• Best VPN Service

    Top VPNs that Unlock Netflix, provide Secure Torrenting, Strong Encryption, Fast Downloads, DNS Leak Protection, Identity Protection and have Cheap VPN prices.

    read more

    Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

Hot Downloads

Configuring Windows Server Roaming Profiles

Posted in Windows 2003 Server

Windows roaming profiles allow the mobile users of a company to always work with their personal settings from any network computer in a domain. Roaming profiles are a collection of personal user settings of a user, saved at a central location on a network.

These settings and configurations are recovered on any network computer as soon as users log in with their credentials.

The roaming user profiles functionality is very useful because it allows mobile users to log on to a variety of computers located at different places and get the same look and feel of their own personalized desktops. However, roaming user profiles in Windows Server 2003 does not allow you to use encrypted files.

A roaming profile is made up of folders that appear under the <username> folder under Documents and Setting, as shown below:

tk-windows-roaming-profiles-1

The detailed description of each folder is as follows:

  • Desktop: This folder contains all the files, folders, and shortcuts data that is responsible for the appearance of your desktop screen.
  • Favorites: This folder contains the shortcuts of the favorite and frequently visited websites of the user.
  • Local Settings: This folder contains temporary files, history, and the application data.
  • My Documents: This folder contains documents, music, pictures, and other items.
  • The Recent: This folder contains the most recently accessed files and folders by the user.
  • Start Menu: This folder contains the Start menu items.
  • Cookies: This folder contains all cookies stored on the user's computer.
  • NetHood: This folder contains shortcuts to sites in My Network Places .
  • PrintHood: This folder contains the shortcuts of printers configured for the user's computer.
  • Application Data: This folder contains the program-specific and the security settings of the applications that the user has used.
  • Templates: This folder contains the templates for applications such as Microsoft Word and Excel.
  • SendTo: This folder contains the popular Send To destination on right-clicking a menu.

Configuring Domain Group Policy for Windows 2003

Posted in Windows 2003 Server

Windows 2003 Group Policies allow the administrators to manage a group of people accessing a resource efficiently. The group policies can be used to control both the users and computers.

They give better productivity to administrators and save their time by allowing them to manage all the users and computers centrally in just one go.

The group policies are of two types, Local Group Policy and Domain-based Group Policy. As the name suggests, the Local Group Policies allow the local administrator to manage all the users of a computer to access the resources and features available on the computer. For example an administrator can remove the use of Run command from the start menu. This will ensure that the users will not find Run command on that computer.

The Domain-based Group Policies on the other hand allow the domain/enterprise administrators to manage all the users and the computers of a domain/ forest centrally. They can define the settings and the allowed actions for users and computers across sites, domains, and OUs through group policies.

There are more than 2000 pre-created group policy settings available in Windows Server 2003. A default group policy already exists. You only need to modify it by setting values of different policy settings according to your specific requirements. You can also create new group policies to meet your specific business requirements. The group policies allow you to implement:

  • Registry based settings: Allows you to create a policy to administer operating system components and applications.
  • Security settings: Allows you to set security options for users and computers to restrict them to run files based on path, hash, publisher criteria, or URL zone.
  • Software restrictions: Allows you to create a policy that would restrict users to run unwanted applications and protect computers against virus and hacking attack.
  • Software distribution and installation: Allows you to either assign or publish software application to domain users centrally with the help of a group policy.
  • Automation of tasks using computer and User Scripts
  • Roaming user profiles: Allow mobile users to see a familiar and consistent desktop environment on all the computers of the domain by storing their profile centrally on a server.
  • Internet Explorer maintenance: Allow administrators to manage the IE settings of the user's computers in a domain by setting the security zones, privacy settings, and other parameters centrally with the help of group policy.

Configuring a Domain-Based Group Policy

Just as you used group policy editor to create a local computer policy, to create a domain-based group policy you need to use Active Users and Computers snap-in from where you can open the GPMC.

Follow the steps below to create a domain-based group policy

1. Select Active Directory Users and Computers tool from the Administrative Tools.

2. Expand Active Directory Users and Computers node, as shown below.

3. Right-click the domain name and select Properties from the menu that appears:

tk-windows-gp-domain-1

The properties window of the domain appears.

Configuring Local Group Policy for Windows 2003

Posted in Windows 2003 Server

Windows 2003 Group Policies allow the administrators to efficiently manage a group of people accessing a resource. Group policies can be used to control both the users and the computers.

They give better productivity to administrators and save their time by allowing them to manage all the users and computers centrally in just one go.

Group policies are of two types, Local Group Policy and Domain-based Group Policy. As the name suggests, Local Group Policies allow the local administrator to manage all the users of a computer to access the resources and features available on the computer. For example an administrator can remove the use of the Run command from the start menu. This will ensure that the users will not find Run command on that computer.

Domain-based Group Policies allow the domain / enterprise administrators to manage all the users and the computers of a domain / forest centrally. They can define the settings and the allowed actions for users and computers across sites, domains and OUs through group policies.

There are more than 2000 pre-created group policy settings available in Windows Server 2003 / Windows XP. A default group policy already exists. You only need to modify the values of different policy settings according to your specific requirements. You can create new group policies to meet your specific business requirements. Group policies allow you to implement:

Registry based settings: Allows you to create a policy to administer operating system components and applications.

Security settings: Allows you to set security options for users and computers to restrict them to run files based on path, hash, publisher criteria or URL zone.

Software restrictions: Allows you to create a policy that would restrict users running unwanted applications and protect computers against virus and hacking attacks.

Software distribution and installation: Allows you to either assign or publish software application to domain users centrally with the help of a group policy.

Roaming user profiles: Allows mobile users to see a familiar and consistent desktop environment on all the computers of the domain by storing their profile centrally on a server.

Internet Explorer maintenance: Allows administrators to manage the IE settings of the users' computers in a domain by setting the security zones, privacy settings and other parameters centrally with the help of group policy.

Using Local Group Policy

Local Group Policies affect only the users who log in to the local machine but domain-based policies affect all the users of the domain. If you are creating domain-based policies then you can create policy at three levels: sites, domains and OUs. Besides, you have to make sure that each computer must belong to only one domain and only one site.

A Group Policy Object (GPO) is stored on a per domain basis. However, it can be associated with multiple domains, sites and OUs and a single domain, site or OU can have multiple GPOs. Besides this, any domain, site or OU can be associated with any GPO across domains.

When a GPO is defined it is inherited by all the objects under it and is applied in a cumulative fashion successively starting from local computer to site, domain and each nested OU. For example if a GPO is created at domain level then it will affect all the domain members and all the OUs beneath it.

After applying all the policies in hierarchy, the end result of the policy that takes effect on a user or a computer is called the Resultant Set of Policy (RSoP).

To use GPOs with greater precision, you can apply Windows Management Instrumentation (WMI) filters and Discretionary Access Control List (DACL) permissions. The WMI filters allow you to apply GPOs only to specific computers that meet a specific condition. For example, you can apply a GPO to all the computers that have more than 500 MB of free disk space. The DACL permissions allow you to apply GPOs based on the user's membership in security groups.

Windows Server 2003 provides a GPMC (Group Policy Management Console) that allows you to manage group policy implementations centrally. It provides a unified view of local computer, sites, domains and OUs (organizational units). You can have the following tools in a single console:

  • Active Directory Users and Computers
  • Active Directory Sites and Services
  • Resultant Set of Policy MMC snap-in
  • ACL Editor
  • Delegation Wizard

The screenshot below shows four tools in a single console.

tk-windows-gp-local-1

 

A group policy can be configured for computers or users or both, as shown here:

tk-windows-gp-local-2

Creating Windows Users and Groups with Windows 2003

Posted in Windows 2003 Server

In a Windows server environment, it is very important that only authenticated users are allowed to log in for security reasons. To fulfill this requirement the creation of User accounts and Groups is essential.

User Accounts

In Windows Server 2003 computers there are two types of user accounts. These types are local and domain user accounts. The local user accounts are the single user accounts that are locally created on a Windows Server 2003 computer to allow a user to log on to a local computer. The local user accounts are stored in Security Accounts Manager (SAM) database locally on the hard disk. The local user accounts allow you to access local resources on a computer

On the other hand the domain user accounts are created on domain controllers and are saved in Active Directory. These accounts allow to you access resources anywhere on the network. On a Windows Server 2003 computer, which is a member of a domain, you need a local user account to log in locally on the computer and a domain user account to log in to the domain. Although you can have a same login and password for both the accounts, they are still entirely different account types.

You become a local administrator on your computer automatically because local computer account is created when a server is created. A domain administrator can be local administrator on all the member computers of the domain because by default the domain administrators are added to the local administrators group of the computers that belong to the domain.

This article discusses about creating local as well as domain user accounts, creating groups and then adding members to groups.

Creating a Local User Account

To create a local user account, you need to:

1. Log on as Administrator, or as a user of local administrator group or Account Operators local group in the domain.

2. Open Administrative Tools in the Control Panel and then click Computer Management, as shown in Figure 1.

 

tk-windows-user-groups-1

Figure 1

 

3. Click Users folder under Local Users and Groups node, as shown in Figure 2.

tk-windows-user-groups-2

Figure 2

ISDN Layers, Protocols & Components

Posted in WAN Technologies

Our previous article was an Introduction To The ISDN Protocol. This article dives a bit deeper by examining ISDN Layers, Protocols & Components.

ISDN uses circuit-switching to establish a physical permanent point-to-point connection from the source to the destination. ISDN has standards defined by the ITU that encompass the OSI bottom three layers of which are Physical, Data Link and Network, see Table 1 below.

At the physical layer the ITU has defined the user network interface standard as I.430 for Basic Rate Access and I.431 for Primary Rate Access; please see the ITU-T I.414 “Overview of Recommendations on Layer 1 for ISDN and B-ISDN customer accesses” document on the ITU's website. ANSI has defined the user network interface standard as T1.601. As already stated above, the physical layer uses the normal telephone cabling as its physical cabling structure.

The ISDN B channels will typically utilise a Point-to-Point protocol such as HDLC (High-Level Data Link Control) or PPP frames at Layer 2 however you can sometimes see other encapsulation such as Frame relay. As you would expect, at layer 3 you typically see IP packets. ISDN operates in Full-Duplex which means that traffic can be received and transmitted at the same time.

The ISDN D channel will utilise different signalling protocols at Layer 3 and Layer 2 of the OSI Model. Typically at Layer 2, LAP-D (Link Access Procedure – D Channel) is the Q.921 signalling used and DSS1 (Digital Subscriber Signalling System No.1) is the Q.931 signalling that is used at Layer 3. It is easy to remember which one is used at which layer by simply remembering that the middle number corresponds to the layer it operates at.

Table 1

OSI Layer

B Channel

D Channel

3

IP

DSS1 (Q.931)

2

HDLC/PPP

LAP-D (Q.921)

1

I.430/I.431 or ANSI T1.601

Users requiring information on how to configure a Cisco router for ISDN dialup can read our How To Configure ISDN Internet Dialup On A Cisco Router article.

 

The Different ISDN Components

As part of the ISDN Standards, there are several types devices that are used to connect to the ISDN network which are known as Terminal Equipments (TE) and also Network Termination (NT) equipment. You also have Reference Points which are used to define the connections between the various equipment that is used within the ISDN network.

wan-tech-isdn-layers-proto-1

Terminal Equipment and Network Termination Definitions;

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup