August 15th, 2019 | Tags:

【起因】

zabbix 由于监控条目过多,模板套用不当导致历史数据过大, 因此导致磁盘空间暴涨, 现在准备清理数据库。
Read more…

August 15th, 2019 | Tags:

特别提醒:

a、文中测试的Zabbix版本为 3.0.3 。

b、清理数据属于高危操作,请在测试环境中验证后再执行线上操作!!!

 
Read more…

July 30th, 2019 | Tags:

gpedit.msc
白名单法:
“本地计算机”策略 -> 计算机配置 -> Windows 设置 -> 安全设置 -> 本地策略 -> 用户权利指派 -> 在本地登录
去掉里面所有的用户,只填加你的用户帐号(注:帐号可以是域用户帐号)
这样,这台电脑就只有填加的这个用户能登录了

黑名单法:
“本地计算机”策略 -> 计算机配置 -> Windows 设置 -> 安全设置 -> 本地策略 -> 用户权利指派 -> 拒绝本地登录
效果和上面差不多,在黑名单上的人就不能使用你的电脑了
使用这种方法要注意一点:
不要把本机管理员帐号排除掉

July 20th, 2019 | Tags:

How can I view the allocation unit size of a NTFS partition in Windows?
Read more…

July 18th, 2019 | Tags:

Expand a Hard Disk with Ubuntu LVM
Read more…

July 10th, 2019 | Tags:

This how to will walk you through using Restricted groups to put users in the local admin group on all PCs. It will also add them to the Remote Desktop user’s group.
The usefulness in this is keeping as many people out of the domain admin group as possible while allowing the techs to work.
I see this in forums every once in a while but since I am revamping some policies with 2008R2 I thought I would take the time to write down the steps to do this handy little procedure.
I have created these instructions for 2008R2 it should work with 2003 just fine but if you need more details on 2003 check my reference below.

Read more…

July 10th, 2019 | Tags:

In Active Directory, the default container for user objects is the Users container and the default container for computer objects is the Computers container.
Read more…

July 5th, 2019 | Tags:

AD Delegation allows you to give users/groups access to certain parts of your AD without giving them full admin access. A great example is allowing Help Desk users to reset user passwords; this is actually quite easy and is a default option when delegating permissions to an OU. However, you may want your Help Desk users to be able to join/remove computer accounts to your domain which is a bit more difficult. By default, a standard user account can join up to 10 workstations to your domain and more than likely you’ll want them to join more. Here are the necessary steps as well as my recommendations:

1 – Create New OU for your Computers

In this example, I made the top OU called Computer and made several sub OU’s.  I suggest using an OU because you can apply a GPO at the topmost level to apply specific security to all of your computers.

2 – Redirect the Default Computers Container to the New Computer OU in AD

By default, computers joined to an AD domain are put in the Computers Container, which cannot have a GPO applied because it’s a container and not an OU.  You can redirect that container to our new Computer OU using Redircmp.exe (http://support.microsoft.com/kb/324949).  On your AD Domain Controller, run the following command (Replace DC=contoso,DC=local with your domain name):

 3 – Create a Global Security Group to Join/Delete Computers

Create a new Global Security Group, which we will use to delegate who can Join/Delete computers from AD.  In my example, I’ll use a group called Join-Move-Delete Computer OU

4 – Delegate the Join and Delete Permissions

  • Right-Click the Computer OU and select Properties
  • Click the Security tab and click the Advanced button

  • Click the Add button, enter the name of the security group Join-Move-Delete Computer OU and click OK. You can now add any users you desire to this group.

  • Under Apply to, select This object and all descendant objects
  • Under the Allow column, select Create Computer Objects and Delete Computer Objects
  • Click OK on all of the screens to save the changes

All members of the Join-Move-Delete Computer OU group can now Add and Delete Computers in your domain.

5 – Delegate Moving Objects to Sub-OU’s in the Computer OU (Optional)

Optionally but likely, you may want your users to be able to move the computers they join to the proper OU.  In that case, we need to add 1 more permission.

  • Right-Click the Computer OU and select Properties
  • Click the Security tab and click the Advanced button
  • Click the Add button, enter the name of the security group Join-Move-Delete Computer OU and click OK.
  • Under Apply to, select Descendant Computer objects
  • Under the Allow column, select Write all properties
  • Click OK on all of the screens to save the changes

All members of the Join-Move-Delete Computer OU group can now move computers between all of the Sub-OU’s in the Computer OU.

 

July 1st, 2019 | Tags:

我们通过wmic 命令来将虚拟内存设置在D盘最小8G最大16G并删除C盘的虚拟内存文件 pagefile.sys.

wmic PageFileSet create name="D:\\pagefile.sys",InitialSize="8096",MaximumSize="16384"
wmic PageFileSet where "name='C:\\pagefile.sys'" delete
May 6th, 2019 | Tags:

Get all user with selected info and Dl group By powershell.

Get-ADUser -Filter * -Properties * -SearchBase "OU=CPG,DC=ISNET,DC=CORP,DC=ORG" | Select-Object givenName,sn,displayName,physicalDeliveryOfficeName,streetAddress,l,st,postalCode,co,title,department,company,homeMDB,@{n=’MemberOf’; e= { ( $_.memberof | % { (Get-ADObject $_).Name }) -join “,” }} | export-csv -path c:\temp\allusers.scv