Citrix have a private hotfix to address issues with the Access Gateway 4.2.3 experiencing a hang when changes are made to a Logon Point in Advanced Access Control. If you are experiencing the issue, give the good looking guys at Citrix Support a call. You will have to give them information about your setup and they should be able to give you the hotfix to test out. If you are experiencing the issue, why not share your experiences over at the Brian Madden forums.
Three months before Jay Tomlin started blogging and well before Citrite.org and CitrixCommunity.com popped up, Citrix France has been podcasting and blogging over at http://podcast.citrix.fr. It appears to be very much a marketing exercise rather than employees blogging about Citrix technologies and their experiences, but it’s interesting none the less. If you are like me and your French is limited to “Parlez-vous anglais?” you can view a Google translated version here.
Gene Ferioli, a Program Manager with the Customer Connection Team at Microsoft did a webcast back in September on NAP, which is available for download. I’ve just gotten around watching this webcast and it weighs in at 1h 8m. Here’s my rough notes on what it covers:
Microsoft Australia are hosting a TechNet session on Windows Server “Longhorn” and Exchange Server 2007 in Melbourne, Canberra, Brisbane and Sydney. The second part of the session is all about Network Access Protection:
If you are looking to integrate the Swivel PINsafe one time password (OTP) authentication system into Advanced Access Control 4.2 you’ll find that it’s not going to work out of the box. You will see the following authentication packet sequence once you have configured PINsafe as a RADIUS profile within AAC and attempt to authenticate:
Here’s an interesting new feature of Windows Vista that will be a help to shared computing environments such as public libraries or those still inflicted with Windows NT 4.0 domains - Multiple Local Group Policy.
In case you weren’t aware, Microsoft have a web forum for support and discussion around NAP. It’s a little sparse at the moment with only 13 topics but once Longhorn Server is released this forum should become more widely used.
Jeff Sigman, the NAP Release Manager at Microsoft, has posted a link to a webcast he did recently for MVPs, which is now available for general viewing. This is quite a long webcast (1h 40m) but it goes into detail about NAP and demonstrates using DHCP or IPSec as an enforcement tool for NAP. It’s well worth checking out if you have the time, but if you don’t, here’s my (really) rough notes to give you an overview of the content:
in Microsoft on Authentication, Outlook-web-access
Now that Microsoft have released ISA Server 2006, we have more authentication options available to us. This includes the ability to add two-factor authentication solutions to the existing forms based authentication, traditionally used to authentication against Active Directory only. I have a previous post on how to protect Outlook Web Access with RSA SecurID, which discusses using the RSA Web Agent with IIS and RSA SecurID authentication with ISA Server 2004, however both of those options are a little clunky. Now with ISA Server 2006, we have a more elegant solution that allows us to integrate RSA SecurID directly into the forms authentication method. Assuming ISA Server is a domain member, here’s how to do it.
