Monday, February 28, 2011

Script to copy a folder

Scripting language is very handy tool for system admins, if u learned the scripting. we can finish the work as fast.

Today , here i would like to write a script about how to copy a folder. Copy the below code to notepad and save it as .vbs extension. And edit the source and destination in the script.

sFolder = "c:\testfolder"
dFolder = "\\remoteservername\sharename"
Set objFSO = CreateObject ("scripting.fileSystemObject")
objFSO.CopyFolder sFolder, dFolder


For more info, i have created a video how to do that.

Sunday, February 27, 2011

How to get access of windows partitions in linux

As root, edit the file /etc/fstab e.g. let your windows C drive partition is /dev/hda1 and it is 'fat 32' file system. So to mount the C partition in /windows/C directory, in the /etc/fstab file, make an entry as /dev/hda1    /windows/C    vfat   umask=0000  0 0. Note that umask=0000 will give write permissions to every user. To give write permission only to root, replace by umask=0002

Friday, February 25, 2011

Windows 7 Service Pack 1 (SP1)- released february 22 - 2011

Microsoft has been released, windows 7 service pack1. it have security and stability updates.

Download link  : - SP1

Thursday, February 24, 2011

Script to create a folder

A simple VB script can create a folder on a system. Folder creation is very simple all are known, but why I write this script, because if we want create a folder on all system, we can use this on logon script through group policy.
1)     Open your notepad, copy the below code.

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFolder = objFSO.CreateFolder("c:\Serveradmin") 
 msgbox  “Successful created”
  And save as .vbs extension and execute it, now you check the “C” drive, the folder is created. For details check the below video.

Wednesday, February 23, 2011

Remotely install software by Group policy

          If you would install software more than hundred workstation, we need a man power or special software to deploy. We can deploy the software through the group policy. The software installation policy takes effect only after restarting the client workstation.
In Microsoft uses two methods to deploy the software.

1)      Assigning
2)     Publishing

Assigning :-
                In the assigning method, we need to assign the software to computers or users. It will install when the user logon to their computers.

Publishing :-
                In the publishing method, the software will not install automatically. The software will be display on add or remove programs, manually install from there.

                Before creating a software installation policy, we need to create a software distribution point on the server. Create a shared network folder and assign the access permission to domain users. Put the msi file (software source) to distribution point for installation.

Thursday, February 17, 2011

How to create a hidden share in Windows

Hidden share will not show the publicly, we can view only through \\servername\sharename$. Here I have mentioned how to create a hiden share.
Open the computer managent à click start button à then Run à type the command compmgmt.msc à then click OK.
Now the computer management will open.
Now navigate the shared folders from the computer management, then right click choose new file share.

 Now create a folder on any drive, the folder name should end with $ symbol.

and then click next , add your description about share in.

Then assign the permission for your needs.

Then click next then finish. The above hidden share creation is used for logon and logoff reports.

Active Directory Users logon and logoff report - Solved

For Active directory user’s logon and logoff reports, it needs the third party tools. But in windows have that capability. Most of the IT professionals are not learned DOS commands in-depth. The DOS command does this process. All are heard about echo command; this command can do the report for our need.

For Example:-
Go to your command prompt, type the below following command.
Echo %username% is logged on to %computername% at %time% 

The above command gives the output like his name, computer name and login time. Our need is to generate report for all users, so here we need to create a logon batch file script. Before creating the batch file, we need to create a central repository for storing the log files. Create a hidden share for logon, logoff and give the permission to users.Batch file for logon script Copy the below code edit the systemname, sharename and paste into the notepad, then save it as batch (.bat) file.
Echo %username% is logged on to %computername% at %time% >> \\systemname\Sharename$\%username%_logon.csv
The batch file needs to put on the logon script in the group policy. All log files will be save in separate for each users. Please find the below image, that was the output.

For Log off report use the below command for batch file
Echo %username% is logged on to %computername% at %time% >> \\systemname\Sharename$\%username%_logoff.csv
Copy the above code and create a batch file, apply on the logoff script in the group policy.

Tuesday, February 15, 2011

Shutdown Event Tracker Group Policy

We can enable / disable shutdown event tracker for servers and workstation. In server family operating system enabled by default. In workstation disabled by default. Through this policy we can enable and disable on both family.
Open your defined group policy from the console.
Navigate --> Computer Configuration --> Administrative Templates-->System --> Click the Display shutdown event tracker from the right side of the pane. 

Double click the  Display shutdown event tracker.

Click Enabled for enabling the shutdown event tracker. From the drop down menu we can choose either workstation / server or always. Always option for both server and workstation.

Disable remote desktop by using group policy

We can Disable remote desktop (Terminal services) through group policy.

1. Open your group policy editor for your defined OU or Site.

Navigate to computer configuration then expand Administrative templates , then windows components and then click Terminal Services.
Then Double Click the Allow users to connect remotely using terminal services policy from the right side pane.

Then Click apply and ok. Refresh your policy settings.. Now it will disable on all clients

Sunday, February 13, 2011

Disable Command Prompt Group Policy

We can disable the command prompt through group policy.
Please follow the below instructions.
1.     Open your group policy editor for your defined OU.
2.      Click the User configuration à Administrative Templates à System

3. Double click the " Prevent access to the command prompt " from the left side, see the above picture.
4. Then click the enable radio button.
5.  Then Click OK , Refresh your group policy settings.

Registry Editing has been disabled by your administrator - Trick

Registry Editing has been disabled by your administrator, if you get this error message. The registry editor has been disabled by your system admin through group policy.

We can remove the restriction through a command in standalone machine.

1. Go to Command Prompt. Type the below command 
2. REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v 
DisableRegistryTools /t REG_DWORD /d 0 /f

 Now you able to acces to your local machine registry editor.

Saturday, February 12, 2011

What is an access control list (ACL)?

The Microsoft Windows 2000 Active Directory glossary defines an access control list as “a set of data associated with a file, directory, or other resource that defines the permissions that users and/or groups have for accessing it. In the Active Directory™ service, an ACL is a list of access control entries (ACEs) stored with the object it protects. In the Windows NT® operating system, an ACL is stored as a binary value, called a security descriptor.”

What is an access control entry (ACE) ?

The Microsoft Windows 2000 Active Directory glossary states that “each ACE contains a security identifier (SID), which identifies the principal (user or group) to whom the ACE applies, and information on what type of access the ACE grants or denies.”

Thursday, February 10, 2011

What is Virtual memory – explained

Disk storage used to expand the capacity of RAM
When RAM is exceeded, virtual memory is treated as if it were RAM

Uses paging technique
  Pages are blocks of information moved from RAM into virtual memory
On a Pentium computer, blocks are 4 KB
 Pages are moved back into RAM when needed
A paging file is the area of disk allocated for virtual memory
   Initial and maximum size of the paging file
                      Set initial size to at least 1.5 times RAM
           Set maximum size to twice the initial size
                       Do not place the paging file on the boot partition
            Place a paging file on each disk (except the boot partition)
            Place paging file on main disk for a mirrored set or volume
            Do not place a paging file on a stripe set or volume, or RAID-5 volume

DIfference Between Peer to Peer and Server based networking

Peer-to-peer networking
          Designed for ten or less workstations
          Only moderate network security
        Users manage their own account information.
          No centralized storage of information
          No centralized administration control
        Lack of management for users and critical files
        Inability to centrally back up important files
          Slower response times when sharing resources
Server-based Networking
          Users log in once to access resources.
          Stronger security because of server management
          Shared files by members
          Shared printers and other resources
          E-mail capability through an email server
          Applications stored in a central location
          Backups scheduled and performed from a central location
          Shared resources can reflect the work patterns of subgroups.
          More efficient software upgrades 

Backup types and how to take backup

1) Normal Backup:
- Backup all files and folder after backup it rename ARCHIVE Bit

2) Daily Backup:
- Backup all selected files and folders which created or modified on daily raises. After backup it does not remove ARCHIVE Bit.

3) Copy Backup:
- Backups all selected files and folders after backup it will not remove ARCHIVE Bit.

4) Incremental Backup:
 - Backup all selected file and folders which are created or modified after last backup. After backup it does not remove ARCHIVE Bit.

Normal Backup:
-         we take normal backup the first time only because the normal backup take all file or folder to backup>

How to Take Backup:
1-     Start – Program – Accessories – System Tools – Backup.
2-     Select backup wizard then next.
3-     Select Backup select files, drive, or network data (if you want to take backup for files data drive) click next. Backup media of file name d:\backup.bkf. next finish.

Incremental Backup:
-         After take normal backup after that time we can take incremental backup because the incremental backup it will take only which file or folder you are created or modify.

How to take incremental Backup?
-        Start – run ntbackup, you will get wizard, click next
-        Backup wizard advanced, next, select your folder you want take backup, next, Browse, Completing the Backup Wizard, Advanced, Finish, Click Advanced, Type of Backup, Select Incremental, Next, Append this backup to the existing, Later, any name can give, OK.

Wednesday, February 9, 2011

What is Active Directory replication ?

Active Directory replication is like pull rather than push; it means that replicates pull changes from the server where the changes are affected. The Knowledge Consistency Checker (KCC) creates a replication topology of site links using the defined sites to manage traffic. Intrasite replication is frequent and automatic as a result of change notification, which triggers peers to begin a pull replication cycle. Intersite replication intervals are typically less frequent and does not use change notification by default, although this is configurable and can be made identical to intrasite replication.
Each link can have a 'cost' and the site link topology will be altered accordingly by the KCC. Replication may occur transitively through several site links on same-protocol site link bridges, if the cost is low, although KCC automatically costs a direct site-to-site link lower than transitive connections. Site-to-site replication can be configured to occur between bridgehead servers in each site, which then replicates the changes to other DCs within the site.
Replication of Active Directory uses Remote Procedure Calls (RPC) over IP (RPC/IP). Between Sites you can use SMTP for replication, but only for changes in the Schema, Configuration, or Partial Attribute Set (Global Catalog) NCs. SMTP cannot be used for replicating the default Domain partition..

Tuesday, February 8, 2011

Difference Between Authentication and Authorization

Authentication :-
The Web server containing the sales reports asks her workstation, “Who’s asking for this data?” The workstation replies, “rose.” The server then says, “Prove it.” So the workstation pops up a dialog box on Ivana’s screen asking for her username and password. She types in her name and password, and assuming that she types them correctly, the server then checks that name and password against a list of known users and passwords and finds that she is indeed Ivana.

Authorization :-
The mere fact that she has proven that she’s Ivana may not be sufficient reason for the Web server to give her access to the sales pages. The Web server then looks at another list sometimes known as the access control list, a list of people and access levels—“Andro can look at this page but can’t change it,” “Suse can look at this page and can change it,” “Thomas can’t look at this page at all.” Presuming rose on the “can look” list, the server sends the requested pages to her browser.

How to get last login time for Active Directory users

Copy the below code and save it as .vbs extension on desktop. You should change the second line, need to type your domain name

  Friends the content has been moved to new site.. click here to view it...

Active Directory Database and Log Files

Extensible Storage Engine (ESE) is the active directory database, which manage all the active directory objects in active directory database. Any of the data modification affects database performance, database fragmentation and data integrity

The ESE uses transaction and log files to ensure the integrity of the active directory database. Active Directory includes the following files:
*    Ntds.dit is the Active Directory database which stores the entire active directory objects on the domain controller. The .dit extension refers to the directory information tree. The default location is the %systemroot%Ntds folder. Active Directory records each and every transaction log files that are associated with the Ntds.dit file

*     Edb*.log is the transaction log file. Each transaction file is 10 megabytes (MB). When Edb.log file is full, active directory renames it to Edbnnnnn.log, where nnnnn is an increasing number starts from 1.

*      Edb.chk is a checkpoint file which is use by database engine to track the data which is not yet written to    
       the active directory database file. The checkpoint file act as a pointer that maintains the status between   
       memory and database file on disk. It indicates the starting point in the log file from which the information 
       must be recovered if a failure occurs.
*       Res1.log and Res2.log: These are reserved transaction log files. The amount of disk space that is reserved 
       on a drive or folder for this log is 20 MB. This reserved disk space provides a sufficient space to shut down if 
       all the other disk space is being used.

What is an Active Directory and How Does It Work

An active directory is a service that is provided by Microsoft that stores information about items on a network so the information can be easily made available to specific users through a logon process and network administrators. By using an Active Directory it is possible to view an entire series of network objects from a single point and obtain an overall hierarchal view of the network.
If you are a computer administrator for a large corporation or organization, you can easily update all end users computers with new software, patches and files simply by updating one object in a forest or tree.
Because each object fits into a set schema and has specific attributes, a network administrator can easily clear a person on a set tree or instantly give or deny access to select users for certain applications. The Microsoft servers use trust to determine whether or not access should be allowed. Two types of trusts that Microsoft active directories incorporate are transitive trusts and one way non transitive trusts. A transitive trust is when there is a trust that goes further than two domains in a set tree, meaning two entities are able to access each other's domains and trees.
A one way transitive trust is when a user is allowed access to another tree or domain; however, the other domain does not allow access to the further domains. This can be summed up as a network administrator and end user. The network administrator can access most trees in the forest including a specific end user's domain. However, the end user, while able to access his or her own domain, cannot access other trees.
It is important to note that active directories are a great way to organize a large organization or corporation's computers' data and network. Without an active directory, most end users would have computers that would need to be updated individually and would not have access to a larger network where data can be processed and reports can be created. While active directories can be technical to a good extent and require considerable expertise to navigate, they are essential to storing information and data on networks.

Monday, February 7, 2011

View users connected or logged on to terminal server

If, sometimes we may need to know how many users are logged on to a server, like may be when there is performance degradation.

For how many users details :-

            NET SESSION | FIND /C "\\"

For user details:-

            NET SESSION | FIND  "\\"

How to extend the password expiration

In Active directory, the password expiration attribute can set through group policy editor. Open your default domain policy à Computer Configuration à Security setting à Password policy à Maximum password age. Edit the Maximum password age as you desired, but default expiration age is 42. For detailed find the screenshot below.

Sunday, February 6, 2011

How to get MAC Address remotely

To find MAC address remotely is very easy. The ARP command is used to get MAC address local as well as remote PC.
nbtstat -a remote-ip-address

CTRL ALT DEL Function in remote desktop

CTRL+ALT+DEL Function in Remote desktop.

Just Press CTRL+ALT+END ...........

Friday, February 4, 2011

Vmware to Generate a new MAC Address

The below procedure is used to generate a new MAC address in VMware workstations.

Delete the content as specified in the above picture and save it, restart the vmware. Important :- Before doing this process, shutdown the vmware. 
Publish Post

Tuesday, February 1, 2011

How to get the AD LDAP DN name from an user

We can get the AD LDAP DN name by two ways (Commands).

1. dsquery user -name ADUSERNAME where ADUSERNAME is the name of the user on the AD.

2. ldifde -f users.txt --> Where all LDAP data fromo AD is dumped into the file named users.txt