Author Archive
If you receive the following error after you try to delete or create a domain from helm or Restore from HelmRestoreTool-
2009-09-10 10:24:33 Website.IWeb_RemoveHostHeader 0-2147467259: Unknown error while adding host header: A name contained an invalid character.
{0}
2009-09-10 10:24:33 CDomainAlias.DeleteEx 0-2147467259: Unknown error while adding host header: A name contained an invalid character.
{0}
2009-09-10 10:24:33 CDomain.DeleteDomainEx 0-2147467259: Unknown error while adding host header: A name contained an invalid character.
{0}2009-09-10 10:40:14 Website.IWeb_RemoveHostHeader 0-2147467259: Unknown error while adding host header: A name contained an invalid character.
{0}
2009-09-10 10:40:14 CDomainAlias.DeleteEx 0-2147467259: Unknown error while adding host header: A name contained an invalid character.{0}
2009-09-10 10:59:22 Website.IWeb_AddWebsite 0-2147467259: Unknown error while creating site: A name contained an invalid character.
{0}
2009-09-10 10:59:22 CWebsite.RepairWebsiteEx 0-2147467259: Unknown error while creating site: A name contained an invalid character.
{0}
Solution – In the remote server where the site is hosted please goto C:\Helm.config\ and delete IIS.xml file. Now try to delete the domain from helm you will be able to delete successfully.
…
MySQL command line administration-
1. Login to server-
Goto MySQL installed location through command prompt-
C:\MySQL\bin
or
C:\Program files\MySQL\bin
Specify MySQL user and password -
C:\MySQl\bin> mysql -u root -p
Above command is used to login to local MySQL server. If you want to login to remote MySQL server use this command
C:\MySQl\bin> mysql -h <specify-remote-mysql-server-name-or-ip> -u root -p
2. List all the databases in MySQL server-
mysql> show databases;
3. Create new database in MySQL server-
mysql> create database <specify-db-name-here>;
4. Create a table in a database-
create table `<specify-table-name-here>` (`field1` type , `field2` type);
For example- To create a table ‘fortest’ with 3 fields – testid, testname, testemail-
mysql> create table `fortest` (`testid` int( 11 ) not null auto_increment , `testname` varchar( 50 ) not null , `testemail` varchar( 100 ) not null , primary key ( `testid` ));
5. To access a particular database in MySQL server-
mysql> use <specify-db-name-here>;
for example-
mysql> use test;
6. To view all the tables in that particular database-
mysql> show tables;
7. To view that particular database’s table field format-
mysql> desc <specify-table-name-here>;
for example-
mysql> desc fortest;
8. To access all the contents in a table-
mysql> select * from <specify-table-name-here>;
for example-
mysql> select * from fortest;
9. To retrieve specific info from particular table-
mysql> select * from <specify-table-name-here> where <specify-field-name-here> = ‘any-info’;
for example – if you want to find the details of a person named ‘arun’ from the table ‘fortest’ -
mysql> select * from fortest where testname = ‘arun’;
10. To create user in MySQL server-
mysql> create user <specify-user-name-here> identified by ‘<specify-password-here>’;
for example-
mysql> create user ‘testinguser’@'%’ identified by ‘testingpassword’;
alternate method-
You can create through mysql database-
mysql> use mysql;
Database changed
mysql> insert into user (host,user,password) values (‘%’,'testinguser’,password(‘testingpassword’));
Query OK, 1 row affected (0.19 sec)
mysql> flush privileges;
11. Change password for a user-
mysql> set password for ‘user-name’@'hostname’ = password(‘specify-password-here’);
12. To assign database specific privileges-
All privileges to a particular database-
mysql> grant all privileges on `test` . * to ‘testinguser1′@’%’ with grant option ;
Specific privileges to a particular database-
mysql> grant select , insert , update , delete , create , drop , index , alter , on `fortest` . * to ‘testinguser’@'%’;
Alternate method-
mysql> insert into user (host,db,user,select_priv,insert_priv,update_priv,delete_priv,create_priv,drop_priv) values (‘%’,'specify-db-name-here’,'specify-user-name-here’,'y’,'y’,'y’,'y’,'y’,'y’);
mysql> use mysql;
Database changed
mysql> insert into user (host,db,user,select_priv,insert_priv,update_priv,delete_priv,create_priv,drop_priv) values (‘%’,'test’,'testinguser’,'y’,'y’,'y’,'y’,'y’,'n’);
13. To remove privileges for a particular user from a database-
mysql> revoke all privileges on `test` . * from ‘testinguser’@'%’;
14. To delete a particular table-
mysql> drop table `fortest` ;
15. To delete a particular database-
mysql> drop database `test` ;
16. Backup the database-
C:\MySQL\bin> mysqldump -u root -p <database-name> > C:\backup\test.sql
17. Backup particular table from the database-
C:\MySQL\bin> mysqldump -u root -p <database-name> <table-name> > C:\backup\fortest.sql
18. Restore a database from the backup-
C:\MySQL\bin> mysql -u root -p <database-name> < C:\backup\test.sql
…How to reset MySQL root password-
Lost your MySQL root password? Resetting MySQL root password is simple. Please follow these steps-
# Login to your MySQL server.
# Locate the mysql.ini file.
-This should be something like C:\MySQL\my.ini or “C:\Program files\MySQL\bin\mysqld-nt.exe” –defaults-file=”C:\Program files\MySQL\Data\my.ini” MySQL
-You can also check this by viewing the Properties of the MySQL service command line under the Services MMC.
# Edit the appropriate *.ini file and add the following line immediately after [mysqld] ;
skip_grant_tables = 1
# Restart the MySQL service. Please note that MySQL is now running unsecured.
# From a command prompt, change to the /bin directory (Ususally C:\MySQL\bin or whereever under MySQL installed location) and enter the following command to login as root:
mysql -u root
# Then input the following command:
update mysql.user SET Password = Password(‘newpassword’) WHERE User=’root’;
# Now remove the line you added to my.ini in previous step and restart MySQL.
# Make sure you can login to MySQL using the updated password.
…Important steps to secure Active Directory-
# Rename or disable the Administrator account (and guest account) in each domain to prevent attacks on your domains.
# Physically secure all domain controllers in a locked room.
# Manage the security relationship between two forests and simplify security administration and authentication across forests.
# To provide additional protection for the Active Directory schema, remove all users from the Schema Admins group, and add a user to the group only when schema changes need to be made. Once the change has been made remove the user from the group.
# Restrict user, group, and computer access to shared resources and to filter Group Policy settings.
# Avoid disabling the use of signed or encrypted LDAP traffic for Active Directory administrative tools.
# Some default user rights assigned to specific default groups may allow members of those groups to gain additional rights in the domain, including administrative rights. Therefore, your organization must equally trust all personnel that are members of the Enterprise Admins, Domain Admins, Account Operators, Server Operators, Print Operators and Backup Operators groups.
# Use global groups or universal groups instead of domain local groups when specifying permissions on domain directory objects replicated to the global catalog. For more information, see Global catalog replication.
…Active directory concepts in pictorial format-
click to enlarge the image
…Overview of FSMO Roles-
There are five different FSMO roles and they each play a different function in making Active Directory work:
PDC Emulator – This role is the most heavily used of all FSMO roles and has the widest range of functions. The domain controller that holds the PDC Emulator role is crucial in a mixed environment where Windows NT 4.0 BDCs are still present. This is because the PDC Emulator role emulates the functions of a Windows NT 4.0 PDC. But even if you’ve migrated all your Windows NT 4.0 domain controllers to Windows 2000 or Windows Server 2003, the domain controller that holds the PDC Emulator role still has a lot to do. For example, the PDC Emulator is the root time server for synchronizing the clocks of all Windows computers in your forest. It’s critically important that computer clocks are synchronized across your forest because if they’re out by too much then Kerberos authentication can fail and users won’t be able to log on to the network. Another function of the PDC Emulator is that it is the domain controller to which all changes to Group Policy are initially made. For example, if you create a new Group Policy Object (GPO) then this is first created in the directory database and within the SYSVOL share on the PDC Emulator, and from there the GPO is replicated to all other domain controllers in the domain. Finally, all password changes and account lockout issues are handled by the PDC Emulator to ensure that password changes are replicated properly and account lockout policy is effective. So even though the PDC Emulator emulates an NT PDC (which is why this role is called PDC Emulator), it also does a whole lot of other stuff. In fact, the PDC Emulator role is the most heavily utilized FSMO role so you should make sure that the domain controller that holds this role has sufficiently beefy hardware to handle the load. Similarly, if the PDC Emulator role fails then it can potentially cause the most problems, so the hardware it runs on should be fault tolerant and reliable. Finally, every domain has its own PDC Emulator role, so if you have N domains in your forest then you will have N domain controllers with the PDC Emulator role as well.
RID Master – This is another domain-specific FSMO role, that is, every domain in your forest has exactly one domain controller holding the RID Master role. The purpose of this role is to replenish the pool of unused relative IDs (RIDs) for the domain and prevent this pool from becoming exhausted. RIDs are used up whenever you create a new security principle (user or computer account) because the SID for the new security principle is constructed by combining the domain SID with a unique RID taken from the pool. So if you run out of RIDS, you won’t be able to create any new user or computer accounts, and to prevent this from happening the RID Master monitors the RID pool and generates new RIDs to replenish it when it falls beneath a certain level.
Infrastructure Master – This is another domain-specific role and its purpose is to ensure that cross-domain object references are correctly handled. For example, if you add a user from one domain to a security group from a different domain, the Infrastructure Master makes sure this is done properly. As you can guess however, if your Active Directory deployment has only a single domain, then the Infrastructure Master role does no work at all, and even in a multi-domain environment it is rarely used except when complex user administration tasks are performed, so the machine holding this role doesn’t need to have much horsepower at all.
Schema Master – While the first three FSMO roles described above are domain-specific, the Schema Master role and the one following are forest-specific and are found only in the forest root domain (the first domain you create when you create a new forest). This means there is one and only one Schema Master in a forest, and the purpose of this role is to replicate schema changes to all other domain controllers in the forest. Since the schema of Active Directory is rarely changed however, the Schema Master role will rarely do any work. Typical scenarios where this role is used would be when you deploy Exchange Server onto your network, or when you upgrade domain controllers from Windows 2000 to Windows Server 2003, as these situations both involve making changes to the Active Directory schema.
Domain Naming Master – The other forest-specific FSMO role is the Domain Naming Master, and this role resides too in the forest root domain. The Domain Naming Master role processes all changes to the namespace, for example adding the child domain vancouver.mycompany.com to the forest root domain mycompany.com requires that this role be available, so you can’t add a new child domain or new domain tree, check to make sure this role is running properly.
To summarize then, the Schema Master and Domain Naming Master roles are found only in the forest root domain, while the remaining roles are found in each domain of your forest. Now let’s look at best practices for assigning these roles to different domain controllers in your forest or domain.
To summarize these three rules then and make them easy to remember:
Forest root domain – Schema Master and Domain Naming Master on the same machine, which should also host the Global Catalog.
Every domain – PDC Emulator and RID Master on the same machine, which should have beefy hardware to handle the load.
Every domain – Never place the Infrastructure Master on a machine that hosts the Global Catalog, unless your forest has only one domain or unless every domain controller in your forest hosts the Global Catalog.
…PORT NUMBERS USED IN ACTIVE DIRECTORY SERVICES-
53 TCP Enable DNS TCP 53
53 UDP Enable DNS UDP 53
88 TCP Enable Kerberos TCP 88 (AD)
88 UDP Enable Kerberos UDP 88 (AD)
123 UDP Enable NTP UDP 123 (AD)
135 TCP Enable RPC TCP 135
135 UDP Enable RPC UDP 135
137 UDP Enable NetBIOS Name Service
138 UDP Enable NetBIOS Datagram Service
139 TCP Enable NetBIOS Session Service
389 TCP Enable LDAP TCP 389 (AD)
389 UDP Enable LDAP UDP 389 (AD)
445 TCP Enable SMB over TCP
464 TCP Enable K Password TCP 464 (AD)
543 TCP Enable K Login TCP 543 (AD)
544 TCP Enable K Shell TCP 544 (AD)
1025 TCP Enable MSRPC TCP 1025 (AD)
1026 TCP Enable 1026 TCP (AD)
3268 TCP Enable Global Catalog TCP 3268 (AD)
3268 UDP Enable Global Catalog UDP 3268 (AD)
53211 TCP Enable AD Replication TCP 53211 (AD)
53212 TCP Enable File Replication Service TCP
…Basic Questions about ADS 2003.
What is active directory?
Active Directory is the directory service included in the Windows Server 2003 family. Active Directory includes the directory, which stores information about network resources, as well as all the services that make the information available and useful. Active Directory is also the directory service included in Windows 2000.
Active directory database-
NTDS.Dit located in C:\Windows\ntds\
.Dit – Directory Information Tree.
Active Directory Schema-
The Active Directory schema defines objects that can be stored in Active Directory. The schema is a list of definitions that determines the kinds of objects and the types of information about those objects that can be stored in Active Directory. Because the schema definitions themselves are stored as objects, they can be administered in the same manner as the rest of the objects in Active Directory. Normally called schema object or metadata .
Structure of Active Directory-
1)Physical structure - Sites, Domain Controllers
2)Logical structures – Forest, Tree, Domain, OU
Domain functional levels in Active directory 2003?
1)Mixed mode
2)Native mode
3)Interim mode
What is Global catalog and GC server?
The global catalog is the central repository of information about objects in a tree or forest. By default, a global catalog is created automatically on the initial domain controller in the first domain in the forest. A domain controller that holds a copy of the global catalog is called a global catalog server.
Functions of GC-
A)It enables a user to log on to a network by providing universal group membership information to a domain controller when a logon process is initiated.
B)It enables finding directory information regardless of which domain in the forest actually contains the data.
Active directory database engine name?
ESE (Extensible Storage Engine)
Partitions available in AD-
i)Schema partition
ii) Configuration Partition
iii) Domain Partition
iv)Application Partition
Types of replications-
Inter-site(Site to site) and Intra-site(With in site) replications.
About KCC-
KCC is called Knowledge Consistency Checker. The KCC is a built-in process that runs on all domain controllers. The KCC configures connection objects between domain controllers. Within a site, each KCC generates its own connections. For replication between sites, a single KCC per site generates all connections between sites.
The 2 trust protocols 2003 using -
Kerberos V5 and NTLM
Types of Trust relations available in 2003-
Tree-Root , Parent- Child , Shortcut, Realm, Forest trust , External trust
What is the hierarchy of applying Gpo(Group Policy Object) in 2003?
It is applied from parent level to child level in AD.
i) Local GPO
ii) GPOs linked to sites
iii) GPOs linked to domains
iv) GPOs linked to OUs
Protocols used on replication-
RPC over IP (Used for synchronies transfer), SMTP over IP (Asynchronies transfer)
What is the default time delay on replication?
Intra site – 15 min ( KCC automatically create the topology for Replication)
Inter-site – 1 hrs.
Security related changes replicated immediately across sites.
What Different tables available in NTDS database?
i)Schema table
ii)Link Table
iii)Data table
iv)Configuration Table
Where is the FRS logs stored in and what is the database engine name?
C:\Windows\ntfrs\jet\log ,The engine used is jet database engine. Ntfrs.jdb.
What is tombstone object in AD? What is it’s life time?
Any objects deleted from Active directory will not removed from Database immediately. That object is called tombstone object. The default life time for that object is 60 days.For win 2k3 SP1 180 days
What are the FSMO roles in AD and what are the functionalities of those roles?
Every Active Directory forest must have the following roles:
1) Schema master 2) Domain naming master
These roles must be unique in the forest. This means that throughout the entire forest there can be only one schema master and one domain naming master.
Schema Master Role
The domain controller assigned the schema master role controls all updates and modifications to the schema. To update the schema of a forest, you must have access to the schema master. At any time, there can be only one schema master in the entire forest.
Domain Naming Master Role
The domain controller holding the domain naming master role controls the addition or removal of domains in the forest. There can be only one domain naming master in the entire forest at any time. Domain-Wide Operations Master Roles Every domain in the forest must have the following roles:
3)Relative identifier (RID), or relative ID, master
4) Primary domain controller (PDC) emulator
5) Infrastructure master
These roles must be unique in each domain. This means that each domain in the forest can have only one RID master, PDC emulator master, and infrastructure master.
RID Master Role
The domain controller assigned the RID master role allocates sequences of relative IDs to each of the various domain controllers in its domain. At any time, there can be only one domain controller acting as the RID master in each domain in the forest. Whenever a domain controller creates a user, group, or computer object, it assigns the object a unique security ID. The security ID consists of a domain security ID (that is the same for all security IDs created in the domain) and a relative ID that is unique for each security ID created in the domain. To move an object between domains (using Movetree.exe: Active Directory Object Manager), you must initiate the move on the domain controller acting as the RID master of the domain that currently contains the object.PDC Emulator
Note: For all Active directory administration, troubleshooting and Changes; please refer this link-
…Advantages of Windows 2003
1. Domains can be renamed or moved to a different level in an AD tree.
2. Schema attributes can be deleted as well as added.
3. Any Domain Controller can cache the Global Catalog thus preventing user logon problems if no Global Catalog server is available.
4. AD Replication can be set not to use compression.
5. Cross-Forest Transitive Trusts can be created.
6. Many administrative tools allow drag-and-drop and there are more configuration and management wizards.
7. Most services are disabled by default in 2003 instead of enabled as in Windows 2000.2003
allows partial synchronizations of the Global Catalog 2000 had always to have full synchronizations.
8. Support for IPv6. Ping and Tracert have extra IPv6 options.
9. Supports XML web services.
10. A new service called Volume Shadow Copy takes periodic snapshots of a hard drive making it easier to take backups and recover deleted files. Users can even be allowed to recover previous versions of files by themselves by using the Previous Versions client.
11. A Global Catalog server can be built from backup media instead of by replication.
12. IPSec Nat Traversal – NAT-T – allows IPSec VPN clients and servers to pass through NAT firewalls. This is likely to lead to the wider adoption of L2TP VPNs.
13. Distributed File System DFS has had significant improvements made to it. For example DFS replicas can now be prestaged to avoid excessive initial file replication.
14. Multiple DFS Roots per server can be created (Enterprise and Datacenter editions only).
15. Print queue redundancy can be achieved by storing them on multiple servers.
16. Active Directory Migration Tool v.2.0 can now migrate users, computers, groups and passwords from an NT domain and can also perform the cross-forest migration of objects.
17. Terminal Server allows clients to map their local drives and printers
18. The FTP server allows different default directories to be assigned to different users.
19. There’s a Security Configuration and Analysis tool to check a server’s security settingsDNS AD-integrated zones are stored in the Application Partition of a forest so aren’t replicated to domain controllers which aren’t DNS servers.
20. Regedit.exe and Regedt32.exe have been amalgamated into a single utility which takes the best features of each. Both files still exist but run the same utility.
21. The DNS server has added flexibility with the new options of stub zones and conditional forwarding.
22. Internet Information Server 6 (IIS 6) has the ability to keep worker processes from different websites and web applications separate so that if one application crashes then other websites running on the same server remain unaffected.
…IIS SMTP not available in IIS Snap-in-
Please make sure IIS SMTP is installed in the server. If you find it’s installed but not visible in IIS Snap-in can be fixed by registering the dll using this code-
regsvr32 C:\Windows\System32\inetsrv\smtpsnap.dll
or
regsrv32 %systemroot%\system32\inetsrv\smtpsnap.dll
Once done IIS SMTP virtual server node will be listed in IIS Snap-in.
…12 Best things to say if you are caught sleeping at ur desk-
#12. I’m in the management training program. I’m actually doing a Stress Level Elimination Exercise Plan (SLEEP) that I learned at the last mandatory seminar you made me attend.
#11. I wasn’t sleeping. I was trying to pick up my contact lens without hands.
#10. They told me at the blood bank this might happen.
#9. This is just a 15-minute power nap like they raved about in that time-management course you sent me to.
#8. Whew! Guess I left the top off the White-Out. You probably got here just in time.
#7. I wasn’t sleeping. I was meditating on the mission statement and envisioning a new paradigm.
#6. I was testing my keyboard for drool resistance.
#5. I was doing a highly specific yoga exercise to relieve work-related stress. Are you discriminating against people who practice yoga?
#4. Why did you interrupt me? I had almost figured out a solution to our company’s biggest problem.
#3. The coffee machine is broken…
#2. Someone must have put decaf in the wrong pot…
And the #1 best thing to say if you get caught sleeping at your desk:
#1. And, finally, I pray for the future of our company. Amen.
…
Blue – Rahman’s Bluish composition
Aaj Dil Gustakh Hai – Though Sukhwinder Singh had done a good job but it’s Shreya scored well with her cool voice and Rahman for his piano tunes.
Bhoola tujhe – Cool melody by Rashid Ali and hunky violin tones in the background which keeps you listen again and again.
Blue Theme – Blaaze, Raqeeb Alam, Sonu Kakkar, Jaspreet Singh, Neha Kakkar, Dilshad. It’s drummer Sivamani’s excellent turn. Surely it will pumps up your adrenaline and keeps you listen again and again.
Chiggy wiggy – Aussie pop icon Kylie Minogue’s voice is metallic and it’s her first song in indian cinema. Indian western type.
Fiqrana – A different beat with many instrumental tones in the background.
Rehnuma – Peculiar Rahmanish tune with Sonu Nigam and Shreya Ghoshal. Likable and lovely.
Yaar mila tha – Typical folk number by Udit Narayan and Madhushree. Nothing different.
Enjoy!!
Overall rating: [starreview tpl=16]
…Never compromise your values and beliefs,
even if it means riksing ridicule and rejection.
Be true to yourself.
Live your own life.
and don’t allow others
to decide what is best for you.
If you do you will be unhappy
because you are untrue to yourself.
…English to tamil java program translation-
public class Project
{
public static void main(String args[])
{
int a;
string b;
if(a==0)
{
b = “Zero”;
}
else
{
b = “Non-Zero”;
}
return;
}
}
Translated to Tamil-
பொது வகுப்பு கூடிகும்மிஅடிப்பு
{
பொது நிரந்திர ஒன்னும்மில்லா முக்கிய (கம்பி வாக்குவாதங்கள் [])
{
எங்கள் அ;
கம்பி அ;
ஒருவேளை (அ == 0)
{
அ= “பூஞ்சியம்”;
}
இல்லன்னா
{
அ= “பூஞ்சியம் இல்லை”;
}
போடா டேய்;
}
}
…
Recent Comments