Windows Server 2012 - Wikipedia Windows Server 2012 x86 G

What article

От себя скажу что это самый хороший активатор Windows 7, работал всегда на отлично (проверен был на многих машинах). Данным активатором пользуются миллионы людей во всём мире.

Поддерживаемые версии Windows 7:

Windows 7 UltimateWindows 7 ProfessionalWindows 7 Home PremiumWindows 7 Home BasicWindows 7 StarterWindows Vista UltimateWindows Vista BusinessWindows Vista Business NWindows Vista Home PremiumWindows Vista Home BasicWindows Vista Home Basic NWindows Vista StarterWindows Server 2008 R2: EnterpriseWindows Server 2008 R2: StandardWindows Server 2008 R2: FoundationWindows Server 2008: EnterpriseWindows Server 2008: StandardWindows Server 2008: Foundation

Windows Small Business Server 2008

Внимание! Активатор перезалит! Пароль на архив: exside AUTODESK 2013 PRODUCTS UNIVERSAL KEYGEN WIN

ru

Скачать активатор Windows 7

Next How to Set Up Microsoft CRM 2016 IFD on Windows 2012 R2 Server. We already have a popular post for the configuration of IFD setup with CRM 2015, CRM 2013, CRM 2011.,Результаты поиска,One of the most used tools when fixing corruption for Windows Vista, 7, 2008 and 2008 R2 was the System Update and Readiness Tool (KB947821), commonly .

Next Результаты поиска,Once installed, MSIs are unpacked to. C:\Program Files\Common Files\Windows Live\.cache. This is a *SYSTEM* folder, so it isn’t visible by default; configure .,4 Responses to “How to install Kali Linux on Hyper-V 3.x – Windows Server 2012/R2 or Windows 8.x” Thanks for sharing this information! tiagoroxoTiago said this .

Next Udvikler: Microsoft: Forst udgivet: 20. november 1985: Seneste udgave: Windows 10 (v10.0.10240), Windows 8, Windows 7, Windows Server 2012: Platform: ARM, IA-32, x86 .,Enterprise administrators, learn how to customize the installation of HP Officejet and Officejet Pro printers on Windows Server 2003, 2008, 2012, or 2016.,Windows Server 2012, Microsoft tarafndan sunulan Windows Server serisinin bir surumudur. 4 Eylul 2012 tarihinde tam surumu yaynlanmstr, deneme .

Windows Server 2012 - Wikipedia

One of the most used tools when fixing corruption for Windows Vista, 7, 2008 and 2008 R2 was the System Update and Readiness Tool (KB947821), commonly called CheckSUR.  The CheckSUR tool was an excellent way for most people to see what corruption had happened on their store, and potentially fix that corruption if the tool contained the payload to do so.  I’ve written in the past how to use this mechanism to also fix corruption when the CheckSUR utility doesn’t include the payload for your files to “fool” CheckSUR into resolving the problem without needing to do all sorts of whacky permission changes (http://blogs.technet.com/b/joscon/archive/2010/05/26/using-checksur-and-update-packages-to-fix-corruption.aspx). 

The way this works in Windows 8 and Windows Server 2012 is different, in a fantastic way.  It’s called Inbox Corruption Repair and it brings the functionality of CheckSUR into Windows rather than requiring a separate download to get the utility like you do now.  This is exposed in two ways, the first is really unseen by the end user and happens when we detect a corrupted state when attempting to install fixes via Windows Update.  When this happens, we'll fix the corruption silently and then re-install the prior packages.  The manual way to use this tool is via DISM.  The way this is exposed is via the DISM /Cleanup-Image functionality.  Here’s what the available switches do:

/CheckHealth: This checks to see if a component corruption marker is already present in the registry.  We’ll inform the user if there is corruption but nothing is fixed or logged anywhere.  This is merely a quick way to see if corruption currently exists.  Think of it as a read-only CHKDSK. This operation should be almost instantaneous.

/ScanHealth: This checks for component store corruption and records that corruption to the C:\Windows\Logs\CBS\CBS.log but no corruption is fixed using this switch.  This is useful for logging what, if any, corruption exists.  This operation takes ~5-10mins.

/RestoreHealth: This checks for component store corruption, records the corruption to C:\Windows\Logs\CBS\CBS.log and FIXES the corruption using Windows Update.  This operation takes ~10-15mins or more depending on the level of corruption.

As an example, if you wanted to run this utility against your local component store to check for corruption and you wanted it to repair everything as it found it you would run the following command: DISM /Online /Cleanup-Image /RestoreHealth

So a couple of things of note here:

  1. CheckSUR.log is not created using Inbox Corruption Repair, this logging has now been rolled into CBS.log
  2. I would typically recommend you run /RestoreHealth if you suspect corruption as it will record and fix issues and takes about the same time as /ScanHealth. 
  3. This functionality is also present in Windows PowerShell and can be scripted across an environment
  4. Windows Update or a network available WIM are valid recovery sources but WSUS installations are not.  This is important because if you have WSUS enabled in your environment, there is a chance that your repair operations may be captured by the WSUS Servers and not be properly serviced.  You can control this behavior using Group Policy or the /LimitAccess switch
  5. If you decide to block Windows Update and use a local source WIM, the WIM will only be able to recover payloads present in that WIM.  This means that you’ll need to update your WIM files accordingly to match the patch level of your environment or you wont successfully recover.
  6. CheckSUR will continue to be available for down-level operating systems prior to Windows 8 and Windows Server 2012 and will continue to get updated

These changes are really fantastic in my opinion because you no longer need to attempt to move files from other servers, manipulate permissions or “hack” other utilities to get corruption resolved.  Windows Update is updated frequently so that it contains all of the payloads necessary to repair corruption.  And above all else, Inbox Corruption Repair can repair both payload files and manifests (CheckSUR only did manifests) which is a HUGE win for you and I as customers. 

As always, ask questions here Microsoft Toolkit 2.4 BETA 7

--Joseph

Windows 7 Активатор v1.9.3 by Daz (x86x64) Hi-tech блог

Note: This post has been updated on 10/01/2014 (dd/mm/yyyy) to reflect the changes of Kali Linux 1.0.6 and the fix for the bug 575 I’ve submitted (ext4 file system issues with Hyper-V).

Greetings everyone,

Backtrack was a wonderful Pentest distro, you already should be aware that Backtrack R3 was the last release and it became deprecated. Kali Linux is the new Pentest distro from the same team, more details about the changes between BackTrack and Kali Linux go here:

http://www.kali.org/news/kali-linux-whats-new/

Following the blog post How to Install BackTrack 5 R3 on Hyper-V 3.0 – Windows Server 2012 and Window 8 it is about time to come up with Kali Linux installation process on Hyper-V, as said on my previous post and as the same as Backtrack, installing Kali on VMware or Vbox is a no brainer and you can either download a pre-installed VMware VM, doing the installation on Hyper-V has some special considerations which I will cover in detail here.

You may ask, why do I care with Hyper-V. The world is changing and Hyper-V became the most reliable Hypervisor in the market since Windows 8 and Windows Server 2012, comparing feature by feature with VMWare some features are almost equal, some others are better and there’s a few that are a way too much better (almost double the specs). Windows 8.1 and Windows Server 2012 R2 are already RTM and I am running them on my environments, I can tell you that if Hyper-V was already a top technology, on the new OS versions it became even better, if you are running Windows it’s a free ride so worth’s the try.

[Before you start]

– I will show you how to install Kali Linux on Hyper-V with LVM encryption partition to protect your data. There was a bug (see below bug 443) with LVM Encryption on Kali Linux that was fixed on the release 1.05, so make sure that you download the latest release or else you will be unable to boot your Machine without fixing GRUB.

http://bugs.kali.org/view.phpid=443

– Kali Linux installation process will configure by default the ext4 file system. If you are still using Kali 1.0.5 and below on ext4 file system the installation process of Kali Linux will hang while copying the OS installation files to the HDD, this was caused by a regression on the Storvsc driver that uses the method “WRITE_SAME” which is not supported on Hyper-V, the behavior is described on the following bug entry.

http://bugs.kali.org/view.phpid=223

There was a patch for the Storvsc driver that fixes this issue to Disable and blacklist the “WRITE_SAME” method: https://patchwork.kernel.org/patch/2172871/

During the Kali Linux 1.0.5 I’ve submitted the bug 575 which is now fixed on Kali Linux 1.0.6, you can see the details here:

http://bugs.kali.org/view.phpid=575

Hopefully this bug was brought to the attention of Kali’s team and now the ext4 file system is fully supported on Hyper-V.

For the purpose and success of this installation you need to download and install Kali Linux 1.0.6 and beyond, the installation is now reflecting the full compatibility of ext4 file system.

[Installation process]

1. Install the Hyper-V role on your machine, follow these links if you are not familiar yet with the process:

Windows Server 2008 R2 Hyper-V Getting Started Guide
http://technet.microsoft.com/en-us/library/cc732470(v=WS.10).aspx

Windows Server 2012 Install the Hyper-V Role and Configure a Virtual Machine
http://technet.microsoft.com/en-us/library/hh846766.aspx

2. Go to the Kali website Download section and download the Kali Linux ISO file 1.05 or higher. I prefer Kali Linux 64 bit  so this Wizard is focused on this distribution installation.

Kali Linux Download section:
http://www.kali.org/downloads/

3. On the Hyper-V Manager create a new Virtual Machine and Virtual Hard Disk:

On the right pane Click “New” –>Virtual Machine

On the New Virtual Machine Wizard –> Next

Define the Machine Machine Name and the location of the Virtual Machine configuration files

If your are running a Windows 8.1 or Windows Server 2012 R2 host Select the Virtual Machine “Generation 1”

Set the Memory size “2048” MB (depending on your needs, this is my setup memory)

Select your Internal or External Virtual Switch Network created on Step 3.

Create a Virtual Hard Disk (default: differential) with 30GB (depending on your needs)

Select “Install Operating System from a Boot CD/DVD” and Select the “image file (ISO)” downloaded on Step 2.

Review the VM configuration ao click “Finish” to complete the VM setup.

4. Start the Kali Linux Virtual Machine and from the Boot Menu select the “Graphical Install” option as shown in the pic

5. On the Language screen select your preferred language, e.g. “English – English” and your Location, e.g. “Other –> Europe –> Portugal

6. Select your Locals, e.g. “United States – en_US.UTF-8” and your Keyboard type, e.g. “Portuguese”

7. On the Network Configuration Screen select “ Configure Network Manually” (if you have a DHCP Server available on the same network you may use the automatic configuration, on my lab I’ll do a manual network config)

8. Define your IP address and network mask, e.g. “10.0.0.100/24” and your gateway, e.g. “10.0.0.254”

9. Configure your name server, e.g. “192.168.0.1” and your hosname, e.g. “kalim3r0”

10. Define the domain name, e.g. “lab.local

11. Define the root user password

12. Configure the clock, e.g. “Lisbon

13. On the Partition Disks setup window select “Guided – Use entire disk and set up encrypted LVM

Select the appropriate partition disk and click continue, e.g. “SCSI 3 (0,0,0) (sda) – 32,2 GB Msft Virtual Disk

14. On the Partition Disks partitioning window select “All files in one partition (recommended for new users)”, for the purpose of this demo this is the simplest option, you can define separate partitions for /home, /usr, /var, etc, etc

15. Confirm the Logical Volume Manager configuration, on “Write the changes to disks and configure LVM”  Select “Yes

16. Define a Passphrase for the Encryption, don’t forget this passphrase because you will need to type it every time you boot up Kali Linux

17. On the Partition disks window with the Logical Volume Manager, partitions and mount point details, keep the default file system configuration (Kali 1.0.6 and above you can use ext4 file system) and click on the “Continue” button.

18. Confirm the changes and configuration of the Partition Disk on “Write the changes to disks” and select “Yes”

19. On the Configure the package manager window on “Use a network mirror” select “Yes”.

The intent of this process is to update the Kali Linux packages during the OS install, so make sure that you have Internet connectivity to accomplish this task

20. When you go ahead with the packages updates with the last step you may configure a proxy server ip address. For the purpose of this lab I have NAT and access to the internet, so I don’t need a proxy server and I will leave it blank

21. On the Install the Grub boot loader on a hard disk on “Install the GRUB boot loader to the master boot record” select “Yes”

After GRUB boot loader installation the Kali Linux installation is complete and you should see the Finish Installation window, click on “Continue” to boot up Kali Linux

22. When you boot Kali Linux you will be prompted with the GRUB boot loader option and it will automatically boot in normal mode

23. After the boot you will be prompted for the Encryption Passphrase you defined on step 21

24. After
boot you will be prompted for credentials to Log in:

Username: root
Password: The password you defined on step 15

25. Finally you will have access to the so waited Kali Linux desktop

[EXTRAS]
No matter if you are a Linux newbie or you had forgotten the appropriate syntax for some of the common Linux commands, here are some helpful terminal commands:

1. Define a new password

passwd

2. Configure network settings:

Temporary configuration (will disappear after reboot):

ifconfig
(to verify which network interface is available, possibly “eth0”)

Ifconfig eth0 10.0.0.100 netmask 255.255.255.0 up
route add default gw 10.0.0.254 eth0

Static configuration:

ifconfig
(to verify which network interface is available, possibly “eth0”)

sudo nano /etc/network/interfaces

On the appropriate interface line (e.g. confirmed in ifconfig “eth0″) edit and append as follow:

auto eth0iface eth0 inet staticaddress 10.0.0.100gateway 10.0.0.254netmask 255.255.255.0network 10.0.0.0

broadcast 10.0.0.255

3 . Configure the DNS resolver

sudo nano /etc/resolv.conf

On the resolv.conf file insert the following entry:

nameserver 192.168.0.1
(IP of your nameserver)

4. Reload the new network configuration by restarting the network daemon

sudo /etc/init.d/networking restart

5. Download the list of the updated packages

apt-get update

6. Compare and update installed packages

apt-get upgrade

7 Avast Antivirus 2013 7.0.1474

Install a new package

apt-get install

R-Tape Loading error,Luís Rato

Hyper-V, Linux, Security

Windows Server 2012 - Vikipedi

We already have a popular post for the configuration of IFD setup with CRM 2015, CRM 2013, CRM 2011. Now we are updating this post to support CRM 2016.

Microsoft have a compatibility listing for CRM 2016 here: https://support.microsoft.com/en-us/kb/3124955

The Development Setup

 Once again we are running this configuration as a test environment for development. As such we will be running, we are running the server on a Hyper V server. A single VM machine, that is running a fully patched version of:

  • Windows 2012 R2 SP2 64 Bit – (MSDN File: en_windows_server_2012_r2_x64_dvd_2707946
  • SQL 2014 R2 64 Bit – SQL Server 2014 Standard Edition x64 – (MSDN File: en_sql_server_2014_standard_edition_x64_dvd_3932034) – Patched to SP2
  • Microsoft Dynamics CRM Server 2016 – en_microsoft_dynamics_crm_server_2016_x86_x64_dvd_7171743
NOTE: The Domain we have used for setup with this dev server is: iwebscrm16.com You can substitute your domain in place throughout these step by step IFD instructions CRM 2016.

Getting Windows Server Ready

1. Install and Update Windows 2012 R2.

2. From the Server ManagerAdd Roles and Features

3. Role-Based or Feature-Based instilllation

4. Select the Server from the Pool (usually the default option)

5. Scroll Down and Select Web Server IIS

6. Add Features

And .NET 3.5 Features

7. Next / Next

8. under Web Server Roles (IIS) Use the default options, but add under Performance – Dynamic Content Compression

9. Next / Install

10. Update Window Server again as there is likely a restart update available. 

11. After Restart. Ensure that you turn off the IE enhanced security. It’s Crap and no one benefits from it. This is done in the Server Manager under Local Security.

SQL 2014 Setup

1. First Up have the Windows Server Join the Domain you will be using.

2. Reboot and login with the domain admin account.

3. Start the SQL Install Disk

4. Click Instillation / New SQL Server Stand Alone

5. Enter Product Key / Next

6. Agree to Terms / Next

7. use Microsoft Update / Next

8. Ignore the Windows Firewall Warning at this Stage

9. Select SQL Server Feature Instillation / Next

10. Select: Database Engine Service / Full Text Indexing / Reporting Service Native / Management Tools Basic and Complete / Next

11. Leave Default Name

 

12. Server Configuration Default and Next

13. Windows Authentication Mode / Add Current User (Remembering we are logged in as a Domain Admin domain/administrator)

14. Install and Configure / Next

15. Install

16. After Completion, Check again for Windows Updates and Reboot. (At the time of writing this blog, the SP 1 for SQL 2014 will be installed if your install disks do not already have this. Like everything Microsoft, it’s not super reliable until they SP1 their product!).

Getting your Active Directory OU Ready

1. Login to your Active Directory Domain Controller as a Domain Administrator

2. Using the Active Directory Users and Computers, Select the Root and Create a new OU named something like Microsoft CRM 2016

3. Log Out of the Active Directory Domain Server.

Installing CRM 2016

During the install, we were asked to install services associated with the services required for CRM 2016.

We Selected all options on install:

Select “Create New Deployment” and enter theServer Name as the SQL server. 

If you are not sure of the name, Right Click “This Computer” from the start menu, and select Properties:

Browse to the OU we created in the Steps Above Getting the AD OU Ready, and select the OU we created there. “CRM 2016″

We selected the default account for authority. Note that the blog referenced above suggests a dedicated account for security. As we are setting up a dev environment we did not bother with this.

IMPORTANT

Create a new Website with port 5555

As we intend to set up the Email Router service on this server later, we set this server “VSERVER06” in this instance as the server for email router service, or you can leave this blank.

We set “CRM2016″ As the default initial test environment deployment.

Reporting Server defaulted to the server name/reportserver

We received a few warnings about the install:

For a deployment that is more secure, the Microsoft Dynamics CRM Sandbox Processing Service should be run under a least-privileged domain user account that is not shared by other Microsoft Dynamics CRM services on this computer.

For a deployment that is more secure, the Microsoft Dynamics CRM VSS Writer Service should be run under a least-privileged domain user account that is not shared by other Microsoft Dynamics CRM services on this computer.

Data encryption will be active after the install or upgrade. We strongly recommend that you copy the organization encryption key and store it in a safe place. For more information, see http://go.microsoft.com/fwlink/LinkId=316366.

The only one of real interest in our Dev environment would be the last item. making a backup of data encryption keys is always a good idea. 

Test First

Test that your CRM setup is working. Go to the local computer name (ours is vserver12) on the correct port: http://vserver12:5555

We called our Deployment of CRM – “CRM2016″ in the CRM Setup phase above, so the URL redirects to: http://vserver12:5555/CRM2016/main.aspx

Because we were were logged in as the server administrator, we were able to load, but may take some time to fire up the various server requirements.

Apply a Wildcard SSL Certificate

In CRM, the accessing of deployments is handled by the sub domains. So if we call a deployment (known as organisation) “business1″ we will access that as: https://business1.domain.com:444 (note the the :444 will be because of how we set up Internet Facing Deployment.

For testing, we purchased a standard Wildcard SSL certificate that applied that to the IIS Server 

In our case we registered a test domain: iwebscrm16.com and set the SSL wildcard to: *.iwebscrm16.com and applied that cert to the server. The services we used for purchasing the wildcard certificate were starts.com who provide a very cost effective certificate services. Once authenticated, certificates are free to issue.

Application for a certificate

Here, I will be a wildcard certificate, for example, describes how to create a certificate:

1) Open IIS Manager

2) Click the server name in the main screen double click Server Certificates

3) In the right panel, click Create Certificate Request…

4) fill in the following diagram each column, click Next

5) Cryptographic Service Provider Properties page change the Bit Length to at least 2048 click Next.

6) In the File Name page, enter C: \ req.txt , and then click Finish. (You can save it any place you like, with any name)

7) Open the certificate in Notepad, and copy the contents.

This is the text that is pasted into the Start SSL Certificate request page to generate the certificate:

8) After you finish generating the certificate text in StartSSL.com (Note that Start SSL is no longer an SSL certificate provider, we suggest ssl2buy.com) you get a bunch of code that looks similar to the request code. Copy that generated code

9) Paste the code back into a new Text / Notepad Document on the Web server, but call it something that ends in .cer  (not .txt). 

10) back to the IIS Manager, click No. 3)  Step graph Complete Certificate Request …

11) Select the the file you created at point 9 above to complete the request.

12) Click OK.
Note: We did get an error message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
In this instance, it turned out to be a crappy Microsoft Error. After doing some research, we found that it was likely meaningless and the cert installed correctly. We rebooted the machine and logged in again, to find that the CERT was there installed as we wanted it to be.

Binding site for the default SSL certificate

1) Open IIS Manager.

2) In the Connections panel, expand Sites , click Default Web Site.

3) In the Actions pane, click Bindings.

4) In the Site Bindings dialog box, click Add.

5) Type select HTTPS.

6) SSL Certificate , select the certificate you just created *. contoso.com , and then click OK.

 Ours is *.iwebscrm15.com

7) Click Close.

For the CRM 2016 binding site SSL certificate

This is in effect repeating the above process like you did for the default certificate, but using a different port (444 for example). This way you are binding the same certificate to the two websites in your IIS instance.

1)Open IIS Manager.

2) In the Connections panel, expand Sites , click CRM Web Site.

3) In the Actions pane, click Bindings.

4) In the Site Bindings dialog box, click Add.

5) Type select HTTPS.

6) SSL Certificate , select the certificate you just created *. contoso.com .

7) Port to select a different 443 (e.g. 444 ) and port number, and then click OK

 

8) Click Close.

DNS configuration

We are going to add a few DNS “A” records so that the records listed in point 1-4 below in DNS Goal are resolving correctly to the IP address of your CRM server.

There are two ways you can achieve the desired result. But first lets understand the desired result.

  1. We make the assumption that your server is running at least one static IP address.
  2. Because this is Internet Facing, that IP needs to be accessible to the world.
  3. That same IP can be used for access to your server both internally on the matching we are playing with, and externally form anyone on the net.
Lets Get Basic

Start a Command Prompt, and work out what your IP address of the server is.

Click START > RUN > CMD

Type IPCONFIG – Enter

Under the name: IPv4 Address is a number that looks like: 66.34.204.220

That is Your IP Address of the Server.

The DNS Goal

Make sure that when you PING xxx.domain.com that it points to that IP address. Both for the world and for you when you do that on your server.

(xxx is the sub domain that we are about to configure.)

To configure CRM, we need some sub domains to point to the server IP.
Adding records in DNS like this:

  1. sts1.domain.com
  2. auth.domain.com
  3. dev.domain.com
  4. internalcrm.domain.com
  5. Your ORG name.  org.domain.com (Where ORG is the CRM deployment name of your organization or organizations), e.g.
  6. crm2016.iwebscrm16.com (We usually set up a dev environment with CRM2016 being the year of the version. Just something we select to do).
  7. adfs.domain.com (used for reference to the ADFS server)
  8. one for the root domain so that domain.com points to the same server. (This is for the ADFS logout URL)

We have two setup here: CRM and CRM2016. So we need to configure crm.iwebscrm16.com and crm2016.iwebscrm16.com (Not necessary but our choice for this instance).

DNS The Easy Way!

The really easy way to solve all this (now we have explained the background) is to simply create a * A record that points to the machine we are using to set up the CRM system.

Test DNS

You must be able to ping all of those names and get the correct server IP address. Both from computers on the internet, and from the server. At the command prompt, type “ping sts1.iwebscrm15.com” for example with our config. Ping them all to be sure you get them correct. 

Note: If you have added the DNS records, but still encounter name resolution problems, you can try running on the client ipconfig / flushdns to clean up the cache. You can also click the DNS server root and click CLEAR CACHE so that the server is responding with the latest updates.

Note: Don’t bother proceeding past this step if you cannot ping your sub domains internally and externally correctly.

Firewall configuration

You need to set the firewall to allow the CRM 2013 and the AD FS 3.0 port used by the incoming data stream. HTTPS (SSL) is the default port 443.

For Initial setup testing etc. We recommend just turning the thing off. Better start from a place where it does not muck you around, then turn it all back on after you are successful.

1) In Windows 2012 I can’t frigging work out how to find anything. Literally!  But most things you can search for. As is the case here if you search for “Firewall”. Select the firewall option:

2) Select Turn Windows Firewall on or off

4) Turn Off or On Firewall

Just turn it all off for now. (Remember to come back, turn it on and allow access for the unusual port 444 that you configured earlier for the SSL on the CRM site. But for testing and setting up… the last things you want is to be banging your head agains a firewall.

Snapshots

Just a reminder that at this point we have been keeping snapshots on our Hyper-V environment to allow us to fail back to a location and try again. This is really useful for the setup of something like this that has a lot of moving parts.

Configuration Claim-based authentication internal access

Configure the internal access Claim-based authentication requires the following steps:

  • Install and configure AD FS 3.0
  • Set Claims-based authentication configuration CRM 2016 server.
  • Set the Claims-based authentication configuration AD FS 3.0 server.
  • Test claims-based authentication within the access.

Install and configure ADFS 3.0

This article uses Active Directory Federation Services (AD FS) 3.0 to provide a security token service (security token service or STS ).

Note: AD FS 3.0 will be installed to the default site, so install AD FS 3.0 , you must have CRM 2016 installation in the new site. (Remember we said that earlier)

IIS Looks like this if it is correctly installed: 

If you only see the default website with CRM installed in that. Start AGAIN! – We are working with the process as shown here.

Install ADFS Server Role

From Server Manager – Add A Server role for: Active Directory Federation Services

 

Click Install at the last step.

After if Finishes: 

Click the Configure the Federation Services on this server.

Configure AD FS 3.0

1 Click on Configure the federation service on this server.

2 In the AD FS 3.0 Management page , click AD FS 3.0 Federation Server Configuration Wizard .

3 In the Welcome page , select Create the first federation server in a federation server farm, and then click Next.

4 Select next to continue with the current administrator (must be a domain admin).

5 Choose your SSL certificate (the one we created and imported above i.e. *.iwebscrm15.com ) ,add a Federation Service name ( Selecting the second one for the dropdown in this instance iwebscrm15.com, don’t select the one with the wildcard in the name, so not the *.iwebscrm15.com for example.), then Select a Service Display Name for your business – selecting the one that is NOT starting with a *, then click Next.

6 Open PowerShell and run the following command: “Add-KdsRootKey -EffectiveTime (Get-Date).AddHours(-10)”

 

If you don’t you will se the error: Group Managed Service Accounts are not available because the KDS Root Key has not been set.

7 We specified the Administrator account for the service account, as security is not our primary concern here with a Dev environment. You could and probably should use a defined account for a production environment.

7 Create a database on this server using Windows Internal Database (or you can use SQL instance in the step below), click Next.

Or use the local SQL instance etc if you have one. (Because we have SQL installed on this same server. We are using this SQL instance for the database host. 

Note that this will create two new databases in SQL.

 

8 Review Options click Next

9 Pre-requisits checklist, click Configure

10 You should see a message that “This Server was successfully configured

11 Close out the Instillation progress window

Verify the AD FS 3.0 is working

Follow the steps below to verify that the AD FS 3.0 is working :

1 Open Internet Explorer.

Under Internet Options

Security / Local Intranet

Sites / Advanced

Add *.domain.com to the websites. In our case here we added: *.iwebscrm16.com

Close all this down when added.

2 Now we need browse to the the federation metadata in Internet explorer to test access is working. 

Use this URL below as an example to browse to your own server. Remembering that we set up a DNS entry earlier for “ADFS’ on your domain, thus you should be able to browse to the URL below replacing our domain name with yours and have it access the server we are configuring.

  • https://adfs.iwebscrm16.com/federationmetadata/2007-06/federationmetadata.xml

(Replace your domain name in place of ours iwebs16.com)

3. to ensure that no certificate associated with the warning appears, and you can view the certificate to be sure it is showing.

Check the certificate is correct and working by clicking on the padlock looking thing and viewing certificate.

 

Take another Snapshot!

Claims-based authentication configuration CRM 2016 server

After you install and configure the AD FS 3.0 , we need to configure the Claims-based authentication before setting CRM 2016 binding types and the root domain.

1 Open the CRM Deployment Manager.

2 In the Actions pane , click Properties .

3 Click the Web Address page.

4 In the Binding Type , select HTTPS .

5. Change the Server name to the internalcrm.domain.com:444 format. In our case here. internalcrm.iwebscrm16.com:444

6. Then Apply

7. Then OK to close

8 In the Deployment Manager console tree, right-click Microsoft Dynamics CRM, and then click Configure Claims-Based Authentication.

9 Click Next on the Welcome page

10  On the Specify the security token service page, enter the Federation metadata URL, in our case because we setup a DNS record for “adfs” we are going to use that: https://adfs.iwebscrm16.com/federationmetadata/2007-06/federationmetadata.xml 
Note: that this is the same URL we tested ADFS was set up correctly on in the steps above. Also note that the step of adding the domain to internal sites in the IE security settings that we did above is an important one! If you can’t hit that URL on the web browser of the server and get a clean XML defined page, then you deployment will not work.

11 Click Next then select the certificate that we created perviously for the *.domain connection

12 Select Next
Note: At this point it is possible to get an error something along the lines of “Encrypted Certificate Error”. This is implying that the account used to run CRM does not have access to the Private Key of the certificate being used. Skip forward to point 25 below, and add the service accounts that CRM is using to the private key of the certificate to be used. This will ensure that this next configuration step has access to the certificate. Then come back to this point and continue. 

13 Select Apply (BUT – NOT FINISH)

14 IMPORTANT – Click View Log File

15 Scroll to the end, and Copy the URL from the bottom of the file.

This will be used in the next configuration. 
Note: that this is different to the URL used in step 4 above, as it represents the internal URL. Subtle but vital (and the cause of frustration the first 10 times we tried this). In our case the URL looked like this: https://internalcrm.iwebscrm16.com:444/FederationMetadata/2007-06/FederationMetadata.xml

16 Click Finish.

Set the CRM AppPool account and the Microsoft Dynamics CRM Encryption certificate.

17 Right Click the Start Button and select RUN

18 Type MMC and enter

19 Select File / Add/Remove Snap-in

20 Select Certificates and Add

21 Select Computer Account

22 Local Computer is selected, so click Finish

23 Expand the console tree / Personal / Click Certificates

24 Right click the certificate we used for the CRM endpoint, and select All Tasks / Manage Private Keys

25 Select Add

Note here: If you do not have the “adfssrv and drs” accounts listed, you will have problems. The solution though is to do this at this point:

Open Powershell as Administrator and run: dir Cert:\LocalMachine\My\

 Then using the thumbprint of the Certificate related to this install, run the following command again in Powershell: Set-AdfsSslCertificate -Thumbprint19A0100267EB5D2FC0132260995F6D38C40EBEA1

This will add the two above mentioned accounts to the security of the certificate. This we found in one setup was not automatically done and caused us a large headache. 

26 Select Advanced

27 Select Find Now

28 Scroll Down and Find the NETWORK SERVICE Account

29 Select OK / OK

Ensuring that the NETWORK SERVICE has Read Access

Note: We have used the NETWORK SERVICE account here because that is the one associated with the CRMAppPool used in IIS by default for the Microsoft Dynamics CRM Website that was automatically configured with the CRM setup.

If you are using another account for running the application pool, then you should ensure that this account has access to the encryption certificate. Some details can be found here.

30 Validate that you can browse to the URL above. If you cannot view this in a browser, then have a look again at your permissions on the certificate in relation to the account on the application pool in IIS for CRM. Read above: Claims-based authentication configuration CRM 2016 server.

The URL Above that we are checking is the one from the View Log step, that we said to copy.

Once you can browse this URL, you are done if it fails, then repeat the process till you can access the URL on the server in question. Note: Often it is confusion over the port :5555 that defaults in CRM Deployment Manager Web settings and the HTTPS Port :444 that we defined in the binding for the Microsoft CRM Dynamics Website. So double check that you have the correct port set in the Deployment Manager, then run the steps again following that setting.

Checkpoint the Hyper-V at this point.

 

Claims-based authentication configuration AD FS 3.0 server

Start AD FS 3.0 Management. In the Navigation Pane, expand Trust Relationships, and then click Claims Provider Trusts. Under Claims Provider Trusts, right-click Active Directory, and then click Edit Claims Rules.

In the Rules Editor, click Add Rule, In the Claim rule template list, select the Send LDAP Attributes as Claims template, and then click Next

Step10: Create the following rule

Claim rule name: UPN Claim Rule (or something descriptive)
Attribute store: Active Directory
LDAP Attribute: User Principal Name
Outgoing Claim Type: UPN

Click Finish, and then click OK to close the Rules Editor

After you enable claims-based authentication, you must configure Dynamics CRM Server 2016 as a relying party to consume claims from AD FS 3.0 for authenticating internal claims access.

Add Relying Party Trusts to AD FS

Start AD FS Management. Select Trust Relationships / Relying Party Trusts. Then On the Actions menu located in the right column, click Add Relying Party Trust. In the Add Relying Party Trust Wizard, click Start.

On the Select Data Source page, click Import data about the relying party published online or on a local network, and then type the URL you copied earlier from the log file during the creation of the CRM Claims Based Authentication. e.g. https://internalcrm.iwebscrm16.com:444/FederationMetadata/2007-06/FederationMetadata.xml – Note it is probably still open in your browser in the background.

On the Specify Display Name page, type a display name, such as CRM Claims Relying Party, and then click Next.

Click Next on the multi-factor authentication options.

On the Choose Issuance Authorisation Rules page, leave the Permit all users to access this relying party option selected, and then click Next.

On the Ready to Add Trust page Click Next

On Finish Page, click the checkbox option to Open the Edit Claim Rules, Next, and then click Close.

The Rules Editor appears, click Add Rule. Otherwise, in the Relying Party Trusts list, right-click the relying party object that you created, click Edit Claims Rules, and then click Add Rule.

In the Claim rule template list, select the Pass Through or Filter an Incoming Claim template, and then click Next.

Create the following Rule #1
Claim rule name: Pass Through UPN (or something descriptive)
Incoming claim type: UPN
Pass through all claim values

Click Finish.

In the Rules Editor, click Add Rule, in the Claim rule template list, select the Pass Through or Filter an Incoming Claim template, and then click Next

Create the following Rule #2

Claim rule name: Pass Through Primary SID (or something descriptive)
Incoming claim type: Primary SID
Pass through all claim values

Click Finish

In the Rules Editor, click Add Rule. In the Claim rule template list, select the Transform an Incoming Claim template, and then click Next.

Create the following rule #3

Claim rule name: Transform Windows Account Name to Name (or something descriptive)
Incoming claiming type: Windows account name
Outgoing claim type: Name
Pass through all claim values

Click Finish, and when you have created all three rules, click OK to close the Rules Editor.

Click OK

Enable Forms Authentication

AD FS in Windows Server 2012 R2, forms authentication is not enabled by default.

Open the AD FS management console and click Authentication PoliciesUnder Primary Authentication, Global Settings , Authentication Methods, click Edit.

Under Intranet, enable (check) Forms Authentication

So now we have claims setup for CRM.

Add the ADFS server to the Local intranet zone.

We previously added the *.domain.com or in our case, *.iwebscrm16.com to the Local intranet zone in Internet explorer on the server. If you have not done this you should do it now. Then:

1. Open Internet Options Select the Advanced tab. Scroll down and verify that under Security Enable Integrated Windows Authentication is checked.

2. Click OK to close the Internet Options dialog box.You will need to update the Local intranet zone on each client computer accessing Microsoft Dynamics CRM data internally. 

Specify the security token service

1 Open a command line tool .

2 Enter the following command : ( application, in your own environment, substitute the name of the name of the command line )

setspn -a http/sts1.iwebscrm16.com fserver4\VSERVER40”  

– Note – remove the “ “

fserver4\VSERVER12 = the domain / machine name of the server.

c: \> iisreset 

Probably good to do a Snapshot again!

Configure Internet-Facing Deployment in CRM Deployment Manager.

1 Open the CRM Deployment Manager.

2 In the tree structure , right-click Microsoft Dynamics CRM , and then click Configure Internet-Facing Deployment.

3 Click Next.

4 Fill in the correct domain information for the Web Application

Thus we use:

  • Web Application Server Domain: iwebscrm16.com:444
  • Organization Web Service Domain: iwebscrm16.com:444
  • Web Service Discovery Domain: dev.iwebscrm16.com:444 

Leave the Default option for the Internet Facing Server Location

System Checks work

IFD Summary looks like this. Then Apply

Finish

9. Open a command line tool, run: iisreset

ADFS Relying Party Trust for the IFD Endpoint

Effectively you are creating the third Relying party trust in your deployment and the second that you have manually set up at this point. We are doing this again as this is now for the IFD endpoint.

Step 1: Start AD FS Management. On the Actions menu located in the right column, click Add Relying Party Trust. In the Add Relying Party Trust Wizard, click Start.

Step 2: On the Select Data Source page, click Import data about the relying party published online or on a local network, and then type the URL to locate the federationmetadata.xml file. This federation metadata is created during IFD Setup.

For example, https://auth.iwebscrm16.com:444/FederationMetadata/2007-06/FederationMetadata.xml (Remember to replace your domain for ours)

Type this URL in your browser and verify that no certificate-related warnings appear.

Step 3: On the Specify Display Name page, type a display name, such as CRM IFD Relying Party, and then click Next

Step4: On the Choose Issuance Authorization Rules page, leave the Permit all users to access this relying party option selected, and then click Next.

Click Next

Step 5: On the Ready to Add Trust page, click Next, and then click Close.

Step 6: If the Rules Editor appears, click Add Rule. Otherwise, in the Relying Party Trusts list, right-click the relying party object that you created, click Edit Claims Rules, and then click Add Rule

Step 7: In the Claim rule template list, select the Pass Through or Filter an Incoming Claimtemplate, and then click Next.

Step 8: Create the following rule#1

Claim rule name: Pass Through UPN (or something descriptive)

Incoming claim type: UPN

Pass through all claim values

Click Finish

Step 9: In the Rules Editor, click Add Rule, and in the Claim rule template list, select the Pass Through or Filter an Incoming Claim template, and then click Next

Step 10: Create the following rule#2

Claim rule name: Pass Through Primary SID (or something descriptive)

Incoming claim type: Primary SID

Pass through all claim values

Click Finish

Step 11: In the Rules Editor, click Add Rule. In the Claim rule template list, select the Transform an Incoming Claim template, and then click Next.

Step 12: Create the following rule #3

Claim rule name: Transform Windows Account Name to Name (or something descriptive)

Incoming claim type: Windows account name

Outgoing claim type: Name

Pass through all claim values

Click Finish, and when you have created all three rules, click OK to close the Rules Editor.

Now, you should see three Relying Party Trusts in the ADFS Trust Relationships.

Step 13 – Change Port

Open Powershell and run this command

Set-ADFSProperties –nettcpport 809

Restart the ADFS in Services

Restart IIS in CMD

iisreset

Browse to the URL: https://sts1.iwebscrm16.com/adfs/services/trust/mex  (replacing the iwebscrm16.com with your domain). You should be abel to hit this URL and get a result looking like this:

Test External Access to CRM 2016 with IFD

Now, you should use the claims certified external access CRM 2016 a. In IE the browser CRM 2016 external address (for example: https://crm2016.iwebscrm16.com:444/main.aspx ), you should have success with login.

Problems We Encountered

While developing this blog post we encountered many small errors along the way. We have reverted to CheckPoints and fixed the instructions to allow you to avoid them. One thing we would say is that when resolving errors, it is most likely associated with the AD FS IFD login. When this happens, the AD FS Event Log is your best friend. Hit the Event ID errors up in google and resolve as best you can. Checkpoints are also your friend here!

Turn the Firewall Back On

As you may expect, this is a rather important last step

1. Turn on all Firewall Settings as they were at the start

2. Click Advanced Settings 

3. Click Inbound Rules / New Rule

4. Select Port / Next

5. Select TCP and Specify Port 444

6. Allow the Connection

7. Domain, Private and Public all ticked.

8. Give it a name like: CRM Port 444

And you are about finished. Remember if in the future you are mucking with something and getting no place. Turn off the Firewall as a starting point. Banging heads with firewalls is a waste of time!

Remember to test access again externally!

Your Feedback and Our Services

Please post a comment or note if you have anything to add about these notes. We welcome feedback that helps us improve them.

If you have a need for CRM 2016 Developer Services, we offer professional services and support for CRM 2016. This includes upgrade services for upgrading from any of the past CRM releases to new ones. We also write custom plugin solutions and are specialists with advanced web services and portals that connect to CRM for many applications. http://www.interactivewebs.com/crm and websites 핸드폰 SD포맷

Скачать различные утилиты windows linux centos .

Last updated on February 2nd, 2018

This tutorial contains several methods to fix Windows Update Problems in Windows 7/8/8.1 Server 2008/2012 OS.  In many cases, even in fresh Windows installations,  the Windows Update is not working as expected, or it stuck when checking for updates or it displays several errors whenever you try to search for the available updates.

In such cases your system may become slow or unresponsive, because the Windows Update service (svchost.exe) causes high CPU usage. The Windows Update service is an essential feature in all Windows versions, because it is needed to provide all the available important and optional updates needed for the proper Windows operation and security.

The Windows Update problems often occur on Windows 7 or Vista based computers and in most cases, the errors are caused without any obvious reason and without a permanent solution to fix them from Microsoft. For all these reasons, I decided to write this troubleshooting guide, with the most efficient methods to resolve Windows Update problems on Windows 8.1, 8, 7 Server 2008 or Server 2012.

Problems-Symptoms that are solved with this guide:

Windows Update is checking for updates forever.
Windows Update stuck/freezes.
Windows Update cannot find new updates.
Windows Update cannot currently check for updates because the service is not running.
Windows Update occurred an Unknown error: Code 8007000E

How to Solve Windows Update Issues on Windows 7/8/8.1 Server 2008/2012

Important:
1. Before proceeding to apply the methods below, in order to troubleshoot Window Update problems, make sure that the Date and Time settings are correct on your system.

2. Try the following trick: Change the Windows Update settings from "Install updates automatically" to "Never check for updates (not recommended)"   restart your system, After restart set the update settings back to "Install updates automatically" and then check for updatesIf this trick fails then set the Windows Update Settings to "Check for updates but let me choose whether to download and install them" and then check for updates again.

3. If you have performed a fresh Windows 7 or Server 2008 installation, install Service Pack 1 for Windows 7 or Windows Server 2008 R2, before you continue.

4. Make sure that your computer is clean from viruses and malware. To accomplish this task you can use this Malware Scan and Removal Guide to check and remove viruses or/and malicious programs that may be running on your computer.

Method 1. Force Windows to re-create the Windows Update Store folder.
Method 2. Install the KB3102810 security Update.
Method 3. Install the latest Update Rollup.
Method 4. Run the Windows Update Troubleshooter.
Method 5. FIX Corrupted System Files and Services (SFC).
Method 6: FIX Windows corruption errors with the System Update Readiness tool (DISM).
Method 7: Update Windows by using the WSUS Offline Update tool.
Method 1. Force Windows to re-create the Windows Update Store folder

The Windows Update Store folder (commonly known as "SoftwareDistribution" folder), is the location where Windows stores the downloaded updates.

-If the SoftwareDistribution folder becomes corrupted then it causes problems with Windows Update. So, one of the most efficient solutions to resolve problems with Windows Update, is to recreate the SoftwareDistribution folder. To do that:

1. Simultaneously press the Windows   R keys to open run command box.
2. In run command box, type: services.msc and press Enter.

3. Right click on Windows Update service and select Stop.

4. Open Windows Explorer and navigate to C:\Windows folder.
5. Select and Delete the “SoftwareDistribution” folder.*
(Click Continue at "Folder Access Denied" window).

* Note: The next time that the Windows Update will run, a new empty SoftwareDistribution folder will be automatically created by Windows to store updates.

6. Restart your computer and then try to check for updates.

Method 2. Install the KB3102810 (KB3102812) security Update.

I have seen many times, that Windows Update is checking for updates forever (stuck) without finding updates, even in fresh Windows 8, 7 or Vista installations. Thankfully, Microsoft has released a security update to resolve the "Installing and searching for updates is slow and CPU utilization is high" issue. To apply the fix:

Step 1. Install Internet Explorer 11. *

* Note: This step is applied only to a fresh Windows 7 or Windows 2008 installation. If Internet Explorer 11 is already installed on your system, then skip this step and continue to step 2 below.

1. Download and install Internet Explorer 11 according to your OS version.
2. Restart your computer.

Step 2. Install the KB3102810 Update.

1. Download – but do not install it yet – the following security update according to your OS version, to your computer:

  • Windows 7 Server 2008: KB3102810
  • Windows 8.1 Server 2012: KB31028102

2. After the download, restart your computer.
3. After the restart, immediately install the security update, otherwise the installation hangs.
4. After the installation, restart your computer.

Step 3. Delete the SoftwareDistribution folder.

1. Follow the steps in Method-1 and delete the "SoftwareDistribution" folder.
2. Restart your computer.
2. Navigate to Windows Update and check for updates. Then, let it run at-least half to one hour. If you 're lucky, Windows will find all available updates.

Method 3. Install the latest Update Rollup to fix Windows Update issues.

The Windows Update Rollups, in most cases can fix issues with Windows Update. But before installing the latest Windows update rollup, first change the way that Windows install updates to "Never check for updates (not recommended". To do that:

1. Simultaneously press the Windows    R keys to open run command box.
2. In run command box, type: wuapp.exe and press Enter.

3. Select Change settings on the left.

4. Set Never check for updates (not recommended).

6. Proceed and download the latest Windows Update rollup for your system, but don't install it (yet).

July 2016 update rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

July 2016 update rollup for Windows 8.1 and Windows Server 2012 R2

September 2016 update rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

September 2016 update rollup for Windows 8.1 and Windows Server 2012 R2

7. After the download, restart your computer.8. After restart, then proceed and install the downloaded rollup.

9. Check for updates Avast Antivirus 2013 7.0.1474

Related articles

AVG PC Tuneup и коды активации Скачать бесплатно AVG PC Tuneup 2013 XDroneYou already know how AVG can protect you online. Now we take that expertise one step further by fixing problems that slow you down. AVG PC Tuneup is your one-stop .,AVG PC TuneUp 2018 Serial Key, PRODUCT KEY Download AVG PC TuneUp 2018 Serial Key is one of the most used applications that improve the performance of your computer .,Tempatnya Download Software Gratis di Indonesia, Download Software dan Games terbaru Full Version, Download IDM Full Crack, Free Download Software.

AVG PC Tuneup и коды активации Скачать бесплатно AVG PC Tuneup 2012Get a faster, cleaner PC. We’ve upgraded TuneUp Utilities to give you longer battery life and more disk space on your Windows PC. Download trial today!,Download AVG uninstall tool., Download the appropriate removal tool to uninstall the AVG antivirus completely. (Direct Download).,Free Download AVG PC TuneUp 16.77.3.23060 - Keep your PC in good shape with various tools that clean junk files, repair registries, remove applicati.

Legendary Antivirus for Windows ESET ESET NOD32 AntivirusLegendarni NOD32 Antivirus. Stiti od svih tipova malicioznih programa ukljucujuci viruse, ransomware, rootkite, crve i spyware. Jednostavna i pouzdana zastita,Award-winning NOD32 Antivirus and antispyware protection includes antivirus, anti- phishing and cloud-powered scanning. Try 30 day free trial.,eset nod32 - эксперт в области защиты от киберпреступности и компьютерных угроз. Миллионы .

<< Go back to the previous page