Friday, 10 January 2014

Software deployment in server 2008

suppose you want to deploy mozile firefox in your network

in server:
1)put firefox.exe file into a shared folder
2)make a .zap file like this



3)save firefox.zap file into a shared folder

Now
4)start-->administrative Tools-->Group Policy Management
5)select a group onto which you want to deploy a software
Right click and press Edit

6)User Configuration-->policies-->software settings-->software installation
7)Right click on software installation-->properties-->advanced-->Make a tick on(Make 32-bit X86 down level(ZAP) application available to win64 machines)-->ok
8)Right click on software installation-->new-->package-->write a network path of your .zap file

clinet pc:
1)Control panel-->Programs and Features
2)Install a program from the network

3)install a firefox program from there.
Posted by at No comments:

Create VPN Connection in server 2008

For this scenario you have two server and client computer is connected to external network.

server 1:Active Directory installed Domain controller
have an one Network interface card, which has IP address: 20.0.0.1

1)start-->administrative Tools-->Active Directory Users and computers--
2)select a user which want be authenticated for VPN connection.
select user-->Right click-->Properties-->Dial in-->Network Access Permission-->Allow access--> ok .


server 2:Routing and remote access installed domain controller(This server is act as a router)
have a two Network interface card,One has ip address 20.0.0.2 and second has 40.0.0.1.
second one is connected to outside network

1)start-->Administrative Tools-->Routing and Remote Access
2)select Domain Controller-->Right click-->Configure and enable Routing and remote access

3)It will open a new window.
4)select Remote Access(Dial up or VPN)-->Next-->Tick on VPN-->Next-->Select your outside Network interface card-->Next-->ip Address Assignment(from specific range)-->next-->add your DHCP range-->Next-->Managing Multiple Remoter Access server(tick on no,use Routing and Remote Access to authenticate connection requests)-->Next-->Finish








5)Select your Domain-->Ipv4--> DHCP Relay Agent-->Add your outside network interface-->ok

Client pc1:(Operating system: windows 7)
1)control panel-->>Network and Sharing center-->Setup a new connection or Network
2)select connect to workplace-->Next-->Use my Internet Connection(VPN)-->I'll set up an internet connection later-->Internet address:(write a domain name of server 2)-->username:(username of authenticated user)) >> password:(password of that user)-->Finish
3)Run command ncpa.cpl
4)select VPN connection interface-->Give username and password of user-->Connect
Posted by at No comments:

Friday, 3 January 2014

seizing an operational master role

Seizing and operation master roles is done, when Operational master roles are not transferred.
It is a last step of trasfferirng a role.

There is a lots of risk in seizing operations master roles.

Seizing roles:
1)when you want to expand your schema,, seize a schema master role
2)when your domain controller do not add a domain,, seize a domain naming master role
3)when  you can not create an object in active directory, seize a RID master role
4)when your server create proble for password authentication or time synchronization,, seize a PDC emulator role
5)seizeing an infrastructure role may affect cross domain refrence updates.

while seizing role, your domain controller must be offline. It is not connected to network

Once you decided to seizing a operation role, The domain can't be used as a Domain controller again.'

How to check,which domain hold which operation master role in a forest?
write a command, netdom query fsmo



Error for RID master role like this

For seizing a role
1)Open a comman prompt and run a command ntdsutil
Now you get ntdsutil prompt
2)now in ntdsutil prompt write roles
ntdsutil: roles

it open fsmo maintenance prompt

3)in fsmo maintenance prompt write connections
fsmo maintenance: connections

it change command prompt to server connections

4)now in server connection prompt write connect to server Domain1
server connections: connnect to server Domain1

it connect you to Domain1,Domain1 is a domain from which you want to seize your operation master role

5)exit from the server connections prompt
server connections: quit

the command prompt change to fsmo maintenance

6)here we are seizing a RID master role,so write a command Seize RID master
fsmo maintenance: Seize a RID master

confrom to yes


Now remove server from the active directory

1)open command prompt,write a command ntdsutil
now command prompt chage to ntdsutil

2)ntdsutil: metadata cleanup

 3)metadata cleanup: connections

4)server connections: connect to server Domain1
after connecting to Domain1, now return back to the metadata cleanup
server connections: quit

 5)metadata cleanup: select operation target

 6)select opertion target: list domain
it display all the domain in your forest

7)after selecting a domain select a site from which you want to remove domain controller
select operation target: list sites
for select a site
select operation target: select site 0
here 0 is a number of a site

8)now select a server which you want to remove
select operation target: list servers in site
for remove a sever
select operation target: select sever 2

 9)quit form the select operation target prompt
select operation target prompt: quit

10)in metadata cleanup prompt write a command remove selected server
metadata cleanup: remove selected server

11)The last step to remove server from the forest
start-->adminstrative Tools-->Active Directory Sites and Services
sites-->servers-->(Delete server from which you seize a operation master role)

12)now Remove Active Directory service form Seizing a domain controller
in command prompt write a command dcpromo /forceremoval

Posted by at No comments:

Wednesday, 1 January 2014

What is Global Catalog?

Global catalog server


  • It act as a index of Active directory object
  • it contain subset of all objects.
  • windows server 2008 make all sever as a Global Catalog server By default
  • Global catalog server require more space and more bandwidth.
  • Global catalog server allows forest wide search


port for global catalog: 3267
port for LDAP: 389

microsft exchange requires Global catalog server for authentication process
GC are need for load balancing


How to configure sever as a global catalog server..
Start-->Active Directory users and computers-->domain controllers-->select your domain-->properties--> tick server as a global catalog server
Posted by at No comments:

Monday, 30 December 2013

how to synchronize external time server with window server 2008


  • Select your time server from http://support.microsoft.com/kb/262680.
  • After selecting your time server open command prompt.
  • write command:
    • w32tm /config /syncfromflags:manual /manualpeerlist:"<ip addresses>" /update /reliable:yes
  • here ip address is of your time server name


  • If you want to stop the synchronization time with time server writer a command.
    • net stop w32time
  • For starting a synchronization with time server,write a command.
    • net start w32time
  • for showing, which server hold PDC emulator task
    • dsquery server -hasfsmo pdc
Posted by at No comments:

Installation of Active Directory in Core server


  • Checking name of your computer.
    • echo %computername%
  • Changing of name to the computer.
    • netdom renamecomputer localhost /NewName DC2
  • For checking interface of your computer.
    • netsh interface IPv4 show interface
    1. this command gives network interfaces along with its index number.
  • For assign ip address to network interface.
    • netsh interface IPv4 set address name=21 source=static address=192.168.0.2 mask=255.255.255.0 gateway=192.168.0.1
    1. here interface=2 is an index number of your network interface card
    2. you can assign IP address from dhcp using source=dhcp in above command
  • For changing IPv6 address of interface.
    • netsh interface IPv6 set address interface=21 address=fd00:0:0:1::2
    1. here interface=2 is an index number of your network interface card
  • Set DNS for interface.
    • netsh interface IPv4 add dnsserver name=2 address=192.168.0.1 index=1
    1. here name=2 is an index number of your network interface card
  • For checking which roles are install in server.
    • oclist | more
  • Install DNS server role in core server.
    • start /w ocsetup DNS-Server-Core-Role
  • Now Restart server using shutdown /r /t 0 command.
  • Installing Active Directory using command line.
    • dcpromo /replicaOrnewDomain:domain /NewDomain:forest /NewDomainDNSName:windows2k8.com /ConfirmGC:yes /userdomain:abd.com /Username=administrator /Password=123@abd /SafeModeAdminPassword=123456 
Posted by at No comments:
Subscribe to: Comments (Atom)