Finally the help of IT is here

Blog of computer solutions.

What's new in Windows Server 2012.

Posted by Xaus Xavier Nadal on June 7th 2012

Good Morning.

I pass some of the innovations that I have really enjoyed a lot.

The first developments with the Kerberos authentication will favor changing passwords to remote users who do not currently asks for a password change when connected via VPN, now you can take advantage of Kerberos authentication for dealing with remote connectivity problems related to lack of connectivity to the controller domain. To do this, you can create proxy connections message authentication and Kerberos password change for users of Remote Desktop DirectAccess or requesting access to the domain.

Compression KDC resource group. With this change, users located in large organizations where the user is a member of many groups, both local, global or universal no longer have problems of slowness or failures in authentication and data will tablets and size of the service ticket it will be much lower with subsequent improvement.

Megacrack read »

tags: , , , , , , , , , , ,
Posted by Active Directory, security, server, Windows, windows server 2012 | No Comments »

List users that have added computers to the domain.

Posted by Xaus Xavier Nadal 12th on May 2012

Good Morning.

Today we will explain Powershell script that developed in all it does it is make a list of the equipment added to the domain and the user has entered.

And perhaps you will wonder to us is this for?

Well, if you have an Active Directory structure "unretouched" ie new machines introducís in the domain are stored in the computers container instead of an organizational unit (OU) within a structure of country, city, department etc ..., and at some point need to detect who added this computer to the domain to ask that person for that company was going or what equipment is to then order it in AD, just by running this script will be able to detect that machine and person is responsible for the inclusion to the domain.

To do this you will need to have powershell installed Managment Active Roles or add the following line of text at the beginning of the script.

add-PSSnapin quest.activeroles.admanagement

The script is as follows and has been developed (by one of our staff blog that likes to live in anonymity) and improved by one of the best Powershell scripters in the world which in recent Scripting Games 2012 was 4º in LEADERBOARD (Albert Fortes).

[Email protected](Get-QADComputer -Searchr "<Domain>/ Computers "| select . @ {. Expression = {$ _} Name; Name = "Computer"}, @ {Expression = {((Get-QADPermission ($ _ canonicalName) SilentlyContinue | Select Account .Account | Select samaccountname) .Samaccountname}; Name = "Username"})

$ Result | ft -AutoSize

The script is checked (Do not be afraid to run it, is a query only active directory to a bit complicated to explain ..) Anyone who is intrigued can post in the comments ..

I hope you have been helpful.

tags: , , , ,
Posted by Active Directory, equipment, PowerShell, powershell | No Comments »

Install Active Roles Powershell + Management for Active Directory

Posted by Xaus Xavier Nadal 12th on May 2012

This article consists of How to install powershell on windows y How to manage active directory from powershell.

First of all tell you that in Windows Vista, 7, 2008 Windows, on ... is already listed as installed software, but:

Where to Find tools for windows powershell 2003?: The can download from windows update (As an optional software) to today (Powershell 2.0). When installing you will find them at: Home -> All the programs -> Accessories -> Windows Powershell.

Where to find the necessary to use powershell with Active Directory tools: We will download from the link below http://www.powershelladmin.com/wiki/Quest_ActiveRoles_Management_Shell_Download ActiveRoles Management Shell file for 32 or 64 bits.

Active Roles Management installed for Active Directory software. In the installation itself we will be asked to change the security of our performances powershell, you must make a choice Powershell execution policy change from "Restricted" to "AllSigned" this will make any program not signed in powershell can be executed (is lower security, but to ensure that all the scripts that perform work or unload) (Be careful from now on to run unknown code in .ps1 format).

Megacrack read »

tags: , ,
Posted by Active Directory, PowerShell, powershell | No Comments »

Advertise in Blogger

Posted by Xaus Xavier Nadal 29th on April 2012

Today we will explain how to insert an advertising code in your Blogger blog technology developed under, let's do a little more complicated than usual, I explain:

This article will get to place one ad in an article by blogger but this appears on the home page Blog because as you know that you have adsense usage policies prevent us from putting more than 3 advertising blocks of the same type on one page.

The first thing to do is access the administration of our Adsense account manager or advertising that you have, and get the advertising code that best suits your blog measures.

For example the code we have chosen today is this: a banner 468 × 60

<script type=»text/javascript»><!–
google_ad_client = «ca-pub-2342147052953367»;
/ * Contessota * /
google_ad_slot = «6351243105»;
google_ad_width = 468;
google_ad_height = 60;
/ / ->

<script type=»text/javascript»
src=»http://pagead2.googlesyndication.com/pagead/show_ads.js»>

When you have pulsáis code on any of these links 2 convert the HTML to plain text entirely understandable blogger.

http://nosetup.org/php_on_line/convertir_html_texto

http://blogcrowds.com/resources/parse_html.php

We should look something like the following:

<script type="text/javascript"> <! -
google_ad_client = "ca-pub-2342147052953367";
/ * Contessota * /
google_ad_slot = "6351243105";
google_ad_width = 468;
google_ad_height = 60;
/ / ->
</ Script>
<Script type = "text / javascript"
src = "http://pagead2.googlesyndication.com/pagead/show_ads.js">
</ Script>

From this moment we only define where to place advertising on our blog.

We access our blogger blog administrator account and we are located on the menu Template.

Megacrack read »

tags: , , , , , , , , , , , , , ,
Posted by Active Directory, Google, Advertising | No Comments »

Single Sign On with ADFS to Google Apps.

Posted by Xaus Xavier Nadal 17th on March 2012

This article will explain step by step what we need to do to get an authentication Single Sign On (SSO) through protocol SAML through a server Active Directory Federation Server 2.0 (ADFS 2.0) y Google Apps (gapps) as Backend.

Ultimately that with our domain user can validate we at any website without knowing the password of the service that we are going to connect (only with our current domain credentials will we be able to enter Google Apps without double authentication).

This procedure may be used for different types of entities that require authentication of a server frontend for SAML requests.

But first I will explain a little what this is SAML and because we have chosen this as complicated rather than a user database in the cloud or a direct integration to LDAP solution.

The issue of safety is always important to have open ports to our LDAP from the cloud has never convinced me, so we had two options (integrate the system with a database on Google or simply an integration of SAML without having to open ports on the firewall without having to maintain a database of users and passwords in the cloud). The answer was simple. SAML.

But what is and what is the SAML protocol?

8 consists of "simple" steps.

1.- The user makes a request for access to the web to which you want to access. For example http://www.google.com/a/megacrack.es

2.- Google Apps in this case the user responds with the identity provider to which you must send the request for SSO. For example .com/adfs/ls»>.com/adfs/ls»>.com/adfs/ls»>.com/adfs/ls»>http://saml.<dominio>.com/adfs/ls

3. - The user passes the identity provider (in our case Active Directory Federation Server) access credentials using Single Sign On (Collect credentials last logged into the domain) or in this case a screen asking credentials to be the same as the domain.

4.- The Identity Provider returns the user with an XHTML form as follows:

<Form method = "post" action = "https:. // Saml <domain> .com / SAML2 / SSO / POST" ...> <input type = "hidden" name = "SAMLResponse" value = "response" / > ... <input type = "submit" value = "submit" /> </ form>

5.- The user transfers a POST request to the web that will confirm authentication. The value of the SAML response is collected XHTML code.

6.- the response is processed, the service provider creates a safe environment and redirects the user to the destination.

7.- The user restarts the access request (https://www.google.com/a/megacrack.es/acs)

8.- In the event that the environment is safe, the service provider returns control to the user who finally agrees to the web.

It sounds complicated but really is as simple as the following:

Users access 1.- http://correo.megacrack.es

2.- you are shown a screen like this where you should put your domain credentials to the user.

Validation

3.- The user accesses the site without problems.

And if the system worked as it should not go out or even the previous screen (automatically would pick the logon credentials Windows).

Megacrack read »

tags: , , , , , , ,
Posted by Active Directory, certified, Google Apps, Google Apps, IIS, Single Sign On | 4 Comments »

G|translate Your license is inactive or expired, please subscribe again!