Jay Paloma's Tech and Music Blog

Sometimes, this writer can no longer distinguish between the two.

My Tech Video Music

leave a comment »

I was asked by some readers where I get the intro and outro music for my tech videos.

I composed and recorded them.

Geek Rock (“The Cowbell Song”) was recorded around 2008/2009 and was used for the Windows 7 Deployment Series Videos. And for those of you asking if the Saturday Night Live skit has something to do with this song, the answer is No. In fact, I only got to look up that SNL skit when someone commented “We need more cowbell” in the Deployment Series Part 1 video!

Here is the Windows 7 Deployment Series where Geek Rock was used.

External Sync was recorded around 2011 while I was experimenting with the arpeggiators of the Motif synthesizer. After I came across the arpeggiator pattern that we hear in the song, and cooked up the instruments in my head, my next problem was how to configure an external synchronization source. This is for me to sync up the Motif arpeggiator with the MIDI drum programming. I never got to solve that issue during recording.

Here it is!

Both songs were recorded in my home studio, which I guess some techies who produce tech videos have to accommodate vocal recordings for the tech videos.

jay paloma | 28 nov 2015 | bangkok

Written by jpaloma

November 28, 2015 at 9:02 AM

Posted in Music, Videos

Implementing HTTPS on System Center 2012 R2 Configuration Manager

leave a comment »

Implementing HTTPS on SCCM 2012 R2

This video series explains how to configure HTTPS in Microsoft System Center 2012 R2 Configuration Manager. It is intended for the ConfigMgr administrator who would want to get a quick understanding on implementing Configuration Manager 2012 R2 to use HTTPS.

To implement HTTPS on ConfigMgr 2012 R2, there are four tasks that we need to perform:

  1. Implement Windows AD Certificate Authority
  2. Create Certificate Templates Required for SCCM
  3. Enroll the Certificates
  4. Configure the ConfigMgr Services for HTTPS

If you administer Microsoft System Center 2012 R2 Configuration Manager, with the proliferation of  devices that could be managed by Configuration Manager, and the fact that you could now manage devices even when not connected to the internal network, you will find yourself in a situation where you will need to configure HTTPS for Configuration Manager 2012 R2

Note: this blog post is still work in progress. I will update the links above as soon as the videos are completed

Written by jpaloma

November 28, 2015 at 7:27 AM

Implementing HTTPS on System Center 2012 R2 Configuration Manager – Part 2 Certificate Templates

leave a comment »

This is Part 2 of the video series on Implementing HTTPS on System Center 2012 R2 Configuration Manager. This discusses the different certificate templates required, creating those templates and then enrolling certificates to  the servers using these templates.

Certificate Templates Required by Configuration Manager

  1. Client Certificate is used by all Configuration Manager clients
  2. Exportable Client Certificate is required for implementing HTTPS on Distribution Points
  3. Web Server Certificate is used by all MPs, DPs, SUPs, RSPs and other Configuration Manager services that use IIS.

Creating the Certificate Templates

  1. Create an Active Directory Global Group and grant Read, Enroll and Autoenroll permissions for each of the 3 templates.
  2. Configure the templates to use Subject Name (not Alternate Name as mentioned in the video) DNS format
  3. Publish the three templates to the CA and restart the Active Directory Certificate Service.

For more details, refer to this article Step-by-Step Example Deployment of the PKI Certificates for Configuration Manager: Windows Server 2008 Certification Authority.


Written by jpaloma

November 22, 2015 at 8:43 PM

Implementing HTTPS on System Center 2012 R2 Configuration Manager – Part 1 Configure CA

leave a comment »

This video is the first of a 4-part video series on implementing HTTPS on Microsoft System Center 2012 R2 Configuration Manager.

The video below is details the steps in implementing the Windows AD Certificate Authority required for HTTPS implementation.

In a real world environment, your organization may have already set up the CA.

Written by jpaloma

November 22, 2015 at 3:46 PM

Microsoft Hyperlapse in Azure Media Services

leave a comment »

I love doing music recording and videos in my spare time. In fact, some of my technical content are in video form! You can check them out here! and don’t forget to subscribe while you’re in there!

If you also like creating video content, especially action videos using GoPro, you would want to explore this Azure Media Services feature!

Written by jpaloma

November 10, 2015 at 9:29 AM

Posted in Azure, Microsoft

Tagged with ,

Implementing HTTPS on Configuration Manager 2012 R2 – Certificates

leave a comment »

Here are some of first-hand experience insights on implementing HTTPS on Configuration Manager R2

You require 3 certificate templates:

  • Server Authentication Certificate. This is your standard SSL certificate template, but bear in mind that the Reporting Services Point has a requirement that could be easily overlooked: its Alternate Subject should use the DNS format instead of the default Fully Distinguished Name format. Since the DNS naming does not contradict with any other SCCM requirements, better make sure that your Alternate Subject Name follows the DNS name format so you could use this same template when you implement HTTPS on RSP. This certificate is used on all your MPs, DPs, SUPs, RSPs, and even Application Catalog if you also covered all other FQDN options for your Application Catalog Server.
  • Client Authentication Certificate. This is the client certificate that you will issue on all your clients.
  • Client Authentication Certificate with an Exportable Private Key. Once you convert your DP to HTTPS, you will be asked for a .pfx file. This template is used to create the certificate that you will eventually export out as .pfx file. Don’t use the Client Authentication Certificate above, because you give this one the ability to export out the private key. You don’t want to have all those rogue, exported client certificates.

Windows Server Update Services (WSUS) / Software Update Point (SUP). Note that the TCP ports in use by WSUS is different (HTTP is TCP 8530, HTTPS is TCP 8531). The minor snag in WSUS/SUP is that you cannot enforce SSL all the way, and that HTTPS imposes an additional 10% performance degradation on your machine. Chances are, this SUP is also your DP and MP, so be aware.

SQL Server Reporting Services (SSRS) / Reporting Services Point (RSP). Special requirement for RSP Certificate template. See “Server Authentication Certificate” above.

Written by jpaloma

November 7, 2015 at 5:28 PM

MVPs Sharing their Experiences during the Philippines’ Windows 10 Community Event

leave a comment »

MVPs (from L to R) John Delizo, Jay-R Barrios, Jay Paloma, Yvette Watson and Eufer Pasion share their experiences as MVPs during the Windows 10 Community Event in the Philippines

MVPs (from L to R) John Delizo, Jay-R Barrios, Jay Paloma, Adrian Rodriguez, Yvette Watson and Eufer Pasion share their experiences as MVPs during the Windows 10 Community Event in the Philippines

During the Windows 10 Community Event organized by the Philippine Windows Users Group (PHIWUG) and Microsoft Philippines.

Since the MVP is a recognition which candidates get nominated by another MVP or by Microsoft, one of the questions asked is in the lines of what do you think were you doing that warranted a nomination for MVP? It was noticeable that one word was used by all MVPs in the panel: passion (to the delight of MVP Eufer Pasion). All MVPs are so passionate about Microsoft technology that they would be going through great lengths to share the technology over and above the call of duty, whether work or school. A common trait among MVPs is their sharing of these technologies online (via blogs or videos) or offline (via community events). The Philippine Windows Users Group, and the other Philippines’ Users Groups based on Microsoft technologies were all set up by passionate individuals which eventually were recognized by Microsoft as MVPs themselves.

Another question that was asked was if the MVP program actually made any career advantage. The overwhelming answer was Yes. This is simply because an MVP becomes an MVP not by one’s own efforts, but as a recognition by a separate party: Microsoft. Not only that, usually MVPs have an online presence like a blog, which is a testament to one’s technical expertise in itself.  Plus of course, an active community contributor is placed in a position of demonstrating the technologies in front of a live audience, a skill which would be useful later on as a consultant or an architect.

While all of the MVPs who participated in these events are Filipinos (entirely or partially), not all of them are currently Philippines MVPs. Jay-R Barrios and this author are Singapore MVPs by virtue of their residence since both are employed and live in Singapore. However, both became MVPs in the Philippines and were part of the team that formed PHIWUG. Both of us flew in back home for this event.

The last words for the attendees from the MVPs were to not want to become an MVP. Become passionate with the technology, go out and actively contribute to the technical community. Whether or not one becomes an MVP is Microsoft’s prerogative, but the other benefits of contributing to the community — the network, the reputation, learning directly from technology experts, and the soft skills learned like public speaking — is something that one can acquire when contributing.

Special thanks to all the MVPs who contributed to this discussion:

Written by jpaloma

June 29, 2015 at 11:31 AM


Get every new post delivered to your Inbox.

Join 25 other followers