Search This Blog

Saturday, July 18, 2015

Trouble with ADFS Proxy Certificate update\renewal

We recently had to apply new certificates to an ADFS infrastructure. There are plenty of articles out there that detail how to do this, however we came an across and issue after the supposed successful replacement\install.

In general we followed this procedure

http://blogs.technet.com/b/tune_in_to_windows_intune/archive/2013/11/13/replace-certificates-on-adfs-3-0.aspx

However what we discovered was that the ADFS proxy server would not update the Certificate. The command to do it

Set-WebApplicationProxySslCertificate

would complete successfully.

When you run the

Get-WebApplicationProxySslCertificate

we were getting back no results. It did not error, just returned nothing.

We tried a number of things to fix this, all to no avail in the end.

Ultimately we had to remove the Web Application Role from the server and then re-add it again, and then step through the configuration wizard.

During the troubleshooting we found an 383 event in the event log, not sure if that is indicative of this problem, but I include here for future reference and comment

https://social.technet.microsoft.com/Forums/windowsserver/en-US/c0889fba-29ce-4215-8423-773c0c386f71/2012r2-web-application-proxy-adfs-error-event-383-corrupted-config-file?forum=winserverDS

Reference:

https://technet.microsoft.com/en-us/library/dn770156.aspx

http://blogs.msdn.com/b/javaller/archive/2014/06/18/why-isn-t-my-adfs-ssl-certificate-updating.aspx

http://www.scug.nl/infrastructure/part-2-update-active-directory-federation-services-3-0-web-application-proxy-ssl-certificates/

http://blogs.perficient.com/microsoft/2014/05/office-365-replacing-the-ssl-certificate-in-ad-fs-3-0/


Share/Bookmark

Friday, July 10, 2015

WLW 2012 and Blogger–Username \ Password Incorrect

Google have changed the login mechanisms to make them more secure, so with default settings in Google, WLW will not connect.

The only way to get WLW to connect is to enable “Allow less secure apps” in Google. It is unclear to me at this time (https://support.google.com/accounts/answer/6010255?hl=en-GB), what the real implications of turning on this setting are. However turning it on allowed WLW to connect.

The setting can be found in Google under My Account\Sign-in & Security

image_thumb[1]

My preference at the moment is to write these articles offline, enable the setting in google, publish the post and then disable the setting.

Related: http://mumblestiltskin.blogspot.com/2015/07/windows-live-writer-windows-10-and.html


Share/Bookmark

Windows Live Writer, Windows 10 and Blogger

OK, so I heard today that Scott Hanselman, tweeted in June that WLW may be released by Microsoft as open source.

I hope this is true, or that Microsoft updates it. Smile It’s a great tool, simple to use and does most things really really well.

Anyway I have been trying out Windows 10 in the fast ring, and was wondering whether it would run WLW.

I am currently using Build:10162.

WLW 2012, is part of the windows live essentials that is still available from Microsoft.

http://windows.microsoft.com/en-us/windows-live/essentials

When you run this you maybe prompted to install .Net 3.5, this is needed so allow it to do so.

Once the .Net installation is complete WLW 2012 will be installed.

That’s pretty much it, it worked straight away. Now I haven’t used WLW for a while, and I had trouble connecting to my blogger account, WLW kept complaining about username and password. I could log into blogger directly on the web using these details so I knew they were not incorrect. In the end, I tracked it down to a setting in my google account.

Google have changed the login mechanisms to make them more secure, so with default settings in Google WLW will not connect.

The only way to get WLW to connect is to enable “Allow less secure apps” in google. It is unclear to me at this time (https://support.google.com/accounts/answer/6010255?hl=en-GB), what the real implications of turning on this setting are. However turning it on allowed WLW to connect.

The setting can be found in google under My Account\Sign-in & Security

image

My preference at the moment is to write these articles offline, enable the setting in google, publish the post and then disable the setting.


Share/Bookmark

Thursday, July 09, 2015

Logging in Powershell - transcript

I come from a strong batch file background, and so to create logs whilst running batch files was just a matter of redirecting IO to a file.

As i migrate to powershell I discovered this was not as easy, maybe I am missing something, but anyway the closest I could find was the transcript command.

By running this command it would direct any output to a file.

Start-Transcript -path $scriptPath\psOutput_name.log


Once this command is run, any output generated that would normally be directed to the powershell command window will be directed to the transcript log.

You must stop the transcript at the end of the process, otherwise you will get errors the next time it runs.
Stop-Transcript


However I found issues if the script error-ed or was terminated with out the stop-transcript command having been run.

Therefore whilst I have a transcript command in each script, the first command is always a stop-transcript command. This may throw an error if a transcript is not running, but for me that is better than having no output logged.
Start-Transcript -path $scriptPath\psOutput_name.log Stop-Transcript


Share/Bookmark