If you want to create an NLB on Windows 2008 R2 Hyper-V, you will notice that all previous blog posts around this topic will do you no good.. Although you can setup the NLB, network traffic will halt no matter what you do.. change the mac to static, revert it back etc etc.. seems Hyper-V version […]
So.. been busy lately.. but here’s a new topic.. Windows 2008? R2? Kerberos? No.. it’s scripting..
I had a customer who wanted to extract information from AD by a custom application. Offcourse we could open port 389 and have them extract the info.. but perhaps it would be easier to just query the Global Catalog (if the info you want is in there)..
Perhaps you dear readers want to know more about a specific thing? Take the poll .. and I will see what I can do 🙂
When using GPP’s to map drives, some of you will notice that some drives are not correctly mapped on the clients. Some users will receive other network mappings (they “sort of” never heard of before) and some network connections are there, but will not be re-attached (device name is already in use).
So you have implemented Active Directory 2008 .. I hope you did some investigation in backup/restore and offcourse you must update your disaster recovery documentation now.. to help you on your way Microsoft has released a new whitepaper on Forest Recovery for Windows 2008… read before and while fixing your AD.. (preferably before ) http://www.microsoft.com/downloads/details.aspx?familyid=326C8A7A-DCAD-4333-9050-A6303FF3155C&displaylang=en
When you try to install an MSI through an RDP connection you could get the “Windows Installer does not permit installation from a Remote Desktop Connection” dialog. Everyone seems to think that the \tsclient<drive> is a regular network share.. but it is not!.. it’s a software feature of Terminal Services service. However, if you find yourself in the position where you must use the mapped drives for installing software, either copy the software first, or map the \tsclient<drive> first.
If you want to implement iSCSI it’s best to keep the normal network traffic and the iSCSI traffic apart from each other. And that usually means buying a 2nd switch capable of reaching high speeds and jumbo frames. Off course for production systems I recommend spending a few bucks.. however if you only want iSCSI in you lab, there are easier ways of creating a switch!.
As many may have seen, the Administrator account has some special privileges. It can logon to a workstation/server when no Global Catalog is available and it can always logon. Well seems that always is not entirely true. Just as a regular account the Administrator account gets locked when the password attempts reach the limit as […]
When introducing the Group Policy Preferences in your organization, you need to make sure all your systems have the Client Side Extensions software installed. This CSE package can be distributed by WSUS but can also be deployed separately. But for GPP to work you must also have XMLLite installed if your IE version is below 7.
While browsing I stumbled upon a nice video explaining the trick the get a command prompt during the loginscreen of a user.. and that command prompt is in the system security context. They say physical access is full access and without bitlocker they are right.. take a look at the short video below.. http://www.offensive-security.com/movies/vistahack/vistahack.html