Concurrent sessions in Windows XP

From Windows & .NET Magazine.

XP SP2 lets you run two sessions (one local console and one remote desktop) concurrently. You must use a different user for each session. To enable concurrent sessions, perform the following steps:

Start a registry editor (e.g., regedit.exe).
Navigate to the HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerLicensing Core registry subkey.
From the Edit menu, select New, DWORD Value.
Enter the name “EnableConcurrentSessions,” then press Enter.
Double-click the new value, then set it to 1.

(from http://www.code4ward.net)

Configurare OpenVPN per accesso remoto alla rete aziendale

Configurare OpenVPN per accesso remoto alla rete aziendale.
Modalità non-TLS con static key encryption mode

Requisiti:

Server OpenVPN: WinXP o Win Server 2003
Client: Win 2000 o successivi

rete locale 192.168.30.0 / 24
scheda rete server OpenVPN: 192.168.30.11 / 24

Su server OpnVPN:
1. installare OpenVPN
2. creare una preshared key: openvpn.exe –genkey –secret key la chiave verrà creata nel file key, copiarla dal server al client tramite un mezzo sicuro.
3. rinominare la connessione di rete appena creata dall’installazione: tap
4. lasciare l’indirizzo TCP/IP della connessione OpenVPN in automatico
5. creare un bridge tra la connessione di rete fisica ed il tap, chiamandolo “tap-bridge”
6. assegnare al bridge un indirizzo IP della rete locale (la stessa subnet della connessione fisica) es 192.168.30.15 / 24. Da adesso in poi il server XP OpenVPN avrà sulla rete questo indirizzo
7. testare la rete da e verso il server
8. assicurarsi di avere la preshared key nella cartella config
9. creare il file di configurazione (es: server.ovpn) come segue:

dev tap
dev-node tap
secret key
ping 5
verb 3
mute 10

10. Importante – togliere dalla cartella config tutti gli altri file .ovpn
11a. far partire il file di configurazione con il tasto destro
11b. oppure far partire il servizio OpenVPN. Ricordarsi di metterlo in avvio automatico

Ricordarsi di pubblicare la porta UDP 5000, con PAT verso l’indirizzo privato del
server XP OpenVPN (nel caso: 192.168.30.15)

Su client

1. installare openvpn
2. dare alla scheda OpenVPN un indirizzo che fa parte della rete da raggiungere es: 192.168.30.16 /24
3. assicurarsi di avere la preshared key nella dir config
4. creare il file di configurazione (es: client.ovpn) come segue:

remote myserver.mydomain.com
dev tap
secret key
ping 5
verb 3
mute 10

5. far partire il file di configurazione con il tasto destro.

Errore W32TIME nel log di Windows 2000 server

Errore W32TIME nel log di Windows 2000 server, quando PDC di una foresta:

This Machine is a PDC of the domain at the root of the forest. Configure to sync from External time source using the net command, ‘net time /setsntp:’

Risoluzione:

1) fermare il servizio w32time (net stop w32time)

2) configurare con un time server esterno affidabile, es: Istituto Elettrotecnico Nazionale G.Ferraris – Torino (net time /setsntp:time.ien.it)

3) testare il funzionamento con w32tm -once -test -v

4) sincronizzare (w32tm -s), si ottiene una risposta tipo: “RPC to local server returned 0x6b5”; se si ottiene 0x0 la sincronizzazione non è andata a buon fine, accertarsi di avere effettivamente fermato il servizio w32time

5) fare ripartire il servizio w32time

Credit: Adrian Grigoroff (www.eventid.net)

Cannot Install Service Pack 6/6a with High Encryption Internet Explorer

——————————————————————————–
The information in this article applies to:

Microsoft Windows NT Workstation versions 4.0 SP6, 4.0 SP6a
Microsoft Windows NT Server versions 4.0 SP6, 4.0 SP6a
Microsoft Windows NT Server, Enterprise Edition versions 4.0 SP6, 4.0 SP6a
Microsoft Windows NT Server version 4.0 SP6, Terminal Server Edition

——————————————————————————–

SYMPTOMS
If you attempt to install the standard-encryption (or 56-bit) version of Windows NT 4.0 Service Pack 6 or 6a on a Windows NT 4.0-based computer that already has Microsoft Internet Explorer High Encryption Pack or Internet Explorer version 5.5 installed, you receive the following error message:

You have chosen to install a version of the Service Pack with Standard Encryption onto a system with High Encryption. This is not supported. To successfully install
this version of the Service Pack, you must install the High Encryption version. Press Help for more information about obtaining the High Encryption Version of this
Service Pack. Service Pack Setup will now exit.

CAUSE
This issue occurs because the Schannel.dll file that is installed by Microsoft Internet Explorer High Encryption Pack and Internet Explorer 5.5 cannot be overwritten by the service pack installation program.Internet Explorer 5.5 includes 128-bit encryption by default because of the United States government’s recent decision to allow companies to export products that use strong, 128-bit encryption. Windows NT 4.0 Service Pack 6 and 6a were released before this decision was made. Therefore, localized versions of Service Pack 6 and 6a are 40-bit versions. 40-bit versions of these service packs detect higher encryption levels and do not allow themselves to be installed.

RESOLUTION
To work around this issue and prevent the version-number scanner from comparing the Schannel.dll file versions:

Use any text editor (such as Notepad) to open the Update.inf file in the I386\Update folder in the service pack source files.

Place a semicolon (;) before the reference to the Schannel.dll file in the
[CheckSecurity.System32.files] section of the Update.inf file.

Save and then close the Update.inf file.

Install the service pack.