Microsoft

Enabling Firewall audit logging in windows

admin

In this article you can see how to enable audit logging for Windows Firewall with Advanced Security.

Windows Firewall with Advanced Security can log firewall activity such as dropped packets or successful connections. By default the firewall log is: %windir%\system32\logfiles\firewall\pfirewall.log

You can configure firewall logging by using Group Policy if desired. But what if you want to collect more detailed logging of firewall activity such as kernel mode connections/drops and other filtering activity? You can do this by enabling Windows Filtering Platform (WFP) audit logging as follows:

Auditpol /set /category:”System” /SubCategory:”Filtering Platform Packet Drop” /success:enable /failure:enable

Auditpol /set /category:”System” /SubCategory:”Filtering Platform Connection” /success:enable /failure:enable

Note that this form of logging may be very verbose, so be careful when enabling this on a computer in your production environment.

tip in server 2012

admin

Unfortunately there is a problem when you try to add .Net Framework 3.51 to Windows Server 2012 using Server Manager!

In order to fix that issue and get .Net Framework 3.51 installed issue following command from Command Prompt:

dism /online /enable-feature /all /featurename:NetFX3 /source:x:\sources\sxs

 

In order to assign static IPv4 address to Windows Server 2012 Core using power shell use:

New-NetIPAddress -IPAddress 192.168.1.10 -InterfaceAlias “Ethernet” -DefaultGateway 192.168.1.1 -AddressFamily IPv4 -PrefixLength

System Center 2012 – VMM networking Poster

admin

I was surfing the web. I found a nice poste about virtualization and its infrastructure. I think it is interesting to see the poster.

The issue of networking in System Center Virtual Machine Manager 2012 SP1 is more complex and offers several features so it is classified first. Microsoft has now released a poster that summarizes the most important information.

This poster for Virtual Machine Manager Networking helps …

  • … In planning the networks with the use of VMM VM Networks, Logical Networks and Logical Switches with different configurations as …

    … When configuring networks in VMM by taking the necessary steps for Fabric Administrator and / or tenant administrator are described;

    • VLAN-based configuration;
    • No insulation;
    • Network Virtualization;
    • Use external networks;
    • No Virtual Networking.
  • To understand the … Network Object Model and the corresponding links between the objects;
  • .. To understand how VMM can be extended with 3rd party plug-ins.

Download

VMM_Networking_Poster.pdf (1.2 MB)

Integrate drivers into a WIM file with DISM

admin

1. Download and install WAIK

2.Mount the Image
Create folders “Images” and “mount” on c:\
BOOT.WIM=>
dism /mount-wim /WimFile:c:\Images\boot.wim /index:2 /MountDir:c:\mount

INSTALL.WIM=>
dism /mount-wim /WimFile:c:\Images\Install.wim /index:1 /MountDir:c:\mount
Continue reading “Integrate drivers into a WIM file with DISM”

Read-Only Domain Controller (RODC)

admin

Windows Server 2008: Read-Only Domain Controller (RODC)

A Read-Only Domain Controller (RODC) is a new type of domain controller in Windows Server 2008. Its main purpose is to improve security in office branches. In this post, I summarize the functionality of RODC.

In office branches, it is often not easy to provide sufficient physical security for servers. It is not a big deal to manipulate a Windows system if you can get physical access to it. Since Domain controllers store security sensitive data, they are particularly endangered. RODCs can help with this problem in four ways:

RODC essentials Continue reading “Read-Only Domain Controller (RODC)”