Thiết lập nhanh mật khẩu người dùng trong hệ thống AD thông qua công cụ dsquery.

Khi cần có nhu cầu thiết lập lại toàn bộ mật khẩu người dùng trong một OU bất kỳ trong AD, chúng ta có thể dùng đến câu lệnh dsquery có sẵn trong windows.

Yêu cầu

1. Đăng nhập vào domain controller với tài khoản quản trị.

2. Start > cmd

3. Cú pháp lệnh dsquery:

dsquery user {đường dẫn LDAP} | dsmod user -pwd mật-khẩu-mới

VD: dsquery user OU=Ketoan,DC=win7poc,DC=com | dsmod user –pwd 123
Tiếp tục đọc

Advertisements

[Linux]DNS Server

Install BIND
Build DNS server which resolves domain name or IP address. Install bind and caching-nameserver for it. And it’s also neccessary to configure router so that TCP and UDP packets to 53 can pass through.
[1] Install BIND
[root@ns ~]#
yum -y install bind caching-nameserver

[2] Configure BIND
This example is done with grobal IP address [172.16.0.80/29], Private IP address [192.168.0.0/24], Domain name [server-linux.info]. However, Please use your own IPs and domain name when you set config on your server. ( Actually, [172.16.0.80/29] is for private IP address, though. )
[root@ns ~]#
vi /var/named/chroot/etc/named.conf
options {
directory “/var/named”;
# query range
allow-query { localhost; 192.168.0.0/16; };
# transfer range
allow-transfer { localhost; 192.168.0.0/16; };
# recursion range
allow-recursion { localhost; 192.168.0.0/16; };
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
# here is the section for internal informations
view “internal” {
match-clients {
localhost;
192.168.0.0/16;
};
zone “.” IN {
type hint;
file “named.ca”;
};
# set zones for internal
zone “incomnet.vn” IN {
type master;
file “incomnet.lan”;
allow-update { none; };
};
# set zones for internal
zone “4.168.192.in-addr.arpa” IN {
type master;
file “4.168.192.db”;
allow-update { none; };
};
zone “localdomain” IN {
type master;
file “localdomain.zone”;
allow-update { none; };
};
zone “localhost” IN {
type master;
file “localhost.zone”;
allow-update { none; };
};
zone “0.0.127.in-addr.arpa” IN {
type master;
file “named.local”;
allow-update { none; };
};
zone “255.in-addr.arpa” IN {
type master;
file “named.broadcast”;
allow-update { none; };
};
zone “0.in-addr.arpa” IN {
type master;
file “named.zero”;
allow-update { none; };
};
};
view “external” {
match-clients {
any;
};
zone “.” IN {
type hint;
file “named.ca”;
};
# set zones for external
zone “incomnet.vn” IN {
type master;
file “incomnet.wan”;
allow-update { none; };
};
# set zones for external *note
zone “56.32.234.125.in-addr.arpa” IN {
type master;
file “56.32.234.125.db”;
allow-update { none; };
};
};
include “/etc/rndc.key”;
# *note : For How to write for reverse resolving, Write network address reversely like below.

the case for 192.168.0.0/24
network address
⇒ 192.168.0.0

range of network
⇒ 192.168.0.0 – 192.168.0.255

how to write
⇒ 0.168.192.in-addr.arpa

case of 172.16.0.80/29
network address
⇒ 172.16.0.80

range of network
⇒ 172.16.0.80 – 172.16.0.87

how to write
⇒ 80.0.16.172.in-addr.arpa

Forward resolution
Create zone files that servers resolve IP address from domain name.

[1] For internal zone

This example uses internal address[192.168.0.0/24], domain name[server-linux.info], but please use your own one when you set config on your server.
[root@ns ~]#
vi /var/named/chroot/var/named/incomnet.lan
$TTL 86400
@ IN SOA ns.incomnet.vn. root.incomnet.vn. (
2011011301 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ; minimum
)
IN NS ns.incomnet.vn.
IN A 192.168.4.9
ns IN A 192.168.4.9
pw IN A 192.168.1.88
crm IN CNAME pw.incomnet.vn.
[2] For external zone

This example uses external address[172.16.0.80/29], domain name[server-linux.info], but please use your own one when you set config on your server.
[root@ns ~]#
vi /var/named/chroot/var/named/incomnet.wan
$TTL 86400
@ IN SOA ns.incomnet.vn. root.incomnet.vn. (
2011011301 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns.incomnet.vn.
IN A 125.234.32.58
ns IN A 125.234.32.58
Reverse resolution
Create zone files that servers resolve domain names from IP address.
[3] For internal zone

This example uses internal address[192.168.1.0/24], domain name[incomnet.vn], but please use your own one when you set config on your server.
[root@ns ~]#
vi /var/named/chroot/var/named/0.168.192.db
$TTL 86400
@ IN SOA ns.incomnet.vn. root.incomnet.vn. (
2011011301 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns.incomnet.vn.
IN PTR incomnet.vn.
IN A 255.255.255.0
88 IN PTR pw.incomnet.vn.

[4] For external zone:

This example uses external address[172.16.0.80/29], domain name[server-linux.info], but please use your own one when you set config on your server.
[root@ns ~]#
vi /var/named/chroot/var/named/56.32.234.125.db
$TTL 86400
@ IN SOA ns.incomnet.vn. root.incomnet.vn. (
2011011301 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns.incomnet.vn.
IN PTR incomnet.vn.
IN A 255.255.255.252
242 IN PTR ns.incomnet.vn.