Configuring the DHCP failover in your LAN is a simple operation to improve the reliability of the network.

There are two main ways to provide DHCP failover:

• Load balancing
• Hot standby

Load balancing allows to share the load between two or more DHCP servers while the Hot standby mode simply provide DHCP redundancy.

In this guide we adopted the Hot standby mode. The DHCP servers are two Windows 2012 R2 machine in the same domain (mandatory requirement).
(more…)

Load balancing and failover (LBFO), also known as NIC Teaming, is a powerful feature introduced by Microsoft only with Windows Server 2012. With previous versions of Windows you could only rely on third party software, a curious limitation.

NIC Teaming allows an administrator to place in a team multiple network adapters being part of the same machine.

Working as a team, the network adapters improve bandwidth and protect from failures, sharing the same IP and network configuration.

The reason is pretty straightforward, if one of the adapters breaks, the others will take care of the local connectivity. Windows supports up to 32 adapters placed in a single team.
(more…)

File and folder permissions are really important to Windows. Sometimes a user may mess with the permissions causing software or even the operating system to work in an undesired way.

There’s a simple way to solve this kind of problems without headaches, using the ICACLS command.

Launch the command prompt as an Administrator and navigate through the tree of folders you need to fix.

Then launch the command ICACLS * /T /Q /C /RESET.

ICACLS will reset the permissions of all the folders, files and subfolders. After a while, depending on the number of file, the permissions will be fixed.

Sometimes, you may need to take the ownership of a tree of folders. You can use the command takeown /R /F * before launching the ICACLS.

Be careful, taking the owenership of system folders may break your operating systems.

Windows Deployment Services (WDS) is a really interesting tool from Microsoft. It allows an administrator to remotely deploy Windows operating systems to machines booting from a network adapter.

In environments with a high number of clients WDS can be very useful, a new computer can be formatted just plugging the Ethernet, without any physical support like Windows DVDs or USB drives.

The configuration isn’t difficult but there are some requirements:

• There must be an Active Directory Domain Services
• At least one partition on the server must be formatted as NTFS
• A DHCP server must be active to assign IP addresses to the WDS clients

Let’s see how you can configure and use the Windows Deployment Services.
(more…)

One of the greatest advantages of having an Active Directory Domain is the possibility to deploy software packages via GPO (Group Policy Object). Software deployment is crucial in business environments to save time and money.

Microsoft not only gives us a simple way to deploy software, but also provides a quick solution to uninstall it when we don’t need it anymore.
(more…)

We’ve seen how to restrict software (actually in two different ways) and websites via GPO. Now it’s time to restrict devices. Device restrictions can improve the security of a business network and limit potential headaches to the IT staff.

It’s also really easy to enforce a device restriction GPO.
(more…)