Lapas

trešdiena, 2015. gada 21. janvāris

Create custom password settings for AD users server 2012 R2

Start-> Run-> adsiedit.msc
Locate CN=System -> CN=Password Settings Container 
Create new Object:
In the Create Object dialog box, under Select a class, click msDS-PasswordSetting
Value, type the name of the new PSO

Example values:
msDS-PasswordSettingsPrecedence - 10
msDS-PasswordReversibleEncryptionEnabled - FALSE
msDS-PasswordHistoryLength - 5
msDS-PasswordComplexityEnabled - TRUE
msDS-MinimumPasswordLength - 8
msDS-MinimumPasswordAge - 1:00:00:00 (1 day)
msDS-MaximumPasswordAge - 60:00:00:00 (60 days)
msDS-LockoutThreshold - 10
msDS-LockoutObservationWindow - 0:00:60:00 (60 minutes)
msDS-LockoutDuration - 0:00:60:00 (60 minutes)
msDS-PSOAppliesTo - “CN=u1,CN=Users,DC=DC1,DC=contoso,DC=com”

To disable account lockout policies, assign the msDS-LockoutThreshold attribute the value of 0.

Source:  technet.microsoft.com

Autors: plkst. Nav komentāru:

ceturtdiena, 2015. gada 15. janvāris

Configure AD NTP synchronization

Run command promt as administrator.
Check time before sync:
echo %time%

Configure local time servers:
w32tm /config /manualpeerlist:pool.ntp.org /syncfromflags:MANUAL

net stop w32time
net start w32time

Check time after sync:
echo %time%

Force resync:
w32tm /resync 

Check settings:
reg query HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters
w32tm /query /source

Check status
w32tm /query /status
Autors: plkst. Nav komentāru:

piektdiena, 2015. gada 9. janvāris

Disable 8.3 name creation on disk volumes

1. Check status for disk D:
fsutil 8dot3name query D:


2. Check global system seting
HKLM\SYSTEM\CurrentControlSet\Control\FileSystem\
NtfsDisable8dot3NameCreation set value to 2

3. Disable 8.3 name creation

C:\Windows\system32>fsutil 8dot3name set d: 1

Successfully set 8dot3name behavior.

C:\Windows\system32>fsutil 8dot3name query D:
The volume state for Disable8dot3 is 1 (8dot3 name creation is disabled).
The registry state of NtfsDisable8dot3NameCreation is 2, the default (Volume level setting).
Based on the above two settings, 8dot3 name creation is disabled on D:
Autors: plkst. Nav komentāru:

ceturtdiena, 2015. gada 8. janvāris

Get Windows server 2003 - 2012 DHCP reservation list

netsh dhcp server 192.168.0.1 scope 192.168.0.0 dump >> c:\reservationdump.txt
Autors: plkst. Nav komentāru:
Abonēt: Ziņas (Atom)