Kamis, 02 November 2023

Windows 11 22H2 Issue to connect legacy SQL Servers

We've got a legacy SQL Server (MS SQL 2005) running in our environment, and everything was fine until one of our user use Windows 11 with latest update (22H2).

A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - An existing connection was forcibly closed by the remote host.) (Microsoft SQL Server, Error: 10054)

The answer most likely is updating my Cipher Suite, Windows 22H2 changed the default TLS Cipher Suites. The following were removed from the default "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_3DES_EDE_CBC_SHA" per article https://learn.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-11

I ran into the same issue, so I just updated the SSL Cipher Suite per instructions https://support.microsoft.com/en-us/topic/update-to-add-new-cipher-suites-to-internet-explorer-and-microsoft-edge-in-windows-548427db-ed06-5521-fe8b-d525ab573022follow these steps:

  1. At a command prompt, enter gpedit.msc, and then press Enter. The Local Group Policy Editor is displayed.

  2. Go to Computer Configuration > Administrative Templates Network > SSL Configuration Settings.

  3. Under SSL Configuration Settings, select SSL Cipher Suite Order.

  4. In the SSL Cipher Suite Order pane, scroll to the bottom.

  5. Follow the instructions that are labeled How to modify this setting.

  6. Restart your windows to apply config.

The list I used was the one that was used for Windows prior to the 22H2 (22621.819) update.

TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_NULL_SHA,TLS_PSK_WITH_AES_256_GCM_SHA384,TLS_PSK_WITH_AES_128_GCM_SHA256,TLS_PSK_WITH_AES_256_CBC_SHA384,TLS_PSK_WITH_AES_128_CBC_SHA256,TLS_PSK_WITH_NULL_SHA384,TLS_PSK_WITH_NULL_SHA256

Disclaimer: Please be advised that this response is to answer the question that was given and obviously does not follow best practice procedures. Microsoft disabled this encryption for a reason. If you are like me and have older servers that need to keep running while you come up with a long-term solution to discontinue them then the above solution will keep you operational.

Read More »
Posted by at Tidak ada komentar:

Senin, 16 Oktober 2023

CITRIX : Unable to launch your application. Contact your help desk with the following information: Cannot connect to the Citrix XenApp server. There is no Citrix XenApp server configured on the specified address.

 

Our client facing problem with citrix apps, it always show an error below

Unable to launch your application. Contact your help desk with the following information: Cannot connect to the Citrix XenApp server. There is no Citrix XenApp server configured on the specified address.



This happen when we move the server to new cluster Data Centre.

From the error message, it said that citrix ICA had a problem with network interface.  And regarding our colleague statement, he had change the network interface to solve another issue.


To solve this issue, i do the following :

1. Open terminal service configuration at you Citrix Server


2. From connection, see ICA-tcp connection, and open it properties.

3. Select network adapter tab. Change network adapter to interface now active. Appy and OK.


4. Restart Citrix Service Manager services



5. Back to ICA-tcp properties, and rollback network adapter into “all network adapter configured” 

6. Restart again  Citrix Services Manager services


Now the issue has solve.

 

 




Read More »
Posted by at Tidak ada komentar:

Jumat, 13 Oktober 2023

CITRIX APPS : The following requested video mode was not available

My colleague ask me about error from her citrix terminal, when she try to open application from citrix apps, it always show an error like picture below.

"The following requested video mode was not available: 1920 x 1080 x 24 BPP

The video mode has been set to the following mode: 1847 x 1038 x 24 BPP

Video mode restricted by administrator. " 





This was due to the fact that not enough memory had been allocated to the graphics for individual client sessions to support the resolution on larger monitors. This can be resolved by modifying the Farm ICA Display settings in the Citrix Access Management Console. Right click on the Farm object in the Citrix Access Management Console and choose ‘Properties’. Then under ‘Server Default’, ICA, click on ‘Display’. Change ‘Maximum memory to use for each sessions’s graphics’ from the default (in my case 5625) to 8192 as shown below:




After increasing the memory available for each sessions graphics, you should find that Citrix is able to support the higher resolutions OK.


Read More »
Posted by at Tidak ada komentar:

Rabu, 17 Mei 2023

EVENT : InfoKomputer Innovate Menjaga Data Resiliency di Era Penuh Disrupsi


Data memegang peran penting dalam perusahaan saat ini. Sebuah studi menyebut, 58% perusahaan menjadikan data sebagai bagian penting dari proses pengambilan keputusan. Tidak heran jika 64% perusahaan memiliki target mengembalikan operasional perusahaan kurang dari satu jam setelah terjadi disrupsi.

Karena itu, penting bagi setiap organisasi untuk memastikan keandalan infrastruktur datanya dalam menghadapi disrupsi, baik dari sisi internal maupun eksternal. Perusahaan harus memahami bagaimana membangun infrastruktur data yang tangguh, langkah preventif apa yang bisa dilakukan, serta bagaimana strategi untuk mengatasi disrupsi yang terjadi.
 Pada seminar ini, akan hadir narasumber yang memiliki pengalaman panjang seputar data resiliency. Mereka akan berbagi tentang strategi dan best practice menjaga keutuhan data, seperti saat terjadi data loss, data breach, sampai kegagalan sistem. 

Acara akan diadakan pada:

·  Hari: Selasa, 23 Mei 2023

·  Waktu: 09.00-12.00 WIB

·  Lokasi: Aurum Room, Lantai 2 Pullman Hotel Thamrin CBD

Mari bergabung di seminar ini untuk mendapatkan insight menarik dari pakar di bidangnya, yang akan membantu memastikan keutuhan data dan keberlangsungan bisnis perusahaan Anda.

 

DAFTAR DISINI
Read More »
Posted by at Tidak ada komentar:

Senin, 17 April 2023

EVENT : Fortinet Accelerate Asia 2023

 Kami ingin mengundang Bapak untuk menghadiri acara "Fortinet Accelerate Asia 2023" yang akan diselenggarakan pada:

Hari                          : Selasa, 30 May 2023

Main Session           : 09.30 - 13.00 WIB

Tracking Session      : 13.00 - 16-30 WIB

Tempat                     : Raffles Hotel Jakarta, Ciputra World, Jl. Prof. DR. Satrio Kav 3 – 5, Jakarta Selatan.


Bergabunglah bersama kami dalam acara FORTINET Accelerate Asia 2023 dan dapatkan informasi bagaimana Fortinet memberikan visibilitas yang belum pernah ada sebelumnya dan bertemu para ahli FORTINET untuk mempelajari cara menerapkan Zero Trust, SASE, Hybrid Mesh Firewall, dan Automated SOC anda.


Karena tempat terbatas, segera registrasikan diri anda melalui tautan berikut: http://bit.ly/Fortinet-Accelerate2023


Acara ini free of charge (tidak dipungut biaya) serta dapat diikuti oleh 5 orang dalam 1 perusahaan 


Terima Kasih, 

Fortinet

Read More »
Posted by at Tidak ada komentar:
Langganan: Postingan (Atom)