Windows File Server Migration (Maintain Share & NTFS Permissions)
KB ID 0001201 Problem When attempting a File Server Migration why isn’t this better publicised? Did you know Microsoft have a set of Migration tools, and one of them is for file servers? Now traditionally I’d use RoboCopy or XCopy to migrate files and folders, and for ‘User Profiles’ I would normally back them up, and restore them to the new server. This is because the file permissions on ‘correctly...
Domain Join SID Error
KB ID 0001732 Problem Thankfully I don’t see a SID error very often these days; The following error occurred when attempting to join the domain ‘{domain-name} The domain join cannot be completed because the SID of the domain you attempted to join was identical to the SID of this machine. This is a symptom of an improperly cloned operating system install. You should run Sysprep on this machine in order to generate a new...
Migrate From Server 2012 to Server 2019 Domain Controllers
KB ID 0001731 Problem I get asked about this quite a lot. In the past most of the queries were about moving from Server 2008 to Server 2019, if that’s what you are after then simply go here. This article is purely for the introduction of, and migration to Windows Server 2019 Domain Controllers. And it assumes your current domain controllers are Windows server 2012 (or 2012 R2). Adding a Server 2019 Domain Controller Once you...
FortiGate: SSL Inspection (HTTPS Inspection)
KB ID 0001729 Problem Do you inspect the traffic on your network? You have a firewall? Maybe an IDS appliance? That’s good news, do you inspect HTTPS traffic? In most cases the answer is no. Because either you do not have the capability, or enabling SSL Inspection will degrade the firewall’s performance so much that you accept the risk. At time of writing (Early 2021) it’s estimated that 85% of all web traffic is now...
The Web Site for the CA Must be Configured to use HTTPS
KB ID 0000838 Problem When attempting to contact a server running the Certification Authority Web Enrolment role, you may see the following error. In order to complete certificate enrolment, the Web site for the CA must be configured to use HTTPS authentication Solution The correct fix is to set the web server (IIS) to serve the certificate website securely using https, though you can just set Internet explorer to ‘work’...
EVE-NG: Create Windows Server 2019 VM
KB ID Article Problem I’ve had a Windows 2012R2 server image that I’ve ben using in EVE-NG for ever. This week it bit the dust so I thought, can I deploy a shiny new 2019 server? EVE-NG Windows Virtual Machines Yes! In fact the deployment procedure is the same for 2019 as it was for earlier versions of Windows server. First log onto your EVE-NG host and create the folder; mkdir /opt/unetlab/addons/qemu/winserver-2019/...