Scripting user creation in Windows Server is something we’ve long done using LDIF files; however, when building a system that creates users in more of a one-off capacity it’s pretty easy to script the creation process using PowerShell, piping information in from other solutions. To create a user, use the New-ADUser cmdlet. I’ve found that we usually need to populate this with a few pieces of information, including the account name (SamAccountName), the password (AccountPassword), the full name (name) enabling the account (enabled), setting the password not to expire (PasswordNeverExpires) and forcing the user to change their password when they log on (ChangePasswordAtLogon). Respectively, the following example would create user…
-
-
Configure Volume Shadow Copy on Windows Server
Working with Shadow Copy requires elevated privileges. I usually access Shadow Copy through vssuirun. This prompts for elevating privileges. Once open, use the Settings pane to select the volume you’d like to schedule backups to. Then choose how much space shadow copies can use. Click on the Schedule button to configure how frequently backups run. I usually try to time these things for when the server isn’t slammed. Otherwise you might run into issues. By default, Shadow Copy keeps 64 versions of each file. Running snapshots every hour. You can restore easily, by selecting a volume, although volume-based restores are not supported on system derives. Restores can be done using…
-
Change MTU in Windows Server
When we transfer certain amounts of data in a packet we might cause that packet to fragment. The less fragmentations without requiring a collision or a re-send of a packet, the more efficient network traffic can be. The MTU defines the packet size. Different types of data or network links respond differently. To change the MTU on a Windows Server we’re going to use the netsh command. First, we’re going to use ping to ping a host on our network, using -f and then -l which allows us to define the MTU size. In this case we’re going to use 1500: ping https://krypted.com/ -f -l 1500 We should get an…
-
Secure Erase In Windows Server
The Cipher tool can overwrite deleted data in much the same way the Secure Empty Trash or Secure Erase options work in OS X. To do so, use the cipher command along with the /w switch while all programs on the system are quit. Then, from a command prompt use the /w switch followed by : and then the path to the location you’d like to overwrite. For example, if you deleted a folder from the c:/MYAPPDATA folder, you would use the following to remove data not allocated to files or folders: cipher /w c:/MYAPPDATA Note: The cipher command permanently removes data and so takes awhile according to the amount…
-
Setting Up Active Directory In Windows Server 2012
Installing Active Directory services is arguably one of the first things done on many a Windows Server. And for well over a decade you could unbox, update, run dcpromo and be done with much of that. While the wizards are still there, in the case of Windows Server 2012, the process has changed ever-so-slightly. To install a domain controller in Windows Server 2012, start with Server Manager. This new tool is the place where you start many a process in a Windows Server now, and Active Directory is no different. To get started, first open Server Manager. From Server Manager, click on the Manage menu and select Add Roles and…
-
What Exchange NDR Codes Mean
One of the things that hasn’t changed in all these years with Exchange is Non-Delivery Reports. An NDR is an email that is sent when a message you send fails to go out. Exchange has had a consistent set of NDR status codes since version 5, just adding some here or there with changing technology (e.g. routing connectors, smarthosts, etc). Exchange has a lot of NDR codes at this point. I keep a little list running in my collection of files I spotlight to find the answer to recurring questions (which happens to always be 42). When an email bounces in Exchange, these codes explain why without having to be…
-
Create An SMTP Tar Pit In Windows Server/Exchange
Windows Server has a role that it can run in SMTP. Exchange and other services use this role to relay mail. There is a type of attack against a mail server that revolves around effectively performing a Denial of Service (DoS) against Exchange by sending massive quantities of mail to the server and forcing it to send Non Delivery Reports (NDRs) from the mail you’ve sent the server. This is known as an NDR Flood Attack. You can also leverage what’s known as a Directory Harvest Attack to get a server to respond to each possible combination of characters for addresses on domains running on an Exchange server. A Directory…
-
Use Windows Backup To Back Up Windows Server 2012
WIndows Server’s ntbackup tools have become easier and easier to use over time. But there’s no more ntbackup. Well, there’s wbadmin, which is very similar. You can still restore data by downloading ntbackups restore tool at http://support.microsoft.com/?kbid=974674. Windows Backup is now capable of backing up a system with the same ease of use that Apple brought to automated backups with Time Machine and Time Machine Server. In fact, providing access to only a few more options Microsoft’s tools provide access to some pretty nice options, easily configured. To get started, you’ll first need to install the Windows Backup Role. To do so, use the Add Roles and Features Wizard in…
-
Managing DNS In Windows Server 2012
Previously, I covered installing the DNS role in Windows Server 2012. Once installed, managing the role is very similar to how management was done in Windows Server 2003 through 2008 R2. With the exception of how you access the tools. DNS is one of the most important services in Windows Servers, as with most other platforms. So it’s important to configure DNS. To get into the DNS Manager in 2012 Server, first open Server Manager (you might get sick of using this tool in Server 2012, similar to how my Mac Server brethren have gotten tired of it in Lion and Mountain Lion Servers. Then from Server Manager click on…
-
Install Exchange From the Command Line
Exchange is becoming more and more command line oriented. This includes the powershell options for managing Exchange once installed, but can also include the initial installation. To install Exchange from the command line, one must first install Exchange prerequisites, which are broken down per role that is being installed on Exchange. This can be done using the Add-WindowsFeature commandlet. To install the Windows requirements for Exchange for the Client Access, Hub Transport and Mailbox roles, use the following command: Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy,Web-WMI -Restart For the Edge Transport role, use: Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Desktop-Experience -Restart For the Unified Messaging role, use: Add-WindowsFeature NET-Framework,RSAT-ADDS,ADLDS -Restart After the server restarts, also configure NetTcpPortSharing: Set-Service NetTcpPortSharing -StartupType…