Wednesday, April 15, 2015

Active Directory Domain Services

Active Directory is a hierarchical database that holds information about the network’s resources such as computers, servers, users, groups and more. The main purpose of Active Directory is to provide central authentication and authorization services. Normal administrative tasks when working with Active Directory include creating, managing, moving, editing and sometimes – deleting – various objects such as user accounts, computer accounts, groups, contacts and other objects. The Active Directory database is stored on Domain Controllers (or DCs), in a file called NTDS.DIT.

Installing Active Directory is not all that difficult. However, once you get it installed, there is still plenty of work that needs to be done. The first stage of configuration of Active Directory is securing it. There are many areas that need attention and many settings that need to be altered to prepare it for secure action on your network. Let’s take a look at the initial settings that you should make to get Active Directory secure for your network before you dive into setting up the entire structure.
  1. Create a second administrative account for regular use.
  2. Set a complex and long password for the Administrator account.
  3. Rename the default Administrator account to some deceptive name.
  4. Set Password Policy in Default Domain Policy.
  5. Set Account Lockout Policy in Default Domain Policy.
  6. Create Organizational Unit(s) for User and Computer Accounts.
  7. Configure DNS properly to Forward queries and enable only secure dynamic updates.
  8. Use Best Practice Analyzer (BPA) for every Server Role (available in Windows Server 2008 R2 and above). 

Active Directory Partitions
The AD database is divided up into partitions for replication and administration. Each Domain Controller has a copy of the Active Directory database store in a file called NTDS.DIT. The data in this file is divided into partitions. The partition type determines how it will be replicated throughout the forest. 
1. Domain Partition: This partition is replicated only to Domain Controllers in that domain. Active Directory Users and Computers obtains it data from this partition. 
2. Global Catalog Partition: The partition contains a partial replica of all objects in the domain. It is replicated to all Global Catalog Servers in the forest. It is also referred to as Partial Attribute Set (PAS).
3. Schema Partition: Schema partition defines what can be stored in the Active Directory database. It essentially defines the layout of the database. The schema partition is replicated to all Domain Controllers in the forest.
4. Configuration Partition: This partition contains configuration information for the whole forest. For example, it contains information about sites in the forest and partition defined in the Active Directory database. This partition is replicated to all Domain Controllers in the forest.
5. Application Partition: The application partition is created by Applications to store their data. It is different from any other partition in that the application can choose which Domain Controller or Controllers to store the data on. The advantage for the application storing the data this way is that the application has access to the same replicate and fault tolerance used by the Domain Controllers. An example of an Application is DNS Integrated Active Directory Zones.

Read more about Windows Active Directory Domain Services

Android - A guide for beginners

Android is one of the open source, versatile, and customizable mobile operating systems out there but manufacturers and carriers put restrictions on users so that they can not easily play around with android OS that comes pre-installed right from manufacturer.
If you want to get maximum out of your android smartphone? You want to fully own your device and take full control on it, you should be able to do it after Rooting. With root access, you truly own your device and open yourself up to all the possibilities.

Benefits of Root Access:
- Unlock Hidden Features and Install Apps which requires root access (like TitaniumBackup)
- Boost Your Phone's Speed and Battery Life
- Block advertisements in any App
- Back Up your phone's OS, make nandroid backup images, backup each and every App & associated data
- Remove preinstalled Bloatware/Crapware which unnecessarily eats battery and phone memory
- Flash custom kernels and custom ROMS to get additional features and experience new look
- Truly own your device

Risks Involved:
- You may void device warranty if your device manufacturer does not allow rooting
- Unintentionally mess up the whole system by deleting any system file
- You will stop receiving automatic updates (OTA aka Over The Air) from manufacturer

Before you start to play around with your smartphone, it is very important that you understand the general terms used in Android.

Bootloader
A bootloader is a program that loads an operating system. 
Bootloaders are written by hardware vendors and are specialized for the hardware they run on.
For Android devices, the bootloader starts either android OS or Recovery. Android bootloaders often have a basic interactive mode that can be triggered by holding a specific button (mostly volume down) while the bootloader is executing.
Bootloader is usually locked on an Android device because manufacturers want you to stick to their Android OS version specifically designed for the device. If you are an advanced user, you can still unlock the bootloader and this will open every restrictions put by carrier/manufacturer and you can freely install unofficial firmwares at your own risk.

Kernel
Kernel is the core module of every operating system which connects the system hardware to the application software. In general, it allows the hardware to interact with software whether it is a computer or a smartphone.
Kernel is loaded first when OS boots up and it remains in the memory until the system is on. Since it is very crucial, it is usually loaded into a protected area of memory to prevent it from being overwritten by other programs of the operating system.

Firmware 
Firmware is permanent software programmed into a read-only memory (ROM).
In genral words, you can understand it like Windows for PC. In case of android smartphones, every manufacturer have designed different firmwares regardless to the Android version (ICS, Froyo, Gingerbred). Please don't even think that we can install any firmware on any android phone like we do in PCs :-)

Android Recovery
Recovery is a dedicated, bootable partition with recovery console installed. A combination of keys (or command line instruction) will boot your phone to recovery, where you can find tools to repair your installation as well as install official OS updates. The stock recovery has very limited functionality, it provides very limited commands which can help you recover your OS. This is where Custom recoveries come into play. 
A custom Android recovery replaces stock recovery. It can do all the stuff as a stock recovery and it provides you more options to control your device. Using custom recovery, you can install official and unofficial ROMs, themes, kernels, wipe different partitions of your device, mount the external SDCard or even USB mass storage devices, fix permissions, perform backup & restore and much more. 
ClockWorkMod (CWM) and Philz Touch Recovery are most widely used custom recoveries.

Android Debug Bridge (ADB)
Android Debug Bridge (adb) is a versatile command line tool that lets you communicate with an emulator instance or connected Android-powered device. 
It is a client-server program that includes three components:
Client: Runs on your development machine. You can invoke a client from a shell by issuing an adb command.
Server: Runs as a background process on your development machine. The server manages communication between the client and the adb daemon running on an emulator or device.
Daemon: Runs as a background process on each emulator or device instance.

Android Rooting
Rooting is the process of allowing Android smartphone user and other applications to gain unrestricted control (known as "root access"). As Android uses the Linux kernel, rooting an Android device gives similar access to root permissions as on Linux system. Hardware manufacturers put some restrictions while preparing firmware for their devices so that the regular user could not accidentally delete any important system file and completely mess up the whole system. Hence, Rooting is not recommended for a regular user. 
Note:- Rooting can void the warranty of your device.

ROM
In general, ROM stands for Read Only Memory but when are talking about it in Android MOD section, it stands for the complete OS image that you install into the ROM area of your phone. 
A stock ROM refers to the operating system that comes pre-installed in your phone when you buy it.
A custom ROM is a standalone version of the OS, including the kernel, apps, services etc - everything you need to operate the device with exception that customized by someone in some way. Since android is open source, developers can freely take the custom ROMs, remove bloatware, optimize them and add new features.

Bloatware
Bloatware are extra (maybe unwanted) software included on a new computer or mobile device by the manufacturer. 

Since our mobile devices come with limited storage, memory and battery, everyone want to get rid of unnecessary apps to prevent fast battery drain, reclaim space and memory. This can be done after Rooting.

Mystery of APK, ODEX, DEODEX, Dalvik Cache 
Android OS uses a Java-based virtual machine called the Dalvik Virtual Machine. Dalvik is named after the name of person who wrote the original code for VMs.
In Android file system, apps come in packages with .apk extension. These APKs contain certain .odex files. A deodexed or .dex file contains the cache (Dalvik-cache) used by this virtual machine for a program, and it is stored inside the APK. An .odex file is an optimized version of this same .dex file that is stored next to the APK. 

The advantage of deodexing is in modification possibilities. This is most widely used in custom ROMs and themes. A developer building a custom ROM would almost always choose to deodex the ROM package first, since that would not only allow him to modify various APKs, but also leave room for post-install theming.
On the other hand, the .odex files were supposed to quickly build the dalvik cache, removing them would mean longer initial boot times. However, this is true only for the first ever boot after deodexing. Longer boot times may only be seen again if the dalvik cache is wiped for any reason.

init.d
init.d is a folder located at /system/etcIt allows the user to run scripts at system startup. You can tweak many system settings with scripts.

Brick
The word "brick", refers to a smartphone or tablet which can no longer function due to a serious misconfiguration, corrupted firmware or a hardware problem. The chances of bricking up occurs when you are playing around with the bootloader and firmware of your device means when you try to root the android OS, unlock the bootloader, flash inconsistent custom ROMs.
  Soft Brick
Soft bricked devices are generally those devices which show some signs of life. A soft bricked device usually boots and generally gets stuck on boot logo, or reboots endlessly (bootloop), or while operation, suddenly shows a "screen of death". Some of the major reasons for soft brick are invalid or corrupt firmware installation, flashing bad scripts, trying to root the device, or flashing a custom recovery image to a device with a locked bootloader.
Devices can be recovered from a soft bricked state by simply clearing all the internal memory and flashing the correct firmware. Sometimes internal memory partitions of the device require to be flashed again in order to recover device from this state.
  Hard brick
Hard bricked devices are generally those who show little to no signs of life. A hard bricked device doesn't power up or show any vendor logo, basically the screen remains turned off. Some of the major reasons for hard bricking are installing firmware not made for the device, interrupted flashing procedure or following a flashing procedure incorrectly. 
Read More