Posts Tagged ‘Windows’

Installing Windows Remote Management (WinRM) and PowerShell 2.0 on Windows Server 2003 / XP

March 31, 2011 Leave a comment

Windows Remote Management WinRM and PowerShell 2.0 are two very versatile tools that can greatly increase the manageability of your Windows hosts.  Unfortunately it has been somewhat difficult for me locating the most up to date versions of this software.  Basically the package available that installs PowerShell 2.0 also includes the WinRM 2.0 release as well.  Also available at the link below are WinRM/PowerShell 2.0 releases for Windows Vista and Server 2008 R1.

There is a prerequisite that the computer is running Microsoft .Net Framework 2.0 SP1.  I have included a link below to .Net 2.0 SP2:

Now you can install the WinRM 2.0/PowerShell 2.0 Management Framework package here:

Categories: Uncategorized, Windows Tags:

Set Up Windows 2003 R2 NFS Server for VMware ESXi Backups

November 21, 2010 4 comments

Generally my preference is to use Linux as an NFS server.  On the internet you will see frequent reference to the belief that NFS works better on Linux/UNIX.  Recently I decided to try and set up NFS services on Windows to see how well it would perform.  In this tutorial I will set up Services for UNIX 3.5 on a Windows 2003 R2 server and configure it using the User Name Mapping service to allow a VMware ESXi to use it as a datastore for VMs or backups via non-anonymous connections.

First off grab the Windows Services for UNIX (SFU) installation files here.  Extract the files from the download file and run the setup.

Click Next.

Select Custom Installation and click Next.

Read more…

Pages: 1 2 3

Categories: ESXi, NFS, VMware, Windows Tags: , , ,

Simple Way to Install Apache and PHP on Windows

November 10, 2010 Leave a comment

I do a bit of web development, and my preferred web application environment is PHP.  So recently I was reinstalling Apache and PHP on my Windows development computer, and I found a very easy way to get them installed silently with pretty much no hassel.  Traditionally I have done the install by manually extracting PHP and editing the php.ini and httpd.conf to load the appropriate modules.  Thanks to Nicolas his insightful instruction!

First go out and grab the compiled Windows versions of Apache and PHP:

This example uses the non-SSL Apache 2.2 and the PHP 5 Win32 installer package.  There are many different install types available for PHP, I avoided the debug and the non-thread safe versions.

Now run silent installs with these switches/parameters at the command prompt for the Apache/PHP packages and restart Apache.  Make sure to include the APACHEDIR parameter when running the PHP install so it can configure Apache with the appropriate PHP module.

C:\temp> msiexec /i apache_2.2.17-win32-x86-no_ssl.msi /passive ALLUSERS=1 SERVERADMIN=admin@localhost SERVERNAME=localhost SERVERDOMAIN=localhost SERVERPORT=80 INSTALLDIR=c:\apache

C:\temp> msiexec /i php-5.2.14-win32-installer.msi /qn APACHEDIR=c:\apache INSTALLDIR=c:\php ADDLOCAL=ext_php_mssql,apache22

C:\temp> net stop "Apache2.2"

C:\temp> net start "Apache2.2"

This also includes SQL Server support for PHP if needed.  Your Windows host should now be ready to serve PHP!


Categories: Apache, PHP, Windows Tags: , ,

Set Up Exchange 2010 High Availability Mailboxes Using Database Availability Groups (DAG)

September 15, 2010 Leave a comment

Over the years Microsoft Exchange has added features to provide high availability for the mailbox database role.  The latest version Exchange 2010 includes a feature named Database Availability Groups (DAG) that is similar to the Continuous Cluster Replication feature of Exchange 2007 but with greater flexibility.  In particular, DAG doesn’t need to be specified during installation and can be configured after installing.  In addition, Exchange 2010 servers that are members of DAGs can contain replicas of mailbox databases of each other, allowing us to make better use of server resources.  We can also configure the Client Access and Hub Transport roles on the same server as the Mailbox servers that participate in the DAG.  So conceivably we can configure a high availability solution for all Exchange roles using only two Exchange servers.  If set up like this we will need to have an additional Windows 2008 server that will be configured as a file share witness to establish a quorum for the cluster.  Facebook

One additional noteworthy item is that the DAG feature is available for use with Exchange 2010 Standard Edition. This is unlike with previous editions of Exchange where the Enterprise Edition was required to utilize high availability mailbox database solutions involving more than one server. To make use of DAG Windows 2008/2008 R2 Enterprise Edition is required for the Exchange servers, however.

In this example I have configured three servers, all running Windows 2008 R2.  One is a domain controller that will act as the file share witness.  In a production environment it is recommended to configure the file share witness on a domain member server, it is not desirable to use a DC because additional access permissions need to be granted on the file share witness and doing so on a DC makes AD less secure.  Both of my Exchange 2010 servers (EXCH11 & EXCH12) are configured with 2 NICs for redundancy of replication and heartbeat traffic.  In addition, I will configure 2 additional hard drives for each Exchange server that will contain the Exchange log and database files.

Preconfiguring and Installing Exchange Servers (EXCH11 & EXCH12)

Open up the Network Connections on both servers.

I have label the two interfaces, the LAN interface is the main NIC that connects to the rest of my network.  Right click Heartbeat and choose Properties.

Read more…

Pages: 1 2 3 4

Categories: Email, Exchange, Windows Tags: , ,

Configure Windows Remote Management in a Workgroup

July 30, 2010 1 comment

Windows Remote Management (WinRM) is a component of Windows that allows us to remotely execute commands on a Windows server and retrieve the output of these commands.  It is very similar in functionality to the Secure Shell (SSH) that is a standard part of Linux and UNIX distributions.  While we can configure an SSH server on Windows to perform a similar role for remote command execution, the set up is more involved since WinRM is now a standard part of Windows.  In this example I will configure a WinRM server and client both running Windows 7 in a Windows workgroup environment.  The set up is a bit more difficult than configuring WinRM in a domain environment but still not too hard.

Configure the WinRM Server

 In my experience I have only successfully configured the listener for the WinRM server successfully with the network connection set to use either the Domain or Private profile.  So in this example I will configure the WinRM server’s network with the Private profile.  Right click the network icon in the system tray and select “Open Network and Sharing Center”.

In my case my current active network (Network 8) is currently configured as a Public Network.  Click it to change the location.

Choose Home Network which will configure the network interface to use the Private network profile. 


It will automatically prompt us to set up a Homegroup.  I will skip this, so at this screen I’ll click Cancel.  The previous configuration change to Home Network will still go through, however.

Read more…

Categories: Windows Tags:

Export SSL Certificate Signed by Public Certificate Authority to New IIS 7.5 Server

June 23, 2010 Leave a comment

In a previous post I discussed Installing a Certificate in IIS 7.5 From a Public Certificate Authority.  In my example I used a certificate issued by StartCom’s Free SSL Certificate Authority.  As an addon I will cover exporting this certificate to another IIS 7.5 server.  Like many public CA’s StartCom makes use of a certificate chain with an intermediate certificate CA certificate as shown below.

StartCom Certification Authority
…….StartCom Class 1 Primary Intermediate Server CA
…………..Your StartCom Issued Certificate

When you create a Certificate Request on an IIS server to the CA and later complete that request, the intermediate cert is automatically added to the IIS server’s certificate store.  However, if you export your certificate to a new IIS server you must also import the intermediate cert on the new IIS server for the chain of trust to be maintained.  This is best practice from a security perspective.

Some browsers such as Internet Explorer will go out to the internet and attempt to import the intermediate cert to your client if it is not available on the web server.  Other browsers such as Firefox will not do this and the intermediate cert needs to be available on your web server for the browser to be able to import it.  If the intermediate is not available on the IIS server, Firefox will not see your certificate as being validly trusted.

Export and Import Web Site Certificate Through IIS

First let’s export our public CA issued certificate.  IIS makes this very easy.  Go to Start > Admin Tools > IIS Manager.

Click your server name in the left pane tree, then in the center scroll down and double click Server Certificates.

Highlight the certificate from the public CA (in my case StartCom).  Note how it is issued by the StartCom Class 1 Primary Intermediate Server CA.  In the right Actions pane click Export.

Read more…

Pages: 1 2

Categories: IIS, SSL, Windows Tags: , ,

Install Windows 2008 R2 NPS for RADIUS Authentication for Cisco Router Logins

June 22, 2010 24 comments

A while back I documented a procedure to allow RADIUS Authentication for Cisco Router Logins.  Shortly thereafter I included additional instructions on how to Set Up Windows 2003 IAS Server with RADIUS Authentication for Cisco Router Logins. This updated post will discuss the configuration of a Windows 2008 R2 server for Cisco router logins using RADIUS authentication.  In my example I will install the Network Policy Server to support RADIUS on a Windows 2008 R2 domain controller and give router login access to an Active Directory domain user.

First go into Server Manager.

Highlight Roles on the left side, then in the Role Summary section click Add Roles on the far right.

When you reach the Select Server Roles screen, check Network Policy and Access Services.  Click Next.

Check Network Policy Server only, then click Next.  Then click Install and and confirm the install was successful.

Read more…

Pages: 1 2 3

Categories: Cisco, Windows Tags: ,