I tested it successfully on FireFox, Chrome Plus and IE ^^ and I guess It works perfectly on other browsers .
This hotkey is very useful for lazy person like me .
When I am browsing a website, for example eyesfall.blogspot.com and I want to go to Google.com , as usual I need to select all text on my address bar, delete it and type Google.com .
but I found out that I just need to press F6 to do that .

Try it yourself !
Start -> Run -> Type CMD and hit Enter , a new Windows appears : You've just opened Command Prompt .

Type anything you want, like "ipconfig" to view Ip configuration of your comnputer ...

If you want to clear your black screen : just type cls (it's not case-sensitive, don't worry) and hit enter . Enjoy !
When you go out and don't want to re-open your data, program...
Hibernation is a good choice, it saves all data in hard disk when hibernating and recover all of them into RAM when start-up.

To use it : Start -> > (right arrow near Shutdown button) -> Hibernate .

If you DON'T SEE IT :

Step 1 : Start > Run > CMD , hit enter : in command prompt type : powercfg -h on

If you still don't see Hibernate button, go to step 2 :

Step 2 : Start > type "power " > and click on "Edit power plan" ABOVE
Click to "Change advanced power settings" > Expand + in "Sleep" and make sure that "Allow hybrid sleep" is OFF .

DONE !
I) Home Folder :

To centralize users data storage, File Server becomes a place where users put all their data . Every user has private space on File Server .

We use Home Folder to do that :
- User has his own Foler
- Share permission and security permission
- Map a folder from Server to user's computer as network drive .

Step 1 :  Create a folder on File Server,
Step 2 : Share everyone - full control & remove users group in tab Security .
Step 3 : Start > Run > dsa.msc > double click to user you want to grant Home Folder => Tab Profile --> Home Folder , at Connect : type \\DCname\ShareFolder\%username%  and click Apply.

Note : DCname : name of Domain Controller, it can be IP address.
          ShareFolder : name of share folder.
          %username% : after you click apply, it will change to name of user
To modify policies in Domain, we use Group Policy Management  :
 (Note that we are on Domain Controller )
Start> Administrative Tools  >Group Policy Management

From the left panel, click to a "+" sign : Forest :Long.local >  Domain > Group Policy Objects
  • Default Domain Policy : Affect to all Domain (Domain Controller and Domain member/member server)
  • Default Domain Controller Policy : Only afftect to Domain Controller\
For example :

1/ Password Policy : 
We use Default Domain Policy > Right Click and choose Edit  : a new dialog appear

Computer configuration> Policies> Security Settings> Account Policies> Password Policies

affect all Domain .

2/ As you might know that user (not Domain Administrators) cannot log in locally on Domain Controller.
But there is a policy that you can do it , because you want this policy affect only to DC, so :

Right click : Default Domain Controller Policy > User Right Assignment> Allow logon locally .

----

The point is, when Administrator is on a member computer,  how can he manage a Domain ?

On :
Windows XP, 2K3, Vista : we use a software call Adminpak.msi
Windows 7 : Download and Install remote administration tool
Windows server 2008 : Server Manager> Right Click Features > Add Features > Check to :

  • Group Policies Management
  • Expand Remote Server Administration Tools > Role Administration Tools > AD DS & AD LDS Tools >  AD DS Tools> Check to Active Directory Administrative Center .
  • Add requirement features. Next .

=> Install .

----
* Admin can manage time and computer for user logon (when ? - which computers ?) by accessing Active Directory User and Computer> Double Click to User > Account : Modify Logon Hour and Log on to .
I) Introduction to Domain :

- In workgroup : Data and Policy stay on computers, if you want to make a change - you must change each of them . Imagine that you company has a hunred computer, you want to add a user and this user can log on every computer => You must do a job create a same new user 100 times ! to 100 computers . Absolutely it's not time-efficient, and very boring job .

- So Domain saved the world - It is a model which data is stored in 1 computer. Now you just create a new user on a Domain - so he can log on every computers on that Domain.

Domain Controller (DC) : a computer has been installed Active Directory Domain Service and has a responsibily to manage Domain system .
A computer can be a DC if it meets these requirements :
- Using Windows Server (2000, 2003, 2008)
- DNS Server .

Domain Member (Windows workstation - Windows XP, Windows 7 ...) & Member Server (Windows Server : 2003, 2008 ...)
- A computer joins to Domain system will be managed by DC
- This computer must have Windows operating system newer than Windows 95 .

II) Upgrade windows server to Domain Controller :
 2 steps :

- Configure IP and DNS (as usual, we configure DNS the same with IP address of this computer - It's also a DNS Server) 
- Start> Run> DCPROMO - hit Enter. 

Please wach my video ^^



III) Join a computer to Domain :





IV/ Domain Environment :

To manage user/group and other object in Domain, we use tool called : Active Directory Domain User and Computer in Start> Administrative Tools or Start > Run> type : DSA.msc .

Creating a new user, you need to provide a password meet complexity with 7 characters, capital, number ... 

As a member user of a Domain, user can log on any computer in domain except Domain Controller (Only Admin can do that).

(But you can change a Policy in User Right Assignment to Allow logon locally)
I) Introduction : 

File Server Resource Manager (FSRM) is an advanced function helps admin manage File Server efficiently .
Administrator can limit  user's disk space usage, stop user from accessing some specific file and supervising user .

II) Practice

Server Manager > Right click on Roles > Add Role, next > check File Services, next > Check File Server Resource Manger, next >  Check the Drive you want to monitor , next and Install.
Close when finished  .

1) Folder & Disk Quota : 

First of all, create a new folder in C:/ or in any drive in your computer .
Start > Administrative Tools, File Server Resource Manager .
Quota Management> Right click on Quotas> Create Quota
Browse -> Specify a path for a folder you want to apply Disk Quota

You can use Disk Quota template or Define custom quota properties , right there , you specify a limit space for user (by soft quota - just for monitoring or hard quota) , add a warning ...

Close a custom disk quota dialog and press Create . Save it as a template for later use if you want .


Done !

*Disk Quota :
For each user you can have different limit disk spaces : in My Computer > Right click on Drive you want to enable Disk Quota> Properties > Quota :

Check on Enable Disk Quota Management
If you don't check Deny disk space to users exceeding quota limit , there will be only a warning for user, NOT a Denial when user reach disk space quota limit.

Specify user by click on Quota Entries  ...  > New Quota Entry . And add user to apply disk quota to him .

2) Prohibit user from copying a file to a Folder

First of all, create a new folder in C:/ or in any drive in your computer .
Start > Programs > Administrative Tools > File Server Resource Manager > File Screening Management  >  Right click to File Screens > Create File Screen ... Specify a Folder you want to prohibit user from doing something.

> Define  custom file screens properties > Custom Properties => Select group you want to block, choose some options, use Edit to view and modify them or you can Create your own option by clicking Create..

You can also exclude some files that user are allowed to copy to C:/Folder by click on Create... and choose file to exclude . Remeber create a file group name

For example :
a) You don't want  user to copy a .EXE files to your Folder, but user can copy a file name GoodFile.EXE , so you type in Files to exclude : GoodFile.Exe
b) You want to prohibit user from copying a file have a extension .XXX , so you type in Files to include : ".XXX" - without quotation marks .

After finishing custom properties, just press OK , at Create File Screen , press Create . Save it as a template if you want.

Done!  If you have any question, don't hesitate to comment here, I will reply within 24 hours ^.^
Thanks for visiting my Blog .

NTFS Permission

11:07:00 PM | 0 Comments

I) What is NTFS Permission :

As you can see : "NTFS" is one of the formats of hard disk drive, just like FAT, exFAT ...  and nowaday, most of hard disk computers (Desktop & Laptop) use  NTFS format.
NTFS Permission help us give different permissions to different users on the same file or folder .

Comparion between Share Permission and NTFS Permission :

                                                   Share                                           NTFS


  • Permission on Folder                       yes                                   yes
  • Permission on File                            no                                   yes
  • Affect a user by logging through      yes                                    yes
  • other computer
  • Affect a user by logging directly       no                                     yes
  • Number of permission         3 (Full, Change, Read)          19 permissions


Try this : Right click on File or Foler > Properties> Security tab

1/ 6 standard Permissions :

 - List Folder Content : You can access shared folder, see what's in it .
 - Read : For example : read the text file . But cannot execute any program .
 - Read & Execute : Read + Execute program .
 - Write : change, create new but cannot delete data .
(note : Write is indepent permission with Read - write can change a file by console without "read" it)
 - Modify  = Read + Write + Delete
 - Full Control : do anything to this file or folder : read, write, delete ...and especially : be able to change the permission of this folder .


2/ 13 special Permissions : 


- More detail & complex  permissions, to serve administration's need .
- For example : give user A the right to delete his own folder he created before but he cannot delete other folder belongs to user B .
- Creator Owner : is a group, when user A create a folder or file, he belongs to this group and he has the right to fully control his Data he created before.

3/ Inheritance permission :


In folder A we have folder B, so if user1 has some permissions on folderA => He will have the same permissions on folder B .

We can remove this inheritance by doing this :

Right click on folder A > Properties> Security > Advanced => change permissions : un-check a option "include inheritable ..." , click Add to keep inheritable table .

4/ Relationship between NTFS permission and Share Permission :


When user A  accesses folder X through the network from other computer. His rights are under 2 effects, one from NTFS, and the other from Share . His rights now are "mutual permission"


NTFS                  Share                           User's Right


modify                read                                  read
write               read               NO right (remember write & read are separated permission)
full control          change                          change/modify

R or M or F          Full Control                     R or M or F               

(R/M/F : Read/Modify/Full Control)

We don't want both permissions : Share & NTFS mix up with each other. So set Share Permission to everyone : Full ControlAnd don't worry, we have NTFS Permission to handle security problem .

(*This post is marked as partially completed - there  are some info I will  supplement later, now I'm kinda busy for life, LOL, let's move on to the next post *)

I) Introduction :

Sharing helps users access data resources easily and conveniently . There are some computers play a role as a sharing centre , and other computers can access to use resources like Data, Printer or Internet ...

A computer which shares Data resources is called File Server.
This computer is a File Server if it meets these requirements :
- Turn off Firewall
- Using Classic Authentication
- Has a list of users account - so other computers will use these accounts to access File Server.

II) Sharing :

1) Data sharing and sharing permission : 


- We can only share a folder - NOT A FILE .
- Folder A include folder B and C, if you want to share all of them,  sharing  folder A is enough .
- Only Administrators has a right to share .
- Sharing only  affects to users log on from other computers, it won't work with directly logging on  .

(For example computer A has a user A and he has a right to access folder XXX, so if user A log on from computer B - he will see this folder ; if he log on at computer A - he won't see it)

How to Share : Right click on a folder you want to share> Properties> Sharing > Share...
                    Or for more options, choose Advanced Sharing ... > Tick at Share this folder .
Notice :
at Permissions>  Share Permissions : You will see 3 options :
 + Full control : User can do anything to this folder contents
 + Write : User can create new contents or change it, but cannot delete it .
 + Read  : User just read them, cannot change or delete .


2) Let's watch the video :


It's  mostly the best way to understand the bunch of theories, and it's always faster than reading .
But you need more concentration :

AND



Notice that, Computer 2 WILL NOT  access folder created in DESKTOP ...
My teacher told me that is because of Desktop is Work-Place of user and doesn't permit any other user access shared folder on it. Quite ambiguous ! I will find it out and tell ya later !
 

Network Access

10:26:00 PM | 0 Comments

I) Network Access :

1/ Configure IP address :

If you don't know how to set an IP Address for a computer, please watch this video :


2/ Ping :
Set IP address to 2 computers 1 & 2 :

Computer 1 : 192.168.1.1 / 255.255.255.0
Computer 2 : 192.168.1.2 / 255.255.255.0

We will disable Firewall on both of these Computers, and try to use PING  command to test their connnection (before doing that, just plug both cables to a Switch or directly connect 2 computers) .

Watch this video :

3/ Access Authentication :

In Windows : there are 2 models of authentication
a) Classic : 3 STEPS
STEP 1 :
- Computer 1 is want to access Computer 2 will try to use its CURRENT ACCOUNT (username & password) .
STEP 2 :
- If not successful, Computer 1 will use Guest Account to access.

STEP 3 
- If not successful, Computer 1 will see a Dialog Box requires to Type Username/Password in order to access Computer 2.
-If not successful, ACCESS DENIED !

Please watch the video to fully understand what I am saying, it has made me confused at the first time, I know you do, too .




b) Guest Only : 

Using Guest Account to access, if Guest Account has been disabled, Access is denied regardless User is Administrator (because only Guest account has a permission to access)
Today I got a problem with booting to Windows 7, after helping a girl last night LOL .
She asked me how to divide a partition in Windows, I tried to do it with out Hiren Boot CD, by using Disk Management .  I use dual boot Windows 7 - Ubuntu and I tried to delete partition which hosts Ubuntu OS & SWAP partition .

I got 3 other drive called : C (Windows OS is here), D and E .  Then I extended E by taking all partition I kept my Ubuntu OS before .

Now I got 3 partitions : C, D and E.

Today, I restart my computer and got a prolem when booting , It shows a command line "Grub Rescue"

Hmm... I tried to insert a Windows Install Disk and repair (you should try this first if you got a same problem), but not successful.
I do some searches on Google and found it !

After inserting a Windows Install Disk, you go to Repair and Choose Command Line , and just type "bootrec /fixmbr " (without a quotation marks) .


It works perfectly !
Local Security Policy is a part of Local Policy, it focuses on Security Policies in Windows .

- Start> type Administrative Tools>  Local Security Policy
or
- Start> Run> type secpol.msc 

Let's watch the video :

Part 1 :

Part 2 :

Local Policy

11:51:00 PM | 0 Comments

Policy is a rule that we apply to a computer (User and Group, also) and tell them "Do this, not do that"
For example, I don't want user A access drive C, so I set a rule to suit my need.

Local Policy, as I said before "Local" means these rules will affect locally, only to a computer which you configured .

To use Policy, we use a tool call Microsoft Management Control :
- Start > Run > type MMC (not case-sensitive)
- File > Add/Remove Snap-ins ...

Now, let's watch my video , it's more useful than words ^^ :




So, "Group Policy" Configuration file is hosted in C:/Windows/system32

Thanks for visiting my Blog, see ya later !
I) Local User Account :

- "Local" means if user A has an account on computer 1, he cannot use it to access computer 2 ... His account just only use for computer 1 .
- In a company, there many people, they do different job, most of them concern to computer . User A access computer 1 and write his report, user B also use computer 1 to prepare for her project . If both of them use the "same place" on computer 1, probably they can affect their job (A may delete B's date, or change it ...if he hates her - maybe) .

There is a solution that they use different computers, but it's not cost-effective .
So "User Account" has been created to save our money. Now, user A can be represented by an object called uA and user B -> uB . They have "different account, different place" on the same computer .

Problem Solved !

- By doing this, Administrator can easily manage users, by give them some specific rights - can & cannot do some things . For example : Admin give user A the right to access web browser, but he cannot view any pictures on Website .

LAB : I use Windows Server 2008 Enterprise , to create user, delete user ... blah blah, let's see :




II) Local Group :

In a company , there're 10 users do the same job, and have the same rights .
It's unreasonable when Admin need to do the job : "give the rights to each of them" : 10 times.
So, 10 users will join to a Group, what Admin needs to do is just give the rights to that Group .

Time-effective !

 LAB : I will create a group, join user to that group ... check it out :

I) TCI/IP Model :

First of all, let's talk a little bit about TCP/IP model .
When we talk to each other, we use the same language so everyone can understand .
If computer A wants to send file to computer B, both of them need to use the same language called "Protocol" .

TCP /IP is the most popular stack of Protocols our computers use nowaday to communicate .
TCP/ IP actually is a set of many protocols (for example when computer wants to send e-mail, it uses a protocol named SMTP, when it sends file - it uses FTP ....),  its name is represented by 2 protocols : TCP & IP . So hence the name TCP/IP .

II) IP Address :
 1) Introduction to IP Address :

- Every computer has to have at least 1 IP address to communicate with others . Just like my house has a address so some girls can send me some gifts .
- When we talk about IP address, we often talk about IP v4 (v = Version) : It comprises 32 bits (1 & 0) , and divides to 4 portions (called Octet ) separated by 3 dots (.) :
For example : 10000000.11000000.10000001.00000001 
- It's kind of hard to remember so people write it in decimal number : 128.192.129.1
(* You need to know how to convert from Binary to Decimal Number - just search on Google)

- IP addresses also have 2 parts : Host ID and Net ID , just like your house's address has Street number and House number .


2) IP address class :

- Classes help us to determine how many bits  net id (or host id) owned , notice : bits net id + bits host id = 32 (please take a look at the figure above) .

- Five classes : 
  • Class A : Net ID owns 8 bits, Host ID owns 24 bits .
  • Class B : ------------- 16 -------------------16 .
  • Class C : ------------- 24 -------------------8 .
  • Class D & E : are used for research & multicast .
- So how to know which class this IP address  1.2.3.4 belongs to ? 
- Focus on first octet, for example IP address is X.Y.Z.T 
if
  • X from 1     -> 126 : This IP belongs to class A
  • X from 128 -> 191 : This IP belongs to class B
  • X from 192 -> 223 : This IP belongs to class C
  • X from 224 -> 239 : This IP belongs to class D
  • X from 240 -> 255 : This IP belongs to class E
 X = 127 is used for other purposes . For example : 127.0.0.1 is called loopback address .

3) Public & Private IP address :

a) Public IP address : 
- In WAN (Internet)
- Is provided by Service Provider
- Unique in Internet

b) Private IP address : 
- In LAN (Local Area Network)
- Is provided by Administrator .



Alright, before starting to learn specific skills about Windows Server . You need some basic understandings in  Networking fundamental.

If you've been through this before, you can skip it, but make sure that you have a glance to know what it is .

I) Network Topology : 

Network Topology is kind of shape of Network in your house, your office or your school .

1/ Token Ring : 



As its name says : all computers connect to a "Ring". If the ring is broken somewhere,  computer cannot communicate with each other .
Just one computer can send data at a time .
Data are sent one-way (clockwise or counter clockwise)
Use method called "Token Passing" - it means if a computer want to send data, it needs a token (like a priority) , taken from other computers .
So, data transfer speed is slow ~ 10 Mbps
=> This Topology is oblivion .

2/ Bus :



The two end-points are called Terminators .
Computers connect to the Bus by T-connector .
If computer 1 want to send data to computer 4, data must be send to computer 2, computer 3 ... => Not assure for security .
If 2 computers are sending data simultaneously - bandwidth is divided by 2 and  so forth .
This topology is easy to expand (just connect a computer to the Bus)
Because of slow speed, it is no longer used in modern Network.


3/ Star :
There is always a central device (called HUB - in this figure) .
Every computer becomes a member by connecting to central device .
Speed : 100 Mbps
Easy to deploy and expand .

=> The most popular Network topology is used nowaday .

There're also many topologies, but we just focus on the main ones ; you can find out more about them by doing some Google searches.

II) Network Devices :

1)  Network Interface Card (NIC) - or Network Adapter :

- It's a part of your computer (behind a CPU-Case)
- Help computers to communicate to each other, and connect to central device - also .
- To recognise each other, NIC has something called : Address . Imagine that NIC is a house - if I need to send email to you - I need your House's address, right ?
- NIC has 2 types of address :
+  Physical address (MAC address) : Producer provides and cannot be changed - It's unique .
+ Logical address (Netowork address - IP address) : can be changed by administrator .


2/ Central devices :

Today,  Hub is no longer used; instead , we use Switch which provides more efficient functions and enhance speed of transfer, also .

Central devices are used in Star Topology as I wrote in previous section.



3/ Cable :

2 types of cable :
- UTP : Unshielded Twisted Pair . Cheap.


- STP : Shielded Twisted  Pair . Cover by copper to avoid interferences . Expensive 3 times when compare to UTP cable .