Posts Tagged ‘Server’

How to find the NetBIOS Name of a Domain

Posted: January 10, 2010 in Active Directory, Networking, Server, System Information
Tags: , ,
1

Problem

You want to find the NetBIOS name of a domain. Although Microsoft has moved to using DNS for its primary means of name resolution, the NetBIOS name of a domain is still important, especially with down-level clients that are still based on NetBIOS instead of DNS for name resolution.

Solution

Using a graphical user interface
  1. Open the Active Directory Domains and Trusts snap-in (domain.msc).
  2. Right-click the domain you want to view in the left pane and select Properties.

The NetBIOS name will be shown in the “Domain name (pre-Windows 2000)” field.

You can also retrieve this information using LDP, as follows:

  1. Open LDP and from the menu, select Connection Connect.
  2. For Server, enter the name of a domain controller (or leave blank to do a serverless bind).
  3. For Port, enter 389.
  4. Click OK.
  5. From the menu select Connection Bind.
  6. Enter credentials of a domain user.
  7. Click OK.
  8. From the menu, select Browse Search.
  9. For BaseDN, type the distinguished name of the Partitions container (e.g., cn=partitions,cn=configuration,dc=rallencorp, dc=com).

10.  For Scope, select Subtree.

11.  For Filter, enter:

12.  (&(objectcategory=crossref)(dnsHostName=<DomainDNSName>)(netbiosname=*))

13.  Click Run.

Using a command-line interface

To find the NetBIOS name of a Windows domain, use the following command:

        > dsquery * cn=partitions,cn=configuration,<ForestRootDN> -filter
        "(&(objectcategory=crossref)(dnsroot=<DomainDNSName>)(netbiosname=*))" -attr
        netbiosname

Or you can use the AdFind utility as follows:

        > adfind -b cn=partitions,cn=configuration,<ForestRootDN>
        -f "(&(objectcategory=crossref)(dnsroot=<DomainDNSName>))" cn netbiosname
Using VBScript
        ' This code prints the  
NetBIOS name for the specified domain
        ' ------ SCRIPT CONFIGURATION -----
        strDomain = "<DomainDNSName>" ' e.g. amer.rallencorp.com
        ' ------ END CONFIGURATION --------

        set objRootDSE = GetObject("LDAP://" & strDomain & "/RootDSE")
        strADsPath = "<LDAP://" & strDomain & "/cn=Partitions," & _
                    objRootDSE.Get("configurationNamingContext") & ">;"
        strFilter = "(&(objectcategory=Crossref)" & _
                     "(dnsRoot=" & strDomain & ")(netBIOSName=*));
        strAttrs = "netbiosname;"
        strScope = "Onelevel"
        set objConn = CreateObject("ADODB.Connection")
        objConn.Provider = "ADsDSOObject"
        objConn.Open "Active Directory Provider"
        set objRS = objConn.Execute(strADsPath &  strFilter &  strAttrs &  strScope)
        objRS.MoveFirst
        WScript.Echo "NetBIOS name for " &  strDomain &  " is " &  objRS.Fields(0).Value

Discussion

Each domain has a crossRef object that is used by Active Directory to generate referrals to other naming contexts within an Active Directory forest. Referrals are necessary when a client performs a query, and the domain controller handling the request does not have the matching object(s) in any naming contexts that it has stored locally. The NetBIOS name of a domain is stored in the domain’s crossRef object in the Partitions container in the Configuration NC. Each crossRef object has a dnsRoot attribute, which is the fully qualified DNS name of the domain. The netBIOSName attribute contains the NetBIOS name for the domain.

How To Install and Configure a DHCP Server in Windows Server 2003

Posted: January 10, 2010 in Active Directory, Networking, System Information
Tags: , ,
0

This step-by-step article describes how to configure a new Windows Server 2003-based Dynamic Host Configuration Protocol (DHCP) server on a stand-alone server to provide centralized management of IP addresses and other TCP/IP configuration settings for the client computers on a network.

How to Install the DHCP Service

Before you can configure the DHCP service, you must install it on the server. DHCP is not installed by default during a typical installation of Windows Standard Server 2003 or Windows Enterprise Server 2003. You can install DHCP either during the initial installation of Windows Server 2003 or after the initial installation is completed.

How to Install the DHCP Service on an Existing Server

  1. Click Start, point to Control Panel, and then click Add or Remove Programs.
  2. In the Add or Remove Programs dialog box, click Add/Remove Windows Components.
  3. In the Windows Components Wizard, click Networking Services in the Components list, and then click Details.
  4. In the Networking Services dialog box, click to select the Dynamic Host Configuration Protocol (DHCP) check box, and then click OK.
  5. In the Windows Components Wizard, click Next to start Setup. Insert the Windows Server 2003 CD-ROM into the computer’s CD-ROM or DVD-ROM drive if you are prompted to do so. Setup copies the DHCP server and tool files to your computer.
  6. When Setup is completed, click Finish.

How to Configure the DHCP Service

After you have installed the DHCP service and started it, you must create a scope, which is a range of valid IP addresses that are available for lease to the DHCP client computers on the network. Microsoft recommends that each DHCP server in your environment have at least one scope that does not overlap with any other DHCP server scope in your environment. In Windows Server 2003, DHCP servers in an Active Directory-based domain must be authorized to prevent rogue DHCP servers from coming online. Any Windows Server 2003 DHCP Server that determines itself to be unauthorized will not manage clients.

How to Create a New Scope

  1. Click Start, point to Programs, point to Administrative Tools, and then click DHCP.
  2. In the console tree, right-click the DHCP server on which you want to create the new DHCP scope, and then click New Scope.
  3. In the New Scope Wizard, click Next, and then type a name and description for the scope. This can be any name that you want, but it should be descriptive enough so that you can identify the purpose of the scope on your network (for example, you can use a name such as “Administration Building Client Addresses”). Click Next.
  4. Type the range of addresses that can be leased as part of this scope (for example, use a range of IP addresses from a starting IP address of 192.168.100.1 to an ending address of 192.168.100.100). Because these addresses are given to clients, they must all be valid addresses for your network and not currently in use. If you want to use a different subnet mask, type the new subnet mask. Click Next.
  5. Type any IP addresses that you want to exclude from the range that you entered. This includes any addresses in the range described in step 4 that may have already been statically assigned to various computers in your organization. Typically, domain controllers, Web servers, DHCP servers, Domain Name System (DNS) servers, and other servers, have statically assigned IP addresses. Click Next.
  6. Type the number of days, hours, and minutes before an IP address lease from this scope expires. This determines how long a client can hold a leased address without renewing it. Click Next, and then click Yes, I want to configure these options nowto extend the wizard to include settings for the most common DHCP options. Click Next.
  7. Type the IP address for the default gateway that should be used by clients that obtain an IP address from this scope. Click Add to add the default gateway address in the list, and then click Next.
  8. If you are using DNS servers on your network, type your organization’s domain name in the Parent domain box. Type the name of your DNS server, and then click Resolve to make sure that your DHCP server can contact the DNS server and determine its address. Click Add to include that server in the list of DNS servers that are assigned to the DHCP clients. Click Next, and then follow the same steps if you are using a Windows Internet Naming Service (WINS) server, by adding its name and IP address. Click Next.
  9. Click Yes, I want to activate this scope now to activate the scope and allow clients to obtain leases from it, and then click Next.

10.  Click Finish.

11.  In the console tree, click the server name, and then click Authorize on the Actionmenu.

Troubleshooting

The following sections explain how to troubleshoot some of the issues that you may experience when you try to install and configure a Windows Server 2003-based DHCP server in a workgroup.

Clients Cannot Obtain an IP Address

If a DHCP client does not have a configured IP address, this typically indicates that the client was not able to contact a DHCP server. This can be caused by a network problem, or because the DHCP server is unavailable. If the DHCP server started and other clients can obtain valid addresses, verify that the client has a valid network connection and that all the related client hardware devices (including cables and network adapters) are working properly.

The DHCP Server Is Unavailable

If a DHCP server does not provide leased addresses to clients, it is frequently because the DHCP service did not start. If this is the case, the server may not be authorized to operate on the network. If you were previously able to start the DHCP service, but it has since stopped, use Event Viewer to check the System log for any entries that may explain why you cannot start the DHCP service.

To restart the DHCP service:

  1. Click Start, and then click Run.
  2. Type cmd, and then press ENTER.
  3. Type net start dhcpserver, and then press ENTER.

-or-

  1. Click Start, point to Control Panel, point to Administrative Tools, and then clickComputer Management.
  2. Expand Services and Applications, and then click Services.
  3. Locate and then double-click DHCP Server.
  4. Verify that Startup is set to Automatic and that Service Status is set to Started. If not, click Start.
  5. Click OK, and then close the Computer Management window.

Desktop Management

Posted: January 10, 2010 in Networking, System Information
Tags: , ,
0

Desktop management is a comprehensive approach to managing all the computers within an organization. Despite its name, desktop management includes overseeing laptops and other computing devices as well as desktop computers. Desktop management is a component of systems management, which is the administration of all components of an organization’s information systems. Other components of systems management include network management and database management.

Traditional desktop management tasks include installing and maintaining hardware and software, spam filtering, and administering user permissions. In recent years, however, security-related tasks have become an increasingly large part of desktop management. As a result, an increasingly large proportion of administrative resources have been devoted to security-related tasks, such as patch management, fighting viruses and spyware, and controlling greynet applications (programs installed without corporate approval, such as instant messaging, file sharing programs, and RSS readers).

Desktop Management Interface (DMI) is an industry framework for managing and keeping track of hardware and software components in a system of personal computers from a central location. DMI was created by the Desktop Management Task Force (DMTF) to automate system management and is particularly beneficial in a network computing environment where dozens or more computers are managed.

Windows Server Security Tools for Admins

Posted: August 25, 2009 in Server, System Information
Tags:
0

Automating tasks or at least taking some of the hands-on effort out of the equation allows you to focus on other security issues in your Windows environment, like keeping up with all the patches Microsoft keeps releasing these days. Free tools can even allow you to do things you wouldn’t be able to justify otherwise. In turn, you end up with a more secure network and everyone wins. Now, whether they actually know or care is a different issue…

Since security and limited budgets are all the rage these days, here’s a set of free Windows server security tools you need to check out. While to think there’s life beyond the Sysinternals tools might seem unimaginable, there are indeed other tools available that can make your life a whole lot simpler,– and as with Sysinternals, they won’t cost you a dime.

Data backup, recovery, and destruction tools

  • Cobian Backup – backup software for those who have had it with Windows Backup and the commercial alternatives
  • Eraser – secure deletion for when the time comes to toss out those old drives
  • KillDisk – an alternative option for secure deletion
  • Recuva (Piriform) – data recovery for when you accidentally delete your Exchange Server Public folders

Malware protection tools

  • ClamWin – virus scanner so you can (finally) get some protection on your Windows servers

Monitoring, reporting and search tools

  • EventTracker Pulse (Prism Microsystems) – search engine for log data so you can gain insight into what’s happening on your Windows systems and other devices
  • OSSIM – security information management you can use for security anomaly detection, event correlation, and more (runs via VMware )
  • Paglo Crawler – search engine, monitoring, and reporting so you can gain insight into your IT assets such as network hosts and applications

Scanning and analysis tools

  • Angry IP Scanner – network scanner you can use to monitor your hosts and determine when rogue systems have joined the network and users are doing things they shouldn’t be doing
  • WireShark – the free network analyzer everyone loves – yet so many still haven’t heard of – that can be used to troubleshoot network and application problems

Testing tools

  • ReactOS – a binary-compatible OS to Windows based on XP and Server 2003 that can be used to test Windows applications, security tools, and so on
  • VirtualBox – virtual machine software you can use for testing new versions of Windows, patches, security tools, and more before you put them into production
Newer Entries