TECH INFO

Tuesday, 20 May 2014

ADDING A SHARED LX – 350,300+ PRINTER SHARED ON WINDOWS XP ON WINDOWS SEVEN

ADDING A SHARED LX – 350,300+ PRINTER SHARED ON WINDOWS XP ON WINDOWS SEVEN

Windows seven comes preinstalled with Epson LX-300 + drivers but when adding a shared printer from windows XP it doesn’t always work, it searches on windows updates but never finds the drivers.

A simple solution for that:

· 1. Add an LX 300 printer in devices and printers and use any local port available e.g. LPT1

· 2. When the printer has installed successful right click the printer go to printer properties, click the port tab the add port

· 3. Select a local port under port name provide the URL to the shared as the port name e.g. \\192.168.2.230\epson lx 300, the second part shows the shared printer name

· 4. The make sure that is the active port on the printer and it should be ready to print

Thursday, 31 October 2013

Creating A forest Wide trust in AD with both incoming and outgoing trust

Introduction:

After having spent the last three days trying to get backups go to an offsite location an idea of creating a forest trust between the sites came up which I spent some more three days working on but finally the whole issue is now in the past.

The company has three locations with three subnets each having its own forest with a domain inside, this article covers the creation of forest wide trust between the three locations

Note: make sure DNS is working by making sure all DNS servers are able to resolve names in other domains, done by adding a conditional forwarder on each DNS server to the other servers:

Ø Open DNS manager , right click conditional forwarder and click new

Ø In the DNS Domain type the domain name e.g. TechNet. Local

Ø Where its written click here to add an IP type the IP address of the other DNS servers

Ø Select the store this conditional forwarder and replicate it as follows, the select all domain controllers in this domain (for windows 2000 compatibility)

Ø Repeat the previous steps in all the DNS servers

CREATING THE FOREST TRUST

The following steps shows creating a forest trust between 3 forests with all of them acting as trusted and trusting with both incoming and outgoing trust

Ø Open active directory domains and trust in one of the Domain controller

Ø Right click the domain name ,select properties then click the trust tab

Ø Click new trust

Ø In the trust name type the DNS name of the domain you want to create the trust with

Ø In the type of trust select forest trust and click next

Ø In the direction of trust click two way

Ø Side of trust select both this domain and the specified domain, click next

Ø Provide username and password for the specified domain

Ø In the outgoing trust authentication level – local forest select forest wide the click next

Ø In the outgoing trust authentication level – specified forest select forest wide the click next

Ø In the next screen confirm the details and click next to complete the creation

Ø In the next two screens you can confirm the outgoing and incoming trust if need be

To confirm the trust relationship and update routed names and suffixes click the name of the trusted or trusting domain and click properties.

Click the validate button and click yes validate the incoming or outgoing trust enter credentials for the specified domain and click ok

Repeat the above procedure for the third forest on the same forest that you were working on

Lastly on the second forest follow the above procedure to update the trust between the second and third server
Remember to update root hints in each DNS server, By adding FQDN names and IP addresses of the DNS servers Accessed through : Open DNS server > right click > select properties > click the root hints tab > click Add

Monday, 21 October 2013

Using GPO to configure desktop background for an organizational unit in AD-DS ….. WIN2K12

In windows server 2012 deployment of group policy to have same wallpaper or background for an organizational unit is a bit straight forward but sometimes it may be a bit frustrating when client computers background displays a blank black screen even after applying the group policy

GPO Creation

- Open server manager, click tools and select group policy management

- Open forest – domains- domain name – group policy objects

- Right click group policy objects – select new – give it a name that describes what the policy will do then ok

- Right click the newly created policy then select edit

- In the group policy management editor expand user configuration-policies-administrative template-desktop-desktop

- On the right , right click desktop wallpaper select edit

- Check the enable button the on the right select a path which all domain user and computers have read access permission to and the wallpaper name as follows … \\server\wallpaper\lodo.jpg

- Click ok

- If you don’t want users to change their respective workstation background.. expand administrative template – control pane - personalization-

- On the right double click prevent changing desktop background and click enable then ok

- Close the group policy editor

- In the group policy screen right click the organizational unit that you want to apply the group policy select link an existing GPO .. select the GPO that you’ve created then ok.

- If you want the GPO to apply the GPO in whole OU without exceptions right click it under the OU and select enforce

If still workstation’s desktops default to a blank screen even after logging off, below is a work around for that:

- Open group policy management

- Right click the policy that you created click edit to go to the group policy management editor

- Expand user configuration – select preferences –window settings – registry

- Right click registry select new then registry item

- In the dialogue box that pops up in the action box select replace

- In the hive select hkey_current_user

- In the key_path box expand hkey_current_user – conroll pane – desktop- on the lower part select wallpaper

- On the value type leave it as reg_sz

- Inside the valuepath paste a path with the background photo c:\windows\lodo.jpg

- Click apply then ok

- Close all windows

Wednesday, 16 October 2013

Mirroring Procedure For SQL Server 2008 With Service Pack Three Installed

Introduction to Mirroring

Mirroring is mechanism used by DBAs to ensure high availability of SQL database in production environment where the DB is to be up all the time, It has always been a headache for DBAs in this article I am going to cover SQL server 2008 with service pack 3 mirroring with two principals and a witness by use of certificates

I decided to come up with this article after spending almost 2 weeks trying to figure out what’s wrong with my set up i.e. after going through almost all blogs and official documents provided by Microsoft.

I will go through the process of configuration with high safety mode with automatic fail over

Preparation of the Servers:

- Ensure the principle, Mirror and witness server are hosted on separate hosts and unique server instance name

- Take the latest full back up of the database + transaction log backup and restore the same on the mirror server with no recovery

- Allow remote connections

a. On all the server instances by enabling the following protocols

Named pipes

Tcp/Ip

Shared Memory

After enabling the instances protocols restart the SQL server instances

b. Allow exceptions on the firewall for SQL server service in the following path - C:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn

c. Change the start-up parameter for the SQL browser to automatic and add an exception for it in the firewall. The path for the browser is : C:\Program Files (x86)\Microsoft SQL Server\90\Shared

d. Open port 1433- TCP/IP and port 1434 – UDP

1^st Principal server Preparation:

1. Create a master key for encrypting the certificates

USE master;

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'p@ssw0rd2012';

2. Create a certificate to be used for authentication

USE master;

CREATE CERTIFICATE cert1

WITH SUBJECT = 'cert1 certificate';

Start_date = '1/17/2012';

expiry_date = '1/7/2020'; //remember to include expiry date and start date because by default the life span is one year

3. Create a mirroring endpoint

CREATE ENDPOINT Mirroring

STATE = STARTED

AS TCP (

LISTENER_PORT=7024

, LISTENER_IP = ALL

)

FOR DATABASE_MIRRORING (

AUTHENTICATION = CERTIFICATE cert1

, ENCRYPTION = REQUIRED ALGORITHM AES

, ROLE = ALL

);

4. Backup the certificate to a secure location and copy it across to the Mirror server and witness server using a secure method

BACKUP CERTIFICATE DEVKIHQ1 TO FILE = 'C:\cert.cer';

1^st Mirror Server preparation:

1. Repeat same procedure as on the Principal server as follows

USE master;

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'p@ssw0rd2012';

2. Create a certificate for authentication for the mirroring

CREATE CERTIFICATE MIRROR

WITH SUBJECT = 'MIRROR certificate ',

Start_date = '1/17/2012',

expiry_date = '1/7/2020';

;

3. Create mirroring endpoint

CREATE ENDPOINT Mirroring

STATE = STARTED

AS TCP (

LISTENER_PORT=7024

, LISTENER_IP = ALL

)

FOR DATABASE_MIRRORING (

AUTHENTICATION = CERTIFICATE MIRROR

, ENCRYPTION = REQUIRED ALGORITHM AES

, ROLE = ALL

);

4. Back up the certificate and use a secure method to copy it across to both principal and witness server

BACKUP CERTIFICATE MIRROR TO FILE = 'C:\MIRROR.cer';

2^nd Principal Preparation:

1. Create a login for the mirror server

USE master;

CREATE LOGIN MIRROR WITH PASSWORD = 'p@ssw0rd2012';

2. Create a user for the login mirror

CREATE USER MIRROR_user FOR LOGIN MIRROR;

3. Get authorization for the login from the certificate that you copied across from the mirror server

CREATE CERTIFICATE MIRROR

AUTHORIZATION MIRROR_user

FROM FILE = 'C:\MIRROR.cer'

4. Grant permission to mirroring endpoint for the login Mirror

GRANT CONNECT ON ENDPOINT::Mirroring TO [MIRROR];

2^nd mirror Preparation:

1. Create a login for the principal server

USE master;

CREATE LOGIN cert1 WITH PASSWORD = 'p@ssw0rd2012';

2. Create a user for the Login

CREATE USER DEVKIHQ1_user FOR LOGIN DEVKIHQ1;

3. Create a certificate for the principal server with authentication from the copied across certificate

CREATE CERTIFICATE prin1

AUTHORIZATION prin1_user

FROM FILE = 'C:\cert1.cer'

4. Grant permission for the user to access the mirroring endpoint

GRANT CONNECT ON ENDPOINT::Mirroring TO [prin1];

Witness Server Preparation:

1. Repeat the same procedure on the witness server

- Create key

- Create certificate

- Create mirroring endpoint

- Back up certificate and copy securely across all servers

2. Create a login for the mirror and principal server on the witness server and a certificate with authentication from respective certificates and allow connection to mirroring endpoint

- Repeat (2) on principal and mirror server for the witness login

Mirroring Procedure:

Before Mirroring starts you need to add host to each server host file in the following location

C:\Windows\System32\drivers\etc

Open the file called hosts using a notepad scroll downwards to the last line then add the IP address of the other two servers and the fully qualified domain name in this format

192.168.2.8 DEVKIHQ2MIR.devkigroup.local

After the last step on the last server the instances are ready for mirroring, Open the instance on the principal server using SQL Server Management Studio and follow this steps :

1. Right click database point to tasks the click mirror

2. Click configure security then next

3. On the include witness server leave as it is , click next

4. On the next screen choose the three servers to configure then click next, connect to the principal instance then click next, connect to the witness server instance and click next, connect to the witness server and click next

5. On the service account screen leave it as it is and click next, then finish then close

6. After closing click start mirroring button and that’s it