0

How-to : Windows Event Collector: DNS Event Log Forwarding

-

Tomasz Jagiello strikes back as guest writer ๐Ÿ™‚ This time on Windows Event Collector configuration for DNS Event Log forwarding. Very good how-to with detailed configuration.

Design where via Group Policy a Domain Controller group will be configured to forward DNS Server events to a single collector.

To test and demonstrate Event Log Forwarding I built simple Lab environment:

  • 2x Domain Controllers (DC1, DC2)
  • 1x Event Collector (SRV1).

win-event-collector-dns-01

(more…)

0

Tips & Tricks : Windows 10 & Windows Server 2016 reset on VMware ESX 6

-

Here is one from friend of mine, very skilled Senior IT Engineer, Tomasz Jagiello. Some bugs he identified while working with VMware ESX 6.

Symptoms

VM running Windows 10 (x64) as the Guest OS is automatically reset after some hours (roughly a day). Reoccurs daily.

The thread said it also applied to Windows Server 2016 VMs.

There is an unrecoverable error that cause the VMkernel to shut down / restart / crash the virtual machine.

VMware ESX unrecoverable error: (vcpu-0) NOT_REACHED bora/devices/ahci/ahci_user.c:1530

Check if you’re using a para-virtual SATA adapter in the settings of the VM.

 

Cause

There is a VMware bug where if the SATA adapter receives SMART communications on a non-SMART device the CPU bus locks up and ESX reboots the VM.

I was using SCSI for the VM disks and SATA for the VM CD-ROM.

 

Workaround

  1. Edit VM Hardware settings
    • Remove CD/ROM
    • OK
  2. Edit VM Hardware settings
    • Remove SATA Controller
    • OK
  3. Edit VM Hardware settings
    • Add CD/ROM
    • Change to IDE
    • Remove SATA Controller
    • OK
0

How-to : Create DAG on Exchange 2010

-

Set of screenshots from old archives. It shows how to setup DAG on Microsoft Exchange Server 2010.

If there will be interest in that subject I will put some description around that, just request that in comments.

Otherwise, enjoy step-by-step screenshot guide for DAG on Exchange 2010

(more…)

0

Code snippets : Windows : Importing Event Logs to Database

-

Code snippet from old archives. It shows how to import Windows event log entries to database. Important is to setup database and table accordingly, so it contains apropriate columns.

Set objConn = CreateObject("ADODB.Connection")
Set objRS = CreateObject("ADODB.Recordset")
objConn.Open "DSN=EventLogs;"
objRS.CursorLocation = 3
objRS.Open "SELECT * FROM tblEventLog" , objConn, 3, 3
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colRetrievedEvents = objWMIService.ExecQuery _
("Select Category, CategoryString, ComputerName, Data, EventCode, _
EventIdentifier, EventType, LogFile, Message, RecordNumber, SourceName, _
TimeGenerated, TimeWritten, Type, User from Win32_NTLogEvent")
For Each objEvent in colRetrievedEvents
objRS.AddNew
objRS("el_Category") = objEvent.Category
objRS("el_CategoryString") = objEvent.CategoryString
objRS("el_ComputerName") = objEvent.ComputerName
objRS("el_Data") = objEvent.Data
objRS("el_EventCode") = objEvent.EventCode
objRS("el_EventIdentifier") = objEvent.EventIdentifier
objRS("el_EventType") = objEvent.EventType
objRS("el_LogFile") = objEvent.LogFile
objRS("el_Message") = objEvent.Message
objRS("el_RecordNumber") = objEvent.RecordNumber
objRS("el_SourceName") = objEvent.SourceName
objRS("el_TimeGenerated") = objEvent.TimeGenerated
objRS("el_TimeWritten") = objEvent.TimeWritten
objRS("el_Type") = objEvent.Type
objRS("el_User") = objEvent.User
objRS.Update
Next
objRS.Close
objConn.Close
0

How-to : Integrate Cisco Easy VPN authentication with Microsoft NPS RADIUS on Windows Server 2008 R2

-

In this article will go through configuration of Cisco Easy VPN along with Microsoft NPS RADIUS on Windows Server 2008 R2.

Article covers:

  1. Basic information about Cisco Easy VPN
  2. Cisco IOS router configuration for Easy VPN
  3. Windows Server 2008 R2 NPS and RADIUS configuration

Let’s go…

(more…)

0

Config snippets : useful Netdom command

-

Quick side note, not to forget for future.

Rename computer

Netdom renamecomputer %computername% /newname:Test-Server

Join computer to domain

Netdom join %computername% /domain:domain.com /UserD:Administrator /PasswordD:*
Page 1 of 512345