par ·0 Commentaires

Nano Server Image Builder

Nano Server Image Builder

With Windows Server 2016, Microsoft has implemented a new feature called Nano Server. Very light operating system, just a few mega bytes to make it work. This « mini operating system » allows to install roles such as HyperV, Server DNS, web server,…

He have no shell, no Internet explore so this images reduces the risk of attack as well as the number of patch to install. However creating a Nano Server image requires command line execution. To simplify this step Microsoft has made available tool Nano Server Image Builder that allows the creation of the image in a graphic way.

As a first step, it is necessary to download the Nano Server Image Builder tool. You can download it here.

Lire la suite de

par ·0 Commentaires

Configure Subscriptions Events

Why set up a subscription ?

If you have computer in workgroup, it may be interesting to centralize events in the event logs. This allows to facilitate the analysis of different events log. The computer being in workgroup, we use authentication based on certificates. In order to secure exchange, we will proceed to the use of the HTTPS protocol.

Lire la suite de

par ·0 Commentaires

Manage Workgroup Workstation

How to manage machines in a workgroup

If you have machines in a domain, it is easy to execute remote administration (through gpo, script,…). Regarding the positions in workgroup, the task turns out to be more complex. Indeed, the latter only contain their own GPOs and their account base.
Thus it is possible to use winrm to perform remote administration. In order to secure the communications betweens the two computers (or computer and server) it is possible to encrypt exchanges using the ssl Protocol.

Lire la suite de

par ·0 Commentaires

Update build Windows 10

Windows 10 and WSUS Server

After you implement WIndows 10 on your workstations, it is necessary to manage the deployment of Builds. Thus three different management have emerged (CB, CBB and LTSB).

Management and deployment can be operate by Windows Update / Windows Update for Business, SCCM or WSUS.
His support for the deployment of 10 Windows Builds by the WSUS or SCCM and WSUS server, can be done only in certain conditions.

Indeed, it is necessary to have a WSUS server installed under Windows Server 2012 or 2012 R2 Server. The activation of the feature cannot be and must not be made until after the installation of the KB3095113. Where type Upgrade in WSUS before installing the update, it will be necessary to proceed to a cleaning of the base (see below in this article).

Lire la suite de

par ·0 Commentaires

Manually remove PKI

Why manually delete a PKI?

When you remove a pki since the wizards Windows will scavenge records in Active Directory. However if the server is reinstalled or the VM deleted unless the certification authority role is deleted beforehand, these records remain present in the Active Directory directory. It is therefore necessary to carry out the cleaning of it before any new installation of an enterprise certification authority.

This article details the different steps for cleaning of the Active Directory.

Lire la suite de

par ·0 Commentaires

Rename AD Domain

Rename AD Domain

It is sometimes necessary to change the name of the Active Directory domain. This operation is delicate to perform mainly if exchange or sql servers are present. After verifying the good state of health of the Active Directory, the change can be performed using the rendom command. The latter is present in the domain controller as a builtin.

Lire la suite de

par ·0 Commentaires

Fix KB3148812 problem

Fix KB3148812 problem

The KB3148812 update installation problems. In fact after installing the administration console WSUS becomes inaccessible. Moreover customers no longer have the opportunities to contact the WSUS server. Initially Microsoft recommended not to install or remove it for those who carry out the installation of the update.

Lire la suite de

par ·0 Commentaires

CmdLets SCCM

CmdLets SCCM

A SCCM server administration will be generally to add new drivers, images of boot or to installations and applications. This will also be to monitor the State of health of the infrastructure by looking at the logs file.
Using PowerShell with CmdLets SCCM is justified because it is thus possible to script some action and therefore to industrialize the process which some may be « heavy » when there are executed manually.

For this Microsoft provides to people wishing Cmdlets to perform the administration of one or more servers SCCM.

Lire la suite de