Hi guys, I have been so busy prepping the TMG SP1 / software update 1 live cast session I did last week for Microsoft Belgium, I just never got round to finishing the review. The English and Dutch recording should be on the TechNet website any day now and I'll keep you all posted.
In any case, the live casts are over and done with, high time to pick up where I left off on this fantastic reading.
And oh, do we get a treat with this chapter!!!
I can say no more than, “the more you read this book the more you get to grasp on UAG as a product”, and the more you discover the inner workings of it at a level that every novas will really learn to use the product and every advanced user will enjoy to pick up a few need to knows and nice to knows.
Enough talk, here are the facts on this chapter.
- What I loved:
Overall the chapter really does give a good insight into getting your web apps out on the web through UAG. The sheer depth of info for publishing Exchange and Sharepoint is exactly what any beginner needs to get direct ROI and setup a POC to justify the investment in this product.
- The chapter runs through the publishing interface step by step explaining for each stop what it does.
- A few interface options like simple enable/disable of rules are pointed out and i find this nice, thorough and handy as it might be something you miss when just scrolling through the interface.
- For the first time the concept of AAM en Non-AAM applications is explained. If you don’t know what I’m talking about, then buy the book and all will become clear to you ;-)
- I really loved what i saw on page 89 with the two screenshots. On this page you can see two screenshots depicting almost exactly the same screen except one is for an AAM app the other for a Non-AAM app. The fact that the writers of the book took the time to make both screenshots shows their dedication to making this book as complete as possible for us and also stresses the importance of the AAM concept within UAG web publishing. (Good on you guys, very few writers would have taken the time to make both screenshots and this continues on throughout the chapter for all overlapping screens!)
- Again the sheer detail in Exchange and certainly different SharePoint scenarios sure will help anyone getting started with UAG to have get quick ROI on the product. The detail of the explanation makes it a read, click and work solution and that’s exactly what we need.
- Even though it’s poor security I like the fact the regkeys for suppressing UAG’s cert validation is a nice thing to know for demo and test lab’s. It could prove to be a life saver for any admin giving a demo the exact day your self generated certs expire.
- What I missed:
- On page 86 there is mention of blocking upload and download request. I find this a very powerful feature and something that really differentiates UAG from TMG. It would have been nice to have mentioned this as I find this a selling point for UAG compared to TMG and will help any consultant or pre-sales in customer discussion.
- On page 86 Restricted zones are mentioned as endpoint policy settings. There is mention this will be covered in more detail in chapter 8 (I can’t wait) but I would at this point already like to understand what this refers to? Is this the IE security zones we are referencing or what context must i see this in? The other options being access policy, upload and download I can put into concept but I can’t help but wonder if Restricted zones are IE related, UAG related or something totally different.
- Overall for this chapter one of the main things I struggled with are the images and linking them to the correct part of the text. It seems that when I’m reading about something the image just always seems to be on the next page and I got confused because the where no image reference markers in the text. I just can’t help but feel that adding image index numbers and referencing them in this chapter would help keep text and image in alignment and take away all doubt when I was reading about something that I was looking at the exact right image.
- On page 89 at the top there is mention of how you can target your web servers through host, subnet and regular expression. Both host and regular expression are illustrated but no example of subnet based targeting. I check the help and even their the info is quit vague. Adding in an example would make it more complete even though I don’t imagine anyone reading this book would have problem with this concept.
- One of the more difficult things to keep track with throughout this chapters was the usage of public hostname, trunk hostname,… On page 90 all the way at the top the issue with the “/” is clearly explained and you understand it one you read it with great care (it’s pure logic when you think about it). However at the bottom of page 96 you get a sentence that no matter how many times I read it i get lost in words. “The path in this URL is built based on details set during the wizard. Typically, this URL would be identical to the URL your users use to access this application internally. If an application has its own public hostname, then the Application URL should be based on it instead of the internal web server address or name.” It took me a few minutes to figure out the image was actually on page 98 ( to be honest i gave up on this sentence moved on and then came back after seeing the image). Seeing the image and reading the text puts it more in context but still up till date I'm struggling with the words: “if an application has its own public hostname, then the Application URL should be based on it instead “ Is this referencing if we use split brain DNS and use the external url internally? For me public always references external but here we seem to be using the word public on an internal URL context?
- In the screenshots on page 92 you can see the address field and the public host name of a load-balanced webserver both are referencing hrweb.createhive.com as FQDN. This for me seems to be pointing in the split brain DNS scenario as mentioned above and confuses me a bit. Do you need to use the same FQDN internally and externally or could I have hrweb.createhive.internal in the address field and hrweb.createhive.com in the public host name field or is the whole point of this part to illustrate it needs to be the same?
- on page 103 during the Sharepoint example there is mention of two ways to solve the IE protected mode issue using Endpoint Cleanup component or alternatively adding the url the IE trusted sites. Here I’m missing a bit of insight into the impact, what choice should I make, more over what’s the impact of my choice and what does MS put forward as best practice or recommendation. It just seems to me that running UAG without endpoint session cleanup should be the last thing to do as it undermines a key feature of UAG and again a differentiator towards TMG deployment.
- small typo on page 105, the FQDN of the internal address sharepointmcreatehive.com should probably be sharepoint.mcreatehive.com
- My problem:
Well I really didn’t have any with this chapter and the fact that my Exchange 2010 is going right out the front door of UAG is proof enough. To be honest I don’t have a Sharepoint running in the lab so didn’t check all the screens but I would be surprise if it wouldn’t work for you.