NetApp ONTAP 8.1.1 Simulator
Today we are going to expand the NetApp ONTAP 8.1.1 Simulator to hold the maximum supported Disk sizes.
************************************************************************************************
Part 1 Downloading and basic setup of VM
First you need to download the NetApp ONTAP 8.1.1 Simulator from NetApp at http://now.netapp.com/NOW/cgi-bin/simulator. You must have a NOW account to download the Simulator. (Do not ask me for the Simulator). While you are there download the OnCommand System Manager a GUI for NetApp https://now.netapp.com/NOW/cgi-bin/software. In order to run the Simulator you must have VMware software, I am using VMware workstation but player will also work.
Extract the Simulator to the directory of your choice. Several files will be extracted the one we are looking for is DataONTAP.vmx, this is the Virtual Machine.
Double clicking this will open the VM in VMware workstation (or player).
There are a few things we are going to change before we start the VM, so first click on the edit virtual machine settings.
Read the rest of this entry »
AppLocker Update 1
So I tried “Authenticated users” and I had the same issue as Domain Users. And really it would not have solved my problem anyway even if it did work.
To test this I made a test machine and created a local AppLocker rule.
TEST 1
I am using Word this time, the rule is set for a group called “Office Users” (Did not want to use Domain Users again because I think people were getting confused by its use)
Again when trying to open a File with ADS I get an error, slightly different with word. But the AppLocker event error is the same. Read the rest of this entry »
Setting Group Policy on a local Computer
The majority of this information can also be found here, but I include pictures to make it easier to understand.
http://technet.microsoft.com/en-us/library/cc766291(v=ws.10).aspx
This post is for farzinkanzi, and was originally posted here:
http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/8e04136b-2260-4bc2-88b1-f4e47d3bc040/#dc0fc516-e1d9-44f6-9251-875839e7c956
This describes one setting and how to make that setting apply to everyone on the computer except one user.
In this case: “Removable disks: Deny read access” needs to apply to everyone except farzinkanzi.
And while I am at it I’ll also answer his question posted here: (since they are almost the same)
http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/46a476be-282b-45d1-be15-03a1b8352c4e/#46a476be-282b-45d1-be15-03a1b8352c4e
Ok on a Windows 7 Professional computer I have 3 Accounts:
ABC – Administrator
ADM – Administrator
XYZ – User
AppLocker
This was posted to http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/d91363df-44fb-4c15-ad75-3779e3ed35ab
AppLocker not behaving as expect when file has Alternate Data Streams and rule is not applied to everyone.
I have a publisher rule setup for MS Office 2010 as in the picture
When this is set to Allow for Everyone Office works as expected.
However if I set the rule to Allow for Domain Users I have an issue.
Exchange Management Console
How to sequence Exchange 2007 SP3 Console for App-V
Computer prep:
Basic sequencing computer (x64) with App-V 4.6.1.30091 (SP1 and Hotfix)
ALL RSAT tools enabled.
Exchange install files available and SP3 files already extracted.
Make a directory on “Q:” for the exchange install
q:\Exchange.Con
Start App-V Sequencer Read the rest of this entry »
Installing the FIM 2010 Server Components
The Bulk of the information here was taken from http://technet.microsoft.com/en-us/library/ff512686.aspx
You must use an account with:
Local administrator privileges SharePoint administrator on the portal SQL sysadmin. |
During installation, Setup tries to contact the other components to validate that the service is running. For the contact to function correctly, remote administration must be activated in Windows Firewall.
To turn on remote administration, start Windows Firewall in Control Panel, click Allow a program through the Windows Firewall, and then click Remote Administration. This is done on the FIM Server |
Pre-setup tasks for FIM
The Bulk of the information here was taken from http://technet.microsoft.com/en-us/library/ff512685.aspx
Before you start this make sure your FIM server is setup. Look here for information.
Before you install the Microsoft Forefront Identity Manager (FIM) 2010 server there are some tasks that you must do before hand.
Create an e-mail-enabled domain service account to run the FIM Service
To run the FIM Service component, you must have a dedicated domain service account. To be able to use the Office Outlook integration feature, an Exchange Server mailbox must also be created for this account. To use the FIM Add-in for Outlook feature, you must set up the domain service e-mail account on a server that hosts Exchange Server 2007 or Exchange Server 2010. If you plan to use SMTP for notifications rather than Exchange Server, ensure that this service account has the required permissions on the SMTP gateway.
This account also is used to send e-mail notifications from FIM 2010.
This account should not be granted local administrator permissions.
Hardware and Software Requirements
The Bulk of the information here was taken from http://technet.microsoft.com/en-us/library/ff512684.aspx
I will be running all the FIM services from one server so I need to have all the software listed for each service installed.
Required Hardware
The server or servers that host Microsoft Forefront Identity Manager (FIM) 2010 server components must meet the following minimum hardware requirements:
- An x64-capable processor
- 2 gigabytes (GB) of available hard disk space
- 2 GB or more of RAM
- A monitor with a resolution of 1024 × 768
- A CD-ROM or DVD-ROM drive
The client computer that hosts the FIM 2010 client-side components must meet the following minimum hardware requirements:
- 512 MB of RAM (1 GB recommended)
- 500 MB of free hard disk space
- A monitor that can display a resolution of 1024 × 768
Microsoft Storage Server iSCSI
All the information here is taken from this BLOG, the only thing I did was add pictures to make the directions clearer.
http://blogs.technet.com/b/josebda/archive/2007/12/18/configuring-the-microsoft-iscsi-software-target.aspx
Add iSCSI Targets
The first thing to do is add two iSCSI Targets to the Storage Server. To do this, right-click the iSCSI Targets node in the Microsoft iSCSI Software Target MMC and select the “Create iSCSI Target” option. You will then specify a name, an optional description and the identifier for the iSCSI Initiator associated with that iSCSI Target.
Ok so first I got the IQN from the iSCSI Initiator on the SQL Server and Exchange (only showing SQL)
On the SQL box start the iSCSI Initiator MMC
Test Network
So I decided to build myself a Virtual test network to play with some new technology we are using at work. The next few posts will be about the building of the test network.
The Idea
Things I would need.
A computer beefy enough to run the Virtual network and enough storage for the virtual machines
Software for the VM environment
Software for the VM Servers
Software for the applications on the VMs
OK Hardware first. My current home computer was kind of dated so I decided to go ahead and buy a new computer. I could have just as easily upgraded or bought another one for just the lab. Read the rest of this entry »