In order to keep closer contact with IT network administrators in Macau, we've created a network admin newsletter and I've taken the liberty to add you to our netadmin-news mailing list. If you'd like to unsubscribe or recommend friends to subscribe at any time, just email me.
--- Simon Tam, Chief EditorSuppose you want to delegate somebody in your Windows 2000, Windows Server 2003 domain to have the right to install software on the domain computers, what should you do?
You may answer : Put that user account into the "Domain Admins" global group. Well, this works but you are giving too much power to him/her. He/She can now manage all the resources in the domain.
To install software / application on Windows, the "Power Users" built-in local group basically has enough right. But, still there are things that "Power Users" cannot do, including : Configuring the IIS.
This approach has its drawback. Since it is a local group, you may need to put the user account that you want to delegate into the "Power Users" group on each computer that you want him to have right to install software. Also, there is no "Power Users" group on Domain Controllers.
Want to learn more about Windows built-in / predefined group, there is quite a nice summary at : http://www.ss64.com/ntsyntax/security_groups.html.In Cyberlab, we have one staff who may need to perform his daily job on different computers. To avoid installing the same set of applications for him on those computers. We have set up a terminal server using Windows 2000 server and installed the necessary applications on it.
Then, on each computer that he may need to use, we just need to install Terminal Service client / Remote Desktop connection and then create a shortcut for him. Now, he can work on different computers with the same experinece.
To learn more about Windows Terminal Service, see : http://en.wikipedia.org/wiki/Terminal_Services
In Linux, the order of network interfaces will be changed upon any modification of your hardward, and even a reboot. In our case, there are more than one interface in our computers but only one is attached with a network cable. We would like to make sure that the eth0 is the one we connected the cable. Thus, we have to let the system know which one is eth0 and the other one is eth1. We can do it in serveral ways:
Create or modify the file /etc/iftab. Determine the names based on the MAC address. You can know the MAC address of your interface by ifconfig.
root@cladms:~# cat /etc/iftab # This file assigns persistent names to network interfaces. # See iftab(5) for syntax. eth0 mac 00:17:a4:8f:96:4e arp 1 eth1 mac 00:17:a4:8f:96:4d arp 1
Add entry in /etc/modules.conf to determine the name based on the module (driver). You can issue command lsmod or dmesg|grep eth to know what modules your interfaces are using.
root@cladms:~# cat /etc/modules.conf alias eth0 tg3 alias eth1 8139too
Another way is to put your module names in the /etc/modules to ask the system to load the modules in your specified order. In the following example, tg3 will be loaded before the 8139too. Thus, tg3 will be eth0.
root@cladms:~# cat /etc/modules # /etc/modules: kernel modules to load at boot time. # # This file contains the names of kernel modules that should be loaded # at boot time, one per line. Lines beginning with "#" are ignored. lp psmouse rtc dm-snapshot tg3 8139too
This book covers the basic knowledge on installing , configuring and maintaining Exchange Server 2003, as well as security, maintenance of Exchange 2003 and also mirgration from older version of Exchange. It can also help you to prepare the Exchange 2003 MCSE Examination. The target auidence are those who want to learn Exchange 2003 from scratch.
You can borrow this book from the CPTTM IT Book Shelf at Cyber-Lab.
Archive of the CPTTM Network
Admin Newsletter is available at http://www2.cpttm.org.mo/cyberlab/netadmin-news.