Naming information cannot be located because:
The workstation driver is not installed.
Contact your system administrator to verify that your domain is properly configured and is currently online.
CAUSE
The Client for Microsoft Networks component is actually the Workstation service. If you remove this service, the Netlogon and RPC Locator services are also removed. When you reinstall the Client for Microsoft Networks component, the Netlogon and RPC Locator services are also reinstalled, but the Netlogon service is not configured to depend on the Server service when the computer starts.
RESOLUTION
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/) How to back up and restore the registry in Windows
1. If you did not reinstall the Client for Microsoft Networks component, follow these steps to install it:
a. In SBS 2000, right-click My Network Places, and then click Properties. In SBS 2003, open Control Panel , and then double-click Network Connections.
b. Right-click the internal network connection, and then click Properties.
c. Click Install, click Client, and then click Add.
d. Click Client for Microsoft Networks, and then click OK.
e. Click OK in each dialog box until all networking properties are closed, and then restart the Small Business Server (SBS) 2000 server.
2. Log on to the computer. Ignore any warnings about services that cannot start. Start the Services tool.
3. Verify that the startup type for the RPC Locator service is set to Automatic, and then start the service.
4. Verify that the startup type for the Netlogon service is set to Automatic. Do not start the Netlogon service yet.
5. Configure the Netlogon service to depend on the Server service:
a. Start Registry Editor (Regedt32.exe).
b. Locate and then click the DependOnService value under the following key in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon
c. On the Edit menu, click Multi String, type LanmanServer on a line by itself, and then click OK.
d. Quit Registry Editor.
6. In the Services tool, start the Netlogon service.
7. Verify that you can use Active Directory by using a program such as Active Directory Users and Computers to view or modify Active Directory.
8. Restart the server.
9. If the server takes a long time to restart, or if you receive warnings that services cannot start, use the Services tool to verify that the Netlogon service is set to Automatic and has started. You may have to set the startup type two times.
Friday, October 24, 2008
Wednesday, October 8, 2008
alice bot on miranda IM
1. reference
http://en.wikipedia.org/wiki/SmarterChild
2. download miranda IM first
3. download the plugin
http://addons.miranda-im.org/details.php?action=viewfile&id=326
http://en.wikipedia.org/wiki/SmarterChild
2. download miranda IM first
3. download the plugin
http://addons.miranda-im.org/details.php?action=viewfile&id=326
Tuesday, September 9, 2008
incompatibility of win2k3 r2, win2k3 sp1, and win2k
Before you can introduce Windows Server 2003 domain controllers, you must prepare the forest and domains with the ADPrep utility.
* ADPrep /forestprep on the schema master in your Windows 2000 forest.
* ADPrep /domainprep on the Infrastructure Master in each AD domain.
ADPrep is located in the i386 directory of the Windows Server 2003 install media.
Note: In Windows Server 2003 R2, ADPrep is not located in the same folder as in the older Windows Server 2003 media, and instead you need to look for it in the second CD. You see, Windows Server 2003 R2 comes on two installation disks. Installation disk 1 contains a slip-streamed version of Windows Server 2003 with Service Pack 2 (SP2). Installation disk 2 contains the Windows Server 2003 R2 files.
The correct version of the ADPrep.exe tool for Windows Server 2003 R2 is 5.2.3790.2075.
You can find the R2 ADPrep tool in the following folder on the second CD:
drive:\CMPNENTS\R2\ADPREP\
Note, running adprep on the PDC should be good enough.
* ADPrep /forestprep on the schema master in your Windows 2000 forest.
* ADPrep /domainprep on the Infrastructure Master in each AD domain.
ADPrep is located in the i386 directory of the Windows Server 2003 install media.
Note: In Windows Server 2003 R2, ADPrep is not located in the same folder as in the older Windows Server 2003 media, and instead you need to look for it in the second CD. You see, Windows Server 2003 R2 comes on two installation disks. Installation disk 1 contains a slip-streamed version of Windows Server 2003 with Service Pack 2 (SP2). Installation disk 2 contains the Windows Server 2003 R2 files.
The correct version of the ADPrep.exe tool for Windows Server 2003 R2 is 5.2.3790.2075.
You can find the R2 ADPrep tool in the following folder on the second CD:
drive:\CMPNENTS\R2\ADPREP\
Note, running adprep on the PDC should be good enough.
Thursday, September 4, 2008
script for collecting sys info
#!/bin/sh
do_cmd_output() {
echo "$*"
$*
echo
}
do_file_output() {
for file; do
[ -f $file ] && do_cmd_output cat $file
done
}
oom_output() {
echo '======================================================================='
date
echo '======================================================================='
echo
do_file_output /proc/meminfo
do_cmd_output ps -Aww -o pid,ppid,pcpu,vsize,rss,majflt,tty,stat,wchan,command
do_cmd_output top -b -n 1
do_file_output /sys/block/sda/queue/stats
do_file_output /proc/nbt/0/icore_stats
do_file_output /proc/nbt/0/icore_dstats
do_file_output /proc/nbt/0/icore_mstats
}
while true
do
oom_output >> /var/log/oom_profile.log
sleep 30
done
do_cmd_output() {
echo "$*"
$*
echo
}
do_file_output() {
for file; do
[ -f $file ] && do_cmd_output cat $file
done
}
oom_output() {
echo '======================================================================='
date
echo '======================================================================='
echo
do_file_output /proc/meminfo
do_cmd_output ps -Aww -o pid,ppid,pcpu,vsize,rss,majflt,tty,stat,wchan,command
do_cmd_output top -b -n 1
do_file_output /sys/block/sda/queue/stats
do_file_output /proc/nbt/0/icore_stats
do_file_output /proc/nbt/0/icore_dstats
do_file_output /proc/nbt/0/icore_mstats
}
while true
do
oom_output >> /var/log/oom_profile.log
sleep 30
done
Wednesday, August 27, 2008
Cygwin: Can’t quit Emacs using C-x C-c
On some installations of Cygwin on Windows, it is impossible to exit Emacs using C-x C-c. After digging around in the message lists, I discovered that the C-x key Control-C is trapped by the OS.
UPDATE: Specifically, Control-C handling on Windows is tied to a console. Only a process that is attached to a proper Windows console can receive Control-C or Control-Break events.
The fix for this is to set a Windows environment variable:
CYGWIN=tty
Then quit all of the Cygwin windows and start them up again. Works like a charm.
UPDATE: Also works for any other situation where Windows is making Control-C kill your process instead of handing it over to the application.
UPDATE: Specifically, Control-C handling on Windows is tied to a console. Only a process that is attached to a proper Windows console can receive Control-C or Control-Break events.
The fix for this is to set a Windows environment variable:
CYGWIN=tty
Then quit all of the Cygwin windows and start them up again. Works like a charm.
UPDATE: Also works for any other situation where Windows is making Control-C kill your process instead of handing it over to the application.
Wednesday, August 13, 2008
add printer to AD server
1. Change the group policy to allow printer can be published:
-Right click on domain controller, click "property"
-Click "group policy", and click "edit"
-Go to "computer configuration > administrative templates > printers", and enable "allow printers to be published"
2. Find the printer and move to OU you created
-Right click on domain controller, choose "find"
-Change find to "printers" in server
-Click "find now", you will get all the shared printers
-Pick the one you want to add, right click, choose "move", and move it to the desired OU
-Right click on domain controller, click "property"
-Click "group policy", and click "edit"
-Go to "computer configuration > administrative templates > printers", and enable "allow printers to be published"
2. Find the printer and move to OU you created
-Right click on domain controller, choose "find"
-Change find to "printers" in server
-Click "find now", you will get all the shared printers
-Pick the one you want to add, right click, choose "move", and move it to the desired OU
Wednesday, August 6, 2008
Active directory performance testing tool (adtest.exe)
summary: 1) raise functional level of AD server to Windows server 2003; 2) import adsiedit.dll, and run adsiedit.msc; 3) set dSHeuristics bit; 4) update registry table; 5) create ADTest and its password, and set it as member of administrator; 6) Create BaseOU; 7) run NewRoot&AddUser tests to setup the test environment
step 1: Setup Test Servers
OS
windows server 2003 with SP1, enterprise edition. 32-bit platform.
server configuration
After you install the OS on server, perform the following steps to configure the server for the performance tests. The server is configured as domain controller of forest. The domain functional level must be raised and a dSHeuristics bit set so that Active Directory will treat the userPassword attribute as a password and not just a string attribute. Furthermore, to avoid errors that may be caused by the server and client running out of connections, some registry entries must be changed.
First, install AD on server to make the server a domain controller.
Next, raise the functional level of each domain to Windows Server 2003.
Next, set dSHeuristics bit so that the userPassword attribute is treated like a password and not a string attribute. This operation will succeed only if the domain functional level is Windows Server 2003. Set the 9th bit to 1 (e.g., change the value to 000000001, shown in figure)
Next, set registry entries to allow more connections to the server using windows interface or by command line
(by Windows interface)
1. Click Start, click Run, type regedit, and then click OK.
2. Navigate to the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
3. Right-click the details pane, point to New, and then click DWORD value.
4. Type MaxUserPort as the name for the new value, and then press ENTER.
5. Right-click MaxUserPort, and then click Modify.
6. In Value Data, type fffe.
7. Ensure that Base is Hexadecimal, and then click OK.
8. Right-click the details pane again, point to New, and then click DWORD value.
9. Type TcpWindowSize as the name for the new value, and then press ENTER.
10. Right-click TcpWindowSize, and then click Modify.
11. In Value Data, type ffff.
12. Ensure that Base is Hexadecimal, and then click OK.
Step 2: Create ADTest User
An ADTest user must be created. This account is used by ADTest to create users, OUs, and groups in the directory and to perform the tests. Create an ADTest user account for each Active Directory forest, and then assign a password to the user account (e.g. ss-123456 for this test). Then add the ADTest user account to the Administrators group on the server.
Step 3: Setup Test Client Computers
You also need to set the MaxUserPort and TcpWindowSize registry keys. These keys allow the clients to have more connections to the server. You can set these keys by using the Windows interface or by using a command line.
(by using a command line)
1. Click Start, click Run, type cmd, and then click OK.
2. Type the following command, and then press ENTER:
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v MaxUserPort /t REG_DWORD /d 0xfffe
3. Type the following command, and then press ENTER:
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v TcpWindowSize /t REG_DWORD /d 0xffff
Join the client computer(s) to the test domains.
Step 4: Setup the Test Environment
Before you setup the test environment, ensure that the previous procedures have been completed. In particular, an ADTest user account with password "ss-123456" must be created and added to the Administrators group on the server.
The section explains how to use the ADTest scripts to setup the OU structure and add all the users programmatically.
On the server, create and OU named BaseOU directly under the domain node. The ADTest commands will subsequently create the appropriate OU substructure below the BaseOU for each test that is performed. All user accounts are then created the OU substructure to facilitate the subtree searches. If a subtree search is performed directly below the domain node, the results are slower as the clients receive referrals.
To create the OU substructure and user accounts for the domain, open a command line and change folders to the folder that contains adtest.exe. Type the following command to create the OU substructure:
adtest -r NewRoot -f myTest.ats -user ADTest -password ss-123456 -root 0 -t %3 -sf -e -d 5
where %3 is the number of OUs desired. To test 3M users, 10 OUs are created.
To create the user accounts, type the following command:
adtest -r AddUser -f myTest.ats -user ADTest -password ss-123456 -root 0 -t %3 -sf -e -d 5
where %3 is the number of users. You can change the default number of users in .ats file (the default is 3M, check #define $DefaultRange #(0-2999999))
step 1: Setup Test Servers
OS
windows server 2003 with SP1, enterprise edition. 32-bit platform.
server configuration
After you install the OS on server, perform the following steps to configure the server for the performance tests. The server is configured as domain controller of forest. The domain functional level must be raised and a dSHeuristics bit set so that Active Directory will treat the userPassword attribute as a password and not just a string attribute. Furthermore, to avoid errors that may be caused by the server and client running out of connections, some registry entries must be changed.
First, install AD on server to make the server a domain controller.
Next, raise the functional level of each domain to Windows Server 2003.
Next, set dSHeuristics bit so that the userPassword attribute is treated like a password and not a string attribute. This operation will succeed only if the domain functional level is Windows Server 2003. Set the 9th bit to 1 (e.g., change the value to 000000001, shown in figure)
Next, set registry entries to allow more connections to the server using windows interface or by command line
(by Windows interface)
1. Click Start, click Run, type regedit, and then click OK.
2. Navigate to the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
3. Right-click the details pane, point to New, and then click DWORD value.
4. Type MaxUserPort as the name for the new value, and then press ENTER.
5. Right-click MaxUserPort, and then click Modify.
6. In Value Data, type fffe.
7. Ensure that Base is Hexadecimal, and then click OK.
8. Right-click the details pane again, point to New, and then click DWORD value.
9. Type TcpWindowSize as the name for the new value, and then press ENTER.
10. Right-click TcpWindowSize, and then click Modify.
11. In Value Data, type ffff.
12. Ensure that Base is Hexadecimal, and then click OK.
Step 2: Create ADTest User
An ADTest user must be created. This account is used by ADTest to create users, OUs, and groups in the directory and to perform the tests. Create an ADTest user account for each Active Directory forest, and then assign a password to the user account (e.g. ss-123456 for this test). Then add the ADTest user account to the Administrators group on the server.
Step 3: Setup Test Client Computers
You also need to set the MaxUserPort and TcpWindowSize registry keys. These keys allow the clients to have more connections to the server. You can set these keys by using the Windows interface or by using a command line.
(by using a command line)
1. Click Start, click Run, type cmd, and then click OK.
2. Type the following command, and then press ENTER:
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v MaxUserPort /t REG_DWORD /d 0xfffe
3. Type the following command, and then press ENTER:
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v TcpWindowSize /t REG_DWORD /d 0xffff
Join the client computer(s) to the test domains.
Step 4: Setup the Test Environment
Before you setup the test environment, ensure that the previous procedures have been completed. In particular, an ADTest user account with password "ss-123456" must be created and added to the Administrators group on the server.
The section explains how to use the ADTest scripts to setup the OU structure and add all the users programmatically.
On the server, create and OU named BaseOU directly under the domain node. The ADTest commands will subsequently create the appropriate OU substructure below the BaseOU for each test that is performed. All user accounts are then created the OU substructure to facilitate the subtree searches. If a subtree search is performed directly below the domain node, the results are slower as the clients receive referrals.
To create the OU substructure and user accounts for the domain, open a command line and change folders to the folder that contains adtest.exe. Type the following command to create the OU substructure:
adtest -r NewRoot -f myTest.ats -user ADTest -password ss-123456 -root 0 -t %3 -sf -e -d 5
where %3 is the number of OUs desired. To test 3M users, 10 OUs are created.
To create the user accounts, type the following command:
adtest -r AddUser -f myTest.ats -user ADTest -password ss-123456 -root 0 -t %3 -sf -e -d 5
where %3 is the number of users. You can change the default number of users in .ats file (the default is 3M, check #define $DefaultRange #(0-2999999))
snap-in failed to initialize
solution:
Applications like Administrative Tools and Computer Management use Snap-ins to control things like disk defragmenting, mmc. So all you need to do is to register these components.
For disk defragmenting:
To do this, open a command prompt. At the prompt, type regsvr32 dfrgsnap.dll
and hit Enter. You will see a window pop-up indicating success of the registration.
Now type regsvr32 dfrgui.dll and hit Enter. You will receive another similar pop-up window. Click OK.
For MMC:
type regsvr32 adsiedit.dll
Monday, August 4, 2008
when the secondary DNS doesn't update automatically
Things you need to check:
1. Did you put the IP of your secondary DNS to the primary DNS to allow "zone transfer"?
1. Did you put the IP of your secondary DNS to the primary DNS to allow "zone transfer"?
Thursday, July 31, 2008
Configuring windows server 2008 core basic networking settings
0. Server core has no real GUI (except a few tools such as task manager).
1. When the installation is done, login the system with Administrator and no password.
2. Managing windows 2008 server core through RDP (remote desktop protocol) client, aka mstsc:
cscript c:\windows\system32\scregedit.wsf \ar 0
(this will enable the remote desktop for Administration mode to accept connections. To view your current settings, you can type:
cscript c:\windows\system32\scregedit.wsf \ar \v
If you see "1" in the script output, that means that RDP connections are denied. If "o", they will be allowed.)
3. To enable remote management from any MMC snap-in, type the following:
netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
4. To change the name the server, first type "hostname" or "ipconfig /all" to determine the current name of the server. Then type
netdom renamecomputer /NewName:
After that, you need to restart the server by
shutdown /r /t 0
5. To set the administrator password in Windows Server 2008, type the following:
net user Administrator *
6. To set the server with static IP address, type
netsh interface ipv4 show interface
Look at the number shown in the Idx column of the output for your network adapter. If your computer has more than one network adapter, make a note of the number corresponding to the network adapter for which you wish to set a static IP address. At the command line, type:
netsh interface ipv4 set address name="" source=static address= mask= gateway=
where ID is the number shown in the Idx column.
To add DNS, type
netsh interface ipv4 add dnsserver name="" address= index=1
Repeat the above step for each DNS server that you want to set, incrementing the index=number each time.
You can verify your changes by "ipconfig /all".
7. To manager a server running a Server Core installation by using the Windows Remote Shell, you can type
WinRM quickconfig
to enable Windows Remote Shell on a server.
Then on the remote computer, at a command line, use WinRS.exe to run commands on a Server Core. For example, to perform a directory listing of the Windows folder, type
winrs -r: cmd
then you can now type any command that your require, it will be executed on the remote computer.
8. To active the server, type
slmgr.vbs -ato
to active the server remotely, type
cscript slmgr.vbs -ato
then retrieve the GUID of the computer by typing
cscript slmgr.vbs -did
type
cscript slmgr.vbs -dli
9. To join a Windows 2008 server to a domain, type
netdom join /domain: /userd: /passwordd:*
Note that entering * as the password means you will be prompted to enter it on the command prompt window in the next step. You can also enter it in the initial command, if you wish to.
After that, you need to restart the computer by "shutdown /r /t 0"
10. To remove a Windows 2008 server from a domain, type
netdom remove
Then reboot the computer.
11. change screensaver settings
type regedit and then change the following key values if needed:
* HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveActive
* HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE
* HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaverIsSecure
* HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveTimeOut
1. When the installation is done, login the system with Administrator and no password.
2. Managing windows 2008 server core through RDP (remote desktop protocol) client, aka mstsc:
cscript c:\windows\system32\scregedit.wsf \ar 0
(this will enable the remote desktop for Administration mode to accept connections. To view your current settings, you can type:
cscript c:\windows\system32\scregedit.wsf \ar \v
If you see "1" in the script output, that means that RDP connections are denied. If "o", they will be allowed.)
3. To enable remote management from any MMC snap-in, type the following:
netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
4. To change the name the server, first type "hostname" or "ipconfig /all" to determine the current name of the server. Then type
netdom renamecomputer
After that, you need to restart the server by
shutdown /r /t 0
5. To set the administrator password in Windows Server 2008, type the following:
net user Administrator *
6. To set the server with static IP address, type
netsh interface ipv4 show interface
Look at the number shown in the Idx column of the output for your network adapter. If your computer has more than one network adapter, make a note of the number corresponding to the network adapter for which you wish to set a static IP address. At the command line, type:
netsh interface ipv4 set address name="
where ID is the number shown in the Idx column.
To add DNS, type
netsh interface ipv4 add dnsserver name="
Repeat the above step for each DNS server that you want to set, incrementing the index=number each time.
You can verify your changes by "ipconfig /all".
7. To manager a server running a Server Core installation by using the Windows Remote Shell, you can type
WinRM quickconfig
to enable Windows Remote Shell on a server.
Then on the remote computer, at a command line, use WinRS.exe to run commands on a Server Core. For example, to perform a directory listing of the Windows folder, type
winrs -r:
then you can now type any command that your require, it will be executed on the remote computer.
8. To active the server, type
slmgr.vbs -ato
to active the server remotely, type
cscript slmgr.vbs -ato
then retrieve the GUID of the computer by typing
cscript slmgr.vbs -did
type
cscript slmgr.vbs -dli
9. To join a Windows 2008 server to a domain, type
netdom join
Note that entering * as the password means you will be prompted to enter it on the command prompt window in the next step. You can also enter it in the initial command, if you wish to.
After that, you need to restart the computer by "shutdown /r /t 0"
10. To remove a Windows 2008 server from a domain, type
netdom remove
Then reboot the computer.
11. change screensaver settings
type regedit and then change the following key values if needed:
* HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveActive
* HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE
* HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaverIsSecure
* HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveTimeOut
Thursday, July 24, 2008
Monday, July 21, 2008
Remove data from Active Directory when the normal demotion fails for windows 2003 server
1. run "ntdsutil"
2. type "metadata cleanup"
3. type "connections"
4. type "connect to server"
5. quit and get back to "metadata cleanup" menu
6. type "select operation target"
7. type "list domains"
8. type "select domain"
9. type "list sites"
10. type "select site
11. type "list servers in site"
12. type "select server"
13. type "quit"
14. type "remove selected server"
After you remove all the data, you should be able to normally demote your AD server.
2. type "metadata cleanup"
3. type "connections"
4. type "connect to server
5. quit and get back to "metadata cleanup" menu
6. type "select operation target"
7. type "list domains"
8. type "select domain
9. type "list sites"
10. type "select site
11. type "list servers in site"
12. type "select server
13. type "quit"
14. type "remove selected server"
After you remove all the data, you should be able to normally demote your AD server.
Thursday, July 17, 2008
Wednesday, July 16, 2008
Joining linux in windows domain
1. You need to make sure kerberos is installed:
#rpm -qa | grep krb
this should return at least 3 packages: krb5-devel, krb5-libs, and krb5-workstation
2. Make sure ldap development libs are installed:
#rpm -qa | grep ldap-devel
3. Make sure there is an entry of AD DC in /etc/hosts:
10.11.100.100 RSP1.RSPGUAM-DOMAIN.TEST RSP1
4. Edit /etc/krb5.conf based on your AD DC information. After you've modified the file, try:
#/usr/kerberos/bin/kinit Administrator@RSPGUAM-DOMAIN.TEST
If this works, you need to enter the correct password for Administrator. Otherwise, you will get the error message "kinit(v5): Preauthentication failed while getting initial credentials". If not you need double check /etc/resolv.conf and make sure the DNS server has been added.
5. Edit /etc/samba/smb.conf
workgroup = RSPGUAM-DOMAIN
realm = RSPGUAM-DOMAIN
security = ADS
6. Restart samba by "/etc/init.d/smb restart"
7. Run "net ads join -U Administrator@RSPGUAM-DOMAIN.TEST", and input the password for it.
8. Check if the computer has been added in the AD server.
#rpm -qa | grep krb
this should return at least 3 packages: krb5-devel, krb5-libs, and krb5-workstation
2. Make sure ldap development libs are installed:
#rpm -qa | grep ldap-devel
3. Make sure there is an entry of AD DC in /etc/hosts:
10.11.100.100 RSP1.RSPGUAM-DOMAIN.TEST RSP1
4. Edit /etc/krb5.conf based on your AD DC information. After you've modified the file, try:
#/usr/kerberos/bin/kinit Administrator@RSPGUAM-DOMAIN.TEST
If this works, you need to enter the correct password for Administrator. Otherwise, you will get the error message "kinit(v5): Preauthentication failed while getting initial credentials". If not you need double check /etc/resolv.conf and make sure the DNS server has been added.
5. Edit /etc/samba/smb.conf
workgroup = RSPGUAM-DOMAIN
realm = RSPGUAM-DOMAIN
security = ADS
6. Restart samba by "/etc/init.d/smb restart"
7. Run "net ads join -U Administrator@RSPGUAM-DOMAIN.TEST", and input the password for it.
8. Check if the computer has been added in the AD server.
Tuesday, July 15, 2008
Automation in Active Directory
1. Managing user accounts
1.1 Creating user accounts
one single user by command line
dsadd user "cn=Test User,ou=sales,dc=rspguam-domain,dc=test" -samid testuser -upn testuser@rspguam-domain.test -fn Test -ln User -display "Test User" -pwd P@ssw0rd -disabled no
many users by command line
FOR /L %i in (1,1,10) DO dsadd user "cn=Test User%i,ou=sales,dc=rspguam-domain,dc=test" -samid testuser%i -upn testuser%i@rspguam-domain.test -fn Test -ln User%i -display "Test User%i" -pwd P@ssw0rd -disabled no
many users by batch file
@echo off
cls
echo Creating Accounts
echo -----------------
FOR /L %%I in (10,1,99) DO dsadd user "cn=Test User%%I,ou=sales,dc=rspguam-domain,dc=test" -samid testuser%%I -upn testuser%%I@rspguam-domain.test -fn Test -ln User%%I -display "Test User%%I" -pwd P@asswOrd -disabled no
echo -----------------
pause
1.2 Delete users in a OU
dsrm -noprompt "ou=sales,dc=rspguam-domain,dc=test" -subtree -exclude
1.3 Reset user's password
@echo off
cls
echo Reset Password
echo ---------------
set /p DN=Enter the first and last name of the user in quotes:
dsquery user -name %DN% | dsmod user -pwd NewP@sswOrd -mustchpwd yes
echo ---------------
pause
1.4 Move a user and rename the user
dsmove "cn=Test User10,ou=sales,dc=rspguam-domain,dc=test" -newparent ou=accounting,dc=rspguam-domain,dc=test -newname "Dwight Schrute"
1.1 Creating user accounts
one single user by command line
dsadd user "cn=Test User,ou=sales,dc=rspguam-domain,dc=test" -samid testuser -upn testuser@rspguam-domain.test -fn Test -ln User -display "Test User" -pwd P@ssw0rd -disabled no
many users by command line
FOR /L %i in (1,1,10) DO dsadd user "cn=Test User%i,ou=sales,dc=rspguam-domain,dc=test" -samid testuser%i -upn testuser%i@rspguam-domain.test -fn Test -ln User%i -display "Test User%i" -pwd P@ssw0rd -disabled no
many users by batch file
@echo off
cls
echo Creating Accounts
echo -----------------
FOR /L %%I in (10,1,99) DO dsadd user "cn=Test User%%I,ou=sales,dc=rspguam-domain,dc=test" -samid testuser%%I -upn testuser%%I@rspguam-domain.test -fn Test -ln User%%I -display "Test User%%I" -pwd P@asswOrd -disabled no
echo -----------------
pause
1.2 Delete users in a OU
dsrm -noprompt "ou=sales,dc=rspguam-domain,dc=test" -subtree -exclude
1.3 Reset user's password
@echo off
cls
echo Reset Password
echo ---------------
set /p DN=Enter the first and last name of the user in quotes:
dsquery user -name %DN% | dsmod user -pwd NewP@sswOrd -mustchpwd yes
echo ---------------
pause
1.4 Move a user and rename the user
dsmove "cn=Test User10,ou=sales,dc=rspguam-domain,dc=test" -newparent ou=accounting,dc=rspguam-domain,dc=test -newname "Dwight Schrute"
Install fake printers on Windows 2000
Motivation: when doing automation tests, we might need fake printers.
Procedure for installation:
- Control Panel -> Printers -> Add Printer
- Select Local Printer, uncheck "Automatically detect and install my Plug and Play printer", click Next
- Instead of selecting an existing port, select "Create a new port" and select type as "Local Port"
- Enter a port name (e.g. fakeprinter. Note that the default path for this is C:\Windows\System32)
- Choose "Generic" as Manufacturers, and "Generic/Text Only" as Printers type (Note: you may be able to choose any other type of printer, like HP, Apple).
- Options: If you want to delete a printer port you just created, first delete the printer that is using the port. Then go to "Printers" windows, click "File->Server Properties->Ports". There you have authority to delete a print port.
Procedure for using the fake printer from windows cmd (lanman printing)
- In cmd, run "net use lpt2: \\<samba-or-windows-server>\<fake-printer-name>"
- Options: if you want to disconnect a mapped drive, simple type "net use x: /delete", where x: is the driver letter of the shared resource
- To print your file to fake printer, just use "copy
lpt2" (check the file C:\Windows\System32\ to make sure it is updated)
Compatibility issue when upgrading/downgrading between vmware server 1.0.4 and vmware server 2.0
- fix the vmware configuration file .vmx : change the line 'virtualHW.version = "6″' to 'virtualHW.version = "4″'.
- fix the vmware disk configuration file .vmdk: change the line 'ddb.virtualHWVersion = "6″' to 'ddb.virtualHWVersion = "4″'.
- if the .vmdk is large, you may not want to directly modify the file by opening it. You can use "dd "if=source.vmdk" | sed "/virtualHWVersion = \"6\"/s//virtualHWVersion = \"4\"/" > modified.vmdk". For windows users, you can use cygwin, or uedit32.exe.
Cron
delete the log files every 5 mins by cron job
- edit a txt file like:
*/5 * * * * rm /tmp/vmware-admin/v*.log -f
- in linux, run "crontab mycron"
How to flush DNS
reference: http://www.tech-faq.com/flush-dns.shtml
- in windows: "ipconfig /flushdns
- in linux, use nscd daemon: "/etc/rc.d/init.d/nscd restart"
Subscribe to:
Posts (Atom)