IT Knowledge Base

Useful for Network Load Balancing and Clusters

Same steps as in How-to-create-a-Managed-Service-Account

You need to create a security group and add computers to it.

New-ADServiceAccount –Name GroupMSA –DNSHostName ServerName –PrincipalsAllowedToRetrieveManagedPassword MSAComputers –passthru

New since Win2k8 R2

Instead of using User Accounts for services you can create Managed Service Accounts now. The advantage is that it also changes the password every 30 days automatically like in the computer accounts. You can find the managed user accounts here:
Active Directory User and Computers\Managed Service Accounts

1. Run Active Directory Module for PowerShell
2. Add-KDSRootKey
    
     For LAB Environment to not wait the 10 hours to repliacte type instead:
     Add-KDSRootKey –EffectiveTime ((Get-Date).AddHours(-10))
2. New-ADServiceAccount –Name WebTest –DNSHostname servername –Passthru

    Without –Passtrhu you don’t have any feedback

3. Add-ComputerServiceAccount –identity web01 –ServiceAccount WebTest –Passthru

You can check the settings in more details if you run adsiedit.msc.

Now you can use this service for example for services.

1. Run services.msc

2. Right Click on a Service\Properties\Log On\
    This Account:

     domain\yourcreatedaccount$

3. You don’t need to put a password

dcgpofix /target:both

If you have two different networks and you don’t want to install a DHCP Server on each side you can use “DHCP Relay Agent” Service.

Here a quick tutorial:
1. DHCP-Server
    Install “DHCP-Server” Role

2. Configure DHCP Scopes
    Scope A 192.168.10.11-192.168.10.253
    Scope B 192.168.11.11- 192.168.11.253

3. Router
    Should have two Network cards. For each network one.
    Network A IP: 192.168.10.254/24
    Network B IP: 192.168.11.254/24

4. Install “Remote Access” Role

5. Run “Routing and Remote Access”

6. “Configure and Enable Routing and Remote Access”

7. Choose “Custom Configuration”

8. Choose “LAN routing” and start the service

9. Install the DHCP Relay Agent
    Right Click on General in IPv4 and choose “New Routing Protocol” and there you can finally choose “DHCP Relay Agent”.

10. Right Click on” DHCP Relay Agent” and choose “Properties”. There you add your DHCP Server. In this case it would be 192.168.10.10.

11. Add the Network B Interface to the “DHCP Relay Agent”.

12. You should be done. In Windows 2008 it’s possible that you need to make adjustments to your Windows Firewall.

13. You can test on your client to get an IP Adress. Run from the command console: Ipconfig /release and Ipconfig /renew. 
     After that you should be able to see the IP address if you type: ipconfig.

Well I don’t like the thick border in Windows 8. You can easily change it in the registry:
HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics

Set following values to 0:
BorderWidth
PaddedBorderWidth

logoff and login again

It uses the TTL (Time To Live) parameter and UDP to get the path. Each router which is passed needs to decrease the TTL value of a packet and if it is below 1 the router will discard it and send a ICMP (time exceeded) back to the source. So traceroute sends the first packet with a TTL of 1 to reach the first router and one more with a TTL of 2 to reach the second and so on. You get the picture. But how does it know when the destination is reached? Well it useses another trick for that.  Traceroute sends out a UDP Packet with it with a port higher than 3000. It is very unlikely that this port will be opened at the destination so it will get back from the destination a ICMP packet (port unreachable) which is the answer to the question.

Important: Remember that not all packets are going the same way and it’s likely that they use different paths.

This is a scam mail where they tell you that somebody is trying to register your domain name with another topleveldomain. If  you answer to it you will probably bid against an imaginary company which doesn’t exist and get an expensive domain name or even just loose the money.  Of course if you ask who wants to buy it they won’t tell you because of privacy issues.

Email Content:

(Please forward to the President or Brand Owner, thank you)

Dear Sir/Madam,
We are a registration agency of Asian Domain Registration Organization in China. I have something to confirm with you. We formally received an application on June 17, 2013 that a company which self-styled "Abtry International Co.,Ltd" were applying to register "company name" as their Brand Name and some domain names through our firm.

Now we are handling this registration, and after our initial checking, we found these names were similar to your company’s, so we need to check with you whether your company has authorized that company to register these names. If you authorized this, we will finish the registration at once. If you did not authorize, please let us know within 7 workdays, so that we will handle this issue better. Out of the time limit we will unconditionally finish the registration for "Abtry International Co.,Ltd". Looking forward to your prompt reply.

Best Regards

Hannah Lin

It is possible to export all printers from Windows 2008 Server and import them again into Windows 2012. I tried this method but got just error messages and I didn’t like the fact, that it imports also the old drivers. So I installed first the necessary printer drivers on the new server and run the script below to create all the printers. It automatically adds the necessary ports and the printers. If you want to add more parameters it is easily possible.

Create CSV file with the printers (printers.csv):
Name, IP, Driver, Location
"PRINTER01", "192.168.1.10", "Xerox Global Print Driver PCL6", "Main Building, First Floor"
"PRINTER02", "192.168.1.11", "Xerox Global Print Driver PCL6", "Main Building, Second Floor"

Script to import the printers (printers.ps1):
$printers = Import-Csv c:\temp\powershell\printers.csv
 
foreach ($printer in $printers) {
    Add-PrinterPort -Name $printer.Name -PrinterHostAddress $printer.IP
    Add-Printer -Name $printer.Name -DriverName $printer.Driver -PortName $printer.Name -Comment $printer.Comment -ShareName $printer.Name
    Set-printer -Name $printer.Name -Shared $true -Published $true
}

If you run the command without the management tools then you won’t have the tabs to configure the snmp-service. By the way the argument –Whatif shows you in advance what would be installed if you run the command. So to actually installe it run the command without –WhatIf.

#Add-WindowsFeature -Name SNMP-Service -IncludeAllSubFeature -IncludeManagementTools –Restart –WhatIf

To run a service you actually need to compile it and install it with InstallUtil.exe. To make this process faster you can easily add this function to Visual Studio.
Go to “Tools\External Tools….” and add following:

Title
Install Service

Command
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe

Arguments
$(TargetPath)

Initial directory
$(TargetDir)

Use Output Window
Should be selected

To uninstall the service Add following:

Title
Uninstall Service

Arguments
/u $(TargetPath)

Initial directory
$(TargetDir)

Use Output Window
Should be selected