There are a number of features that make mass deployment of Mac OS X pretty easy. Some of these would be great to have in Windows. These range from systemconfiguration to networksetup and the ability to look at packages that have been installed and review their bills of material. Well, the good people at Vexasoft have built a number of Powershell libraries that, while they aren’t named as such, do a number of the features that these commands do, just for Windows clients via Powershell. And the best part is, a number of them are free. Let’s look at what some of these commands do: First, there are the cmdlets…
-
-
Limiting The Number of Windows Users in Lion Server (aka How-to of hidden serveradmin settings)
Lion Server doesn’t have an option in the GUI for throttling the maximum number of users that can connect to the server via SMB. Nor does it have said option in the serveradmin interface. If you run the following, you would have previously seen the required setting: serveradmin settings smb The required setting (if controlled via serveradmin) is MaxClients= followed by the number of clients that you want to be the max: serveradmin settings smb:MaxClients=10 This is pretty easy stuff, but I have a point that goes beyond limiting the number of users. Not all of the settings that can be run through serveradmin are actually in the preferences any…
-
How Exchange's Autodiscover Works With Mail.app
Autodiscover automatically configures profile settings for Exchange clients. These clients include Microsoft Outlook 2007 or Outlook 2010, Outlook for Mac, Mail.app in Mac OS X, iPhone, iPad and ActiveSync enabled phones. Autodiscover is often made out to be complicated. There’s an Autodiscover service that gets installed when a Client Access Server (CAS) role is setup for Exchange 2010 in the form of a default virtual directory named Autodiscover for the default Web site in Internet Information Services (IIS). You then forward an autodiscover service locater record in DNS in the form of _autodiscover._tcp. The virtual directory handles Autodiscover requests. But what about other vendors, and even for Exchange, how do…
-
Backing Up Windows Server 2008 and Active Directory with CrashPlan
I was sitting at the JAMF National User Conference today and I couldn’t help but notice that CrashPlan is a sponsor. It got me to thinking about something someone said last week at the MacTech conference about the fact that CrashPlan was great for clients but that it would need lots of agents for backing up Servers. So at 318, we’ve developed a tool for doing a lot of the service configuration backup in a Mac OS X Server environment, in the form of sabackup and our Open Directory Archiver package. This tends to get most everything we need to backup for the Apple platform. But what about Windows Servers……
- Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Network Infrastructure, Unix, Windows Server
"Don't Go Near There": Sponsored Top Level Domain Names
Any time I think of something you’re not supposed to do with network architecture, I always think of Good Morning Vietnam. When Robin Williams says: “Don’t go near there!” But Betty! “Don’t go near there…get away from the river! Stay away from there!” One of the things you’re not supposed to do on networks is have conflicting DNS information. One example is to use a www record on one DNS server and a different one on another DNS server. This introduces a potential problem when some users end up with one DNS server and others end up with another. IP, DNS and other conflicts are usually a bad thing. Another…
-
Extending 2003 AD Schemas to Support Attributes for TPM and BitLocker
Microsoft has published a number of scripts used to backup TPM (Trusted Platform Module) and BitLocker information for Windows clients. Windows Server 2008 and 2008R2 have support for the attributes required to centrally manage Microsoft’s BitLocker and TPM. Windows Server 2003 has the ability to run these (they require some searchFlags be set to confidential, so pre-2003 Active Directory cannot support these attributes). To extend the schema is pretty easy. To do so, use an administrative account for the forest (the administrator account for the first domain in the forest is a common one to use). Then log into the server running the schema operations FSMO role for the forest…
-
Using DFS in OS X Lion
DFS stands for Distributed File Sharing. DFS is most commonly used to virtualize the way with which storage is presented to users. Once virtualized, mounts are able to replicate to one another or be moved between servers without impacting the end user experience. While many who have never used DFS will wonder why enterprises actually care about it, those of us who have used it extensively will be stoked that this new feature has been incorporated into OS X Lion. Using DFS in OS X is similar to using DFS in Windows, simply connect to a share and the work on the back end to locate where the share is…
-
Setting FTP Banners in IIS
IIS is a pretty straight forward system to manage. One of the more common post-flight tasks for setups of IIS is to configure FTP banners. In Server 2003, this can be done by opening Internet Information Services (IIS) Manager from Start > Administrative Tools. Then, browse to the server name > FTP Sites > Default FTP Site (or the name of the one you would like to configure if you have multiple per server) and then click on the Properties for the site. At the FTP Site Properties pane, click on the Messages tab. Here, you can provide a Banner to be shown to unauthorized users, a Welcome page, to…
-
Building Exchange 2010 Signatures En Masse
There are a lot of environments that standardize mail signatures. In Exchange 2010 you can now automatically assign users a signature based on a user’s Active Directory information, thus allowing en masse standardization of signatures. To do so is pretty straight forward, first open the Exchange Management Console and browse to the Organization Configuration. Then click on Hub Transport and then on Transport Rules. Next, click New to create a new transport rule. Here you can build an organizational signature based on user’s Active Directory attributes. You can provide some text and then any of the attributes that you see fit by wrapping them in the standard double percentage signs…
-
Mail Tips, For Loops and Powershell
Powershell gives Exchange admins a lot of nice little tricks to use. Exchange 2010 has a new feature in tool tips. You can use Powershell, to run a basic for loop, looping through a quick Get-Mailbox. Based on the output of the Get-Mailbox, you can get a list of all valid mailboxes for an organization. You can then execute a command, allowing you to run any mailbox command against every mailbox of an organization. In the following example, we’ll use the Set-MailBox to make a basic mail tip for all users: foreach ($mailbox in (Get-Mailbox)) { Set-MailBox -Identity $mailbox -MailTip “Please send only legitimate emails” }