Windows – Firewall Group Policy
Firewall Group Policy KB ID 0000979 Problem For everyone who simply does not disable the Windows firewall, then you need to be able to manage what ports are open on your machines. The simplest way to do this is via firewall group policy. This week I had to open TCP port 9503 on the local firewall of my McAfee Move Offload Servers. Below I will open that port on all my machines, but in production I will only apply the GPO to...
Updating Domain Computer Objects with Last Logon and Machine Information
Last Logon KB ID 0001340 Problem I can’t really take the credit for this, I was at a client’s site a few weeks ago, and they were doing this. I thought ‘That’s cool, I’ll have a play with that when I get the chance”. Essentially, you update the description of the Computer object(s) in AD so that they list; The last user who logged on. What time they logged on. What AD ‘Site’ the machine...
How to track failed logon attempts in Active Directory
Track failed logon KB ID 0001209 Problem If a large number of failed logon attempts occur within a certain period of time, it could be an indication of a security threat, which is why it is important that organisations have a proactive means of auditing and monitoring whenever this happens. There are a number of ways you can perform this audit, one of which is using the native tools. Here, we will take you through the steps so that...
Take Ownership and Grant ‘Full Control’ Recursively
Take Ownership KB ID 0001200 Problem I had a bunch of old user profile folders I needed to delete today, When setup properly even the domain administrator can’t get in there and delete them; You need permission to perform this action. You don’t currently have persmission to access this folder If it’s just one folder then simply take ownership, grant yourself rights and delete it! But I had a lot of folders so I...
Disabling IPv6
Disabling IPv6 KB ID 0001832 Problem Stop! Why do you want to disable IPv6? I see this regularly in forums, with other unusual statements like “If you’re not using it disabling it” or “It’s just another attack vector, disable it.” Well unless you’re running Windows XP and Server 2012 you’re using IPv6. If something does not work and disabling IPv6 fixes it, then it’s usually...
Windows Update Error 80072EFE
80072EFE Error KB ID 0001801 Problem Seen on versions of Windows built from ‘older’ versions of the install media, when attempting to check for updates you may see. Error(s) food: Code 80072EFE Windows update ran into a problem 80072EFE Update Error Resolution At first (because it was a newly build machine.) I thought the problem was incorrect Time zone, Time, or Locale. But thats NOT the problem, you’re stuck in a...
Windows Server: Disabling SSL 3.0, TLS 1.0, and TLS 1.1
KB ID 0001675 What are these protocols? Both SSL and TLS are cryptographic protocols designed to secure communications over a network (remember the internet is just a network). Originally we had SSL version 1 and version 2. But they were, (to be honest) ‘a bit bobbins’ and full of security holes, so never really took off. Version 3 however did and was widely supported. The problem with version 3 was, (again) that was also ‘bobbins’....
Windows – Find your ‘Uptime’
KB ID 0000552 Problem There are lots of reasons you might want to know your PC/Servers uptime, to make sure a client has rebooted a server (like you asked them to), or to see if a server has had a BSOD and rebooted overnight, etc. Check Uptime with Task Manager You can get your uptime from the Task Manager’s “Performance” tab. To launch Task Manger Start > Run > Taskmgr.exe {enter}. or Press CTRL+SHIFT+ESC, or...
PowerShell: Find Computers Last Logon Date
KB ID 0001612 Problem I had to find the last time a particular server had logged on for a client the other week, so we knew for sure it was dead! Solution The two commands you may need are; Locate Servers Last Login Time Get-ADComputer -Filter {OperatingSystem -Like ‘*SERVER’} -Properties lastlogondate,operatingsystem | Select name,laslogondate,operatingsystem Locate Clients Last Login Time Get-ADComputer -Filter...
Windows Adding Firewall Rules With PowerShell
KB ID 0001538 Problem There was a question on Experts Exchange this morning, the asker wanted to be able to add a ‘Trusted’ network range to their Windows Server Firewall settings as a ‘allow all ports’ rule. Solution You can of course add this manually in the GUI, normally I’d simply Add a Firewall Rule with a Group Policy. but the problem with that is, that’s fine if you want to open a particular...