Windows Server Hacks: Remotely Enable Remote Desktop

Windows Server Hacks: Remotely Enable Remote Desktop

Remote Desktop is a cool feature of Windows Server 2003 that lets you remotely log on to and work at a machine as if you were seated at the local console (in Windows 2000 Advanced Server, this feature was called Terminal Services in Remote Administration Mode). Remote Desktop can be a lifesaver for fixing problems on servers at remote sites, but what if you forgot to enable the feature before you shipped the server out to Kalamazoo? Enabling Remote Desktop is easy if the server is in front of you: just log on as an administrator, open System in Control Panel, select the Remote tab, and under Remote Desktop select the checkbox labeled "Allow users to connect remotely to this computer." Unfortunately, you can't use the System utility to enable Remote Desktop on a remote machine, though you can access some properties pages of System using Computer Management by first connecting the console to a remote computer, then right-clicking on the root node and selecting Properties. Unfortunately, as you can see in Figure 1 below, the Remote tab is not available when you access System properties this way on a remote machine (here named SRV220).

Figure 1. System properties for a remote machine does not have Remote tab

Fortunately, there's a workaround. Sit down at your desk and log on to your Windows XP workstation using your administrator credentials and start Registry Editor by Start --> Run --> regedit --> OK. Then select the Connect Network Registry option under the File menu (Figure 2).

Figure 2. Connecting to the Registry on a remote machine.

This opens the Select Computer search box. Either browse Active Directory to locate the remote server, or type its name in the textbox (Figure 3).

Figure 3. Connecting to the Registry on a remote server named SRV220.

Click OK and a node will be displayed in Registry Editor for the remote machine (Figure

Figure 4. HKLM and HKU hives on SRV220.

Now browse HKLM on SRV to find the following Registry key (Figure 5).

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server

Figure 5. Registry key for Terminal Server on remote machine.

Under the Terminal Server key, you'll find a REG_DWORD value named fDenyTSConnection. Double-click on that value to open theEdit DWORD Value box and change the value data from 1 (Remote Desktop disabled) to 0 (Remote Desktop enabled), as in Figure 6 below.

Figure 6. Set fDenyTSConnections to 0 to enable Remote Desktop on SRV220.

The remote machine needs to be rebooted for the change to take effect, so open a command prompt and type the following command:

shutdown -m \\srv220 -r

After the remote machine reboots, Remote Desktop should be enabled on it. To test this from your workstation, open Start --> All Programs --> Accessories --> Communications --> Remote Desktop Connection, enter the name of the remote server in the Remote Desktop Connection logon box, supply your administrator password when prompted, and you're in.

Read More

Installing and enabling IIS and FTP on Windows Server 2008 R2

Installing and enabling IIS and FTP on Windows Server 2008 R2

Open Server Manager, go to Roles and click “Add Roles”

In the Add Role Wizard, select Web Server (IIS) role to install

Click Next until you reach Select Role Services page, leave the default and check FTP Server, FTP Service and FTP Extensibility at the bottom. Click Next, follow the wizard and finish the role installation.

Now open IIS Manager from Start > Administrative Tools, expand the server, right click Sites, and click Add FTP Site, give it a site name and configure the physical path as needed.

Configure Binding and SSL. In our case, we’d like to bind to all unassigned IP addresses and do not use SSL.

Enable Basic Authentication and configure authorization. In our case I’ll start with allowing All users both Read and Write permission as long as all users on the server are password protected.

Click Finish to finish the configuration.

Open Windows Firewall with Advanced Security from Start > Administrative Tools, go to Inbound Rules in the left pane, and create a new rule by clicking New Rule in the Action Pane, select Port and click next.

Apply this rule to TCP port 21, and click Next

Keep the default configure for the rest of steps to Allow the connection and apply it to all profiles, name the rule and finish the wizard.

Now the FTP should be up and running, please test the connection to confirm.

Read More

Zentyal firewall basic configuration

Zentyal firewall basic configuration

When you access the web interface for the first time, a configuration wizard will start. To start with, you can choose the functionality for your system. To simplify this selection, in the upper part of the interface you will find the pre-designed server profiles.

Zentyal profiles

Zentyal profiles available for installation:

Zentyal Gateway:

     Zentyal will act as a gateway of the local network, offering secure and controlled access to Internet.

Zentyal Infrastructure:

     Zentyal manages the infrastructure of the local network with basic services such as DHCP, DNS, NTP, and so on.

Zentyal Office:

       Zentyal can act as server for shared resources of the local network: files, printers, calendars, contacts, user profiles and groups.

Zentyal Unified Communications:

     Zentyal can act as a communications center for the company, handling e-mail, instant messaging and VoIP.

You can select any number of profiles to assign multiple roles to your Zentyal Server.

We can also install a manual set of services just clicking on their icons, without having to comply with any specific profile. Another possibility is to install a profile and then manually add the required extra packages.

We are going to develop the Infrastructure profile in this example. The wizards you will see during the installation depend on the packages you have selected to install in this step.

Once you have finished the selection, only the necessary additional packages will be installed. This selection is not definitive and later you can install and uninstall any of the Zentyal modules via the software management tools.

Extra dependencies

The system will begin the installation process of required modules and you will be shown a progress bar, as well as some slides offering a brief introduction to core Zentyal functions and the commercial packages.

Installation and additional information

Once the installation process has been completed, the configuration wizard will configure the new modules and then you are asked some questions.

First of all, you are asked for information regarding your network configuration. Then you need to define each network interface as internal or external, in other words; whether it will be used to connect to an external network such as Internet, or to a local network. Strict firewall policies will be applied to all the traffic coming in through external network interfaces.

Initial configuration of network interfaces

Next, you have to choose the local domain associated with our server, if you have configured the external interface(s) using DHCP it may be filled automatically. As said before, our hostname will be automatically added as a host of this domain. The authentication domain for the users will also take this name. You can configure additional domains but this is the only one that will come pre-configured to provide all the information that our LAN clients need for the network authentication protocol (Kerberos).

Local domain for the server

The last wizard will allow you to register your server. In case you already have registered, you just need to enter your credentials. If you still don’t have registered the server, you can do it now using this form.

Both ways, the form will request a name for your server. This is the name that will identify your Zentyal server in the Zentyal Remote interface.

Register your server

Once you have answered these questions, you will continue to configure all the installed modules.

Saving changes

The installer will inform you when the installation is finished.

Initial configuration is finished

Just click the button and access the Dashboard: your Zentyal server is now ready!

Read More

Zentyal installation

Installation

Generally speaking, Zentyal is meant to be installed exclusively on one (real or virtual) machine.However, this does not prevent you from installing other applications, that are not managed through the Zentyal interface. These applications must be manually installed and configured.

Zentyal runs on top of Ubuntu [1] server edition, always on LTS (Long Term Support) [2] versions. LTS has longer support periods: five years instead of three,

You can install Zentyal in two different ways:

1, using the Zentyal installer (recommended option),
2,using an existing Ubuntu Server Edition installation.

In the second case the official Zentyal repositories must be added and installation continued by installing the modules you are interested in [3]

However, in the first case the installation and deployment process is easier as all dependencies reside on a single CD or USB. Another benefit of using the CD or USB is to have a graphical environment that allows the use of a web interface from the server itself.

Ubuntu’s official documentation includes a brief introduction to installing and configuring Zentyal [4]

1, Ubuntu is a Linux distribution developed by Canonical and the community, focused on laptops, PCs and servers: http://www.ubuntu.com/.

2, For a detailed description about the publication of Ubuntu versions it is recommended you consult the Ubuntu guide: https://wiki.ubuntu.com/Releases.

3,  https://help.ubuntu.com/12.04/serverguide/zentyal.html

4, For more information about installing from the repository please go to

Zentyal installer

The Zentyal installer is based on the Ubuntu Server installer. Those already familiar with this installer will also find the installation process very similar.

To start with, you choose the installation language, in this example English is chosen.

Selection of the language

You can install Zentyal by using the default mode which deletes all disk contents and creates the partitions required by Zentyal by using LVM [5] or you can choose the expert mode which allows customised partitioning. Most users should choose the default option unless they are installing on a server with RAID software or they want to create special partitioning according to specific requirements

Installer start

In the next step choose the language for your system interface. To set the language, you are asked for your country, in this example the United States is chosen.

Geographical location

You can use automatic detection for setting the keyboard: a few questions are asked to ensure the model you are using is correct. Otherwise, you can select the model manually by choosing No.

Keyboard configuration 1

Keyboard configuration 2

Keyboard configuration 3

If you have multiple network adapters, the installer will ask you for your primary one , the one that will be used to access the Internet during the installation. The installer will try to auto configure it using DHCP. If you only have one interface, you will not see this question

Select primary network interface

Now choose a name for your server: this name is important for host identification within the network. The DNS service will automatically register this name. Samba will also use this domain name, as you will see later.

Hostname

Next, the installer will ask you for the administrator account. This user will have administration privileges and in addition, the same user will be used to access the Zentyal interface.

System username

In the next step you are asked for the user password. It is important to note that the user defined earlier, can access, using the same password, both system (via SSH or local login) and the Zentyal web interface. Therefore you must be really careful to choose a secure password (more than 12 characters including letters, numbers and symbols).

Password

Here, insert the password again to verify it.

Confirm password

In the next step you are asked for your time zone. It is automatically configured depending on the location chosen earlier, but you can modify it in case this is incorrect.

Time zone

The installation progress bar will now appear. You must wait for the basic system to install. This process can take approximately 20 minutes, depending on the server.

Installation of the base system

Once installation of the base system is completed, you can eject the installation CD and restart the server.

Restart

Now your Zentyal system is installed! A graphical interface in a web browser is started and you are able to access the administrative interface. The first boot will take an extra time while it configures core Zentyal modules. After the first restart, the graphical environment was automatically started, from now on you must authenticate before it begins.

Graphical environment with administrative interface

To start configuring Zentyal profiles or modules, you must insert the username and password indicated during the installation process. Any user you add later to the sudo group can access the Zentyal interface and has sudo privileges in the system.

LVM is the logical volume manager in Linux, you can find an introduction to LVM management in http://www.howtoforge.com/linux_lvm.

Read More

OpenDNS

Using OpenDNS is achieved by making a configuration change in the DNS settings of a network router, on individual computers, WiFi devices, or on internal DNS servers. Once OpenDNS is configured, administrators set and manage OpenDNS's advanced features, such as Web content filtering and security, by logging in to their OpenDNS account.

It is important to understand that OpenDNS advanced settings are applied to a network and those settings are subsequently inherited by all of the computers and devices that connect to that network.

Configuring OpenDNS means that OpenDNS is being specified as the DNS server for a network, usually in place of the DNS servers provided by an ISP. As the DNS server for a network, OpenDNS receives and answers the Internet DNS requests that originate from the computers and devices connected to that network.

For Enterprise networks, configuring OpenDNS typically means using OpenDNS as the forwarders of the organization's internal DNS servers. Since internal DNS server configurations can vary between a single server to multiple servers spread across departments and office locations, specific configurations will vary.

Ultimately, configuring OpenDNS is accomplished by changing a setting within a router, computer, device, or server; regardless of whether in a home, small business or Enterprise environment.

How to create a OpenDNS Account

Using bellow mentioned URL can make a free OpenDNS account for you

https://store.opendns.com/get/home-free?

then register with your E-mail id in the registration box and enter details of the same, after enter the details  "click" continue ,then u will get a new window, see bellow image

Here u can see three sub divisions 1, computer. 2, Router. 3, DNS server. Then u can choose which type of configurations u want, and click the link

if you select computer, next you must enter which operating systems are using for installing openDNS, 

if you select DNS server, you must enter which operating systems are using for installing openDNS, 

if u select Router, u enter which type router you are using,

now we are selecting Router, that time u will get anew window like this.

Next click on which branded router using you are. I selected the NETGEAR router, then u will get a new window and follow this.

Change your settings: Configuration for NETGEAR

1. Type the router's setup URL (http://192.168.0.1) into a web browser address bar

     http://192.168.0.1 is the default Netgear router IP address.

     (http://192.168.1.1 will work for some Netgear models.)

2. Enter the password.

3. Type in OpenDNS addresses in Primary DNS and Secondary DNS fields.

Please write down your current DNS settings before switching to OpenDNS, in case you want to return to your old settings for any reason.

The addresses for OpenDNS are:

208.67.222.222

208.67.220.220

Note: The Netgear WGR614 versions require a firmware upgrade in order to be compatible with OpenDNS. Click here to upgrade

4. Click Apply button.

5. Wait for the settings to be updated.

After the settings have updated, awe highly suggest that you flush your DNS resolver cache and web browser caches to ensure that your new DNS configuration settings take immediate effect.

6. Open Dashboard

Next you will get a new window like this

Type Your own WAN IP in red marked box and Click "add this network". then you will get a new settings window like this.

You can select the WAN IP in the red marked section from this window, after selecting the IP you will get a new window as follows,

In this section, you can select which type of filtering you want(High, Moderate, Low, None or Custom)

In the High filtering you want block bellow site categories

Adware

• Sites that distribute applications which display advertisements without user's knowledge or choice. Does NOT include sites which serve advertising.
• Alcohol
  Sites about alcohol use, commercial and otherwise.
• Chat
  Sites where you can chat in real-time with groups of people. Includes IRC and video chat sites.
• Classifieds
  Sites for buying and selling (or bartering) goods and services. Includes sites with real estate and housing listings.
• Dating
  Sites for meeting other people.
• Drugs
  Sites about illegal or recreational drug use.
• File storage
  Sites that offer space for hosting, sharing and backup of digital files.
• Gambling
  Sites that offer gambling or information about gambling.
• Games
  Sites that offer game play and information about games (news, tips, cheat codes).
• Hate/Discrimination
  Sites that promote intolerance based on gender, age, race, nationality, religion, sexual orientation or other group identities.
• Instant messaging
  Sites that offer access or software to communicate in real-time with other individuals.
• P2P/File sharing
  Sites that facilitate the sharing of digital files between individuals, especially via peer-to-peer software, including torrent sites.
• Social networking
  Sites that promote interaction and networking between people.
• Video sharing
  Sites for sharing video content.
• Visual search engines
  Sites for searching for images based on keywords.
• Weapons
  Sites about weapons, commercial and otherwise.
• Webmail
  Sites that offer the ability to send or receive email.
• Photo sharing
  Sites for sharing photographs, as individual images, galleries and albums.
• Adult Themes
  Sites that are adult in nature and are not defined in other rating categories. Note: This category should only be turned on if you want to be very restrictive on your network.
• Tasteless
  Sites that contain information on such subjects as mutilation, torture, horror, or the grotesque.
• Lingerie/Bikini
  Sites displaying or dedicated to lingerie/bikini that could be considered adult-only.
• Proxy/Anonymizer
  Sites providing proxy bypass information or services. Also, sites that allow the user to surf the net anonymously, including sites that allow the user to send anonymous emails.
• Sexuality
  Sites that provide information, images or implications of bondage, sadism, masochism, fetish, beating, body piercing or self-mutilation.
• Nudity
  Sites that provide images or representations of nudity.
• Pornography
  Anything relating to pornography, including mild depiction, soft pornography or hard-core pornography.
• Forums/Message boards
  Sites with discussions, including bulletin boards, message boards and forums.

In the Moderate filtering you want block bellow site categories

• Adware
  Sites that distribute applications which display advertisements without user's knowledge or choice. Does NOT include sites which serve advertising.
• Alcohol
  Sites about alcohol use, commercial and otherwise.
• Dating
  Sites for meeting other people.
• Drugs
  Sites about illegal or recreational drug use.
• Gambling
  Sites that offer gambling or information about gambling.
• Hate/Discrimination
  Sites that promote intolerance based on gender, age, race, nationality, religion, sexual orientation or other group identities.
• Weapons
  Sites about weapons, commercial and otherwise.
• Tasteless
  Sites that contain information on such subjects as mutilation, torture, horror, or the grotesque.
• Lingerie/Bikini
  Sites displaying or dedicated to lingerie/bikini that could be considered adult-only.
• Proxy/Anonymizer
  Sites providing proxy bypass information or services. Also, sites that allow the user to surf the net anonymously, including sites that allow the user to send anonymous emails.
• Sexuality
  Sites that provide information, images or implications of bondage, sadism, masochism, fetish, beating, body piercing or self-mutilation.
• Nudity
  Sites that provide images or representations of nudity.
• Pornography
  Anything relating to pornography, including mild depiction, soft pornography or hard-core pornography.

 In the Low filtering you want block bellow site categories

• Tasteless
  Sites that contain information on such subjects as mutilation, torture, horror, or the grotesque.
• Proxy/Anonymizer
  Sites providing proxy bypass information or services. Also, sites that allow the user to surf the net anonymously, including sites that allow the user to send anonymous emails.
• Sexuality
  Sites that provide information, images or implications of bondage, sadism, masochism, fetish, beating, body piercing or self-mutilation.
• Pornography
  Anything relating to pornography, including mild depiction, soft pornography or hard-core pornography.

In the None filtering you cannot block any sites categories

In the Custom filtering you want block any site categories with your choice.

Next we selected "Custom" filtering mode, then u can get a sub menu like this

You can choose different site categories from here for blocking your network, then Click Apply, now u are successfully created OpenDNS in your Network,

After completing the OpenDNS configuration you must change all computer Preferred DNS and Alternate DNS

Preferred DNS 208.67.222.222

Alternate DNS 208.67.220.220

Read More