HOW TO BACKUP AND RESTORE NTFS AND SHARED FOLDER PERMISSIONS



HOW TO BACKUP AND RESTORE NTFS AND SHARED FOLDER PERMISSIONS

To backup & restore NTFS permission you will find many utilities like NTBACKUP,  iCacls, Robocopy and FSMT.
Backup and Restore of Shared Permissions:
Generally, shared folder permissions are stored in registry at the following location.
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares,
you need to backup and restore this key values using export and import options.
Step 1: Open the registry ( Run | Regedit.exe )
Step 2: Navigate to the following location:
 HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares
Step 3: Right Click on Shares Registry key in the Left pane, from context menu select Export.
Step4: Give the filename as shareperms.reg

When you want to restore the permissions, copy shareperms.reg file and paste to another server where you want to restore and then double click on that file to import.

USING COMMAND LINE UTILITY.
reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares c:\shareperms.reg
If you need to restore, copy and paste the file to C: location, just run:
reg import c:\shareperms.reg

Note: After restore you need to restart the Server service.
net stop lanmanserver
net start lanmanserver

BACKUP AND RESTORE OF NTFS PERMISSIONS

If your are using NTBackup to restore the data, you should select the checkbox to restore permissions as well.
Using icacls command to backup NTFS permissions:
icacls d:\sharedata /save ntfsperms.txt /t /c
The /T switch allows it to get subfolder permissions too. The /C switch allows it to continue even if errors are encountered (although errors will still be displayed).
Use this command to restore them:
icacls d:\ /restore ntfsperms.txt


4 Easy Ways to to Check If Your Processor Supports Virtualization

4 Easy Ways to to Check If Your Processor Supports Virtualization



Running multiple operating systems on a computer is something all tech enthusiasts enjoy doing. You can do this by installing the operating system to a separate hard disk partition or as a virtual machine. Installing an operating system as a virtual machine is more advantageous because you don’t have to constantly restart your computer to access the other OS.
However in order to create a virtual machine, your processor must support virtualization. Fortunately, there are many tools that enable you to check if your CPU or processor supports hardware virtualization.
Using CMD in windows
Press windows + R to open Run dialog type cmd
in cmd type: systeminfo ==> press Enter
Free Tools from AMD and Intel:
Intel and AMD are two of the most prominent PC processor providers in the world. Both of them provide tools for you to check if your processor has virtualization support. In order for this to work, you processor must match the tool. For example if you have an AMD processor, you need to download the AMD Virtualization Compatibility tool.
To check what type of processor you have, click the “Start” button.
Click Start
Right-click “Computer” and select “Properties.”
Click Properties
 Under “System,” you will see the name of your processor. As you can see in the image below, this computer has an Intel processor.
Processor Name
 This is the main window of the Intel Processor Identification utility.
Intel Processor Identification
To check if your PC supports virtualization, click the “CPU Technologies” tab. Search for the“Virtualization Technology” section to determine if your processor supports virtualization.
CPU Technologies

Intel Virtualization Check

Securable:

Securable is a very easy to check if you processor has virtualization support, because it requires no installation. All you have to do is run the executable (.exe) file. Right-click the file you have downloaded, and select “Run as administrator.”
Securable
It will then show you if your processor supports virtualization.
Securable Virtualization

Hardware-Assisted Virtualization Detection Tool:

In order to take advantage of features such as Windows XP Mode, your processor must support virtualization. Microsoft provides users the Hardware-Assisted Virtualization Detection Tool to help users determine if their processor supports virtualization.
Hardware Assisted Virtualization Detection Tool
Like securable, this program requires no installation. All you have to do is double-click the executable file, and it will tell whether or not your processor supports virtualization. As you can see in the image below this processor doesn’t support virtualization.

Final Thoughts:

In some cases, virtualization is disabled by the default BIOS settings. If you know your CPU model supports virtualization, you need to enable it from your BIOS settings. If your processor does not support virtualization at all, you can trying buying a new processor or new computer. The computer in which tests were performed doesn’t support virtualization. yet, it is still able to run Windows XP Mode and live CDs with independent operating systems.
You can always try using basic virtual machines such as live CDs, Windows XP Mode, etc. However, you will need virtualization for more robust systems such as Windows 7 and 8.

Reference: http://www.technorms.com/8208/check-if-processor-supports-virtualization
MYSQL BAKUP USING SHELLS SCRIPTS

MYSQL BAKUP USING SHELLS SCRIPTS



Kindly find the MYSQL shells scripts in given below.

-------------------------------------------------------------------------------------------------------

#! /bin/bash

# You are free to modify and distribute this code,
# so long as you keep my name and URL in it.

# your MySQL server's name
SERVER=10.0.0.125

# directory to backup to
BACKDIR=/root/mysqlbackup/

# date format that is appended to filename
DATE=`date +'%m-%d-%Y'`

#----------------------MySQL Settings--------------------#

# your MySQL server's location (IP address is best)
HOST="10.0.0.125"

# MySQL username
USER="root"

# MySQL password
PASS="xxxxx"

# List all of the MySQL databases that you want to backup in here, 
# each separated by a space
DBS="XXXX"

# set to 'y' if you want to backup all your databases. this will override
# the database selection above.
DUMPALL="n"


#----------------------Mail Settings--------------------#

# set to 'y' if you'd like to be emailed the backup (requires mutt)
MAIL=y

# email addresses to send backups to, separated by a space
EMAILS="suppport@magicalbinary.com"

SUBJECT="MySQL backup on $SERVER ($DATE)"

#----------------------FTP Settings--------------------#

# set "FTP=y" if you want to enable FTP backups
FTP=n

# FTP server settings; should be self-explanatory
FTPHOST="10.0.0.127"
FTPUSER="XXX"
FTPPASS="XXX"

# directory to backup to. if it doesn't exist, file will be uploaded to 
# first logged-in directory
FTPDIR="/home/value"

#-------------------Deletion Settings-------------------#

# delete old files?
DELETE=y

# how many days of backups do you want to keep?
DAYS=6

#----------------------End of Settings------------------#
# check of the backup directory exists
# if not, create it
if  [ -e $BACKDIR ]
then
    echo Backups directory already exists
else
    mkdir $BACKDIR
fi

if  [ $DUMPALL = "y" ]
then
    echo "Creating list of all your databases..."

    mysql -h$HOST -u$USER -p$PASS "dlr" "dlr"  > dbs_on_$SERVER.txt

    # redefine list of databases to be backed up
    DBS=`sed -e ':a;N;$!ba;s/\n/ /g' -e 's/Database //g' dbs_on_$SERVER.txt`
fi

echo "Backing up MySQL databases...$DBS"
read p1
for database in $DBS
do
    mysqldump -h$HOST -u$USER -p$PASS $database dlr > "$BACKDIR/$SERVER-mysqlbackup-$database-$DATE.sql"
    gzip -f -9 "$BACKDIR/$SERVER-mysqlbackup-$database-$DATE.sql"

# if you have the mail program 'mutt' installed on
done
# your server, this script will have mutt attach the backup
# and send it to the email addresses in $EMAILS

if  [ $MAIL = "y" ]
then
BODY="Your backup is ready, please check"
ATTACH=`for file in $BACKDIR/*$DATE.sql.gz; do echo -n "-a ${file} ";  done`

    echo "$BODY" | mutt -s "$SUBJECT" $ATTACH $EMAILS
        
    echo -e "Your backup has been emailed to you! \n"
fi

if  [ $FTP = "y" ]
then
echo "Initiating FTP connection..."
cd $BACKDIR
ATTACH=`for file in *$DATE.sql.gz; do echo -n -e "put ${file}\n"; done`

    ftp -nv <<EOF
    open $FTPHOST
    user $FTPUSER $FTPPASS
    cd $FTPDIR
    $ATTACH
    quit
EOF
echo -e  "FTP transfer complete! \n"
fi

if  [ $DELETE = "y" ]
then
    find $BACKDIR -name "*.sql.gz" -mtime $DAYS -exec rm {} \;

    if  [ $DAYS = "1" ]
    then
        echo "Yesterday's backup has been deleted."
    else
        echo "The backup from $DAYS days ago has been deleted."
    fi
fi

echo Your backup is complete!
TCP/IP NETWORKING MANAGEMENT

TCP/IP NETWORKING MANAGEMENT

  • /etc/hosts, /etc/sysconfig/network, /etc/sysconfig/network-scripts/ifcfg-ethX
  • ifconfig, ifconfig ethX up, ifconfig ethX down, ifup ethX, ifdown ethX
  • IP aliasing
  • ping –c –a x.x.x.x
  • IP classes :
  • A – 10.0.0.0 to 10.255.255.255
  • B – 172.16.0.0 to 172.31.255.255
  • C – 192.168.0.0 to 192.168.255.255
  • Subnetting and subnet masks
  • CIDR: Classless Inter-Domain Routing
  • TCP/IP layers –
  • Applications – FTP, HTTP, SSH. EU-Apps
  • Transport [TCP,UDP] – Delivery of data to apps. Uses segments.
  • Network [IP,ICMP] – Basic comm, H/W, routing. Uses packets.
  • Link [ARP, DevDrvrs] – NW H/W, devdrvs. Uses frames.
  • Physical – Copper Wires, physical medium, cables, Ethernet, Optical fibres, FDDI, ATM, IPX/SPX, Token ring
  • MTU and fragmentation
  • 6-byte MAC addresses and "http://www.iana.org/assignments/ethernet-numbers for the first 3 bytes.
  • 4-byte quad-dot, IP addrs, virtual Loopback addr,Ports, /etc/services, sockets, Privileged and Well-known ports
  • Address types –
  • Unicast – addrs that refer to a single host [NIC actually]
  • Multicast – addrs that identify a group of hosts [224 to 239] Good for videoconferencing
  • Broadcast – addrs that include all the hosts on the local network
  • Routing – Routing Tables, ICMP redirects
  • Static routing
  • /etc/sysconfig/static-routes : eth0 net 192.168.0.20 netmask 255.255.255.0 gw 192.168.0.10
  • netstat -r, netstat –rn
  • The destination is a NW address
  • The gateway must be a host address of a m/c which specifies that pkts must be sent to it to reach the destination address.
  • Gateway is the default route
  • Configuring static routes
  • route add –net 192.168.0.10 netmask 255.255.255.0 gw 192.168.0.10 eth1
  • route add default gw 192.168.0.10 eth0
  • /etc/sysconfig/network : GATEWAY=x.x.x.x and the default route
  • Local DNS and name resolution : and /etc/host.conf, /etc/nsswitch.conf
  • Dynamic routing – routed, gated
  • ICMP redirects
  • ARP – The Addr resolution protocol
  • mii-tool – Configuring autonegotiation and other media-specific options

  • Network Interfaces Config tools :
  • netconfig
  • netconf
  • netcfg
  • redhat-config-network
  • neat
  • neat-tui
  • neat-control
  • redhat-config-network-cmd
  • redhat-config-network-druid
Install OCS Inventory NG Agent 2.1 on Windows Operating Systems.

Install OCS Inventory NG Agent 2.1 on Windows Operating Systems.

Download OCS Inventory: Windows Agent  from https://launchpad.net/ocsinventory-windows-agent/+download
1. Run “OCS-NG-Windows-Agent-Setup.exe” on client computer..



2. and click “Next” button


3. Validate license agreement by clicking “I agree” button.

4. Click "Next" button

5. Fill in OCS Inventory NG Communication server URL, like http://192.168.15.51/ocsinventory & Validate certificates....and click Next


6. Next

7. By default, OCS Inventory Agent write only few information in log files. You may increase this enabling “Verbose log”. You may also enable TAG question, or specify the TAG value. and immediatly Launch inventory just at the end of setup.


8. Click Install

9. Click Finish and check Start OCS inventory NG systray Applet



10. View info on server



Finished!

Fixed "Failed to connect to a windows service windows 7"

Then I get a message: "Failed to connect to a Windows Service. Windows could not connect to the System Event Notification Service. This problem prevents standard users from logging onto the system. As an Administrative User, you can review the System Events Log for details about why the service didn't respond."



Step 1

Go to Start -> type cmd-> right click cmd.exe -> Run as administrator
traning
Chọn quyền administrator để reset máy

Step 2

Type: netsh winsock reset -> Enter , you will see the message same below
Next you mush restart the computer in order to complete!
reset

Furthermore, seeing this video:


Have Fun.
Deny and allow workstation logons with Group Policy

Deny and allow workstation logons with Group Policy

One of the bigger challenges in some Active Directory environments is controlling who is allowed to log into workstations. By default, every user in AD automatically gets added to Domain Users. Domain Users is, once again by default, included in the local Users group on workstations when the workstations get added to AD. That means that unless you take action on either the user account or the computer configuration, any user account in your AD environment can log into any computer whether you want them to or not. If you’re in a smaller AD environment, this may not be a problem for you: you can go to the Account tab in Active Directory Users and Computers, click the “Log On To…” button and specify the computers the user is allowed to use.
Deny logon - ADUC Account tab Log On To
ADUC Account tab Log On To
However, in a larger environment, managing individual accounts can be very time consuming, especially if you have to manually specify computer names for every single user account that needs limited access. You can also run into other authentication problems using “Log On To…” if the account needs to access network resources.
The good news is that there is a Group Policy setting that works with every version of Windows that can be managed with Group Policy from Windows 2000 through Windows 8 that will solve this problem for you. These settings can be found in Computer Configuration > Policies > Security Settings > Local Policies > User Rights Assignment.
Deny logon - Setting in Group Policy Editor
Deny logon – Setting in Group Policy Editor

Deny log on locally ^

The “Deny log on locally” specifies the users or groups that are not allowed to log into the local computer. This policy can be found in Computer Configuration > Policies > Security Settings > Local Policies > User Rights Assignment > Deny log on locally.
Deny log on locally Properties
Deny log on locally Properties
In my example, I’ve created a special group just for user accounts that I don’t want logging into an OU of computers. However, you can use any AD group here. Just avoid default AD groups like Domain Users or any of the Admin groups if you don’t want to get locked out.

Allow log on locally ^

The “Allow log on locally” setting specifies the users or groups that are allowed to log into the local computer. This policy can be found in Computer Configuration > Policies > Security Settings > Local Policies > User Rights Assignment > Allow log on locally.
Allow log on locally Properties
Allow log on locally Properties
In my example, I’ve included the local workstation Administrators group, Domain Admins, and an AD group called “Allow Computer Logons.” With this configuration, only user accounts that are members of the local Admins group on the computer or one of the two AD groups are allowed to log in. Just as a reference, here is the default configuration for Windows 7:
Allow Log on locally Properties in Windows 7
Allow Log on locally Properties in Windows 7
If you happen to be a user that is not authorized to use a computer, here is the message the user will see on Windows XP:
The local policy of this system does not permit you to logon interactively
The local policy of this system does not permit you to logon interactively
And here is the error message they will see on Windows Vista or 7 (the message is the same for both except for the OS name):
You cannot log on because the logon method you are using is not allowed on this computer
You cannot log on because the logon method you are using is not allowed on this computer.

Tips ^

The Group Policy Management Console references Microsoft Knowledge Base article Q823659for the Allow log on locally setting. Despite the old-style “Q” naming convention that is referenced, the article is fairly current and still applies to the newer versions of Windows. The KB article gives several examples of harmful configurations and a few more justifications for why you should consider using these two settings.

  • Here are a few things to keep in mind if you decide to implement these settings:
  • DO NOT apply them to Domain Controllers.
  • DO NOT put the settings into either of the default GPO’s for Default Domain Policy or Default Domain Controllers Policy.
  • Deny trumps allow. If a user is in both Allow log on locally and Deny log on locally, Deny always wins.
  • Be on the lookout for software that creates local service accounts that need to be included in Allow Log on Locally. For instance, VMware Workstation and VMware Player have functionality that will not work unless the service account they create is included in Allow Log on Locally.
  • Only apply these settings to sub-sets of computers and not the entire Domain.
reference: https://4sysops.com/archives/deny-and-allow-workstation-logons-with-group-policy/

Kategori

Ads

Kategori