FIM : Creating FIM Oracle MA(Management Agent), few important things.

I was working on a case, where Oracle MA was required to be created to sync Oracle DB’s identity data with FIM, so that it can be synced with other identity stores. Following link provides most of the information needed  http://social.technet.microsoft.com/wiki/contents/articles/18548.fim-2010-r2-how-to-make-a-connection-to-oracle-database-11g.aspx to connect to Oracle DB store. But there were few things, which I wanted to make sure everybody…

0

ActiveSync on some Smartphones(in this scenario Iphones) with client certificate authentication does not work, ActiveSync here is published through TMG

It appeared strange issue, when I worked on a case where out of all the users for only few Iphone users ActiveSync was not working, For other users including Iphone, windows phone and Andriod phones it was working. In this scenario client certificate authentication was implemented. Live Logs on TMG are so Awesome that they can…

0

UAG DA clients not able to connect using IPHTTPS intermittently.

Sometime back I worked on a case where UAG DA clients were not able to connect using IPHTTPS intermittently . In such  scenarios, we can get initial diagnostic information from DCA(direct access connectivity assistant) logs. So I collected this log at the time of issue and found following for the IPHTTPS interface. more on DCA (http://technet.microsoft.com/en-us/library/gg274289.aspx) netsh…

1

server hardening :server 2012

http://technet.microsoft.com/en-us/security/jj720323.aspx sharing the link with all my friends. As some of them asked for it.

1

TMG performance issues-another one in that series-maxconcurrentapi

This post is an addition to the series of posts that I have written on TMG/ISA performance issues. Every time I get a case on TMG performance issue, there is always some new twist to the scenario. But it always circles round few known root causes e.g. name resolution, authentication issues with authenticating servers, sometimes CPU spikes due to various reasons…


Delay in loading page of a website published through UAG

When we publish a website(including exchange services and share point services), UAG does lot of processing ,in fact parsing of the content and links in the pages ,when a user accesses  these pages through UAG. I came across a case, where we experienced delay after user logs in to the website and the page loads…


ISA/TMG memory Pool Depletion and performance issues.

I worked on a case recently where ISA server’s service was stopping and hanging intermittently and Administrator had to reboot it to get it to work again. As usual with such performance issues, We put the performance counters on the ISA server , Please refer to my blog post, for TMG, http://blogs.technet.com/b/sooraj-sec/archive/2013/01/07/tmg-performance-counters-template.aspx and for ISA server http://blogs.technet.com/b/sooraj-sec/archive/2010/09/12/isa-server-stops-responding-the-user-requests-and-its-required-to-reboot-the-isa-server-or-restart-the-firewall-service-scenario1.aspx. Ideally we…


getting error " 502 proxy error. The requested resource is in use. (170)." on the upstream proxy TMG servers

This one is about a case, where Admin had configured Two TMG 2010 upstream proxy servers and he had two TMG 2010 downstream proxy servers. Users started reporting that they intermittently get error ” 502 proxy error. The requested resource is in use. (170).” while accessing internet. At the time of issue, even if you try…


Generating netstat output and scenario based tracing using netsh when a specific event occurs in the eventlog-using Powershell

I was working on a case, where I needed to get netstat outpiut to understand certain connections  behavior and I needed to do that for a particular event in the event log. It was really difficult to get this output exactly at the time this event was occuring. So I started working on it in my lab. I…