WIN 2012 R2 AD

Comments :
On one AD DC can be only one domain at one time.
So that AD can work it needs DNS with SRV records in it.
Any server on which you have installed Active Directory is a domain controller (DC)
The global catalog is a subset of domain information created for the purpose of enabling domain controllers in other domains in the same forest to locate resources in any domain.
First domain in the entire forest is not only a root domain, but is also the forest root
A client machine may be in only one AD at one time.
If there is a “Everybody” share on the domain folder, access still needs a domain account.

AD components :

  • OU – organisational unit
  • Domain
  • Tree
  • Forest


  • Namespace (flat or hierarchical)
  • Object (may be of different classes)
  • Container
  • Schema – a set of rules that define the classes of objects and their attributes that can be created in Active Directory
  • Global catalog – a central information database
  • Partition

Physical : folders, printers, sites, DCs …..

Posted in WIN | Tagged , , , | Comments Off on WIN 2012 R2 AD

Crochet 62 : Two nice purple hats!

Since I have a nice purple coat, it needs a purple hat :

And since I have leftover wool, a cute little hat :

Posted in Relaxation | Tagged , , | Comments Off on Crochet 62 : Two nice purple hats!

Crochet 61 : a nice red thin ornamental scarf with beads

I crocheted red beads at the ends 🙂

And the pattern I have used :

The ends I did in free style 🙂

Posted in Relaxation | Tagged , , | Comments Off on Crochet 61 : a nice red thin ornamental scarf with beads

Crochet 60 : a big warm triangular schawl

I like the color green a LOT!

And the pattern I used :

Posted in Relaxation | Tagged , | Comments Off on Crochet 60 : a big warm triangular schawl

WIN 7 and PATH variable

Definition :
The system path is a list of folders, separated by a semicolon, that identifies the folders that the system should search when looking for files that are called from the Run dialog box, command line, or other processes. Normal program installation changes this path to include the program’s installation path.
PATH may be set on a system and user level.
An alternative to setting the path at system level is to change it at user level; however, doing so will affect only your logon session and not other users who might use the computer or system processes, which might cause confusion and unexpected behavior.

How to change the PATH variable :
1. Go to : Start – Settings – Control Panel – System
2. Select the Advanced tab.
3. Click the Environment Variables button.
4. Under System Variables, select Path, then click Edit.
You’ll see a list of folders, as this example shows: C:\Program Files\Windows Resource Kits\Tools\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Support Tools\;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Intel\DMIX;C:\Program Files\Executive Software\Diskeeper\;C:\Program Files\Bonjour\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Misc
You can add additional folders that you want to include in searches, with “;” at the beggining and at the end. Click OK.
You’ll need to restart the processes (e.g., command prompt) that use the system path to see the added folders.

Note1 : if you type in Start/”Run” “Environment” (no “), you will get the list of all environment variables.
Note2 : WIN 2012 does NOT have a PATH variable, so you only add it in the above mentioned place.

Here is the place from where I took the above mentioned : link1. And another good link2.

Posted in WIN | Comments Off on WIN 7 and PATH variable

WIN 2012 R2 abbreviations

Why this?
Well, I need to learn about WIN 2012 R2 and pass a MSCA, (first is 70-410).
Since I am not exactly knowledgable about WIN servers, I have to familiarize myself with a LOAD of new abbreviations!
Abbreviations :
ACL – access control lists
AD CS – active directory certificate services
AD DS – active directory domain services
AD FS – active directory federated services (Trustbridge)
AD LDS – active directory lightweight directory services
AD RMS – active directory rights management services
ADSI – active directory service interfaces
API – application programming interfaces
APIPA – automatic IP addressing
AXFR – full (DNS) zone transfer (all the data in the DNS database)
BIND – Berkley internet name domain, SW for DNS servers
BOOTP – bootstrap protocol, for DHCP
CHAP – challenge handshake authentication protocol, for iSCSI
CNAME – alias record, or a canonical name, DNS record entry
DISM – deployment image servicing and management
DDNS – dynamic DNS standard, DNS DB is automatically build and may be updated by DNS clients
DHCP – dynamic host configuration protocol
DN – distinguished names, unique name under the AD (defines the complete path from the top of the tree to the object)
DNS – domain name system, resolves a name to a IP address, RFC 1034+1035, do NOT map directly to AD domains
DNSSEC – DNS security extensions
DORA – discover, offer, request, acknowledge – DHCP process list
EFI – extensible firmware interface
FQDN – fully qualified domain name (computer name + domain name)
FSMO – flexible single-master operations
GPT – GUID partition table (newer partition style for HDDs)
GUID – globally unique identifiers, under AD
HBA – host bus adapter
IANA – Internet Network Information Center
ICANN – internet corporation for assigned names and numbers
ICMP – internet control message protocol, ping command
IETF – Internet engineering task force
IFM – install from media
IIS – Microsoft web server (internet information services)
IHV – independent HW vendor
IN – Internet class, zone class in a DNS record
IPAM – IP address management
IPsec – internet protocol security
iSCSI – internet small computer system interface (port 3260), block level storage access
iSNS – internet storage service name, finds iSCSI storages on a network
IXFR – incremental (DNS) zone transfer
JET – joint engine technology, database technology used in DHCP servers
KCC – knowledge consistency checkers, part of the AD for application data replication
KDC – Kerberos distribution center
LBFO – load balancing and failover
LDAP – lightweight directory access protocol
LUN – logical unit number, used in storages
MADCAP – multicast address dynamic client allocation protocol, protocol that controls multicasting
MBR – master boot record (older partition style for HDDs, bootable)
MMC – Microsoft management console
MPIO – multipath I/O
MSA – managed service accounts
MX – mail exchange record, part of a DNS record
NAP – network access point
NAP – network access protection
NAS – network attached storage, file level access, NFS, CIFS, HTTP protocols
NDDNS – non-dynamic DNS does not automatically populate the DNS database
NIC – network interface controller
NLB – network load balancing
NOS – network operating systems
NPIV – N port identification virtualization, FC facility
NS – name server
NTFS – Windows NT (new technology) file system
PDC – primary domain controller
PIN – personal identification number
PKI – public key infrastructure
PTR – pointer record, a DNS entry for a reverse DNS zone (mapping IP address to a hostname)
PXE – preboot execution environment
RAID – redundant array of independent discs
RDN – relative distinguished name, part of a AD
ReFS – resilient file system
RFC – request for comments, documents that regulate IT
RODC – read-only domain controller, a full copy of a Active Directory DB, without the write ability to write in AD
RR – resource record, information about a DNS zone
RRSIG – digital signature
SOA – start of authority, part of a DNS record, defines general zone parameters
SID – security identifier, a value that uniquely identifies a security principal in AD
SPN – service principal name
SRV – service record, part of a DNS record
SSL – secure socket layer
SSO – single sign-on
SSP – security support provider
SSPI – security support provider interface
TCP/IP – transmission control protocol/internet protocol
TLD – top level domain(s), directly under a root “.” domain
TLS – transport layer security
TTL – time-to-live, how long the record is valid (how long it may be cached, before making another query)
UDP – user datagram protocol
UPN – user principal name, under AD
VDI – virtual desktop infrastructure
VDS – virtual disk service, application for managing all storage devices
VID – virtual infrastructure driver
VHD – virtual hard disc
VLSM – variable length subnet masking
VM – virtual machine
VPN – virtual private network
VSP – virtual service provider
WAN – wide area network
WBF – windows biometric framework
WDS – Windows deployment services
WINS – Windows internet name service, MS TCP/IP name resolving, old and now abandoned (Win 2000 onward)
WSUS – windows server update services
WWN – world wide name

Posted in WIN | Tagged , | Comments Off on WIN 2012 R2 abbreviations

ITIL Service Strategy and/or Service Offerings and Agreements

Since I have passed ITIL CSI (!!!!!), I am going for the next exam.
New abbreviations :
ASP – application service provider
BIA – business impact analysis
BMP – best management practice
BPO – business process outsorcing
BU – business unit
DIY – do it yourself
FMEA – failure modes and effect analysis
IRR – internal rate of return, a discounted cash flow method
KPO – knowledge process outsorcing
MoP – management of portfolios
MoR – management of risks
MoV – management of value
MSP – management successful programmes
NPV – net present value
ROI – return on investment, financial benefits
ROIC – return on invested capital
SIP – service improvement plan
SPI – service provider interface
SSU – shared business unit
TCO – total cost of ownership
VOI – value on investment VOI=financial value+intangible benefits

Some definitions :
Effective – conforms to a set norm, repeatable, measurable, managable, achieves the required outcome
Efficient – activities can be carried out with a minimum use of resources
Output – refers to a specific level of service, NOT a business objective.
Outcome – when business is able to perform activities which meet business objectives.
Economic value – total value that the customer perceives the service to deliver.
Aggregation – centralized services resulting in a single type II service provider
Insourcing – going to a type I or II of a IT service provider
Disaggregation – decentralization resulting in a number of type I IT service providers
Outsourcing – IT services sourced from outside (type III provider)
Service archetype – basic building blocks for services
Discounted cach flow – the fluctuation in the value of income and expenditure over a period of time.

Posted in ITIL | Tagged , | Comments Off on ITIL Service Strategy and/or Service Offerings and Agreements

SNMP connectivity

I have problems with a WIN Vista machine, so WinRM can not be used. I am instead using SNMP.
Problem is, that it is not available through RD, and I am checking ports.
Check-ups :
How to check open ports (take care, these are only TCP ports) :
# nmap -sT -O
If I want to check UDP ports too :
# nmap -sU -p 161

Check direct SNMP connectivity (from a Linux machine) :
# snmpwalk -v2c -c SNMP-community
In paralell see also :
# tcpdump -vv -n -tttt -i eth3 |grep

Check SNMP connectivity from WIN 7 machine :
Which tools I have tried :
(Must be done : Start > Run > services.msc, then look into the properties of “SNMP service”, Navigate to “Security” tab, and try to set to “Accept SNMP packets from any host” to ask itself)
1. Net-SNMP – a bit older but it works
2. iReasoning MIB browser (free version) – works
3. PowerSNMP – not able to install it
4. Snmpwalk.exe (link) – this is only a file you put on WIN 7, and is used from a command line, and this is somehow the most comfortable for me :
>SnmpWalk.exe -c:SNMP-community -r:

Posted in WIN | Tagged , | Comments Off on SNMP connectivity

Crochet 60 : my pilates bag

This is a messenger bag, worn over one shoulder, across the body. I am planning it for my things when I go to my pilates class.
It has also means to be “locked up”.

Posted in Relaxation | Tagged , , | Comments Off on Crochet 60 : my pilates bag

Query from WIN 7 to AD DC server

1. Command “net group” may be used only directly on AD server
2. Iz komandne linije (koja je OBAVEZNO otvorena kao user pod željenim domenom) pustiti komandu :
“C:\Windows\System32\rundll32.exe” dsquery.dll,OpenQueryWindow
Koja otvara prozor sa upitima :

I to daje priličnu količinu podataka koji su povučeni sa AD-a.
ALI ne daje korisnički user, što mi treba radi upita kroz PHP skripte.
3. Podatak o username-u sa na kraju dobila korišćenjem upita sa nivoa Linux-a :
# ldapsearch -h IP-AD -x -D “veldaebel@moj.domen” -b “dc=moj,dc=domen” -W “(cn=petar petrovic)”
4. Postoji gomila free GUI tool-ova za WIN 7 za pretragu AD zapisa :
a) LDAPExplorerTool 2 – radi, ali daje samo “drvo” bez opcija pretrage (link)
b) Softerra LDAP Browser 4.5 (link) – mnogo opcija (što je malo zbunjujuće), ali deluje dobro i daje mi potrebne podatke!

Posted in WIN | Tagged , | Comments Off on Query from WIN 7 to AD DC server