Month: May 2018

# tuned-adm list
Available profiles:
– balanced – General non-specialized tuned profile
– desktop – Optmize for the desktop use-case
– latency-performance – Optimize for deterministic performance at the cost of increased power consumption
– network-latency – Optimize for deterministic performance at the cost of increased power consumption, focused on low latency network performance
– network-throughput – Optimize for streaming network throughput. Generally only necessary on older CPUs or 40G+ networks.
– powersave – Optimize for low power consumption
– throughput-performance – Broadly applicable tuning that provides excellent performance across a variety of common server workloads. This is the default profile for RHEL7.
– virtual-guest – Optimize for running inside a virtual guest.
– virtual-host – Optimize for running KVM guests
Current active profile: virtual-guest

# tuned-adm active
Current active profile: virtual-guest

cd /usr/lib/tuned/

total 56
drwxr-xr-x. 2 root root 4096 Jul 10 2017 balanced
drwxr-xr-x. 2 root root 4096 Jul 10 2017 desktop
-rw-r–r– 1 root root 12532 Jun 17 2016 functions
drwxr-xr-x. 2 root root 4096 Jul 10 2017 latency-performance
drwxr-xr-x. 2 root root 4096 Jul 10 2017 network-latency
drwxr-xr-x. 2 root root 4096 Jul 10 2017 network-throughput
drwxr-xr-x. 2 root root 4096 Jul 10 2017 powersave
-rw-r–r– 1 root root 1288 Jun 17 2016 recommend.conf
drwxr-xr-x. 2 root root 4096 Jul 10 2017 throughput-performance
drwxr-xr-x. 2 root root 4096 Jul 10 2017 virtual-guest
drwxr-xr-x. 2 root root 4096 Jul 10 2017 virtual-host

 

 

gpresult /R

rsop.msc

 

# cat /proc/net/tcp | awk ‘{print $2}’ | cut -d’:’ -f2| awk ‘{print strtonum(“0x”$0)}’ | grep -v ^0

 

 

 

 

（LAN: 172.16.1.1）siteA (WAN:　10.125.1.1)             <=>          (WAN: 10.125.1.2)  siteB (LAN:192.168.1.1)

 

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
ip domain name lookdata.cn
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
!
!
crypto isakmp policy 1
encr aes 256
authentication pre-share
group 2
crypto isakmp key lookdata address 10.125.1.2
!
!
crypto ipsec transform-set s2s esp-3des esp-sha-hmac
!
crypto map s2s 10 ipsec-isakmp
set peer 10.125.1.2
set transform-set s2s
match address s2s
!
!
!
!
interface FastEthernet0/0
ip address 10.125.1.1 255.255.255.0
duplex auto
speed auto
crypto map s2s
!
interface FastEthernet0/1
ip address 172.16.1.1 255.255.255.0
duplex auto
speed auto
!
!
ip route 192.168.0.0 255.255.0.0 FastEthernet0/0
!
!
no ip http server
no ip http secure-server
!
ip access-list extended s2s
permit ip 172.0.0.0 0.255.255.255 192.0.0.0 0.255.255.255
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end

Incident management
Problem management
Configuration management
Change management
Release management
Capacity management
Availability management
Service-level management

================================================
Deployment planning
Deployment use cases
Deployment sizing
Performance tuning
Installation
Upgrade
System administration
Monitoring

================================================
Backup and Backup Retention Policy
Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
BYOD
Incident Communication Plan Policy (Updated to include social networks as a communication path)
Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (Includes 5 electronic forms to aid in the quick deployment of this policy)
Mobile Device Access and Use Policy
Patch Management Policy
Outsourcing Policy
Record Management, Retention, and Destruction Policy
Sensitive Information Policy (HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
Service Level Agreement (SLA) Policy Template with Metrics
Social Networking Policy
Telecommuting Policy
Travel and Off-Site Meeting Policy

1. yum install sssd authconfig
2. authconfig –enablesssd –enablesssdauth –enablelocauthorize –enablemkhomedir –update
3. vi /etc/sssd/sssd.conf
4. create security group on the domain control
5. add user into the group
6. type command visudo, add the line as below in the end of file:

%GROUPNAME   ALL=(ALL)       NOPASSWD: ALL