NTttcp used to profile and measure Windows networking performance.

NTttcp Version 5.28 can be download from the following link.

• Read more
• No comments

http://blogs.technet.com/b/josebda/archive/2013/05/05/updated-links-on-windows-server-2012-file-server-and-smb-3-0.aspx?ocid=aff-n-we-loc--ITPRO40886&WT.mc_id=aff-n-we-loc--ITPRO40886

• Read more
• No comments

“The Enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system.
Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before the latest updates have been applied or who get attacked before an update is even available, the results can be devastating: malware, loss of PII, etc.
Security mitigation technologies are designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software. EMET allows users to manage these technologies on their system and provides several unique benefits:
1. No source code needed: Until now, several of the available mitigations (such as Data Execution Prevention) have required for an application to be manually opted in and recompiled. EMET changes this by allowing a user to opt in applications without recompilation. This is especially handy for deploying mitigations on software that was written before the mitigations were available and when source code is not available.
2. Highly configurable: EMET provides a higher degree of granularity by allowing mitigations to be individually applied on a per process basis. There is no need to enable an entire product or suite of applications. This is helpful in situations where a process is not compatible with a particular mitigation technology. When that happens, a user can simply turn that mitigation off for that process.
3. Helps harden legacy applications: It’s not uncommon to have a hard dependency on old legacy software that cannot easily be rewritten and needs to be phased out slowly. Unfortunately, this can easily pose a security risk as legacy software is notorious for having security vulnerabilities. While the real solution to this is migrating away from the legacy software, EMET can help manage the risk while this is occurring by making it harder to hackers to exploit vulnerabilities in the legacy software.
4. Ease of use: The policy for system wide mitigations can be seen and configured with EMET's graphical user interface. There is no need to locate up and decipher registry keys or run platform dependent utilities. With EMET you can adjust setting with a single consistent interface regardless of the underlying platform.
5. Ease of deploy: EMET comes with built-in support for enterprise deployment and configuration technologies. This enables administrators to use Group Policy or System Center Configuration Manager to deploy, configure and monitor EMET installations across the enterprise environment.
6. Ongoing improvement: EMET is a living tool designed to be updated as new mitigation technologies become available. This provides a chance for users to try out and benefit from cutting edge mitigations. The release cycle for EMET is also not tied to any product. EMET updates can be made dynamically as soon as new mitigations are ready
The toolkit includes several pseudo mitigation technologies aimed at disrupting current exploit techniques. These pseudo mitigations are not robust enough to stop future exploit techniques, but can help prevent users from being compromised by many of the exploits currently in use. The mitigations are also designed so that they can be easily updated as attackers start using new exploit techniques.
Below is a summary of the features and changes that are included with the EMET 4.0 release:
• Certificate Trust: considering the raise of PKI-related attacks, we decided to implement a configurable SSL Certificate Pinning to try to detect Man in the Middle attacks that leverage SSL/TLS certificates. The Certificate Trust feature in EMET is rule-based and allows to pin a specific SSL/TLS certificate to a trusted Root Certificate Authority;
• ROP mitigations and hardening: in the last Technical Preview release of EMET, we introduced some mitigations to try to stop ROP-based attacks by implementing some of the winner ideas of the BlueHat Prize contest. With this new EMET release we hardened the ROP and other mitigations to detect and stop novel attack techniques.
• Early Warning Program: this feature will allow EMET to send contextual data back to Microsoft, through the standard Windows Error Reporting channel, every time that an exploit has been detected and stopped. We are adding this feature to help us respond to new 0day exploits as soon as possible.
• Audit mode: if an exploit is detected, EMET will not terminate the attacked process but it will just report the attack and let the process continue. This mode is only applicable to certain mitigations, for example the anti-ROP ones, that detect the attack when the process is not already in a crashed state. This feature is useful for enterprise customers for testing purposes and to spot false-positives and app-compat problems without compromising the user experience;
EMET 4.0 also includes bug fixes and UI changes to improve the overall user experience. Also, at the end of the installation, EMET will offer the user to automatically apply recommended settings to protect Internet Explorer, Microsoft Office, Adobe Acrobat/Reader, and Oracle Java, as well as a pre-defined set of rules for the Certificate Trust feature that will monitor the main Microsoft and other popular online services. More information are available in the User Guide, available in the EMET installation folder.
Please remember that EMET 4.0 requires .NET Framework 4, and in order to protect Internet Explorer 10 on Windows 8 you need to install KB2790907 – a mandatory AppCompat update that has been released on March 12th.”

Enhanced Mitigation Experience Toolkit 4.0 can be download from the following link.

• Read more
• No comments

http://configmgrblog.com/2013/06/17/setup-commander-1-0-rtm-has-been-released/

• Read more
• No comments

“The Active Directory Replication Status Tool (ADREPLSTATUS) analyzes the replication status for domain controllers in an Active Directory domain or forest. ADREPLSTATUS displays data in a format that is similar to REPADMIN /SHOWREPL * /CSV imported into Excel but with significant enhancements.
Specific capabilities for this tool include:

• Expose Active Directory replication errors occurring in a domain or forest

• Prioritize errors that need to be resolved in order to avoid the creation of lingering objects in Active Directory forests

• Help administrators and support professionals resolve replication errors by linking to Active Directory replication troubleshooting content on Microsoft TechNet

• Allow replication data to be exported to source or destination domain administrators or support professionals for offline analysis.”

The Active Directory Replication Status Tool 1.1 can be download from the following link.

• Read more
• No comments

Introduction

The following article cover a basic installation of System Center 2012 SP1 – Orchestrator by using SQL 2012 SP1 Enterprise.

1. Installation media that need to be use for completing the installation process:

a. Windows 2012 Standard (you can use also Datacenter edition).

b. SQL 2012 SP1 X64 Enterprise (you can use also standard / Datacenter edition)

c. System Center 2012 SP1–Orchestrator .

2. Network Settings:

SQL & System Center 2012 SP1 – Orchestrator: SCVMMSRV

Note: Its highly recommended to set a static IP address to the System Center 2012 SP1 – Orchestrator Server.

Active Directory Domain DNS Name: scvmmdom.local

System Center 2012 Orchestrator SP1 Domain Service Account – ORCSRV - Member of Domain Admins & the Local Administrators Groups.

Note: In production environment its highly recommended to create customize the System Center 2012 SP1 – Orchestrator Domain Service Account that a specific security privileges according to Microsoft best practice.

3. Main Installation Steps:

a. SQL 2012 SP1 Enterprise Installation.

b. System Center 2012 SP1 – Orchestrator installation.

c. Post Installation tasks.

Step A - SQL 2012 SP1 Enterprise Installation

To complete this step please review: How To Install SCVMM 2012 SP1 By Using SQL 2012 SP1 Enterprise

Step B - System Center 2012 SP1 – Orchestrator installation

1. launch the installation setup by double clicking on “SetupOrchestrator.exe”.

2. Provide the required details to the setup wizard & press on “Next” button.

3. Mark the checkbox “I accept the license terms” & press on “Next” button.

4. Press on “Next” button.

5. Mark the checkbox “Enable IIS Role” & press on “Next” button.

6. Press on “Next” button.

7.Provide ORCSRV Domain Service account details & press on “Next” button.

8. Provide the SQL Server details & press on “Next” button.

9. Press on “Next” button.

10. Press on “Next” button.

11. Press on “Next” button.

12. Press on “Next” button.

13. Answer to the following questions & press on “Next” button.

14. Press on “Next” button.

15. Press on “Close” button.

Step C – Post Installation Tasks

1. Installation the following updates:

a. Installation Microsoft Silverlight.

b. Description of Update Rollup 2 for System Center 2012 Service Pack 1

2. launch the “Runbook Designer”:

3. By using “SQL Server Management Studio” review the new database that was created during the installation process.

4. By using “Services.msc” confirm that all the System Center 2012 SP1 – Orchestrator services are up & running:

For further information please review:

System Center 2012 SP1 - Orchestrator System Requirements

• Read more
• No comments

Introduction

The following article cover a basic installation of SCVMM 2012 [System Center 2012 – Virtual Machine Manager (VMM)] SP1 by using SQL 2012 SP1 Enterprise.

1. Installation media that need to be use for completing the installation process:

a. Windows 2012 Standard (you can use also Datacenter edition).

b. SQL 2012 SP1 X64 Enterprise (you can use also standard / Datacenter edition)

c. SCVMM 2012 SP1

d. Windows Assessment and Deployment Kit that can be download for free from the following link.

2. Network Settings:

SQL & SCVMM Server Name: SCVMMSRV

Note: Its highly recommended to set a static IP address to the SCVMM/SQL Server.

Active Directory Domain DNS Name: scvmmdom.local

SCVMM Domain Service Account– SCVMMSRV - Member of Domain Admins & the Local Administrators Groups.

Note: In production environment its highly recommended to create customize the SCVMM Domain Service Account that a specific security privileges according to Microsoft best practice.

SQL Domain Service Account– SQLSRV - Member of the Local Administrators Group.

3. Main Installation Steps:

a. SQL 2012 SP1 Enterprise Installation.

b. Windows Assessment and Deployment Kit installation.

c. SCVMM 2012 SP1 installation.

d. Post Installation tasks.

Step A - SQL 2012 SP1 Enterprise Installation

1. launch the installation setup by double clicking on “setup.exe”.

2. In the left side of the screen press on “Installation” tab.

3. Press on the tab “New SQL Server stand—alone installation or add features to an exiting installation”.

4. Review the installation advisor report & press “Ok” button.

5. Provide a valid “Product Key” & press on “Next” button.

6. Mark the checkbox “I accept the license terms” & press on “Next” button.

7. Press on “Next” button.

Note: To complete this step successfully, the server need to be connect to the internet.

8. Press on “Next” button.

9. Press on “Next” button.

10. Mark the relevant SQL roles (including management tools) & press on “Next” button.

11. Press on “Next” button.

12. Press on “Next” button.

13. Press on “Next” button.

14. Set “SQLSRV” as a service account for the SQL engine & press on “Next” button.

15. Add the local Administrators group & the domain Administrator to the SQL Administrator group & “SQLSRV” service account & press on “Next” button.

16. Press on “Next” button.

17. Press on “Next” button.

18. Press on “Next” button.

19. Press on “Next” button.

20. Review the installation summary & press on “Close” button.

21. Optional: By using “SQL Server Management Studio” confirm that all the SQL system database exits.

Step B - Windows Assessment and Deployment Kit (ADK) for Windows® 8 Installation

1. launch the installation setup by double clicking on “adksetup.exe”.

Note: To complete this step successfully, the server need to be connect to the internet.

2. Provide answer to the following question & press on “Next” button.

3. Press on “Accept” button.

4. press on “Install” button

5. After completing the installation reboot the server.

Step C - SCVVM 2012 SP1 Installation

1. launch the installation setup by double clicking on “setup.exe”.

2. Mark the checkbox “VMM management server” & press on “Next” button.

3. Press on “Next” button.

4. Press on the checkbox “I have read, and agree with the terms of the license agreement”  & press on “Next” button.

5. Provide answer to the following question & press on “Next” button.

6. Press on “On (recommended)” checkbox & press on “Next” button.

7. Press on “Next” button.

8. From the “Instance Name” dropbox mark “MSSQLSERVER” & press on “Next” button.

9. Provide the following details:

a. SCVMMSRV Domain Service Account & Password.

B. Optional: Active Directory store path for storing decryption keys: “OU=DKM,DC=scvmmdom,DC=local”

Note1: Before moving forward Its highly recommend to read the post of Mr. Aidan Finn (MVP): VMM 2012 Distributed Key Management (DKM)

Note2: You can use also the following store path:

Note: In case that SCVMMSRV Domain Service Account isn't belong to the Domain Admin group, the SCVMMSRV Domain Service Account would need to have a full control on the Active Directory store path & its sub objects.

Press on “Next” button.

10. Press on “Next” button.

11. Press on “Next” button.

12. Press on “Next” button.

13. Review the installation summary & press on “Close” button.

Step D - Post Installation Tasks

1. launch SCVMM Console:

2. By using “SQL Server Management Studio” confirm that a new database named “VirtualManagerDB” was created:

3. In case you decided to use Active Directory as a store for “VirtualManagerDB” decryption keys, please use “Active Directory Users and Computer” or “ADSIEDIT.msc’ to review the decryption keys:

4. Install the following updates:

a.System Center 2012 SP1 Update Rollup 2 (UR2)

b. Update for Windows Server 2012 (KB2785094)

c. Update Rollup for SQL Server 2012 Service Pack 1 (KB2793634)

5. Upgrade from the Evaluation Version of VMM:

How to Upgrade from the Evaluation Version of VMM

For further information please review:

System Requirements for System Center 2012 - Virtual Machine Manager

System Center 2012 – Virtual Machine Manager (VMM) Error Codes [2500-2999]

• Read more
• 1 comment(s)

“Update Rollup 1 for Exchange Server 2010 Service Pack 3 (SP3) resolves issues that were found in Exchange Server 2010 SP3 since the software was released. This update rollup is highly recommended for all Exchange Server 2010 SP3 customers.”

Update Rollup 1 for Exchange Server 2010 Service Pack 3 can be download from the following link.

• Read more
• No comments

“Microsoft Kerberos Configuration Manager for SQL Server is a diagnostic tool that helps troubleshoot Kerberos related connectivity issues with SQL Server.”

Microsoft Kerberos Configuration Manager for SQL Server can be download from the following link.

• Read more
• 1 comment(s)

Exchange 2013 Server Role Requirements Calculator v5.1 can be download from the following link.

• Read more
• No comments

“With the Lync Server 2010 and 2013 Bandwidth Calculator, you can enter information about your users and the Lync Server features that you want to deploy, and the calculator will determine bandwidth requirements for the WAN that connects sites in your deployment. The accompanying User Guide describes the recommended process for estimating your WAN bandwidth needs for Lync client real-time traffic. The User Guide will be updated periodically with new information and modifications.”

Lync 2010 and 2013 Bandwidth Calculator can be download from the following link.

• Read more
• No comments

“The Microsoft Application Virtualization (App-V) Best Practice Analyzer is a diagnostic tool that verifies configuration settings for a computer running a Microsoft Application Virtualization Management Server version 5.0, Microsoft Application Virtualization Publishing Server version 5.0, and/or Microsoft Application Virtualization Reporting Server version 5.0.
Feature Summary:

• -Gathers information about a Server and a Microsoft Application Virtualization 5.0 Management, Publishing, and/or Reporting service instance installed on that Server
• -Determines if the configurations are set according to the recommended best practices
• -Reports on all configurations, indicating settings that differ from recommendations
• -Indicates potential problems in the installed instance of App-V Server 5.0
• -Recommends solutions to potential problems
• -Produces an HTML report with all errors and warnings”
• The Microsoft Application Virtualization Server 5.0 Best Practice Analyzer can be download from the following link.

• Read more
• No comments

http://www.digitalwhisper.co.il/files/Zines/0x29/DW41-3-Adv_Auth.pdf

• Read more
• 2 comment(s)

“PST Capture 2.0 is used to discover and import Outlook Personal Folder (.pst) File Format files into Exchange Server and Exchange Online. PST Capture helps an organization that wishes to gain more control over their email data repositories by placing them into Exchange. By optionally installing PST Capture Agents on target machines, administrators can determine where .pst files are located and who their file owner is via the PST Capture Console. Administrators can import .pst files via Import Lists to Exchange Server or Exchange Online. Data can be directly imported into the primary mailbox or associated archive mailbox.”

Microsoft Exchange PST Capture 2.0 can be download from the following link.

• Read more
• 1 comment(s)

“Exchange Connector connects Service Manager to Exchange for processing incoming emails related to work items. Once Exchange Connector has been configured to monitor exchange mailboxes, it can be used to create and update work items based on templates specified by the admin. By specifying special keywords to look for in the incoming emails, admins can configure Exchange Connector to perform actions like approving or rejecting review activities, or enable activity implementers to mark activities assigned to them as completed.”

System Center Service Manager Connector 3.0 for Exchange can be download from the following link.

• Read more
• No comments