2007/12/31

以管理為優先的Windows Server 2003 R2（上）
Microsoft Services for NFS的前身是Services for UNIX 3.5，但更新後的Microsoft Services for NFS還具有下列新功能：
•x64 位元的支援：Microsoft Services for NFS可安裝在Windows Server 2003 R2的所有版本上，包括x64位元版本。
•更新的Microsoft Services for NFS Administration，這是MMC嵌入式管理單元，讓管理者能以圖形介面工具管理NFS。
•更穩定的可靠性
•支援特殊的UNIX裝置（mknod）
Microsoft Services for NFS允許UNIX用戶端存取Windows Server 2003 R2上的資源。企業或組織內若有UNIX檔案伺服器和UNIX用戶端，而且UNIX用戶端可存取UNIX檔案伺服器裡的檔案資源，若要充分利用Windows Server 2003 R2的功能（例如共用資料夾的陰影複製），可以將UNIX檔案伺服器上的資源，移至Windows Server 2003 R2伺服器，然後設定Microsoft Services for NFS，以啟用執行NFS軟體的UNIX用戶端存取權，如此一來，所有UNIX用戶端都不需要進行任何變更，就可以透過NFS通訊協定存取移至Windows Server 2003 R2伺服器的檔案資源。

此外，Microsoft Services for NFS也可以讓Windows Server 2003 R2伺服器存取UNIX檔案伺服器上的資源。例如混用Windows與UNIX的環境，可能會有資源（例如檔案）存放在UNIX檔案伺服器，若UNIX檔案伺服器也使用NFS，就可以使用Microsoft Services for NFS讓Windows Server 2003 R2伺服器存取UNIX伺服器上的資源。

Password expiration messages no longer appear in Outlook Web Access after you update Exchange Server 2003

XADM: Notifying Exchange and Outlook Clients of Password Expiration

XADM: Notifying Exchange and Outlook Clients of Password Expiration: "Password Expiration Warning Application "

14 Day Password Change Notification Cannot Be Changed

2007/12/06

AudioCodes Media Gateways for Microsoft Office Communications Server 2007 Resource Page

deltathree Products - Set-up Instructions

VOIP

FXO與FXS之分別
FXO(Foreign eXchange Office)與FXS(Foreign eXchange Station)他們是一對。比如家裏面用的電話，是用一個線，把你家電話和郵電局的交換機連在一起。交換機上面的那個介面就是FXS,你家電話上的那個口就是FXO。FXS要提供電流，FXO就像一個開關，負責線路的閉合（拿起話機）和打開（掛上話機）這些都是電信上面的知識，VOIP常見的介面類型（和交換機連接）。過去沒有規範的時候， FXS也叫AL FXO叫做AT。FXO是接PBX或者PSTN的，FXS是接電話機的。如果一個閘道上有FXO口和FXS口的，那接FXS口的電話可以打通FXO口所連的網路。

FXO與FXS應用架構圖。
FXS--可接一般話機、傳真機、PBX 外線，提供 Dial-Tone 跟 Voltage
FXO--可接局端來的電話線、PBX 內線，送出 DTMF 完成撥號動作

傳統電話交換機 PBX 與 VGW (Voice Gateway) 的串接
PBX(交換機) 為一般企業中使用的語音交換機，為了讓多人可同時並方便使用 VOIP 語音服務，VGW 與 PBX 的串接方式就顯得格外重要。此外，市面上 PBX 型號形形色色，PBX 所發送的訊號亦是非常複雜，無法以單一設定串接所有 PBX。

How To Configure IPSec Tunneling in Windows Server 2003

You receive a "Request timed out" error message when you use the Ping.exe command-line utility to verify network connectivity between Windows Server 2003-based NLB servers

2007/11/28

You cannot invite anonymous participants to a Web conference in Communications Server 2007

Flight Deck : Publicly routable IP address needed for A/V Edge server

2007/11/27

可惡偷車賊

2007/11/26

System Center Operations Manager 2007 Training Videos

2007/11/25

OpsMgr, SCE And MOM Blog : System Center Essentials post RTM Hotfix Rollup released to the Web

OpsMgr, SCE And MOM Blog : System Center Essentials post RTM Hotfix Rollup released to the Web

Does the hotfix rollup apply to you?
If you already have Essentials installed this hotfix rollup does not apply to you.
If you already have Essentials installed and you experience the symptoms referred to in KB936339 or KB937467 please refer to those KB articles on how to obtain the hotfixes separately so that you can apply them in your environment.

Description of System Center Essentials 2007 post-release hotfix rollup

ReSearch This! - Rod Trent at myITforum.com

ReSearch This! - Rod Trent at myITforum.com
ReSearch This! is a common repository for sharing your knowledge on how to resolve alerts for Operations Manager 2007, System Center Essentials and Microsoft Operations Manager 2005. It provides a method to search the SystemCenterForum community repository for alert resolutions and to submit information to share how you have resolved alerts in your environment.
I like to think of this as shared “company knowledge” for the community at large.
These management packs are available for download at:
http://systemcenterforum.org/wp-content/uploads/ReSearchThisOpsMgr.zip (Operations Manager 2007 and SCE)

2007/11/23

CE 500 smartport

Smartport Roles

The Smartports are preconfigured switch ports that provide preset Cisco recommended network enhancements, Quality of Service (QoS) and security. Catalyst Express 500 series switches have a number of Smartport roles. Each port role is just a configuration template. With these templates, users can consistently and reliably configure essential security, availably, and QoS features with minimal effort and expertise. Smartport roles simplify the configuration of critical features.

The port roles are based on the type of devices to be connected to the switch ports. For example, the Desktop port role is specifically for the switch ports that are connected to desktop or laptop PCs.

Smartport Role	Description
Desktop	Apply this role to ports that are connected to desktop devices, such as desktop PCs, workstations, notebook PCs, and other client-based hosts. Optimized for desktop connectivity Configurable VLAN setting Port security enabled to limit unauthorized access to the network
Switch	Apply this role to ports that are connected to other switches. Configured as an uplink port to a backbone switch for fast convergence Enables 802.1Q trunking Configurable native VLAN
Router	Apply this role to ports that are connected to WAN devices that connect to the Internet, such as routers and Layer 3 switches with routing service capabilities, firewalls, or VPN Concentrators. Configured for optimal connection to a router or firewall for WAN connectivity Enables 802.1Q trunking Configurable native VLAN
IP Phone+Desktop	Apply this role to ports that are connected to IP phones. A desktop device, such as a PC, can be connected to the IP phone. Both the IP phone and connected PC have access to the network and the Internet through the switch port. This role prioritizes voice traffic over data traffic to ensure clear voice reception on the IP phones. Optimized QoS for IP Phone + Desktop configurations Voice traffic is placed on Cisco-Voice VLAN Configurable data VLAN QoS level assures Voice over IP (VoIP) traffic takes precedence Port security enabled to limit unauthorized access to the network
Access Point	Apply this role on switch ports that connect to non-Power over Ethernet (PoE) and PoE-capable wireless access points (APs). Connected to the AP are mobile devices, such as wireless laptop PCs. Configured for optimal connection to a wireless access point Enables 802.1Q trunking Configurable native VLAN Note: Functionality of Cisco Wireless Bridges are more similar to that of a switch. So, Cisco recommends the Switch smartport role for Wireless Bridges.
Server	Apply this role to ports that are connected to servers that provide network services, such as Exchange servers, collaborative servers, terminal servers, file servers, Dynamic Host Configuration Protocol (DHCP) servers, IP private branch exchange (PBX) servers, and so on. This role is for Gigabit or non-Gigabit ports, based on the server type to be connected. Configurable VLAN Port security enabled to limit unauthorized access to the network This role prioritizes server traffic as trusted, critical, business, or standard, based on the function of the server. Trusted—For use with Cisco CallManager Express. The same QoS setting as Voice (VoIP traffic is prioritized). Critical—For critical servers with QoS set higher than the default. Business—The default setting. QoS is higher than desktop Internet traffic. Standard—For servers set to the same level as regular desktop Internet traffic.
Printer	Apply this role on switch ports that connect to a printer, such as a network printer or an external print server. This role prevents printer traffic from affecting voice and critical data traffic. QoS settings for Printer are the same as Desktop, Access Point, and Standard Server Configurable VLAN Port security enabled to limit unauthorized access to the network
Guest	Apply this role to ports that are connected to desktop devices and to APs to provide guest wireless access. Guests are allowed access to the Internet, but not to the company network. All guest ports are placed on the Cisco-Guest VLAN. Port security enabled to limit unauthorized access to the network.
Other	Apply this role on switch ports if you do not want to assign a specialized role on the port. This role can be used on connections to guest or visitor devices, printers, desktops, servers, and IP phones. It allows for flexible connectivity of non-specified devices. Configurable VLAN No security policy No QoS policy
Diagnostic	Customers can connect diagnostics devices to monitor traffic on other switches (can be configured using Cisco Network Assistant only).

Catalyst Express 500 Series Switches Configuration Example - Cisco Systems

Catalyst 500 Series Switches Troubleshooting [Cisco Catalyst Express 500 Series Switches] - Cisco Systems

2007/11/15

You may experience network-related problems after you install Windows Server 2003 SP2 or the Scalable Networking Pack on a Windows Small Business Server 2003-based computer

You cannot host TCP connections when Receive Side Scaling is enabled in Windows Server 2003 with Service Pack 2

2007/11/13

Network Access Protection

2007/11/11

How to capture network traffic with Network Monitor

How to replace the current primary DNS server with a new primary DNS server in Windows Server 2003

Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS

Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS
DNS觀念釐清,好文分享

2007/11/08

指令OK !

dlsw icannotreach sap F0 @ HQ

2007/11/07

Cisco - Understanding Service Access Point Access Control Lists

Cisco - Understanding Service Access Point Access Control Lists:
Filtering NetBIOS
NetBIOS traffic uses SAP values 0xF0 (for commands) and 0xF1 (for responses). Typically, network administrators use these SAP values to filter this protocol. The access list entry shown below permits NetBIOS traffic and denies everything else (remember the implicit deny all at the end of each ACL):
access-list 200 permit 0xF0F0 0x0101
Using the same procedure shown in the previous section, you can determine that the above ACL permits SAPs 0xF0 and 0xF1.
On the contrary, if the requirement is to block NetBIOS and allow the rest of the traffic, use the following ACL:
access-list 200 deny 0xF0F0 0x0101
access-list 200 permit 0x0000 0xFFFF

IBM - 4690 OS and communication with S/390 using SNA via WAN with routers to provide 3270 sessions

IBM - 4690 OS and communication with S/390 using SNA via WAN with routers to provide 3270 sessions

Problem
I want to know the specific configuration to communicate to a 4690 OS store controller with IBM® Mainframe S/390® using SNA via WAN where routers are included, to provide 3270 sessions. How can we filter the messages from the POS system to permit only IP and SNA (3270 emulation) messages to be sent and received between locations? We do not want NetBIOS messages to exit from the store.
Two solutions to the IP and SNA WAN need are listed below. This LAN-WAN support is provided by the routers, and the only 4690 tuning required would be to review 4690 SNA timers for WAN delay implications. Search the Knowledgebase for "4690 OS Logical File Names" for information regarding LAN/SNA timers.1) Route IP and bridge SNA
Setting up a router to route IP and bridge SNA is feasible and is a normal capability of routers. It is recommended that other non-routable protocols be prevented from traversing the WAN, so filters might have to be put in place to Deny RPL, NetBIOS and TCC frames. If you are using SAP filters, the associated SAPs are:
0xF0 for NetBIOS Flows
0xE8 for TCC flows
0xF8 and 0xFC for RPL flowsConsult your router vendor documentation about how to set up this environment.2) Route IP and use Encapsulation Technique for SNA
Many router vendors provide an encapsulation technique to pass SNA data over the IP network. In IBM router products (2210, 2212, and 2216) two strategies are available:
Data Link Switch
Enterprise Extender Consult your router documentation for details about encapsulation techniques.

Cisco - DLSw+ SAP/MAC Filtering Techniques

Cisco - DLSw+ SAP/MAC Filtering Techniques
Contents
Introduction Network Diagram DLSw+ SAP Filtering Techniques
Configuring LSAP Output Access Lists at Remote Offices Configuring dlsw icannotreach saps at Central Router Configuring dlsw icanreach saps at Central Router DLSw+ MAC Filtering Techniques
Configuring dlsw icanreach mac-address at Central Router Configuring dlsw icanreach mac-exclusive at Central Router Configuring dlsw mac-address at Remote Routers Configuring dlsw icanreach mac-exclusive remote at Central Router Related Information

System Center Essentials 2007 支援的 Microsoft SQL Server 版本

部署環境需求

以下清單說明 System Center Essentials 2007 支援的 Microsoft SQL Server 版本。

SQL Server 2005 Express Edition SP1 或更新版本 (限 32 位元)
SQL Server 2005 Workgroup Edition SP1 或更新版本 (限 32 位元)
SQL Server 2005 Standard Edition SP1 或更新版本 (32 位元及 64 位元)
SQL Server 2005 Enterprise Edition SP1 或更新版本 (32 位元及 64 位元)

網路芳鄰亂碼

Master Browser被Linux NAS搶走造成

2007/11/05

IBM - 4690 OS, Configuring TCP/IP when using both a Token Ring and Ethernet Card

2007/11/04

公路局公路監理業務

2007/11/02

Password Recovery Procedure for the Cisco Catalyst 1700, 1900, 2100, 2800, and 2820 - Cisco Systems

Release Notes for Network Admission Control, Release 2.1 [Network Admission Control (NAC) Framework] - Cisco Systems

Catalyst 2960 Switch Software Configuration Guide, 12.2(25)SEE - Configuring IEEE 802.1x Port-Based Authentication [Cisco Catalyst 2960 Series Switches] - Cisco Systems

How to Troubleshoot Direct Trust Certificate Errors 1037 and 2019

Symantec Backup Exec for Windows Servers (tm) 10.0 Hardware Compatibility List. Includes HCL information for supported drives, libraries, virtual tape devices, fibre-channel HBAs, switches, routers/bridges, and iSCSI components. For prin

Symantec Backup Exec for Windows Servers (tm) 10.0 Hardware Compatibility List. Includes HCL information for supported drives, libraries, virtual tape devices, fibre-channel HBAs, switches, routers/bridges, and iSCSI components. For prin

VERITAS Backup Exec (tm) 10.0.5520 - Device Driver Installer (20051015) - Includes Tape Driver Release (20051015) and Robotic Library Release (48) (Intel Only)

VERITAS Backup Exec (tm) 10.0 rev. 5520 for Windows Servers Installation Files

2007/10/30

Exchange 2003 queues 很多信

In Exchange Server 2003 or in Exchange 2000 Server, the Exchange Server queues are filled with many non-delivery reports from the postmaster account because of a reverse non-delivery report attack

Link

完修IBM刀鋒

問題:
1.報修IBM刀鋒網路不通,工程師到場發現網路模組無法設定,報修
2.網路模組無法設定:透過MM-I/O Module - bay 1 - start web session - 進入nortel module 無法config.
處理:
1.原廠on-site,覺得NORTEL模組OK,恢復工廠值
2.nortel module INT1-14為內部port / EXT1-6為外部module
3.EXT1-4設定trunk與cisco switch連接
4.INT1-4及EXT5-6設定為VLAN 2 連接d-link switch 為DMZ
5.nortel trunk 設定複製另一台刀鋒設定檔(dump),再利用telnet 方式下指令完成設定
6.不會用nortel web UI建立VLAN,改用telnet 建立VLAN2
7.nortel web UI switch port 修改 INT1-4 VID:2
8.EXT5-6 enable tag and 改為VLAN2
9.指令語法:/c/port ..../c - dump or /c/l2/vlan
10.nortel特性:現有的config must apply and save
11.config save之後成為active block ,原來的config會變成backup block

2007/10/26

Available Updates for Backup Exec 10.0 build 5520 for Windows Servers

2007/01/28

VISTA 簡化功能模式 RFM

訂閱：文章 (Atom)

2007/12/31

2007/12/26

2007/12/20

2007/12/17

2007/12/16

2007/12/10

2007/12/07