Paolo Pizzolongo

Chi è veramente ricco non ha bisogno dei soldi

windows

Server Windows Server

How to Configure NTP Server in Windows Server 2016

paolo Nessun commento

This article shows how to configure Windows Time Service on Windows Server 2016 so that it acts as an NTP server for domain client computers.

Configure Windows Time Service

1. Type the following commands on PowerShell:

w32tm /config /manualpeerlist:pool.ntp.org /syncfromflags:MANUAL
Stop-Service w32time
Start-Service w32time

Now the Windows Server 2016 is an NTP client of pool.ntp.org and its time/clock is synced with the NTP pool servers (The server is at the same time the NTP server for other domain client systems).

If your Windows Server 2016 machine is a VM inside Hyper-V, you have to disable time sync. Go to VM settings-> Management-> Integration Services and uncheck Time Synchronization. Otherwise, Windows Server 2016 time/clock will be synced with the Host time/clock.

2. Go to the client machines and run the following command on PowerShell to force them to sync their time/clock with the domain controller on the Windows Server 2016.

w32tm /resync

You can check the time synchronization status using the following command.

w32tm /query /status
Server Windows Server

Net Share Commands

paolo Nessun commento

We can use net share command to create, configure and delete network shares from command line . Below you can find syntax and examples for net share command.

Create a network share from command line

The syntax for creating a share is as follows.

net share sharename=folderpath /grant:username,permissions

sharename: You can assign name to the share you are going to create
username : Login id of the user whom you want to share the folder with
permission: Read, Change or Full

For example to share the folder E:\Docs with everyone in the domain and to give full permissions

net share Docs=E:\Documents /grant:everyone,FULL

If you are allowing multiple users to access the share, you can limit the number of users accessing the share simultaneously. This will prevent performance impact on your system. The below command will set the limit to 10 users.

net share Docs=E:\Documents /grant:everyone,FULL  /users:10

Command to share with a specific user and to grant only read rights:

net share Docs=E:\Documents /grant:username,READ

Delete network share(i.e to disable sharing of the folder) from command line

net share sharename /delete

For example, to delete the share created above, the command would be as below.

net share docs /delete

Alternatively, we can use the folder physical location also to disable sharing

 net share E:\Docs /delete

List the shared created on the local computer

net share

Delete the share on a remote computer

net share sharename \\remotepc /delete
Server Windows Server

check time with powershell

paolo Nessun commento


function Get-MyDate{
[CmdletBinding()]
param(
[Parameter(Mandatory=$True,
ValueFromPipeLine=$True,
ValueFromPipeLineByPropertyName=$True,
HelpMessage="ComputerName or IP Address to query via WMI")]
[string[]]$ComputerName
)

foreach($computer in $computerName){
$timeZone=Get-WmiObject -Class win32_timezone -ComputerName $computer
$localTime = Get-WmiObject -Class win32_localtime -ComputerName $computer
$output =@{'ComputerName' = $localTime.__SERVER;
'Current Time' = (Get-Date -Day $localTime.Day -Month $localTime.Month);
}
$object = New-Object -TypeName PSObject -Property $output
Write-Output $object
}
}

get-mydate -ComputerName MyComputerName

Server Windows Server

Hot to get shared folders permissions with a powershell script

paolo Nessun commento

with this powershell script we’ll be able to get share permissions and ntfs permissions form all the shares of our servers list.

Function GetSharedFolderPermission($ComputerName)
{
	#test server connectivity
	$PingResult = Test-Connection -ComputerName $ComputerName -Count 1 -Quiet
	if($PingResult)
	{
		#check the credential whether trigger
		if($Credential)
		{
			$SharedFolderSecs = Get-WmiObject -Class Win32_LogicalShareSecuritySetting `
			-ComputerName $ComputerName -Credential $Credential -ErrorAction SilentlyContinue
		}
		else
		{
			$SharedFolderSecs = Get-WmiObject -Class Win32_LogicalShareSecuritySetting `
			-ComputerName $ComputerName -ErrorAction SilentlyContinue
		}
		
		foreach ($SharedFolderSec in $SharedFolderSecs) 
		{ 
		    $Objs = @() #define the empty array
			
	        $SecDescriptor = $SharedFolderSec.GetSecurityDescriptor()
	        foreach($DACL in $SecDescriptor.Descriptor.DACL)
			{  
				$DACLDomain = $DACL.Trustee.Domain
				$DACLName = $DACL.Trustee.Name
				if($DACLDomain -ne $null)
				{
	           		$UserName = "$DACLDomain\$DACLName"
				}
				else
				{
					$UserName = "$DACLName"
				}
				
				#customize the property
				$Properties = @{'ComputerName' = $ComputerName
								'SharedFolderName' = $SharedFolderSec.Name
								'SecurityPrincipal' = $UserName
								'FileSystemRights' = [Security.AccessControl.FileSystemRights]`
								$($DACL.AccessMask -as [Security.AccessControl.FileSystemRights])
                                'NTFS' = 0}
				$SharedACLs = New-Object -TypeName PSObject -Property $Properties
				$Objs += $SharedACLs

	        }
			$Objs|Select-Object ComputerName,SharedFolderName,SecurityPrincipal,FileSystemRights,NTFS
	    }  
	}
	else
	{
		$Properties = @{'ComputerName' = $ComputerName
						'SharedFolderName' = "Not Available"
						'SecurityPrincipal' = "Not Available"
						'FileSystemRights' = "Not Available"
                        'NTFS' = 0}
		$SharedACLs = New-Object -TypeName PSObject -Property $Properties
		$Objs += $SharedACLs
		$Objs|Select-Object ComputerName,SharedFolderName,SecurityPrincipal,FileSystemRights,NTFS
	}
}

Function GetSharedFolderNTFSPermission($ComputerName)
{
	#test server connectivity
	$PingResult = Test-Connection -ComputerName $ComputerName -Count 1 -Quiet
	if($PingResult)
	{
		#check the credential whether trigger
		if($Credential)
		{
			$SharedFolders = Get-WmiObject -Class Win32_Share `
			-ComputerName $ComputerName -Credential $Credential -ErrorAction SilentlyContinue
		}
		else
		{
			$SharedFolders = Get-WmiObject -Class Win32_Share `
			-ComputerName $ComputerName -ErrorAction SilentlyContinue
		}

		foreach($SharedFolder in $SharedFolders)
		{
			$Objs = @()
			
			$SharedFolderPath = [regex]::Escape($SharedFolder.Path)
			if($Credential)
			{	
				$SharedNTFSSecs = Get-WmiObject -Class Win32_LogicalFileSecuritySetting `
				-Filter "Path='$SharedFolderPath'" -ComputerName $ComputerName  -Credential $Credential
			}
			else
			{
				$SharedNTFSSecs = Get-WmiObject -Class Win32_LogicalFileSecuritySetting `
				-Filter "Path='$SharedFolderPath'" -ComputerName $ComputerName
			}
			
			$SecDescriptor = $SharedNTFSSecs.GetSecurityDescriptor()
			foreach($DACL in $SecDescriptor.Descriptor.DACL)
			{  
				$DACLDomain = $DACL.Trustee.Domain
				$DACLName = $DACL.Trustee.Name
				if($DACLDomain -ne $null)
				{
	           		$UserName = "$DACLDomain\$DACLName"
				}
				else
				{
					$UserName = "$DACLName"
				}
				
				#customize the property
				$Properties = @{'ComputerName' = $ComputerName
								'SharedFolderName' = $SharedFolder.Name
								'SecurityPrincipal' = $UserName
								'FileSystemRights' = [Security.AccessControl.FileSystemRights]`
								$($DACL.AccessMask -as [Security.AccessControl.FileSystemRights])
								'NTFS' = 1}
								
				$SharedNTFSACL = New-Object -TypeName PSObject -Property $Properties
	            $Objs += $SharedNTFSACL
	        }
			$Objs |Select-Object ComputerName,SharedFolderName,SecurityPrincipal,FileSystemRights,NTFS -Unique
		}
	}
	else
	{
		$Properties = @{'ComputerName' = $ComputerName
						'SharedFolderName' = "Not Available"
						'SecurityPrincipal' = "Not Available"
						'FileSystemRights' = "Not Available"
						'NTFS' = "1"}
					
		$SharedNTFSACL = New-Object -TypeName PSObject -Property $Properties
	    $Objs += $SharedNTFSACL
		$Objs |Select-Object ComputerName,SharedFolderName,SecurityPrincipal,FileSystemRights,NTFS -Unique
	}
} 

Function LetsStart($ComputerName){
	foreach($CN in $ComputerName){
			GetSharedFolderNTFSPermission -ComputerName $CN
			GetSharedFolderPermission -ComputerName $CN
	}
}

$ComputerName="server01","server02","server03"
$CurrentDate = Get-Date
$CurrentDate = $CurrentDate.ToString('yyyy-MM-dd_HH-mm')

LetsStart($ComputerName) | Export-Csv “c:\path\to\file\$CurrentDate.csv" -NoTypeInformation
Linux Server Windows Server

Mount Linux CIFS (windows) share

paolo Nessun commento

Mount CIFS with the default local filesystem permissions:
For example, this is the folder where i want to reach my share:

apt-get install cifs-utils
# mkdir /myfolderpath

These are various examples on how to mount a CIFS (windows) share;

# mount -t cifs //myservername/mysharename /myfolderpath -o username=myuser,password=mypassword,domain=mydomain
# mount -t cifs //192.168.83.200/mysharename /myfolderpath -o username=myuser,password=mypassword,domain=mydomain

OR

# mount.cifs //192.168.83.200/mysharename /myfolderpath -o username=myuser,password=mypassword,domain=mydomain

Explain:

  • username=myuser : is the CIFS (windows share) user name required to access.
  • password=mypassword : is the CIFS (windows share) password related to the username specified above. If this option is not set up then the environment variable PASSWD is used. If the password is not specified directly or indirectly via an argument to mount, mount will prompt for a password, unless the guest option is specified into CIFS (windows share) options.
  • domain=mydomain : sets the domain (active directory or workgroup) of the user

« Pagina precedente

Ti sei perso

Linux Server

Upgrade from Debian 12 to 13 (Bookworm to Trixie)

Linux Server

Dynamic DNS with OVH

News

Firefox Amarcord

Windows Server

How to reset a user password on AD without meeting complexity requirements