About Me

इस साईट में शामिल हो

Thursday 28 October, 2010

कलयुग का प्रभाव

संसार में अधिकांश लोग निज स्वार्थ की बात करते हैं। यह सब कलयुग का प्रभाव है। अपनी-अपनी बात कहना दूसरे की न सुनना एक सामान्य सी बात बनती जा रही है। अच्छे से अच्छा भी स्वार्थी हो गया है। दूजे के लिए कितने दुःख झेले हैं, यह लोग भूल जाते हैं। व्यक्ति पूर्णतः स्वार्थी हो गया है। जब व्यक्ति कोई सम्बन्ध बनाता है तो बड़ी-बड़ी बातें करता है। जब सम्बन्ध पक्का हो जाता है तो थोड़ा अन्तर आ जाता है। जब सम्बन्ध विवाह में परिवर्तित हो जाता है तो कुछ और बात होती है।
     एक लड़के का विवाह हुआ। उसके घर में तंगी थी। घर वाले बोले-÷तेरे ससुराल वाले अधिक धनी हैं, तू उनसे ले ले या पत्नी को कह दे।'
     लड़का बोला-'मैंने आपको विवाह के लिए नहीं कहा था। यदि कुछ लेना था तो विवाह से पूर्व ले लेते।'
लड़के के पिता बोले-÷हमको उन्होंने कहा था। जब भी धन की आवश्यकता होगी हम देंगे।'
    लड़का बोला-'आप स्वयं ही मांग लो, मैं नहीं मांगूंगा।'
    तंगी का समय था कुछ लिख-पढ़ी हुई मगर कुछ हुआ नहीं। अब उनकी लड़की का विवाह हो चुका था। विवाह से पूर्व उन्होंने कहा होगा, लोग कहते हैं पर करते नहीं क्योंकि उनकी कथनी और करनी में अन्तर जो होता है। कई लोग कहते हैं हमें कुछ नहीं चाहिए। बाद में वे भी चाहते हैं हमें सब कुछ मिले। आज अधिकांश लोगों में परस्पर दूरी बढ़ती जा रही है।
     यह कहना तो बहुत सरल है कि मार्ग सहज है मगर चलने के बाद पता लगता है कि उस (मार्ग) पर क्या-क्या कठिनाईयां आती हैं?
     व्यक्ति मिलने पर अच्छा लगता है। अच्छा लगने से क्या होता है, उससे व्यवहार रखो तो ज्ञात होता है कि यह तो खोखला है और किसी भी काम का नहीं है। अनेक लोग की तो यह प्रवृत्ति होती है कि गलत मार्ग दिखा देते हैं। अब आप कितने परेशान होंगे उन्हें इससे कोई मतलब नहीं है। उनकी आदत तो  आपको गलत मार्ग दिखाने की थी। आजकल एक से अधिक व्यक्ति कहीं भी होते हैं तो उनमें परस्पर क्लेश होता ही है। इससे मुक्त तो व्यक्ति हो ही नहीं सकता है। यह तभी हो सकता है जब सम्बन्ध से पूर्व उसके साथ व्यवहार रखो। व्यवहार से ही अच्छे-बुरे या खरे-खोटे की पहचान होती है।
      यह सत्य है कलयुग चल रहा है। भागदौड़ से परिपूर्ण जीवन में सभी के पास समयाभाव है। वैसे भी शोपीस या दिखावे का जमाना है। सभी दोहरा व्यवहार रखते हैं। दिखाने के दांत कुछ और खाने के दांत कुछ होते हैं। संसार में विचरित व्यक्ति अन्दर से कुछ ओर और बाहर से कुछ और हैं। कहते कुछ हैं और करते कुछ हैं। कलयुगी संसार का विचित्र जीव व्यक्ति पहले प्यार करता है, सब्ज बाग दिखाता है और स्वार्थ सिद्ध हो जाने के बाद पहचानता भी नहीं है। पहले लोग चापलूसी करते हैं और जब कुछ बन जाते हैं तो फिर पहचानते ही नहीं हैं और भूले से यदि पहचान लिया तो अधिक भाव नहीं देते हैं जिससे आप स्वयं किनारा कर जाओ। शकुंतला की कथा सभी जानते हैं। उन्होंने शकुन्तला से विवाह कर लिया। जब राजा वापस महल में गए तो यह भूल गए की मेरा शकुन्तला से विवाह भी हुआ था।
     संसार के रंग निराले हैं यहां तो लोग पल-पल में रंग बदलते हैं। किसी ने किसी को कहा-'अरे! तेरे घर में आग लग गई है।' 
     यह सुनकर वह तुरन्त भागने लगता है। थोड़ा भागने पर कोई परिचित मिल जाता है और उसे पता चल जाता है कि आग उसके घर में नहीं उसके पिछले घर में लगी है। 
यह सुनकर वह दौड़ना भी बन्द कर देता है और फिर धीरे चलने लगता है। अब उसे कोई जल्दी नहीं है क्योंकि आग उसके नहीं किसी ओर के लगी है।
      संसार स्वार्थ का है, स्वार्थ हो तो गधे को भी बाप बना लेता है। जब स्वार्थ नहीं हो तो बाप को बाप और भाई को भाई भी नहीं कहेंगे। दूजों से अधिक सम्बन्ध नहीं रखना चाहिए। सम्बन्ध बनाना बहुत सरल होता है पर निभाना कठिन। सम्बन्ध बनाएं तो निभाएं वरना बनाएं ही नहीं।
      जीवन सरल ढंग से जीना चाहिए। बनावट से दूर भागना चाहिए। बनावट के कारण लोग कर्जदार बन जाते हैं क्योंकि बनावट को बनाए रखने के लिए आवश्यक धन का इन्तजाम कर्ज लेकर करते हैं। इसकी टोपी उसके सर और उसकी टोपी अगले के सर करके जीवन नहीं जिया जा सकता है। यह जान लें सरल और किफायती जीवन सुखाधार है। इच्छा बढ़ानी बहुत सरल हैं पर उनको पूरा करना अत्यन्त कठिन। इच्छाएं जितनी चाहे बढ़ा लो बढ़ जाएंगी पर उनकी पूर्ति करना सरल नहीं है। 
      जीवन स्तर उठा लेना अत्यन्त सरल है क्योंकि सभी बैंक ऋण उपलब्ध करा देते हैं और किस्त बांध देते हैं और जब किश्त चुका नहीं पाते हैं तो सभी कुछ उठाकर वे ले जाते हैं। तब अपमान का घूंट पीकर रहना पड़ता है। स्तर उठाकर उसे बनाए रखना अत्यन्त कठिन है। दिखावे में पड़कर लालसा के चक्कर में पांव उतने नहीं पसारने चाहिएं जो चादर से बाहर निकल जाएं। पावं बाहर निकल जाएं तो जग हंसाई होती है। बहुत लोग शर्म के कारण आत्महत्या करके मृत्यु को चुन लेते हैं और बहुत लोग जीवट वाले होते हैं जो स्थान बदलते रहते हैं और पुराने परिचितों से मिलते तक नहीं हैं।
      जीवन सरल और मोहहीन होकर जीएं। यह मान लें कि ना काहू से दोस्ती और न काहु से बैर। सम दृष्टि से अपनी चादर के अनुरूप सरल ढंग से जीवन जीने में ही भलाई है। सम्बन्ध बनाएं उतने जो निभाए जा सकें। मिठास के चक्कर में अधिक मीठा डालना अहितकर हो जाता है। स्तर उठाएं उतना जितनी हैसियत हो या आय हो। यह कदापि न करें कि आय कम है और व्यय अधिक कर लें। जो आवश्यक है उसे करें लेकिन उस स्तर तक करें जो आप सरलता से कर सकते हैं। अधिक करने के चक्कर में या दिखावे में यह मत भूल जाएं कि कहीं खुद ही शोपीस न बन जाएं और जग हंसाई हो।

Tuesday 26 October, 2010

माँ

ये रिस्तो की मंडी है , यहाँ भीड़ मत लगाईये , और आप भाई साहब , जरा लाइन में आईये ,
हा जी माँ आपको क्या चाहिए ?? बहु ?? मिल जाएगी , जीतनी कलूटी मिलेगी उतनी सस्ती आयेगी , क्योकि परिवार में कुलता भी वही कहलाएगी ,
सूट वाली सस्ती और साड़ी वाली महँगी आयेगी , क्योकि साड़ी में आग भी तो जल्दी लग जाएगी ,
इसके संग एक बोतल मिटटी का तेल और माचिस फ्री में मिल जाएगी .
हा जी भाई साहब आपको क्या चाहिए ?? बहन ?? मिल जाएगी , आपको राखी भी बांध जाएगी ,
जहा ब्याह दोगे वही बैठ जाएगी , और बाद में आपका नाम पता तक भूल जाएगी .
श्रीमान आपको क्या चाहिए ?? प्रेमिका ??प्रेमिका इस मार्केट में नहीं है ,
ये पल में दुसरे को चली जाती है इसलिए इस पार कोई गारंटी या वारंटी नहीं है ,
आपको क्या चाहिए ? बीवी ? ये सस्ती भी है , महँगी भी है , और एक्सचेंज ऑफर पर भी उपलब्ध है , ये आइटम रिस्की है , इसलिए टैक्स फ्री है ,
पति जैसी आइटम पर, बेलन फ्री है ,
...........................................................
आपको क्या चाहिए ???  "माँ"
जी "माँ' जैसी कोई छावं यहाँ नहीं है , इसलिए इसका कोई मोल भाव नहीं है ,
यदि आपके पास "माँ" नहीं है तो भगवन के पास जाईये , और दूसरा जनम ले के आईये ,
यदि आपकी किस्मत आप पर रहम खाएगी , तो अगले जन्म में आपको "माँ" जरुर मिल जाएगी ,
जरुर मिल जाएगी .

जीवन का रहस्य

एक मुर्ख ने दुसरे मुर्ख से कहा :-
अगर तुम यह बता दो की मेरी झोली  में  क्या है  ?
तो सारे अंडे (eggs) तुम्हारे.
और, अगर तुम यह बता दो की गिनती में कितने है ?
तो 8 के 8 अंडे (eggs) तुम्हारे.
और अगर तुमने यह भी बता दिया की किस जानवर के है ?
तो मुर्गी भी तुम्हारी....

दुसरे मुर्ख ने कहा :-
यार !
कुछ हेल्प करो,
बहुत ही जटिल  प्रशन  है.....

SO THE MORAL IS:-
हमारी जिन्दगी के हर सवाल के जवाब भी हमारी जिन्दगी में छिपे है, 
फिर  भी हम समझ नहीं पाते....

Family of क्रोध

क्रोध का अपना पूरा खानदान है ... क्रोध की एक लाडली बहन है -"जिद्द" वह हमेशा क्रोध के साथ साथ रहती है..क्रोध की पत्नी है "हिंसा" वह पीछे छिपी रहती है पर कभी कभी आवाज़ सुनकर बाहर आ जाती है...क्रोध के बड़े भाई का नाम है "अहंकार"..क्रोध का बाप भी है जिससे वह डरता है उसका नाम है "भय".... "निंदा" और "चुगली" क्रोध की बेटीयां है एक मुह के पास रहेगी और दूसरी कान के पास "बैर" बेटा है ...."इर्ष्या" इस खानदान की नकचढ़ी "बहु" है ...."घृणा" इस परिवारी की "पोती" है घृणा हमेशा नाक के पास रहती है ...नाक भौं सिकोड़ना इसका काम है और इसकी एक माँ है उसका नाम है "उपेक्षा"....

स्वर्ग मेरी मुट्ठी me ho iske liye हme क्या krna Hoga ?

MAI KAHTA HU:-
Kuchh mat kro...............bas itna kro..............
Dimaag ko "thandha" rakho.
Jeb ko "garam" rakho.
Aankho me "sharam" rakho.
Jubaan ko "naram" rakho. aur
Dil me "raham" rakho.

Agr tum aisa kr sako to phir tumhe kisi swarg tak jaane ki jarurat nahi hai. Swarg khud tumtak chalkr aayega.

vidambna yahi hai ki hm swarg to chahte hai, magar swargwaasi hona nahi chahte.


Friday 22 October, 2010

अथ श्री नेताय नमः

 ye kavita mere dwara nahi likhi gai hai..

मैं नेता हू
कभी हाथ में लालटेन लिए
कभी साईकिल की सवारी करते
तो कभी ......
कमल -फूल का झंडा
लहराते मैं मिल जाउगा ॥

नेता बनाने के लिए
कड़ी पढाई से गुजरना होता है ॥
अनिवार्य विषय है ...
" जनता के वोट कैसे बटोरे""मंत्री पद हथियाने के तौर -तरीके "
और
"विपक्छी पार्टी को पटकनी -कब और कैसे "
अतिरिक्त विषय है ....
गठबंधन - कब ,कैसे और क्यों

मैं नत मस्तक हू
आंबेडकर साहब का
एक तो कोई उम्र सीमा तय नहीं की
दूसरा अनिवार्य योग्यता तय नहीं की ॥

जैसे विद्यार्थियों के ग्रेड होते है ....
हम नेताओ के भी ग्रेड है
ए ग्रेड -दिल्ली तक पहुँच वाले
बी ग्रेड -राज्य की राजधानी में घुमने वाले
सी ग्रेड -जिला मुख्यालय में टहलनेवाले
डी ग्रेड -प्रखंड मुखाय्लय तक की हैसियत वाले ॥

प्रोमोशंन के चांस है
आपसी लेग पुलिंग के ज़रिये ॥

बॉलीवुड में देखिये
सभी स्टार के लड़के
हीरो में चल रहे है ॥

डोक्टर अपने लड़के को
डोक्टर बनाना चाहता है
इनजीनियर भी ऐसा ही चाहते है

मुझे तकलीफ होती है
मीडीयावाले वंशवाद का नारा देते है
जब अपने लड़के को टिकट देता हू

एक राज की बात बताता हू
अपने तक सीमित रखियेगा
मैं ५ साल में
उतना कमा लेना चाहता हू
जितना ६० साल में रिटायर होने तक
एक नौकरशाह कमा लेता है ॥

मैं तो एक मोहर हू
गलती हो जाए ...
सजा नहीं होती
नौकरशाहों के कंधे पर
बन्दुक रखकर निशाना साधता हू ॥
हमलोग चोर -चोर मौसेरे भाई है ॥

मेरा प्रिय काम
शिलान्यास करना
उद्घाटन करना ....
पुल का /रोड का /मकान का
और , अपने कोटे के पैसे का
बंदरबाट करना ॥

सभा -गोष्ठी में
ज्यादा शिरकत नहीं करता
फीता काटता हू
लौट जाता हू
पढ़े -लिखे लोग
मुझे घेरना चाहते है
प्रशन पूछकर...
उत्तर न आने पर
"नो कमेन्ट "...कह
मैं भी निकल जाता हू ॥

अपने सहयोगी की बातों
और एंटी पार्टी की हर बात में
मुझे राजनीती नज़र आती है ॥

आप कविता / कहानी /हास्य
कुछ भी लिखें ...
मुझे कोई फर्क नहीं पड़ता
वैसे भी मैं ...
कुत्ते की पूंछ हू ॥ मैं नेता हू
कभी हाथ में लालटेन लिए
कभी साईकिल की सवारी करते
तो कभी ......
कमल -फूल का झंडा
लहराते मैं मिल जाउगा ॥

नेता बनाने के लिए
कड़ी पढाई से गुजरना होता है ॥
अनिवार्य विषय है ...
" जनता के वोट कैसे बटोरे""मंत्री पद हथियाने के तौर -तरीके "
और
"विपक्छी पार्टी को पटकनी -कब और कैसे "
अतिरिक्त विषय है ....
गठबंधन - कब ,कैसे और क्यों

मैं नत मस्तक हू
आंबेडकर साहब का
एक तो कोई उम्र सीमा तय नहीं की
दूसरा अनिवार्य योग्यता तय नहीं की ॥

जैसे विद्यार्थियों के ग्रेड होते है ....
हम नेताओ के भी ग्रेड है
ए ग्रेड -दिल्ली तक पहुँच वाले
बी ग्रेड -राज्य की राजधानी में घुमने वाले
सी ग्रेड -जिला मुख्यालय में टहलनेवाले
डी ग्रेड -प्रखंड मुखाय्लय तक की हैसियत वाले ॥

प्रोमोशंन के चांस है
आपसी लेग पुलिंग के ज़रिये ॥

बॉलीवुड में देखिये
सभी स्टार के लड़के
हीरो में चल रहे है ॥

डोक्टर अपने लड़के को
डोक्टर बनाना चाहता है
इनजीनियर भी ऐसा ही चाहते है

मुझे तकलीफ होती है
मीडीयावाले वंशवाद का नारा देते है
जब अपने लड़के को टिकट देता हू

एक राज की बात बताता हू
अपने तक सीमित रखियेगा
मैं ५ साल में
उतना कमा लेना चाहता हू
जितना ६० साल में रिटायर होने तक
एक नौकरशाह कमा लेता है ॥

मैं तो एक मोहर हू
गलती हो जाए ...
सजा नहीं होती
नौकरशाहों के कंधे पर
बन्दुक रखकर निशाना साधता हू ॥
हमलोग चोर -चोर मौसेरे भाई है ॥

मेरा प्रिय काम
शिलान्यास करना
उद्घाटन करना ....
पुल का /रोड का /मकान का
और , अपने कोटे के पैसे का
बंदरबाट करना ॥

सभा -गोष्ठी में
ज्यादा शिरकत नहीं करता
फीता काटता हू
लौट जाता हू
पढ़े -लिखे लोग
मुझे घेरना चाहते है
प्रशन पूछकर...
उत्तर न आने पर
"नो कमेन्ट "...कह
मैं भी निकल जाता हू ॥

अपने सहयोगी की बातों
और एंटी पार्टी की हर बात में
मुझे राजनीती नज़र आती है ॥

आप कविता / कहानी /हास्य
कुछ भी लिखें ...
मुझे कोई फर्क नहीं पड़ता
वैसे भी मैं ...
कुत्ते की पूंछ हू ॥

Thursday 21 October, 2010

Kya Dialog Hai !

I was watching the AFI 100 best quotes in Hollywood and I realize that the Hindi film industry or Bollywood as everybody likes to call it also has some great quotes even though everyone might argue about the most repeated one.  Hindi Movies has many good dialogs. I tried to remember many of them and I am sure I have forgotten many. You may agree with the list. I have created a page for the dialogs. Please update the comments ob that page and I will keep on updating in the permanent page or mail me at ghostrav@gmail.com
Listing some of the greatest movie quotes from the Hindi Film Industry in no particular order.
Don ka intezar to baara mulko ki police kar rahi hai. Lekin Don ko pakadna muskhil he nahi, namumkin bhi hai
- Amitabh Bachchan, Don (1978)

Mujhe iske Jootho ka style pasand nahi aaya
- Amitabh Bachchan, Don (1978)

Chain quli ki main quli ki chain
- Amitabh Bachchan and others, Satte Pe Satta (1982)

Basanti, In kutto ke samne mat nachna
-Dharmendra, Sholay (1975)

Mogamo Khush hua
- Amrish Puri, Mr. India (1987)

Yeh haath Mujhe de de thakur
- Amjad Khan, Sholay (1975)

Jab tak bhetne ko na kaha jaye, khade raho! Yeh Police station hai Tumhare baap ka ghar nahi!
- Amitabh Bachchan, Zanjeer (1973)

Zindagi aur maut uparwale ke haath hai jahanpana, jise na aap badal sakte hai na mein. hum sab toh rangmanch ki katputlia hai, jiski door uparwale ke haath bandhi hai. Kan, Kaun, kaise uthega, yeh koi Nahi janta.
- Rajesh Khanna, Anand (1970)

Yeh bhi toh nahi keh sakta, ki meri umar tujhe lag jaye!
-Rajesh Khanna, Anand (1970)

Koi mar gaya kya?
Akshaye Khanna, Dil Chahta Hai (2001)

Kitne aadmi the?
- Amjad Khan, Sholay (1975)

Kaun Kambakht Bardasht karne ke liye peeta hai…
-Shahrukh Khan, Devdas (2002)

Kaun?
-Urmila Matondkar, Kaun? (1999)

Jab gaaon main bachchha rota hain,to uski maa kahti hai ki beta soja soja warna crime master gogo aa jayega..
Aamir Khan, Andaz Apna Apna (1994)

Itna sannata kyon hai bhai?
A K Hangal, Sholay (1975)

Jhakasssssss
- Anil Kapoor, Yudh (1985)

Mein to unko taab se janti hu jaab se Mein panch saal ki thi!!
-Sridevi, Lamhe (1991)

Rishtey main to hum tumharey baap lagtey hain, Naam hai Shenshah
Amitabh Bachchan, Shahenshah (1988)

Phata Poshter…. Nikla HERO!!!
- Naseerudin Shah, Hero Hiralal (1988)

Humaara naam Soorma Bhoopali aise nahin hai!!!
- Jagdeep, Sholay (1975)

Do rupaye main kya saara jungle kareedoge?
- Jagdeep, Sholay (1975)

Mumbai ka bhai kaun?
- Manoj Bajpai, Satya (1998)

Na koi maarta hai, na koi marta hai
- Manoj Bajpai, Aks (2001)

Main tumhe chand dikha raha hoo aur tum mere ungli ki galti nikal rahi ho
- Sanjay Dutt, Khoobsurat (1999)

Tumhara naam kya hai basanti?
- Amitabh Bachchan, Sholay (1975)

Mein chota sa, pyara sa, nanha sa, baccha hoon
- Shakti kapoor, Chaalbaaz (1989)

Police officer, you are a foolish officer
- Utpal Dutt, Golmaal (1979)

Bewkoof aur c**tiye mein dhage bhar ke pharak hota hega bhaiya dhaage kahenge bewkoof par honge chutoye. aur jo dhaaga hainch do, to kaun hai bewkoof, kaun chu**** , karod rupe ka prashan hai bhaiya….”
-Saif Ali Khan, Omkara (2006)

Sarat ghodo par lagate hai kathor, shero par nahi
- Ajay Devgan, Omkara (2006)

Yaadi yaadhi bailgaadi
-Saif Ali Khan, Omkara (2006)

Maamu let ja teri toh vaat lag gayi
Boman Irani, Munnabhai, M.B.B.S (2003)

Yeh bacchhon ke khelne ki cheez nahi, haath kat jaaye toh khoon nikal aata hai
- Raj Kumar, Waqt (1965)

Thakur to ggggiyo
- Ashok Sharaf, Karan Arjun (1995)

Maa main aa gaya
-Hrithik Roshan, Koi….Mil Gaya (2003)

Hawa tez hai Dinkar Rao.. Topi sambhalo, nahin to udd jayega
-Amitabh Bachchan, Agneepath (1990)

Naam:Vijay deenanath chauhan..Poora naam, baap ka naam:deena nath chauhan, maa ka naam, suhasini chauhan
- Amitabh Bachchan, Agneepath (1990)

daru pine se liwar kharab ho jaata hai..
- Amitabh Bachchan, Satte pe Satta (1982)

Duniya main do type ke kide hote hai..
- Amitabh Bachchan, Hum (1991)

Pyari nahi bahut sari baatein karti hai!!!!
- Amitabh Bachchan, Sholay (1975)

Yeh Ramgadh walen apni ladkiyon ko kaunse chakki ka aata khilate hai?
Amjad Khan, Sholay (1975)

Yeh dhai kilo ka haath jab kisi pe padta hai toh who uththa nahi uth jaata hai
- Sunny Deol, Damini

Tarikh Pe tarikh
- Sunny Deol, Damini (1993)

Agar koi mere ek gaal par thapad maare toh doosra gaal aage karne ke liye main Gandiji itna mahaan nahi hoo
- Nagarjun, Shiva (1989)

Chal Dhano! Aaj teri Basanti ki izzhat ka saawal hai
- Hema Malini, Sholay (1975)

Babumoshaiiiiii……
- Rajesh Khanna, Anand (1970)

Dikhaaee naheen deta? to kahaan rehta hai? ye aajkal apna malhotra bhi dikhaaee naheen deta.. kahaan rehta hai vo? dikhaaee de to mere paas bhejna..
Anu Kapoor, Mr. India (1987)

Mere paas maa hai
Shashi Kapoor, Deewar (1975)

Hum jahan par khade hote hai, Line wahan se suru hoti hai
- Amitabh Bachchan, Kaalia (1981)

Arre sir kya baat kar rahe hain aap? hamaara akhbaar to ek chhoti si family hai.. main kaise seema ko nikaal sakta hoon.. vo to bas jab isne kaha ki aap dikhaaee naheen dete to……… lekin ab jab maine aapko dekha.. mera matlab hai naheen dekha…. to… dekha na.. ki naheen dekh sakte….
- Anu Kapoor, Mr. India (1987)

Balmaaaa
Shakti Kapoor, Chalbaaz (1989)

Ki..ki…ki…Kiran
-Shahrukh Khan, Darr (1993)

Mooche ho to Nathulal jaise ho….warna na ho
- Amitabh Bachchan, Sharaabi (1984)

Dosti ki hai – nibhani toh padegi
- Salman Khan, Maine Pyar Kiya (1989)

Sara saher mujhe loin ke naam se jaanta hai
Ajit, Kalicharan (1976)

Aaisa he hoo main..
Ajay Devgan, Pyar toh Hona he tha (1998)

Thoda TV ko dekhne, Thoda Biwi ko dekhne ka
- Kunal Vijaykar, Ab Tak Chappan (2004)

Gaaaaaang!!
-Sanjeev Kumar, Angoor (1982)

Kaunsa labz?
Paresh rawal. Hera Pheri (2000)

Preetam aan milo
Sanjeev Kumar. Angoor (1982)

Bada footage kha rahee hai Bus
- Sanjeev Kumar, Angoor (1982)

Ek macchar aadmi ko hijda bana deti hai
- Nana Patekar, Yashwant (1997)

Main janta hoo aapko sahare ki jaroorat nahi, main toh sirf saath dene aaya hoo
- Priyanshu Chatterjee, Tum Bin (2001)

Jhooth nahi pasand mujhe. Kahan tha tumse
- Ajay Devgan, Hum Dil De Chuke Sanam (1999)

Aaj Khush toh bahut honge tum?
- Amitabh Bachchan, Deewar (1975)

Mere pitaji kehte the ki kurta toh sharir ke uprardh ki lajja nivaran ke liye hota hai
- Amol Palekar, Golmal (1979)

eeeeeeeeeeeeeeeeeeish!!!!
- Utpal Dutt, Golmal (1979)

Pyar karti hai mujhe?
- Abhay Deol, Ahista Ahista (2007)

Mujhe dosti karoge
- Dimple Kapadia, Bobby (1973)

Dibba!!!!
- Dimple Kapadia, Bobby (1973)

Aap ke paon dekhe, bahut haseen hai. Inhe zameen par mat utariyega  maile ho jayenge
–Raj Kumar,  Pakeezah (1972)

Pehle us aadmi ka sign leke aao jisne mere haath par yeh likh diya
- Amitabh Bachchan, Deewar (1973)

Mere paas maa hai!!!
- Shashi Kapoor, Deewar (1973)

Bade Bade desho main choti choti baatein hoti rehti hai
-Shahrukh Khan, Dilwale Dulhaniya Le jayenge (1995)

machli?? woh me kha gaya……mast tel me fry karke kha gaya…..cha mai la!!
- Paresh Rawal, Hera Pheri (2000)
Tumhare filmon mein bahut saare take hote hain, ek take nahin to doosra sahi, lekin zindagi ke is khel mein humein sirf ek take milta hai aur us take mein galti hui, to zindagi maut ke saamne ghutne tek deti hai!!
- Akhay Kumar, Main Khiladi Tu anari (1994)

Marathi manus Jaaga ho
-Paresh Rawal, Hera Pheri (2000)

Pyar sirf ek bar hota hai aur shaadhi bhi ekhi baar hota hai
-Shahrukh Khan, Kuch Kuch Hota Hai (1998)

Bol Diya?
- Arbaaz Khan, Pyar Kiya toh darna kya (1998)

yeah zulfe hai tumhari, ya hai resham ka jaal ….khushnasib hai wo ….khushnasib hai wo chuhe ..jinhone katre tumhare baal …..
- Laxmikant Berde, Maine Pyar Kiya (1989)

Aaj tak tum bolte aaye aur mein sunta aaya..aaaj…mein boloonga aur tum sunoge!
- Amitabh Bachchan, Anand (1971)

hai bhagwan…utta le re utta le…………….mereko nahi!! iin dono ko ..re baba!
-Paresh Rawal, Hera Pheri (2000)

Saab, aap bahut maara apun ko, par main jo ek maara, solid laga ki nahi!?
- Amitabh Bachchan, Amar Akbar Anthony (1977)

To tumhe kya lagta hai, mai is takiye pe roz baitha hoo
- Saif Ali Khan, Dil Chahta Hai (2001)

pushpa..yeh aansu poch dalo.. I hate tears
- Rajesh Khanna, Amar Prem (1971)

mere mann ko bhaya maine kutta kkat ke khaya
- Mukesh Tiwari, China Gate (1998)

babuji na kahan gao chodo, sab ne kaha ke paro ko chodo, paro ne kahan sharab chodo, ab tum kehe rahin ho ki is haweli ko chodo, hmm ek din ayega jab sub kahengi ki bus yeh duniya hi chodo.
- Shahrukh Khan, Devdas (2002)

Monday 18 October, 2010

क्या हम आधुनिकता के इस दौर में अपने रीती रिवाज को भूल गए है.....

क्यों आज हमारी युवा पीड़ी खोती जा रही है अपने नैतिक मूल्य? इस विषय पर अक्सर बहुत बार चर्चा सुनने को मिलती है, टी वी   न्यूज़ चैनल्स के माध्यम से और समाचार पत्रों के माध्यम से. अगर हम अपने परिवार को लेकर आगे बढें, अपने आस पड़ोस को लेकर आगे बढ़ें तो हम भी इस बात से जरूर इतेफाक रखेंगे कि आज की जो हमारी युवा पीड़ी है और जो युवा पीड़ी आ रही है, उसमे जरूर कही न कहीं नैतिक मूल्यों की कमी नजर आती है, जैसे नैतिक मूल्य हमारे पूर्वजों के थे, हमारे माता पिता के थे. ये जो आज की पीड़ी है जिसमे मैं भी आता हूँ जरूर कही न कही हम अपना नैतिक मूल्य खोते जा रहे है और ये दर नित प्रतिदिन बढती जा रही है. जो संस्कार हमारे पूर्वजों के थे वो संस्कार हम अपनी नई पीड़ी को देने में कामयाब नही हो पा रहे है और मेरी नजर में इसके दोषी भी हम ख़ुद है, हमारा परिवार है, हमारे माँ बाप है.

अगर मैं अपनी उम्र की युवा पीड़ी को उद्दहरण के तोर पर लेकर आगे बड़ों तो बचपन मैं दादा-दादियों द्वारा हमको अच्छी अच्छी कहानियाँ सुनने को मिलती थी. कहते है कि जब बच्चा छोटा होता है तो उस समय उसका मस्तिष्क बिल्कुल शून्य होता है, आप उसको जैसे संस्कार और शिक्षा देंगे वो उसी राह पर आगे बढता है. अगर बाल्यकाल में बच्चे को ये शिक्षा दी जाती है कि बेटा चोरी करना बुरा काम है तो वो चोरी करने से पहले सो बार सोचेगा, क्योंकि उसको शिक्षा मिली हुई है कि चोरी करना बुरी बात है. बाल्यकाल में बच्चे को संस्कारित करने में घर के बुजुर्गों का, माता पिता का बहुत बड़ा हाथ होता है. जैसे मैंने कहा कि जब छोटे थे और गाँव के बुजुर्ग दादा-दादियों की संगत में कुछ पल ब्यतीत करते थे, तो वो हमको बहुत कुछ अच्छी अच्छी कहानियाँ सुनाया करते थे जिसका कुछ न कुछ प्रभाव हमारे मन मस्तिष्क पर पड़ता था, उनमे से कुछ कहानिया प्रेरणादायी होती थी, कुछ परोपकारी होती थी, कुछ जीवों पर दया करने वाली होती थी, कुछ देवी देवितोँ की होती थी और कुछ क्षेत्रीय कहानिया होती थी और सबका उद्देश्य हमारे अन्दर अच्छे संस्कारों को डालने का होता था और जो कि हमें संस्कारित बनाए रखने में आज भी बहुत मदद करते है. आज भी यदि हमारे कदम अपने पथ से विचलित होने का प्रयास करते है तो वो पुरानी कही हुई बातें याद आज जाती है और जो हमें फ़िर से सही पथ पर ले जाने का प्रयास करती है.

मैंने किसी प्रत्रिका मैं पढ़ा था कि किसी ५ साल के बच्चे से किसी सम्मानीय ब्यक्ति ने दुर्गा माँ की फोटो की ओर इशारा करते हुए पूछा बेटा ये कोन है तो बच्चे का जवाब था लोयन वाली औरत, जो इस लोयन के ऊपर बैठी है, किसी दूसरे सम्मानीय ब्यक्ति ने गणेश भगवान् के बारे में पूछा तो बच्चा गणेश जी को.Elephannt God.संबोधित करते हुए पाया गया. अब बताओ इसमे उस बच्चे का कसूर ही क्या है? जब कभी भी उस परिवार के सदस्य ने उसको ये बताने की कोशिश नही की कि बेटा ये दुर्गा माता है जिनका वहां शेर है या ये गणेश भगवान् जी है जिनका मुह हाथी की सूंड जैसा होता है तो उसको कैसे पता चलता?

जब हम छोटे थे तो हमारे पास एक नैतिक शिक्षा की किताब होती थी जिनमे कि बहुत अच्छी अच्छी कहानिया होती थी जिनको पड़कर बहुत आनंद आता था और एक बार मन में उन जैसा बनने की तीव्र इच्छा होती थी, लेकिन शायद आजकल उस नैतिक शिक्षा की किताब का अर्थ ही बदल गया है, उसका कोई महत्व ही नही रह गया है. मुझे तो लग रहा है कि शायद आज वो नैतिक शिक्षा की किताब स्कूलों से गायब भी हो चुकी होगी.

आज आपके घरों में दुनिया भर की कोमिक्स का ढेर मिल जाएगा, कंप्यूटर गेम्स की दुनिया भर की सी डी मिल जाएँगी, फिल्मी गानों की दुनिया भर की कैसेट आपके बच्चे के कमरे में मिल जायेगी लेकिन सरदार भगत सिंह, महात्मा गांधी, स्वामी विवेकानंद आदि मनीषियों की प्रेरणा श्रोत कहानियो की किताब आपके बच्चे के स्कूल बैग से नदारद मिलेगी और यहाँ तक कि आप भी ये कोशिश कभी नही करेंगे कि आप अपने बच्चे को ऐसी किताबें खरीद कर लायें. पहले यदि हमारे माँ बाप ऐसी किताबें नही भी खरीदा करते थे तो इसकी कमी हमारे दादा-दादी और बुजुर्ग पूरा कर देते थे, लेकिन आज हमारे बुरुगों की क्या स्तिथि है ये हम सब लोग जानते है. आज हर माँ बाप की ये कोशिश रहती है कि उनके बच्चे उनके दादा-दादी से दूर रहे, यदि कभी दादा दादी ने बच्चे को डांटने की हिमाकत भी कर ली तो उल्टा उनको उसकी कीमत भी चुकानी पड़ती है.

शायद ही अब किसी बच्चे को वो दादा दादी की कहानिया सुनने को मिलती होंगी, वो लोरी वो गीत सुनने को मिलते होंगे और शायद न ही कोई माँ बाप के पास इतना समय है कि वो अपने बच्चे को संस्कारित होने के संस्कार दे सकें. आज महात्मा गांधी, भगत सिंह, विवेकनन्द, लाल बहादुर शास्त्री  केवल या तो उनके जन्म दिवस के मोके पर ही याद किए जाते है या उनके निर्वाण दिवस पर, आज वो हमारे घरों से नदारद है, हमारे दादा-दादियों की कहानियो से नदारद है, हमारे माँ बाप की जुबान से  बहुत दूर है, हमारे आस से दूर है और हमारे पड़ोस से दूर है. तो कैसे हम ये आशा कर सकते है कि हमारे बच्चों से अच्छे संस्कार आयें? अच्छे संस्कार देने के लिए हमारे पास तो समय नही है, जो उनको अच्छे संस्कार दे सकते थे उनको तो उपेक्षित किया जाता है, जिन पुस्तकों को पढने से उनको संस्कारित किया जा सकता है उनका स्थान कोमिक्स, खिलोने और कोम्प्टर गेम्स ने ले लिया है, तो कैसे हम ये आश कर सकते है.

इसके बारे में हमको ख़ुद सोचना चाहिए क्योंकि कल हमें भी किसी का माँ / बाप और दादा/दादी  बनना है. हम ये निश्चय करते है कि हमारी संतान किस दिशा में जा रही है और हम उनको क्या संस्कार दे रहे है. इसका और कोई जिम्मेदार नही है, केवल हम ही है.

Saturday 16 October, 2010

Na Ye Chemistry Hoti , Na Mein Student Hota ............ .

Na Ye Chemistry Hoti , Na Mein Student Hota ............ .


Na Ye Lab. Hoti Na Ye Accident Hota


Abhi Practical Mein Aaye Nazar Ek Ladki


Sundar Thi Naak Uski Test Tube Jaisi


Baton Mein Uski Glucose Ki Mithas Thi


Sanson Mein Ester Ki Khushbu Bhi Sath Thi


Aankhon Se Jhalakta Tha Kuch Is Taranh Ka Pyaar


Bin Piye Hi Ho Jata Tha Alcohol Ka Khumar


Benzene Sa Hota Tha Uski Presence Ka Ehsas


Andhere Mein Hota Tha Radium Ka Abhas


Nazrein Mileen, Reaction Hua


Kuch Is Taranh Love Ka Production Hua


Lagne Lage Us Ke Ghar Ke Chakkar Aise


Nucleus Ke Charon Taraf Electron Hon Jaise


Us Din Hamare Test Ka Confirmation Hua


Jab Uske Daddy Se Hamara Introduction Hua


Sun Kar Hamari Baat Woh Aise Uchal Pade


Ignesium Tube Mein Jaise Sodium Bhadak Uthe


Woh Bole, Hosh Mein Aao, Pahchano Apni Auqat


Iron Mil Nahin Sakta Kabhi Gold Ke Sath


Ye Sum Kar Tuta Hamare Armanon Bhara Beaker


Aur Hum Chup Rahe Benzaldehyde Ka Kadwa Ghoont Pi Kar


Ab Us Ki Yaadon Ke Siwa Hamara Kam Chalta Na Tha


Aur Lab Mein Hamare Dil Ke Siva Kuch Aur Jalta Na Tha


Zindagi Ho Gayee Unsaturated Hydrocarbon Ki Taranh


Aur Hum Phirte Hain Awara Hydrogen Ki Tarah...

Thursday 14 October, 2010

poems....

फूल मुझे पसंद नहीं,
मै कांटो का दीवाना हू!
मै जलने वाली आग नहीं,
जल जाने वाला परवना हु!
ख्वाब मुझे पसंद नहीं,
मै हकीकत का आशियाना हु!
मै मीटने वाली हसरत नहीं,
जीने वाला अफसाना हु!
मै थमने वाला वक़्त नहीं,
न छु पाने वाला कीनारा हु!
मै रूकने वाली सांस नहीं,
सदा दील मे धडकने वाला सहारा हु!..
नीगाहे बचाकर जो चलते है हमसे ,
कभी उनको हमसे मोहोब्बत हुई थी
जो महबूब से अजनबी हो गए है
कभी उनको हमसे मोहोब्बत हुई थी.



एक आम आदमी की व्यथा
अजब महंगाई की गज़ब परेशानी
न दाना , न बिजली, न पानी
दैनिक वस्तुओं से दूर हुआ आम आदमी
वैट लगाएगा लोगों का वाट
पहले जैसी अब नहीं रहेगी ठाठ
टूट गई आम आदमी की कमर महंगाई से
नेताओ ने भी खड़े किये हाथ बड़ी रुसवाई से
क्योंकि
अब नेता भी कहने लगे हैं I am not astrologer
देख लो लोकतंत्र का कैसा हैं ये मंजर

Wednesday 13 October, 2010

जीवन का सत्य क्या हे

खुश रहने के आ़ठ तरीके 
1. जीवन तभी बदल जाता है जब आप बदलते हैं। न हो तो करके देखें। 
2. मन व मस्तिष्क सबसे बड़ी संपत्ति है, इसे मान लेंगे तो खुश रहेंगे आप। 
3. किसी की भी आत्मछवि जो उसने खुद बनाई होती है उसके खुश रहने के लिए बहुत महत्वपूर्ण होती है। अपनी छवि ऐसी बनाएं जो आपको हताश-निराश न करके खुशियां दे। 
4. सम्मान करना व क्षमा करना सीखें व खुश रहें।
5. जैसा सोचेंगे वैसे ही बनेंगे आप। अगर गरीबी के बारे में सोचेंगे तो गरीब रहेंगे और अमीरी के बारे में सोचेंगे तो अमीर रहेंगे। 
6. असफलता आती और जाती है यह सोचें और खुश रहने की कोशिश करें। 
7. जितने भी आशीर्वाद आपको मिले हैं आज तक, उनकी गिनती करें, उन्हें याद करके खुश रहें।
8. यदि आप पूरे जीवन की खुशी चाहते हैं चाहते हैं तो काम से प्यार करना सीखें।




                                                                                                      RAVI

जीवन का सत्य

दुःख आते हैं आने दो सुख जाते हैं जाने दो,
दुःख में दुखी होने नहीं मुश्किलों में देखो रोना नहीं,
जीवन की इस दरिया में नईया अपनी डुबोना नहीं।
सुख-दुःख जिसका नहीं भरोसा, आता सबके जीवन में
पंखुडियों का क्या है भरोसा चार दिनों का देंगीं साथ,
पर काँटों पर करो भरोसा जीवन भर जो रहेंगी साथ।
तुमको किनारा मिल जाएगा परम सहारा मिल जाएगा,
तुने किया जो इनपर भरोसा असंभव् भी संभव हो जाएगा।
सुखी लोग तो रह जाते हैं बिसर प्रभु के सुमिरन से,
दुःख एक ऐसा मार्ग है जिसपर चलकर ही सुख पाते हें
नयी-निराली बात नहीं यह, एक सच है बस जीवन का।
आज नहीं पहले ही सही एक दिल ने मेरे बात कही,
'मत करना भरोसा इस दुनिया पर जो देगी तेरा साथ नहीं
आत्मविश्वास तुम्हारा हो और धयान रहे बस मंजिल का।
अस्त होते सूरज से मैंने छोटा सा एक किया सवाल,
उगते हुए चाँद से फ़रमाया फ़िर दिल का हाल ,
मुझे क्यों भेजा इस दुनिया में जिसपर न कर सकूँ भरोसा ?
अब इतनी तुम मुझपर कृपा करना, जीवनकाल मेरा कम करना,
अगर मैं धोखा पा भी जाऊँ , गम न रहे कई बरसों का।

kuchh shayari ho jaye.....

“मोहब्बत हम क्या करें कोई इस काबिल मिलता नहीं,
कोई दिल से नहीं मिलता, किसी से दिल नहीं मिलता”


“तेरे प्यार की तमन्ना, गमें जिन्दगी के साये
बड़ी तेज़ आंधियां हैं , ये चिराग बुझ ना जाएँ …
कोई हल तू ही बता दे, इस दिल की कश-म -कश का
तुझे भूलना भी चाहा, तेरी याद भी सताए
तेरे प्यार की तमन्ना, गमें जिन्दगी के साये
बड़ी तेज़ आंधियां हैं , ये चिराग बुझ ना जाएँ”



पथ्थर में खुदा हो सकता है, मन्दिर मे नमजी जाये तो…,
सुन कर अजान आ सकते राम, मस्जिद मे दीप जलाये तो…।
ये सब ढाचे हैं, मकान हैं, इनमे उसका मुकाम नही…,
समझ- समझ ना समझ, समझ, ना समझ, समझ, ये बात समझ्…
दुनियां को बनाने वाले की फितरत का इतना रज़ समझ…॥



पथ्थर में खुदा हो सकता है, मन्दिर मे नमजी जाये तो…,
सुन कर अजान आ सकते राम, मस्जिद मे दीप जलाये तो…।
ये सब ढाचे हैं, मकान हैं, इनमे उसका मुकाम नही…,
समझ- समझ ना समझ, समझ, ना समझ, समझ, ये बात समझ्…
दुनियां को बनाने वाले की फितरत का इतना रज़ समझ…॥

kuchh shayari ho jaye.....

“उसने हमारे जख्मों का कुछ इस तरह किया इलाज,
मरहम भी लगया तो काटों की नोक से”


“तुम्हे गैरों से कब फुरसत, हम अपने गम से कब खाली,
चलो अब हो चुका मिलाना, ना तुम खाली ना हम खाली.”



राजनीति के साईड इफ़ेक्ट …… बहुत ही दर्दनाक होते है . सच में अगर दिल की सुनी जाये तो जीना मुश्किल हो जाये .
खैर राजनीति के तलपट को अगर आप टटोले तो रिश्तो के हुये नुकसान शायद ही कभी पूरे हो .

Tuesday 12 October, 2010

हिन्दू धर्म का इतिहास

हिन्दू धर्म का इतिहास अति प्राचीन है। इस धर्म को वेदकाल से भी पूर्व का माना जाता है, क्योंकि वैदिक काल और वेदों की रचना का काल अलग-अलग माना जाता है। यहां शताब्दियों से मौखिक परंपरा चलती रही, जिसके द्वारा इसका इतिहास व ग्रन्थ आगे बढ़ते रहे। उसके बाद इसे लिपिबद्ध करने का काल भी बहुत लंबा रहा है। हिन्दू धर्म के सर्वपूज्य ग्रन्थ हैं वेद। वेदों की रचना किसी एक काल में नहीं हुई। विद्वानों ने वेदों के रचनाकाल का आरंभ ४५०० ई.पू. से माना है। यानि यह धीरे-धीरे रचे गए और अंतत: पहले वेद को तीन भागों में संकलित किया गया- ऋग्वेद, यजुर्वेदसामवेद जि‍से वेदत्रयी कहा जाता था। मान्यता अनुसार वेद का वि‍भाजन राम के जन्‍म के पूर्व पुरुरवा ऋषि के समय में हुआ था। बाद में अथर्ववेद का संकलन ऋषि‍ अथर्वा द्वारा कि‍या गया। वहीं एक अन्य मान्यता अनुसार कृष्ण के समय में वेद व्यास ने वेदों का विभाग कर उन्हें लिपिबद्ध किया था। इस मान से लिखित रूप में आज से ६५०८ वर्ष पूर्व पुराने हैं वेद। श्रीकृष्ण के आज से ५३०० वर्ष पूर्व होने के तथ्‍य ढूँढ लिए गए हैं।
हिंदू और जैन धर्म की उत्पत्ति पूर्व आर्यों की अवधारणा में है जो ४५०० ई.पू. मध्य एशिया से हिमालय
तक फैले थे। आर्यों की ही एक शाखा ने पारसी धर्म की स्थापना भी की। इसके बाद क्रमश: यहूदी धर्म दो हजार ई.पू., बौद्ध धर्म पाँच सौ ई.पू., ईसाई धर्म सिर्फ दो हजार वर्ष पूर्व, इस्लाम धर्म आज से १४०० वर्ष पूर्व हुआ।
धार्मिक साहित्य अनुसार हिंदू धर्म की कुछ और भी धारणाएँ हैं। मान्यता यह भी है कि ९० हजार वर्ष पूर्व इसका आरंभ हुआ था। रामायण, महाभारत और पुराणों में सूर्य और चंद्रवंशी राजाओं की वंश परम्परा का उल्लेख उपलब्ध है। इसके अलावा भी अनेक वंशों की उत्पति और परम्परा का वर्णन आता है। उक्त सभी को इतिहास सम्मत क्रमबद्ध लिखना बहुत ही कठिन कार्य है, क्योंकि पुराणों में उक्त इतिहास को अलग-अलग तरह से व्यक्त किया गया है जिसके कारण इसके सूत्रों में बिखराव और भ्रम निर्मित जान पड़ता है, फिर भी धर्म के ज्ञाताओं के लिए यह भ्रम नहीं है।
असल में हिंदुओं ने अपने इतिहास को गाकर, रटकर और सूत्रों के आधार पर मुखाग्र जिंदा बनाए रखा। यही कारण रहा कि वह इतिहास धीरे-धीरे काव्यमय और श्रृंगारिक होता गया जिसे आधुनिक लोग इतिहास मानने को तैयार नहीं हैं। वह समय ऐसा था जबकि कागज और कलम नहीं होते थे। इतिहास लिखा जाता था शिलाओं पर, पत्थरों पर और मन पर।
हिंदू धर्म के इतिहास ग्रंथ पढ़ें तो ऋषि-मुनियों की परम्परा के पूर्व मनुओं की परम्परा का उल्लेख मिलता है जिन्हें जैन धर्म में कुलकर कहा गया है। ऐसे क्रमश: १४ मनु माने गए हैं जिन्होंने समाज को सभ्य और तकनीकी सम्पन्न बनाने के लिए अथक प्रयास किए। धरती के प्रथम मानव का नाम स्वायंभव मनु था और प्रथम ‍स्त्री थी शतरूपा। महाभारत में आठ मनुओं का उल्लेख है। इस वक्त धरती पर आठवें मनु वैवस्वत की ही संतानें हैं। आठवें मनु वैवस्वत के काल में ही भगवान विष्णु का मत्स्य अवतार हुआ था।
पुराणों में हिंदू इतिहास का आरंभ सृष्टि उत्पत्ति से ही माना जाता है। ऐसा कहना कि यहाँ से शुरुआत हुई यह ‍शायद उचित न होगा फिर भी हिंदू इतिहास ग्रंथ महाभारत और पुराणों में मनु (प्रथम मानव) से भगवान कृष्ण की पीढ़ी तक का उल्लेख मिलता है।

पुनर्जन्म

पुनर्जन्म यह धारणा है कि व्यक्ति मृत्यु के पश्चात पुनः जन्म लेता है। अगर हम ये कहें कि कोई व्यक्ति मरने के बाद कहीं अन्यत्र जन्म लेता है । दुनियाँ भर मे कई सारी घटनाएँ हुई हैं पुनर्जन्म को लेकर , पर वैज्ञानिक समुदाय इसे एक कोरी कल्पना मानता है । अक्सर पुनर्जन्म के मामले ये देखा गया है कि पुनर्जन्म लेने वाले व्यक्ति को अपने मरने से पहले की सारी बातें याद रहती हैं ।

Saturday 9 October, 2010

Categories of Network:

Categories of Network:


Network can be divided in to two main categories:

•Peer-to-peer.

•Server – based.

In peer-to-peer networking there are no dedicated servers or hierarchy among the computers. All of the computers are equal and therefore known as peers. Normally each computer serves as Client/Server and there is no one assigned to be an administrator responsible for the entire network.



Peer-to-peer networks are good choices for needs of small organizations where the users are allocated in the same general area, security is not an issue and the organization and the network will have limited growth within the foreseeable future.



The term Client/server refers to the concept of sharing the work involved in processing data between the client computer and the most powerful server computer.



The client/server network is the most efficient way to provide:

•Databases and management of applications such as Spreadsheets, Accounting, Communications and Document management.

•Network management.

•Centralized file storage.

The client/server model is basically an implementation of distributed or cooperative processing. At the heart of the model is the concept of splitting application functions between a client and a server processor. The division of labor between the different processors enables the application designer to place an application function on the processor that is most appropriate for that function. This lets the software designer optimize the use of processors--providing the greatest possible return on investment for the hardware.



Client/server application design also lets the application provider mask the actual location of application function. The user often does not know where a specific operation is executing. The entire function may execute in either the PC or server, or the function may be split between them. This masking of application function locations enables system implementers to upgrade portions of a system over time with a minimum disruption of application operations, while protecting the investment in existing hardware and software.
What is a computer Network?
A network is any collection of independent computers that communicate with one another over a shared network medium.A computer network is a collection of two or more connected computers. When these computers are joined in a network, people can share files and peripherals such as modems, printers, tape backup drives, or CD-ROM drives. When networks at multiple locations are connected using services available from phone companies, people can send e-mail, share links to the global Internet, or conduct video conferences in real time with other remote users. As companies rely on applications like electronic mail and database management for core business operations, computer networking becomes increasingly more important.
Every network includes:
  • At least two computers Server or Client workstation.
  • Networking Interface Card's (NIC)
  • A connection medium, usually a wire or cable, although wireless communication between networked computers and peripherals is also possible.
  • Network Operating system software, such as Microsoft Windows NT or 2000, Novell NetWare, Unix and Linux.
Types of Networks:

LANs (Local Area Networks)

A network is any collection of independent computers that communicate with one another over a shared network medium. LANs are networks usually confined to a geographic area, such as a single building or a college campus. LANs can be small, linking as few as three computers, but often link hundreds of computers used by thousands of people. The development of standard networking protocols and media has resulted in worldwide proliferation of LANs throughout business and educational organizations.

WANs (Wide Area Networks)

Wide area networking combines multiple LANs that are geographically separate. This is accomplished by connecting the different LANs using services such as dedicated leased phone lines, dial-up phone lines (both synchronous and asynchronous), satellite links, and data packet carrier services. Wide area networking can be as simple as a modem and remote access server for employees to dial into, or it can be as complex as hundreds of branch offices globally linked using special routing protocols and filters to minimize the expense of sending data sent over vast distances.

Internet

The Internet is a system of linked networks that are worldwide in scope and facilitate data communication services such as remote login, file transfer, electronic mail, the World Wide Web and newsgroups.

With the meteoric rise in demand for connectivity, the Internet has become a communications highway for millions of users. The Internet was initially restricted to military and academic institutions, but now it is a full-fledged conduit for any and all forms of information and commerce. Internet websites now provide personal, educational, political and economic resources to every corner of the planet.

Intranet

With the advancements made in browser-based software for the Internet, many private organizations are implementing intranets. An intranet is a private network utilizing Internet-type tools, but available only within that organization. For large organizations, an intranet provides an easy access mode to corporate information for employees.

MANs (Metropolitan area Networks)

The refers to a network of computers with in a City.

VPN (Virtual Private Network)

VPN uses a technique known as tunneling to transfer data securely on the Internet to a remote access server on your workplace network. Using a VPN helps you save money by using the public Internet instead of making long–distance phone calls to connect securely with your private network. There are two ways to create a VPN connection, by dialing an Internet service provider (ISP), or connecting directly to Internet.

 

Computer network
A computer network, often simply referred to as a network, is a group of computers and devices interconnected by communications channels that facilitate communications among users and allows users to share resources. Networks may be classified according to a wide variety of characteristics.

Introduction
A computer network allows sharing of resources and information among interconnected devices. In the 1960s, the Advanced Research Projects Agency (ARPA) started funding the design of the Advanced Research Projects Agency Network (ARPANET) for the United States Department of Defense. It was the first computer network in the world.[1] Development of the network began in 1969, based on designs developed during the 1960s.

Purpose
Computer networks can be used for several purposes:

Facilitating communications. Using a network, people can communicate efficiently and easily via email, instant messaging, chat rooms, telephone, video telephone calls, and video conferencing.
Sharing hardware. In a networked environment, each computer on a network may access and use hardware resources on the network, such as printing a document on a shared network printer.
Sharing files, data, and information. In a network environment, authorized user may access data and information stored on other computers on the network. The capability of providing access to data and information on shared storage devices is an important feature of many networks.
Sharing software. Users connected to a network may run application programs on remote computers.

Wednesday 6 October, 2010

Windows 2000 Group Policies

Windows 2000 Group Policies
Group policies are used by administrators to configure and control user environment settings. Group Policy Objects (GPOs) are used to configure group policies which are applied to sites, domains, and organizational units (OUs). Group policy may be blocked or set so it cannot be overridden. The default is for subobjects to inherit the policy of their parents. There is a maximum of 1000 applicable group policies.
Group policies are linked to domains, organizational units, or sites in Active Directory. A policy must be linked to a container object in Active Directory to be effective. They are stored in any domain for storage but can be linked to other domains to make them effective there also. The policy must be linked to the container (site, domain, or OU) that it is stored in to be effective in that container. One policy object can be linked to sveral containers. Several policy objects can be linked to one container.
Group Policy Settings
Group policy settings only work for Windows 2000 computers. Settings that do the following may be applied with group policy:
• Manage user environments - Wallpaper and other settings.
• Manage scripts - Logon/logoff and startup/shutdown scripts.
• Manage security - Event log settings, account policies, and more.
• Manage software deployment - Applications may be automatically installed when the client computer starts.
• Redirect folders - Folders on a local computer may be redirected to a network share.
Group Policy Types
Group policy types and their order of application are:
• Local Policy
• Site Linked Policies
• Domain Linked Policies
• Organizational Unit Policies
Group policy may be set using Active Directory globally or or using Local Group Policy on local computers. The files are stored:
• Locally - SystemRoot\System32\GroupPolicy\
• Globally - SystemRoot\SYSVOL\sysvol\domainname\Policies\ on domain controllers. The global group policy is made of a Group Policy Object (GPO) which is an Active Directory object and the files in this directory.

The GPT.INI file contains information about the policy. Group policy templates are in the system volume\public directory.
Group Policy Priorities
Group policy is inherited by children objects of parents. If a parent object has group policy, then the children have the same policy. Group policies are applied down from the higher level objects to the lower level objects. The policies are cumulative unless they conflict, in which case the lower level policy applies to the object.
1. Local or Roaming Individual user profile is applied. Local policies cannot be blocked.
2. Local Group Policy is applied. Conflicts with individual policy are overridden by local group policy.
3. Group Policy is applied. Conflicts with individual policy or local group policy are overridden by group policy. The group policies are processed in the following order based on the object they are linked to:
1. Sites
2. Domains
3. Organizational Units
Policies normal behavior can be modified with the following settings:
• No Override - Normally the local policies or lower level policies will take presidence. If this setting is made on a higher level policy, the lower level policy cannot modify it and the policy associated with this setting will take precidence.
• Block Policy - Group Policy Objects (GPOs) are entirely blocked or applied. The No Override option takes priority over the Block Policy option.
Policy application steps:
1. When the computer is turned on, all group policies that are applicable to the computer are applied.
2. Any group policy startup scripts are run.
3. At user logon, after the user profile is set, all group policies for that user are applied.
4. Any group logon scripts are run, then any individual logon scripts are run.
5. At user logoff, group logoff scripts are run.
6. At system shutdown, any group policy shutdown scripts associated with the computer are run.
Group policy is updated by active directory to domain controllers every 5 minutes and to all Windows 2000 computers that are not domain controllers every 90 minutes. These updates are requested by the computer and the intervals may be modified by administrators.
Setting Group Policy
The creator of a policy and administrators have Full Control permission for policies. To set Group Policy, the user must have permission to Log on Locally on a domain controller
Group policies can be set from any domain controller, but the one that is the best to use is the PDC Emulator domain controller.
All group policy object containers have a default policy. Group policies can be managed using the Group Policy Editor. There are two default policy nodes:
• Computer configuration - Settings are applied to the computer and the user on the computer does not affect the settings.
• User configuration
Both nodes contain three sections for various settings which are:
• Administrative templates - Additional confuguration for computer and user settings.
• Software settings - Applications can be assigned to computers or users. The application can be run by the user or on the computer on which they are assigned. Either a stub for the application or the application is installed.
• Windows settings - The behavior of the operating system may be customized here.
The Microsoft Management Console (MMC) Group Policy snap-in is used to set local group policy. To start it, select "Start", "Run", and type "gpedit.msc". It also allows configuration of local Security Policies that may be set using the "Local Security Policy" Administrative Tool. The Group Policy snap-in on a remote computer may be used to set local Group Policies also. The following Local Group Policy settings are possible:
• Computer Configuration - Applies to specific computers
o Software Settings - Applications can be assigned to computers or users. The application can be run by the user or on the computer on which they are assigned. Either a stub for the application or the application is installed.
o Windows Settings - Used to manage startup and shutdown scripts.
 Scripts (Startup/Shutdown)
 Security Settings
 Account Policies - Password and account lockout policy.
 Account lockout policy - Set the reset interval between logon attempts. Set the failed logon counter reset interval. Set the duration of the lockout.
 Password policy - Number of passwords remembered that can't be repeated. Maximum pasword age (42 default). Minimum password length.
 Kerberos policy - Set lifetime of service tickets.
 Local Policies - Audit, User rights, security options.
 Audit policy - These may include Logon and logoff, File and object access, Use of user rights, User and group management, Security policy changes, System shutdown and restart, and Process Tracking.
 User rights - Determines actions that a user can perform such as shutting the system down, change time, use the computer locally, and others.
 Security options - Must be enabled by an administrator. Restricted groups are used to help automate group management. A user can be added to a restricted group temporarily and that user will be removed during the next security audit.
 Event Log - Application, Security, and System log settings.
 Restricted Groups - Can be sure certain group memberships are not modified locally.
 System Services - Set services to automatic, manual, or disabled.
 Registry - Registry settings to be affected by this group policy. Permissions for registry keys may set up here.
 File system - Security settings for files and directories on several computers can be set along with file system extension associations with applications.
 Public Key Policies - Encrypted Data Recovery Agents, Automatic Certificate Request Settings, Trusted Root Certificate Authorities, and Enterprise Trust.
 IP Security Policies on Active Directory - Rules for secure servers, servers, and clients. These rules control whether information sent between clients and the server is encyrpted or secure. These are the default policies:
 Client policy - Most communication is not secure (encrypted) but the client may request and get a secure channel.
 Secured server policy - Only secure communication is attempted.
 Server policy - The server attempts to use a secure channel, but if the client does not respond through the secure channel, an unsecure channel will be used.
o Administrative Templates - Can be used to manage a user's environment. More templates may be added for applications by creating a unicode file (usually provided by the application creator) with the ".adm" extension. The .adm file causes the HKEY_LOCAL_MACHINE registry key to be changed.
 Windows Components - Can configure the user's ability to use specific Windows programs or certain functions in those programs. Those programs include Internet Explorer, Task Scheduler, Windows Installer, and NetMeeting.
 System - Settings for:
 Disk quotas - Levels of warnings and hard limits may be set.
 DNS clients - The DNS suffix may be set.
 Group policy
 Logon - Scripts at startup or shutdown may be configured to run.
 Windows file protection - System files may be scanned.
 Network - Can configure access to offline files and limit the user's ability to configure connection sharing.
 Printers - Policies may allow local printers to be published in Active directory.
• User Configuration - Applies to specific users.
o Software Settings - Applications can be assigned to computers or users. The application can be run by the user or on the computer on which they are assigned. Either a stub for the application or the application is installed.
o Windows Settings - Used to manage logon, and logoff scripts. It is best to manage these scripts here rather than by configuring user account properties.
 Internet Explorer maintenance. - Settings:
 Browser user interface settings
 Connection settings
 URLs section
 Security zones
 Programs settings
 Scripts - Used for user configuration are used during logon and/or logoff.
 Security Settings - Public key policies.
 Remote Installation Service
 Folder Redirection - Determines where users can get specific types of files. It is based on user groups or specific folders.
o Administrative Templates - Can be used to manage group policy options. More templates may be added for applications by creating a unicode file (usually provided by the application creator) with the ".adm" extension. The .adm file causes the HKEY_CURRENT_USER registry key to be changed.
o Windows Components - Can configure the user's ability to use specific Windows programs or certain functions in those programs. Those programs include:
 Internet Explorer
 Task Scheduler
 Windows Installer
 NetMeeting
 Windows Explorer - Menu items may be disabled or removed.
 Microsoft Management Console.
o System - The configuration may be set so the user cannot change their password or logoff. The group policy refresh interval is configured here.
 Logon/logoff settings - Logon and logoff scripts may be hidden so the user is unaware that they are run. Part of the Task Manager or its entirety may be disabled.
 Group policy settings
o Network - Can configure access to offline files and limit the user's ability to configure connection sharing.
o Start Menu and Taskbar - Can remove some options.
o Desktop - Desktop icons may be hidden.
o Control Panel - Configure the user's ability to use the control panel and specific features. Specific applets or the entire control panel may be hidden.
Creating Group Policy Objects
There are several tools used to create and manage group policy objects. The most appropriate tool to use depends on the level the group policy object is at. The tools are as follows:
• Active Directory Sites and Services Administrative tool - Used to create and manage Group Policy Objects (GPOs) that are associated with a site.
• Active Directory Users and Computers Administrative tool - Used to create Group Policy Objects (GPOs) that are associated with an OU or domain.
• MMC Group Policy snap-in - This tool, also called the "Group Policy Console" can be used to manage GPOs at any level.
Setting Group Policy
The Microsoft Management Console (MMC) Group Policy snap-in can be used to create and manage Group Policy objects if the user has the correct permissions. Enterprise Admins, Domain Admins groups and domain Administrators have correct permissions.
Group Policy inheritance is configured on the Active Directory container the GPO is in and on the object itself.
• There is a "Block Policy Inheritance" checkbox in the Group Policy Tab on the object container's properties dialog box.
• There is a "No Override: prevents..." checkbox in the Group Policy Tab on the object's properties dialog box.
In the case of a conflict between the two above settings, the "No Override: prevents..." checkbox option prevails. If this option is set on a parent container, the child cannot override the inheritance.
GPO Security
GPO security is used to specify the users and groups that can modify the GPO settings and to specify those to whom they apply as follows:
• The Group Policy settings apply to users and groups that have the Active Directory read and apply group policy permissions to the GPO. Authenticated Users have these settings apply by default.
• Users or groups that have the Active Directory read and write permissions to the GPO can modify the GPO settings.
The Object's or container's properties dialog box (Select "Action", "Properties") group policy tab, GPO's security tab is where the security settings are modified. This is done in the Administrative Tool "Active Directory Sites and Services" or "Active Directory Users and Computers". This allows policies to be set, or "filtered" so they only affect specific users or groups. When these permissions for the group policy objects are modified, the Discretionary Access Control List (DACL) for the policy object is modified. The DACL must permit the groups that the policy is for to have both "Read" and "Apply Group Policy" permission.
Linking GPOs
A GPO may be linked to another container. When this is done a new GPO, pointing to the original GPO, is created. The GPO settings of the original GPO apply to all objects it is linked to. At this point the new GPO may be modified and the new settings will apply only to the new GPO. If settings in the original GPO are modified, the settings in the linked GPOs will also be changed.
Group Policy Application Order
Groups are listed by priority in the System Policy Editor dialog box, Group Priority tab. When a user is in multiple groups, the highest priority group's policy applies. The groups may be moved up and down the list which sets their relative priorities..
Using Group Policy for Software Deployment
Methods:
• Assign the application to a computer - The application shortcut appears in the user start menu, and the application is installed the first time the user runs it..]
• Assign the application to a user - The application is installed the next time the computer is booted.
• Publish the application to the user - The application is installed the first time the user opens a document that is associated with the application. Once installed, the start menu lists the application.
Installation steps:
1. Prepare application for deployment if it is not in a Windows installer file (ending with .msi). Do one of:
o Convert the file to a Windows installer file.
1. Use WinINSTALL LE to repackage the application as a Windows installer file. This program is on the Windows 2000 Server CD in \VALUEADD\3RDPARTY\WINSTLE.
o Create application installation instructions in a text file ending with ".zap". These applications can only be published. Two sections of .zap file:
 {Application] - Give "FriendlyName = " and "SetupCommand =" on two separate lines followed by the appropriate information.
 [Ext] - List extensions to be associated with the application on separate lines followed by "=".
Group policies can also be used to:
• Deploy service packs
• Create application categories
• Maintain or upgrade software
• Remove previously deployed applications.
Policy Refresh Intervals
The default refresh interval for policies is 90 minutes. The default refresh interval for domain controllers is 5 minutes. Group policy object's group policy refresh intervals may be changed in the group policy object. The appropriate refresh interval depends on link speed. A slow network should have longer refresh intervals. A slow link is defined as one slower than 500Kbps.

Windows 2000 IPSec

Windows 2000 IPSec
IPSec stands for Internet Protocol Security and it is used to encrypt TCP/IP data so the information cannot be captured and understood by outsiders. It is used both on internal networks and between two private networks over the internet to support virtual private networking (VPN). Terms:
• Transport mode - The data portions of the packet are encrypted.
• Tunnel mode - The data and address portions of the message are both encrypted and that packet is used in the data portion of a new packet of a new IP packet with a new address. It is used between two routers for VPN.
Security Methods
IPSec can use various security encryption algorithms and key lengths. These are the characteristics of IPSec connections (security methods):
• A specified encryption algorithm.
• A negotiated key length.
• A negotiated key lifetime.
Supported Authentication Methods
• A shared secret such as a key or phrase.
• Kerberos
• Certificates - The certificate can only be created using a private key and the certificate is verified using the public key. This way the certificate can be used for authentication.
Enabling
Enabling IPSec is enabled on individual computers by using the "Network and Dial-up Connections folder". The "Domain Security Policy" administrative tool is used to enable IPSec on all computers or domain controllers in a domain. "Active Directory Users and Computers" can be used to set up a group policy object which can enable IPSec on Windows 2000 computers in an organizational unit. IPSec can be managed by using the Microsoft Management Console (MMC) IP Cecurity Policy Snap-in.
When using group policy to set IPSec, the following options are available:

• Client (Respond Only) - Only Uses IPSec to respond to requests for use of IPSec but outgoing requests are done with normal communications.
• Server (Request Security) - Always uses IPSec for outgoing communications. Computers without IPSec enabled can still communicate with computers set in this mode.
• Secure Server (Require Security) - Uses IPSec for all communications. Computers without IPSec enabled can not communicate with computers set in this mode.
One IPSec policy may be set for one computer which includes one or more rules which are applied from the most restrictive to the least restrictive. IPSec Rules:
• IP Filter - Defines the type of traffic the rule applies to.
• IP Filter Action - Determines how the type of traffic is handled such as requiring encryption, requesting encryption for outgoing traffic, or allowing traffic that is not encrypted.
• Authentication Method - Three methods are Windows 2000 default, Keberos 5, or use an encryption key.
• Tunnel Setting - Determines whether IPSec will work in transport ("This rule does not specify a tunnel") or tunnel mode ("The tunnel endpoint is specified by this IP address").
• Connection Type - Determines if the rule applies to the local area network, all network connections or to remote access.
IPSec policy is set using "Active Directory Users and Computers".
The Security Monitor tool is used to monitor IPSec. Although it is a graphical tool, it is started from the command line by typing "Ipsecmon" followed by the name of the computer to be monitored.
IPSec Monitoring Tool
The IPSec monitoring tool can be used to provide a summary of the local computer IPSec connections. This tool can be started by clicking on "Start", "Run" and entering "ipsecmon.exe" and pressing the ENTER key.

Active Directory Schema

Active Directory Schema
All databases have a schema which is a formal definition (set of rules) which govern the database structure and types of objects and attributes which can be contained in the database. The schema contains a list of all classes and attributes in the forest.
The schema keeps track of:
• Classes
• Class attributes
• Class relationships such as subclasses (Child classes that inherit attributes from the super class) and super classes (Parent classes).
• Object relationships such as what objects are contained by other objects or what objects contain other objects.
There is a class Schema object for each class in the Active Directory database. For each object attribute in the database, there is an attributeSchema object.
Partitions
Active Directory objects are stored in the Directory Information Tree (DIT) which is broken into the following partitions:
• Schema partition - Defines rules for object creation and modification for all objects in the forest. Replicated to all domain controllers in the forest. Replicated to all domain controllers in the forest, it is known as an enterprise partition.
• Configuration partition - Information about the forest directory structure is defined including trees, domains, domain trust relationships, and sites (TCP/IP subnet group). Replicated to all domain controllers in the forest, it is known as an enterprise partition.
• Domain partition - Has complete information about all domain objects (Objects that are part of the domain including OUs, groups, users and others). Replicated only to domain controllers in the same domain.
o Partial domain directory partition - Has a list of all objects in the directory with a partial list of attributes for each object.
The DIT holds a subset of Active Directory information and stores enough information to start and run the Active Directory service.


Schema Container
The schema container is a special container at the top of the schema partitionand is an object created from the directory Management Domain (dMD). It can be viewed using the MMC "Active Directory Schema" console or the Active Directory Services Interface (ADSI) edit utility from the installation CDROM. The distinguished name schema container address is:
/CN=schema/CN=configuration/DC=forest root
Classes and attributes are stored in classSchema objects and attributeSchema objects respectively.
attributeSchema Mandatory Attributes
These attributes provide information about attributes of another Active Directory object.
• attributeID - Identifies the attribute with a unique value.
• attributeSyntax - Identifies the object which defines the attribute type.
• cn - A unicode string name of the attribute.
• isSingleValued - A boolean variable which when true indicates there is only one value for the attribute. If false, the attribute can have several values.
• LDAPDisplayName - LDAP unicode name string used to identify the attribute.
• NTSecurityDescriptor - The object security descriptor.
• ObjectClass - Is always attributeSchema.
• OMSyntax - Identifies the object syntax specified by the open object model.
• SchemaIDGUID - Unique global ID value of the attribute.
classSchema Mandatory Attributes
These attributes provide information about another Active Directory object.
• cn - A unicode string name of the object.
• DefaultObjectCategory - A distinguished name of where the object belongs.
• GovernsID - A unique number identifying the class.
• LDAPDisplayName - LDAP unicode name string used to identify the object.
• NTSecurityDescriptor - The object security descriptor.
• ObjectClass - Is always classSchema.
• ObjectClassCategory - An integer describing the object class type. The class type is one of the following with values in "()" indicating the integer value used to signify them:
o Abstract class (2) - A class that can't be an object, but is used to pass attributes down to subclasses.
o Auxillary class (3) - Used to provide structural or abstract classes with attributes
o Structural class (1) - These classes can have objects created from them and are the class type that is contained as objects in the directory.
o Type 88 class (0) - These classes don't have a type and they are class types created before 1993 before class types were established in the X.500 standard.
• SchemaIDGUID - Unique global ID value of the class.
• SubClassOf - Identifier of the class parent class.
System Attributes
These system attributes can only be changed by the Directory System Agent (DSA) which manages the Active directory database.
• systemAuxillaryClass - Identifies the auxiliary protected classes that compose the class.
• systemMayContain - Optional system protected class attributes.
• systemMustContain - Required system protected class attributes.
• systemPossSuperiors - Parent system protected classes.
SAM Read Only Attributes
The SAM is the Security Access Manager.
• badPasswordCount
• badPasswordTime
• creationTime
• domainReplica
• isCriticalSystemObject
• lastLogoff
• lastLogon
• LockoutTime
• modifiedCount
• ntPwdHistory
• PrimaryGroupName
• revision
• SAMAccountName
• SAMAccountType
Schema Modifications
The schema should only be modified when absolutely necessary. Control mechanisms include:
• The schema operations master domain controller is the only controller that the schema can be changed from.
• The Schema console must have schema modification set to enabled.
• Each schema object has permissions set through the Windows 2000 security model.
Ways to modify the schema include:
• Using an application programming interface (API).
• Lightweight Directory Interface Format (LDIF) scripts.
• LDIFDE bulk schema modification tool.
• CSVDE bulk schema update tool.
Document the following when changing the schema:
• Object issuing authority
• Object ID
• Class heirarchy
• NT security descriptor
• LDAP display name
• Common name
• Class attributes
When the schema is changed, the following checks are done by Active Directory:
• Consistency - Makes sure identifiers are unique and mandatory attributes exist. Also existance of superclasses in the schema is checked.
• Safety - Check to be sure Active Directory functionality is not disrupted. Checks the following object types:
o Category 1
o Category 2

Active Directory Objects

Active Directory Objects
Object Types
There are two types of Active Directory groups, each with a different purpose. These are:
• Security principal groups - These objects can be assigned permissions and consist of:
o users
o groups
o computers
• Distribution groups - Used to group users for applications such as mail.
Object Characteristics
Every object has a:
• Globally Unique Identifier (GUID) - Uniquely identifies each object. Its size is 128 bits.
• Security Identifier (SID) - A SID is created by the Windows 2000 security subsystem and assigned to security principal objects.
Active Directory Objects
Active directory may contain all objects listed here and all objects listed that are contained by organizational units (OU).
• Domain - The core unit in the Active Directory structure.
• Organizational Unit (automatically published) - Other organizational units may be contained inside organizational units.
Leaf objects are objects such as users and computers which cannot contain other objects.


Organizational Units
Organizational Units are called container objects since they help to organize the directory and can contain other objects including other OUs. The basic unit of administration is now organizational units rather than domains. Organizational units allow the creation of subdomains which are also called logical domains. Microsoft recommends that there should never be more than 10 levels or organizational unit nesting. Since deeper OU nesting slows directory access, normally there should be no more than three or four levels of nesting. Organizational units may contain:?
• Organizational Unit (automatically published) - Used to create a heirarchy of AD objects into logical business units. Other organizational units may be contained inside organizational units.
• User (automatically published) - Individual person
• Group (automatically published) - Groups of user accounts. Groups make user management easier.
• Computer (Those in the domain are automatically published) - Specific workstations.
• Contact (automatically published) - Administrative contact for specific active directory objects.
• Connection - A defined one direction replication path between two domain controllers making the domain controllers potential replication partners. These objects are maintained on each server in "Active Directory Sites and Services".
• Shared folder - Used to share files and they map to server shares.
• Printer (Most are automatically published) - Windows NT shared printers are not published automatically.
• Site - A grouping of machines based on a subnet of TCP/IP addresses. An administrator determines what a site is. Sites may contain multiple subnets. There can be several domains in a site. For example, an organization may have branches around the city they are located in. Each location may be a site.
• Site container
• Site link - Defines the connection between sites. Can indicate the cost of sending data across a network in terms of available bandwidth. It is a list of two or more connected sites. Whether the link will use RPC or SMTP for passing data must be determined before creating the link since it cannot be changed
• Site link bridge - Allows one site in a string of sites to replicate through one or two sites to a second or third site. These are only used for fine control of how replication will occur across WAN links.
• Site settings
• Subnet - A part of a network based on addresses which is usually connected using routers. Subnets must be created in each site object before it is really active. A network address and subnet mask is used to define the subnet.
• Subnet container
• Trusted domain
Pre-installed Container Objects
Pre-installed container objects provide backward compatibility with Windows NT. They look and act like organizational units and include:
• Builtin - Build in local groups.
• Computers - Computer accounts created using Windows NT. It is a list of workstations
• Computer - Used to manage particular workstations.
• Domain Controllers - A list of domain controllers.
• Foreign Security Principles - Shows trust relationships with other domains.
• Users - Windows NT users.
Object Access
Controlling objects in Active Directory controls access only to objects in Active Directory. Objects outside Active Directory may have their own access control. Permissions on corresponding objects in Active Directory do not affect permissions on external objects. Therefore, the user must have both Active Directory and object access.
When setting object permissions, they can be set so the change applies to all children of the object or only to the object itself. You can also set child objects to inherit permissions from their parent object. Access to specific object properties can be controlled. Object permissions for users and groups include:
• Full Control - Allows full access to the object and its sub objects, with the ability to take ownership of objects and change permissions of objects and sub objects
• Read - Allows object contents and properties to be displayed.
• Write - Allows object contents and properties to be changed except for modifying permissions, configuring auditing, or taking ownership.
• Create All Child Objects - Allows creation of any child objects.
• Delete All Child Objects - Allows deletion of any child objects.
Object access is controlled using the Active Directory Users and Computers tool by clicking on "View", "Advanced Features", Click + next to the domain, right click the object, select "Properties", click the "Security" tab, and continue.
Permission Combinations
When user and group permissions that the user is in differ for specific objects the least restrictive permissions normally apply. The only exception to this if the user or group is specifically denied one or more specific permissions to the object. When some permissions are denied, the user will have the most restricrictive denials of permissions apply. If the full control permission is denied to a user or group, that user or group will have no permissions. Explicit permissions set at the child object level override permission denial at the parent level even if the child is set to inherit permissions from the parent.
Object Ownership
Ownership can be taken if a user has the take ownership right to the object or if the user is part of the Domain Admins group. Object access is controlled using the Active Directory Users and Computers tool by clisking on "View", "Advanced Features", Click + next to the domain, right click the object, select "Properties", click the "Security" tab, click "Advanced", and continue.
Active Directory Object Administration Delegation
Management of objects listed in Active Directory can be delegated to other administrators. Administrative authority cannot be delegated for objects smaller than the Organizational Unit (OU). There are two ways to delegate object control:
• Find the object in the Active Directory Users and Computers tool, right click on the object, and select "Delegate Control". The Delegation of Control Wizard will start.
• Perform the same action as is done when configuring permissions by using the "View" menu in the Active Directory Users and Computers tool, and click on "Advanced Features".
Object Identifiers
Object identifiers are strings in a dot notation similar to IP addresses. There are authorities that issue object identifiers. Each of these authorities can give an object identifier on a sublevel to other authorities. The International Standards Organization (ISO) is the root authority. The ISO has a number of 1. When it assigns a number to another organization, that number is used to identify that organization. If it assigned CTDP the number 469034, and CTDP issued 1 to Mark Allen, and Mark Allen assigned 10 to an application, the number of the application would be "1.469034.1.10".
Object Attribute Syntax
Attribute syntax defines the type of data the attribute contains. The following are attribute syntaxes defined by the oMSyntax numbers 2.2.2.0 through 2.5.5.17
• Undefined - illegal
• Object (DN-DN)
• String (Object ID)
• Case sensitive string
• String not sensitive to case
• Printable string
• Numeric string
• Binary object
• Boolean
• Integer
• Octet string
• Time string
• Unicode string
• Presentation address
• DN string object
• NT-sec-desc - Windows NT security descriptor
• Large integer
• Security ID - Windows NT security ID

Windows 2000 DHCP

Windows 2000 DHCP
Dynamic host configuration protocol is used to automatically assign TCP/IP addresses to clients along with the correct subnet mask, default gateway, and DNS server. Two ways for a computer to get its IP address:
• Using DHCP from a DHCP server.
• Manual configuration.
DHCP Scopes
• Scope - A range of IP addresses that the DHCP server can assign to clients that are on one subnet.
• Superscope - A range of IP addresses that span several subnets. The DHCP server can assign these addresses to clients that are on several subnets.
• Multicast scope - A range of class D addresses from 224.0.0.0 to 239.255.255.255 that can be assigned to computers when they ask for them. A multicast group is assigned to one IP address. Multicasting can be used to send messages to a group of computers at the same time with only one copy of the message. The Multicast Address Dynamic Client Allocation Protocol (MADCAP) is used to request a multicast address from a DHCP server.
One way to create a superscope is to set up a range of addresses that span more than one subnet. Another way is to create several scopes and merge them using the "New Superscope" wizard by selecting "Action" and "New Superscope"
There are global and scope options. Global options apply to all client computers. Scope options apply to specific subnets or range of IP addresses. DHCP RFCs are 1533, 1534, 1541, and 1542.
Beyond the address assignments DCHP can assign other options which can be applied globally or to various scopes. Some options and address configuration includes:

• IP address
• Netmask
• Default Gateway address
• Primary and secondary DNS server addresse(s)
• NetBIOS Name server (NBNS) address(es).
• Lease period in hours
• IP address of DHCP server.
• WINS server address
• WINS node type
• Vendor equipment options
• Class of user options - The client will provide a class ID.
Windows 2000 Client Option Levels
When options are in conflict, more specific options override less specific options.
• Client level - Includes one client.
• Class level - Includes clients in one class.
• Scope level - Includes one scope.
• Server level - Includes all DHCP server scopes and clients of the server.
Windows 2000 Multicast Scope
The DHCP console allows multicast scopes to be set up similar to normal scopes. This scope assignes a secondary IP address to a client for receiving multicasts in a multicast group. The address range for this scope is 224.0.0.0 through 239.255.255.255. Multicast Address Dynamic client Access Protocol (MADCAP) is used to assign dynamic multicast addresses to clients in multicast groups. DHCP can assign MADCAP options but MADCAP servers cannot assign DHCP options.
DHCP Lease Process
DHCP leases are used to reduce DHCP network traffic by giving clients specific addresses for set periods of time. The DHCP process stages can be remembered using the ROSA acronym:
1. Request - A broadcast is sent by the client with the client MAC address. This is a DHCP discover message with source IP address of 0.0.0.0 and destination address of 255.255.255.255. The client tries to get its last address. If it is not available, the DHCP server will send a NACK signal. The client state is initialization during the request stage.
2. Offer - A DHCP offer message is sent from the DHCP server with some or all the optional information as listed above. Information sent includes the IP address of the DHCP server that sent the accepted offer. All offered IP addresses are marked unavailable by the DHCP server when the DHCP server offers them until they are rejected. The client is in the selecting state during this offer stage.
3. Selection (or acceptance) - The first offer received by the client is accepted. The client broadcasts its selected choice using a DHCP request message which includes the IP address of the DNS server that sent the accepted offer. The client is in the requesting state during this selection stage.
4. Acknowledgement - The server acknowledges with a DHCP acknowledge indicating the client can use the address or it will send a DHCP Nak instructing the client that the address became unavailable. Other DHCP servers retract their offers and mark the offered address as available and the accepted address as unavailable. Any offered IP addresses not selected are freed to be used again. The client state is the binding state during this acknowledgement stage.
When the client sends the lease request, it then waits one second for an offer. If a response is not received, the request is repeated at 9, 13, and 16 second intervals with additional 0 to 1000 milliseconds of randomness. The attempt is repeated every 5 minutes thereafter. The client uses port 67 and the server uses port 68.
Client systems that are Windows 98 or later attempt to tell if another client is already using the address received from the DHCP server by pinging the address. The DHCP server can be configured to pretest addresses by pinging them, but this will increase overhead and slow server response time.
DHCP Lease Renewal
After 50% of the lease time has passed, the client will attempt to renew the lease with the original DHCP server that it obtained the lease from using a DHCPREQUEST message. Any time the client boots and the lease is 50% or more passed, the client will attempt to renew the lease. At 87.5% (7/8ths) of the lease completion, the client will attempt to contact any DHCP server for a new lease. If the lease expires, the client will send a request as in the initial boot when the client had no IP address. If this fails, the client TCP/IP stack will cease functioning.
Additional messages include a DHCP decline message which is sent by the client if it decides the information from the server is not appropriate. A DHCP release message is used by the client to indicate to the server that the IP address is now released and available for use by other clients. The client is in the renewing state when the lease is half expired.
DHCP Scope and Subnets
One DHCP scope is required for each subnet.
DHCP Relay Agents
May be placed in two places:
• Routers
• Subnets that don't have a DHCP server to forward DHCP requests.
Client Reservation
Client Reservation is used to be sure a computer gets the same IP address all the time. Therefore since DHCP IP address assignments use MAC addresses to control assignments, the following are required for client reservation:
• MAC (hardware) address
• IP address
Exclusion Range
Exclusion range is used to reserve a bank of IP addresses so computers with static IP addresses, such as servers may use the assigned addresses in this range. These addresses are not assigned by the DHCP server.
DHCP and WINS
To use WINS the DHCP server must specify:
• WINS server IP address.
• NetBIOS resolution mode (B, P, N, or H - node).
DHCP backup interval
Configured in the registry at:
\hkey\local_machine\system\currentcontrolset\services\dhcp\server\parameters
DHCP files are stored in "SystemRoot\System32\Dhcp".
DHCP Server Installation and Configuration
Installation:
1. TCP/IP services must be installed on the computer first.
2. Select "Start", "Settings", and "Control Panel", then double click the "Add/Remove Programs" applet.
3. Click "Add/Remove Windows Components", highlight "Networking Services", and click "Details".
4. Select the "Dynamic Host Configuration Protocol" checkbox and click OK.
5. Continue and complete the installation.
6. If Active Directory is used on the domain, any Windows 2000 DHCP servers must be authorized in Active Directory. Servers from other operating systems do not need to be authorized. How to authorize:
1. Run the administrative tool, "DHCP" and highlight the DHCP server.
2. Select "Action" and "Authorize".
3. Wait, and after several minutes select "Action" and "Refresh".
DHCP Administrative Tool
Menu selections:
• Action
o Authorize - Used to get a DHCP server authorized in Active Directory.
o New Multicast Scope - Usec to create multicast scopes.
o New Reservation - Used to configure DHCP address reservation for address that are assigned by the DHCP server to specific network cards. You'll need the card MAC address to use this function.
o New Scope - Used to add a scope (range of addresses for assignment) to the DNS server.
o New Superscope - Start the New Superscope wizard.
o Properties
o Refresh
Other Options can be set using "Server Options" or "Scope Options" in the DHCP Administrative Tool. Server option settings apply to all scopes on the DHCP server unless they conflict with scope options. Scope options override server options settings since they are on a sublevel to the entire server. The Scope Options dialog box tabs include:
• General
• Advanced
The DHCP server should be configured to know the address of the WINS/NBNS server for clients that will use WINS. Also the NODE type for WINS should be set. This specifies method used to resolve IP addresses from computer names. These are:
• b-node - Broadcast node.
• p-node - Point-to-point node queries an NBNS name server to resolve addresses.
• m-node - First uses broadcasts, then falls back to querying an NBNS name server.
• h-node - The system first attempts to query an NBNS name server, then falls back to broadcasts if the name server fails. As a last resort, it will look for the lmhosts file locally.
The DHCP server tool can be used to view information about the DHCP server including:
• The allocated scopes and IP addresses and the amount being used.
• Specific address lease information including when the lease for that address expires.
• The names of hosts which have specific IP addresses assigned to them.
The "System Monitor" administrative tool can also be used to monitor the performance of the DHCP server.
Starting DHCP
DHCP is available for NT 3.5 and later Servers. Only one scope (range of IP addresses) can be configured for one DHCP server.
1. Install DHCP. DHCP service is installed from the control panel network applet services tab. Select add, and "Microsoft DHCP Server". Restart the computer
2. Configure DHCP - The DHCP Manager is used to configure DHCP which can be run from any networked NT computer. The DHCP manager is accessed using Administrative Tools. The following items are set for each scope (local subnet):
o Start Address
o End Address
o Subnet Mask
o Exclusion Range start and end addresses.
o Lease duration in days, hours, minutes or unlimited.
o Name - The scope name
o Comment
Global options include (These options may be set within each scope as necessary):
o Domain name
o DNS server
o WINS server (WINS/NBNS)
o WINS/NBT node type
o Router (Default gateway)
3. DHCP can be started by entering "NET START DHCPSERVER" on the command line on Windows 2000 server systems.
Option levels:
• Global - Options for all scopes and clients served by the DHCP server. Overridden if specified otherwise in scope or client options.
• Scope - Options for specific subnets or ranges of addresses.
• Client - Options for specific clients.
The specific client options have greater priority than scope options and scope options have priority over global options. Options may be set to allow various global options to be set as defaults for undeclared options in the scope or client options (Each subnet may have its own WINS server). Global and scope options may be reached from the DHCP options menu. Some of these options are:
• 002 Time Offset
• 003 Router - For setting default gateway
• 004 Time Server
• 005 Name Servers
• 006 DNS Servers
• 007 Log Servers
• 044 WINS/NBNS Servers - Used if the client is not manually configured for the WINS server.
• 046 WINS/NBT Type - NetBIOS name configuration designation of B,P, M, or H node.
• 047 NetBIOS Scope ID - Set so NBT hosts communicate only with other similarly configured hosts.
• cookie Servers
• LPR Servers
• Impress Servers
There can be several DCHP servers on a network. More than one may be configured to back up the other in case of failure.
Because of how leases are assigned and accepted, operation with multiple DHCP servers is not a problem as long as the DCHP servers are configured correctly. The DCHP servers must be configured so the scope of available IP addresses are not the same on any redundant DHCP server. DHCP servers do not communicate with each other.
DHCP Database Options
• Backup - Includes scopes and all options. The database is automatically backed up to:
\WINNTROOT\System32\Dhcp\Backup\Jet
The backup interval is stored in the registry at:
HKey_Local_Machine\System\CurrentControlSet\Services\DhcpServer\Parameters\BackupInterval
A duplicate registry key is in the \WINNTROOT\System32\Dhcp\Backup\dhcpcfg file
• Restore - The backup is loaded if the DHCP database is determined to be corrupt by the system at initialization. A backup can be forced by copying the backup directory contents into the DHCP directory.
• Compact - The database is normally compacted, but for NT3.51 or earlier, the JETPACK.EXE utility can be used to compact the database to improve performance. If the size is 30MB, it should be compacted. This utility is run from the \WINNTROOT\System32\Dhcp directory. The DHCP service should be stopped before running this utility.
Database files:
• DCHP.MDB - The main database
• DHCP.TMP - Temporary DHCP storage.
• JET*.LOG - Transaction logs used to recover data.
• SYSTEM.MDB - USed to track the structure of the DHCP database.
DHCP terms
• Default gateway - The gateway that clients on the subnet can or must use to access other subnets or networks.
• Domain name - The DNS name (Internet name) of your internet domain.
• Lease - The time the client may use the assigned DHCP address. Normally this is a period of time in which if the client does not use the address, it is made available to the address pool for another client to use.
• Scope - A range of IP addresses in a subnet.
• Global options - IP configuration settings that apply to the entire network (all scopes the DCHP server manages).
• Scope options - IP configuration settings for a particular subnet including the IP address of the router (default gateway) and the available IP range to be used by the DHCP server for this particular subnet.
DHCP Client Configuration
If changing from static IP mapping to DHCP mapping, a reboot is not required. If changing from DHCP mapping to static IP mapping a reboot is required for the IP address to be effective.
Tools
IPConfig options:
• /all - Shows much configuration information from local hostname, IP address, subnet mask to DHCP server and WINS server address and lease dates. It will display an IP address of 0.0.0.0 and DHVP address of 255.255.255.255 if the DHCP attempt was unsuccessful.
• /renew
• /release
IPConfig is used with Windows NT and 2000 systems. Winipcfg is used with windows 9x systems.
Windows 2000 DHCP Installation and Configuration Issues
The first Windows 2000 DCHP server must be a domain controller. DHCP services must be on a member server or domain controller. Rogue (additional non domain controller) DHCP servers must be authorized in Active Directory. The DHCP Inform message is used to detect rogue DHCP servers.
When upgrading a DHCP server from Windows NT to Windows 2000, it is converted to the Windows 2000 format. This stops the DHCP service until done and may use much disk room. The DHCP database cannot be converted back to the NT format.
When DHCP is installed, the DHCP MMC snap-in is installed. This can be accessed from administrative tools. and is called "DHCP command".
Windows 2000 clustering services allow redundant DHCP servers to provide DHCP fault tolerance with one acting as primary and the other acting as a backup.
Windows 2000 DHCP can update DNS A and PRT records dynamically. This can be done is Windows 2000 from the DHCP Manager in administrative tools, by right clicking on the DHCP server or scope and selecting "Properties". There are three tabs:
• General
• DNS - Can check a checkbot to "Automatically update DHCP client information in DNS". One of "Update DNS only if DHCP client requests" or "Always update DNS". Other checkbox options are "Discard forward (name to address) lookups when lease expires", and "Enable updates for DNS clients that do not support dynamic update".
• Advanced
Helpful DHCP System Monitor Counters
• Declines per second - Indocates a conflict of Ip addresses if this is high.
• Packets received per second - Indicates how busy the server is with the network.
• Requests per second - If this number is high, the lease time may be too short.
APIPA
Windows 98 and later systems support Automatic Private IP Addressing (APIPA) for small networks addressed with the network address 169.254.0.0. If more than 25 clients, DHCP should be used. If a APIPA server detects a DHCP server, it will discontinue services.
BOOTP
BOOTP or the bootstrap protocol can be used to boot diskless clients. An image file is sent from the boot server. The image file contains the image of the operating system the client will run. DHCP servers can be configured to support BOOTP or the BOOTP server may be a separate server. CommonBOOTP options include:
• Subnet mask (1)
• Router (3)
• Name Server (5)
• Computer Name (12)
• Domain name (15)
• WINS server (44)
• NetBIOS node type (46)
• Additional options (55)
• SMTP server (69)
• POP server (70)
• Boot image server, type and path