Windows 7 and Windows 2008 R2 both run IIS 7.5. Whilst this version is similar to previous versions, if you wish to use it to host a DotNetNuke instance, there has been a change in the default identity used for the asp.net user.

Why the changed account?
The reason for this is that it’s possible for a website running under 1 application pool operating under an identity (e.g. “networkservice”) to use filesystem objects to read files from another site running in a different app pool that also uses “networkservice”. This meant that to get true app-pool isolation, admins had to create multiple users (and ACL them accordingly).

In IIS 7.5 (the version in Win7), the “ApplicationPoolIdentity” add’s an additional SID per app pool (and injects the name of the pool into it). This protects this cross-pool weakness, and allows servers to run under multiple app pools all with the same user (and also usefully injects the name of the process alongside w3wp.exe)

If you’re interested there’s more details on this @ http://blogs.iis.net/webtopics/archive/2009/03/13/changes-to-application-pool-identities-in-iis-7-5-beta.aspx and http://learn.iis.net/page.aspx/624/application-pool-identities/
However, the main point of this blog is to show you how to use this new account, as setting it’s permissions is not exactly intuitive.

New account for asp.net
Instead of using the “NetworkService” account that was used in IIS6/7 , the default account is called “ApplicationPoolIdentity” , so this is the account that needs the usual permissions on the website.  This account is not a “real” user account though. To add permissions for it on your website, you will need to open up Windows explorer and do the following:

• Right click the website folder and select “Properties”

• Select the “Security” tab

• Click the “Edit” and then “Add” button

• Click the “Locations” button and make sure you select your machine.

• Enter “IIS AppPool\DefaultAppPool” in the “Enter the object names to select:” text box.

• Click the “Check Names” button and click “OK”.

• You can now select the necessary permissions (typically read, write and modify permissions for the folder and all subfolders is the easiest permission to set)

Note: Alternatively you may change your application pool back to “NetworkService” (or any other account), but will lose the cross-app pool isolation feature.

I installed ISPConfig awhile back on a web hosting server that at one point also hosted email accounts. I recently moved all of the email to a different server and wanted to cut down on CPU and memory usage so I needed to disable amavisd, clamd, courier-imap, and courier-authlib. These services provided a way to receive email via POP3 and IMAP as well as content filtering and virus scanning for all of that email. So after shutting all of the services down I needed to remove the reference to the local content filter from Postfix because if amavis is shut down and mail is sent from a web application to the localhost then the connection will be refused and Postfix will not send the email. Below I describe the Postfix configuration lines to comment out as well as a way to reload all of the queued email into the Postfix queue so it could be sent again.

Disable Postfix Amavis Configuration

First you will need to comment out the content_filter line which will look similar to the below. In my case it is telling Postfix to send local mail through port 10024 on the localhost or 127.0.0.1. The Postfix configuration file is named main.cf and located in the /etc/postfix directory.

Active Postfix Amavis Configuration Using content_filter:

Now the below shows the same configuration line updated with a comment in front of it so it is not processed.

Disabled Postfix Amavis Configuration Using content_filter:

You may also have reference to amavis in master.cf also located in the /etc/postfix directory. If you do locate it, open in your favorite editor such as vi, and comment it out as shown below.

Comment Out Amavis Reference In The Postfix Configuration File master.cf:

Restart Postfix To Enable Configuration Changes:

Now use the syntax below to load the new configuration files. This will disable content_filter and not require all email to be filtered when it is sent from the local server.

Reload The Postfix Server Using The Below Syntax:

Requeue Postgix Email Without Content Filter:

After you have removed the content_filter configuration you may need to put emails back into the queue. Regardless after the content_filter setting has been modified you will want to run the below queue so no emails are stuck in the queue forever. Issue the below command to put emails back into the queue to be sent. For instance in my case I shut down amavis before removing the content_filter configuration line which caused numerous emails to be stuck in the Postfix queue.

Syntax To Requeue Postfix Email Messages:

If you watch the maillog, located in the /var/log directory, when running the above command you will see the email being sent from the server if there are any emails that were requeued. All outgoing mail will no longer be filtered.

There are many ways to implement Windows Server Failover Clustering with Hyper-V. I could actually find five unique methods to do it. Some of them will actually not give you a fully fault-tolerant solution, but most of them actually make sense in specific scenarios (even if only for demonstrations). In any case, just trying to understand and differentiate them will probably be a good exercise. However i will explain only two ways as they are most usable for production usage

Read the rest of this entry

Having run Hyper-V in production for a while now, and been very happy with it, we wanted to import it and run it as a Hyper-V virtual machine – undertaking a P2V (Physical to Virtual) process.

Trouble is, there’s no direct P to V converter for Hyper-V available to do this – at least not until Virtual Machine Manager gets updated. However, VMware have offered their VMWare converter for free for a long time (you’ll need to register). This tool connects to a physical machine and creates a VMware Machine, with a VM disk and configuration file.

Read the rest of this entry

Ako das misa i graficko okruzenje nekome, nije tesko izracunati verovatnocu da pogodi prave vrednosi checkbox-eva, radio-button-a, combobox-eva, i eto naseg novog admina. On je pogodio. Neko strucan bi znao. Velika razlika.

Paranoični administratori ne postoje. Postoje oni koji brinu o bezbednosti i oni koji jok. Ti drugi se pišu sa navodnicima: “administratori”.

Za pocetak vam treba VSFilter, zajedno sa instalerom koji mozete skinuti odavde:
32-bit verzija VSFilter_x86+Installer
64-bit verzija VSFilter_x64+Installer

Da instalirate potrebno je otpakovati fajlove iz arhive i kopirati ih na C:\ (podrazumeva se da je C drajv na kome vam je instalacija Windowsa).
Nakon toga pokrenite .bat fajl (run as administrator). Ukoliko su vam prevodi normalno kodirani trebali bi ste odmah videti prevode (naravno prevod mora da bude istog imena kao i video, i da bude u istom folderu).

Na ovaj nacim bi ste trebali da vidite i prevode u Windows 7 Media Centru bez da morate da iskljucite Windows Media Foundation dekodere! Nadamo se da ce u buducnosti biti neki lagodniji metod za pustanje prevoda, za sada je ovo najbezbolnije resenje.

Evo jednog simpatičnog trika za Windows 7 koji kruži internetom. On omogućuje “GodMode”, izraz koji je osmislio Microsoft razvojni tim, koji vam dozvoljava da na jednom mestu pristupite svim Windows podešavanjima bez potrebe da pretražujete opcije i foldere u Control Panel-u.

Read the rest of this entry

U poslednje vreme veoma je popularna instalacija Windows-a XP sa USB flash diskova. Mnogi korisnici bi na netbook-ovima koji nemaju CD ili DVD-ROM rado instalirali ovaj operativni sistem, ali ne znaju kako.

Pre nego što pređem na detaljan postupak naglasiću par stvari:

1. Trebaće vam računar na kome imate instaliran Windows XP ili Windows Vista operativni sistem.
2. Postupak je moguće odraditi samo u 32-bitnim verzijama ovih operativnih sistema.
3. Ovaj postupak se može primeniti samo na Windows XP.
4. Potreban vam je USB flash disk od minimum 2GB.
5. Naravno potrebno je da računar na kojem želite da sprovedete instalaciju može boot-ovati sa USB-a.

Read the rest of this entry

Ako imate Conexant ADSL (Access runner) modem koji je pretezno SezamPro delio, a pritom ste instalirali Windows7 i razorcarali se sto nemate drajver, ne ocajavajte.

Imam resenje:

W7 Driver

Uzivajte…