Skip to content

Next Training : Security Solutions in KL & Penetration Testing Methodology in Sabah...

Simple Step : Manage MS Office 2013 with GPO in Windows Server 2012 R2

In this post, let go though a simple step how you as a Server Administrator can manage Microsoft Office 2013 in your infrastructure using GPO.

I know sometimes its really hard to manage MS Office 2013 especially when there are certain requirement, security policy or even certain function need to be customize for our user @ group.

This is where you need .adml and .admx files to manage MS Office 2013 with Group Policy.

Lets get started…

1 – Before we proceed, make sure you download .admx / .adml files from Microsoft website (this are the files that you need to configure any group policy for MS Office 2013.

2 – Once you successfully download the admx/adml files, 1st lets copy all the .adml file and paste it in C:\Windows\PolicyDefinitions\en-US folder…

1

2

3 – Next, copy admx files and paste it in C:\Windows\PolicyDefinitions folder…

3

4

4 – Next, lets start to configure the MS Office 2013 policy…

– On the Domain Server, open Server Manager, click Tools and then click Group Policy Management…

5

5 – On the  Group Policy Management console, right Group Policy Objects, and then click New…

6

6 – In the New GPO box, type MS Office 2013 into the Name field, and then click OK…

7

7 – Next, right-click the MS Office 2013 Group Policy Object (GPO), and then click Edit…

8

8 – Under User Configuration, expand Policies then expand Administrative Templates: Policy definitions (ADMX files) retrieved from the local computer, here you can see a list of MS Office 2013 policy that you can modified.

9

9 – Now lets try to modified few policy…

– expand Microsoft Word 2013, then expand Word Options, and then click Customize Ribbon, next on the right pane, double-click the Display Developer tab in the Ribbon setting…

– In the Display Developer tab in the Ribbon box, click the Enabled button, and then click OK…

10

10 – Next, lets try 1 more policy, expand Proofing, and then click AutoCorrect..

– In the right pane, double-click the Replace text as you type setting, click Disabled, and then click OK…

11

11 – Next, lets link this MS Office GPO to our domain…

– right-click the osi.com.my domain, and then click Link an Existing GPO…

12

12 – Next, in the Select GPO box, click the MS Office 2013 GPO, and then click OK…

13

13 – Now lets verify that the settings have been applied, for this demo, i’m using my Windows 8.1 client to retrieve the MS office 2013 policy…

14

 

14 – Once you successfully log in to your domain client PC, search and open MS Word 2013…

15

15 – Once the MS Word 2013 open, check the ribbon to verify that the Developer tab is visible and also try type a few misspelled words to verify that Microsoft Word is not auto correcting the misspelled words as you type.

16

Orait, that’s all for now, i recommend that you explorer more on the MS Office 2013 GPO because a lot of nice things you can customize. Good luck…..

 

 

Simple Step : How to change User Logon Name (pre-Windows 2000) using ADSI EDIT in Windows Server 2012 R2

After 2 month break (not that i have no idea!!), but since i’m busy with my Ethical Hacking & Pentest training, i have no time to deep dive to my server & write some blog..

anyway, today lets go through a simple step how we can change User Logon Name (pre-Windows 2000) using ADSI EDIT.

This actually happened to me in my few classes, where me & my students trying to change User Logon Name (pre-Windows 2000) in Server 2012 R2,

Why we need to change this? well, 1st, you might have VM with preloaded domain name, and you do not want to create a new domain infrastructure and to same a lot of time, we just need to rename our existing domain name to what ever name that we want.

for those who still wondering what am i talking about & how to rename domain name, please refer to my previous blog :

https://mizitechinfo.wordpress.com/2013/06/10/simple-guide-how-to-rename-domain-name-in-windows-server-2012/

The issue here is simple, once you rename the domain, i notice that the User Logon Name (pre-Windows 2000) is not changing, it still remain with old NETBIOS name from previous domain, even my others domain member server & domain clients can log in to their profile.

its very annoying to me to see this issue, so to solve this issue, we need to so some minor changes in ADSI EDIT.

Lets get started :

1 – open your ADUC and check for the issue, in ADUC select any of the existing user and double click on it.

— click Account tab and notice that under User Logon name:, its stated my user connected to osi.com.my domain, but on the User Logon name (pre-Windows 2000), it still stated with my old domain name (Adatum) and this must go away…

1

2 – Next, open Server Manager, click Tools and then click ADSI EDIT

2

3 – On the ADSI Edit console, right click ADSI Edit and then click Connect to….

3

4 – On the Connection Settings box, click Select a well known Naming Context: and then in the list click Configuration

4

5 – On the ADSI Edit console, browse to CN=Partitions, and on the right side if you notice, under name, its stated CN=ADATUM (which is my old domain name), and my Directory Partition Name is DC=osi,DC=com,DC=my…

— you need to double click the CN=ADATUM..

5

6 – On the CN=ADATUM box, under Attributes:, browse to nETBIOSName, and the click Edit

— on the String Attribute Editor, under Value change to your new domain name, which is in my case OSI, and then click OK..

Reboot your Domain server for the changes to take effect.

6

7 – Once your domain server reboot, log in to any of your client PC, and click Other user…

7

8 – On the Other user interface, you can log in using our new domain successfully.

8

Simple Step : How to use offline domain join (djoin.exe) in Active Directory

Offline domain join is a new process that computers running Windows 7 or Windows Server 2008 R2 can use to join a domain without contacting a domain controller.

There is a new tool included with Windows Server 2008 R2 / Server 2012 R2 and Windows 7 / 8 called Djoin.exe.

This tool allows clients to be joined to a domain without any network connectivity.

There are any number of circumstances where you may want to have a client computer join to a domain when they have no access to a domain controller.

On example might be if you are creating a new branch office and the servers are not functional yet in that location, but you would like to begin rolling out the clients.

Here are the step :

1 – On the Windows Server, open CMD  and type :

djoin /provision /domain “osi” /machine “OSI-CL06” /savefile win7blob.txt

** osi = your domain name

** OSI-CL06 = PC Client

** If the djoin /provision command completes successfully, you’ll see your new Clients PC account in the Computers container in AD.

1

2 – Browse to domain administrator profile folder which is located in C:\Users folder, and look for Win7blob.txt file…

Transfer Win7blob.txt file to OSI-CL06 client PC…

2

3 – On the OSI-CL06 PC, confirm that it still in workgroup.

Paste the Win7blob.txt that you copy previously from the server (any domain member PC) into local admin profile (for this demo i copy into Windows 7 System32 folder (not the best practice)…

3

4 – On the client PC, open cmd and type djoin /requestODJ /loadfile win7blob.txt /windowspath %systemroot% /localos…, and then restart the PC…

4

5 – Once your Client PC restarted, open System Properties and confirm that your Client PC is now a member of your domain…

5

*** Please take note : You’ll only be able to logon with a domain account for the first time if there’s connectivity to a DC.

 

Simple Step : Deploy MS Office 2013 via MDT 2013

Previously i blog about how to deploy Windows 8.1 with MDT 2013 & WDS in Windows Server 2012 R2.

https://mizitechinfo.wordpress.com/2014/08/31/simple-step-deploy-windows-8-1-with-mdt-2013wds-in-server-2012-r2/

Today lets continue how to deploy MS Office 2013 via MDT 2013.

There are many ways you can deploy MS Office 2013 via MDT 2013, what i’m going to demo here is 1 of the easiest step that you can try later in your LAB @ Production.

Lets get started…

1 – On the MDT 2013 Server, open DeploymentWorkbench console, right click Application and then click New Folder…

1

2 – On the General Settings interface, type the new Folder Name (for this demo i type MS Office 2013), and then click Next…

2

3 – On the Summary interface, click Next…

3

4 – On the Confirmation page, click Finish…

4

5 – Right click MS Office 2013 folder, and then click New Application…

5

6 – On the Application Type interface, click Application with source files, and then click Next…

6

7 – On the Detail interface, Fill in all the necessary information (please refer to the Picture below)…

7

8 – On the Source interface, click Browse button, in the Browse For Folder box, click MS Office 2013 location (in my demo my MS Office 2013 located in D: drive), and then click OK…

8

9 – click Next to proceed…

9

10 – On the Destination interface, verify the directory name and then click Next…

10

11 – On the Command Details interface, under Command line: type Setup.exe and then click Next…

11

12 – On the Summary interface, click Next…

12

13 – On the Confirmation interface, verify that the process completed successfully and then click Finish…

13

14 – Next, we need to configure Task Sequence, on the DeploymentWorkbench console, right click task Sequence folder and then click New Task Sequence…

14

15 – On the General Settings interface, under Task sequence ID:, type OFF2013 (you can choose your own ID), for Task sequence name, type Deploy MS Office 2013 and then click Next…

15

16 – On the Select Template interface, choose Custom Task Sequence, and then click Next…

16

17 – On the Summary interface, click Next…

17

18 – On the Confirmation interface, click Finish…

18

19 – On the DeploymentWorkbench console, browse to MS Office 2013 folder (under Applications folder), right click Microsoft Office 2013 and then click Properties…

19

20 – On the Microsoft Office 2013 Properties, click Office Products tab, beside the Office product to install, click ProPlusr, in the Customer name, type osi.local (you may choose your own preferred name), click Accept EULA and then click OK…

20

21 – Switch to client PC, open Run and browse to your MDT 2013 Server (in my demo my MDT 2013 server UNC is : \\WDSMDT2013\DeploymentShare$\Applications) and then click OK…

21

22 – Once you successfully access the DeploymentShare$\Applications folder in your MDT 2013 server, open Scripts folder…

22

23 – In the Scripts folder, search for LiteTouch file, and then double click the file…

23

24 – The LiteTouch script file will open the Task Sequence wizard interface, click Deploy MS Office 2013 and then click Next…

24

25 – Under Select one or more applications to install, click Microsoft MS Office 2013 and then click Next…

25

26 – On the Administrator Password interface, fill in the password and then click Next…

26

27 – On the Ready interface, click Begin…

27

28 – The Microsoft Office Professional Plus 2013 installation wizard will pop up and then click Install Now button…

28

29 – After few minutes, the Microsoft Office 2013 will successfully installed and then click Finish…

29

30 – Verify you installation by searching / open the MS Office application…

30

 

I’m done for now, wait for next post on the Offline Domain Join in Windows Server 2012 R2…

 

Simple Step : Deploy Windows 8.1 with MDT 2013/WDS in Server 2012 R2

Today in my post, lets go through a simple step how to deploy Windows 8.1 with MDT 2013 / WDS

There are many ways you can deploy Windows 8.1, one of my favourites is MDT 2013 and WDS.

This are few information about MDT 2013.

Microsoft Deployment Toolkit (MDT) 2013 is a Solution Accelerator for OS and application deployment. MDT 2013 supports deployment of Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2.

MDT is the recommended process and toolset for automating desktop and server deployment.

MDT provides you with Unified tools and processes, including a set of guidance, for deploying desktops and servers in a common deployment console and also reduced deployment time and standardized desktop and server images.

Some of the key changes in MDT 2013 are:

  • Support for the Windows Assessment and Deployment Kit (ADK) for Windows 8.1.
  • Support for deployment of Windows 8.1 and Windows Server 2012 R2.
  • Support for System Center 2012 R2 Configuration Manager.
  • Improved support x86-based Unified Extensible Firmware Interface (UEFI) systems.

For this demo, i will be using my new dedicated MDT/WDS Server 2012 R2 (OSI-WDSMDT2013).

There are few things we need to prepare before we deep dive into the process.

1 – Download  Windows Assessment and Deployment Kit (Windows ADK) for Windows 8.1

2 – Download MDT 2013 installer

3 – Windows 8.1 installer

Once you prepared all the necessary component, lets get started…

1 – On the OSI-WDSMDT2013 server, install Windows 8.1 ADK…

1

2 – On the Join the Customer Experience Improvement Program click Next…

2

3 – On the License Agreement, proceed with Next…

3

4 – On the Select the features you want to install, click :

  • Deployment Tools
  • Windows Preinstallation Environment (Windows PE)
  • User State Migration Tool (USMT)

and then click Install (it might take a while for the features to download)…

4

5 – wait for the download & installation process to complete…

5

6 – Once the process complete, click Close…

6

7 – Next we need to install MDT 2013,  on the wizard click Next…

7

8 – accept the License Agreement and click Next…

8

9 – On the Custom Setup, click Next…

9

10 – On the Customer Experience Improvement Program interface, click Next…

10

11 – Click Install….

11

12 – Once the process completed, click Finish…

12

13 – Open DeploymentWorkbench console (This is MDT 2013, please don’t get confuse with the name) from start menu…

Right click Deployment Shares folder and then click New Deployment Share…

13

14 – On the Path interface, verify the location of the Deployment share (by default it will save to C:\DeploymentsShare), then click Next…

14

15 – On the Share interface, verify the name of the share (by default the name is DeploymentShare$), then click Next…

15

16 – On the Descriptive name interface, proceed with Next…

16

17 – On the Options interface, please un-tick all the box and then Next…

17

18 – On the Summary interface, verify all the information and then click Next…

18

19 – On the Confirmation interface, click Finish…

19

20 – On the DeploymentWorkbench console, Right click Operating System Folder and then click Import Operating System…

*** Make sure you attach Windows 8.1 installer before proceed with next step.***

20

21 – On the OS Type interface, click Full Set of source files and then click Next…

21

22 – On the Source interface, click Browse button, in the Browse For Folder box, browse to Windows 8.1 drive/directory and then click Next…

22

23 – Click Next to proceed…

23

24 – On the Destination interface, verify the Destination Directory name and then click Next…

24

25 – On the Summary interface, click Next…

25

26 – It might a while for the process to complete…

26

27 – Once the process complete copy the necessary files, click Finish…

27

28 – Back to the DeploymentWorkbench console, right click Task Sequence and then click New Task Sequence…

28

29 – On the General Settings interface, fill in the Task Sequence ID: for this demo i type OSIWin8.1, then fill in the Task sequence name: for this demo i type Deploy Windows 8.1 Ent x64 and then click Next…

29

30 – On the Select Template interface, i choose Standard Client Task Sequence and then click Next…

30

31 – On the Select OS interface, click Windows 8.1 and then click Next…

31

32 – On the Specify Product Key, i choose Do not specify a product key at this time and then click Next…

32

33 – On the OS Settings interface, Fill in the necessary information and then click Next…

33

34 – On the Admin Password interface, i choose Do not specify an Administrator password at this time, and then click Next…

34

35 – On the Summary interface, click Next…

35

36 – On the Conformation interface, click Finish…

36

37 – Next, we need to configure MDT rules before we start update the process…

Right click MDT Deployment Share and then click Properties…

41

38 – On the MDT Deploymwnt Share interface, click Rules tab and then key in the rules that you want to be execute;

for this demo, this is my sample of rule :

[Settings]
Priority=Default
Properties=MyCustomProperty

[Default]
OSInstall=Y
UserID=Administrator
UserDomain=osi.local
UserPassword=Pa$$w0rd

SkipBDDWelcome=YES
SkipDeploymentType=YES
SkipDomainMembership=NO
SkipApplications=NO
SkipSummary=YES
SkipUserData=YES
SkipComputerName=NO
SkipTaskSequence=NO
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipAppsOnUpgrade=YES
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerBackup=YES
SkipBitLocker=YES
SkipCapture=YES
SkipFinalSummary=YES

once you type all the rules, click Edit BootStrap.ini button…

42

39 – In the BootStrap.ini file, type ;

UserID=Administrator
UserDomain=osi.local
UserPassword=Pa$$w0rd
KeyboardLocale=en-US

and then save the Bootstrap.ini file…

43

40 – Click OK to proceed…

44

41 – Next, its time for us to update the process so that MDT 2013 will create an Windows 8.1 LiteTouchPE_x64.wim file.

We’re going to to use LiteTouchPE_x64.wim file to be attach to WDS so that we can intall Windows 8.1 through network…

Right click MDT Deployment Share, and then click Update Deployment Share…

37--

42 – On the Options interface, click Optimize the boot image updating process, and then click Next…

38--

 

43 – On the Summary interface, click Next…

39--

44 – It might take around 10 minutes for the process to be completed, once the process complete, click Finish…

40--

45 – Next, still on the OSI-WDSMDT2013 server, open Windows Deployment Services (WDS), right click Boot Images and then click Add Boot Image…

45

46 – On the Image File interface, browse to C:\DeploymentShare\Boot\LiteTouchPE_x64.wim, and then click Next…

46

47 – On the Image Metadata interface, click Next…

47

48 – On the Summary interface, click Next…

48

49 – On the Task Progress interface, click Finish…

49

50 – We’ve done on the Server part, now lets boot up the Client PC so that the WDS will continue install the Windows 8.1 through network (using PXE)…

On the client PC, notice that it will boot up using network service boot, press F12 to continue…

50

51 – It might a while for the process to load the LiteTouchPE_x64.wim from our OSI-WDSMDT2013 server…

51

52 – our Client PC should pop up to the MDT interface…

52

53 – On the MDT Welcome screen, click Run the Deployment Wizard to install a new Operating System…

53

54 – On the Credentials interface, fill in the administrator name, password and domain,  then click OK…

54

55 – On the Select a task sequence to execute on this computer, click Deploy Windows 8.1 Ent X64 and then click Next…

55

56 – On the Computer Details interface, fill in the Computer name and the necessary information (you have a choice to join to the domain @ workgroup) and then click Next…

56

57 – It might take around 15  minutes for the process to complete install Windows 8.1 without needed any user interaction…

57

58

58 – After few reboot, you should have your complete Windows 8.1…

59

We done for now, i will continue post more step by step on the MDT 2013 soon…

 

Step by Step : How to Deploy System Center 2012 R2 Configuration Manager (SCCM) in Windows Server 2012 R2

A little bit of intro about SCCM 2012 R2 :

System Center solutions help you manage the physical and virtual information technology (IT) environments across data centers, client computers, and mobile devices. You can improve your productivity by using the integrated and automated solutions of System Center.

What SCCM 2012 R2 can do for you?

You can use the change and configuration management capabilities of System Center 2012 R2 Configuration Manager to perform tasks such as:

• Deploying operating systems, software applications, and software updates.

• Monitoring and remediating computers for compliance settings.

• Collecting hardware and software inventory.

• Remote administration

So today in this post, lets go through a full step by step how can you deploy SCCM 2012 R2 in your infrastructure, for this demo, i will install SCCM 2012 R2 in Windows Server 2012 R2.

Before we start deploy SCCM 2012 R2, be aware that there are 2 main prerequisites you need to download :

1 – Download SQL Server 2012

2 – Download ADK 8.1 (Windows Assessment and Deployment Kit for Windows 8.1)

For this demo, i will use 4 VM (Domain Server, SCCM member server, Windows 7 & Windows 8.1)

*** Please do not attempt this process in Production environment if you are not familiar with the process & setup***

Lets get started :

1 – 1st step we need to install Web Server in SCCM member server…

On the SCCM VM server (OSI-SCCM), open Server Manager, and click Ad Roles & Features…

1

2 – On the Before you begin interface, click Next…

2

3 – On the Select installation type interface, proceed with Next…

3

4 – On the Select destination server interface, verify your server and then click Next…

4

5 – On the Select server roles interface, click Web Server (IIS) and then click Next…

5

6 – On the Select features interface, click .Net Framework 3.5 & 4,5, and then scroll down and click Remote Differential Compression, then click Next…

6

7

7 – On the Web Server Role (IIS) interface, proceed with Next…

8

8 – On the Select role services interface, under Security and select Request Filtering, Basic Authentication, IP and Domain Restrictions URL Authorization and Windows Authentication.

9

 

9 -Then scroll down, under Application Development, click .Net Extensibility 3.5 & .Net Extensibility 4.5, then click ASP, ASP.Net 3.5 & ASP.Net 4.5…

10

 

10 – Scroll down again, under Management Tools, click IIS Management Console, IIS 6 Management Compatibility, IIS 6 Metadata Compatibility, IIS 6 WMI Compatibility, IIS Management Scripts and Tools and Management Service, then click Next…

11

11 – On the Confirm installation selections, click Specify an alternate source path link…

12

12 – Verify that you had insert Windows Server 2012 R2 installer in the SCCM 2012 member server, on the Specify Alternate Source Path interface, in the path column, type your installer Windows Server 2012 R2 drive (D:\sources\sxs) and then click OK…

13

13 – On the Confirm installation selections interface, click Install…

14

14 – Wait for few minutes to lets the installation complete…

15

15 – Once the installation complete, click Close….

16

16 – Switch to Domain Server (OSI-DC01), open Server Manager and then click Tools, and click ADSI Edit…

*** We going to use ADSI Edit to create System Management Container, Active Directory schema does not create this container automatically so we to create the System Management Container manually.***

17

17 – In the ADSI Edit console, right click ADSI Edit and click Connect…

18

18 – In the Connection Settings box, verify that Default naming context is selected and then click OK…

19

19 – browse to CN=System container, right CN=System, click New and choose Object…

20

20 –  In the Create Object box, click container and then click Next…

21

21 – in the Value, type System Management and then click Next…

22

22 – Click Finish to complete the process…

23

23 – Next, open Active Directory Users & Computers, click View and then click Advanced Features…

24

24 – Click System, right click System Management folder and then click Properties…

25

25 – On the System Management Properties box, click Add and then click Object Types…

*** What are we going to do here is to configure permissions on the System Management container.***

26

26 – On the Object Types interface, just click Computers and then click OK…

27

27 – On the Select Users, Computer, Service Accounts, or Group interface, type SCCM (this is our SCCM member server) and then click OK…

28

28 – On the System Management Properties interface, click SCCM (OSI\SCCM$) and click Full Control under Permissions of SCCM and then click Advanced…

29

29 – On the Advanced Security Settings for System Management interface, under Permission Entries:, click Allow SCCM (OSI\SCCM$) and then click Edit…

30

30 – On the Permissions Entry for System Management interface, verify that you choose Applies to: This object and all descendant objects and then click OK…

31

31 – Now switch back to SCCM server, and browse to SCCM installation folder which is SMSSetup\Bin\X64, then click extadsch file…

*** This extadsch file will extend the AD DS schema***

32

32 – Open C: Drive, and locate & open the ExtADSch.txt file …

33

33 – Verify that AD Schema extended process successful…

34

34 – Next Step, we need to install the SQL Server as per prerequisites, for this demo i will be using SQL Server 2012…

Mount the SQL Server 2012 Installer to SCCM Server…

On the SQL Server Installation Center interface, click New SQL Server stand-alone installation or add features to an existing installation…

35

35 – Verify that on the Setup Support  Rules interface, all the prerequisites listed as Passed, and then click OK…

36

36 – On the Product updates interface, click Next…

*** i recommend that you do full Windows Update on the SCCM server so that you face any issue on the SQL installation***

37

37 – On the Setup Support Rules interface, click Next…

38

38 – On the Installation Type interface, click Perform a new installation of SQL Server 2012, and then click Next…

39

39 – On the Product key interface, key in your SQL Server 2012 product key and click Next…

40

40 – On the License Terms interface, click I accept the license terms and then click Next…

41

41 – On the Setup Role interface, click SQL Server Feature Installation and then click Next…

42

42 – On the Feature Selection interface, click Database Engine Services, Client Tools Connectivity and Management Tools – Complete, then click Next…

43

44

43 – On the Installation Rules interface, click Next…

45

44 – On the Instance Configuration interface, click Default instance and then click Next…

46

45 – On the Disk Space Requirements, click Next…

47

46 – On the Server Configuration interface, under Startup Type, verify that all startup set to Automatic, then click SQL Server Database Engine, under Account Name, click <<Browse…>>…

48

47 – Under Enter the object name to select, type Network Service and then click OK…

49

48 – click next to proceed…

50

49 – On the Database Engine Configuration interface, verify that you click Windows authentication mode and click Add Current User, and then click Next…

51

50 – On the Error Reporting interface, click Next…

52

51 – On the Installation Configuration Rules interface, verify that all the rule status are passed and then click Next…

53

52 – On the Ready to Install interface, click Install…

54

53 – after few minutes, installation should complete and verify that the feature status is success and then click Close…

55

54 – Next, we need to install Windows Assessment and Deployment kit for Windows 8.1 (adksetup) in our SCCM server…

56

55 – On the Specify Location for the Windows Assessment and Deployment kit for Windows 8.1, click Install the Windows Assessment and Deployment kit for Windows 8.1 to this computer and then click Next…

57

56 – Proceed with Next…

58

57 – On the License Agreement interface, click Next…

59

58 – On the Select the features you want to install interface, click Deployment Tools, Windows Preinstallation Environment (Windows PE) and User State Migration Tool (USMT) and then click Install…

*** For this step please be aware that you need internet connection on the SCCM server so that the setup will download all the require file to proceed with the next step.***

60

59 – Once the installation Windows Assessment and Deployment kit for Windows 8.1 setup complete, proceed with SCCM 2012 R2 installation.

Mount the SCCM 2012 R2 installer, and then click splash file…

61

60 – On the Microsoft System Center 2012 R2 Configuration Manager interface, click Install…

62

61 – On the Before You Begin interlace, click Next…

63

62 – On the Getting Started interface, verify that you click Install a Configuration Manager primary site, and then click Next…

64

 

63 – On the Product Key interface, click Next…

65

64 – On the Microsoft Software License Terms interface, click I accept these license terms and then click Next…

67

65 – On the Prerequisites Licenses interface, click all 3 boxes and then click Next…

68

66 – On the Prerequisites Download interface, click Download require files button and then click Next…

*** Please verify that your SCCM member server is connected to Internet.***

69

67 – wait few minutes for the download to complete…

70

68 – On the Database Information interface, click Next…

70-

69 – On the Server Language Selection interface, English is selected, then click Next…

71

70 – On the Site and Installation Settings interface, in the Site Code:, type any unique site code for your SCCM, in this demo i key in OCM, in the Site name:, type the site name that will identify our SCCM site, for this demo i just type OSI SCCM, un-tick the Install the Configuration Manager Console and then click Next…

72

71 – On the Primary Site Installation interface, click Install the Primary site as a stand-alone site, and then click Next…

73

72 – click Yes…

74

73 – On the Database Information interface, verify all the information is correct and then click Next…

75

74 – Under specify the locations for SQL Server data file…, click Next…

76

75 – On the SMS Provider Settings interface, verify the SMS provider (FQDN) is our SCCM server (SCCM.osi.local), and then click Next…

77

76 – On the Client Computer Communications Settings interface, click Configure the Communication method on each site system role, and then click Next…

78

 

77 – On the Site System Roles interface, verify that Install a management point and install a distribution point is selected and then click Next…

79

78 – On the Customer experience Improvement Program interface, click Next…

80

79 – On the Settings Summary interface, click Next…

81

80 – On the Prerequisite Check interface, before you click Begin install, please verify the warning for SQL Server memory usage…

82

81 – To solve the SQL Server Minimum memory issue that stated on the SCCM wizard, please open SQL Server 2012 Management Studio, verify the Server name is connected to our SCCM and then click Connect…

83

82 – In the SQL Server 2012 Management Studio, under Object Explore, right click SCCM and then click Properties…

84

83 – On the Server properties – SCCM interface, click Memory, under Minimum and Maximum server Memory, type 4000 and then click OK…

85

84 – Switch back to SCCM 2012 installation wizard and click Run Check…

86

85 – Now click Begin Install and wait…

87

86 – On the Install interface, verify that Core Setup has completed and then click Close…

88

87 – On the Microsoft System Center 2012 R2 Configuration Manager interface, click Install Configuration Manager console…

89

88 – click Next…

90

89 – On the Site Server, type our SCCM member server FQDN and then click Next…

91

 

90 – On the Installation Folder interface, click Next…

92

91 – On the Customer Experience Improvement Program, click Next…

93

92 – Click Install…

94

93 – Wait for the installation to complete…

95

94 – Click Finish…

96

95 – Finally, we had successfully completed installing SCCM 2012 R2, and now lets create some boundary so that we can do scanning on our infrastructure…

*** FYI : A boundary is an intranet network location that can contain one or devices that more you want to manage. There are multiple ways to define boundaries, and a hierarchy can have boundaries that you define by using any combination of the
available methods. Boundary information is stored as global data and, as such, replicates throughout the hierarchy. To use boundaries for Configuration Manager operations, you must add them to boundary groups.***

On the SCCM 2012 R2 console, under Administration, right click Boundaries and click Create Boundary…

97

96 – On the Create Boundary box, next to Type: verify that you choose Active Directory site and then click Browse…

98

97 – On the Browse Active Directory sites interface, click Default- First-Site-Name and then click OK…

99

98 – On the Create Boundary interface, verify all the information and then click OK…

100

99 – on the SCCM 2012 R2 console, right click Boundary Group and then click Create Boundary Group…

101

100 – On the Create Boundary Group interface, under General, type the name of the new Boundary (OSI Main Boundary) and then click Add…

102

101 – On the Add Boundaries interface, tick the Default- First-Site-Name and then click OK…

103

102 – click References tab, under Site assignment click Use this boundary group for site assignment and click OK…

104

103 – on the SCCM 2012 R2, click Discovery Methods and then on the right side click Active Directory System Discovery and the right click and click Properties…

105

104 – On the Active Directory System Discovery Properties interface, click Enable Active Directory System Discovery and then click star button…

106

 

105 – On the Select New Container box, click Computers folder and then click OK…

107

106 – on the Active Directory Container, verify the path and click OK…

108

107 – click Options tab, and then click Only discover computers that have logged on to a domain in given period of time, in this demo i type 30 days, and then click OK…

109

108 – On the Configuration Manager interface, click Yes…

110

109 – On the SCCM 2012 R2 console, click Assets and Compliance, then click Devices, verify that all your client PC will listed under the devices name…

111

Orait, i’m done for now.. i will continue blogging about SCCM 2012 R2 in the future, still long way to go…

*** to my client that having issue regarding SCCM 2012 deployment, i hope with this post can solve any deploying issue that you all had previously…

*** to my students, existing @ future students, my SCCM 2012 R2 classes will start around September 2014. *** Please take note…

Info : What you should know about PENETRATION Report Writing?

In any penetration test process, the report is the most critical part.

As a PenTester, writing a good report is key to successful penetration testing.

The following are the key factors to a good PenTest report :

  • Your report should be simple, clear, and understandable.
  • Presentation of the PenTest report. Headers, footers, appropriate fonts, well-spaced margins, etc., should be created/selected properly and with great care. For example, if you are using a red font for the heading, every heading in the document should be in that style.
  • The PenTest report should be well organized.
  • Check your Pentest report spelling and grammar. A misspelled word leaves a very negative impact upon the person who is reading your report. So, you should make sure that you proofread your report and perform spell-checks before submitting it to the client.
  • Always make sure that you use a consistent voice and style in writing a report. Changing the voice would create confusion in the reader; so you should choose one voice and style and stick to it throughout your report.
  • Make sure you spend time on eliminating false-positives (vulnerabilities that are actually not present), because false-negatives will always be there no matter what you do. Eliminating the false-positives would enhance the credibility of the report.
  • Perform a detailed analysis of the vulnerability to find out its root cause.

report_icon