Remote Web Access login page Redirect

LogoThis post comes courtesy of Susan Bradley, in that she highlighted the issue to me. In turn it was highlighted to her via TechSpeeder.

The issue is a relatively simple one, in previous versions of Essentials, visiting http://server or http://server.remotewebaccess.com it would automatically redirect you to the RWA Login page at /remote. In 2016 this is not occurring.

In 2012 R2 this behaviour is controlled via default.aspx in particular, this line.

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="Microsoft.WindowsServerSolutions.Web.RootSite._Default" %>

Looking at the Content of the Default Web Site in 2016, we can see the standard IIS InetPub wwwroot folder. This is odd because usually in Essentials that path has been updated to C:\Program Files\Windows Server\Bin\WebApps\Site.

Read more of this post

Windows Server 2012 Essentials : Media Streaming Problems?

Lumia 820I recently got myself a Nokia Lumia 820, and one of the benefits of having this Windows phone, (apart from looking like the coolest kid in school) is that i get to use the very funky My Server App. This App is nothing new of course, and SBS Essentials (and lest we forget, Home Server) also had similar Apps, very useful they are too, if like me, you are completely unable to function unless you have access to your server, from everywhere. The 2012 Era App has some differences over the 2011 version, but my post today is not really about the App itself. I was just using the App as a nice way to show off about my new phone.

So, to business. I was reading a forum question about Media Streaming, and how to go about troubleshooting.

Read more of this post

SBS, Essentials, RWA and SSL

padlockI have blogged before about setting up the RWA on Essentials, we all remember that mammoth post right?

The countless hours we wasted trying to make the wizard work, troubleshooting certificates with GoDaddy, Enom, Microsoft and that’s before you worry about where your domain name is hosted. Thankfully, or should it be, mercifully, in Essentials 2012 the whole wizard process is a lot cleaner and dare i say more intuitive.

That is, however, unless you lack an understanding of what this stuff actually does and how it works.

Read more of this post

Windows MultiPoint Server with SBS 2011

imagesMultiPoint server can be joined to the SBS 2011 domain, just like any other server. However, before the MultiPoint server (or any other additional application server) will show up in RWA, we will have to add a special registry key and add the server name on the SBS 2011.

Read more of this post

Quick Fix : SBS 2011 Essentials RDP Timeouts (Remote Web Access)

If you are using RWA in SBS 2011 you may find that having connected to your Computer, then working on something else for a period of time, you go to switch back to your Computer and find you have been Disconnected! This can be a source of annoyance to those multi-tasking users we look after, and we don’t really want to give them any more reasons to be annoyed right?

5

Luckily it is relatively simple to increase the period of inactivity before a timeout occurs, likewise you can decrease it if you wish to as well.

The default for a disconnect is 60 Minutes.

To edit these settings, we first have to enable the Remote Desktop Gateway Manager tool.

Even though this ‘Role’ is installed into SBS by default, the management tool itself is hidden

You will need to open an Elevated Command Prompt, to do that, find the CMD.exe icon, right click and click on ‘Run As Administrator’

6

Next you need to enter:

dism /online /Enable-Feature:Gateway-UI

1

You will see the status of the Imaging Servicing and Maintenance tool, and after a few moments be returned to a CMD prompt.

Now you can open up the Management tool from your Administrative Tools menu.

2

Expand your Servername and then expand Policies. In the details pane, right click the policy ‘DOMAIN_CAP_DEFAULT’ and go to properties.

3

You can see clearly here the ‘Disconnect Session after Idle’ setting, and change the value to suit your needs.

4

When you have changed the setting click OK. Your settings will be active immediately but may not affect sessions that are already in progress.

To change the timeouts for the entire Remote Web Access site, you can follow Tim Barrett’s blog post for SBS 2008.

http://www.nogeekleftbehind.com/2009/10/02/changing-the-companyweb-timeout-in-sbs-2008/

Changing this setting will affect the timeouts for the RWA page, for accessing files and folders stored on the Server.

The article mentions ‘Companyweb’ for SBS 2008, but can be transferred for The Default Website on SBS 2011 Essentials to affect the RWA page.

Setting up Remote Web Access on SBS 2011 Essentials Part 2

In the last part of this post, i went through how, and how not to setup RWA on SBS 2011.

I had problems with the GoDaddy process, so wanted to give eNom a try.

So i had just removed the domain from the RWA site, and i am starting afresh.

This time i am going to purchase the domain name through the wizard.

1

I want to use one of the supported providers..

2

I want to use eNom

3

This is the domain name i want to try…

4

Aha, it is available – great i want to register it, so i click on Register Now.

5

I am taken to eNom’s website..

6

I wont bore you with setting up an account, but i also chose their very kind offer of an SSL certificate as well!

7

(i can see here it is actually saying ‘transfer’ i believe this is related to something a little further along. At this point i did everything i was prompted to do, and did not change anything)

Purchase complete, and i am now back to the wizard. You need to enter the credentials you created when signing up with eNom and click next.

8

9

What’s that now? Invalid, surely not, i just purchased this domain with your wizard?

So it would seem, that at this point, something went wrong with eNom, as i review my emailed receipt and i was only charged for the SSL, not the domain. Weird!

OK i thought, no big deal.

I went to the site directly and registered the domain name manually. Restarted the wizard, of course this time i already owned the domain.

10

I am lazy, so i want to setup my domain automatically..

11

Hmm, i was expecting this to pickup the fact my domain was at eNom.. it didn’t. So i choose eNom and click Next.

12

Eh, what now?

Transfer? What Transfer? i just bought the domain.

I thought for a few moments, and figured, well it is a new domain, maybe it is not setup – so yeah ok, lets continue..

13

Now the interesting point, it shows my domain as co.uk – which obviously is not right.

14

This appears to be a problem with the wizard itself, not handling second level domains correctly.

This is an annoyance of course, however we can work around this.

So let’s review at this point.

We have purchased an SSL Certificate and a domain name.

I am restarting the wizard..

15

If you choose to manually setup the domain you will need to be able to edit the DNS records for your domain and point them to your router.

You will need at the very least to add an A record for ‘remote.yourdomain.com’ for the public IP of your router, and make sure that email is either being forwarded to another provider, or set MX records to go to your preferred email provider.

You may also need an A record for WWW to point your public website.

That is beyond the scope of todays debacle however..

17

You will need to confirm that you have setup your domain name manually, and then you can click next.

18

Now for the SSL, as we already purchased our SSL Cert, the options here are not straight forward.

We have purchased our certificate, but it is not ‘existing’.

Existing is for certificates already in place on the server. You need to select, i want to purchase..

20

Before you click next, you need to click Advanced. If you don’t then the Certificate Signing Request (CSR) will be for the domain shown – not the full name we want to use.

Click Advanced, then fill out the domain name as shown – we need to have our prefix as shown, and you can see below how the domain name for RWA will actually look..

21

Click on OK, and you are back to the previous page.. this time with the correct name for your CSR.

22

When you click Next you will be presented with your CSR. You can copy this or save it to a file for later use.

23

So i copy this info to my clipboard and go to the eNom site, login and head for SSL Certificates..

24

Click on the RapidSSL option..

25

You need to choose Outside Hosting, and i also chose the type of server i have..

26

27

Delete the text in the CSR field, and paste in your CSR.

28

Scroll down and click Submite Certificate.

29

At this point you may say something rude – if you dont have email already setup for your domain, as i didnt. Of course i was forgetting that the SSL authorisation procedure will require authorisation from the domain owner, which is usually done by email. I quickly had to go and setup email forwarding for this test domain to my actual email address..

30

I chose a suitable email address and submitted the details..

31

32

You are then returned to your Manage SSL home page, and the status is now Processing.

33

Switch over to your email client and keep an eye out for a SSL Certificate request type email..

IMG_0864

Scroll down and follow the link to approve..

You will be taken to a GeoTrust website and have to click on the Approve button.

IMG_0865

Your certificate will then be emailed to you as plain text, and it will look almost identical to your CSR.

IMG_0866

My advice here is to copy and paste this into a new text file and save it as SBS.cer

Now back to our Wizard.. we can now choose that we have our SSL information and click Next.

34

As i saved my certificate to a file, i can now browse to it, alternatively you can just paste that info into this box..

35

Click next, and we are all done!

36

Click Close to go back to the Server Settings\RWA page.

37

So what has all of this taught me?

I am afraid i can only so far draw a negative conclusion on this process.

I think Microsoft have to be applauded for the idea, and the theory is sound, however in practice i think this is a huge undertaking, and as always the more you try to cater for, the more variables you have to account for – the more places something can fall down.

I do not think a DIY’er (or off the shelf purchase of essentials) would have got through this without resorting to calling in an expert, giving up, or died of old age waiting for a non existent certificate to show up.. Smile with tongue out

Having said that, i am also confident that this can be resolved with feedback given to the right people.

So to end on a positive, soothing that people do not seem to be aware of yet – is that Microsoft are giving away a free domain name, AND, a free SSL certificate with SBS Essentials.

Yes, you heard me right!

So, how do i get one?

Just like this…

40

Choose a new domain name…

41

You want the free one!

42

You will need a Windows LIVE ID!!

43

44

Read and accept the license agreement…

45

Choose your prefix. All of the free domains will be domain.remotewebaccess.com

46

Click to check availability.. if it is available, click Set Up!

47

48

DONE!

49

Is it ironic that i am using firefox in this shot?

50

That is a number of ways the RWA wizard can work out for you!

As i said above, you have to applaud the idea, the execution at this time has been poor.

But on a plus, the freebie domain and SSL work perfectly, and who can argue with that price?

Setting up Remote Web Access on SBS 2011 Essentials Part 1

EDIT- A lot of the issues in the wizard are resolved by installing Update Rollup 1 for SBS Essentials

I have seen a number of questions on the SBS Essentials forum relating to setting up domains and SSL certificates on SBS 2011 Essentials.

I hadn’t run through this procedure fully as i did not have any domains hosted on one of the supported registrars, so i decided to bite the bullet and buy one.

SBS2011-Essentials.com is now mine, and i registered it with GoDaddy – directly on there website, not using the SBS Essentials ‘Setup Domain Wizard’ i chose to do that because i am thinking most people will already have a domain name they want to use.

1

Now my domain is all up and running i can use the Setup Domain Wizard on the SBS Essentials server to configure my server to use this domain for remote access.

I have two choices here, i can either run this from my workstation, or i can logon to the server console directly to do it.

I am going to run mine from the server console, just because i think most people will be doing that.

Firstly before you start, disable IESC (please make sure to enable it again when you are finished)

SBS MVP Wayne Small wrote a neat blog post on how to do that and you can find that here

Secondly, if you are using GoDaddy.com, make sure to add *.godaddy.com to your trusted sites in Internet Explorer (i didnt do this to start with and had a lot of trouble with the website) I also changed my Trusted Sites security level to Medium-Low for this task.

2221

To start the wizard, go to Dashboard and click Server Settings, then go to Remote Web Access, then click Set Up

2

You will be asked if you already have a domain name, or if you want to setup a new one. I have one i want to use so that is what i choose.

4

The wizard will lookup your domain name to see if it’s hosted with one of the two current supported registrars – GoDaddy or Enom. If it is detected you will be prompted to go to their site to purchase an SSL certificate, if not you’re asked if you want to transfer it, or setup manually.

5

NB, this wizard can skew off into about a million different possible directions, its like trying to map the universe using a pen and paper trying to blog this thing Smile with tongue out

So anyway,  let’s assume it was detected at GoDaddy and you go to their site. If you havent followed my advice above you will have to do so now, adding the site to trusted sites etc to get the GoDaddy website to function correctly.

7

You will also have to close the windows and open it up again ‘As Administrator’ I don’t know why this could not have been coded up to do that for you, but there you go.

So copy the URL from the IE address bar, and then launch IE as administrator.

Click on Start, then right click IE and click Run as Adminisatrator

When the IE window opens, paste the address into the address bar.

You will now be prompted for your credentials.

8

When you login you are presented with a few options. Choose whichever services you want, and go to the checkout.

9

Again, fun and games with the website here for me, it wouldn’t let me ‘checkout’ unless i selected an additional service, or chose to have the SSL for more than one year. You can choose whatever you like here to get to the checkout/basket then simply remove the items you don’t want.

13

 

 

Continue on to the checkout and pay for your items.

14

Now you can close out, and go back to your wizard.

You will be prompted for the credentials of your GoDaddy account.

17

Click on Next to continue..

18

19

I was expecting this to be the end of the process, unfortunately not.

At this point – i broke things.

Being the impatient person i am, i wanted to hurry things along, so i logged into the GoDaddy site and managed to ‘use’ my SSL credit. This is normal procedure for SSL purchases with GoDaddy, however you must not do this with SBS Essentials. I am informed by Sean Daniel of Microsoft who helped me with this process, and also his contacts at GoDaddy that basically i broke things, which is why my SSL purchase failed.

(ok the purchase didnt fail, the CSR and Signing Process failed,

Having said that, SBS Essentials did not tell me any of that Smile with tongue out it sat there quite happily waiting for a certificate to be issued by GoDaddy, which was never ever going to happen.

I gave it aproximatley 48 hours as well.

If you are interested you can find the logs for the wizards and other aspects of SBS Essentials here:

c:\ProgramData\Microsoft\Windows Server\Logs\ and the log file for this process is…  SharedServiceHost-DomainManagerServiceConfig.log )

20

I am told however, that if i had not done this, it would have worked.

If you do find yourself in that situation the only resolution is to get support to refund your SSL purchase or, go through the SSL Install manually. I chose a refund and this i have to say was very easy and their support staff were both charming and efficient.

So anyway, being the kind of guy i am , i thought OK, well lets have another go.

This also proved to be a bad idea. It seems that either my server, or my domain name are now stuck in some sort of crazy loop, where i am unable to purchase an SSL using the Wizard.

Not to worry, i am an uber rich MVP who has money to burn, and time to test the latest and greatest Microsoft has to offer, ill buy another domain name and another SSL.

This time i turned to eNom.

it is relatively easy to remove any domain name from SBS Essentials, you just click Setup, from Server Settings/Remote Access, and follow the wizard to remove the domain name.

30

31

32

33

I will continue this story in Part 2

<span>%d</span> bloggers like this: