I recently upgraded my Toshiba Tecra A7 to the RTM versions of Vista and Office 2007, and have been going through my list of things to install on a new machine to check that I haven’t missed anything. In addition, I’ve been meaning to enable access to my TFS box via the internet for some time now, so here’s my ToDo list and comments thereon:
Install VSTS on the Vista Box
Just shoved MSDN DVD 3075 into the drive and away it went. I did get a compatibility warning saying that VS2005 couldn’t be installed on Vista, but I clicked Run Anyway because I’m going to install SP1 in the next step.
By the way, I already had Visual Web Developer 2005 Express Edition, Visual Basic 2005 Express Edition, Visual C# 2005 Express Edition, SQL Server 2005 Express Edition and SQL Server 2005 Developer Edition installed on this box. This morning when I got to the machine, I was notified of a new update available – SQL 2005 SP1, so that just happened in the background. I love Microsoft Update!
I also installed Team Explorer from my MSDN DVD 3538 (but after the SP1 install below, so I re-installed SP1 as well)
Install VS2005 SP1 Beta on the Vista box
I had already grabbed the beta from the connect site, so I went ahead and installed it. No dramas (although I did need a reboot because I had a bunch of things open while the install was running). Note that the beta’s now closed (that is no more bug reports are being taken that will be included in this SP), but you can still download the beta.
Install VSTO SE on the Vista box
Grabbed this from the Microsoft download site.
Install VS2005 SP1 Beta on the TFS Box
When I checked this, it turns out I’d already done it, so a big check in that box first up. Nice way to start.
Enable internet access to the TFS box
I run a Small Business Server network at home (behind an ISA Server 2004, which is part of the Premium Edition of SBS R2), and the TFS box is a member server. I want to be able to access the server from outside the firewall, so I’m going to need to publish the site using ISA and I’m also going to need to issue a certificate from the SBS box that matches the domain name I’m going to use coming in.
I set up a static host entry on dyndns.com to point to my static IP address on my ADSL 2+ modem (which one of the NICs on my ISA machine plugs into). The entry has the wildcard flag set, which means that while the main entry is of the form <myname>.dyndns.org, I can use a fqdn in the form tfs.<myname>.dyndns.org and it will get resolved to the correct address, and I can use the additional name at this end to reroute the traffic correctly.
Next, I followed the steps in Walkthrough: Setting up Team Foundation Server with Secure Sockets Layer (SSL) and an ISAPI Filter on the VSTSUE blog. NB, when I was following the steps in the section entitled “Issuing a Certificate Request and Creating a Binary Certificate File”, I came across a couple of anomalies:
- Firstly, when I opened the Certification Authority MSC (which, btw, was on the SBS box, not on the TFS box), I was prompted to upgrade to the 2003 version, which I did.
- Next, Rather than take the default (unqualified) common name in creating the request
- Finally, when I tried to submit the request file as per step 3 of that section, I got an error:
Certificate Request Processor
The request contains no certificate template information. 0x80094801 (-2146875391)
Denied by Policy Module 0x80094801, The request does not contain a certificate template extension or the CertificateTemplate request attribute.
- I tried submitting an immediate request to the certificate authority (rather than delaying the request and submitting via a request file as specified). This appeared to work, but there was no certificate installed. Looking in the Failed Requests node of the Certification Authority MSC, I found the rejection (as well as the rejection from the attempt above):
Request Status Code:
The requested certificate template is not supported by this CA. 0x80094800 (-2146875392)
Request Disposition Message:
Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Certificate Services policy: WebServer
There were a couple of vaguely relevant hits on live.com, but the best hint was the error message itself. Right-clicking on the Certificate Templates node in the Certification Authority MSC and choosing Manage opened a list of the templates installed on the box, but in doing so, it reported that there were templates that needed to be imported. Doing so enabled the request and issuing of a certificate, so off we go again.
Configured the ISA server to pass traffic addressed to tfs.<myname>.dyndns.org through to the TFS box.
I’ve got no separate build or proxy servers, so there’s no need to install certificates there.
Time for a reboot and testing …
This post took some time to write, so at infrequent and irregular intervals during the day, I clicked the Insert Currently Listening… button in Windows Live Writer (btw, Frank’s got a good list of pluggins for Windows Live Writer here)
Currently Listening To “Les Adieux” Klaviersonate Nr.26 Es-dur Op.81a : Das Wiedersehn. Vivacissimamente from Beethoven-Sonaten by Emil Gilels
Currently Listening To Alexandre Guilmant: Chorale (Kirchenordnung Braunschweig) from the art of the trombone by Patrick Wedd
Currently Listening To the 1st Ashes Test