Active directory keeps a log of the last time a domain user has authenticated to the domain (from server 2000 onwards) , the drawback with 2000 is that this value didn’t replicate so you had to query each domain controller and cobble the results together.
After 2003 this value was replicated (after convergence,) to all domain controllers.
Solution
Update Here’s a much better way of showing who logged on last, on a computer-by-computer basis.
There are various scripts that will do this for you, but the best way of finding your users last logon time is to run ADTidy.
Run this on a domain controller and it will list your domain users, the last time they logged on, (and what DC authenticated them).
Note: If you have mobile devices (e.g. phones picking up Exchange mail) these events will be logged as well, so don’t panic if you see authentication events at odd times.
In addition this software will also let you disable/delete inactive accounts, and export the details to CSV file.
Related Articles, References, Credits, or External Links
I saw this while attempting to create a remote desktop connection to a Windows 2012 Server. (Though connecting to Windows 8 will be the same).
I’d only just set this server up, and knew I’d enabled RDP, and I was attempting to connect as the domain administrator, so at first I was a little perplexed.
Solution
If you have direct/local access to the machine you are trying to connect to.
1. Press Windows Key+R > In the run box type sysdm.cpl {enter} > Remote.
2. Remove the tick from “Allow connections only form computers running Remote Desktop with Network Level Authentication (recommended)”.
3. Try again.
If you do not have direct/local access to the machine you are trying to connect to.
1. On YOUR Machine > Windows Key+R > type regedit {Enter} > File > Connect Network Registry > Type in the details for the machine you are trying to connect to > OK.
2. Navigate to;
[box]
{remote-machine-name} > HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > Terminal Server > WinStations > RDP-Tcp[/box]
Locate the UserAuthentication value and change it to 1 (one) > OK > Exit the registry editor.
3. Try again.
Disable RDP Network Level Authentication via Group Policy
If the destination server is in a remote data centre or remote location, and you cannot access the System Properties, you can turn this option off with group policy, and wait a couple of hours.
1. On a DC > Start > Group Policy Management > Either create a new group policy object and link it to the OU containing the problem machine, or edit and existing one. (Here on my test network I’m going to edit the default domain policy – WARNING this will disable this feature on all machines in a production environment!
3. Locate the ‘Require user authentication for remote connections by using Network Level Authentication’ policy.
4. Set the policy to Disabled > Apply > OK > Close the Group Policy Management Editor.
5. How long before the Group Policy will affect the target machine? Group policies are processed when a machine starts up, after this they are processed again, (only if they have changed), the time period varies (so all clients do not update at the same time). The interval is 90 minutes, with a random offset off 30 minutes. So the maximum time it can possibly take is 2 hours (120 minutes). Note: this is the default setting, it can be manually changed up to (45 Days) 64,800 minutes, (though why would you do such a thing?)
I don’t have many clients left that still have Exchange 2003, so this will probably be the last time I have to do this (famous last words).
Exchange databases NEVER get smaller, if you delete information out of them, it simply creates white space, that Exchange will reuse, (so they will steadily grow in size). Before you carry out this procedure, get your users to clear down their mailbox’s. Also delete/purge any unused mailboxes, this will make your defrag more efficient.
Solution
In my case the server the database was on was short on drive space. Remember you need 110% of the size of the database free space to carry out this procedure (so a 50GB database needs 110GB of free space to defragment). I did this with an external USB Drive.
Note: Moving large databases to USB media can take a while, at USB 2 Speed (48MBps (480Mbps)) took about 45 minutes to copy the database files to it.
1. You don’t need to to do this but, locate where the log files for this database are being stored, because in a minute we are going to take a copy (just in case). Right click the storage group the database is in > Properties > General > Transaction log location.
2. Now for the database itself, right click the Mailbox Store (or public folder database if that’s the one you are going to defrag) > Properties > Database > Exchange databases.
3. On my external drive I’ve created two folders, one holds the original untouched database files and the logs, the other (EDB_Files) holds a copy of the priv1.edb and priv1.stm files for the mailbox database that I’m going to defragment.
4. Eseutil.exe lives in the Exchange program folder in the bin directory, change to that directory;
[box]
cd “c:Program FilesExchsrvrbin”
[/box]
Now if we simply run eseutil on the database, it will create a temporary database on the C: drive, which I don’t want (remember we are tight for drive space). So I will specify where the temp database will be, and start the defragmentation.
[box]
eseutil /d {Path to the Database} /t {Path to the temp Database}
e.g.
eseutil /d H:EDB_Filespriv1.edb /t H:EDB_FilesTempDB.edb
[/box]
How long will eseutil take? That’s a horrible question to answer, it depends on the CPU/memory of the server, and the size of the database itself. in this case it was a 70GB Database, on an HP G4 Series server, it took 11 hours and 6 minutes (approx).
5. When done it should say it has completed successfully.
6. You can now delete the original EDB and STM files from the Exchange Server.
7. Then copy and paste your defragmented versions back into the original folder.
8. You can now mount the mail store(s).
9. Finally make sure you get a full backup of the Exchange database, (with some Exchange aware backup software).
Related Articles, References, Credits, or External Links
I installed one of these a couple of weeks ago, and there’s some good documentation with the module itself so installing it into the UPS and giving it an IP address was easy, getting the right client software to talk to it was a pain.
Solution
Configure the Network Module
1. Physically install the module in the UPS, it’s fixed with two screws and you can install it with the UPS powered on.
2. It takes a while for the card to boot, pop in the console cable that came with it (into the Settings/AUX socket – see above). Fire up PuTTy and connect via serial.
Note: Standard Serial Settings,
Bits per second—9600
Data bits—8
Parity—None
Stop bits—1
Flow control—None
3. The default password is ‘admin’
4. Use the menus presented to change the IP details, you MUST restart the module when you are finished or the IP address WONT change.
5. Once its rebooted (again this takes a while) you can login with a web browser, (username admin password admin).
Configure the Client Machines.
1. Download HP Power Protector, (Note: there is no client and administrator software any more, this software will do BOTH. The network module has the administration software built in).
2. Install the software on your machine, and login (again username admin password admin).
3. Select client > Save.
4. Select the Device Discovery tab. The software usually detects the network module on its own quite quickly, if it does not you can use the options on right to do a scan.
Ports Required for HP UPS Network Module
If you are connecting through a firewall (or you machine has a software firewall), make sure the following six ports are open.
5. When it’s fully detected, select the network module and select ‘Configure power source’, supply the login credentials for the network module, and the load segment the machine is plugged into (see below) > Save.
6. Back in the web console of the network module > Open ‘Notified Applications’ and in about 5-10 minutes your server should appear.
Related Articles, References, Credits, or External Links
I needed to get the Uptime/Duration of a particular VPN tunnel this week. It was for a client with multiple VPN tunnels that was having problems with just one.
Solution
Option 1 via Command Line
1. Connect to to the firewall > Go to enable mode and use the following command, replace 123.123.123.123 with the IP of your VPN endpoint.
[box]
PetesASA>
PetesASA> enable
Password: ********
PetesASA# show vpn-sessiondb l2l filter name 123.123.123.123 | incl Duration
Duration : 0h:08m:26s <<<<<<<
PetesASA#
[/box]
If you want a LOT MORE information use the following command;
[box]
PetesASA# show vpn-sessiondb detail l2l filter name 123.123.123.123