Set-MgmtSvcIdentityProviderSettings -Target Windows throws: The remote server returned an error: (500) Internal server.

I  was trying to re-configure my Azure pack Admin Site URL with Set-MgmtSvcIdentityProviderSettings command and getting following error:

Resolution: Make sure your SQL database has the latest Cummulative Updated installed, in my case I was using Azure pack rollup 5 and SQL 2012 SP2 with CU6.

Installing & Configuring Web Application Proxy server and publishing ADFS

Web Application Proxy(WAP) is a role service of the Remote Access server role in Windows Server 2012 R2. WAP provides reverse proxy functionality for web applications inside your corporate network to allow users on any device to access your web applications from outside the corporate network. WAP pre-authenticates access to web applications by using Active Directory Federation Services (AD FS), and also functions as an AD FS proxy.

Requirements

  • Web Application Proxy server should be deployed in DMZ network.
  • Opened port 443 between WAP and ADFS server. Also 443 should be opened from internet to WAP server.
  • Certificate from trusted CA (for production use)

Install Web Application Proxy server role

Here is the process how to add WAP role:

I am changing my source to my DVD drive with WS2012R2 ISO mounted.

Create Web application proxy service account webapproxy_svc and add it into local Administrators group on your ADFS server:

Edit Hosts file on WAP

Editing HOSTS file on WAP server. Open Notepad as Administrator, browse to C:\Windows\System32\drivers\etc\ and open hosts file.

Add one line for your ADFS server:

Importing trusted certificate into WAP server

WAP needs certificate, I am using Wildcard Certificate from Godaddy, here are the steps how to import it from pfx file:

Do not forget to import Root certificates into Trusted Root Certificates or Intermediate.

Configuration of Web Application Proxy

WAP is now configured and working.

Installing Netscaler VPX for Hyper-V and activating license

Citrix Netscaler is a smart network appliance that can serve in many ways. In my next articles I will explain to you how you can use it for example as  Load Balancer, Reverse proxy or Web Application Firewall.

As I am mostly working with Microsoft virtualization, here is the short guide how you can install Citrix Netscaler VPX on Hyper-V. Note that Load balancing requires Standard edition. For Clustering you need to use Enteprise edition. Web Application Firewall feature requires Platinum edition.

For sizing the Hyper-V virtual machine please take a look on following:

http://support.citrix.com/article/CTX139485

Hyper-V VHD image with preinstalled Netscaler VPX can be downloaded from Citrix portal.

Login & go to Downloads, search for Netscaler ADC and Virtual Appliances, choose 10.5 edition and look for NetScaler VPX for Hyper-V 10.5 Build 57.7 or newer… hit download.

I had issues with VM Import, so I had to manually create new VM and attach extracted VHD from downloaded zip file. (Note that I have also renamed dynamic.vhd to nsvpx01.vhd)

NEW-VM –Name “NSVPX01” -MemoryStartupBytes 8GB -Path \\path\folder -Generation 1

Add-VMHardDiskDrive -VMName NSVPX01 -Path „\\path\folder\NSVPX01\Virtual Hard Disks\NSVPX01.vhd“

I have also added two NICs to my VPX VM.

After VM for VPX is created, you can turn it on and log in to console, once VM is booted, you need to configure IP, subnet mask and Gateway.

Now we can login via web browser to our VPX appliance.  Default user and password is  „nsroot“