Tuesday, November 10, 2009
Windows icons
Tuesday, October 27, 2009
DCDiag results
look at the right side you will see a Binary value as "Type" its value is set to 10 . 10 is for WIN32_OWN_PROCESS
If you will change it to 20 in decimal it will be WIN32_SHARE_PROCESS .
GPO processing 1006 1030 errors on terminal server.
solution:
- Make the user account memeber of "domain admin" group.
- Login to TS with the account.
- From CMD run "rundll32.exe keymgr.dll,KRShowKeyMgr" command.
- Delete everything from "Stored User Names and Passwordds" GUI.
- Remove the user from "domain admin" group.
Friday, October 02, 2009
Backup VM on Hyper-V Cluster
- Enable Windows backup on each cluster node.
- Create a batch what will include backup of all VMs and Quorum in the cluster.
- Using Windows Scheduler run the batch (with high privileges).
echo off
wbadmin start backup -backupTarget:\\hvbackup\hvvms\dc01 -include:N: -vssFull -noVerify -quiet
if %errorlevel% equ -2 echo skipped dc01
if %errorlevel% equ -2 goto quorum
:quorum
wbadmin start backup -backupTarget:\\hvbackup\hvvms\quorum -include:Q: -vssFull -noVerify -quiet
if %errorlevel% equ -2 echo skipped quorum
if %errorlevel% equ -2 goto ts02
:ts02
wbadmin start backup -backupTarget:\\hvbackup\hvvms\ts02 -include:S: -vssFull -noVerify -quiet
if %errorlevel% equ -2 echo skipped ts02
if %errorlevel% equ -2 goto util01
:util01
wbadmin start backup -backupTarget:\\hvbackup\hvvms\util01 -include:P: -vssFull -noVerify -quiet
if %errorlevel% equ -2 echo skipped util01
if %errorlevel% equ -2 goto util02
:util02
wbadmin start backup -backupTarget:\\hvbackup\hvvms\util02 -include:O: -vssFull -noVerify -quiet
if %errorlevel% equ -2 echo skipped util02
exit
Thursday, September 24, 2009
Microsoft FTP 7.5
- Users have rights for all directories from the root down.
- Users have access only isolated directories under root.
- Use windows 2008 sp 2 VM on Hyper-V
- IIS 7.0
- FTP 7.5
- IIS Manager Authentication
- FTP Virtual Host Names
- FTP User Isolation - "User Name directory (disable global virtual directories)
- Do not forget to change security for "Network services" account (ref.3)
- Created 3 FTP sites - one for global access (ref.5) needed to enable IE connection, second for non separated FTP and third for isolated users.
- In IE7 and 8 you can use "Open FTP site in Windows Explorer" option under "Page", but you will need authenticate second time.
- To authenticate you need to type user name as pointed in (ref.4) - "ftpheader.yourdomain.com|username" or with (ref.4) "ftpheader.yourdomain.com\username". The authentiacation will take place after connection to the global FTP site (ref.5).
- Regular FTP clients can connect directly using "Virtual host names".
- http://learn.iis.net/page.aspx/310/what-is-new-for-microsoft-and-ftp-75/
- http://learn.iis.net/page.aspx/305/configuring-ftp-75-user-isolation/
- http://learn.iis.net/page.aspx/321/configure-ftp-with-iis-70-manager-authentication/
- http://blogs.iis.net/jaroslad/archive/2009/04/16/addressing-the-separator-problem-for-virtual-ftp-sites-ftp-7-5.aspx
- http://blogs.msdn.com/robert_mcmurray/archive/2008/12/17/ftp-clients-part-3-creating-a-global-listener-ftp-site.aspx
- http://learn.iis.net/page.aspx/320/using-ftp-virtual-host-names/
Wednesday, August 19, 2009
AD object restore utility
Tuesday, August 18, 2009
Terminal server - Symantec anti-virus and office
Monday, July 20, 2009
Powershell Hyper-V
This is from: http://pshyperv.codeplex.com/Thread/View.aspx?ThreadId=62355
"these 2 links should help.
http://blogs.technet.com/softienerd/default.aspx
http://pshyperv.codeplex.com/Thread/View.aspx?ThreadId=35417
you can set the reg to unrestricted but set it back later..
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\powershell\1\ShellIds\Microsoft.powershell]
"ExecutionPolicy"="Unrestricted"
unzip the file.. say to z:\
the open powershell command
cd z:\
PS Z:\>
type . .\hyperv.ps1
notice the dot+space+dot+slash.
snippets.. from the links..
try to call . .\hyperv.ps1 ftom the folder the zip was extraced to. notice the dot+space+dot+slash.
Powershell Tip #1
In Powershell, type $profile.
PS C:\Program Files\Microsoft\AxFuzzer> $profile
C:\Users\mengli\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1
That points to where your profile is stored at. This is a powershell script that executes upon the start up of any powershell prompt for the current user. Go ahead and make the file. In my case, I made a new file at the location by typing this:
new-item $profile -itemtype file -force
Now, open the file and you can put in things like this:
set-executionpolicy unrestricted
. \\meng\shared\powershell\hyperv.ps1
set-executionpolicy remotesigned
Every new powershell prompt that you"
