Configure a Radius server on Windows Server to authenticate Cisco VPN users

A Virtual Private Network (VPN) allows to connect to a private network through the Internet, from anywhere in the world.

It may be very helpful to business users willing to access from outside the internal resources of their company.

In this post we’ll see how you can allow Active Directory users to perform the login to a VPN, configured on a Cisco router.

The setup includes a Cisco 1801 router, configured with a Road Warrior VPN, and a server with Windows Server 2012 R2 where we installed and activated the domain controller and Radius server role.
(more…)

How to configure DHCP failover on Windows Server 2012 R2

Configuring the DHCP failover in your LAN is a simple operation to improve the reliability of the network.

There are two main ways to provide DHCP failover:

  • Load balancing
  • Hot standby

Load balancing allows to share the load between two or more DHCP servers while the Hot standby mode simply provide DHCP redundancy.

In this guide we adopted the Hot standby mode. The DHCP servers are two Windows 2012 R2 machine in the same domain (mandatory requirement).
(more…)

How to configure NIC Teaming on Windows Server 2012

Load balancing and failover (LBFO), also known as NIC Teaming, is a powerful feature introduced by Microsoft only with Windows Server 2012. With previous versions of Windows you could only rely on third party software, a curious limitation.

NIC Teaming allows an administrator to place in a team multiple network adapters being part of the same machine.

Working as a team, the network adapters improve bandwidth and protect from failures, sharing the same IP and network configuration.

The reason is pretty straightforward, if one of the adapters breaks, the others will take care of the local connectivity. Windows supports up to 32 adapters placed in a single team.
(more…)

How to reset NTFS permissions with ICACLS

File and folder permissions are really important to Windows. Sometimes a user may mess with the permissions causing software or even the operating system to work in an undesired way.

There’s a simple way to solve this kind of problems without headaches, using the ICACLS command.

Launch the command prompt as an Administrator and navigate through the tree of folders you need to fix.

Then launch the command ICACLS * /T /Q /C /RESET.

ICACLS will reset the permissions of all the folders, files and subfolders. After a while, depending on the number of file, the permissions will be fixed.

Sometimes, you may need to take the ownership of a tree of folders. You can use the command takeown /R /F * before launching the ICACLS.

Be careful, taking the owenership of system folders may break your operating systems.

Configuring and using Windows Deployment Services (WDS)

Windows Deployment Services (WDS) is a really interesting tool from Microsoft. It allows an administrator to remotely deploy Windows operating systems to machines booting from a network adapter.

In environments with a high number of clients WDS can be very useful, a new computer can be formatted just plugging the Ethernet, without any physical support like Windows DVDs or USB drives.

The configuration isn’t difficult but there are some requirements:

  • There must be an Active Directory Domain Services
  • At least one partition on the server must be formatted as NTFS
  • A DHCP server must be active to assign IP addresses to the WDS clients

Let’s see how you can configure and use the Windows Deployment Services.
(more…)

How to deploy (and/or remove) software packages via GPO

One of the greatest advantages of having an Active Directory Domain is the possibility to deploy software packages via GPO (Group Policy Object). Software deployment is crucial in business environments to save time and money.

Microsoft not only gives us a simple way to deploy software, but also provides a quick solution to uninstall it when we don’t need it anymore.
(more…)

How to configure a Distributed File System (DFS) Namespace

Locating shared folders to access specific documents is a common problem in business environments. System administrators have to decide how to share folders and how the users will be able to find them.

Distributed File System (DFS) is the Microsoft solution to the problem: a simplified way for users to access geographically dispersed files.

DFS allows system administrator to create trees of virtual directories aggregating shared folders across the entire network.

There are two types of DFS:

  • DFS Namespace: a virtual tree aggregating shared folders from the entire network. Administrators can set up multiple DFS Namespaces.
  • DFS Replication: creates replicated shared folder with scheduling and bandwidth throttling configured by the administrator.

We are going to see how to configure a Distributed File System Namespace on Windows Server 2012 R2.
(more…)