I was reading and tls-crypt and was curious would that increase security and reduce the chance of keys being compromised during handshakes and that it offers better security over tls-auth?
Maybe someone could better explain tls-auth and tls-crypt and how they improve security?
my current client file:
client
tls-client
dev tun
proto udp
remote 1.2.3.4 9999
<ca>
</ca>
<cert>
</cert>
<key>
</key>
pull
auth-nocache
cipher AES-256-CBC
keysize 256
compress lz4-v2
reneg-sec 36000
keepalive 30 120
In REF to Shared network drive with Office and delete permissions disabled leads to not being able to save
We have several businesses that are now pushing over 30+ employees and many of these employees come and go. In some cases they delete files and we are forced to restore files and entire shared drives.
How are bigger organizations handling file management and preventing files from being deleted by employees?
I have a group that ALL employees are assigned to. I have the CREATOR user set the same way. They have all the RW permissions but no delete.
Everything works as expected, however, Office related products can't save. They throw a permission error. My theory is Office tries to delete the file then rename/copy its temp/current saved file to be the new file.
Anyone have a work around on this or a link?
This is Office 2016. I read someone had this issue back in Office 2013 and I tried applying a fix but that did not do it.
Also, I tried running Office with a user who had a delete permissions, and had no problems.
Idea I had: https://superuser.com/questions/1252321/running-an-application-always-as-another-user-not-short-cut-based
Looking to move forward in deploying IDS/IPS on several FreeBSD firewalls and I was curious about the difference between snort and suricata. I know that Suricata is multi-threaded but in terms of rule processing and other how they work is there any real difference that should sway me to pick one of the other?
In order to prevent the need of port forwarding and double natting I plan to put a modem into bridge mode. Are there any side effects or problems that could come of placing a modem into bridge mode in order to allow for easier access to internal services?
From my understanding with failover clustering, only one machine is actually working, which means the other one(s) are sitting idle. So why would one use failover clustering instead of using a load balancing style with Windows Server 2012 to gain better performance with all the machines working as one yet still maintain high availability.
Do some situations work better with one over the other?
I am trying to make my outgoing and incoming traffic look as legitimate as close to SSL traffic as possible. Is there a way to DPI my own traffic to ensure it looks like SSL traffic and not OpenVPN traffic? And based on my config setup does all traffic use port 443 which is the SSL port?
My configuration is as follows:
STUNNEL on laptop:
[openvpn]
# Set sTunnel to be in client mode (defaults to server)
client = yes
# Port to locally connect to
accept = 127.0.0.1:1194
# Remote server for sTunnel to connect to
connect = REMOTE_SERVER_IP:443
OPENVPN CONFIG ON laptop:
client
dev tun
proto tcp
remote 127.0.0.1 1194
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
STUNNEL CONFIG ON SERVER:
sslVersion = all
options = NO_SSLv2
;chroot = /var/lib/stunnel4/
; PID is created inside the chroot jail
pid = /stunnel4.pid
; Debugging stuff (may useful for troubleshooting)
debug = 7
output = /var/log/stunnel4/stunnel4.log
setuid = root
setgid = root
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
compression = zlib
[openvpn]
accept = REMOTE_SERVER_IP:443
connect = REMOTE_SERVER_IP:11440
cert=/etc/stunnel/server.pem
key=/etc/stunnel/server.key
OPENVPN CONFIG on server:
local REMOTE_SERVER_IP
port 11440
proto tcp
I am reading up on Storage for Windows Server 2012 R2 and I am trying to understand the purpose of Storage Pools. The way they make it sound is that you can create one big expandable ever growing array of disk like a JBOD but with the difference of the ability to create volumes on top of those disks?
Is that correct thinking?
I have a File Server running Windows Server 2012 R2. It has four 6TB Western Digital RED drives. I want to host my Hyper-V Machines, WSUS (Windows Server Update Service) content and WDS/MDT deploy ISO and files there for example.
I am presented with SMB, NFS and iSCSI options to connect to the server. Meaning, I have the option of either setting up a share via NFS or SMB or creating a virtual iSCSI drive in which I can connect to.
How do I determine which option is more ideal for specific solutions or does it not matter which option I go with as long as the service can access the storage?
$script = { Rename-Computer -ComputerName "ADMINIS-ID1PS7V" -NewName "SERVER1" }
$computerName = "ADMINIS-ID1PS7V"
$username = "Administrator"
$pw = "123!@#qaZ"
# Create Credentials
$securepw = ConvertTo-SecureString $pw -asplaintext -force
$cred = new-object -typename System.Management.Automation.PSCredential -argument $username, $securepw
# Create and use session
$session = New-PSSession -credential $cred -ComputerName $computerName
Invoke-Command -Session $session -ScriptBlock $script
Remove-PSSession $session
enable-PSRemoting -forceAllow remote server management through
WinRM to enabled with *I keep getting:
Fail to rename computer 'ADMINIS-ID1PS7V' to 'SERVER1' due to the following exception: Access is denied.
+ CategoryInfo : OperationStopped: (ADMINIS-ID1PS7V:String) [Rename-Computer], InvalidOperationException
+ FullyQualifiedErrorId : FailToRenameComputer,Microsoft.PowerShell.Commands.RenameComputerCommand
+ PSComputerName : ADMINIS-ID1PS7V
Windows apps are annoying and I would like to remove them. Been playing around with Powershell and scripting and I wanted to know if there was a way I could make Powershell to loop through all the apps and remove them.
# List of Applications that will be removed
$AppsList = "Microsoft.BingTravel","Microsoft.WindowsAlarms","Microsoft.Reader",`
"Microsoft.WindowsScan","Microsoft.WindowsSoundRecorder","Microsoft.SkypeApp","Microsoft.BingFoodAndDrink","Microsoft.BingMaps",`
"Microsoft.HelpAndTips","Microsoft.BingFinance","Microsoft.ZuneMusic","Microsoft.Reader","Microsoft.BingNews","Microsoft.AkypeApp",`
"Microsoft.ZuneVideo","Microsoft.BingTravel","Microsoft.BingSports","Microsoft.BingWeather","Microsoft.BingHealthAndFitness",`
"Microsoft.Media.PlayReadyClient.2","Microsoft.XboxLIVEGames","Microsoft.WindowsReadingList","Microsoft.WindowsAlarms"
ForEach ($App in $AppsList)
{
$Packages = Get-AppxPackage | Where-Object {$_.Name -eq $App}
if ($Packages -ne $null)
{
foreach ($Package in $Packages)
{
Remove-AppxPackage -package $Package.PackageFullName
}
}
$ProvisionedPackage = Get-AppxProvisionedPackage -online | Where-Object {$_.displayName -eq $App}
if ($ProvisionedPackage -ne $null)
{
remove-AppxProvisionedPackage -online -packagename $ProvisionedPackage.PackageName
}
}
EDIT:
I am running this from MDT for image deployments as well.
Is there a way to make powershell scripts run under the applications list so that when you install from the MDT image you can select which scripts you want to run?
I can run the scripts fine as scripts but every attempt I've tried the scripts will not execute.
This is how I am trying to do it, but they don't execute. (I link to the Script under the Install Applications under Task Sequence. So far I've come to conclude Microsoft does not allow PowerShell Scripts to work this way without some serious hacking around.
EDIT:
So after trying several ways and doing research this is what I have now:
I am trying this:
powershell -noexit "& "'\\SERVER.com\ImageDeploymentShare$\Scripts\script_tes_2t.ps1'
Working Directory is:
.\%SCRIPTROOT%
But I am getting this:
I saw something like this posted on technet but surely this is to the extreme?
Filename RunPowerShell.cmd
Powershell -Command Set-ExecutionPolicy Unrestricted
Powershell.exe -file "%~dp0%1"
Powershell -Command Set-ExecutionPolicy AllSigned
Filename App1.ps1
Dir
Execute this with
[fulle_Path_if_needed\]RunPowerShell.cmd App1.ps1
Is there a way to keep Hyper-V from pausing due to low disk space errors?
I have tried some registry edits but they do not seem to be working.
Is this a policy setting?
I have a bunch of machines that I need to enable Remote Scheduled Tasks Management (RPC), Remote Scheduled Tasks Management (RPC-EPMAP), and Windows Management Instrumentation (WMI-in) on for GPO Updates.
I would like to run a PowerShell script so I do not have to do this manually. However, I am new to powershell.
Is there a way I can get the powershell command when I add the rules manually at a machine?
EDIT:
This is one way I found to do it:
netsh advfirewall firewall set rule group="Remote Administration" new enable=yes
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
netsh advfirewall firewall set rule group="Remote Service Management" new enable=yes
netsh advfirewall firewall set rule group="Performance Logs and Alerts" new enable=yes
Netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes
Netsh advfirewall firewall set rule group="Remote Scheduled Tasks Management" new enable=yes
netsh advfirewall firewall set rule group="Remote Volume Management" new enable=yes
netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
netsh advfirewall firewall set rule group="Windows Firewall Remote Management" new enable =yes
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable =yes
However, I have to execute it on every machine.
For some reason, this one does not work:
Enable-NetFirewallRule -DisplayGroup “Windows Remote Management”
I tried looking up this error and problem and found nothing.
Could this be a firewall issue?
Is there a way to give domain based accounts administrative access on specific machines and not others?
I can control access and rights to which machines a user can log in to and what their privileges are on a global scale but is there a way to control them on individual machines?
A provider(data center) recommended I go with 1TB SSDs in a software RAID 1 over HW RAID 10 with mechanical drives.
Their quote:
Typically SSDs are most reliable than RAID cards and since you have less parts, there are less points of failure. There won't be much of a CPU load since RAID1 is extremely simple storage.
How true is that and when running virtual machines is RAID 1 SW even ideal? They say so.
Some more details: I plan to run XEN/XEN-HvM/KVM -- in other words, it will be Linux running as the HOST and I want a setup where the guests can host Windows to Linux and can compile their own kernels.
What I want to accomplish: To be able to quickly recognize a drive failure and have a replacement thrown in with little to no downtime or performance hits.
Is there any difference using Active Directory Administrative Center over Active Directory Users and Computers? In training videos I've seen people mostly use the older look Active Directory Users and Computers and was wondering if it really matters?
Also, I've seen people add Users with Active Directory Users and Computers and they show in same window with the Groups. However, if you use Active Directory Administrative Center to add a user, you won't find the users in Active Directory Users and Computers unless you open up the group that you added the user(s) too.
Is there a correct approach to working with users, groups and computers in active directory as far as which style is used?
I have a NAS device, it has 3 shares. On one computer I have access to all 3 of the shares. On another computer I keep getting this error when try and add a 2nd one.
The Network folder specified is currently mapped using a different user name and password [...]
That is the message I keep getting. What causes that?
EDIT: Every share has it's own username and password.
EDIT: NET USE on the one running 3 from the same NAS device
New connections will be remembered.
Status Local Remote Network
-------------------------------------------------------------------------------
OK T: \\192.168.2.5\SHARE1 Microsoft Windows Network
OK X: \\Nas-1dsho-abc\SHARE2 Microsoft Windows Network
Disconnected Y: \\192.168.2.9\backups Microsoft Windows Network
OK Z: \\Nas-1dsho-abc\cbackups Microsoft Windows Network
The command completed successfully.
NET USE on the other:
New connections will be remembered.
Status Local Remote Network
-------------------------------------------------------------------------------
OK Y: \\192.168.2.5\SHARE1 Microsoft Windows Network
Unavailable Z: \\192.168.2.5\SHARE2 Microsoft Windows Network
The command completed successfully.
EDIT:
I have been using the 'connect using different credentials' option.
I run a major media upload/download site and I noticed these:
Is this serious or background noise due to the big file sizes and is there any tweaks I can add to /etc/sysctl.conf to improve and prevent issues?
[8822139.804040] TCP: Peer 177.47.116.196:53829/80 unexpectedly shrunk window 2513116350:2513136117 (repaired)
[8822140.944041] TCP: Peer 177.47.116.196:53829/80 unexpectedly shrunk window 2513116350:2513136117 (repaired)
[8822143.224052] TCP: Peer 177.47.116.196:53829/80 unexpectedly shrunk window 2513116350:2513136117 (repaired)
[8822147.776079] TCP: Peer 177.47.116.196:53829/80 unexpectedly shrunk window 2513116350:2513136117 (repaired)
[8822156.896049] TCP: Peer 177.47.116.196:53829/80 unexpectedly shrunk window 2513116350:2513136117 (repaired)
[8822175.136049] TCP: Peer 177.47.116.196:53829/80 unexpectedly shrunk window 2513116350:2513136117 (repaired)
[8900596.808027] TCP: Peer 101.109.227.138:56284/80 unexpectedly shrunk window 1388148754:1388196670 (repaired)
[8900598.444020] TCP: Peer 101.109.227.138:56284/80 unexpectedly shrunk window 1388148754:1388196670 (repaired)
[8914737.204037] TCP: Peer 2.238.243.60:63238/80 unexpectedly shrunk window 2810470657:2810491097 (repaired)
[8914738.004046] TCP: Peer 2.238.243.60:63238/80 unexpectedly shrunk window 2810470657:2810491097 (repaired)
[8971335.364038] TCP: Peer 93.41.29.194:52424/80 unexpectedly shrunk window 4213166081:4213167541 (repaired)
[8971336.188080] TCP: Peer 93.41.29.194:52424/80 unexpectedly shrunk window 4213166081:4213167541 (repaired)
[8971337.840029] TCP: Peer 93.41.29.194:52424/80 unexpectedly shrunk window 4213166081:4213167541 (repaired)
[8973358.684040] TCP: Peer 101.109.225.96:50436/80 unexpectedly shrunk window 51484237:51532153 (repaired)
[8973361.684045] TCP: Peer 101.109.225.96:50436/80 unexpectedly shrunk window 51625081:51670093 (repaired)
[8973363.248026] TCP: Peer 101.109.225.96:50436/80 unexpectedly shrunk window 51625081:51670093 (repaired)
[8973366.376022] TCP: Peer 101.109.225.96:50436/80 unexpectedly shrunk window 51625081:51670093 (repaired)
[8973372.640024] TCP: Peer 101.109.225.96:50436/80 unexpectedly shrunk window 51625081:51670093 (repaired)
[8973385.152034] TCP: Peer 101.109.225.96:50436/80 unexpectedly shrunk window 51625081:51670093 (repaired)
[8973410.144024] TCP: Peer 101.109.225.96:50436/80 unexpectedly shrunk window 51625081:51670093 (repaired)
[8984154.940026] TCP: Peer 94.21.56.15:54897/80 unexpectedly shrunk window 2953312133:2953554053 (repaired)