Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog


Channel Description:

Resources for IT Professionals

older | 1 | .... | 807 | 808 | (Page 809) | 810 | 811 | .... | 889 | newer

    0 0

    A Happy New Year!!

    This is the first post of Wiki Ninjas Blog in 2016. I'm happy to have this opportunity to contribute this post.

    In Kyoto that is my hometown, although it was heavy snow last year, it's very fine this year!

    Let's go happily this year too. The end of December is as follows:

    The topic of this month:

    • The language which earned number of articles most in this month is Portuguese! It's the first time since November 2012.
    • No order change.

    Look Back on 2015

    I looked back the number of articles contributed for one year.

    The topic of this year:

    • The activity of English(en-GB) and Polish stood out!
    • Continuing from last year,the higher group have contributed many articles.
    • The number of articles decreased in several languages.

    How was last year? I'm looking forward to being able to collaborate with you this year too.

    Thank you!!

    Tomoaki Yoshizawa (yottun8)
    Blog: blog.yottun8.com
    Facebook: Tomoaki Yoshizawa
    twitter: @yottun8
    TechNet Profile: Tomoaki Yoshizawa


    0 0

    K tomuto článku jsme vydali powerpoint prezentaci s videem.

    Kterou najdete na https://mix.office.com/watch/1cf9dom3tlh0t . Textová část je součástí tohoto článku.

    praktický příklad - vizualizace dat z Facebooku

    Zde si ukážeme komplexní příklad využití Power BI Desktop pro analýzu a vizualizaci dat získaných pomocí konektoru do FB.

    Zde jsou základní kroky:

     

    • Krok 1: Připojit se k Facebookové stránce

    • Krok 2: Vytvořit vizualizaci pomocí sestav

      • Část 1: Vytvoření vizualizace Mapa stromové struktury

    • Krok 3: Úprava dat v tabulce pomocí Editoru dotazů

      • část 1: Rozdělení sloupce s datem a časem do dvou sloupců

    • Krok 4: Vytvoření dalších vizualizací na straně sestava

      • část 1: Nahrání dotazu do sestavy

      • část 2: Vytvořit Skupinový sloupcový graf

     Krok 1: Připojit se k Facebookové stránce

    Pokud máte svůj účet na Facebooku, tak se pomocí konektoru k němu připojíme.

     

    1. Na záložce Domů vybereme možnost Získat data.

          2. V dialogu Získat data v části Další vybereme Facebook


    Po té co klikneme na Připojit se objeví upozornění na Připojování ke službě třetích  stran .


    Po kliknutí na Pokračovat se v dialogovém okně Facebook vybere z rozbalovacího menu Připojení volba Příspěvky

    Klikněte OK.

    Po vyzvání k zadání pověření, přihlaste se pomocí svého Facebook účtu a umožní přístup Power BI prostřednictvímvašeho účtu.

    Po navázání připojení ke stránce, uvidíte data, která jsou načítána do modelu.

    Editor dotazů zobrazí data. Editor dotazů je součástí Power BI Desktop, ale zobrazen v samostatném okně, kde se provádí všechny transformace a dotazy  na  datové připojení.

    Pokudvaše datajsou očištěna a připravena, tak je můžete načíst doPowerBIDesktop.Zvoltezavřít a použít.

    Zobrazí se dialogové okno, které zobrazuje průběh načítání dat do datového modelu Power BI Desktop.

    V pravé části obrazovky v části Pole se zobrazí Dotaz1 na který kliknete a zobrazí se názvy jednotlivých sloupců z původní  tabulky.


    Krok 2  Vytvořit vizualizaci pomocí sestav
    Nyní, když jste stáhli data ze stránky, můžete snadno a rychle získat přehled o datech, pomocí vizualizace.

    část 1: Vytvoření vizualizace Mapa stromové struktury (Treemap)
    Vytvoření vizualizace je snadné, prostě přetáhněte pole ze seznamu polí a umístěte jej na  stránku Sestava.
    Vybereme si typ grafu a poté přetáhneme z Pole položku type  do části Vizualizace Osa to samé opakujeme, ale do části Hodnota.

    Můžeme snadno změnit typ vizualizace výběrem jiné ikony z panelu vizualizaci. Pojďme změnit typ na  Mapa stromové struktury( Treemap)

    výběrem jeho ikony z vizualizace, jak je znázorněno na následujícím obrázku.

    Dále pojďme přidat legendu, pak změnit barvu datového bodu. Vyberte ikonu Format v podokně Vizualizace; ikona Formát vypadá jako štětec.

    Přidáme popisky, změníme barvu i typu dat link na modrou.

    Krok 3 Úprava dat v tabulce pomocí Editoru dotazů
    část 1: Rozdělení sloupce s datem a časem do dvou sloupců
    V tomto kroku budete chtít rozdělit created_time sloupec a získat data a časové hodnoty. Kdykoliv jste v Power BI Desktop a chcete upravit existující dotaz,

    musíte spustit Editor dotazů. K tomu, zvolte Upravit dotazy na kartě Domů.

    V Editoru dotazů přejedeme do sloupce created_time. Klikneme na záhlaví pravým tlačítkem myši a vybereme položku Rozdělit sloupec - Oddělovačem



    Přejmenujeme   created columns na created_date a created_time.
    Sloupec created_time změníme na typČas  a to tak, že pravým tlačítkem myši na záhlaví se objeví možnost Změnit typ a vybereme volbu Čas.


    Dále z tohoto sloupce vytvoříme nový sloupec Hour, kde budou pouze celé hodiny. Postup je následující
    Na záložce Přidání sloupce  vybereme Čas a Hodina.

    Tímto se vytvořil nový sloupec Hour, který je v typu desetinné číslo, tento typ změníme na celé číslo.

    Vidíme celý použitý postup:

    Krok 4: Vytvoření dalších vizualizací na straně sestava


    Nahrání aktualizovaných dotazů a vytvoření nového sloupcového grafu a vytvoření Karty s celkovým počtem příspěvků viz obrázek níže.


    Nahrání aktualizovaných dotazů do sestav
    Použijeme v Editoru dotazů tlačítko Zavřít a použít. Tím se dostaneme do režimu tvorby sestav.

    Vytvoření nového sloupcového grafu a vytvoření Karty s celkovým počtem příspěvků
    Vybereme prázdné místo na Stránce 1 a klikneme v části Vizualizace na Skupinový sloupcový graf.
    Do hodnoty Osa přetáhneme sloupec Hour (hodiny),do legendy type a do hodnoty type, zde se vytvoří počet jednotlivých typů( Count of type).

    Poslední vizualizaci, kterou k naší analýze přidáme, bude celkový počet příspěvků na Facebooku pomocí Karty.
    Vybereme prázdné místo na Stránce 1 a klikneme v části Vizualizace na Karta.
    Do jediného políčka Pole přetáhneme type a zde se opět vytvoří počet jednotlivých typů( Count of type).

    Nyní už zbývá jen náš projekt uložit a publikovat do cloudového úložiště Power BI.

    K publikování musíte být přihlášení ke svému účtu.

    Poté začne zveřejňování do Power BI.

    Kliknutím na Otevřít Analýza FB.pbix v Power BI se otevře sestava v online prostředí.

    A to je vše :-) pokud jste dočetli až sem,  gratuluji Vám a věřím, že jak článek i videa byly vaším pomocníkem.

    Mnoho úspěšných analýz v roce 2016 Vám přeje Karel Rejthar.

    Autor: Karel Rejthar - MIE Educator


    0 0

    Summary: Learn how to target content to save with the Save-Help cmdlet.

    Hey, Scripting Guy! Question How can I use Windows PowerShell to save the Help content for a single module?

    Hey, Scripting Guy! Answer Use the –module parameter with the Save-Help cmdlet, for example:

    Save-Help –module Dism –destination C:\Foo\


    0 0

    I want to introduce an application about Sharepoint and MSSQL Server writen by Erdem Avni Selçuk. With this application, you can calculate average Sharepoint Content database size and get an idea of disk space required. The application uses the Microsoft Best Practice's formula.

    Sizlere SharePoint ve MSSQL ile alakalı Erdem Avni Selçuk tarafından yazılmış yeni bir SharePoint uygulaması tanıtmak istiyorum. Bu uygulama Microsoft Best Practice’ler ile belirtilen SharePoint için MSSQL database boyutu hesaplama formüllerini kullanarak sizlere ortalama olarak SharePoint Content veritabanınız için ne kadar alana ihtiyacınız olduğunu kolay ve pratik bir yönden hesaplayarak gösterir.

    You can install it on your mobile device for free from Google Play Store. Also, the Application has a very useful and simple user interface. As a consequence there is both low power/battery usage and processing requirement. The application is self contained, it needs no extra library.

    Program Google Play üzerinde yayında olup herhangi bir özel yetki istemeden telefonunuza kurulabilmektedir. Ayrıca UI olarakta gayet sade ve ek kütüphaneler kullanılmadığından Pil kullanımı ve performans gibi sorunlarıda telefonunuzu kullanırken sizi etkilemeyecektir.


    You can see an application screenshot below, and you can try it here

    Aşağıda programın ekran görüntülerini bulabilirsiniz.  Uygulamayı buradan indirerek deneyebilirsiniz.

    This application was created by Storage and SQL Server capacity planning and configuration ( SharePoint Server 2013) as a referance article.

    The application calculates the database size by referanced TechNet article.

    Input Value

    Number of documents (D)

    200,000

    Calculated by assuming 10,000 users times 20 documents

    Average size of documents (S)

    250 KB

    List items (L)

    600,000

    Number of non-current versions (V)

    2

    Assuming that the maximum versions allowed is 10

    Database size = (((200,000 x 2)) × 250) + ((10 KB × (600,000 + (200,000 x 2))) = 110,000,000 KB or 105 GB

    SharePoint Database Calculator uygulaması Microsoft tarafından yayınlanan “Storage and SQL Server capacity planning and configuration ( SharePoint Server 2013)“ makalesini referans alarak hazırlanmıştır. Verimlilik kategorisinde kullanabileceğiniz bu basit uygulama makalede de belirtildiği gibi aşağıdaki referans değerleri alarak hesaplamada bulunur.

    I hope this application develops more, and I hope you download it. After a try, please give some feedback.

    SharePoint Database Calculator uygulamasının daha gelişmesini umar bu ufak ve faydalı programı indirip denemenizi ve Google Play üzerinden feedbacklerinizi de iletmenizi umarız.

    Turkish Wiki Ninja

    Davut


    0 0

    Summary: Learn how to parse a here-string with Windows PowerShell.

    Honorary Scripting Guy, Sean Kearney, is here to show you a neat little trick.

    Anyone who has ever scheduled a PowerShell task knows that if you want to launch a cmdlet directly in PowerShell, you would launch it like this:

    PowerShell.exe –ExecutionPolicy Bypass –command ‘Get-ChildItem’

    No challenge there. It also does not end there. You can add some down-right complex stuff in there, for example:

    PowerShell.exe –executionpolicy Bypass –command ‘Set-ExecutionPolicy Bypass;Import-Module DeployImage; New-WindowsPeImage’

    This is an example of something I was playing with in the DeployImage module when launching PowerShell automatically.

    Then again, in many cases, a script would be much easier to run if you knew where the script actually was. The challenge I ran into was trying to put together really complex command while typing it in the parameter.

    Then it dawned on me, “Why not write it as a script to make sure it works?” Yeah, that was pretty obvious. But how would I flip it back to a command for the PowerShell.exe? This is where a here-string is perfect!

    Here I have an example of something that I was actually doing. I needed to take the following script and flip it to a command in the PowerShell.exe.

    Set-ExecutionPolicy -executionpolicy Bypass

    $USBDisk=(Get-Disk | Where-Object { $_.BusType -eq 'USB' -and '$_.IsActive' })

    $DriveLetter=($USBDisk | Get-Partition).DriveLetter

    Set-Location ($DriveLetter+':\DeployImage\')

    Import-Module ($DriveLetter+':\DeployImage\DeployImage.Psd1)'

    I then stored it as a here-string:

    $PowerShellScript=@'

    Set-ExecutionPolicy -executionpolicy Bypass

    $USBDisk=(Get-Disk | Where-Object { $_.BusType -eq 'USB' -and '$_.IsActive' })

    $DriveLetter=($USBDisk | Get-Partition).DriveLetter

    Set-Location ($DriveLetter+':\DeployImage\')

    Import-Module ($DriveLetter+':\DeployImage\DeployImage.Psd1)'

    '@

    Now all we need is to find where each line terminates and switch it with a semicolon.

    We can examine each byte in the here-string in the following manner:

    [byte][char]($PowerShellScript)[10]

    We would eventually notice that two characters at the end of each line are:

    • Ascii 13 (Return)
    • Ascii 10 (Linefeed)

    Although we can’t see or type these, we can represent these as a string in the following manner:

    $CRLF=[char][byte]13 + [char][byte]10

    Armed with this, we can now do something really neat—use the Replace method and switch out each carriage return/linefeed with a semicolon:

    $PowerShellCommand=$PowerShellScript.replace($CRLF,’;’)

    You can now use this in whatever fashion suits you—even if that means dropping it into the clipboard!

    Have fun and enjoy!

    I invite you to follow the Scripting Guys on Twitter and Facebook. If you have any questions, send email to them at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, always remember that with great PowerShell comes great responsibility.

    Sean Kearney, Honorary Scripting Guy, Cloud and Datacenter Management MVP


    0 0

    Summary: Access the $ENV object in Windows PowerShell to alter personal environment settings.

    Hey, Scripting Guy! Question How can I use Windows PowerShell to change a system environment variable such as the user %TEMP%?

    Hey, Scripting Guy! Answer You can read any personal environment settings by using $ENV:VariableName, then assigning a value.
               For example, to change your personal %TEMP% to a new location, use:

    $ENV:Temp=C:\Foo

    Note This presumes C:\Foo exists and will alter the variable for the present PowerShell session.


    0 0


     

    Last day of the year 2015, as a Team TechNet Wiki Ninja have done loads of new things in this year. We are stepping to New Year 2016 with great records! In our last two Thursday Council Spotlight we celebrated the SharePoint and PowerShell Guru Award winners and contributors. Reference Link is given below

    Thursday - Council Spotlight: 2015 Windows PowerShell TechNet Wiki - An Object of Desire!

    This is Just the Beginning! Go SharePoint! Go SharePoint!

    Together with the essence of SharePoint and PowerShell we have got 100 + articles in TechNet Wiki Guru competition. That's an amazing count in the year 2015.

    It's time for us to say Good Bye 2015 and to Welcome 2016! TechNet Wiki Ninja Team wishing you a very Happy New Year 2016!

    Through this blog we would like to get your feedback and suggestions to make Windows PowerShell category better than 2015! Below are few which we would like to share.

    1. Windows PowerShell Category in TechNet Guru Award should not contain any other articles - Like Office Server Automations, Third Party Solutions and Automations. This category should only contain Windows PowerShell tips and tricks.
    2. Shall we think about Desired State Configuration as separate category?
    3. While sharing articles in TechNet wiki - Please include PowerShell version with build numbers.
    4. We all should share codes in the same format! No plain text codes!
    5. We have created a new group in Linked In for Microsoft TechNet Wiki Ninjas (International Worldwide) - We should use this!
    6. Make heading precise by adding Tips or Tricks.
    7. Screen shot of the output is a must.
    8. Highlight the logic of your code!
    9. All the Windows PowerShell articles should be in same fonts, colors and size for uniformity.
    10. Can we plan for Windows PowerShell TechNet Wiki e-Book for every quarter? Reference Link

    We are waiting to hear more suggesstions to improve Windows PowerShell articles and let's connect to beat the track!

    Once again, we would like to thank you all Windows PowerShell contributors in the year 2015.

    Thanks and Regards,

    Microsoft TechNet Wiki Ninjas Team

     

     


    0 0

    I have the honor and the privilege to post this blog in the behalf of the TechNet Wiki Facebook groups admins.

    If you are a member of TechNet Wiki community, then this blog directed to you! It is our time to thank you for a great job, and post some of the information on decisions behind the scenes.

    History

    About two weeks ago we reached the decision that it's time to make some designing changes in the 'TechNet Wiki' pages at the Facebook groups. The main idea was to replace the veteran logo image, which served us well in the last several months, with a new logo for the year 2016. We asked the help of the community to design a new logo, which turned out as a great idea.

    Personally, I meant to get 2-3 options to choose from. Originally there was no intention to open a competition or two weeks of discussions, but it become much more. Several images were sent to us in private or posted in public. Members gave great feedback, some images have been improved and re-posted several times, and you helped us by voting for your choices for the best image. You can see all the pictures that made it into the final selection at the Facebook following link.

    Our New logo

    The TechNet Wiki Facebook council had to choose one image. A task which become VERY hard. There were too many pretty images, which was a shame to leave them without use (We will use all of them, in one way or another!). We just liked all your works! There was an idea to use several images in rotation, but there is some technical issue with implementing it (we might do in the future). Eventually, one image was chosen!

    * The TechNet Wiki Facebook Council members include all the admins of the main group and the local groups.

    Thanks

    We would like to take this opportunity to thank Davut Eren, who created our first logo, which served us till now.

    We thank all of you for participating the process of selecting the new logo. Well done to all who sent images, you really did great work, and to all these who send feedback, and to all these who took part in voting and discussing. The Images that made it to the final selection sent by: Dan Christian, Davut Eren‎, Kamlesh Kumar, and ‎Mustafa Kaya. Of course special thank to ‎Mustafa Kaya who posted the winning logo.

    * I personally want to thank all, and I want to say it was very fun to see the group so active :-)

    What Next?

    Continue to write technical articles, post them on the TechNet Wiki, and don't forget to publish a link in the Facebook group. It is great place to get feedback, which will help you improve the article, and it is the best way to promote it.

    There is much more to be done, and you are welcome to use your design abilities to help us with new designs for medals to the Ninja competition, banners to use for in blogs, Icons, and much more. For more information, please check this blog.

     

    Happy New Year!
    Ronen


    0 0

    Summary: Learn how to interactively update the Windows PowerShell prompt and title.

    Honorary Scripting Guy, Sean Kearney, is here today to have a little bit of fun with the Windows PowerShell console. Why not? It’s a Sunday, it’s the last day of my time off, and I feel like playing.

    There have been many posts online about the fun you can have with the $Host.UI.RawUI object in Windows PowerShell. You can use it to edit cursor locations, flip colors about…almost anything your little heart desires.

    Another fun little thing we’re going to play with is the Windows PowerShell prompt. Yes! You’re allowed to mess around with this. It’s completely OK because we’re going to make this change through our personal PowerShell profile.

    This means if we decide we don’t like what we did, we can remove it from the $Profile file and everything will revert to the default.

    For the first fun piece, were going to change the title on the PowerShell bar. It’s actually very easy to read and write to the $Host.UI.RawUI object. If you’d like to see the current title, simply access the WindowTitle property:

    $Host.UI.RawUI.WindowTitle

    If you’d like to have some fun, with one line, you can add the Time and Date to the current title:

    $Host.UI.RawUI.WindowTitle=(Get-Date).tostring()

    Sure, neat trick. But this only updates once, which is neat, but not really useful.

    I suppose I could find some funky cool way to play with events and triggering, but how about a simpler approach? How about each time I hit ENTER in the console, the Date and Time are updated? It wouldn’t be quite “real time,” but it would work. This is where we get to play with the PowerShell prompt.

    The prompt is actually a very simple PowerShell function. The neat thing is that you can edit this function. To pull up the properties of this function, access the ScriptBlock parameter:

    (Get-Command Prompt).scriptblock

    Here is the default code for the prompt in Windows PowerShell. If you look at it, it’s a just simple script that displays a line of text:

    "PS $($executionContext.SessionState.Path.CurrentLocation)$('>' * ($nestedPromptLevel + 1)) "
    # .Link
    # http://go.microsoft.com/fwlink/?LinkID=225750
    # .ExternalHelp System.Management.Automation.dll-help.xml

    Hmmm…An ongoing script, eh? I could have a lot of fun with this!

    I could even have the prompt beep every time I hit ENTER. I just need to redefine the function. To ensure that I maintain anything Microsoft wanted to be in there, I use the original code as a base at all times. Here we’ve added a single line to make it beep—just to be irritating:

    Function Prompt
    {
    "PS $($executionContext.SessionState.Path.CurrentLocation)$('>' * ($nestedPromptLevel + 1)) "
    [console]::beep(2000,500)
    # .Link# http://go.microsoft.com/fwlink/?LinkID=225750
    # .ExternalHelp System.Management.Automation.dll-help.xml
    }

    Isn’t that kinda neat? Because this simply a function (albeit a very special function, which is called every time we hit ENTER in the console), we could use this to update our title bar. But we could do so much more. This is the line that displays the current folder and path:

    "PS $($executionContext.SessionState.Path.CurrentLocation)$('>' * ($nestedPromptLevel + 1)) "

    I can actually capture this data and use it in my title bar. The reason you might want to do this? Sometimes the path can get pretty deep, and it eats up half the desktop real estate in the console. But the information is relevant, so I don’t want to lose it.

    First I’ll capture the current prompt data:

    $PromptData="PS $($executionContext.SessionState.Path.CurrentLocation)$('>' * ($nestedPromptLevel + 1)) "

    Now I’ll update the title bar with the information from the prompt and the current date and time. I add a little hyphen to make it more readable:

    $Host.UI.RawUI=$PromptData+’-‘+(Get-Date).tostring()

    If I don’t do anything more, Windows PowerShell will default to a prompt of PS.

    Now all I need to do is add this block of code to my PowerShell profile. Here’s the updated function:

    Function Prompt
    {
    $PromptData="PS $($executionContext.SessionState.Path.CurrentLocation)$('>' * ($nestedPromptLevel + 1)) "
    $host.ui.RawUI.WindowTitle=$PromptData+’-‘+(Get-Date).tostring()
    # .Link# http://go.microsoft.com/fwlink/?LinkID=225750
    # .ExternalHelp System.Management.Automation.dll-help.xml
    }

    When I run this in my current PowerShell console, I get cool results like this!

    Image of title bar

    This is a fun example, but can you imagine the fun things you could do with the prompt and the title now? Let your imagination be your guide!

    I invite you to follow the Scripting Guys on Twitter and Facebook. If you have any questions, send email to them at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, always remember that with great PowerShell comes great responsibility.

    Sean Kearney, Honorary Scripting Guy, Cloud and Datacenter Management MVP


    0 0

    Introduction

    This article helps you evaluate the Software Defined Networking (SDN) features in Windows Server 2016 Technical Preview 4. In particular, it focuses on using System Center Virtual Machine Manager (VMM) 2016 Technical Preview 4 for deploying Network Controller, a new feature in Windows Server 2016. Network Controller is a scalable and highly available server role that enables you to automate the configuration of network infrastructure instead of performing manual configuration of network devices.

    Prerequisites

    Before proceeding to deploy Network Controller, make sure that you have performed the following steps:

    Create an Active Directory security group for Network Controller management

    You need to create an Active Directory security group for Network Controller management. The group should be a Domain Local group. Members of this group will be able to create, delete, and update the deployed Network Controller configuration. You need to create at least one user account that is a member of this group and have access to its credentials.

    Create an Active Directory security group for Network Controller clients

    You need to create an Active Directory security group for Network Controller clients. The group should be a Domain Local group. Once the Network Controller is deployed, any members of this group will have permissions to communicate with the controller via REST interface. You need to create at least one user account that is a member of this group. After the Network Controller is deployed, VMM can be configured to use this user account’s credentials to establish communication with the Network Controller.

    Prepare an SSL Certificate

    You need an SSL certificate that will be used to establish secure communication (https) between VMM and Network Controller. There are two methods you can use to generate an SSL certificate: generate a self-signed certificate or use a Certificate Authority (CA).

    1. Use a self-signed certificate

    The following example creates a new self-signed certificate, and can be run from a PowerShell command window on any computer running Windows Server 2016 Technical Preview. Make note of the names you use to create the certificate and use the same names when you deploy the Network Controller.

    New-SelfSignedCertificate -KeyUsageProperty All -Provider "Microsoft Strong Cryptographic Provider" -FriendlyName "<YourNCComputerName>" -DnsName @("<YourNCFQDN>")

    You can use the Certificates snap-in to manage your certificate. Click Start, type manage computercertificates and press Enter. A Certificates - Local Computer console starts, where you can find your Network Controller certificate under Personal, Certificates.

    2. Use a Certificate Authority

    For Windows-based enterprise CA, follow the steps available here to request a CA-signed certificate. The certificate must include the serverAuth EKU, specified by the OID 1.3.6.1.5.5.7.3.1. In addition, the certificate Subject Name must match the DNS name of the Network Controller.

    After requesting the certificate, use the Certificates snap-in to export it and its private key into a .pfx file. When exporting, choose Personal Information Exchange - PKCS #12 (.PFX) and accept the default to Include all certificates in the certification path if possible. The export wizard requires that you protect the private key by either a security or a password. Be sure to assign a password, as you will need it later during Network Controller deployment.

    Prepare a file share for keeping diagnostic logs (optional)

    This share will be accessed by the Network Controller to store diagnostics information throughout its lifetime. Create a file share that can be accessed by the Network Controller. You may also optionally assign access permissions for the share to a specific domain user account. Store the username and password for this account which will be used later during Network Controller deployment.

    Setup

    This section covers the setup require for deploying the Network Controller.

    Topology

    The following test topology is designed to allow you to evaluate the SDN features on a small hardware footprint without requiring a large test bed. You can deploy this topology if you want but it’s not required. It is just a guide to help you understand the pieces that are required to deploy an SDN fabric and how they fit together. We assume that you already have VMM 2016 Technical Preview 4 installed with a few hosts under management.

    clip_image002 Important

    As you plan to deploy an SDN fabric to an existing environment that may also have hosts that do not use the Network Controller, you need to do the following:

    1.Create a separate Host Group for hosts that will be managed by the Network Controller. The Network Controller supports Windows Server 2016 Technical Preview hosts only.

    2. Ensure that you have a dedicated subnet for Logical Networks that will be managed by the Network Controller. You cannot share a subnet or Logical Network that is managed by the Network Controller with non-managed hosts running Windows Server 2016 Technical Preview or with hosts running previous versions of operating system.

    clip_image004

    The topology to deploy Network Controller consists of three physical hosts, one virtual machine for Network Controller, and two tenant virtual machines that will be used for Network Controller deployment validation.

    Hosts

    Host

    Hardware Requirements

    Software Requirements

    Host 1

    Infrastructure Host

    2 x 1Gb physical network adapter

    Windows Server 2016 Technical Preview

    Host 2

    Virtual Machine Host

    2 x 1Gb physical network adapter

    Windows Server 2016 Technical Preview

    Host 3

    Virtual Machine Host

    2 x 1Gb physical network adapter

    Windows Server 2016 Technical Preview

    Virtual Machines

    Virtual Machine

    Software Requirements

    Network Controller Virtual Machine

    Windows Server 2016 Technical Preview 4 (VHD)

    Tenant VM 1

    Windows Server 2016 Technical Preview 4 (VHD)

    Tenant VM2

    Windows Server 2016 Technical Preview 4 (VHD)

    The physical network must be configured so that the following networks are available. Subnets and VLAN IDs are examples and can be customized for your environment:

    Network Name

    Subnet

    Mask

    VLAN ID on trunk

    Gateway

    Management

    The subnet that connects VMM with NC Host and VM Hosts.

    10.60.34.0

    24

    NA

    10.60.34.1

    Backend

    The subnet for the Provider Addresses. You will need this network to validate the Network Controller deployment.

    10.60.33.128

    25

    11

    10.60.33.129

    Active Directory and DNS must be reachable from these subnets.

    Management Logical Network

    The Management logical network models the Management network connectivity for the VMM host, NC host, and VM hosts.

    To create the Management logical network:

    1. Open the Fabric workspace in the VMM Console, expand Networking and select the Logical Networks node.

    2. Right-click the Logical Network node and select Create Logical Network.

    3. Specify a Name and optional Description for this network. For example, you can call it MGMT. Click Next.

    4. On the Settings page, be sure to select One Connected Network, since all Management networks need to have routing and connectivity between all hosts in that network. Check the Create a VM Network with the same name… to automatically create a VM Network for your Management network. Click Next.

    5. In the Network Site panel, click Add to add a new network site. Select the host group for the hosts that will be managed by the Network Controller. Insert your management network IP subnet information. This network should already exist and be configured in your physical switch. Click Next when you’re ready to proceed.

    clip_image005

    6. Review the Summary information and click Finish to complete.

    Management Logical Switch

    The Management logical switch needs to be deployed on the NC host and provides the Management network connectivity to the NC VM. To create Management logical switch:

    1. Click Create Logical Switch on the ribbon in the VMM Console.

    2. Review the Getting Started information and click Next.

    3. Provide a Name and optional Description. For the Uplink mode, be sure to select No Uplink Team. Click Next to proceed.

    4. For Minimum Bandwidth mode, choose Absolute. Click Next.

    5. Accept the default switch extension and click Next to proceed.

    6. You can add a Virtual Port Profile and choose a Port Classification for Host Management on this page if you want but it is not required. Click Next when you’re finished.

    7. Create a new Uplink Port Profile directly from the Logical Switch wizard. Click Add and select New Uplink Port Profile from the drop down menu.

    8. Provide a name and optional description for your uplink port profile.

    a. Use the defaults for Load Balancing algorithm and Teaming Mode.

    b. Be sure to select all the network sites that are part of the Management logical network you created.

    c. Select the Uplink Port Profile you created and click New virtual network adapter. This adds a host virtual network adapter (vNIC) to your logical switch and uplink port profile, so when you add the logical switch to your hosts, the vNICs get added automatically.

    d. Provide a name for the vNIC. Verify that the management VM network is listed under the Connectivity section.

    e. Check the Inherit connection settings from the host adapter box. This allows you to take the vNIC adapter settings from the adapter that already exists on the host.

    f. If you created a port classification and virtual port profile earlier, you can select it now.

    clip_image006

    g. Click Next.

    h. Review the Summary information and click Finish to complete the wizard.

    To deploy the Management logical switch on the NC host, follow the steps available at this page.

    Deployment

    Prepare VHD for the Network Controller virtual machine

    The service template requires one virtual hard disk that must be prepared prior to importing the service template. This virtual disk must contain an operating system running Windows Server 2016 Technical Preview and should be in VHD format. Download and use Windows Server 2016 Technical Preview 4 ISO image from here. Please note that with TP4, VMM service template for Network Controller only supports single node deployment on a generation 1 virtual machine.

    clip_image007 Note

    You cannot use a VHDX as VMM doesn’t support deploying Network Controller Service template on a Generation 2 Virtual Machine.

    Import the service template

    This section tells you how to import Network Controller service template into your VMM library. Before proceeding to import Network Controller Service template, download the template to your machine from <here>.

    To import the service template into the VMM library

    1. In VMM, navigate to Library.

    2. In the top of the left pane, in the Templates section, select Service Templates.

    3. In the ribbon at the top, click Import Template.

    4. Browse to your service template folder, select the Network Controller Standalone.xml file and follow the prompts to import it.

    The service template uses the following virtual machine configuration parameters. Update the parameters to reflect the configuration for your environment as you import the service template.

    Resource Type

    Resource name and description

    Library Resources

    Resource Name: WinServer.vhd

    Description: Windows Server Virtual Hard Disk. Format should be VHD.

    Select the base VHD image that you prepared earlier and imported into your VMM library.

    NCSetup.cr

    A library resource that contains scripts to be utilized to setup the Network Controller.

    Map to the NCSetup.cr library resource in your VMM library.

    ServerCertificate.cr

    A library resource that contains an SSL Certificate in .PFX format.

    Select the ServerCertificate.cr library resource that you prepared earlier and imported into you VMM library.

    TrustedRootCertificate.cr

    A library resource that contains a certificate public key (.CER) to be imported as a trusted root certificate to validate the SSL Certificate.

    The trusted root certificate is optional. If a trusted root certificate is not needed, this resource will still need to be mapped to a CR folder, however the folder should be left empty.

    Map to the TrustedRootCertificate.cr in your VMM library.

    Configure and deploy the service

    Use the following process to deploy a network controller service instance.

    1. Select the Network Controller service template and click Configure Deployment to begin. You will have to select a name and destination for the service instance. The destination must map to a Host Group that contains the hosts configured in an earlier step in this topic.

    2. In the Network Settings section, you must map to the management VM network that you set up previously.

    3. Once you are done with mapping the destination and network settings, the Deploy Service dialog will appear. It is normal for the virtual machine instances to be initially red. Click Refresh Preview to have the deployment service automatically find suitable hosts (from the destination you mapped earlier) for the virtual machines to be created. This can be can be done manually if needed.

    4. In the map diagram, click the virtual machine element and change the VM name and computer name to match the computer name you used when you created the computer certificates.

    5. On the left side of the configure deployment window there are a number of settings that you must configure. The table below summarizes each field's values.

    Setting

    Requirement

    Description

    ClientSecurityGroup

    Required

    Name of the security group containing Network Controller client accounts. This is the group you created previously.

    Example: contoso\Network Controller Clients

    DiagnosticLogShare

    Optional

    File share location where the diagnostic logs will be periodically uploaded. If this is not provided, the logs are stored locally on each node.

    Example: \\fileserver.contoso.com\nc_logs\

    DiagnosticLogShareUsername

    Optional

    Full username (including domain name) for an account that has access permissions to the diagnostic log share. Must be in the form [domain]\[username].

    Example: contoso\Username

    DiagnosticLogSharePassword

    Optional

    The password for the account specified in the DiagnosticLogShareUsernamee parameter.

    EnableApplicationLogging

    Required

    Indicates whether to enable network controller application logging. These are intended to be used to debug issues. Leaving this option set to True will consume disk space.Options are “False” and “True”.Recommended set to “False”.

    LocalAdmin

    Required

    Select a Run as account in your environment which will be used as the local Administrator on the NC virtual machines.

    User name should be .\Administrator

    MgmtDomainAccount

    Required

    Select a Run as account in your environment which will be used to prepare the Network Controller. This user must be a member of the management security group, specified below, which has privileges to manage the network controller.

    MgmtDomainAccountName

    Required

    This must be the full username (including domain name) of the Run as account mapped to MgmtDomainAccount.

    Example: contoso\Username.

     Note

    The domain username will be added to the Administrators group during deployment.

    MgmtDomainAccountPassword

    Required

    Password for the management Run as account mapped to MgmtDomainAccount.

    MgmtDomainFQDN

    Required

    Fully qualified domain name for the Active directory domain that the network controller virtual machines will join.

    Example: Contoso.com

    MgmtSecurityGroup

    Required

    Name of the security group containing network controller management accounts. This is the group you created previously.

    Example: contoso\Network Controller Management

    ServerCertificatePassword

    Required

    Password needed to import the SSL Certificate into the machine store.

    6. After you configure these settings, click Deploy Service to begin the service deployment job. Deployment times will vary depending on your hardware but are typically between 30 and 60 minutes.

    Add and configure Network Controller service to VMM

    After the network controller service is successfully deployed, the next step is to add it to VMM as a network service. This works just like adding other network services in VMM; you begin this process with the Add Network Service wizard.

    To run the Add Network Service wizard

    1. Navigate to the Fabric node in the VMM console.

    2. Right-click the Network Service icon under Networking and click Add Network Service.

    3. The Add Network Service Wizard starts. Click Next.

    4. Provide a name for your Network Controller Network Service and an optional description. Click Next.

    5. Select Microsoft for the manufacturer and for model select Microsoft Network Controller. Click Next.

    clip_image008

    6. On the Credentials tab, provide the RunAs account you want to use to configure the Network Service. This should be the same account that you included in the Network Controller Clients group. Click Next.

    7. For the Connection String, use the FQDN you registered in DNS for the network service you deployed previously. Your connection string should look similar to this:

    serverurl=https://<NCName.DomainName>/;SouthBoundIPAddress=<IP address>

     Note

    One way to verify the IP address of the network controller is to ping the network controller computer name.

    clip_image009

    9. On the Review Certificates page, a connection is made to the network controller virtual machine to retrieve the certificate. Verify that the certificate shown is the one you expect. Ensure you select the These certificates have been reviewedand can be imported to the trusted certificate store check box. Click Next.

    10. On the next screen, click Scan Provider to connect to your service and list the properties and their status. This is also a good test of whether or not the service was created correctly, and that you’re using the right connect string to connect to it. Examine the results, and when it completes successfully, click Next.

     Note

    The Name and Manufacturer fields will be empty. This is to be expected.

    11. Configure the Host Group in VMM that your Network Controller will manage. If all your hosts in your VMM deployment will be managed by the Network Controller (for example, if you’re using the minimum deployment topology), then you can choose All Hosts. Otherwise, you will want to choose only the Host Group with Windows Server 2016 Technical Preview hosts that are part of your SDN fabric. Click the appropriate check box and then click Next.

    12. Click Finish to complete the Add Network Service wizard. When the service has been added to VMM, you should see it appear in the Network Services list in the VMM Console, and it should look similar to the following:

    clip_image010

    13. You can right-click the Network Controller object and select Properties to view the properties of your newly created Network Controller.

    14. Click OK to finish.

    Validation

    This section, although not required for Network Controller deployment itself, is intended to allow users to validate successful deployment for Network Controller. We will create a NC managed ‘Back End’ network and configure tenant VM network on top of that. We will also test connectivity between two tenant VMs deployed across different hosts to ensure NC is deployed correctly.

    Create Back End network for tenant VM connectivity

    The network controller is connected to the Management network, which is the network that is used to deploy and manage the network controller through VMM. Next, you need to create "Back End" network that will be managed by the network controller in your SDN fabric. This network will be used to validate that the Network Controller has been deployed successfully and that tenant virtual machines within same Virtual Network are able to ping each other.

    To create the Back End (HNV PA) network

    1. Start the Create Logical Network Wizard.

    2. Type a name and optional description for this network. The example shown here is Back End Network. Click Next.

    clip_image011

    3. On the Settings page, be sure to select One Connected Network since all HNV PA networks need to have routing and connectivity between all hosts in that network. Ensure you check Allow new VM networks created on this logical network to use network virtualization. You will also see a new setting: Managed by the Network Controller. Ensure you check this box and then click Next.

    clip_image012

    4. On the Network Site panel, add the network site information for your HNV PA network. This should include the Host Group, Subnet and VLAN information for your Back End Network. Remember, this network should already exist in your physical network devices (switch) and all your SDN fabric hosts should have physical connectivity to it.

    5. Review the Summary information and complete the wizard.

    Create IP address pools that will be managed by the network controller

    The Back End Network is the HNV Provider Address (PA) network, so it must have a static IP address pool managed by VMM for address assignment, even if DHCP is available on this network. Thus, you need to create a static IP address pool that is associated with this logical network.

    To create an IP address pool for the Back End Network

    1. Right-click the back end network logical network in VMM and select Create IP Pool from the drop down menu.

    2. Provide a name and optional description for the IP Pool and ensure that the back end network is selected for the logical network. Click Next.

    3. On the Network Site panel, you need to select the subnet that this IP address pool will service. If you have more than one subnet as part of your HNV PA network, you need to create a static IP address pool for each subnet. If you have only one site (for example, like the sample topology) then you can just click Next.

    4. On the IP Address range panel, specify the starting and ending IP address. It is recommended that you start with the second address in your IP address range so that the network controller does not assign the default gateway address for the subnet. Click Next.

    clip_image013

    5. Now configure the default gateway address. Click Insert next to the Default gateways box, type the address and use the default metric. Click Next.

    6. Optionally you can configure DNS information but this is generally not required.

    7. Optionally you can also configure WINS server information but this is generally not required. Click Next.

    8. Review the summary information and click Finish to complete the wizard.

    Configure Back End network

    1. In Network Service, right-click the network controller object and select Properties.

    2. Click on the Logical Network Affinity tab in the left menu.

    3. Select the Back End (HNV PA) network that you created earlier to be your Back-End network.

    4. Click OK.

    Create an SDN logical switch and deploy to hosts

    Now that you have create the logical networks, VM networks, and IP pools for your SDN fabric, you need to create a logical switch that you can deploy to your Windows Server 2016 Technical Preview hosts. This will make the networks that you created available to your hosts via VMM and will enable the Virtual Filtering Platform (VFP) switch extension which will make your hosts available to the network controller. This is also referred to as an SDN switch as it will enable creation and configuration of network objects via the network controller.

    To create the SDN logical switch

    1. Click Create Logical Switch from the ribbon, or right-click the Logical Switches node in the left hand tree navigation in the VMM console.

    2. Review the Getting Started information and click Next.

    3. Provide a name (SDN Switch or whatever you want) and optional description. For the uplink mode, ensure you select No Uplink Team.

     Important

    Switch Embedded Teaming (SET) together with network virtualization are NOT supported in TP4, so be sure that you do not select an Uplink Team for your SDN switch. SET is supported with VLANs in TP4, so if you are testing converged networking with dedicated infrastructure adapters (that will not use networking virtualization) then you may team one or more adapters in this configuration.

    4. Click the Managed by Microsoft Network Controller check box and you will notice that the Extensions page disappears. This happens because the network controller requires the VFP extension and thus is selected by default. If your network adapters support SR-IOV and you want to use it, you can enable it here as well and then click Next to proceed.

    5. You can optionally select one or more Virtual Port Profiles if you want. This functionality is the same as it was in Windows Server 2012 R2. When you’re ready to proceed, click Next.

    6. Add a new Uplink Port Profile directly from the wizard. Click Add and select New Uplink Port Profile from the drop down menu.

    7. Provide a name (SDN port profile or whatever you want) and optional description for your Uplink Port Profile.

    It is recommended that you use the defaults for Load Balancing algorithm and Teaming Mode.

    Ensure you select all the Network Sites you created for your SDN fabric that are managed by the Network Controller as you want to be sure that they are included in this switch.

    You do not need to check the Enable Hyper-V Network Virtualization box as you cannot have hosts that do not support this as part of an SDN fabric by definition. The SDN switch is supported on Windows Server 2016 Technical Preview hosts only.

    Click Next to proceed.

    8. Review the Summary information and click Finish.

    To deploy the logical switch to hosts

    You can now deploy the SDN logical switch to hosts that will be used to provision tenant virtual machines

    1. Navigate to the Host Group that contains your Windows Server 2016 Technical Preview hosts that are be part of your SDN fabric. Right-click a host and select Properties from the drop-down menu.

    2. Select Virtual Switches from the left menu.

    3. Click New Virtual Switch and select New Logical Switch from the menu. The SDN logical switch that you created previously should appear selected in the logical switch combo box. If it isn't, select it now.

    4. Ensure you bind the SDN Logical Switch to the correct physical adapter on the host. It should be a different adapter from the one that the Management logical switch is connected to.

    clip_image014

    5. Click OK on the Host Properties dialog to complete the operation.

    6. Repeat this for each host in your SDN fabric. The Infrastructure host does not need this logical switch.

    Create tenant VM networks and IP pools

    Next, you will create a VM network and IP pool for a tenant in your SDN infrastructure.

    To configure a VM network

    Follow steps mentioned here to create VM network and here to create IP address pool.

    clip_image015 Tip

    You MUST use a value for Starting IP Address that is at least 4 IP addresses into the Address range for the IP Subnet. The Network Controller uses the first three IP addresses of the network range. For example, if your IP subnet is 192.168.0.0/24, you should use 192.168.0.4 as your starting IP address.

    Click Next.

    Create tenant virtual machines

    Now you can create tenant virtual machines connected to the tenant virtual network.

    To create a virtual machine from an existing virtual hard disk

    Follow these steps to create a VM from an existing virtual hard disk.

    clip_image001Note

    During VM Creation, on Configure Hardware page, Connect the Network Adapter 1 of the VM to the tenant VM network that you created earlier in this document.

     Tip

    To prevent placement from choosing a different value for these settings, click the pin icon next to the setting. Note that self-service users do not see this option.

    Once you have deployed at least two virtual machines in your VM Network, you can ping one tenant virtual machine from the other tenant virtual machine to validate that the Network Controller has been deployed successfully and that it can manage Back End network allowing tenant virtual machines to ping each other.

    Manish Jha| Program Manager II | Microsoft

    Get the latest System Center news onFacebookandTwitter:

     clip_image001clip_image002

    Our Blogs

    VMM 2012 R2


    0 0

    Problem: User is receiving a correlation ID when trying to access a PWA of a newly migrated site. This problem was limited to 2 sites in my case.

    Resolution: After discussing with my Project Server colleague, this can occure on project sites exported from Project Server 2007 and imported into Project Server 2010 when they do not have an associated project under Server Settings > Project Sites. We found in this case that the project site had no associated project plan.  The project name had changed from the 3346 name included in the project site to 1995; the 1995 project plan existed but had no project site.  We imported the project site using stsadm –o import –url –filename to a new site with the new 1995 name and then created the association of this new site with the existing 1995 plan.  We knew we were successful when the associated save worked.  Next step was just to publish the plan and make sure the jobs processed successfully.


    0 0

    Un equipo dirigido por el investigador Antonio Criminisi, investigador principal de Inteligencia Artificial y la Percepción en Microsoft Research Cambridge en el Reino Unido, recibió el premio Marr , anunciado en la Conferencia Internacional de Visión Artificia l en Santiago, Chile. El premio se otorga cada dos años y se considera un alto honor para los investigadores de visión artificial. El reconocimiento fue entregado por la investigación “Deep...(read more)

    0 0

    Over the last year, the Enterprise Mobility Suite has grown at an unbelievable rate, and this explosive progress means that we have to work harder than ever to communicate clearly about how to use it, why it’s better than ever, and how it helps organizations all over the world do more.

    In this new video, I talk in detail about the unique capabilities in EMS that allow you to manage and protect devices and corporate assets without compromising user experience.  There are ton of demos, scenarios, and background info on how and why we built these great new features.

    I think you’ll be really impressed with what you see.


    0 0

    Summary: Automatically set the zoom level in the Windows PowerShell ISE.

    Hey, Scripting Guy! Question How can I programmatically adjust the zoom for my font size in the Windows PowerShell ISE?

    Hey, Scripting Guy! Answer Set the Zoom property—for example, to adjust the font to 150%, run:

    $pSISE.Options.Zoom=150


    0 0

    Problem: The issue was that someone with SharePoint Designer access deleted some workflows. No one stepped forward to claim responsibility so I was tasked with trying to track down who did and provide a solution to prevent this. A quick side-bar, this is why I recommend a training curriculum for your users BEFORE they are granted access to SharePoint designer, but I digress.

    Resolution:


    Since this is the page that contains the code to delete workflows, we now had a place to start: RemWrkfl.aspx. I figured this out by deleted a workflow, recording the time, then looking through the IIS logs

    The user did the same on their side and was able to identify the user who deleted the workflows by doing a search for 'RemWrkkfl.aspx' during the time of the incident. It will display the account name next to this action in IIS

     

     


    0 0

    Problem: on a SharePoint 2010/PowerPivot 2008 R2 environment, users would receive a 'Failed to render' chart' error

    Troubleshooting:

    Based on previous experience I tried the following but all came back negative

    • Is PowerPivot feature enabled at the site collection? Yes

      Recycled app pools - error still occurs

    • Verified that CT2WTS is enabled on every server running Excel Services  - Yes

    Resolution:
    NOTE: I highly recommend you plan for PowerPivot instead of just installing it. You need to plan for proper hardware and software configurations to ensure that it runs smoothly. You should also understand the data that is going to be put into your farm. How many PowerPivot workbooks? How large are they? How complex is the data they are pulling in? What external systems do they need access to? None of these were addressed in this case, the following resolution was something that had to be done quickly in order to get past the issue in production. Now I am working with the customer to scale out their BI environment so that we can stop addressing these issues with 'quick fixes'. see my recommended reading suggestions below

      1. Reinstalled the PowerPivot farm solutions. 
      2. Stopped the Excel service on all servers, except one server. (this was done so we could more easily identify the problem server)

      3. Restarted the Claims to Windows service and Excel services. 

      4. Increased the following settings within PowerPivot.

    1. Maximum Request Duration 

    2. Volatile Function Cache Lifetime

       

      Recommended Reading:

      Hardware and Software Requirements (PowerPivot for SharePoint and Reporting Services in SharePoint Mode)

      Enable and configure PowerPivot Data Refresh

       

       

       

       

       

       

       

       


    0 0

    Happy new year everyone!

    Of all the components of Power BI, Power Query was by far the one I was originally most skeptical about. How can an end-user be responsible for creating their own ETL when this process is usually so complex? After I started to play with the technology, I was really surprised that Power Query accomplished easily tasks that would take many hours with traditional tools and fulfilled the promise of self-service ETL.

    Furthermore, the power of Power Query is in the flexibility of the technology for data transformation as well as the multiple connectors available. One example is the Exchange connector that allows access to the data of your emails, calendar, and address book.

    Over the past few months I have been using Power Query, not for ETL, but to help manage my Outlook contacts by automatically identifying new people to add to the address book, and selecting subsets of contacts to send emails for my distribution list.

    If you would like to learn more about this use case, I invite you to read my complete article: Maximize your Impact: Contact Management with Office 365, Excel and Power Query.


    0 0

    If your organization is a Cloud Service Provider (CSP) or an Enterprise with multiple tenants, you can deploy RAS Gateway in multitenant mode to provide network traffic routing to and from virtual and physical networks, including the Internet. You can deploy RAS Gateway in multitenant mode as an edge gateway to route tenant customer network traffic to tenant virtual networks and resources. When you deploy multiple instances of RAS Gateway VMs that provide high availability and failover, you...(read more)

    0 0

    Em 5 de Janeiro de 2016, a Microsoft lançou uma atualização (3133431) para o Internet Explorer 11 no Windows 10; e Microsoft Edge no Windows 10. A atualização resolve alguns problemas de compatibilidade de aplicativos embutidos na atualização 3132372, bem como as vulnerabilidades descritas no Boletim de Segurança da Adobe APSB16-01. Para obter mais informações sobre esta atualização, incluindo links para baixar a atualização, consulte Microsoft Knowledge Base Article 3133431.

    Antes desta versão, em 29 de Dezembro de 2015, a Microsoft lançou uma atualização (3132372) para o Internet Explorer 8, 10 no Windows Windows Server 2012 e Windows RT; Internet Explorer 11 no Windows 8.1, Windows Server 2012 R2, Windows 8.1 e Windows RT 10; e Microsoft Edge no Windows 10. A atualização abordada as vulnerabilidades descritas no Boletim de Segurança da Adobe 
    APSB16-01. Para obter mais informações sobre esta atualização, incluindo links para baixar a atualização, consulte Microsoft Knowledge Base Article 3132372

     

    Nota: As atualizações para o Windows RT, Windows RT 8.1, Windows Technical Preview e Windows Server Technical Preview estão disponíveis através do Windows Update 

    Recursos relacionados:  

     

     


    0 0
  • 01/05/16--16:27: EMET and DEP
  •  

    I’ve seen various questions recently around the use of EMET and DEP for protecting processes.  Prior to launching into this I highly recommend reading Rob Hensing’s old but good articles on this at http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-1.aspx and http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx .

    Getting first things out of the way DEP is an OS/System Mitigation.  EMET does not have a mitigation called DEP it merely makes it easier to configure DEP for the OS as a whole as well as the ability to opt-in applications that were not compiled with DEP configured or the ability to opt-out applications if the OS is set to DEP always-on.

    This is the issue I’ve typically seen with EMET + DEP + process:

      • System is set to DEP Opt-In (i.e. processes don’t run with DEP enabled unless compiled that way for x86 apps x64 is a different story as they are always DEP)
      • application.exe is either an x86 or x64 application that is compiled as a DEP aware application
      • EMET also is protecting application.exe and has the DEP box checked for application.exe

    So demonstrating a lab setup I have three applications shown in the pic below that are exactly what the app names state

    • x64AppCompiledWDEP.exe = x64 application with DEP enabled
    • x86AppCompiledWDEP.exe = x86 application compiled with DEP enabled
    • x86AppCompiledWODEP.exe = x86 application compiled with DEP not enabled or the NXCOMPAT linker option set to NO (see https://msdn.microsoft.com/en-us/library/ms235442.aspx)

    image

    So at times (I unfortunately can’t repro this in my lab) having this setup for the x86AppCompiledWDEP.exe application will cause application crashes with whatever that application is (have seen it happen to IE and Office applications among others).  The proper way usually to fix this is to ensure that EMET does not try to opt-in this process to DEP as it is already using DEP in most cases.  In you EMET configuration find the application with the issues and uncheck the DEP box.  The big push back I typically get here is that you are turning off mitigations this is not good etc and this is absolutely not the case if this is already a DEP aware application. The next slide shows the same applications with the DEP box unchecked for each of the applications that previously had it checked on a system that has DEP set to OPT-IN.

    image

    Notice in the Task manager section (btw I right clicked on the columns and added the Data Execution Prevention / DEP column) that DEP is still enable for both the x64 application as well as the x86 application that was compiled as DEP aware.  It is not however enabled any more for the x86 application that was not compiled with DEP which means in the first screenshot that EMET was actually working quite well and opting my non-DEP application into the OS DEP mitigation at process startup.

    So the point of this article is basically if you are seeing crashes for an application and it turns out to be because EMET is attempting to opt-in an application to DEP,  unchecking the DEP box for that application may fix the problem. Also if the application is a recent version of IE/Office etc that is already using DEP (use task manager to check on that) you will not be lowering or changing your security posture in any way.

    Thanks

    Kurt


older | 1 | .... | 807 | 808 | (Page 809) | 810 | 811 | .... | 889 | newer