Tuesday, March 31, 2009

Search SQL Database for any record

Copy and Execute code below on SQL 2005 to create Searchalltables procedure. Then execute procedure as follows.

EXEC SearchAllTables 'keyword'
GO

Search all Tables Procedure Code.



CREATE PROC SearchAllTables
(
@SearchStr nvarchar(100)
)
AS
BEGIN

CREATE TABLE #Results (ColumnName nvarchar(370), ColumnValue nvarchar(3630))
SET NOCOUNT ON
DECLARE @TableName nvarchar(256), @ColumnName nvarchar(128), @SearchStr2 nvarchar(110)
SET @TableName = ''
SET @SearchStr2 = QUOTENAME('%' + @SearchStr + '%','''')
WHILE @TableName IS NOT NULL
BEGIN
SET @ColumnName = ''
SET @TableName =
(
SELECT MIN(QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME))
FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_TYPE = 'BASE TABLE'
AND QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME) > @TableName
AND OBJECTPROPERTY(
OBJECT_ID(
QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME)
), 'IsMSShipped'
) = 0
)
WHILE (@TableName IS NOT NULL) AND (@ColumnName IS NOT NULL)
BEGIN
SET @ColumnName =
(
SELECT MIN(QUOTENAME(COLUMN_NAME))
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_SCHEMA = PARSENAME(@TableName, 2)
AND TABLE_NAME = PARSENAME(@TableName, 1)
AND DATA_TYPE IN ('char', 'varchar', 'nchar', 'nvarchar')
AND QUOTENAME(COLUMN_NAME) > @ColumnName
)
IF @ColumnName IS NOT NULL
BEGIN
INSERT INTO #Results
EXEC
(
'SELECT ''' + @TableName + '.' + @ColumnName + ''', LEFT(' + @ColumnName + ', 3630)
FROM ' + @TableName + ' (NOLOCK) ' +
' WHERE ' + @ColumnName + ' LIKE ' + @SearchStr2
)
END
END
END
SELECT ColumnName, ColumnValue FROM #Results
END

Read more...

Extend OWA 2007 Timeout

OWA 2007 default sessions have a 15-minute inactivity timeout for public or shared computers and 24 hours for a private computer To extend this time follow these steps below.

Logon to Exchange Server as an Administrator.

*Start the registry editor (regedit.exe).
* Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\
CurrentControlSet\Services\MSExchange OWA subkey
* From the Edit menu, select New - DWORD value.
* Enter a name of PublicClientTimeout and press Enter.
*Double-click the new value and set it to the desired number of minutes before a timeout (1 to 4320), set the type to decimal, and click OK.
*From the Edit menu, select New - DWORD value.
*Enter a name of TrustedClientTimeout and press Enter.
*Double-click the new value and set it to the desired number of minutes before a timeout (1 to 4320), set the type to decimal, and click OK.

Stop and restart the World Wide Web (WWW) Publishing service by using these commands at the command line.

net stop w3svc net start w3svc

Read more...

Set Maximum Message size in Exchange 2007

Open "Exchange Management Shell" from programs menu.

Firstly type ,

get-receiveconnector select identity,maxmessagesize to check message sizes.

then execute ;

set-receiveconnector "Connector Name" -maxmessagesize 5MB to change maximum size


Client Receive connectors are used to receive e-mail from users of Microsoft Exchange. This connector will be configured to only accept client submissions from authenticated Microsoft Exchange users.


Read more...

Monday, March 30, 2009

Configuring sqlsrvr.exe process memory usage on ISA server

If sqlsrvr.exe process is using huge amount of memory you can follow steps below to limit memory for this process.
Install SQL Server Management Console on ISA Server then;

Execute the following command on Management Studio;

EXEC sp_configure 'max server memory (MB)', 1024 \\ Memory in MB

USE master
EXEC sp_configure 'show advanced options', 1
RECONFIGURE WITH OVERRIDE

USE master
EXEC sp_configure 'max server memory (MB)',1024

USE master
EXEC sp_configure 'show advanced options', 0
RECONFIGURE WITH OVERRIDE

Read more...

Friday, March 27, 2009

Windows XP Remoteapp disconnected

In order to be able to connect Windows 2008 Remoteapp firstly you should enable Microsoft Terminal Services Client Control (redist) addons .


Also, You should use following version of OS to see these addons.( Vista SP1, XP SP3 and RDP 6.0 or higher).


If you having a connection problem just for Remoteapp, you should ckeck if your DNS server resolve your TS name correctly.


If you are coonecting to your TS by IP number. You should check RDP settings as if it is like below picture.


Server Name: IP address


Read more...

Windows 2008 Terminal Services Network Level Authentication

You can change the Network Level Authentication configuration from ;

Server Manager -->Terminal services -->Terminal Services Configuration






Double Click to RDP-Tcp Connection





you can enable or disable network level configuration by checking or unchecking "Allow connections only from computers running Remote Desktop with Network Level Authentication check box is selected and is dimmed, the Require user authentication for remote connections by using Network Level Authentication" checkbox .

To use Network Level Authentication,
you need to meet all of the following requirements:

On the client computer, be using at least Remote Desktop Connection 6.0.
On the client computer, be using an operating system, such as Windows Vista, that supports the Credential Security Support Provider (CredSSP) protocol.
On the terminal server, be using Windows Server 2008.


Read more...

Vmware 2.0 does not see USB DVDROM or CDROM


Try restarting all Vmware services .



Read more...

Thursday, March 26, 2009

System administrator has set policies to prevent this installation error


If you get the error above while installing Vmware 2.0.
Download and install the patch from the link below.And restart your PC/Server.

Read more...

Set Maximum Message Size in Exchange Server 2003

Sometimes system administrators want to prevent users from sending files that in big size. In order to set Maximum message size in Exchage Server follow the steps below.

Open Exchange System Manager . Global settings --> Message Delivery-->(Right Click) Properties.

Open Defaults Tab.

set your organization maximum message size in KB.



Read more...

View HP Blade Server Health Status By command prompt

Firstly, you should check if telnet connection to your HP Blade Chasis is enable.

Howto Check

Telnet to your chasis.

Execute show server status all command to view all your blades health status incl.(Internal data , management processor , Thermal, Device status,...)



Read more...

View all ILO IP Numbers of Blades in Chasis by command prompt

Firstly, you should check if telnet connection to your HP Blade Chasis is enable.

Open HP Onboard Administrator-->Enclosure Settings -->Network Access






Enable Telnet box must be checked.(Default is enabled)


After doing this Telnet to your Onboard Administrator IP number.


Enter the Username and Password.



In the command prompt type show EBIPA press enter. You can see all of your Blades and Interconnect devices EBIPA adresses(Enclosure Bay IP Addressing) Settings.






Read more...

Medium currently in use by another process

You are using HP Data Protector A.05.50 and you are getting "Medium currently in use by another process" error




Solution is ;
Restart the services below;



Read more...

Exchange 2007 send or receive mail problem Event ID : 1009

The problem is most probably about the Free Space in your drive where your smail queue ie present.

Here is what you should do ;

Find \bin directory and you will see EdgeTransport.exe.config file in that directory.

Open the file by using Notepad ;

Change the two lines below;

add key="QueueDatabasePath" value = "d:\newlocation" //you can choose another drive name that present in your Server.

add key="QueueDatabaseLoggingPath" value = "d:\another-newlocation"

Read more...

Wednesday, March 25, 2009

SQL Query to Find Which Users are using which SQL Application

You can use Query below to find which user is using which SQL Application.

SQL Query:

Use Master
Select

SP.SpId 'Session ID',

SP.Nt_UserName UserName,

SD.Name DatbaseName,

SP.LogiName LoginId,

SP.Program_Name App

From Sys.SysProcesses SP

Join Sys.SysDatabases SD on SP.DbId = SD.DbId

Where SP.Nt_UserName Not In ('sa', 'System')

And (SP.loginame <> 'sa')

Order By SpId


Read more...

Tuesday, March 24, 2009

Using Previledge mode commands in Global Config Mode

I think it is very useful tip when using the show, ping, and telnet commands. Instead of switching back and forth between global configuration mode and privilege mode to use these commands, you can remain in global configuration mode and type the do command with the original syntax.

For example:

Router(config)#do show running-config

or

Router(config)#do show interface s0

or

Router(config)#do PING 20.0.0.1


Read more...

View Console Log messages on Telnet Sessions in Cisco

Execute the Command “terminal monitor”. By enabling this command, all your console messages can be seen on a telnet session. Always disable it after you have complete your work . Otherwise every time you will telnet that router/switch, you will see console messages coming on your telnet session.
Read more...

Full Help Menu in User Exec Level Cisco IOS

Normally in User Exec mode you can not see all avaliable show commands. But there is a trick to see Full help of show commands.

Router> terminal full-help
Router> show ?

If you make this permanent behaviour in your Cisco Router your administrator must execute full-help line configuration command.
Read more...

Monday, March 23, 2009

How to find last executed queries in SQL server 2005 by SQL Commands

SQL code for viewing last executed commands.

SELECT deqs.last_execution_time AS [Time], dest.text AS [Query]
FROM sys.dm_exec_query_stats AS deqs
CROSS APPLY sys.dm_exec_sql_text(deqs.sql_handle) AS dest
ORDER BY deqs.last_execution_time DESC
Read more...

Change Local Administrator Password on Windows XP and 2000 Computers

Add the script below as Startup Script of the domain computers.

Set WshNetwork = WScript.CreateObject("WScript.Network")
strComputer = "."
Set objUser = GetObject("WinNT://" & strComputer & "/Administrator,user")
objUser.SetPassword "new.password" ' <-- new admin password.
objUser.SetInfo
Read more...

OS Language VB Script

VB Script to get language of the operating system of our computer accounts in Active Directory.


Set dtmConvertedDate = CreateObject("WbemScripting.SWbemDateTime")

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colOperatingSystems = objWMIService.ExecQuery _
("Select * from Win32_OperatingSystem")

For Each objOperatingSystem in colOperatingSystems
Wscript.Echo "OS Language: " & objOperatingSystem.OSLanguage
Next

Read more...

Software List on Domain Computers VB Script

select cn, mail, distinguishedname, displayname, samaccountname FROM OPENROWSET('ADSDSOObject',
'adsdatasource;', 'SELECT cn, mail, distinguishedName, displayName, samaccountname
FROM ''LDAP://company.com'' where objectClass = ''User'' and objectCategory=''Person'' ')
Read more...

Sunday, March 22, 2009

Disable or Restrict Bluetooth Devices via GPO

By default, Windows XP SP2 installs Bluetooth wireless device support when you install Windows XP SP2 to a computer. After installation, if a Bluetooth wireless device or radio is detected, Device Manager will install the driver for the Bluetooth device.

To remove Bluetooth wireless device support on Client, follow these steps:

Open Device Manager.
Expand Bluetooth Radios.

Right-click each device listed under Bluetooth Radios, click Uninstall, and then click OK.
Close Device Manager, and then click OK.
In Windows Explorer, open the C:\Windows\Inf folder.
Rename the Bth.inf file to Bth.inf.old.
Rename the Bth.pnf file to Bth.pnf.old.
Restart Windows XP SP2.






Read more...

Get user details from Active directory by using SQL Commands

select cn, mail, distinguishedname, displayname, samaccountname FROM OPENROWSET('ADSDSOObject',
'adsdatasource;', 'SELECT cn, mail, distinguishedName, displayName, samaccountname
FROM ''LDAP://COMPANY.com'' where objectClass = ''User'' and objectCategory=''Person'' ') ad
inner join usermanagement.dbo.[user] u
on u.useremail = ad.mail
Read more...

Finding source of denial of service attacks in AD/ Conficker Virus

Open Event Viewer on DC;

And Filter on Logon/Logoff events to start off with.
Event ID is 529 for locked and 675 for logon attempts.

Client address will be listed in the failure.
Read more...

Change all Local Admin passwords in Domain.

Create a logon Script.
Use the Syntax Below.

runas domain\user DomainUserPassword net user Administrator NewPassword
Read more...

Active Directory ports that should be opened in your Firewall

TCP 135 : MS-RPC
* TCP 1025 & 1026 : AD Login & replication
* TCP 389 : LDAP
* TCP & UDP 53 : DNS
* TCP 445 : SMB , Microsoft-ds
* TCP 139 : SMB
* UDP 137 & 138 : NetBIOS related
* UDP 88 : Kerberos v5
Read more...

Microsoft Visual C++ Runtime Library This application has requested the runtime to terminate in an unusual way.

If you get this error while trying to open active directory sites and services.

Go to start and run mmc. There try to open this active directory sites and services snap-in.
In Active directory sites and services, Open File -> Options and use Disk Cleanup to delete the changes to the console view that are saved in your profile (Click Delete Files button).

If this won't correct your problem, try running sfc /scannow.
Read more...

Group Policy Error: Failed to open the Group Policy Object.

Group Policy Error: Failed to open the Group Policy Object. You may not have appropriate rights. Details: Logon Failure: the target account name is incorrect

Event Log:
The processing of Group Policy failed. Windows attempted to read the file \\***.***.net\sysvol\***.***.net\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.


If you migrate your domain controller from windows 2003 to windows 2008.And shutdown old server and get the error above.

Cause:
All FSMO roles haven't been transfered yet. Some of roles are still in the old server

Solution:
Transfer all FSMO roles to new DC

Read more...

Event ID 5781 & NLTest /dsregdns test indicates ERROR_NO_LOGON_SERVERS

Please Check http://support.microsoft.com/kb/259277
Read more...

Error 8457 The destination server is currently rejecting replication requests.

If you execute "repadmin /showreps" and I get and error:

"Can't retrieve message string 8456 (0x2108), error 1815"

Additional Data
Error value:
8457 The destination server is currently rejecting replication requests.


Execute the commands below on the offending dc02.

repadmin /options dc02 -disable_inbound_repl

repadmin /options dc02 -disable_outbound_repl

After those execute "repadmin /showreps" and


Read more...

Saturday, March 21, 2009

SQL Server 2005 backups corrupted

Corruption in system Tables can cause Backup corruption.
Please Check the links above.

http://www.sqlservercentral.com/articles/65804/ (PayFree Login Account Needed)

http://www.sqlskills.com/BLOGS/PAUL/post/TechEd-Demo-Using-the-SQL-2005-Dedicated-Admin-Connection-to-fix-Msg-8992-corrupt-system-tables.aspx

Restore database from a corrupt file
http://blog.sqlauthority.com/2008/04/10/sql-server-2005-restore-database-using-corrupt-datafiles-mdf-and-ldf-part-2/

Read more...

Friday, March 20, 2009

Block web access for Outlook Anywhere Users

Rule 1
Firewall Policy -> Create a new access rule
Name "Exchange OWA"
Action = Allow
Protocols = HTTP and HTTPS
From = Internal
To -> New Computer and\or new URL set -> Enter name\IP and save -> add to the TO
User set = All users


This rule must be above than the rule2

Rule 2
Firewall Policy -> Create access rule
Name "Block HTTP\HTTPS Access"
Action = Deny
Protocols = HTTP and HTTPS
From = INternal
To -> external
User set = All users

Read more...

ISA Server HTTP Status Code of 12202

ISA Server denied access through destination port 8080

By default Web Proxy filters are using 80 (HTTP), 443 (HTTPS) and 563 (NTP)


HKEY_LOCAL_MACHINE\IsaStg_Eff1Policy\WebProxy\Proxy-TunnelPortRanges

You can get "ISA Server tunnel port tool" from "isatools.org" to create custom port ranges. Run the script from your ISA Server and follow the instructions to create a new port binding. After doing this create a custom protocol with TCP 8080 outgoing and add it to your Allow Internet access rule.

Read more...

Thursday, March 19, 2009

Cisco IOS Naming

In Cisco IOS names every character has a meaning.

IOS SOFTWARE :

y :ip
7 :adsl
s :plus

o :firewall
v :voice
k9 :IPSEC 3 DES , encryption > 64 bit
k8 :IPSEC 56 , encryption <64 bit
3 :IDS
n :IPX
br2 :AT / IBM
a :APPN
j :ENTERPRISE
a3 :SNA SOFTWARE



c1700-y-mz12.2-2.T1 :IP
c1700-y7-mz :IP / ADSL
c1700-sy7-mz :IP / ADSL plus
c1700-k9sy7-mz :IP / ADSL PLUS 3 DES
c1700-k8sy7-mz :IP / ADSL PLUS IPSEC 56
c1700-k9o3sy7-mz :IP / ADSL / FW / IDS PLUS IPSEC 3 DES
c1700-k8o3sy7-mz :IP / ADSL / FW / IDS PLUS IPSEC 56
c1700-bnr2sy7-mz :IP / ADSL / IPX / AT / IBM PLUS
c1700-no3sy7-mz :IP / ADSL / IPX / FW / IDS PLUS
c1700-bk9no3r2sv3y7-mz :IP / ADSL / IPX/AT/IBM/VOICE/FW/IDS PLUS IPSEC 3 DES
c3640-ajs-mz.120.22 :ENTERPRISE / APPN PLUS
c3640-js-mz.122-10a.bin :ENTERPRISE PLUS
c3640-ainr-mz.112-26.P4.bin :IP / IPX / IBM / APPN
c3640-a3js-mz.122-10a.bin :ENTERPRISE / SNASOFTWARE PLUS



Example of a Cisco IOS Image Name




Read more...

The Integrated Remote Console is unavailable, it is already in use by a different client

If there is a open session to ILO and if user forget to close session ,other user cannot connect to Remote console session and get "The Integrated Remote Console is unavailable, it is already in use by a different client" warning.


In order to connect follow these steps below. I am sharing steps for Blade server , for ML/DL servers you should connect directly to ILO instead of Onboard Administration console.


1) Connect Onboard Administrator through HTTP connection. Choose releated server open Web Administration



Choose Remote console>Settings > Change Remote Console
Find "Acquire to Enabled" mark as "Enable"

After Choosing "Console Acquire" , Connection will be reestablished. And warning screen will be appeared. Choose Acquire on warning screen. Then after 30 seconds Remote console will be shown.


Read more...

HP MSA 1000 1500 Modular Smart Array Command Line

HP1000 1500 ew

Read more...

Wednesday, March 18, 2009

NetApp_FAS3070_vs_EMC_CX3-80_Performance_and_Usability

NetApp ew

Read more...

ISA Server 2004 2006 Block Script Injection

To block a script injection we will use 2 signatures.

First Signature;

Right Click to your Access Rule and Choose "Configure HTTP". Choose signature tab from the new window.


Click Add Button. Enter the New Signatuer name (it can be whatever you want) . Choose "Request URL" from Signature Search Criteria.


In the signature part type "<" (except quotas). Click OK and Apply.





Second Signature;





Open signature tab again. Fill the parts same as the first signature except signature part. This time write ">" (Except Quotas). Click OK and Apply.






Read more...

ISA Server 2006 Block File and Form Upload

Right Click to your Access Rule and Choose "Configure HTTP". Choose signature tab from the new window.

Click Add Button. Enter the New Signatuer name (it can be whatever you want) . Choose "Request Headers" in Signature Search Criteria.

Type "Content-Type:" (except quotas) to HTTP header line.
Type "multipart/form-data" (except quotas) to signature .
Click OK and Apply.




Read more...

Friday, March 13, 2009

Cisco Aironet 1100 Series MAC Address Filtering

Print Page
Open Services->Filters Menu and choose "MAC ADDRESS FILTERS" from the right pane.




Enter Number between 700-799 to "Filter Index" part.



Enter the MAC Address that you want to block or forward.


then Click "Add" Button.



In this Example we give a forward right to the device that have MAC Address 1111.1111.1111 and block the rest of devices.



Then Click Apply button to save the rule.



Choose Apply Filters TAB from the .





Choose the traffic direction and Interface to apply the rule. To save configuration press apply button.




Read more...

MSA1000 vs MSA 1500 vs HP EVA 4000 vs DS3400

MSA1000 vs MSA 1500 vs HP EVA 4000 vs DS3400 comparison table


Read more...

Thursday, March 12, 2009

Create Custom Services in Juniper Firewall

Open Custom Services from Menu;





Click New button.



Type the new service name , Choose transport protocol .

Enter 0 and 65535 for source port and enter the port number of program to Destination port part.



Click OK . Your New Service is ready for NAT.
Read more...

IPV4 and IPV6 Access Control Lists on Cisco IOS

ACLs are used to filter network traffic, routing updates, matching packets and a lot of different uses. Main usage is restrict network traffic to unwanted systems.

The access control lists have numbers and can also have text as identifiers, each number or string represents a specific access control list.

There are may types of Access Control Lists, the most common ones are;


IP Standard Access List
List numbers 1-99, can only define source or destination, not source and destination.
IP Extended Access List
List numbers 100-199, can define both source and destination as well as port and protocol numbers.

A IP standard access control list with two entries is configured like this

Router#conf t
Router(config)#ip access-list standard 5
Router(config-std-nacl)#5 permit 192.168.0.0 0.0.0.255
Router(config-std-nacl)#10 permit 192.168.1.0 0.0.0.255

To apply this inbound on an interface, just use

Router#conf t
Router(config)#int te 1/1
Router(config-if)#ip access-group 5 in

The alternative way to define an access list number 5 with two entries is

Router#conf t
Router(config)#access-list 5 permit 192.168.0.0 0.0.0.255
Router(config)#access-list 5 permit 192.168.1.0 0.0.0.255
Router(config)#

To apply this one inbound on a line interface

Router#conf t
Router(config)#line vty 1
Router(config-line)#access-class 5 in

IPV6 usage of Access Lists

Router#conf t
Router(config)#ipv6 access-list myfirewall
Router(config-ipv6-acl)#permit 3ffe:200::/32 any
Router(config-ipv6-acl)#permit 3ffe:100::/32 any

To verify the access-lists just look at this

Router#show access-lists myfirewall
IPv6 access list myfirewall
permit ipv6 3FFE:200::/32 any sequence 10
permit ipv6 3FFE:201::/32 any sequence 20
Router#

To apply this IPv6 Access Control List to an interface, just do as follows

Router#conf t
Router(config)#int te 1/1
Router(config-if)#ipv6 traffic-filter myfirewall in

To apply this IPv6 access control list to a line

Router#conf t
Router(config)#line vty 1
Router(config-line)#ipv6 access-class myfirewall in


Read more...

Wednesday, March 11, 2009

Cisco 2801 WIC1-SHDSL support


Read more...

Tuesday, March 10, 2009

Firmware Upgrade by using HP Library and Tape Tools

You can download HP LTT tool from the link below;
Download

After Completion of download. Install tool to the Server that your HP backup device connected.





Open tool from Programs Menu;

Choose Hardware Scan then Press Continue.
Program will begin to search connected hardware;





After the search process tool will show the connected device. Double click on our device you will see detailed information.





You can perform test from this menu below;




For firmware upgrade Choose firmware button from the screen.





Program will show a warning screen stating that there no suitable firmware file on the server. Press OK to close this warning.


Press "Get Firmware from the web" button.


Control your firmware search criteria(s) than press download. Firmware file will be downloaded to our computer. After completion of download process. Close and open LTT tools and navigate again to Firmware menu. Latest firmware file will be showned there Press "Start Update" Button to start update process. Press OK on the warning screen.








After update process if you have the warning screen below , you hace a successfull firmware upgrade.



Read more...

Roles Installation on Windows 2008 Core

Installing Server Roles on Windows 2008 Server Core

A Server Core installation provides a minimal environment for running specific server roles, which reduces the installation and management requirements. Windows 2008 core is sure more secure installation

Server Core installation does not include the graphical user interface (GUI). You can only manage it locally at a command prompt, or remotely using a Terminal Server connection. A third management option is to manage the server remotely using the Microsoft Management Console (MMC) or command-line tools that support remote use.

List the available server roles and features

To View the available server roles, open a command prompt and type the following: oclist
This command lists the server roles and optional features that are available for use with Ocsetup.exe.

Install the Active Directory Domain Services role

To install the Active Directory Domain Services role type: dcpromo /unattend:
Where unattendfile is the name of a Dcpromo.exe unattend file.

This command installs the Active Directory Domain Services role and promotes the server to a domain controller by using the settings in the unattend file (which you need to manually create).

Note: Dcpromo.exe can also be used to demote a domain controller to a server.

Install the Active Directory Lightweight Directory Services role

To install the AD LDS role type: start /w ocsetup DirectoryServices-ADAM-ServerCore
Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed. Note: Uninstall the AD LDS role by typing the following at a command prompt: start /w ocsetup DirectoryServices-ADAM-ServerCore /uninstall

Install the DHCP Server role

At a command prompt, type: start /w ocsetup DHCPServerCore
Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.
Configure a DHCP scope at the command prompt by using netsh, or by remotely using the DHCP snap-in from Windows Server 2008.
If the DHCP server is installed in an Active Directory domain, you must authorize it in Active Directory. Note: The DHCP Server service does not start automatically by default. Use the following procedure to configure it to start automatically and to start the service for the first time. Note: Uninstall the DHCP Server role by typing the following at a command prompt: start /w ocsetup DHCPServerCore /uninstall
Configure and start the DHCP Server service
At a command prompt, type: sc config dhcpserver start= auto
Start the service by typing: net start dhcpserver

Install the DNS Server role

At a command prompt, type: start /w ocsetup DNS-Server-Core-Role
Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.
Configure a DNS zone at the command prompt by typing dnscmd or by remotely using the DNS MMC snap-in. Note: Uninstall the DNS Server role by typing the following at a command prompt: start /w ocsetup DNS-Server-Core-Role /uninstall

Install File Services role and features
The Server service is installed by default to provide administrative share support for management tools. To install additional file server features use the following commands:
For File Replication service, type the following at a command prompt: start /w ocsetup FRS-Infrastructure
Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.
For Distributed File System service, type: start /w ocsetup DFSN-Server

For Distributed File System Replication, type: start /w ocsetup DFSR-Infrastructure-ServerEdition

For Services for Network File System (NFS), type: start /w ocsetup ServerForNFS-Basestart /w ocsetup ClientForNFS-Base
Note: Uninstall any file server role options by using these commands with the /uninstall option.

Install Print Services role and features
For the Print Server feature, type the following at a command prompt: start /w ocsetup Printing-ServerCore-Role

For the Line Printer Daemon (LPD) service, type: start /w ocsetup Printing-LPDPrintService
Add a printer to the print server
Determine the IP address or host name of the printer you want to connect to. You can usually obtain this information by looking at the printer's test or printer configuration page.
Ping the printer from the print server in order to verify that the print server can communicate with the printer through the network.
On a remote computer running Windows Vista or Windows Server 2008, open the Print Management console and add the server running the Server Core installation.
Expand the entry for the print server running a Server Core installation, right-click Drivers, and then click Add Driver. The Add Printer Driver Wizard starts.
Complete the wizard to install the printer driver for your printer.
In the Print Management console, right-click Printers and then click Add Printer. The Network Printer Installation Wizard starts.
Click Add a TCP/IP or Web Services printer by IP address or hostname and then click Next.
Enter the printer's host name or IP address (the port name will be the same by default), and then click Next.
Make any necessary changes to the printer name, contact information, or sharing status, and then click Next.

Install the Streaming Media Services role
On another computer, download the Streaming Media Services role installer file from KB 934518
Copy installerfilename.msi to your Server Core installation.
Run installerfilename.msi.
At a command prompt, type: start /w ocsetup MediaServer
Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.
On a remote computer, use the Streaming Media Services MMC snap-in to remotely configure Streaming Media Services.

Read more...

Wednesday, March 4, 2009

Secret Cisco IOS Commands

Here are some commands in cisco systems' Internetworking Operating System
which are hidden from users at any privilege level. Some are informative,
while others are rather commonplace. Some will even lock the router if invoked
incorrectly. This list is a subset of all hidden commands. Descriptions
of commands are included where possible. All were tested on a device running
12.0-6S.



exec commands

@clear profile (clear cpu profiling)
@debug ip ospf monitor
@debug oir (debug online insertion and removal)
@debug par mo (debug parser modes)
@debug sanity (debug buffer pool sanity)
@debug subsys (debug discrete subsystems)
@debug buffer (additional buffer debugging)
@gdb kernel
@gdb examine pid
@gdb debug pid
@if-console [] [consoledebug]
@profile .
@sh chunk (show chunks of memory allocated to processes)
@sh chunk summ (show chunk allocation summary)
@sh idb (shows interface database)
@sh in stats (gives you switching path output per interface)
@sh ip ospf maxage-list
@sh ip ospf delete-list
@sh ip ospf statistic
@sh ip ospf bad-checksum
@sh ip ospf event
@sh isis timers
@sh isis tree IS-IS link state database AVL tree
@sh isis tree level-2
@sh isis private
@sh profile [detailterse] (show cpu profiling)
@sh parser modes (shows current process access-tree.)
@sh parser unresolv (shows unresolved links in access-tree)
@sh list
@sh list none
@sh region (shows image layout)
@sh region
(shows image layout at given address)
@sh timers (show timers for timer command in config mode)
@sh int switching (shows switching path information for the interface)
@sh proc all-events (shows all process events)
@sh sum (show current stored image checksum)
@test transmit (test the transmission of L2 frames)


configuration mode commands

@boot system rom
@boot module
@exception-slave dump X.X.X.X
@exception-slave protocol tftp
@exception-slave corefile
@ip route profile
@ip slow-convergence
@ip tftp boot-interface
@loopback diag
@loopback dec (at dec chip)
@loopback test
@loopback micro-linear
@loopback motorola
@scheduler max-task-time 200 (last val in milliseconds)
@scheduler heapcheck process (memory validation.. after proc)
@scheduler heapcheck poll (memory valid after some poll)
@scheduler run-degraded (perhaps in a failure mode?)
@service internal
@service slave-coredump
@service log backtrace (provides traceback with every logging instance)
@tunnel carry-security



Read more...

Monday, March 2, 2009

Netscreen PPTP NAT Configuration

Synopsis

Allow PPTP traffic inbound through a NetScreen in NAT mode with only 1 publicly available IP address. This method can be applied to the general issue of port forwarding by substituting the protocols (e.g. pptp to http)
Problem
Environment:
· VIP same as untrust
· Only have 1 publicly available IP address
· VIP defined with PPTP service
Symptoms & Errors:
· Cannot define VIP same as untrust if using PPTP as service



Solution
To address this problem, enable the VIP multi-port command, which will allow configuration of a VIP service which has more than 1 port it listens to. Previously, a VIP service can only listen to one port. This feature is only available on ScreenOS 3.0.1 or higher.

From the command line interface (CLI):

set vip multi-port [Enter]
save [Enter]
reset [Enter]

The multi-port command will match the first port it sees in the custom service.
Next, define a custom service for PPTP. From the CLI:
set service CustomPPTP group "other" 47 src 2048-2048 dst 2048-2048 [Enter]
set service CustomPPTP + tcp src 0-65535 dst 1723-1723 [Enter]
set interface untrust vip 2048 CustomPPTP 10.1.1.10 [Enter]
set policy incoming "Outside Any" VIP::1 CustomPPTP Permit [Enter]

In this example, the PPTP server was assumed to be on the trust side of the NetScreen, at IP address 10.1.1.10


Read more...

Sunday, March 1, 2009

Server Core Installation Option Of Windows 2008


Read more...
 
span.fullpost {display:none;}