coopsvr.sciencecoop.ubc.ca

UBC Physics & Astronomy
coopsvr.sciencecoop.ubc.ca
DNS alias: maximizer.sciencecoop.ubc.ca
137.82.93.161 (PUBLIC) - 192.168.1. 161 (BACKUP)

coopsvr (currently located in Henn 110A) is a server running Microsoft Windows Server 2008 R2 Standard Edition with Service Pack 1. It's currently used for Science Coop office to share documents. In the future, we are planning to install Active Directory on it.

System Info:


  
    
      Hardware:
      HP ProLiant DL160 G6
    
    
      Serial Number:
      MXQ01800WY
    
    
      Processor:
      Intel(R) Xeon(R) CPU E5520 @ 2.27GHz 2.27GHz
    
    
      Installed Memory (RAM): 
      24 GB
    
    
      System Type: 
      64-bit Operating System (Windows Server 2008 R2 Standard Edition with Service Pack 1
    
    
      Hard Drive:
      137 GB (48GB for System, 89GB for Data)
    
    
      Computer name: 
      COOPSVR
    
    
      Public IP Address & MAC Address:
      137.82.93.161 (D8:D3:85:DB:64:81)
    
    
      Subnet Mask:
      255.255.255.248
    
    
      Default Gateway:
      137.82.93.166
    
    
      DNS Servers: 
      142.103.236.1, 142.103.1.1
    
    
      Second IP Address & MAC Address:
      192.168.1.2 (D8:D3:85:DB:64:80)

Currently Installed Services:

Active Directory Service
File Server 
Web Server (IIS) 
Maximizer CRM 11 Group Edition Server 

Shared Folder: \\coopsvr.sciencecoop.ubc.ca\coop (everyone in CoopShare group has full access to the folder)

2013-07-30

Install Cygwin for BackupPC

Download cygwin installation file from http://cygwin.com/install.html
Choose the following packages:
```
openssh
rsync
nano
```

Run Cygwin as Administrator, then run the following command with the listed options:

$ ssh-host-config
*** Query: Should privilege separation be used? (yes/no) yes

*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: [] ntsec mintty

*** Query: Do you want to use a different name? (yes/no) no
*** Query: Please enter the password for user 'cyg_server':
*** Query: Reenter:

Create rsyncd.conf file

vi /etc/rsyncd.conf
uid = root
max connections = 50
syslog facility = local5
pid file = /var/run/rsyncd.pid

[coop]
  path = /cygdrive/e/coop
  hosts allow = 192.168.1.30
  read only = yes

Install rsyncd as a service

cygrunsrv --install "rsyncd" --path /usr/bin/rsync --args "--daemon --no-detach" \
 --desc "Starts a rsync daemon for accepting incoming rsync connections" \
 --disp "Rsync Daemon" --type auto

Start the rsyncd service
```
net start rsyncd
```
Open ports 22 and 873 on Windows Firewall

2012-11-21 - Software GPO Deploy

Deployed GPOs to install the following software on client computers:

Software - Java 7 u9
Software - Adobe Flash Player 11.5
Software - Adobe Reader XI 11.0

2012-09-19 - RAM Upgrade

Installed 8GB x3 DDR3 SDRAM

2012-08-29 - Event ID 10154

Received the following warning on system boot:

The WinRM service failed to create the following SPNs: WSMAN/coopsvr.sciencecoop.ubc.ca; WSMAN/coopsvr. 
 Additional Data 
 The error received was 8344: %%8344.
 User Action 
 The SPNs can be created by an administrator using setspn.exe utility.

Solution:

Since that WinRM runs under “Network Service” account, I was able to fix this warning by
granting the  “Validated Write to Service Principal Name” permission to the NETWORK SERVICE
using the ADSIEDIT.msc. This will allow WinRM to auto create the necessary SPNs on that domain controller.

Use ADSIEDIT.msc, choose Default naming context and scroll down to the Domain Controllers OU,
right-click the Domain Controller object that is showing the warnings and select properties,
select security tab and click in the advanced button,
in the advanced security settings menu, click add, type Network Service and hit ok.

Reference:
http://srvcore.wordpress.com/2010/01/02/domain-controllers-warning-event-id-10154/

2012-05-14 - Created the following GPO

- (U) Map Network Drive S: CoopShare (Apply to CoopShare group)

User Configuration >> Preferences >> Windows Settings >> Drive Maps
Drive Map (Drive: S)
    S: (Order: 1)
    General
    Action                      Create 
    Properties
        Letter                  S 
        Location                \\coopsvr\coop 
        Reconnect               Enabled 
        Label as                CoopShare 
        Use first available     Disabled 
        Hide/Show this drive    No change 
        Hide/Show all drives    No change 
    Common
    Options
        Stop processing items on this extension if an error occurs on this item     No 
        Run in logged-on user's security context (user policy option)               No 
        Remove this item when it is no longer applied                               No 
        Apply once and do not reapply                                               No

- (U) Staff User Profile (Apply to Staff group)

User Configuration >> Policies >> Administrative Templates >> System >> User Profiles
Exclude directories in roaming profile                                  Enabled
    Prevent the following directories from roaming with the profile:    Downloads;Music;Videos;Pictures;Saved Games;Searches

Limit profile size                                          Enabled
    Custom Message                                          You have exceeded your profile storage space. Before you can log off,
                                                            you need to move some items from your profile to network or local storage.
    Max Profile size (KB)                                   300000
    Show registry files in the file list                    Disabled
    Notify user when profile storage space is exceeded.     Enabled
    Remind user every X minutes:                            15

- (C) Default Computer Policy (Apply to ChemPhys_Computers & COPP_Computers groups)

Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Local Policies >> Security Options
Interactive Logon
    Interactive logon: Do not display last user name      Enabled
    Interactive logon: Do not require CTRL+ALT+DEL        Enabled

2012-02-29 - Installed Active Directory Service
Run dcpromo and promoted the server to be a domain controller

Domain Name: sciencecoop.ubc.ca (SCIENCECOOP)
netlogon.dns (need to be added to UBC DNS server)

2012-01-09 - Maximizer Issues
Made the following changes with Maximizer Administrator:

1. Changed Maximizer user MASTER password 
2. Disabled Maximizer user MARKETING 
3. Added a new Maximizer user TLEE

After running Maximizer CRM on the server, the Maximizer client couldn't connect to the server. To solve this problem, follow the instructions below:

  1. Open SQL Server Management Studio (Start > Programs > SQL Server 2008 > SQL Server Management Studio).
  2. With Windows Authentication selected, click Connect.
  3. In the Object Explorer pane, expand the Database > MaConfig > Tables  folder.
  4. Right-click on dbo.MaConfig, and select Edit Top 200 Rows.
     Make sure all the DB_SERVER eValue is configured to use FQDN: coopsvr.sciencecoop.ubc.ca

2011-06 - Updates
1. Installed Maximizer Server and Maximizer Components for Microsoft IIS

Use custom installation to include Microsoft SQL Server Management Studio
After the installation, install SQL Server 2008 Service Pack 1

Run Maximizer Administrator

Login as MASTER
File -> Manage Users, change MASTER password
Utilities -> Install Multi-User License, add aditional license
File -> New Address Book, add a new address book ScienceCoop
File -> Open Address Book, open ScienceCoop address book, type in the new MASTER password
File -> Manage Users, add new user MARKETING, grant the user both Windows Access and Web Access

Run SQL Server Management Studio and connect with the following parameters:

Server type: Database Engine
Server name: COOPSVR\MAXIMIZER
Authentication: windows Authentication
    * Database -> MaConfig -> Tables
    * Right click on dbo.MaConfig and then select Edit Top 200 Rows
    * On eValue column, find all COOPSVR with PATH or SERVER in eKey column, and change it to COOPSVR.sciencecoop.ubc.ca

2. Installed Microsoft Internet Information Services, make sure to have ASP.NET, Windows Authentication, and IIS 6 Management Compatibility installed.

Create a new site call maximizer


  
    
      Site name: 
      maximizer
    
    
      Physical path:
      C:\Program Files(x86)\Maximizer\Portals\Employee
    
    
      Connect as:
      maximizer (new user created for maximizer website)
    
    
      Host name: 
      maximizer.sciencecoop.ubc.ca

Click on maximizer site, then choose Authentication, enable Anonymous Authentication, ASP.NET Impersonation, and Windows Authentication
Click on Application Pools, select maximizer, then choose Advanced Settings, change the following settings if it's different.
```
Enable 32-Bit Applications: Tru
Managed Pipeline Mode: Classic
```
Start the website

3. Create an alias maximizer.sciencecoop.ubc.ca for coopsvr.sciencecoop.ubc.ca

For more assistance contact sysadmin@phas.ubc.ca ( Sysadmin )

webmaster@phas.ubc.ca [Dept. Home Page] last updated:

Hardware:	HP ProLiant DL160 G6
Serial Number:	MXQ01800WY
Processor:	Intel(R) Xeon(R) CPU E5520 @ 2.27GHz 2.27GHz
Installed Memory (RAM):	24 GB
System Type:	64-bit Operating System (Windows Server 2008 R2 Standard Edition with Service Pack 1
Hard Drive:	137 GB (48GB for System, 89GB for Data)
Computer name:	COOPSVR
Public IP Address & MAC Address:	137.82.93.161 (D8:D3:85:DB:64:81)
Subnet Mask:	255.255.255.248
Default Gateway:	137.82.93.166
DNS Servers:	142.103.236.1, 142.103.1.1
Second IP Address & MAC Address:	192.168.1.2 (D8:D3:85:DB:64:80)

Site name:	maximizer
Physical path:	C:\Program Files(x86)\Maximizer\Portals\Employee
Connect as:	maximizer (new user created for maximizer website)
Host name:	maximizer.sciencecoop.ubc.ca