Monday, April 16, 2012

UAG Logging

Microsoft Forefront Unified Access Gateway (UAG) is a comprehensive, secure remote access solution; and as such provides robust logging capabilities including the following options:
  • Built-in
  • Syslog
  • Mail
  • SQL
Please, note that all file locations mentioned in this article are installation defaults and may differ from locations you have selected during the installation.
Most of the logging options (with the exception of SQL logging configured via TMG) can be configured via "Admin > Event Logs Settings":

UAG built-in option is enabled by default and default log files location is C:\Program Files\Microsoft Forefront Unified Access Gateway\Logs\Events\. It could be a good idea to periodically backup the content of this directory either via a backup software or a script. UAG Web Monitor can then be used to query event log files, and to filter events according to type, time, and other parameters:
The following briefly outlines other logging options:

For more detailed information please, refer to the following TechNet article.

UAG Backup

Every organization should have disaster recovery and continuity of operations plans that commensurate with its risk reduction goals and its overall risk management profile. And of course UAG infrastructure should be an integral part of such plans, subject to associated backup and recovery procedures. However, this post doesn't have much to do with these fundamental things. Instead, it aims to cover the very basics of UAG configuration settings backup or import/export. Here's where one would configure automatic backups (that will be performed automatically every time new configuration is activated):

Please, note that all file locations mentioned in this article are installation defaults and may differ from locations you have selected during the installation.
  • The password must be at least 8 characters long and backup default location is C:\Program files\Microsoft Forefront Unified Access Gateway\Backup\. It could be a good idea to periodically backup the content of this directory either via a backup software or a script.
  • To perform manual import/export via GUI simply select "File > Import" or "File > Export", supply required parameters and click on "Export":
  • To perform import/export via command line navigate to C:\Program Files\Microsoft Forefront Unified Access Gateway\utils\ConfigMgr\ and run one of the following commands:
    • configmgrutil export filename.xml password [comment]
    • configmgrutil import filename.xml password 
  • For more detailed information please, refer to the following TechNet article.

UAG Basic Customization, Part 2

For information on how to change basic logon page settings please, refer to the first part of this post - UAG Basic Customization, Part 1.
Please, note that all file locations mentioned in this article are installation defaults and may differ from locations you have selected during the installation.
We can also customize basic properties of the UAG Portal pages (displayed after successful logon on trunks that use built-in Portal as a default application):   
  header & toolbar

  • Under C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage\Data\Languages\ locate an appropriate language file, in our case en-US.xml, and copy it to C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage\Data\Languages\CustomUpdate\.
  • Open en-US.xml file in the \CustomUpdate folder using Notepad and perform the following edits (based on the above sample):
    1. <String id="12" _locID="12"> - desired title
    2. <String id="182" _locID="182"> - desired support contact
    3. <String id="1" _locID="1"> - desired corporate message
  • Save the changes in en-US.xml (remember to always use customization file under \CustomUpdate, and not the original one)

It may also be desirable to add hyperlinks to the following areas, for example to point: 1) to the Help Desk email address; 2) to the Corporate web site:

  • Under C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage\Data\SiteMap\Footer\ locate file LeftFooter.sitemap and copy it to C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage\Data\SiteMap\Footer\CustomUpdate\
  • Edit siteMapNode url parameters as needed. Here's an example:

<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="" enableLocalization="true">
    <siteMapNode url="" title=""  description="">
      <siteMapNode url=""                   title="$Resources:Resource, 182"
                   description="$Resources:Resource, 182"
                   target="_blank" />
      <siteMapNode url=""
      <siteMapNode url=""                   title="$Resources:Resource,1"

Last but not least, there's "E-mail system administrator" button on the toolbar that can be hyperlink enabled:

  • Under C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage\Data\SiteMap\ToolBar\ locate file Web.sitemap and copy it to C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage\Data\SiteMap\ToolBar\CustomUpdate\
  • Open Web.sitemap file in the \CustomUpdate folder using Notepad. Find the line that contains "mailto:" and change it to reflect an appropriate support contact information:
    • for example: <siteMapNode url=""
  • Save the changes in Web.sitemap (remember to always use customization file under \CustomUpdate, and not the original one)

UAG Basic Customization, Part 1

In one of my previous posts I have referenced a couple of good resources on the subject of UAG customization: 
TechNet resource "Customizing Forefront UAG" is a good starting point, and there’s a book that was just published that covers this very topic – “Mastering Microsoft Forefront UAG 2010 Customization” by Erez Ben-Ari.
Much is possible when it comes to customizing and extending UAG, and this is when you would need to refer to those materials mentioned above and to study them carefully; but in some cases only basic customization may be desired, like changing default logon page (say edit the title and add a standard security banner). This post aims to cover those basic changes. So, let's say we want our default logon page to look somewhat like this:
And here are the things we would need to do:
Please, note that all file locations mentioned in this article are installation defaults and may differ from locations you have selected during the installation.
  • Under C:\Program Files\Microsoft Forefront Unified Access Gateway\von\InternalSite\Languages\ locate an appropriate language file, in our case en-US.xml, and copy it to C:\Program Files\Microsoft Forefront Unified Access Gateway\von\InternalSite\Languages\CustomUpdate.
  • Open en-US.xml file in the \CustomUpdate folder using Notepad and perform the following edits (based on the above sample):
    1. <String id="2" _locID="2"> - desired title 
    2. <String id="4" _locID="4"> - desired system security message
    3. <String id="5" _locID="5"> - desired support information
    4. <String id="1" _locID="1"> - desired password self-service information
  • To change the default message displayed when users log off modify the following:
    • <String id=3" _locID"3"> - desired LogOff message (for example: Thank you for using Company XYZ Remote Access Portal)
  • Save the changes in en-US.xml (remember to always use customization file under \CustomUpdate, and not the original one)

Tuesday, April 10, 2012


I have written on similar or related topics before in this blog:
And I am always excited to read another good story on the subject done by somebody else. So, check out the following excellent piece on the first computer - UNIVAC (or Universal Automatic Computer).

The Challenge of the Computer Utility

When I started this blog my intent was to stay clear of work related subjects, but it is not easy considering that computers and technology in general are all around us. Plus, work is something I spend a lion share of my time on (as do many people). So, I decided to declare it to be unavoidable!
When doing research for the Cloud Computing whitepaper, I came across a reference to the following book - "The Challenge of the Computer Utility" by Douglas F. Parkhill (ISBN-10: 0201057204). "Could this really be?" I thought. A book on computer utility published in 1966? This definitely sparked my interest and through the power of cloud services at I was able, within minutes, to find and procure the book at a great price of only $7.70! It arrived a few days later and I got right to it. The book certainly exceeded my expectations as the author projects a great clarity of thought. Two main reasons I liked the book:
  • It provides a good historical overview of where computer science, computing methods and machines came from (and since I have worked with mainframes, punch cards, reel tapes, etc. - I could really relate to that). It has great logical diagrams as well as pictures of "systems of the old" (IBM System 360-67, UNIVAC 492, CDC 6600). When you look at them, you can't help but think of how far we have come in the last 45 years or so. 
  • It is amazing how well the author covers the grand vision of computer utility and how similar, at times, this vision is to the Cloud Computing (Grid/Super/Utility Computing) hype of today. It is also interesting to see that even though we made a giant technological leap, the basic challenges are still there and remain pretty much the same - economic considerations, legal factors, security concerns, and issues around social transformation.
Let me reiterate, this book was written in 1966, we are talking about 45 years ago! In mid-80 and early-90 I have seen and worked with “room-size computers” (mainframes, punch cards, reel tapes, memory modules the size of the file cabinet, and hard drives that one person could not lift). And I must admit, my limited knowledge and dull imagination did not allow me to envision anything like this:
"As time goes on we can expect that the local financial utilities will be interconnected to create a nationwide and eventually worldwide network that will permit a customer to make money-key transactions no matter where he travels. The range of services offered by the utility will also grow. Terminals, perhaps based on the expanded touch-tone scheme, will be made available to private homes, and these will be used not only for paying bills but also for preparing income-tax statements, making purchases, checking bank balances, maintaining up-to-the-second files on all household financial obligations and assets, and even consummating loans, buying insurance, and making stock-market investments."
"As the utility networks grow and the cost of quires become trivially small, it is likely that consumers will come to depend more and more on the computer utility for information concerning products and services of all kinds. Promotional and advertising material will probably represent part of the information, and as low-cost visual displays become generally available, very elaborate product presentations will become practical. These presentations could well combine the best features of television and catalog advertising and provide consumers with a sort of animated Sears Roebuck catalog in which pictures would spring into vivid life as the remote customers turned the electronic pages."
All in all, this is a great book and I highly recommend it to anyone who wishes to learn more about Cloud Computing roots.

The Big Blue

Yes, you have guessed it right - the subject of this post is not "The Big Blue" (Le Grand Bleu) a 1988 English-language film by French director Luc Besson (though it would be an interesting topic in and by itself), it is the corporation - International Business Machines (better known as simply IBM). Established in 1896 under the name of Tabulating Machine Company it adopted its current name in 1924 under the leadership of Thomas J. Watson.

In my opinion, IBM holds a special place in the history of computing as over the years the company has made tremendous contributions to the science and the industry through its continued research and innovation. Metaphorically speaking, it is one of computing founding fathers. So, it should not come as a surprise that IBM is also one of the Cloud Computing pioneers. The company’s research into large scale computing, its long history and a wealth of experience with building and running complex systems and large datacenters, coupled with an impressive portfolio of hardware and software products and a world-wide professional services organization, provides a perfect foundation for the Cloud Computing platform of the future. And for IBM this is a natural progression of things, to quote one of the IBM sites dedicated to cloud computing – “workstations used to be tied to a mainframe, now they're conversing with a cloud.”

That said, it often seems that IBM does not get enough exposure and recognition. While Google Apps and Microsoft’s BPOS/Office 365 get a lot of press, similar offering from IBM – LotusLive Collaboration Suite goes almost unnoticed. Similarly, both Google’s and Microsoft’s strides towards FISMA certified cloud services were well publicized and covered by many industry periodicals. Meanwhile, IBM has readied its own cloud offerings for Federal and Municipal Governments, see the following article.

So, it may not be hip and trendy, but the amazing longevity IBM has demonstrated in this fast paced and even faster changing industry demands attention to what it has to offer. I suggest you take a closer look and decide for yourself what is the value - Also, check out the the following quick video:

Cloud Computing

The concepts underlying cloud computing date back to at least 1960s, when American computer scientist John  McCarthy said that "computation may someday be organized as a public utility". Cloud computing is still an evolving paradigm, but it seems well positioned to displace client-server computing model, much like it displaced mainframe based computing in the early 1980’s.

It may also be argued that cloud computing represents a return to a centralized (mainframe based) model, but at the next evolutionary level (including incorporation of some aspects of the client-server model and various new technologies) – with distributed systems and datacenters replacing the central mainframe; high-powered, reach media devices (personal computers, smart phones, etc.) replacing dumb terminals; and with more or less ubiquitous broadband Internet access replacing low bandwidth private communication links.

Previous attempts to bring about models similar in concept to cloud computing had limited success or simply failed. Sun Microsystems’ network based computing is a good example of that. It became best known by the phrase supposedly coined by John Gage (computer scientist, then at Sun Microsystems) - “The Network is the Computer”. The phrase was frequently used by then Sun Microsystems’ CEO Scott McNealy and pretty much became company’s motto, but the notion of network based computing gained little traction.

So, why does cloud computing popularity seem to grow by leaps and bounds? – It appears to be the right computing model and the right time. Cloud computing goes beyond its predecessors by incorporating results of the research on large scale computing by  a number of universities, by building on innovations from Amazon, Google, IBM, Microsoft, and other cloud pioneers; and it is powered by recent advances in computer and communications technologies (increased capabilities and lower costs) as well as virtualization and other methods of infrastructure abstraction. Finally, cloud computing combines technological advances with economies of scale and an innovative business approach for an on-demand, utility-like model of allocation and consumption of computing resources.

National Institute of Standards and Technology (NIST) gives cloud computing the following definition – “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”