Sunday, December 30, 2007

Veins On Boobs Not Pregnant

Understanding the Account Lockout

Hi, an interesting topic for the protection of domain user accounts is the account lockout or Account Lockout.

Why protect user accounts and passwords? First we must consider security as a statute that should govern our organization. A level of domain user accounts can achieve enabling auditing, protection of disabled accounts, passwords and complex.

locks user accounts after a defined number of failed attempts to logon because an incorrect password is entered.
locks user accounts in a domain are defined in a GPO or a Group-wide domain.

We can put to work is changing the Group Policy Default Policy Domain Policy or Domain using GPMC or the Active Directory Users and Computers.

Enable account lockout:
  1. We entered the Active Directory and make you right click the domain and select properties, load a window and enter the Group Policy tab and click on Edit.
  2. Expand the Group Policy: Computer Settings, Windows Settings, Security Settings, Account Policies, Account Lockout Policy.
  3. We define three values \u200b\u200bfor the account lockout.

  4. Account Lockout Threshold : Defines the number of failed attempts to lock user accounts. It is recommended that the fifth attempt to lock the account, so write 5 .

  5. Account Lockout Duration: Sets the time to lock the user account. The default is 30 minutes when we define the Account Lockout Threshold. Rather after 30 minutes the account will unlock itself. If you never want to unlock and manually unlocked by an administrator must enter 0.

  6. Reset account lockout counter after : Sets the time in which the value Badpwdcount is reset, the default is 30 minutes when we define the Account Lockout Threshold. Rather than 30 minutes must not exceed the value the value defined in the Account Lockout Threshold, otherwise the account is locked. Finally

  7. hope that politics runs in the domain. Policies of groups spread over a period of 30 to 90 minutes automatically.

When a user account is locked the following screen appears:

To unlock a user has entered the Active Directory Users and Computers, identify the user, right click and select Properties. In the Properties window we go to the Account or Account tab and uncheck "Account is Locked out .


Applying lockout policies accounts can be identified:

  • locked user accounts can be viewed from the Event Viewer on any domain controller. Option: Security, Event 644.
  • Identify where the accounts are blocked in that workstation or server. This will let you know because service accounts or block users help us with problem-solving tasks.
Video:

I welcome your comments.
Greetings!

Saturday, December 29, 2007

Brent Everett Has Bad Teeth

Installing an Exchange 2007 server

Hello! again with you today will learn: How install a Microsoft Exchange Server 2007?. As we know, Exchange 2007 is Microsoft's latest product release to Messaging. Exchange 2007 now interacts with other Microsoft services such as Live Communications 2007 allowing the convergence of voice and data over a single medium.

exist in Exchange 2007 roles:
  • Hub Transport or Edge , Mail Transport servers inside and outside the organization.
  • Unified Messaging Server, Server Manager Outlook Voice Access (OVA) and fax service.
  • Client Access Server, server responsible for providing the services of Outlook Web Access (OWA), ActiveSync, Outlook Anywhere and other Internet protocols such as IMAP4, POP3.
  • Mailbox Server, server, mailbox store manager.

test scenario for this post:

  • 32-bit PC with Windows 2003 Enterprise SP1. Exchange 2007 can be installed on 32-bit platform only for testing, not production environments.
  • Active Directory without Exchange server installed. Only install Exchange 2007, there will be an upgrade in this document. The upgrade or migration more on that later.
  • All patches and updates are 32 bits, it's a stage test. For a production environment must have a 64-bit, Windows 2003 64 bit, fixes and updates that support 64 bits.

requirements for installing Exchange 2007:

  • A server with Windows Server 2003 Enterprise / Standard with SP1 or SP2 to install MS Exchange 2007
  • A server configured as Domain Controller Global Catalog (Global Catalog) on Windows Server 2003 SP1 in the domain where you install the first Exchange 2007 server.
  • domain functional level: Windows 2000 Native or Windows 2003. Installing
  • ASP and IIS components exception of SMTP and NNTP.
  • Installation
  • . NET Framework 2.0 or higher and an update. NET Framework 2.0.
  • Installing Microsoft Windows PowerShell and install the Microsoft Management Console 3.0
  • should not be any Exchange 5.5 server.
  • The Exchange server must have Internet to check out the requirements for Exchange 2007.

Steps: Check

  1. domain functional level. Raise the functional level to Windows 2003. Note: After performing the functional level rise no reverse and change will be replicated to all domain controllers. If they rise to Windows Server 2003, should check that drivers have not domain on Windows 2000/Windows NT 4.0
  2. install the following components of IIS from Add or Remove Programs Control Panel: ASP.NET, Internet Information Services (select Common Files, Internet Information Services Manager, World Wide Services). Caution: Do not select SMTP and NNTP.
  3. install the. NET Framework 2D We can download it from: http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
  4. install the patch KB926776. We can download it from: http://go.microsoft.com/fwlink/?linkid=74469 . Hotfix information in: http://support.microsoft.com/kb/926776/en-us . After the installation we must restart the server.
  5. install Windows PowerShell 1.0. We downloaded from: http://support.microsoft.com/kb/926139/en-us
  6. install the Microsoft Management Console 3.0. We can download from: http://support.microsoft.com/kb/907265/en-us
  7. Insert the Exchange 2007 and run the installer: setup.exe.
  8. will load a window Exchange Welcome. Select Install Exchange 2007. The installation wizard will verify that you have installed all the necessary requirements for Exchange 2007.
  9. accept the license agreement and terms. Optionally
  10. can afford to send error reports to Microsoft for the continuous improvement of Microsoft Exchange 2007. Select Yes.
  11. We have two types of installations: Typical and custom, this time select typical, because the roles of Exchange will run on a single server. Optionally you can select a path for the installation of MS Exchange.
  12. write a name for the Exchange 2007 organization, this time write ExchangePro.
  13. can then select whether in our organization there MAPI clients such as Outlook 2003, Entourage or earlier. This time select Yes, because there MAPI clients such as OL 2003. If there are only select No. OL 2007
  14. will load a list that will review whether all the installation requirements and preparation are properly installed and configured. It is recommended that the Exchange Server validates the requirements based on a checklist of the Internet.
  15. After verification, it starts installing MS Exchange 2007.
  16. Finally we have our Exchange server installed 2o07. We Get the Exchange Management Console or Windows PowerShell to begin managing our server.

Links:

Requirements for Installing Microsoft Exchange 2007: http://technet.microsoft.com/en-us/library/aa996719.aspx

Checklist for Installing Microsoft Exchange 2007: http://technet.microsoft.com/en-us/library/bb125239.aspx

Download Service Pack 1 for Exchange 2007: http://www.microsoft.com/downloads/details.aspx?FamilyID = 44c66ad6-F185-4a1d-a9ab-473c1188954c & displaylang = en

Release Notes Service Pack 1 for Exchange 2007: http://www.microsoft.com/downloads/details.aspx?FamilyId=5770BD59-376E- 42EC-B940-BE6225CD97FF & displaylang = en

Typical Installation Microsoft Exchange 2007: http://technet.microsoft.com/en-us/library/bb123694.aspx

Are there any comments or questions hágamenlo arrive.

Greetings!



Video: Installing Exchange 2007

Wednesday, December 26, 2007

American Dad Steve Yaoi

Editing access to OWA in Exchange 2003 using IE 7 on Windows Vista

Hello, today I share with you an important issue. Correcting access to OWA (Outlook Web Access) to Exchange 2003 using Internet Explorer 7 for Windows Vista. The problem is due to the behavior of an ActiveX component that acts different in IE 7 on Windows Vista.

The symptoms are:
  • can not compose an email, rather we can not write to the TextBody, when sending, receiving or forwarding an email.

  • Can not create a contact, task, note, etc..

  • can not change the configuration of folders via OWA.

Microsoft released a hotfix, which has the solution for this problem, the solution is to replace the ActiveX component for one called "iframe." This hotfix must be installed on servers and Back-End Front-End. Paper can

be found at: http://support.microsoft.com/?kbid=911829 . Download the hotfix

: http://www.microsoft.com/downloads/details.aspx?FamilyId=5BC06E8A-08EB-4976-BC68-A03EBE3A2552& displaylang = en & displaylang = en . Problems


signed S / MIME on IE 7.


There is also an additional problem with IE 7 and Exchange 2003, when you compose an email and send it when you receive an error message. This is because a signature is configured S / MIME on a client with IE 7. For this you can apply the following patch on the Exchange server Back-End and Front-End: http://support.microsoft.com/?kbid=924334 . Finally


recommend downloading and installing the latest version of the S / MIME from the OWA page. This requires entering Options and from there find: Email Security.

I look forward to your opinions

Saturday, December 22, 2007

Maxtor Basic Desktop Storage Driver

Configuring ActiveSync on Exchange 2003 organization

Hello, today we will learn to How to enable Exchange 2003 ActiveSync . ActiveSync is a Microsoft tool that allows us to synchronize your mailbox with a mobile device that supports Windows Mobile 2003, 5.0 or higher. This guide will set up ActiveSync through HTTP protocol. You can configure ActiveSync via HTTPS using certificates. To configure ActiveSync

we have the following requirements:

Steps to enable ActiveSync on server side:

  1. Login to Exchange System Manager and expand Global Setting and click Properties on Mobile Devices.

  2. Enable all checks within Exchange ActiveSync. This will allow users to synchronize their mailbox organization, enable email notifications and DirectPush.

  3. can also enable the OMA (Outlook Mobile Access) is a feature of Exchange 2003, which allows users to view your mail using a mobile phone that supports WAP.

  4. We make sure that the ActiveSync work correctly on the server side. For them from the Exchange server itself or elsewhere to access the following URL: http://servidordecorreo/Microsoft-Server-ActiveSync .


Steps to publish ActiveSync in the firewall or the ISA Server:

  1. ActiveSync traffic travels through the HTTP protocol (defined in this post) or via HTTPS (using certificates). If you already have OWA published on port 80, you no longer need this step.

  2. In our firewall or ISA Server should publish port 80, referring Server Exchange 2003 SP2 Front-End or giving face to the Internet.

  3. You can get more information about ActiveSync Publishing using ISA Firewall 2004/2006 as at: http://support.microsoft.com/kb/837354/en-us

Tests on mobile devices:

  1. mailbox synchronization using the PC as a bridge can be done if you download the ActiveSync 4.5 and installed it on the PC. Http://www.microsoft.com/windowsmobile/activesync/activesync45.mspx

  2. ActiveSync can enter from the mobile device. And follow the wizard to configure the server address (published Internet eg http://mail.empresa.com/ ), the username and password (eg, domain \\ user and password), synchronize folders: Inbox, calendar, task, etc. More information: http://technet.microsoft.com/en-us/library/bb123822.aspx

If you have problems when you synchronize your mobile device can enter the following code page error: http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php



Video:

I welcome your comments. Greetings!

Thursday, December 20, 2007

Substitutes For Charcoal Lighter Fluid

Configuring an SMTP connector for outgoing mail

Hello, today we will know to use SMTP connectors and setting them on an Exchange 2000/2003 organization.

An SMTP connector helps us for the following reasons:

  • want to set the command ETRN / TURN server side or client.

  • want to configure security on outgoing mail. Rather make emails that meet certain parameters to pass to be sent through a connector.

  • want to prioritize sending emails to certain domains.

  • Send command, negotiation SMTP HELO instead of EHLO.

  • Limit outgoing mail by size, time (calendar)

  • Establish costs for routing messages.

This time configure an SMTP connector for outgoing mail to the Internet in a personalized way. Normally the entrance / exit to the Internet mailing is done by the Front-End Exchange server. We consider the creation of connectors on servers that send emails to the Internet or certain domains.

  1. We entered the Exchange System Manager and right click the Exchange organization: Ex ExchangePro (Exchange) and mark the checks : Display Display Administrative Groups and Routing Groups.

  2. Expander: Administrative Groups, First Administrative Groups, Routing Groups, First Routing Group, Connectors.

  3. Right-click, select New SMTP Connector .

  4. assign a name to the connector. Eg Internet Connector.

  5. select the handles to resolve DNS name queries using this connector. You can select the mail forwarding using a smarthost. This time we will not use an SMTP server to forward mail.

  6. add the local Bridge Bridgehead or head. We select the Virtual SMTP server where they exit the post office. Remember it is through this server where mails are sent to configure destination domain. Therefore we consider necessary to permit the internal firewall for outgoing mail on port 25.

  7. Select the Address Space tab . then we click and select Add and type the SMTP address. Finally we write the destination domain name. Eg If we really want to go all mail through this connector type * in Address Space and 1 in cost. If for example we want through this connector are sent emails to hotmail.com, we must specify in Address space: hotmail.com and cost 1 (The cost is a criterion you).

  8. Select the scope of the connector: entire organization.

  9. Save Changes. I recommend you restart the Simple Mail Transfer Protocol for the changes to take effect instantly.

Optionally you can configure these ocpiones on SMTP connectors

    delivery
  • users Restriction:

  • Send HELO instead of EHLO

  • Shipping Options: specification of the time in which the connector will work sending emails.

  • Content Restriction: Priorities, system messages, message size.
Info You can get more use and implementation of SMTP connectors: http://support.microsoft.com/kb/265293/en-us Questions

my comments, do not hesitate to write.

Monday, December 17, 2007

Best Retirement Cartoons

Installing and configuring an Exchange Server 2003 Front-End Clearing the Active Directory

Hello, today we will learn to Install Exchange Server 2003 server and configure it as Front-End Server or Application Server . First Front-End server is one which provides services OWA, RPC over HTTPS, ActiveSync, OMA , etc. This server also performs the task to send internal emails to the Internet and e input to the internal organization. A single Exchange 2003 server can fulfill all these tasks but be less efficient and best practices for deployment of Exchange servers is not recommended. The recommendation is to do the following: Have 01 Front-End server for incoming and outgoing mail to the Internet (Internet-facing, located in the DMZ or internal network, publish and enable services such as OWA, RPC over HTTPS, ActiveSync, OMA) and one or more Back-End Exchange servers, which serves as the repository of user mailboxes and the server connect users through clients such as Outlook (MAPI connections). The process of sending emails in a topology Back-End and Front-End is as follows. A user connected to Exchange server via Outlook client sends an email, the mail is sent and categorized by the Server Back-End to Front-End server and the server settings under Virtual SMTP connectors and send it to the destination correct as the Internet. For postal entry, front-end server receives mail and forwards it to Back-End and the latter notifies the arrival of a new mail in your mailbox.


Steps to configure an Exchange 2003 Server Front-End:
  1. Join the domain as member server to Windows Server 2003 on Exchange will be installed.

  2. We install pre-requisites as IIS components. We can get the complete steps in: http://exchangepro.blogspot.com/2007/12/instalando-nuestro-primer-servidor.html

  3. Using Exchange 2003 CD to prepare the domain for a server entry Additional Exchange. Execute the following: UnidadLectora: \\ SETUP \\ I386 \\ SETUP / domainprep.

  4. accepted the terms, the installation path and continue with the installation.

  5. Now install Exchange 2003. Execute the following: UnidadLectora: \\ SETUP \\ I386 \\ SETUP.

  6. install Exchange accept the licensing terms and installation path.

  7. After finishing the installation of Exchange 2003 should upgrade to Exchange 2003 SP2. For this we can access: http://exchangepro.blogspot.com/2007/12/instalando-nuestro-primer-servidor.html

  8. When we have our Exchange server installed entered the Exchange System Manager and expand Servers, see two Exchange 2003 servers.

  9. select the new server installed, which will be the Front-End server, right click, select Properties. In the window loaded we mark the check of This is a Front-End Server or This is a Application Server. We hope to load and ready, a window warning that we must restart the services for Exchange, POP3, etc. You can restart all the Exchange server. NOTE: The server on which Front-End will not contain user mailboxes.


  10. now have a front-end server, we can now take full advantage of the SP2 presentations as SSL OWA, RPC over HTTPS, ActiveSync, OMA . Services will configure later.

  11. Consider now the post must leave and enter for Front-End server, we recommend changes in the firewall. I also recommend the creation of one or more SMTP connectors. This issue will publish it soon.

  12. The flow e-mails between the Back-End and Front-End happens automatically, you only need to enable check of Front-End server side, those who do not have this check by default are Back- End.

I hope this article will be of help, questions or queries do not hesitate to write.



links:




Configuring Front-End Servers: http://technet.microsoft.com/en-us/library/aa997801.aspx

Guide Topology Back-End and Front-End Exchange 2003: http://technet.microsoft.com/en-us/library/aa996980.aspx



Video: