afokkema Citrix, Random, Scripts, Windows

Script: Citrix PS 4.5 Restart script


In deze post vind je een Restart script die je kunt gebruiken bij het opnieuw starten van een Citrix Presentation Server 4.5 server. Dit script stopt alle Citrix Services en de Print Spooler. Daarna verwijderd hij alle spoolfiles en temp bestanden.


@ECHO OFF
ECHO -------------------------------------------------------------------------
ECHO File        : reboot.cmd
ECHO.
ECHO.
ECHO Purpose        : reboot script voor eenitrix server
ECHO.
ECHO Werking        : Stopt de Citrix en de Print Spooler Service(s). Disabled Logons.
ECHO.
ECHO Versiebeheer
ECHO ============
ECHO Datum               Versie    Door        Wijziging
ECHO -------------------------------------------------------------------------
ECHO 13:20 3-10-2007    0.1       AFA        Initial version
ECHO.
ECHO -------------------------------------------------------------------------
ECHO.

ECHO stopping the Citrix Services
NET STOP "Citrix ActiveSync Service" /y
NET STOP "Citrix Client Network" /y
NET STOP "Citrix Diagnostic Facility COM Server" /y
NET STOP "Citrix Encryption Service" /y
NET STOP "Citrix Health Monitoring and Recovery" /y
NET STOP "Citrix Independent Management Architecture" /y
NET STOP "Citrix MFCOM Service" /y
NET STOP "Citrix Print Manager Service" /y
NET STOP "Citrix Services Manager" /y
NET STOP "Citrix SMA Service" /y
NET STOP "Citrix XML Service" /y
NET STOP "Citrix XTE Server" /y

ECHO.
ECHO stopping the Print Spooler server
NET STOP "Print Spooler" /y

DEL "%Windir%\\System32\\spool\\PRINTERS\\*.* /q"

shutdown.exe -r -f -t 60 -c "Windows Server 2003 will now restart in 1 minute..."
afokkema Virtualization, VMware

VMware: How to Secure your VMware ESX Server


Daniel Petri van de website http://www.petri.co.il/ heeft een artikel geschreven over de beveiliging van VMware ESX Server.

On a traditional server, you are only concerned with locking down the server OS. That OS could be Linux or Windows. Windows has, of course, been the favorite for security attacks so much of our time is spent securing it. So what if you put VMware ESX into this picture?

With VMware ESX being loaded on top of the server hardware, there are a few points of immediate concern:

  1. the VMKernel & its virtualization layer
  2. the VMware ESX Service console (based on Red Hat Linux Enterprise)

These two pieces are two very distinct parts of VMware ESX. VMware has periodically released patches for both of these different components although you probably just thought of them as “ESX patches”.

Concerning #1, the VMKernel and its virtualization layer is extremely secure. The Guest machines have hardware isolation in place and it seems impossible that a guest VM could somehow compromise the security of the host virtualization layer.

As for #2, with the services console being based on Linux, it will be affected by most of the Red Hat Linux vulnerabilities. Because the service console is a Linux OS with a direct link to the VMKernel, I will focus on securing the service console.

But first, what many admin’s forget about once they have virtualization software in place, is the underlying virtual guest operating systems. Because it is so easy to add a new server (in just seconds), it is easy to forget to add those servers to your patch distribution system (like SMS or WSUS), add anti-virus software, install the latest service packs, and or tweak security settings. In my opinion, the insecurity of those underlying virtual guest operating systems is the single largest source of concern for the security of your ESX servers. Fortunately, because ESX separates the guests from the host, if a guest is compromised it is unlikely it could affect the host except to perhaps take up more network bandwidth or server resources. My point being, don’t forget to secure your underlying Windows and Linux virtual guest operating systems!

With that, let’s get to securing your ESX Server service console… 

Lees de rest van het artikel hier: http://www.petri.co.il/secure-vmware-esx-server.htm

afokkema Microsoft, Random, Scripts, Windows

Script: Add Computer to Workgroup or Domain



Const JOIN_DOMAIN             = 1
Const ACCT_CREATE             = 2
Const ACCT_DELETE             = 4
Const WIN9X_UPGRADE           = 16
Const DOMAIN_JOIN_IF_JOINED   = 32
Const JOIN_UNSECURE           = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET        = 256
Const INSTALL_INVOCATION      = 262144

strDomain   = "FABRIKAM"
strPassword = "ls4k5ywA"
strUser     = "shenalan"
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName

Set objComputer = _
GetObject("winmgmts:{impersonationLevel=Impersonate}!\\\\" & _
strComputer & "\\root\\cimv2:Win32_ComputerSystem.Name='" _
& strComputer & "'")
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
strPassword, _
strDomain & "\\" & strUser, _
NULL, _
JOIN_DOMAIN + ACCT_CREATE)

Bron: http://msdn.microsoft.com/

afokkema Citrix, Whitepaper

Citrix: How to Publish Explorer.exe with Specific Drives, Specific Folders, or URL


Citrix heeft een artikel vrij gegeven over het publiseren van Explorer.exe.

Summary

This document describes a method to publish specific drives and folders as it is not recommended to publish EXPLORER.EXE directly (see MS KB 832427).

    Note: The method of copying and renaming the EXPLORER.EXE to, for example, EXPLORER2.EXE is a widely used but not suggested or supported method by the Citrix Development Team. When doing this, there may be other side effects like session hangs or sessions getting slow when launching several instances of the renamed EXPLORER2.EXE. These issues are the result of internal EXPLORER.EXE dependencies that cannot be resolved without rewriting large parts of the kernel OS.

Citrix recommends you publish IEXPLORE.EXE, with the -e parameter, to provide the functionality of a published EXPLORER.EXE instead.

Lees de rest van dit artikel hier: CTX922603

afokkema Random, Virtualization, VMware

VMware in de top vijf van de softwaresector


Computable heeft een leuk artikel geschreven over VMware na haar beursgang.

VMware’s IPO (initial public offering) deed voor virtualisatie wat senator Larry Craigs arrestatie bereikte voor sex in publieke toiletten: het bracht het fenomeen onder de aandacht van een groot publiek. Wie friemelt tussen de hardware en besturingssystemen komt echter onvermijdelijk in aanvaring met Microsoft.

Lees hier de rest van het artikel: http://www.computable.nl/artikel.jsp?id=2147741