I believe in Hyper-V!

TMGCategory Archives

Unable to Add…/Edit…/Delete Domain Controllers computer set on TMG/ISA

This blog post isn’t related to my expertise (Virtualization), but I had this problem and want share with you!

In my domain I installed two new WS2012 domain controllers and wanted to add to the Domain Controllers under Computer Sets folder on TMG in my primary site and on ISA 2006 in my branch office. When I opened Domain Controller properties buttons Add… Edit… and Delete were dimmed.

16a

So, what to do? Follow the pictures below and you will see how to resolve that issue…

– Launch ADSI Edit from TMG Server

– Connect to localhost on port 2171 [localhost:2171] and Naming context CN=FPC2

2

– Expand CN=FPC2—>CN=Array-Root—>CN=Arrays—>CN={xxxxxxx-xxxxx-xxxx}*—>CN=RuleElements —>CN=ComputerSets

4

How to find right entry? Expand CN=ComputerSets, on the each entry open Properties until you find the right: Domain Controllers in domain in which the TMG/ISA Server is a member.

Like in the picture below.

 5a

At the same Attribute Editor mark msFPCPredefined, click on Edit and from TRUE change to FALSE.

5

Now you can Add… Edit… or Delete domain controllers as you wish.

6

Enjoy in day!

Romeo

Configure Self Service Portal with HTTPS!

In this post i would like to explain how to configure Virtual Machine Manager Self Service Portal to use HTTPS.

If your users need to use many virtual machines or if they need to manage, maintain than the best solution is to use Self Service Portal. Self Service Portal is a part of Virtual Machine Manager product. The Self Service Portal is an extensible web-based application that provides virtual machine self-service provisioning functions to groups within an organization. The SSP installation is very simple but when you need more secure access to your SSP you need to use HTTPS, specially if you use external access.

In this scenario I’ll use Microsoft System Center Virtual Machine Manager 2012 and Microsoft Threat Management Gateway 2010.

Step 1.

You need DNS entry for SSP. Something like myssppotal.domain.com. If you can manage your DNS records do it personally, or if you can’t ask your hosting provider to do it for you.

5

Step 2.

For HTTPS you need certificate. Request certificate from your Certification Authority server. The certificate must have the same name like your DNS entry “mysspportal.domain.com”

6

Step 3.

Open your IIS, go to Microsoft System Center Virtual Machine Manager Self-Service Portal (x64) site open Bindings and Add https, assing certificate and chose ssl port. Default port is 443, but you can to use some other port.

7

 

Step 4.

Open your TMG Management Console, create new Web Listener, assign a issued certificate and create new Firewall Policy rule for your Self-Service Portal.

8

9

 

Step 5.

When you are done open you SSP from outside.

ssp_link
1
10

Now you have https access to your Self-Service Portal site and you can create, manage and do it what you want with your virtual machines.

That’s it!