Friday, March 23, 2012

ADMT 3.2

Microsoft Document is suck...

This is another better testing procedure I found on the web.


1. On all DC's failure auditing must be enabled:
 --> Policy -> Computer configuration -> windows settings -> security policy -> local policy -> auditing policy -> Audit Accountmanagement (failure and success)
2. On the destination and the source DC the following group policy should be configured simmilar:
 --> Policy -> Computer configuration -> windows settings -> security policy -> local policy -> security options -> Network Security: LAN Manager Authentication
3. Both Domain Admins should be member of the BuiltIn Group Administrators in the other domain
4. Set the registry key hkey_local_machine\system\currnetcontrolset\control\lsa\tcpipclientsupport to 1 on the source dc
5. Disable SID Filtering with netdom.exe and commandline
-->On target dc:
netdom trust {FQDN of target domain} /domain:{FQDN of source domain} /enablesidhistory:yes
netdom trust {FQDN of target domain} /domain:{FQDN of source domain} /quarantine:no
-->On source dc:
netdom trust {FQDN of source domain} /domain:{FQDN of target domain} /enablesidhistory:yes
netdom trust {FQDN of source domain} /domain:{FQDN of target domain} /quarantine:no
6. On the source DC create a local security group in the domain
--> Name: NetBiosNameoftheDomain$$$$ for examble: subdomain$$$
7. gpupdate /force on both domains
8. Add the Domain Admins global group from the target domain to the Administrators local group in the source domain.
9. Test the trust in AD Domains and Trusts
Posted by at No comments:

Wednesday, March 14, 2012

Disable unnecessary SLES 11 Service

chkconfig --level 23456 portmap off
chkconfig --level 23456 autofs off
chkconfig --level 23456 smartd off
chkconfig --level 23456 acpid off
chkconfig --level 23456 nfs off
chkconfig --level 23456 splash off
chkconfig --level 23456 splash_early off
chkconfig --level 23456 postfix off
chkconfig --level 23456 alsasound off
chkconfig --level 23456 dbus off
chkconfig --level 23456 network-remotefs off

Posted by at No comments:

Install VMware-Tools in SLES 11 SP2 for VMware on ESXi 4.0u4

http://packages.vmware.com/tools/docs/manuals/osp-esx-41-install-guide.pdf

As SLES 11 SP2 is not supported on ESXi 4.0 so we use ESXi 4.1 VMware-Tools.

rpm --import http://packages.vmware.com/tools/VMWARE-PACKAGING-GPG-KEY.pub

wget http://packages.vmware.com/tools/esx/4.1latest/sles11sp2/SRPMS/vmware-open-vm-tools-kmod-8.3.12-559003.src.rpm

YaST2 --install gcc kernel-source kernel-syms

rpmbuild --rebuild vmware-open-vm-tools-kmod-8.3.12-559003.src.rpm


rpm -ivh /usr/src/packages/RPMS/x86_64/vmware-open-vm-tools-kmod-3.0.13-0.27-default-8.3.12-559003.x86_64.rpm


zypper addservice --type=YUM  http://packages.vmware.com/tools/esx/4.1latest/sles11sp2/x86_64/ vmware-tools-collection

zypper install vmware-tools

--------------------------------------------------------------------------------

zypper addservice --type=YUM http://packages.vmware.com/tools/esx/latest/sles11.2/x86_64 vmware-tools-collection
Posted by at 2 comments:
Subscribe to: Posts (Atom)