Audit GPO Changes
May25

Audit GPO Changes

Audit GPO Changes KB ID 0001920 Problem If you are reading this your either replanning ahead (bravo!) or there’s been an incident that you are concerned about. If that is the case its important to remember that “you cannot audit retrospectively”* *Note: you can find out when GPOs were altered, but not by whom, with some simple PowerShell i.e. Get-GPO -All | Select-Object DisplayName, ModificationTime Group Policies are...

Read More
Windows Certificate Services – Setup a CRL
May17

Windows Certificate Services – Setup a CRL

Setup a CRL KB ID 0000957 Problem One of the often-overlooked tasks in a Public Key Infrastructure (PKI) deployment is configuring your Certificate Services Certificate Revocation List (CRL). For smaller deployments with only one server, you don’t need to worry about complex design considerations (though a CRL doesn’t have to be hosted on a Certificate Services server). In my test environment, I have only one PKI server,...

Read More
Kodi Screen Resolution (Changing)
May15

Kodi Screen Resolution (Changing)

Kodi Screen Resolution KB ID 0001919 Problem I’ve used Kodi for years as my media library of choice, usually installed on a Firestick. Every so often, I have to reinstall it or set up a new Firestick, and each time the screen is slightly too small for the image that’s presented by default (i.e. the menus and edges of the screen cannot be seen). Every time I Google this, I find forum posts going back years, with people...

Read More
Server 2025 Network Profile Wrong After Reboot
May14

Server 2025 Network Profile Wrong After Reboot

2025 Network Profile KB ID 0001918 Problem If you have a domain controller running Windows server 2025 you may find that after a reboot the network profile changes from Domain to Public. This can cause a myriad of problems. 2025 Network Profile Group Policy Failures Symptoms: Group Policy Objects (GPOs) may fail to apply or update. Reason: The system doesn’t recognize it’s part of a domain, so it won’t retrieve policies from the...

Read More
Enabling Cisco DNS Lookup (ASA and IOS)
May13

Enabling Cisco DNS Lookup (ASA and IOS)

Cisco DNS Lookup KB ID 0000969  Problem For the most part, devices are more concerned with IP and MAC addresses, but the devices do have the ability to translate those IP addresses using DNS. Solution : Cisco DNS Lookup How to Enable Cisco DNS Lookup on  ASA As ASA is ‘My Thing’ I will start with that. 1. Connect to the ASA, log in and go to enable mode, and then global configuration mode. Type help or ‘?’ for...

Read More
Cisco Router – Configure NAT (NAT Overload)
May11

Cisco Router – Configure NAT (NAT Overload)

 NAT Overload KB ID 0000971  Problem NAT is the process of taking one or more IP addresses and translating it/them into different IP addresses. You may require your router to translate all your internal IP addresses to your public (ISP allocated) IP address. To do that we use a process called NAT Overload. Solution : Nat Overload 1. Connect to the router, and got to enable mode, then global configuration mode. PetesRouter#configure...

Read More
Cisco ASA Domain Authentication and Trust (Allowing)
May08

Cisco ASA Domain Authentication and Trust (Allowing)

ASA Domain Authentication KB ID 0000973  Problem I cringed this morning when I was asked about this, last time I had to get a client to authenticate to a domain through a firewall, it was ‘entertaining’. The problem is Windows loves to use RPC, which likes to use random ports, so to make it work you either had to open TCP ports 49152 and 65535 (Yes I’m Serious). Or you had to registry hack all your domain controllers...

Read More
VMware – Replace the ESX Certificate
May07

VMware – Replace the ESX Certificate

ESX Certificate KB ID 0000974  Problem ESXi comes with a self-signed certificate, and for most people that’s fine, but some clients want to have a ‘Trusted’ certificate on theirs, and have their own PKI infrastructure for issuing them. Below I will generate a new certificate for my ESXi server using the Active Directory Certificate Services role on Windows Server 2012. Then replace the self-signed certificate with my new...

Read More
Windows Server 2025 Trust Relationship Failures Post-Upgrade
May06

Windows Server 2025 Trust Relationship Failures Post-Upgrade

2025 Trust Relationship KB ID 0001917 Problem Following a full upgrade of all domain controllers (DCs) to Windows Server 2025, organisations may experience trust relationship failures between domain-joined workstations and the domain. This issue predominantly affects clients running Windows 10/11 versions up to 23H2. Notably, environments retaining at least one older DC do not encounter this problem. Symptoms Users unable to log in to...

Read More
Cisco ASA – Remote VPN Client Internet Access
May02

Cisco ASA – Remote VPN Client Internet Access

VPN Client Internet Access KB ID 0000977 Problem I have answered a lot of questions in forums, that are worded something like, “When I have a remote client connected to my firewall VPN they lose Internet access!” Traditionally that’s exactly what the ‘default’ remote VPN Internet  access (IPSEC or AnyConnect) gave you. To ensure your remote VPN clients can access the Internet you have two options. The...

Read More