Home / user-63927

Matt Penner's questions

Martin Hope
Matt Penner
Asked: 2013-04-27 10:46:32 +0800 CST
  • 0

We have a web/database server on Amazon AWS and I have recently discovered it is getting a ton of attack attempts from various international IPs. After checking a few they mostly seem to reside in China. This is causing performance issues and occasionally web requests are being dropped all together.

The web server services developers and clients in California by they are mobile so we can't nail down their IP addresses.

Since I don't care about any traffic outside of the US how can I best block this? The AWS Security Groups don't really seem to allow that, unless I created inbound rules whitlisting any US IP classes that would fit but that's pretty time consuming.

Is there a table of Class B ranges or something that I could filter out US ranges and cut and paste into a Windows Firewall Inbound Rule?

windows-server-2008
Martin Hope
Matt Penner
Asked: 2011-11-24 00:46:31 +0800 CST
  • 1

I'm getting some conflicting advice on how to best configure our SQL storage with our current SAN. I would like to do some of my own performance testing with a few different configurations.

I looked at using SQLIOSim but it doesn't seem to simulate TempDB.

Can anyone recommend a way to test data, log and TempDB performance?

What about using a SQL profiler trace file from our production system? How would I use This to run against my test server?

Thanks, Matt

sql-server tempdb
Martin Hope
Matt Penner
Asked: 2011-09-17 12:01:34 +0800 CST
  • 5

We have a Server 2008 AD environment with about 5k users. We just rolled out Windows 7 SP1 (were XP) with great success. However, about once a day we get a few calls that a user opens a file from their Documents (the folder is on the server and redirected), edits it and attempts to save but Win7 reports that the path is not found either because it doesn't exist or no permissions. The only way to fix it is to delete the profile.

In addition we get about the same number but different users saying that they cannot open attachments from Outlook 2010 due to no permission. We have to edit the temp Outlook storage path in the registry to fix it (or delete the profile).

I think the two issues may be related.

What scares us is that we rolled out 1 month ago and had no calls of this nature until about 2 weeks ago. It started off as one or two but seems to be growing.

Any ideas? We're going to open a Microsoft ticket but I wanted to seenif anyone else has run into this.

Thanks!

permissions windows-7 user-profile
Martin Hope
Matt Penner
Asked: 2011-08-31 10:27:31 +0800 CST
  • 4

We have Server 2008 R2 and Windows 7 Enterprise.

I'm asking this because we have several hundred laptops and netbooks at our organization. We do'nt have a NAC or a RADIUS server so all the wireless configs are done on the local computer. Please don't suggest a NAC or RADIUS as we don't have the ability to implement that at this time.

We have a GP machine start-up script that resets the wireless settings on the laptops/netbooks upon start up. This is because our users typically will take their devices home, travel, etc and when they join other networks our network info will often get lost or disabled. Our script leaves any connections the user added but resets our settings and makes it the primary item on the list.

It works fairly well but occasionally fails for some unknown reason.

I have yet to find any sort of documentation on exactly how Windows processes and applies Machine Start-Up GPs and what is required. For instance, because the network is not always present, yet the GP still runs when offline, I assume that the GP is cached somewhere on the local machine. Where does it cache this? For some reason when we put the script in the GP itself it does not run. But when we put the script into a file in the file store of the GP and call it from the GP it runs fine. Are Machine Start-Up scripts applied before or after the local wireless is enabled?

All these questions could be answered if I could find some definitive documentation on exactly how this entire process works.

Any help would be appreciated.

Thanks!

This seems to be a lot more stable but no one has yet to answer the actual question, which is where is a reference doc on exactly how GPOs are applied. What are the steps, what are the conditions and restrictions, etc.

Thanks!

windows-server-2008 group-policy windows-7 startup-scripts
Martin Hope
Matt Penner
Asked: 2011-04-09 11:39:33 +0800 CST
  • 5

Although all the online documentation and examples state there should be an OperatingSystem property for the results of Get-ADComputer I don't have one on my Win Server 2008 R2.

Here is all I have on Get-ADComputer:

PS I:\> Get-ADComputer -filter{name -eq "sit-selpa"} | Get-Member


   TypeName: Microsoft.ActiveDirectory.Management.ADComputer

Name              MemberType            Definition
----              ----------            ----------
Contains          Method                bool Contains(string propertyName)
Equals            Method                bool Equals(System.Object obj)
GetEnumerator     Method                System.Collections.IDictionaryEnumer...
GetHashCode       Method                int GetHashCode()
GetType           Method                type GetType()
ToString          Method                string ToString()
Item              ParameterizedProperty Microsoft.ActiveDirectory.Management...
DistinguishedName Property              System.String DistinguishedName {get...
DNSHostName       Property              System.String DNSHostName {get;set;}
Enabled           Property              System.Boolean Enabled {get;set;}
Name              Property              System.String Name {get;}
ObjectClass       Property              System.String ObjectClass {get;set;}
ObjectGUID        Property              System.Nullable`1[[System.Guid, msco...
SamAccountName    Property              System.String SamAccountName {get;set;}
SID               Property              System.Security.Principal.SecurityId...
UserPrincipalName Property              System.String UserPrincipalName {get...

sit-selpa is the Server 2008 R2 server I'm running this on, the localhost.

Why are there only 9 properties? I've searched online but I can't seem to find anyone else with this experience.

windows-server-2008 powershell
Martin Hope
Matt Penner
Asked: 2010-12-17 18:15:24 +0800 CST
  • 0

We have two sites linked by a VPN handled by two dedicated Netgear VPN routers. Each side has a Win2003 domain controller. Each site can ping all the machines at the other. The domain controller can successfully do Get-WMIObject queries to the computers within its own subnet and even a Get-WMIObject query to the other DC in the other subnet. But neither site can do Get-WMIObject queries to any standard comptuers in the other site. I receive the error: The RPC server is unavailable (8x800706BA). I know RPC is working because it is fine within the subnet.

The VPN routers are set as the gateway for all the machines.

Can someone suggest why my two DCs can RPC each other and each DC can RPC within their own subnets but one cannot RPC the machines in the other subnet?

What I am trying to do is run a set of PowerShell scripts on the main server and retrieve results from the entire domain (both sites). I could just run the scripts from both servers but that's a pain to maintain everytime we add or change a script.

Thanks!

powershell subnet