I’m working on a Presentation Server deployment project at the moment, and am deploying the servers with Windows PE 2.0 via Windows Deployment Services (WDS). I need to launch Windows Setup via WINNT32.EXE because the servers have two RAID sets and the client wants the user profiles on the second disk set. So before deploying the unattended setup to hardware, I’m testing the deployment in VMware Workstation. Unfortunately Windows PE 2.0 does not recognise the VMware network card out of the box, so I’ve had to create a custom WinPE image with the drivers in it. This is the first time I’ve done this with Windows PE 2.0 so there was a little trial and error. Here are the steps I completed to create my custom image:
Microsoft has posted what appears to be an updated document (version 1.1) from August 2005, Introduction to Server and Domain Isolation with Microsoft Windows. Server and Domain Isolation using IPSec is a great method for creating isolated networks to protect those networks from unwanted traffic. Domain isolation solves the problem where access to domain resources should only be from domain member computers. If you are considering implementing NAP with Windows Server “Longhorn”, you should be planning your domain isolation strategies now.
Did you know that WinZip have an MSI installer available for WinZip 10.0 and 11.0? Neither did I until I was reading through their FAQ pages today. What I don’t get though is it’s not the default download you get for the product, you have to go looking for it on this FAQ page: Download WinZip with 64-bit Shell Extension Support. I’d like to welcome WinZip to the 21st century - Windows Installer’s only been around since 1999..
Jason Conger has released Web Interface for Resource Manager 2.1. This couldn’t be more timely for me as I’m in the middle of a Presentation Server 4.0 implementation using Oracle 10g to host the data store and Resource Manager databases. Here’s what’s new in this release:
The November 13, World of NAP chat transcript is finally available on the TechNet site. Unfortunately I’m usually asleep when these chats and webcasts are live, so I missed out on taking part, but here are some highlight questions from the chat (edited slightly for readability):
If you implement SafeWord RemoteAccess with the agent software on a machine running Citrix Web Interface and use the Security Configuration Wizard (SCW) to lockdown the operating system, you may run into authentication issues.
In part 1 I discussed how I believe that proving identity should be your most important consideration when deciding to implement the Citrix Access Gateway or Secure Gateway for remote access. In this second part I want to discuss some of the features of both the Access Gateway (CAG) and the Secure Gateway (CSG) and how they compare.
We recently had client with a requirement to provide Outlook Web Access and Exchange over the Internet/Outlook Anywhere (RPC over HTTPS) access using a single IP address on ISA Server. The problem with making both of these services available on a single IP address is that both utilise HTTPS which by default is TCP 443. RPC over HTTPS with Outlook can’t use an alternate port - if you attempt to specify and alternate port Outlook UI you receive the following error:
