See this article: Integrating Cisco devices CLI access with Microsoft NPS/RADIUS
Should be cheaper than Cisco’s ACS or ISE systems for small to medium 50-1000 user/computer organizations.
Think about PCI/DSS (3.0) when analyzing cost/risk/liability/brand reputation.
# Remote Desktop Service (RDS) certificate for Windows VERSION 6.2 and 6.3
# This works on Windows 7, 8, and 8.1 Professional and Enterprise Editions, for both 32-bit and x64 CPUs.
# All of this required Administrator level “elevated” privileges. If you don’t know what that means or how to get an “Administrator:Command Prompt” then stop and find a different guide.
# 1) Add SHA1RSA certificate to “Run”
-> certlm.msc -> Certificates Local Computer -> Personal -> Certificates
# 1.1) Windows 7 does not have
certlm.msc. Use mmc.exe and the Certificates snap-in for the “local computer” and then continue on to step 2).
# 2) Get the cert hash(sha1) “thumbprint”
certutil.exe –store my example.com | findstr /r "Subject: Cert.Hash"
# Subject: CN=*.example.com, OU=Domain Control Validated
# Cert Hash(sha1): ff 65 98 ff d0 a9 ff f1 70 ff 53 2b ff dd 3d ff eb 22 ff 0a
# 3) Verify the subject line is the correct certificate and then cleanup the “thumbprint” hash by removing all space characters
# 4) The networkdriver has the right to read the sha1 thumbprint of the certificate from a BINARY registry key:
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\SSLCertificateSHA1Hash = <thumbprint>
# Example reg hack
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v "SSLCertificateSHA1Hash" /t REG_BINARY /d ff6598ffd0a9fff170ff532bffdd3dffeb22ff0a
# Only change this only as a last resort!
# 5) The revocation-list may need to be constrained to the local list with DWORD key if no CRL is available.
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors = 1
# Example reg hack
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Credssp" /v "UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors"/t REG_DWORD /d 1
This is the Dell “PC-on-a-Stick”: http://www.dell.com/us/business/p/cloud-connect/pd?~ck=anav
Use the Dell Cloud Client Manager server for $22 a year per device: https://www.cloudclientmanager.com/
New-SmbMapping command to map a remote network share to a local drive letter.
New-SmbMapping -LocalPath Y: -RemotePath \\server\ShareName
Please see this documentation for the installation of VMware Tools on Cisco Unified Communications (UC) servers.
The Outlook Add-In can be download from this page: http://research.microsoft.com/en-us/downloads/60860f41-88ab-4bb4-8104-765feca9cfed/default.aspx
The primary function of this add-in is to add a few buttons to the Outlook ribbon to prevent people from replying to all the recipients of your message or forwarding it, etc. The add-in uses a facility built into Outlook and Exchange that is more lightweight than information-rights management but is not exposed in the existing UI. The add-in also includes a check for common email errors, such as omitting attachments or subject lines.
These are some old and new link for managing business/enterprise Windows system deployment.
I hope to maintain and expand this list/page.
Error in DPM:
“DPM could not enumerate SQL Server instances using Windows Management Instrumentation on the protected computer”
In order to fix the error:
- Login to your database server
- Open Command Prompt and browse to C:\\Program Files (x86)\\Microsoft SQL Server\\100\\Shared
- Run the command: mofcomp sqlmgmproviderxpsp2up.mof
mofcomp C:\\Program Files (x86)\Microsoft SQL Server\\100\Shared\\sqlmgmproviderxpsp2up.mof
The Microsoft CertMgr.exe tool is included in few SDKs like the Windows SDK, Drivers SDK, and with Visual Studios. As of this writing it is a standalone executable and can simply be copied to other computers with requiring installation or other support files. (more…)
To add an IP address to the IP inclusion list
- Click Start, and then click Run.
- Type cmd, and then click OK to open a command prompt.
- Type the following, where xxx.xxx.x.x is the IP address you want to add:
httpcfg set iplisten -i xxx.xxx.x.x
When this succeeds, Httpcfg returns the following:
HttpSetServiceConfiguration completed with 0
To view additional status codes, see the Httpcfg help.
- After the IP address is added, use the following command to list it:
httpcfg query iplisten
Httpcfg returns the following:
- From the command prompt, stop the HTTP service and its dependent services. To do this, type the following string at the command prompt:
net stop http /y
- From the command prompt, restart the HTTP service and it dependent services. To do this, type the following string at the command prompt:
net start w3svc
Note When you start w3svc, all services that were stopped when HTTP was stopped will start.
To uninstall an update, run the following command:
Note The <RTMProductCodeGuid> placeholder represents one of the following GUIDs:
There has been a change to the Named Pipe path of the Window Internal Database (WID) on Windows Servers 2012. The new path uses “tsql” instead of “sql” that has been in all previous versions.
Use this string in the “Server name” field of the “Connect to Server” dialog of the Microsoft SQL Server Management Studio program:
I have run across this issue when installing both the Cisco AnyConnect VPN client and the traditional Cisco VPN client. Once the client is installed and you attempt to establish the VPN connection you might get one of the following messages: “Unable to establish VPN” or “The VPN client driver encountered an error.”
The fix is you need to change the “Display Name” in the registry. Open the following registry key and take out the extra INF stuff at the front of the “Display Name” data. The different VPN clients use different Registry keys.