The Network Administrator

1. Click Start > Run
2. Type in CMD and press [enter]
3. At the command prompt, type COMPCLN and press [enter]
4. Press Y when prompted to continue
   (the application will now start cleaning up the old files)

The size of the WinSXS folder (and potentially others?) should now have been reduced. On my computer, I found that the WinSXS folder was only reduced by 1 GB, but others have seen 3-4 GB reductions.

You may, if you wish, chose to change the default location of search index. It is, by default, stored at C:\ProgramData\Microsoft\Search\Data folder, which is a hidden folder.

To do so, Open Control Panel in its ‘all items view’, and click on Indexing Options.

1. Next click on Advanced.
2. In the Index location box, click Select new.
3. Choose the folder where you want to store the search index file in. Click on OK.
4. Restart Windows Search Service and indexing will take place and be saved at this new location.

Gear List

• Windows Server 2008

• IP: 10.6.231.10

• Cisco ASA Security Appliance:

  • ASA 5510
  • IP: 10.6.231.1

Cisco ASA Setup – Using the new Cisco ADSM tool

Create an IP Name object for the target

1. Under the Firewall section, expand the Objects link and select the IP Names.
2. Click the Add button at the top.
3. Enter a descriptive name, the IP address and a description of the server.
4. Name: SRV1
5. IP: 10.6.231.10
6. Description: AD Server
7. Click OK and then Apply

Create a new AAA Server Group

1. Click the Remote Access VPN section.
2. Expand AAA Setup and select AAA Server Groups.
3. Click the Add button to the right of the AAA Server Groups section.
4. Give the server group a name, like AD server, and make sure the RADIUS protocol is selected.
5. Accept the default for the other settings. And click OK

Add the RADIUS server to the Server Group.

1. Select the server group created in the step above.
2. Click the Add button to the right of Servers in the Select Group.
3. Under the Interface Name select the interface on the ASA that will have access to the RADIUS server, most likely inside.
4. Under Server Name or IP Address enter the IP Name you created for the RADIUS server above.
5. Skip to the Server Secret Key field and create a complex password. Make sure you document this as it is required when configuring the RADIUS server. Re-enter the secret in the Common Password field.
6. Leave the rest of the settings at the defaults and click Ok.

Setting Up RADIUS on Windows Server 2008

Add Network Policy Server

1. Remote into  Windows Server 2008 server and launch Server Manager.
2. Click the Roles object and then click the Add Roles link on the right.
3. Click Next on the Before You Begin page.
4. Select the Network Policy and Access Services role and click Next.
5. Under Role Service select only the Network Policy Server service and click Next.
6. Click Install.

Setup your server using the Network Policy Server (NPS)

1. After launching the NPS tool right-click on the entry NPS(Local) and click the Register Server in Active Directory.

Create a RADIUS client entry for the ASA.

1. Expand the RADIUS Clients and Servers folder.
2. Right-click on RADIUS Clients and select New RADIUS Client.
3. Create a Friendly Name for the ASA device. Maybe LocationName_ASA_FW1.
4. Enter the Server Secret Key specified on during the ASA configuration in the Shared secret and Confirm shared secret field.
5. Leave the default values for the other settings and click OK.
   
   

Create a Connection Request Policy.

1. Expand the Policies folder.
2. Right-click on the Connection Request Policies and click New.
3. Set the Policy Name to something meaningful. I used LocationNameFW because this policy is geared specifically for that RADIUS client. Leave the Type of network access server as Unspecified and click Next.
4. Under Conditions click Add. Scroll down and select the Client Friendly Name condition and click Add…
5. Specify the friendly name that you used when creating the RADIUS Client above. Click OK and Next.
6. On the next two pages leave the default settings and click Next.
7. Under the Specify a Realm Name select the Attribute option on the left. From the drop down menu next to Attribute: on the right select User-Name. Click Next again.
8. Review the settings on the next page and click Finish.

Create a Network Policy.

1. Right-click the Network Policy folder and click New.
2. Set the Policy Name to something meaningful. Leave the Type of network access server as Unspecified and click Next.
3. Under Conditions click Add.
4. Add a User Group condition to limit access to a specific AD security group. You can use a generic group like Domain Users or create a group specifically to restrict access.
5. Add a Client Friendly Name condition and again specify the Friendly Name you used for your RADIUS client.
6. Click Next. Leave Access granted selected and click Next again.
7. On the authentication methods leave the default selection and add Unencrypted authentication (PAP, SPAP).
8. Accept the default Constraints and click Next.
9. Accept the default Radius Settings and click Next. Review the settings and click Finish.

http://sectools.org/vuln-scanners.html
http://www.nessus.org/nessus/
http://www.wireshark.org/
http://www.hping.org/
http://www.cirt.net/nikto2
http://freeworld.thc.org/thc-hydra/
http://www.aircrack-ng.org/
http://www.foundstone.com/us/resources/proddesc/superscan.htm
http://www.eeye.com/Products/Retina.aspx
http://technet.microsoft.com/en-us/sysinternals/default.aspx

You may need to know if there are any files in the DFS backlog between two servers replicating data.

I simply use DFSRDIAG, just open a command prompt, and type

DFSRDIAG ?


this will give you all the available options for the utility.

To check the backlog type the entire command below.


C:\>DFSRDIAg backlog /rgname:TypeNameHere /rfname:TypeNameHere /sendingmember:ServerNameHere /receivingmember:ServerNameHere


Similar to the Exchange Management console it shows you the powershell script that was used!

Here is the site, and there is a tab to download.
http://powergui.org/index.jspa

Dont forget to check out the PowerGUI Library for more add-ons
http://powergui.org/kbcategory.jspa?categoryID=21

Tutorials Page
http://powergui.org/tutorials.jspa

I was looking for a way to grant a group of users access to domain controller servers without granting them access to make changes to active directory.

1.Log onto a domain controller with full domain administrator rights.

2.Inside of Active Directory Users and Computers, create a global security group called DCAdmins. Add all users/groups that will need administrative access to the domain controllers to this group.

3.Create another global security group called DenyDCAdmins.

4.Add the DCAdminsgroup to the DenyDCAdmins group.

5.Inside of Active Directory Users and Computers, right-click on the domain name and choose Properties. Click on the Security tab (if the Security tab is not available, go to the View menu and choose Advanced).

Click on Add and choose the DenyDCAdmins group. Once the group has been selected, click on the Deny checkbox next to Full Control in the Permissions area.

All users or groups that are members of the DCAdmins group have full administrative access to all domain controllers but do not have any access to Active Directory.

6. The last thing to do is to add the DCAdmins group to allow logon through terminal services. This is done by clicking start, run, and typing Secpol.msc

7. Under user rights assignments – allow logon through terminal services, add the DCAdmins security group to each domain controller.

This simple app can be scheduled as a windows Task. It will ping anything with a valid IP address at an interval in minutes you set. If a ping fails on an IP address you will receive an email to notify you that there is a problem.

You can download the program here http://apps.thenetworkadministrator.net/monitor_servers.zip

There is a configuration file called PingInfo.exe.config which will allow you to set your email server, polling interval and the the email address or group for the notifications.

add key=”EmailAddress” value=”name@foo.com
add key=”PollingInMinutes” value=”15″/>
add key=”SMTPHost” value=”mailserver.foo.com
>

Just run this microsoft application…and the select the application to remove.

http://apps.thenetworkadministrator.net/msicuu2.exe

Download and burn the NT offline password reset  iso from http://apps.thenetworkadministrator.net/Windows_Password_Reset.zip