Monday, February 15, 2010

Configuring NLB Cluster in Windows Server 2008

In this article, I show how to set up an NLB cluster in Windows Server 2008.

I will create a cluster with only 2 nodes that are configured as follows:

Node 1:

  • IP : 192.168.0.1
  • Mask : 255.255.255.0
  • Node 2:
  • IP: 192.168.0.2
  • Mask: 255.255.255.0

The cluster is with IP 192.168.0.3

The first step is to install a feature of Network Load Balancing (NLB) on both nodes of the cluster, click Start, Server Manager, Features and Add Features.As the figure below:

image

In the Add Features Wizard check the Network Load Balancing, click NEXT and the INSTALL button to install the feature

image

Click CLOSE after the installation completes.

image

Click START, Administrative Tools, and Network Load Balancing Manager

image

Click Right-click Network Load Balancing Cluster and select New Cluster

image

In New Cluster: Connect, type the ip or name of a node in the cluster and click the Connect button.After the interface is connected, click NEXT

image

In the Host Parameters, select the priority of the IP addresses of the nodes and the state of initial activity of the node to join the cluster. ... And click NEXT

image

Click ADD and add the cluster IP address (this is the IP address to be accessed by customers) ... after completing the settings, click OK and NEXT button.

image

Choose the operating mode of the cluster ... will choose the unicast mode (which will cause the MAC address of network interfaces of the servers (we) are equal to the virtual MAC address of the cluster). Click NEXT

image

In the Port Rules by clicking the ADD have the option to create rules for the cluster to meet requests only on certain ports.Leave the default option (from 0 to 65535). Clique em FINISH… Click FINISH ...

image

... Our NLB cluster is almost ready, lack now add the second node to the cluster. To do this, click the right-click the cluster and select Add Host to Cluster as shown in the figure below ...

image

In the Add Host to Cluster: Connect, type the name or IP of the server that will be another cluster node and click the Connect button. After the interface is connected, click NEXT

image

In the Host Parameters, select the priority of the IP address of another node and the state of the initial activity even when entering the cluster. ... And click NEXT

image

Set again the port rules to the other node and click FINISH

image

We have our NLB cluster running.

image

Now, to test, I run the PING command (from a client station) while the dedicated IP's of the two nodes (192.168.0.1 and 192.168.0.2) and the cluster's IP (192.168.0.3) ...

image

... I will now disable the network interface of one of us. The expected result is that it does not lose connectivity with the cluster (192.168.0.3).

imageI hope it's useful!

Posted by às No comments:
TAGS: ,

Documentation on Global Name Zone in Windows Server 2008

This goes for personal travel 6421 (31/08/2009) from BF.

Personally, as promised, follow the link to an official document of Microsoft about GLOBAL ZONE NAME Windows Server 2008.

http://download.microsoft.com/download/e/2/0/e2090852-3b7f-40a3-9883-07a427af1560/DNS-GlobalNames-Zone-Deployment.doc

.... soon will be posting articles on the subject!

A Abs to all!

Posted by às No comments:
TAGS: ,

Evidence required for each Microsoft Certification

Save gentlemen

Here's a link's containing the necessary evidence for the Microsoft certifications focused on infrastructure:

MCITP

MCTS

MCSE

MCSA

MCDST

MCM

MCA

I hope it's useful!

Posted by às No comments:
TAGS: ,

Interplanetary Internet !!!!!

Here is a link at least curious and very interesting Interplanetary Internet!

http://www.ipnsig.org

Posted by às No comments:
TAGS:

Sunday, January 31, 2010

Detection and Driver Update Online!

Personal

A student has a hint of a pretty cool site that scans and detects which drivers need to be updated and / or installed on the machine. ... FREE!
Here's a link:

http://www.ma-config.com


I hope it's useful!
Posted by às No comments:

Monday, January 25, 2010

Microsoft Posters

 

These posters from Microsoft are very good for study, not only those who are seeking certification as well as for everyday tasks.

image

People .... Just click on the link:

http://cid-fe19f09132c649bd.skydrive.live.com/browse.aspx/.res/FE19F09132C649BD!1033

Posted by às No comments:
TAGS: , , , ,

Partitioning disk with GPT

 

Ladies and Gentlemen,

I am posting links to information on the partitioning of GPT disk, much improved and more flexible than our old friend MBR.

Segue link´s: Here's a link's:

http://www.microsoft.com/whdc/device

/storage/GPT_FAQ.mspx

http://en.wikipedia.org/wiki/GUID_Partition_Table

Posted by às No comments:
TAGS: , ,

MICROSOFT SECOND SHOT !!!!!

Here's a link personal, valid until the end of June 2010!

http://www.prometric.com/microsoft/ss_mcp.htm

Posted by às No comments:
TAGS:

Tuesday, December 22, 2009

Microsoft Poster

These posters from Microsoft are very good for study, not only those who are seeking certification as well as for everyday tasks.
People .... Just click on the link:

http://cid-fe19f09132c649bd.skydrive.live.com/browse.aspx/.res/FE19F09132C649BD!1033
Posted by às No comments:

Thursday, December 3, 2009

How to reset the restore mode password in Active Directory

In this article, let's resetting a password is commendable in a domain environment at Microsoft, the password used in "directory services Restore mode" which is requested at the time of promoting a server to domain controller during DCPROMO proccess. This password will be used when there is a nessecidade to perform an offline maintenance on the Active Directory data, e.g. a authoritative restore.

There is an aggravating circumstance, mainly in the exchange network administrators, which is not very important documentation this password, which makes offline AD maintenance. To work around this problem, we can reset the password of Restore Mode by doing the following:

At the DOS prompt, run the NTDSUTIL utility, as pictured below …

image

At the NTDSUTIL prompt, type set dsrm password, to sign in DSRM utility that will reset the password.

image

If you are running these procedures on the server you want to reset the password, type reset password on server null hit enter and type and confirm a new password of "directory services Restore mode" if you want the command to be executed on a remote server, type reset password on server <ServerName> reminding you that the password must meet complexity …

image

After these procedures, type q to exit the DSRM prompt and q again to quit the NTDSUTIL prompt

Now just restart the server and pressing the F8 key to use the "directory services Restore mode" , and good luck in your AD maintenance …

image

Posted by às No comments:
TAGS: , , , ,

Installing Windows 7 from a Pen-drive

I will show a simple process and pretty cool that is installing Windows 7 through a Pen-drive common…

For the procedures, we will need a pen-drive and DVD install Windows 7 …

Let us prepare the Pen-drive for installation. From the command prompt, you are going to access the application DISKPART to prepare for the partition.

After the opening of the DiskPart prompt, type list disk command to identify the Pen-drive as image below:

image

Locate the removable disk (in my case, the DISK 1), and then select the same through select disk command <x> (where x is the number of the disk). After the disk check, enter CLEAN command to delete the existing partition on the same …

image

… now, let's create a primary partition and activate it through the create partition primary command and ACTIVE

image

We already have the partition created and active, now is the only format … type FORMAT QUICK fs = FAT32, I do quick FAT32 formatting

image

Our Pen-drive, is now ready, now is the only copy the contents of the DVD to the Pen-drive and bootar the machine by USB. Simple, fast and convenient! rss

image

I hope that is useful!

Posted by às No comments:
TAGS: ,

Configuring multiple GPO ´ s locations in Windows Vista, Windows, and Windows Server 2008 R2

Ladies and gentlemen, I will show a cool feature we from Windows Vista, which is to create multiple local group policy.

In earlier versions of operating systems (Windows 2000, 2003 and XP) we have only one layer, where we have the local GPO applied to all local users and groups from the machine. With Windows Vista and beyond, we have three layers to work with the local GPO´ s:

  1. The first layer, we have a default local GPO, where configure both user configuration options as this computer is applied to all including local administrators.
  2. In the second layer, ´ s we GPO that will be applied to users in the Administrators group and GPO ´ s that will be applied to common users. None of these objects local group policy contains settings for your computer.
  3. The third layer contains GPO ´ (s) that will be applied to a specific user and those Group Policy objects, we can only user settings.

In case of conflict between the GPO ´ s, the last GPO applied is that prevaleçe and the order in which they are applied is ..... Default (1st local GPO) layer, GPO for administrators and non-administrators (2nd layer) and finally the GPO to specific user (3rd layer)

In the case of a computer in a domain, the GPO ´ s site, domain, and OU GPO will prevail over the ´ s locations. You can also turn off the processing of local GPO ´ s, configuring the option "turn off Local Group Policy objects processing" in "computer Configuration Administrative Templates \System \ policy" in the domain GPO.

To demonstrate how to create and apply these GPO ´ s, I use a computer with Windows 7 installed. The first step is to create a common user as shown in image …

image

… then we will work with a UserAdmin (local administrator) and UserComum (user). The next step is to create a custom MMC, we need to add a Group Policy object editor "for each GPO created. To do this, click Start , in Search type MMC.exe, and click OK .

In the Console1 window, ', click file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, and then click Add . Choose the object to the local computer. Click Concluir.

image

Again, click file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, click then add and click Browse . Click the tab, users click não-administradores group … click OK and Finish button.

image

Again, click file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, click then add and click Browse . Click the tab, users click the Administrators group of … click OK and Finish button.

image

Do the same procedure by selecting the object UserAdmin …

image

Click file, click Save and save the MMC with a name of your own …

image

Now we must set up group policies according to our needs. For example, I will configure common users that will disappear the option menu, all programs "Iniciar… menu

image

Logging in with a typical user, you can see that the policy was applied to the user.

image

As an example, administrators set up for a GPO that does not appear Documentos… option

image

Logging in with a user a member of the Administrators group , the GPO is applied … Note that the option "all programs" appears to the user, because it was not a customized GPO …

image

… I customize user GPO to the, UserAdmin in this policy I will disable LOGOFF option and purposely create a conflict, contrary to the GPO applied to group Administradores.

image

Logging with the user, we can see that the Logoff option is disabled and that documents appear to the user, proving the GPO precedence (3rd layer)

image

If you want to remove the policies, do the same process of adding a new object … click Start , Search type MMC.exe, and click OK then click. file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, click then add and click Browse . Click the tab users, select the user or group you want to delete the policy, click with the right button and choose the option to remove the GPO, as pictured below …

image

I hope that is useful!

Posted by às No comments:
TAGS: , ,

Enabling and configuring bitlocker to go on Windows 7

Staff, let's talk in this article about "bitlocker to go ", which is the ability to encrypt a removable disk, such as a Pen-drive for example. What is very helpful with respect to information security, it is very easy to lose a pendrive due to its small size, not to mention how this object is susceptible to theft. The feature can be enabled on any computer running Standalone Windows 7 and in an environment in the area where we have workstations running Windows 7 and servers with Windows Server 2008 R2 (configuration through group policies … but that already is another article! RSS) with BitLocker enabled on a removable disk, the same can only be accessed through the typing a password, which is registered at the time of encryption configuration.

To enable the appeal, is quite simple … then right-click on the device and enable the feature, as shown in the image below:

image

We have the option of configuring access protection through a password or smart card with a … show the example using a password. Register and confirm the same …. click Next

image

If you forget your password, we can save a recovery password in a file, both when printing the same …

image

After you choose the method for recovery password storage shall be instituted device encryption. wait until the end of encryption, if you want to modify, copy, or move the removable disk files, click the PAUSE button to freeze the encryption process … so you do not run the risk of damaging the files …

image

After the device encryption will always be required typing the password to permit access to information …

image

We can see clearly the device encrypted in "My Computer".

image

In the case of lost password, we have the option of using a recovery password (same saving and there in the previous steps or …) …

image

… just digit password and follow the wizard, it will stick so that we can change our access password again.

image

Using the removable device on other machines, we have access to the files of the Pen-drive via "bitlocker to go reader", which is already contained in encrypted device; that makes it read-only access to data …

image

As we can see, this is a hands-on resource, fast and very useful!

Posted by às No comments:
TAGS: ,

Windows Server 2008/R2 DHCP NAP Enforcement

In this video, basic settings Network access protection (NAP). A very cool feature to control the level of safety of clients accessing resources such as DHCP, TS, and 802.1 x. With the NAP capability, we can verify the security tools status including…

  • Firewall network connections.
  • Antivirus.
  • AntiSpware.
  • Automatic updates.

Depending on the assumptions access policies configured, we deny, allow or restrict the connectivity of customers on our network.

More information on NAP: http://technet.microsoft.com/en-us/network/bb545879.aspx

<a href="http://video.msn.com/?mkt=pt-BR&amp;playlist=videoByUuids:uuids:bcd0cdb9-8649-4753-a94d-4ab843f3780a&amp;showPlaylist=true" target="_new" title="NAP">Vídeo: NAP</a>
Posted by às No comments:
TAGS: , , ,

Configuring BitLocker to go through Group Policy

This article show how to configure BitLocker to go in a domain environment through group policies.
… "BitLocker to go" is a resource that is used to encrypt removable disks (external disks, etc…) pendrive. our pre-requirements for configuring a server running Windows Server R2 DC and clients running Windows 7.
The first step is to create a GPO setting. to this end, we will run the tool "Group Policy Management Console" in "administrative tools." for more information about GPMC: http://www.microsoft.com/windowsserver2003/gpmc/default.mspx
image
In the container "group policy depended" right click on it, and click New …
image
A name for the policy object, and then click OK. as the figure below:
image
…. Editing a GPO, navigate to the \Program Computer Configuration Administrative Templates \Windows Components \ BitLocker Encryption \ Removable date Driver Drives … below, watch the video where I describe each configuration related to BitLocker to go:

<a href="http://video.msn.com/?mkt=pt-BR&amp;playlist=videoByUuids:uuids:90efecf8-da1b-4772-90a3-46a09b26c1b8&amp;showPlaylist=true" target="_new" title="BitLocker to go GPO">Vídeo: BitLocker to go GPO</a>
Posted by às No comments:
TAGS: , , , ,
Subscribe to: Posts (Atom)