Archive for the ‘Server 2003’ Category

Support Files of Active Directory

Posted: July 5, 2011 in Active Directory, Server, Server 2003, Server 2008
Tags: , , ,
1

The Active Directory support files are listed below. These are the files that you specify a location for when you promote a server to a domain controller:

  • Ntds.dit (NT Directory Services): Ntds.dit is the core Active Directory database. This file on a domain controller lists the naming contexts hosted by that particular domain controller.
  • Edb.log: The Edb.log file is a transaction log. When changes occur to Active Directory objects, the changes are initially saved to the transaction log before they are written to the Active Directory database.
  • Edbxxxxx.log: This is auxiliary transaction logs that can be used in cases where the primary Edb.log file fills up prior to it being written to the Ntds.dit Active Directory database.
  • Edb.chk: Edb.chk is a checkpoint file that is used by the transaction logging process.
  • Res log files: These are reserve log files whose space is used if insufficient space exists to create the Edbxxxxx.log file.
  • Temp.edb: Temp.edb contains information on the transactions that are being processed.

Schema.ini: The Schema.ini file is used to initialize the Ntds.dit Active Directory database when a domain controller is promoted.

Blade Servers

Posted: June 3, 2011 in Active Directory, Server, Server 2003, Server 2008
Tags: ,
1

Blade computing introduces a new data center paradigm where various thin compute blades share centralized resources in a single chassis. Ablade server is a single circuit board populated with components such as memory, processors, I/O adapters, and network connections that are often found on multiple boards. Server blades are built to slide into existing servers. They are smaller, need less power, and are more cost-efficient than traditional box-based servers.

 

Managing these servers requires the following:

  • A virtualized view of the servers and resources it uses (such as storage)
  • A high level of security within the server and on the network devices
  • Dynamic resource provisioning that is automated as much as possible
  • A layout that is easy to scale to meet ever-increasing user demands

Data centers will realize a shift from box-based servers to densely packed racks of blade-based servers.

Smart Card Deployment Considerations

Posted: June 1, 2011 in Active Directory, Server, Server 2003, System Information
Tags: , ,
0

Smart card logon is supported for Windows 2000 and Windows Server 2003. To implement smart cards, you must deploy an enterprise certification authority rather than a stand-alone or third-party certification authority to support smart card logon to Windows Server 2003 domains. Windows Server 2003 supports industry standard Personal Computer/Smart Card (PC/SC)–compliant smart cards and readers and provides drivers for commercially available plug and play smart card readers. Windows Server 2003 does not support non-PC/SC-compliant or non–plug and play smart card readers. Some manufacturers might provide drivers for non–plug and play smart card readers that work with Windows Server 2003; however, it is recommended that you purchase only plug and play PC/SC-compliant smart card readers.

The cost of administering a smart card program depends on several factors, including:

■ The number of users enrolled in the smart card program and their location.

■ Your organization’s practices for issuing smart cards to users, including the requirements for verifying user identities. For example, will you require users to simply present a valid personal identification card or will you require a back-ground investigation? Your policies affect the level of security provided as well as the actual cost.

■ Your organization’s practices for users who lose or misplace their smart cards. For example, will you issue temporary smart cards, authorize temporary alternate logon to the network, or make users go home to retrieve their smart cards? Your policies affect how much worker time is lost and how much help desk support is needed.

Your smart card authentication strategy must describe the network logon and authentication methods you use, including:

■ Identify network logon and authentication strategies you want to deploy.

■ Describe smart card deployment considerations and issues.

■ Describe PKI certificate services required to support smart cards.

In addition to smart cards, third-party vendors offer a variety of security products to provide two-factor authentication, such as “security tokens” and biometric accessories. These accessories use extensible features of the Windows Server 2003 graphical logon user interface to provide alternate methods of user authentication.

Active Directory Naming and LDAP

Posted: March 4, 2011 in Active Directory, Exchange Server, Server 2003, Server 2008, System Information
Tags: , ,
1

 

The LDAP is a standardized protocol used by clients to look up information in a directory. An LDAP-aware directory service (such as Active Directory) indexes all the attributes of all the objects stored in the directory and publishes them. LDAP-aware clients can query the server in a wide variety of ways.

 

Every object in Active Directory is an instance of a class defined in the Active Directory

schema. Each class has attributes that ensure unique identification of every object in

the directory. To accomplish this, Active Directory relies on a naming convention that

lets objects be stored logically and accessed by clients by a standardized method. Both

users and applications are affected by the naming conventions that a directory uses. To

locate a network resource, you’ll need to know its name or one of its properties. Active

Directory supports several types of names for the different formats that can access

Active Directory.

 

These names include:

■ Relative Distinguished Names

■ Distinguished Names

■ User Principal Names

■ Canonical Names

 

Dell Open Manage Installation Guide for ESX

Posted: March 4, 2011 in Networking, Open Manage, Server 2003, Server 2008, System Information
Tags: , , ,
0

Installing Dell OpenManage 5.x on ESX 3.X

Note: ESX 3.5 systems, Patch ESX350-200802412-BG need to be installed prior to the OpenManage Installation. This patch addresses an issue related to event reporting in Dell OMSS. This patch may be downloaded from http://www.vmware.com/download/vi/vi3_patches_35.html. For further details, refer to http://kb.vmware.com/kb/1003459.

 

Dell OpenManage Package from support.dell.com

 

Use the following steps to download Dell OpenManage:

 

1. Go to http://support.dell.com

 

2. Select “Drivers and Downloads”

 

3. Select the appropriate server model (example: PowerEdge 2950) or enter the Service Tag of the server

 

4. For “Operating System,” select “Red Hat Enterprise Linux 4”

 

5. For “Category,” select “Systems Management”

 

6. Click on “Dell OpenManage Server Administrator Managed Node” to download a tar package for Server Administrator.

 

7. If the version of Dell OpenManage you require is not the latest release, click on “Other Versions” to find previous releases

 

The following are the steps to install OpenManage 5.x on ESX 3.x:

 

1. Log on with administrator privileges (root) to the Service Console.

 

2. Make sure there is at least 512MB of free disk space in the /root partition of ESX Server service console. This can be verified by running the df –lh command in the service console.

 

3. Use the following steps to install OpenManage Server Administrator:

 

Copy the file to ESX using WINSCP to

 

# /etc/tmp/update

Create an Update folder under /etc/tmp

 

Unzip the file

$ tar -zxvf OM_5.1_ManNode_LIN_A00.tar.gz

 

where OM_5.1_ManNode_LIN_A00.tar.gz is the file downloaded from http://support.dell.com

 

4. Install OpenManage by executing the installation script and following the onscreen instructions:

# ./setup.sh

 

a. If you are installing OpenManage on a Dell PowerEdge 1855, PowerEdge 1955, or on a system that does not have a Dell Remote Access Card (DRAC), use the following command:

 

$ ./srvadmin-install.sh –b –w -s

 

b. If you are installing Dell OpenManage on a PowerEdge M600, M605, or a server with DRAC, use the following command:

 

$ ./srvadmin-install.sh –b –w –r -s The options used in the OpenManage installation script expand as: b: Base install of OpenManage Server Administrator w: Web interface for OpenManage Server Administrator r: Dell Remote Access Controller (DRAC) services s: OpenManage Storage Management (OMSM)

 

5. To start the OpenManage services without rebooting the system, execute the following command:

$ srvadmin-services.sh start

 

 

6 To access the ESX server using an OpenManage Web Administrative console, open the ports used by OpenManage using the following commands:

 

$ esxcfg-firewall -o 1311,tcp,in,OpenManageRequest

 

 

To check the Dell Open manage

 

https://esxip:1311

 

Cisco ASA5505 Firewall

Posted: March 4, 2011 in Firewall, Networking, Server, Server 2003, Server 2008, System Information
Tags: , , ,
0

Cisco ASA5505 Firewall overview

Cisco ASA5505 firewall is a small box with the following layout:

It has eight Ethernet ports marked 0 to 7 and one Console port marked blue.

–  Connect the Console port to the local server or any computer from which you will configure the box: the Console      cable must be connected to Serial port of the computer. Note: it is needed for configuration only; later this    connection can be removed.

–  Port 0 of the ASA must be attached to Internet Provider’s equipment: connect it to the ISP modem.

–  Port 2 of the ASA must be attached to the local Ethernet switch.

–  Connect the Server and computers to the Ethernet switch.

 

CONFIGURATION

In order to configure the firewall, you will need a configuration template (not included in this document, supplied as a separate file). Follow the instructions inside the configuration template in order to adjust it to the profile of your site and use the following configuration sequence:

–  Log in to the server or a computer that was connected to ASA box;

–  Open up the HyperTerminal program (Start à Programs à Accessories à Communications). Set up a new connection to COM1 port.

–  Clear any existing configuration from the firewall using the following set of commands:

Devicename> enable

Devicename# config terminal

Devicename(config)# clear configure all

Devicename(config)# write memory

–  While in configuration mode, copy-paste the configuration file that you prepared earlier.

–  Save the configuration of the firewall:

Devicename(config)# write memory

 

Having this done, your firewall is set up for operation. Verify if your internet are working.

 

 

Net Use Command to Add Drives

Posted: March 4, 2011 in Bios, Commands, Networking, Server 2003, Server 2008, System Information
Tags: ,
0

Net Use Command:

 

To Add a Drive

net use (drive-name): \\Servername\Foldername :persistent

 

To Delete a Mapped Drive

net use (Drivename): /del                           or                                net use (Drivename): /delete

 

In case if you get any error while running the Net use command like : NET NOT RECOGNIZED AS A COMMAND

Then Follow the Below Steps:

Open Command Prompt> Go To “C” Drive> “Windows” Folder> “System 32″ Folder”

and then run the Net Use Command mentioned above.

Also check the below Value:

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\Path

I suspect it is a Reg_SZ value. It should be a Reg_Expand_SZ value

 

Outlook Anywhere

Posted: September 19, 2010 in Active Directory, Exchange Server, Outlook, Server, Server 2003, Server 2008, System Information
Tags: , ,
2


Outlook Anywhere uses the HTTP protocol to encapsulate RPC information for sending

between the Outlook client (version 2003 and 2007) and the Exchange Server 2010 server. For

this service to run properly the RPC over HTTP Proxy service has to be installed on the Client

Access Server. This can be achieved either by adding this as a feature via the Server Manager,

or by entering the following command on a PowerShell Command Prompt:

ServerManagerCmd.exe -i RPC-over-HTTP-proxy

When the RPC over HTTP Proxy is installed use the following steps

to configure Outlook Anywhere:

1. Open the Exchange Management Console;

2. In the navigation pane, expand “Microsoft Exchange On-Premises”;

3. In the navigation pane, expand “Server Configuration”;

4. Click on “Client Access” and select your Client Access Server;

5. In the Actions pane, click on “Enable Outlook Anywhere”.

6. On the Enable Outlook Anywhere page enter the External host name. Make sure that

this name is also available in the certificate you created on the previous Paragraph. Select

the authentication methods used by clients, i.e. Basic Authentication or NTLM authentication.

For now leave these settings on default and click Enable to continue;

7. This will activate the Outlook Anywhere service on this service, and it may take up to 15

minutes before the service is actually useable on the Client Access Server. Click Finish to

close the wizard

Configure a Send Connector to the Internet

Posted: September 19, 2010 in Active Directory, Exchange Server, Server 2003, Server 2008, System Information
Tags: , , , ,
1


Exchange Server 2010 cannot send out SMTP messages to the Internet by default. To achieve

this you’ll need to create an SMTP connector, which is a connector between one or more

Hub Transport Server and the Internet. Since this information is stored in Active Directory,

all Hub Transport Servers in the organization know of its existence and know how to route

messages via the SMTP connector to the Internet.

To create an SMTP connector to the Internet, follow these steps:

1. Logon to the Exchange Server 2010 server using a domain administrator account, and

open the Exchange Management Console;

2. Expand “Microsoft Exchange On-Premises” and then expand the Organization

Configuration.

3. Click on the Hub Transport, and then click on the “Send Connectors” tab in the middle

pane;

4. In the Actions Pane click on “New Send Connector”;

5. On the Introduction page enter a friendly name, “Internet Connector” for example,

and in the “Select the intended use for this Send connector” drop-down box select the

Internet option. Click Next to continue;

6. On the Address Space page, click on the Add button to add an address space for the

Internet Connector. In the address field enter an asterisk *, leave the cost on default and

click OK. Click Next to continue;

7. On the Network settings page you can select if the Send Connector will use its own

network DNS settings to route E-mail to other organizations, or to use a smart host.

Change this according to your own environment and click Next to continue;

8. On the source server page you can choose multiple source servers for the Send

Connector. You can compare this to Bridgehead Servers in Exchange Server 2003. When

you enter multiple Hub Transport Servers, the Exchange organization will automatically

load balance the SMTP traffic between the Hub Transport Servers. Since we have only

one Hub Transport Server installed we can leave this as default. Click Next to continue;

9. Check the Configuration Summary, and if everything is ok click on New to create the

Send Connector;

10. On the Completion page click Finish.

You have now created a Send Connector that routes messages from the internal Exchange

Server 2010 organization to the Internet.

Email Address Policies

Posted: September 19, 2010 in Active Directory, Exchange Server, Server, Server 2003, Server 2008, System Information
Tags: , , , ,
1


Exchange recipients clearly need an email address for receiving email. For receiving email

from the Internet, recipients need an email address that corresponds to an accepted domain.

Recipients are either assigned an email address using an Email Address Policy, or it is also

possible to manually assign e-mail addresses to recipients.

To configure Email Address Policies follow these steps:

1. Logon to an Exchange Server 2010 server with domain administrator credentials and

open the Exchange Management Console;

2. Expand the “Microsoft Exchange On-Premises”;

3. Expand the Organization Configuration;

4. Click on Hub Transport in the left pane;

5. In the middle pane there are eight tabs, click on the on labelled E-Mail Address Policies;

6. There will be one default policy that will be applied to all recipients in your organization.

For now the default policy will be changed so that recipients will have the E-mail address

corresponding to your Accepted Domain. Click on New E-mail Address policy to create a

new policy;

7. On the Introduction page enter a new Friendly Name. Click the Browse button to select

a container or Organizational Unit in Active Directory where you want to apply the

filter. Select the Users container. Click Next to continue;

8. On the Conditions page you can select conditions on how the recipients in the container

will be queried, for example on State, Province, Department, Company etc. Do not select

anything for this demonstration, and click Next to continue;

9. On the E-mail Addresses tab click the Add button, the SMTP E-mail Address pop-up

will be shown. Leave the local part default (Use Alias) and select the “Select the accepted

domain for the e-mail address” option and click Browse;

10. Select the Accepted Domain you entered earlier , click OK twice and

click Next to continue;

11. On the Schedule page you have the option to apply the policy immediately or schedule

a deploy during, for example, non-office hours. This is useful when you have to change

thousands of recipients. For now leave it on Immediately and click Next to continue;

12. Review the settings, and if everything is ok then click New to create the policy and apply

it immediately;

13. When finished successfully click the Finish button.

You can check the E-mail address on a recipient through the EMC to confirm your policy

has been correctly applied. Expand the Recipient Configuration in the left pane of the

Exchange Management Console and click on ‘Mailbox’. In the middle pane a list of recipients

should show up, although right after installation only an administrator mailbox should be

visible. Double click on the mailbox and select the E-mail Addresses tab. The Administrator@

yourdomain.com should be the primary SMTP address.

Older Entries
Newer Entries