Monday, November 18, 2013

Deployment steps Step 1 How to Install an ACS Collector and Database


Deployment steps

Step 1 How to Install an ACS Collector and Database

The TechNet deployment guide you can find here:
How to Install an Audit Collection Services (ACS) Collector and Database
http://technet.microsoft.com/en-us/library/hh284670.aspx
The following steps describe how to install the ACS Collector and database on the computer that is designated as your ACS collector.
On the Operations Manager installation media, run Setup.exe , and then click Audit collection services :
clip_image005
On the Welcome page, click Next :
clip_image006
On the License Agreement page, read the licensing terms, click I accept the agreement :
clip_image007
On the Database Installation Options page, click Create a new database , and then click Next :
clip_image008
On the Data Source page, in the Data source name box, type a name that you want to use as the Open Database Connectivity (ODBC) data source name for your ACS database. By default, this name is OpsMgrAC :
clip_image009
On the Database page, if the database is on a separate server than the ACS collector, click Remote Database Server and change or leave the database name OperationsManagerAC :
clip_image010
On the Database Authentication page, select one of the authentication methods. If the ACS collector and the ACS database are members of the same domain, you can select Windows authentication , otherwise select SQL authentication :
clip_image011
On the Database Creation Options page, click Use SQL Server's default data and log file directories to use SQL Server's default folders, otherwise, click Specify directories :
clip_image012
On the Event Retention Schedule page, click Local hour of day to perform daily database maintenance, and in Number of days to retain events box type the number of days ACS should keep :
clip_image013
On the ACS Stored Timestamp Format page, choose Local or Universal Coordinated Time , formerly known to as Greenwich Mean Time :
clip_image014
Check if the summary is correct:
clip_image015
And install the collector:
clip_image016
Choose the server to login to SQL:
clip_image017
Let the wizard finish:
clip_image018
Click Finish when ready:
clip_image019
Check if the database is installed:
clip_image020
The collector is deployed now and the AdtServer Service is started:
clip_image022
Now we can enable the ACS Forwarders.

Step 2 How to Enable ACS Forwarders

The TechNet deployment guide you can find here:
How to Enable Audit Collection Services (ACS) Forwarders
http://technet.microsoft.com//library/hh272397.aspx
The following steps describe how enable the ACS forwarders.
In the Operations console, click Monitoring, Operations Manager , expand Agent Details , and then click Agent Health State :
clip_image024
In the details pane, click all agents that you want to enable as ACS forwarders. You can make multiple selections by pressing CTRL or SHIFT, and in the Actions pane, under Health Service Tasks , click Enable Audit Collection to open the Run Task - Enable Audit Collection dialog box:
clip_image026
Set task credentials or override for collector server if needed:
clip_image027
Run the Task:
clip_image028
And wait until success:
clip_image029
See if the AdtAgent services is started on the agent:
clip_image031
It is forwarding the security events now.

Step 3 How to Deploy ACS Reporting

The TechNet deployment guide you can find here:
The following steps describe how to install the ACS Collector and database.
On the server that will be used to host ACS reporting create a (temp) folder C:\ACS:
clip_image033
On your installation media, go to \ReportModels :
 clip_image035
acs and copy the directory contents to the temporary installation folder:
clip_image037
On your installation media, go to \SupportTools :
clip_image039
and copy the file ReportingConfig.exe into the temporary acs folder if not already there:
clip_image040
Open a Command Prompt window by using the Run as Administrator option, and then change directories to the temporary acs folder:
clip_image042
Run the following command:
UploadAuditReports “<AuditDBServer\Instance>” “<Reporting Server URL>” “<path of the copied acs folder>”
For example:
UploadAuditReports “myAuditDbServer\Instance1” “http://myReportServer/ReportServer$instance1” “C:\acs”
In my case:
UploadAuditReports OR-OM12-1 http://OR-OM12-1/ReportServer C:\ACS
clip_image044
This example creates a new data source called Db Audit , uploads the reporting models Audit.smdl and Audit5.smdl , and uploads all reports in the acs\reports directory :
clip_image046
Open Internet Explorer and enter the following address to view the SQL Reporting Services Home page. http://<yourReportingServerName>/Reports_<InstanceName>
In my case:
clip_image048
Click Audit Reports in the body of the page and then click Details View in the upper right part of the page:
clip_image050
Go to Audit Reports:
clip_image052
And choose Manage for the Db Audit data source :
clip_image054
In the Connect Using section, select Windows Integrated Security and click Apply:
clip_image056
Check if the Audit Reports are in the console:
clip_image058
And see if the reports work :
clip_image060
Now you can start configuring ACS using AdtAdmin.exe, see:

Thursday, November 14, 2013

Extend evaluation period of Windows Server 2008 R2/2012

Here I am for you guys with a small but very useful post. Many of us are using evaluation products from (Great, Awesome & Super) Microsoft including Windows Server 2008 R2. The evaluation period is normally for 60-90 days and once it gets expired and if you are still using it then you may face charges against illegal use of the product.

However, there is an option which is given by Microsoft through which you can extend your grace period by another 60 days.

Click Start, and then click Command Prompt.
Type slmgr.vbs -dli, and then press ENTER to check the current status of your evaluation period.
To reset the evaluation period, type slmgr.vbs –rearm, and then press ENTER.
Wait for a confirmation Window to show up.
Restart the computer.
You can do it 3 times and get a total of 240 days :)

Thank you Microsoft.