I have active directory installed on a Virtual Machine having OS Win Server 2012.
Now I want to configure it so that users can access it.
My IP Add is: 103.31.80.54
Subnet Mask: 255.255.255.252
GW: 103.31.80.53
What to do??
Follow the below mentioned steps from the Server Manager on Windows 2012 Server:
Open the Notifications Pane by selecting the Notifications icon from the top of the Server Manager. From the notification regarding configuring AD DS click
Promote this server to a domain controller.
From the Deployment Configuration tab select Add a new forest from the radial options menu. Insert your root domain name into the Root domain name field. [i.e
yourdomain.com]
Review and select a Domain and Forest functional level. Once selected fill in a DSRM password in the provided password fields. The DSRM password is used when
booting the Domain Controller into recovery mode.
Review the warning on the DNS Options tab and select Next.
Confirm or enter a NetBIOS name and click Next.
Configure the location of the SYSVOL, Log files, and Database folders and click Next.
Review the configuration options and click Next.
The system will check to ensure all necessary prerequistes are installed on the system prior to moving forward. If the system passes these checks you will
proceed by clicking Install. [The server will automatically be rebooted once the installation completes]
Once the server is done rebooting reconnect via RDP. Congratulations on successfully installing and configuring a Active Directory Domain Services on Windows
Server 2012.
Related
I setup Remote Desktop Connection and the computer says: AzureAD\username already has access:
Very good, let's try to connect using AzureAD\username:
Unfortunately it says:
Your credential did not work. Remote machine is AAD joined. If you are
signing in to your work account, try using your work email address.
Of course it didn't work. Any idea?
To successfully connect to an AzureAD joined computer using Remote Desktop, you will need to first save your connection settings to a .rdp file.
To do this, open the Remote Desktop Connection program, enter the IP Address or computer name, then click the "Save As" button at the bottom of the screen. Save it someplace convenient, since we'll need to edit this file by hand.
Next, Right-Click the saved .rdp file and open with Notepad.
Go to the very bottom of the file, add the following lines:
enablecredsspsupport:i:0
authentication level:i:2
Save the file and close.
Now, try double clicking the modified .rdp file and login using the format:
AzureAD\YourFullUsername
Screenshots, original information and credit go to bradleyschacht.com
As an updated answer, the solution is to simply open up the options for the connection, go to the Advanced tab, and check "Use a web account to sign in to the remote computer".
As long as RDP is enabled on the remote machine and the user you are trying to logon is with authorized, it should work.
The Azure Active Directory username is not exactly clear though.
Joined computer via 'FirstName#domain.com', an Azure Active Directory domain account.
Computer shows 'AzureAD\FirstNameLastName' as authorized for RDP since it's an administrator account.
Must use 'AzureAD\FirstName#domain.com' for RDP username.
No other settings changes needed, no manual editing of RDP file just had to get the username right.
from your window, it doesn't seem like you logged in with an azuread account, try with francescomantovani#yourazureaddomain.com as a username?
as per here:https://learn.microsoft.com/en-us/windows/client-management/connect-to-remote-aadj-pc
When you connect to the remote PC, enter your account name in this
format: AzureAD UPN. The local PC must either be domain-joined or
Azure AD-joined. The local PC and remote PC must be in the same Azure
AD tenant.
For some reason the old remote desktop connection application was throwing the same error. I tried connecting through new remote desktop application( included in windows 10 ), it connected without any problem.
The issue is related to the password, which we have set at the time of the creation of VM.
That password doesn't meet the complexity criteria that we didn't get informed about while setting the username & password firstly. Therefore we need to reset the password.
1). click on created VM --> choose reset Password from the side menu.
2). This time they will tell us about constraints for setting the password.
3). Choose the appropriate password.
4). Now login via this format as below:
username : <publicIpOfVM>/<username>
password: newPassword
I'm looking to setup a Queue Manager Using WebSphere MQ V7 MQ Explorer.
After Creating my Queue Manager, normally I expect that some sub directories are automatically generated under it, "Queues", "Topics", "Channels" .. as illustrated in the photo below.
In my case, no sub directories are generated, as illustrated below in the second snapshot.
PS: the status of my Queue manager is : Running but disconnected from WebSphere MQ Explorer.
When I right-click on the QMgr Name and choose Connect, I get "An unexpected error (2063) has occurred (AMQ4999)"
Could you advise please about a possible cause of this behavior ?
Administrative tools -> Local Security Policy -> Local Policies -> User Rights Assignment -> Log on as a service -> Properties -> add your user here
Same problem with MQ v9 and i solved it this way.
Go to control panel – Administrative tools
Control Panel\All Control Panel Items\Administrative Tools
Local
Inside Local Security Policy
Enter your domain user name then click check names – finalize by clicking ok. Then apply.
Now the domain user can log on as a service – Now open the services running on your machine.
Double click on the MQ service – then go on log on tab
Then apply click okay button – from the restart your machine for the changes to take effect
Finally open WebSphere MQ Explorer as admin - queue manager should be able to connect
Same issue with MQ 9.0 installed on Windows 10 EE.
(Run as Administrator) secpol.msc /s
(open) Local Policies > User Rights Assignment > Log on as a service
then add your User. Same user should be used for "IBM MQ (Installation1)" (Properties> Log On), installation default (when you do not setup the Domain Policy during installation) is MUSR_MQADMIN.
(Maybe you can try to run "MQ Explorer" as MUSR_MQADMIN user, but it's password is automatically generated during the installation. It's possible to change it, but it doesn't seem to be a safer against the using local account to run the MQ service)
I am using Windows 2012 R2 VM machine in Azure. I have read multiple article to setup Filezilla server in this environment. However, I am not successful. Any one faced this issue? Any solution will be greatly appreciated.
Just remember to add Filezilla to Windows Firewall :-)
I'm dealing with the same thing right now. locally the FTP serv works great. remote I cannot establish a passive connection. Based on my research this is because Azure is not set up for Passive-FTP. I am uncertain if we can get FileZilla to operate in a active-FTP mode. Will post back if I ever get to the bottom of it. Mine currently connects and authenticates but 'cannot retrieve directory listing' when it tries to kick over to passive (transfer) mode.
In addition to checking the Virtual Machine endpoints are open, be sure to also add the appropriate Windows Firewall rules if you have Windows Firewall enabled on your Windows VM.
Yes, We can connect to Azure server via FileZilla Client.
Steps:
Login to Azure portal: https://portal.azure.com
Click on App Services.
Select the Site and then click on Get publish profile.
Save the file and open it in notepad.exe.
The file contains 2 <publishProfile> sections. One is for Web Deploy and another for FTP.
Under the <publishProfile> section for FTP make a note of the following values:
publishUrl (hostname only)
userName --------------------------> This is the information you are looking for
userPWD
Add the PublishUrl to Hostname, Username and password in their respective fields.
Connected.
The link will give the detailed description of the steps flow with images.
Here is the link.
Thanks
I have a server which runs Windows Server 2008 R2 Standard. I have admin rights and I can login through Remote Desktop Connection and access the server.
I wanted to create an account so that my office staff can access (restricted access) and only from office systems. I do not want access from any other location.
Is it possible ?
Thanks,
GR
There are several ways to lock down and secure the RDP services of a particular machine. As with most local services and GPO settings Windows is quite good at making it easy to tailor permissions based on user(s), computer(s) and by group(s).
First off I would personally add RDP permissions on a per user basis, rather than giving staff members one central login to use. There are several reasons for this, mostly down to ease of use and system security.
In the "System Properties" of the Windows Server, I assume you've ticked the box to allow a RDP connection to the server. - Just under that there's a checkbox you should tick in order to only allow connections with NLA (Network Level Authentication). Proceed to "Select Users" and choose the staff you wish to give RDP permissions too.
I'm going to assume that your RDP connection is working as you've stated that you're able to connect, we'll leave local RDP GPO settings and initial Windows Firewall configuration, please leave a comment if you'd like me to include it.
In the Windows Firewall for the server on the exceptions tab, edit the settings for Remote Desktop Connection. Click "Change Scope" and tick the box that says "My Nntwork (subnet) only".
This will only allow RDP connections from local machines within the servers subnet (office machines) and connections from the users you specified earlier on (Office staff).
As for the restricted access part, short of making a new local limited user on the server there's not much you can do to protect everything.
I hope this clears it up for you.
I need to find WebsitePanel Server pool on my PC. I don't know the location of it. Can anyone appoint me to that location. I don't know is it a part of IIS or something elese. Current configuration is Win 8 with IIS 7.5 installed. Than kyou
Is this what you are looking for?
Adding a WebsitePanel server
Begin by going to Setup > Servers
Click Add New Server
In the server details box, select the server type "WebsitePanel" from
the dropdown menu.
Enter the IP/Hostname of your Enterprise server install
Enter the username and password for the account that has permissions
to create your users. The account has to be a reseller account with
permissions to create packages under the top level hosting space your
customers will be created under.
Tick SSL if you wish to connect using a SSL connection
ref:http://docs.whmcs.com/WebsitePanel
or this one WebSitePanel:007-Setting ACL for Root Organizational Unit ?