Microsoft UAG 2010 Web Monitor All Events displays Message ID 108 Every Minute

Posted by Ahmed Nabil In | 3 comments»
After applying Microsoft UAG 2010 SP2 released couple of month ago I noticed that the UAG Web Monitor All Events Message ID 108 is repeated all the way and almost every minute as shown below.

After discussing this issue with Microsoft Escalation Team, it turned that its a known issue after UAG SP2 related to group memberships. Microsoft is aware of this issue and they have a private fix for this specific problem. After applying this fix, I didn't encounter this warning again.

I would recommend anyone having this warning to open a case with Microsoft to get this fix, this case shouldn't be counted since its a known bug.

SQL Server 2008R2 Reporting Services Failed to start after GDR security patch KB 2716440

Posted by Ahmed Nabil In | 1 comments»
After Applying the last Tuesday Microsoft (October 2012) patches/Updates, SQL reporting services wasn't able to start on several servers and the below error is displayed when you try to start the service

One of the Updates released on that date is the KB 2716440  which resolves a vulnerability in the SQL server. To make sure that this update specifically caused this behavior. I uninstalled this update and after that I was able to start the SRSS (Reporting services) without any problem.

This issue could occur by a missing registry key and a common solution to such problem is to add this key as follows:

  1. Open Regedit on the Problematic Server
  2. Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
  3. In the Right Pane create the following Key (If not already created)
    1. Value: DWORD (32-bit)
    2. Name: ServicesPipeTimeout
    3. Value Data, Click Decimal and type 60000 (Not less than 60000)
  4. Reboot the server

After reboot the SQL Server Reporting services was started normally without any problem.

Manual add of Shares to Microsoft UAG File Access

Posted by Ahmed Nabil In | 1 comments»
Microsoft UAG 2010 File Access is a nice feature to securely publish your internal shares on your UAG Portal for Internet users. To successfully publish your shares on UAG portal and for the File access to work, it requires the following:

  1. NETBIOS should be enabled, Ports 137-139 should be open and not blocked by any internal Firewall
  2. Port 445 for SMB should be open so UAG server can access/Locate the shares.
  3. On the UAG NIC facing the internal Network as well as on your Domain Controllers NICs, make sure to enable the NETBIOS Over TCP from the NIC advanced properties (WINS Tab).
  4. The File servers should have the Turn On discovery feature enabled (check attached) from the Network card advanced sharing options. By design it will turn off automatically unless you started several services as SSDP and UPnP services, please check this thread for more information
Turn on Network Discovery

Sometimes its hard to configure all these settings or maybe its restricted by your network policy. To manually add a network share or even DFS share to your UAG file access you need to modify the ShareAccessCfg.xml (This is the core file for the File Access Application). This file is located under ..\Microsoft Forefront Unified Access Gateway\von\FileAccess

The ShareAccessCfg.xml file can be edited easily using a notepad or any Free XML Editor, one editor that i use frequently is the Microsoft XML Notepad 2007

To manually add a server or Share you need to add them under the Server section or Share section as shown below

<server name="Domain\Server1" marked="1" provider="MS"/>
<share name="Domain\Server1\Share_name" marked="1" provider="MS"/>

After changing and saving the ShareAccessCfg.xml, make sure of the following:

  1. Restart Microsoft Forefront UAG File Sharing Service
  2. Open the Application from the UAG Console - Admin - File Access and make sure to hit Apply on each item (Domain, Server and Share)
  3. Activate UAG