Power. Shell: Creating Active Directory Managed Service Accounts. Hey folks,I’ve recently been trying to learn more about Active Directory Managed Service Accounts (MSAs), which are basically self- managing service accounts. You don’t have to manage the Service Principal Name (SPN) or password for MSAs, which makes them very good choices for running applications. You can read more about MSAs on Microsoft Technet at this URL. Similar to MSAs are local “virtual accounts.” These do not have password to manage, and they can automatically manage their SPNs. These are not within the scope of discussion, however there are some links in the References section, which might help you to get more information about them. Creating a Group Managed Service Account with Power.
Ubuntu. 공식 홈페이지. 리눅스 커널을 기반으로 한 리눅스 배포판 가운데 하나. 영국의 소프트웨어 회사 캐노니컬과 우분투. · Going My Way: Google Chrome をオフラインでもインストールできるようにフルパッケージ版をダウンロードする方法. Shell. I’ve been trying to create a MSA using Power. Shell using the command below, but I kept getting an error. There is a Technet discussion forum post that addresses this same issue. In my scenario, I was running the command on a Windows Server 2. PS C: \Users\Administrator> New- ADService. Account - Name Service. Manager - DNSHost. Name dc. 01. New- ADService. Account : Key does not exist. At line: 1 char: 1. New- ADService. Account - Name Service. Manager - DNSHost. Name dc. 01. + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~. Category. Info : Not. Specified: (CN=Service. Manag.. DC=mybiz,DC=loc: String) [New- ADService. Account], ADException. Fully. Qualified. Error. Id : Active. Directory. Server: -2. Microsoft. Active. Directory. Management. Commands. New. ADService. Account. As it turns out, there is a new service in Windows Server 2. Key Distribution Service (KDS), which is implemented in kdssvc. This service is required in order to create and use Group Managed Service Accounts (MSAs), which are a new concept to Windows Server 2. Windows Server 2. R2 introduced the concept of a stand- alone MSA, which could only apply to one service at a time. In order to support the creation of these new group MSAs, we will need to add a new KDS “root key.” If you’re working in a lab / test environment, and have only a handful of domain controllers, then you can use the command shown below to create the root key. Add- Kds. Root. Key –Effective. Time ((get- date). After running this command, you should be able to re- run the New- ADService. Account cmdlet successfully (see screenshot below). If you are running your Active Directory forest at the Windows Server 2. Group Managed Service Account (g. MSA). Installing the Group Managed Service Account (g. MSA) with Power. Shell. Next, we need to install the g. MSA onto the server that we want to use it on. We can use the Install- ADService. Account Power. Shell cmdlet to do that. But first things first, we need to ensure that the server we are going to install it on has permission to retrieve the g. MSA’s password from Active Directory. Since we didn’t specify the - Principals. Allowed. To. Retrieve. Managed. Password parameter when we created the service account, we can use the Set- ADService. Account cmdlet to change that setting on the g. MSA. After that, we can install the g. MSA on the local system. Below is an example of how to do this. Set- ADService. Account - Identity Service. Manager - Principals. Allowed. To. Retrieve. Managed. Password scsm. Install- ADService. Account - Identity Service. Manager. At this point, you should be able to use the g. MSA to configure a Windows service. I’m still trying to figure out how to use g. MSAs with Scheduled Tasks, but that’s a topic for another time. Technet – Getting Started with Group Managed Service Accounts. Technet – Service Accounts Step- by- Step Guide (Server 2. R2)Technet – New- ADService. Account (Server 2. Technet – Installing a Managed Service Account. Technet Forums – Install- ADService. Account: Access Denied. Technet Forums – New- ADService. Account: Key Does Not Exist. Virtual. Box安装Ubuntu图文教程 - 娄老师 - 博客园一. Virtual. Box官网下载Virtual. Box,目前版本:Virtual. Box 5. 1. 8 for Windows hosts x. Virtual. Box,一路Next就可以了,这个比较简单。运行Virtul. Box程序, 如下图:配置Virtual. Box。按 CTRL+G打开全局设定,根据需要可以设定虚拟脑位置和界面语言:修改默认虚拟脑位置比如D: \myvbvms可以让自己更方便的查找,备份安装好的虚拟机。如果界面是英文,可以改成中文:二、安装Ubuntu创建虚拟机运行Virtul. Box程序,点击“新建”按钮,新建一个虚拟机。虚拟机名称可以随意输入,示例:rocedu。操作系统选择Linux,版本选择ubuntu。点击“下一步”。设定虚拟机的内存,此内存即为虚拟机所占用的系统内存,可随意修改,建议不要超过系统内存的1/2。首先了解自己的笔记本电脑系统内存大小,“我的电脑”- > “属性”。样机为1. G。为了方便以后编程学习使用,这里将虚拟内存设为4. G。点击“下一步”。为虚拟机创建一块虚拟硬盘。选择“现在创建虚拟硬盘”,并单击“创建”。如果你安装有问题,可以去别人电脑上默认虚拟脑位置比如D: \myvbvms处拷贝别人安装好的XXX. VDI(Virtual. Box磁盘映像),并单击“下一步”。选择“动态扩展”,并单击“下一步”。因为分配给虚拟机的内存空间较大,使用时逐渐占用磁盘空间,闲置时自动缩减比较合理,所以选择动态扩展类型。输入虚拟硬盘文件的名称,并选择保存位置。选择虚拟硬盘大小时一定先确定保存所在位置磁盘的可用大小。可用空间为5. G,虚拟硬盘大小设置为6. 4G。单击“创建”。虚拟机创建完成。也就是说Ubuntu所需的硬件资源准备好了,相当于买了一个没有安装操作系统的电脑主机。安装Ubuntu 系统软件在虚拟机上安装Ubuntu和在真实机器上安装没有大的差别。官网下载桌面版,目前版本:Ubuntu 1. LTS双击启动创建好的虚拟机弹出下图对话框,选择启动盘。单击右侧文件夹小图标。选择虚拟光盘文件ubuntu- 1. Ubuntu”选择“继续”。 网络状况不好可以不选择“安装Ubuntu时下载更新”选择“清除整个磁盘并安装Ubuntu”单击“现在安装”弹出警告框,选择“继续”。安装过程中时区,用鼠标单击地图中的“中国”,就会选择“上海”,单击“继续”。语言选“汉语”:输入个人信息:用户名,口令等。单击“继续”,安装过程可能需要几十分钟,请耐心等待。安装完毕,重启一下Ubuntu。安装Virtual. Box虚拟机增强功能注意:以下需要输入命令代码时请注意之间的空格!以及文件名相互对应!进入虚拟机Ubuntu系,安装Virtual. Box增强功能,这可以极大的提高虚拟机效率。首先点击VBox菜单栏的“设备”项,选择最下面的“安装增强功能”。这时可以看到桌面多出一个光盘图标,如果没有,则重试本步。按CTRL+ALT+T打开“终端”。输入以下命令(注意空格!注意路径、文件名相互对应。)输入命令时要根据自己的情况修改,文件名用Tab补全,减少录入错误。等待几分钟就安装好了!分配共享数据空间(易出错,新手可以不做)为了方便虚拟机和宿主机之间的数据传输,我们可以为虚拟机设置一个和主机共享的“数据空间”。VBox为我们提供了这个功能。在VBox主界面左侧选择刚刚创建好的虚拟机,点击上方的“设置”按钮,进入虚拟机配置界面。点击左侧“共享文件夹”按钮,在新窗口中任意选择一个本地文件夹作为共享文件夹。示例选择文件夹位置为C: \rocshare,不要勾选“只读分配”。单击“确定”,并关闭设置窗口。启动Ubuntu,打开终端窗口。(注意空格!)一个要点是:命令,文件名要通过Tab补全,这样就会减少录入错误。输入命令“sudo mkdir /mnt/shared”。回车后键入密码。继续输入命令“sudo mount –t vboxsf rocshare /mnt/shared" //注意rocshare /mnt/shared 要跟据自己的情况修改输入命令“sudo gedit /etc/fstab”在弹出的文本末尾添加一行下面的内容:“rocshare /mnt/shared vboxsf rw,gid=1. Ubuntu中用touch命令新建一个testtest的文件,到宿主机的c: //rocshare中就能看到这个文件。至此,虚拟机安装配置完成。配置Ubuntu. Ubuntu的使用可以参考别出心裁的Linux命令学习法.通过sudo apt- get update; sudo apt- get upgrade 更新一下系统。安装软件。Ubuntu中安装软件比较简单,使用sudo apt- get install XXX就可以安装XXX软件,比如我们常用的Vim,就可以用sudo apt- get install Vim来安装。注意:Ubuntu中使用到某个没有安装的软件时,会有贴心的提示,如上图。我们可以通过apt- cache search XXXX来查找软件库中有没有我们想要安装的软件。比如我们想看看有没有常用的调试工具cgdb,就可以使用apt- cache search cgdb来查找:找到后就可以通过sudo apt- get install cgdb来安装了。我们可以一次安装多个软件,比如sudo apt- get install git ddd就会安装分布式版本控制工具git和图形化调试工具ddd:这提醒我们可以写个脚本简化软件的安装,你可以源源不断的把自己用的软件添加到这个脚本中,方便日后自己安装新系统:我的安装脚本供大家能参考:#!/bin/sh. Vim配置参考做中学之学用学用Vim.其他想学好Linux,建议再按上面的步骤下载安装一下Fedora, Cent. OS,这样你可以体会不同发行版,桌面版和服务器版的不同,找出共性知识就可以完善自己的知识结构,做到举一反三!相信我,不会浪费你太多时间的。参考资料如果你觉得本文对你有帮助,请点一下左下角的“好文要顶”和“收藏该文”.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |