Thursday, July 31, 2014

Allow local users or domain users changing IP address

Sometimes you may receive the request that a local or domain user would like to change the IP address of a notebook computer. To archive this goal, we might add the user to a local administrator group. Adding the user to be an administrator, the user can do all things like installing software on the notebook. You might want this happen. You'd like to let the user to change the IP address or network configuration related only. To prevent the above scenario, administrators might consider adding a user into local "Network Configuration Operators" group. The user under "Network Configuration Operators" group can manage the network connectivity of a computer so the user can change an IP address on the notebook.

To add a user into "Network Configuration Operators" group, administrators can launch "Computer Management" and then add the user into the group.


Or perform "net localgroup "Network Configuration Operators" /add <user name>" as a Command Prompt to add the user into the group.

This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , , ,

Sunday, July 27, 2014

Sysinternals Tools demonstation in TechEd North America 2014

Aaron Margosis, Microsoft Cybersecurity Services, gave a demonstration of new features of Sysinternals tools in TechEd US 2014. In this video, Aaron talked about new features in  the following tools of Sysinternals Tools which are Process Explorer, SigCheck, AccessChk and so on. 

If you are interested in Sysinternals Tools and want to update the knowledge for troubleshooting, please watch:

This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: ,

Monday, July 21, 2014

Adding a Windows Deployment Server to System Center Virtual Machine Manager 2012 R2

Administrators can add a Windows Deployment Services (WDS) server into System Center Virtual Machine Manager (VMM) 2012 or later. VMM uses WDS to deploy a Windows with Hyper-V role or a Hyper-V server to a physical host. The WDS which is managed by VMM will deploy a virtual hard hard format to a physical host. In VMM 2012 R2, it supports WDS which is installed in Windows Server 2008 R2, Windows Server 2012 or Windows Server 2012 R2. To add a WDS server into VMM 2012 R2, administrators have to install the WDS role before adding into VMM 2012 R2. In this lab, I will install a Windows Deployment services in a Windows Server 2012 R2 and add it into VMM 2012 R2.

 Goal
  • Installing and configuring a Windows Deployment Services (WDS) in a Windows Server 2012 R2
  • Adding a Windows Deployment Services (WDS) into a VMM 2012 R2
Lab environment
Prerequisites
  • VMMAdmin is a local administrator of WDS01
Lab
Installing Windows Deployment Services
1. On VMM01, log in as VMMAdmin.
2. Launch "Server Manager".
3. On "Dashboard" window, click "Add other servers to manage".

4. On "Add Servers" window, next to "Name (CN)", enter "WDS01".
5. Click "Find Now".

6. Select "WDS01", click ">" to add a computer.

7. Click "OK".
8. On "Server Manager" window, click "All Servers".
9. On "SERVERS" pane, right-click "WDS01", select "Add Roles and Features".

10. On "Before You Begin" window, click "Next".
11. On "Installation Type" window, select "Role-based or feature-based installation" and then click "Next".

12. On "Server Selection" window, click "Next".
13. On "Server Roles" window, check "Windows Deployment Services".
14. On "Add Roles and Features Wizard" window, click "Add Features".


15. Click "Next".
16. On "Features" window, click "Next".
17. On "WDS" window, click "Next".

18. On "Role Services" window, make sure "Deployment Server" and "Transport Server" are checked.

This is the requirement of a WDS server to add into VMM 2012 R2.

 19. Click "Next".
20. On "Confirmation" window, click "Install".

21. On "Results" window, click "Close".

22. Right-click "WDS01", select "Restart Server".

23. Click "OK".

 Configuring WDS
1. On VMM01, log in as VMMAdmin.
2. Launch "Windows Deployment Services" tool.

 If "Windows Deployment Services" tool isn't installed on VMM01, perform "Install-WindowsFeature WDS-AdminPack" on PowerShell to install it.

 3. On "Windows Deployment Services" console, right-click "Servers", select "Add Server".

4. On "Add Servers" window, select "Another computer" and then enter "WDS01".

5. Click "OK".
6. Right-click "wds01.test.tls1.lab", select "Configure Server".

7. On "Before You Begin" window, click "Next".
8. On "Install Options window, select "Integrated with Active Directory" option.

9. Click "Next".
10. On "Remote Installation Folder Location" window, leave default path, click "Next".

11. Click "Next".
12. On "System Volume Warning" window, click "Yes".

In production environment, the remote installation folder should be placed on non System Volume.

 13. On "PXE Server Initial Settings" window, still select "Do not respond to any client computers" option, click "Next".

14. On "Operation Complete" window, un-check "Add images to the server now" option, click "Finish".

Adding WDS into VMM console
1. On VMM01, log in as VMMAdmin.
2. Launch "Virtual Machine Manager Console".
3. Select "Use current Microsoft Windows session identity" option, click "Connect".

4. On "Virtual Machine Manager" console, select "Fabric".
5. Select "Infrastructure > PXE Servers".
6. On "Home" menu, click "Add Resources > PXE Server".

7. On "Add PXE Server" window, next to "Computer name", enter "WDS01".
8. Next to "Use an existing Run As account", click "Browse" to select "VMM Admin".

9. Click "Add".

 As a result, the WDS server, WDS01, has been added into VMM console.

In production environment, administrators have to configure a DHCP option for PXE server in a DHCP host.

This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , , , , ,

Thursday, July 17, 2014

Using DISM to upgrade higher Windows Editioin

Starting from Windows Server 2008 R2, administrators can perform DISM to upgrade Windows Edition without re-installing the Windows. For an example, Windows Server 2008 R2 Standard Edition can be upgraded to Windows Server 2008 R2 Enterprise Edition or Datacenter edition and Windows Server 2012 or R2 Standard can be upgraded to Windows Server 2012 or R2 Datacenter edition.

To do this, administrators can perform the following commands in Command Prompt.

1. "dism /online /Get-CurrentEdition" to check current edition of the Windows


2. "dism /online /Get-TargetEditions" to check which version can be upgraded to


3. "dism /online /Set-Edition: ServerDatacenter /AcceptEula /ProductKey:12345-67890-12345-67890-12345" to upgrade Standard Edition to Datacenter edition.

Remark: On Windows Server 2008 R2 edition, administrators don't need to add "/AcceptEula" parameter when performing dism.

Remark: DISM /online /Set-Edition doesn't support downgrade Windows Edition.

More information



This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , , ,

Monday, July 14, 2014

How to Add an IPAM Server in System Center Virtual Machine Manager (VMM) 2012 R2

In System Center Virtual Machine Manager (VMM) 2012 R2, administrators can add an IPAM server which is deployed in Windows Server 2012 R2 to manage and monitor IP address. I will set up a lab to add an IPAM server to a System Center Virtual Machine Manager (VMM) 2012 R2 environment.

 Goal 
  • Adding an IPAM server to System Center Virtual Machine Manager 2012 R2
Lab environment
  • 1 VMM 2012 R2 named VMM01 which is joined to test.tls1.lab domain
  • 1 IPAM server named IPAM01 which is joined to test.tls1.lab domain
Prerequisites
  • IP address Management (IPAM) Server feature was installed and configured in IPAM01
  • 1 domain user account named "VNIPAMSvc" with "Password never expires" option is created in Active Directory for IPAM service account
Lab
1. On IPAM01, log in as Domain Administrator.
2. Launch "Computer Management".
3. Expand "Computer Management > Local Users and Groups > Groups".
4. Add "VNIPAMSvc" into "Remote Management Users" and "IPAM SAM Administrators".



5. Make sure the IPAM server and the VMM are being kept in time synchrony. Basically, the two servers are in the same forest, Windows Time Services of domain members synchronize the time form domain controllers. If the time isn't in time synchrony, administrators can perform "W32tm /resync" in a command prompt.

Remark: If you cannot control the time synchrony of the IPAM server and the VMM server as described in the Prerequisites in this topic, you must update permissions on the IPAM server so that the provider software (included in VMM in System Center 2012 R2) can query the current time setting on the IPAM server. To do this, on the IPAM server, run "wmimgmt.msc" to open the WMI Control (Local) snap-in. Right-click "WMI Control (Local)", click "Properties", and then click the "Security" tab. Navigate to "Root\CIMV2", click the "Security" button, select the account that you created for the Prerequisites in this topic, and then for "Remote Enable", select the "Allow" box.



Quote from Important configuration notes of How to Add and IPAM Server in VMM in System Center 2012 R2

 6. Go to VMM01, log in as VMM administrator.
7. Launch "Virtual Machine Manager Console".
8. Log in with "Use current Microsoft Windows session identity".

9. On "Virtual Machine Manager" console, select "Fabric".
10. Select "Network Service".
11. On the "Home" menu, click "Add Resources > Network Service".

12. On "Name" window, next to "Name", enter "Windows IPAM".

13. Click "Next".
14. On "Manufacturer and Model" window, next to "Model", select "Microsoft Windows Server IP Address Management".

15. Click "Next".
16. On "Credentials" window, click "Browse".

17. On "Select a Run As Account" window, click "Create Run As Account".

18. On "Create Run As Account" window, enter the "Name", "User name" and "Password" of "VNIPAMSvc".

19. Click "OK".
20. Select "VNIPAMSvc", click "OK".

21. On "Credentials" window, click "Next".

22. On "Connection String" window, next to "Connection string", enter the IPAM server name "IPAM01.test.tls1.lab".

23. Click "Next".
24. On "Provider" window, next to "Configuration provider", click "Test".

If administrators grant sufficient permissions for the service account, "Test open connection", "Test capability discovery" and "Test system info" are "Passed". Results that say "Implemented" and "Not implemented" are informational only, and indicate whether the provider supports a particular API.

 Quote from How to Add an IPAM Server in VMM in System Center 2012 R2

 25. Click "Next".
26. On "Host Group" window, check "All Hosts".

27. Click "Next".
28. On "Summary" window, click "Finish".

29. Administrators can press "Refresh" to send or receive the settings to IPAM server.

As a result, the IP address information of "Virtualized IP address space" displayed in IPAM server.

Administrators can manage "Provider IP Address Space" and "Customer IP Address Space" for VMM in IPAM.

More information
How to Add an IPAM Server in VMM in System Center 2012 R2

This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)