setting data/time of remote server

it is possible to change time and date of a remote server/servers by scheduling a job on them remotely:
at \\10.0.84.17 15:15 net time \\10.0.53.30 /set /y
this will set the time of 10.0.84.17 at 15:15 of its local time to data/time of 10.0.53.30 machine.
first authentication should be down between the two.
we can use this to happen before setting time:
at \\10.0.84.17 15:10 net use \\10.0.53.30 /user:administrator password

How WEB and NTFS Permissions Differ

Why are there two sets of permissions for securing websites?And whats the difference between NTFS Read permission and the Read permission on the Home Directory tab for a site? All the difference in the world!Here is how they work under the hood:
NTFS Permissions When a user tries to access a web page located on an NTFS volume, an access token is first created using the user’s SID. The token is then passed to the server, which compares the SID in the token to the SIDs in the ACL for the page. If a match is found, the user is granted the level of access specified in the ACL; and if no match is found, the user is denied access to the page.
Web permissionsWhen a user tries to access a web page on an IIS site, the user’s browser issues an HTTP request with headers containing an HTTP verb that specifies the type of request being made. For example, an HTTP GET request is a request to read the page . For IIS to respond to such a request, it must have the Read web permission assigned to the page (that is, to the directory in which the page resides). Likewise, WebDAV uses HTTP LOCK and HTTP PROPFIND requests to publish content to your web server, and for this to work you must have READ, Write and Directory Browsing web permissions enabled.
In conclusion, NTFS permissions are a characteristic of the windows file system and are enforced by IIS. There are other differences as well, the most important being that NTFS permissions apply only to the specified users and groups for which they are configured. For example, Users has Read and Execute permission, while administrators has Full Control. If you want different groups of users to have different levels of
access to your site content, use NTFS permissions to achieve this. By contrast, web permissions apply equally to all users and groups for the site on which they are configured.

Source :IIS 6 Administration by Mitch Tulloch

To configure heartbeat and DNS settings in a multi-site failover cluster

1.On a node in the cluster, open a Command Prompt window.
2.Determine whether to change the heartbeat settings, for nodes on a common subnet, nodes communicating across subnets, or both. For background information about heartbeat settings, see the link at the beginning of this topic.The default value is that (regardless of subnet configuration) a heartbeat signal is sent once every second (1000 milliseconds) and when a node misses a series of 5 heartbeats, another node will initiate failover. The range for heartbeat frequency is once every 250-2000 milliseconds on a common subnet, and 250-4000 milliseconds across subnets. The range for missed heartbeats is from 3 through 10.
3.To change the heartbeat settings, run one or more of the following commands. Note that the first two commands affect nodes on a common subnet and the second two commands affect communication across subnets:
cluster /cluster: /prop SameSubnetDelay=cluster /cluster: /prop SameSubnetThreshold=cluster /cluster: /prop CrossSubnetDelay=cluster /cluster: /prop CrossSubnetThreshold=
4.To confirm that the heartbeat settings are set as intended, run the following command: cluster /cluster: /prop
5.View the network names of resources currently configured on the cluster by running the following command:cluster /cluster: res
6.Determine which IP addresses should be registered in DNS for your cluster: either all IP addresses on which a network name resource depends, or only the IP address that successfully comes online (that is, the IP address on the subnet of the node that currently owns that network name resource). For background information about this setting, see the link at the beginning of this topic.The default is to register only the IP address that successfully comes online.
7.Choose and run only one of the following commands, substituting the name of the resource for :
* To cause all IP addresses on which a network name resource depends to be registered, run the following command:
cluster /cluster: res /priv RegisterAllProvidersIP=1
* To cause only the IP address that successfully comes online to be registered, run the following command:
cluster /cluster: res /priv RegisterAllProvidersIP=0
8.Determine the value to use for the DNS setting called Time to Live (TTL). As an example, the value recommended for Exchange Server 2007 is five minutes, which equals 300 seconds. If you do not adjust the TTL value, it defaults to 20 minutes (1200 seconds). For background information about TTL, see the link at the beginning of this topic.
9.To change the TTL setting, run the following command:
cluster /cluster: res /priv HostRecordTTL=
where is the name of the clustered resource that you want to set the TTL value for, and is the value you want to set for TTL.
10.To confirm that all the DNS settings are set as intended for a given network name resource, run the following command:
cluster /cluster: res /priv
11.Take the clustered service or application offline and bring it back online, using the method you are most familiar with. For example, to use the Failover Cluster Management snap-in, under Services and Applications, right-click the service or application and click Take this service or application offline, then right-click again and click Bring this service or application online.

Enabling Remote Desktop Remotely :)

In a case you want to remote access a Windows XP professional workstation or Windows 2003 Server and the system Remote Desktop is not enabled, or no one over there to help you to enable it, you may have an option to enable Remote Desktop remotely by using regedit.
1.Run REGEDIT from Start>Run
2.Click on File, then select Connect Network Registry
3.Type the remote computer IP or host name in the Enter the object name to select and the click OK
4.If you don’t have permission to access the remote computer, the logon screen will show up. Type the username and password for the remote computer. Then click OK
6.Now, the remote computer is listed in the Registry Editor.
Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server.
7.In the right panel, select fDenyTSConnection (REG_DWORD). Change the value data from 1 (Remote Desktop disabled) to 0 (Remote Desktop enabled).

How to change Terminal Server’s listening port

By default Terminal Server and Windows 2000 Terminal Services uses TCP port 3389 for client connections. Microsoft does not recommend that this value be changed. However, if it becomes necessary to change this port, follow these instructions.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

To change the default port for all new connections created on the Terminal Server:

1. Run Regedt32 and go to this key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
NOTE: The above registry key is one path; it has been wrapped for readability.

2. Find the “PortNumber” subkey and notice the value of 00000D3D, hex for (3389). Modify the port number in Hex and save the new value.

To change the port for a specific connection on the Terminal Server:
* Run Regedt32 and go to this key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\connection
NOTE: The above registry key is one path; it has been wrapped for readability.
3. Find the “PortNumber” subkey and notice the value of 00000D3D, hex for (3389). Modify the port number in Hex and save the new value.

NOTE: Because the use of alternate ports has not been fully implemented for Terminal Server 4.0, support will be provided as “reasonable effort” only, and Microsoft may require you to set the port back to 3389, if any problems occur.

Understanding IIS 6.0 Architecture

The following is a checklist of essential concepts associated with the architecture of IIS 6:
http.sys, the Kernel Mode HTTP Listener, is responsible for handling incoming HTTP requests.
Kernel mode queuing allows HTTP requests to be queued until the appropriate worker process can handle them.
The IIS Admin Service (inetinfo.exe) manages the FTP, SMTP, and NNTP Services but not HTTP.
Web applications can no longer be hosted in-process within inetinfo.exe.
The Web Administration Service (WAS), a new component of the WWW Publishing Service (W3SVC), is responsible for managing the health of worker processes and maintaining the metabase.
Instances of W3SVC (and hence the WAS) run as a DLL within a host process called svchost.exe.
Worker processes are implemented as instances of the executable w3wp.exe and can host ISAPI applications and filters, ASP applications, CGI applications, and static web content.
Using processor affinity, a worker process can be assigned to a specific processor on a symmetric multiprocessing (SMP) machine.
All applications running on IIS 6 run within application pools, which consist of one kernel mode http.sys request queue and one or more worker processes.
An application pool can host one or more applications running within it.
A web garden is an application pool served by multiple worker processes.
Demand Start allows applications to be loaded on-demand into their application pool when the first HTTP request for the application is received.
Idle Timeout allows a worker process to be shut down to save memory if the application using it has not been used for a period of time.
Process recycling allows worker processes to be restarted periodically to support applications that have memory leaks or other problems.
Orphaning allows IIS to kill hung worker processes and start new ones to replace them.
Rapid fail protection lets an application pool be switched to out-of-service if it fails frequently.
Worker process isolation mode is the mode supporting new IIS 6 features such as worker processes, application pools, web gardens, and so on.
IIS 5 isolation mode is an alternative IIS 6 mode to ensure compatibility with legacy applications that will not run properly in worker process isolation mode.

Source :IIS 6 Administration

/PAE Switch in Windows Servers

After installing Windows 2000 (Datacenter Server or Advanced Server) or Windows 2003, system properties shows that only around 3.37 GB of physical memory (RAM) is available for application and system use, although 4 GB or more RAM modules have been installed, and BIOS can correctly identifies the full installed size of physical memory, which means that the motherboard and x86 or x64 CPU processor can support more than 4 GB of physical memory. 2-bit Windows operating system depends on PAE (Physical Address Extension) feature to use more than 4 GB of physical memory. On most Windows 2000 and Windows Server 2003 system, especially those run in NUMA mode on a NUMA-capable computer. PAE is disabled by default. PAE is enabled by default only if DEP (Data Protection Execution) is enabled on a computer that supports hardware-enabled DEP, or if the computer is configured for hot-add memory devices in memory ranges beyond 4 GB. Thus, if PAE is not enabled in Windows 2000 and Windows Server 2003 (for example, if DEP is turned off by administrator), the system may not able to detect, identify and see more than 4GB memory, and will have to allocate slightly more than 3GB of memory for system and application only as some memory address space has to be reserved and mapped for system devices and peripherals.To enable PAE in Windows Server 2003 and Windows 2000 (and Windows XP), append the /PAE switch to the end of the line of operating system in the Boot.ini file. To disable PAE, use the /NOPAE switch.
The Boot.ini normally located in the root folder (i.e. C:\) with Read-Only and Hidden attributes, which are required to be removed before the file can be edited. For example,
Original Boot.ini:
[boot loader]
timeout=0
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT[operating systems]multi(0)disk(0)rdisk(0)partition(1)\WINNT=”Microsoft Windows 2000 Advanced Server” /fastdetect
Change the Boot.ini to become:
[boot loader]
timeout=0
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT[operating systems]multi(0)disk(0)rdisk(0)partition(1)\WINNT=”Microsoft Windows 2000 Advanced Server” /fastdetect /PAE
For Bootcfg command, use:
bootcfg /raw “/pae” /A /ID 1
Restart the computer after modification to make the change effective.Note that even with PAE enabled, there is still memory limit imposed by the operating system itself. The table below list the maximum memory support with PAE enabled for Windows 2000, Windows Server 2003 and Windows XP. Most 32-bit client based Windows operating system, such as Windows XP and Windows Vista, has OS level limit that restricts the maximum amount of memory able to be used to 4GB.
Operating system : Windows 2000 Advanced Server
Maximum memory support with PAE : 8 GB of physical RAM
Operating system : Windows 2000 Datacenter Server
Maximum memory support with PAE : 32 GB of physical RAM
Operating system : Windows XP (all versions)
Maximum memory support with PAE : 4 GB of physical RAM
Operating system : Windows Server 2003 (and SP1), Standard Edition
Maximum memory support with PAE : 4 GB of physical RAM
Operating system : Windows Server 2003, Enterprise Edition
Maximum memory support with PAE : 32 GB of physical RAM
Operating system : Windows Server 2003, Datacenter Edition
Maximum memory support with PAE : 64 GB of physical RAM
Operating system : Windows Server 2003 SP1, Enterprise Edition
Maximum memory support with PAE : 64 GB of physical RAM
Operating system : Windows Server 2003 SP1, Datacenter Edition
Maximum memory support with PAE : 128 GB of physical RAM

Moving a SSL cert between Windows Servers

There’s two parts to moving a SSL cert. First, you will need to export the certificate on the old server. Then, you will need to import the cert to the new server. Here is a detailed description of the process to follow for both steps: Here are the steps you should follow to export to the cert on the existing server:

1) Go to Start -> Run and enter MMC

2) From the menu bar, select Console -> Add Remove Snap In

3) Click the “Add” button. Select the Certificates snap in, and then click “Add” again

4) Choose the “Computer Account”. Click Next.

5) Select “Local Computer” Click Finish.

6) Now click “Close” and then “OK”

7) Now expand the “Certificates” object in the MMC and drill down to Personal -> Certificates.

8) You should see your existing cert. listed. Right click on the cert and go to All Tasks -> Export

9) Choose “Yes, export the private key”. Click “Next”.

10) At the next screen, leave the default settings and hit “Next”

11) Enter a password to secure the exported cert. Click Next.

12) Enter a file name. The cert will be exported to this file name. Click Next. 13) Click Finish.

On the destination server, follow this procedure:

1) Copy the exported file over to the new server

2) Follow steps 1-7 outlined above

3) Right Click on the certificiates folder and choose “All Tasks -> Import “

4) Click Next. Browse to the file you copied over in step 1. Click Next

5) Enter the password you entered in step 11 above. Check the box “Mark the private key as exportable”. Click Next

6) You want to place the cert into the Personal store – this is selected by default. Click Next.

7) Click Finish.

8) Now you will need to go into IIS and assign the SSL cert to the site.

How to enable sound in Remote Desktop sessions on WinServer 2k3

By defult you cant hear any sound when you connect remotely to windows 2003 server and the sound module is disabled ,and even if you enable it, it doesnt work.
you can check this link to know how enable sound over a remote session

http://blog.andreloker.de/post/2008/08/26/How-to-enable-sound-in-Remote-Desktop-sessions-on-WinServer-2k3.aspx

What Is svchost.exe And Why Is It Running?

You are no doubt reading this article because you are wondering why on earth there are nearly a dozen processes running with the name svchost.exe. You can’t kill them, and you don’t remember starting them… so what are they?

So What Is It?

According to Microsoft: “svchost.exe is a generic host process name for services that run from dynamic-link libraries”. Could we have that in english please?

Some time ago, Microsoft started moving all of the functionality from internal Windows services into .dll files instead of .exe files. From a programming perspective this makes more sense for reusability… but the problem is that you can’t launch a .dll file directly from Windows, it has to be loaded up from a running executable (.exe). Thus the svchost.exe process was born.

Why Are There So Many svchost.exes Running?

If you’ve ever taken a look at the Services section in control panel you might notice that there are a Lot of services required by Windows. If every single service ran under a single svchost.exe instance, a failure in one might bring down all of Windows… so they are separated out.

Those services are organized into logical groups, and then a single svchost.exe instance is created for each group. For instance, one svchost.exe instance runs the 3 services related to the firewall. Another svchost.exe instance might run all the services related to the user interface, and so on.

So What Can I Do About It?

You can trim down unneeded services by disabling or stopping the services that don’t absolutely need to be running. Additionally, if you are noticing very heavy CPU usage on a single svchost.exe instance you can restart the services running under that instance.