YSK (if you don’t) about fiber optics and how they work : networking (reddit.com)

• No Comments

Workstation

Inc Windows

Interesting one, you might need to turn off abilities of customs apps to be installed

https://www.amobileattempt.com/2020/08/app-protection-policies-and-outlook-add.html

• No Comments

Recently has a user on a terminal server trying to change their login and licenses account to active Office 365. The user logged into Office , but Office came up with “couldn’t verify account”

• No Comments

AADSync installed on a domain controller running as “Auto-generated standalone Managed Service Account”

Domain controller was rebooted as part of another task then “Microsoft Azure AD Sync” couldn’t start.

Searching for the above error, no solution except reinstalling, but unfortunately no configuration details to replicate. Repair also did not fix the issue.

Digging deeper in application logs, noticed SQL errors which turned out to be the cause

SOLUTION:

Replace two files, model.mdf and modellog.ldf.

Copy from: C:\Program Files\Microsoft SQL Server\150\LocalDB\Binn\Templates

Copy to: C:\Users\ADSyncxxxxx$\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances\ADSync2019

Or

Copy to: C:\Windows\ServiceProfiles\ADSync\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances\ADSync2019

Destination varies according to installed version.

• No Comments

Change AutoScaling Group to 0

• No Comments

# config system link-monitor

 (link-monitor) # show
config system link-monitor
edit “1”
set srcintf “wan1”
set server “8.8.8.8”
next
end

• No Comments

Recently had a customer trying to connect and sync their onedrive which would fail with the error 0x8004de40

After investigation , it looks like the customer had a Telstra Router with Backup 4g , and the NBN had been cut so it had been running on 4g for a month

I’ve had this before with Onedrive where the App just doesn’t work over 4g and the customer has to use the web version , as soon as NBN was restored it worked fine!

• No Comments

Recently restricted an AWS Elastic Beanstalk App so it could only be accessed through a specific DNS host name which was routed through Cloudflare for Security

This parameter is located in archive.xml in \site_content\archive.xml

<binding protocol=”http” bindingInformation=”*:80:subdomain.domain.com” sslFlags=”0″ MSDeploy.sslFlags=”1″ />

• No Comments

Software Assurance

 License Mobility refers to the ability to move virtual instances from host to host and between server farms. SQL server needs Software Assurance for License Mobility.

Software Assurance can only be added after the fact if the above 90 day condition is met. Otherwise it must be purchased alongside the license itself. Software Assurance also cannot be added to existing License only volume licensing regardless of when it was purchased. 

SQL Server

Please note that there are 2 ways of licensing SQL Server Standard:

• Per-Core Model
  • All physical cores must be licensed if run on the physical host or
  • All cores assigned to the virtual machine must be licensed if run in a virtual environment
  • A minimum of 4 cores must be licensed per virtual OSE or per physical processor (depending on how it will be deployed)
  • The core licenses come in packs of 2, so a minimum of 2 are required to be purchased.
  • No SQL Server CAL’s are required to access the server

• Server / CAL Model
  • One license is needed to run one instance of SQL Server on the host
  • SQL Server User or Device CAL’s are required to connect to the Server either directly or indirectly

• No Comments

Recently a customers Aruba Wireless System was denying its wireless clients access.

A look at the logs showed Authentication failure. The Authentication was set to Radius.

A look on the radius server showed the failure reason ( 6275 ) as

The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server tls 1.0

Usually this is due to Cert expiry , however this was fine : 

Looking in the System Log and I found : 

A fatal error occurred while creating an SSL server credential. The internal error state is 10013.

This is because TLS1.0 has been disabled ( HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server\Enabled = 0 ) on a Server 2012 Server

The fix is to create Dword “TlsVersion” in the below with Value c00 for TLS 1.2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\13

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\25

Restart Extensible Authentication Protocol service when done

• No Comments