Wednesday, September 26, 2012

Install Windows XP from an Usb flash drive

Pre-requisites
- Windows Xp Pro slipstreamed with SP2.
- Bootable Usb flash drive.
- Ccomputer with 'Boot from Usb' option supported by the BIOS.
- Download Usb Multiboot2
- Download Bootsect   Password - 123.

Since this zip contains a bootloader which is classified as malware by google, I have added a password to this file.

Formatting
Extract the files in USB_MultiBoot2.zip
Double click the executable named USB_MultiBoot2.cmd


Press any key to continue. The next window will look like this.


Select your Usb flash drive from the drop down box. Make sure the 'Quick Format' checkbox and 'Enable LBA' checkbox is checked. Once the format is complete Do Not close the PeToUsb window and USB_MultiBoot2 window. If a new window pops up which displays the contents of the Usb drive, close that window.

Extract the files in Bootsect.zip. Open a new command prompt window. Browse to the directory where you have kept bootsect.exe

Now type "bootsect.exe /nt52 P:"    (without the quotes) and press enter.

Note P: is the drive letter of my USB thumb drive. Your drive letter may be different so make the change accordingly. This command writes the correct boot sector to your usb stick which allows the computer to boot from the Usb drive.

Note - When running bootsect.exe command you cannot have any windows open displaying the contents of the Usb drive.

If the command executes successfully you will see the following message.


You can close this command prompt window and the Petousb window. Do not close the USB_MultiBoot2.cmd window by mistake. You will get a window similar to this one.


Press 1 and Enter. A browse window will open, browse to the location of your XP setup file ( Can be your cd-rom drive or some folder on the hard disk)

Press 3 and enter the drive letter of your USB drive. (its not case sensitive) After you have finished, press 4 to start the process.


Click on Yes to continue. The script will then copy windows XP to the Usb drive. This may take a while depending on the write speed of your Usb stick.


Click on Yes to continue. When the script finishes click on 'Any' key to close the command window.


Booting

Insert your Usb stick and start your computer. Make sure your Eee pc is configured with your USB flash drive as the first boot device in the BIOS. If you have properly selected the flash drive as your primary boot device you will get a startup menu. Select option 1 'TXT Mode setup windows XP'. You have to delete ALL partitions and create a single partition. Use only C: Drive of the hard disk as the partition for installation of Windows XP and then select Quick format with NTFS file system.

Note - A small portion will be unavailable to partition. This is normal. In this example, it is 2 MB.


From this point on the installation is just like a normal XP installation. Once the text mode portion of the setup is complete it will boot into GUI mode. Do not remove the Usb flash stick until you see the XP desktop.
Posted by at No comments:
Windows Server 2008: How to Install Active Directory Certificate Services

AD CS is the backbone of Microsoft’s Public Key Infrastructure (PKI) implementation. It will allow you to issue certificates for SSL/TTL user on websites or digitally sign your email. Now let’s take a look at installing Active Directory Certificate Services.

Certain versions of Server 2008 only allow certain AD CS components to be installed; please take a look at this table for reference:
 
  • CA – issues certificates to users, computers and services while also managing their validity; comes in root and subordinate
  • Network Device Enrollment Service – allows network devices (i.e. routers) to request and receive certificates based on Simple Certificate Enrollment Protocol (SCEP)
  • Online Responder Service – implements Online Certificate Status Protocol (OCSP) by evaluating certificate status, decoding revocation status requests, and sending back signed responses containing certificate status information.
How to Install Enterprise Certificate Authority on a Windows 2008 Server

As I outlined in my earlier article, there are two varieties of root CA’s: the Enterprise and Stand-Alone. Each has their advantages and configuration, but in this case we are going to install an Enterprise CA. I am going to be installing this root CA server in my test Active directory domain named ADExample.com on a Windows Server 2008 Enterprise version.

The server is a member of the domain, and is a domain controller. Let’s get started.

1. Open Server Manager.

2. Select Roles, then click Add Roles in the center pane.


3. The Before You Begin page may show up if you haven’t turned it off already. If you see it just click Next.

4. In the Select Server Roles window go ahead and select Active Directory Certificate Services by placing a checkmark next to it, then go ahead and click Next.


5. Now you will see an Introduction to Active Directory Certificate Services, where you can read about the good things you can do with AD CS.

The biggest thing to note here is the following:

Name & Domain settings of this computer cannot be changed after a CA has been installed. If you want to change the computer name, join a domain, or promote this server to a domain controller do so BEFORE install thing the CA.

Now with that warning out of the way, go ahead and click on Next.


6. Next you get to Select Role Services, which can include any of the following depending on what version of Windows Server 2008 you are installing this on — refer to the table above for specifics.

For this install I am going to choose the Certification Authority only.


7. Now comes the Specify Setup Type, and for this I am going to select the Enterprise radio button.


8. For the Specify CA Type, I am going to choose the Root CA radio button and then click Next.


9. In Set Up Private Key, I am going to choose Create a new private key radio button and then select Next.


10. Now you have to Configure Cryptography for CA in this window and there are quite a few to choose from.

Now I am no expert on cryptography, but some basic rules do apply … the longer the key the harder it is to crack. For our purposes I am going to use the following settings:

RSA#Microsoft Software Key Storage Provider
4096 Key Character length
md5 Hash algorithm

Now I am going to click Next.


11. In Configure CA Name you can choose to overwrite the default common name for this CA and also the Distinguished name suffix if you so choose.

I am going to overwrite the default common name with Test-Enterprise-CA, but I will leave the rest alone.


12. Next we will Set Validity Period for this CAs certificate.

Remember a root CA issues itself a certificate. The default is 5 Years so I will just leave it at that. You can change this based on any need you might have in your environment. Click Next.


13. Configure Certificate Database will let you specify where you want to put the database and log files for the CA.

I am going to leave the default in place. Click Next.


14. On the Confirm Installation Selections you can see the answers you have chosen and you will again see a warning that you cannot change the computer name or domain settings for this server after installing the CA.

Go ahead and click Install… you know you want to!


15. After a few minutes you will see the Installation Results, and with any luck you will have the message: Installation succeeded.

After your glow of certificate happiness fades go ahead and click Close.


16. Now let’s go in and take a look by clicking on Certification Authority in Administrative Tools (if you get a UAC pop up just click Ok).


17. Now you can see the snap-in is showing the CA named Test-Enterprise-CA in the left pane with a bunch of folders for certificates.


18. You can also see that if you click the Certificate Templates folder, there are quite a few default templates that are already setup and ready to go.


Summary

Now that we have installed the Active Directory Certificate Services the next step would be to request some certificates and configure them. The installation for a stand-alone CA is very similar to this. In fact if you are not in a domain and if you are not installing as a domain admin you will not even get the option for an Enterprise CA setup, so if you see that grayed out you now know why.
Posted by at No comments:
BSNL Router WA3002G4 Port Forwarding With Virtual Servers

Here i like to share my experience with the great!! great!!! BSNL ADSL2+ Router and how i banged my head with that router :P

I opened the router configuration page by typing http://192.168.1.1 . Under the NAT there is only DMZ no other links :( . I want the dam Nat Virtual Server  Setup . So i started to pondering how to do that.


Some People recommended to put my Systems LAN IP in DMZ host . Thats really really not recommended because your are putting your system in big security risk unless you have really good Operating system level firewall .

Note : I am talking about DMZ host not DMZ Zone for further reading:
http://en.wikipedia.org/wiki/DMZ_%28computing%29

And also you cannot able to port forward different services to different servers in your LAN.

To know more about port forwarding www.portforward.com

Here is a how to do a port forward in BSNL WA3002G4 by using a Hidden Link

 http://192.168.1.1/scvrtsrv.cmd?action=view


I dont know why that link is hidden from the users . And also i am wondering who hidden that from the end user whether the manufacturer UTStarCom or BSNL .

How i found that they have hidden the link . I sshed  the router and  It’s there to my surprise . have a look at the below picture :)


here is the how to to add a virtual server by using ssh

download Putty login with your username and password Go to NAT–> 1 Virtual servers –> 1 Add


Note : Internal Server IP Address Should be your LAN ip address

But i Request you to go for http configuration by using the link http://192.168.1.1/scvrtsrv.cmd?action=view for better understanding.
Posted by at 1 comment:
How to Configure a Router for Remote Desktop

How to actually configure a router for remote desktop, so that you can connect to your computer from outside of the local network? Once you enable and setup remote desktop, you have to configure your router to forward the remote desktop port (3389 by default) to the correct computer on your network.

This is called port forwarding and the method is slightly different depending on which brand router you are using, i.e. LinkSys, D-Link, Netgear, etc. However, if the instructions below do not help you in determining how to setup port forwarding on your router, then just perform a search for “router port forwarding”, where router is the brand name of the router.

Setup router for Remote Desktop

First, you need to log into your wireless router at home by typing in the local IP address for the router in your Internet browser. If you don’t know the IP address of the router, go to Start, Run, and type in CMD. Then type IPCONFIG and the address for the router is the Default Gateway entry.



Now type that into your browser and log into your router. If you do not know the admin username and password for your router, you can reset the router by pressing the reset button on the back and then go to any one of these default router password list sites:

http://www.phenoelit-us.org/dpl/dpl.html

http://www.routerpasswords.com/

http://www.governmentsecurity.org/articles/DefaultLoginsandPasswordsforNetworkedDevices.php

Once you are into the router, look for anything along the lines of Port Forwarding, Virtual Server, or Applications and Gaming. I tried to find a couple of screenshots of how it would look on LinkSys, D-link and Netgear:




Now you will either be able to choose the service from some kind of drop down that will have a list like FTP, HTTP, TELNET, etc and if they have Remote Desktop or RDP, then choose that. Type in the IP address in the corresponding box and you’re done.

If the service does not show up in the list, then you have to either add a custom service or there will be some blank boxes where you can enter in the information. On my Linksys router, for example, I have a bunch of empty text boxes in a table.

I would enter Remote Desktop for the application name, 3389 for the internal port, 3389 for the external port, choose both TCP and UDP as the protocol, type in the IP address for the computer I want to connect to, and check the enabled box.


On a D-link router, it’s called Private port and Public port instead of internal and external port, but it’s always the same number 3389, so you can’t get confused. On Netgear, it’s called Start port and End Port.

Now everything should be set for you to connect to your computer from outside the local network. In order to connect from outside, you will have to get your external IP address, which is simple. Just go to www.whatismyip.com and it will give you your external IP address.


The only issue that can come up is if your do not have a static IP address with your ISP. Most home users get a dynamic IP address that changes every so often. This makes it extremely hard to connect remotely because it will fail once the IP address changes. Any questions? Post a comment! Enjoy!
Posted by at No comments:

Wednesday, September 12, 2012

How To Install Active Directory On Windows Server 2008

As you probably know Active Directory stores information about objects on the network and makes this information available to users and network administrators. AD uses domain controllers to give network users access to permitted resources anywhere on the network through a single logon process.  In this article I will go through the installation of active directory on Windows server 2008.

Things you need before installing Active Directory on Windows Server 2008

    Have Windows server 2008 already installed.
    Have administrative privilege on the system
    be able to reboot the system any time.
    Have an NTFS partition with enough free space

Things you should keep in mind

If you are installing active directory on windows server 2008 for the first time, it must be a global catalog server, it cannot be RODC.
NT 4.0 domain controllers are not supported on windows server 2008 anymore. If you still have NT domain controllers on your network, you need to have 2000/2003 DCs to support them.
If you are making windows 2008 a domain controller on 2003 forest, you must prepare the forest for windows 2008 by running ADPREP.

Final preparations

The last thing I will do to start the installation of active directory is to change the name of the computer to reflect the new status. To do that, login to the server and click on the Start button and right-click on Computer and go to Properties. At the bottom under computer name, domain, and workgroup settings, click on the Change settings:

the System Property window will come up.

click on the change tab, and change the computer name to whatever you want.


Click on the OK button. Windows Server 2008 will  now reboot.

Installing Active Directory Domain Services

Now that we have renamed the computer to something that reflects the new role on windows server 2008, we will proceed with the installation of active directory. I always recommend using the server manager interface when installing active directory and other network services. To install active directory domain services, go to Start and click on Server Manager.

The server manager window will come up:


The Select Server Role window will come up:


Make sure the Active Directory Domain Services option is checked.

click on Next after checking the option.

Active directory  domain services (AD DS) is something new on Windows Server 2008. On the following window you can read a small introduction about it. Click Next when you finish reading.


click Next on the above window.

on the following window, you will be asked to confirm the installation of domain services:


click on Install to start the installation.


You should receive the Installation Results window after the installation completes.

 Note: this only installs Active Directory domain services, it does not make Windows server 2008 a domain controller. for that we will need to run the DCPROMO wizard.

Installing Active Directory Domain Controller

After Active Directory Domain Services have been installed, you should return to the Server Role Interface. click on Active Directory Domain Services:


On the window that pops up, you will see a summary message that reads, “This server is not yet running as a domain controller: Run Active Directory Domain Services Installation Wizard ( dcpromo.exe)

Click on the blue link.


by clicking on the blue link, the dcpromo.exe wizard should come up:


make sure “Use advanced mode installation” option is checked and click Next.

read the provided information on the next screen. that explains some new features on windows server 2008 domain services that might affect older Windows operating systems and non Microsoft SMB clients on an existing domain.


Click Next after you read the above warning.

On the following screen, choose your deployment configuration.


because this is my first domain controller, I will choose the “Create a new domain in a new forest” option.


click on Next.

Choose the name for your forest root domain on the following window.


click Next after choosing your fully qualified domain name.

the wizard will check if that forest name is already in used:


after a few seconds, the wizard will ask you to enter the NetBIOS name:


the default NetBIOS name should be fine. click on the Next tab.

on the following screen, choose the forest functional level:


I will choose Windows Server 2003 as my functional level. Choosing windows server 2008 functional level does not provide any new features over the Windows 2003 forest functional level. However, it ensures that any new domains created in this forest will automatically operate at the Windows Server 2008 domain functional level, which does provide unique features. click on Next.


Clicking next, the dcpromo wizard will check for DNS configurations.

If DNS is not installed on your system, choose the DNS Server option on the following screen.


here you get the info that tells you:

The first domain controller in a forest must be a global catalog server and cannot be an RODC.

Click on Next.

if your server does have static IP address assigned on the server, you might get the following warning:


as you can see, having dynamic assigned IP address is not recommended. use static IP addresses for servers whenever is possible.

choose your option, and click Next.

another warning:


if you get this warning, click on OK.

choose the location of the AD database on the following screen:


Leave the default settings, and click on Next.

Enter your the password for your Restore Mode Administrator on the following screen.


click Next after entering the password.

on the following screen you should get the Summary page.


click on Next.

damn it!! I got an error saying I need to install DNS manually.


“An error occurred while the wizard was installing DNS, you will have to configure DNS for this domain manually".

this is the first time I let the dcpromo.exe to configure DNS for me, and I kind of was expecting for this error. that will be the subject of the next article.

click OK on the error for now.

active directory installation should start installing. But it won’t work perfect until DNS is install.


after awhile, you should get the completion window.


click on Finish.

you will need to reboot the computer.


go ahead and restart the computer, and if you need to install DNS do so after the reboot.
Posted by at No comments:
Subscribe to: Posts (Atom)