Categories
Problems and Solutions Windows server 2008 R2

FTP Over SSL

 

Have you ever been asked to deploy FTP service Over SSL?

We know that FTP uses two ports by default: 21 for sending commands, and 20 for sending data.  For instance if you said “FTP://<ServerName>” it would make the attempt using port 21.  If the session was established, port 20 would be using for the data.

So what about FTP Over SSL? Is there a dedicated port for it? In fact, I faced this question before around 2 weeks and I would like to share with you my experience and how I worked around this issue. Unfortunately, no dedicated port number for FTP Over SSL. it’s open a random port bigger than 1024 which mean you must open all ports on your firewall…. I know you will say it’s a joke…me too said the same thing I will not open all ports on firewall 🙂  .. so what is the solution?

I read a lot about limitation the FTP Over SSL random ports. Microsoft says you can do that by configure Data Channel Port Range in (IIS —> FTP Firewall Support) okay I did that but with no success.  I was wondering if there is another way to do that and finally I thought from another side and I asked the question: how can I limit the random ports? I found the key; the below command used to limit the random ports:

netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number  num=range

This command sets the dynamic port range for TCP. The start port is number, and the total number of ports is range. The following are sample commands:

  • netsh int ipv4 set dynamicport tcp start=10000 num=1000
  • netsh int ipv4 set dynamicport udp start=10000 num=1000
  • netsh int ipv6 set dynamicport tcp start=10000 num=1000
  • netsh int ipv6 set dynamicport udp start=10000 num=1000

These sample commands set the dynamic port range to start at port 10000 and to end at port 11000 (1000 ports). The minimum range of ports that can be set is 255. The minimum starting port that can be set is 1025. The maximum end port (based on the range being configured) cannot exceed 65535. To duplicate the default behavior of Windows Server 2003, use 1025 as the start port, and then use 3976 as the range for both TCP and UDP. This results in a start port of 1025 and an end port of 5000. for more information please see: http://support.microsoft.com/kb/929851

And here we are…it’s worked fine and I configured the firewall to open only the range of ports which used by FTP Over SSL.

I wish you find this article useful  🙂

Categories
Problems and Solutions

Windows server 2012: Managed Service Accounts Error

Hello everybody….

Windows server 2012 launched, and sure a lot of you guys started working with new features that added to the server… about me I used it from the beta version I like it very much… last night I decided to create  (Managed Service Accounts) I started PowerShell and wrote the correct command but I faced the following error:

Image

I became doubt myself ( looooool) and I tried to change the command but trust me I was sure this is the correct command,,, I started my tour to find a solution and I find the following note: “You must wait 10 hours from creation time to allow all DCs to converge AD replication before you can create gMSA. 10 hours prevents password generation from occurring before all DCs in environment capable of answering gMSA requests.”

But in my in my environment I used only one DC; should I wait 10 hours??? in fact No. I used the following command: 

Add-KdsRootKey –EffectiveTime ((get-date).addhours(-10))

Which Allows using gMSAs immediately, because it sets the start time 10 hours in past. After that everything worked fine as below in the snapshot….I hope this help you 🙂

Image

Categories
Problems and Solutions

Installing Windows server 8 with VMware 8 Problem

Installing Windows server 8 with VMware 8 Problem

i was full of passion to install windows server 8 x64 to test it and to discover new features and capabilites that insert in this version, so that i installed a beta version from microsoft’s download website. prepared a new virtual machine in VMware Workstation 8.0,,,, and here i’m..i was thinking everything will work smothly but oh oh.. i faced a problem… the error message below appear:

Windows Cannott read the <ProductKey> setting from the unattend answer file.

I said hey come on i didn’t enter any key or unattend answer file, so what’s happend? I search around this problem and after a couple of minutes i find a solution and i tested it it’s work..the solution is: 1. Turn off the Virtual Machine 2. Go to Virtual Machine Setting 3. Remove Floppy Disk from sittings Menue (or you can diseable power on setting) 4. restart the Virtual Machine

Congratulations… enjoy the Windows Server 8

Categories
Windows server 2008 R2

Cluster Validation Tool

Built-in Cluster Validation Tool

A built-in validation process is included in failover clustering to make it easier for customers to know that their cluster configuration will be supported. Customers can select their hardware and then run the Validate a Configuration Wizard (also known as Validate). If the clustered hardware components have the Windows Server 2008 logo and the entire configuration passes all of the validation tests, the cluster configuration is fully supported. There is no longer a separate, specific hardware compatibility list for clustering.

This validation process consists of a series of tests that are grouped into four main categories: inventory, network, storage, and system configuration. Figure below shows the expanded network category.

The validation results are HTML based for easy collection and remote analysis. The wizard takes just a few minutes to run, although this is a function of how many nodes are in the failover cluster and how many logical unit numbers (LUNs) are exposed to the servers. Once you create the failover cluster, you can use the Validate a Configuration Wizard as a powerful diagnostic tool to maintain the failover cluster and to identify potential problems.

Note that when you run the Validate a Configuration Wizard, some tests may not pass, but clustering may still be installed and function. For example, not conforming to a cluster configuration best practice, such as having only one network interface card (NIC) in each node, will raise a warning rather than an error. But, the failover cluster will function. However, passing the Validate a Configuration Wizard is the standard for support for failover clusters in Windows Server 2008: If a failover cluster does not pass the wizard, it is not supported by Microsoft. In addition, running the Validate a Configuration Wizard does not release the customer from the responsibility of using only hardware and software that are certified under the Windows Server Logo Program for Windows Server 2008.

You can also use the Validate a Configuration Wizard to troubleshoot in-production failover clusters. If you were to experience a problem with your failover cluster, this wizard is the first thing you would want to run to ensure that everything is functioning as expected. This may help reduce your organization’s support costs. You can also avoid running the storage tests against an in-production failover cluster to keep your resources online.

While many customers believe the added flexibility of a support policy based on logo’d hardware and the validate tool is helpful, some customers want an additional level of confidence that what they buy will be supported – before they buy it. For customers who want that assurance that their cluster configuration will be supported before purchasing, Microsoft has created the Failover Cluster Configuration Program (FCCP).  Server vendors who are members of the FCCP list pre-configured, tested and validated hardware configurations on their websites.

Categories
Uncategorized

Using FTP Server in Windows Server 2008 R2

Using FTP Server

File Transfer Protocol (FTP) is one of the early protocols in the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. It was created at a time when security was not as great a concern as it is now, and as a result, it has no built-in data protection of any kind. Clients transmit passwords in clear text, and transfer files to and from servers in unencrypted form.Windows Server 2008 R2, however, has an FTP server implementation that is enhanced with better security measures and other new features.

The FTP Publishing Service role service included in the Windows Server 2008 release is a holdover from Windows Server 2003. It requires you to install the old IIS 6.0 version of the management console because it is not compatible with the new IIS 7.0 architecture. Soon afterward, however, Microsoft released, as a free download, a new FTP Publishing Service that was compatible with IIS 7.0. Administrators could create and manage FTP sites using the current Internet Information Services (IIS) Manager console, and the service also included new features, such as the following:

FTP over Secure Sockets Layer (SSL) Enables the FTP server to establish secure connections using password protection and SSL data encryption.

-Combined FTP and Web hosting Enables a single IIS site to support both HTTP and FTP connections.

Virtual host naming Enables a single IIS server to host multiple FTP sites using a single IP address and port number, distinguishing between the sites by using host names, just as it can with Web sites.

Improved logging and error handling IIS log files include additional fields for FTP connections, and IIS can generate detailed error messages for clients on the local network.

Now, in Windows Server 2008 R2, Microsoft has fully incorporated that FTP Publishing Service into IIS 7.5, as shown in the Figure, so there is no need for a special download and no need to install an outdated management console. They have also included an additional role service, FTP Extensibility, which enables developers to use their own managed code to create customized authentication, authorization, loging, and home directory providers.

 

Categories
Problems and Solutions

People Picker Error In MOSS 2007

When you deploy Microsoft SharePoint Server 2007 in a forst that have multi-domain ( multi- global catologe) may you will face a problem when you search your user in active directory. i worked around this problem a lot of time and finally a solution come, below a snapshot that shows the error:

 

 

 

 

 

 

Describtion of the problem:

Error when doing a search for a user using people picker: “no results were found to match your search item please enter a new term or less specific”

Procedure of Work:

*Checked the user profiles and there were no user profiles imported from the domain to sharepoint

*Run the full import and set schedules for the incremental and full profile imports

*To synchronize the data in the SSP with the content databases of the sites, we run the below commands:

1.       Stsadm -o sync -listolddatabases 0

2.       Stsadm -o sync -deleteolddatabases 0

3.       Stsadm -o sync -IgnoreIsActive 1   (to sync all users irrespective of the tp_IsActive flag (0 or 1))

4.       Stsadm -o sync -synctiming M:1

5.       Wait for 5 min

6.       Verify if the Profsync has completed by running     stsadm -o sync -listolddatabases 0

7.       Stsadm -o sync -synctiming H:1 

** And Now To set people picker to search for users in specific domain, we run the below commands:

stsadm -o setapppassword -password password

stsadm -o setproperty -pn peoplepicker-searchadforests -pv “domain:your Domain,Your domain\AdminAccount,*******” -url http:// Your Site:port

For example: stsadm -o setproperty -pn peoplepicker-searchadforests -pv “domain:test.com,test\setupadmin,password” -url http://test-portal:8080

Note: if the issue occurs again later on a different web application, just change the URL from the above command.

I hope that help you to avoid this problem…

good luck for all

Categories
SharePoint Foundation 2010

SharePoint foundation 2010

Microsoft SharePoint Foundation 2010 is a versatile technology that organizations and business units of all sizes can use to increase the efficiency of business processes and improve team productivity. SharePoint Foundation 2010 gives people access to information they need by using tools for collaboration that help people stay connected across organizational and geographic boundaries.

The installation was fairly straightforward with a few speed bumps which are easily avoidable.

You can download SharePoint Foundation 2010 from this URL:http://www.microsoft.com/downloads/en/details.aspx?FamilyID=49c79a8a-4612-4e7d-a0b4-3bb429b46595&displaylang=en

also The Language Pack available in this URL:http://www.microsoft.com/downloads/en/details.aspx?FamilyID=646e311a-aaf3-4d30-b03c-2f3c70d19a22&displaylang=en

1.Double click the beta exe file and it will start extracting the setup files 

 

 

 

2.Next you will be presented with the following screens and the options. You can get all my prerequisites in one place ..

3.Here you can see the list of Prerequisites that are needed and they can be installed as easily as next option

4.Towards the end you get the following screen

Which shows the end of installation of the prerequisites.

5.So you get back to the original screen and start the Install SharePoint Foundation option

And then onto the configuration page

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

congratulations

Categories
Microsoft Unified Communications

Microsoft Unified communications

Microsoft Unified communications (UC) is the integration of real-time communication services such as instant messaging (chat), presence information, IP telephony, video conferencing, call control and speech recognition with non real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax). UC is not a single product, but a set of products that provides a consistent unified user interface and user experience across multiple devices and media types.

UC also refers to a trend to offer Business process integration, by simplify and integrate all forms of communications in view to optimize business processes and reduce the response time, the cost, manage flows and eliminate device and media dependencies. like the integration between UC solution and other applications like CRM.

UC allows an individual to send a message on one medium and receive on another. It should be possible to easily transfer any activity or message to another medium. For example, one can receive a voice mail message and choose to access it through email or a cell phone. If the sender is online according to the presence information and currently accepts calls, the response can be sent immediately through text chat or video call. Otherwise, it may be sent as a non real-time message that can be accessed through a variety of media.

Business benefits of unified communications:

Unified communications helps businesses, small and large alike, to streamline information delivery and ensure ease of use. Microsoft Unified Communications can quickly help organizations save costs by reducing operating costs, consolidating infrastructure, and leveraging human capital more effectively. For example, a Unified Communications solution can reduce operating costs for long distance calls, cell phone charges, conferencing service fees, travel costs, and meeting expenses. Organizations can also reduce costs by consolidating communications systems for messaging, voice mail and telephony into an integrated platform based upon the two cornerstone products: Microsoft Exchange and Microsoft Office Communications Server 2007 R2.

Organizations are seeing returns on Unified Communications within a single budgeting cycle, often within six months, and have the potential to save $5 million per 1,000 employees:

■Reduce Travel Expenses from 20 to 40 percent by replacing in-person meetings with immersive Web, video, and audio conferencing with Office Communications Server.
■Lower messaging costs from 50 to 80 percent by reducing storage costs and consolidating costly third-party solutions like mobility, archiving, backup, and more with Exchange.
■Reduce telephony and audio conferencing charges from 20 to 40 percent by lowering long-distance charges and audio conferencing minutes with built-in Voice-over Internet Protocol (VoIP) and unified conferencing capabilities in Office Communications Server.
■Lower real estate and facility costs from 30 to 40 percent by freeing employees from fixed desks or offices, and increasing occupancy density in buildings. With Exchange and Office Communications Server, employees can work from anywhere?with simply a laptop, a headset, and an Internet connection?and stay connected with a full suite of more secure communication tools for e-mail, integrated Presence, enterprise instant messaging, VoIP, and unified conferencing.
■Reduce the cost of communications systems from 40 to 60 percent by consolidating separate legacy voice mail with Exchange, and expensive private branch exchange (PBX), instant messaging, and audio/video/Web conferencing systems with Office Communications Server.

Categories
Uncategorized

Hello world!

Hi i’m Eng. Abdullah Zboun, nice to meet everyone