and Windows Certificate Authority (CA)
We have AD-RMS and our own CA currently installed, but we are having trouble pushing out AD-RMS templates, and need to run some tests to find out if there is an incompatibility with some of the Company Security Software.
We need a quick review of our setup, and guidance on additional configuration and deployment.
Need to review using security certificates to encrypt .PDF files.
We have just been asked to expand usage of our AD-RMS infrastructure to other Company divisions (to people not in our Active Directory)
need help designing and rolling out that capability.
Our PKI has a stand-alone, offline root CA implemented as a Hyper-V VM (2GB ram, 2 cores).
Our PKI has an enterprise subordinate CA implemented as a Hyper-V VM (2GB ram, 2 cores).
The certificate on our subordinate CA expired recently
we were able to renew it and all the server certs that it had issued, but RMS is still handing out an expired certificate.
Our AD-RMS infrastructure has 2x Hyper-V VMs (2GB ram, 2 cores) configured in an RMS cluster.
4. Exchange 2010
We have Exchange 2010 installed, configured and working.
We need some help on requiring client certificates for OWA and ActiveSync access, and on how to block access to attachments when using OWA and ActiveSync, but not when using Outlook.
A complete audit of configuration and settings would be welcome.
Exchange is deployed on a single Hyper-V VM (8GB ram, 4 cores, 127GB HDD for system, 6GB HDD for logs, 18GB HDD for databases), running the Hub, Mailbox and Client Access roles.
We are covered for both user and device CALs.
We have not yet set limits on the types of mobile device hardware that will be supported.
Our need here is to provision 2-factor authentication and restrict access to attachments.
An audit is fine, but not required.
6. Microsoft Bitlocker
We have deployed Bitlocker, but need assistance with deploying and configuring the centralized console called Microsoft Bitlocker Administration & Management (MBAM).
MBAM is part of the Microsoft Desktop Optimization Pack (MDOP), and available to Enterprise customers.
We need the centralized MBAM console setup and deployed.
We have no interest in other capabilities of MDOP, but are willing to listen to details while we work on it.
We have 4 production Hyper-V servers: 2x running Windows Server 2008 R2 Data Center and 2x running Windows Server 2008 R2 Enterprise.
We need to finish clustering the 2x DataCenter Hyper-V servers, and reconsider the hardware platform (2x Dell R610s, 1x Dell C6100, and 1x Dell M620 blade in an M1000e).
We have no plans to standardize the hardware.
We have plans to implement SCVMM at a later date, but this could be included if it doesnt require a lot of time.
Backups of all Windows infrastructure is done as a full nightly using the native Microsoft Backup that is working well- we are willing to listen to suggestions to improve this.
We have no plans to implement Hyper-V 2012, but are willing to listen to details while we work on this project.
8. Folder Redirection slowness
We have a File Server with less than 1TB of shared data implemented as a Hyper-V VM (2GB ram, 2 cores).
We use a GPO to do folder redirection of the local My Documents folder.
We have a 1TB dynamically expanding VHD for Shared Data. Compression, Indexing, Shadow Copies are all enabled. Quotas are disabled.
We have a 1TB dynamically expanding VHD for User Data. Compression, Indexing, Shadow Copies and Quotas are all enabled.
Some users see slowness and errors when using files from this redirected location.
We have some ideas about when\where to do defrag, but would welcome some pointers.
We need someone who knows Hyper-V, File sharing, and Folder Redirection GPOs to do a sanity check on this.
We have no interest in full User State Virtualization.
We are not allowed to deploy DirectAccess.
Triangle Technology - 19 months ago