winrs -r:127.0.0.1:2200 -u:vagrant -p:vagrant -un cmd
Bedingungen:
– gleiche Sprache
– gleiche Architektur x86, x64
– 2012 2005 SP4
niinst32 /ai
netsh advfirewall firewall add rule name = ExchangeSMTPFirewall dir = in protocol = tcp action = allow localport = 2525 remoteip =localsubnet profile = DOMAIN
Wichtige Kommands für SSL-Zertifikate.
Inhalt eines Requests anzeigen: openssl req -noout -text -in $reqestfile.csr
erzwingt eine Pull-Replikation des Domain Controller dc2 von allen anderen DCs
repadmin /syncall /AeD (auf DC2 ausgeführt)
repadmin /syncall /AeD dc2 (zB WinRM Sitzung)
Für einen Push
repadmin /syncall /APeD
Argumente:
A = All Partitions
e = Enterprise (Cross Site)
D = Identify servers by distinguished name in messages.
P = Push
Ref: http://technet.microsoft.com/en-us/library/cc736571(v=ws.10).aspx
Get-WmiObject win32_processor | ft -AutoSize Name,NumberOfCores,NumberOfLogicalProcessors
So kann unter Windows 2008 R2 der Microsoft Powershell Script Editor installiert werden:
Import-Module ServerManager
Add-WindowsFeature PowerShell-ISE
[req]
req_extensions = v3_req
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = server1.yourdomain.tld
DNS.2 = mail.yourdomain.tld
DNS.3 = www.yourdomain.tld
DNS.4 = www.sub.yourdomain.tld
DNS.5 = mx.yourdomain.tld
DNS.6 = support.yourdomain.tld
openssl genrsa -out srvr1-yourdomain-tld-2048.key 2048
openssl req -new -out srvr1-yourdomain-tld-2048.csr -key srvr1-yourdomain-tld-2048.key -config openssl-san.cfg
openssl req -text -noout -in
Zuweisen von Benutzerrechten für einen anonymen Relay:
New-ReceiveConnector -Name 'TEST' -Usage 'Custom' -Bindings '0.0.0.0:25' -Fqdn 'test.xxx.com' -RemoteIPRanges '192.168.1.53' -Server 'EX1' -ProtocolLoggingLevel 'Verbose' -PermissionGroups 'AnonymousUsers'
Get-ReceiveConnector "Relay" | Add-ADPermission -User "NT-Autorität\Anonymous-Anmeldung" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"