Настройка сервера администрирования от Kaspersky

Справка находится тут

Скачиваем дистрибутив full, в нём уже есть веб консоль, для управления с любых устройств. Самое смешное, что сервер администрирования у Касперыча работает только с Windows! Установка простая, нужно проставить галочки и нажимать, далее, далее.
Для безопасности создаём базу KAV на сервере sql и логин для доступа к этой базе.
Единственный нюанс, не подключился к MS SQL 2017 Express через локального пользователя sql, с чем связано - не знаю, поэтому сделал учётку в AD, добавил её как логин в sql.

Нюанс №2, Каспер при установке прописывает в firewall множестно правил, но правила для подключения к https://<server_address>:8080 отсутствует, его нужно создать руками.

adb и fastboot

В данном разделе будут сохранены основные команды
А) Проверка разблокированности загрузчика:  fastboot oem device-info
Б) Прошивка recovery:
adb reboot-bootloader (или через кнопки зайти в fastboot)
fastboot flash recovery <img file>
fastboot oem reboot-recovery (или выдернуть батарею, вставить обратно и через кнопки зайти в recovery)

В)

создание программного raid

Для Windows:
1) Заходим в командную строку от имени администратора и запускаем diskpart
2) Конвертируем диск в diskpart в динамический:
select disk 1
convert disk dinamyc
select disk 0
convert disk dinamyc
Смотрим список разделов и первого (тот который находится в начале диска, а не имеет меньшую цифру. Потому что diskpart как попало нумерует разделы):
select volume 0
add disk=1
select volume 1
add disk=1

Создание сетевой папки (шары)

Для Windows:
а) через powershell
$folder='c:\share'
mkdir $folder
New-SmbShare -Name share -Path $folder -ChangeAccess user

б) через cmd
set folder=c:\share
mkdir %folder%
net share sharename=%folder% /GRANT:user,CHANGE

Для linux:
а) сетевая папка samba
mkdir /share
nano /etc/samba/smb.conf

Добавляем секцию
[share]
   browseable = yes
   read only = no
   guest ok = no
   path = /share/

Ввод в домен рабочей станции

Для Windows: запустить powershell и ввести команду
Add-computer -domainName "domain.lan" -Restart

Как убрать в файле все комментарии и пустые строки

grep -v '^\s*\(#\|$\|;\)' file

Включение доступа к беспарольной шаре на WIndows 10

По умолчанию запрещено подключатся к сетевым папкам без парольного доступа. Чтобы разрешить доступ нужно поправить ветку реестра
HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
"AllowInsecureGuestAuth"=dword:0 заменив на 1

В групповой политике меняется тут Computer Configuration -> Administrative Templates -> Network -> Lanman Workstation and selected the Enable insecure guest logons

How to configure an authoritative time server in Windows Server

To configure an internal time server to synchronize with an external time source,

use one of the following methods:

Automatically configure the Windows Time service

To fix this problem automatically, click the Download button. In the File Download dialog box, select Runor Open, and then follow the steps in the easy fix wizard.

Prerequisite updates for Internet Explorer 11

When you install Internet Explorer 11 for Windows 7, the installer program tries to automatically install some prerequisite components. If this part of the installation fails, Internet Explorer stops the installation process.

In this situation, you must install the prerequisite software manually before you can install Internet Explorer 11 for Windows 7.

To do this, use the links in the "List of prerequisite updates for Internet Explorer 11" section to obtain the individual update components.

Windows 10, WindowsUpdate.log and how to view it with PowerShell or Tracefmt.exe

---

Author: Charles Allen

With the release of Windows 10, there is going to be a change to the way the Operating System logs created and how we can view them.

For those of us who are supporting services like Configuration Manager and Windows Update Services to deploy Software Updates, this means a change to how we will look at the WindowsUpdate.log in Windows 10.
The WindowsUpdate.log is still located in C:\Windows, however when you open the file C:\Windows\WindowsUpdate.log, you will only see the following information:

Circle Back to Loopback

February 8, 2013 by Jonathan Stephens, MSFT // 24 Comments

• 0
• 0

Hello again!  Kim Nichols here again.  For this post, I’m taking a break from the AD LDS discussions (hold your applause until the end) and going back to a topic near and dear to my heart – Group Policy loopback processing.

Loopback processing is not a new concept to Group Policy, but it still causes confusion for even the most experienced Group Policy administrators.

The AD Recycle Bin: Understanding, Implementing, Best Practices, and Troubleshooting

August 27, 2009 by NedPyle [MSFT] // 11 Comments

• 0
• 0

Ned here again. Starting in Windows Server 2008 R2, Active Directory now implements a true recycle bin. No longer will you need an authoritative restore to recover deleted users, groups, OU’s, or other objects. Instead, it is now possible to use PowerShell commands to bring back objects with all their attributes, backlinks, group memberships, and metadata. AD Recycle Bin (ADRB) was a long time coming and it definitely has its idiosyncrasies, but I think you are going to love it.

Today I am going to talk about a few aspects of this new system:

• Understanding how ADRB works under the covers.
• What the requirements are and how to turn ADRB on.
• Using ADRB, along with some best practices.
• Troubleshooting common issues people run into with ADRB.

Armed with this information, you should be able to speak with authority on the AD Recycle Bin and perhaps, save your company from a disaster someday.

Let’s get cranking, IT super hero.

How to Enable Active Directory Recycle Bin (Server 2016)

By Robert Allen | April 7, 2018 | 3 

In this tutorial, you will learn how to enable the Active Directory Recycle bin on Windows Server 2016.

I’ll show you how to enable it through the GUI as well as with Powershell.

The AD recycle bin comes in handy when you accidentally delete an AD object and need to restore it.

Considering updating your Domain functional level from Windows 2003? Read this!

The Exchange TeamFebruary 13, 20158

• 0
• 0

---

Now that Windows Server 2003 end of life (July 14th, 2015) is on the horizon, many customers are updating their Active Directory (AD) Domain Controllers (DC) from 2003. The first item to consider is which Windows Server Operating System (OS) you will be moving to for your DC’s. There are several options to consider today: 2008, 2008R2, 2012, or 2012R2 operating systems. However, no matter which newer OS you move your DC’s to, coming from 2003, the krbtgt account will reset its’ password when you update the Domain Functional Level (DFL), which is the concern that could break Exchange.