On your domain connected Windows 8 workstation open an elevated Command Prompt (Command Prompt (Admin)) and run the following commands:
cd /d %windir%\winsxs
dir *.admx /s /b > %USERPROFILE%\Desktop\admx.txt
dir *.adml /s /b | find /i "en-us" > %USERPROFILE%\Desktop\adml_en-us.txt
FOR /F %i IN (%USERPROFILE%\Desktop\admx.txt) DO copy %i %USERPROFILE%\Desktop\PolicyDefinitions\
FOR /F %i IN (%USERPROFILE%\Desktop\adml_en-us.txt) DO copy %i %USERPROFILE%\Desktop\PolicyDefinitions\en-US\
This will copy all of the new templates from your Windows 8 machine to the GPO location.
Logon to your Domain Controller and browse to c:\Windows\ and rename PolicyDefinitions to PolicyDefinition.pre-8 then copy the PolicyDefinitions folder you just created on your desktop to your domain controller in c:\windows\. Finally open the group Policy Editor to access the new, upgraded templates.
Note: This process can also be used to import Windows Server 2012 templates into a Windows Server 2008 R2 based domain.
To change your User Profile picture in Windows Server 2012 the “Desktop Experience” feature is required. Desktop Experience provides a similar interface experience to Windows 8. The ‘Desktop Experience’ feature can be added under the Server Manager -> Features.
To install the Desktop Experience:
1. Select ‘Manage’
2. Select ‘Add Roles & Features’
3. Select ‘Role-based or feature-based installation’
4. Select (local server)
5. Select ‘Features’ on the left hand menu
6. Scroll down and select ‘User Interfaces and Infrastructure’
7. Check the ‘Desktop Experience’ box
8. Click ‘Install’
9. Once the installation completes you will need to reboot your server.
Once your server has rebooted, login and you will now have Windows 8 desktop functionality as part of your Windows Server 2012. Features and functionality are outlined here.
From time to time its necessary to have the Dell Service tag for a server in order to download updated software, drivers and to request onsite service in the event of a hardware failure. The Dell Support Site shows the physical location of the service tag and express code stickers for various Dell hardware models.
In the event you don’t have physical access to a server you can request the service tag at the OS level using the following commands for Linux and Windows:
Login to the Windows remote-host using Remote Desktop or VNC then use the Windows Management Instrumentation (WMIC) to quiery the service tag:
C:\>wmic bios get serialnumber
Following WMIC syntax will provide the service tag along with the model number of the server:
C:\>wmic csproduct get vendor,name,identifyingnumberIdentifyingNumber Name Vendor
ZZDDEE7 PowerEdge R710 Dell Inc.
Alternatively, you can remotely query the Service Tag of a remote server as long as you have login credentials available to you:
C:\>wmic /user:administrator /node:remote-host bios get serialnumber
Login to the remote Linux server using SSH then use dmidecode to query the service tag:
[server]# dmidecode -s system-serial-number
Alternatives for Linux are outlined here.
Here are some quick tips on how to harden a Microsoft IIS web server for production use:
1. Enable SSL
When possible, configure your web server and sites to utilize an SSL certificate. SSL will protect client-server communication. Instructions on how to configure SSL in IIS can be found at: http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis
2. Disable Weak SSL and TLS Ciphers
Paste the following registry configuration into a text file:
Windows Registry Editor Version 5.00
"Enabled"=dword:00000000 Continue reading "Hardening a Microsoft IIS Web Server"
Find and removing old user and computer accounts from Active Directory is an important part of Active Directory maintenance. Removing unused and expired account is important in order to optimize and secure your Active Directory environment.
PowerShell is a powerful scripting environment for Windows which can be used for this type of maintenance but first you all you need to install the Active Directory Powershell tools:
1. Click Start -> All Programs -> Accessories -> Windows PowerShell -> Windows PowerShell
2. At the command prompt type:
3. Once the module install is complete, confirm its available by running:
Get-Module -ListAvailable | select-string -pattern "Active"
Once you have installed the Active Directory PowerShell commands you may use the following syntax to search for computers which haven’t logged in for 6 or more months: Continue reading “Removing Old Active Directory Accounts”