Basic Commands for Windows Server 2008 R2

Widows Server 2008 R2 comes now with standard as well as core installation options. In core installation you get a traditional blue backgroud and a commnd shell open to you for installation and configurations.
Now about the basic commands,

Configuring IP Address
1- Go to command shell and type

ipconfig/all
(press ENTER)
This command will give you names and brief status of all NICs installed on the server

2- Type this command to determine ID of the NIC you want configured for the usage

netsh interface ipv4 show interfaces
(press ENTER)
Let's suppose 7 is the ID of your desired NIC which we got from this command.
Now we need to give following settings to our NIC
IP Address: 192.168.100.1o
Subnet Mask: 255.255.255.0
Gateway: 192.168.100.254
3- Type this command

netsh interface ipv4 set address 7 source=static address=192.168.100.10 mask=255.255.255.0 gateway=192.168.100.254
(press ENTER)

Now if you again run ipconfig/all you can verify your new setting for IP address.

Configuration of a ServerRole
In order to configure a specific server role we will follow these steps,

1- First of all get a list of features available with Windows Server 2008 R2 in a tabular form by typing this command,

Dism /online /get-features /format:table
(press ENTER)

You will get a list of all features (server roles) that can be installed.

2- Now we pick Hyper-V from the list to install on this server
We have determine that Hyper-V feature is names as "Micorosft-Hyper-V".
We will type this command for installation of Hyper-V feature

Dism /online enable-feature /featurename:Microsoft-Hyper-V
(press ENTER)

Enabling Remote Desktop
You can enable remote desktop on Core server but in order to use it there is a limitation. No two sessions can be utilized at a time either through remote desktop or local console.
If you are logged on locally you will have to log off in order to work through remote desktop session and vice versa.
To enable remote desktop feature for Windows 7 clients use this command

Cscript c:\windows\system32\SERegEDit.wsf /aro
(press ENTER)

To enable remote Desktop feature for Windows XP or 2003 clients use this command

Cscript c:\windows\system32\SERegEdit.wsf /cso
(press ENTER)

Note: Enabling remote desktop for clients running OS older than Vista is not recommended by Microsoft.

Limiting Attachment Size for Email Delivered and Received

In order to limit attachment size for incoming emails these steps can be followed,
1- Determine existing situation by using “GET” command on Exchange Management Shell
[PS] C:\Windows\System32>Get-TransportConfigClearCategories : True
DSNConversionMode : UseExchangeDSNs
GenerateCopyOfDSNFor : {5.4.8, 5.4.6, 5.4.4, 5.2.4, 5.2.0, 5.1.4}
InternalSMTPServers : {}
JournalingReportNdrTo : <>
MaxDumpsterSizePerStorageGroup : 18MB
MaxDumpsterTime : 7.00:00:00
MaxReceiveSize : unlimited
MaxRecipientEnvelopeLimit : unlimitedMaxSendSize : 10MBTLSReceiveDomainSecureList : {}
TLSSendDomainSecureList : {}
VerifySecureSubmitEnabled : False
VoicemailJournalingEnabled : True
WritingBrandingInDSNEnabled : True
Xexch50Enabled : True

Max Send Size portion shows that maximum limit is 10 MB,

2- Now we can use “SET” command to alter the value

[PS] C:\Windows\System32>Set-TransportConfig -MaxSendSize:307203- For reconfirmation again check values by “GET” command

[PS] C:\Windows\System32>Get-TransportConfigClearCategories : True
DSNConversionMode : UseExchangeDSNs
GenerateCopyOfDSNFor : {5.4.8, 5.4.6, 5.4.4, 5.2.4, 5.2.0, 5.1.4}
InternalSMTPServers : {}
JournalingReportNdrTo : <>
MaxDumpsterSizePerStorageGroup : 18MB
MaxDumpsterTime : 7.00:00:00
MaxReceiveSize : unlimited
MaxRecipientEnvelopeLimit : unlimited
MaxSendSize : 30MB
TLSReceiveDomainSecureList : {}
TLSSendDomainSecureList : {}
VerifySecureSubmitEnabled : False
VoicemailJournalingEnabled : True
WritingBrandingInDSNEnabled : True
Xexch50Enabled : True

Note: 
Same steps can be followed to change MaxReceiveSize however if you are using EDGE server roles, the change must be done on all HUB and EDGE servers.

Email Delivery Fails to My Domain Running on Exchange 2007 from only One Sender Domain

Email Delivery Fails to My Domain from only One Sender Domain
A problem occurs in Microsoft Exchange 2007 when delivery from only one sender domain fails.
You may get one of these or both error messages,
Error I

   (reason: 550 5.7.1 Sender ID (PRA) Not Permitted)

Error II
554 5.0.0 Service unavailable

Apparently everything is running OK like,
- Email delivery is failed to all users of my domain
- Email communication between your domain and this domain was normal a few days back
- Sender Domain’s reputation is “Good” or “Neutral” as per “senderbase.org” records
- Sender Domain’s SPF records are properly entered
- EDGE Synchronization is working fine
- There are no event Logs on EDGE Transport Server
- Problem comes with only one sender domain
I have studied a lot about this issue and Microsoft does not give any reason of this problem, solution is however there, even on the technet.

Solution
1- Go to EDGE Transport server and create a new custom “Receive Connector”. Provide IP and FQDN of problematic domain in the connector settings.
2- All other security & configuration settings must be exactly as your default receive connector.

After a week or so disable this connector and examine email delivery from this domain. If there is no issue keep this receive connector disabled.

Fighting Malware

A few decades ago, the Internet was an obscure network of large computers used only by a small community of researchers. It took the Internet very little time to become an important part of common man’s life. Today it's the center of attention for businesses, governments and individuals around the world. It has spawned entirely new industries, transformed existing ones, and become a global cultural phenomenon. Like all others, this great revolution has also brought with it some side effects. Though not that horrible, yet significantly important to be taken care of.
Internet security has become a growing concern in the information age. Many are posing threat to this growth and spy ware is one of them.
What is Spy-ware? Spy ware is a fast growing threat that represents a major security and privacy risk. Spy ware is a program that is installed, with or without the user’s permission, and can monitor computer activity while broadcasting the information back to an outside party that controls the program. Spy ware comes in many shapes and sizes. Some types of the spy ware are simply an annoyance, causing increased spam or unwanted pop-ups, while others can threaten your security. These pests often lurk silently on your computer until someone or something sets them off. Spy ware can do more than steal your personal information. It can also rob your PC of its speed, stability and internet access efficiency.

Common spy ware categories include:
Spy ware steals information about you, your computer and your surfing habits.
Ad ware displays unwanted advertising on your computer screen, can track your web surfing habits and report all the information back to a central advertising server. It can slow your PC to a crawl by bombarding it with unwanted ads.
Key Loggers can record every keystroke you make on your PC and steal your passwords and confidential data.
Browser Hijackers can reset your default home page and search results. Some may prevent you from changing your browser’s home page back to its original default or visiting a particular site.
Remote Access Trojans (RATs) give a hacker complete control over your PC, as if the hacker was at your keyboard.
Browser Helper Objects (BHOs) can search all pages you view in Internet Explorer and replace banner advertisements with targeted advertisements, monitor and report on your actions and change your home page.

Spy ware or Mal ware can be of following types,
 Ad ware
 Browser Hijacker
 Browser Plug ins
 Bundled Software
 Commercial Key Loggers
 Commercial Network Management Tool
 Dialer
 Generic Mal ware
 Remote Administration Tool
 Software Application
 Trojan
 Utility
 Virus
How do we get spy ware? Spy ware can be installed on your computer without you even knowing. It happens in several ways.
 Web Browsing Spy ware can be installed by ordinary surfing on the internet. “drive-by” downloads are the most common.
 Peer to Peer File Swapping (P2P) P2P allows users to share files with other members within a file sharing community on the internet. A good example of P2P is free music sharing websites such as KAZA or Napster
 Installing Legitimate Software Spy ware and Ad ware can come bundled in software that you intentionally download. For example, ad ware comes bundled in free downloads such as Screen Savers with the consent to install buried in a long end user license agreement. Some Web Tools Bars are also reported to be a known cause of such problems.

What are the symptoms of Spy ware?
Spy ware can affect a PC or network in various ways. Here is a list of common symptoms to help you decide whether or not you have spy ware installed on your machine.
For Consumers:
 Slow PC Performance. One of the spy ware’s many effects is the significant slowdown in performance of your PC. Your computer may seem sluggish, take longer to start when you turn it on, or take longer to get to the internet. For example, a computer with as little as two ad ware can take more than 14 minutes to boot.
 New Tool Bars. Certain types of spy ware such as hijackers can add new tool bars to your Internet Explorer that you did not knowingly install.
 New Desktop Shortcuts. Some spy ware may add new shortcuts on your desktops.
 New Default Home Page. Browser Hijackers change your default homepage to a different page. Some home page hijackers may prevent you from changing your browser’s homepage back to its original default or prohibit you from visiting certain websites.
 New Search Results. Hijackers can also change the results of a web search and point you to designated web sites you did not request in your search.
 New Error Pages. Error hijackers will display a new error page when a requested URL is not found.
 Excessive Full-Page and Pop-Up Ads. Ad ware can inundate your computer with targeted ads based on web surfing habits that have been tracked.
For Enterprise:
All of the above and the following:
 Slow Network Performance. Like Pac’s performance spy ware also degrades the over all network efficiency.
 Congested Network Traffic. Spy ware transmits and receives information across a network causing significant overhead and therefore bandwidth wastage.
 Modified or Deleted Files. If you notice that files have been modified or deleted for an unknown reason, this could be the result of spy ware.
 Lost Control of PC. Certain types of spy ware such as RATs can take control of a PC or an entire network.

Removal and Prevention Methods
The major challenge of spy ware is that it is extremely difficult to remove. Spy ware programs can have hundreds of bits of individual code that are cumbersome, difficult and risky to manually remove. The uninstallers of most spy ware programs do not completely uninstall the program. They can have self protection mechanism such as re-installers and they can have constant re writes to the registry, and can have multiple copies of the program running at he same time with a different names to protect each other.

In order to keep your system clean from spy ware it is always recommended to have more than one Anti Spy-ware software installed on your system. However installing the Anti Spy ware software will not be the end of this problem. Regular updation of the Anti Spy ware definition files is also necessary.
Following precautions can be helpful in protecting your PC and Network from the damaging effects of mal-ware.
1- Always keep your Operating system, Anti Virus and Anti Spy ware Software updated.
2- Nothing is free in this world. Please keep this in mind while surfing the Internet as well.
3- Avoid as much as you can plugging in any removable media (CD, Floppy, and USB Drive etc.) in your PC if you are not sure about its contents.
4- Never open an email if you have any doubt about the authenticity of the sender.
5- Keep our computer’s firewall turned ON.

Lots of freeware are also available on the Internet that may help prevent your network from a spy ware attack. However, the following two are recommended by the experts world wide.

Spybot Search & Destroy
Adaware SE
These can be downloaded from www.download.com

(Published in August 2007 issue of "TELE NEWS", A quarterly Magazine by Pakistan Telecommunication Company Limited)