Customise Logon Point Source Files

Customising Logon points in Advanced Access Control is a fairly easy process. Customisation allows you to add a corporate look and feel to the user interface. However, removing and redeploying the Logon Point will remove all customisations - the Logon Point is just a bunch of HTML and graphic files. Here’s how to customise the source files so that redeployed and new Logon Points will already have your customisations.

Access Gateway CITRIX_ADMIN_MONITOR.EXE and Proxy Servers

If you run CITRIX_ADMIN_MONITOR.EXE and after you enter the username and password the Access Gateway does not display, this could be related to proxy settings in Internet Explorer. Even adding the address of the Access Gateway to the proxy bypass list does not solve the issue. Disable proxy settings in Internet Explorer and the Access Gateway desktop displays immediately. In our case we have ISA Server 2004 as our firewall. ISA Server does not allow protocols other than HTTP to be tunnelled over SSL by default and if you check the log files you will see the connection being denied. So the solution here is to either, disable proxy settings when using CITRIX_ADMIN_MONITOR or enable port 9001 to be tunnelled over SSL.

Download: System Center Configuration Manager (SMS) Network Access Protection Process Flow

System Center Configuration Manager (SMS4) will be able to act as a remediation server in a NAP environment, which we would expect of course. Given that, with 3rd party agents, SMS can support operating systems other than Windows, all you need is a NAP system health agent (SHA) for your OS of choice and you can support that OS in your NAP/SMS environment.

Access Gateway Advanced Edition Session Viewer

Advanced Access Control 4.5 includes a session viewer to enable the administrator to view logged in sessions, either directly to Advanced Access Control or view the Access Gateway (existing versions require you to connect to the Access Gateway desktop to view sessions). Click the link for a full view, note the copy button, this allows you to copy the details of the session to the clipboard.

Profile Changes in Windows Vista and Windows Server 2008 and beyond

Windows Vista and Windows Server 2008 introduce a number of new user profile paths and environment variables that differ from earlier versions of Windows and these changes may have an impact on scripts such as logon scripts and application install scripts. Most scripts should work correctly - VBScript scripts that use system functions to find folder paths should work as expected, however batch scripts that use environment variables or hard codes scripts will require modifications. Here’s a short run down of the changes.

WSUS Build Numbers

I’ve recently updated a few WSUS servers with WSUS SP1. The admin tool shows build numbers but does not state if the version is RTM or SP1. For reference these build numbers are: