 |
| Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
| Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
| Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
|
|
|
|
|
|
Mark E. Smith's Brain Dump > Categories
|
10/6/2009
1. Configured your public NIC. This NIC will contain the default gateway.
2. Configure your NLB NIC. This NIC will NOT contain a default gateway and will have the “Register this connection’s address in DNS” UNCHECKED.
3. Expose the advanced networking menu option by clicking Organize, Layout, and checking Menu Bar.
4. Open the Advanced Network Settings by clicking Advanced, Advanced Settings. Make the “Public” interface the first in the binding order.
5. Next, add the NLB feature by opening Powershell, type “Import-Module ServerManager”, then “Add-WindowsFeature NLB”
6. By default IP forwarding is disabled in Windows Server 2008. We’ll need to enable this so that the packets coming in to the NLB interface are returned through the Public Interface (the one that has a default gateway defined). To do this set the registry key HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\IPEnableRouter = 0x1
See: http://blogs.technet.com/networking/archive/2008/11/20/balancing-act-dual-nic-configuration-with-windows-server-2008-nlb-clusters.aspx For more information.
7. Now let’s build our NLB cluster. Open the NLB Manager and start the new cluster wizard. Enter the hostname of the local machine and click Connect. Highlight the NLB interface and click next.
8. Confirm that the Host Parameters are correct and click next.
9. Next we’ll add the IP address for the NLB VIP.
10. Enter the FQDN for your NLB Cluster, and select Unicast, Multicast, or IGMP Multicast (assuming your switch has IGMP Snooping enabled) as the Cluater Operating Mode. I prefer IGMP Multicast since it addresses the issues that occur with NLB clusters and switch port flooding in Unicast and Multicast modes.
IMPORTANT: Write down the MAC address that the NLB wizard assigns to the VIP. We’ll need this later to make everything work under Hyper-V.
11. Now we’ll define our port rules for the cluster. By default all ports (0-65535) are allowed on the cluster. Let’s change this and just allow TCP Port 443 (SSL). Set the filtering mode to multiple host and Affinity Single. In NLB terms this is commonly referred to as “Sticky Sessions”. Configuring the NLB port rule in this manner means that all network traffic from a given host will have an affinity to the same node in the cluster. Without this setting a session might be opened by a client to Node 1 on the cluster but subsequent communication might be directed to a different node of the cluster.
12. Add any additional ports and set your filtering mode as you see fit. For the purposes of this document, we’ll just configure port 443. Click ok and finish your cluster.
13. You’re cluster is now complete but there’s one more Hyper-V specific configuration change we need to make. So let’s open a powershell prompt and get the MAC address that the Hyper-V switch assigned to the NLB interface. Remember, it will be the interface without a default gateway.
14. Now let’s shut down the machine and go to the Hyper-V Child (guest) configuration. Find the Hyper-V Network adapter that matches the MAC address from Step 13. Change the MAC Address from Dynamic to Static.
15. Next, change the MAC address to the one that the NLB Cluster assigned to the Cluster VIP (From Step 10). Save the Hyper-V config and boot your child machine.
See: http://support.microsoft.com/default.aspx/kb/953828/en-us for background information on this step.
16. Congratulations. Your NLB cluster now configured. You can add additional nodes to the cluster using the same process.
9/9/2009
This might be rather obvious, but in case you find yourself wasting two hours like I did, I'll save you the time here:
I was building a Server 2008 R2 NLB cluster. Typical setup -- Two NICs, etc. I went to set the binding order and... Hmmm there's no advanced button! Ok let me look around... Here advanced button! psk psk! Well after about 2 hours of hunting, Binging!, searching in netsh I uncovered it. It's hidden by default so click Organize, Layout, then check Menu Bar.
DUUUHHH! I've had my cup of stupid for the day. 4/14/2009
Vyatta is a Linux-based, open network operating system that integrates advanced enterprise-class routing, security, bandwidth management and more. Vyatta runs on standard x86 hardware so it's perfect for a small footprint Hyper-V router.
These are steps I’ve gathered and used to get it running on Hyper-V.
Downloading ISO image from Vyatta’s website
Vyatta Community Edition 4.0 (VC4)
Create a new Virtual Machine in Hyper-V Manager
Attach the ISO downloaded in step 1 to the new Vyatta Virtual Machine so it can boot from the ISO.
Configure the Vyatta Virtual Machine
Add the Network Adapters for the Internet, and the needed subnets to Vyatta Virtual Machine.
Remark: Use Legacy Network Adapters!
I added a 1 GB harddisk and gave it 64 MB RAM.
Installing Vyatta
You can boot from the ISO you downloaded in step 1. because it’s also a “Live CD”
You’ll first need to login to Vyatta once it’s booted up. The default logins are (user: root pass: Vyatta) To install to the drive you will issue the command:
During the install you will be asked how much diskspace to allot to the different partitions. I went with the default. Once that’s complete, pop the CD out, and reboot to your installed Vyatta. Now we can start configuring the system.
Configuring Ethernet Interfaces
Log on the system.
Configure the first NIC (eth0) which is going to be used for Internet access.
eht0:
|
vyatta@vyatta> configure
[edit]
vyatta@vyatta# set interfaces ethernet eth0 address 192.168.0.250/24
[edit]
vyatta@vyatta# set interfaces ethernet eth0 description "HyperV Internal 1 - Internet"
vyatta@vyatta# commit
[edit]
vyatta@vyatta# exit
exit
vyatta@vyatta> |
eth1:
|
vyatta@vyatta> configure
[edit]
vyatta@vyatta# set interfaces ethernet eth1 address 192.168.1.250/24
[edit]
vyatta@vyatta# set interfaces ethernet eth1 description "2nd Data Center"
vyatta@vyatta# commit
[edit]
vyatta@vyatta# exit
exit
vyatta@vyatta> |
eth2:
|
vyatta@vyatta> configure
[edit]
vyatta@vyatta# set interfaces ethernet eth2 address 192.168.2.250/24
[edit]
vyatta@vyatta# set interfaces ethernet eth2 description "3rd Data Center"
vyatta@vyatta# commit
[edit]
vyatta@vyatta# exit
exit
vyatta@vyatta> |
eth3:
|
vyatta@vyatta> configure
[edit]
vyatta@vyatta# set interfaces ethernet eth3 address 192.168.3.250/24
[edit]
vyatta@vyatta# set interfaces ethernet eth1 description "Firewalled DMZ"
vyatta@vyatta# commit
[edit]
vyatta@vyatta# exit
exit
vyatta@vyatta> |
Check interfaces configuration:
|
vyatta@vyatta# show interfaces ethernet
eth0 {
address 192.168.0.250/24
description "HyperV Internal 1 - Internet"
hw-id 00:15:5d:cc:1b:14
}
eth1 {
address 192.168.1.250/24
description "2nd Data Center"
hw-id 00:15:5d:cc:1b:15
}
eth2 {
address 192.168.2.250/24
description "3rd Data Center"
hw-id 00:15:5d:cc:1b:16
}
eth3 {
address 192.168.3.250/24
description "Firewalled DMZ"
hw-id 00:15:5d:cc:1b:1c
}
[edit]
vyatta@vyatta# |
Save Configuration
|
vyatta@vyatta# save
Saving configuration to
'/opt/vyatta/etc/config/config.boot'...
Done
[edit] |
Configuring Access to a DNS Server
|
vyatta@vyatta# set system name-server 192.168.1.1
[edit]
vyatta@vyatta# commit
[edit]
vyatta@vyatta# |
Specifying the Default Gateway
|
vyatta@vyatta# set system gateway-address 192.168.1.1
[edit]
vyatta@vyatta# commit
[edit]
vyatta@vyatta# |
Optional: Enable Telnet and/or SSH
|
vyatta@vyatta# set service telnet
[edit]
vyatta@vyatta# set service ssh
[edit]
vyatta@vyatta# commit
[edit]
vyatta@vyatta# |
Optional: Configure the default route
|
vyatta@vyatta# set protocols static route 0.0.0.0/0 next-hop 192.168.0.1
[edit]
vyatta@vyatta# commit
[edit]
vyatta@vyatta# |
Additional Guest VM Internet Access Requirements. My lab environment is hosted on my laptop. In order to give my guest VM's internet access, I configured network sharing as outlined in Ben Armstrong's article here.
When you share your wireless adapter, your Hyper V Internal adapter is configured with the IP Address of 192.168.0.1. My Vyatta interface in this network is 192.168.0.250. So, in order for the HyperV host to know how to route to my private virtual networks (attached to eth1-3), you'll need to add static routes to the HOST Hyper V machine: Here's a snip from the route print on my host
Persistent Routes:
Network Address Netmask Gateway Address Metric
192.168.2.0 255.255.255.0 192.168.0.250 261
192.168.1.0 255.255.255.0 192.168.0.250 261
192.168.3.0 255.255.255.0 192.168.0.250 261
Configuring the Firewall
If we want to block the traffic from subnet1 to subnet2 and visa-versa.
Firewall block-subnet1 rules:
|
vyatta@vyatta# set firewall name block-subnet1
[edit]
vyatta@vyatta# set firewall name block-subnet1 rule 1
[edit]
vyatta@vyatta# set firewall name block-subnet1 rule 1 source address 192.168.2.0/24
[edit]
vyatta@vyatta# set firewall name block-subnet1 rule 1 action drop
[edit]
vyatta@vyatta# set firewall name block-subnet1 rule 2
[edit]
vyatta@vyatta# set firewall name block-subnet1 rule 2 action accept
vyatta@vyatta# commit
[edit]
vyatta@vyatta# |
Do the same for subnet2.
|
vyatta@vyatta# set firewall name block-subnet2
[edit]
vyatta@vyatta# set firewall name block-subnet2 rule 1
[edit]
vyatta@vyatta# set firewall name block-subnet2 rule 1 source address 192.168.3.0/24
[edit]
vyatta@vyatta# set firewall name block-subnet2 rule 1 action drop
[edit]
vyatta@vyatta# set firewall name block-subnet2 rule 2
[edit]
vyatta@vyatta# set firewall name block-subnet2 rule 2 action accept
vyatta@vyatta# commit
[edit]
vyatta@vyatta# |
Apply the rule set to an interfaces
|
vyatta@vyatta# set interfaces ethernet eth1 firewall out name block-subnet2
[edit]
vyatta@vyatta# set interfaces ethernet eth2 firewall out name block-subnet1
[edit]
vyatta@vyatta# commit
[edit]
vyatta@vyatta# |
Final configuration without firewall rules:
|
vyatta@vyatta:~$ show configuration
interfaces {
ethernet eth0 {
address 192.168.0.250/24
description "HyperV Internal 1 - Internet"
hw-id 00:15:5d:cc:1b:14
}
ethernet eth1 {
address 192.168.1.250/24
description "2nd Data Center"
hw-id 00:15:5d:cc:1b:15
}
ethernet eth2 {
address 192.168.2.250/24
description "3rd Data Center"
hw-id 00:15:5d:cc:1b:16
}
ethernet eth3 {
address 192.168.3.250/24
description "Firewalled DMZ"
hw-id 00:15:5d:cc:1b:1c
}
loopback lo {
}
}
protocols {
static {
route 0.0.0.0/0 {
next-hop 192.168.0.1 {
}
}
}
}
service {
ssh {
}
telnet {
}
}
system {
gateway-address 192.168.0.1
host-name vyatta
login {
user root {
authentication {
encrypted-password ****************
}
}
user vyatta {
authentication {
encrypted-password ****************
}
}
}
name-server 192.168.0.10
name-server 192.168.0.110
ntp-server 69.59.150.135
package {
auto-sync 1
repository community {
components main
distribution stable
url http://packages.vyatta.com/vyatta
}
}
}
vyatta@vyatta:~$ |
Don’t forget to save your configuration!
Now you are done! Check out the documentation for Vyatta before starting. I used the QuickStart and the Command Reference.
11/7/2008
Now if you copied over a VHD from Virtual Server 2005 to Hyper-V, you will most likely see the error The IP address you have entered for this network adapter is already assigned to another adapter (microsoft Virtual machine Bus Network Adapter) which is no longer present in this computer. There are a few reasons why this can happen. One thing, you must remember to uninstall the virtual server 2005 VM additions before moving it over to Hyper-V. If you did not, no worries, there is a fix. This also is when moving from Hyper-V to Hyper-V. There is a stronger security model in Hyper-V, so for moving amongst these servers you should use the import/export option. Now back to the error, you will notice if you open your network adapters, there will be a new one listed with no IP assigned. If you try to add the same IP address, the error appears. Microsoft has a knowledge base article 315539 that discusses this.
The quick and dirty,
- Goto command prompt and enter set devmgr_show_nonpresent_devices=1
- Then enter start devmgmt.msc to start device manager
- In the device manager window, click view and show hidden devices
- Under network adapters you will see the conflicting device, most probably the Microsoft Virtual Machine Bus Network Adapter
Now you may add that IP to your NIC. 7/30/2008
One of the most significant changes over the Server 2000 and Server 2003 versions of auditing is that now you can not only audit who and what attribute was changed but also what the new and old value was.
Also see: http://blogs.dirteam.com/blogs/jorge/archive/2008/04/29/auditing-in-windows-server-2008.aspx
This is significant because you can now tell why it was changed and if something doesn’t look right you’re able to easily find what it should be restored to.
Another significant change is that in the past you were only able to turn auditing policy on or off for the entire Active Directory structure. In Windows Server 2008 the auditing policy is configurable for four subcategories:
- Directory Service Access
- Directory Service Changes
- Directory Service Replication
- Detailed Directory Service Replication
This article will focus on enabling auditing on Directory Service Changes which will show us the ability to audit changes to Active Directory Domain Services.
Implementing Auditing on Windows Server 2008
In Server 2008 when setting up auditing there are three places you can modify to implement controls:
- Global Audit Policy – In Server 2008 the Global Audit Policy is not on by default and must be enabled.
- System Access Control List (SACL) – Is the ultimate authority if an access check gets audited or not.
The SACL is part of the security descriptor for an active directory object and specifies which operations should be audited. These are set by the security administrators who have been assigned Manage Auditing and Security Log privileges. It is assigned automatically to the Administrators Group.
- Schema – To protect administrators from generating too many auditing events there is an override that can be set in the schema to exclude any events that have an attribute set.
We will not be covering the Schema modification in this article, but this is important for you to know.
Enable Global Audit Policy on Windows Server 2008
The first step is to enable the audit policy. I will walk you through both doing it through the GUI and then through the command line:
1. Go to Start, Administrative Tools, and then click on Group Policy Management.
2. Navigate down through your Forest, to the Domains, then Domain Controllers and left click on Default Domain Controllers Policy.
You will get a warning that changes here will impact all other locations that the GPO is linked to. Click Ok.
3. Right click on Default Domain Controllers Policy and then left click on Edit…
4. Navigate under Computer Configurations → Policies → Windows Settings → Security Settings → Local Policies → Audit Policy
5. Right click on Audit Directory Service Access, and then click Properties.
6. Select Define these policy settings and then select Success. Click on Apply and then Ok.
That’s it! You now have configured auditing via GUI.
Let’s take a look at the command line method (much faster):
1. Start Command Prompt with elevated rights.
2. Type in the following command and hit Enter:
auditpol /set /subcategory:”directory service changes” /success:enable
I told you it was much faster! You should see The command was successfully executed. Now let’s move on to the next step.
Setup Auditing in System Access Control List (SACL)
As was mentioned earlier, the SACLs do most of the work in determining what gets auditing and what doesn’t.
Please note that there are many different types of SACLs that can be setup; we are only using one as an example.
1. Open Active Directory Computers and Users.
2. Click on View and make sure that Advanced Features is enabled. If not left click on it to place a check next to it.
3. Right click on any of the Organizational Units you want to audit; in our example I am going to audit Users. Then click on Properties.
4. In the Properties window click on Security.
5. Next click on Advanced.
6. Click the Auditing tab, then click Add.
7. Under Enter the object name to select:, type in Authenticated Users and click Ok.
8. In the next window under Apply onto:, select Descendant User Objects and under Access check the box for Successful next to Write all properties and click Ok.
9. Click Ok until you are out of any dialog boxes.
Now that we have enabled auditing in a SACL let’s go ahead and give it a test.
Example Security Events with Auditing Enabled
With auditing enabled, all events will be logged under the Security Event Viewer. Let’s see what happens when you change a value on an object.
For brevity sake, I am going to create a user called audittest, change his name from Audit Test to Test Audit and then we will take a look in the security log to see what was shown.
There are two images that show the change that corresponds with Event 5136, here is the first one which shows the value being deleted, which in this case is Audit Test:
The next image shows the changed object’s new value which in our case is Test Audit:
So you can see that it is very helpful if you are watching these types of things to know what the old value was compared to the new value, in case you need to quickly and easily reset the attribute without having to go to a backup.
There are a ton of things you can audit depending on the situation and your need.
Source: http://www.trainsignaltraining.com/windows-server-2008-auditing-active-directory/2008-07-28/ 6/26/2008
I prefer to use the command line to build clusters since you tend to get more information when something goes wrong.
Assuming you have all of roles, features, and networking properly configured for a Windows 2008 streched subnet MNS cluster, you can build it using the following:
cluster.exe /cluster:{cluster core network name} /create /notes:"Node1NetBiosName Node2NetBiosName" /ipaddresses:"192.168.1.2/24 192.168.2.2/24"
See more detailed update that includes building an Exchange cluster here:
5/22/2008
The following sections show the syntax and command-line parameters and options for ServerManagerCmd.exe.
Syntax
ServerManagerCmd.exe -query [<query.xml>] [-logPath <log.txt>]
ServerManagerCmd.exe -inputPath <answer.xml> [-resultPath <result.xml> [-restart] | -whatIf] [-logPath <log.txt>]
ServerManagerCmd.exe -install <command-Id> [-allSubFeatures] [-resultPath <result.xml> [-restart] | -whatIf] [-logPath <log.txt>]
ServerManagerCmd.exe -remove <command-Id> [-resultPath <result.xml> [-restart] | -whatIf] [-logPath <log.txt>]
ServerManagerCmd.exe [-help | -?]
ServerManagerCmd.exe -version
Parameters
|
Parameter |
Description |
|
-query [<query.xml>] |
Displays a list of all roles, role services, and features installed and available for installation on the server. You can also use the short form of this parameter, -q.
If you want the query results saved to an XML file, specify an XML file to replace query.xml. |
|
-inputPath <answer.xml> |
Installs or removes the roles, role services, and features specified in the answer file, an XML file represented by answer.xml. You can also use the short form of this parameter, -p. |
|
-install <Id> |
Installs the role, role service, or feature specified by Id. See Role, role service, and feature command identifiers
in this topic for a complete list of the role, role service, or feature identifiers from which you can choose to specify for Id. The identifiers are case-insensitive.
The following optional parameters are used with the -install parameter.
|
Parameter |
Description |
|
-allSubFeatures |
Specify the installation of all subordinate services and features along with the parent role, role service, or feature named in the -install command's Id parameter.
Note that some role containers do not have a command line identifier to allow installation of all role services. This is the case when role services cannot be installed in the same instance of the Server Manager command. For example, the Federation Service role service of Active Directory Federation Services and the Federation Service Proxy role service cannot be installed by using the same Server Manager command instance. |
|
-resultPath <result.xml> |
Saves installation results to an XML file represented by result.xml. You can also use the short form of this parameter, -r. You cannot use the -resultPath parameter and the -whatIf parameter in the same instance of ServerManagerCmd.exe. |
|
-restart |
Adding -restart to the -install command restarts the computer automatically when installation is complete, if restarting is required by the roles or features installed. |
|
-whatIf |
You can use -whatIf to display any operations specified for the -install command. You can also use the short form of the -whatIf parameter, -w. You cannot use the -resultPath parameter and the -whatIf parameter in the same instance of ServerManagerCmd.exe. |
|
-logPath <log.txt> |
Use -logPath to specify a name and location for the log file, other than the default, %windir%\temp\servermanager.log. | |
|
-remove <Id> |
Removes the role, role service, or feature specified by Id. See Role, role service, and feature command identifiers
in this topic for a complete list of the role, role service, and feature identifiers from which you can choose to specify for Id. The identifiers are case-insensitive.
The following optional parameters are used with the -remove parameter.
|
Parameter |
Description |
|
-resultPath <result.xml> |
Saves removal results to an XML file represented by result.xml. You can also use the short form of this parameter, -r. Note that you cannot use the -resultPath parameter and the -whatIf parameter in the same instance of ServerManagerCmd.exe. |
|
-restart |
Adding -restart to the -remove command restarts the computer automatically when removal is complete, if restarting is required by remaining roles or features. |
|
-whatIf |
You can use -whatIf to display any operations specified for the -remove command. You can also use the short form of the -whatIf parameter, -w. You cannot use the -resultPath parameter and the -whatIf parameter in the same instance of ServerManagerCmd.exe. |
|
-logPath <log.txt> |
Use -logPath to specify a name and location for the log file, other than the default, %windir%\temp\servermanager.log. | |
|
-help |
Display Help for ServerManagerCmd.exe in the command window. You can also use the short form, -?. |
|
-version |
Display the Server Manager version number. You can also use the short form, -v. |
Role, role service, and feature command identifiers
The tables in this section match roles, role services, and features available in Windows Server 2008 with the command identifiers you must use with ServerManagerCmd.exe to install or remove them.
Role and Role Service command identifiers
|
Role and Role Service command identifiers |
Command value |
Notes |
|
DHCP Server |
DHCP |
The DHCP Server role should be installed with default settings. |
|
Print Services |
|
Print Server |
|
Internet Printing |
|
LPD Service | |
|
Print-Server |
|
Print-Services |
|
Print-Internet |
|
Print-LPD-Service |
|
During removal of this role in the Server Manager UI, you are prompted to delete instances of printers configured on the server. By default, these instances are preserved, which is the default behavior of command-line removal of the Print Services role. |
|
Terminal Services |
|
Terminal Server |
|
TS Licensing |
|
TS Gateway |
|
TS Web Access |
|
TS Session Broker | |
|
Terminal-Services |
|
TS-Terminal-Server |
|
TS-Licensing |
|
TS-Gateway |
|
TS-Web-Access |
|
TS-Session-Broker | |
Because Terminal Services settings can be configured after installing the role, you are not required to specify Terminal Services settings in the command-line answer file. |
|
Active Directory Domain Services |
|
Active Directory Domain Controller |
|
Identity Management for UNIX |
|
Server for Network Information Service |
|
Password Synchronization | |
|
(No command) |
|
ADDS-Domain-Controller |
|
ADDS-Identity-Management |
|
ADDS-NIS |
|
ADDS-Password-Sync |
|
After installing Active Directory Domain Services (AD DS), you must run the dcpromo command to promote the server to a domain controller.
Removing the AD DS role while the computer is operating as a domain controller fails. You must first demote the domain controller to a standard domain member. |
|
DNS Server |
DNS |
None |
|
File Services |
|
Distributed File System (DFS) |
|
DFS Namespace |
|
DFS Replication |
|
File Server Resource Manager |
|
Services for Network File System |
|
Windows Search Service |
|
Windows Server 2003 File Services |
|
File Replication Service |
|
Indexing Service |
|
|
(No command) |
|
FS-DFS |
|
FS-DFS-Namespace |
|
FS-DFS-Replication |
|
FS-Resource-Manager |
|
FS-NFS-Services |
|
FS-Search-Service |
|
FS-Win2003-Services |
|
FS-Replication |
|
FS-Indexing-Service |
|
You cannot install or remove the File Services container by using the Server Manager command line. You can install or remove the File Services container only by using the Server Manager user interface. Note that for this reason, there is no command ID available to represent the File Services container.
Because you can configure File Services settings after installing the role, you are not required to specify File Services settings in the Server Manager command-line answer file.
Note that Services for Network File system is not part of the File Services role on computers running the IA64 version of Windows Server 2008; it is available as a feature on the 64-bit version of Windows Server 2008. |
|
Web Server (IIS) |
|
Internet Information Services |
|
Common HTTP Features |
|
Static Content |
|
Default Document |
|
Directory Browsing |
|
HTTP Errors |
|
HTTP Redirection |
|
Application Development |
|
ASP.NET |
|
.NET Extensibility |
|
ASP |
|
CGI |
|
ISAPI Extensions |
|
ISAPI Filters |
|
Server Side Includes |
|
Health and Diagnostics |
|
HTTP Logging |
|
Logging Tools |
|
Request Monitor |
|
Tracing |
|
Custom Logging |
|
ODBC Logging |
|
Security |
|
Basic Authentication |
|
Windows Authentication |
|
Digest Authentication |
|
Client Certificate Mapping Authentication |
|
IIS Client Certificate Mapping Authentication |
|
URL Authorization |
|
Request Filtering |
|
IP and Domain Restrictions |
|
Performance |
|
Static Content Compression |
|
Dynamic Content Compression |
|
Management Tools |
|
IIS Management Console |
|
IIS Management Scripts and Tools |
|
Management Service |
|
IIS 6 Management Compatibility |
|
IIS 6 Metabase Compatibility |
|
IIS 6 WMI Compatibility |
|
IIS 6 Scripting Tools |
|
IIS 6 Management Console |
|
FTP Publishing Service |
|
FTP Server |
|
FTP Management Console |
|
|
Web-Server |
|
Web-WebServer |
|
Web-Common-Http |
|
Web-Static-Content |
|
Web-Default-Doc |
|
Web-Dir-Browsing |
|
Web-Http-Errors |
|
Web-Http-Redirect |
|
Web-App-Development |
|
Web-Asp-Net |
|
Web-Net-Ext |
|
Web-ASP |
|
Web-CGI |
|
Web-ISAPI-Ext |
|
Web-ISAPI-Filter |
|
Web-Includes |
|
Web-Health |
|
Web-Http-Logging |
|
Web-Log-Libraries |
|
Web-Request-Monitor |
|
Web-Http-Tracing |
|
Web-Custom-Logging |
|
Web-ODBC-Logging |
|
Web-Security |
|
Web-Basic-Auth |
|
Web-Windows-Auth |
|
Web-Digest-Auth |
|
Web-Client-Auth |
|
Web-Cert-Auth |
|
Web-Url-Auth |
|
Web-Filtering |
|
Web-IP-Security |
|
Web-Performance |
|
Web-Stat-Compression |
|
Web-Dyn-Compression |
|
Web-Mgmt-Tools |
|
Web-Mgmt-Console |
|
Web-Scripting-Tools |
|
Web-Mgmt-Service |
|
Web-Mgmt-Compat |
|
Web-Metabase |
|
Web-WMI |
|
Web-Lgcy-Scripting |
|
Web-Lgcy-Mgmt-Console |
|
Web-Ftp-Publishing |
|
Web-Ftp-Server |
|
Web-Ftp-Mgmt-Console |
|
None |
|
Active Directory Federation Services |
|
Federation Service |
|
Federation Service Proxy |
|
Web Agents |
|
Claims-aware Agent |
|
Windows Token-based Agent | |
|
(No command) |
|
ADFS-Federation |
|
ADFS-Proxy |
|
ADFS-Web-Agents |
|
ADFS-Claims |
|
ADFS-Windows-Token | |
Active Directory Federation Services should be installed with default settings. |
|
Active Directory Lightweight Directory Services |
ADLDS |
None |
|
Application Server |
|
Application Server Core |
|
Web Server Support |
|
COM+ Network Access |
|
TCP Port Sharing |
|
Windows Process Activation Service Support |
|
HTTP Activation |
|
Message Queuing Activation |
|
TCP Activation |
|
Named Pipes Activation |
|
Distributed Transaction Support |
|
Incoming Remote Transactions |
|
Outgoing Remote Transactions |
|
WS-Atomic Transaction Support | |
|
Application-Server |
|
AS-AppServer-Core |
|
AS-Web-Support |
|
AS-Ent-Services |
|
AS-TCP-Port-Sharing |
|
AS-WAS-Support |
|
AS-HTTP-Activation |
|
AS-MSMQ-Activation |
|
AS-TCP-Activation |
|
AS-Named-Pipes |
|
AS-Dist-Transaction |
|
AS-Incoming-Trans |
|
AS-Outgoing-Trans |
|
AS-WS-Atomic | |
If you install the WS-Atomic Transaction Support role service, you should also configure it to use a self-signed certificate. |
|
Active Directory Certificate Services |
|
Certification Authority |
|
Certification Authority Web Enrollment (not installable by using the command line) |
|
Online Certificate Status Protocol |
|
Microsoft Simple Certificate Enrollment Protocol (not installable by using the command line) |
|
|
(No command) |
|
ADCS-Cert-Authority |
|
AD-Certificate |
|
ADCS-Online-Cert | |
Certification Authority and Online Certificate Status Protocol can be installed by using the Server Manager command-line interface. Other role services for Active Directory Certificate Services cannot be installed by using the Server Manager command line. |
|
Fax Server |
Fax |
Fax Server should be installed with default settings. |
|
Network Policy and Access Services |
|
Network Policy Server |
|
NPAS Routing and Remote Access Services |
|
Remote Access Service |
|
Routing |
|
Health Registration Authority | |
|
NPAS |
|
NPAS-Policy-Server |
|
NPAS-RRAS-Services |
|
NPAS-RRAS |
|
NPAS-Routing |
|
NPAS-Health | |
Because Network Policy and Access Services settings can be configured after installing the role, you are not required to specify Network Policy and Access Services settings in the command-line answer file. |
|
Active Directory Rights Management Services (AD RMS) |
|
Rights Management Server | |
Active Directory Rights Management Services (AD RMS) cannot be installed by using the Server Manager command line. |
None |
|
UDDI Services |
|
UDDI Services Web Application |
|
UDDI Services Database | |
UDDI Services is not installable by using the Server Manager command line. |
You cannot install UDDI Services by using the Server Manager command-line because complex database settings are required during UDDI Services setup. |
|
Windows Deployment Services |
WDS |
None |
|
Hyper-V |
Hyper-V |
None |
Feature command identifiers
|
Features |
Command Value |
Notes |
|
Failover Clustering |
Failover-Clustering |
|
|
Network Load Balancing |
NLB |
|
|
Desktop Experience |
Desktop-Experience |
|
|
.NET Framework 3.0 Features |
|
.NET Framework 3.0 |
|
XPS Viewer |
|
Windows Communication Foundation Activation Components |
|
HTTP Activation |
|
Non-HTTP Activation | |
|
NET-Framework |
|
NET-Framework-Core |
|
NET-XPS-Viewer |
|
NET-Win-CFAC |
|
NET-HTTP-Activation |
|
NET-Non-HTTP-Activ | |
Note that the command-line syntax for .NET Framework 3.0 Features does not contain the "." character before NET. |
|
Windows System Resource Manager |
WSRM |
|
|
Wireless Networking |
Wireless-Networking |
|
|
Windows Server Backup |
Backup |
|
|
WINS Server |
WINS-Server |
|
|
Remote Assistance |
Remote-Assistance |
|
|
Simple TCP/IP Services |
Simple-TCPIP |
|
|
Telnet Client |
Telnet-Client |
|
|
Telnet Server |
Telnet-Server |
|
|
Subsystem for UNIX-based Applications |
Subsystem-UNIX-Apps |
|
|
RPC over HTTP Proxy |
RPC-over-HTTP-Proxy |
|
|
SMTP Server |
SMTP-Server |
|
|
LPR Port Monitor |
LPR-Port-Monitor |
|
|
Storage Manager for SANs |
Storage-Mgr-SANS |
|
|
BITS Server Extensions |
BITS |
|
|
Message Queuing |
|
Message Queuing Services |
|
Message Queuing Server |
|
Directory Service Integration |
|
Message Queuing Triggers |
|
HTTP Support |
|
Multicasting Support |
|
Routing Service |
|
Windows 2000 Client Support |
|
Messaging Queue DCOM Proxy | |
|
MSMQ |
|
MSMQ-Services |
|
MSMQ-Server |
|
MSMQ-Directory |
|
MSMQ-Triggers |
|
MSMQ-HTTP-Support |
|
MSMQ-Multicasting |
|
MSMQ-Routing |
|
MSMQ-Win2000 |
|
MSMQ-DCOM | |
|
|
Windows Process Activation Service |
|
Process Model |
|
.NET Environment |
|
Configuration APIs | |
|
WAS |
|
WAS-Process-Model |
|
WAS-NET-Environment |
|
WAS-Config-APIs | |
|
|
Windows Internal Database |
Windows-Internal-DB |
|
|
BitLocker Drive Encryption |
BitLocker |
|
|
Multipath I/O |
Multipath-IO |
|
|
Internet Storage Naming Server |
ISNS |
|
|
Removable Storage Manager |
Removable-Storage |
|
|
TFTP Client |
TFTP-Client |
|
|
SNMP Services |
|
SNMP Service |
|
SNMP WMI Provider | |
|
SNMP-Services |
|
SNMP-Service |
|
SNMP-WMI-Provider | |
|
|
Services for Network File System |
NFS-Services |
Services for Network File System is available as a feature only on the Windows Server 2008 IA64 version. On other versions of Windows Server 2008, it is available as a role service of File Services. |
|
Internet Printing Client |
Internet-Print-Client |
|
|
Peer Name Resolution Protocol |
PNRP |
|
|
Connection Manager Administration Kit |
CMAK |
|
|
Remote Server Administration Tools |
|
Role administration tools |
|
Active Directory Certificate Services Tools |
|
Active Directory Domain Services Tools |
|
Active Directory Domain Controller Tools |
|
Server for NIS Tools |
|
Active Directory Lightweight Directory Services Tools |
|
Active Directory Rights Management Services (AD RMS) Tools |
|
DHCP Server Tools |
|
DNS Server Tools |
|
Fax Server Tools |
|
DFS Management Console Tools |
|
File Server Resource Manager Management Console Tools |
|
Hyper-V Tools |
|
Services for Network File System Tools |
|
File Services Tools |
|
Network Policy and Access Services Tools |
|
Health Registration Authority Tools |
|
Network Policy Server Tools |
|
Remote Access Service Tools |
|
Print Services Tools |
|
Web Server (IIS) Tools |
|
Terminal Services Tools |
|
TS RemoteApp Tools |
|
TS Gateway Tools |
|
TS Licensing Tools |
|
UDDI Services Tools |
|
Feature administration tools |
|
BitLocker Drive Encryption Tools |
|
BITS Server Extensions Tools |
|
Failover Clustering Tools |
|
Network Load Balancing Tools |
|
SMTP Server Tools |
|
Windows Deployment Services Tools |
|
WINS Server Tools |
|
Hyper-V Tools |
|
|
RSAT |
|
RSAT-Role-Tools |
|
RSAT-ADCS |
|
RSAT-ADDS |
|
RSAT-ADDC |
|
RSAT-SNIS |
|
RSAT-ADLDS |
|
RSAT-RMS |
|
RSAT-DHCP |
|
RSAT-DNS |
|
RSAT-Fax |
|
RSAT-DFS-Mgnt-Con |
|
RSAT-FSRM-Mgnt |
|
RSAT-Hyper-V |
|
RSAT-NFS-Admin |
|
RSAT-File-Services |
|
RSAT-NPAS |
|
RSAT-HRA |
|
RSAT-NPS |
|
RSAT-Print-Services |
|
RSAT-Web-Server |
|
RSAT-TS |
|
RSAT-TS-RemoteApp |
|
RSAT-TS-Gateway |
|
RSAT-TS-Licensing |
|
RSAT-UDDI |
|
RSAT-Feature-Tools |
|
RSAT-BitLocker |
|
RSAT-BITS-Server |
|
RSAT-Clustering |
|
RSAT-NLB |
|
RSAT-SMTP |
|
RSAT-WDS |
|
RSAT-WINS |
|
RSAT-Hyper-V |
|
|
|
Windows PowerShell |
PowerShell |
|
|
Group Policy Management |
GPMC |
|
|
Quality Windows Audio Video Experience |
Qwave |
|
Source:
5/3/2008
As you already know by now, in Windows Server 2008, Server Core installation does not include the traditional full graphical user interface (GUI). Therefore, once you have configured the server, you can only manage it locally at a command prompt, or remotely using a Terminal Server connection. A third management option is to manage the server remotely using the Microsoft Management Console (MMC) or command-line tools that support remote use.
One of the major pains of managing such a GUI-stripped installation is the configuration of the Windows Advanced Firewall settings. Without properly configuring these rules, you will find it extremely difficult to remotely manage your server.
In this article, I assume that you have already configured your server core with the bare minimum requirements to operate in a network. These requirements are:
- Configuring an IP address
- Configuring a server name
- Configuring an administrator's password
You should, but are not required to, also join the server to your domain.
All of the above can be accomplished by following the "Configuring Windows Server 2008 Server Core Basic Networking Settings" article.
Next, in order to properly configure Server Core to allow you to control its Firewall settings remotely, via GUI, follow these steps:
Step #1: Enable remote management through the firewall
On your Server Core machine, at a command prompt, type the following:
This will allow you to control the Firewall's settings from a remote MMC snap-in.
You can always run the following command in order to disable this option:
Step #2: Open the Windows Firewall snap-in
- On a remote computer running Windows Server 2008 or Windows Vista, click Start > Run, then type MMC and press ENTER.
- Click File > Add/Remove Snap-in.
- In the Add or remove snap-ins, scroll down till you find the Windows Firewall with advanced security snap-in.
- Click Add, then in Another Computer, type the name or IP Address of the Server Core server you want to manage.
- After a short loading, if all is ok, you will be presented with the management GUI of the remote server.
- You can now create new Firewall rules, enable or disable existing rules, export your settings or disable the Firewall altogether.
For example, to enable the rule allowing Remote Desktop connections to the Server Core, go to Inbound Rules. In the results pane scroll down till you find Remote Desktop (Tcp-in), right-click it and choose Enable.
Note: You can read more about enabling RDP connections on my "Managing Windows 2008 Server Core through RDP" article.
Another example would be to enable ICMP Echo Replies (or simply put – Ping replies) from the Server Core server, allowing the administrators to test for connectivity issues with the server. To enable the rule allowing ICMP Echo Replies from the Server Core, go to Inbound Rules. In the results pane scroll down till you find File and Printer Sharing (Echo Request – ICMPv4-In), right-click it and choose Enable.
Pings to the Server Core server should now work.
You can save the current MMC window for future use. As long as you do not change the settings on step #1, or change the server's IP Address (if you've used an IP Address to connect to it in the first place), it should continue working for as long as you want.
Summary
Running Server Core requires manual control of many settings, and without proper Firewall configuration you may find it hard to remotely connect to it. This article showed you how to configure the Server Core server in order to remotely connect and configure the Windows firewall component.
5/2/2008
Configuring Windows Server 2008 Server Core Basic Networking Settings
Like any other server, Server Core machines must be properly configured to be able to communicate on your network. Some of these settings include:
- Configuring an IP address
- Configuring an administrator's password
- Configuring a server name
- Enabling remote MMC snap-in management
- Enabling remote RDP connections
- Enabling remote Windows Firewall management
- Enabling remote shell management
- Activating the server
- Joining a domain
- Configuring Windows Updates
- Configuring error reporting
- Adding server roles and features
And other tasks.
Before you start, you need to configure the server's IP address.
To set the server with a static IP address
- At a command prompt, type the following:
- Look at the number shown in the Idx column of the output for your network adapter. If your computer has more than one network adapter, make a note of the number corresponding to the network adapter for which you wish to set a static IP address.
- At the command prompt, type:
Where:
- ID is the number from step 2 above
- StaticIP is the static IP address that you are setting
- SubnetMask is the subnet mask for the IP address
- DefaultGateway is the default gateway
- At the command prompt, type:
Where:
- ID is the number from step 2 above
- DNSIP is the IP address of your DNS server
- Repeat step 4 for each DNS server that you want to set, incrementing the index= number each time.
- Verify by typing ipconfig /all and checking that all the addresses are correct.
To set the administrative password in Windows Server 2008
- At a command prompt, type the following:
- When prompted to enter the password, type the new password for the administrator user account and press ENTER.
- When prompted, retype the password and press ENTER.
Next, you might want to change the computer's name, as the default name is a random-generated name (unless configured through an answer file)
To change the name of the server
- Determine the current name of the server with the hostname or ipconfig /all commands.
- At a command prompt, type:
- Restart the computer by typing the following at a command prompt:
To manage a server running a Server Core installation by using the Windows Remote Shell
- To enable Windows Remote Shell on a server running a Server Core installation, type the following command at a command prompt:
- Click Y to accept the default settings.
Note: The WinRM quickconfig setting enables a server running a Server Core installation to accept Windows Remote Shell connections.
- 3. On the remote computer, at a command prompt, use WinRS.exe to run commands on a server running a Server Core installation. For example, to perform a directory listing of the Windows folder, type:
Where ServerName is the name of the server running a Server Core installation.
- You can now type any command that you require, it will be executed on the remote computer.
To activate the server
- http://marksmith.netrends.com/Lists/Posts/Post.aspx?ID=8
To join a Windows 2008 server to a domain
- At a command prompt, type:
Where:
- ComputerName is the name of the server that is running the Server Core installation.
- DomainName is the name of the domain to join.
- UserName is a domain user account with permission to join the domain.
Note: Entering * as the password means you will be prompted to enter it on the command prompt window in the next step. You can enter it in the initial command, if you wish to.
Note: Note that the word "passwordd" has 2 d's in it…
- When prompted to enter the password, type the password for the domain user account specified by UserName.
- Restart the computer by typing the following at a command prompt:
To remove the Windows 2008 server from a domain
- At a command prompt, type:
- Reboot the computer.
To configure automatic updates
- To enable automatic updates, type:
- To disable automatic updates, type:
BTW, in order to view your current settings you can type:
To configure error reporting
- To verify the current setting, type:
- To automatically send detailed reports, type:
- To automatically send summary reports, type:
- To disable error reporting, type:
Summary
Windows Server 2008 Core machines need to be properly configured for communication across your network. While most of the Server Core settings need to be configured via the local Command Prompt, some settings can also be configured remotely. This article, a part of a complete Server Core article series, will show you how to do that.
Instructions
1. Logon into the server console.
2. To enable remote administration from Windows Vista/Windows 2008; Write the command in
the Windows shell:
"Cscript %windir%\system32\SCRegEdit.wsf /ar 0" and press the "Enter" button.
Note: To enable remote administration from Windows XP/2003 and earlier operating system;
Write the command in the Windows shell:
"Cscript %windir%\system32\SCRegEdit.wsf /ar 0" and press the "Enter" button.
"Cscript %windir%\system32\SCRegEdit.wsf /cs 0" and press the "Enter" button.
| Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
|
|
|
|
|