Friday, October 26, 2018
Live Demo Webinar: Windows Server 2019 in Action
So you’ve heard all about Windows Server 2019 - now you can see it in action in a live demo
webinar on November 8th!
The last WS2019 webinar by Altaro was hugely popular with over 4,500 IT pros registering for
the event. Feedback gathered from that webinar and the most popular features will now be
discussed and tested live by Microsoft MVP Andy Syrewicze. And you’re invited!
This deep-dive webinar will focus on:
• Windows Admin Center
• Containers on Windows Server
• Storage Migration Service
• Windows Subsystem for Linux
• And more!
Demo webinars are a really great way to see a product in action before you decide to take the
plunge yourself. It enables you to see the strengths and weaknesses first-hand and also ask
questions that might relate specifically to your own environment.
With the demand so high, the webinar is presented live twice on November 8th to help as
many people benefit as possible. The first session is at 2pm CET/8am EST/5am PST and the
second is at 7pm CET/1pm EST/10am PST.
With the record number of attendees for the last webinar, some people were unable to attend
the sessions which were maxed out. It is advised you save your seat early for this webinar to
keep informed and ensure you don’t miss the live event.
Save your seat: https://goo.gl/3iY2b1
Saturday, October 20, 2018
Create Self Signed Certicate to Use For Minio
By default minio is using http. To configure minio to use TLS, you need to create a self signed certificate. Original post is taken from here:- https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls.html
But it take me a while to figure out. Therefore, i come out a guide with screenshot.
In our lab scenario, we are using Windows based system.
Let start the configuration
1. Use GnuTLS. Download GNUTLS for Windows from here.
2. Set the system variable to include the path.[Under environment variable] Example my GNUTLS has extracted to C:\Backup\gnutls-MinGW64.DLLs-gnutls_3_6_4\win64-build\bin
3.Use command line to execute:-
private.key is generated.
4. Create a cert.cnf file and put this entry:
Generating a self signed certificate...
X.509 Certificate Information:
Version: 3
Serial Number (hex): 59d89416fe9279c1e7967dd8c1ed165cc7a42587
Validity:
Not Before: Sat Oct 20 11:15:46 UTC 2018
Not After: Sun Oct 20 11:15:46 UTC 2019
Subject: C=MY,ST=Example,O=Example Inc.,CN=Lai
Subject Public Key Algorithm: RSA
Algorithm Security Level: High (3072 bits)
Modulus (bits 3072):
00:dc:76:f5:e4:0e:bd:d4:42:14:07:e3:c5:19:82:81
4a:61:ee:8a:2a:76:49:81:c1:be:c8:ee:ff:89:9d:51
05:df:ac:cb:06:38:45:bb:87:e1:49:e8:5b:35:e7:4e
6e:7d:b4:b5:2a:91:83:10:2d:23:2e:01:06:49:73:fd
c9:29:6f:23:70:61:2c:5c:d4:0e:56:a3:f1:ca:bc:cb
c8:aa:c0:8b:02:43:45:91:d2:49:ac:1a:63:f3:22:f2
a8:ec:06:21:ef:db:fb:46:d3:a0:24:bf:f7:b2:63:0c
6c:ec:74:4d:8a:6a:60:a9:ad:a2:83:4e:2d:72:bb:71
df:5d:3f:dd:ec:2f:ba:d8:5f:e3:19:9b:38:09:8d:63
15:23:4f:69:2a:25:56:b0:21:ba:97:65:9b:5f:8e:27
a3:4a:1e:ef:5b:9d:3b:cc:a9:d1:94:dc:c7:a5:14:6c
90:cd:bc:08:4a:79:ce:e2:35:36:94:dc:0d:ba:b2:b5
8d:4b:a7:58:82:04:17:c5:aa:47:d6:19:32:b1:60:b3
a7:35:c9:c3:9f:6b:60:be:c5:ef:60:91:61:3c:22:d5
b1:6e:3e:28:ca:61:f6:8c:1e:59:e1:c8:f1:ce:6f:b8
aa:51:fc:db:92:01:63:80:3f:ee:a3:1e:00:76:2d:47
ef:16:8f:6c:f6:f6:e1:74:e7:b3:45:26:6f:1f:73:6d
4b:36:23:66:6b:5a:b9:57:b5:47:ca:61:1b:3b:7e:57
58:26:b1:b6:e9:07:7f:ec:60:1f:21:2e:7c:38:e6:23
39:cf:aa:87:53:75:f0:c1:3b:82:19:a4:e2:48:48:3d
8d:65:f7:da:67:4a:16:1e:6e:52:5b:f7:1f:11:ff:c0
c3:53:d0:94:64:75:ba:a8:99:7b:35:20:6a:34:e0:d0
95:b7:45:7c:13:44:51:7a:78:1c:10:b1:73:d9:92:7e
a9:1a:4c:c2:fa:85:1e:3e:22:a6:a6:d1:af:6e:80:ef
eb
Exponent (bits 24):
01:00:01
Extensions:
Basic Constraints (critical):
Certificate Authority (CA): FALSE
Subject Alternative Name (not critical):
DNSname: localhost
IPAddress: 127.0.0.1
Key Purpose (not critical):
TLS WWW Server.
Key Usage (critical):
Key encipherment.
Subject Key Identifier (not critical):
9e5692715cd3badd71f601290ffcc1d2b7077877
Other Information:
Public Key ID:
sha1:9e5692715cd3badd71f601290ffcc1d2b7077877
sha256:02025e1f401f84b942285b470b21e33c3db90cf0c9a275e84dfe9f260ce866bc
Public Key PIN:
pin-sha256:AgJeH0AfhLlCKFtHCyHjPD25DPDJonXoTf6fJgzoZrw=
Signing certificate...
6. Copy private.key and public.crt and put into C:\Users\UserProfileName\.minio\certs
use Minio Client to verify:
Hope this help!
Note:- Information refer from https://docs.min.io/docs/how-to-secure-access-to-minio-server-with-tls.html
But it take me a while to figure out. Therefore, i come out a guide with screenshot.
In our lab scenario, we are using Windows based system.
Let start the configuration
1. Use GnuTLS. Download GNUTLS for Windows from here.
2. Set the system variable to include the path.[Under environment variable] Example my GNUTLS has extracted to C:\Backup\gnutls-MinGW64.DLLs-gnutls_3_6_4\win64-build\bin
3.Use command line to execute:-
certtool.exe --generate-privkey --outfile private.keyGenerating a 3072 bit RSA private key...
private.key is generated.
4. Create a cert.cnf file and put this entry:
# X.509 Certificate options
#
# DN options
# The organization of the subject.
organization = "Example Inc."
# The organizational unit of the subject.
#unit = "sleeping dept."
# The state of the certificate owner.
state = "Example"
# The country of the subject. Two letter code.
country = "EX"
# The common name of the certificate owner.
cn = "Sally Certowner"
# In how many days, counting from today, this certificate will expire.
expiration_days = 365
# X.509 v3 extensions
# DNS name(s) of the server
dns_name = "localhost"
# (Optional) Server IP address
ip_address = "127.0.0.1"
# Whether this certificate will be used for a TLS server
tls_www_server
5. Runcerttool.exe --generate-self-signed --load-privkey private.key --template cert.cnf --outfile public.crtIt will create public.crt
Generating a self signed certificate...
X.509 Certificate Information:
Version: 3
Serial Number (hex): 59d89416fe9279c1e7967dd8c1ed165cc7a42587
Validity:
Not Before: Sat Oct 20 11:15:46 UTC 2018
Not After: Sun Oct 20 11:15:46 UTC 2019
Subject: C=MY,ST=Example,O=Example Inc.,CN=Lai
Subject Public Key Algorithm: RSA
Algorithm Security Level: High (3072 bits)
Modulus (bits 3072):
00:dc:76:f5:e4:0e:bd:d4:42:14:07:e3:c5:19:82:81
4a:61:ee:8a:2a:76:49:81:c1:be:c8:ee:ff:89:9d:51
05:df:ac:cb:06:38:45:bb:87:e1:49:e8:5b:35:e7:4e
6e:7d:b4:b5:2a:91:83:10:2d:23:2e:01:06:49:73:fd
c9:29:6f:23:70:61:2c:5c:d4:0e:56:a3:f1:ca:bc:cb
c8:aa:c0:8b:02:43:45:91:d2:49:ac:1a:63:f3:22:f2
a8:ec:06:21:ef:db:fb:46:d3:a0:24:bf:f7:b2:63:0c
6c:ec:74:4d:8a:6a:60:a9:ad:a2:83:4e:2d:72:bb:71
df:5d:3f:dd:ec:2f:ba:d8:5f:e3:19:9b:38:09:8d:63
15:23:4f:69:2a:25:56:b0:21:ba:97:65:9b:5f:8e:27
a3:4a:1e:ef:5b:9d:3b:cc:a9:d1:94:dc:c7:a5:14:6c
90:cd:bc:08:4a:79:ce:e2:35:36:94:dc:0d:ba:b2:b5
8d:4b:a7:58:82:04:17:c5:aa:47:d6:19:32:b1:60:b3
a7:35:c9:c3:9f:6b:60:be:c5:ef:60:91:61:3c:22:d5
b1:6e:3e:28:ca:61:f6:8c:1e:59:e1:c8:f1:ce:6f:b8
aa:51:fc:db:92:01:63:80:3f:ee:a3:1e:00:76:2d:47
ef:16:8f:6c:f6:f6:e1:74:e7:b3:45:26:6f:1f:73:6d
4b:36:23:66:6b:5a:b9:57:b5:47:ca:61:1b:3b:7e:57
58:26:b1:b6:e9:07:7f:ec:60:1f:21:2e:7c:38:e6:23
39:cf:aa:87:53:75:f0:c1:3b:82:19:a4:e2:48:48:3d
8d:65:f7:da:67:4a:16:1e:6e:52:5b:f7:1f:11:ff:c0
c3:53:d0:94:64:75:ba:a8:99:7b:35:20:6a:34:e0:d0
95:b7:45:7c:13:44:51:7a:78:1c:10:b1:73:d9:92:7e
a9:1a:4c:c2:fa:85:1e:3e:22:a6:a6:d1:af:6e:80:ef
eb
Exponent (bits 24):
01:00:01
Extensions:
Basic Constraints (critical):
Certificate Authority (CA): FALSE
Subject Alternative Name (not critical):
DNSname: localhost
IPAddress: 127.0.0.1
Key Purpose (not critical):
TLS WWW Server.
Key Usage (critical):
Key encipherment.
Subject Key Identifier (not critical):
9e5692715cd3badd71f601290ffcc1d2b7077877
Other Information:
Public Key ID:
sha1:9e5692715cd3badd71f601290ffcc1d2b7077877
sha256:02025e1f401f84b942285b470b21e33c3db90cf0c9a275e84dfe9f260ce866bc
Public Key PIN:
pin-sha256:AgJeH0AfhLlCKFtHCyHjPD25DPDJonXoTf6fJgzoZrw=
Signing certificate...
6. Copy private.key and public.crt and put into C:\Users\UserProfileName\.minio\certs
7. Final verification, execute "minio sever C:\Backup\Minio [depend on your folder]
use Minio Client to verify:
Hope this help!
Note:- Information refer from https://docs.min.io/docs/how-to-secure-access-to-minio-server-with-tls.html
Install NFS Server Roles on Windows Server 2016
In this post, we are going to install NFS Server roles on Windows Server 2016. NFS share is different from SMB share.
Both are good for file sharing purpose.
It is a simple step. Just go to Server Manager | Add Roles & Features
If you fail to install the role, do refer to this post.
Once role installed, proceed to create an NFS share.
1. Create a new directory called "NFSRepo". Right click | Properties. Select Manage NFS Sharing
Below is how it look like:-
The NFS share path will be "Servername:/NFSShare format
We're all done on the NFS Server side configuration.
- SMB is the standard for Windows
- NFS is perfect for UNIX
Both are good for file sharing purpose.
It is a simple step. Just go to Server Manager | Add Roles & Features
NFS Server roles are located under "File and Storage Services"
If you fail to install the role, do refer to this post.
Once role installed, proceed to create an NFS share.
1. Create a new directory called "NFSRepo". Right click | Properties. Select Manage NFS Sharing
Tick share this folder. Leave the setting default. Click on permission to set security right
Add a new permission. Enter
- Unix Server IP
- Read-Write permission
- Allow root access
Below is how it look like:-
The NFS share path will be "Servername:/NFSShare format
We're all done on the NFS Server side configuration.
Unable to Install NFS Server Roles on Windows Server 2016
When you try to install NFS Server Roles on Windows Server 2016 by using server manager, you were not able to. The system keeps requesting you to restart the server. [Pending restart]
But restart the server still does not allow you to install NFS Server roles.
Next step:-
This may be due to other application is using same port 111. Example:- Veeam vPower NFS Service
[ Resolution ]
1. Temporary disable the Veeam vPower NFS Service services
2. Install NFS Server Roles using Server Manager
3. Restart Veeam vPower NFS Service
That should do the trick!
But restart the server still does not allow you to install NFS Server roles.
Next step:-
This may be due to other application is using same port 111. Example:- Veeam vPower NFS Service
[ Resolution ]
1. Temporary disable the Veeam vPower NFS Service services
2. Install NFS Server Roles using Server Manager
3. Restart Veeam vPower NFS Service
That should do the trick!
Subscribe to:
Posts (Atom)