Audit GPO Changes
Audit GPO Changes KB ID 0001920 Problem If you are reading this your either replanning ahead (bravo!) or there’s been an incident that you are concerned about. If that is the case its important to remember that “you cannot audit retrospectively”* *Note: you can find out when GPOs were altered, but not by whom, with some simple PowerShell i.e. Get-GPO -All | Select-Object DisplayName, ModificationTime Group Policies are...
Windows – Firewall Group Policy
Firewall Group Policy KB ID 0000979 Problem For everyone who simply does not disable the Windows firewall, then you need to be able to manage what ports are open on your machines. The simplest way to do this is via firewall group policy. This week I had to open TCP port 9503 on the local firewall of my McAfee Move Offload Servers. Below I will open that port on all my machines, but in production I will only apply the GPO to...
Server Manager Error
Server Manager Error KB ID 0001915 Problem I needed to add a role to a Window server today, but when I attempted to do so I got the following error. The request to list features available on the specified server failed. Solution : Server Manager Error This one had me perplexed for a while, I close this dialog box and was looking at Server manager and noticed there was an error ‘large red flag’ so I clicked that and got...
Updating Domain Computer Objects with Last Logon and Machine Information
Last Logon KB ID 0001340 Problem I can’t really take the credit for this, I was at a client’s site a few weeks ago, and they were doing this. I thought ‘That’s cool, I’ll have a play with that when I get the chance”. Essentially, you update the description of the Computer object(s) in AD so that they list; The last user who logged on. What time they logged on. What AD ‘Site’ the machine...
Remote Desktop Services – Connection Errors (RDP Errors)
RDP Errors KB ID 0001132 Below is not an exhaustive list of connection errors, it’s just a some things that have tripped me up. If you have a nasty error that you have fixed, feel free to drop me a line, send me some screenshots and the fix, and I’ll add them as well. RDP Errors: General Errors RDP An internal Error Has Occurred This is seen a lot on Windows 11, it’s because of a bug where RDP fails back to use UDP for...
How to track failed logon attempts in Active Directory
Track failed logon KB ID 0001209 Problem If a large number of failed logon attempts occur within a certain period of time, it could be an indication of a security threat, which is why it is important that organisations have a proactive means of auditing and monitoring whenever this happens. There are a number of ways you can perform this audit, one of which is using the native tools. Here, we will take you through the steps so that...
Enable Javascript
Enable Javascript KB ID 0001133 Problem I had just built a Windows Server server, and needed to download some updates. When I went to Microsoft to get them This is what I got; Javascript is disabled Please enable javascript and refresh the page. The message “JavaScript is disabled. Please enable JavaScript and refresh the page.” usually appears on websites that require JavaScript to function properly. Here’s how to...
Disable Lock Screen
KB ID 0000965 Problem Note: This is for older versions of Windows Server, you may want to go to the following article. Windows – Disable the ‘Lock Screen’ Firstly, the lock screen is there for a valid security reason, so I would not advocate doing this on a production network. But on my test network when I’m jumping between multiple servers all the time, it’s annoying to have to press CTRL+ALT+DELETE and tap the password...
Windows Server – Enable Flash
Enable Flash KB ID 0000978 Problem Note: For Server 2016, the process if different, see; Windows Server 2016: Enable Flash I upgraded my VMware vCenter server to 5.5 last week, and as soon as I tried to open the vSphere Web Client, I got a polite message asking me to install flash. I headed over to Adobe to download and install it, and was told that from IE10 it had already installed simply ‘enable the add-on’. Well...
Setup up a Central ‘PolicyDefinitions’ Store (for ADMX files)
PolicyDefinitions KB ID 0001339 Problem We have had ADMX files for group policies for ages now, they are the successor to the older ADM files. They only really trip you up if you have something unusual to do, (like roll out LAPS, or Forefront, or Customising Office Deployments.) In most cases you will want to have a central store in your Windows domain, so the clients can see the ADMX files, (and ultimately enforce the policies...