The following are some tips to optimize your Solid State Drive (SSD) on a Windows (7 or 8) machine.
1. Verification of ACHI Mode
Make sure your SATA controller is set to AHCI mode (you can do so in your BIOS). AHCI is needed for native TRIM support in Windows 7. It’s recommended to run your SSD in AHCI mode to enable TRIM to do its job.
Click on the Start > Control Panel > Device manager > IDE ATA/ATAPI controllers > Locate an AHCI controller > If present, the system is in ACHI mode, if not, the system is currently not in ACHI mode.
2. Check TRIM
TRIM should be automatically enabled in Win 7, but if want to double check, follow these steps:
Click on the Start Menu > Type CMD in the search box > Right click CMD icon > Run as Administrator > Type the following command: “fsutil behavior query DisableDeleteNotify”, Press Enter.
If the result is “0″, TRIM is working properly.
If the result is “1″, TRIM is disabled. Continue reading “SSD Optimization in Windows”
Weekly or bi-weekly Active Directory Health Checks are an important part of a Microsoft SysAdmin’s responsibility. Busy or inexperienced SysAdmin’s often overlook some of the important Health Check steps or don’t do them at all. Taking the time to routinely review and assess your Microsoft Active Directory is the difference between a proactive SysAdmin and a reactive SysAdmin.
First of all, monitoring the Windows Event Viewer is a must. Take the time to check through all of the Event Log queues including the Application, Security and System log. On Domain Controllers the DFS Replication, Directory Service and DNS Server logs should also be reviewed. Leverage the sort and error fields to filter out the information you don’t need to see.
Next, run command line diagnostics and pipe the results to a text document for in-depth review. This allows you to analyze the results in detail and compare results after you’ve fixed any issues you identify. Its also much easier to read the logs in a NotePad++ window and search for events then trying to dig through command line output.
The following reports can be ran from the Windows command prompt:
This report will identify issues with domain controllers and any services associated with them:
C:\>dcdiag.exe /v >> c:\pre_dcdiag.txt Continue reading “Active Directory Health Check”
To import a Certificate Signing Request (CSR) into a Windows Certificate Authority Server, you must define a certificate template. OpenSSL does not do this because this is a Microsoft only concept. With the use of the Windows ‘certreq’ command, you can apply a template type during the request import process. This command should be available on your Microsoft CA server.
C:\>certreq -submit -attrib "CertificateTemplate:WebServer" request.csr
An alternative method for importing CSR’s to Microsoft CA can be found here.
To reduce the risk of compromising sensitive data hosted on your server, you might want to implement special security measures that comply with the Payment Card Industry Data Security Standard (PCI DSS). The standard is intended to help organizations protect customer account data and enhance system security.
Parallels has released a comprehensive PCI Compliance guide for the Plesk hosting panel for both Windows and Linux. A full PDF copy is available here and an online version is available here.
I recommend using Parallels guide as it is maintained inline with industry standards.
To use email alerts, you need to first configure SEPM to use your email server, then configure the alerts as needed.
Configure SEPM to connect to the email server:
- In the Symantec Endpoint Protection Manager console, click Admin.
- Click Server panel.
- Select the Management Server for which you wish to configure the email server and go to Edit Server Properties..
- In the Server Properties dialog box, click the Mail Server tab.
- Enter the Server Address, which would be an IP address, host name, or domain name of the email server.
- Enter the Port Number for the email server that sends the notifications.
- Enter the User name of the account on the email server. If you want to configure administrator email notifications, you should use the format [email protected] in this text box. If the text box is left blank, [email protected] name sends the notifications.
- Enter a Password of the account on the email server. This field is mandatory if the email server requires authentication.
Configure email alerts:
- Click Monitors.
- Click Notifications tab.
- Click the View Notifications button.
- Click the Notification Conditions button. Continue reading “Setup email alerts for Symantec Endpoint Protection Manager (SEPM)”