sexta-feira, fevereiro 15, 2019

Migração ADDS 2008 R2 para ADDS 2012 R2


Vou descrever os passos para a migração de um ambiente Active Directory Certificate Service 2008 R2 para 2012 R2, esse processo foi realizado em um ambiente simples, onde somente duas roles estavam instaladas Certification Authority e Web Enrollement, para ambientes mais complexos sugiro verificar a documentação da Microsoft.



Conectar na CA e efetuar o backup:


Selecionar a chave privada e o certificado da CA bem como a database:


Digitar uma senha para acesso a chave privada



Finalizar o processo e copiar o conteúdo do backup para a máquina de destino, nesse caso a máquina que roda o Windows 2012 R2.

Acessar o registro do Windows e exportar todo o conteúdo presente em HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc

Remover a Role do Windows 2008 R2, estou usando o comando servermanagercmd, esse comando não tem disponível no Windows 2012 R2.
>ServermanagerCmd -remove AD-Certificate

Reiniciar a máquina.

Instalar o ADDS no Wndows 2012 R2, instalar através do PowerShell:
>Install-WindowsFeature -Name AD-Certificate,ADCS-Web-Enrollment -IncludeManagementTools

Acessar o Server Manager e clicar em Configure


Avançar


Selecionar as Roles


Em tipo de CA selecionar Enterprise CA, avançar, selecionar Root CA


Aqui um passo importante, selecionar um certificado e uma chave existente


Selecionar importar e especificar o certificado exportado anteriormente e a senha


Avançar, especificar um local para a base de dados, avançar e configurar, se tudo estiver certo será apresentando a mensagem abaixo:



Em Server manger abrir o Certificate Authority, clicar em restaurar a CA











segunda-feira, maio 28, 2018

Enable SSL SOLR

Create a certificate with keytool:
Open CMD:
"%java_home%\bin\keytool" -genkeypair -alias solr-ssl -keyalg RSA -keysize 2048 -keypass mysecret -storepass mysecret -validity 9999 -keystore solr-ssl.keystore.jks -ext SAN=DNS:localhost,IP:172.31.87.2,IP:127.0.0.1 -dname "CN=localhost, OU=MaykonCorp, O=Maykon, L=Florianopolis, ST=SC, C=BR"

Convert JKS to PKCS12 :

"%java_home%\bin\keytool" -importkeystore -srckeystore solr-ssl.keystore.jks -destkeystore solr-ssl.keystore.p12 -srcstoretype jks -deststoretype pkcs12

Double click on the solr-ssl.keystore.p12 file and import to local machine.
Type password add place the certificate to Trusted Root Certification Authorities



Open solr.in.cmd:
Edit these lines:





I moved solr-ssl.keystore.p12 and solr-ssl.keystore.jks to C:\solr\server\etc

sexta-feira, maio 25, 2018

Install Solr Windows - Noob Edtion

Install Java JRE and check the version ( It must be the version 1.8 or later.):



Download Solr:
http://www.apache.org/dyn/closer.lua/lucene/solr/7.3.1



Set Java Home sysem variable:

setx -m JAVA_HOME "C:\Program Files (x86)\Java\jre1.8.0_171"

Extract solr.zip in C:\ for example, in my enviroment is C:\solr

Use NSSM to install Solr as a service:




Start the service and access http://localhost:8983





quinta-feira, maio 17, 2018

DISM

Display information about the image:
>Dism /Get-ImageInfo /ImageFile:C:\dism\install.wim

Mount an image:
>Dism /Mount-image /ImageFile:C:\dism\install.wim /index:2 /MountDir:C:\test

Display information about mounted image
>Dism /Get-MountedImageInfo

Unmount image and descart alterations
>Dism /Unmount-image /MountDir:c:\test /Discard

List of 3rd party drivers
>Dism /image:C:\test\ /Get-Drivers

Unmount image and descart alterations
>Dism /Unmount-image /MountDir:c:\test /Discard

Unmount image and commit the changes
>Dism /Unmount-Image /MountDir:C:\test\ /Commit

List all of the features avaliable
>Dism /Image:C:\test\ /Get-Features

Get information about feature
>Dism /Image:C:\test\ /Get-FeatureInfo /Featurename:DirectoryServices-DomainController

Enable Windows feature
>Dism /Image:C:\test\ /Enable-Feature /FeatureName:DirectoryServices-DomainController /All

domingo, maio 13, 2018

Install Nano Server - Quick Reference

Copy NanoServer folder from the installation media to your computer.
In my computer i copy to C:\NanoServer

Open PowerShell and go to the C:\NanoServer
Import the NanoServerImageGenerator module.

>Import-Module .\NanoServerImageGenerator -Verbose

Create a new image with the command:
>New-NanoServerImage -Edition Standard -DeploymentType Guest -MediaPath E:\ -BasePath .\ -TargetPath C:\Hyper-V\NanoSvr1\NanoSvr.vhdx -ComputerName NanoSvr1
-MediaPath = Media installation Windows Server 2016


Create a new VM and use an existent vhdx:
>new-vm -Name "NanoSRV01" -MemoryStartupBytes 1GB -VHDPath C:\Hyper-V\NanoSvr1\NanoSvr.vhdx -Generation 2

Now you can management your Nano Server!