in this instance dell one identity cloud access manager… powershell script: import-module MSOnline $msolcred = get-credential connect-msolservice -credential $msolcred Set-MsolDomainAuthentication ` -Authentication federated ` -DomainName federated.mydomain.com ` -ActiveLogOnUri https://proxy.campoc.mydomain.com/CloudAccessManager/RPSTS/WSTrust/Service.svc/trust ` -FederationBrandName “Cloud Access Manager” ` -IssuerUri urn:proxy.campoc.mydomain.com/CloudAccessManager/RPSTS ` -LogOffUri https://proxy.campoc.mydomain.com/CloudAccessManager/RPSTS/WSFed/Default.aspx ` -MetadataExchangeUri https://proxy.campoc.mydomain.com/CloudAccessManager/RPSTS/WSTrust/Service.svc/mex ` -NextSigningCertificate “” ` -PassiveLogOnUri https://proxy.campoc.mydomain.com/CloudAccessManager/RPSTS/WSFed/Default.aspx ` -SigningCertificate “<cert data>” ^note: the signingcertificate […]

i received this error message for the very first time today after importing a vendor’s vm files in vcenter. a quick google shed some light on the subject. the error indicates that the vmdk file is in a vmware workstation format that is incompatible with vsphere. to get around this the vmdk file must be […]

it’s useful to change the default virtual hardware version for new vms because most people probably don’t want version 10 yet. also if you’re on vsphere 5.5 you probably don’t want a new vm starting at version 7 and then going through the process of updating it to version 8 then version 9. the setting can […]

from the ADFS management console it doesn’t appear that there is a method to use a metadata file to update an existing relying party trust. i had to resort to deleting the old trust and recreating a new one with the new metadata file. of course this means that claim rules have to be recreated […]

info here regarding vcenter 5.5 update 1a: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2076692

set the registry value AutoEndTasks to 1 under HKEY_USERS\.DEFAULT\Control Panel\Desktop source: http://geeksaresexy.blogspot.com/2006/05/forcing-unresponsive-applications-to.html

GAL changes are immediately visible from OWA, however the offline address book (OAB) won’t reflect the change until the next OAB update interval. the interval is configured from the EMC->Organization Configuration->Mailbox->Offline Address Book. there’s also an option to right-click the OAB and select Update (i haven’t tried this yet). to get the latest copy of […]

change the following… Name attribute = userPrincipalName User filter = (userPrincipalName={0}) Login (DN)s add “{1}”, the default is “{0}\{1}” where {0} is netbios domain name and {1} is username

i upgraded to ubuntu 14.04 not too long ago. after booting up 14.04 for the first time and starting a gnome flashback session, i was immediately perplexed as to why i was seeing the unity launcher. it’s most likely because i use the flashback session with effects enabled (compiz) enabled, but still it was strange […]

i have done this once with no apparent consequences… http://support.microsoft.com/kb/889250 update 4/21/2014: the utility pkiview.msc that comes with the windows server 2003 resource kit can be used to determine the health of a CA.