How to Disable windowsServer2008IE Enhancement Mechanism?

See WindowsServer2008 Disabling IE-enhanced Mechanism Tutorial.

How to View Default DNS Under Linux?

View /etc/resolv.conffirstly. If your BCC has the right to access the public network, you can run the commandnslookup baidu.com to view it, and pay attention to the content beginning withServer:: in the output results.

How to Install .net Framework 3.5 for Windows 2012?

If you want to install .net framework 3.5, change the source of Windows Update temporarily, but do not use the source of Baidu AI Cloud.

Note: Record the original value, and then change it back after the successful installation.

1. Open the command-line prompt cmd, and then enter "gpedit.msc" to open "Group Policy".
2. Change the source of Windows Update, open "Computer Configuration" > "Management Template" > "Windows Component" > "Windows Update", and double click "Specify Intranet Microsoft Update Service Location", and then copy and save the value in "Set Intranet Update Service to Detect Update" and "Set Intranet Statistics Server".
3. Select "Not Configured", and then click "OK".
4. Enter the following command in the command-line prompt cmd to update the group policy "gpupdate".
5. Open the BCC manager to reinstall the .net framework 3.5 components. You need to download the installation file over the network during installation, which may be slow.
6. Change the source of Windows Update to the source of Baidu AI Cloud by following above step 2 and 3 after the successful installation.

What cloudbase-init Account Is Used for? Can It Be Deleted? What Is Influence After Deletion?

This account is related to the cloud platform, and deleting this account affects the management function of cloud platform. It is recommended that you do not change/delete this account, which does not exist in the Linux system.

How to Set Virtual Machine System Clock Synchronously?

The public cloud virtual machine uses the network time protocol (NTP) to synchronize the time of each virtual machine in the network. Some industries sensitive to the system time require the consistent system time to avoid the failure caused by the time error.

The following takes the public cloud Windows Server 2012 R2 system as an example to display the NTP service settings.

Time Service

The Windows operating system enables the Windows Time service by default. You can confirm whether the Windows Time service is enabled in the following ways.

1. Right click the "Start" button, and select "Run", and then enter "Services.msc" to pop up the service panel.

2. Select the "Windows Time" service from the "Service" window, and then right click "Attribute".

   

3. It should be in the Running status in the Attribute window. If not, click "Start", and then click "Apply".

Set a NTP Time Server Address

The Windows operating system uses the Microsoft NTP time server time.windows.com by default, and the Baidu public cloud virtual machine uses the NTP server ntpsr.baidubce.com built by the public cloud.

The NTP server is set as follows:

1. Right click the "Start" button, and select "Run", and then enter "gpedit.ms".
2. Select "Management Template"--> "System" –> "Windows Time Service" –> "Time Provider" in the policy manager.
3. Couble click "Configure Windows NTP Client", and select "Enabled", and then fill in ntpsr.baidubce.com for NtpServer.
4. Double click "Enable Windows NTP Client", and then select "Enabled".
5. Double click "Configure Windows NTP Client", and then select "Disabled".

Set a NTP Time Server Address Through Interface

1. Open "System Time", and then select "Change Date and Time Settings".

   

2. Select the "Internet Time" tab in the "Date and Time" window, and then select "Change Settings".

   

3. Enter the ntp server address ntpsr.baidubce.comof Baidu AI Cloud.

   

Linux NTP Service Configuration

NTP or Chrony is used for the Linux clock synchronization.

1. If NTP is used for the clock synchronization, the configuration file is located in /etc/ntp.conf:

   • Modify the server configuration, whose default configuration is server ntpsr.baidubce.com.
   • And modify /etc/ntp/step-tickers, whose default configuration is ntpsr.baidubce.com.

2. If the chrony image is used for the clock synchronization, the configuration file is located in /etc/chrony.conf:

   • Modify the server configuration, whose default configuration is server ntpsr.baidubce.com iburst.

What Is Use Rule of iptables Service in BCC Centos6 System?

Centos6 uses iptables to configure the firewall by default. This document briefly introduces the common commands of iptables firewall:

Set iptables Boot

At present, the Centos6.x series image is pre-installed with the iptables service, which is disabled by default. If you want to automatically start this service at boot, you need to run the following command:

chkconfig iptables on

Common iptables Commands

• View filter table

  	iptables -L -n --line-number

Note: If the command -t is not added, it is the filter table by default. To operate other tables, you need to add the command -t.

• View nat table iptables -t nat -vnL POSTROUTING --line-number.
• Change rules iptables -R INPUT 3 -j DROP //Change the rule 3 to DROP.

• Delete iptables rule

  	iptables -D INPUT 3  				//Delete Article 3 rule for input input
  	iptables -t nat -D POSTROUTING 1  	//  delete Ariticle 1 for postrouting in nat table. 
  	iptables -F INPUT   					// Clear  all rules of INPUT in the filter table  
  	iptables -F    						// Clear  all rules  
  	iptables -t nat -F POSTROUTING   	// Clear all rules for POSTROUTING in nat table.  

• Set default rule iptables -P INPUT DROP //Set the default result of filter table INPUT as DROP.
  service iptables save

What Is Use Rule of “firewalld” Service in BCC Centos7 System?

Centos7 is pre-installed with the firewalld service by default, and it takes the command firewall-cmd or the GUI firewall-config to manage the temporary or permanent interface rule of kernel netfilter dynamically. The rule update takes effect real time, and you do not need to restart the firewalld service.

Start firewalld Service

systemctl start firewalld

Set firewalld Boot

systemctl enable firewalld                               

View Service Status

systemctl status firewalld

Common Commands

• View the running status.

  	firewall-cmd --state

• View the activated zone.

  	firewall-cmd --get-active-zones

• View all information of specified zone.

      firewall-cmd --zone=public --list-all

• View the permanently released service.

      firewall-cmd --get-service —permanent

• Deny all packets.

       # firewall-cmd --panic-ond

• Cancel the deny status.

  	# firewall-cmd --panic-off

• View whether the service is denied?

  	$ firewall-cmd --query-panic

• Update the firewall rule and do not restart the service.

  	# firewall-cmd --reload

• Update the firewall rule and restart the service.

  	# firewall-cmd --complete-reload

• Add an interface to the specified zone, which is a public zone by default.

  	# firewall-cmd --zone=public --add-interface=eth0

  If the parameter -- permanent is not added, this rule is only a runtime rule. This rule disappears after the running of firewall-cmd --reload.

• Set the default zone. If not, it is a public zone by default. This command takes effect immediately without restarting.

      # firewall-cmd --set-default-zone=myzone

• View all open ports of specified zone.

      # firewall-cmd --zone=myzone --list-ports

• Add a port to the zone.

  	# firewall-cmd --zone=myzone --add-port=8080/tcp

  If the parameter -- permanent is not added, this rule is only a runtime rule. This rule disappears after the running of firewall-cmd --reload.

• Open a service.

      # firewall-cmd --zone=work --add-service=ssh

• Remove a service.

  	# firewall-cmd --zone=work --remove-service=ssh

You can also access the firewalld official document to query relevant commands:http://www.firewalld.org/documentation/

Overview of Ufw Service in BCC ubuntu/debian System

ubuntu/debian use the Ufw service by default. This document briefly introduces the common commands of Ufw firewall:

Ufw Boot

ufw enable

View Service Status

ufw status

Common Ufw Commands

sudo ufw allow ssh      			//Allow ssh service, that is, all external IPs can access the local 22 / tcp (ssh) port.
sudo ufw delete allow   			//ssh delete the above ssh access rule
sudo ufw allow 22 					//Allow external access to 22 ports (tcp/udp)
sudo ufw allow from 192.168.1.12    //Allow this IP to access all local ports
sudo ufw deny ssh 					//Disable external access to ssh service
sudo ufw allow 2290:2300/tcp 		//Open ports 2290 to 2300 for TCP protocol
sudo ufw reset  					//delete / reset all rules
sudo ufw status numbered  			//List all rules and their corresponding serial numbers
sudo ufw delete 1 					//Delete rule number 1.

You can also access the ufw community help documentation:https://help.ubuntu.com/community/UFW

How to Configure IIS and FTP for Windows BCC?

Install and use IIS and FTP on the Windows Server 2008 R2 and Windows 2012 systems by following the steps below:

Windows server 2008

1. Log in to BCC remotely, and then click "Start" -> "Management Tools" -> "BCC Manager".

   

2. Open "BCC Manager", Locate "Add Role", and click to pop up the "Add Role" dialog, and then select "Next".

   

3. Configure the BCC role in "Add Roles Wizard", and then select "Web Server".

   

4. Click "Next", and then select "FTP Server and FTP Admin Console" and "Application Environment". The application development is generally ASP or .NET.

   

5. Confirm the configuration of roles and features, and then click "Install".

   

6. After the successful installation, select "Start" -> "Management Tools" -> "IIS Manager".

   

7. You can see the default IIS site in the IIS management. Click "Browse Site" to open the default IIS page in the browser. IIS is installed successfully.

   

Windows server 2012

1. Log in to BCC remotely, and click "Start" -> "BCC Manager", and then select "Manage" -> "Add Roles and Features".

   

2. Enter "Add Roles and Features Wizard", and then select "BCC Roles" -> "Web Server (IIS)".

   

3. Select and install corresponding features as required, and then click "Next".

   

4. To install the role service, select the corresponding security options. The FTP Server and Management Tools options are required. Click "Next".

   

5. Click "Install", and wait for the successful installation.

   

6. After the successful installation, click "Tools" -> "IIS Manager".

   

7. Open the IIS manager, and then you can see the application pool and website, which indicates that IIS is installed on Windows2012 successfully.

   

8. To test whether above FTP server is built successfully, you can enter the public address ftp: //180.xx.xxx.xx on the browser. If the login access is supported, it indicated that the FTP server is built successfully.

How to Deal with Frequent Interruption During FTP Uploading?

You need to confirm Port or PASV is used firstly.

• If Port is used, you need to confirm that the high-end ports are enabled on the server and these ports are specified on the FTP server.
• If PASV is used, you need to locally enable relevant ports for the data exchange. However, if your network structure is restricted (such as firewall and routing restriction), it may cause the abnormal use or frequent connection interruption.
• To troubleshoot it, confirm whether your local network environment is stable and your server bandwidth is full.
• To troubleshoot it, confirm that the "Data Transmission Timeout" setting on the FTP server (i.e., BCC) is large enough. For example, when you use vsftp on Linux, you need to modify the parameter data_connection_timeout in the file /etc/vsftpd/vsftpd.conf. The operation is complex in the Windows system, see this link: http://www.iis.net/configreference/system.applicationhost/sites/sitedefaults/ftpserver/connections .

If the timeout setting is large enough, you can test the local network by following the steps described in "How to Deal with Packet Loss During Ping Website?". If you troubleshoot the local network, you need to submit a ticket to the technical personnel, and upload various outputs and results of local network test to the ticket together.