Auto Add

Wednesday, 21 May 2014

Configure FTP Over SSL

One of the features is FTP over Secure Sockets Layer (SSL), which allows sessions to be encrypted between an FTP client and server. This document walks you through: setting up an FTP site; and, configuring that site to use SSL with the new FTP user interface, which allows you to directly edit the IIS 7.0 configuration files. It contains

Prerequisites

The following items are required to be installed to complete the procedures in this article:

  1. IIS 7.0 must be installed on your Windows 2008 Server, and the Internet Information Services Manager must be installed.
  2. The new FTP service. You can download and install the FTP service from the http://www.iis.net/ web site using one of the following links:
    • FTP 7.5 for IIS 7.0 (x64)
    • FTP 7.5 for IIS 7.0 (x86)
  3. You will need to create a root folder for FTP publishing:
    • Create a folder at "%SystemDrive%\inetpub\ftproot"
    • Set the permissions to allow access for the administrators group:
      • Open a command prompt.
      • Type the following command:
        ICACLS "%SystemDrive%\inetpub\ftproot" /Grant administrators:F /T
      • Close the command prompt.
Note: The settings listed in this walkthrough specify "%SystemDrive%\inetpub\ftproot" as the path to your FTP site. You are not required to use this path; however, if you change the location for your site you must change the site-related paths that are used throughout this walkthrough.

Creating a Self-signed SSL Certificate

In this optional task you will create a self-signed SSL certificate that you will use for testing your FTP site.
  1. Enter "My FTP Certificate" as the name for the new certificate, then click OK.
  2. Click Create Self-Signed Certificate in the Actions pane.
  3. Click your computer at the top node of the Connections tree, then double-click the Server Certificates feature.
  4. Open the Internet Information Services (IIS 7.0) Manager.

Creating an SSL-enabled FTP Site Using the IIS 7.0 Manager

Step 1: Use the FTP Site Wizard to Create an SSL-based FTP Site

In this first step, you create a new FTP site that can only be opened using your administrator account.
  1. On the next page of the wizard:
    • Select Basic for the Authentication settings.
    • For the Authorization settings:
      • Choose "Specified users" from the Allow access to drop-down.
      • Type "administrator" for the user name.
      • Select Read and Write for the Permissions option.
    • When you have completed these items, click Finish.
  2. On the next page of the wizard:
    • Choose an IP address for your FTP site from the IP Address drop-down, or choose to accept the default selection of "All Unassigned." Because you will use the administrator account later in this walk-through, make sure that you restrict access to the server and enter the local loopback IP address for your computer by typing "127.0.0.1" in the IP Address box.
    • You would normally enter the TCP/IP port for the FTP site in the Port box. For this walk-through, choose to accept the default port of 21.
    • For this walk- through, you do not use a host name, so make sure that the Virtual Host box is blank.
    • Make sure that the Certificates drop-down is set to your SSL certificate. For example, if you followed the optional step to create a self-signed certificate, the drop-down box should say "My FTP Certificate".
    • Make sure that the Allow SSL option is selected.
    • Click Next.
  3. When the Add FTP Site wizard appears:
    • Enter "My New FTP Site" in the FTP site name box, then navigate to the "%SystemDrive%\inetpub\ftproot" folder that you created in the Prerequisites section. Note: If you choose to type in the path to your content folder, you can use environment variables in your paths.
    • Click Next.
  4. Right-click the Sites node in the tree and click Add FTP Site, or click Add FTP Site in the Actions pane.
  5. Go to IIS 7.0 Manager. In the Connections pane, click the Sites node in the tree.
You have successfully created a new SSL-based FTP site using the new FTP service.

Step 2: Configuring Additional FTP SSL Settings

The SSL policy for FTP is customizable on a site-by-site basis. Different settings can be specified for the control and data channels. In this step, you configure additional SSL settings for your FTP site that ensure that all user credentials are encrypted, even if all other FTP activity is not.

  1. On the FTP SSL Settings page, click Apply in the Actions pane to save the SSL settings.
  2. When the FTP SSL Settings page displays, select the Custom option, and then click the Advanced button.
  3. In order to configure the SSL options, double-click the FTP SSL Settings icon to open the SSL settings feature page.
  4. Go to the IIS 7.0 Manager. Click the node for the FTP site that you created in Step 1. The icons for all of the FTP features display.
  5. When the Advanced SSL Policy dialog box is displayed:
    • When you have completed these items, click OK.


      •  Select the Require only for credentials option for the control channel. Note: This setting requires that all user names and password are encrypted via SSL, but the client can choose whether to encrypt all other control channel activity.
      • Select the Allow option for the data channel. Note: This setting allows the client to choose whether to encrypt any data channel activity.
      Thanks & Regards
        Srikanth Goud  - Virtualization Administrator
    at No comments:
    Labels:

    Set up SmarterMail as an IIS Site

    By default, SmarterMail installs a basic Web server that allows administrators to start using the application immediately after installation. However, SmarterTools recommends moving to a more robust and secure Web server, such as Microsoft IIS.
    The instructions for setting up SmarterMail as an IIS site differ slightly depending on whether you are using IIS 6.0 or IIS 7.0/7.5.  Applies to SmarterMail 8.x – 12.x

    Set up Smartermail as an IIS Site in IIS 6 :

    An overview of the instructions are:
    1. Disable the SmarterMail Web server
    2. Add Application pool
    3. Add SmarterMail to IIS
    4. Verify IIS Settings
    5. Update DNS
    6. Test the site
    Disable the SmarterMail Web Server
    These steps will stop and disable the web server included with SmarterMail. They will also have the side-effect of disabling the shortcut on SmarterMail on your desktop until you update it with the new URL for SmarterMail.
    1. Click on Start -> Program Files -> SmarterTools -> SmarterMail -> Configure SmarterMail Web Server.
    2. Click on the Stop button.
    3. Change the Startup Mode to Disabled
    4. Click on the Apply button.
    5. Click the Close button.
    Add an Application Pool
    Follow these steps to add an application pool:
    1. Click on Start -> Control Panel -> Administrative Tools -> Internet Information Services (IIS) Manager.
    2. Right click on Application Pools and choose New -> Application Pool.
    3. Name the pool SmarterMail (or something equivalent) and click OK.
    4. Click Close.
    Add SmarterMail to IIS
    Follow these steps to add SmarterMail to IIS:
    1. Click on Start -> Control Panel -> Administrative Tools -> Internet Information Services (IIS) Manager.
    2. Right-click on the web sites tree on the left of the page and choose New -> Web Site.
    3. When asked for a description, type SmarterMail
    4. Choose the IP address to use for webmail. If this IP address is shared with another web site, you will need to use a different port or Host Headers. For more information about using Host Headers, refer to the IIS documentation.
    5. For the physical path, browse to the SmarterMail\MRS folder. The default location is: C:\Program Files (x86)\SmarterTools\SmarterMail\MRS.
    6. Leave the “Allow anonymous access to this web site” box checked.
    7. When asked what permissions to grant, choose only Read and Run Scripts.
    8. Finish the Wizard.
    9. Go to Property of the site and then Home Directory tab
    10. From Application pool select the SmarterMail application pool you created
    11. Click OK
    Verify IIS Settings
    Follow these steps to verify the IIS settings:
    1. If you are using Windows 2003, verify that ASP .NET v4.0 Web Service Extension is set to Allowed in IIS. If you do not see ASP .NET under Web Service Extensions, ensure that ASP .NET is enabled in the Application Server. You can do this by going to: Control Panel -> Add/Remove Programs -> Windows Components -> Application Server -> Details.
    2. Ensure that the default document for the site is Default.aspx (under the Documents tab).
    3. For better performance, set HTTP content expiration for 7 days on the App_Themes folder unless you are actively creating a new skin.
    4. In Windows 2003, alter application pool’s performance tab to disable the “Shutdown worker process after being idle for,” or change it to a high value, like 240.
    Update DNS
    If any domains are already set up with SmarterMail, make sure to update their Webmail DNS records to point to the new IP address.
    Test the site
    Open up your browser and type the IP address of the site you just added.
    ================================

    Set up Smartermail as an IIS Site in IIS 7/7.5

    An overview of the instructions are:
    • Disabling the SmarterMail Web server
    • Adding a new application pool for SmarterMail
    • Adding SmarterMail to IIS
    • Verifying IIS Settings
    • Updating DNS
    • Testing the site
    Disabling the SmarterMail Web Server
    These steps will stop and disable the default web server that is included with SmarterMail. This will also have the side-effect of disabling any shortcut for SmarterMail that may be placed on your desktop until you update it with the new URL for the SmarterMail site created in IIS.
    1. Click on Start -> Programs -> SmarterTools -> SmarterMail -> Configure SmarterMail Web Server
    2. Click on the Stop button
    3. Change the Startup Mode to Disabled
    4. Click on the Apply button
    5. Click the Close button
    Add an Application Pool
    Follow these steps to add an application pool specifically for SmarterMail:
    1. Open Internet Information Services (IIS) Manager
    2. Right click on Application Pools from the tree view and choose Add Application Pool
    3. Name the new application pool SmarterMail, or something similarly easy to identify
    4. Set the .Net Framework Version to v4.0.x
    5. Set the Application Pools Managed Pipeline to ‘Integrated’
    6. Make sure “Start application pool immediately” is checked
    7. Click OK
    Add SmarterMail to IIS
    Follow these steps to add SmarterMail to IIS:
    1. Open Internet Information Services (IIS) Manager
    2. Click on your ServerName, and on the right side, under IIS, double-click ISAPI and CGI Restrictions
    3. Verify that ASP.NET v4.0 is allowed (If not, right click on ASP.NET v4.0.x and select Allowed)
    4. On the left side of the page, right click on Sites in the tree view and choose Add Website
    5. Name the site SmarterMail
    6. If you created an Application Pool name other than SmarterMail, click Select and choose the correct Application Pool
    7. For the physical path, browse to the SmarterMail -> MRS folder. The default location is C:\Program Files (x86)\SmarterTools\SmarterMail\MRS
    8. For Binding, choose an IP address to use for Webmail. If this IP address is shared with another Web site, you will need to use a different port or Host Headers. For more information about using Host headers, refer to the IIS documentation
    9. Make sure “Start Web site immediately” is checked
    10. Click OK
    Verify IIS Settings
    Follow these steps to verify the IIS settings. Please read each item carefully.
    1. In IIS Manager, click on your ServerName
    2. Under IIS, double click ISAPI and CGI Restrictions
    3. Verify that ASP .NET v4.0 is allowed. If it is not, right-click on ASP .NET v4.0 and select Allowed
    4. In the tree view, click Sites
    5. Expand (or double click) the SmarterMail site
    6. Click on the App_Themes folder
    7. Under IIS, double click HTTP Response Headers
    8. Under the Action menus, click Set Common Headers
    9. Enable the Expire Web content setting
      • Click After
      • Add 7 for the number of days
    10. Click OK
    11. Click on Application Pools in the tree view
    12. Right click on the SmarterMail application pool and select Advanced Settings
    13. Under the Process Model heading, ensure the the Identity is set to the NetworkService account
    14. From the Start menu, open Administrative Tools and select Services, then verify that the World Wide Publishing Service is running.



    Thanks & Regards

      Srikanth Goud  - Virtualization Administrator 
    at No comments:
    Labels:

    Automatic Logon for Windows 8,Windows 7, Vista, XP, Server 2008

    if you have a machine that is dedicated to a task that needs to startup and login as a specific user automatically should it ever be reset/restarted/power cycled… It really is quiet simple! I remember I used to modify a few keys in the registry to make this happen however it seems this is no longer required. Enter, the control userpasswords2 menu!
    • Start by holding the Windows Key (between ALT and CTRL) and pressing R
      This will open the RUN window.
    • In the RUN window that opens type the following.
      • control userpasswords2
      Then press OK or enter. see image below(screen shot from windows 8.1).








    Following That you will be presented with the below menu. Uncheck the box shown below that says ‘Users must enter a user name and password to use this computer.’ and then click Apply

     

















    After clicking Apply you will be given a login box, as seen below, where you can enter the login credentials that will be used upon startup to auto log the machine in.











    Select OK and OK out of the “userpasswords2″ User Accounts window and test your new configuration.
     So this is a basic one and a quick one that comes up quiet often. Be it to improve the startup performance of your PC. I’d like to point out that this is not a very secure function and I would recommend against it, however in some circumstances it is a requirement and for that reason I’ve done this short post.


    Thanks & Regards
      Srikanth Goud  - Virtualization Administrator 
    at No comments:
    Labels: , ,

    Tuesday, 20 May 2014

    Remove Security Tab from Folder Properties in Windows 7

    If you want users will not able to change access permission of all Folder , file then you can remove Security tab from all folder and file properties . you can remove Security Tab through Group Policy Editor .

    Follows these step to Remove Security tab.....................

    1. Click Start button , then type gpedit.msc and press Enter .








    2. On  Local group policy Editor window , Click on User Configure => Administrative Templates => Windows Components , then on the Right pane Double-click on Windows Explorer .





















    3.  Right-Click on Remove Security tab , then click on Edit
















    4. Click on Enable Radio Button , then Click on Apply and OK .













    Now go to  Folder Properties and see Security tab has been Removed .
















    Thanks & Regards
      Srikanth Goud  - Virtualization Administrator 
    at No comments:
    Labels:
    Subscribe to: Comments (Atom)

    Microsoft Intune, a Compliance Policy

      In Microsoft Intune, a Compliance Policy is a set of rules and settings that a device must meet to be considered "healthy" and ...