Cisco IOS Fundamentals

cisco

Cisco’s IOS is a command line driven interface for all their devices. There are some basics for logging into a device. Such as physically connecting to the device console port with a serial port, or a roller over cable. For no i’m going to discuss the basic hierarchy to get into configuring the device. One of the most important commands to learn is the “?” command. At any time if you need to know the command that are available to you you can just type in “?”.

? output for user mode

The next thing you should know is the hierarchy into which you need to progress the get though to be able to configure the device i’ll try to make a simple table below.

Mode chart

To configure a device you must move through the hierarchy into the global mode. user>privilege>global. In the next image I’ll walk though these mode until a reach the interface mode.


user>privilege>global>interface

Thank you for reading. I’ll definitely continue these article later.

Setting Up Windows Active Directory

software

The first step to setting up Active Directory is to figure out if you new AD is going to join an existing “forest” or create your own “forest”. Windows AD is a very versatile and scale-able service. Windows server makes it very easy to have fail over or load balancing directory to augment another active directory. I’ll go more into that later, but for now lets set our new active directory as its own.

The first step it to name your new domain. There are best practices to naming domains. Such as not using a public domain as an internal one for example it wouldn’t be advisable to name my domain copperraparts.com, and you can use the “.” to help organize the structure of assets in your company. Many larger entities would likely place the location, office and other important information in the Domain (eg. dallas.mainstreet.3floor.server). Here i’ve added mine to my new forest of copper.test.

Adding to new forest

Next you would set the functional level of the domain i went with the most up to date for me which is windows 2016. Then depending if you joining a new forest you can choose options like read only mode. then you have to set-up a Directory Services Restore Mode pass word. then just click next.

Domain controller options

Next you can delegate DNS, for example if you had a 1.copper.test you can help point this domain to it if you needed, but for demonstration purposes i’ll keep it simple and copper.test will exist on it on so just click next.

DNS Delegation

Next setting up a NetBIOS name or not. NetBIOs is an older technology it can help locate resources in a network. But it is not used widely nowadays. so i’m going to leave mine blank and click next.

NetBIOS name

Next the AD want you to specify paths for your AD database, log files, and system volume. These are important directory needed to run AD. I’ll just leave them to the default and click next.

AD Paths

The next thing AD wants you to do is review all the options you chosen and click next.

Review Options

Lastly the installer needs to check for any issues in the install. This test domain is throwing up the caution about cyrpto algorithms setting and no static IP. This is a test installation running on virtual machine so i’m not really worried about the passwords. Also as a test server i’m not going to have any user so i haven’t configured a static IP but you can learn to do so here. Just click next to finish windows server is going to need to reboot after this so follow your protocols if you need too.

Prereq Check
Windows needs to restart

So that is the basics of setting-up your new windows active directory domain services. After you set it up you can add new users, edit group policies, and new hardware to your network. i’ll try to write more articles so please check back. and if you have any questions feel free to contact me here.

Office 365 Administration

software

Office 365 is Microsoft’s Subscription based office suite. It allows large entities to manage large amount of users. It allows corporations easy licensing and can track the performance and usage for office applications. It also integrates with OneDrive for cloud storage. Also includes email support with exchange and outlook.

Office 365 Licensing

One the important aspect of office 365 is the reports it can generate it can help your company save time and money. You can track cloud storage used over the entire organization and adjust accordingly.

Office 365 Activity & Usage

Also another important feature is auditing and compliance needs. If you work in a sensitive industry like finance, you can ensure your data retention polices are automatically taken care of.

Office 365 Security & Compliance

Office 365 is a good fit for many of the modern offices

Installing Active Directory on a Fresh Windows Server

Command Line

In this article i’ll be walking you through installing a new Active Directory Domain Services feature on a fresh copy of Windows Server 2016. If you’re not familiar with Windows AD DS. To put it simply it is a set of programs run on a server that handles security and access for users on a network of machines. A lot of companies are moving into Azure AD DS which is Microsoft’s cloud based solution. Setting one of those up is very similar i’ll cover that in a future article.

Assuming you’ve met the minimum hardware requirements you can find more about that on Microsoft’s website here. Honestly hardware that you will need will vary largely depending on your production needs in field. The next step will be to give the server a static IP and configure it as the DNS for the network it will be the directory for you can read more about that here. Next you’ll want to have a copy of Windows Server installed.

The first step is to install AD DS onto a windows server instance.
Server Manager will normally run automatically when you log in an admin. The powershell command for running server manager is “servermanager.exe”.

Powershell servermanager.exe

Alternatively you can just use the start menu:

Start>Server Manager

Next you’ll want to add the AD DS feature into the server you can do that from the manage menu in the upper left hand corner or the setup list:

Manage >Add Roles and Features

Next a dialogue will remind you to setup a strong password, static IP, and installed updates. Please due so it is always important to patch systems, but do so only according to your organizations protocols you don’t want to kick a bunch of users off while they are working. You’ll probably get a bunch of service tickets. when you are ready just hit next.

Verify strong password, static IP, and updated windows.

Next the setup wizard will ask if you’d like to role-based installation or remote desktop service installation. For the purposes of this article i’ll just do a locally. I’ll cover remote installation in a future article. So select role based and click next.

Role Based

Next it will ask you to select where the AD DS will reside for now i’ll put it on the same server and click next.

Select Destination Server

Next it will ask you to install role just select Active Directory Domain Services, and click add roles to confirm the different features need for active directory.

Select Active Directory Domain Services
Add feature required for AD DS

Next it will ask you if you’d like to add extra features these are worth reading into later but for now just click next.

Adding more features

Next it will remind you to add fail overs or redundant servers and to add a DNS server if you haven’t and it will advertise Azure and office 360 integration into you installation. Click next when you are ready.

AD DS learn more of just click next

Next is just a confirmation of all the stuff you want added if you ready just click install. When it is done just click the close button

install confirmation window

Next i recommend an restart. If you’re in a production environment remember to follow protocols.

In the next article i’ll cover basic set-up of you AD DS. Thanks for reading.

Network Troubleshooting Part 1

Command Line

Even as enterprise infrastructure is moving towards the cloud, physical terminals, clients, devices ect… need to connect to that cloud. Even with wireless networking those wireless access point still need a wired connection. So this is how i go about checking for network connectivity.

Step 1: Check the Physical Layer. If a machine is not connecting to the network. I always pull it out and look at the link state lights. If i see green or amber flashing or steady. I then know at least the machine is connecting to something on the other end. If i don’t see any lights or red lights then i know the problem is somewhere in the physical layer.

Ethernet Link Lights

Often when i pull out the client box i’ll look for any bad kinks in the Ethernet. It not a common occurrence but is its possible that a really bad kink has cause internal rubbing and cross talk noise or even complete failure of the twisted pairs inside the Ethernet.

Step 2: Check the network device settings. You can read more about network device settings here. There is various ways of doing this if you’re on a windows based device with command line “ipconfig /all” you bring up all the relevant adapters and their current configurations. If you’re on a linux based system “lfconfig” will do the same.

ipconfig output

It is important to check the site’s documentation to see if the gateway is correct or if there is a possible ip address conflict. Also it very important to see if the machine is on the right VLAN. I’ll talk more about VLANs and sub netting in another blog article.

Thank your for reading please keep an eye out for part 2.

Windows Active Directory Domain Services Common Tasks

software

Windows AD DS (Active Directory Domain Services) is a central feature of windows server. if you are going to work in any enterprise space you should have a firm knowledge of it. There are Linux based Directory services I’ll cover them later. One of the most important features is GUI administrative center. It can help those not familiar with powershell quickly and easily complete tasks in the directory. in this blog post i’ll run through how to complete the moist common tasks in Windows AD DS.

First go into you Administrative tools and click on “Active Directory Users and Computers”:

When you are in Active Directory Users and Computers Window click on the “Create new user in the current container” Icon:

Fill in the name information and input a username based on your organizations user name schema. For my schema i’ll simply use first initial and last name.

When you’ve filled in all the relevant fields click next and it will bring up the password dialogue. Input a password based on you companies policies, and then input it again to confirm. There are also several password options below the input fields you should consult your companies policies before you select any of these.


After your are done confirm the details in the next window and hit finish:

Once you’ve added the user you should place him into a group according to you companies policy. Just right click on the new user > add to a group:

Then you wan to type the name of the group that matches the new users role in the organization. Then I’d recommend hitting the check names button to make sure the group name is input properly. The just hit ok.

Select Group Window

That is the basic of adding a new user with windows server GUI admin tools. I’ll go over the power shell command line in another blog post soon.

Networking Setup

CCTV

Out of the box most device are set-up with DHCP protocols and this will make it pretty easy for the end user just to plug the device in and get it connected. But if you are in a larger more complex network you might need to set up a static ip for the device. In most windows devices you can use the wizard walk you through it but if you need to setup like 20 ip cameras you should at least know the basics. I’ll use windows for this as it is the easiest to capture. If you go to Control Panel>Network and Internet> Change Adapter Settings>(connection which you want to set up)>Internet Protocol Version 4 (TCP/IPv4)>properties. You will finally reach a window like this:

I you are in a network that has DHCP enable all you have to do is have “obtain and ip address automatically” check and the number fields will be grey out. But if you to setup up a static IP for you machines you will need to have these filed filled out. Usually the network administrator will give you the information you need to fill in the slots.

But a quick rundown is the IP address that is assigned is basically the address for the device. Anyone looking for the camera will use this ip address to connect with it.

The subnet mask is used to create vLANs. A vLAN is basically a subdivided part of the network that only other devices with the same subnet mask can see and interact with. It is used for security and organization purposes.

The Gateway is is the device on the network usually a router that will allow the device you are setting up to access other networks like the internet.

I’ll go into more about the DNS and subnetting later, but in summation once you know what these numbers are you can easily setup any device on a network easily not just a windows machine.

Networking Basics

network

One of the most important skills in IT is networking. Even if you aren’t specializing in networking it is important to know a few things. So this is sort of a primer or cheat sheet for networking. The most used model for networking is the TCP/IP model. The basics can easily be summed in in a simple mnemonic Please Do Not Throw Sausage Pizza Away, or

mnemonicTCP/IP layerProtocols
AwayApplicationPOP, SMTP
PizzaPresentationJPEG,GIF
SausageSessionAppleTalk, SCP
ThrowTransportBGP,DHCP,DNS
NotNetworkDDP, EGP,EIGRP
DoData LinkEthernet,PPP
PleasePhysicalCables

Basically the data that is sent between 2 machines is encapsulated according to this model most layer encapsulating the one before it. If you can find fault in the physical layer or the application layer you might need to capture a packet and look at where the fault is in the network. Packet capture essentially lets you view a packet transmitted across the network. You can then view that packet and see thing like who it was meant for on the network and what data it contains.

Virtualization Overview

OS

Virtualization is a important technology in use in enterprise computing. Virtualization basically lets you run multiple instances of software that normally runs on specific hardware on virtual hardware. For example an instance of window which you would normally install on a “bare metal” computer can be installed on a “virtual” hyper V machine. This allow you to use a single device to run multiple machines worth of computing.

Virtualization has quite a few benefits included utilization efficiency. If you have a server that isn’t being utilized for office users you can set up a virtualized instance for say a security system. You can basically use that hardware for several purposes.

Another huge benefit is your server become hardware agnostic you can basically copy that instance of the server onto another physical server and have it run there. So if you business relies on a certain piece of software you can move it to a cheaper host or to your own server when you need it.

There are quite a few companies that develop virtualization software the larger ones are Microsoft and their Hyper V product, Citrix’s Xen,  VMware’s ESXi, Oracle’s VM. There are also a free open source alternative like proxmox, or oracle’s virtualbox.

Windows Server Overview

OS

Windows server is a version of windows that is design to work on a network to process data from multiple sources and multiple users. It is mostly a GUI based OS but admins can use powershell to work with it in command line. It includes some exclusive features that make it able to act as a backbone to huge enterprise networks.

One of those is its Active Directory set of programs and protocols. Active Directory Domain Services helps networks authorize and authenticate users. It also limits those users to access command and features that they’re are approved for. Basically if your logging into a large institutions network chances are you interacting with a Windows Server AD DS service.

Another very important feature of Windows servers is it’s DNS services or Domain Name Server. This logs and coordinates the networks resources including other computer, servers, access points, printers, POS systems. The DNS server in Windows Server helps device on the network find each other.

Also Windows Server handles SQL databases. You can have a separate Database server if you’d like but Windows Server can handle it on the same instance and includes all of the redundancy features that you might need to keep you data safe.

Group Policy Servers allow you to set those rules that limit users ability to access resources on the network, like printers or features on local machines.