One reason why Windows Server 2008’s install is easy to use is because it is based on a MINWINPC (Mini PC) bootable environment, similar to the Windows PE environment. This means that a number of environment tools are available to the installation environment. Once the Windows manager is loaded, you can access this command prompt by pressing [Shift][F10].
Monday, February 28, 2011
Net Helpmsg for Windows Error 0xABCDEFGH
Suppose you get error 0x80070652 from an installer:
>net helpmsg 0x80070652
The syntax of this command is:
NET HELPMSG message#
It doesn’t support hex. You need to take the last 4 digits "0652" from 0x80070652, convert it to decimal "1618" and:
C:\>net helpmsg 1618
Another installation is already in progress. Complete that installation before proceeding with this install.
>net helpmsg 0x80070652
The syntax of this command is:
NET HELPMSG message#
It doesn’t support hex. You need to take the last 4 digits "0652" from 0x80070652, convert it to decimal "1618" and:
C:\>net helpmsg 1618
Another installation is already in progress. Complete that installation before proceeding with this install.
Friday, February 25, 2011
Reload, Transfer or Reload from Master DNS secondary zone?
Often confusion arises when manually updating the DNS zone.
Reload, Transfer From Master or Reload from Master - what to choose?
Open the book "MCTS Exam 70-642: Cinfiguring Windows 2008 Network Infrastructure" on the page 201 and carefully read the following:
"...
Manaully Updating a Secondary Zone
...
Reload, Transfer From Master or Reload from Master - what to choose?
Open the book "MCTS Exam 70-642: Cinfiguring Windows 2008 Network Infrastructure" on the page 201 and carefully read the following:
"...
Manaully Updating a Secondary Zone
...
- Reload This operation reloads the secondary zone from local storage.
- Transfer From Master The server hosting the local secondary zone determines whether the serial number in the secondary zone's SOA resource record has expired and then pulls a zone transfer from the master server.
- Reload From Master This operation performs a zone transfer from the secondary zone's master server regardless of the serial number in the seconadry zone's SOA resource record.
Thursday, February 24, 2011
Windows PKI documentation reference
Microsoft PKI Quick Guide - Part 1: Planning
Microsoft PKI Quick Guide – Part 2: Design
Microsoft PKI Quick Guide – Part 3: Installation
Microsoft PKI quick guide – Part 4: Troubleshooting
Microsoft PKI Quick Guide – Part 2: Design
Microsoft PKI Quick Guide – Part 3: Installation
Microsoft PKI quick guide – Part 4: Troubleshooting
Wednesday, February 23, 2011
Managing Active Directory from the command line
see:
| CSVDE | Import and export Active Directory data using comma-separated format. |
| Dsadd | Add users, groups, computers, contacts, and organizational units to Active Directory. |
| Dsmod | Modify an existing object of a specific type in the directory. The types of objects that can be modified are: users, groups, computers, servers, contacts, and organizational units. |
| Dsrm | Remove objects of the specified type from Active Directory. |
| Dsmove | Rename an object without moving it in the directory tree, or move an object from its current location in the directory to a new location within a single domain controller. (For cross-domain moves, use the Movetree command-line tool.) |
| Dsquery | Query and find a list of objects in the directory using specified search criteria. Use in a generic mode to query for any type of object or in a specialized mode to query for for selected object types. The specific types of objects that can be queried through this command are: computers, contacts, subnets, groups, organizational units, sites, servers and users. |
| Dsget | Display selected attributes of specific object types in Active Directory. Attributes of the following object types can be viewed: computers, contacts, subnets, groups, organizational units, servers, sites, and users. |
| LDIFDE | Ceate, modify, and delete directory objects. This tool can also be used to extend the schema, export Active Directory user and group information to other applications or services, and populate Active Directory with data from other directory services. |
| Ntdsutil | General purpose Active Directory management tool. Use Ntdsutil to perform database maintenance of Active Directory, to manage single master operations, and remove metadata left behind by domain controllers that were removed from the network without being properly uninstalled. |
LDAP Query - Account is locked out
see:
HOWTO: Enumerate locked out user accounts using Saved Queries
Follow these step-by-step instructions to list all currently locked out accounts in a Windows Server 2003 domain:
1. Log in to a Domain Controller with administrative privileges in the domain and open Active Directory Users & Computers.
2. Right click Saved Queries and select New > Query.
3. Give the query a name and optionally a description. Click on Define Query.
4. Select Custom Search from the drop-down dialogue box.
5. Click on Advanced and enter this LDAP filter in the query box:
(&(objectCategory=Person)(objectClass=User)(lockoutTime>=1))
6. Click on OK twice and the new query appears under the Saved Queries folder in Active Directory Users & Computers.
Unfortunately, this is the query selects not only 'Account is locked out'.
see yet:
Implementing and Troubleshooting Account Lockout
Account Lockout and Management Tools
HOWTO: Enumerate locked out user accounts using Saved Queries
1. Log in to a Domain Controller with administrative privileges in the domain and open Active Directory Users & Computers.
2. Right click Saved Queries and select New > Query.
3. Give the query a name and optionally a description. Click on Define Query.
4. Select Custom Search from the drop-down dialogue box.
5. Click on Advanced and enter this LDAP filter in the query box:
(&(objectCategory=Person)(objectClass=User)(lockoutTime>=1))
6. Click on OK twice and the new query appears under the Saved Queries folder in Active Directory Users & Computers.
Unfortunately, this is the query selects not only 'Account is locked out'.
see yet:
Implementing and Troubleshooting Account Lockout
Account Lockout and Management Tools
Cisco SFP Serial Number
Cisco Catalyst 3750
# show inventory
Cisco Catalyst 6500
# show idprom interface gi1/2/1
...
Extended ID Fields
Options : Loss of Signal implemented TX_DISABLE is implemented and disables the serial output
BR, max : Unspecified 0%
BR, min : Unspecified 0%
Vendor SN : FNS14070RCT
Date code : 100212
CC_EXT : 0xEC
...
# show inventory
...
NAME: "2", DESCR: "WS-C3750G-48TS"
PID: WS-C3750G-48TS-S , VID: V04 , SN: FCZ1426714X
PID: WS-C3750G-48TS-S , VID: V04 , SN: FCZ1426714X
...
Cisco Catalyst 6500
# show idprom interface gi1/2/1
...
Extended ID Fields
Options : Loss of Signal implemented TX_DISABLE is implemented and disables the serial output
BR, max : Unspecified 0%
BR, min : Unspecified 0%
Vendor SN : FNS14070RCT
Date code : 100212
CC_EXT : 0xEC
...
Subscribe to:
Posts (Atom)