I just completed a DC migration to 2008 R2 from 2003, and wanted to share my experience/procedure/thoughts/etc.
Prep the old domain with the new domain files, then promote the new dc, make sure DNS is working and all replicates, Transfer FSMO roles, Demote old Domain.
Continue reading “Migrate to 2008 R2 Domain Controller from 2003 R2”
Install OpenManage Server Administrator
wget -q -O - http://linux.dell.com/repo/hardware/latest/bootstrap.cgi | bash
yum -y install srvadmin-all
Your system homepage is now availible via https://hostname:1311, where hostname is the hostname of your server.
Install Firmware/Bios Management Tools
yum install dell_ft_install
yum install $(bootstrap_firmware)
Now run either inventory_firmware or inventory_firmware_gui to view your firmware versions, and perform firmware upgrades.
Windows Update error 800B0001
If you installed the Windows update engine update to your workstations, you’ll find that they can no longer communicate with WSUS.
If you update the WU agent on the workstations, they now have the hardening stuff and can no longer “talk” to WSUS. You now have to install the update for WSUS 2720211.
This sucker is an all or nothing. You can’t just update the clients without needing the server up’d as well.
Set up WSUS. To do this, at a command prompt, type one of the following commands, as applicable to your system:
WSUS-KB2720211-x64.exe /q C:\MySetup.log
REBOOT wsus server after
In Win2k3 I used httpcfg to tell IIS to listen to specific IP addresses on the server. I want to run Apache with VisualSVN Server on port 80 on another IP address but IIS7 binds to all ip addresses by default.
What utility for IIS7 controls the IIS7 bindings?
Update: I found the answer. There is a utility called netsh.
netsh http add iplisten ipaddress=xxx.xxx.xxx.xxx
By default there are not IP addresses on the list so IIS7 will bind to all IP addressed. If you add one IP to the list it will listen to just that IP or any IP added to the list. It is necessary to restart IIS7 for the change to take affect.
Add group sftponly
edit sshd config
# override default of no subsystems
#Subsystem sftp /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp
Match Group sftponly
chown root FOLDER for the home directory (and every directory to /)
ssh won’t work, but sftp will work all users in sftponly group.
I will be using this blog to store things that i think are cool, and or reviews of items.