Core Business

8th September 20158th September 2015 by jonas

Core business

Active directory and various services setup with Windows 2012R2 Core

Setup Server from Template

Run sysprep
Set computer name
Set fix IP Address

Setup the Role

First domain controller –New domain
Additional domain controller
RODC
WSUS
CA
Antivirus Policy Server

Various

Activate Core
Howto manage
RSAT Tools
Firewalling

Setup from DVD/CDRom/ISO

8th September 2015 by jonas

Reduce the VM to the necessary components

CPU 2
Memory 2GB
CD/DVD Drive (Attach the installation ISO at this time)
Network Adapter
A Disk (which is not shown in this view) of 20GB

Install Windows 2012R2 Core

Select your proper Time/currency and Keyboard format

Enter License Code
Select “Windows 2012 R2 Standard (Server Core Installation)”

Choose “Custom: Install Windows only (adv…”
Select the Disk and press
An automatic reboot occures when the setup program is finished installing
On the firs login, windows asks for an Administrator password


Voila: your Core Server

Howto install a certificate from a standalone or non-Windows CA on a Windows 2012R2 Server

20th August 2015 by jonas

Logon to the console of the Windows 2012R2 Core server and execute:

certreq -new C:\temp\request.inf C:\temp\dc01.jbk.local.req

The request.inf file does have the following content:

[NewRequest]

   Subject=”C=CH,S=ZH,L=Zurich,O=Home,OU=IT,CN=dc01.jbk.local”
   PrivateKeyArchive=FALSE
   Exportable=FALSE
   UserProtected=FALSE
   MachineKeySet=TRUE
   ProviderName=”Microsoft RSA SChannel Cryptographic Provider”
   ProviderType=12
   UseExistingKeySet=FALSE
   RequestType=PKCS10
   HashAlgorithm=sha256
   KeyLength=4096
   KeyUsage = 0xF0
   KeySpec=1

[EnhancedKeyUsageExtension]

OID=1.3.6.1.5.5.7.3.1 ; Server Authentication

Submit the CSR (Certificate Signing Request) to the CA

When you get back the signed certificate from your CA, then

certreq -accept C:\temp\dc01.jbk.local.cer

References :

Certreq.exe https://technet.microsoft.com/library/cc725793.aspx

Making bootable USB Sticks out of ISO

2nd July 2015 by jonas

A cool tool to create bootable USB sticks for installations

(most linux and Unix flavors)

http://unetbootin.sourceforge.net/

Howto connect a WII—U to the internet and play games like Splatoon or Mario Cart online

10th June 2015 by jonas

My provider only want to give me one public IP Address and I do have some incoming traffic (Netscaler/Citrix on 443, a Minecraft Server and other).,Fot those reasons, definig the WII as a “DMZ Host” or a portfowarding tcp/udp 1-65535… does not realy fit for me

I want to still keep the rest of the internal network reasonably safe
From various posts on the Internet I learned some ports

TCP 28910 29900 29901 29920 6667 12400 80 443

The NAT Type classification system boils down to a port-assignment policy.

Open NAT means that either the port-assignment policy is minimal or the device has a fully compliant version of UPnP (Universal Plug and Play) enabled by default. Moderate NAT means that the port-assignment policy is minimal, but the device is filtering addresses or ports. Strict NAT means the port-assignment policy is aggressive. How to make router/firewall to be open kind?

To make the firewall/router from strict to open, actually Microsoft′s devices looking for three UDP ports to be properly routed. If you can add following ports to the NAT rules on the router, it will be considered open: UDP port 5060; UDP port 5061; UDP port 3074;