First Step Shutdown ESXi Server enable Encryption
Second Add vTPM
Boot ESXi Server(s)
Configure Key Providers (Add Native Key Provider)
Now you can add vTPM to you VM
Don’t forget to enable VBS
Create GPO SRV 2022 – Virtualization Based Security and I did Apply only to my Server 2022 Lab Environment
System Information on my Server 2022 Lab Server
Now I want to manage my Exchange 2013 environment from the Windows 8 workstation, no Exchange tools are installed on the Windows 8 laptop. In a few simple steps you can open a remote PowerShell session to one of the Exchange Servers.
Logon to the Windows 8 machine and start the ‘Windows PowerShell ISE
$RemoteEx2013Session = New-PSSession -ConfigurationName Microsoft.Exchange `
-ConnectionUri http://servername/PowerShell/ `
-Authentication Kerberos -Credential (Get-credential)
Import-PSSession $RemoteEx2013Session
Save this to Remote Exchange 2013 Powershell.ps1
Don’t forget setting your Powershell to unrestricted with: set-executionpolicy unrestricted
Some times you find a cool feature on the internet.
XPEnology is an operating system based on Synology DiskStation Manager (DSM). This is possible because Synology DSM has developed under the GPL license . As a result, it is free to use and adapt by third parties. The advantage of XPEnology is that it is compatible with many different hardware and so you almost any old PC / server can use as a NAS. Also you can also XPEnology as a virtual machine (VM) running on ESXi for example, Hyper-V, VirtualBox.
With this flexibility, functionality and ease XPEnology offers a good alternative to a Synology NAS or other NAS solutions.
On XPenology.nl you will find great articles how to run the Software on Hyper-V, ESXi, Workstation and on dedictad hardware.
So i followed this guide: http://www.xpenology.nl/hyper-v-installatie/
Awesome!!! 
Things to do:
1. Hyper-V Harddisk Pass Through
2. Install & Config SABnzbd
3. Install &Config Sickbeard
4. Install & Config Couchpotato
5. Config my Diskstation with DNLA to my TV
Keep you posted!!!
VMware Workstation takes virtualization to the next level:
The team has included various smaller improvements in the product as well:
Today, Immidio releases an updated version of its flagship product Flex+. With the Immidio Flex+ workspace virtualization solution, end users get a personalized and dynamic Windows desktop that adapts to their specific situation based on aspects like role, device and location.
Modern workforces expect flexibility from their employers; users need to have the capability to work anywhere with multiple devices and a high degree of self-service. With Flex+ workspace virtualization, Immidio enables such a flexible workstyle in a simple, scalable, extensible and affordable manner, without introducing additional complexity. Immidio Flex+ uses the existing Windows infrastructure, ensuring a low total cost of ownership.
Next to many small improvements, the latest version of Immidio Flex+ contains new features that were mostly developed based on feedback from Immidio’s partners and customers. The focus of this release is to support the latest Windows versions and application virtualization technologies, providing users with an even more dynamic desktop experience and improving the administration of Flex+ in enterprise environments.
Flex+ multi-tenancy support for IT departments
Immidio Flex+ has always supported multi-tenant environments, and this release introduces much improved management of scenarios with multiple environments, such as different customers, DTAP, or separately managed organizational divisions, for instance.
Such setups can now be managed from within a single instance of the Flex+ management console, making it possible for the IT department to switch between these environments and also export configuration items from one environment to another.
An even more dynamic desktop experience
In the initial release of Flex+, Immidio introduced many capabilities for managing the user environment. Flex+ support for shortcuts, file type associations and printers is now even more powerful thanks to the new UEM Refresh feature, which during a Windows session reapplies these user environment settings, dynamically re-evaluating conditions.
Another new feature is Triggered Tasks which executes a custom or built-in task (like UEM Refresh) when a certain trigger occurs. The triggers that Flex+ supports are the lock/unlock of a workstation and disconnect/reconnect of a remote session in VDI and RDS environments.
To improve the dynamic adaption of the Windows user environment, based on role, device and location, this release extends the conditions available in Flex+. The new battery condition makes it easier to detect laptops and tablet devices. The new “Computer or User in Active Directory” condition helps determine the role of the user within the organization and the place of the currently used device within the IT infrastructure.
Support of latest technologies
Immidio Flex+ now supports personalization for Microsoft App-V 5.0, in addition to the existing App-V 4.x integration. Platform support has been extended with Windows 8 and Server 2012.
Other improvements
Many other improvements have been made to the Flex+ management console and client component. These are all documented in the Administrator’s Guide of this Flex+ release.
Recently, Windows Update began offering the Windows Management Framework 3.0 as an Optional update. This includes all forms of update distribution, such as Microsoft Update, WSUS, System Center Configuration Manager and other mechanisms. The key bit here is that the Windows Management Framework 3.0 includes PowerShell 3.0.
Windows Management Framework 3.0 is being distributed as KB2506146 and KB2506143 (which one is offered depends on which server version you are running – 2008 Sp2 or 2008 R2 Sp1).
Windows Management Framework 3.0 (specifically PowerShell 3.0) is not yet supported on any version of Exchange except Exchange Server 2013 (which requires it). If you install Windows Management Framework 3.0 on a server running Exchange 2007 or Exchange 2010, you will encounter problems, such as Rollups that will not install, or the Exchange Management Shell may not run properly.
We have seen rollups not installing with the following symptoms:
Exchange Team adviced that Windows Management Framework 3.0 should not be deployed on servers running Exchange 2007 or Exchange 2010, or on workstations with the Exchange Management Tools for either version installed. If you have already deployed this update, it should be removed. Once the update is removed, functionality should be restored.
In this “maintenance” release we can see that few OS support has been added and some bug fixes has been issued as well. This release comes only after two and half months, where VMware Workstation 9 has been released.
What’s new in the Version 9.0.1 – Build Number:894247
Fixes:
Source: VMware Workstation 9.0.1 Relese Notes Release notes
When you using vSphere 4 and and using MDT 2012 update1 with Windows Assessment and Deployment Kit you run in de following error. Same thing wil also with Workstation 8.
Solution 1: Do not install Windows Assessment and Deployment Kit on your MDT Server. You can still using MDT 2012 Update 1 with waik 3.5 if not deploying Windows 8 or Windows 2012 right now.
Solution 2: Upgrading you vSphere server to the latest version (5.1) or Upgrade Workstation to latest version (Version 9).
Workstation 9 has been designed to run on Windows 8 and run Windows 8 virtual machines. Easy Install has been enhanced to recognize Windows 8. Workstation 9 has been enhanced to support the Windows 8 user interface (formerly known as Metro). Toggling between Metro and the Windows Desktop can be done by simply pressing the Windows key on the keyboard and Unity intelligently handles the Metro interface. Workstation 9 also includes multi-touch support for driving the Windows 8 Metro interface running in Workstation on a Windows 8 tablet.
VMware has made substantial changes to Workstation 9 graphics virtualization infrastructure. The enhancements include a display-only graphics driver that can render 3D in Windows 8 without hardware acceleration, improvements to make graphics applications like AutoCAD and SolidWorks render more quickly and accurately, an improved Windows XP graphics driver and fundamental changes to improve performance and enable more advanced graphics capabilities in the future.
VMware has developed an OpenGL graphics driver and up-streamed it to X.Org. This allows VMware’s customers to use the new graphics capabilities in current Linux distributions without needing to install VMware Tools. The version of X.Org that includes the driver is being shipped in Ubuntu 12.04 among other Linux new distributions. Workstation 9 includes enhancements to the virtual graphics device to improve the overall speed and accuracy of rendering OpenGL graphics in Linux virtual machines.
This new capability allows the author of an encrypted virtual machine to require users to enter an additional password to change their virtual machine settings. This feature enables IT professionals and educational institutions to create virtual machines to be used by their employees and students that prevent these users from enabling shared folders, dragging and dropping files, attaching USB devices, and overcommitting system resources. Restricted virtual machines can be run in VMware Workstation 9, VMware Player 5, and VMware Fusion 5 on Windows, Linux or Mac PCs.
WSX is a prototype of a new VMware Workstation web interface that enables users to access their Shared virtual machines via a web browser on a tablet, smart phone or PC without installing any additional applications or browser plug-ins. This service renders an HTML5 web page that can connect to your Workstation hosts, enumerate the available Shared virtual machines and allow you to power them on and interact with the desktop. Both the Windows .msi and Linux .bundle installations are available for download along with VMware Workstation 9.0
WSX is currently not supported for production environments. The number of devices and browsers available on the market make it extremely difficult to test this feature thoroughly to ensure it works well everywhere.
This feature requires a very modern browser that supports HTML5 with WebSockets. VMware recommends using the Google Chrome 17 browser on PCs and the Apple Safari 5 browser on Mac OS hosts and iPads. Currently there are issues using this feature with Microsoft Internet Explorer 10. WSX may work with other browsers and on Android tablets running Ice Cream Sandwich with the latest version of Google Chrome installed, but more testing is required.
Workstation 8 enabled customers to upload virtual machines to vSphere. Workstation 9 now enables downloading virtual machines from vSphere by dragging them from the remote host to the My Computer section of the Virtual Machine Library.
Workstation 9 supports attaching USB 3.0 devices to Windows 8 virtual machines. The latest portable devices use USB 3 (SuperSpeed) to achieve faster transfer rates for data. USB 3.0 devices such as portable storage devices and video equipment can be connected directly to Windows 8 and Linux virtual machines that contain in-box drivers USB 3.0 controllers.
Workstation 9 improves the implementation of virtual Intel VT-x/EPT or AMD-V/RVI extensions. This allows users to run ESX as a guest OS and run a 64-bit operating system nested in ESX using less system resources.
Note: If you enabled the virtualization extensions in a virtual machine running on Workstation 8, you might need to disable the extensions, upgrade the virtual machine to the latest virtual hardware version (compatible with Workstation 9), and then re-enable the extensions.
Hyper-V has been added to the Workstation 9 guest operating system list. This enables customers to run Windows 8 with Hyper-V enabled, or install Hyper-V Server. This can be used for educational purposes or for building prototype Hybrid Clouds. This feature is NOT SUPPORTED and probably never will be. Microsoft does not support nesting of their hypervisor which makes it extremely difficult – if not impossible for VMware to fix issues that may occur in this configuration. For this reason, this capability has been implemented purely to see if we could do it!
CAUTION: DO NOT ATTEMPT TO RUN HYPER-V ON A VIRTUAL MACHINE IN PRODUCTION.
VMware virtual processors now include the capability to enable virtual performance counters which will allow developers to run profiling applications, such as Intel’s vTune, in a virtual machine.
The experience when remotely connecting to a virtual machine running in Workstation 9 with a VNC client or interacting with the desktop of a virtual machine running on vSphere from within Workstation has been significantly improved.
Virtual machines consume a large amount of space on your hard drive. Workstation 9 includes a new management option to easily recover disk space.
Previous versions of VMware Workstation included a view mode called "Quick Switch" that displayed tabs along the top of the screen to easily switch between running virtual machines. We removed this functionality in Workstation 8. The feedback we received has encouraged us to introduce a similar feature. On Windows, hosts tabs have been included in the full screen toolbar.
Views of your virtual machine on the task bar now include controls to change the power state.
Workstation 9 automatically saves recent virtual machine library searches as filters to easily apply them the next time you run Workstation.
Issue: Not Synced Server Configuration does not match with stored configuration
Cause: FF TMG 2010 Array certificates expired.
Solutions: The following steps will fix the issue. Please note that I am explaining the situation where my TMG 2010 enterprise Array is deployed in workgroup.
Step1: Run ISA BPA on TMG 2010 Array Member
Step2: Verify certificate expiry date
1. From the Start menu, click Run. Type MMC, and then click OK.
2. In MMC, click File, and then click Add/Remove Snap-in.
3. Click Add to open the Add Standalone Snap-in dialog box.
4. From the list of snap-ins, select Certificates, and then click Add.
5. Select the service account and click Next.
6. Click Next.
7. Select ISASTGCTRL and click Finish.
8. Browse to ADAM_ISASTGCTRL\Personal > Certificates.
9. Open the certificate to see if it is expired.
Step3: Create a Request.inf file. Open notepad and copy the following and paste into notepad. modify CN and domain details as per your own requirement. rename the file as request.inf. An example of the inf file is:
[Version]
Signature=”$Windows NT$
[NewRequest]
Subject = “CN=myTMG.mydomain.com”
EncipherOnly = FALSE
Exportable = TRUE
KeyLength = 1024
KeySpec = 1 ; Key Exchange
KeyUsage = 0xA0 ; Digital Signature, Key Encipherment
MachineKeySet = True
ProviderName = “Microsoft RSA SChannel Cryptographic Provider”
ProviderType = 12
RequestType = CMC
; Omit entire section if CA is an enterprise CA
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; Server Authentication
[RequestAttributes]
CertificateTemplate = WebServer
Step4: request Certificate to the Root/Subordinate CA
Open a elevated command prompt. At the command prompt, type the following command, and then press ENTER:
certreq -new –f request.inf certnew.req
Important! This command uses the information in the Request.inf file to create a request in the format that is specified by the RequestType value in the .inf file. When the request is created, the public and private key pair is automatically generated and then put in a request object in the enrollment requests store on the local computer.
Step5:Submit the request and obtain certificate
Open a elevated command prompt. At the command prompt, type the following command, and then press ENTER:
certreq -submit certnew.req certnew.cer
Important! certnew.req is generated in the previous command. certnew.cer is the certificate you are looking for.
An alternative way of submitting certificate to CA
Step6:Convert certificate into .pfx format
Import the certificate certnew.cer into a server or an admin workstation
1. On the head node, click Start, click Run, and then type mmc to start the Microsoft Management Console.
2. On the File menu, click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box appears.
3. In Available snap-ins, click Certificates, and then click Add.
4. Select Computer account, and then click Next.
5. Select Local computer, and then click Finish.
6. If you have no more snap-ins to add to the console, click OK.
7. In the Microsoft Management Console, in the console tree, expand Certificates, and then expand Personal.
8. In the details pane, click the certificate you want to manage.
9. On the Action menu, point to All Tasks, and then click Import. The Certificate Export Wizard appears. Click Next.
10. Browse to location of certnew.cer file
11. Import Certificate
To export a certificate in PFX format using the Certificates snap-in
1. On the head node, click Start, click Run, and then type mmc to start the Microsoft Management Console.
2. On the File menu, click Add/Remove Snap-in. The Add or Remove Snap-ins dialog box appears.
3. In Available snap-ins, click Certificates, and then click Add.
4. Select Computer account, and then click Next.
5. Select Local computer, and then click Finish.
6. If you have no more snap-ins to add to the console, click OK.
7. In the Microsoft Management Console, in the console tree, expand Certificates, and then expand Personal.
8. In the details pane, click the certificate you want to manage.
9. On the Action menu, point to All Tasks, and then click Export. The Certificate Export Wizard appears. Click Next.
10. On the Export Private Key page, click Yes, export the private key. Click Next.
11. On the Export File Format page, select Personal Information Exchange – PKCS #12 (.PFX). Click Next.
12. On the Password page, type and confirm the password that is used to encrypt the private key. Click Next.
13. Follow the pages of the wizard to export the certificate in PFX format.
Step7: Import Certificate into TMG Array
Log on to the TMG Server
Open FF TMG 2010 Console
Click on System>Click Server that is one of the array member>Click Import Server Certificate from the task pan>Browse location of the certificate import certnew.PFX format certificate
Click Ok.
Click refresh on the systems
Step8: Repeat the entire steps into all array members
Step9: Refresh Array members and check system
Check TMG related services.
Special thanks to Raihan Al-Beruni
You must be logged in to post a comment.