Linux, CCNA and MCSE Questions: 2007

Wednesday, September 5, 2007

HOW TO INSTALL LINUX

INSERT THE 1ST CD
> BOOT THE SYSTEM
> ENTER
> NEXT
> SELECT THE MANUALLY PARTITION
> 3NEXT(FILL THE SYSTEM EXT. (EXTENDED) )
> 3 PARTITION
> SELECT FREE SPACE
> NEW
> MOUNT POINT / (MAIN ROOT)
> EXT 3
> SIZE (MB) - MINIMUM 2GB
> OK
> CONTINUE
> MOUNT POINT / BOOT
> SIZE 100MB
> CONTINUE
> FILE SYSTEM TYPE -SWAP
> SIZE (MB) 600 JUST DUBBLE OF RAM SIZE
> NEXT
> SELECT DHCP
> NEXT
> SELECT NO FIREWALL
> NEXT
> ENGLISH (INDIA)
> TIMING ASIA/ CALCUTTA)
> PASSWARD (1234569)
> SELECT THIS CUSTOMIGED
> NEXT
> SELECT THIS ACCEPTT
> NEXT
> INSERT 2CD AFTER THAT NEXT.

Tuesday, September 4, 2007

Windows server 2003 and 2000 domain

P01 - Can we add a Server within Windows Server 2003 in a 2000 Domain ?
Yes, DC under Windows Server 2000 and Windows Server 2003 can cohexist.
Before doing this you have to prepare the AD schema ,with adprep /forestprep

P02 - How to name an AD domain ?

The rules are mainly given from DNS : acceptable naming conventions for domain names include the use of alphanumeric characters (the letters A through Z and numerals 0 through 9) and the hyphen (-). A period (.) in a domain name is always used to separate the discrete parts of a domain name commonly known as labels. Each domain label can be no longer than 63 bytes. The first label may not be a number.
Extra restrictions must be considered :
_ If you want that the NetBIOS domain name corresponding to your domain reman simple, use less than 15 characters._ don't use the same domain that you use on the internet, but in order to avoid that it happens after, book the domain you use internaly on the internet_ don't use the prefixe .local

Q01 - How to create a forest with a domain ?

1. Click Start, Run, and type dcpromo.
2. On the Welcome page, click Next.
3. On the Operating System Compatibility page, click Next.
4. On the Domain Controller Type page, click Domain controller
for a new domain and click Next.
5. On the Create New Domain page, click Domain in a new forest
and click Next.
6. Type the full DNS name for the new domain and click Next.
7. Verify the NetBIOS name and click Next.
8. Specify a location and click Next.
9. Choose a location and click Next.
10. Verify an existing DNS server or click Install and configure…,
and then click Next.
11. Specify whether or not to assign default permissions.
12. When prompted, specify a password.
13. Review the Summary page, and click Next.
14. When prompted, restart the computer.

Q02 - How to add a DC (Domain Controler) to an existing domain ?

1. Run dcpromo.
2. On the Domain Controller Type page, select the Additional
domain controller for an existing domain checkbox.
3. On the Network Credentials page, type the user name,
password, and user domain.
4. On the Database and Log Folders page, type the location in
which you want to install the database and log folders, or click
Browse.
5. On the Shared System Volume page, type the location in which
you want to install the SYSVOL folder, or click Browse.
6. On the Directory Services Restore Mode Administrator
Password page, type and confirm the Directory Services
Restore Mode password and click Next.
7. Review the Summary page, and then click Next.
8. When prompted, restart the computer.

Q03 - How to rename a Domain Controler ?

1. In the Control Panel, double-click System.
2. In the System Properties dialog box click Change.
3. When prompted, confirm that you want to rename the domain
controller.
4. Enter the full computer name and click OK.

Q04 - How to delete (remove from domain) a Domain Controler ?
Delete a DC :
To remove a domain controller that is online and is no longer required:
1. Open the Active Directory Installation Wizard (Run dcpromo).
2. On the Remove Active Directory page select the This server is the last domain
controller in the domain check box, and then click Next.
3. On the Administrator Password page type your new administrator password,
and then click Next.
4. On the Summary page, review the summary, and then click Next.

To remove a domain controller that is damaged and cannot be started from Active Directory:
In this case, you have to use ntdsutil .

Q05 - How to check the correct initialisation of Active Directory ?

After you have performed an upgrade, you can verify the promotion of a server to a domain controller by verifying the following items.
· Default ContainersThese are created automatically when the first domain is created. Open the Active Directory Users and Computers Microsoft Management Console (MMC), and then verify that the following containers appear here: Computers, Users, ForeignSecurityPrincipals

· Default Domain Controllers Organizational UnitOpen Active Directory Users and Computers, and then verify that this organizational unit appears here.
· Default-First-Site-NameYou can verify this item by using Active Directory Sites and Services.
· Active Directory DatabaseYour Ntds.dit file is the Active Directory database. Verify that it resides in the %Systemroot%\Ntds folder.
· Global Catalog Server
By default, the first domain controller becomes a global catalog server. To verify this item:
Click Start, click Administrative Tools, and then click Active Directory Sites and Services.
Double-click Sites, expand Servers, and then select your domain controller.
Double-click the domain controller to expand the server contents.
Below the server, an NTDS Settings object is displayed. Right-click the object, and then click Properties.
On the General tab, make sure that the Global Catalog check box is selected (this is the default setting).

· Root Domain
To verify this role, use the net accounts command. The computer role should be "primary" or "backup," depending on whether the computer is the first domain controller in the domain.
· Shared System Volume
A Windows Server 2003 domain controller should have a shared system volume located in the %Systemroot%\Sysvol\Sysvol folder.
· SRV Resource RecordsYou must have a DNS server installed and configured for Active Directory and the associated client software to function correctly. Use the DNS Manager MMC snap-in to verify that the correct zones and resource records are created for each DNS zone. Active Directory creates its SRV RRs in the following folders:
_Msdcs/Dc/_Sites/Default-first-site-name/_Tcp
_Msdcs/Dc/_Tcp
In these locations, an SRV RR is displayed for the following services:
_kerberos
_ldap

Q06 - How to create a child domain ?

You can't use a DC which manage the root domain as DC for a child domain, setup a new server and then follow the instructions :
1. Run dcpromo.
2. On the Domain Controller Type page, Click Child domain in an existing domain tree.
3. Type the user name, password, and user domain of the user account you want to use.
4. Verify the parent domain, and then type the new child domain name.

Q07 - How to create a new tree ?

1. Run dcpromo.
2. On the Domain Controller Type page, click Domain tree in an existing forest.
3. Type the user name, password, and user domain of the user account you want to use.
4. Type the full DNS name for the new domain.

Q10 - How to Determine the RID, PDC, and Infrastructure FSMO Holders of a Selected Domain ?
Click Start, click Run, type dsa.msc, and then click OK.
Right-click the selected Domain Object in the top left pane, and then click Operations Masters.
Click the PDC tab to view the server holding the PDC master role.
Click the Infrastructure tab to view the server holding the Infrastructure master role.
Click the RID Pool tab to view the server holding the RID master role.

Q11 - How to Determine the Schema FSMO Holder in a Forest ?

Click Start, click Run, type mmc, and then click OK.
On the Console menu, click Add/Remove Snap-in, click Add, double-click Active Directory Schema, click Close, and then click OK.
Right-click Active Directory Schema in the top left pane, and then click Operations Masters to view the server holding the schema master role.

Q12 - How to create a trust relationship beetween two forest ?

1. Open Active Directory Domains and Trusts.
2. Click Properties for forest root domain shortcut trust domain, external trust domain, or realm trust domain.
3. Click New Trust, then Next, on the Trust tab.
4. Click Next on the Welcome page.
5. Type DNS name on the appropriate Trust Name page and click Next.
6. Select the desired trust type on the Trust Type Page and click Next.
7. Select the desired trust direction on the Direction of Trust page,then follow wizard instructions.

Q13 - How to check trust relationships ?
Using Active Directory Domains and Trusts:
1. Right-click the desired domain and click Properties.
2. Click the desired trust, then click Properties.
3. Click Validate, click No, do not….
4. Repeat steps 1 through 3 for the other domain in the relationship.

Using netdom:
NETDOM TRUST trusting_domain_name /Domain:trusted_domain_name /Verify

Q14 - How to delete trust relationships ?

Using Active Directory Domains and Trusts:
1. Right-click the desired domain and click Properties.
2. Click the desires trust, then click Remove.
3. Repeat steps 1 and 2 for the other domain in the relationship.

Q15 - How to Create and Configure Sites and Subnets ?

To use sites to manage replication between sites, you create additional sites and subnets and delegate control of sites. Creating a site involves providing a name for the new site and associating the site with a site link. To create sites, you must log on as a member of the Enterprise Admins group or the Domain Admins group in the forest root domain.

To create a site, perform the following steps:
1. Open Active Directory Sites and Services from the Administrative Tools menu.
2. In the console tree, right-click Sites, and then click New Site.
3. In the Name box, type the name of the new site.
4. Click a site link object, and then click OK twice.
To create a subnet object, perform the following steps:
1. In Active Directory Sites and Services, in the console tree, double-click Sites, right-click Subnets, and then click New Subnet.
2. In the Address box, type the subnet IP address.
3. In the Mask box, type the subnet mask that describes the range of addresses for the subnet.
4. Select a site to associate the subnet with, and then click OK.
To associate a site with a subnet object, perform the following steps:
1. In Active Directory Sites and Services, expand Sites, expand Subnets, and then in the console tree, right-click the subnet that you want to associate the site with, and then click Properties.
2. On the General page, in the Site box, click the site that you want to associate with this subnet, and then click OK.

Q16 - How to move a DC to a different site ?

To move a domain controller to a different site, perform the following steps:
1. In Active Directory Sites and Services, expand Sites, expand the site that the domain controller is in, expand Servers, and then in the console tree, right-click the domain controller, and then click Move.
2. In the Move Server dialog box, in the Site Name list, select the site that you want to move the domain controller to, and then click OK.

Q17 - How to Create and Configure Site Links ?

You create site links in Active Directory to map connections between two or more sites. When you configure site links, you can define the site link properties, which include the cost, replication interval, schedule, and sites that the link is associated with.
To create a site link, perform the following steps:
1. In Active Directory Sites and Services, expand Sites, expand Inter-Site Transports, right-click IP or SMTP, depending on which protocol the site link you will use, and then click New Site Link.
2. In the Name box, type a name for the link.
3. Click two or more sites to connect, click Add, and then click OK.
To configure site links, perform the following steps:
1. Open Active Directory Sites and Services, expand Sites, expand Inter-Site Transports, and then click IP or SMTP, depending on which protocol the site link is configured to use.
2. Right-click the site link, and then click Properties.
3. On the General page of the Properties dialog box, change the values for site associations, cost, replication interval, and schedule as required, and then click OK.
4. Perform one of the following as appropriate:
· In the Sites not in this site link box, click the site you want to add, and then click Add.
· In the Sites in this site link box, click the site you want removed and then click Remove.
· In the Cost box, enter a value for the cost of replication.
5. Click Change Schedule, select the block of time you want to schedule, and then click either Replication Not Available or Replication Available, and then click OK.

If you want to Create a Site Link Bridge
Before you can create new site link bridges, you must first disable default bridging of all site links to permit the creation of new site link bridges.
To disable default bridging of all site links, perform the following steps:
1. Open Active Directory Sites and Services, expand Sites, expand Inter-Site Transports, right-click either IP or SMTP, depending on the protocol for which you want to disable bridging of all site links, and then click Properties.
2. In the Properties dialog box, clear the Bridge all site links check box, and then click OK.
To create a site link bridge, perform the following steps:
1. Open Active Directory Sites and Services, expand Sites, expand Inter-Site Transports, right-click either IP or SMTP, depending on the protocol that you want to create a site link bridge for, and then click New Site Link Bridge.
2. In the Name box, type a name for the site link bridge.
3. Click two or more site links to be bridged, click Add, and then click OK.

Q18 - How to Manage a Site Topology ?

How to Manage a Site Topology ?
To create a preferred bridgehead server, perform the following steps:
1. Open Active Directory Sites and Services, expand Sites, expand the site that contains the server that you want to configure, expand Servers, and then in the console tree, right-click the domain controller that you want to make a preferred bridgehead server, and then click Properties.
2. Choose the intersite transport or transports to designate the computer a preferred bridgehead server, click Add, and then click OK.
To determine the domain controller that holds the role of the intersite topology generator in the site, perform the following steps:
1. In Active Directory Sites and Services, expand Sites, and then select the site.
2. In the details pane, right-click NTDS Site Settings, and then click Properties.
To force the KCC to run, perform the following steps:
1. In Active Directory Sites and Services, in the console tree, expand Sites, expand the site that contains the server on which you want to run the KCC, expand Servers, and then select the server object for the domain controller that you want to run the KCC on.
2. In the details pane, right-click NTDS Settings, click All Tasks, and then click Check Replication Topology.
You use the Active Directory Sites and Services to force replication over a connection. You may be required to force replication if the event log displays replication inconsistencies or if you receive a message on the domain controller console alerting you to replication problems. To force replication over a connection, perform the following steps:
1. In Active Directory Sites and Services, expand the domain controller for the site that contains the connection that you use to replicate directory information.
2. In the console tree, click NTDS Settings.
3. In the details pane, right-click the connection that you use to replicate directory information, and then click Replicate Now.

Q19 - How to Transfer the Schema Master Role ?

Use the Active Directory Schema Master snap-in to transfer the schema master role.
Click Start, click Run, type mmc in the Open box, and then click OK.
On the File, menu click Add/Remove Snap-in.
Click Add.
Click Active Directory Schema, click Add, click Close, and then click OK.
In the console tree, right-click Active Directory Schema, and then click Change Domain Controller.
Click Specify Name, type the name of the domain controller that will be the new role holder, and then click OK.
In the console tree, right-click Active Directory Schema, and then click Operations Master.
Click Change.
Click OK to confirm that you want to transfer the role, and then click Close.

Q20 - How to transfer the Domain Naming Master Role ?

Click Start, point to Administrative Tools, and then click Active Directory Domains and Trusts.
Right-click Active Directory Domains and Trusts, and then click Connect to Domain Controller. NOTE: You must perform this step if you are not on the domain controller to which you want to transfer the role. You do not have to perform this step if you are already connected to the domain controller whose role you want to transfer.
Do one of the following:
In the Enter the name of another domain controller box, type the name of the domain controller that will be the new role holder, and then click OK. -or-
In the Or, select an available domain controller list, click the domain controller that will be the new role holder, and then click OK.
In the console tree, right-click Active Directory Domains and Trusts, and then click Operations Master.
Click Change.
Click OK to confirm that you want to transfer the role, and then click Close.

Q21 - How to Transfer the RID Master, PDC Emulator, and Infrastructure Master Roles ?

Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
Right-click Active Directory Users and Computers, and then click Connect to Domain Controller. NOTE: You must perform this step if you are not on the domain controller to which you want to transfer the role. You do not have to perform this step if you are already connected to the domain controller whose role you want to transfer.
Do one of the following:
In the Enter the name of another domain controller box, type the name of the domain controller that will be the new role holder, and then click OK. -or-
In the Or, select an available domain controller list, click the domain controller that will be the new role holder, and then click OK.
In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master.
Click the appropriate tab for the role that you want to transfer (RID, PDC, or Infrastructure), and then click Change.
Click OK to confirm that you want to transfer the role, and then click Close.

Q22 - How to backup AD ? AD is backed Up when you save the System State on a DC with the Backup accessory.
Click Start, point to Programs, point to Accessories, point to System Tools, and then click Backup.
Click the Backup tab.
Click to select the System State check box. (All of the components to be backed up are listed in the right pane. You cannot individually select each item.) NOTE: During the system state backup, you must select to back up the Winnt\Sysvol folder. You must also select this option during the restore operation to have a working sysvol after the recovery.
The following information applies only to domain controllers. You can restore member servers the same way, but in normal mode.If any of the following conditions are not met, the system state is not restored. Backup attempts to restore the system state, but does not succeed.
The drive letter on which the %SystemRoot% folder is located must be the same as when it was backed up.
The %SystemRoot% folder must be the same folder as when it was backed up.
If sysvol or other Active Directory databases were located on another volume, they must exist and have the same drive letters also. The size of the volume does not matter.

Q23 - How to restore AD ?

There is different methods, depending with the state of your AD :Normal : if you have lost only one DC, you have to restore DC and then datasAuthoritative : with many DCs, you can restaure whatever you want and select it.

How to Perform a Normal Restore
To perform a primary restore, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate permissions. If the computer is in a domain, members of the Domain Admins group can perform this procedure.
To perform a primary restore of Active Directory, perform the following steps:
1. Restart your domain controller in Directory Services Restore Mode.
2. Start the Backup utility.
3. On the Welcome to the Backup or Restore Wizard page, click Advanced Mode.
4. On the Welcome to Backup Utility Advanced Mode page, on the Restore and Manage Media tab, select what you want to restore, and then click Start Restore.
5. In the Warning dialog box, click OK.
6. In the Confirm Restore dialog box, click Advanced.
7. In the Advanced Restore Options dialog box, click When restoring replicated data sets, mark the restored data as the primary data for all replicas, and then click OK twice. Important Selecting this option ensures that the File Replication Service (FRS) data is replicated to the other servers. Select this option only when you want to restore the first replica set to the network.
8. In the Restore Progress dialog box, click Close.
9. In the Backup Utility dialog box, click Yes.

Warning
When you restore the system state data, the Backup utility erases the system state data that is on your computer and replaces it with the system state data that you are restoring, including system state data that is not related to Active Directory. Depending on how old the system state data is, you may lose configuration changes that you recently made to the computer. To minimize this risk, back up the system state data regularly.

How to Perform an Authoritative Restore
Unlike a normal restore, an authoritative restore requires the use of a separate command-line tool, Ntdsutil. No backup utilities, including the Windows Server 2003 system utilities, can perform an authoritative restore.
To perform an authoritative restore, perform the following steps:
1. Restart your domain controller in Directory Services Restore Mode.
2. Restore Active Directory to its original location.
3. If you must perform an authoritative restore on the SYSVOL folder, restore Active Directory to an alternate location by using the Backup utility, but do not restart the computer when prompted after the restore. If you are not performing an authoritative restore on SYSVOL, skip to step 4.
4. At the command prompt, run Ntdsutil.exe.
5. At the ntdsutil prompt, type authoritative restore.
6. At the authoritative restore prompt, type .restore subtree distinguished_name_of_object (where distinguished_name_of_object is the distinguished name, or path, to the object). For example, to restore an organizational unit called Sales, which existed directly below the domain called contoso.msft, type .restore subtree OU=Sales,DC=contoso,DC=msft.
7. Type quit and then press ENTER.
8. Type quit again, and then press ENTER to exit ntdsutil.
9. Restart the domain controller.
10. After FRS publishes the SYSVOL folder, copy the SYSVOL folder and only those Group Policy folders that correspond to the restored Group Policy objects from the alternate location to the existing locations.
To verify that the copy operation was successful, examine the contents of the SYSVOL\Domain folder, where Domain is the name of the domain.

Q30 - How to Delegate Administrative Control for Managing Group Policy Links ?

You can delegate the ability to manage Group Policy links by selecting Manage Group Policy links in the Delegation of Control Wizard to enable a user to link and unlink GPOs.
To delegate administrative control for managing Group Policy links, perform the following steps:
1. Open Group Policy Management.
2. Browse to the forest and domain in which you want to delegate administrative control for managing Group Policy links, and then click the link.
3. In the details pane, on the Delegation tab, click Add.
4. In the Select User, Computer, or Group dialog box, in the Enter the object name to select (examples) box, type the security principal, click Check Names, and then click OK.
5. In the Add Group or User dialog box, in the Permissions box, select the appropriate permission, and then click OK.
If you prefer the flexibility of the Properties dialog box, it is still available in Group Policy Management by clicking Advanced on the Delegation tab.

Q31 - How to Delegate Administrative Control for Creating and Editing GPOs

You use the Delegation of Control Wizard to delegate administrative control to create and edit GPOs.

To delegate administrative control for creating GPOs, perform the following steps:
1. Open Group Policy Management.
2. Browse to the forest and domain in which you want to delegate administrative control for creating GPOs, and then click Group Policy Objects.
3. In the details pane, on the Delegation tab, click Add.
4. In the Select User, Computer, or Group dialog box, in the Enter the object name to select (examples) box, type the security principal, click Check Names, and then click OK.

To delegate administrative control for editing GPOs, perform the following steps:
1. Open Group Policy Management.
2. Browse to the forest and domain in which you want to delegate administrative control for editing GPOs, and then click the link.
3. In the details pane, on the Delegation tab, click Add.
4. In the Select User, Computer, or Group dialog box, in the Enter the object name to select (examples) box, type the security principal, click Check Names, and then click OK.
5. In the Add Group or User dialog box, in the Permissions box, select the appropriate permission, and then click OK.

Q50 - I can't add another DC to the AD Domain. What can I check ?

Steps for fixing the problem when DCPROMO does not find the domain.
1. Verify that the existing domain controller is pointing to a Windows 2000 DNS server. Do not point it to any external ISP DNS servers.
2. Open the DNS MMC, double click forwarders so that you can see the zone for your domain.
3. Right click on this zone and select properties. Verify that your zone is set to allow dynamic updates, if not change it so that it does.
4. Double click your zone to expand it. You should have 4 subfolders (_MSDCS, _SITES, _TCP, _UDP) and a few records.
5. If the zones do not exist you should open a command prompt.
6. Type IPconfig /registerdns and enter
7. Type net stop netlogon
8. Type net start netlogon (restarting netlogon will force the service to register its SRV records with the DNS zone thus create the missing subfolders. The records that will be registered are in winnt\system32\config\netlogon.dns).
9. After restarting netlogon go back into your DNS zone and verify that you have the subfolders that were mentioned in 4. above.
10. If the folders are not there you may want to try running netdiag.exe /fix from the support tools. Or try restarting netlogon again.
11. On the DC that you are trying to promote verify that it is pointing to the Windows 2000 DNS server that we have been working on for DNS.

Monday, September 3, 2007

Windows interview questions

What is a default gateway?
Ans: - The exit-point from one network and entry-way into another network, often the router of the network.
How do you set a default route on an IOS Cisco router?
Ans: - IP route 0.0.0.0 0.0.0.0 x.x.x.x [where x.x.x.x represents the destination address]
What is the difference between a domain local group and a global group?
Ans: - Domain local groups grant permissions to objects within the domain in which the reside. Global groups contain grant permissions tree or forest wide for any objects within the Active Directory.
What is LDAP used for?
Ans: - LDAP is a set of protocol used for providing access to information directories.
What tool have you used to create and analyze packet captures?
Ans: - Network Monitor in Win2K / Win2K3, Ethereal in Linux, OptiView Series II (by Fluke Networks).
What is the significance of the IP address 255.255.255.255?
Ans: - The limited broadcast address is utilized when an IP node must perform a one-to-everyone delivery on the local network but the network ID is unknown.

What are the required components of Windows Server 2003 for installing Exchange 2003?
Ans: - ASP.NET, SMTP, NNTP, W3SVC
What must be done to an AD forest before Exchange can be deployed?
Ans: - Setup /forestprep
What Exchange process is responsible for communication with AD?
Ans: - DSACCESS
What 3 types of domain controller does Exchange access?
Ans: - Normal Domain Controller, Global Catalog, Configuration Domain Controller
What connector type would you use to connect to the Internet, and what are the two methods of sending mail over that connector?
Ans: - SMTP Connector: Forward to smart host or use DNS to route to each address
How would you optimise Exchange 2003 memory usage on a Windows Server 2003 server with more than 1Gb of memory?
Ans: - Add /3Gb switch to boot.ini
What would a rise in remote queue length generally indicate?
Ans: - This means mail is not being sent to other servers. This can be explained by outages or performance issues with the network or remote servers.
What would a rise in the Local Delivery queue generally mean?
Ans: - This indicates a performance issue or outage on the local server. Reasons could be slowness in consulting AD, slowness in handing messages off to local delivery or SMTP delivery. It could also be databases being dismounted or a lack of disk space.
What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog?
Ans: - SMTP – 25, POP3 – 110, IMAP4 – 143, RPC – 135, LDAP – 389, Global Catalog - 3268
Name the process names for the following: System Attendant?
Ans: - MAD.EXE, Information Store – STORE.EXE, SMTP/POP/IMAP/OWA – INETINFO.EXE
What is the maximum amount of databases that can be hosted on Exchange 2003 Enterprise?
Ans: - 20 databases. 4 SGs x 5 DBs.
What are the disadvantages of circular logging?
Ans: - In the event of a corrupt database, data can only be restored to the last backup.

Friday, August 24, 2007

Hacking Your Password

Hacking Your Password - Password Checking Option and Clearing Chips Password Checking Option
You can use a password during the computer's startup sequence. The options are:

Always, which means every time the system is started.

Setup, which only protects the BIOS routine from being tampered with, or
Disabled.

You can still boot from a floppy and alter things with a diagnostic program, though.The original are: AMI BIOS did not encrypt the password, so any utility capable of reading the CMOS should be able to edit it. The AMI WinBIOS uses a simple substitution system.

You get three attempts to get in, after which the system will have to be rebooted. The default is usually the manufacturer's initials (try ami), or biostar, biosstar, AWARD?SW, AWARD?PW, LKWPETER, 589589, aLLy, condo, djonet, lkwpeter, j262 SWITCHES?SW, AWARD_SW, or Shift + S Y X Z for Award (before 19 Dec 96), but if this doesn't work, or you forget your own password, you must discharge the CMOS. One way to do this is simply to wait for five years until the battery discharges (ten if you've got a Dallas clock chip)! You could also remove the CMOS chip or the battery and just hang on for twenty minutes or so. Look for the chips mentioned below, under Clearing Chips.

You could try flooding the keyboard buffer to crash the password routine -just wait for the password prompt, then keep pressing esc.

Note: Since 19 Dec 96, Award Software has not used a default password, leaving it for OEMs. Discharging the battery will not clear the OEM password.

Note: When CMOS RAM loses power, a bit is set which indicates this to the BIOS during the POST test. As a result, you will normally get slightly more aggressive default values.

If your battery is soldered in, you could discharge it enough so the CMOS loses power, but make sure it is rechargeable so you can get it up to speed again. To discharge it, connect a small resistor (say 39 ohms, or a 6v lantern lamp) across the battery and leave it for about half an hour.

Some motherboards use a jumper for discharging the CMOS; it may be marked CMOS DRAIN. Sometimes, you can connect P15 of the keyboard controller (pin 32, usually) to GND and switch the machine on. This makes the POST run, which deletes the password after one diagnostic test. Then reboot.

Very much a last resort is to get a multi-meter and set it to a low resistance check (i.e. 4 ohms), place one probe on pin 1 of the chip concerned, and draw the other over the other pins. This will shock out the chip and scramble its brains. This is not for the faint hearted, and only for the desperate-use a paperclip or desolder the battery first! We assume no responsibility for damage!

The minimum standby voltage for the 146818 is 2.7v, but your settings can remain even down to around 2.2v. Usually, the clock will stop first, as the oscillator needs a higher voltage to operate. 3v across a CMOS is common with 3.6v nicad & lithium batteries, as the silicon diodes often used in the battery changeover circuit have a voltage drop of 0.6v (3.6v-.6v = 3v). If your CMOS settings get lost when you switch off and the battery is OK, the problem may be in the changeover circuit - the 146818 can be sensitive to small spikes caused by it at power down.

Clearing ChipsThe CMOS can mostly be cleared by shorting together appropriate pins with something like a bent paperclip (with the power off!). You could try a debug script if you are able to boot:
A:\DEBUG- o 70 2E- o 71 FF- q

The CMOS RAM is often incorporated into larger chips:
P82C206 (Square)
Also has 2 DMA controllers, 2 Interrupt controllers, a Timer, and RTC (Real-Time Clock). It's usually marked CHIPS, because it's made by Chips and Technologies. Clear by shorting together pins 12 and 32 on the bottom edge or pins 74 and 75 on the upper left corner.

F82C206 (Rectangular)
Usually marked OPTi (the manufacturer). Has 2 DMA Controllers, 2 Interrupt Controllers, Timer, and Real Time Clock. Clear by shorting pins 3 and 26 on the bottom edge (third pin in from left and 5th pin from right).

Dallas DS1287,DS1287A
Benchmarq bp3287MT, bq3287AMT.
The DS1287 andDS1287A (and compatible Benchmarq bp3287MT and bq3287AMT chips) have a built-in battery, which should last up to 10 years. Clear the 1287A and 3287AMT chips by shorting pins 12 and 21-you cannot clear the 1287 (and 3287MT), so replace them (with a 1287A!). Although these are 24-pin chips, the Dallas chips may be missing 5, which are unused anyway.

Motorola MC146818AP or compatible.
Rectangular 24-pin DIP chip, found on older machines. Compatibles are made by several manufacturers including Hitachi (HD146818AP) and Samsung (KS82C6818A), but the number on the chip should have 6818 in it somewhere. Although pin-compatible with the 1287/1287A, there is no built-in battery, which means it can be cleared by just removing it from the socket, but you can also short pins 12 and 24.

Dallas DS12885S or
Benchmarq bq3258S
Clear by shorting pins 12 and 20, on diagonally opposite corners; lower right and upper left (try also pins 12 and 24).

For reference, the bytes in the CMOS of an AT with ISA bus are arranged thus:

00 Real Time Clock
10-2F ISA Configuration Data
30-3F BIOS-specific information
40-7F Ext CMOS RAM/Advanced Chipset info

The AMI password is in 37h-3Fh, where the (encrypted) password is at 38h-3Fh. If byte 0Dh is set to 0, the BIOS will think the battery is dead and treat what's in the CMOS as invalid.

One other point, if you have a foreign keyboard (that is, outside the United States) - the computer expects to see a USA keyboard until your keyboard driver is loaded, so DON'T use anything in your password that is not in the USA keyboard!

OSI MODEL 7- layers

The OSI (Open System Interconnection) model is developed by ISO in 1984 to provide a reference model for the complex aspects related to network communication. It divides the different functions and services provided by network technology in 7 layers. This facilitates modular engineering, simplifies teaching and learning network technologies, helps to isolate problems, and allows vendors to focus on just the layer(s) in which their hardware or software is implemented and enables them to create products that are compatible, standardized, and interoperable.

APPLICATION (LAYER 7) The Application layer provides network services directly to the user's application such as a web browser or email client. This layer is said to be "closest to the user". Protocols that operate on this layer include TELNET, HTTP, FTP, TFTP, SMTP, and NTP.

PRESENTATION (LAYER 6) The Presentation layer 'represents' the data in a particular format to the Application layer. It defines encryption, compression, conversion and other coding functions. Examples of specifications defined at this layer are GIF, JPEG, MPEG, MIME, and ASCII.

SESSION (LAYER 5) The Session layer establishes, maintains, and terminates end-to-end connections (sessions) between two applications on two network nodes. It controls the dialogue between the source and destination node, which node can send when and for how long. It also provides error reporting for the Application, Presentation and Session layer. Examples of protocols/API's that operate on this layer are RPC and NETBIOS.

TRANSPORT (LAYER 4) The Transport layer converts the data received from the upper layers into segments and prepares them for transport. The Transport layer is responsible for end-to-end (source-to-destination) delivery of entire messages. It allows data to be transferred reliably and uses sequencing to guarantee that it will be delivered in the same order that it was sent. It also provides services such as error checking and flow control (in software). Examples of protocols that operate on this layer are TCP, UDP, NETBEUI, and SPX.The above Transport layer protocols are either connectionless or connection-oriented: Connection-oriented means that a connection (a virtual link) must be established before any actual data can be exchanged. This guarantees that data will arrive, and in the same order as it was sent. It guarantees delivery by sending acknowledgements back to the source when messages are received. TCP is an example of a connection-oriented transport protocol.A common example of connection-oriented communication is a telephone call. You call, the 'destination' picks up the phone and acknowledges, and you start talking (sending data). When a message or a piece of it doesn't arrive, you say: "What!?" and the sender will repeat what he said (retransmit the data).Connectionless is the opposite of connection-oriented; the sender does not establish a connection before it sends data, it just sends it without guaranteeing delivery. UDP is an example of a connectionless transport protocol.

NETWORK (LAYER 3) The Network layer converts the segments from the Transport layer into packets (or datagrams) and is responsible for path determination, routing , and the delivery of packets across internetworks. The network layer treats these packets independently, without recognizing any relationship between those individual packets. It relies on higher layers for reliable delivery and sequencing.The Network layer is also responsible for logical addressing (also known as network addressing or Layer 3 addressing) for example IP addressing. Examples of protocols defined at this layer are IP, IPX, ICMP, RIP, OSPF, and BGP. Examples of devices that operate on this layer are layer-3 switches and routers. The latter includes WAPs with built-in routing capabilities (wireless access routers).

DATA LINK (LAYER 2) The Data Links provides transparent network services to the Network layer so the Network layer can be ignorant about the underlying physical network topology. It is responsible for reassembling bits, taken of the wire by the Physical layer, to frames, and makes sure they are in the correct order and requests retransmission of frames in case an error occurs. It provides error checking by adding a CRC to the frame, and flow control. Examples of devices that operate on this layer are switches, bridges, WAPs, and NICs.

IEEE 802 Data Link sub layersAround the same time the OSI model was developed, the IEEE developed the 802-standards such as 802.5 Token Ring and 802.11 for wireless networks. Both organizations exchanged information during the development, which resulted in two compatible standards. The IEEE 802 standards define physical network components such as cabling and network interfaces, and correspond to the Data Link and/or Physical layer of the OSI model. The IEEE refined the standards and divided the Data Link layer into two sublayers: the LLC and the MAC sublayer.

- LLC sublayerLLC is short for Logical Link Control. The LLC layer is the upper sublayer of the Data Link layer and is defined in the IEEE 802.2 standard. LLC masks the underlying physical network technologies by hiding their differences to provide a single interface to the Network layer. The LLC sublayer uses Source Service Access Points (SSAPs) and Destination Service Access Points (DSAPs) to help the lower layers communicate with the Network layer protocols, acting as an intermediate between the different network protocols (IPX, TCP/IP, etc.) and the different network technologies (Ethernet, Token Ring, etc.). Additionally, this layer is responsible for sequencing and acknowledgements of individual frames.

- MAC sublayerThe Media Access Control layer takes care of physical addressing and allows upper layers access to the physical media, handles frame addressing, error checking. This layer controls and communicates directly with the physical network media through the network interface card. It converts the frames into bits to pass them on to the Physical layer who puts them on the wire (and vice versa). IEEE LAN standards such as 802.3, 802.4, 802.5, and 802.11 define standards for the MAC sublayer as well as the Physical layer.

PHYSICAL (LAYER 1) This layer communicates directly with the physical media. It is responsible for activating, maintaining and deactivating the physical link. It handles a raw bits stream and places it on the wire to be picked up by the Physical layer at the receiving node. It defines electrical and optical signaling, voltage levels, data transmission rates, as well as mechanical specifications such as cable lengths and connectors, the amount of pins and their functions. Examples of devices that operate on this layer are hubs/concentrators, repeaters, NICs, WAPs, and LAN and WAN interfaces such as RS-232, OC-3, BRI, and antennas.

Thursday, August 23, 2007

Active directory collection

Active Directory on a Windows Server 2003 Network
Active Directory is the information hub of the Windows Server 2003 operating system. The following figure shows Active Directory as the focal point of the Windows Server 2003 network used to manage identities and broker relationships between distributed resources so they can work together.

Active Directory provides:
•
A central location for network administration and delegation of administrative authority. You have access to objects representing all network users, devices, and resources and the ability to group objects for ease of management and application of security and Group Policy.
•
Information security and single sign-on for user access to network resources. Tight integration with security eliminates costly tracking of accounts for authentication and authorization between systems. A single user name and password combination can identify each network user, and this identity follows the user throughout the network.
•
Scalability. Active Directory includes one or more domains, each with one or more domain controllers, enabling you to scale the directory to meet any network requirements.
•
Flexible and global searching. Users and administrators can use desktop tools to search Active Directory. By default, searches are directed to the global catalog, which provides forest-wide search capabilities.
•
Storage for application data. Active Directory provides a central location to store data that is shared between applications and with applications that need to distribute their data across entire Windows networks.
•
Systematic synchronization of directory updates. Updates are distributed throughout the network through secure and cost-efficient replication between domain controllers.
•
Remote administration. You can connect to any domain controller remotely from any Windows-based computer that has administrative tools installed.
•
Single, modifiable, and extensible schema. The schema is a set of objects and rules that provide the structure requirements for Active Directory objects. You can modify the schema to implement new types of objects or object properties.
•
Integration of object names with Domain Name System (DNS), the Internet-standard computer location system. Active Directory uses DNS to implement an IP-based naming system so that Active Directory services and domain controllers are locatable over standard IP both on intranets and the Internet.
•
Lightweight Directory Access Protocol (LDAP) support. LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.

Seven layers

The specific description for each layer is as follows:
Layer 7: Application Layer
Defines interface to user processes for communication and data transfer in network
Provides standardized services such as virtual terminal, file and job transfer and operations

Layer 6:Presentation Layer
Masks the differences of data formats between dissimilar systems
Specifies architecture-independent data transfer format
Encodes and decodes data; Encrypts and decrypts data; Compresses and decompresses data

Layer 5:Session Layer
Manages user sessions and dialogues
Controls establishment and termination of logic links between users
Reports upper layer errors

Layer 4:Transport Layer
Manages end-to-end message delivery in network
Provides reliable and sequential packet delivery through error recovery and flow control mechanisms
Provides connectionless oriented packet delivery

Layer 3:Network Layer
Determines how data are transferred between network devices
Routes packets according to unique network device addresses
Provides flow and congestion control to prevent network resource depletion

Layer 2:Data Link Layer
Defines procedures for operating the communication links
Frames packets
Detects and corrects packets transmit errors

Layer 1:Physical Layer
Defines physical means of sending data over network devices
Interfaces between network medium and devices
Defines optical, electrical and mechanical characteristics
There are other network architecture models,. Those models will be discussed in separate documents.
The OSI 7 layer model is defined by ISO in document 7498 and ITU X.200, X.207, X.210, X.211, X.212, X.213 , X.214, X.215, X.217 and X.800. The protocols defined by ISO based on the OSI 7 layer mode.

Friday, August 10, 2007

Networking faq

What is ARP?
An:- (Address Resolution Protocol) A TCP/IP protocol for determining the hardware address of a node on a local area network connect to the internet, when only the IP address is know an ARP requests send to the network.

What is BGP?
An: - Border gateway protocol. A protocol used by NSF net that is used on the external gateway protocol.

What is DLC?
An: - Data link control and a error correction protocol in the system network architecture responsible for transmission of data between two nodes are a physical link support windows NT 2000.

What is DBS?
An: - data base administrator the administrator determines the content internal structure and access strategy for a performance.

What is DHCP?
An: - Dynamic host configuration protocol. A TCP/IP protocol that enables a network connected to the internet to assign a Temporary IP address to a host automatically when the host connects to the network.

What is DFS?
An: - Distributed file system. A file management system in which in which file may be located on multiple computers connected over a local or wide area network.

What is DNS?
An: - Domain name system. The hierarchical system by which hosts on the internet have both domain name address (such as vikrantnetworkin.bolgspot.com) and IP address (192.168.1.1). The domain name address is used by human user and automatically translated in to the numerical IP add, which is used by the packet routing software. DNS names consist of a top level domain, a second level domain.

What is FAT?
An: - File allocation table. MS- dos the file allocation table is commonly know as the FAT.

What is HTTP?
An: - Hypertext transfer protocol. The protocol used to carry request from a browser to a web server and to transport pages from web server back to the requesting browser. It is not an especially secure protocol.

What is MS- Dos?
An: - Microsoft disk operating system. A single tasking, single user operating system with a command line interface, released in 1981, for IBM PC and compatibles.
What is NTFS?
An: - New technology file system. An advance file system designed for use specification with the window NT operating system. It supports longs filenames, full security access control, file system recovery, extremely large storage media, and various features for the Windows NT POSIX subsystem. It support always original application by treating all files as object with user defined and system defined attributes.

What is PPP?
An: - Point to point protocol. A widely used data link protocol for transmitting TCP/ IP packets over dialup telephone connection, such as between a computer and the internet. PPP dynamic support of IP add, provides greater protection for data integrity and security and is easier to use than SLIP, at a cost of greater overhead.

What is RAID?
An: - Redundant array or independent disks. A data storage method in which data is distributed across a group of computer disk drives that function as a single storage unit.

What is ICMP?
An: - Internet control message protocol. A network layer internet protocol that provide error correction and other information relevant to IP packet processing for ex. It can let the IP software on one machine inform anther machine about an unreachable destination.

What is IP Sec?
An: - Internet protocol security. A security mechanism under development by the IETF designed to ensure secure packet based on two levels of security.

What is ISP?
An: - Internet service provider. A business that supplies internet connectivity services to individuals, businesses, and other organization. Some ISP is large national or Multinational Corporation that offer access in many locations, while others are limited to single city or region.

What is LAN?
An: - Local area network. A group of computers and other devices dispersed over a relatively limited area and connected by a communication link that enables any device to interact with any other on the network.

What is MAU?
An: - Multi access unit. A hub device in a token ring network that connects computers in a physical hub and spokes arrangement but uses the logical ring required in token ring network.

What is RAM?
An: - Random access memory. A TCP/IP protocol for determining the IP add or a node on a local area network connected to the internet, when only the hardware address is known.

What is SMTP?
An: - Simple mail transfer protocol. A TCP/IP protocol for sending message from one computer to another on a network, this protocol is used on the internet to route e- mail.

What is TCP?
An: - Transmission control protocol. The protocol within TCP/IP that governs the breakup of data message in to packets received by IP a connection oriented reliable protocol.

What is WAN?
An: - Wide Area Network. A geographically widespread network, one that relies on communications capabilities to link the various network segments. A wan can be one large network or it can consist of a number or Linked LAN’s.

Thursday, August 9, 2007

Most popular Demo of networking

Forgot the Administrator's Password?

Ok, so you say you forgot your Windows administrator's password, huh? Oh well, it doesn't really matter if you did or you just say you did. The fact is that you need to gain access to a computer and you cannot "remember" the administrator's password.
How can you get out of this situation without formatting and re-installing the operating system?
Featured Product
Windows Key by LostPassword.com - Use this easy tool to reset any Windows local or domain controller password in a minute. Money-back guarantee. Download FREE version now!
One method of gaining access to the system is by trying hard to remember the forgotten password, or a password of another user which has the same level of administrative rights. However I don't think this approach will help you, otherwise you wouldn't be sitting here reading article, would you?)
Another method is by trying to restore a backed up System State (in Windows 2000/XP/2003) or a ERD (in NT 4.0) in which you do remember the password. The problem with doing so is that you'll probably lose all of the recently add users and groups, and all the changed passwords for all of your users since the last backup was made.
A third method might be to install a parallel operating system on a different partition on the same computer, then use a simple trick to gain access to the old system.
Note: If you are looking for password cracking tools that can be used for miscellaneous objectives such as password-protected PDF documents, zipped archives, Office documents, BIOS protection and so on then this pages is NOT for you. See some links at the bottom of this page for hints on where to find such tools, but I can tell you right away that Google might be a better choice for you.
The fourth option is by using 3rd party tools that will enable you to reset the lost password and logon with a blank password.

Freeware Password Recovery Tools
Here are some of these tools:
Free Windows password-cracking tools are usually Linux boot disks that have NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes for any account including the Administrators. This process requires physical access to the console and an available floppy drive but it works like a charm! I've done it myself several times with no glitch or problem whatsoever.
Beware!!! Resetting a user's or administrator's password on some systems (like Windows XP) might cause data loss, especially EFS-encrypted files and saved passwords from within Internet Explorer. To protect yourself against EFS-encrypted files loss you should always export your Private and Public key, along with the keys for the Recovery Agent user. . Out of the following list, the only tool that will no cause any harm to EFS-encrypted files on your hard disk is the Windows Password Recovery system.

Download links:
· cd070409.zip (~3MB) - Bootable CD image with newer drivers
· bd050303.zip (~1.1MB) - Bootdisk image, date 050303.
· sc050303.zip(~1.4MB) - SCSI-drivers (050303) (only use newest drivers with newest bootdisk, this one works with bd050303)
To write these images to a floppy disk you'll need RawWrite2 which is included in the Bootdisk image download. To create the CD you just need to use your favorite CD burning program and burn the .ISO file to CD.
Support and Problems? Don't call me! Talk to the creator of this great tool. He also has a good FAQ set up covering most of the day-to-day questions. Read it right HERE
Author claims that this tool was successfully tested on NT 3.51, NT 4, Windows 2000 (except datacenter), Windows XP (all versions) and Window Server 2003. Notice that it is NOT compatible with Active Directory.

How to Change the Serial in Windows XP

How can I change the volume licensing product key on a Windows XP SP1-Based Computer?
Because of changes in Windows XP Service Pack 1 (SP1), Windows XP-based computers that use a leaked product key that is known to be available to the general public may not be able to install SP1 or automatically obtain updates from the Windows Update Web site. For an easy and quick method of obtaining your own CD Key please read
There are two (legal) methods that you can use to change the product key with volume licensing media after installation. You can use either the Windows Activation Wizard graphical user interface (GUI) or a Windows Management Instrumentation (WMI) script.
The easier method to use is the Use the Activation Wizard method. Use this method when you only have a few computers on which to change the product key. The Use a Script method is best when you have a number of computers on which you have to change the product key.
Legal Note: Make sure you understand that this method is indeed legal. This is NO crack, NO hack, there is nothing illegal with this article. I will not, however, encourage any reader to use an illegally obtained CD Key. What you do in your own house/office is your own business, and I cannot and will not be held responsible for your actions.
Method #1: Use the Activation Wizard
If you have only a few volume licensing product keys to change, you can use the Activation Wizard.

Warning!
This document contains instructions for editing the registry. If you make any error while editing the registry, you can potentially cause Windows to fail or be unable to boot, requiring you to reinstall Windows. Edit the registry at your own risk. Always back up the registry before making any changes. If you do not feel comfortable editing the registry, do not attempt these instructions. Instead, seek the help of a trained computer specialist.
Note: Microsoft recommends that you run System Restore to create a new restore point before you complete the following steps:
Click Start, and then click Run.
In the Open box, type Regedit, and then click OK.
In the left pane, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Current Version\WPAEvents
In the right pane, right-click OOBETimer, and then click Modify.
Change at least one digit of this value to deactivate Windows.
Click Start, and then click Run.
In the Open box, type the following command, and then click OK.
%systemroot%\system32\oobe\msoobe.exe /a
Click Yes, I want to telephone a customer service representative to activate Windows, and then click Next.
Click Change Product key.
Type the new product key in the New key boxes, and then click Update. If you are returned to the previous window, click Remind me later, and then restart the computer.
Repeat steps 6 and 7 to verify that Windows is activated. You receive the following message:
Windows is already activated. Click OK to exit.
Click OK.
Install SP1 for Windows XP.
If you cannot restart Windows after you install SP1, press F8 when you restart the computer, select Last Known Good Configuration, and then repeat this procedure.
Method #2: Use a Script
You can create a WMI script that changes the volume licensing product key, and then deploy this script in a startup script. The sample ChangeVLKey2600.vbs script and the sample ChangeVLKeySP1 script that are described in this section use the new volume licensing key that you want to enter, in its five-part alphanumeric form, as a single argument. Microsoft recommends that you use the ChangeVLKey2600.vbs script on Windows XP-based computers that are not running SP1 and that you use the ChangeVLKeySP1.vbs script on Windows XP-based computers that are running SP1. These scripts perform the following functions:
They remove the hyphen characters (-) from the five-part alphanumeric product key.
They create an instance of the win32_WindowsProductActivation class.They call the SetProductKey method with the new volume licensing product key.
You can create a batch file or a CMD file that uses either of the following sample scripts, together with the new product key as an argument, and either deploy it as part of a startup script or run it from the command line to change the product key on a single computer.
ChangeVLKeySP1.vbs
'
' WMI Script - ChangeVLKey.vbs
'
' This script changes the product key on the computer
'
'***************************************************************************
ON ERROR RESUME NEXT
if Wscript.arguments.count<1 vol_prod_key =" Wscript.arguments.Item(0)" vol_prod_key =" Replace(VOL_PROD_KEY," impersonationlevel="impersonate}" result =" Obj.SetProductKey"> 0 then
WScript.Echo Err.Description, "0x" & Hex(Err.Number)
Err.Clear
end if
Next
ChangeVLKey2600.vbs
'
' WMI Script - ChangeVLKey.vbs
'
' This script changes the product key on the computer
'
'***************************************************************************
ON ERROR RESUME NEXT
if Wscript.arguments.count<1 vol_prod_key =" Wscript.arguments.Item(0)" vol_prod_key =" Replace(VOL_PROD_KEY," wshshell =" WScript.CreateObject(" impersonationlevel="impersonate}" result =" Obj.SetProductKey"> 0 then
WScript.Echo Err.Description, "0x" & Hex(Err.Number)
Err.Clear
end if
Next
Example
The following example describes how to use the ChangeVLKeySP1.vbs script from a command line:
Click Start, and then click Run.
In the Open box, type the following command, where AB123-123AB-AB123-123AB-AB123 is the new product key that you want to use, and then click OK:
c:\changevlkeysp1.vbs ab123-123ab-ab123-123ab-ab123

Home Network Setup

On this page I will describe the 4 variants or options that one has when connecting a home or small office network to the Internet via an ADSL or Cable modem. Carefully read the pros and cons of each method and decide what's best for you.
");
//]]>-->
Need Help with your Home Network Setup Right Now?

If you are having problems setting up or troubleshooting your home network Support.com is there to help you. Our Network Setup & Troubleshooting service puts all the pieces together. Establishing a secure home network is a daunting task. We'll take the hassle out of setting up your network by implementing the latest security precautions and connecting all of your devices to your router.
Support.com Free Estimate - Network Setup & Troubleshooting
document.context='YTowOnt9';
In this page I will not go into PC configuration details.
Home Network Setup Option 1: Everything hooked to a Hub or Switch
Pros
Simple setup
No server needed
Configure each PC manually
Cons
Maximum 4 PC's
Fixed IP addresses for all 4 PC's
Dial-in required per PC
No Proxy
Hub ports = the number of PC's + 1
Only one PC at a time can be connected to the Internet
With this home network setup we connect all Ethernet cables (PC and ADSL) to a hub or switch. The hub or switch can be any model UTP based hub preferably with a uplink/MDI crossed connector. You will need the uplink connector to connect the ADSL connector. If your hub does not come with such a connector, you should buy or prepare a UTP crossed-over network cable and use that instead. Your hub should have at least the amount of PC's plus 1 (ADSL) UTP ports.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 (Crossed-over cable if hub doesn't have an uplink port) PC1-------------------Switching Hub-----------------------PC410.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem either is connected to the uplink UTP connector of your hub, or - using a UTP crossed cable - to a regular UTP connector.
Each PC is connected to a regular UTP port of the hub/switch.
Each PC (maximum of 4!) should be configured as a ADSL client as described by your provider. Each PC should have an unique IP address.
Home Network Setup Option 2: Everything to the Hub or Switch - one of the PCs is a server
Pros
Simple setup
No manual PC configuration
Almost no limit to the number of PC's (254)
Dialup is done automatically
Proxy (WinRoute or similar)
Cons
Server software (NAT or Proxy) or Microsoft Internet Connection Sharing (ICS) required
Configuring the server can be difficult
Hub ports = number PC's + 1
This network setup is similar to variant 1 with one difference: we have a server which enables us to use a different IP range for PCs.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 (Crossed-over cable if hub doesn't have an uplink port) PC1-------------------Switching Hub-----------------PC4 (SERVER)10.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem either is connected to the uplink UTP connector of your hub, or - using a UTP crossed cable - to a regular UTP connector.
Each PC is connected to a regular UTP port of the hub/switch.
One of the PC's is to be configured as server either using software like WinRoute or Microsoft Internet Connection Sharing (Windows 2000, XP and ME have this standard included).
Home Network Setup Option 3: All PC's to a Hub or Switch - Server connected to ADSL
Pros
Simple setup
No manual configuration of PC's
Almost unlimited number of PC's (254)
Dialup done automatically
Separation between the Internet and the LAN
No uplink or crossed UTP cable required
Hub ports = number PC's
Proxy (WinRoute or similar)
Cons
Server software (NAT or Proxy) or Microsoft Internet Connection Sharing (ICS) required
Configuring the server can be difficult
Hub ports = number PC's + 1
Server needs additional network-card
Similar to option 1 and option 2 with the exception that the ADSL cable is connected to a server directly and from that server an second network connection is connected to the hub or switch. There are no limitations to the switch or hub used, this can even be a coax network if you would like so (this requires NO hub).
The ADSL network cable is connected to the server, which has 2 network-cards:
ADSL connection
LAN/hub connection
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 10.0.0.5 PC5 Server 192.168.0.5 PC1-------------------Switching Hub-----------------PC4 192.168.0.101 / \ 192.168.0.104 / \ / \ PC2 PC3 192.168.0.102 192.168.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem is connected to the server.
The second network-card of the server is connected to the hub.
Each PC is connected to a regular UTP port of the hub/switch.
One of the PC's is to be configured as server either using software like WinRoute or Microsoft Internet Connection Sharing.
Home Network Setup Option 4: PC's and ADSL to Router/Switch
Pros
Simple setup
No manual configuration of PC's
Almost unlimited number of PC's (254)
Dialup done automatically
Separation between the Internet and the LAN
No uplink or crossed UTP cable required
Hub ports = number PC's
No server required
Cons
Routers can be expensive
Configuration of a router can be hard
Not all ADSL routers support RAS with VPN/PPTP
The router/switch (like the LinkSys models) is both a "server" for DHCP, firewall, DNS etc. and a hub in one.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 10.0.0.1 PC1------------------Router / Switch-----------------PC4 192.168.0.101 / \ 192.168.0.104 / \ / \ PC2 PC3 192.168.0.102 192.168.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem is connected to the router/switch.
All PC's are connected to the router/switch.
All you need to do is to configure the router for Internet Sharing.
Note: Some ADSL modems, such as the Alcatel SpeedTouch Pro, can function as routers between the Internet and the LAN. Read Upgrade from Alcatel SpeedTouch Home to Pro on how to configure your modem. In that case you will no longer require a router on your network:
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem (Configured as a router) 10.0.0.138 PC1-------------------Switching Hub-----------------------PC410.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The ADSL modem is configured as a router.
The Ethernet cable from the modem is connected to the switching hub.
All PC's are connected to the switching hub.

Remember these are just a few of the options available in a home network setup.

How to Install Active Directory on Windows 2003

First make sure you read and understand Active Directory Installation Requirements. If you don't comply with all the requirements of that article you will not be able to set up your AD (for example: you don't have a NIC or you're using a computer that's not connected to a LAN).
Note: This article is only good for understanding how to install the FIRST DC in a NEW AD Domain, in a NEW TREE, in a NEW FOREST. Meaning - don't do it for any other scenario, such as a new replica DC in an existing domain.
"

If you are looking to really master Active Directory, Group Policy or other Windows networking skills, I strongly recommend that you try Train Signal. I've discovered this company a few months ago and I always send people their way because the training is so good. You can see more Active Directory and windows server training with "Hands-On" video instruction at http://www.TrainSignal.com.
Daniel Petri
document.context='YTowOnt9';

Windows Server 2003 Note: If you plan to install a new Windows Server 2003 DC in an existing AD forest please read the page BEFORE you go on, otherwise you'll end up with the following error:

Here is a quick list of what you must have:
· An NTFS partition with enough free space
· An Administrator's username and password
· The correct operating system version
· A NIC
· Properly configured TCP/IP (IP address, subnet mask and - optional - default gateway)
· A network connection (to a hub or to another computer via a crossover cable)
· An operational DNS server (which can be installed on the DC itself)
· A Domain name that you want to use
· The Windows Server 2003 CD media (or at least the i386 folder)
· Brains (recommended, not required...)
This article assumes that all of the above requirements are fulfilled.
Step 1: Configure the computer's suffix
(Not mandatory, can be done via the Dcpromo process).
1. Right click My Computer and choose Properties.
2. Click the Computer Name tab, then Change.

3. Set the computer's NetBIOS name. In Windows Server 2003, this CAN be changed after the computer has been promoted to Domain Controller.
4. Click More.

5. In the Primary DNS suffix of this computer box enter the would-be domain name. Make sure you got it right. No spelling mistakes, no "oh, I thought I did it right...". Although the domain name CAN be changed after the computer has been promoted to Domain Controller, this is not a procedure that one should consider lightly, especially because on the possible consequences. Read more about it on my Windows 2003 Domain Rename Tool page.

6. Click Ok.
7. You'll get a warning window.
8. Click Ok.
9. Check your settings. See if they're correct.
10. Click Ok.
11. You'll get a warning window.
12. Click Ok to restart.
Step 2: Configuring the computer's TCP/IP settings
You must configure the would-be Domain Controller to use it's own IP address as the address of the DNS server, so it will point to itself when registering SRV records and when querying the DNS database.
Configure TCP/IP
1. Click Start, point to Settings and then click Control Panel.
2. Double-click Network and Dial-up Connections.
3. Right-click Local Area Connection, and then click Properties.

4. Click Internet Protocol (TCP/IP), and then click Properties.

5. Assign this server a static IP address, subnet mask, and gateway address. Enter the server's IP address in the Preferred DNS server box.
Note: This is true if the server itself will also be it's own DNS server.
If you have another operational Windows 2000/2003 server that is

6. Click Advanced.
7. Click the DNS Tab.
8. Select "Append primary and connection specific DNS suffixes"
9. Check "Append parent suffixes of the primary DNS suffix"
10. Check "Register this connection's addresses in DNS". If this Windows 2000/2003-based DNS server is on an intranet, it should only point to its own IP address for DNS; do not enter IP addresses for other DNS servers here. If this server needs to resolve names on the Internet, it should have a forwarder configured.

11. Click OK to close the Advanced TCP/IP Settings properties.
12. Click OK to accept the changes to your TCP/IP configuration.
13. Click OK to close the Local Area Connections properties.
Step 3: Configure the DNS Zone
(Not mandatory, can be done via the Dcpromo process).

Furthermore, it is assumed that the DC will also be it's own DNS server. If that is not the case, you MUST configure another Windows 2000/2003 server as the DNS server, and if you try to run DCPROMO without doing so, you'll end up with errors and the process will fail.
Creating a Standard Primary Forward Lookup ZoneClick Start, point to All Programs, point to Administrative Tools, and then click DNS Manager. You see two zones under your computer name:

1. Forward Lookup Zone and Reverse Lookup Zone.
2. Right click Forward Lookup Zones and choose to add a new zone.

3. Click Next. The new forward lookup zone must be a primary zone so that it can accept dynamic updates. Click Primary, and then click Next.

4. The name of the zone must be the same as the name of the Active Directory domain, or be a logical DNS container for that name. For example, if the Active Directory domain is named "lab.dpetri.net", legal zone names are "lab.dpetri.net", "dpetri.net", or "net".

Type the name of the zone, and then click Next.
5. Accept the default name for the new zone file. Click Next.

6. To be able to accept dynamic updates to this new zone, click "Allow both nonsecure and secure dynamic updates". Click Next.

7. Click Finish.

You should now make sure your computer can register itself in the new zone. Go to the Command Prompt (CMD) and run "ipconfig /registerdns" (no quotes, duh...). Go back to the DNS console, open the new zone and refresh it (F5). Notice that the computer should by now be listed as an A Record in the right pane.
If it's not there try to reboot (although if it's not there a reboot won't do much good). Check the spelling on your zone and compare it to the suffix you created in step 1. Check your IP settings.
Enable DNS Forwarding for Internet connections (Not mandatory)
1. Start the DNS Management Console.
2. Right click the DNS Server object for your server in the left pane of the console, and click Properties.

3. Click the Forwarders tab.
4. In the IP address box enter the IP address of the DNS servers you want to forward queries to - typically the DNS server of your ISP. You can also move them up or down. The one that is highest in the list gets the first try, and if it does not respond within a given time limit - the query will be forwarded to the next server in the list.

5. Click OK.
Creating a Standard Primary Reverse Lookup ZoneYou can (but you don't have to) also create a reverse lookup zone on your DNS

server. The zone's name will be the same as your TCP/IP Network ID. For example, if your IP address is 192.168.0.200, then the zone's name will be 192.168.0 (DNS will append a long name to it, don't worry about it). You should also configure the new zone to accept dynamic updates. I guess you can do it on your own by now, can't you?

Step 4: Running DCPROMO
After completing all the previous steps (remember you didn't have to do them) and after double checking your requirements you should now run Dcpromo.exe from the Run command.
1. Click Start, point to Run and type "dcpromo".

2. The wizard windows will appear. Click Next.

3. In the Operating System Compatibility windows read the requirements for the domain's clients and if you like what you see - press Next.

4. Choose Domain Controller for a new domain and click Next.

5. Choose Create a new Domain in a new forest and click Next.

6. Enter the full DNS name of the new domain, for example - kuku.co.il - this must be the same as the DNS zone you've created in step 3, and the same as the computer name suffix you've created in step 1. Click Next.

This step might take some time because the computer is searching for the DNS server and checking to see if any naming conflicts exist.
7. Accept the the down-level NetBIOS domain name, in this case it's KUKU. Click Next

8. Accept the Database and Log file location dialog box (unless you want to change them of course). The location of the files is by default %systemroot%\NTDS, and you should not change it unless you have performance issues in mind. Click Next.

9. Accept the Sysvol folder location dialog box (unless you want to change it of course). The location of the files is by default %systemroot%\SYSVOL, and you should not change it unless you have performance issues in mind. This folder must be on an NTFS v5.0 partition. This folder will hold all the GPO and scripts you'll create, and will be replicated to all other Domain Controllers. Click Next.

10. If your DNS server, zone and/or computer name suffix were not configured correctly you will get the following warning:

This means the Dcpromo wizard could not contact the DNS server, or it did contact it but could not find a zone with the name of the future domain. You should check your settings. Go back to steps 1, 2 and 3. Click Ok.
You have an option to let Dcpromo do the configuration for you. If you want, Dcpromo can install the DNS service, create the appropriate zone, configure it to accept dynamic updates, and configure the TCP/IP settings for the DNS server IP address.
To let Dcpromo do the work for you, select "Install and configure the DNS server...".
Click Next.
Otherwise, you can accept the default choice and then quit Dcpromo and check steps 1-3.
11. If your DNS settings were right, you'll get a confirmation window.

Just click Next.
12. Accept the Permissions compatible only with Windows 2000 or Windows Server 2003 settings, unless you have legacy apps running on Pre-W2K servers.

13. Enter the Restore Mode administrator's password. In Windows Server 2003 this password can be later changed via NTDSUTIL. Click Next.

14. Review your settings and if you like what you see - Click Next.

15. See the wizard going through the various stages of installing AD. Whatever you do - NEVER click Cancel!!! You'll wreck your computer if you do. If you see you made a mistake and want to undo it, you'd better let the wizard finish and then run it again to undo the AD.

16. If all went well you'll see the final confirmation window. Click Finish.

17. You must reboot in order for the AD to function properly.

18. Click Restart now. Step 5: Checking the AD installation

Step 5: Checking the AD installation

You should now check to see if the AD installation went well.
1. First, see that the Administrative Tools folder has all the AD management tools installed.

2. Run Active Directory Users and Computers (or type "dsa.msc" from the Run command). See that all OUs and Containers are there.

3. Run Active Directory Sites and Services. See that you have a site named Default-First-Site-Name, and that in it your server is listed.

4. Open the DNS console. See that you have a zone with the same name as your AD domain (the one you've just created, remember? Duh...). See that within it you have the 4 SRV record folders. They must exist.
= Good
If they don't (like in the following screenshot), your AD functions will be broken (a good sign of that is the long time it took you to log on. The "Preparing Network Connections" windows will sit on the screen for many moments, and even when you do log on many AD operations will give you errors when trying to perform them).
= BadThis might happen if you did not manually configure your DNS

server and let the DCPROMO process do it for you.
Another reason for the lack of SRV records (and of all other records for that matter) is the fact that you DID configure the DNS server manually, but you made a mistake, either with the computer suffix name or with the IP address of the DNS server (see steps 1 through 3).
To try and fix the problems first see if the zone is configured to accept dynamic updates.
1. Right-click the zone you created, and then click Properties.

2. On the General tab, under Dynamic Update, click to select "Nonsecure and secure" from the drop-down list, and then click OK to accept the change.

You should now restart the NETLOGON service to force the SRV registration.
You can do it from the Services console in Administrative tools:

Or from the command prompt type "net stop netlogon", and after it finishes, type "net start netlogon".

Let it finish, go back to the DNS console, click your zone and refresh it (F5). If all is ok you'll now see the 4 SRV record folders.

If the 4 SRV records are still not present double check the spelling of the zone in the DNS server. It should be exactly the same as the AD Domain name. Also check the computer's suffix (see step 1). You won't be able to change the computer's suffix after the AD is installed, but if you have a spelling mistake you'd be better off by removing the AD now, before you have any users, groups and other objects in place, and then after repairing the mistake - re-running DCPROMO.
5. Check the NTDS folder for the presence of the required files.

6. Check the SYSVOL folder for the presence of the required subfolders.

7. Check to see if you have the SYSVOL and NETLOGON shares, and their location.

If all of the above is ok, I think it's safe to say that your AD is properly installed.