You are currently browsing the archives for the Windows Server category.

CONFIGURING FTP IN ISOLATION MODE (IIS6)

 

CONFIGURING FTP IN ISOLATION MODE (IIS6)
(WINDOWS SERVER 2003)

 
 

1. Installing
IIS6 FTP on Windows Server 2003:

If using the new style Start menu: Click on “Start”,
“Control Panel”, “Add or Remove Programs”
and select the “Add/Remove Windows Components”
tab on the left-hand side.

If using the "Classic" style Start menu: Click
on “Start”, “Settings”, “Control
Panel”, “Add or Remove Programs” and
select the “Add/Remove Windows Components”
tab on the left-hand side.

In the “Windows Components Wizard”, highlight
the “Application Server” and press the “Details”
button. The screen below will be displayed (Fig 1).

Figure 1
Figure 1 – The Application Server Screen

Highlight the “Internet Information
Services (IIS)” option and press “Details”
(as shown in Fig 1 above).

Figure 2
Figure 2 – The Internet Information Services
(IIS) Screen

On the next screen (Fig 2 above) we highlight
“File Transfer Protocol (FTP) Service”.

Click “OK” to close each window
and “Next” to install the newly-selected
components. You will be asked to insert your Windows
Server 2003 disk. Click “Finish” once the
installation is complete.

You have now installed the FTP service.

 
 


 
 

Figure 3
Figure 3 – Setting up your FTP Root Directory

2. The FTP Root Directory

In order to use FTP in "Isolation" mode, we
need to construct the FTP Root so that users are "Dropped"
into their correct home directory.

The structure illustrated above contains two subdirectories,
"localuser" and my domain "simongibson"
which contain home directories for each user. These
user sub-directories must match their respective username
exactly. If not, the user will not be able to log onto
your FTP server.

Create the directory structure above to match your configuration.
The "FTPRoot" directory can be placed anywhere
on your system.

 
 


 
 

Figure 4
Figure 4 – Where to find the IIS Manager

3. Where to find the IIS Manager:

If you are using the new style Start menu, you can reach
the Internet Information Services console by clicking
“Start”, “Administrative Tools”
and selecting “Internet Information Services (IIS)
Manager” from the list in figure 4 above.

If you are using the “Classic” style Start
Menu, you can reach the console by clicking “Start”,
“Programs”, “Administrative Tools”
and select “Internet Information Services (IIS)
Manager” from the list in figure 4 above.

 
 


 
 

Figure 5
Figure 5 – Removing the Default FTP Site in
IIS 6

4. Removing the Default FTP Site in IIS 6:

The first task is to remove (delete) the Default FTP
Site. This site does not use Isolation and matches IIS5
FTP sites in terms of functionality and security. As
we are going to use Isolation, we will need to create
a fresh FTP site.

Simply right-click on the Default FTP Site and press
"Delete" in the menu that appears.

 
 


 
 

Figure 6
Figure 6 – Creating a fresh FTP Site in IIS.

5. Creating a fresh FTP site:

To create a new FTP site, simply right-click on "FTP
Sites" and select "New" and "FTP
Site…". Then, press "Next" to begin
the FTP Site Creation Wizard.

 
 


 
 

Figure 7
Figure 7 – FTP Site Creation Wizard: FTP Site
Description

6. FTP Site Creation Wizard: FTP Site Description

This is the name that will appear in the "FTP Sites"
list in IIS. I’m going to use my imagination and call
this site "FTP".

Click Next.

 
 


 
 

Figure 8
Figure 8 – FTP Site Creation Wizard: IP Address
and Port Settings

7. FTP Site Creation Wizard: IP Address and
Port Settings

Simply select your server’s IP address from the list
(this is usually the only one listed).

You can also change the TCP Port if required but this
is not recommended.

Click Next.

 
 


 
 

Figure 9
Figure 9 – FTP Site Creation Wizard: FTP User
Isolation

8. FTP Site Creation Wizard: FTP User Isolation

This screen allows you to choose the type of Isolation
you want to use:-

"Do not isolate users"
Although this option allows users to be "dropped"
into their own home directory (if one exists under the
FTP root that exactly matches their username), it’s
NOT able to stop them moving up out of their directory
and into those belonging to other users.

"Isolate users"
This option Isolates users based on the directory structure
under the FTP root directory (see Step 2). This is the
easiest of the two Isolation methods and the method
we will use in this tutorial.

"Isolate users using Active Directory"
This option Isolates users by getting their "FTP
Home Directory" from the Active Directory. The
advantage of this is that new users can be added without
the need to modify your FTP site. However, the "FTP
Home Directory" can not be entered using the Active
Directory snap in and must be configured from the command
line by using a VBScript utility.

As shown in Figure 9 above, select "Isolate Users"
and press "Next".

 
 


 
 

Figure 10
Figure 10 – FTP Site Creation Wizard: FTP Site
Content Directory

9. FTP Site Creation Wizard: FTP Site Content
Directory

This step defines the FTP Root directory. Select the
FTP Root directory you created in Step 2 (Figure 3).

 
 

 
 

Figure 11
Figure 11 – FTP Site Creation Wizard: FTP Site
Access Permissions

10. FTP Site Creation Wizard: FTP Site Access
Permissions

This step allows you to define read or write access
for your FTP site. In this case, I intend to allow files
to be uploaded so I’ve ticked the "Write"
box.

Click Next then click Finish to complete the Wizard.

Your FTP Site is now ready for use. To test it, simply
open Internet Explorer and enter the URL ftp://192.168.0.1
(or your Server’s IP address if different). You should
then log in and be automatically "Dropped"
into your home directory.

 
 
Categories: Windows ServerBookmark

Fix Stop 0x00000077 or KERNEL STACK INPAGE ERROR

The following error message may be displayed on your Windows Server:

Stop 0x00000077

Or

KERNEL_STACK_INPAGE_ERROR

Cause of the Error

This error, also known as the Stop 0x77 error, is displayed when either:

  • The master boot record (MBR) of your system is infected with a boot sector virus, or
  • Paging file is unable to read a requested kernel data into memory.

To find the cause of the error it is essential to further interpret the error message. If, in the error code, both first and third parameters are zero, then the four parameters are defined in the following way:

1 – Zero (0)
2 – Page Table Entry (PTE) value at time of error
3 – Zero (0)
4 – Address of kernel stack signature

In case either, the first or third parameter is not zero then the following will apply:

1 – Status code
2 – Status code of I/O
3 – Number of Page File
4 – Offset into Page File

In this case, the cause of the problem is determined by the second parameter that depicts the I/O status code. The following information listed in the value of the second parameter helps you determine the general cause of the error message:

0xC000000E (STATUS_NO_SUCH_DEVICE): The required drive is unavailable, indicating either one or all of the following are bad:

  • Hard drive
  • Disk controller
  • Disk array

0xC000009A (STATUS_INSUFFICIENT_RESOURCES): Non-paged resources are not available.

0xC000009C (STATUS_DEVICE_DATA_ERROR): There are bad blocks on the hard disk.

0xC000009D (STATUS_DEVICE_NOT_CONNECTED): Cable is bad or is not terminated, or the controller is unable to gain access to the hard disk.

0xC000016A (STATUS_DISK_OPERATION_FAILED): There are bad blocks on the hard disk.

0xC0000185 (STATUS_IO_DEVICE_ERROR): SCSI-based devices are not terminated properly or the cable is defective. Or, two devices are trying to gain access to the same IRQ.

Resolution Methods

You can use the following methods to resolve these errors.

Method 1: Scan and Remove Boot Sector Virus

To scan the MBR of your system, use a reliable Antivirus tool  and scan the boot sector of your system. If there is an infection in the boot sector, your antivirus tool should clean it and resolve the problem.

Method 2:

If the error is not caused due to a boot sector virus, perform the following tasks.

First, open the Event Viewer on your Windows computer and then in the System log look for additional error messages that may help you determine the device that is causing the error.

If the first and second parameters are zero (0), it indicates that the stack signature could not be located in the kernel stack. This problem occurs due defective hardware.

Now, if the I/O status is C0000185 and the paging file exists on a SCSI hard disk, you must ensure that there is no problem with SCSI termination and cabling.

In case the I/O status code is 0xC000009C or 0xC000016A, it usually indicates that there are bad blocks on the disk due to which data could not be read. In this case, when you reboot your Windows PC, the Autochk must run automatically on the system to determine and mark the bad sector. In case the tool does not run automatically, you must manually run it to determine the bad sector(s) on the disk. In case you have NTFS partition on your hard disk, run the Chkdsk /f /r on the system partition. Also, you must reboot the system before the scanning process starts. If you are unable to start the PC, use the Command Prompt of your Windows computer to run the Chkdsk /r command.

Some of the other tasks that you can perform to repair the error are:

  • Ensure that RAM or memory of your computer is not defective.
  • Ensure that all adaptors are properly seated in their slots.
  • Ensure that the connectors of all adaptors connected to your system are clean.
  • Disable system caching from BIOS to see if doing this resolves the issue.
  • Check your motherboard for faults.
Categories: Windows ServerBookmark

“Getting userenv 1030 and 1058 in event viewer”

 

RESOLUTION:

>> We were getting “access is denied” when we tried to edit any of the group policies.

>> Checked the event viewer.

1)

Event Type:       Error

Event Source:    Userenv

Event Category: None

Event ID:           1030

Date:                12/1/2006

Time:                11:27:36 AM

User:                NT AUTHORITYSYSTEM

Computer:         SRV01

Description:

Windows cannot query for the list of Group Policy objects. Check  the event log for possible messages previously logged by the policy  engine that describes the reason for this.

 

For more information,  see Help and Support Center at 

 

2)

Event Type:       Error

Event Source:    Userenv

Event Category: None

Event ID:           1058

Date:                12/1/2006

Time:                11:27:36 AM

User:                NT AUTHORITYSYSTEM

Computer:         SRV01

Description:

Windows cannot access the file gpt.ini for GPO  CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC= biftheque,DC=local. The file must be present at the location  <<

 

For more information, see Help and Support  Center at

 

>> Went to regedit:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanworkserverparameters

enablesecuritysignature = 1

requiresecuritysignature = 0

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanworkstationparameters

enablesecuritysignature = 1

requiresecuritysignature = 0

>> Went to Group Policy Editor — Default Domain Controller Policy — Windows Settings — Security Settings — Local Policy — Security Options —

* Microsoft network server: Digitally sign communications (always) — Disabled

* Microsoft network server: Digitally sign communications (if client agrees) — Enabled

* Microsoft network client: Digitally sign communications (always) — Disabled

* Microsoft network client: Digitally sign communications (if server agrees) — Enabled

>> Ran gpupdate /force — to refresh the group policies.

>> Refreshed the event viewer. Got Scecli information which meant that everything was working correctly.

>> Issue resolved.

http://go.microsoft.com/fwlink/events.asp.\YOURDOMAIN.localsysvolYOURDOMAIN.localPolicies{31B2F340-016D-1 1D2-945F-00C04FB984F9}gpt.ini>>. (Access is denied. ). Group Policy  processing aborted. http://go.microsoft.com/fwlink/events.asp. 

Getting userenv 1030 and 1058 in event viewer

Categories: Windows ServerBookmark

How to shrink and extend NTFS partitions in Windows with DISKPART

How to shrink and extend NTFS partitions in Windows with DISKPART

Windows  provides the ability to resize volumes directly from the command line using the Diskpart utility. The Windows Diskpart utility is a command line program for managing the disk partitions, or volumes, on your computer. Some of the tasks you can do with this utility include repartitioning drives, deleting partitions, creating partitions, changing drive letters, and now shrinking and expanding volumes.

To access the diskpart utility follow these steps:

  1. Click on the Start Menu button.
  2. In the Run/Search field type Diskpart and press the enter key on your board.
  3. Windows Vista may ask if you want to allow this program to run and you should press the Continue button.
  4. A command prompt will now open and you will be within the Diskpart console. For a list of commands that you can use within the Diskpart console you can type help. For the help instructions for a particular command you can type the name of the command followed by help, such as select help .

Before you can expand or shrink a volume using Diskpart you must first select the volume you would like to work with. To do this you need to use the list volume command to find the IDs associated with each volume. When you type list volume and then press enter, diskpart will display a list of Windows volumes on your computer. Next to each volume will also be a numbers that can be used to identify that specific volume. An example of what the list volume command looks like can be found below.

List volume in diskpart

After determining the ID of the volume that you would like to work with, you need to select that volume using the select volume command. To use this command you would type select volume ID, where ID is the ID associated with the volume you found using the list volume command. Now that the volume has been selected, diskpart knows that any further commands will be associated with this particular volume until you enter another select volume command.

To shrink a selected volume you would use the shrink command. The shrink command has two arguments that you can use to define how you want diskpart to shrink the volume. The first argument is desired= which will shrink the volume by the desired amount in MB if possible. The second argument is minimum= which tells diskpart that it should only shrink the volume if it can shrink it by the specified amount in MB. If you do not use either of these arguments, diskpart will shrink the partition by the maximum amount possible. If you would like to determine the maximum amount of space that you can shrink a volume, you can type the shrink querymax command.

Shrink examples are:

Command
What it does
shrink desired=2048 This command will shrink the volume by 2 GB if possible.
shrink minimum=2048 This command will shrink the volume as much as possible, but fail if there is less than 2GB available to shrink it by.
shrink This command will shrink the volume by the maximum it can be.

Vista Shrink from command line
Shrinking a volume from the command line

To extend a selected volume you would use the extend command. For the extend command the most common arguments are size and disk. The size= argument will extend the selected volume by the desired amount of MB. The disk= argument allows you to specify the disk which has the free space you wish to extend a volume with. If no argument, or no disk= argument, is provided when using the extend command, diskpart will use all the available space on the current disk to extend the volume. As said previously, we strongly suggest that you do not use the disk= argument to extend a volume onto another disk as this increases your chance of losing data if one of the two drives has a hardware failure.

Extend examples are:

Command
What it does
extend size=2048 disk=2 This command will extend the volume by 2 GB using the free space from disk 2..
extend size=2048 This command will extend the volume by 2GB from the same disk.
extend This command will extend the volume as much as it can be.

Categories: Windows ServerBookmark

Transferring the roles and copying the files over to a new DC

Steps for Transferring the FSMO Roles
To transfer the PDC,RID and then Infrastructure Master roles
Open dsa.msc and right click on the domain name and click on Operations Master and click on change to change the DC
To transfer the Domain Naming Master Role
Open domain.msc and right click on the domain name and click on operations master and click on change
To transfer the Schema Master
Start-Run-regsvr32 schmmgmt.dll
Open the schema snap in and transfer the role

Categories: Windows ServerBookmark