Ask Prasanth

Blue Screen of Death

2010-09-23T22:56:00.000-07:00

Blue Screen of Death

If you have been working on computers or are just starting to use them, one of the most disturbing events that can occur is the BSOD or Blue Screen of Death. The BSOD is actually an error screen that is displayed by specific operating systems informing the user that a critical system error has occurred. The Blue Screen of Death can be found on many different types of operating systems, but is most notably infamous for occurring on Microsoft Windows Operating Systems.

Common Causes of the Blue Screen of Death Occurring\
Not Cause
1. It doesn’t occur because of operating system
Cause
1. Including a poorly written device driver
2. Faulty memory
3. Incompatible DLL’s or a corrupt Registry. (3rd party software)

Poorly written device driver: A device driver is usually created by a third party company to run a device such as a peripheral (printer, scanner, mouse, etc). These third party companies’ create small driver programs which make it possible for these devices to work on a specific operating system, however many times these small programs can be buggy causing incompatibility which can result in the BSOD.

Faulty memory: Faulty memory can occur when a computer is processing memory intensive operations. For instance, a defective or RAM can cause an operating system to encounter a problem with the memory causing the BSOD. In certain cases, heat or other conditions can cause memory components to fail causing the BSOD.

Incompatible DLL's: DLL's are dynamic link libraries which are part of the operating system's shared library concept. These DLL's are files that are necessary for certain programs to run or processes to take place. If a DLL is not found or there is a problem with the file, this may cause the BSOD. When a BSOD occurs due to DLL incompatibility, it is usually referred to as DLL hell. It should be noted that DLL's are loaded into the memory of a computer each and every time an application needs them. As an application is used over and over again, the chances of an incompatible DLL file occurring increases. This is why many computer users notice that a freshly installed Windows operating system is much more stable than a computer that has a copy of Windows installed for a lengthy period of time.

Corrupt Registry: The registry is a database that Window's operating system use to store configuration information regarding hardware and software, information used for set up and user preferences. If the registry is corrupt the BSOD may occur.

The History of the BSOD
The BSOD is synonymous with Microsoft, but does occur on other types of software. For instance, the Atari Jaguar has a Blue Screen of Death and Lotus Notes has a stop error screen extremely similar to the BSOD, except in red. The Blue Screen of Death occurs on almost every operating system that Microsoft has sold including Windows 3.1, 95, 98, 2000, Windows NT, ME and XP. It should be noted that in MS Dos, a Black Screen of Death occurs and it is said that in Vista a Red Screen of Death (RSOD) occurs.

Understanding the Blue Screen of Death
It should be noted that when a stop error occurs and your computer displays the Blue Screen of Death, you will also usually be able to see a message. The message might state a FILE_SYSTEM and a number: 0x00000022. Copy this number down, it can be used later to understand and determine why the error occurred. Usually you can visit Microsoft.com and input the error number into their database to find out more information, a description regarding the error and possible fixes for the error.

Windows 2008 R2 Remote Desktop Service

2010-09-16T05:20:00.000-07:00

Windows 2008 R2 Remote Desktop Service

The Remote Desktop Service (RDS) on windows 2008 server R2 were tested and implemented successfully;

Required Parameters: Priority Host Farm requires xx numbers of windows 2008 R2 64bit server. If the Server are installing on ESX Host, Host must support 64bit OS, All HOST Farm Servers are in Same Subnet Networking. All the host Farm servers are belongs to Domain with Admin access policies Users Groups are defined for HOST FARM to access App from Intranet & Internet
The Windows Server 2008 R2 Remote Desktop Services (RDS) architecture consists of the following components:
Active Directory Domain controller
RD Session Host (RDSH) Server
RD Connection Broker (RDCB) Server
RD Web Access server
RD Gateway server
RD Licensing

Active Directory Domain Deployment Scenario: On deploying windows 2008 R2 RDS, we need integrated with the active directory that include the groups policy setting and all the Remote Desktop users Roles will be resolving with the DNS. For Example: I have created a domain called Happy.com and SG-RDS-01 is the group were having 100 users and the DNS should resolving with all the Remote desktop roles were installed on windows 2008 R2 servers.
Virtualized RD Session Host (RDSH) Server Deployment:•
RDSH server based on windows 2008 R2 ENT version Operating system.
First, the RD Session Host role service must be installed (this is the basic “terminal server” system role)
Next, the applications that are to be hosted by the RD Session Host server must be installed on the RD Session Host system.
Finally, you must grant users or groups the required privileges to connect to the RD Session Host server and configure RD Licensing
RDCB Server
RDCB server based on windows 2008 R2 ENT version Operating system.
The computer on which you install the RD Connection Broker role service must be a member of an Active Directory domain.
RD Connection Broker extends the TS Session Broker capabilities included in Windows Server 2008 by creating a unified administrative experience for traditional session-based remote desktops and virtual machine-based remote desktops.
RD Connection Broker supports load balancing and reconnection to existing sessions on virtual desktops, Remote Desktop sessions, and Remote App programs accessed by using Remote App and Desktop Connection.

RD Gateway Server:
Remote Desktop Gateway (RD Gateway) is a role service in the Remote Desktop Services server role included with Windows Server 2008 R2 that enables authorized remote users to connect to resources on an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client.

The network resources can be Remote Desktop Session Host (RD Session Host) servers, RD Session Host servers running Remote App programs, or computers and virtual desktops with Remote Desktop enabled. RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to establish a secure, encrypted connection between remote users on the Internet and internal network resources.

An idle timeout provides the ability to reclaim resources used by inactive user sessions without affecting the user’s session or data. This helps free up resources on the RD Gateway server. After being disconnected, the user will be able to re-establish the session by using RDC.

A session timeout provides the capability to periodically enforce new policies on active user connections. This ensures that any system changes to user properties, such as domain accounts, RD CAP changes, or RD RAP changes, are enforced on existing sessions.

Forefront Unified Access Gateway (UAG) allows you to provide access to published Remote Apps and Remote Desktops by integrating a Remote Desktop Gateway (RD Gateway) to provide an application-level gateway for RDS services and applications

RD Web Access server:
The RD Web Access is a role service of the Remote Desktop Services role.
The RD Web Access needs to be a Windows Server 2008 R2 machine, but does not need to have the RD Sessions Host role service installed.
To run the RD Web Access role service, Microsoft Internet Information Services (IIS) 7.5 must/will be installed. Clients must meet the requirements for RD Web Access
RD Licensing server:
Remote Desktop Licensing (RD Licensing), is a role service in the Remote Desktop Services server role included with Windows Server 2008 R2.
RD Licensing manages the Remote Desktop Services client access licenses (RDS CALs) that are required for each device or user to connect to a Remote Desktop Session Host (RD Session Host) server.
You use Remote Desktop Licensing Manager (RD Licensing Manager) to install, issue, and track the availability of RDS CALs on a Remote Desktop license server
The Manage RDS CALs Wizard
In Windows Server 2008 R2, a new wizard is available in Remote Desktop Licensing Manager (RD Licensing Manager) that allows you to do the following:
Migrate RDS CALs from one license server to another license server.
Rebuild the RD Licensing database

Remote Desktop Connection (RDC) 7.0 client
The Remote Desktop Connection (RDC) 7.0 client update enables you to use the new Remote Desktop Services feature introduced in Windows 7 and in Windows Server 2008 R2. These features are available for clients running Windows XP Service Pack 3 (SP3), Windows Vista Service Pack 1 (SP1), and Windows Vista Service Pack 2 (SP2).
Connecting From:
Win7/R2
Vista SP+
Vista SP+
XP SP3
XP SP3
XP SP2
XP SP2

RDC 7.0
RDC 7.0
RDC 6.1
RDC 7.0
RDC 6.1
RDC 6.1
RDC 5.2

Access to Remote Desktop sessions
yes
yes
yes
yes
yes
yes
yes

Access to Remote App programs
yes
yes
yes
yes
yes
yes
no

Access to personal desktop by using RD Connection Broker
yes
yes
yes
yes
yes
yes
yes

Access to virtual desktop pools by using RD Connection Broker
yes
yes
yes
yes
yes
yes
yes

Launch applications and desktops from Remote App and Desktop Connection on client
yes
no
no
no
no
no
no

Launch Remote App programs, virtual desktop, and session-based desktop from RD Web Access
yes
yes
yes
yes
yes
yes
no

Status & disconnect system tray icon.
yes
yes
no
no
no
no
no

RDC Client Single Sign-On

Single sign-on is an authentication method that allows users with a domain account to log on once to a client computer by using a password, and then gain access to remote servers without being asked for their credentials again.

Single sign-on for remote connections from a computer running Windows 7, Windows Vista, or Windows XP with Service Pack 3 to an RD Session Host server running Windows Server 2008 R2 or Windows Server 2008

Ensure that the user accounts that are used for logging on have appropriate rights to log on to both the RD Session Host server and the client computer.
Both the client computer and the RD Session Host server must be joined to a domain.
Configure authentication on the RD Session Host server.
Configure the client computer to allow default credentials to be used for logging on to the specified RD Session Host servers

Forefront UAG adds single sign-on functionality for RDS. The credentials provided by the user for session login can be used to authenticate to published Remote Apps and Desktop Connections

You can provide access to all Remote Desktops and Remote Apps from a single Forefront UAG portal.
Requirements:
To take advantage of the new Web SSO feature, the client must be running Remote Desktop Connection (RDC) 7.0. In order for Web SSO to work:
The connection in Remote App and Desktop Connections must have an ID. By default, it is set to the Fully Qualified Domain Name (FQDN) of the RD Connection Broker server in case of RD Connection Broker mode. In RD Session mode, it is set to the FQDN of the RD Web Access server.
Remote App programs must be digitally signed using a Server Authentication certificate [Secure Sockets Layer (SSL) certificate]. The certificate Enhanced Key Usage section must contain ‘Server Authentication (1.3.6.1.5.5.7.3.1)’.
Client operating systems must trust the certificate with which the Remote App programs are signed. – (Kerberos certification)

Ports should be open
Kerberos Port - 88
RDP Port - 3389
LDAP port - 389
HTTPS port - 443
RDCB RPC Port - 5504 (Centralized publishing server )

Add Multiple Users using PS

2010-09-16T05:18:00.000-07:00

Add Multiple Users using PS

$objOU=[ADSI]“LDAP://OU=OUNAME,DC=DOMAIN,DC=com”
$dataSource=import-csv “user.csv”
foreach($dataRecord in $datasource) {
$cn=$dataRecord.FirstName + ” ” + $dataRecord.LastName
$sAMAccountName=$dataRecord.FirstName + “.” + $dataRecord.LastName
$givenName=$dataRecord.FirstName
$sn=$dataRecord.LastName
$sAMAccountName=$sAMAccountName.ToLower()
$displayName=$sn + “, ” + $givenName
$userPrincipalName=$sAMAccountName + “Prasanth”
$objUser=$objOU.Create(“user”,”CN=”+$cn)
$objUser.Put(“sAMAccountName”,$sAMAccountName)
$objUser.Put(“userPrincipalName”,$userPrincipalName)
$objUser.Put(“displayName”,$displayName)
$objUser.Put(“givenName”,$givenName)
$objUser.Put(“sn”,$sn)
$objUser.SetInfo()
$objUser.SetPassword(“Password”)
$objUser.psbase.InvokeSet(“AccountDisabled”,$false)
$objUser.SetInfo()
}

AD Command's

2009-12-03T23:31:00.000-08:00

FSMO Roles ntdsutilroles Connections "Connect to server %logonserver%" Quit "selectOperation Target" "List roles for conn server" Quit Quit Quit[JDH: This is really a series of steps, not a single commandexpression]
Domain Controllers Nltest /dclist:%userdnsdomain%
Domain Controller IP Configuration for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do psexec \\%i ipconfig /all
Stale computer accounts dsquery computer domainroot -stalepwd 180 -limit 0
Stale user accounts dsquery user domainroot -stalepwd 180 -limit 0
Disabled user accounts dsquery user domainroot -disabled -limit 0
AD Database disk usage for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do dir \\%i\admin$\ntds
Global Catalog Servers from DNS dnscmd %logonserver% /enumrecords %userdnsdomain% _tcp find /i "3268"
Global Catalog Servers from AD dsquery * "CN=Configuration,DC=forestRootDomain" -filter
"(&(objectCategory=nTDSDSA)(options:1.2.840.113556.1.4.803:=1))"Users with no logon script dsquery * domainroot -filter"(&(objectCategory=Person)(objectClass=User)(!scriptPath=*))"-limit 0 -attr sAMAccountName sn givenName pwdLastSet distinguishedName
User accounts with no pwd required dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=32))"
User accounts with no pwd expiry dsquery * domainroot -filter"(&(objectCategory=Person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=65536))"
User accounts that are disabled dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=2))"
DNS Information for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do dnscmd %i /info
DNS Zone Detailed information dnscmd /zoneinfo %userdnsdomain%
Garbage Collection and tombstone dsquery * "cn=Directory Service,cn=WindowsNT,cn=Services,cn=Configuration,DC=forestRootDomain" -attrgarbageCollPeriod tombstoneLifetime
Netsh authorised DHCP Servers netsh dhcp show server
DSQuery authorised DHCP Servers Dsquery * "cn=NetServices,cn=Services,cn=Configuration, DC=forestRootDomain" -attr dhcpServers
DHCP server information netsh dhcp server \\DHCP_SERVER show all
DHCP server dump netsh dhcp server \\DHCP_SERVER dumpWINS serer information Netsh wins server \\WINS_SERVER dump
Group Policy Verification Tool gpotool.exe /checkacl /verbose
AD OU membership dsquery computer -limit 0
AD OU membership dsquery user -limit 0
List Service Principal Names for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do setspn -L %i
Compare DC Replica Object Count dsastat ?s:DC1;DC2;… ?b:Domain ?gcattrs:objectclass ?p:999
Check AD ACLs acldiag dc=domainTree
NTFRS Replica Sets for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do ntfrsutl sets %i
NTFRS DS View for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do ntfrsutl ds %i
Domain Controllers per site Dsquery * "CN=Sites,CN=Configuration,DC=forestRootDomain" -filter (objectCategory=Server)
DNS Zones in AD for /f %i in (’dsquery server -o rdn’) do Dsquery * -s %i domainroot -filter (objectCategory=dnsZone)
Enumerate DNS Server Zones for /f %i in (’dsquery server -o rdn’) do dnscmd %i /enumzones
Subnet information Dsquery subnet ?limit 0
List Organisational Units Dsquery OU
ACL on all OUs For /f "delims=" %i in (’dsquery OU’) do acldiag %i
Domain Trusts nltest /domain_trusts /v
Print DNS Zones dnscmd DNSServer /zoneprint DNSZone
Active DHCP leases For /f %i in (DHCPServers.txt) do for /f "delims=- " %j in (’"netshdhcp server \\%i show scope find /i "active""’) do netsh dhcp server\\%i scope %j show clientsv5
DHCP Server Active Scope Info For /f %i in (DHCPServers.txt) do netsh dhcp server \\%i show scope find /i "active"
Resolve DHCP clients hostnames for /f "tokens=1,2,3 delims=," %i in (Output from ‘Find Subnets fromDHCP clients’) do @for /f "tokens=2 delims=: " %m in (’"nslookup %j find /i "Name:""’) do echo %m,%j,%k,%i
Find two online PCs per subnet Echo. > TwoClientsPerSubnet.txt & for /f "tokens=1,2,3,4delims=, " %i in (’"find /i "pc" ‘Output from Resolve DHCP clientshostnames’"’) do for /f "tokens=3 skip=1 delims=: " %m in (’"Find /i /c"%l" TwoClientsPerSubnet.txt"’) do If %m LEQ 1 for /f %p in (’"ping -n1 %i find /i /c "(0% loss""’) do If %p==1 Echo %i,%j,%k,%l
AD Subnet and Site Information dsquery * "CN=Subnets,CN=Sites,CN=Configuration,DC=forestRootDomain" -attr cn siteObject description location
AD Site Information dsquery * "CN=Sites,CN=Configuration,DC=forestRootDomain" -attr cn description location -filter (objectClass=site)
Printer Queue Objects in AD dsquery * domainroot -filter "(objectCategory=printQueue)" -limit 0
Group Membership with user details dsget group "groupDN" -members dsget user -samid -fn -mi -ln -display -empid -desc -office -tel -email -title -dept -mgr
Total DHCP Scopes find /i "subnet" "Output from DHCP server information" find /i "subnet"
Site Links and Cost dsquery * "CN=Sites,CN=Configuration,DC=forestRootDomain" -attr cn costdescription replInterval siteList -filter (objectClass=siteLink)
Time gpresult timethis gpresult /v
Check time against Domain w32tm /monitor /computers:ForestRootPDC
Domain Controller Diagnostics dcdiag /s:%logonserver% /v /e /c
Domain Replication Bridgeheads repadmin /bridgeheads
Replication Failures from KCC repadmin /failcacheInter-site Topology servers per site Repadmin /istg * /verbose
Replication latency repadmin /latency /verbose
Queued replication requests repadmin /queue *
Show connections for a DC repadmin /showconn *
Replication summary Repadmin /replsummary
Show replication partners repadmin /showrepl * /all
All DCs in the forest repadmin /viewlist *
ISTG from AD attributes dsquery * "CN=NTDS Site Settings,CN=siteName,CN=Sites,CN=Configuration,DC=forestRootDomain" -attr interSiteTopologyGenerator
Return the object if KCC Intra/Inter site is disabled for each site Dsquery site dsquery * -attr * -filter "((Options:1.2.840.113556.1.4.803:=1)(Options:1.2.840.113556.1.4.803:=16))"
Find all connection objects dsquery * forestRoot -filter (objectCategory=nTDSConnection) ?attr distinguishedName fromServer whenCreated displayName
Find all connection schedules adfind -b "cn=Configuration,dc=qraps,dc=com,dc=au" -f "objectcategory=ntdsConnection" cn Schedule -csv
Software Information for each server for /f %i in (Output from ‘Domain Controllers’) do psinfo \\%i &filever \\%i\admin$\explorer.exe \\%i\admin$\system32\vbscript.dll\\%i\admin$\system32\kernel32.dll \\%i\admin$\system32\wbem\winmgmt.exe\\%i\admin$\system32\oleaut32.dllCheck Terminal Services Delete Temp on Exit flag For /f %i in (Output from ‘Domain Controllers’) do Reg query"\\%i\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer" /v DeleteTempDirsOnExit
For each XP workstation, query the current site and what Group Policy info @dsquery * domainroot -filter"(&(objectCategory=Computer)(operatingSystem=Windows XPProfessional))" -limit 0 -attr cn > Workstations.txt & @For /f%i in (Workstations.txt) do @ping %i -n 1 >NUL & @if ErrorLevel0 If NOT ErrorLevel 1 @Echo %i & for /f "tokens=3" %k in (’"regquery "\\%i\hklm\software\microsoft\windows\currentversion\grouppolicy\history" /v DCName Find /i "DCName""’) do @for /f %m in(’"nltest /server:%i /dsgetsite find /i /v "completedsuccessfully""’) do @echo %i,%k,%m
Information on existing GPOs dsquery * "CN=Policies,CN=System,domainRoot" -filter"(objectCategory=groupPolicyContainer)" -attr displayName cnwhenCreated gPCFileSysPath
Copy all Group Policy .pol files for /f "tokens=1-8 delims=\" %i in (’dir /b /s\\%userdnsdomain%\sysvol\%userdnsdomain%\policies\*.pol’) do @echo copy\\%i\%j\%k\%l\%m\%n\%o %m_%n.pol
Domain Controller Netlogon entries for /f %i in (’dsquery server /o rdn’) do echo %i & reg query\\%i\hklm\system\currentcontrolset\services\netlogon\parameters
WINS Statistics for /f "tokens=1,2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show statistics
WINS Record counts per server for /f "tokens=1,2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show reccount %iWINS Server Information for /f "tokens=2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show info
WINS Server Dump for /f "tokens=2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i dump
WINS Static Records per Server netsh wins server \\LocalWINSServer show database servers={} rectype=1
Find policy display name given the GUID dsquery * "CN=Policies,CN=System,DC=domainRoot" -filter (objectCategory=groupPolicyContainer) -attr Name displayName
Find empty groups dsquery * -filter "&(objectCategory=group)(!member=*)" -limit 0-attr whenCreated whenChanged groupType sAMAccountNamedistinguishedName memberOf
Find remote NIC bandwidth wmic /node:%server% path Win32_PerfRawData_Tcpip_NetworkInterface GET Name,CurrentBandwidth
Find remote free physical memory wmic /node:%Computer% path Win32_OperatingSystem GET FreePhysicalMemory
Find remote system information SystemInfo /s %Computer%
Disk statistics, including the number of files on the filesystem chkdsk /i /c
Query IIS web sites iisweb /s %Server% /query "Default Web Site"
Check port state and connectivity portqry -n %server% -e %endpoint% -v
Forest/Domain Functional Levels ldifde -d cn=partitions,cn=configuration,dc=%domain% -r"((systemFlags=3)(systemFlags=-2147483648))" -lmsds-behavior-version,dnsroot,ntmixeddomain,NetBIOSName -p subtree -fcon
Forest/Domain Functional Levels dsquery * cn=partitions,cn=configuration,dc=%domain% -filter"((systemFlags=3)(systemFlags=-2147483648))" -attrmsDS-Behavior-Version Name dnsroot ntmixeddomain NetBIOSName
Find the parent of a process wmic path Win32_Process WHERE Name=’notepad.exe’ GET Name,ParentProcessId
Lookup SRV records from DNS nslookup -type=srv _ldap._tcp.dc._msdcs.{domainRoot}
Find when the AD was installed dsquery * cn=configuration,DC=forestRootDomain -attr whencreated -scope base
Enumerate the trusts from the specified domain dsquery * "CN=System,DC=domainRoot" -filter "(objectClass=trustedDomain)" -attr trustPartner flatName
Find a DC for each trusted domain for /f "skip=1" %i in (’"dsquery * CN=System,DC=domainRoot -filter(objectClass=trustedDomain) -attr trustPartner"’) do nltest /dsgetdc:%i
Check the notification packages installed on all DCs for /f %i in (’dsquery server /o rdn’) do @for /f "tokens=4" %m in(’"reg query\\%i\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v"Notification Packages" find /i "Notification""’) do @echo %i,%m
List ACLs in SDDL format setacl -on %filepath% -ot file -actn list -lst f:sddl
Find out if a user account is currently enabled or disabled dsquery user DC=%userdnsdomain:.=,DC=% -name %username% dsget user -disabled -dn
Find servers in the domain dsquery * domainroot -filter "(&(objectCategory=Computer)(objectClass=Computer)(operatingSystem=*Server*))" -limit 0
Open DS query window rundll32 dsquery,OpenQueryWindow

SRV Records

2009-07-27T09:16:00.000-07:00

A quick tip to verify the SRV records of the Active Directory
SRV records play an important role for domain controllers in the Active Directory domain. It is not possible for a client computer, for a service, and for an application to know the location of a domain controller without the SRV records. Client computers (Winlogon Service) always query DNS Server to find the IP Address of the domain controller. You can follow the simple steps to ensure SRV records of a domain controller are registered in the DNS Server:
Method 1: Using NSLOOKUP Command
Steps:
Open Command Prompt
Type NSLOOKUP and hit enter
Type Set Type=all and press enter
At NSLOOKUP prompt, type _LDAP._TCP.DC.MSDCS.Domain_Name.com and hit enter.
The above query to the DNS Server will return all the domain controllers in the domain name Domain_Name.com.
Method 2: Using Ping Command:
You can also use the Ping Utility to verify the existence of a host or SRV Record in DNS Server. You need to know the exact location of the SRV records. As an example, if you ping the above SRV record, the ping will return the IP Address for one of the domain controllers in the domain.

To customize the Windows 7 logon screen

2009-06-14T09:46:00.000-07:00

To set a custom picture, place a JPG named backgroundDefault.jpg in the %windir%\system32\oobe\info\backgrounds folder.
Now go to the registry and navigate to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background. There should be a DWORD value named OEMBackground (create it if it's missing).
Set the value to 1 and click OK.
Now when you log off or switch users the new background picture will be displayed.
Note: No reboot is necessary.
You can also place custom files in the backgrounds folder with the name background to have different pictures for different resolutions. For example, a 1024×768 resolution picture should be save as background1024x768.jpg.

Terminal Services Configuration

2009-06-13T08:37:00.001-07:00

Terminal Services Configuration
You can configure new connections for Terminal Services, modify the settings of existing connections, and delete connections by using the Terminal Services Configuration tool (TSCC.msc) or Group Policy (gpedit.msc)
To specify a maximum number of sessions that can connect to the server
Using Group Policies (best practice)
Using Terminal Services Configuration
Using Group Policies (best practice)
Open Group Policy.
In Computer Configuration, Administrative Templates, Windows Components, Terminal Services, double-click the Limit number of connections setting, and then click Enabled.
In the TS Maximum Connections allowed box, type the maximum number of connections you want to allow, and then click OK.
Important
You should thoroughly test any changes you make to Group Policy settings before applying them to users or computers. For more information on testing policy settings, see Resultant Set of Policy.
Note
Use the above procedure to configure the local Group Policy object. To change a policy for a domain or an organizational unit, you must log on to the primary domain controller as an Administrator. Then, you must invoke Group Policy by using the Active Directory Users and Computers snap-in.
Using Terminal Services Configuration
Open Terminal Services Configuration.
In the console tree, click Connections.
In the details pane, right-click the connection for which you want to specify a maximum number of sessions, and then click Properties.
On the Network Adapter tab, click Maximum connections, type the maximum number of sessions that can connect to the server, and then click Apply.
Notes
To open Terminal Services Configuration, click Start, click Control Panel, double-click Administrative Tools, and then double-click Terminal Services Configuration.
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.
Group Policy overrides the configuration set with the Terminal Services Configuration tool.
By default, the connection is configured to allow an unlimited number of sessions to connect to the server.
Restricting the number of sessions improves performance because fewer sessions are demanding system resources.
Information about functional differences
Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web

Exchange on a cluster – How to configure SAN in VMware.

2009-06-07T10:48:00.000-07:00

It brings great pleasure to me to inform you all that I have set up a 3 way exchang ecluster on a SAN in my lab enviornment at EDS. Dont Jump to conclusions yet.The software i want to introduce to you is called starwind. Its available http://www.rocketdivision.com/wind.html
Storage Area Network (SAN) is an architecture to attach remote computer storage devices such as disk array controllers, tape libraries and CD arrays to servers in such a way that to the operating system the devices appear as locally attached devices. Although cost and complexity is dropping, as of 2007, SANs are still uncommon outside larger enterprises.
as defined by Wikipedia. Do browse the wiki for more details.
I used a 30 day trial of Vmware 6.0, Starwind, and Windows 2003 and Exchange 2003 obviously with SP2.
Here is the deal.
Install windows 2003. set up the NICs atleast 1 for the san box and install the starwind software.
It has a good guide to get you started.do install the iscsi initiator software from from microsoft and test if the volumes bind correct.
Microsoft iSCSI Software Initiator Version 2.04
Install Windows and setup the iscsi initiator software and run it.Read the guide on setting it up.Its actually simple.
1) Go to discovery tab and add the address for the SAN box.
2) On targets tab click logon on each connection if multiple ones are created in SAN.
3) Ensure you select the automatically restore this connection when computer starts check box only.
4) Go to persistent targets tab and click refresh to list the targets.
5) Go to bound volumes/devices to bind the drives.
That's it. Then setup the disks with drive letter and format it. Install the microsoft cluster service and if you did everything right you will have a cluster ready.

To Change the Administrator / Domain Admin Password in windows 2003 AD

2009-06-06T21:04:00.000-07:00

Note: The reason for that is that you need to have the local administrator's password in order to perform the following

Update: After some reader feedback I'm pleased to say that this procedure ALSO WORKS for Windows Server 2008 Domain Controllers. Feel free to send in your feedback. I kept the original page syntax in relation to Windows Server 2003, but you can now perform the same actions on Windows Server 2008.
We Need to following Requirement:
1. Local access to the Domain Controller (DC).
2. The Local Administrator password.
3. Two tools provided by Microsoft in their Resource Kit: SRVANY and INSTSRV. Download them from HERE (24kb).
Step 1
Restart Windows 2003 in Directory Service Restore Mode.
Note: At startup, press F8 and choose Directory Service Restore Mode. It disables Active Directory. When the login screen appears, log on as Local Administrator. You now have full access to the computer resources, but you cannot make any changes to Active Directory.
Step 2
Now we are going to install SRVANY. This utility can virtually run any programs as a service. The interesting point is that the program will have SYSTEM privileges (LSA) (as it inherits the SRVANY security descriptor), i.e. it will have full access on the system. That is more than enough to reset a Domain Admin password. You will configure SRVANY to start the command prompt (which will run the 'net user' command).
Copy SRVANY and INSTSRV to a temporary folder, mine is called D:'temp. Copy cmd.exe to this folder too (cmd.exe is the command prompt, usually located at %WINDIR%\System32).
Start a command prompt, point to d:\temp (or whatever you call it), and type:
instsrv PassRecovery "d:\temp\srvany.exe"
It is now time to configure SRVANY.
Start Regedit, and navigate to
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PassRecovery
Create a new subkey called Parameters and add two new values:
name: Application
type: REG_SZ (string)
value: d:\temp\cmd.exe

name: AppParameters
type: REG_SZ (string)
value: /k net user administrator 123456 /domain
Replace 123456 with the password you want. Keep in my mind that the default domain policy require complex passwords (including digits, respecting a minimal length etc) so unless you've changed the default domain policy use a complex password such as P@ssw0rd
Now open the Services.msc (Control Panel\Administrative Tools\Services) and open the PassRecovery property tab. Check the starting mode is set to Automatic.
Go to the Log On tab and enable the option Allow service to interact with the desktop.
Restart Windows normally, SRVANY will run the NET USER command and reset the domain admin password.
Step 3
Log on with the Administrator's account and the password you've set in step #2.
Use this command prompt to uninstall SRVANY (do not forget to do it!) by typing:
net stop PassRecovery
sc delete PassRecovery
Now delete d:\temp and change the admin password if you fancy.
Done!

Windows 2008 failure Clustering Videos By John Savill

2009-05-02T22:41:00.000-07:00

One of the most useful videos I have found on the internet, for failover clustering. Thanks to John Savill for his efforts and time.
Creating Windows Server 2008 Failover Clusters: http://www.savilltech.com/Videos/clustercreate/ClusterCreate.wmv
Configuring a Windows Server 2008 Failover Cluster from the command line: http://www.savilltech.com/Videos/clustercmd/clustercmd.wmv
Understanding Failover Cluster Quorum: http://www.savilltech.com/Videos/ClusterQuorum/ClusterQuorum.wmv
Hyper-V Quick Migration: http://www.savilltech.com/Videos/QuickMigration/QuickMigration.wmv
Configuring iSCSI connections from the command line: http://www.savilltech.com/Videos/iscsicli/iscsicli.wmv
Failover Clustering with MELIO File System: http://www.savilltech.com/Videos/meliofs/meliofs.wmv

Short Cut keys

2008-12-28T11:12:00.000-08:00

Accessibility Options - access.cpl
Add/Remove Programs - appwiz.cpl
Add Hardware Wizard - hdwwiz.cpl
Automatic Updates - wuaucpl.cpl
Bluetooth Properties - bthprops.cpl
Display Properties - desk.cpl
Firewall Properties - firewall.cpl
Game Controllers - joy.cpl
Internet Options - inetcpl.cpl
iSCSI Initiator - iscsicpl.cpl
Java Control Panel - jpicpl32.cpl
Licensing Mode - liccpa.cpl
Mouse Properties - main.cpl
Network Connections - ncpa.cpl
Network Setup Wizard - netsetup.cpl
ODBC Properties - odbccp32.cpl
Power Options - powercfg.cpl
Regional and Language Options - intl.cpl
Sound and Audio Devices - mmsys.cpl
Stored Passwords - keymgr.cpl
System Properties - sysdm.cpl
Telephone and Modem Properties - telephon.cpl
Time and Date Settings - timedate.cpl
User Accounts - nusrmgr.cpl
Windows Security Center - wscui.cpl
Wireless Link - irprops.cpl

Performance Tunning on Windows 2003 - Reduce Event ID 2022 1055 and 2021 errors

2008-11-28T23:59:00.000-08:00

Tuning of Server Service:
Click Start, click Run, type Notepad, and then click OK.
Copy the following text, and then paste it into Notepad:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] "MaxFreeConnections"=dword:00001000 "MinFreeConnections"=dword:00000064 "MaxRawWorkItems"=dword:00000200 "MaxWorkItems"=dword:00002000 "MaxMpxCt"=dword:00000800
Save the file as .reg file type, and then exit Notepad.
In Windows Explorer, double-click the file to import these registry settings.
Tuning of Workstation Service:
Click Start, click Run, type Notepad, and then click OK.
Copy the following text, and then paste it into Notepad:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters] "MaxCmds"=dword:00001000
Save the file as .reg file type, and then exit Notepad.
In Windows Explorer, double-click the file to import these registry settings.
Tuning of Workstation Timeout:
Click Start, click Run, type Notepad, and then click OK.
Copy the following text, and then paste it into Notepad:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters] "SessTimeout"=dword:0000012c
Save the file as .reg file type, and then exit Notepad.
In Windows Explorer, double-click the file to import these registry settings.
Above registry fix can be used to increase server performance and throughput.
Reference Microsoft KB Article:
You cannot access the existing File Share resources on a Windows Server 2003 failover cluster http://support.microsoft.com/kb/961657
How to troubleshoot Event ID 2021 and Event ID 2022 http://support.microsoft.com/kb/317249
Don’t forget to leave your comments :)

Thanks

Prasanth

AD Network Port’s - its mandatory

2008-11-12T23:29:00.000-08:00

Command Line Active Directory Query

2008-10-17T23:58:00.000-07:00

Domain Controllers
Nltest /dclist:%userdnsdomain%
Domain Controller IP Configuration
for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do psexec file://%25i/ ipconfig /all
Stale computer accounts
dsquery computer domainroot -stalepwd 180 -limit 0
Stale user accounts
dsquery user domainroot -stalepwd 180 -limit 0
Disabled user accounts
dsquery user domainroot -disabled -limit 0
AD Database disk usage
for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do dir file://%25i/admin$/ntds
Global Catalog Servers from DNS
dnscmd %logonserver% /enumrecords %userdnsdomain% _tcp find /i "3268"
Global Catalog Servers from AD
dsquery * "CN=Configuration,DC=forestRootDomain" -filter "(&(objectCategory=nTDSDSA)(options:1.2.840.113556.1.4.803:=1))"
Users with no logon script
dsquery * domainroot -filter"(&(objectCategory=Person)(objectClass=User)(!scriptPath=*))"-limit 0 -attr sAMAccountName sn givenName pwdLastSet distinguishedName
User accounts with no pwd required
dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=32))"
User accounts with no pwd expiry
dsquery * domainroot -filter"(&(objectCategory=Person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=65536))"
User accounts that are disabled
dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=2))"DNS Information for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do dnscmd %i /info
DNS Zone Detailed information
dnscmd /zoneinfo %userdnsdomain%
Garbage Collection and tombstone
dsquery * "cn=Directory Service,cn=WindowsNT,cn=Services,cn=Configuration,DC=forestRootDomain" -attrgarbageCollPeriod tombstoneLifetime
Netsh authorised DHCP Servers
netsh dhcp show server
DSQuery authorised DHCP Servers
Dsquery * "cn=NetServices,cn=Services,cn=Configuration, DC=forestRootDomain" -attr dhcpServers
DHCP server information
netsh dhcp server file://dhcp_server/ show all
DHCP server dump
netsh dhcp server file://dhcp_server/ dump
WINS serer information
Netsh wins server file://wins_server/ dump
Group Policy Verification Tool
gpotool.exe /checkacl /verbose
AD OU membership
dsquery computer -limit 0
AD OU membership
dsquery user -limit 0
List Service Principal Names
for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do setspn -L %i
Compare DC Replica Object Count
dsastat ?s:DC1;DC2;… ?b:Domain ?gcattrs:objectclass ?p:999
Check AD ACLs
acldiag dc=domainTree
NTFRS Replica Sets
for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do ntfrsutl sets %i
NTFRS DS View
for /f %i in (’dsquery server -domain %userdnsdomain% -o rdn’) do ntfrsutl ds %i
Domain Controllers per site
Dsquery * "CN=Sites,CN=Configuration,DC=forestRootDomain" -filter (objectCategory=Server)
DNS Zones in AD
for /f %i in (’dsquery server -o rdn’) do Dsquery * -s %i domainroot -filter (objectCategory=dnsZone)
Enumerate DNS Server Zones
for /f %i in (’dsquery server -o rdn’) do dnscmd %i /enumzones
Subnet information
Dsquery subnet ?limit 0
List Organisational Units
Dsquery OU
ACL on all OUs
For /f "delims=" %i in (’dsquery OU’) do acldiag %i
Domain Trusts
nltest /domain_trusts /v
Print DNS Zones
dnscmd DNSServer /zoneprint DNSZone
Active DHCP leases
For /f %i in (DHCPServers.txt) do for /f "delims=- " %j in (’"netshdhcp server file://%25i/ show scope find /i "active""’) do netsh dhcp server\\%i scope %j show clientsv5
DHCP Server Active Scope Info
For /f %i in (DHCPServers.txt) do netsh dhcp server file://%25i/ show scope find /i "active"
Resolve DHCP clients hostnames
for /f "tokens=1,2,3 delims=," %i in (Output from ‘Find Subnets fromDHCP clients’) do @for /f "tokens=2 delims=: " %m in (’"nslookup %j find /i "Name:""’) do echo %m,%j,%k,%i
Find two online PCs per subnet
Echo. > TwoClientsPerSubnet.txt & for /f "tokens=1,2,3,4delims=, " %i in (’"find /i "pc" ‘Output from Resolve DHCP clientshostnames’"’) do for /f "tokens=3 skip=1 delims=: " %m in (’"Find /i /c"%l" TwoClientsPerSubnet.txt"’) do If %m LEQ 1 for /f %p in (’"ping -n1 %i find /i /c "(0% loss""’) do If %p==1 Echo %i,%j,%k,%l
AD Subnet and Site Information
dsquery * "CN=Subnets,CN=Sites,CN=Configuration,DC=forestRootDomain" -attr cn siteObject description location
AD Site Information
dsquery * "CN=Sites,CN=Configuration,DC=forestRootDomain" -attr cn description location -filter (objectClass=site)
Printer Queue Objects in AD
dsquery * domainroot -filter "(objectCategory=printQueue)" -limit 0
Group Membership with user details
dsget group "groupDN" -members dsget user -samid -fn -mi -ln -display -empid -desc -office -tel -email -title -dept –mgr
Total DHCP Scopes
find /i "subnet" "Output from DHCP server information" find /i "subnet"
Site Links and Cost
dsquery * "CN=Sites,CN=Configuration,DC=forestRootDomain" -attr cn costdescription replInterval siteList -filter (objectClass=siteLink)
Time gpresult
timethis gpresult /v
Check time against Domain
w32tm /monitor /computers:ForestRootPDC
Domain Controller Diagnostics
dcdiag /s:%logonserver% /v /e /c
Domain Replication Bridgeheads
repadmin /bridgeheads
Replication Failures from KCC
repadmin /failcache
Inter-site Topology servers per site
Repadmin /istg * /verbose
Replication latency
repadmin /latency /verbose
Queued replication requests
repadmin /queue *
Show connections for a DC
repadmin /showconn *
Replication summary
Repadmin /replsummaryShow replication partners repadmin /showrepl * /all
All DCs in the forest
repadmin /viewlist *
ISTG from AD attributes
dsquery * "CN=NTDS Site Settings,CN=siteName,CN=Sites,CN=Configuration,DC=forestRootDomain" -attr interSiteTopologyGenerator
Return the object if KCC Intra/Inter site is disabled for each site
Dsquery site dsquery * -attr * -filter "((Options:1.2.840.113556.1.4.803:=1)(Options:1.2.840.113556.1.4.803:=16))"
Find all connection objects
dsquery * forestRoot -filter (objectCategory=nTDSConnection) ?attr distinguishedName fromServer whenCreated displayName
Find all connection schedules
adfind -b "cn=Configuration,dc=qraps,dc=com,dc=au" -f "objectcategory=ntdsConnection" cn Schedule –csv
Software Information for each server
for /f %i in (Output from ‘Domain Controllers’) do psinfo file://%25i/ &filever file://%25i/admin$/explorer.exe file://%25i/admin$/system32/vbscript.dll//%25i/admin$/system32/kernel32.dll file://%25i/admin$/system32/wbem/winmgmt.exe//%25i/admin$/system32/oleaut32.dll
Check Terminal Services Delete Temp on Exit flag
For /f %i in (Output from ‘Domain Controllers’) do Reg query"file://%25i/HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/TerminalServer" /v DeleteTempDirsOnExit
For each XP workstation, query the current site and what Group Policy info
@dsquery * domainroot -filter"(&(objectCategory=Computer)(operatingSystem=Windows XPProfessional))" -limit 0 -attr cn > Workstations.txt & @For /f%i in (Workstations.txt) do @ping %i -n 1 >NUL & @if ErrorLevel0 If NOT ErrorLevel 1 @Echo %i & for /f "tokens=3" %k in (’"regquery "file://%25i/hklm/software/microsoft/windows/currentversion/grouppolicy/history" /v DCName Find /i "DCName""’) do @for /f %m in(’"nltest /server:%i /dsgetsite find /i /v "completedsuccessfully""’) do @echo %i,%k,%m
Information on existing GPOs
dsquery * "CN=Policies,CN=System,domainRoot" -filter"(objectCategory=groupPolicyContainer)" -attr displayName cnwhenCreated gPCFileSysPath
Copy all Group Policy .pol files
for /f "tokens=1-8 delims=\" %i in (’dir /b /s\\%userdnsdomain%\sysvol\%userdnsdomain%\policies\*.pol’) do @echo copy\\%i\%j\%k\%l\%m\%n\%o %m_%n.pol
Domain Controller Netlogon entries
for /f %i in (’dsquery server /o rdn’) do echo %i & reg query\\%i\hklm\system\currentcontrolset\services\netlogon\parameters
Find policy display name given the GUID
dsquery * "CN=Policies,CN=System,DC=domainRoot" -filter (objectCategory=groupPolicyContainer) -attr Name displayName
Find empty groups
dsquery * -filter "&(objectCategory=group)(!member=*)" -limit 0-attr whenCreated whenChanged groupType sAMAccountNamedistinguishedName memberOf
Find remote NIC bandwidth
wmic /node:%server% path Win32_PerfRawData_Tcpip_NetworkInterface GET Name,CurrentBandwidth
Find remote free physical memory
wmic /node:%Computer% path Win32_OperatingSystem GET FreePhysicalMemory
Find remote system information
SystemInfo /s %Computer%
Disk statistics, including the number of files on the filesystem
chkdsk /i /c
Query IIS web sites
iisweb /s %Server% /query "Default Web Site"
Check port state and connectivity
portqry -n %server% -e %endpoint% –v
Forest/Domain Functional Levels
ldifde -d cn=partitions,cn=configuration,dc=%domain% -r"((systemFlags=3)(systemFlags=-2147483648))" -lmsds-behavior-version,dnsroot,ntmixeddomain,NetBIOSName -p subtree –fcon
Forest/Domain Functional Levels
dsquery * cn=partitions,cn=configuration,dc=%domain% -filter"((systemFlags=3)(systemFlags=-2147483648))" -attrmsDS-Behavior-Version Name dnsroot ntmixeddomain NetBIOSName
Find the parent of a process
wmic path Win32_Process WHERE Name=’notepad.exe’ GET Name,ParentProcessId
Lookup SRV records from DNS
nslookup -type=srv _ldap._tcp.dc._msdcs.{domainRoot}
Find when the AD was installed
dsquery * cn=configuration,DC=forestRootDomain -attr whencreated -scope base
Enumerate the trusts from the specified domain
dsquery * "CN=System,DC=domainRoot" -filter "(objectClass=trustedDomain)" -attr trustPartner flatName
Find a DC for each trusted domain
for /f "skip=1" %i in (’"dsquery * CN=System,DC=domainRoot -filter(objectClass=trustedDomain) -attr trustPartner"’) do nltest /dsgetdc:%i
Check the notification packages installed on all DCs
for /f %i in (’dsquery server /o rdn’) do @for /f "tokens=4" %m in(’"reg query\\%i\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v"Notification Packages" find /i "Notification""’) do @echo %i,%m
List ACLs in SDDL format
setacl -on %filepath% -ot file -actn list -lst f:sddl
Find out if a user account is currently enabled or disabled
dsquery user DC=%userdnsdomain:.=,DC=% -name %username% dsget user -disabled –dn
Find servers in the domain
dsquery * domainroot -filter "(&(objectCategory=Computer)(objectClass=Computer)(operatingSystem=*Server*))" -limit 0
Open DS query window rundll32
dsquery,OpenQueryWindowDon’t forget to leave your comments :)

Distributed File System (DFS)

2008-10-02T09:16:00.000-07:00

What is Distributed File System (DFS)?
Distributed File System (DFS) allows administrators to group shared folders located on different servers and present them to users as a virtual tree of folders known as a namespace. A namespace provides numerous benefits, including increased availability of data, load sharing, and simplified data migration.
Explanation:
•The Distributed File System is used to build a hierarchical view of multiple file servers and shares on the network. Instead of having to think of a specific machine name for each set of files, the user will only have to remember one name; which will be the 'key' to a list of shares found on multiple servers on the network. Think of it as the home of all file shares with links that point to one or more servers that actually host those shares. DFS has the capability of routing a client to the closest available file server by using Active Directory site metrics. It can also be installed on a cluster for even better performance and reliability. Medium to large sized organizations are most likely to benefit from the use of DFS - for smaller companies it is simply not worth setting up since an ordinary file server would be just fine.
Understanding the DFS Terminology:
•It is important to understand the new concepts that are part of DFS. Below is an definition of each of them.
•Dfs root: You can think of this as a share that is visible on the network, and in this share you can have additional files and folders.
•Dfs link: A link is another share somewhere on the network that goes under the root. When a user opens this link they will be redirected to a shared folder.
•Dfs target (or replica): This can be referred to as either a root or a link. If you have two identical shares, normally stored on different servers, you can group them together as Dfs Targets under the same link.The image below shows the actual folder structure of what the user sees when using DFS and load balancing.
To implement DFS in Test.com domain , you need to do the following
1)Create a Domain DFS root on one of the servers, say on Server1 with root name “All Shares”. Domain DFS root details are stored in the Active directory and replicated among all the Domain controllers.
2)Now under the Root “All shares” you can create separate links to point to the various shares in the domain i.e. Share1 on Server1, Share2 on Server2 and Share3 on Server 3
All Shares (DFS Root)
(DFS Links)
-Share 1 (\\Server1\Share1 - Target folder name)
-Share 2 (\\Server2\Share2 - Target folder name)
-Share 3 (\\Server3\Share3 - Target folder name)
Now you can see all the shares (Share1, Share2, Share3) in the following path –
\\Test.com\All Shares
This way user can see all the shares under one root path \\Test.com\All Shares and it will be much easier for the user to remember.
Load Balancing and Fault Tolerance
With DFS you can configure multiple targets for a DFS link and then configure replication between those targets, so that you can have fault tolerance and load balancing.
Example – In above example if Server1 is down then, there is no way the users can access Share1. However, to avoid this situation you can create a shared folder named “Share1” on Server2 and add it as a 2nd target folder under “All Shares\Share 1” DFS link, then configure replication between \\Server1\Share1 and \\Server2\Share1 This way whenever there is a change made on Share1, the data is replicated to Share1 on Server2 and Vice Versa.
Accordingly, when a user types in \\test.com\all shares\share1 it will connect to either Share1 on Server 1 or Share1 on Server2 which is transparent and is decided by the Active Directory. Now, even if one of the servers is down eg. Server1 is down, the user will be able to access the share normally, since there is a replica of the data on server2, Also, there will not be any change in the way the data is accessed by the user i.e. he is still able to access by typing in \\test.com\all shares\share1