Intall Windows 7 from USB/Pendrive

The method is very simple and you can use without any hassles. Needless to say that your motherboard should support USB Boot feature to make use of the bootable USB drive.

Requirements:
*USB Flash Drive (Minimum 4GB)
*Windows 7 or Vista installation files.

Follow the below steps to create bootable Windows 7/Vista USB drive using which you can install Windows 7/Vista easily.

1. Plug-in your USB flash drive to USB port and move all the contents from USB drive to a safe location on your system.

2. Open Command Prompt with admin rights.
*Type cmd in Start menu search box and hit Ctrl+ Shift+ Enter.
Or
*Go to Start menu > All programs > Accessories, right click on Command Prompt and select Run as administrator.

3. You need to know about the USB drive a little bit. Type in the following commands in the command prompt:

* First type DISKPART and hit enter to see the below message.
* Bootable USB Drive
* Next type LIST DISK command and note down the Disk number (eg: In this example your usb disk is DISK 1).

4. Next type all the below commands one by one. Here I assume that your disk drive no is “Disk 1”.If you have Disk 2 as your USB flash drive then use Disk 2.Refer the above step to confirm it.

So below are the commands you need to type and execute one by one:
SELECT DISK 1
CLEAN
CREATE PARTITION PRIMARY
SELECT PARTITION 1
ACTIVE
FORMAT FS=NTFS
(Format process may take few seconds)
ASSIGN
EXIT

Don’t close the command prompt as we need to execute one more command at the next step. Just minimize it.

Bootable USB Drive

5. Next insert your Windows7/Vista DVD into the optical drive and check the drive letter of the DVD drive. In this guide I will assume that your DVD drive letter is “D” and USB drive letter is “H” (open my computer to know about it).

6. Maximize the minimized Command Prompt in the 4th step.Type the following command now:
D:CD BOOT and hit enter.Where “D” is your DVD drive letter.
CD BOOT and hit enter to see the below message.

7. Type another command given below to update the USB drive with BOOTMGR compatible code.
BOOTSECT.EXE/NT60 H:

Where “H” is your USB drive letter. Once you enter the above command you will see the below message.

8. Copy your Windows 7/Vista DVD contents to the USB flash drive.

9. Your USB drive is ready to boot and install Windows 7/Vista. Only thing you need to change the boot priority at the BIOS to USB from the HDD or CD ROM drive. I won’t explain it as it’s just the matter the changing the boot priority or enabling the USB boot option in the BIOS.

Very Large SharePoint Database Files

Method 1

First You have to connect Sharepoint Embedded SQL Instance

First of all I installed Express Edition Management Studio.
I then created a connection: -
1. Run “cliconfg” on the box from the command line or from Start –> Run
2. In the “SQL Server Client Network Utility” console, click the Alias tab.
3. Create a new Server alias.
4. Server alias: <ServerName>\MICROSOFT##SSEE
5. Replace <ServerName> with the exact server.
Network libraries: Named Pipes
Server name: .\MICROSOFT##SSEE
Pipe name: \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query
6. Then open SQL 2005 management studio, input <ServerName>\MICROSOFT##SSEE as Server Name.

Then go to Next method’s Step 1

Method 2 – If SQL server Express Edition.

So you have installed SharePoint (WSS or MOSS) and you have been happily using it for a while now. Everyone in the office has been taking part in creating some really cool content or loading their sites up with some very important information.

Now fast forward a few months. Your local administrator of the server gets in touch with you to let you know that your SQL Server is running low on memory. What? How could this be? You start to look for the source of the issue and low and behold you run across a 120 GB database log file. 120 GB???? Yep. 120 GB.

You start to think to yourself, “Man, I didn’t know that the SharePoint databases were going to take up this amount of memory. Maybe I need to purchase an extremely large drive to put the database files on”.

Well you could do that. Or you can modify a few settings and set up a few good maintenance plans and you can reduce that log file down to mere kilobytes. This actually happened to a few clients of mine. The main source of the problem is that when most folks install SharePoint they don’t realize that it creates the databases and sets them to Full Recovery Mode. What this means is the database log (.ldf) file never gets shrunk. Mainly this is so that if something happens to the database they you have a full history of all of the transactions that have taken place. But, this is bad for many reasons as well. Now don’t get me wrong many places have that grumpy DBA that will take care of all of this stuff for you, but I mainly see this in small to medium organizations that don’t have a full time DBA on staff and/or they roll a development farm to production without a lot of forethought on recovery if something goes bad.

Let’s see what we can do about this.

First open up your file explorer on your database server or whatever server your database files are located on and look at the size of the database .mdf and .ldf files. If you have a default install of SQL Server you can find these files under C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data. Usually if you find that the .ldf files are in the high MB or GB you definitely need to continue with this article. If not at least check to verify that you have database backups and/or maintenance plans in place.

STEP 1: Backup all the SharePoint Databases
If you are going to do anything with the databases it is always a great idea to do a Full backup on each database

STEP 2: Change the Recovery Mode of the database
This is a fairly easy thing to do. You log in to SQL Server and navigate your way to each one of the databases you want to take care of. The following screen shot is of the database properties dialog. Just right click the database and select “Properties”.

The red outlined section is the recovery model setting. Currently it is set to FULL. The other selection “Simple” is the selection we need to use. So select “Simple” and click OK.

STEP 3: Shrink that excessive log file!!!
So the database that I am currently using as an example the log file is nearly 2 GB (actually it is 1.795GB). To shrink the database log file, right click the database and select “Tasks”, then select “Shrink”, then select “Files”. You will get this dialog:

The database file type is what we are after. We want to switch it to “Log”.

Notice the red highlight. Look at the log file size and the available free space. You have the ability to recapture nearly 89% of the space that is currently allocated. Make sure that the shrink action is set to release unused space and click OK. Now your log file should shrink to only the needed space and it should end up around a few hundred KB.

The important take away here is that when you set up SharePoint you need to be sure that you are actively maintaining your system or be sure that you have the proper processes in place for the database. I have seen many of my clients that all this comes as a shock to them. I don’t think it is really their fault, but more just a point that they never knew had to be considered. Most clients that have DBA’s on staff will rarely run in to this problem since most DBA’s will be the first to be sure that these database are fully maintained and recoverable.

On a side note, please be sure that you or someone that is qualified in your organization creates maintenance plans for the databases. This will assist you in being sure that the database is backed up and maintained properly. There are many articles out there on how to set these plans up on SQL Server 2005 so I won’t bore you with that.

Install MS SQL Server Express in Windows XP SP3 / MSXML6 SP2

If you are trying to install SQL Server 2005 Express edition in Windows SP3 environment, it will most likely fail unless                                                                                       Microsoft has done something to fix this. Read through this blog to find how to get around with this issue.

Symptoms include SQL Server Express edition installation return error and the error log mentioned MSXML 6                                                                                                      Service Pack 2 (KB954459) — Configuration failed. I am not really sure what the root cause is, but it looks like                                                                                                      Windows XP SP3 or MSXML 6 Service Pack 2 protects the MSXML 6 configuration file from update and changes.                                                                                                   As a result, the setup fail to continue.

There are some ways to solve this, including

Uninstall Service Pack 3, install Microsoft SQL Server Express edition, and reinstall SP3.

Disable the File system protection temporarily using regedit.

But, in my opinion the best way is

Uninstall MSXML6 SP2, by using Windows Installer Cleanup Utility which can be downloaded from

http://download.microsoft.com/download/e/9/d/e9d80355-7ab4-45b8-80e8-983a48d5e1bd/msicuu2.exe.

Then install SQL Server Express edition just like usual.

Remove 100MB System Reserved Partition – installing Windows 7

During Setup, if you create a new partition on a clean HDD (no partitions), or delete all partitions and then create a new one – from the Partition screen in Setup, Win7 will create the 100MB boot partition, and you can’t stop it/cancel it. If you want to install Win7 to a clean HDD, but don’t want the boot partition do this:
At the first setup screen (Language, Keyboard, etc.) press SHIFT+F10. This will open a command prompt window. Enter the following diskpart commands to create a partition.
- Diskpart
- List disk
(this command is important. It will show you what disk drives you have. Most likely your hard drive will be will be Disk 0, but you need to check it first.)
- select disk 0
- clean
- create partition primary size=60000
(this creates a partition 60GB in size. If you want to use the whole hard drive, just leave off the size=number)
- select partition 1
- active
- format fs=ntfs quick
Type Exit to leave Diskpart. Type Exit to close the command prompt. Now continue with the install. When you get to the partition screen, highlight the partition you just created and click Next. Windows will install to the partition you created and not create the 100MB boot partition. Instead, you will see a C:\Boot folder when the install is finished

New Folder Virus

How To Remove Folder In Folder Virus
If this virus infected in you computer, It will Disable the following …
Task Manager
Registry Editor
Folder Options
Run in start menu
And it will create exes like the icon of folders. If this virus is running it will use more than 50 % of your processor
Download following tool to remove new folder.exe virus
Download
Download 2

Manually remove it (new folder.exe Fix)
Delete File named svichossst.exe
[HKEY_CURRENT_USER\Software\Microsoft\Windows
\CurrentVersion\Policies \System]
“@”=[HKEY_CURRENT_USER\ Software\Microsoft
\Windows\CurrentVersion \Run]
“Yahoo Messengger”=
[HKEY_LOCAL_MACHINE\SOFTWARE \Microsoft \Windows NT
\CurrentVersion \Winlogon]
“Shell”=”Explorer.exe “

Registry editior has been disbale by your Administrator

Cannot Access Regedit, How to Fix It?
Many times when working on a computer that has been infected with a virus, trojan, or piece of spyware I find myself with my most important command, Regedit, the Windows Registry Editor being disabled. Virus creators like to disable the Registry Editor so it makes solving the problem and removing the issue difficult.
Sometimes administrators in IT departments may place restrictions on using the regedit command to keep employees from changes things on company computers, but viruses and other issues may also try to disable it.
Listed below you will find the different ways to enable regedit, the Registry Editor.

First we’ll begin with the method that appears to work the best.
Method 1 – Enabling the Registry with VBScript
Doug Knox, a Microsoft Most Valuable Professional, has created a VBScript that enables or disables the Registry Editor based on the following location in the registry. Of course, since the registry editor is disabled, you can’t change it manually, so Doug wrote a Visual Basic Script to accomplish the task.
HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\System\
Visit Doug’s page and download Registry Tools VBScript to your desktop, double-click on it to run it, then reboot your computer and try to open the Registry Editor.
If this fix didn’t solve your problem, try method two shown below.
Method 2: Use Symantec’s tool to reset shell\open\command registry keys
Sometimes worms and trojans will make changes to the shell\open\command registry entries as part of their infections. This will cause the virus to run each time you try to run an .exe file such as the Registry Editor. In these cases, visit Symantec’s website and download the UnHookExec.inf file to your desktop. Right-click on it and choose Install. Restart your computer and then try to open the Registry Editor.
Method 3: Rename Regedit.com to Regedit.exe
Some viruses and other malware will load a regedit.com file that is many times a zero byte dummy file. Because .com files have preference over .exe files when executed if you type REGEDIT in the run line, it will run the regedit.com instead of the real regedit.exe file.
Delete the regedit.com file if its a zero byte file to restore access to REGEDIT. In some cases, such as the W32.Navidad worm, you’ll need to rename the REGEDIT file to get it to work.
Method 4: Windows XP Professional and Group Policy Editor
If you have Windows XP Professional and access to an administrative user account, you could change the registry editor options in the Group Policy Editor.

1. Click Start, Run
2. Type GPEDIT.MSC and Press Enter
3. Go to the following location
   • User Configuration
   • Administrative Templates
   • System
4. In the Settings Window, find the option for “Prevent Access to Registry Editing Tools” and double-click on it to change.
5. Select Disabled or Not Configured and choose OK
6. Close the Group Policy Editor and restart your computer
7. Try opening REGEDIT again

Although there are a few other ways, the above ways I have used with great success in re-enabling the REGEDIT command. If you are interested in more ways to reactive the REGEDIT command, you may want to visit a site called Killian’s Guide, that goes into more detail on a variety of ways to get the registry editor to work again.

Windows 7 New Tools

 

The changes to the Windows 7 interface have gotten a lot of play, but some of the new built-in tools are just as compelling. Some improvements are less obvious — like the new or enhanced tools that are included with the OS. Here we discuss 10 of these cool tools that make the computing experience easier.

1. Action Center: Centralized management is the name of the game today, and Windows 7 gives you a one-stop shopping location where you can go to deal with security issues, troubleshooting, and recovery, instead of searching out separate applets for each. It’s all combined in an easy-to-use Control Panel applet, where you get maintenance and security messages and can view performance information, change UAC settings, and more, as shown in Figure 1.

Figure 1: The Windows 7 Action Center provides a centralized location for dealing with security and system problems.

This is an outgrowth of the Security Center in Windows Vista. It made sense to combine security settings and actions with system maintenance and recovery issues. The Action Center also shows up as an icon in the system tray, which displays a red X if there are problems you need to address, as shown in Figure

2.

Figure 2: The Action Center is represented by an icon in the System Tray to alert you when a message needs your attention.

A nice touch is that Microsoft makes it easy for you to turn the various types of notifications on or off, as shown in Figure 3. Thus, if you have an antivirus program installed that Windows doesn’t recognize, you don’t have to deal with constant messages urging you to install one — just turn off virus protection messages.

Figure 3: You can turn the various types of notifications on or off as you wish.

2. Problem Steps Recorder: One of the coolest new tools in Windows 7 is the Problem Steps Recorder (PSR) — especially for those of us who provide support to Windows users. No matter how hard they try, users often have problems accurately describing the problem they’re experiencing or the steps they took before or after experiencing it. Sure, Remote Assistance can be a godsend in those situations. But you can’t always connect to the user’s computer in real time. That’s when the PSR comes in handy.

It’s really a type of screen capture software that records all actions — keystrokes, mouse clicks, etc. — and saves the sequence of events in an MHTML page that documents every step the user took, along with screenshots. You start the PSR by entering psr.exe in the Start menu Search box or at the command prompt. The interface is shown in Figure 4.

Figure 4: The Problem Steps Recorder provides an accurate record of a user’s actions, along with screenshots.

You can view the recorded steps in IE by double-clicking the saved zipped MHTML file, as shown in Figure 5.

Figure 5: You can view the recorded steps in Internet Explorer.

3. ISOburner : An ISO image is a type of archive file that is often used to distribute software. In Windows 7, Microsoft addressed something that’s been on the wish list of many users for a long time: Now you don’t have to download and install a third-party program to burn an ISO file to disc. This also works for images with the .IMG file extension.

It’s a simple process: After you download an .ISO to your hard drive, just double-click it and Windows 7 will open the Burn Disc Image dialog box, shown in Figure 6.

Figure 6: Now you can burn an ISO image to disc easily without installing third-party software.

4. Biometric device management: In earlier versions of Windows, biometric authentication and management of biometric devices ( fingerprint sensors) required third-party software that might or might not integrate well with the OS. Now it’s built in. Windows 7 includes the Windows Biometric Framework, which gives developers an API they can use to build biometrics into applications. Makers of fingerprint sensor hardware, such as UPEK and AuthenTec, worked with Microsoft on the development of the Framework. Biometric devices are managed through a Control Panel applet, shown in Figure 7.

Figure 7: You can change biometric settings and manage devices through a Control Panel applet.

5. Credential Manager: The Credential Manager is another new feature in Windows 7. It is similar in some ways to the password management feature in Vista’s User Accounts applet but is more sophisticated. You can manage Windows credentials for various computers that you sign onto, certificate- based credentials, and other generic credentials (for e-mail accounts, Web accounts, etc.). These are all stored, by default, in the Windows Vault, as shown in Figure 8.

Figure 8: Windows 7’s Credential Manager can store passwords and certificates in a central location.

Perhaps the best new feature in Credential Manager is the ability to back up and restore the Vault. Microsoft recommends that you back up your credentials to a removable drive, such as a flash drive, to make it easier to restore them if you have a hardware failure.

6. Display projection and Windows Mobility Center: If you give lots of presentations, you’ll welcome a new tool in Windows 7 that makes it easy for you to display your Windows 7 portable computer’s desktop on a projector. Just press the Windows logo key + P and you’ll see the pop-up box shown in Figure 9.

Figure 9: The Display Switch settings box lets you quickly change how you want your desktop displayed.

The first setting is the default and displays on the computer screen only. The second setting clones the display on the computer screen to the projector. The third setting extends the desktop across both the computer screen and the projector, and the fourth setting displays via the projector only and turns off the computer screen. Pressing the Windows logo key + X opens up the Windows Mobility Center. Through this interface, shown in Figure 9, you can turn on presentation mode. This disables your screensaver, sets your wallpaper to a neutral one and even puts your IM client on “do not disturb” status. (Figure 10)

Figure 10: When you’re presenting, you can set your laptop to Presentation mode.

7. Text tuning and color calibration: Your computer does the work, but your monitor is what you look at all day. If it doesn’t look good, you don’t get the most out of your computing experience, and you can even strain your eyes. Windows 7 includes two great tools for adjusting your display to fit your preferences. You can access the ClearType Text Tuner from Control Panel or from the command line (cttune.exe) . If you have multiple monitors, you can tune the type on each of them individually, as shown in Figure 11.

Figure 11: You can tune the ClearType text on each of your monitors to suit your preferences.

The tuning tool works somewhat like those eye charts at the optometrist’s office: You select the one that looks best to you, as shown in Figure 12.

Figure 12: To tune the text display, you pick the text that looks best to you.

In addition to the text tuner, Windows 7 provides a color calibration tool. It’s accessible from the Control Panel or from the command line (dccw.exe). It helps you to adjust the gamma, brightness, contrast, and color rendition on your monitors for the best display, as shown in Figure 13.

Figure 13: The Windows 7 Color Calibration tools helps you optimize your display.

8. System Repair Disc: The Vista Service Pack 1 betas included a new feature that let you easily create a system repair disc with a friendly graphical interface, but it was removed in the final release of SP1. Windows 7 restores this functionality. Just click Start and type System Repair in the Search box. Click on Create A System Repair Disc. This opens the dialog box shown in Figure 14.

Figure 14: Windows 7 makes it easy to create a system repair disc. To use the disc, put it in your drive and reboot the computer from the disc.

(You may have to set the CD/DVD drive as the primary boot device in your BIOS.) Then, you’ll get a list of system recovery options, which include:

Startup repair

System restore

System image recovery

Windows memory diagnostic

Command prompt

9. Better backup utility: Of course, previous versions of Windows included a backup utility, but this tool has been significantly improved in Windows 7. Vista’s backup program was user friendly but not very flexible. Windows 7 gives you more granular control over what you want to back up. You can also exclude specified folders from the backup.

You can invoke the Backup And Restore applet from Control Panel or by typing Backup in the Search box on the Start menu. You can back up your files to a local hard disk, a removable disk, a DVD, or another computer on the network. (You may need to provide credentials to access a network location.) Then, you can choose to back up libraries or individual folders, as shown in Figure 15.

 

Figure 15: The Windows 7 Backup utility lets you back up the folders you choose.

10. PowerShell v2: Windows PowerShell (Figure 16) is a command-line shell interface and scripting tool that makes it easier for Windows administrators to automate tasks using cmdlets, which are commands that perform single tasks, and scripts, which are made up of multiple cmdlets to perform more complex, multi-step tasks.

Figure 16: PowerShell is included in Windows 7 by Default

Previous versions of Windows include a command-line interpreter

(command.com or cmd.exe), but PowerShell is much more powerful, providing a UNIX-like command environment that can automate almost every GUI functionality. PowerShell can be downloaded to run on Windows XP or Vista, but Windows 7 is the first client operating system that comes with it built in. (It is also installed by default in Windows Server 2008 R2.) PowerShell v2 adds about 240 new cmdlets, as well as new APIs and features, such as the ability to invoke PowerShell scripts and cmdlets on a remote computer. You can find out more about PowerShell on the Microsoft Website.

Setup IIS (Windows Server 2008)

This guide is written to explain the installation and configuration process of IIS 5.0 on a Windows 2000 Professional or Server System. It also includes information for configuring Microsoft Exchange Server 2000 for E-mail Hosting. This guide assumes you have at least a basic understanding of Windows 2000, IIS, Site Hosting, and System Security. If you have specific questions about any part of this process, contact me and I will provide further instructions. If you are totally clueless, following this guide step-by-step will get you up and running, but may not answer too many questions about what you’re doing or why. I would strongly encourage you to investigate these options more thoroughly and perhaps get a book on Windows 2000 to supplement this guide.

This guide is written strictly for Windows 2000 systems because Windows 9x/ME do not have IIS support, and both Windows XP Pro and Windows Server 2003s process is a bit different because of IIS 6.0. Although you can mostly follow this guide and still configure your XP or 2003 system properly, please be aware that much of the information may need to be altered slightly to get to the same places and features. The information for IIS focuses strictly on configuring the FTP and WWW servers. The Exchange guide will discuss setting up Mail and News services.

System Requirements for IIS:

Same as Windows 2000 OS, plus:

– Broadband Connection, 256MB of RAM or higher for best results.

– Will work regardless of Windows 2000 Professional or Server Edition

– Windows 2000 Server systems which will also function as Active Directory Domain Controllers should already have Active Directory installed and configured.

Installation Process for IIS

1. Open Add-Remove Programs from Control Panel, and select Windows Components button.

2. In the list you will see Internet Information Services… double-click on it.

3. Select the following Required Components, and it will automatically select ALL other required components:

FTP Server

WWW Server

Documentation

4. Evaluate the list of components… select the other features you wish to use. I do NOT recommend installing the Rapid Application Development/Deployment tools nor do I recommend the FrontPage Extensions for security reasons. If you plan to install Exchange later, select NNTP (News) and SMTP (Mail) services now.

5. Have your Windows CD-ROM ready, click OK to return to the main Install Wizard, and then click Next. IIS will be installed now and may take several minutes.

6. Click Finish, and for good measure, reboot the system — Even if it doesnt ask to do so.

Configuration of IIS

1. Launch Start > Programs > Administrative Tools > Internet Services Manager

FTP Server

1. Select the Default FTP Site from the left, and select Properties.

2. On General tab, you can change the following options:

Description of your site to something more appropriate (such as ftp.yoursite.com)

IP Address that your server listens to… All Unassigned is default, but this is useful if the system works on your LAN and the Internet and you want it to only work on one or the other.

Port Number that your server listens to… Default is 21, but many people scan that port. For Security reasons, its better to move it to another port so people cant find it as easily. Disadvantage is that you must specify that port to connect… i.e. ftp.yoursite.com:800

Connection Limits… 2K Pro systems are limited to 10 simultaneous connections. 2K Server can select Unlimited by default or else limit it to any number they choose.

Connection Timeout… I always change this to 120 seconds so that dead connections time out faster.

Logging… I usually use W3C Extended Log format with ALL of the options. I also enable the Use Local Time of Server for times, because I don’t like the conversion from GMT time.

3. On Accounts tab, you can change the following options:

Allow Anonymous Connections… for FTP server, consider if this server will be public use, or secure use. If secure, you MUST disable this login.

FTP Site Operators… I have no idea why anyone would allow someone other than Admins to control the status of their server, but you can if you need to.

4. On the Messages tab, you can set the messages users see when connected to your site.

5. On Home Directory, you can customize where IIS looks on your system for its “Home Directory” … that is, where the files you are serving are stored on your system. For performance reasons, I recommend people change from the default location on C: drive to a separate drive such as D:. Also, you can allow Read, Write, and Logging on this page. I recommend NOT enabling Write access for security reasons. Otherwise, people can add/change/delete anything on your server, and possibly plant virii on your system.

6. For Directory Security, you can customize what IP networks have access to your server. Windows 2000 Pro systems cannot change from “All Allowed” . Windows 2000 Pro systems can limit access to specific systems or subnets. If you customize this, make sure you allow your own network systems access, or you will lose access to the site.

7. Next, we must configure an option in the Security Policy if you disabled Anonymous logins. The change that is required is that ALL user accounts on your system that will be allowed to logon to FTP must be added to the Allow Logon on Locally policy. To do that on Win2K Pro, open Local Security Policy from Administrative Tools, and navigate to — Local Policies\User Rights Assignment. Look for the value marked as “Log on Locally”and add your FTP users to that list. For Win2K Server systems, the same change must also be made to Domain Controller and Domain Security Policies.

Below is a screen shot to explain it better, because this step is very difficult to make. The IUSR accounts must be enabled for anonymous access, and user-access should have those accounts added and enabled as well.

8. Congratulations, your FTP server is now configured.

9. For added security, I recommend limiting the number of users you allow access to your FTP site… also, make the passwords difficult to guess. Also, go to your FTP “Home Directory” and make sure that you change your NTFS permissions to reflect whom you want to give access to. For example, the “Everyone” should not have “Full” access to the directory. On my system, I allow “Administrators” and “System” to have Full access, FTP Users and Everyone only have Read and List access.

Web Server

1. Select the Default Web Site from the left, and select Properties.

2. On General tab, you can change the following options:

Description of your site to something more appropriate (such as www.yoursite.com)

IP Address that your server listens to… All Unassigned is default, but this is useful if the system works on your LAN and the Internet and you want it to only work on one or the other.

Port Number that your server listens to… Default is 80, but many people scan that port. For Security reasons, its better to move it to another port so people cant find it as easily (if this is a secure site or if your ISP blocks Port 80). Disadvantage is that you must specify that port to connect… i.e. www.yoursite.com:800

Connection Limits… 2K Pro systems are limited to 10 simultaneous connections. 2K Server can select Unlimited by default or else limit it to any number they choose.

Connection Timeout… I always change this to 120 seconds so that dead connections time out faster.

HTTP Keep-Alives Enabled… keeps a connection to client open, rather than closing and re-opening the connection with each client-server request.

Logging… I usually use W3C Extended Log format with ALL of the options. I also enable the Use Local Time of Server for times, because I don’t like the conversion from GMT time.

3. On the Performance tab, you can change the following options:

For all types of systems, the Performance Tuning slide should be adjusted to the appropriate setting. Most likely this will be the “Fewer than 10,000″ setting.

For Win2K Server systems, the bandwidth and Process throttling allows you to control how much of your bandwidth and system CPU can be used for your web server.

4. I have found no practical use for the ISAPI filters. Exchange Server installs a few, but I typically leave them alone.

5. On the Home Directory tab, you can change the following options:

Where are the default files for your web site stored. Like with FTP Server, its best to store them on D:

For access, I strongly recommend you select ONLY Read and Log visits, and disable all others.

Unless you have a need to run advanced Java or ActiveX scripts, etc… Remove the Default Application, and select Scripts Only from Execute Permissions.

6. On the Documents tab, you can customize what your “home” page name is. For IIS systems, the default page is default.asp or default.htm. However, I always change this to be index.html. Choose the settings that best suit your needs. I have never used the Default Footer option, but it allows you to automatically append a footer page info on all pages on your site. I guess if you were going to host an Ad-based site that would be a good way to do it.

7. HTTP Headers are similar to the Footers options above. On this tab, you can also set pages to expire (stop working) after a certain period of time… good if you are expecting frequent updates. Also, you can set Content Ratings for your pages to allow “Net Nanny” type products to identify what type of content is on your site. I have never modified the MIME Map… there is no normal reason to do so.

8. There is no reason to modify the Custom Errors or Server Extensions tab either.

9. On the Directory Security tab, you can control several access options:

You can disable Anonymous Logon… useful for private web sites.

You can also require logon options.

You can also restrict your site to specific IPs or IP Subnets.

You can also configure SSL settings using Server Certificates… this is something I have yet to do.

9. Congratulations, your Web server is now configured.

10. For added security, I recommend limiting the number of users you allow access to your Web site… also, make the passwords difficult to guess. Also, go to your Web “Home Directory” and make sure that you change your NTFS permissions to reflect whom you want to give access to. For example, the “Everyone” should not have “Full” access to the directory. On my system, I allow “Administrators” and “System” to have Full access, Web Users and Everyone only have Read and List access.

Advanced Options

1. For both FTP and Web sites, you can add “Virtual Subdirectories… i.e. www.mysite.com/mythings/ … that point to a directory on your system that is NOT located in the default Home Directory. To create this virtual directories, simply right click on the site, and select New > Virtual Directory and follow the wizard. There is no further need to configure these folders, unless you want to add browse access (ability to see and download files from) to the directory or otherwise enhance or loosen security.

2. By default, IIS creates several “Virtual Directories” for itself that are VERY prone to security risks. Among these are the Scripts, all IIS*, and MSADC directories. It is HIGHLY recommended that you delete these directories.

3. I also recommend that you download and run Microsofts IIS Lockdown utility from their site– http://www.microsoft.com/technet/itsolutions/security/tools/locktool.asp — this will allow you to further secure your site.

DNS Configuration

Assuming you have a registered domain name (ie aaronhall.net) with a registrar like Register.com, you will need to add DNS entries as appropriate for your setup. Since these configurations vary too much from registrar to registrar, I can not provide exact details for this task. However, here is a general guideline.

You will need 1 “Class A IP/Host Record” for each “system” on your network that serves the Internet. For example, if you have 3 servers – Server1 , 2 , and 3 – then you should have Class A Records that reference the Machine name Server1.domain.com = IP address.

You will need 1 “Class C Domain Alias” for each service you want to reference. For example, if you want to have www. mail. ftp. and news. domain.com… you will need 4 Class C Aliases… They appear in this format… ftp = server1.domain.com ; www = server2.domain.com ; etc etc.

You will need 1 “MX Record” for each mail server you run. For example for domain.com, an mx record for mail.domain.com should exist.

If you do not have a domain name, you must use your system’s IP address to access your web site. If you don’t know yours, go to a Windows Command Prompt (DOS Prompt) and type ipconfig /all. This will tell you what your IP is.

Setup Active Directory (Server 2008)

This tutorial will walk you through configuring your new Windows Server 2008 system as an Active Directory Domain Controller. Before beginning, there are some things you need to consider.

If you are adding this server to an existing domain (in which case it’s most likely a mixed 2000-2003-2008 environment), you must prep the Active Directory environment for use with 2008 servers. You can do this by performing the following steps:

1. Insert the Server 2008 DVD into your existing primary domain controller (or at least provide access to the DVD over the network and use Remote Desktop to access the server).
2. Open a Command Prompt window (Start > Run > cmd > OK) and switch drives to your DVD. Then use the command cd Source\ADPREP to switch to the ADPREP folder.
3. Run the following commands to prepare your Active Directory environment…
4. adprep /forestprep
5. adprep /domainprep
6. adprep /gpprep
7. adprep /rodcprep

If you don’t do this before you begin configuring your Windows Server 2008 system for the domain, the process will fail, and you could jeopardize operations of your network.

Once the AD upgrade has been performed, you are ready to go!

1. From the Initial Configuration Tasks screen choose Add Roles option, or from the Server Manager console, choose Roles on the left-hand menu, and then choose Add Roles on the right side (click screenshots below for larger view)…

2. You’ll see the following screen. Just click Next.

3. Select Active Directory Domain Services from the list, and click Next.

4. On the screen that follows, read over this information carefully if it’s your first domain configuration. Then click Next.

5. Setup will automatically install all the features required for the server to act as an Active Directory Domain Controller; however, it will not configure it as a domain controller. For now, click Install and the process will begin. When it finishes, it displays a confirmation prompt. DO NOT click Close. Instead, click the blue link labeled, "Close this wizard and launch the Active Directory Domain Services Installation Wizard (dcpromo.exe)".

6. The DCPROMO wizard will begin at this point. Select the option to Use advanced mode installation and click Next.

7. Read the following information carefully and if necessary, and follow the advice if needed. When you’re ready, click Next.

8. Setup branches slightly at this point depending on whether you’re doing an upgrade, addition, or new server install. In this case, I am doing a new forest with a new domain and a new domain controller. In other words, I’m starting from scratch. You should choose the option most appropriate for your environment, but if you’re reading this, chances are you’ll want to do a new environment along with me.

Select the second option for Create a new domain in a new forest and click Next.

9. The Forest Root Domain is always the absolute top-level for your domain. If you’re setting this domain up for use on the Internet (a web or email server, for example), then you should use your registered domain name as shown below. In my case, I’m using aaronhall.net because that is my domain name on the Internet. It does NOT have to be an Internet-accessible domain, however. You can use something like aaronhall.local or just plain aaronhall depending on your needs. Fill this in based on your needs and click Next.

10. The Domain NetBIOS Name is the Windows version of your domain name. It should be just the primary part of your domain name without extensi
ons, so in my case– AARONHALL. Fill this in based on your needs and click Next.

11. Be careful when setting the Forest function level for your domain. If you already have a mixed environment with Server 2000 or 2003, it won’t let you promote it to 2008, but if you are starting from scratch with 2008 and plan to later add a 2003 server for compatibility, you cannot set it as Windows Server 2008 now. Choose this in based on your needs and click Next.

12. You must choose to install the DNS server role on this server if it is your only server or if you have no other DNS servers in your network. I strongly recommend that ALL domain controllers be configured as a DNS server.

NOTE: If this is your first DNS server, you will receive the following warning. Click YES.

13. At this point, setup prompts you for the database, log files, and SYSVOL folder. I generally just accept the defaults and click Next. But many administrators prefer to move these files to a dedicated drive, especially for exceptionally large domains.

14. You will then be prompted for an administrative password for Directory Services Restore Mode. Fill this in based on your needs and click Next.

15. Setup will allow you to review your choices before continuing. Make sure this information is correct, because it cannot be changed later without a LOT of headaches and hassle. When ready to continue, click Next.

16. Setup takes over from here. I recommend choosing the Reboot on completion option and taking a break, because this takes a while, especially for a domain upgrade situation. Setup will reboot automatically when it finishes and when you come back, you’ll be ready to go with your new Active Directory Domain.

Install Windows Server 2008

This tutorial will walk you through an installation of Windows Server 2008. It is a step-by-step process, so it should be appropriate even for those who are new to Server 2008.

Before beginning, you should make sure that the system you plan to install on meets the hardware requirements and that you have downloaded compatible drivers (Vista drivers should work in most cases in lieu of Server 2008 certified drivers, but if the system is going into high-availability production environments, I strongly recommend opting for hardware designed for Server 2008).

• Recommended Minimum Requirements (ignoring the technical minimums Microsoft suggests):
• Dual-Core 2.0GHz system or better
• 2GB of RAM or better (Max for 4GB for 32-bit Standard, otherwise 32GB (or higher) max)
• 40GB of Hard Drive Space
• DVD-ROM Drive Required
• Super VGA Display (800*600) or higher

Install Process

Microsoft has done a really good job of making the Windows Server 2008 as simple as possible, although you should definitely devote at least an hour to getting it up and running.

1. Start by inserting the DVD into your DVD drive and rebooting the system. You’ll want to use your available BIOS options to force the system to boot from the DVD. In my case, I was installing on a Dell PowerEdge, so I pressed F12 with the Dell logo displayed in order to view the Boot Options menu, and then I selected the DVD drive. You will see the following screen as setup loads…

2. Once setup has loaded, you’ll be prompted for language information. Choose English (or whatever is appropriate for you) and click Next…

3. The next prompt is to choose whether you are installing (the primary option) or whether you want to attempt the repair of an existing installation. In this case, choose Install Now.

4. Depending on the media used for the install, you may be prompted for your Product Key information. Enter it now unless you are prepping this install for a Ghost image.

Note: if you don’t enter your product key information, or if your installation media doesn’t prompt now, it will instead prompt for the type of license you have:

5. Next, apparently in an effort of redundancy, choose the actual install option you wish to perform (in this case, I’m installing the 32-bit Enterprise edition):

6. Accept the license agreement and click Next.

7. Upgrade options are only available when setup is run from within an existing version of Windows Server 2003, however, anyone administrator who chooses to do an OS upgrade on a server is a pitiful excuse for a systems administrator. ALWAYS, ALWAYS, ALWAYS install a fresh copy of Windows Server OS and always do a Custom install.

8. Next, choose the appropriate disk to install and click Next. If by some chance your hard drive is not listed, you can use the Load Driver option. If your drive is not partitioned already, it will be partitioned automatically with full capacity by clicking Next… if you want to customize the disk partitions, click the Drive options (advanced) option and adjust settings as needed.

NOTE: I recommend NOT partitioning physical disks. You will have much better performance if you use a physical disk if you need additional drive storage rather than partitioning. Whenever possible, I highly encourage the following drive configuration: 120GB C: drive (RAID1 array, 2 disks) for the OS and system page file; 300GB (or larger) D: drive (RAID1 array or better) for Data Storage, and 300GB (or larger) E: drive (RAID1 array or better) for log files (especially necessary for Exchange, SQL, or SharePoint services).

9. Now you have the pleasure of sitting and waiting for about 30-45 minutes while it copies files and configures the OS…

10. When setup finishes, it will reboot automatically. You will see the following login screen, so Press CTRL+ALT+DELETE, choose Administrator/Other User (I’ve actually seen both– no idea why), leave the password empty, and click OK.

11. Since the password is currently blank, WS08 will force you to set a password now.

NOTE: This isn’t your grandma’s password either. You will be required to enter a strong password that meets these requirements:

• At least 7-characters-long.
• Contains at least 2 letters AND 2 numbers.
• At least one letter must be UPPERCASE and one lowercase… OR… must include punctuation/symbol characters.

Once typed, type it again to confirm, and click OK. Setup will change the password and then will confirm it.

That’s it! The system is up and running in the most basic role, but there is still some configuration to do. The system is pretty much locked down right now, so it’s not going to do any good as a server. This is why you’ll be prompted with the Initial Configuration Tasks wizard. I’ve seen several tutorials that treat this as a separate process from setup, but my guess is that since you were looking for a tutorial to install WS08, you probably wouldn’t mind some tips on getting the server to a useful state, so let’s look at the process now.

1. The first thing to do is to setup the Time Zone and Clock settings (click for larger versions)…

2. Next, setup your network adapter settings so that the network is accessible. This may require driver installation, but in my experience Server 2008 has a rather large driver catalog for network adapters. For this process, I’m going to assume you know how your server is meant to be setup on the network as far as IP addresses and such. Start by clicking on Configure networking and you’ll see the familiar Network Connections window. Right click on Local Area Connection and choose Properties to see the details of that connection. In this screenshot, I opted to change some of the Internet Protocol Version 4 settings so that I have a static IP address set. This is definitely recommended for any server and is required for an Active Directory Domain Controller (more on that in another tutorial).

NOTE: Unless you plan on running an Exchange Server 2007 or unless you require it in your environment, I recommend turning Internet Protocol Version 6 off (unchecked).

3. Next, click on Provide computer name and domain to setup the computer name. If this is going to be a member server (rather than Active Directory server) add it to the domain now. If you plan on using it as a Active Directory domain controller, DO NOT add it to the domain now. That process will be explained in another tutorial.

NOTE: Do NOT reboot when prompted.

5. Next, let’s configure the server for automatic updates and configure the Customer Experience Program and Error Reporting features. Start by clicking the Enable automatic updating and feedback option. Below are the settings I recommend choosing…

6. Next, let’s install any available Windows Updates and reboot before continuing. There will be at least 20 updates available if you choose the settings outlined above.

NOTE: When prompted after installation, DO reboot the system!

At this point, the server is still in a stand-alone server mode.

The Initial Tasks wizard begins again on login, and at this point, we’re ready to configure the server for different roles. Roles are functions that the server can provide—file sharing, DNS, DHCP, etc. This is actually one feature of Server 2008 that I wish existed in every version of Windows. It makes setting up all the different options you want considerably easier, and along the way it keeps the server as lean or full-functioned as you desire.

I will be posting separate tutorials on each role at some time in the future (or at least the ones I find genuinely useful).

Also at this point, you can configure any additional features you want on your server. These include everything from Vista Desktop features to advanced network features. Since there are so many, I will not be detailing them specifically, however, I will provide links to many of the more complex features.

Next—and almost done—you can choose to enable or disable Remote Desktop access to the server. I recommend leaving it on but locking it down to only two-or-three Administrator-level users.

Finally—and definitely do this last—you should setup the Windows Firewall service based on the roles and features you’ve chosen so far. In most cases, the Roles wizards will do this for you. Still, it never hurts to double-check those settings yourself as a reference.

Well, that’s pretty much it. Windows Server 2008 is definitely the easiest version yet to get up and running. Be sure to check out the tutorials on the different roles for any specific functions or problems you may encounter along the way. Oh and one more thing– you should DEFINITELY install any missing hardware drivers at this point, especially the hardware chipset drivers and firmware updates. These will guarantee that your server is operating at its optimal performance.