I use a YubiKey 5 Series security key (from Yubico) in my lab. This allows me to use strong authentication and test out security scenarios that I usually find myself in while on the job. I did use the reference material from Yubico to get this working, but am going to transcribe and document this for future use for myself.
Continue reading “MyLab: Smart Card Authentication”MyLab: Workspace ONE Access (post v2)
Preparing to Deploy the VMware Workspace ONE Access Appliance
Preparation tasks include the following:
- Download the VMware Workspace ONE Access OVA file (customerconnect.vmware.com)
- Create DNS records (forward (A) and reverse lookup (PTR) records are required)
- Obtain IP addresses
- Create the Workspace ONE Access Service Database (either using Windows Authentication Mode or Local SQL Server Authentication) — Explained later in this post
- Change SQL Server Database Auto Growth Settings for Workspace ONE Access — Explained later in this post
MyLab: VMware Horizon True SSO
An Enterprise Certificate Authority needs to be accessible. Certificates are a big part of True SSO. There are going to be short term certificates that will be issued. True SSO will require the following servers and services:
- A deployed and configured Workspace ONE Access appliance
- A configured Workspace ONE Access connector with the VMware Virtual App Sync service configured
- A synced Virtual Apps Collection in Workspace ONE Access
- An Enterprise Certificate Authority
- Smart Cards authentication configured in Active Directory
- VMware Horizon Connection Server
- VMware Horizon Enrollment Server
- VMware Workspace ONE Access appliance
- VMware Workspace ONE Access Connector
Familiarity with the command line is helpful, but not necessary as well.
Continue reading “MyLab: VMware Horizon True SSO”MyLab: Windows Server Failover Clustering
Overview
Sometimes we need to load balance Windows Servers and don’t have access to an enterprise grade load balancer, or just don’t need all the bells and whistles (and expense) that comes along with it. For this post, we are going to install and configure the Windows Server Failover Clustering feature.
Continue reading “MyLab: Windows Server Failover Clustering”How to Add NordVPN to Firewalla Gold
Overview
For this tutorial, I am going to use an iPhone 13 Pro, running iOS 16.5.1 (c) and using Firewalla Box version 1.9760 (a5437352).
This tutorial will assume that you have a Firewalla Gold with the App connected and already have a subscription to NordVPN.
Continue reading “How to Add NordVPN to Firewalla Gold”Removing Advanced vCenter Server Settings
The other day I was working on a vCenter and had to evacuate the vCLS virtual machines from a failed cluster I was working on. If you are unfamiliar with this, here is the kb that explains how to do it. The short version is that you navigate to the cluster, capture the cluster id from the URL bar, and then add an advanced setting. After about a minute or less, the vCLS virtual machines should power off and be deleted.
Continue reading “Removing Advanced vCenter Server Settings”MyLab: Secure File Transfer Protocol (SFTP) Server
Overview
I am going to deploy and configure a Fedora 38 Server for Secure File Transfer Protocol (SFTP). This server will be used to backup VMware vCenter Server.
Continue reading “MyLab: Secure File Transfer Protocol (SFTP) Server”