
  it seems that the download links for Sql Server 2012 Express Edition is broken for the english version.
  None of the links on the microsoft download center works.
  I am able to download a german version from:
  http://www.microsoft.com/de-de/download/details.aspx?id=29062
  But changing the language to english results in a "We are sorry, the page you requested cannot be found."
  Take care,
  Martin

  Hello,
  I created the following Microsoft Connect item about this issue:
  https://connect.microsoft.com/SQLServer/feedbackdetail/view/958840/download-links-are-broken-for-sql-server-2012-express-and-sql-server-2008-r2-express
  Hope this helps.
  Regards,
  Alberto Morillo
  SQLCoffee.com