Monday, December 16, 2013

install and configure VNC Server on CentOS 6.3 or Redhat RHEL

1. Install GNOME Desktop Environnement:

[root@dhcppc1 ~]# yum -y groupinstall “GNOME Desktop Environment”
2. Install KDE Desktop Environnement:

[root@dhcppc1 ~]# yum groupinstall “X Window System” “KDE (K Desktop Environment)”
3. Install VNC Server:

[root@dhcppc1 ~]# yum -y install vnc-server
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror-fpt-telecom.fpt.net
* extras: mirror-fpt-telecom.fpt.net
* updates: mirror-fpt-telecom.fpt.net
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package tigervnc-server.i686 0:1.0.90-0.17.20110314svn4359.el6 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

================================================== ==============================
Package Arch Version Repository
Size
================================================== ==============================
Installing:
tigervnc-server i686 1.0.90-0.17.20110314svn4359.el6 base 1.1 M

Transaction Summary
================================================== ==============================
Install 1 Package(s)

Total download size: 1.1 M
Installed size: 2.9 M
Downloading Packages:
tigervnc-server-1.0.90-0.17.20110314svn4359.el6.i686.rpm | 1.1 MB 00:02
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>
Package: centos-release-6-3.el6.centos.9.i686 (@anaconda-CentOS-201207051201.i386/6.3)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : tigervnc-server-1.0.90-0.17.20110314svn4359.el6.i686 1/1
Verifying : tigervnc-server-1.0.90-0.17.20110314svn4359.el6.i686 1/1

Installed:
tigervnc-server.i686 0:1.0.90-0.17.20110314svn4359.el6

Complete!
[root@dhcppc1 ~]#
4. Configure a VNC user:

[root@dhcppc1 ~]# su -jackiebui
[jackiebui@dhcppc1 ~]# vncpasswd
Password:******
verify:******
[jackiebui@dhcppc1 ~]# ls .vnc/
5. Edit VNC Configuration File:

[root@dhcppc1 ~]# vi /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my ‘myusername’ (adjust this to your own). You will also
# need to set a VNC password; run ‘man vncpasswd’ to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see this URL:
http://kbase.redhat.com/faq/docs/DOC-7028

# Use “-nolisten tcp” to prevent X connections to your VNC server via TCP.

# Use “-localhost” to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the “-via” option in the
# `man vncviewer’ manual page.

VNCSERVERS=”1:jackiebui” //Uncomment 2 last lines, and edit your VNC user
VNCSERVERARGS[2]=”-geometry 800×600 -nolisten tcp -localhost” // Save and exit
6. Start VNC Server:

[root@dhcppc1 ~]# vncserver
[root@dhcppc1 ~]# chkconfig vncserver on //VNC’ll start at boot
Note: If you have error 

 Fatal server error:
could not open default font 'fixed'

 Than 

 yum -y install libXfont



 7. Now use VNC viewer to connect to VNC Server:
8. Type your VNC password:
9. Now you can access your VNC Server from everywhere:

That's all. If you have any problems,just comment here,i'll reply ASAP! 
Posted by at No comments:

Monday, August 26, 2013

Enable Remote Access To MySQL Database Server

How Do I Enable Remote Access To MySQL Database Server?

By default remote access to the MySQL database server is disabled for security reasons. However, some time you need to provide remote access to database server from home or a web server. This post will explain how to setup a user account and access mysql server remotely.

Task: MySQL Server Remote Access

You need type the following commands which will allow remote connections.

Step # 1: Login Using SSH (if server is outside your data center)

First, login over ssh to remote MySQL database server. You may need to login to your MySQL server as the root user:

ssh user@server1.cyberciti.biz
### login as the root using su or sudo ##
su
#sudo -s
 
OR directly login as root user:
ssh root@server1.cyberciti.biz

Step # 2: Edit the my.cnf file

Once connected you need to edit the MySQL server configuration file my.cnf using a text editor such as vi:
  • If you are using Debian Linux file is located at /etc/mysql/my.cnf location.
  • If you are using Red Hat Linux/Fedora/Centos Linux file is located at /etc/my.cnf location.
  • If you are using FreeBSD you need to create a file /var/db/mysql/my.cnf location.
Edit the /etc/my.cnf, run:
# vi /etc/my.cnf

Step # 3: Once file opened, locate line that read as follows

[mysqld]
Make sure line skip-networking is commented (or remove line) and add following line
bind-address=YOUR-SERVER-IP
For example, if your MySQL server IP is 65.55.55.2 then entire block should be look like as follows:
[mysqld]
user            = mysql
pid-file        = /var/run/mysqld/mysqld.pid
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
basedir         = /usr
datadir         = /var/lib/mysql
tmpdir          = /tmp
language        = /usr/share/mysql/English
bind-address    = 65.55.55.2
# skip-networking
....
..
....
Where,
  • bind-address: IP address to bind to.
  • skip-networking : Don’t listen for TCP/IP connections at all. All interaction with mysqld must be made via Unix sockets. This option is highly recommended for systems where only local requests are allowed. Since you need to allow remote connection this line should be removed from my.cnf or put it in comment state.

Step# 4 Save and Close the file

If you are using Debian / Ubuntu Linux, type the following command to restart the mysql server:
# /etc/init.d/mysql restart
If you are using RHEL / CentOS / Fedora / Scientific Linux, type the following command to restart the mysql server:
# /etc/init.d/mysqld restart
If you are using FreeBSD, type the following command to restart the mysql server:
# /usr/local/etc/rc.d/mysql-server stop
# /usr/local/etc/rc.d/mysql-server start
OR
# /usr/local/etc/rc.d/mysql-server restart

Step # 5 Grant access to remote IP address

Connect to mysql server:
$ mysql -u root -p mysql

Grant access to a new database

If you want to add a new database called foo for user bar and remote IP 202.54.10.20 then you need to type the following commands at mysql> prompt:mysql> CREATE DATABASE foo;
mysql> GRANT ALL ON foo.* TO bar@'202.54.10.20' IDENTIFIED BY 'PASSWORD';

How Do I Grant Access To An Existing Database?

Let us assume that you are always making connection from remote IP called 202.54.10.20 for database called webdb for user webadmin, To grant access to this IP address type the following command At mysql> prompt for existing database, enter:
mysql> update db set Host='202.54.10.20' where Db='webdb';
mysql> update user set Host='202.54.10.20' where user='webadmin';

Step # 6: Logout of MySQL

Type exit command to logout mysql:mysql> exit

Step # 7: Open port 3306

You need to open TCP port 3306 using iptables or BSD pf firewall.

A sample iptables rule to open Linux iptables firewall

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
OR only allow remote connection from your web server located at 10.5.1.3:
/sbin/iptables -A INPUT -i eth0 -s 10.5.1.3 -p tcp --destination-port 3306 -j ACCEPT
OR only allow remote connection from your lan subnet 192.168.1.0/24:
/sbin/iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --destination-port 3306 -j ACCEPT
Finally save all rules (RHEL / CentOS specific command):
# service iptables save

A sample FreeBSD / OpenBSD pf rule ( /etc/pf.conf)

pass in on $ext_if proto tcp from any to any port 3306
OR allow only access from your web server located at 10.5.1.3:
pass in on $ext_if proto tcp from 10.5.1.3 to any port 3306  flags S/SA synproxy state

Step # 8: Test it

From your remote system or your desktop type the following command:
$ mysql -u webadmin –h 65.55.55.2 –p
Where,
  • -u webadmin: webadmin is MySQL username
  • -h IP or hostname: 65.55.55.2 is MySQL server IP address or hostname (FQDN)
  • -p : Prompt for password
You can also use the telnet or nc command to connect to port 3306 for testing purpose:
$ echo X | telnet -e X 65.55.55.2 3306
OR
$ nc -z -w1 65.55.55.2 3306
Sample outputs:
Connection to 65.55.55.2 3306 port [tcp/mysql] succeeded!
Posted by at No comments:

Wednesday, August 21, 2013

How to restore default system permissions on Red Hat, CentOs, Fedora

I recently came across a system which had some directories set to 777(recursively), the sysadmin needed to install an application and changed all the permissions!!!! a mess, I didn't know where to start, but one of my colleagues pointed that rpm has a parameter called --setperms and --setugids.

I created a one liner that does the job, it takes time but It works !!!!!

1) To reset uids and gids on files and directories :


for u in $(rpm -qa); do rpm --setugids $u; done

2) To permissions on files and directories

for p in $(rpm -qa); do rpm --setperms $p; done


Enjoy,
Posted by at No comments:

Wednesday, December 21, 2011

FIve FSMO Role Transfer

How can I transfer some or all of the FSMO Roles from one DC to another?

Awards for Network Performance Monitor (NPM):


  • 2011 Windows IT Pro Editor's Best & Community Choice Awards
  • Redmond Magazine 2011 Readers Choice Preferred Product & ISV and Grand Slam Award for the Best Performance Management Product winner 4 years in a row!
  • 2011 Network Computing Awards (UK) Network Management Product of the Year
  • 2011 WindowsNetworking.com Readers Choice Award WINNER in Network Monitoring Category
Learn More About Network Performance Monitor
Windows 2000/2003 Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation), as described in Understanding FSMO Roles in Active Directory.
In most cases an administrator can keep the FSMO role holders (all 5 of them) in the same spot (or actually, on the same DC) as has been configured by the Active Directory installation process. However, there are scenarios where an administrator would want to move one or more of the FSMO roles from the default holder DC to a different DC.
Moving the FSMO roles while both the original FSMO role holder and the future FSMO role holder are online and operational is called Transferring, and is described in this article.
The transfer of an FSMO role is the suggested form of moving a FSMO role between domain controllers and can be initiated by the administrator or by demoting a domain controller. However, the transfer process is not initiated automatically by the operating system, for example a server in a shut-down state. FSMO roles are not automatically relocated during the shutdown process - this must be considered when shutting down a domain controller that has an FSMO role for maintenance, for example.
In a graceful transfer of an FSMO role between two domain controllers, a synchronization of the data that is maintained by the FSMO role owner to the server receiving the FSMO role is performed prior to transferring the role to ensure that any changes have been recorded before the role change.
However, when the original FSMO role holder went offline or became non operational for a long period of time, the administrator might consider moving the FSMO role from the original, non-operational holder, to a different DC. The process of moving the FSMO role from a non-operational role holder to a different DC is called Seizing, and is described in the Seizing FSMO Roles article.
You can transfer FSMO roles by using the Ntdsutil.exe command-line utility or by using an MMC snap-in tool. Depending on the FSMO role that you want to transfer, you can use one of the following three MMC snap-in tools:
  • Active Directory Schema snap-in
  • Active Directory Domains and Trusts snap-in
  • Active Directory Users and Computers snap-in
To transfer the FSMO role the administrator must be a member of the following group:
FSMO Role Administrator must be a member of
Schema Schema Admins
Domain Naming Enterprise Admins
RID Domain Admins
PDC Emulator
Infrastructure
Transferring the RID Master, PDC Emulator, and Infrastructure Masters via GUI
To Transfer the Domain-Specific RID Master, PDC Emulator, and Infrastructure Master FSMO Roles:
  1. Open the Active Directory Users and Computers snap-in from the Administrative Tools folder.
  2. If you are NOT logged onto the target domain controller, in the snap-in, right-click the icon next to Active Directory Users and Computers and press Connect to Domain Controller.
  3. Select the domain controller that will be the new role holder, the target, and press OK.
  4. Right-click the Active Directory Users and Computers icon again and press Operation Masters.
  5. Select the appropriate tab for the role you wish to transfer and press the Change button.
  6. Press OK to confirm the change.
  7. Press OK all the way out.
Transferring the Domain Naming Master via GUI
To Transfer the Domain Naming Master Role:
  1. Open the Active Directory Domains and Trusts snap-in from the Administrative Tools folder.
  2. If you are NOT logged onto the target domain controller, in the snap-in, right-click the icon next to Active Directory Domains and Trusts and press Connect to Domain Controller.
  3. Select the domain controller that will be the new role holder and press OK.
  4. Right-click the Active Directory Domains and Trusts icon again and press Operation Masters.
  5. Press the Change button.
  6. Press OK to confirm the change.
  7. Press OK all the way out.
Transferring the Schema Master via GUI

To Transfer the Schema Master Role:


  1. Register the Schmmgmt.dll library by pressing Start > RUN and typing:
regsvr32 schmmgmt.dll
  1. Press OK. You should receive a success confirmation.
  2. From the Run command open an MMC Console by typing MMC.
  3. On the Console menu, press Add/Remove Snap-in.
  4. Press Add. Select Active Directory Schema.
  5. Press Add and press Close. Press OK.
  6. If you are NOT logged onto the target domain controller, in the snap-in, right-click the Active Directory Schema icon in the Console Root and press Change Domain Controller.
  7. Press Specify .... and type the name of the new role holder. Press OK.
  8. Right-click right-click the Active Directory Schema icon again and press Operation Masters.
  9. Press the Change button.
  10. Press OK all the way out.
Transferring the FSMO Roles via Ntdsutil
To transfer the FSMO roles from the Ntdsutil command:
Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality.
  1. On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\WINDOWS>ntdsutil
ntdsutil:
  1. Type roles, and then press ENTER.
ntdsutil: roles
fsmo maintenance:
Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.
  1. Type connections, and then press ENTER.
fsmo maintenance: connections
server connections:
  1. Type connect to server <servername>, where <servername> is the name of the server you want to use, and then press ENTER.
server connections: connect to server server100
Binding to server100 ...
Connected to server100 using credentials of locally logged on user.
server connections:
  1. At the server connections: prompt, type q, and then press ENTER again.
server connections: q
fsmo maintenance:
  1. Type transfer <role>. where <role> is the role you want to transfer.
For example, to transfer the RID Master role, you would type transfer rid master:
Options are:
Transfer domain naming master
Transfer infrastructure master
Transfer PDC
Transfer RID master
Transfer schema master
  1. You will receive a warning window asking if you want to perform the transfer. Click on Yes.
  2. After you transfer the roles, type q and press ENTER until you quit Ntdsutil.exe.
  3. Restart the server and make sure you update your backup.
Posted by at No comments:

Friday, December 16, 2011

Upgrading your Active Directory to Windows Server 2008

Upgrading your Active Directory to Windows Server 2008
Last time we discussed how to transition your Active Directory to Windows Server 2008, which was something a lot of you were interested in. This time I'm talking in-place upgrading Windows Server 2003 and Windows Server 2003 R2 Domain Controllers to Windows Server 2008 Domain Controllers.
While this might seem like simply feeding the DVD and pressing Next> until your server reboots into Windows Server 2008, there's actually a more subtle and profound way to perform these in-place upgrades. Perhaps after reading this post you feel you don't want to in-place upgrade your Windows Server 2003 and Windows Server 2003 R2 Domain Controllers anymore but instead transition the whole lot. Let's find out!

Contents

      

Ways to migrate

 As shown last time upgrading your Windows Server 2003 Active Directory environment to Windows Server 2008 can be done in three distinct ways:
  • In-place upgrading
    Windows Server 2003 and Windows Server 2003 R2 can both be upgraded in-place to Windows Server 2008
      
  • Transitioning
    Migrating this way means adding Windows Server 2008 Domain Controllers to your existing Active Directory environment.  
      
  • Restructuring
    A third way to go from Windows Server 2003 Domain Controllers to Windows Server 2008 Domain Controllers is restructuring your Active Directory environment. This involves moving all your resources from one (Windows Server 2003) domain to a new and fresh (Windows Server 2008) domain. Tools like the Active Directory Migration Tool (ADMT) are priceless in these kind of migrations.

Reasons to upgrade in-place

 In-place upgrading is the path of the least investment. You can simply reuse your existing Windows Server 2003 and Windows Server 2003 R2 Domain Controllers as Windows Server 2008 Domain Controllers.
Just like transitioning In-place upgrading means you get to keep your current Active Directory lay-out, contents, group policies and schema.
In-place upgrading is good when:
  • You worked hard to get your Active Directory in the shape it's in.
  • Your servers are in tip-top shape.
  • There's really no budget to buy new servers.
Be sure your current Windows Server 2003 Domain Controllers will last another three to five years when you intend to upgrade them in-place. Transitioning isn't really any harder compared to in-place upgrading. So if you're going to do either, please make sure you're not heading for double work. It would be sad to see you upgrade Domain Controllers now and see you transition in a year from now, while you could've easily transitioned in the first place.
Remember: You're the one with the advantage in negotiations when your boss wants you to go to Windows Server 2008 and really doesn't want to buy new servers.

Reasons not to upgrade in-place

 While I can find two main reasons to perform in-place upgrades, I can find a lot of reasons not to perform them: (and choose another migration path)
  • Your servers do not meet the required patchlevel for in-place upgrading
    (The Windows Server 2003 patchlevel should be at least Service Pack 1)
  • You want to upgrade across architectures (between x86, x64 and/or Itanium)
  • You're running Windows Small Business Server 2003 or Windows Small Business Server 2003 R2 (upgrade scenarios for Small Business Server are uncertain at this moment)
  • You want to switch Windows Server edition (to obtain clustering for instance)
    • Standard Edition can be upgraded to both Standard and Enterprise Edition
    • Enterprise Edition can be upgraded to Enterprise Edition only
    • Datacenter Edition can be upgraded to Datacenter Edition only
  • You want your Windows Server 2008 Domain Controllers to be Server Core installations of Windows Server 2008. Upgrading to Server Core is not possible
  • Your Windows Server 2003 Domain Controllers are equipped with a boot drive which has less than 14062 MB of free space (solution here) or your your Windows Server 2003 Domain Controllers do not meet the Windows Server 2008 (recommended) System requirements.
  • Applications on your existing Domain Controllers are not tested with or certified for usage on Windows Server 2008.
  • Applications or installed components on your Windows Server 2003 have known problems when upgrading in-place to Windows Server 2008. PowerShell and thus Exchange Server 2007 are such programs!
If these considerations leave you with an undesirable outcome (for instance you wanted to migrate from 32bit Domain Controllers to 64bit Domain Controllers) choose to transition your Windows Server Active Directory environment to Windows Server 2008.
    

Steps to upgrade in-place

 Upgrading your Windows Server 2003 and Windows Server 2003 R2 Domain Controllers in-place to Windows Server 2008 Domain Controllers consists of the following steps:

Before you begin

 Avoid common mistakes There is a very good Microsoft Knowledge Base article on Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain, written by community experts.  I suggest you read it. (twice) Most of the contents also apply to transitioning from Windows Server 2003 (R2) to Windows Server 2008
Plan your server lifecycle
It's not uncommon for a Domain Controller to sit on your network for a period of five years. I believe you should take this in mind when selecting and buying a server. You should plan your partitions (or volumes) carefully and place the Active Directory files on separate volumes when your needs justify it. The Windows Server catalog helps you pick systems that will run Windows Server 2008 with ease.
Assess your readiness
Microsoft has kindly provided a tool to scan systems to assess whether systems are capable of running Windows Server 2008, whether drivers are available (either from Microsoft update or on the installation media) and what problems you might encounter when upgrading to Windows server 2008. I recommend checking your systems with this tool, which is called the Microsoft Assessment and Planning Solution Accelerator (MAP for short).
Backups
Make backups of all your Domain Controllers and verify you can restore these backups when needed.
Documentation It is a good thing to know exactly what you're migrating. When things go wrong you might need to be able to revert back to the old situation. This might require the Directory Services Restore Mode (DSRM) password and credentials for service accounts, which might not be written down anywhere. In multiple Domain Controller, multiple domain, multiple forest and multiple sites scenarios it's very wise to make a table containing the relevant information per Domain Controller in terms of Flexible Single Master Operations (FSMO) roles, Global Catalog placement, domain membership, site membership, replication topology, routing tables, IP addressing, etc.
Communication When done right your colleagues might not even suspect a thing, but it's important to shed some light on what you're doing. (Make someone) communicate to the end users that you're going to mess with the core of their infrastructure. This might result in colleagues understanding you're (really) busy and might also result in problems being reported fast. Both are good things if you'd ask me...

Prepare your Active Directory environment

 Before you can begin to upgrade the first Windows Server 2003 Domain Controller to a Windows Server 2008 Domain Controller, you first have to prepare the Active Directory.
Microsoft provides a tool called adprep.exe to facilitate this preparation. You need to run the following commands on the following servers in your Active Directory environment:
You need to run the following commands on the following servers in your Active Directory environment:
Command Domain Controller
adprep.exe /forestprep Schema Master
adprep.exe /domainprep Infrastructure Master
adprep.exe /domainprep /gpprep Infrastructure Master
adprep.exe /rodcprep * Domain Naming Master
                               * Optional when you want to deploy Read Only Domain Controllers.
After preparing your Active Directory for Windows Server 2008 be sure to check the process. Breadcrumbs to failures may be found in the event viewer, but real men will check the adprep.log files.
Allow sufficient time for proper replication to all your Windows Server 2003 Domain Controllers. (In large environments with specific replication needs this might take hours.) When you feel all changes have been replicated use the replmon and repadmin tools to check and optionally troubleshoot Active Directory replication.

Choosing which Domain Controller to upgrade first

 When your Active Directory forest consists of many Active Directory domains, begin your upgrades in the forest root domain.
Flexible Single Master Operations (FSMO) roles are key in your Active Directory environment. When your environment allows it, it is recommended to:
Perform an in-place upgrade of the Domain Controller holding all the Flexible Single Master Operations (FSMO) roles first. This will ensure the first Windows Server 2008 Domain Controller is a Global Catalog and all the Flexible Single Master Operations (FSMO) roles are on Windows Server 2008.
After you have upgraded the Domain Controller holding all the FSMO roles in the forest root domain, you can upgrade the Domain Controllers for additional domains in your forest. Place the domain-wide FSMO roles (3) on a single server and upgrade it in-place.
When you're done upgrading other servers you can redistribute Flexible Single Master Operations (FSMO) roles across other servers, although it is a best practice to keep your Flexible Single Master Operations (FSMO) roles on as little servers as possible.

Upgrade the first Domain Controller

 After preparing your Active Directory environment you can start the in-place upgrade on your first Windows Server 2003 Domain Controller. Simply enter the Windows Server 2008 DVD, corresponding to the architecture (x86, x64 or Itanium) and the Edition (Standard, Enterprise, DataCenter) you're migrating from and to.
In the initial Install Windows screen press the Install Now button to begin installation of Windows Server 2008.
The screen Get important updates for installation gives you the option to either go online and get the latest updates for installation or to skip going online. I recommend choosing Go online to get the latest updates for installation (recommended), since Microsoft might enhance the Windows Server 2008 installation wizard by adding additional support for drivers and scenarios.
Note: These updates are not related to the updates your accustomed to receive through Windows or Microsoft Update. These updates relate to the Windows Server 2008 Installation process only. Microsoft may choose to enhance the installation experience between Service Pack releases.
Depending on your media type you will see the Type your product key for activation window. If you do, simply type your Windows product key and tick the Automatically activate Windows when I'm online option.
In the Which type of installation do you want window select Upgrade.
The Compatibility report window will be displayed telling you what hardware might not function once upgrade is completed , also to check with software vendors to check if their software are compatible with Windows Server 2008. click Next.
The Installation wizard will now perform an in-place upgrade of your Windows Server 2003 Domain Controller. After multiple restarts, the Upgrade process will be completed and you will be able to start using your Windows Server 2008. Your upgrade might take hours to complete.

Upgrade additional Domain Controllers

 Upgrading additional Domain Controllers in place is as easy as repeating the steps for in-place upgrading the first Domain Controller.
If you want to deploy Read Only Domain Controllers (RODCs) in the same domain as your upgraded Domain Controller, make sure:
  • You have deployed at least one Windows Server 2008 in each domain you want to deploy Read Only Domain Controllers, before you deploy the first Read Only Domain Controller.
  • Both the Forest functional level and Domain functional level are Windows Server 2003 at minimum, before you deploy the first Read Only Domain Controller.
  • You have run adprep.exe /rodcprep on the Domain Controller holding the Domain Naming Master Flexible Single Master Operations (FSMO) role for the forest you want to deploy Read Only Domain Controllers in, before you deploy the first Read Only Domain Controller.

Raise the domain functional level

 After you've successfully upgraded the last Windows Server 2003 Domain Controller for a specific domain (or you don't feel the need to ever add pre-Windows Server 2008 Domain Controllers to your Active Directory environment) you're ready to raise the Domain functional level of that domain.
Upgrading the domain functional level to Windows Server 2008 adds the following features to your environment:
  • Distributed File System Replication (DFS-R) support for SYSVOL, which provides more robust and detailed replication of SYSVOL contents with minimal replication traffic compared to FRS.
  • Advanced Encryption Services (AES 128 and 256) support for the Kerberos protocol.
  • Last Interactive Logon Information, which displays the time of the last successful interactive logon for a user, from what workstation, and the number of failed logon attempts since the last logon.
  • Fine-grained password policies, which make it possible for password and account lockout policies to be specified for users and global security groups in a domain, instead of per domain only.
Note:
Raising the functional level is a one way procedure. Once you've raised your domain functional level there's no way to return to the previous domain functional level.
Raising the domain functional level in Windows Server 2008 looks remarkably similar to raising the domain functional level on Windows Server 2003:
  1. Log on to the Domain Controller holding the PDC emulator FSMO role with a user account that is a member of the Domain Administrators group..
  2. Open Active Directory Domains and Trusts.
  3. In the console tree, right-click the domain for which you want to raise functionality, and then click Raise Domain Functional Level.
  4. In Select an available domain functional level, click Windows Server 2008, and then click Raise.

Raise the forest functional level

 After you've successfully raised the domain functional level of all the domains in your Active Directory forest you're ready to upgrade the Forest functional level. This will not add any features, but will result in all domains that are subsequently added to the forest will operate at the Windows Server 2008 domain functional level by default.
Note:
Raising the functional level is a one way procedure. Once you've raised your forest functional level there's no way to return to the previous forest or domain functional levels.
To upgrade the forest functional level to Windows Server 2008 perform the following actions:
  1. Log on to the Domain Controller of the forest root domain holding the PDC Emulator FSMO role with a user account that is a member of the Enterprise Administrators group.
  2. Open Active Directory Domains and Trusts.
  3. In the console tree, right-click Active Directory Domains and Trusts, and then click Raise Forest Functional Level.
  4. Under Select an available forest functional level, click Windows Server 2008, and then click Raise.
    

Concluding

 In my mind in-place upgrading is more tricky than transitioning your Active Directory environment. If at all: it's the same amount of work. With transitioning you need to perform the right steps at the right time. With In-place upgrading you need to check more prerequisites before you can actually slap in the disk.
With transitioning being inevitable (since hardware ages) and 64bit computing looming on the horizon I feel In-place upgrading is the right migration scenario only on rare occasions.
Please note however Microsoft supports in-place upgrading many Active Directory technology specialists do not recommend upgrading Domain Controllers.

Further reading

In-Place Upgrade from Windows Server 2003 Domain Controller to Windows Server 2008
Identifying Your Windows Server 2008 Functional Level Upgrade 
What Does the Upgrade Landscape Look Like for Windows Server 2008 
Screencast: How to Upgrade In-Place 2003 DC
What You Need to Know About In-Place Upgrades 
Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain
Flexible single master operation
How to create or move a global catalog in Windows Server 2003
TechNet Forums - In-place upgrade of W2k3 to W2k8 
TechNet Forums - Migrate AD users from 2003 to 2008 
TechNet Forums - migration from windows 2003 to windows 2008 
[Podcast] Windows Server 2008: To Upgrade or Not to Upgrade
Posted by at No comments:

Monday, December 12, 2011

Use Any Sim Card in BSNL/MTNL Teracom 3G USB Data Cards

Quote:Guide to Use Any Sim Card in BSNL/MTNL Teracom 3G USB Data Cards

Requirements:
Data Card (BSNL/MTNL Teracom LW 272 or LW 273)
BSNL/MTNL SIM Card
Other Operator's SIM Card

How To?
Connect the Data Card with BSNL/MTNL SIM Card inserted to the system & install the software.
Let the System install the drivers for the Hardware.
After completition Restart the PC.

After Restart Close the application which modem installed if it is running, Go to the installed directory of the application which
usually looks like this "C:\Program Files\BSNL 3G Data Card\BSNL 3G\BSNL 3G.exe " and change it's file type from executable
to something like 'BSNL 3G.Backup'. (Note: It may be different in case of MTNL data card).

Go to Control Panel > Select Phone & Modems > Select the Required Modem (e.g. HSPA DataCard.) > Go to Properties of
that Modem > Select Advance TAB & insert Extra Initialization Command (AT+CGDCONT=1, "IP", "APN"). Press OK. (Replace
the "APN" with your new Sim Card Mobile Operator's APN). You can find more information on this below.

Now Select Network Connections in Control Panel.
Click on "Create new Network".
A wizard will start up. Click next.
Select "Connect to Internet". Click next.
Select "Set up my connection manually". Click next.
Select "Connect using a Dial-up Modem". Click next.
Select Your Modem. Click next.
ISP Name: (Any name could be written). Click next.
Phone Number: *99#. Click next.
Replace the "*99#" with your Mobile Operator Phone Number. You can find this information below.
Leave User Name, Password, and Confirm Password fields blank. Click next.
Click on "Add a shortcut to Desktop". Click on Finish.

Disconnect the data card and replace the BSNL/MTNL SIM Card with the mobile operator's SIM Card of which you entered
the APN before.

Connect the data card again and wait for the green light to glow.
Now you can connect to the internet by double clicking the shortcut of the new dial-up connection we made.

GPRS SETTINGS OF ALL OPERATORS.

Reliance
APN: rcomnet
Access Number: *99#

Aircel
APN: aircelgprs.pr (prepaid)
aircelgprs.po (postpaid)
Access Number: *99***1#

Idea
APN: internet
Access Number: *99#

Docomo
APN: TATA.DOCOMO.INTERNET
Access Number: *99#

Airtel
APN: airtelgprs.com
Access Number: *99#

BSNL 3G
APN: bsnlnet
Access Number: *99#

BSNL 2G
APN: bsnlnet
Access Number: *99#

MTNL 3G
Postpaid: APN: mtnl3g
Prepaid APN: pps3g
Access Number: *99#

Vodafone
APN: Vodafone www
Access Number: *99#
Posted by at No comments:

Tuesday, August 16, 2011

Unable to “Check Out” a Document in MOSS 2007

1. Introduction

Troubleshooting Sharepoint/MOSS 2007 publishing through ISA Server can be really challenging, mainly because most of the times the argument is: but it works just fine internally. Although this can be a good argument it doesn’t prove that the issue is on ISA Sever. The reason why it doesn’t prove is because most of the time while publishing MOSS 2007 through ISA Server 2006 the Alternate Access Mappings is controlled by MOSS. This is a key element in this type of publishing scenario, so before we move further on this issue I strong recommend you to read the following article: Plan alternate access mappings (Office SharePoint Server). This article has all the concepts that you need to plan your AAM without hurting your publishing rule through ISA Server.

The problem that I’m about to describe was happening when the user was trying to check out a document under Home > Document Center > Documents as you see in figure 1:

Figure 1 – User attempt to use “Check Out” option.

When user selected this option the following error appeared:

Figure 2 – Error message when try to check out a document.

Since this problem didn’t happen internally, customer wants to troubleshoot the ISA Publishing piece. In this scenario customer was using SSL just for external traffic as show below (our repro lab):

Figure 3 – Network Diagram.

2. Gathering Data

The first approach was to get ISA Logging while user was trying to perform this operation and here the result:

 
Figure 4 – ISA Server Logging.

Notice that this error is not returned be ISA, the published server (MOSS) is returning the 500 Internal Server Error.  We also move further and got a Netmon Trace from the internal interface of the ISA Server and it was even clearer that ISA was only doing what the published server asked him to do:

- ISA forwards the “Check Out” request that external client performed to MOSS Server:
10.20.20.1  10.20.20.25 WSMan      WSMan
- Http: HTTP Payload, URL: /_vti_bin/lists.asmx
    payload: HttpContentType =  text/xml; charset=utf-8
  XMLParser:
- Soap: xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
  - Envelope: SoapNode:<soap:Envelope>
   + STag: <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   + Body: SoapNode:<soap:Body>
   + ETag: </soap:Envelope>
- WSManXMLSchemaInstance:
  - Element: XmlElement:<CheckOutFile>
   + STag: <CheckOutFile xmlns="http://schemas.microsoft.com/sharepoint/soap/">
   + Element: XmlElement:<pageUrl> - https://moss.contoso.com/Docs/Documents/test.docx
   + Element: XmlElement:<checkoutToLocal> - TRUE
   + ETag: </CheckOutFile>

- MOSS Server answers with the 500 error:
10.20.20.25       10.20.20.1  WSMan       WSMan
- Http: Response, HTTP/1.1, Status Code = 500, URL: /_vti_bin/lists.asmx
    ProtocolVersion: HTTP/1.1
    StatusCode: 500, Internal server error
    Reason: Internal Server Error
    Date:  Thu, 02 Oct 2008 13:26:54 GMT
    Server:  Microsoft-IIS/6.0
    XPoweredBy:  ASP.NET
    MicrosoftSharePointTeamServices:  12.0.0.4518
    XAspNetVersion:  2.0.50727
    Cache-Control:  private
    ContentType:  text/xml; charset=utf-8
    ContentLength:  566
    HeaderEnd: CRLF
    payload: HttpContentType =  text/xml; charset=utf-8
+ XMLParser: version="1.0" encoding="utf-8"
- Soap: xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  - Envelope: SoapNode:<soap:Envelope>
   + STag: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
   + Body: SoapNode:<soap:Body>
   + ETag: </soap:Envelope>
- WSManXMLSchemaInstance:
  - Element: XmlElement:<soap:Fault>
   + STag: <soap:Fault>
   - Element: XmlElement:<faultcode> - soap:Server
    + STag: <faultcode>
      Content: soap:Server
    + ETag: </faultcode>
   - Element: XmlElement:<faultstring> - Exception of type 'Microsoft.SharePoint.SoapServer.SoapServerException' was thrown.
    + STag: <faultstring>
      Content: Exception of type 'Microsoft.SharePoint.SoapServer.SoapServerException' was thrown.
    + ETag: </faultstring>
   - Element: XmlElement:<detail>
    + STag: <detail>
    - Element: XmlElement:<errorstring> - Object reference not set to an instance of an object.
     + STag: <errorstring xmlns="http://schemas.microsoft.com/sharepoint/soap/">
       Content: Object reference not set to an instance of an object.
     + ETag: </errorstring>
    + ETag: </detail>
   + ETag: </soap:Fault>

Now that the point is proved we need to collaborate with MOSS Team to find out the root cause for this problem.

3. Small change, big effect

When I start to collaborate in this case the first thing that I let the MOSS Engineer aware was that while I was creating the Sharepoint Publishing rule using the Wizard the option below was selected:

 
Figure 5 – Sharepoint Wizard.

Based on that information he went directly to the AAM on MOSS to see how it was configured and found the problem:

Figure 6 – Original AAM Configuration.

Here is the change that was done to fix the problem:

Figure 7 – Correct configuration for this scenario.

4. Monitoring while is Working

After this change the external client was able to perform the “Check Out” operation just fine. To better understand a normal behavior we took another netmon trace while this feature was working to see how the traffic was. Here it is the result:

- ISA forwards the “Check Out” request that external client performed to MOSS Server:
10.20.20.1  10.20.20.25 WSMan WSMan
+ Http: HTTP Payload, URL: /_vti_bin/lists.asmx
  XMLParser:
+ Soap: xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
- WSManXMLSchemaInstance:
  - Element: XmlElement:<CheckOutFile>
   + STag: <CheckOutFile xmlns="http://schemas.microsoft.com/sharepoint/soap/">
   - Element: XmlElement:<pageUrl> - https://moss.contoso.com/Docs/Documents/test.docx
    + STag: <pageUrl>
      Content: https://moss.contoso.com/Docs/Documents/test.docx
    + ETag: </pageUrl>
   - Element: XmlElement:<checkoutToLocal> - TRUE
    + STag: <checkoutToLocal>
      Content: TRUE
    + ETag: </checkoutToLocal>
   + ETag: </CheckOutFile>

- MOSS Server appropriately answers the request with HTTP 200:
10.20.20.25 10.20.20.1  WSMan       WSMan
- Http: Response, HTTP/1.1, Status Code = 200, URL: /_vti_bin/lists.asmx
    ProtocolVersion: HTTP/1.1
    StatusCode: 200, Ok
    Reason: OK
    Date:  Thu, 02 Oct 2008 13:50:41 GMT
    Server:  Microsoft-IIS/6.0
    XPoweredBy:  ASP.NET
    MicrosoftSharePointTeamServices:  12.0.0.4518
    XAspNetVersion:  2.0.50727
    Set-Cookie:  WSS_KeepSessionAuthenticated=80; path=/
    Set-Cookie:  MSOWebPartPage_AnonymousAccessCookie=80; expires=Thu, 02-Oct-2008 14:20:41 GMT; path=/
    Cache-Control:  private, max-age=0
    ContentType:  text/xml; charset=utf-8
    ContentLength:  390
    HeaderEnd: CRLF
    payload: HttpContentType =  text/xml; charset=utf-8
+ XMLParser: version="1.0" encoding="utf-8"
+ Soap: xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
- WSManXMLSchemaInstance:
  - Element: XmlElement:<CheckOutFileResponse>
   + STag: <CheckOutFileResponse xmlns="http://schemas.microsoft.com/sharepoint/soap/">
   - Element: XmlElement:<CheckOutFileResult> - true
    + STag: <CheckOutFileResult>
      Content: true
    + ETag: </CheckOutFileResult>
   + ETag: </CheckOutFileResponse>

5. Conclusion

The main goal of this article is really to make you understand one important point about MOSS Publishing through ISA Server: don’t thing that because it works inside your network and doesn’t work externally that the issue is with ISA Server, this is not always true. A better understanding of AAM can avoid you to have problems like this. But if you end up having issues, try to work together as a team. Engaging the right resources on both sides can lead you to a faster resolution and better user’s experience.
Posted by at No comments:
Subscribe to: Posts (Atom)