Laboratoire Microsoft |  CertifExpress 
 Le Forum de Réfèrence sur les Technologies Microsoft - http://www.forum-microsoft.org

Services Pack et Updates IAG/UAG

Modérateurs : Thierry DEMAN (MVP Exchan, alex117, ygainche, Modérateurs, Modérateurs_Applicatifs

Services Pack et Updates IAG/UAG

Message par alex117 » Mar 13 Oct 2009, 14:29

IAG 2007 SP2

Bonjour,

Le nouveau service Pack 2 pour IAG 2007 vient de sortir officiellement aujourd'hui.
Les principaux changements concernent :
- La prise en charge nativement de KCD
- L'ajout d'un modèle pour publier Office Communicator Web 2007
- L'amélioration du modèle de publication SharePoint
- La prise en charge de différentes stratégies en fonction du système d'exploitation client (Linux, mac, windows, ...)
- et bien d'autres encore ...

Le service Pack est disponible à l'url : http://www.pyramid.de/download/IAG3.7SP2.exe
Le fichier changelog : http://www.pyramid.de/download/IAG.v3.7.SP2.release.notes.pdf
J'en parle également sur mon blog : http://www.alexgiraud.net/blog/Lists/Billets/Post.aspx?ID=32

Voilà donc un joli cadeau de noël proposé par la team IAG pour finir l'année en beauté.

Bonne journée,
Alex
Cordialement,
Alex117 - Giraud Alexandre
3SR Solutions de Sécurité Systèmes et Réseaux
MVP Forefront / Enterprise Security
Modérateur du forum Forefront Laboratoire Microsoft Supinfo
http://www.alexgiraud.net/blog
Avatar de l’utilisateur
alex117
Grand Master Flash
Grand Master Flash
 
Message(s) : 2186
Inscription : Sam 04 Fév 2006, 10:33
Localisation : Bordeaux - Paris - Bordeaux - Paris ... bon par là :) !

IAG 2007 Service Pack 2 Update 1

Message par alex117 » Mar 13 Oct 2009, 14:30

Et une mise à jour du SP2 : SP2 Update 1 !

Le service Pack est disponible à l'url : http://sus.celestix.com/files/IAG37SP2Update1.exe
Le fichier changelog :

1.Enhanced client detection with WMI “SecurityCenter2” namespace
In addition to the existing detection methods, the endpoint client detection components now use a new WMI namespace, SecurityCenter2, introduced since Vista SP1:.
◦An updated detection script and updated endpoint client detection components add this functionality on the client
◦“SecurityCenter2” detection can be disabled by setting a server value if desired.
◦Existing detection logic has not been removed or changed.


2.Support for the Citrix XenApp5 application
Citrix XenApp5 is the latest Citrix presentation server product. Citric XenApp5 publishing is fully integrated and is seamlessly functioning through IAG . In this release, Citrix XenApp5 publishing is implemented with Single sign-on, security rule set, and SSL VPN tunneling.


3.Full support for client components unattended installation/un-installation
With the provided “MSI” offline installers the client components may be installed/uninstalled with no the user interaction. No pop-up messages are displayed. If a machine reboot is required, this will occur automatically.


4.Handling large Web Monitor reports
A maximal allowed report size is defined. The default maximum allowed size for report generation is now set to 800 MB and this limit may be changed by a registry value. When a generated report size exceeds the maximum allowed size, the user will receive a message with a suggested range of dates that may not exceed the allowed size.


5.Publishing SharePoint AAM team sites problem
Publishing SharePoint team sites via IAG now works as expected when using Site Collections that have an initial path. The handled scenario is as follow, the customer has a single SharePoint site that hosts multiple teams. Each team has a unique site that they require access control on. The customer wants to provide a link to the SharePoint team site for a particular team and not to the whole server. The data on these sites is confidential and must not be shared or viewed between teams without explicit permissions. This scenario is working now.


6.Support a logon name including multi byte characters
◦Double Bytes User ID (Account)
◦Double Bytes User Display Name
◦Double Bytes Group Name
◦Double Bytes OU Name

Note: This is not a full localization feature. The multi byte characters support requires a specific configuration and environment. Detailed description will be publish in Update-1 KB.


7.Web Monitor report displays users having an apostrophe (`) character in the name
The fix is allowing correct Web Monitor report display for users having an apostrophe (`) character in their name.


8.Fixed a rule set preventing from OWA 2003 clients to use some special characters in a signature


9.Automatic scheduled logoff on an ADFS portal trunk
The fix enforces a full logout when scheduled logoff occurs. No redirect to ADFS login is implemented, since now IAG allows re-login only for the same lead user, and this cannot be achieved for ADFS groups.


10.Fixed incorrect cookie parsing when a cookie is including a comma (,) character
Until now the separation between cookies has been performed for both semicolon (;) and comma (,) characters (according to RFC 2109). Such behavior broke the cookies including a comma in the cookie value. Newer RFCs allow only the semicolon character to be a cookie separator. The code has been changed accordingly.


11.Added functionality allowing client certificate retrieval (user or machine) by the SAN field, in addition to the existing support for the Subject/Issuer fields.


12.Fixed two issues occurring while configuring Secure Port for Active Directory repository
◦An Alternate Server definition caused an error message to the IAG administrator.
◦Automatic check for password expiration feature did not work


13.Windows 2000 client support was broken in SP2
Update 1 fixes this problem. The client components for Win2K OS should be pre-installed before connecting to IAG portal by a corresponding offline installer.


14.ActiveSync issues
◦Windows Mobile 6.1 devices communicating to Exchange 2007 SP1 use URLs and parameters that are not fully taken into account in the OOB rulesets and require updating for devices to be able to perform full usage of ActiveSync via IAG.
◦ActiveSync displays a blank screen since the response contains a zero length. That occurs at some random interval when the data is sent by the CAS to IAG. Any customer with Windows Mobile 6.0 & 6.1 using ActiveSync to Exchange 2007 SP1 is experiencing this problem.


15.Fixed URL Set Level incorrect behavior (URL Inspection tab)
Fixed an issue when applying changes to the URL Set Level slider control. When more than one application is defined and the user is changing a level for any application from the list the actual rule set level appears to correctly have changed, but the new slider level is then applied to the first application in the list.


16.Fixed a trusted domain authentication problem (relevant for Win2K domain)
Fixed the inability of IAG to authenticate users in a trusted domain when a DNS name is not defined in the Name attribute of the Trusted Domain Object (using the NetBIOS domain name instead).


17.Fixed a problem when adding attachments for OWA2003 latest update
Update for Microsoft Exchange 2003 (KB 911829) restores functionality to Microsoft Exchange 2003 Outlook Web Access due to changes being made to Internet Explorer in Microsoft Windows Vista. After installing Update for Microsoft Exchange 2003 (KB 911829), the operation of adding attachments for WOA2003 fails. A change in the client side scripts has changed the policies. Our fix customizes the IAG to work with the new client side.


18.Logging application category events to Syslog is now implemented.


19.Resolved Socket Forwarding malfunctioning when using Oracle Discoverer Client application
The problem was found with Oracle Discoverer Client version 8.0.6.
Known issues for this update:

• When uninstalling Update 1 bits the IAG configuration is reverted back as it was prior to the Update installation. This means that all changes made after upgrading to Update 1 are discarded after a rollback to SP2. It is recommended to backup (save) an active configuration before uninstalling Update 1.


J'en parle également sur mon blog (avec les notes) : http://www.alexgiraud.net/blog/Lists/Billets/Post.aspx?ID=45

Alex
Cordialement,
Alex117 - Giraud Alexandre
3SR Solutions de Sécurité Systèmes et Réseaux
MVP Forefront / Enterprise Security
Modérateur du forum Forefront Laboratoire Microsoft Supinfo
http://www.alexgiraud.net/blog
Avatar de l’utilisateur
alex117
Grand Master Flash
Grand Master Flash
 
Message(s) : 2186
Inscription : Sam 04 Fév 2006, 10:33
Localisation : Bordeaux - Paris - Bordeaux - Paris ... bon par là :) !

IAG 2007 Service Pack 2 Update 2

Message par alex117 » Mar 13 Oct 2009, 14:31

Encore une mise à jour: IAG 2007 SP2 Update 2

L'Update 2 du service pack 2 d'IAG 2007 est disponible.

url de téléchargement : http://sus.celestix.com/files/IAG37SP2Update2.exe
Cette mise à jour ne s'applique que si le SP2 est déjà présent et est cummulatif avec l'Update 1.

Il apporte:

Fixed erroneous IAG behavior when headers contain blank characters
For trunks which do not publish an AAM application, the IAG Session cookie will be a site cookie instead of a domain cookie
Fixed bug for supporting Citrix XenApp5 application
Fixed parsing of text/html response Content-type (not binary) body using Chunked encoding type.
Fixed a failure occurring when using IAG's Socket Forwarding client component on a Citrix terminal Server
Fixed a SharePoint Persistent Cookie Name Race Condition
Fixed an Authorization Key Header memory Corruption while using an "Authorization Key" header
Fixed a failure in the endpoint detection policy of AVG on the client computer (mistyped value in the detection policy expression)
Fixed an Incorrect header removal when header is substring of another header
Fixed Day Light Saving change leading to a deletion of Internalsite and Portal rules
The communication between Windows Mobile 6.1 and Exchange 2007 SP1 has changed slightly due to the updating of the EAS protocol to EAS v12.1 – added support/fix for it
Enabling above 2KB http header request by modifying the following registry key (MaxAllHeadersLen), to prevent SNT from throwing the following error to the client: "Allow http header block of a request to exceed 2KB and avoid SNT throwing an error"
Fixed non English locales inconsistent encoding/decoding detection
Fixed few issues related to FormLogin authentication
Modified the rule-set that broke Java SSL Wrapper
Added support iPhone and Blackberry support
Fixed non-IE detection security issues
Note : Si vous désinstallez cette mise à jour, les modifications effectuées depuis cette mise à jour seront supprimés. Il est conseillé de faire une sauvegarde de votre configuration avant l'application de cette mise à jour.
Cordialement,
Alex117 - Giraud Alexandre
3SR Solutions de Sécurité Systèmes et Réseaux
MVP Forefront / Enterprise Security
Modérateur du forum Forefront Laboratoire Microsoft Supinfo
http://www.alexgiraud.net/blog
Avatar de l’utilisateur
alex117
Grand Master Flash
Grand Master Flash
 
Message(s) : 2186
Inscription : Sam 04 Fév 2006, 10:33
Localisation : Bordeaux - Paris - Bordeaux - Paris ... bon par là :) !

IAG Service Pack 2 Update 2

Message par alex117 » Mar 13 Oct 2009, 14:33

Encore une mise à jour: IAG 2007 SP2 Update 2

L'Update 2 du service pack 2 d'IAG 2007 est disponible.

url de téléchargement : http://sus.celestix.com/files/IAG37SP2Update2.exe
Cette mise à jour ne s'applique que si le SP2 est déjà présent et est cummulatif avec l'Update 1.

Il apporte:

Fixed erroneous IAG behavior when headers contain blank characters
For trunks which do not publish an AAM application, the IAG Session cookie will be a site cookie instead of a domain cookie
Fixed bug for supporting Citrix XenApp5 application
Fixed parsing of text/html response Content-type (not binary) body using Chunked encoding type.
Fixed a failure occurring when using IAG's Socket Forwarding client component on a Citrix terminal Server
Fixed a SharePoint Persistent Cookie Name Race Condition
Fixed an Authorization Key Header memory Corruption while using an "Authorization Key" header
Fixed a failure in the endpoint detection policy of AVG on the client computer (mistyped value in the detection policy expression)
Fixed an Incorrect header removal when header is substring of another header
Fixed Day Light Saving change leading to a deletion of Internalsite and Portal rules
The communication between Windows Mobile 6.1 and Exchange 2007 SP1 has changed slightly due to the updating of the EAS protocol to EAS v12.1 – added support/fix for it
Enabling above 2KB http header request by modifying the following registry key (MaxAllHeadersLen), to prevent SNT from throwing the following error to the client: "Allow http header block of a request to exceed 2KB and avoid SNT throwing an error"
Fixed non English locales inconsistent encoding/decoding detection
Fixed few issues related to FormLogin authentication
Modified the rule-set that broke Java SSL Wrapper
Added support iPhone and Blackberry support
Fixed non-IE detection security issues


Note : Si vous désinstallez cette mise à jour, les modifications effectuées depuis cette mise à jour seront supprimés. Il est conseillé de faire une sauvegarde de votre configuration avant l'application de cette mise à jour.
Cordialement,
Alex117 - Giraud Alexandre
3SR Solutions de Sécurité Systèmes et Réseaux
MVP Forefront / Enterprise Security
Modérateur du forum Forefront Laboratoire Microsoft Supinfo
http://www.alexgiraud.net/blog
Avatar de l’utilisateur
alex117
Grand Master Flash
Grand Master Flash
 
Message(s) : 2186
Inscription : Sam 04 Fév 2006, 10:33
Localisation : Bordeaux - Paris - Bordeaux - Paris ... bon par là :) !

UAG Update 1

Message par alex117 » Mar 13 Avr 2010, 10:04

Microsoft vient de publier la première Update pour Microsoft Forefront UAG 2010.
La première grosse amélioration que l'on verra, c'est la prise en charge des services de bureaux à distance (RDS) pour Vista et XP désormais !

De nombreuses autres améliorations ont été apportées pour SharePoint, DirectAccess, …
Tous les détails ici : http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a862c57f-5c27-4cd0-8528-91b3cc5cd758

Release note :
• Remote Desktop access from Windows Vista and Windows XP: Client endpoints running Windows Vista and Windows XP can now access RemoteApps and Remote Desktops published through Forefront UAG.
• Support for Microsoft SharePoint Server 2010: Forefront UAG now supports SharePoint Server 2010.
• Support for MSOFBA: Forefront UAG now supports the Office Forms Based Authentication protocol to allow rich clients to directly access applications published through Forefront UAG.
• Support for site cookies: Forefront UAG now supports the use of site cookies for non-alternate access mapping applications, in addition to domain cookies.
• Support for large CustomUpdate files: Forefront UAG now supports CustomUpdate files up to 1.5 GB in size.
• Changes in Group Policy Object (GPO) provisioning for DirectAccess clients: Update 1 fixes an issue that caused the export script that creates GPO objects to fail, and an issue that caused the GPO to be applied to all authenticated users in the domain (including computer accounts), instead of to DirectAccess clients only.
Cordialement,
Alex117 - Giraud Alexandre
3SR Solutions de Sécurité Systèmes et Réseaux
MVP Forefront / Enterprise Security
Modérateur du forum Forefront Laboratoire Microsoft Supinfo
http://www.alexgiraud.net/blog
Avatar de l’utilisateur
alex117
Grand Master Flash
Grand Master Flash
 
Message(s) : 2186
Inscription : Sam 04 Fév 2006, 10:33
Localisation : Bordeaux - Paris - Bordeaux - Paris ... bon par là :) !


Retour vers Forefront UAG/IAG Server

Qui est en ligne ?

Utilisateur(s) parcourant ce forum : Aucun utilisateur inscrit et 3 invité(s)



Accueil | News | Articles | Tips | Outils | Certification | Easters Eggs
Essentiels | Glossaire | Vidos | Whitepapers | Essentiels | Bote Scripts
Conditions d'utilisation & Copyright | Respect de la vie prive