Posts Tagged ‘ms’

Deploying wildcard SSL certificate for VMware Horizon 6

Friday, February 6th, 2015

Quick notes on how to deploy a wildcard SSL certificate with VMware Horizon 6 setup. In my case there is one Connection server and one Security server, both running Windows 2012 R2 Server OS. We also own a wildcard certificate covering our public domain, say domain.org.

(more…)

SharePoint 2010 with OpenLDAP authentication

Wednesday, July 18th, 2012

A relevant piece from web.config that worked for me allowing SharePoint 2010 authenticate against OpenLDAP. OpenLDAP is powered by Ubuntu 10.04.2 LTS (lucid) and OpenLDAP 2.4.21 (installed from packages).

  1. <membership>
  2.   <providers>
  3.   <add name="membership"
  4.     type="Microsoft.Office.Server.Security.LDAPMembershipProvider,Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral,PublicKeyToken=71e9bce111e9429c"
  5.     server="ldaps.domain.org"
  6.     port="636"
  7.     useSSL="true"
  8.     connectionUsername="cn=agentname,ou=Agents,dc=domain,dc=org"
  9.     connectionPassword= "xxxxxxxxx"
  10.     useDNAttribute="false"
  11.     userNameAttribute="uid"
  12.     userContainer="ou=People,dc=domain,dc=org"
  13.     userObjectClass="person"
  14.     userFilter="(objectClass=person)"
  15.     scope="Subtree"
  16.     otherRequiredUserAttributes="uid,cn" />
  17.   </providers>
  18. </membership>

Three points to mention:

1. As you can see I’m using SSL — make sure to import your certificates through mmc.

2. agentname is allowed to search ‘ou=People,dc=domain,dc=org’. In ACL language:

  1.  access to dn.subtree="ou=People,dc=domain,dc=org"
  2.     by dn.regex="cn=(.*),ou=Agents,dc=domain,dc=org" read
  3.     by * none

3. I had to enable ‘allow bind_v2’ in slapd.conf to allow agentname to query OpenLDAP, otherwise I was getting ‘historical protocol version requested, use LDAPv3 instead‘.

All in all it was a hell of an exercise!

How to disable autorun in Windows XP

Wednesday, July 2nd, 2008

With all these nasty worms going wild nowadays disabling autorun becomes a must-have decision. It’s all mainly because of USB flash drives getting infected with bunch of stuff. Not a big deal for office environment because no one should have administrative rights, however, in a home environment, where PCs are usually shipped with admin rights granted by default, people get into a mess almost immediately. Anyways, here is what I do to disable autorun in AD environment.

(more…)

Dealing with Cannot delete file: Access is denied error

Wednesday, June 25th, 2008

This morning I’ve been fighting with “Cannot delete file: Access is denied” error under Vista Enterprise while trying to reinstall Adobe Acrobat 7.0 Professional. Don’t know what went wrong initially but activation get corrupted and Adobe was closing immediately after opening any pdf file. While trying to uninstall the package it failed to delete several dll files leaving Adobe half-removed. There was nothing wrong with permissions, nor I was able to trace by whom this dlls were locked. After googling and reading several similar cases on Adobe forum I came across to small piece of code which did the trick for me. The software is called Unlocker and it’s free. Try it – it worked for me, so I was finally able to delete and reinstall Adobe.