4sysops focuses on Windows administration. You´ll find reviews of management tools, tips for admins, and IT news.
Subscribe via RSS:
Follow on Twitter:
Subscribe via e-mail:
The blogosphere thirsts after every little bit of Windows 8 news. Every new wallpaper or secret app list is a sensation. And of course, with today's release of the Consumer Preview, the blogosphere will go crazy. This reminds me of the hype during the Vista alpha and beta phases. And you probably remember what happened afterwards. However, Windows 8 has more in common with Microsoft's biggest success, Windows 95.
When the first reports started to trickle in, that 10-year-old web cams and quite a few Windows 3.11 programs somehow didn’t appreciate Windows Vista, the blogosphere verdict quickly swung back to the other extreme. Claiming that Vista is a mess was the best way to show the world that you are really a geek. Even PC blog stars like Chris Pirillo suddenly claimed that Macs are much cooler anyway and drew big applause from the nerd community. I also met quite a few people who didn’t have the slightest idea about IT, Windows, or computers in general but who told me stone-faced and in geek parlance that Microsoft really messed up this time. I mean, everyone knew that, right?
Together with the Windows 8 Consumer Preview and the Windows Server 8 beta Microsoft released quite a few interesting white papers for IT pros. This post contains all links. It appears there is lots of new stuff to learn.
Also interesting:
Before Windows 8? Microsoft has a problem. Is that so? Ok, my next laptop will be a Samsung or Asus then. If he removes the gray sweater he would wear the Steve CEO uniformThis guide about Administrative Audit Logging in Exchange 2010 explains how to enable this new feature, search the audit log, and write to the audit log.
The Administrative Audit Logging feature is one of the great additions to Exchange 2010. A short time ago, I wrote about eDiscovery which utilizes litigation hold. Administrative auditing is in that similar vein of thinking but, in my opinion, is geared more towards a change control mentality. This feature can be equally useful for small, single administrator environments as well as larger environments where several admins have their hands in the cookie jar.
Administrative Audit Logging takes advantage of the fact that all Exchange Management Console (EMC) activities are actually running Exchange Management Shell (EMS) cmdlets in the background for you. Admin audit logging simply keeps a log of any change you perform that creates, modifies, or removes anything in Exchange. Any cmdlet beginning with Get- or Search- is notlogged by default.
In the last post we summarized the content underlying domain 2, subobjective 4 (“Configure Active Directory Replication”) in the Microsoft 70-640 Active Directory Configuration certification exam blueprint. Today we will provide a sample practice question along with a detailed explanation and analysis.
You are an Active Directory architect for your organization. The domain consists of two sites, each of which contains three Windows Server 2008 R2 domain controllers.
You take a domain controller named DC01 offline for maintenance, and you note that intersite Active Directory replication immediately fails. You run repadmin /kcc in both sites to force the KCC to run on all DCs, yet intersite replication still fails.
Which of the following statements best explains the root cause of this problem?
A. The sites use the SMTP replication transport instead of RPC over IP.
B. DC01 is configured as the preferred bridgehead server for its site.
C. Kerberos V5 authentication is not in use in the domain.
D. Site link bridging is disabled.
In this article we will review the subject area “Configure Active Directory Replication” from the Microsoft 70-640 certification exam objective.
In this series, we will move through the content blueprint of the Microsoft Windows Active Directory Configuration (70-640) exam objectives with an eye toward preparing you to pass this Microsoft Certified Technology Specialist (MCTS) exam.
Microsoft Exam 70-640 – Configure Active Directory Replication/ Domain 2, Subobjective 4
The screenshot above shows the relevant section from the 70-640 exam blueprint on configuring Active Directory Domain Services (AD DS) sites.
The free edition of Altaro Hyper-V Backup is a perfect backup software for small Hyper-V deployments. The free Hyper-V backup tool supports live backups, ReverseDelta ™, and Volume Shadow Copy Service (VSS).
Submitted by David Vella – Blog: Altaro Blog for Hyper-V & Windows Administration
Altaro Hyper-V Backup
(1 votes, average: 4.00 out of 5)
Loading ...In the last implementation of this tutorial I will give you some tips on how to deploy AppLocker.
Now that you’ve established your rules, tested them in Audit mode, and also tested them in Enforce mode, you’re ready to start deploying AppLocker to all of your computers. In your GPO, go to Computer Configuration > Policies > Windows Settings > Security Settings > System Services and find the Application Identity Service. Double-click it, click the checkbox next to Define this policy setting, and set the startup mode to Automatic. This will change the Application Identity Service so that it starts automatically and will start the service at the next policy refresh.
AppLocker – Enable Application Identity Service in GPMC
At this point, you should have a list of AppLocker rules that you’re ready to test. Part 3 of this AppLocker guide shows you how.
Go back into your GPO and go to Computer Configuration > Policies > Windows Settings > Security Settings > Application Control Policies > AppLocker. Right-click on AppLocker and choose Properties. Check the box next to Configured for each area of AppLocker that you’ll be testing and change the pull-down to Audit only. This will log all of the rule results to the Event Log without actually blocking any applications.
AppLocker – Properties Audit
100 ns resolution! Only way to prove browser performance diffs 
In part 2 of this tutorial I discuss a few best practices that you should take into account when you prepare the final set of your AppLocker rules.
By now, you should have a pretty long list of rules that have been generated by the GPMC. I would consider these rules as a starting point and not something you should use in production. If you’ve looked through the list, you’ll notice that there is a lot of redundancy. If you scanned the entire C:\ drive, you may also notice some things that you actually want to block with AppLocker. Here are some things I did to clean up my rules:
If you’re going to use the default rules, you should be able to pare down some of the rules that were automatically generated. You don’t need 100+ rules for executables in the Windows or Program Files folder if you’re already allowing everything in those folders to execute.
Most of the reputable software companies like Microsoft, Adobe, Citrix, Cisco, VMware, etc. do a relatively good job at digitally signing their executables. Several of these companies tend to have their installers end up in temporary folders inside of AppData that will be blocked if you don’t include a Publisher rule. Instead of allowing Adobe Reader, Acrobat, Illustrator, Photoshop, InDesign, etc. individually, you can use a publisher rule that allows anything digitally signed by Adobe.
© 2006-2012, 4sysops