Windows – Firewall Group Policy
Firewall Group Policy KB ID 0000979 Problem For everyone who simply does not disable the Windows firewall, then you need to be able to manage what ports are open on your machines. The simplest way to do this is via firewall group policy. This week I had to open TCP port 9503 on the local firewall of my McAfee Move Offload Servers. Below I will open that port on all my machines, but in production I will only apply the GPO to...
Windows Displaying a Logon Notice (legal notices)
Logon Notice KB ID 0000328 Problem It’s been a while but when I was asked my notes were seriously out of date .Should you with to enable this feature then do the following. Solution : Logon Notice Logon Notice Option 1 – via Domain Policy 1. On a domain controller, Start > administrative tools > Group Policy Editor > Either edit an existing policy or create a new one (Remember its a computer policy you need to...
Windows 11 Bypass Microsoft Account Requirement
Bypass Microsoft Account Requirement KB ID 0001916 Problem Microsoft have been pushing for you to have a Microsoft account to login to windows for some time, originally you could open a shell window and use the oobe\bypassnro command, then they stopped that, but you could still add a registry key to bypass the requirement. But now there’s a much simpler way. Solution : Bypass Microsoft Account Requirement Some site...
Red Hat – Disable DNS Recursion (BIND)
Disable DNS Recursion KB ID 0000981 Problem I got a Tweet, to say the site was down. I checked and the VPS was off-line? So I powered it on and waited a few minutes. Linux is not one of my strongest technical areas so I did some Googling about what logs to check etc. When I looked in the var/log/messages log it was full of these, up to the point where it went down; Aug 7 03:51:52 MY-HOSTNAME named[490]: error (unexpected RCODE...
Cisco ASA – VPN Reverse Route Injection With OSPF
Reverse Route Injection KB ID 0000982 Problem Reverse Route injection is the process that can be used on a Cisco ASA to take a route for an established VPN, and populate/inject that route into the routing table of other devices in it’s routing group. In the example below, on the main site, we have a Layer 3 switch that’s routing all the 192.168.x.x networks, and we have an established site to site VPN to a remote site. To...
Cisco ASA Remote Management via VPN
ASA Remote Management KB ID 0000984 Problem It’s been ages since I has to do this, I usually just manage firewalls via SSH from outside. But I was out on a client site last week and needed to connect to to my ASA, so I simply connected in via AnyConnect; Note: The same procedure is applicable if you are an IPSEC VPN client, L2TP VPN client, or simply coming in over a site to site VPN link. And attempted to SSH, no joy, I tried...
%Error copying system:/running-config
%Error copying system KB ID 0000987 Problem I love GNS3, it is a brilliant piece of software, I use it for bench testing and proof of concept work. Yes is can be a bit clunky sometimes, but it’s FREE! I had a project open with about four ASA’s on it, and it would not save the config on just one of them. HostName(config)# copy running-config startup-config Source filename [running-config]? Cryptochecksum: fdf42190 76959bba...
Server Manager Error
Server Manager Error KB ID 0001915 Problem I needed to add a role to a Window server today, but when I attempted to do so I got the following error. The request to list features available on the specified server failed. Solution : Server Manager Error This one had me perplexed for a while, I close this dialog box and was looking at Server manager and noticed there was an error ‘large red flag’ so I clicked that and got...
Windows: ‘Trust Relationship Failed’
Trust Relationship KB ID 0000504 Problem Seen on Windows clients in a domain environment. The trust relationship between this workstation and the primary domain failed What’s Happened? Put simply, just like you have a password for your user account, the computer you log onto also has a password (you just never see it), it gets reset (by default) every thirty days, and all this runs in the background. For a lot of different...
Updating Domain Computer Objects with Last Logon and Machine Information
Last Logon KB ID 0001340 Problem I can’t really take the credit for this, I was at a client’s site a few weeks ago, and they were doing this. I thought ‘That’s cool, I’ll have a play with that when I get the chance”. Essentially, you update the description of the Computer object(s) in AD so that they list; The last user who logged on. What time they logged on. What AD ‘Site’ the machine...