March 21

WDS Server Not Working After in Place upgrade from Windows 2012 to Windows 2019

Problem:

Windows Deployment Services cannot be located on the specified server. The server might be down, there might be problems with the network, Windows Deployment Services might not be installed, the installation might be corrupt or you might not have permission to access the server.

How to fix:

On the WDS Server run the following commands in an Elevated Command Prompt:

wdsutil /uninitialize-server
wdsutil /initialize-server /reminst:{RemoteInstallFolder}   (example: WDSUTIL /Initialize-Server /RemInst:D:\RemoteInstall)

 

March 7

DNS Manager Error Access was denied. Would you like to add it anyway?

Active directory, two domain controllers, one is at 192.168.0.0/24  Vlan 1, the other is at 172.16.0.0/24 Vlan 20.

Problem: DNS Manager can not access the remote DNS server by using its ip address.

However, DNS manager can access the remote server by using its FQDN.

Solutions: 

After checking the firewall, user account permission, and DNS settings, etc,  everything looks fine. I have googled and could not find a solution.

Here is the trick to fix this issue:  Add the remote server’s reverse lookup zones, and let the domain controllers sync.  See the picture below.

 

The DNS manger can access the remote server by using its IP address after the active directory synced.

 

 

March 5

Cisco Access Control List Edit Tips

Decide Inbound or Outbound traffic?

image you are the router or switch.

Inbound: traffic arriving the router  Outbound: traffic leaving the router

An access-list applied outbound to a vlan interface filters traffic going TO machines on that vlan.

An access-list applied inbound to a vlan filters traffic coming FROM machines on that vlan.

 

To configure an Access List you must do the following two steps:

•    The first step is to create an Access List definition.

Standard : filters based on source  Range 1-99 or 1300-1999

Extended: filters based on source and destination protocol and port number.  Range 100-199 or 2000-2699

Access-list 110 permit/deny protocol  source address (+port number) destination address (+port number)

access-list 110 permit udp 10.0.0.0 0.0.0.255 eq bootpc  host 192.168.0.7 eq bootps

•    The second step is to apply it to an Interface.

int vlan 20

ip access-group 110 in (or out)


 

Show access-list

How to edit existing access control list rules

conf t

ip access-list extended 110

no 10 (order number) permit ip any any   (remove a rule)   or just no 10

15 permit ip any any ( add a rule between 10 and 20)

 

Category: Cisco | LEAVE A COMMENT
February 20

Macos Mojave Cannot Delete User Account

Solution: Use Terminal command for Directory Services to Delete a User Account

First, Create a new administrator account and log in as the new account, open terminal command.

1 list all users.            $ sudo dscl . list /Users
2 Delete the account command  sudo dscl . -delete /Users/Account_name

After the account is deleted, delete the user’s home folder located at /Macintosh HD/Users directory.

September 27

Powershell Script to Grand user Home Folder permissions

$OU=”OU=kindergarten,OU=sales,OU=Students,OU=Users,OU=MonSchool,OU=Schools,OU=abcdUsers,DC=abcd,DC=ef,DC=com

$Group1=”CN=Students Ktest,OU=Groups,OU=abcUsers,DC=abcd,DC=ef,DC=com

Get-ADUser –SearchBase $OU –SearchScope 1 –LDAPFilter “(memberOf=$Group1)” | ForEach-Object { icacls “$(Join-Path ‘\\servera\sharedfolder\’ $_.SamAccountName)” /grant “$($_.SamAccountName):(OI)(CI)F” }

* Group1 is the group that the users belong to

NOTE: You can change the SearchScope to search the current path and all the children paths.
-SearchScope

Specifies the scope of an Active Directory search. The acceptable values for this parameter are:

  • Base or 0
  • OneLevel or 1
  • Subtree or 2

A Base query searches only the current path or object. A OneLevel query searches the immediate children of that path or object. A Subtree query searches the current path or object and all children of that path or object.

September 11

Wired Unmanaged – After Install Ubuntu desktop GUI on Ubuntu Server

 

With Ubuntu 18.04 Canonical introduced new network management called Netplan. In nutshell Netplan allows to directly configure network and/or switch between two network configuration daemons networkd and NetworkManager. By default networkd is configured for Ubuntu Server and NetworkManager for Ubuntu Desktop.

Go to   /etc/netplan/01-netcfg.yaml configuration file and change it:

FROM:




TO:

apply changes by executing:

$ sudo netplan apply

Category: Linux | LEAVE A COMMENT