Archive for the ‘Windows’ Tag

KB: Cheat sheet for adding persistent iSCSI volume in Windows Server 2008 Server Core

Posted 2009/11/11
Filed under: My KB | Tags:
* Leave a Comment

  • Set iSCSI service to autostart

sc config msiscsi star= auto

  • Add persistent iSCSI target

iscsicli.exe

QAddTargetPortal <Portal IP Address>

ListTargets

QloginTarget <target_iqn>

PersistentLoginTarget <target_iqn> T * * * * * * * * * * * * * * * 0

ListPersistentTargets

ReportTargetMappings

  • Create disk partition and volume

diskpart.exe

list disks

select disk <disk number>

online disk

attribute disk clear readonly

create partition primary

format fs=ntfs quick

assign letter=<drive letter>

list volume

 

 

Remarks: The step for clearing readonly flag in DiskPart is important for Windows Server 2008, otherwise creating partition will end up giving “Media is write protected”error. See http://support.microsoft.com/kb/971436/EN-US for details.

Good & Bad News: Synology Disk Station Manager 2.2 BETA added iSCSI target support, but it lacks“persistent reservation”support so making it not usable for Windows Server 2008 cluster storage

Posted 2009/07/22
Filed under: My Lab | Tags: , , ,
* Leave a Comment

I’ve been awaiting for the Synology NAS firmware upgrade with iSCSI support so I can try out Windows Server 2008 failover clustering on my Hyper-V box. The good news is the DSM 2.2 BETA is out with iSCSI but it is IET based which lacks SCSI-3 persistent reservation support required by Windows Server 2008 cluster. Same problem for some other software iSCSI targets, e.g. OpenFiler

 

Reference:

http://blog.baeke.info/blog/_archives/2007/10/24/3311645.html 

http://iscsitarget.sourceforge.net/

KB: Enable Windows XP Remote Desktop Connection to Windows Vista / Windows Server 2008 requiring Network Level Authentication

Posted 2009/07/10
Filed under: My KB | Tags: , ,
* Leave a Comment

Problem: The following error is shown in Windows XP Remote Desktop Connection when connecting Windows Vista / Windows Server 2008 requiring Network Level Authentication.

 image

Solution: Enable CredSSP Security Service Provider in Windows XP SP3 which is disabled by default.

  1. Install Windows XP SP3
  2. Follow the instructions in KB951608 to turn on CredSSP http://support.microsoft.com/kb/951608/

 

More Information:

http://support.microsoft.com/kb/951616/

KB: User will be enrolled with a new certificate when logging on to new client machine with certificate autoenrollment enabled

Posted 2009/07/09
Filed under: My KB | Tags: , ,
* 回應 (2)

Problem: For user logs on to multiple machines with autoenrollment enabled, each machine will generate a new set of private and public keys for the user since user’s existing certificates do not exist in the local certificate store.

Solution: Configure Credential Roaming supported in Windows Server 2003 SP1 Administrative Template.

http://technet.microsoft.com/en-us/library/cc783542(WS.10).aspx

起套Windows 2003 PKI – Plan

Posted 2009/06/18
Filed under: My Lab | Tags: , ,
* Leave a Comment

參考

  1. Best Practices for Implementing a Microsoft Windows Server 2003 Public Key Infrastructure
  2. Designing a Public Key Infrastructure
  3. Windows Server 2003 PKI Operations Guide

會試以下起套3-tier architecture

  • Offline Root CA
  • Offilne Policy CA
  • Enterprise Issuing CA
  • domain client auto enrollment

What’s Next:

  • 夾我隻Netscreen 5GT行L2TP/IPSec VPN
  • 802.1x
  • Upgrade to Windows 2008 CA
  • Windows 2008 R2 Direct Access… if possible with my HGC broadband…
Follow

Get every new post delivered to your Inbox.