The following is done from Microsoft Outlook:
1. On the Tools menu, click Rules and Alerts.
2. In the Rules and Alerts dialog box, click the New Rule button on the E-mail Rules tab.
3. In the Rules Wizard, click the Start from a blank rule button, click Check messages when they arrive, and then click Next.
4. Under Which condition(s) do you want to check?, click to select the Sent Only To Me check box or any other check box that you want, and then click Next.
5. Under What do you want to do with the message?, click to select the Have server reply using a specific template check box.
6. On the Step 2: Edit the Rule Description page of the wizard; click the underlined phrase a specific message.
7. Compose a reply message in the Outlook Editor window. Fill in the subject field, click save and close.
8. Complete the Rules Wizard instructions, click Finish, and then click OK.
Since this is a server based rule, we don’t have to keep the outlook open in order for the rule to be applied.
Note: By default exchange doesn’t allow automatic reply message to be send to external user. You must allow it through Exchange System Manager.
Sunday, February 17, 2008
Networking Infrastructure in Windows 2008 – What’s new?
>Installation
Simplified windows configuration
All versions are available in single DVD. Choose which version during installation.
After Installation we can configure the server through Initial Configuration Task Overview.
(Setup the administrator username & password, IP, domain/workgroup, windows update, windows firewall, etc)
Have configurable Server Roles and Features.
All configurations are done through Server Manager Console.
Example of Server Roles: AD Domain Service, DNS, DHCP, File Server, etc
Example of Features: Failover Clustering, Storage Manager for SAN, etc
>Networking
Truly support IPv6 – 128 bit
Network Access Protection availability
Non-comply computer can be directed to isolated segment or denied access
>Server Core Installation
No GUI
For Installation of Role Functionality in Windows 2008
We cannot install other application here.
For better performance and security
>Windows backup
VSS enable on Drive directly
Backup to Bootable CD/DVD
Default backup schedule is full + incremental
>Windows Deployment Service
The Next of RIS
For Installing OS and or Application
Several Image type: Boot Image, Install Image, Capture Image, Discover Image
>Windows Server Virtualization
The Next of Virtual Server 2005
Differencing support on VHD files
Virtual Network use VLAN ID for better performance
Dedicated Processor/RAM blocking on WSV for certain Guest Computer
Support x-64 guest OS
>Clustering & NLB
No more need for a VLAN for geo clustering
No 500 ms limitation for heartbeat
Simplified windows configuration
All versions are available in single DVD. Choose which version during installation.
After Installation we can configure the server through Initial Configuration Task Overview.
(Setup the administrator username & password, IP, domain/workgroup, windows update, windows firewall, etc)
Have configurable Server Roles and Features.
All configurations are done through Server Manager Console.
Example of Server Roles: AD Domain Service, DNS, DHCP, File Server, etc
Example of Features: Failover Clustering, Storage Manager for SAN, etc
>Networking
Truly support IPv6 – 128 bit
Network Access Protection availability
Non-comply computer can be directed to isolated segment or denied access
>Server Core Installation
No GUI
For Installation of Role Functionality in Windows 2008
We cannot install other application here.
For better performance and security
>Windows backup
VSS enable on Drive directly
Backup to Bootable CD/DVD
Default backup schedule is full + incremental
>Windows Deployment Service
The Next of RIS
For Installing OS and or Application
Several Image type: Boot Image, Install Image, Capture Image, Discover Image
>Windows Server Virtualization
The Next of Virtual Server 2005
Differencing support on VHD files
Virtual Network use VLAN ID for better performance
Dedicated Processor/RAM blocking on WSV for certain Guest Computer
Support x-64 guest OS
>Clustering & NLB
No more need for a VLAN for geo clustering
No 500 ms limitation for heartbeat
Active Directory in Windows Server 2008 – What’s new?
Ø Active Directory Role in Windows Server 2008
o Active Directory Domain Services (ADDS) – this is like the current AD
o Active Directory Certificate Services (ADCS)
o Active Directory Federation Services (ADFS) – for possible access between two different organization
o Active Directory Lightweight Directory Services (ADLDS) – this is like ADAM in Windows 2003
o Active Directory Rights Management Services (ADRMS)
o Active Directory Read Only Domain Controller (ADRODC) – truly new feature
Ø ADLDS contains customize AD attribute, mainly use for application in DMZ and it is read only too. No authentication and doesn’t support exchange.
Ø ADRMS – for Intranet, Website, Email, and document
Ø For RODC implementation must have at least Windows Server 2003 forest functionality and one Windows Server 2008 DC
Ø By default RODC doesn’t keep password. A password replication policy must be setup. PDC emulator on the Domain must run on Windows Server 2008.
Ø Local Administrator can be set on RODC without giving access to Active Directory.
Ø Improved Auditing in AD
o Directory Service Access (current)
o Directory Service Change
o Directory Service Replication
o Detailed Directory Service ReplicationAuditing is not setup by default. When it’s enable, it can track AD object creation, deletion, modify, or movement.
o Active Directory Domain Services (ADDS) – this is like the current AD
o Active Directory Certificate Services (ADCS)
o Active Directory Federation Services (ADFS) – for possible access between two different organization
o Active Directory Lightweight Directory Services (ADLDS) – this is like ADAM in Windows 2003
o Active Directory Rights Management Services (ADRMS)
o Active Directory Read Only Domain Controller (ADRODC) – truly new feature
Ø ADLDS contains customize AD attribute, mainly use for application in DMZ and it is read only too. No authentication and doesn’t support exchange.
Ø ADRMS – for Intranet, Website, Email, and document
Ø For RODC implementation must have at least Windows Server 2003 forest functionality and one Windows Server 2008 DC
Ø By default RODC doesn’t keep password. A password replication policy must be setup. PDC emulator on the Domain must run on Windows Server 2008.
Ø Local Administrator can be set on RODC without giving access to Active Directory.
Ø Improved Auditing in AD
o Directory Service Access (current)
o Directory Service Change
o Directory Service Replication
o Detailed Directory Service ReplicationAuditing is not setup by default. When it’s enable, it can track AD object creation, deletion, modify, or movement.
How to audit Active Directory account management in Windows 2003?
The following was taken from one of conversation on Microsoft Managed Newsgroup.
By default, Windows Server 2003 system ships the following Audit policies:
> Audit account logon event
> Audit account management
> Audit directory service access
> Audit logon events
> Audit object access
> Audit policy change
> Audit privilege use
> Audit process tracking
> Audit system events
To audit add/deleting events, you may open Default Domain Controller Policy, locate Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy, enable "Audit account management" with Success.
After that, when a new user is created on a domain controller, the following event will be logged:
Event ID: 624
Type: Success Audit
Description: User Account Created:
New Account Name: %1 New Domain: %2
New Account ID: %3 Caller User Name: %4
Caller Domain: %5 Caller Logon ID: %6
Privileges %7
When an existing user is deleted on the domain controller, the following event will be logged:
Event ID: 630
Type: Success Audit
Description: User Account Deleted:
Target Account Name: %1 Target Domain: %2
Target Account ID: %3 Caller User Name: %4
Caller Domain: %5 Caller Logon ID: %6
Privileges %7
We can monitor event 633 and 632 which records security enabled global group membership removed/added.
E.g. you, domain\administrator1 have removed/added user1 from/to group1.
And the following events will be recorded.
Event ID: 633 (logged when you remove a user from a security group)
Type: Success Audit
Description: Security Enabled Global Group Member Removed:
Member Name: CN=user1,CN=Users,DC=domain,DC=com.
Member ID: domain\user1
Target Account Name: domain\administrator
Target Domain: Domain
Target Account ID: domain\group1
Caller User Name: administrator1
Caller Domain: domain
Event ID: 632 (logged when you add a user from a security group)
Type: Success Audit
Description: Security Enabled Global Group Member Added:
Member Name: CN=user1,CN=Users,DC=domain,DC=com.
Member ID: domain\user1
Target Account Name: domain\administrator
Target Domain: Domain
Target Account ID: domain\group1
Caller User Name: administrator1
Caller Domain: domain
We can audit who at what time, modifies which attribute of the user. But we cannot see what's the
Workstation or what's the application. To audit the property change issues, follow the below steps:
1. Enable the Auditing for Directory Services Access for Success in the Default Domain Controller Policy.
2. Go to the Security of the User account you want to audit and Enabled the Auditing for WRITE ATTRIBUTES for Everyone.
We will get the 566 event when any one will change any Attribute like
Event Type: Success Audit
Event Source: Security
Event Category: Directory Service Access
Event ID: 566
Date: 07/06/2007
Time: 11:14:56
User: ALPINESKIHOUSE\t1
Computer: ASH-DC1
Description:
Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: user
Object Name: CN=t6,CN=Users,DC=alpineskihouse,DC=com
Handle ID: -
Primary User Name: ASH-DC1$
Primary Domain: ALPINESKIHOUSE
Primary Logon ID: (0x0,0x3E7)
Client User Name: t1
Client Domain: ALPINESKIHOUSE
Client Logon ID: (0x0,0x67A9AEE)
Accesses: Write Property
Properties:
Write Property
Public Information
Department
user
Additional Info:
Additional Info2:
Access Mask: 0x20
For more information, see Help and Support Center at
3. Now to check on which DC the change was initiated you can take the
Repadmin report as Follow
Repadmin /showmeta "DN OF THE USER" and you can see the Originating DC and the timestamp.
By default, Windows Server 2003 system ships the following Audit policies:
> Audit account logon event
> Audit account management
> Audit directory service access
> Audit logon events
> Audit object access
> Audit policy change
> Audit privilege use
> Audit process tracking
> Audit system events
To audit add/deleting events, you may open Default Domain Controller Policy, locate Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy, enable "Audit account management" with Success.
After that, when a new user is created on a domain controller, the following event will be logged:
Event ID: 624
Type: Success Audit
Description: User Account Created:
New Account Name: %1 New Domain: %2
New Account ID: %3 Caller User Name: %4
Caller Domain: %5 Caller Logon ID: %6
Privileges %7
When an existing user is deleted on the domain controller, the following event will be logged:
Event ID: 630
Type: Success Audit
Description: User Account Deleted:
Target Account Name: %1 Target Domain: %2
Target Account ID: %3 Caller User Name: %4
Caller Domain: %5 Caller Logon ID: %6
Privileges %7
We can monitor event 633 and 632 which records security enabled global group membership removed/added.
E.g. you, domain\administrator1 have removed/added user1 from/to group1.
And the following events will be recorded.
Event ID: 633 (logged when you remove a user from a security group)
Type: Success Audit
Description: Security Enabled Global Group Member Removed:
Member Name: CN=user1,CN=Users,DC=domain,DC=com.
Member ID: domain\user1
Target Account Name: domain\administrator
Target Domain: Domain
Target Account ID: domain\group1
Caller User Name: administrator1
Caller Domain: domain
Event ID: 632 (logged when you add a user from a security group)
Type: Success Audit
Description: Security Enabled Global Group Member Added:
Member Name: CN=user1,CN=Users,DC=domain,DC=com.
Member ID: domain\user1
Target Account Name: domain\administrator
Target Domain: Domain
Target Account ID: domain\group1
Caller User Name: administrator1
Caller Domain: domain
We can audit who at what time, modifies which attribute of the user. But we cannot see what's the
Workstation or what's the application. To audit the property change issues, follow the below steps:
1. Enable the Auditing for Directory Services Access for Success in the Default Domain Controller Policy.
2. Go to the Security of the User account you want to audit and Enabled the Auditing for WRITE ATTRIBUTES for Everyone.
We will get the 566 event when any one will change any Attribute like
Event Type: Success Audit
Event Source: Security
Event Category: Directory Service Access
Event ID: 566
Date: 07/06/2007
Time: 11:14:56
User: ALPINESKIHOUSE\t1
Computer: ASH-DC1
Description:
Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: user
Object Name: CN=t6,CN=Users,DC=alpineskihouse,DC=com
Handle ID: -
Primary User Name: ASH-DC1$
Primary Domain: ALPINESKIHOUSE
Primary Logon ID: (0x0,0x3E7)
Client User Name: t1
Client Domain: ALPINESKIHOUSE
Client Logon ID: (0x0,0x67A9AEE)
Accesses: Write Property
Properties:
Write Property
Public Information
Department
user
Additional Info:
Additional Info2:
Access Mask: 0x20
For more information, see Help and Support Center at
3. Now to check on which DC the change was initiated you can take the
Repadmin report as Follow
Repadmin /showmeta "DN OF THE USER" and you can see the Originating DC and the timestamp.
Sunday, February 10, 2008
Windows 2000/2003 Active Directory Deployment Guideline
When you are deploying active directory in a large environment especially in multiple domain and multiple site, there’s a lot of thing to be done.
Depends on your design, here are among a few top important things that you must configure/remember during the Deployment:
Ø Recommended to place Global Catalog on each site.
Ø Don’t put Global Catalog and Infrastructure Master Role on the same Domain Controller server.
Ø Create a proper subnet, site, and Site Replication Path on Active Directory Sites and Services console.
Ø For child domain configuration, set DNS delegation from root domain.
Ø Choose Active Directory Integrated DNS type.
Ø Enable, configure, and authorize DHCP server for each site if needed.
Ø Enable WINS for NETBIOS names resolution if needed.
Depends on your design, here are among a few top important things that you must configure/remember during the Deployment:
Ø Recommended to place Global Catalog on each site.
Ø Don’t put Global Catalog and Infrastructure Master Role on the same Domain Controller server.
Ø Create a proper subnet, site, and Site Replication Path on Active Directory Sites and Services console.
Ø For child domain configuration, set DNS delegation from root domain.
Ø Choose Active Directory Integrated DNS type.
Ø Enable, configure, and authorize DHCP server for each site if needed.
Ø Enable WINS for NETBIOS names resolution if needed.
Subscribe to:
Posts (Atom)