How To Make Shortcuts to Control Panel Pages in Vista
http://www.dailygeeks.com/howto/how-to-make-shortcuts-to-control-panel-pages-in-vista/
How to open Control Panel Items from Command Line in Vista
http://www.nibbleguru.com/problem/5074-how-open-control-panel-items-command-line-vista
New Vista Syntax for Opening Control Panel Items from the Command-line
http://www.howtogeek.com/howto/windows-vista/new-vista-syntax-for-opening-control-panel-items-from-the-command-line/
Accessibility Options, access.cpl
Add/Remove Programs, appwiz.cpl
Add Hardware Wizard, hdwwiz.cpl
Automatic Updates, wuaucpl.cpl
Bluetooth Properties, bthprops.cpl
Display Properties, desk.cpl
Firewall Properties, firewall.cpl
Game Controllers, joy.cpl
Internet Options, inetcpl.cpl
iSCSI Initiator, iscsicpl.cpl
Java Control Panel, jpicpl32.cpl (java install folder\javacpl.exe)
Licensing Mode, liccpa.cpl
Mouse Properties, main.cpl
Network Connections, ncpa.cpl
Network Setup Wizard, netsetup.cpl
ODBC Properties, odbccp32.cpl
Power Options, powercfg.cpl
Regional and Language Options, intl.cpl
Sound and Audio Devices, mmsys.cpl
Stored Passwords, keymgr.cpl
System Properties, sysdm.cpl
Telephone and Modem Properties, telephon.cpl
Time and Date Settings, timedate.cpl
User Accounts, nusrmgr.cpl
Windows Security Center, wscui.cpl
Wireless Link, irprops.cpl
2009-01-27
借助路由器,实现iAMT的本地管理
借助路由器,实现iAMT的本地管理
我们在开发支持Intel主动管理技术的控制台时,访问管理引擎(ME)提供的Web Service接口有两种方式,一种是通过网络访问,另外一种是本机直接访问。但是本机访问有比较多的限制,大部分iAMT功能接口对本地应用程序来说是不可用的,比如CircuitBreak,AgentPresence,SecurityAdministration等等。那么在没有两台机器的情况下,如何实现在iAMT机器的主机操作系统上就能对iAMT所有特性进行操作呢?
经过笔者的一些简单实验,我们只需要一台普通的路由器就能做得到。比如,一般的ADSL接入设备,无线路由器,或者自己用Linux搭建的网关都行。大概的原理是这样的:给iAMT和Host OS配置不同网段的IP地址,都将网关指向路由器;然后在路由器上设定所需的路由;在Host OS上的应用程序访问iAMT IP地址时,网络包首先被发送到默认网关,也就是路由器,然后路由器根据自身的路由表将网络包路由到iAMT,iAMT的返回结果同样也是先发送到路由器,然后由路由器再将网络包路由回Host OS。如下图所示。
在上图中,我们将一台Intel Core 2 vPro机器(内建iAMT功能)的主机操作系统IP地址配置为192.168.2.10,网关指向192.168.1.1,由于这里网关和主机地址不在同一个网段,只能手动配置静态IP了;将底层的iAMT的IP地址配置为192.168.1.10,网关指向192.168.1.1。
这里的路由器兼做网关(我们使用的普通路由器都是这么用的),LAN口配置的IP地址是192.168.1.1;为了使得路由器能够将iAMT返回的数据包回送给Host OS,我们需要在路由表里面增加一项: Destination:192.168.2.0 Netmask: 255.255.255.0 Gateway: 0.0.0.0 (如果是Windows做路由器, 这里就是192.168.1.1)
另外,如果路由器支持LAN接口配置多个IP地址,那只需要为路由器LAN口再配置一个IP地址:192.168.2.1,上面那条路由就能自动加入到路由表;这时候,Host OS的网关可以设置为192.168.2.1。这样,我们就可以在Host OS上通过直接访问底层iAMT的IP来访问iAMT的功能了。比如,通过IE打开:http://192.168.1.10:16992,就可以见到我们熟悉的iAMT WEBUI的登陆界面了。
我在一台LinkSys的无线路由器,和一台Windows 2003 Server的网关上测试过,上述的方法都可以成功。如果你有兴趣,欢迎一起交流探讨。
经过笔者的一些简单实验,我们只需要一台普通的路由器就能做得到。比如,一般的ADSL接入设备,无线路由器,或者自己用Linux搭建的网关都行。大概的原理是这样的:给iAMT和Host OS配置不同网段的IP地址,都将网关指向路由器;然后在路由器上设定所需的路由;在Host OS上的应用程序访问iAMT IP地址时,网络包首先被发送到默认网关,也就是路由器,然后路由器根据自身的路由表将网络包路由到iAMT,iAMT的返回结果同样也是先发送到路由器,然后由路由器再将网络包路由回Host OS。如下图所示。
在上图中,我们将一台Intel Core 2 vPro机器(内建iAMT功能)的主机操作系统IP地址配置为192.168.2.10,网关指向192.168.1.1,由于这里网关和主机地址不在同一个网段,只能手动配置静态IP了;将底层的iAMT的IP地址配置为192.168.1.10,网关指向192.168.1.1。
这里的路由器兼做网关(我们使用的普通路由器都是这么用的),LAN口配置的IP地址是192.168.1.1;为了使得路由器能够将iAMT返回的数据包回送给Host OS,我们需要在路由表里面增加一项: Destination:192.168.2.0 Netmask: 255.255.255.0 Gateway: 0.0.0.0 (如果是Windows做路由器, 这里就是192.168.1.1)
另外,如果路由器支持LAN接口配置多个IP地址,那只需要为路由器LAN口再配置一个IP地址:192.168.2.1,上面那条路由就能自动加入到路由表;这时候,Host OS的网关可以设置为192.168.2.1。这样,我们就可以在Host OS上通过直接访问底层iAMT的IP来访问iAMT的功能了。比如,通过IE打开:http://192.168.1.10:16992,就可以见到我们熟悉的iAMT WEBUI的登陆界面了。
我在一台LinkSys的无线路由器,和一台Windows 2003 Server的网关上测试过,上述的方法都可以成功。如果你有兴趣,欢迎一起交流探讨。
Out of Band Management简介
http://blogs.technet.com/msdchina/archive/2009/01/08/out-of-band-management-sccm-2007-.aspx
Out of Band Management简介 —— SCCM 2007 Out of Band Management专题系列之一
Out of Band Management正在逐步成为IT管理的主流技术,本专题系列计划就SCCM 2007中Out of Band Management feature做一些介绍和探讨,来帮助读者了解并使用SCCM 2007中的Out of Band Management技术,系列将包括简介,使用,调错等专题文章。
Out of Band Management简介
Out of Band Management是指带外管理技术,是一种不依赖于操作系统就可对目标机器进行管理的技术,目前Intel的AMT(Active Management Technology)和DASH标准(Desktop and mobile Architecture for System Hardware)都提供了Out of Band Management的支持。 在SCCM 2007 SP1,我们将AMT技术整合到SCCM产品之中,此模块被称为Out of Band Management feature。上海研发团队主导了这部分功能的所有设计,开发工作。
SCCM Out of Band Management结合了AMT在硬件层面的强大功能,并依托了SCCM平台中强有力的企业机器管理模式,为企业提供了灵活、便捷、强大的远程唤醒、远程技术支持、资产管理、、灾难恢复等功能。
Overview of Out of Band Management
Topic last updated—May 2008
http://technet.microsoft.com/en-us/library/cc161963.aspx
Out of band management in Configuration Manager 2007 SP1 provides powerful management control for computers that have the Intel vPro chip set and Intel Active Management Technology (Intel AMT) firmware versions 3.2.1 or later.
Out of band management allows an administrator to connect to a computer's management controller when the computer is turned off, in sleep or hibernate modes, or otherwise unresponsive through the operating system. By way of contrast, in-band management is the classic approach used by Configuration Manager and its predecessors whereby an agent runs in the full operating system on the managed computer and the management controller accomplishes tasks by communicating with the management agent.
Out of band management supplements in-band management. While in-band management supports a wider range of operations because its environment is the full operating system, in-band management might not be functional if the operating system is not present or is not operational. In these situations, the supplementary capabilities of out of band management allow administrators to manage these computers without requiring local access to the computer.
Out of Band Management简介 —— SCCM 2007 Out of Band Management专题系列之一
Out of Band Management正在逐步成为IT管理的主流技术,本专题系列计划就SCCM 2007中Out of Band Management feature做一些介绍和探讨,来帮助读者了解并使用SCCM 2007中的Out of Band Management技术,系列将包括简介,使用,调错等专题文章。
Out of Band Management简介
Out of Band Management是指带外管理技术,是一种不依赖于操作系统就可对目标机器进行管理的技术,目前Intel的AMT(Active Management Technology)和DASH标准(Desktop and mobile Architecture for System Hardware)都提供了Out of Band Management的支持。 在SCCM 2007 SP1,我们将AMT技术整合到SCCM产品之中,此模块被称为Out of Band Management feature。上海研发团队主导了这部分功能的所有设计,开发工作。
SCCM Out of Band Management结合了AMT在硬件层面的强大功能,并依托了SCCM平台中强有力的企业机器管理模式,为企业提供了灵活、便捷、强大的远程唤醒、远程技术支持、资产管理、、灾难恢复等功能。
Overview of Out of Band Management
Topic last updated—May 2008
http://technet.microsoft.com/en-us/library/cc161963.aspx
Out of band management in Configuration Manager 2007 SP1 provides powerful management control for computers that have the Intel vPro chip set and Intel Active Management Technology (Intel AMT) firmware versions 3.2.1 or later.
Out of band management allows an administrator to connect to a computer's management controller when the computer is turned off, in sleep or hibernate modes, or otherwise unresponsive through the operating system. By way of contrast, in-band management is the classic approach used by Configuration Manager and its predecessors whereby an agent runs in the full operating system on the managed computer and the management controller accomplishes tasks by communicating with the management agent.
Out of band management supplements in-band management. While in-band management supports a wider range of operations because its environment is the full operating system, in-band management might not be functional if the operating system is not present or is not operational. In these situations, the supplementary capabilities of out of band management allow administrators to manage these computers without requiring local access to the computer.
2009-01-22
Content location request for apps package failed. (Code 0x80040102)
Got error during SCCM deployment:
Content location request for apps package failed. (Code 0x80040102)
Information from Microsoft about this code:
Error code 0x80040102: No content location returned for the given package
solution:
Check the server side to make sure the package is distributed to at least one distribution point. Also check whether advertisement allows the task sequence to fall back to remote distribution point when there is no local distribution point
Troubleshooting Operating System Deployment Using Custom Error Codes
http://technet.microsoft.com/en-us/library/bb735886.aspx
Custom Error Codes for Configuration Manager 2007
http://technet.microsoft.com/en-us/library/bb632794.aspx
This fixed my problem:
Configuration manager->site database->computer management->software distribution -> advertisements -> right click on the advertisement you want to edit and choose properties -> "distribution points" Tab -> tick "when no local distribution points is available, use a remote distribution point" and "when no protected distribution point is available, use an unprotected distribution point.
Save and restart the build again.
Content location request for apps package failed. (Code 0x80040102)
Information from Microsoft about this code:
Error code 0x80040102: No content location returned for the given package
solution:
Check the server side to make sure the package is distributed to at least one distribution point. Also check whether advertisement allows the task sequence to fall back to remote distribution point when there is no local distribution point
Troubleshooting Operating System Deployment Using Custom Error Codes
http://technet.microsoft.com/en-us/library/bb735886.aspx
Custom Error Codes for Configuration Manager 2007
http://technet.microsoft.com/en-us/library/bb632794.aspx
This fixed my problem:
Configuration manager->site database->computer management->software distribution -> advertisements -> right click on the advertisement you want to edit and choose properties -> "distribution points" Tab -> tick "when no local distribution points is available, use a remote distribution point" and "when no protected distribution point is available, use an unprotected distribution point.
Save and restart the build again.
2009-01-12
Joining a domain during an SCCM OS deployment
Inside ConfigMgr 07 Operating System Deployment
http://blogs.technet.com/inside_osd/Default.aspx?p=2
Joining a Domain: Epilogue
http://blogs.technet.com/inside_osd/archive/2007/06/29/joining-a-domain-epilogue.aspx
Joining a Domain, Part 2
http://blogs.technet.com/inside_osd/archive/2007/06/26/joining-a-domain-part-2.aspx
Joining a domain during an OS deployment
http://blogs.technet.com/inside_osd/archive/2007/06/22/joining-a-domain-during-an-os-deployment.aspx
http://blogs.technet.com/inside_osd/Default.aspx?p=2
Joining a Domain: Epilogue
http://blogs.technet.com/inside_osd/archive/2007/06/29/joining-a-domain-epilogue.aspx
Joining a Domain, Part 2
http://blogs.technet.com/inside_osd/archive/2007/06/26/joining-a-domain-part-2.aspx
Joining a domain during an OS deployment
http://blogs.technet.com/inside_osd/archive/2007/06/22/joining-a-domain-during-an-os-deployment.aspx
2009-01-09
Ports used by Configuration Manager
Ports used by Configuration Manager
http://technet.microsoft.com/en-us/library/bb632618.aspx
Client to MP: 80 mixed mode, 443 for native mode
Client to SUP: 80/8530 or 443/8531
Client to DP: 80/443 and 445 (SMB)
Client to SLP: 80
You should also take into account that workstations may (and should) have Windows Firewall enabled.
Firewall Settings for Configuration Manager Clients
http://technet.microsoft.com/en-us/library/bb694088.aspx
Also clients need to be installed first. If you plan to use Client Push, I believe ports for RPC and Kerberos should be opened. Or you can use logon scripts.
However the ports used depend on the features that you plan to use in your infrastructure. Best option in my opinion is to try to implement Native Mode. Then all the communication with the clients will use 443 (SSL).
As a matter of fact I am struggling to configure it myself right now :-)
More info here:
Choose between Native Mode and Mixed Mode
http://technet.microsoft.com/en-us/library/bb632431.aspx
http://technet.microsoft.com/en-us/library/bb632618.aspx
Client to MP: 80 mixed mode, 443 for native mode
Client to SUP: 80/8530 or 443/8531
Client to DP: 80/443 and 445 (SMB)
Client to SLP: 80
You should also take into account that workstations may (and should) have Windows Firewall enabled.
Firewall Settings for Configuration Manager Clients
http://technet.microsoft.com/en-us/library/bb694088.aspx
Also clients need to be installed first. If you plan to use Client Push, I believe ports for RPC and Kerberos should be opened. Or you can use logon scripts.
However the ports used depend on the features that you plan to use in your infrastructure. Best option in my opinion is to try to implement Native Mode. Then all the communication with the clients will use 443 (SSL).
As a matter of fact I am struggling to configure it myself right now :-)
More info here:
Choose between Native Mode and Mixed Mode
http://technet.microsoft.com/en-us/library/bb632431.aspx
Subscribe to:
Posts (Atom)
Posts
