In the first part of this LAB setup guide, I described the hardware selection process.
In the second part, I described the hypervisor selection and installation.
In the third part, I described VM guest considerations and preparations.
In the fourth part, I described Configuring Server 2012 VM as DC with DNS and DHCP using PowerShell
In the fifth part, I described easily creating (many) proper AD users with PowerShell
In the sixth part, I described creating a local PowerShell v3 Help Repository with PowerShell
In this post I will describe how you can make your lab available over the internet.
When you’ve created your home LAB, you want to be able to use it anywhere. Depending on your situation, one of these options probably best meets your needs.
Examples include the use of:
- Remote desktop connection to your server
+ Easy to configure (enable on server and configure NAT forwarding if appropriate)
– On many enterprise or public networks TCP3389 is blocked by the firewall.
– Connects only to specific server. Even though you access the rest of the network from there.
- VPN connection to your network
- Using your hardware router
+ Connection to network, not just a server.
– No dependency on Windows Server
- Using Windows Server 2008 / 2012
+ SSTP VPN (TCP443), is generally not blocked on enterprise/public networks.
+ Connection to network, not just a server.
– Dependency on Windows server.
– Requires more configuration.
– The root CA certificate for the certification authority (CA) that issued the server authentication certificate needs to be into the store Local Computer\Trusted Root Certification Authorities. For a self-signed certificate, this means that you need to have local admin permissions to add it.Note: DirectAccess is a great feature, but it requires the client to be a member of the domain. And in my case this would limit where I can connect from, therefore I don’t plan to use it. For other situations it might be a better solution though.
- Using 3rd party tools like logmein, teamviewer or VNC
+ Connects only to specific computer.
Since I want to be able to connect from within enterprise environments as well, I chose to use SSTP VPN in Windows Server 2012. The basic steps you have to perform, include:
- On the server, you have to install and configure the VPN service.
- On the server or your own PKI, you would want create and install a machine certificate. You can create a Certificate Signing Request and request a 3rd party public certificate. Alternatively you can create a certificate using your own Certificate Authority, or you could create a self-signed certificate, For creating the self-signed certificate you can use the great PluralSight SelCert tool.
- On the client, you have to make sure the created certificate will be trusted. This means you have to add the certificate to local system\trusted root certificate authority if you’re using a self-signed certificate, which requires local administrator permissions on the client.
- On the client, you have to set-up the VPN connection to the server. Preferably you want to connect by DNS name. For your home lab you can also utilize dynamic DNS services like by example no-ip.com or alternative solutions.
For some more information, you can also take a look at this:
Tags: CA, certifcate, certificate, certificate authority, direct access, ICT, lab, no-ip, PKI, PluralSight, public certificate, remote access, routing and remote access, Routing and Remote Access Services, RRAS, self-signed certificate, SelfCert, sstp, sstp vpn, VPN
As I already wrote in yesterday’s post Apple – Notes / summary for the “Mac Integration Basics 10.8 Exam”, I’ve mainly been working with Microsoft products all my life. Since recently however, I’m also trying to get more familiar with Apple, Mac products and OS X and am trying to become certified.
One of the reasons, I’d never used Apple products before was because I never really deemed it necessary. Nowadays the number of Mac users seem to be growing and there is more demand for people with Mac / OS X knowledge.
As such my quest for knowledge and certification began. For me personally this meant:
- Using Apple online resources
- Reading books (mainly the great book Apple Pro Training Series: OS X Support Essentials. Before purchasing, you might also want to look for coupon codes as it might save you 30% off or more.)
- Watching computer based training (CBT) videos
- Working with OS X (thanks go out to my employer Open Line for providing me with a MacBook Pro, books and most importantly … TIME)
- Personally I didn’t think it was necessary to take a course at a training center, but some people might prefer this.
- Asking colleagues for help (thanks guys !!!)
- Making sure that I understood everything and if it wasn’t the case, look it up.
- Taking notes / creating this summary blog post that can be used as a reference if needed
- Testing my knowledge using test questions from Revise IT
I’ve taken the exam last friday and passed with 92.5%. Even though I think it was a pretty good score, I still had to make some educated guesses. This made me realize that there’s still a lot to learn and that getting more experience is important as well.
I also want to mention that I took the exam at LAI the training institute for IT professionals in Schiedam (The Netherlands). They were really kind, helpful and service oriented. The waiting area and test room were great and they even provided a pastry and all kind of drinks at no charge. This has been my best test taking experience to date, so keep up the good work guys.
I’m looking forward to attending the OS X Server 10.8 course at LAI the training institute for IT professionals at the end of March. I’ll try to create another blog post about this as well.
But now back to the important stuff, here are my notes/summary. I hope it is useful. If you find any errors or have any suggestions, please leave a comment.
Notes / summary for the “OS X Support Essentials 10.8 Exam”
Read the rest of this entry »
Tags: .mobileconfig, .Spotlight-v100, .spx, 32-bit, 64-bit, 802.1X, About this Mac, Access Control Entries, Access Control Lists, accessibility, ACE, ACL, ACSP, ACTC, Active Directory, Activity Monitor, AD, ad-hoc, ad-hoc network, Address Book, Address Resolution Protocol, address space layout randomization, Administrative user, advanced search, Advanced Technology Attachment, AES, AFP, AFP 2, AFP 3.1, Agents, AirDrop, Alias, alternative data stream, AoL, APIPA, APM, App Store, appfirewall.log, Apple, Apple Certified Associate, Apple Certified Associate - Mac Integration 10.8, Apple Certified Support Professional, Apple Certified Support Professional (ACSP) 10.8, Apple Certified Technical Coordinator (ACTC), Apple Certified Technical Coordinator (ACTC) 10.8, Apple Filing Protocol, Apple Hardware Test, Apple ID, Apple Mac OS X, Apple menu, Apple online mail Setup Assistant, Apple Partition Map, Apple Remote Desktop, Apple Rmeote Desktop, AppleFileServer, AppleScript, AppleVNCServer, application, Application Resource Troubleshooting, Application Sandboxing, Application Support, Application Troubleshooting, Applications, ARD, ARDagent, ARP, assistive technologies, Associate certification for Mac Integration, audio conferencing, authentication, authorize, auto discover, Auto Resume, Auto Save, Automatic Resume, automatic updates, Automator, backlight, backup, Backups.backupdb, backwards compatible, bidirectional, binary encoded, Bluetooth, Bluetooth PAN, BlueTooth Preferences, Bluetooth shairng, Bonjour, Boot Camp, boot rom version, boot.efi, bootd, booter, bootpd, browser, BSSID, Build, bundles, cable, cabling, CalDAV, Calendars, Calendears, camera, Carbon, CardDAV, central software update server, certificate, Certificate assistant, certificates, certification, certify, chmod, chown, CIDR, CIFS, Cisco IPSec, Classic Compatibility environment, Classless Inter Domain Routing, Classless InterDomain Routing, CLI, client-server architecture, Cocoa, code signed, collaboration services, command, Command Line Interface, Commands, Common Unix Printing System, configuration, Configuration Profile, Connect To Server, Connection Doctor, Console, Contacts, Core Audio framework, corrupt, corruption, CPU, Cross Platform, CrytpoCard, CUPS, customization, Daemons, daisy-chained, dark-wake, dark-wakes, dark-waking, darkwake, darkwakes, Dashboard, data management, deactivate, delete, desktop, Device driver, DFS, DHCP, DHCP services, diagnose, diagnostic, digital camera, digital display, Directory, Directory utility, disconnect, Discoverable mode, disk images, Disk Utility, display, DisplayPort, Distributed File Service, DNS, DNS services, Dock, Document management, Document Versions, documents, Domain Naming System, downloads, drag-and-drop installation, Driver, Drop Box, dscacheutil -flushcache, Dual-Link DVI, duplex, Duplicate, DVD or CD sharing, DVI, dynamic disk repartition, dynamic disk repartitioning, Dynamic Host Configuration Protocol, Dynamic memory, Dynamic service discovery, e-mail, effective permissions, EFI, eject, Encrypted IMAP, Encrypted POP, Encrypted SMTP, encryption, Ethernet, Everyone, EWS, Exam, Exchange, Exchange Web Services, Execute, execute disable, ExFAT, expansion buses, export, ExpressCard 34, Extended File Allocation Table, eXtensible Messaging and Presence Protocol, Extensions, Facebook, FAT, FAT32, Fibre Channel, File Allocation Table, file archives, File Quarantine, file server, File shairng, File share, File Sharing, file sharing protocols, File Sharing services, file system, File System shortcuts, file systems, fileserver, FileVault, FileVault 2, FileVault2, Find My iPhone, Find My Mac, Finder, Finger, Firewall, Firewire, firmware, Firmware Password Utility, flash disk, flash drive, Flash Storage, flickr, font, Fonts, force quit, forked file system, forward lookup, Framework plug-in, Framworks, Free Berkely Software Distribution, FreeBSD, fsck, FTP, FTPS, full disk encryption, full restore, Gatekeeper, Gbit, Get Info, Gigabit, Gmail, Go, Gopher, GPRS/3G, GPT, group, guest, guest user, gui, GUID, hard link, hardware, HDMI, hex, HID, hidden files, hidden folders, hidden items, home folder, Host Sharing Services, HP Jetdirect, HTTP, HTTPS, hub, Human Input Device, iChat, iCloud, iCloud iMessage, iClpid integration, IEEE-1394, IM, iMac, Image Capture App, Image Capture Framework, IMAP, iMessage, import, incorrect, index rebuild, Info, Inspector, installation method, installation package, InstallESD.dmg, Instant Messaging, internet, Internet Printing Protocol, Internet protocol, iOS, IP, IP address, iPad, iPhone, iPod, IPP, IPsec, IPv4, IPv6, iTunes, Jabber, Java applications, Java preferences, Java SE 6, Java SE 7, Journaled, Kerberos, kernel, Kernel Extension, kernel_task, KEXT, Keyboard, keychain, Keychains, Keynote, killall -HUP mDNSResponder, L2TP, L2TP over IPsec, LaunchAgents, launchd, LaunchDaemons, Launchpad, LDAP, Legacy AFP, Legacy Applications, Legacy FileVault, library, Library Randomization, Line Printer Daemon, link-local, listening key, local snapshot, location services, lock, lock screen, Login Keychain, login message, loginwindow, logout, Logs, Lookup, LPD, mac, MAC address, Mac App Store, Mac App Store and identified developers, Mac Integration Basics 10.8, Mac Integration Basics 10.8 Exam, Mac mini, Mac OS Extended, Mac OS X, Mac OS X 10.8 Mountain Lion, Mac Pro, MacBook, MacBook Air, MacBook Pro, machine authentication, mail, malware, managed user, manual restore, MAPI, Master Boot Record, Master Password, MAx OS Extended (Journaled), Maximum Transmission Unit, MBR, MCS, MDM, memory, Messages, Messages Screen Sharing, Messaging services, metadata, Microsoft Exchange, Migration Assistant, mobile device management, modifier keys, Modulation and Coding Scheme, mount, Mountain Lion, Mouse, mouse keys, Movies, MS DOS, MTU, Music, named, NAT, natd, Native OS X applications, Netbios, NetBoot, Netstat, network, Network Address Translation, network configuration, Network Diagnostics, Network File System, Network folder, network servcies, Network Service, network service account settings, Network Utility, NFS, NIS, No Access, notes, notifications, Numbers, NVRAM, octet, Open Directory, Open in Low Resolution, Open Systems Interconnection Reference model, OpenType, Oracle, Organizationally unique identifier, OS X, OS X 10.8, OS X 10.8 Mountain Lion, OS X internet recovery, OS X Launch Services, OS X Mountain Lion, OS X Recovery, OS X Server, OSI, OSI model, OUI, Outline fonts, Owner, packages, Pages, pair, parental controls, paring, partitioning, Password, password hint, passwords, PCI Express, PCIe, PDF, PDF tools, peer-to-peer, per-user authentication, peripheral buses, peripherals, Permissions, Personal Firewall, Photo Stream, PHY, Pictures, PID, Ping, plist, Point-to-Point Protocol over Ethernet, Point-to-Point Tunneling Protocol, policy banner, POP, port, Port Scan, Portable Document Format, ports, POSIX, POST, PostScript, PostScript Printer Description, Power Nap, Power On Self Test, PowerNap, PowerPC, PPD, PPoE, PPTP, preference file, PreferencePanes, Preferences, Preview, print, Print & Scan, print job, printer queue, Printer Sharing, printer spool, Printing, privacy, Process Features, Process ID, Process Security, Process Types, profile, Profile Manager, profiles, property list, Protected memory, protocols, Proxy, public, Quick Look, QuickTime, raid, Read, Read & Write, Read Only, Real Mem, Received Signal Strength Indication, reconnect, recovery, Recovery Disk Assistant, Recovery Key, referral, Remote Apple Events, Remote Disc, Remote Login, Remote Management, Reset permissions, resetpassword, restore, restore DVD, Retina, Retina display, Reverse lookup, Root, Root user, Rosetta, RSA SecurID, RSSI, RTSP, S-Video, Safari, safe boot, safe downloads list, Safe Sleep, sandbox, Sandboxing, SATA, Scanner sharing, Screen Sharing, SCSI, Secure Empty Trash, secure erase, Secure FTP, secure memory, security, Security & Privacy, self-assigned, Serial ATA, Serial Attached SCSI, Serial Number, Server Message Block, Services For Macintosh, Setup Assistant, SFM, SFTP, Shared, shared secret, sharing only user, shortcuts, Shutdown, side-by-side, Sidebar, Single Sign On, single user mode, Sites, sleep mode, Small Computer System Interface, SMB, smbd, SMTP, Socks, speakable items, speed, spoken commands, spool, Spotlight, Spotlight index, spotlight plug-ins, spotlight search, srm, SSD, SSH, SSH daemon, SSH File Transfer Protocol, sshd, SSO, standard user, Startup Items, startup keyboard shortcut, startup keyboard shortcuts, startup shortcuts, StartupItems, StdExclusions.plist, Stealth, Stealth mode, sticky keys, storage, storage buses, sudo, summary, Symbolic link, Symmetric multiprocessing, system, System Administrator, System information, system kernel, system launchd, System Memory, System Preferences, System Profiler, System resources, System Screen Sharing, System Security, System Security Settings, system sleep, system startup, SystemStarter, target disk mode, TCP, TCP/IP, Terminal, TextEdit, Thunderbolt, Time Capsule wireless base station, Time Machine, Time Machine local snapshot, TOSLINK, Traceroute, trackpad, Trash, troubleshooting, Troubleshooting Utility, TrueType, Twitter, UDP, UEFI, UFS, Universal Serial Bus, Universally Unique ID, UNIX, UNIX BSD, UNIX commands, Unix File System, UNIX permissions, unmount, update, updating applications, USB, USB cellular, user, user account, user account information, User authentication, User Datagram Protocol, user launchd, users, Users & Groups, UUID, vector fonts, verbose logging, Verbose mode, verification, VGA, video conferencing, vimeo, virtual interface, Virtual Private Network, VMware Fusion, VNC, VoiceOver, VPN, VPN on demand, web site, WebDAB, website, WEP, What's Keeping Me, Whois, wi-fi, Wi-Fi Diagnostics, Wide-Area Bonjour, Widget, Widgets, Windows, Windows Server, Windows Server 2008, WINS, WKM, workflow, WPA, WPA Enterprise, WPA2, WPA2 Enterprise, Write, Write Only, XML, XMPP, XProtect.plist, Xserve, Yahoo, Zero Configuration Networking, Zeroconf, zip, zoom
People that know me, know that I’ve mainly been working with Microsoft my whole life. Lately however, I’ve been working with an Apple MacBook Pro with OS X 10.8 Mountain Lion however and I intend to enough knowledge and experience to get the following certifications:
- Apple Certified Associate – Mac Integration 10.8
- Apple Certified Support Professional (ACSP) 10.8
- Apple Certified Technical Coordinator (ACTC) 10.8
So keep an eye on my blog if you want to learn more about Apple’s Mac OS X and its certifications. Read more about other Apple certifications on their Training and Certification page.
The “Mac Integration Basics 10.8 Exam”
For people new to Mac and OS X, Apple offers the Associate certification for Mac Integration. This covers OS X basics and describes options to integrate OS X into an existing (Windows) environment. The exam costs $65 and can be taken online.
Even though the guide that Apple provides isn’t that big to begin with, I decided to summarize it anyways. I hope it is useful to someone else as well.
Also if you want to get more in-depth knowledge about OS X 10.8 Mountain Lion, check out this great book: Apple Pro Training Series: OS X Support Essentials. Before purchasing, you might also want to look for coupon codes as it might save you 30% off or more.
Notes / summary for the “Mac Integration Basics 10.8 Exam”
Read the rest of this entry »
Tags: ACSP, ACTC, AFP, App Store, Apple, Apple Certified Associate, Apple Certified Associate - Mac Integration 10.8, Apple Certified Support Professional, Apple Certified Support Professional (ACSP) 10.8, Apple Certified Technical Coordinator (ACTC), Apple Certified Technical Coordinator (ACTC) 10.8, Apple Filing Protocol, Apple ID, Apple Mac OS X, Associate certification for Mac Integration, authentication, Bonjour, Boot Camp, Calendears, CardDAV, certification, certify, CIFS, Cisco IPSec, Contacts, Cross Platform, encryption, Exam, Exchange, eXtensible Messaging and Presence Protocol, File Sharing, FileVault, Finder, FTP, Gatekeeper, HP Jetdirect, iCloud, IMAP, Instant Messaging, Internet Printing Protocol, iOS, iPad, iPhone, iPod, IPP, IPsec, iTunes, Jabber, Keynote, L2TP, LDAP, Library Randomization, Line Printer Daemon, LPD, mac, Mac App Store, Mac Integration Basics 10.8, Mac Integration Basics 10.8 Exam, Mac OS X, Mac OS X 10.8 Mountain Lion, mail, Messages, Migration Assistant, NFS, notes, Numbers, Open Directory, OS X, OS X 10.8, OS X 10.8 Mountain Lion, Pages, Parallels, Parallels Desktop, POP, PPTP, Preferences, Printing, QuickTime, Sandboxing, Server Message Block, SMB, summary, System Preferences, Time Machine, virtualization, VMware, VMware Fusion, VPN, WebDAB, XMPP
Last week I got a beta exam invite for exam “70-688 Managing and Maintaining Windows 8” (in beta it is 71-688). As with most beta exams lately, you only have max two weeks to prepare and there are no books available yet that you can use to study. Therefore I start with looking at what skills are being measured and if there are preparation guides available. From there on I start looking for relevant learning resources for each subject and adding them to the skills that are being measured for easy future reference.
I hope it is useful for you as well.
Read the rest of this entry »
Tags: 070-688, 071-688, 70-688, 71-688, ACT, Action center, AEM, Agentless Exception Monitoring, App-V, App-V 5.0, application compatibility toolkit, application reputation, Application Virtualization, Applocker, asset, asset inventory, authentication, Azure, backup, bcdboot, bcdedit, Beta, biometrics, BitLocker, BranchCache, certificate, client hype-rv, CMAK, computer inventory report, ConfMgr, ConfMgr 2012, ConfMgr2012, Connection Manager, Connection Manager Administration Kit, DaRT, DaRT 8, DCA, DEM, deployment strategy, Desktop Error Monitoring, Diagnostic and Recovery Toolkit, DirectAccess, DirectAccess Connectivity Assistant, disk image, disk image backup, DISM, DNSSEC, domain, EAS, EFS, EHD, Encrypted Hard Drive, Encrypting File System, Endpoint Protection, Exam, Exchange Active Sync, Exchange Activesync, file history, find and fix problems with devices, Firewall, folder redirection, group policy, hardware, hardware and devices troubleshooter, high-touch, Hyper-V, image, IPv4, IPv6, Learning, learning resource, learning resources, lite-touch, Live Mesh, live service, live services, LiveMesh, local account, Managing and Maintaining Windows 8, MBAM, MDOP, MDOP 2011 R2, metered network, metering, metro application, microsoft account, Microsoft Application Virtualization, Microsoft Azure, Microsoft Bitlocker Administration and Monitoring, Microsoft Desktop Optimization Pack, migrate, migration, mobile, mobile device, mobile device management, multifactor authentication, name resolution, native boot, Near Field Communication, network, network metering, NFC, off-network, Office 365, Office 365 Desktop Setup, offline files, Packaged App, PC refresh, PC reset, picture password, Powershell, PowerShell Remoting, prep guide, preparation, preparation guide, prepare, print management, printer, rdp, RDS, Recimg, Recimg.exe, recovery drive, recovery media, remote access, remote desktop protocol, Remote Desktop Services, Remote Server Administration Tools, RemoteApp, removable storage devices, report, roaming profiles, roaming user profiles, RSAT, SCCM 2012, SCCM2012, Secure SIM, security, shim, sideload, sideloader, Skydrive, Skydrive Pro, smart card, Software Restriction Policies, SRP, Storage Spaces, study, Sync center, System Center, System Center 2012, System Center 2012 Endpoint Protection, System Center 2012 Endpoint Protection client, System Center Configuration Manager, System Center Configuration Manager 2012, System Center Desktop Error Monitoring, System Center Endpoint Protection, system restore, trust, trust relationship, Trusted PC, two-factor authentication, UE-V, upgrade, upgrade path, User Experience Virtualization, user state migration tool, usmt, VDI, vhd, Virtual Desktop Infrastructure, virtual hard disk, virtualization, VPN, wet, Windows, Windows 7 file recovery, Windows 8, windows 8 application, Windows 8 FIle History, Windows 8 Image, Windows 8 PC refresh, Windows 8 PC reset, windows 8 upgrade path, Windows Azure, Windows Defender, windows easy transfer, Windows Firewall, Windows Intune, Windows Recovery Environment, Windows store, Windows To Go, Windows Update, wireless, workgroup, WRE, WSUS, zero-touch