Friday, July 22, 2011

Publishing Remote Desktop Gateway (RDG) with TMG 2010

I recently had the pleasure of creating an Remote Desktop Services (RDS), Remote Desktop Gateway (RDG) and RemoteApp environment for a client.  This was a bit more technical and involved than I originally envisioned, no thanks to the scant documentation that exists.  I will detail all that in a later blog post, for now I will focus on publishing your RDG, RDS and RA environment through a Microsoft TMG 2010 Firewall.

First we have to create an SSL Listener
  1. Specify an IP address for the Listener
  2. Enable both HTTP and SSL connections
  3. For HTTP to HTTPS redirection select redirect all traffic from HTTP to HTTPS
  4. On the Certificates tab select “Use a single certificate for this web listener” and select an appropriate certificate
  5. Authentication should be set to “No Authentication”
Now we create the actual publishing rule:
  1. Allow
  2. From Anywhere
  3. To – Your RDSG IP or Host – Forward original host header – request appears to come from TMG
  4. Traffic HTTPS
  5. Listener – Select the one we created earlier
  6. Public name – This is the Public DNS name
  7. Paths should be /rdsweb/* and /rpc/*
  8. Authentication delegation – “No Delegation, client may authenticate directly”
These were the steps I had to take to successfully and securely publish the client's RDSG to the internet.  Once again I found the existing documentation to be lacking in the extreme.  Hope this helps someone out there.

Friday, July 15, 2011

How to Prepare an Offsite replica with DPM 2010

Sometimes the need will arise to backup your DPM replicas to removable storage for whatever reason.  It might be so that you can recover your DPM server in case of a disaster or you might even want to use the replicas to seed another DPM server in a DPM 2 DPM 4 DR scenario.  Here is an extremely simple and effective way to accomplish that:

  1. On your DPM Server open an Admin Command Prompt
  2. Navigate to the DPM bin folder (usually C:\
    Program Files\Microsoft DPM\DPM\bin\)
  3. Execute dpmbackup -db
  4. Execute dpmbackup -replicas
  5. I prefer using robocopy to copy the data to USB (or any alternate) Storage like so: robocopy C:\Program Files\Microsoft DPM\DPM\Volumes\ShadowCopy\ %destination% /e /b
What the above does is creates snapshots of the replica volumes and then mounts those read-only snapshots under the \Program Files\Microsoft DPM\DPM\Volumes\ShadowCopy folder.  It is therefore a point in time replica which you can copy wherever you wish, be it disk or tape.  You can, of course, also use your favorite backup software to backup your replicas, just be sure to configure it to traverse mount points.