Active Directory

Setting up SSL-VPN in an Windows Server 2008 environment

by Mats Hellman on Oct.28, 2009, under Active Directory, Remote Access, VPN, Windows

In this 2 part series we will look at setting up SSL-VPN using Windows Server 2008. At the end on the next part you will be able to configure a Windows Vista or Windows 7 client to connect to the corporate network using SSL-VPN ( SSTP ). To test this scenario you need some previous knowledge of Windows Server System and Active Directory in particular. We will be using Active Directory to logon to VPN and control user access using it. If you, like me, don’t feel like testing in an production environment you can set this lab up in an Virtual PC or Virtual Server environment. I will not be going trough setting up Windows Server 2008 AD DS in this article. I expect you to have your domain up and running. To run this lab you will need the following

Windows Server 2008 Enterprise running HEL-DC1
- AD DS
- DHCP
- DNS
- AD CS ( Certificate Services Enterprise CA)
Windows Server 2008 Enterprise running HEL-NAT
- 2 network interfaces – External and internal
Windows Vista Business Edition
- Service Pack 2

(continue reading…)

2 Comments :Certificate Services, Remote Access, SSL VPN, SSTP VPN more...

Using restricted groups in Active Directory

by Mats Hellman on Oct.21, 2009, under Active Directory, Group Policy, Windows

Using restricted groups is something very simple and still for many very confusing. Using restricted groups you can delegate administration or other roles to certain groups without giving these groups administrative rights to your Active Directory.

As an example, let’s say you have a helpdesk working in your company. For them to work as efficiently as possible they might need to login as Administrators to a client computer to fix various problems. Sometimes (read most times) you don’t want your helpdesk having Domain level Administrative rights because they might, even unknowingly, mess something up in your production domain. To deal with this we use Restricted groups. Restricted groups are provided by Active Directory group policies, they provide us a way to centrally drop in certain Active directory groups to computers local groups, yes computer local groups. They don’t have to administrative groups, they might be anything from backup users to Power Users.

(continue reading…)

1 Comment :Active Directory, Group policy, Help Desk, Restricted groups more...

About the author
I'm Mats Hellman and I'm systems administrator working for Folkhälsan, a healthcare organization in Finland. If you like the posts subscribe to the RSS Feed

You can also subscribe by email by filling the field below:
Recent Posts
Browse by tags
Acrobat Active Directory Apple ASP.NET CentOS Defragmentation Domain Drivers Free Software Group policy Install Linux MSI Nixadmins OSX programs Redhat Security Service Pack 3 SSL VPN SSTP VPN tools Virtual PC VPN Windows 7 Windows Deployment Services Windows Server Windows Vista Windows XP WinPE
ADVERTISING
DONATIONS
My twitter feed
- RT @imosse: This is quite possibly the most beautiful commercial ever! About seatbelt safety. http://www.youtube.com/watch?v=h-8PBx7isoM 2010/02/22
- Got my HTC HD2 today. Feels quite nice. A little bigger than the iphone 2010/02/03
- got my #Voddler invite today. So it's time to watch a movie! 2010/01/27
- @imosse And so is saying it will save the printing(Newspaper,book) industry. I still don't wan't to read of a screen, prefer audio or print 2010/01/27
- @imosse I can't see where I would use this thing...it doesn't "fix" anything in my life nor can it replace a laptop 2010/01/27

Meta

Nixadmins.net