Skip to content

Enterprise Mobility + Security

Too Much of a Good Thing

  A while back I wrote a blog post about setting up Kerberos constrained delegation. As a bit of an re-introduction, a lot of the value of the Kerberos authentication protocol is that it allows an application or service to impersonate a user in order to get resources on that users behalf. This impersonation is...

Read more

TS Gateway Certificates Part III: Connection Time Issues related to TS Gateway Certificates

This is the third and final part of our recent series on configuring certificates on TS Gateway. See also Part I and Part II Background TS clients authenticate TS Gateway server using server security certificates (X.509 format). TS Gateway passes the server security certificate to the clients during the SSL handshake process. During the SSL...

Read more

Scary Sounding Errors

We have a temporary role in CSS where support folks will help out in supporting prerelease (also known as beta) software.  I’ve worked a couple of Windows betas, and it’s a great experience.  I mention this since I remember a few years ago during the beta of a prior Windows release where there was an...

Read more

Introduction to TS Gateway Certificates

Why does TS Gateway need a certificate? A TS Gateway certificate is used for authentication and secure communication purposes by the TS clients. To appreciate the purpose of TS Gateway certificates, you will need to understand SSL communication. As illustrated in the following diagram and described in the steps below, a TS client launches an...

Read more

Name Hijacked, Bystander DC Hangs

I learn more about AD and other things every day, which is part of the fun of this job we do-learning about how things work. This story does a good job of lending some understanding to something that can be tough to understand-trust secure channels. This story begins with a customer contacting us regarding a...

Read more

Introducing Live Mesh Remote Desktop: Part 1

The Remote Desktop Protocol is an efficient and feature-rich protocol which we have invested in greatly over the years.   As such, we’ve worked to make RDP available not just in traditional Terminal Server scenarios, but also as a platform for additional products from Microsoft and third party ISV’s.  We are seeing the benefits of this...

Read more

Terminal Services renamed Remote Desktop Services at TechEd EMEA

Terminal Services was renamed to Remote Desktop Services reflecting the expanded role in Windows Server 2008 R2 to provide desktops and applications in the datacenter that users can access anywhere from managed or unmanaged devices.  Remote Desktop Services now includes VDI and session based desktops utilizing existing components such as RemoteApp and Desktop WebAccess or Remote...

Read more