By default Fortigates come with all their LAN interfaces on a hardware switch. You might want to change this so you can use these as seperate interfaces

  1. Delete all the policies attaches to the LAN network
  2. Removed DHCP from the Lan Network

Next in CLI run the below

configure system virtualswitch

delete lan
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
 
Enabling vCenter Server Data Collection
 
To enable vCenter Server data collection:
1.Connect to the vCenter Server.
2 In the Administration menu item, selectvCenter Server Settings  The vCenter Server Settings dialog is displayed.
3. Select Statistics.

 
4. Make sure that the Statistics Level value for all interval durations up to and including the one day duration is at least 2. If any of the durations have a value less than 2, do the following, starting with the smallest interval:
a) Select the interval and clickEdit
b) Change Statistics Level to Level 2
c) Click OK

 
5. Repeat step 4 for all the values up to and including the 1 day interval duration.
6. Click OK and wait for at least a day before using the aggregate usage data. Collecting Data Characteristics for VMs
You can collect data characteristics for the virtual machines in a VPG in one of the following ways:
 
Via vSphere Client console performance statistics.
 
By running a script to collect the data characteristics.
 
Note: The script samples supplied with the download, require vSphere PowerCLI and permissions to access the vCenter Server using the script.
 
8 By using operating system performance monitors, such as the Microsoft Performance Monitor utility for Windows operating systems or the iostat command for Linux operating systems. Collect data for a minimum of one day. Collecting this information impacts on performance and therefore the collection period should be long enough to gather a true representation of usage but not too long. The first procedure described below, to collect data characteristics for the VMs via the vSphere Client console performance statistics, uses
a timeframe of one day and the second procedure, to collect data characteristics for the VMs by running a scri pt to collect the data characteristics uses a timeframe of seven days.
 
Note: When running vCenter Server versions before version 5.x, if any of the virtual machines use NFS storage, metrics for the
NFS storage are not generated by the vCenter Server. To collect data characteristics for the VMs via the vSphere Client console performance statistics:
1. In the vSphere Client console select the VM and open the Performance tab.
2. Click Advanced
3 . Click the Charts Options link. The Customize Performance Chart dialog is displayed.

4. In Chart Options , drill-down in Disk and select Past day
5. In Counters , click None to clear all the selections and then select Disk Write Rate or Write Rate
6. Click OK
 
9 A chart similar to the following is generated:

Use the chart for the average write rate of the VM.
To collect data characteristics for the VMs via a script:
Note:
The following script and the samples supplied with the download, require vSphere PowerCLI and permissions to access
the vCenter Server using the script.
 
Run a script similar to the following:
 
$report = @()
Get-VM | %{
$stats = Get-Stat -Entity $ -Stat disk.write.average -Start (Get-Date).adddays(-7) –
ErrorAction SilentlyContinue
if($stats){
$statsGrouped = $stats | Group-Object -Property MetricId
$row = “” | Select Name, WriteAvgKBps, WriteAvgMBps
$row.Name = $_.Name
$row.WriteAvgKBps = ($statsGrouped |
where {$_.Name -eq “disk.write.average”} |
%{$_.Group | Measure-Object -Property Value -Average}).Average
$row.WriteAvgMBps = $row.WriteAvgKBps/1024
$row.WriteAvgKBps = “{0:N2}” -f $row.WriteAvgKbps
$row.WriteAvgMBps = “{0:N2}” -f $row.WriteAvgMBps
$report += $row
}
}
$report | Export-Csv “C:\ZertoOutput.csv”
 
 
 
 
Note: If you want a value other than seven days, change the value of the adddays() function. For example to collect data
for three days, use adddays(-3)
 
Use the resulting file, C:\ZertoOutput.csv , for the average write rate of the VM.
Note: Versions of this script are included in the download with this document
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
You can collect data characteristics for the virtual
machines in a VPG in one of the following ways:
 
  • By using operating system performance monitors, such as the Microsoft Performance Monitor utility for Windows operating systems or the iostat command for Linux operating systems.
  • By using Windows PowerShell in Windows Server 2012 to collect network utilization (and other information). When using metering ACLs, you can measure the total network traffic sent and received by a virtual mach ine. To collect performance characteristics for the virtual machines in a VPG, using PowerShell, do the following:
 
Turn on resource metering for the relevant virtual machines, if it is not already enabled
Adjust the collection frequency, if necessary.
 
Collect the relevant statistics. Zerto recommends that you collect data for a minimum of one day. When you have enough statistics, you may want to turn off resource metering since data collection can impact performance.
 
Turning on Resource Metering 
By default, resource metering is not enabled. To turn on resource metering for one virtual machine, enter the following
PowerShell command:
 
Get-VM <VM-name > | Enable-VMResourceMetering
 
To turn on monitoring for all virtual machines on a server at one time, enter the following PowerShell command:
 
Get-VM | Enable-VMResourceMetering
 
Once you enable resource metering, Hyper-V begins to collect data. You can reset metering at any time, which discards the data that has been collected up to that point.
If resource metering is enabled but no NetworkAdapterAcls are configured, Hyper-V configures them to measure total network traffic. To measure network traffic throug h an IP range, configure the NetworkAdapterAcls for the IP range before runningEnable-VMResourceMetering
.
Adjusting the Collection Frequency
By default, the collection frequency is once every hour. You can change the collection frequency, but understand that datacollection can impact performance. To change the
collection frequency, enter the following command:
 
Set-VMHost –ComputerName <host-server-name> -ResourceMeteringSaveInterval <HH:MM:SS>
 
The collection frequency is always set at the host server level.You cannot adjust the collection frequency per virtual machine
.For example, if you enter 01:30:00, resource consumption will be ollected every hour and a half.
 
Collecting and Viewing the Relevant Statistics
To view resource usage for one virtual machine, enter the following command:
 
Get-VM <VM-name> | Measure-VM
 
Resource metering data can be displayed for all of the virtual machines that are running on a host. To see data for all of thevirtual machines on a host, enter the following command:
 
Get-VM | Measure-VM
 
You can configure PowerShell to display only certain statistics. To do this, you must know the object names that PowerShell
assigns to each statistic. You can see the object names by entering the following command:
 
Get-VM | Measure-VM | Select-Object *
 
For example, when working with Zerto Virtual Replication, you are interested in network traffic.To list the network traffic foreach virtual machine, enter the following command:
 
Get-VM | Measure-VM | Select-Object VMName, NetworkMeteredTrafficReport
 
You can use VM Network Adapter ACLs to measure network activity to and from a specific network. For example, to meter
network traffic for a special subnet or IP address:
 
Add-VMNetworkAdapterAcl -VMName <VM-name> -Action Meter -RemoteIPAddress 10.10.0.0/16 -Direction Outbound
 
Turning off Resource Metering
To disable the collection of performance statistics, enter the following PowerShell command:
Disable-VMResourceMetering -VMName <VM-name>
 
 
 
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

When trying to access another user Onedrive via the Admin portal of 365 , the new gui shows

“Loading Access Link” and no link is shown 

The old Classic view you cannot click on the Access Files

 

This is due to the Administrator not have an Office 365 License , make sure one is assigned to get access to the App ( onedrive ) 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Naviate to your DeploymentShare and Open up the Task Sequence in the Control Directory

C:\DeploymentShare\Control\TaskSequence1

Open 

Unattend.xml 

Search for AdministratorPassword in this file

You should see the password in plaintext

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Trying to diagnose an issue of a reason why an NPS server would not let a user in and come back with Access-Reject produces the following Reason in the event log

An NPS extension dynamic link library (DLL) that is installed on the NPS server rejected the connection request.

I recommend uninstalling the NPS Extension for Azure MFA Plugin 

Retrying the access which should give you some better reason in the event log e.g. The RADIUS request did not match any configured connection request policy (CRP).

Once this is fixed you can reinstall the Plugin and re-authenticate it

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently I was trying to hide the password 2 field on a netscaler box due to Azure MFA Radius.

The netscaler was brining back the error : Expression syntax error [ount= + “1^”), Offset 15] 

It looks like there is syntax errors on guides online , the expression should be

 

(“pwcount”= + “1”)

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently trying to setup a secondary virtual server for Citrix , on login the following prompt was displayed

Http/1.1 Internal Server Error 43531

Make sure your Virtual Server has session policies bounded : https://www.carlstalhood.com/category/netscaler/netscaler-12/netscaler-gateway-12/#bind

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Microsoft changed the signing of update packages for Windows 7 and Windows Server 2008 R2 devices on the August 2019 Patch Day for the first time. The company signs packages only with SHA-2 since August 2019; it signed them with SHA-1 and SHA-2 previously but decided to drop SHA-1 because of known weaknesses.

 

To sort out this issue, install the following patches in order (ideally reboot after installing each) and then patch your servers successfully:

https://support.microsoft.com/en-us/help/4490628/servicing-stack-update-for-windows-7-sp1-and-windows-server-2008-r2

https://support.microsoft.com/en-us/help/4474419/sha-2-code-signing-support-update

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)