Recently I used the  latest version of ASR Deployment Planner (released on Jun/2020) to scope Auzre costs for a customer , however the ASR brought error trying to sync a VM with 6tb drive size 

Ever since 9.26 of ASR , a 8TB has been support

I logged a support query with Microsoft 

“So 8 TB support is not added in Deployment Planner of V2.52. PG has created a work Item for this improvement.”

So its 8tb!

GD Star Rating
loading...
GD Star Rating
loading...

Recently had a friend who bought a TPLINK VR1600v to extend her existing wifi , the router doesn’t have Access Point mode so you need to put this  in a double NAT setup

  1. Change the router IP from 192.168.1.1 to 192.168.2.1
  2. Plug the WAN port of the VR1600v into the LAN port of your existing router
  3. Change Wireless Settings 
GD Star Rating
loading...
GD Star Rating
loading...

Recently cut over a domain from an old 365 tenant to a new one, upon trying to add the email account to outlook was visit with the error

 

The old account had been enrolled in Intune here

Removing the old account here , I tried to enroll the new account however I got an enrollment message pop up , this something happens due to old enrollment data getting stuck

Delete ( or clear as much as you can from the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments ) then try again

 

 

What fixed it

  • Sign out of the Account in Office
  • De-Register the Machine from AAD (Settings -> Work and School Accounts)
  • Delete all of the AAD certificates in the User’s Personal Certificate Store
  • Reboot

Note if you try and sign in to Office at this point, you will get a modern auth prompt but never get asked for a password

  • Re-Register the Machine with AAD
  • Re-License Office
  • Outlook and Autodiscover tests will now work

 

GD Star Rating
loading...
GD Star Rating
loading...

The process below is how to re-register Vmware Update Manager

cd /lib/vmware-updatemgr/bin

mkdir backup

cp -p extension.xml backup/

cp -p vci-integrity.xml backup/

cp -p jetty-vum* backup/

Now go ahead and finish the failed registration with this command:

/usr/lib/vmware-updatemgr/bin/vmware-vciInstallUtils -C /usr/lib/vmware-updatemgr/bin/ -L /var/log/vmware/vmware-updatemgr/ -I /usr/lib/vmware-updatemgr/bin/ -v <your vCenter FQDN> -p 80 -U [email protected]<your SSO domain> -P <password> -S /usr/lib/vmware-updatemgr/bin/extension.xml -O extupdate

Upon running the above, I got an error saying it didn’t like the password , I had to put it in single quotes

chown updatemgr:updatemgr vci-integrity.xml

service-control –start vmware-updatemgr

Note: In the command above replace the information <your vCenter FQDN> with your own vcenter FQDN. 

/usr/lib/vmware-updatemgr/bin/ -v <your vCenter FQDN> -p 80 -U [email protected]<your SSO domain> -P <password>

GD Star Rating
loading...
GD Star Rating
loading...

1) Microsoft Best Practice of Leaving exchange server on-prem for management 

“With the recent Exchange vulnerabilities allowing hackers into the LAN, Exchange is just giving them another entry point. So it becomes even more important to remove any unnecessary back doors. If Microsoft would give us a way of managing the Exchange A.D attributes without needing to maintain an Exchange server on-premise, we could get rid of one more headache to patch. monitor and update.”

2) Datacenter Domain Controllers

Physical Domain Controllers
In datacenters, physical domain controllers should be installed in dedicated secure racks or cages that are separate from the general server population.

If a domain controller is configured to use software RAID, serial-attached SCSI, SAN/NAS storage, or dynamic volumes, BitLocker cannot be implemented, so locally attached storage (with or without hardware RAID) should be used in domain controllers whenever possible.

Virtual Domain Controllers
If you implement virtual domain controllers, you should ensure that domain controllers run on separate physical hosts than other virtual machines in the environment.

Even if you use a third-party virtualization platform, consider deploying virtual domain controllers on Hyper-V Server in Windows Server 2012 or Windows Server 2008 R2, which provides a minimal attack surface and can be managed with the domain controllers it hosts rather than being managed with the rest of the virtualization hosts.

You should also consider separating the storage of virtual domain controllers to prevent storage administrators from accessing the virtual machine files.

3) Secure Administrative Hosts

Administrative hosts should be configured to require smart card logon for all accounts

Physical security includes controlling physical access to administrative hosts. In a small organization, this may mean that you maintain a dedicated administrative workstation that is kept locked in an office or a desk drawer when not in use. 

GD Star Rating
loading...
GD Star Rating
loading...

1. Download the lsdoctor tool from this kb : https://kb.vmware.com/s/article/80469?lang=en_US
2. If VCSA then use Winscp to transfer the zip to vcenter appliance else in windows vc copy and paste to destination vc.
3. Follow the kb and run the trustfixer option -t : python lsdoctor.py -t 
4. Now restart the update manager service. 
5. Access the update manager tab.

GD Star Rating
loading...
GD Star Rating
loading...

Upon cloning an oracle instance, the connection to the Oracle server came back with an error

Ora-12514: Invalid Connection TNS Listener not currently know of service requested in connect descriptor

  • The listener was listening on the right port
  • Firewalls were off and client to ping server

I did change the Mac Address of the server when cloning, 

In the end I recloned and left the Mac Address’ as is and this seem to fix the issue

 

GD Star Rating
loading...
GD Star Rating
loading...