UAG – Top 10 Things to do after you’ve installed it


The UAG needs a lot of tweaking after you’ve installed it, here is a list of my top 10 things to do to get started:

  1. Make sure you have SP1 update 1 installed – KB2585140.
  2. If something is not working (like a Remote Desktop link), run the Best Practice Analyser. This will highlight any issues, like certificate errors that are stopping the application from working.
  3. Increase the default session timeouts – ‘Inactive session timeout=300 seconds’ and ‘Trigger automatic logoff after 60 mins’. Way to low for most environments. Increase to suit yours.
  4. Enable access for mobile users – This is disabled by default.
  5. Customise your portal – Not easy to do, but the sooner you brand it the better.
  6. Integrate with a two factor authentication product to increase security.
  7. When adding Active Directory integration update the search root and scope to include the domain only, i.e. the root, enable subfolders and leave nested groups blank so every group in the domain is queried. Takes longer but less hassle for Ops teams.
  8. Once you have configured authorisation don’t move the groups to another OU in Active Directory or your authorisation will break.
  9. To clean up the logon page, remove the language bar, deselect ‘Enable users to select a language’ from the Authentication -> Trunk configuration settings.
  10. Update the language files to customise all the logon and portal text.

And 1 to remember!

  1. If you are going to modify your Login.asp file make sure when you update the user logon page fields you do NOT use a leading forward slash, e.g. ‘/CustomUpdate/Login.asp’ is incorrect. The correct format is ‘/CustomUpdate/Login.asp’. Read a full outline here

Updates:

  1. Check the protocols and encryption available via the best  public website checker – http://ssllabs.com
  2. Install JVM for web monitor in IE – http://java.com/en/download/manual.jsp
  3. Disable TCP chimney, Receive Side Scaling and Taskoffload to resolve client endpoint issues as per this post:

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s