Windows Server 2012 DC Best Practice Analyzer – Protected OU’s

I'm at a customer site this week doing various best practice scans, troubleshooting, etc. and one of the tasks today was a full AD scan (security, best practice, etc.). Easily enough, this particular client only had 2 items in Best Practice Analyzer that needed fixed. In this post, we'll focus on one. How to protect all OU's from Accidental Deletion. Here's a quick PowerShell to determine what OU's are not currently protected from accidental deletion: Get-ADOrganizationalUnit -filter * -Properties ProtectedFromAccidentalDeletion | where {$_.ProtectedFromAccidentalDeletion -eq $false} | ft Now that you know what OU's need work, we can pass that into a set command to go ahead and get those OU's protected. Get-ADOrganizationalUnit -filter * -Properties ProtectedFromAccidentalDeletion | where {$_.ProtectedFromAccidentalDeletion -eq $false} | Set-ADOrganizationalUnit -ProtectedFromAccidentalDeletion $true Lastly, we can verify that…
Read More

Centos 7.6 Minimal Post Install Change

blog, Linux, Ubuntu, VMWare
I'm working on a project at a customer location this week and this particular project required me to install Centos 7+.  Being an Ubuntu guy, I kicked and moaned for about 3 whole seconds and started the install.  It went as smooth as you'd expect, however, I was greeted with no network connectivity once Centos rebooted.  Mentally, I thought it was needing VMWare drivers or something but as it turns out, I just needed to enable the network interface. vi /etc/sysconfig/network-scripts/ifcfg-<cardname> Now change ONBOOT=No to ONBOOT=Yes Then simply reboot and make sure you can get connected to the network.
Read More

Change Management IP Addresses of XenServer 6.5 in a Pool

Working for an IT consultancy, you get do do IP address migrations pretty often.  One recent migration I simply couldn't find a good resource to guide me on how to change  XenServer 6.5 Servers management address when in a pool. Here's what worked for me: SSH to all servers.  Open xsconsole and navigate to Network and Management Interfaces.  Change the management IP address.  Be sure to select the correct management interface. Note, this will cause XenCenter to lock up and drop connections to each of the servers.  All VM's "should" remaining operational during this time. SSH to new management IP's of all of the slave servers.  Update the file /etc/xensource/pool.conf to reflect the new IP address of the master.  The format should just be a single line that says slave:NEWIPADDRESSOFMASTER.…
Read More

Windows 10 USB-to-Serial adapter Woes…

Cisco, Microsoft, Windows
About 2 months ago, I had to go to a new customer site that was down and diagnose a problem.  Easy, I've done this a thousand times over the past 15 years...  Device not recognized. My USB-to-Serial adapter (no name brand off of Amazon) wasn't working.  Code 10 Error. I'm documenting this because, as infrequently as I actually use a console cable anymore, I tend to forget how to fix the issue when it arises.  2018 has been a funny year for Microsoft patching.  Seems to be a crap shoot of what will break once you apply new patches.  Windows 10 patches haven't been immune to this. Here's how I fixed it. Download the PL2303_64bit_Installer.exe Unplug the USB-to-Serial Adapter Open up the previously downloaded exe. When prompted, plug in the…
Read More

Server 2016 VM losing network connectivity on VMWare ESXi 6.5

Microsoft, VMWare, Windows
I ran into an issue recently where servers that have been running for 6+ months with normal patching/rebooting, but without issue, all of a sudden started losing network connectivity.  The icon would pop up in the tray and the server was no longer reachable.  I still don't know the underlying cause of the issue, but here's what I figured out. Thanks to this blog post, I was able to throw some commands at the box (network tuning stuff) and determine which specific command fixed the network access. Here are the commands: netsh int tcp set global chimney=Disabled netsh int tcp set global autotuninglevel=normal netsh int tcp set supplemental custom congestionprovider=none netsh int tcp set global ecncapability=Disabled netsh int ip set global taskoffload=disabled netsh int tcp set global timestamps=Disabled netsh int…
Read More