So I’ve run into this problem multiple times and ‘hacked’ my way around it various ways, but there is a better way that doesn’t require the use of certutil.exe or any other console utilities. This scenario applies under the following conditions:
- CA (Certificate Authority) Server is running on Windows Server 2008 R2
- Web Server is running on Windows Server 2008 R2
- Both servers are members of the same domain
- You want to use the Certificates snap-in
- You want to stay away from the console if you can
By default, you cannot generate a web server certificate request directly from your servers and you are presented with this screen based on the default Active Directory Enrollment Policy:
As you can see from the screenshot, most of the certificate templates are unavailable with the exception of the computer certificate template.
Continue reading Enable Web Server Certificate Requests On Windows Server 2008R2 CA Server
EDIT: 2011/04/14 – I’m working on another method of doing this since it appears that this only works sporadically or no longer works as written. I will update this post if I can figure out where the disconnect / issues are.
I’ve been experimenting with creating a good Windows Server 2008 R2 template for VMware vSphere 4 and wondered just how many times Microsoft would allow an activation on the same MSDN license key (Multiple Activation) for the OS. I often deploy multiple servers at a time and am always fearful of activating since I don’t want the key to be shut off. Typically I only run these servers for short periods of time so not activating is no big deal, however in longer running projects I often have no choice but to either activate or destroy and redeploy. With information that I’ve come across on the Internet, I’ve managed to consolidate a method that does not break the Windows Server 2008 activation, while still sysprep’ing and generating a new SID.
This process can be used for other virtualized environments as well I’m sure, but in this case I created it for VMware vSphere.
Continue reading Creating an Activated Windows Server 2008 R2 VMware Template using Microsoft Sysprep
Do it right the first time! 🙂
There’s quite a few posts on Team Foundation Server 2010 (TFS) and how to install and configure it, as well as a really good CHM file from Microsoft on the same topics, so I won’t go through duplicating what everyone else has done and will link to one at the bottom of this post. I’m writing this just to relay the experience I had with getting the product configured just the way I wanted it, or some facsimile thereof and some lessons learned.
After viewing some videos on YouTube of TFS, reading some of the Microsoft marketing material, and some of the posts on it, I decided to stand up TFS in my environment to see how well it works and to explore changes since the last version. Right now, the team I lead isn’t really using any ‘set’ collaborative product. We tend to work in small teams on projects so the need isn’t really there, though I’m sure the organization wouldn’t hurt. We’re currently using Subversion as our source repository and occasionally use MOSS or WSS to collaborate. Otherwise it’s phone calls and emails since we also tend to bounce around the country. Enough background, on to TFS installation…
After reading through a few blog posts and Microsoft’s documentation on how to install and configure TFS, I stood up a Windows Server 2008 R2 VM and installed SQL Server 2008. I was going with a single server install. I followed the documentation to the letter for a single server install, and everything worked out just fine. WONDERFUL! GREAT! So far…
Continue reading Team Foundation Server 2010 Installation Experiences and Lessons Learned
This is a quick post, or maybe not so quick, just to illustrate how to create and add records to a DNS zone on your own Windows Server with the DNS role configured. This server can be a domain controller with DNS installed or just a DNS server, it doesn’t make any difference.
A quick primer on DNS. DNS, or domain name servers (services), provides the ability for servers to access systems by name instead of IP address. Without DNS servers, we would all have to navigate the Internet by typing in IP addresses, like http://188.8.131.52. From reading this link, you’d have no idea where you were navigating to, but it just so happens that this is one of Google’s many public IP addresses. Try it.
Continue reading Creating and Managing a DNS Zone Using Windows Server + Quick DNS Primer
Have you tried rebooting?
I ran across an issue on Windows Server 2008 R2 but also found the issue to happen on Windows 7 installations.
Apparently this will be fixed in the R2 releases of SQL but since those aren’t available yet for the enterprise and similar versions, there’s a pretty simple fix. I found an article that references a few fixes that I’ll link to here in case the fix that I have doesn’t work.
The error states that “Invoke or BeginInvoke cannot be called on a control until the window handle has been created.”
Continue reading SQL Server 2008 Installer Fails on Windows 7 and Windows Server 2008 R2
As I’ve upgraded my lab environment to vSphere over the weekend, I’ve been running across the occasional VM that fails to allow me to upgrade it’s VMware Tools. This seems to be predominantly happening with my Windows Server 2008 VMs.
I’ve received various error messages including ‘can’t find vmware tools.msi’ looking at c:windowsinstallers, and messages stating that Installation cannnot continue because a previous version is installed, even though it had just been removed. FRUSTRATING! Fortunately, this isn’t the first time people are running across it and there’s a VMware KB article on how to address this.
Issues as noted on the VMware KB:
- Unable to upgrade existing VMware Tools
- Unable to upgrade existing installation of VMware Tools because the previous installation fails to be removed
- The uninstall feature of VMware Tools fails to complete, and finally
- Cannot uninstall VMware Tools.
All this boils down to ‘IT’S BROKE! HOW CAN I FIX IT!?’
Continue reading VMware Tools Fail During Upgrade / Uninstall
Here’s the scenario, I decided to try out Subversion as a source control repository on a Windows Server 2008 server, attached to a Win Server 2008 domain, with ISA Server forwarding HTTP traffic. After doing a little bit of research, I decided to give VisualSVN Server a try. If you don’t know it, it’s a very small footprint product produced by VisualSVN Limited, that installs Subversion and an Apache server, on Windows, to handle the HTTP connection to SVN (Subversion).
The product installed and configured very easily, ‘hats off’ to VisualSVN, and I was immediately able to connect to it from internal on my network. There are a few self-explanatory questions that are posed in the installation wizard. Tough things like where do you want to store your repositories. ;) (If you’re going to use a file share as a repository, make sure that you use the UNC and not a mapped drive.)
I’m amazed that I’ve come across yet another tech product that is actually behaving as advertised. Is it just me, or is that odd???
Not the fault of VisualSVN, I began to run into configuration issues when I tried to route the traffic through ISA Server.
Continue reading Windows Server 2008 and Subversion over HTTPS
This post picks up where the last post left off. In the last post, we created a Windows Server 2008 R2 Active Directory Domain Controller and stopped short of going on to add Certificate Services into the mix.
If you’re not sure if you need certificate services for your environment, it never hurts to have it available. It does not add much overhead so for development environments and small businesses you can consider adding the role to a DC (domain controller) as we are here. Certificate Services will allow you to issue certificates to your internal resources, use client/server certificates for authentication, and set up SSL enabled websites.
I believe best practice is, and I’m sure someone will correct me if I’m wrong, to set up an Enterprise Root CA (Certificate Authority), then set up one or more subordinate CA’s. You can then make your Root CA unavailable for access and have the subordinates handle all of the traffic without fear of compromising your Root CA. In this tutorial, we’ll just be installing and configuring a Root CA, but the process is basically the same for the subordinates.
Now that you’ve got some background information, onto the installation/configuration of Windows Server 2008 R2 Certificate Services.
In ‘Server Manager’, select Roles in the left pane, then Add Roles in the right pane. Place a check mark in the checkbox for Active Directory Certificate Services. Then click Next.
Continue reading Install Certificate Services on Windows Server 2008 R2
I posted a tutorial on creating a domain controller using Windows Server 2003, and decided to post an update that included step-by-step instructions for Windows Server 2008 R2. This should be the same for Windows Server 2008.
This is great for developers, testers, and anyone looking to learn Active Directory or deploy to a small network. If this is for a production deployment, you might want to bring in a professional to help you. There are many other things to consider, like ‘hardening’ your server and setting up Group Policy. Having an insecure or unprotected domain controller is inviting havoc on your network.
So without any further ado and in the immortal words of ‘Marv’, “Let’s get to it!”
In the Server Manager click on Add Roles.
Continue reading Build a Windows Server 2008 R2 Domain Controller