There are 5 separate Passwords you need to protect your Router.
1.Console - protects the Console Port
2.Auxilary - protects the AUX Port (for your modem)
3.TTY - Protects against un-authorized Telenet Port logons
4.Enable - Guards the use of the Enable Mode Super-user status.
5.Enable Secret - an Encrypted Secret form of the Above (better!)
We've done the Console already, so let's run through the rest briefly.
Just for fun, I am including text-boxes for you to write the Commands in.
Set the Auxiliary Password
Password for external modem connections
Router# (Type in the command config t)
Note that "config t" is interpreted by the Cisco IOS same as "Configure Terminal"
Most commands can be entered in abbreviated form,
and even better you can press the "Tab" key to complete commands!
This gives you the following Prompt:
Router(config)# (Type in line aux 0
which takes you down to the mode to configure "line auxiliary 0" (zero).
Now you can start using the sub-commands to configure the Aux port.
Router(config-line)# (Type in login)
Router(config-line)# ( password your-aux-password-here)
Router(config-line)# Ctrl-Z
Router#
And now your Router has a password protecting the AUX port.
Setting Passwords on the Virtual (VTY) Ports
VTY Ports are rather a special case, since they are not real ports.
In other words, you won't find a Port on the back of your Router labelled VTY.
They are what could be called "Virtual Ports" that wait patiently
for a Remote Connection, usually using Telnet, to log in.
If you don't set these, you won't be able to Telnet in to your Router.
This means every time your routers have a problem, you have to drive in to work.
Or to where-ever the routers may be hidden (like Timbuktu?).
Configuring the VTY password is very similar to doing the Console and Aux ones.
The only difference is that there are 5 VTY virtual ports,
which are named 0, 1, 2, 3, and 4 .
You can use the shortcut 0 4 (a zero, a space, and 4) to set all 5 passwords at the same time.
Router# (type in config t)
Router(config)# (type in line vty 0 4)
Router(config-line)# (type in login)
Router(config-line)# (type in password VTY-Password-here)
This concludes setting your VTY Passwords!
(you can type in Ctrl-Z to go back to plain Enable Mode)
Router(config-line)# Ctrl-Z
Router#
Setting Your "Enable" Password
The Enable is the old form of the password that guards
the Exec Command Interpreter's "Privileged Mode".
Which as we mentioned earlier is usually called "Enable Mode"
since that is the word you type in to get to it.
Usually with newer equipment you'll be using the "Enable Secret",
which is a better password because it is stored in an encrypted form.
However, it is best to also set an Enable Password
because if for some reason your computer has to boot up into an old version
of the Cisco IOS (say for problems that make it go into ROM mode, eh?)
then the "Enable Secret" won't work. But the old-fashioned "Enable" will!
By now this should be getting familiar to you,
but remember that "Repetition helps you Memorize!"
Once again start out with the Router in "Enable" (or "Prilileged") mode.
From the Command Prompt issue the Global Command configure terminal
Router# (type in config t)
Router(config)# (type in enable password your-enable-password
That's all, it's done, even easier than before!
Notice that you are Not configuring a Line here, but the whole Router!
(that's why you didn't need to type in a "line..." command)
Again you can now do a Ctrl-Z to get back to your "Router#" prompt.
Setting Your "Enable Secret" Password
The "Enable Secret" password, as mentioned above, is an advanced form
of a "one-way cryptographic secret password".
In other words, once you put in the plain text password,
the Cisco IOS takes the text and encrypts it so that no one,
not even you, can ever read it again.
This is why it is good advice Not to forget your Enable Secret Password!
The Router doesn't like the Enable Secret to be the same as the Enable. Router(config)#enable secret CISCO
The enable secret you have chosen is the same as your enable password.
This is not recommended. Re-enter the enable secret.
So let us make the Enable Secret password CISCO2 instead.
The Enable Secret takes over from the regular Enable password.
This means if you set an Enable Secret Password, your Enable one will NOT work.
So Don't Forget Your Password!
(Reminder, your Password for everything in this tutorial is CISCO)
Again, this is a simple set of commands:
Router# (type in config t)
Router(config)#
(type in enable secret your-enable-secret-password
That's really all it takes. Don't forget it!
Again do a Ctrl-Z to exit.
This will put you back at the Global Enable Mode Prompt:
Router#
Monday, March 3, 2008
3 Types of Commands
Global, Major, and Sub-command!
The Global Command "Configure" takes you down to Router (config) Mode.
The Major Command "Line select-interface takes you to Router(Config-line)
The Subcommands "login" and "password" let you configure your password.
But we are certainly not finished setting Passwords yet!
If Cisco Routers were simple easy-to-use devices,
The Global Command "Configure" takes you down to Router (config) Mode.
The Major Command "Line select-interface takes you to Router(Config-line)
The Subcommands "login" and "password" let you configure your password.
But we are certainly not finished setting Passwords yet!
If Cisco Routers were simple easy-to-use devices,
Logging Onto Your Router
You have now gotten your Router turned on.
And you should have a good connection to your Terminal Program
The very next step should be to Log On.
But since we have a brandnew Router and you've turned down the Setup Dialog
there is no Password yet,
By Default, as it comes from the factory,
a Router does not require a password on the Console Port.
If you think this would be a terrible security flaw, you are correct!
You should definitely set up Passwords for your Router as your first step!
This initial "setting of password" can only be done from the Console Port.
Anyway, you should see a Prompt that says:
Router>
This is called User Exec Mode.
As a User you are allowed to log on, look at things, and do very little else.
You can not set up Passwords as a humble "User".
To set up Passwords for your Router you need to first enter what is called:
Privileged Exec Mode
(think of this as Master Magician Mode)
To enter Privileged Exec Mode type in the word enable at the prompt.
Router> enable
Router# . . . . . . .
This changes the prompt from Router> (with an arrow)
To Router# (with a # or pound sign.)
The # means that you have entered Privileged Exec Mode
Needless to say, nearly everyone just calls it "Enable Mode" for short.
You will very seldom hear anyone call it Privileged Exec Mode.
If you want to go back to being a plain User, just type disable
Now you are Enabled, a super-user with awesome mystical powers!
Please note that you did not need to enter a password
when logging in from the Console -
Nor did you need one when changing to Privileged Exec (Enable) Mode.
So you should Immediately set Passwords so that everyone else can not
just as easily become All-Powerful Deity. This would be Bad!
Just to keep this Tutorial simple, let's use "CISCO" for all the passwords.
But wait, in order to set passwords you must be in the right Mode!
In order to configure nearly anything on a Cisco Router
you must be in Configuration Mode.
To get from Enable Mode to Configuration Mode
try typing the word configure
Router# configure
You will then see on your terminal screen the question:
"Configuring from terminal, memory, or network [terminal]?"
If you press Return (or write in the magic word "terminal")
you will be able to configure from your terminal (aka computer).
(the other two choices are fun, but for now we'll use the terminal, ok?)
This will leave you at the unusual prompt:
Router(config)#
Which means that you are in the Router (Configure) mode.
Now and only now can you start the process of configuring Passwords.
Configure is a Global Command.
To go back to our car analogy, if Cisco passwords were Keys
you'd have to be in Car(config)# mode in order to use them.
Your very next step should be to set the Password for the Console Port.
Starting from within the Router(config) mode.
You need to put in the following series of commands to create one.
Router(config)# line console 0
Router(config-line)# login
Router(config-line)# password CISCO
Router(config-line#Ctrl-Z
Please do not use CISCO as a password in real life. This is just a Demo!
Note that the Router prompt changes to Router(config-line)
when you put in the line console 0 command.
line is a major command that puts you into "sub-command" mode.
(this is where you yell "Down Periscope - Dive! Dive! Dive!)
Only in the Router(config-line)# mode can you configure individual "lines".
Also note that the Ctrl-Z (Control-Z, also written ^Z) ends your session,
and brings you back up to the Router# prompt.
And you should have a good connection to your Terminal Program
The very next step should be to Log On.
But since we have a brandnew Router and you've turned down the Setup Dialog
there is no Password yet,
By Default, as it comes from the factory,
a Router does not require a password on the Console Port.
If you think this would be a terrible security flaw, you are correct!
You should definitely set up Passwords for your Router as your first step!
This initial "setting of password" can only be done from the Console Port.
Anyway, you should see a Prompt that says:
Router>
This is called User Exec Mode.
As a User you are allowed to log on, look at things, and do very little else.
You can not set up Passwords as a humble "User".
To set up Passwords for your Router you need to first enter what is called:
Privileged Exec Mode
(think of this as Master Magician Mode)
To enter Privileged Exec Mode type in the word enable at the prompt.
Router> enable
Router# . . . . . . .
This changes the prompt from Router> (with an arrow)
To Router# (with a # or pound sign.)
The # means that you have entered Privileged Exec Mode
Needless to say, nearly everyone just calls it "Enable Mode" for short.
You will very seldom hear anyone call it Privileged Exec Mode.
If you want to go back to being a plain User, just type disable
Now you are Enabled, a super-user with awesome mystical powers!
Please note that you did not need to enter a password
when logging in from the Console -
Nor did you need one when changing to Privileged Exec (Enable) Mode.
So you should Immediately set Passwords so that everyone else can not
just as easily become All-Powerful Deity. This would be Bad!
Just to keep this Tutorial simple, let's use "CISCO" for all the passwords.
But wait, in order to set passwords you must be in the right Mode!
In order to configure nearly anything on a Cisco Router
you must be in Configuration Mode.
To get from Enable Mode to Configuration Mode
try typing the word configure
Router# configure
You will then see on your terminal screen the question:
"Configuring from terminal, memory, or network [terminal]?"
If you press Return (or write in the magic word "terminal")
you will be able to configure from your terminal (aka computer).
(the other two choices are fun, but for now we'll use the terminal, ok?)
This will leave you at the unusual prompt:
Router(config)#
Which means that you are in the Router (Configure) mode.
Now and only now can you start the process of configuring Passwords.
Configure is a Global Command.
To go back to our car analogy, if Cisco passwords were Keys
you'd have to be in Car(config)# mode in order to use them.
Your very next step should be to set the Password for the Console Port.
Starting from within the Router(config) mode.
You need to put in the following series of commands to create one.
Router(config)# line console 0
Router(config-line)# login
Router(config-line)# password CISCO
Router(config-line#Ctrl-Z
Please do not use CISCO as a password in real life. This is just a Demo!
Note that the Router prompt changes to Router(config-line)
when you put in the line console 0 command.
line is a major command that puts you into "sub-command" mode.
(this is where you yell "Down Periscope - Dive! Dive! Dive!)
Only in the Router(config-line)# mode can you configure individual "lines".
Also note that the Ctrl-Z (Control-Z, also written ^Z) ends your session,
and brings you back up to the Router# prompt.
What Happens As Your Router Boots Up
1.The "Power-On Self-Test" checks the Router Hardware.
This includes the CPU (Central Processor Unit), memory, and interfaces.
2.The "Bootstrap Program", which is stored in ROM, runs itself
3.The "Bootfield" is read to find out the proper Operating System source.
4.The "Operating System Image" is loaded into RAM. (Random Access Memory)
5.The "Configuration File" saved in NVRAM is loaded into the RAM.
The Configuration File is then executed one line at a time.
6.If no "Configuration File" is found in NVRAM,
the Cisco IOS will offer you the chance to use the "Initial Configuration Dialog".
This is a set of Questions for you to answer to do a basic configuration.
Since in our theoretical New Router there is no NVRAM configuration
This "Setup Dialog" will be one of the first things we see.
You should also start to see the following on your VT100 Terminal Program:
This includes the CPU (Central Processor Unit), memory, and interfaces.
2.The "Bootstrap Program", which is stored in ROM, runs itself
3.The "Bootfield" is read to find out the proper Operating System source.
4.The "Operating System Image" is loaded into RAM. (Random Access Memory)
5.The "Configuration File" saved in NVRAM is loaded into the RAM.
The Configuration File is then executed one line at a time.
6.If no "Configuration File" is found in NVRAM,
the Cisco IOS will offer you the chance to use the "Initial Configuration Dialog".
This is a set of Questions for you to answer to do a basic configuration.
Since in our theoretical New Router there is no NVRAM configuration
This "Setup Dialog" will be one of the first things we see.
You should also start to see the following on your VT100 Terminal Program:
Important Router Parts
1.ROM - Read Only Memory.
This is a form of permanent memory used by the Router to store:
The "Power-On Self Test" that checks the Router on boot up.
The "Bootstrap Startup Program" that gets the Router going.
A very basic form of the Cisco IOS software.
(to change the ROM you have to remove and replace chips)
2.Flash Memory
An Electronically Erasable and Re-Programmable memory chip.
The "Flash" contains the full Operating System, or "Image".
This allows you to Upgrade the OS without removing chips.
3.NVRAM - Non-Volatile RAM
This stores your Router's "Startup Configuration File".
Similar to Flash memory, this retains data even when power is lost.
4.RAM - Random Access Memory
This is regular computer memory chips.
These are the working memory of the Router,
and provide Caching, Packet Buffering, and hold Routing Tables.
The RAM is also where the Running Operating System
lives when the Router is on.
RAM loses all its data when reset or powered off.
5.Interfaces - Where the Router meets the Outside World.
Basically your Router will have Serial interfaces,
Which are mostly used to connect long-distance as in a WAN (Wide-Area Network).
You will also have LAN (Local-Area Network) Interfaces,
such as Ethernet, Token Ring, and FDDI (Fiber Distributed Data Interface)
This is a form of permanent memory used by the Router to store:
The "Power-On Self Test" that checks the Router on boot up.
The "Bootstrap Startup Program" that gets the Router going.
A very basic form of the Cisco IOS software.
(to change the ROM you have to remove and replace chips)
2.Flash Memory
An Electronically Erasable and Re-Programmable memory chip.
The "Flash" contains the full Operating System, or "Image".
This allows you to Upgrade the OS without removing chips.
3.NVRAM - Non-Volatile RAM
This stores your Router's "Startup Configuration File".
Similar to Flash memory, this retains data even when power is lost.
4.RAM - Random Access Memory
This is regular computer memory chips.
These are the working memory of the Router,
and provide Caching, Packet Buffering, and hold Routing Tables.
The RAM is also where the Running Operating System
lives when the Router is on.
RAM loses all its data when reset or powered off.
5.Interfaces - Where the Router meets the Outside World.
Basically your Router will have Serial interfaces,
Which are mostly used to connect long-distance as in a WAN (Wide-Area Network).
You will also have LAN (Local-Area Network) Interfaces,
such as Ethernet, Token Ring, and FDDI (Fiber Distributed Data Interface)
Saturday, March 1, 2008
Protocols
What is mean by Protocol?
PROTOCOL:
Is a set of "RULES" and "REGULATIONS" for sending and receiving Information on the NETWORK
1. ICMP = Internet Control Message Protocol
Use to echo
2. RIP = Routing information protocol
The Routing Information Protocol, or RIP, as it is more commonly called, is one of the most enduring of all routing protocols. RIP is also one of the more easily confused protocols because a variety of RIP-like routing protocols proliferated, some of which even used the same name! RIP and the myriad RIP-like protocols were based on the same set of algorithms that use distance vectors to mathematically compare routes to identify the best path to any given destination address.
3. IGRP = Interior gateway routing protocol
IGRP is a distance-vector routing protocol, which means that each router sends all or a portion of its routing table in a routing message update at regular intervals to each of its neighboring routers. A router chooses the best path between a source and a destination. Since each path can comprise many links, the system needs a way to compare the links in order to find the best path. A system such as RIP uses only one criteria -- hops -- to determine the best path. IGRP uses five criteria to determine the best path: the link's speed, delay, packet size, loading and reliability. Network administrators can set the weighting factors for each of these metrics.
4. ARP = Address Resolution Protocol
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. For example, in IP Version 4, the most common level of IP in use today, an address is 32 bits long. In an Ethernet local area network, however, addresses for attached devices are 48 bits long. (The physical machine address is also known as a Media Access Control or MAC address.) A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions.
5. TCP/IP =
A protocol is a set of rules or agreed upon guidelines for communication. When communicating, it is important to agree on how to do so. If one party speaks Indian and one German the communications will most likely fail. If they both agree on a single language, communications will work. On the Internet the set of communications protocols used is called TCP/IP. TCP/IP is actually a collection of various protocols that each have their own special function or purpose. These protocols have been established by international standards bodies and are used in almost all platforms and around the globe to ensure that all devices on the Internet can communicate successfully.
PROTOCOL:
Is a set of "RULES" and "REGULATIONS" for sending and receiving Information on the NETWORK
1. ICMP = Internet Control Message Protocol
Use to echo
2. RIP = Routing information protocol
The Routing Information Protocol, or RIP, as it is more commonly called, is one of the most enduring of all routing protocols. RIP is also one of the more easily confused protocols because a variety of RIP-like routing protocols proliferated, some of which even used the same name! RIP and the myriad RIP-like protocols were based on the same set of algorithms that use distance vectors to mathematically compare routes to identify the best path to any given destination address.
3. IGRP = Interior gateway routing protocol
IGRP is a distance-vector routing protocol, which means that each router sends all or a portion of its routing table in a routing message update at regular intervals to each of its neighboring routers. A router chooses the best path between a source and a destination. Since each path can comprise many links, the system needs a way to compare the links in order to find the best path. A system such as RIP uses only one criteria -- hops -- to determine the best path. IGRP uses five criteria to determine the best path: the link's speed, delay, packet size, loading and reliability. Network administrators can set the weighting factors for each of these metrics.
4. ARP = Address Resolution Protocol
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. For example, in IP Version 4, the most common level of IP in use today, an address is 32 bits long. In an Ethernet local area network, however, addresses for attached devices are 48 bits long. (The physical machine address is also known as a Media Access Control or MAC address.) A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions.
5. TCP/IP =
A protocol is a set of rules or agreed upon guidelines for communication. When communicating, it is important to agree on how to do so. If one party speaks Indian and one German the communications will most likely fail. If they both agree on a single language, communications will work. On the Internet the set of communications protocols used is called TCP/IP. TCP/IP is actually a collection of various protocols that each have their own special function or purpose. These protocols have been established by international standards bodies and are used in almost all platforms and around the globe to ensure that all devices on the Internet can communicate successfully.
Wednesday, February 27, 2008
Tuesday, February 26, 2008
Configuring the Windows Time service to use an external time source
To configure an internal time server to synchronize with an external time source follow these steps:
1.Change the server type to NTP. To do this, follow these steps:
a.Click Start, click Run, type regedit, and then click OK.
b.Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
c.In the right pane, right-click Type, and then click Modify.
d.In Edit Value, type NTP in the Value data box, and then click OK.
2.Set AnnounceFlags to 5. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
b. In the right pane, right-click AnnounceFlags, and then click Modify.
c. In Edit DWORD Value, type 5 in the Value data box, and then click OK.
3.Enable NTPServer. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer
b. In the right pane, right-click Enabled, and then click Modify.
c. In Edit DWORD Value, type 1 in the Value data box, and then click OK.
4.Specify the time sources. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer
b. In the right pane, right-click NtpServer, and then click Modify.
c. In Edit Value, type Peers in the Value data box, and then click OK.Note Peers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes made in step 5 will not take effect.
5.Select the poll interval. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
b. In the right pane, right-click SpecialPollInterval, and then click Modify.
c. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK. Note TimeInSeconds is a placeholder for the number of seconds that you want between each poll. A recommended value is 900 Decimal. This value configures the Time Server to poll every 15 minutes.
6.Configure the time correction settings. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxPosPhaseCorrection
b. In the right pane, right-click MaxPosPhaseCorrection, and then click Modify.
c. In Edit DWORD Value, click to select Decimal in the Base box.
d. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK. Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
e. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxNegPhaseCorrection
f. In the right pane, right-click MaxNegPhaseCorrection, and then click Modify.
g. In Edit DWORD Value, click to select Decimal in the Base box.
h. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK. Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
7. Quit Registry Editor.
8.At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
1.Change the server type to NTP. To do this, follow these steps:
a.Click Start, click Run, type regedit, and then click OK.
b.Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
c.In the right pane, right-click Type, and then click Modify.
d.In Edit Value, type NTP in the Value data box, and then click OK.
2.Set AnnounceFlags to 5. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
b. In the right pane, right-click AnnounceFlags, and then click Modify.
c. In Edit DWORD Value, type 5 in the Value data box, and then click OK.
3.Enable NTPServer. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer
b. In the right pane, right-click Enabled, and then click Modify.
c. In Edit DWORD Value, type 1 in the Value data box, and then click OK.
4.Specify the time sources. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer
b. In the right pane, right-click NtpServer, and then click Modify.
c. In Edit Value, type Peers in the Value data box, and then click OK.Note Peers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes made in step 5 will not take effect.
5.Select the poll interval. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
b. In the right pane, right-click SpecialPollInterval, and then click Modify.
c. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK. Note TimeInSeconds is a placeholder for the number of seconds that you want between each poll. A recommended value is 900 Decimal. This value configures the Time Server to poll every 15 minutes.
6.Configure the time correction settings. To do this, follow these steps:
a. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxPosPhaseCorrection
b. In the right pane, right-click MaxPosPhaseCorrection, and then click Modify.
c. In Edit DWORD Value, click to select Decimal in the Base box.
d. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK. Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
e. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxNegPhaseCorrection
f. In the right pane, right-click MaxNegPhaseCorrection, and then click Modify.
g. In Edit DWORD Value, click to select Decimal in the Base box.
h. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK. Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
7. Quit Registry Editor.
8.At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
Configuring the Windows Time service to use an internal hardware clock
Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
To configure the PDC master without using an external time source, change the announce flag on the PDC master. The PDC master is the server that holds the forest root PDC master role for the domain. This configuration forces the PDC master to announce itself as a reliable time source and uses the built-in complementary metal oxide semiconductor (CMOS) clock. To configure the PDC master by using an internal hardware clock, follow these steps:
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
3. In the right pane, right-click AnnounceFlags, and then click Modify.
4. In Edit DWORD Value, type A in the Value data box, and then click OK.
5. Quit Registry Editor.
6. At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
To configure the PDC master without using an external time source, change the announce flag on the PDC master. The PDC master is the server that holds the forest root PDC master role for the domain. This configuration forces the PDC master to announce itself as a reliable time source and uses the built-in complementary metal oxide semiconductor (CMOS) clock. To configure the PDC master by using an internal hardware clock, follow these steps:
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
3. In the right pane, right-click AnnounceFlags, and then click Modify.
4. In Edit DWORD Value, type A in the Value data box, and then click OK.
5. Quit Registry Editor.
6. At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
Configuring the Windows Time service to use an internal hardware clock
Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
To configure the PDC master without using an external time source, change the announce flag on the PDC master. The PDC master is the server that holds the forest root PDC master role for the domain. This configuration forces the PDC master to announce itself as a reliable time source and uses the built-in complementary metal oxide semiconductor (CMOS) clock. To configure the PDC master by using an internal hardware clock, follow these steps:
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
3. In the right pane, right-click AnnounceFlags, and then click Modify.
4. In Edit DWORD Value, type A in the Value data box, and then click OK.
5. Quit Registry Editor.
6. At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
To configure the PDC master without using an external time source, change the announce flag on the PDC master. The PDC master is the server that holds the forest root PDC master role for the domain. This configuration forces the PDC master to announce itself as a reliable time source and uses the built-in complementary metal oxide semiconductor (CMOS) clock. To configure the PDC master by using an internal hardware clock, follow these steps:
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
3. In the right pane, right-click AnnounceFlags, and then click Modify.
4. In Edit DWORD Value, type A in the Value data box, and then click OK.
5. Quit Registry Editor.
6. At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
Sunday, January 20, 2008
System Restore Script
Set IRP = getobject("winmgmts:\\।\root\default:Systemrestore" ) MYRP = IRP।createrestorepoint ("Admin Restore Point", 0, 100)
Subscribe to:
Posts (Atom)