July 22nd, 2008 by shiraj

Transferring the FSMO Roles via Ntdsutil

To transfer the FSMO roles from the Ntdsutil command:

Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality.

1. On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.

Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp. C:\WINDOWS>ntdsutil ntdsutil:

1. Type roles, and then press ENTER.

ntdsutil: roles fsmo maintenance:

Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.

1. Type connections, and then press ENTER.

fsmo maintenance: connections server connections:

1. Type connect to server <servername>, where <servername> is the name of the server you want to use, and then press ENTER.

server connections: connect to server server100 Binding to server100 … Connected to server100 using credentials of locally logged on user. server connections:

1. At the server connections: prompt, type q, and then press ENTER again.

server connections: q fsmo maintenance:

1. Type transfer <role>. where <role> is the role you want to transfer.

For example, to transfer the RID Master role, you would type transfer rid master:

Options are:

Transfer domain naming master Transfer infrastructure master Transfer PDC Transfer RID master Transfer schema master

1. You will receive a warning window asking if you want to perform the transfer. Click on Yes.

2. After you transfer the roles, type q and press ENTER until you quit Ntdsutil.exe.

3. Restart the server and make sure you update your backup

July 22nd, 2008 by shiraj

When implementing Microsoft Exchange Server 2003 in your Active Directory you had to perform an setup /ForestPrep and setup /DomainPrep. With Microsoft Exchange Server 2007 things get a little more complicating since you now have to perform four steps:

• setup /PrepareLegacyExchangePermissions
• setup /PrepareSchema
• setup /PrepareAD
• setup /PrepareDomain or setup /PrepareAllDomains

The last two steps bear a certain resemblance with the ForestPrep and DomainPrep command, where the first two are definitely new. Here’s what they do:

PrepareLegacyExchangePermissions

The setup /PrepareLegacyExchangePermissions command must be run if you have any servers running Microsoft Exchange Server 2003 or Microsoft Exchange 2000 Server and you must run it logged in as a member of the Enterprise Admins group.

Essentially, you must run the setup /PrepareLegacyExchangePermissions command so that the Exchange 2003 or Exchange 2000 Recipient Update Service functions correctly after you update the Active Directory schema for Exchange 2007, because of the new Exchange-Information property set. Here’s a detailed description of the changes made by setup /PrepareLegacyExchangePermissions.

If you’re about to run the PrepareSchema step you might skip this step, because the setup /PrepareSchema command can do it for you. If you add a new domain to your forest and you want to install Exchange Server 2003 or Exchange 2000 Server in this domain, or if users in this domain will log on to mailboxes on Exchange Server 2003 or Exchange 2000 Server servers in other domains, you must run setup /PrepareLegacyExchangePermissions again after you run Exchange Server 2003 or Exchange 2000 Server DomainPrep.

PrepareSchema

The setup /PrepareSchema command performs the Schema Updates needed by Microsoft Exchange Server 2007. Here’s a list of all the changes made by this command in a vanilla Active Directory schema. Of course you can extract more information from the ldf files that are used by the setup program. You must run at is a member of the Enterprise Admins and as a member of the Schema Admins group and you must run this command on a computer that is in the same domain and the same Active Directory site as the schema master.

PrepareAD

The setup /PrepareAD command configures global Exchange objects in Active Directory, creates the Exchange Universal Security Groups (Exchange Organization Administrators, Exchange Recipient Administrators, Exchange View-Only Administrators, Exchange Servers and Exchange2003Interop) in the root domain, and prepares the current domain.

You have to be a member of the Enterprise Admins group to successfully perform this command. If you have existing Exchange Server 2003 servers you also have to be a member of the Exchange Organization Administrators group.

If you haven’t performed the PrepareSchema step the PrepareAD command can make these changes. When your also performing the PrepareAD command with an account that is a member of the Schema Admins group is can perform the PrepareLegacyExchangePermissions command as well.

PrepareDomain

The setup /PrepareDomain, setup /PrepareDomain:Domainname and setup /PrepareAllDomains commands all prepare domains other than the domain where your Schema Master is located. The difference between the commands is the scope in which they operate. You have to be a member of the Enterprise Admins group or you must be a member of the Domain Admins group in any domain that you will prepare.

Conclusion

The system requirements for Microsoft Exchange Server 2007 prohibit you from performing an in-place upgrade of existing Exchange servers. There is also no direct upgrade path to it for servers running Microsoft Exchange Server 5.5 or Microsoft Windows Small Business Server 2000. Companies with Microsoft Exchange 2000 Server on Microsoft Windows 2000 Domain Controllers face an overcomplicated migration scenario.

There are four steps to prepare your Active Directory for Microsoft Exchange Server 2007. In a simple Active Directory configuration (where you only have one domain in one forest) you only have to perform the setup /PrepareAD command and perform it with an account that is member of the Enterprise Admins and the Schema Admins group. (assuming members of the Enterprise Admins group are also members of the Domain Admins group, which is default)

July 9th, 2008 by shiraj

To flush/Delete the ARP cache in windows Vista/XP/2003/2000 follow this procedure

Click on Start—>Run—> type the following command click ok

netsh interface ip delete arpcache

Dynamic ARP cache entries update persist for 2-20 minutes depending on the system.

Windows 2003 Server = 10 minutes

Windows 2000 professional/Server = 10 minutes

Windows XP = 2 minutes

Solaris = 5 minutes

Delete IP address using arp command

arp -d <ip address>

Example

arp -d 10.1.1.2

Display arp table

arp -a

Add static entry to ARP table

arp -s <ip address> <mac address>

Example

arp -s 157.55.85.212 00-aa-00-62-c6-09

July 5th, 2008 by shiraj

My friend wanted to know how to change or convert DHCP network configuration to static configuration. After initial installation, he wanted to change network settings. Further, his system is w/o GUI system aka X Windows. Here is quick way to accomplish the same:

Your main network configuration file is /etc/network/interfaces

Desired new sample settings:
=> Host IP address 192.168.1.100
=> Netmask: 255.255.255.0
=> Network ID: 192.168.1.0
=> Broadcast IP: 192.168.1.255
=> Gateway/Router IP: 192.168.1.254
=> DNS Server: 192.168.1.254

Open network configuration file
$ sudo vi /etc/network/interfacesOR$ sudo nano /etc/network/interfaces

Find and remove dhcp entry:
iface eth0 inet dhcp

Append new network settings:

iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.254

Save and close the file. Restart the network:
$ sudo /etc/init.d/networking restart

Task: Define new DNS servers

Open /etc/resolv.conf file
$ sudo vi /etc/resolv.conf

You need to remove old DNS server assigned by DHCP server:
search myisp.com
nameserver 192.168.1.254
nameserver 202.54.1.20
nameserver 202.54.1.30

Save and close the file.

Task: Test DNS server

$ host cyberciti.biz

Network command line cheat sheet

You can also use commands to change settings. Please note that these settings are temporary and not the permanent. Use above method to make network changes permanent or GUI tool as described below.

Task: Display network interface information

$ ifconfig

Task: Take down network interface eth0 / take a network interface down

$ sudo ifconfig eth0 downOR $ sudo ifdown eth0

Task: Bring a network interface eth0 up

$ sudo ifconfig eth0 upOR$ sudo ifup eth0

Task: Change IP address and netmask from command line

Activate network interface eth0 with a new IP (192.168.1.50) / netmask:
$ sudo ifconfig eth0 192.168.1.50 netmask 255.255.255.0 up

Task: Display the routing table

$ /sbin/route OR$ /sbin/route -n
Output:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
localnet        *               255.255.255.0   U     0      0        0 ra0
172.16.114.0    *               255.255.255.0   U     0      0        0 eth0
172.16.236.0    *               255.255.255.0   U     0      0        0 eth1
default         192.168.1.254   0.0.0.0         UG    0      0        0 ra0

Task: Add a new gateway

$ sudo route add default gw 172.16.236.0

Task: Display current active Internet connections (servers and established connection)

$ netstat -nat

Task: Display open ports

$ sudo netstat -tulpOR$ sudo netstat -tulpn

Task: Display network interfaces stats (RX/TX etc)

$ netstat -i

Task: Display output for active/established connections only

$ netstat -e
$ netstat -te
$ netstat -tue


Where,

• -t : TCP connections
• -u : UDP connections
• -e : Established

Task: Test network connectivity

Send ICMP ECHO_REQUEST to network hosts, routers, servers etc with ping command. This verifies connectivity exists between local host and remote network system:
$ ping router
$ ping 192.168.1.254
$ ping cyberciti.biz

See simple Linux system monitoring with ping command and scripts for more information.

Task: Use GUI (Graphical Configuration) network Tool

If you are new, use GUI configuration tool, type the following command at terminal:
$ network-admin &

Above command is Ubuntu’s GUI for configuring network connections tool.

Final tip – Learn how find out more information about commands

A man page is your best friend when you wanted to learn more about particular command or syntax. For example, read detailed information about ifconfig and netstat command:
$ man ifconfig
$ man netstat

Just get a short help with all command options by appending –help option to each command:
$ netstat --help

Find out what command is used for particular task by searching the short descriptions and manual page names for the keyword:
$ man -k 'delete directory'
$ apropos -s 1 remove

Display short descriptions of a command:
$ whatis rm
$ whatis netstat