Tuesday, December 22, 2009

Microsoft Poster

These posters from Microsoft are very good for study, not only those who are seeking certification as well as for everyday tasks.
People .... Just click on the link:

http://cid-fe19f09132c649bd.skydrive.live.com/browse.aspx/.res/FE19F09132C649BD!1033
Posted by às No comments:

Thursday, December 3, 2009

How to reset the restore mode password in Active Directory

In this article, let's resetting a password is commendable in a domain environment at Microsoft, the password used in "directory services Restore mode" which is requested at the time of promoting a server to domain controller during DCPROMO proccess. This password will be used when there is a nessecidade to perform an offline maintenance on the Active Directory data, e.g. a authoritative restore.

There is an aggravating circumstance, mainly in the exchange network administrators, which is not very important documentation this password, which makes offline AD maintenance. To work around this problem, we can reset the password of Restore Mode by doing the following:

At the DOS prompt, run the NTDSUTIL utility, as pictured below …

image

At the NTDSUTIL prompt, type set dsrm password, to sign in DSRM utility that will reset the password.

image

If you are running these procedures on the server you want to reset the password, type reset password on server null hit enter and type and confirm a new password of "directory services Restore mode" if you want the command to be executed on a remote server, type reset password on server <ServerName> reminding you that the password must meet complexity …

image

After these procedures, type q to exit the DSRM prompt and q again to quit the NTDSUTIL prompt

Now just restart the server and pressing the F8 key to use the "directory services Restore mode" , and good luck in your AD maintenance …

image

Posted by às No comments:
TAGS: , , , ,

Installing Windows 7 from a Pen-drive

I will show a simple process and pretty cool that is installing Windows 7 through a Pen-drive common…

For the procedures, we will need a pen-drive and DVD install Windows 7 …

Let us prepare the Pen-drive for installation. From the command prompt, you are going to access the application DISKPART to prepare for the partition.

After the opening of the DiskPart prompt, type list disk command to identify the Pen-drive as image below:

image

Locate the removable disk (in my case, the DISK 1), and then select the same through select disk command <x> (where x is the number of the disk). After the disk check, enter CLEAN command to delete the existing partition on the same …

image

… now, let's create a primary partition and activate it through the create partition primary command and ACTIVE

image

We already have the partition created and active, now is the only format … type FORMAT QUICK fs = FAT32, I do quick FAT32 formatting

image

Our Pen-drive, is now ready, now is the only copy the contents of the DVD to the Pen-drive and bootar the machine by USB. Simple, fast and convenient! rss

image

I hope that is useful!

Posted by às No comments:
TAGS: ,

Configuring multiple GPO ´ s locations in Windows Vista, Windows, and Windows Server 2008 R2

Ladies and gentlemen, I will show a cool feature we from Windows Vista, which is to create multiple local group policy.

In earlier versions of operating systems (Windows 2000, 2003 and XP) we have only one layer, where we have the local GPO applied to all local users and groups from the machine. With Windows Vista and beyond, we have three layers to work with the local GPO´ s:

  1. The first layer, we have a default local GPO, where configure both user configuration options as this computer is applied to all including local administrators.
  2. In the second layer, ´ s we GPO that will be applied to users in the Administrators group and GPO ´ s that will be applied to common users. None of these objects local group policy contains settings for your computer.
  3. The third layer contains GPO ´ (s) that will be applied to a specific user and those Group Policy objects, we can only user settings.

In case of conflict between the GPO ´ s, the last GPO applied is that prevaleçe and the order in which they are applied is ..... Default (1st local GPO) layer, GPO for administrators and non-administrators (2nd layer) and finally the GPO to specific user (3rd layer)

In the case of a computer in a domain, the GPO ´ s site, domain, and OU GPO will prevail over the ´ s locations. You can also turn off the processing of local GPO ´ s, configuring the option "turn off Local Group Policy objects processing" in "computer Configuration Administrative Templates \System \ policy" in the domain GPO.

To demonstrate how to create and apply these GPO ´ s, I use a computer with Windows 7 installed. The first step is to create a common user as shown in image …

image

… then we will work with a UserAdmin (local administrator) and UserComum (user). The next step is to create a custom MMC, we need to add a Group Policy object editor "for each GPO created. To do this, click Start , in Search type MMC.exe, and click OK .

In the Console1 window, ', click file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, and then click Add . Choose the object to the local computer. Click Concluir.

image

Again, click file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, click then add and click Browse . Click the tab, users click não-administradores group … click OK and Finish button.

image

Again, click file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, click then add and click Browse . Click the tab, users click the Administrators group of … click OK and Finish button.

image

Do the same procedure by selecting the object UserAdmin …

image

Click file, click Save and save the MMC with a name of your own …

image

Now we must set up group policies according to our needs. For example, I will configure common users that will disappear the option menu, all programs "Iniciar… menu

image

Logging in with a typical user, you can see that the policy was applied to the user.

image

As an example, administrators set up for a GPO that does not appear Documentos… option

image

Logging in with a user a member of the Administrators group , the GPO is applied … Note that the option "all programs" appears to the user, because it was not a customized GPO …

image

… I customize user GPO to the, UserAdmin in this policy I will disable LOGOFF option and purposely create a conflict, contrary to the GPO applied to group Administradores.

image

Logging with the user, we can see that the Logoff option is disabled and that documents appear to the user, proving the GPO precedence (3rd layer)

image

If you want to remove the policies, do the same process of adding a new object … click Start , Search type MMC.exe, and click OK then click. file, and then click Add or remove snap-in. In the list of available snap-ins, click "Policy object editor" group, click then add and click Browse . Click the tab users, select the user or group you want to delete the policy, click with the right button and choose the option to remove the GPO, as pictured below …

image

I hope that is useful!

Posted by às No comments:
TAGS: , ,

Enabling and configuring bitlocker to go on Windows 7

Staff, let's talk in this article about "bitlocker to go ", which is the ability to encrypt a removable disk, such as a Pen-drive for example. What is very helpful with respect to information security, it is very easy to lose a pendrive due to its small size, not to mention how this object is susceptible to theft. The feature can be enabled on any computer running Standalone Windows 7 and in an environment in the area where we have workstations running Windows 7 and servers with Windows Server 2008 R2 (configuration through group policies … but that already is another article! RSS) with BitLocker enabled on a removable disk, the same can only be accessed through the typing a password, which is registered at the time of encryption configuration.

To enable the appeal, is quite simple … then right-click on the device and enable the feature, as shown in the image below:

image

We have the option of configuring access protection through a password or smart card with a … show the example using a password. Register and confirm the same …. click Next

image

If you forget your password, we can save a recovery password in a file, both when printing the same …

image

After you choose the method for recovery password storage shall be instituted device encryption. wait until the end of encryption, if you want to modify, copy, or move the removable disk files, click the PAUSE button to freeze the encryption process … so you do not run the risk of damaging the files …

image

After the device encryption will always be required typing the password to permit access to information …

image

We can see clearly the device encrypted in "My Computer".

image

In the case of lost password, we have the option of using a recovery password (same saving and there in the previous steps or …) …

image

… just digit password and follow the wizard, it will stick so that we can change our access password again.

image

Using the removable device on other machines, we have access to the files of the Pen-drive via "bitlocker to go reader", which is already contained in encrypted device; that makes it read-only access to data …

image

As we can see, this is a hands-on resource, fast and very useful!

Posted by às No comments:
TAGS: ,

Windows Server 2008/R2 DHCP NAP Enforcement

In this video, basic settings Network access protection (NAP). A very cool feature to control the level of safety of clients accessing resources such as DHCP, TS, and 802.1 x. With the NAP capability, we can verify the security tools status including…

  • Firewall network connections.
  • Antivirus.
  • AntiSpware.
  • Automatic updates.

Depending on the assumptions access policies configured, we deny, allow or restrict the connectivity of customers on our network.

More information on NAP: http://technet.microsoft.com/en-us/network/bb545879.aspx

<a href="http://video.msn.com/?mkt=pt-BR&amp;playlist=videoByUuids:uuids:bcd0cdb9-8649-4753-a94d-4ab843f3780a&amp;showPlaylist=true" target="_new" title="NAP">Vídeo: NAP</a>
Posted by às No comments:
TAGS: , , ,

Configuring BitLocker to go through Group Policy

This article show how to configure BitLocker to go in a domain environment through group policies.
… "BitLocker to go" is a resource that is used to encrypt removable disks (external disks, etc…) pendrive. our pre-requirements for configuring a server running Windows Server R2 DC and clients running Windows 7.
The first step is to create a GPO setting. to this end, we will run the tool "Group Policy Management Console" in "administrative tools." for more information about GPMC: http://www.microsoft.com/windowsserver2003/gpmc/default.mspx
image
In the container "group policy depended" right click on it, and click New …
image
A name for the policy object, and then click OK. as the figure below:
image
…. Editing a GPO, navigate to the \Program Computer Configuration Administrative Templates \Windows Components \ BitLocker Encryption \ Removable date Driver Drives … below, watch the video where I describe each configuration related to BitLocker to go:

<a href="http://video.msn.com/?mkt=pt-BR&amp;playlist=videoByUuids:uuids:90efecf8-da1b-4772-90a3-46a09b26c1b8&amp;showPlaylist=true" target="_new" title="BitLocker to go GPO">Vídeo: BitLocker to go GPO</a>
Posted by às No comments:
TAGS: , , , ,

MSI authoring with ZERO cost!!rss

Ladies and gentlemen!The next link ´ s two tools to generate MSI packages from other executaveis as exe, etc. ..

Are basic tools that make the packets based on snapshots before and after installation of the software.

Wininstall LE-... that guy comes included with Windows 2000 Server CD)

http://www. softpile. com/utilities/html Miscellaneous/Review_16745_index.

AppDeploy:

http://www. appdeploy. com/tools/asp repackager/download.

... you is recommended that you run the tools ´ s in a clean installation of the operating system.

  1. Run the tool to be the first snapshot.
  2. Install the application in accordance with their necessiades ...
  3. Please boot machine for the comite of pending application installed information ...
  4. Run the tool again to SNAPSHOT is generated the 2nd ...
  5. A differential between the two SNAPSHOT ´ s and a result, the package will be generated.

I hope that is helpful.

Posted by às No comments:
TAGS: ,

Windows Server 2008 R2 Versions

The next link with the description of all versions of Windows Server 2008 R2:
http://65.55.177.205/
Posted by às No comments:
TAGS: ,

Antivirus exceptions in Exchange Server 2007

Staff,

The next link useful related to configuring Antivirus in an Exchange 2007 server is very important that the exception settings for files and directories on antivirus to eliminate corruption incidents and performance on your servers.

The next link:

http://TechNet. Microsoft. com/en-us/library/.aspx bb332342

I hope that is helpful.

Posted by às No comments:
TAGS: ,

Customizing the OWA Exchange Server 2007 and 2003

The next link to total customization of the themes of OWA in Exchange Server 2007!

Official documentation!

Exchange Server 2007:

http://TechNet. Microsoft. com/en/library/.aspx bb310750

Exchange Server 2003:

http://TechNet. Microsoft. com/en/library/aa996007 (Exchg. 65).

Posted by às No comments:
TAGS: ,

Free tool – Attachment filtering with Exchange 2007-2010

Ladies and gentlemen!

… I was "sapeando" by the Internet and found this tool FREE quarantine control for attachments in messages to Exchange Server 2007 and 2010 …

… seemed pretty cool, I worked straight. then follows the tip and the tutorial link and download configuration:

http://www. corelan .be: 8800/index. php/08/07/21/free-tool-attachment-filtering-with-Exchange-2007-custom-transport-agent/

I hope that is useful

Posted by às No comments:
TAGS:

Enable attachment control in Exchange Server 2007

Next commands to be executed to enable and configure the attachment control in Exchange Server 2007:

http://TechNet. Microsoft. com/en/library/.aspx aa997139

Posted by às No comments:
TAGS:

Tuesday, December 1, 2009

Windows Server 2008 Step-by-Step

Ladies and Gentlemen,
It follows a series of notes on some settings step by step in Windows Server 2008 ...
Posted by às No comments:
TAGS: ,
Subscribe to: Posts (Atom)