An authentication error has occurred. The Local Security Authority cannot be contacted

September 14, 2011 11 komentar

Symptom:

Ketika remote desktop terhadap Windows Server 2008 machine, dan muncul error sepertindibawah ini:

An authentication error has occurred.  The Local Security Authority cannot be contacted.  Remote computer: xxxxxxxx

Solution:

Merubah Remote Desktop Security – pada server yang di tuju tadi,

Start –>Klik kanan pada Computer –> klik Advanced System Settings -> Remote Tab -> Allow connections from computers running any version of remote desktop (less secure).

Semoga bermanfaat.

Regards,

Nana Sutisna

Iklan
Kategori:Error

Cara membuat Windows Service Depedency

Juli 19, 2011 2 komentar

Terkandang kita menginginkan salah satu service berjalan setelah service yang lainnya berjalan (Service Depedency). Hal ini bisa dilakukan dengan merubah windows regestry caranya:

1. Open registry editor:
Start -> Run -> regedit

2. Cari service yang akan ditangguhkan jalannya (service yang tergantung pada service lain) :
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\

3. Jika sudah terdapat  “DependOnService” value, simple saja tinggal merubahnya dengan menuliskan service yang berjalan sebelum service yang diedit.

Jika tidak ada  “DependOnService” value, buat saja dengan cara:

– Klik kanan service name -> New -> Multi-string value
– Tuliskan DependOnService, kemudian tuliskan nama service yang akan berjalan sebelum service yang diedit.

Untuk meyakinkan service yang dituliskan itu benar, Klik kanan pada service yang dimaksud, pilih properties dan lihat service name. Sebagai contoh IIS Admin Services nama service-nya adalah IISADMIN

4. Setelah selesai mengedit, komputer perlu di restart. Setelah di restart bisa dipastikan dengan membuka service yang di edit tadi, klik kanan –> properties –> lihat pada depedency tab.

Semoga bermanfaat,

Nana Sutisna

Kategori:Artikel

Antara Automatic dan Automatic Delayed

Pada windows server 2008 terdapat type baru dari start-up yaitu Automatic Delayed. Service yang di set dengan type ini akan running setelah system selesai booting atau jika  semua service yang di set automatic running. Berbeda denga type Automatic, service ini berjalan ketikan system sedang booting.

Semoga bermanfaat,

Nana Sutisna

Kategori:Artikel

Unexpected shutdown dan Blue Screen

Juli 19, 2011 3 komentar

Hmm, problem ini yang kadang bikin report, harus mencari kenapa sih penyebabnya. Tapi syukur deh windows sudah menginformasikan masalahnya melalui log yang dibuatnya. Log tersebut biasanya terdapat pada C:\Windows\Minidump atau C:\Windows\LiveKernelReports\WATCHDOG yaitu berupa dump file (.dmp). Tapi dump file ini tidak bisa dibaca dengan notepad atau wordpad, jadi untuk membacanya perlu tool yang bisa di download http://msdn.microsoft.com/en-us/windows/hardware/gg463009.aspx. Untuk referensi lain baca juga di sini http://support.microsoft.com/kb/315263

Semoga bermanfaat,

Nana Sutisna

Kategori:Error

Script disabled user dan move ke OU lain

Juni 10, 2011 32 komentar

Script ini berfungsi untuk disabled banyak user dan kemudian dipindahkan ke OU yang diinginkan. Sebelum menjalankan script ini buatkan terlebih dahulu dua  file .txt, file yang pertama (dn.txt) akan di isi dengan distinguishedName dan file .txt ke-dua (log.txt) untuk mencatat hasilnya (kalau mau sedikit report buat aja script untuk create file ini). Untuk mendapatkan distinguishedName bisa pakai script disini

strDisableAccount = TRUE
strNewParentDN = “LDAP://OU=Disabled Accounts,DC=contoh,DC=com”

Const ForReading = 1
Const ForAppending = 8

Set objFSO = CreateObject(“Scripting.FileSystemObject”)

Set objFile = objFSO.OpenTextFile(“C:\dn.txt”, ForReading)
Set objApp = objFSO.OpenTextFile(“C:\log.txt”, ForAppending, True)

While not objFile.AtEndOfStream

    objApp.WriteLine vbCrLf

    strUserDN = objFile.Readline

    objApp.WriteLine strUserDN ‘& vbCrLf

On Error Resume Next

set objUser = GetObject(“LDAP://” & strUserDN)

If Err.number = -2147016656 Then

          objApp.WriteLine “Error: check status of object :” & strUserDN

          ‘wScript.Echo Err.Description, apgSeverityError, Err.Number

End If

if objUser.AccountDisabled = TRUE then

   objApp.WriteLine “Account for ” & objUser.Get(“cn”) & ” currently disabled – not moved”

else

   ‘objApp.WriteLine “Account currently enabled”

   if strDisableAccount = TRUE then

      objUser.AccountDisabled = strDisableAccount

      ‘WScript.Echo “Previous Description: ” & objUser.Get(“description”)

      ‘objUser.Put “description”, “#### Disabled and moved to Disabled Accounts OU via script”

      objUser.SetInfo
    
      objApp.WriteLine “Account disabled”

      set objCont = GetObject(strNewParentDN)’

                  objCont.MoveHere “LDAP://” & strUserDN, vbNullString

                 ‘ WScript.Echo “Account for ” & objUser.Get(“cn”) & ” moved to new OU”                               

   end if

end if

set objUser = nothing

Wend

objFile.Close
objApp.Close
WScript.Echo “Done”

Atau kalau mau ada juga softwarenya nih http://www.wisesoft.co.uk/software/bulkadusers/default.aspx

Semoga bermanfaat,

Nana Sutisna

Kategori:Script

Script merubah attribute Active Directory

Script dibawah adalah untuk mengedit attribute user, dan contoh script ini untuk hiden exchange address list dan disable OCS. Sebelum menjalankan script ini, buatkan terlebih dahulu file .txt yang akan di isi samAccountName.

Option Explicit
Dim strUser, rootDSE, adoConnection, ldapStr, adoRecord, objUser, objFso, objSrc

Set rootDSE = GetObject(“LDAP://RootDSE“)
Set adoConnection = CreateObject(“ADODB.Connection”)
adoConnection.Provider = “ADSDSOObject”
adoConnection.Open “ADs Provider”

Set objFso = CreateObject(“Scripting.FileSystemObject”)
Set objSrc = objFSO.OpenTextFile(“D:\src.txt”, 1)

While not objSrc.AtEndOfStream
  
strUser = objSrc.Readline

  ldapStr = “<LDAP://” & rootDSE.Get(“defaultNamingContext”) & “>;(&(objectCategory=Person)(objectClass=User)(samAccountName=” & strUser & “));adspath;subtree”

  Set adoRecord = adoConnection.Execute(ldapStr)
  If Not adoRecord.EOF Then
    On Error Resume Next
        Set objUser = GetObject (adoRecord.Fields(0).Value)
        objUser.Put “MSExchHideFromAddressLists”, “TRUE”   ‘–> hide from  exchange address list 
        objUser.Put “msRTCSIP-UserEnabled”, “FALSE”   ‘–> disable user for Office Communications Server (OCS)
        objUser.SetInfo
    On Error GoTo 0
 End If

wend

msgbox “Done”

Semoga bermanfaat,

Nana Sutisna

Kategori:Script

Check Point Commands

Maret 10, 2011 7 komentar

Check Point commands generally come under cp (general), fw (firewall), and fwm (management).

CP, FW & FWM

cphaprob stat List cluster status
cphaprob -a if List status of interfaces
cphaprob syncstat shows the sync status
cphaprob list Shows a status in list form
cphastart/stop Stops clustering on the specfic node
cp_conf sic SIC stuff
cpconfig config util
cplic print prints the license
cprestart Restarts all Check Point Services
cpstart Starts all Check Point Services
cpstop Stops all Check Point Services
cpstop -fwflag -proc Stops all checkpoint Services but keeps policy active in kernel
cpwd_admin list List checkpoint processes
cplic print Print all the licensing information.
cpstat -f all polsrv Show VPN Policy Server Stats
cpstat Shows the status of the firewall
fw tab -t sam_blocked_ips Block IPS via SmartTracker
fw tab -t connections -s Show connection stats
fw tab -t connections -f Show connections with IP instead of HEX
fw tab -t fwx_alloc -f Show fwx_alloc with IP instead of HEX
fw tab -t peers_count -s Shows VPN stats
fw tab -t userc_users -s Shows VPN stats
fw checklic Check license details
fw ctl get int [global kernel parameter] Shows the current value of a global kernel parameter
fw ctl set int [global kernel parameter]  [value] Sets the current value of a global keneral parameter. Only Temp ; Cleared after reboot.
fw ctl arp Shows arp table
fw ctl install Install hosts internal interfaces
fw ctl ip_forwarding Control IP forwarding
fw ctl pstat System Resource stats
fw ctl uninstall Uninstall hosts internal interfaces
fw exportlog .o Export current log file to ascii file
fw fetch Fetch security policy and install
fw fetch localhost Installs (on gateway) the last installed policy.
fw hastat Shows Cluster statistics
fw lichosts Display protected hosts
fw log -f Tail the current log file
fw log -s -e Retrieve logs between times
fw logswitch Rotate current log file
fw lslogs Display remote machine log-file list
fw monitor Packet sniffer
fw printlic -p Print current Firewall modules
fw printlic Print current license details
fw putkey Install authenication key onto host
fw stat -l Long stat list, shows which policies are installed
fw stat -s Short stat list, shows which policies are installed
fw unloadlocal Unload policy
fw ver -k Returns version, patch info and Kernal info
fwstart Starts the firewall
fwstop Stop the firewall
fwm lock_admin -v View locked admin accounts
fwm dbexport -f user.txt used to export users , can also use dbimport
fwm_start starts the management processes
fwm -p Print a list of Admin users
fwm -a Adds an Admin
fwm -r Delete an administrator

Provider 1

mdsenv [cma name] Sets the mds environment
mcd Changes your directory to that of the environment.
mds_setup To setup MDS Servers
mdsconfig Alternative to cpconfig for MDS servers
mdsstat To see the processes status
mdsstart_customer [cma name] To start cma
mdsstop_customer [cma name] To stop cma
cma_migrate To migrate an Smart center server to CMA
cmamigrate_assist If you dont want to go through the pain of tar/zip/ftp and if you wish to enable FTP on Smart center server

VPN

vpn tu VPN utility, allows you to rekey vpn
vpn ipafile_check ipassignment.conf detail‏ Verifies the ipassignment.conf file
dtps lic show desktop policy license status
cpstat -f all polsrv show status of the dtps
vpn shell /tunnels/delete/IKE/peer/[peer ip] delete IKE SA
vpn shell /tunnels/delete/IPsec/peer/[peer ip] delete Phase 2 SA
vpn shell /show/tunnels/ike/peer/[peer ip] show IKE SA
vpn shell /show/tunnels/ipsec/peer/[peer ip] show Phase 2 SA
vpn shell show interface detailed [VTI name] show VTI detail

Debugging

fw ctl zdebug drop shows dropped packets in realtime / gives reason for drop

SPLAT Only

router Enters router mode for use on Secure Platform Pro for advanced routing options
patch add cd Allows you to mount an iso and upgrade your checkpoint software (SPLAT Only)
backup Allows you to preform a system operating system backup
restore Allows you to restore your backup
snapshot Performs a system backup which includes all Check Point binaries. Note : This issues a cpstop.

VSX

vsx get [vsys name/id] get the current context
vsx set [vsys name/id] set your context
fw -vs [vsys id] getifs show the interfaces for a virtual device
fw vsx stat -l shows a list of the virtual devices and installed policies
fw vsx stat -v shows a list of the virtual devices and installed policies (verbose)
reset_gw resets the gateway, clearing all previous virtual devices and settings.

Source: http://www.fir3net.com/Firewalls/Checkpoint/checkpoint-commands.html

Semoga bermanfaat,

Nana Sutisna

Kategori:Artikel