Server proxy - mandatory on Gateway Servers?
Can anyone confirm on this? Whether we should have the
server proxy enabled on the “Gateway Servers” as this act as proxy for other systems connecting through the gateway server..??
SCOM 2012 SP1
I don't see this is as a mandatory setting where we have this enabled in the Management servers..but there is no clear cut confirmation or answer on whther we should have this enabled againt the gateway servers. We have gateway
servers in DMZ and in other regions.
Since the MP which needs proxying – such as AD, cluster have agents which are spread across our gateway servers too..Just my thought of having it in gateway servers too…..but again ‘if Agent proxying’ is enabled on the agents
then I think that should be fine and it doesn’t need the server proxying on the gateway servers…this is sort of confusing for me, sorry, can someone please confirm on this.
Thanks,
Nirmal
Thanks Roger..
That sounds like a convincing one..as you said gateway just pass through the data to the MS. And I also believe it is only required when gateway serve some special purpose - especially if it runs some workflows which requires agent proxying - like the
gateway server itself is a cluster resource or hold a DC or exchange role which is a remote possibility...
Thanks,
Nirmal
Similar Messages
-
Hi,
I am working on ABAP (server)Proxy scenario. My servers are SAP PI 7.1 EHP1 and SAP ECC 6.0 running on HP-UX. I have gone through the Configuration steps for Proxy scenarios document. In that I found I need to create LCRSAPRFC and SAPSLDAPI RFC connections in ECC system and maintain the Program ID which is maintained in the J2ee Engine of ECC server.
But my issue is - ECC system is running on only ABAP Engine.
1. Can I configure Proxies with ECC systems which are running on only ABAP engines?
2. I have ignored LCRSAPRFC and SAPSLDAPI steps and completed other configurations. I am able to see SWCV and Message Interfaces created in PI in ECC (SPROXY Transaction). Does this mean that I can ignore these 2 RFCs and go ahead with Proxy configurations?
Thank you.>>I have ignored LCRSAPRFC and SAPSLDAPI steps and completed other configurations. I am able to see SWCV and Message Interfaces created in PI in ECC (SPROXY Transaction). Does this mean that I can ignore these 2 RFCs and go ahead with Proxy configurations?
Why we need SM59 destinations SAPSLDAPI and LCRSAPRFC (on ECC) :
LCRSAPRFC reads the exchange profile,
SAPSLDAPI is used by the ABAP API. Maintain the destinations as type T destinations to the registered server program with the program ID SAPSLDAPI. The program ID corresponds to the SLD data bridge.
When using the destinations, the back-end system uses the parameters maintained in transaction SLDAPICUST.
thanks
BJagdishwar -
My iPhone gets a "web server proxy error" connecting to wifi @ home
Ever since installing Comcast Xfinity with Motorola SB6121 and Apple Extreme 5th generation, my iPhone 4 gets a web server proxy error or similar message for any apps seeking to go online. My iPod Touch 3rd generation works as does my MacBook Pro.
I've reset the router, harangued Comcast (no help - it's your phone, sir), rebooted the iPhone, checked all my settings (VPN - what's that? it's not connected), Proxy in the VPN settings is set to off. The phone will show the signal and it will check Apple Mail but Safari, Google APP anything needing web access will either hang or give the proxy error message. Apple Customer Care said call Comcast, Comcast said call Apple & I'm surprised to find little help on the web.
Here's what I found to work on a MacForum sight from 2 years ago.
1.
Settings->WiFi->under choose a network, click the blue arrow (on the right of the network nameyou use)->DHCP
*now check the IP address with the one on your iPod Touch or computer to see if they are in sequence
*scroll down to HTTP Proxy & make sure it is off
-> renew lease may work
It was the making sure the IP address was correct/in sequence which I moved to the STATIC tab and input all the same information (use a screen shot to remember it - home button and on/off button at the same time, it will store in your pictures folder) and give that a shot.
The problem appears to be where multiple machines or devices are using the same router. The iPhone 3GS assigned an IP Address in order of preference, therefore 192.175.1.1 and then 192.175.1.2 etc. The iPhone 4 will assign a strange IP address which the router will not accept. You therefore need to look at the other devices linked and see what number is next in the sequence. Then go to static on the top tab and type in the IP adress manually followed by the Subnet mask, router and DNS details. Once you have completed the info press the DHCP button and HTTP Proxy as off - this is important.
2.
This is how i fixed the wifi problem...(i used my mac)
So basicly I created a new WiFi hotspot on my iMac, then I connected my iphone to it and it WORKS!
1. open System Preferences (Apple -> System Preferences) and click Sharing.
2. select Internet Sharing at the left side.
3. Then check off AirPort.
4. Then creat a newtwork name, and password
5. VOILA! look at the Wifi connections on your iPhone and it should be there!
(IF YOU HAD ANY PROBLEMS GO TO THIS LINK..
http://maketecheasier.com/create-wif...s-x/2009/10/20
THIS SITE SHOWS YOU HOW TO SET IT UP)
3.
reset Network
Same problem, but none of the above worked for me. Finally went to Settings/ General/ Reset/ Reset network settings. Saw this in a different thread.
Hope these help.
Cheers,
csThis has solved loads of people who have this issue and have used an alternate DNS setting. Below are instructions for both iPhone OTA and on you Mac
If you are getting the error message "Unable to check for update" when you try an OTA (over the air update)
Change DNS Servers
Settings -> Wi-Fi
Click the blue arrow on your connected network
Delete everything in DNS and replace it with 208.67.222.222, 208.67.220.220
Try again
If this works, you will probably want to remove the WiFi network using "Forget This Network" and then reconnect to it to get your original DNS servers back. Alternatively, make a note of the original DNS servers before deleting them and replace it after you are done.
If you are getting the error message "Unable to check for update" when you try through iTunes
On your Mac
Choose Apple menu > System Preferences, and then click Network.
Select the network connection service you want to use (such as Wi-Fi or Ethernet, unless you named it something else) from the list, and then click Advanced.
Click DNS, and then click Add at the bottom of the DNS Servers list. Enter the IPv4 address for the DNS server.
You can use OpenDNS
208.67.222.222
208.67.220.220
or
You can Google Public DNS if you want
8.8.8.8
8.8.4.4
I have actually repointed my routers DNS so all my devices now point to OpenDNS servers -
Remote Desktop Connection Client 9.3.9600 unable to connect to Server 2012 RDS via Gateway
Hi,
I have a Windows Sever 2012 R2 RDS environment with two Gateways servers configured in high availability mode (RD Web Access, RD Gateway, RD Connection Broker roles installed) and four Windows Server 2012 R2 RDS Session Hosts. The servers are all running
the most recent public server updates. With this configuration I when connecting externally using a Windows 7 computer with the older Remote Desktop Connection client (6.1.7601) I am able to connect without any problems however when I try connecting with a
newer client from a computer running Windows 8.1 and the 9.3.9600 client I am unable to connect.
At the moment a NAT rule is configured to pass 80/443 traffic to only one of the RDS gateway servers, I've removed our load balancer from the configuration for the moment to reduce the complexity.
No error is generated by the client when it tries to connect it just stops trying to connect after a while.
On the Gateways servers event logs for
Things I have looked into so far.
- I've double and triple checked the RDS configuration and checked it against one of my other clients configurations that is working and they are identical.
- Connecting from an older client version works fine.
I'm not sure what else can be checked does anyone have any ideas?Hi,
1. What entries are you seeing in the RD Gateway's log? Event Viewer\ Applications and Services Logs\ Microsoft\ Windows\ TerminalServices-Gateway
2. How come you are not forwarding UDP port 3391 in addition to TCP port 443? It should work without UDP, but you will not have UDP support which is one of the benefits of RDP 8.0/8.1.
3. Are there any non-default group policy settings being applied to the servers and/or client PCs? To be clear, I'm asking if any changes have been made to the default local and domain security policies, group policy objects, new GPOs that may have
been added, etc., that are applicable to the servers and or client PCs.
-TP -
System Center 2012 Gateway servers capabilities
We're looking into using System Center Operations manage and I have a couple of questions.. We have a number of environments that will need gateway servers. Can gateway servers be configured to send email notifications via an SMTP server or do all alerts
come from management servers? Also, can a gatway server be behind a NAT?
Thanks
LesGateway servers are used to enable agent-management of computers that are outside the Kerberos trust boundary of management groups, such as in a domain that is not trusted. And can be used to managed agent, generate Alerts and can be behind NAT. but you
won't need NAT because it's only need port 5723,
Also check below links
http://technet.microsoft.com/en-us/library/hh212823.aspx
http://technet.microsoft.com/en-us/library/hh456447.aspx
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
Mai Ali | My blog: Technical | Twitter:
Mai Ali -
Is server authentication mandatory for using SSL?
Is server authentication mandatory for using SSL sockets, or is there a way around it?
In other words, how can I take advantage of SSL sockets without dealing with any kind of certificates? Do I have any other options?Ok folks, I found my answer.Here�s the deal.
Here are some helpful sites: I hope they will also help you understand this topic better and make your life little easier.
//====================================
http://www.onjava.com/pub/a/onjava/2001/05/03/java_security.html
http://www-105.ibm.com/developerworks/education.nsf/java-onlinecourse-bytitle/96B42A25DD270CA886256BAA006351B4?OpenDocument
http://www.ddj.com/documents/s=870/ddj0102a/rl1
//====================================
Neither Server nor Client authentication is mandatory. However, if you don�t use proper ciphersuite (that doesn�t require any authentication), the connection will die so to avoid this problem, you need to enable those ciphersuites manually. Read on.
In most modes, SSL encrypts data being sent between client and server and also provides (optional) peer authentication.
These kinds of protection are specified by a "cipher suite", which is a combination of cryptographic algorithms used by a given SSL connection. During the negotiation process, the two endpoints must agree on a ciphersuite that is available in both environments. If there is no such suite in common, no SSL connection can be established, and no data can be exchanged.
The cipher suite used is established by a negotiation process called "handshaking".
There are two groups of cipher suites which you will need to know about when managing cipher suites:
� Supported cipher suites: all the suites which are supported by the SSL implementation. This list is reported using getSupportedCipherSuites.
� Enabled cipher suites, which may be fewer than the full set of supported suites.
This group is set using the setEnabledCipherSuites method, and queried using the getEnabledCipherSuites method. Initially, a default set of cipher suites will be enabled on a new socket that represents the minimum suggested configuration.
Implementation defaults require that only cipher suites which authenticate servers and provide confidentiality be enabled by default. Only if both sides explicitly agree to unauthenticated and/or non-private (unencrypted) communications will such a ciphersuite be selected.
When SSLSockets are first created, no handshaking is done so that applications may first set their communication preferences: what cipher suites to use, whether the socket should be in client or server mode, etc. However, security is always provided by the time that application data is sent over the connection.
The suite is chosen based upon the credentials that each side possesses and suites that each side supports. For example, a server can�t support an RSA cipher suite unless it has an available RSA private key.
The client and server must support at least one common cipher suite in order to communicate; if they both support multiple ciphers, the strongest available suite will be chosen.
The strings are part of the SSL specification and are defined as:
SSL_<key exchange algorithm>with<encryption algorithm>_<hash algorithm>
When a number appears in the encryption algorithm, it refers to the key strength of the encryption: higher numbers are more secure.
setEnabledCipherSuites(String[] suites) method controls which particular cipher suites are enabled for use on this connection.
� The cipher suites must have been listed by getSupportedCipherSuites() as being supported.
� Even if a suite has been enabled, it might never be used if no peer supports it, or the requisite certificates (and private keys) are not available.
getSupportedProtocols(): Returns the names of the protocols which could be enabled for use on an SSL connection.
setEnabledCipherSuites(String[] suites): Controls which particular cipher suites are enabled for use on this connection.
Let me give you some code that will help you understand little better.
One is Client.java for the client and the other one is Server.java for the server.
Compile and run them in two separate consoles.
( By the way, I assume that you have properly installed JSSE on your system.)
//===== Client.java: ===================================================
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class Client
public static void main(String[] args)
(new Client()).doIt();
}//end main
private void doIt()
int port = 3333;
String host = "localhost";
/* String[] enable = {"SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_DH_anon_WITH_DES_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"};
*/ try
SSLSocketFactory sslFact =
(SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket s =
(SSLSocket)sslFact.createSocket(host, port);
//String[] suites;
//Get all the default CipherSuites
System.out.println("\n*** Default CipherSuites ***\n");
String [] defaultSuites=sslFact.getDefaultCipherSuites();
for(int i = 0; i<defaultSuites.length; i++)
System.out.println("["+i+"] Default CipherSuite ="+defaultSuites);
//Get all the supported CipherSuites
System.out.println("*** ================= ***");
System.out.println("\n*** CipherSuites Enabled by default ***\n");
String [] enabledSuites=s.getEnabledCipherSuites();
for(int i = 0; i<enabledSuites.length; i++)
System.out.println("["+i+"] Enabled CipherSuite="+enabledSuites[i]);
System.out.println("*** ================= ***\n");
System.out.println("***\n Supported CipherSuites ***\n");
String [] supportedSuites=sslFact.getSupportedCipherSuites();
for(int i = 0; i<supportedSuites.length; i++)
System.out.println("["+i+"]Enabled Supported CipherSuite ="+supportedSuites[i]);
//Get all enabled CipherSuites
System.out.println("*** ================= ***\n");
System.out.println("\n*** Old and Newly enabled Anonymous CipherSuites ***\n");
//s.setEnabledCipherSuites(enable);
//Enable all supported CipherSuites
s.setEnabledCipherSuites(supportedSuites);
String [] suites=s.getEnabledCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println("["+i+"] Newly enabled Anonymous CipherSuites="+suites[i]);
System.out.println("*** ================= ***\n");
System.out.println(" The strongest available CipherSuite is chosen by the System.");
System.out.println(" But it has to be enabled first, otherwise it ignores it. ");
System.out.println("Currently Selected CipherSuite = "+s.getSession().getCipherSuite()+"\n");
System.out.println("*** ================= ***");
// Send messages to the server through
// the OutputStream
// Receive messages from the server
// through the InputStream
OutputStream out = s.getOutputStream();
InputStream in = s.getInputStream();
PrintWriter p = new PrintWriter(out);
p.println("Hi Buddy!");
p.println("Wanna have a beer?");
p.println("All right, let's have some.");
p.flush();
out.close();
in.close();
s.close();
catch (IOException e)
System.out.println(""+e);
}//end class
//===== Here's Server.java ==============================================
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class Server
public static void main(String[] args)
(new Server()).doIt();
}//end main
private void doIt()
int port = 3333;
SSLServerSocket ss;
String[] enable = {"SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_DH_anon_WITH_DES_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"};
try
SSLServerSocketFactory sslSrvFact =
(SSLServerSocketFactory)
SSLServerSocketFactory.getDefault();
//Get all the default CipherSuites
String [] suites=sslSrvFact.getDefaultCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". DEFAULT CIPHER SUITE="+suites[i]);
suites=sslSrvFact.getSupportedCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". SUPPORTED CIPHER SUITE="+suites[i]);
System.out.println("*** ================= ***");
ss =(SSLServerSocket)sslSrvFact.createServerSocket(port);
suites=ss.getEnabledCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". ENABLED CIPHER SUITE="+suites[i]);
ss.setEnabledCipherSuites(enable);
suites=ss.getEnabledCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". NEW ENABLED CIPHER SUITE="+suites[i]);
System.out.println("*** ================= ***");
SSLSocket c = (SSLSocket)ss.accept();
// ServerSocket ss = new ServerSocket(port);
// Socket c = ss.accept();
OutputStream out = c.getOutputStream();
InputStream in = c.getInputStream();
BufferedReader br = new BufferedReader(new InputStreamReader(in));
// Send messages to the client through
// the OutputStream
// Receive messages from the client
// through the InputStream
while(true)
// int i = in.read();
String inputString = br.readLine();
if(inputString != null)
System.out.println(inputString);
else
out.close();
in.close();
c.close();
ss.close();
catch (IOException e)
System.out.println(""+e);
}//end class
//========= Good Luck! =================== -
Multiple Gateways servers - any issues?
I am being asked to monitor multiple untrusted domains through gateway servers. We already have one gateway server setup, are there any issues I should beware of when setting up a second or third one for different domains? Do they all talk back through
port 5723 happliy without any contention?Not really - the individual servers can become the bottle-neck should there be a large number of agents reporting to them but this would be for relatively large deployments. But in terms of contention you shouldn't have any problems, there's a good article
here which has details of the process (similar content
here as well) .
I'd also take a look at the SCOM sizing tool as this will give you some details on server spec, etc
http://blogs.technet.com/b/momteam/archive/2012/04/02/operations-manager-2012-sizing-helper-tool.aspx
Extract from the SCOM2012 deployment guide:
"Gateway servers are used to enable agent-management of computers that are outside the Kerberos trust boundary of management groups, such as in a domain that is not trusted. The gateway server acts as a concentration point for agent-to-management server
communication. Agents in domains that are not trusted communicate with the gateway server and the gateway server communicates with one or more management servers. Because communication between the gateway server and
the management servers occurs over only one port (TCP 5723), that port is the only one that has to be opened on any intervening firewalls to enable management of multiple agent-managed computers. Multiple gateway servers can be placed in a single domain so
that the agents can failover from one to the other if they lose communication with one of the gateway servers. Similarly, a single gateway server can be configured to failover between management servers so that no single point of failure exists in the
communication chain.
Because the gateway server resides in a domain that is not trusted by the domain that the management group is in, certificates must be used to establish each computer's identity, agent, gateway server, and management server. This arrangement satisfies
the requirement of Operations Manager for mutual authentication." -
Does a server proxy need XI comm channel?
In a scenario where file-> XI ->R/3, if I want to use serve proxy, then is that mandatory that I need to use XI communication channel?
Thanks
KKHi KK,
In server proxies xi pipeline sends request to these proxies. The XI adapter that we actually use acts like the pipeline through which we send the request.
We generally use XI Adapter to communicate to SAP System when the SAP System is implementing proxies.So irrespective of weather we are trying a client or server proxies we need to use a XI Adapter.
Please go through the information provided in the blogs below which explains clearly the Scenario you want to try.
<a href="/people/ravikumar.allampallam/blog/2005/03/14/abap-proxies-in-xiclient-proxy Proxies in XI</a>
<a href="/people/siva.maranani/blog/2005/04/03/abap-server-proxies Server Proxies</a>
<a href="/people/prateek.shah/blog/2005/06/14/file-to-r3-via-abap-proxy to R/3 via ABAP Proxy</a>
I hope it helps.....
Regards,
Abhy -
How to configure ARR to Reverse Proxy to RD Gateway
We have an ARR server in the DMZ working fine providing reverse proxy for our internal Exchange Server 2013 environment and I've tried to create rules to allow access to the internal RD Gateway as well but when testing from an external client it never connects.
Does anyone have any configuration notes for how ARR should be configured to allow reverse proxy of RD Gateway?
Cheers for now
RussellHi,
I think you can refer this below article might get some insight from this case.
RD Gateway/RD Web Access & IIS Reverse Proxy/ARR
http://forums.iis.net/t/1210901.aspx?RD+Gateway+RD+Web+Access+IIS+Reverse+Proxy+ARR
Apart seem this as the configurations need to be done in IIS side, I would like to suggest you post the question in our IIS forum for further assistance.
http://forums.iis.net/
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Reverse Proxy behind a gateway
hi ,
I want to put a reverse Proxy behind the gateway. All the access Manager and the portal are behind the reverse proxy.Kindly, send me some steps on how to configure gateway to achieve this deployment.
thanks in advance
dhawanmayurHi ,
Below steps might help you.
Edit Platform.conf file of the gateway and set the following properties as follows
* gateway.enable.accelerator = true
* gateway.enable.customURl = true
* Append the reverse-proxy server hostname to the gateway.virtualhost property
* gateway.httpsurl = https://<reverse-porxy-host>:<reverse-proxy-host-no>/
Note: Don't miss the Fwd slash "/" at the end of the portNo: in https://hostname.india.sun.com:500/ <--
After that you might have to do URL mapping on the reverse proxy that you are using. -
SCOM 2012 Gateway servers certificates
Hi,
We have 2 datacenters in different location but in same forest and no firewall exist and with full trust. we have one management servers in one datacenter and we are planning to deploy gateway servers in another another datacenter due to bandwidth
issue between datacenters. Do we need to have PKI or certificates to deploy gateway servers if management server is in same forest but different domain with full trust and no firewall.
Regards,
BunnyHi,
If there is a full trust between the domains there is no need for certificates to enable connection between GW and MS.
You could also refer to this TechNet article:
http://technet.microsoft.com/en-us/library/hh212823.aspx
Cheers,
Christoph
Blog: http://blog.cmaresch.at/ Twitter:
LinkedIn:
XING:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
UNIX monitoring( different domain) using gateway servers
we have a gateway server to monitor the windows servers in a domain(a.abc.com) . Can we use the same gateway server to monitor unix servers in that domain(b.abc.com) .Provide any document......If so how many agents (windows,linux mixed ) can my gateway
server withstand ?Thanks a lot .
I enabled the port ..All the results are same except now telnet from GW to LINUX on 1270 is also fine .
On discovering from SCOM I get
The WinRM client cannot complete the operation within the time specified. Check if the machine name is valid and is reachable over the network and firewall exception for Windows Remote Management service is enabled.
It is possible that:
1. The destination computer is unreachable (because it is down, or due to a firewall issue).
2. The destination certificate is signed by another certificate authority not trusted by the management server.
3. The destination has an invalid certificate, e.g., its common name (CN) does not match the fully qualified domain name (FQDN) used for the connection.
4. The servers in the resource pool have not been configured to trust certificates signed by other servers in the pool.
( I added GW in my resource pool) -
Internal table in ABAP Server Proxy
Hi Experts,
I have developed a JDBC to ABAP Proxy scenario.
I have a problem. In my ABAP server proxy I have to import the values into an internal table and pass them to a BAPI for GR creation.
I get an error like. OCCURS 0 is not allowed in OO concept.
Can anyone give me examples on declaring internal table in an ABAP Proxy(OO Concept).
Thanks
AKHi
Check this out.
http://help.sap.com/saphelp_nw70/helpdata/EN/fc/eb3660358411d1829f0000e829fbfe/frameset.htm
Cheers -
Hi All,
I have two domains, prod.local and test.local. On prod.local, I have a license server living on the connection broker. I have created a two way trust between the domains so that the RDS instance on test.local can use the license server on prod.local.
When I first setup the RDS instance on test.local and point it to use the license server on prod.local everything appears to work, all servers recognize the license server.
However when I log off and back on, and click the RDS dashboard in test.local, the Remote Desktop Services overview states I need to add every server from prod.local to the server pool. This is bothersome because the Remote Desktop Services on test.local
is still functioning, but I am no longer able to manage it. When I add the servers from prod.local to the server pool I am displayed the setup for prod.local instead of test.local
Is there a way around this? Can I use the same RDS license server key multiple times?
tldr: Using a different domain's license server causes my RDS instance in Server Manager to display the wrong RDS farm.Hi Nathan,
Thank you for posting in Windows Server forum.
Please check the required ports must be opened on firewall.
- To issue RDS Per User CALs to users in other domains, there must be a two-way trust between the domains, and the license server must be a member of the Terminal Server License Servers group in those domains.
- To restrict the issuance of RDS CALs, you can add RDS Host Servers into Terminal Server Computers group on RDS Licensing servers.
- Configure RDS licensing server on all RDS Host Servers in each domain/forest. You can do it through RDS host configuration snap-in or through a group policy.
- Add administrators group of each domain/forest in the local administrators of RDS licensing server. This way, you’ll not get a prompt to enter your credentials when you’ll open RDS host configuration snap-ins in trusted domains/forests.
More information:
Best practices for setting up Remote Desktop Licensing (Terminal Server Licensing) across Active Directory Domains/Forests or Workgroup
http://support.microsoft.com/kb/2473823
Hope it helps!
Thanks.
Dharmesh Solanki -
How to configure single web server instance to multiple application servers..
Hi all,
we are running single instance of IWS6.0 SP2 on solaris, we want to comfigure this single instance to multiple application servers(JRun). Can any one advise me whether it is possible to do.
Thanks
RajHi Raj,
"how to configure single web server instance to multiple application servers.."
It's not possible for setting up multiple applicataion servers for Single iWS instance.
Thanks,
Dakshin.
Maybe you are looking for
-
Word crashes when trying to open exported files from Acrobat.
Hey. Im realy confused about this problem, I cant figure out if it a word problem or if it`s in Acrobat. When I try to open files in word that i have exported from pdf, word just hangs and goes in to "Not responding". I have tryed to uninstall office
-
"Clicking" noise from CD Drive on 12"Powerbook
My 12" Powerbook makes a horrible "clicking" noise when a insert a CD or DVD. After a few seconds the CD or DVD is ejected. This is pretty sudden thing as it was fine one day and now this. Can anyone tell me what may be causing this, or how to fix it
-
I downloaded a TV series and all the episodes show "downloaded" and when I go to play them in iTunes on my laptop, the screen is black and it wont play. I made sure I have the latest version of iTunes. I have no problem playing them on my iPad. This
-
CA Server and GET VPN Key Server
Hi, Can I have an IOS CA Server and a GET VPN Key Server working in the same ISR G2? Thanks Emanuel
-
Hi guys, I backed up my phone on i cloud and now I am trying to set up my new Iphone 5 from the i cloud. I have got all my data and some very important numbers in the last back up. Now when I try to back up from the i cloud it is saying back up incom