bcdedit /v
To disable directory services restore mode, type the following in a command prompt:
bcdedit /deletevalue safeboot
Monday, February 3, 2020
Thursday, January 30, 2020
Tuesday, January 28, 2020
Bond two NICs on RHEL (LACP, 802.3ad)
/etc/sysconfig/network-scripts
nmcli con
nmcli con add type bond ifname bond1
nmcli con mod id bond-bond1 ifname bond1 mode 802.3ad ip4 172.23.71.19/29
nmcli con mod id bond-bond1 bond.options mode=802.3ad,miimon=100,lacp_rate=fast,xmit_hash_policy=layer2+3
nmcli con mod id bond-bond1 802-3-ethernet.mtu 1500
nmcli con del fdf7fbfc-c533-42e5-8e2b-f2e123dab80e
nmcli con del f08f3cfc-3830-4bd0-9735-b9507e2d1af1
nmcli con add type bond-slave ifname p1p1 con-name p1p1 master bond1
nmcli con add type bond-slave ifname p6p2 con-name p6p2 master bond1
nmtui
nmcli con
nmcli con add type bond ifname bond1
nmcli con mod id bond-bond1 ifname bond1 mode 802.3ad ip4 172.23.71.19/29
nmcli con mod id bond-bond1 bond.options mode=802.3ad,miimon=100,lacp_rate=fast,xmit_hash_policy=layer2+3
nmcli con mod id bond-bond1 802-3-ethernet.mtu 1500
nmcli con del fdf7fbfc-c533-42e5-8e2b-f2e123dab80e
nmcli con del f08f3cfc-3830-4bd0-9735-b9507e2d1af1
nmcli con add type bond-slave ifname p1p1 con-name p1p1 master bond1
nmcli con add type bond-slave ifname p6p2 con-name p6p2 master bond1
nmtui
Saturday, January 11, 2020
Outlook 2019 won't autodiscover and keeps prompting for password with on-prem Exchange.
If you have your domain associated with an Office 365 account, Outlook will completely ignore autodiscover and try to authenticate to Office 365.
Open RegEdit
Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover
New DWORD entry, ExcludeExplicitO365Endpoint - value of 1.
------------------------------------------------------------
You are using a SAML provider and get a white blank screen or a ghost login screen-
[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity]
"DisableADALatopWAMOverride"=dword:00000001
If the above key change alone does not work, edit this additional Registry key:
[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity]
"DisableAADWAM"=dword:00000001
------------------------------------------------------------
Thursday, January 2, 2020
Unlock VMware ESXi root account
Procedure to unlock the ESXi host account at the console
- Login to the DCUI (to enable the ESXi Shell if not already done)
- Login with root and the correct password
- Go to Troubleshooting Options
- Select Enable ESXi Shell
- Press CTRL+ALT+F1
- At the ESXi shell login with root and the password
- Run the following commands to show number of failed attempts:
pam_tally2 --user root
- Run the following command to unlock the root account:
pam_tally2 --user root --reset
Friday, December 20, 2019
How to migrate from FRS to DFS on a domain
Ensure the health of AD and FRS on all domain controllers is known to be healthy. Ensure SYSVOL and NETLOGON are shared on all DCs.
Migrate to Prepared State - You will migrate to the Prepared state, where both FRS and DFSR are replicating their own individual copies of SYSVOL, but the FRS copy mounts the SYSVOL and Netlogon shares. On the PDC Emulator domain controller, run (as an elevated domain admin):
Dfsrmig /setglobalstate 1
Migrate to Prepared State - You will migrate to the Prepared state, where both FRS and DFSR are replicating their own individual copies of SYSVOL, but the FRS copy mounts the SYSVOL and Netlogon shares. On the PDC Emulator domain controller, run (as an elevated domain admin):
Dfsrmig /setglobalstate 1
Run the following to force AD to sync.
Wait for this AD value on the PDCE to converge on all domain controllers, Use the following command to see progress:
Dfsrmig /getmigrationstate
dfsrdiag pollad
repadmin /syncall /AdeP
Dfsrmig /setglobalstate 1
Wait for this AD value on the PDCE to converge on all domain controllers, Use the following command to see progress:
Dfsrmig /getmigrationstate
Migrate to Redirected State - You will migrate to the Redirected state, where both FRS and DFSR are replicating their own individual copies of SYSVOL, but the DFSR copy mounts the SYSVOL and Netlogon shares. On the PDC Emulator domain controller, run (as an elevated domain admin):
Dfsrmig /setglobalstate 2
Wait for this AD value on the PDCE to converge on all domain controllers. Use the following command to see progress:
Dfsrmig /getmigrationstate
You will migrate to the Eliminated state, where DFSR is replicating SYSVOL and FRS is removed. Unlike the Prepared and Redirected states, there is no way to go backwards from this step - once executed, FRS is permanently stopped and cannot be configured again. On the PDC Emulator domain controller, run (as an elevated domain admin):
Dfsrmig /setglobalstate 3
Wait for this AD value on the PDCE to converge on all domain controllers, then for DFSR to switch to Eliminated state on each domain controller and update AD, and finally for that value to replicate back to the PDCE. Use the following command to see progress:
Dfsrmig /getmigrationstate
Wednesday, December 11, 2019
WSUS Troubleshooting
gpupdate /force
Check GPO-
gpresult /r
gpresult /h gpreport.html
Check Windows Update Server-
reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Check GPO-
gpresult /r
gpresult /h gpreport.html
Check Windows Update Server-
reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Subscribe to:
Posts (Atom)