Recently in Windows Category
If you are using a web application that uses Windows Live, such as Microsoft Dynamics CRM Live, you might be wondering, how does authentication work.
The first step in the process is that the
web application registers with the Windows Live ID service. This
registration includes creating unique keys for the application and
storing a URL that the Live ID service will use to redirect users after
they sign into Windows Live ID.
The 2nd step is when the
application wants to authenticate the user. The application will
provide the 'sign-in' link on it's web page. When clicking on the link,
the user will be redirected to a sign-in page hosted by Windows Live
ID. When this happens a token is also passed that identifies the
application. By passing in a token that was given to the application at
time of registration, the sign-in page understands who is calling it.
The
3rd step is that the user logins into Live ID. After logging into Live,
the Live service redirects the user to the applications designated page
that it registered with. The application can then redirect back to the
original landing page the user came in on. Presto, you are
authenticated to the Web application.
Windows Live does not store or pass any permissions ( or personal ) information to the application. It's the applications responsibility to manage the permissions. Windows Live is used to handle the authentication. Authentication is validating that the user is who the user claims they are. Below is a high level architectural diagram of the Windows Live ID Service.
For client side applications it's little different. On the client side, applications utilize a special component named MSIDCRL40.dll. This component handles a variety of services such as encryption. The client side application will need a to create or retrieve a key that is used. In a software+service model, this might include calling into a web service of a online application to retrieve a dynamically generated key that is used. After the call is made, a token is used that can be presented to the application that can be checked against the original key to ensure that the authentication was not compromised. After that the user is authenticated and again the application handles permissions internally. In both scenarios, the authentication is time stamped to be valid only for a specific time. The time stamped token can be 'cached' just like cookies are used in web application.
推荐追新的同学看的几个:
PowerShell - 无脚本运行
Windows 管理 - Active Directory 复制指南
新增软件更新管理工具 - SCCM2007 介绍
实用工具特别推荐 - VMRC Plus
优化 SQL Server CPU 性能
Microsoft 的 Exchange 边缘传输服务器
使用 Office Communications Server 2007 连接用户
Exchange Server 2007 数据保护与灾难恢复
还有很多好的技术文章和实用工具我就不一一列出了,大家自己去挖吧
VMRCplus is a tool for both configuration management of Virtual Server and remote control of virtual machines. It allows for local and remote management of Virtual Server and supports simultaneous management of up to 32 Virtual Server hosts.
Remote control sessions of virtual machines are grouped in a single window using Tab pages. The interface enables sorting virtual machines based on various properties like name, status and description. Multi-select of virtual machines enable you to perform actions to change their status or open remote control sessions all at once.
虚拟化是当今的热门话题。许多 IT 专家将硬件虚拟化用于学习和测试方案。为此,Microsoft 现在提供了 Virtual PC 2007,它是一种软件虚拟化解决方案,适用于有限数量虚拟机的独立安装。请注意,该新产品不能取代将虚拟化引入数据中心的 Virtual Server 2005。
通过 Microsoft® Virtual Server 2005,您能够虚拟化许多服务器工作负荷,但与 Virtual PC 不同,Virtual Server 的界面是 Web 应用程序。虽然基于 Web 的管理有其优点,但对于日常管理,许多人希望有与 Windows ® 应用程序行为相似的丰富用户界面。
Virtual Machine Remote Control Plus(简称 VMRCplus)是 Virtual Server 2005 用户界面的替代品。因为 VMRCplus 是 Windows Forms 应用程序,所以它能够轻松管理 Virtual Server 及其虚拟机。请注意,Virtual Server 附带了名为 VMRC 的工具,用于对虚拟机进行远程控制。但 VMRCplus 既可以实现对 Virtual Server 的配置管理,又可以实现对虚拟机的远程控制 -- 全部都可以在单个应用程序内完成。
PowerGUI is an extensible graphical administrative console for managing systems based on Windows PowerShell. These include Windows OS (XP, 2003, Vista), Exchange 2007, Operations Manager 2007 and other new systems from Microsoft. The tool allows to use the rich capabilities of Windows PowerShell in a familiar and intuitive GUI console.
2. How much does it cost and is registration required?
PowerGUI is a freeware product thanks to the support we are getting from Quest Software. You can download the product and access all information on this site absolutely for free and without any registration or login. You will have to register only if you want to post information to the discussion forums or library, or subscribe to notifications by email (RSS subscription does not require registration.)
3. What are the system requirement?
The main system requirement is Windows PowerShell (which in its turn requires .net framework 2.0). If you don't have this installed on your computer PowerGUI setup will detect that and open a web page from which the system can be downloaded. In terms of operating systems we support Windows XP, 2003, Vista, and Longhorn; both 32- and 64-bit. Particular snapins may add their specific system requirements. For example the Exchange 2007 snapin we ship today naturally requires Exchange 2007 or its administrative tools.
4. What can I do with PowerGUI?
Pretty much anything that the underlying system permits. You can browse through the system, filter/sort what you get, select the columns, perform actions on selected objects, change their properties, export data to clipboard, Excel, xml, or just html reports, and much more. And if you don't believe this is all being done by Windows PowerShell just switch to another tab and you'll see the PowerShell code behind what you've been doing.
Check out PowerGUI extensions library for the additional features you can download from the community.
http://www.powergui.org
Demo http://powergui.org/shares/powergui/...roduction.html
还不错,推荐给使用Exchange 2007 或者基于 Windows PowerShell 的微软产品(比如Windows Server 2008, SCOM 2007)的朋友试试看
主要问题是如果你在 AD 里面新创建了一个用户,但是在 TFS 的用户管理里面却看不到这个新建的用户,有可能要过很长时间(比如说1天)才能同步过来。而默认的同步时间应该是1个小时,微软已经确认这是个程序的 Bug,受影响的产品包括 RTM 和 SP1.
下载该补丁
注意: 这个是英文版,其它语言版本请联系 MS 取得
暂时的解决方法:
重新启动 TFS 应用程序层服务器上的 IIS 服务
下载
http://mcitps.com/showthread.php?t=33
This issue may occur if the registry entry that points to the Mlcfg32.cpl Control Panel file is missing or damaged.
RESOLUTION
Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using
another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
To resolve this issue, follow these steps:
1.Make sure that the following Control Panel file exists and that it works as expected:
Drive:\Program Files\Common Files\System\MSMAPI\1033\mlcfg32.cpl
2.Click Start, click Run, type regedit, and then click OK.
3.Locate the following registry subkey:
HKEY_CURRENT_USER\Control Panel\MMCPL
4.Make sure that the mlcfg32.cpl registry entry exists. Additionally, make sure that its value is set as follows:
Drive:\Program Files\Common Files\System\MSMAPI\1033\mlcfg32.cpl
If the mlcfg32.cpl registry entry does not exist, you must create it. To do this, follow these steps:
a. Right-click the MMCPL registry subkey, point to New, and then click String Value.
b. type mlcfg32.cpl as the name of the registry entry.
c. Double-click the mlcfg32.cpl registry entry, type Drive:\Program Files\Common Files\System\MSMAPI\1033\mlcfg32.cpl in the Value Data box, and then click OK.
5.Exit Registry Editor, and then open Control Panel. The Mail icon is displayed as expected.
PS.
I'm using Outlook 2007, so my mlcfg32.cpl is located in
Drive:\Program Files\Microsoft Office\Office12\MLCFG32.CPL
and the setps are:
1.Make sure that the following Control Panel file exists and that it works as expected:
Drive:\Program Files\Microsoft Office\Office12\MLCFG32.CPL
2.Click Start, click Run, type regedit, and then click OK.
3.Locate the following registry subkey (if not exist, create it):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls
4.Make sure that the mlcfg32.cpl registry entry exists. Additionally, make sure that its value is set as follows:
Drive:\Program Files\Microsoft Office\Office12\MLCFG32.CPL
If the mlcfg32.cpl registry entry does not exist, you must create it. To do this, follow these steps:
a. Right-click the Cpls registry subkey, point to New, and then click String Value.
b. type mlcfg32.cpl as the name of the registry entry.
c. Double-click the mlcfg32.cpl registry entry, type Drive:\Program Files\Microsoft Office\Office12\MLCFG32.CPL in the Value Data box, and then click OK.
5.Exit Registry Editor, and then open Control Panel. The Mail icon is displayed as expected.
In fact, there are other ways to get back the Mail icon. Let's talk about it later.
建立一个文本文件,里面包含新老计算机名 ex.
name.txt
oldname1;newname1
oldname2;newname2
oldname3;newname3
oldname4;newname4
再用 For 命令+netdom 来做批量重命名
命令行下:
FOR /F "tokens=1,2* delims=;" %i IN
(name.txt) DO netdom renamecomputer %i /newname:%j /userD:xxx\gop022
/passwordd:* /usero:admin /passwordo:* /reboot:1 /force
把 userD usero 以及相应的 password 换成你自己的环境
如果是用批处理,记得把 %i, %j 替换成 %%i,%%j
For 的具体用法请参见 windows 帮助文件
很多M$不提供公开下载的补丁可以在这里找一找.
需要迁移的物理机: Dell PowerEdge 850 OS: Windows Server 2003 SP1 简体中文标准版
安装有 ADS, Virtual Server 2005 R2 和 VSMT 的宿主机: PowerEdge 860 OS:Windows Server 2003 SP1 英文企业版
在该环境中另外还有一台DHCP Server
废话少说,开始!
一.安装
除了需要迁移的物理机以外,我们需要另外一台安装有 ADS 和 VSMT 的Windows Server 2003
Enterprise Edition 的服务器.
1. 安装 ADS 1.1
下载页面: http://www.microsoft.com/downloads/d...displaylang=en
• 支持的操作系统: Windows Server 2003
ADS 1.1 只能安装在 Windows Server 2003 企业版上,不支持标准版.
具体的系统需求可以在 Automated Deployment Services System Requirements page 找.
Server Model : Dell 1950 or 2950,
Network Card: Broadcom BCM5708C NetXtreme II GigE
OS: Windows 2003 R2 Ent. 64bit Version
Virtual Server: Microsoft Virtual Server 2005
问题:
一旦开启虚拟机 (Guest OS), 宿主机 (Host OS)上连接此虚拟机的网卡将无法与外部网络通信,虚拟机之间,虚拟机和宿主机,虚拟机和外部网络之间通信均正常. 关闭虚拟机后,宿主机恢复正常.
已证实是 Broadcom BCM570X 系列的网卡和 Virtual Server 2005之间存在兼容性问题,需要关闭网卡的 IPMI 管理功能
解决办法(任选其一)
1. 到 http://www.broadcom.com/support/ethernet_nic/netxtremeii.php 下载最新的 for win2003 64bit的驱动程序,更新到最新的即可.
驱动程序日期: 12/22/2006
驱动程序版本: 3.0.5.0
2.也是到 http://www.broadcom.com/support/ethernet_nic/netxtremeii.php 页面,下载 DOS Diagnostic Utilities, 在页面最底部, 解出 ISO 中的 uxdiag.exe 文件,将其放到宿主机的硬盘上,最好是 FAT32 分区
接着用任意启动盘引导到纯 DOS 环境, 运行
uxdiag -c <devnum> -mfw 0
devnum= number of affected NIC (1 or 2)
mfw= enables/ disables fw 1 = Enable 0 = Disable
最后运行uxdiag -ver
确认 configuration 被设置成了 Auto only 而不是 MF,Auto
重启即可.
