gkwhcmight anyone here be familiar with SSTP? im following this guide but the SSTP URL doesn't load https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc773755(v=ws.10)
ChiarotWondering if anyone here is burnin the early morning oil and could help me understand where I went wrong with DNS? :\
furmelademy glassball says: you did it wrong
Mr_Pani have 2 DC 01 and 02 ... can i add LDAP service on DC01 ? Without problems?
Devastator[work]I couldn't find a better channel to ask: this is the first time I'm trying to use iDRAC, I'm trying through USB on Windows 7, but doesn't seem possible, correct?
DrZakwhat isnt possible?
Devastator[work]DrZak: Windows 7 doesn't have the drivers for iDRAC Virtual USB NIC Device
Devastator[work]DrZak: do you know a way of installing it?
DrZaki have no experience with dell remote cards
CptLuxxget it from dell?
DrZakbut basically you just usually connect to a remote management card from any computer
DrZakand click stuff trough a piece of s* web interface
DrZakso maybe say what do you actually try to achieve
Devastator[work]CptLuxx: it seems the drivers are only available for Windows Server, ESXi, RHEL etc
CptLuxxand?
CptLuxxthen use the windows server driver..
DrZakyea
CptLuxxbtw ##windows Devastator[work]
CptLuxxas it seams you use windows 7... and this is the server channel
DrZakalso, win 7, for the love of bob, that is quite old
DrZakbug-o-bonanza
CptLuxxbug-o-bonanza i add that to my vocabulariy
Devastator[work]heheh
Devastator[work]I'm actually finding a way to have a virtual console without plugging a monitor etc
Devastator[work]the server runs Windows Server 2016
CptLuxxeh?
DrZakit doesnt have a button - open console in the web interface?
CptLuxxrdp you know?
DrZakyea or that
DrZakthese cards basically have an rdp server sitting there so you can directly conenct to the console
Devastator[work]for that I have to setup the nics
munskingHello, how i can i remove 1 DNS entry from a windows dns server cache? the -cachescope parameter doesn't exist (server 2012R2)
Windywhenever i RDP to my workstation, i get an error that says "Please enter a user name and password" despite being currently logged in as the domain user, and having already entered valid credentials in the RDP dialog.
Windyit's annoying because it means i have to log in twice, every time
CptLuxxand?
CptLuxxso you want single sign on?
Windyso, every other machine I remote to, I'll enter my username and password in the RDP dialog, and it logs in
Windyit's only with this one, that despite entering the credentials once, it acts as though no credentials were supplied, and i have to log in again
Windyi don't even necessarily want "single sign on" in terms of passthrough authentication, i'd just like to only have to supply my credentials once
Windyalso despite the Windows Security Please Enter a User Name and Password error, there's no failed authentication logged in the event log. it seems like rdp tried to establish a session without using the credentials i already supplied whatseover
donofrioanyone had robocopy not MIR or overwrite
donofrioMIR or overwrite
CptLuxxwhat?
halakarmorning everyone
halakarI've got a weird one. On premise exchange box, users are randomly unable to connect to the exchange server. Active Directory appears to be healthy, not sure what the deal is
CptLuxxautodiscover
halakarThat's what I thought
halakareither that or SCP lookup failing for some reason
CptLuxxso time to check autodiscover
halakarworks great from the outside
halakarthere's never an issue there,
halakarhowever, on the inside - how to check?
DralockI had an awesome issue where cpanel decided to make it's own autodiscover file on our main site
halakarhttps://autodiscover.contoso.com/Autodiscover/autodiscover.xml ?
Dralockhalakar: microsoft checker
CptLuxxah yeah thats always funny Dralock
CptLuxxthats the first halakar..
CptLuxxthere are 3 different methodes
Dralockhttps://testconnectivity.microsoft.com/
halakarI get output from the XML when I go there, it says invalid request or something
CptLuxxuse the link from Dralock
halakarDralock, aware of that tool...well aware of it, and the autodiscover tests always pass
CptLuxxit can be domain.bla/autodiscover it can be autodiscover.domain.bla and srv..
halakaraye
donofrioCptLuxx, ok I have an offline robocopy of my wsl install to the directory c:\Users\donofrio\wsl-backup (then the lxss files and subdirs are here - used /MIR and it copied like 5gb) but then when I /MIR the files like robocopy /MIR c:\Users\donofrio\wsl-backup\. %localappdata%\lxss and it copies files for awhile but doesn't seem to put /home/donofrio back alongwith other files I'm guessing....
halakarusually it's autodiscover.domain.bla/autodiscover/
CptLuxxdonofrio wrong channel
CptLuxx##windows
donofrioCptLuxx, uh figured you server folks would be using robocopy more than workstation....humm
CptLuxxits a windows client issue
CptLuxxnot windows server..
Dralockhalakar: I mean I hate to say it, but if you are getting the response, and the analyzer is also getting a response.....Do you have godaddy for your main site?
D5nMy onecloud works very slow in windows vista
D5nshould i change to W could fix it?
DralockI'm sure it does
D5nW7
halakartell 'em, CptLuxx ;)
halakarDralock, the issue appears to be isolated to *inside* the LAN
Dralockinteresting
DralockMultiple vlans?
halakaryeah they have a bunch of VLANs
halakarthe problem just started
halakarthey use some weird phone system called "Allworx" and the problem occured right after their phone vendor deployed a software update for the phone system, it caused all the phones to have serious problems,
halakarever since then, these outlook issues have been cropping up,
halakarit could be a coincidence though, I just ran the test-outlookwebservices cmdlet on the exchange box and it failed with an error similar to this one https://arstechnica.com/civis/viewtopic.php?t=1228809
halakardo you guys usually use a CNAME or A record for autodiscover?
furmeladewhy not srv? :P
furmeladewith a
CptLuxxsrv
halakarhmm, interesting
halakarI don't deal with on prem exchange much anymore, but i am going to have to get down and dirty with this one over the next 20 days
Dralockdef srv
DralockI also have an a record though, because 2010
DralockMan so the only appliance I have in production that I care about that CAN'T run on hyperv is firepower
halakaryea, this one is Exchange 2013
halakarthe end game for this one is to get it completely out of there, we inherited this network from another MSP...the friggin' exchange box is also a DC
Dralockthat's common though
halakarmaybe on sbs
CptLuxxnope
Dralockkey word small busines
Dralockbusiness
CptLuxxsbs was never with 2013
halakarright
Dralockprobably don't have any domain services running (guessing)
CptLuxxi have seen an server with dc+exhange+rds
Dralockneeded active directory for exchange + vpn or something
halakarthis box is running exchange 2013 on server 2012r2 std
Dralocko.0
halakaryea
halakarI already got a new DC up on another physical box,
Dralockoh wait no that's right
donofrioCptLuxx, an hour later on ##windows and no-one answers that is why I typed here, figure you folks would know robocopy like the back of your hands, I'm not copying anything outside the host just from one directory to another
halakarI need advice on how to proceed with standing up exchange 2016 in a separate VM and deploying hybrid. The customer is a non profit and already has a tenant spun up ready to go
Dralockhalakar: easy. Install exchange 2016, run hybrid config wizard
DralockThe hard part is going to be figuring out how the mail flow will work
CptLuxxdonofrio
CptLuxxstill.. not server related
halakarDralock, yes - but will Exchange 2016 discover the existing on premise environment, etc? Will I have to move all the mailboxes over to the new VM before running the HCW ?
CptLuxxyou talk about windows client and robocopy + wls.. clearly ##windows
Dralockexchange 2016 will incorporate with 2016. There is copious documentation
halakarthen exchange 2013 will have to be completely uninstalled from the other server, then the same server has to be demoted as a DC and turned into a member server,
DralockAfter the migration, yes.
Dralocksingle physical server?
DralockYou might need to loan them some hardware if so
CptLuxxi can send some old pcs halakar
DralockOr spin up a VM in azure :)
CptLuxxi only need a shipping container
MrPocketsShipping container 'ey?
DralockIf they have nonprofit status and the server license already, you can spin up a vm for like $84/month
DralockGive them the "over time" price on that
Dralock36 months is $3k
DralockMost basic server you can buy with single processor and good drives+network adapter is going to be the same price
halakarnah, I have another Dell R620 with tons of memory and hard drive space ready to host Exchange 2016
halakarthanks for the offer tho CptLuxx. I might have to burn some MS support time on this one to make sure everything goes OK. I don't want to invoke exchange setup and then have issues with mail flow, etc
CptLuxxare you sure? i need to dump this old pcs somewhere
CptLuxxi dont want to pay for the reccling
halakarStaples recycle 'em for free!
halakarit's just a pain to lug that crap down there
DArqueBishopCptLuxx: I can't speak for where you live, but in my area all of the local trash services have locations you can drop off recycling at, including electronics such as computers.
DArqueBishop(And by "drop off", I mean they take it for free.)
bildzIs there a channel for discussing .NET asp build packaging?
Harm133Hey guys, I have a hypervisor eating 10-20% of its CPU. Can´t find where its going tho. Can´t trace it back to VM usage or anything else...
Harm133Any hints?
KaiForcedoing a post-mortem on a failed server move from one VMWare host to another. The machine in question is a DC (the only one in the domain) and Windows Server backup was used with the allcritical switch to make a backup of the source, the source was shutdown, then the system was restored to the intended permanent home. After the restore, clients got error "system detected a possible attempt...
KaiForce...to compromise security" and there were ldap and DFS errors logged. I'm guessing a "bare metal" backup is not, in fact, bare metal. Anyone know what might have gone wrong?
CptLuxxit is bare metal KaiForce
CptLuxxbut.. well.. thats not the best way to do this
CptLuxxyou should spinup a new dc and move all roles..
KaiForcethat's nice but why would this not work? If I physically copied the machine from one host to the other, it would be fine.
CptLuxxtime difference.. to long offline
KaiForcein a single dc environment?
CptLuxxmaybe something else was already broken before
CptLuxxyes
furmeladetbh i never heard of anybody backing up and restoring DCs
CptLuxxsingle dc is not recommended
KaiForceno, because I reverted to the source system and all is well
CptLuxxwell i did that furmelade :P
KaiForcei know single dc is not recommended, but that isn't relevant to this problem
CptLuxxworks fine if you do it right
furmeladei usually just spin up new DCs when one breaks, faster than restoring :P
CptLuxxi only had problems when the dc was still using fsr
CptLuxx:D
CptLuxx*frs
KaiForceso we don't know why this bare metal restore isn't a true bare metal restore?
gkwhchey guys, im trying to diagnose why i cant access my shared network folder any longer. where in the event viewer can i find this info??
MrPocketsHow're you trying to access it?
KaiForcegkwhc: security would be the place to start
gkwhcMrPockets: i set it up as a mapped network drive and i was able to access it on monday
MrPocketsyou try via \\hostname? \\IPaddress?
gkwhcKaiForce: server side or client side? shared folder is on server
KaiForcei'd look at the server side
CptLuxxi have a blog post for this
CptLuxxhttps://www.naphtaliandluxx.de/newsflash-from-nlc-2
gkwhcMrPockets: yes to no avail. i can ping the server tho by hostname & ipaddress
MrPocketsCptLuxx, helluvan ipdepth post.
KaiForcenot proper method, wtf does that mean?
KaiForcethat's like "pc load letter"
CptLuxxdunno i copy pasted it from the channel
CptLuxx:D
MrPocketshmpf
MrPocketsgkwhc, windows FW on the server?
MrPocketsSec logs on the server'll tell you if there're any auth attempts.
MrPocketsWireShark'll lend some insight regarding network connectivity between the client to the server
MrPocketscan you access the share from the server itself?
gkwhcMrPockets: FW? client gives 0x80070035 The network path was not found
MrPocketsif you wack to the server, are any shares available?
gkwhcMrPockets: yes, i can see the shares on the server via \\server. but from client side it says cannot access \\server tho i have correct permissions set up
CptLuxxor
CptLuxxdns wrong
gkwhcdns?
CptLuxxthe fqdn resolves to the wrong host
CptLuxxcould be..
gkwhchow can this be checked? pinging server resolves to the correct ip
anexitnslookup
MrPocketsCan you connect to other serviecs on that server, like RDP?
CptLuxxnslookup
CptLuxx... maybe someone edited the host file
MrPocketsRun wireshark with an icmp filter and verify you'er pinging the right server.
KaiForceCptLuxx: indeed, most forget to check that
anexitcould also be a corrupt tcp stack
CptLuxxi never have seen corrupt tcp stack
KaiForcei have
MrPocketsI haven't since XP.
anexithappens a lot in windows 10
anexitall these major updates
CptLuxxand after years of research i never got an answer what "winsrock reset" does
CptLuxxnever had on win10..
KaiForceit is extremely frustrating because usually some things work
MrPocketsgkwhc, share a folder off some other machine and see if it'll connect? Always try to cut the issue in half when you can. Client side issue, or server side issue.
KaiForceso it is hard to tell that there is a problem
MrPocketsOther clients able ot hit the server?
CptLuxxhave you checked the host file now?
anexitwinsock was an interface applications used to manipulate the tcp stack and mbuffs
weqCptLuxx: it reset the layer between the application and the tcp stack.
CptLuxxmkay
CptLuxxis there an layer 8 reset?
KaiForceapp spoke winsock, winsock spoke tcp
MrPocketsCptLuxx, wanna interview this DBA for me?
CptLuxxyeah why not
furmeladeCptLuxx: a fist to the face is a layer 8 reset
weqCptLuxx: it's called sleep
anexitdba, lucky you guys
weqwinsock reset is layer 5&6
anexitHere it's the admin can do everything job
MrPocketsanexit, lucky client.
anexityeah
MrPocketsand I'm ensuring its a DBA and only a DBA so the bloke doesn't try to squeeze us out.
anexitha
MrPocketsI'm not ready to give up their pay check to sit here and IRC all day
KaiForcewe don't have that problem here because we have no blokes, just dudes
gkwhcanexit, CptLuxx. nslookup points correctly to the ip address
CptLuxxmaeh
anexitOur last dba was a female and she knew her stuff but they axed her because of that.
gkwhcMrPockets: yep i can RDP into server
MrPocketsWacky.
KaiForcegkwhc: is the workstation service running on the client
CptLuxxdid you try a reboot?
CptLuxx:P
weqtime to check sharing and ntfs permissions perhaps?
MrPocketsthree times?
anexitSo her uniformed system of mysql is now mysql, postgre, mongodb and mssql
anexitso we're trapped pretty much, dba's come and leave because it's a headache
CptLuxxdid someone maybe disable smb1 incorrectly
gkwhcweq: permission settings hasnt changed since it was working
KaiForceCptLuxx: another good call, you spend too much time on computers I can tell
gkwhchow does one reset the TCP stack?
KaiForcegkwhc: did you check the workstation service
CptLuxxmy butt has grown into the chair
CptLuxxi cant move away
weqgkwhc: you say they haven't been changed, but verifying them is still a thing you should do in the troubleshooting process.
weqotherwise it would've just worked wouldn't it?
weqif someone else locks a door and you can't get in. And you didn't lock it the last time do you just stand outside looking at the door? Or do you actually try to unlock it?
KaiForcei kick that mother
gkwhcweq: yes ive verified :)
weqKaiForce: langauge.
weqgkwhc: how?
KaiForce...hubbard
gkwhcweq: right click on folder,...properties...share permissions and also security permissions
wequse effective access.
anexitSharing permissions are set to full, security is set to full?
gkwhcKaiForce: yeah workstation service is confirmed to be running
gkwhcanexit: yes
furmeladecan other users access the share?
CptLuxxyes
anexitControl Panel -> Admin tools -> computer management and look for sessions
KaiForcegkwhc: if any of these fine fellows was there, you'd be in business in .2 seconds... What changed.
furmeladesounds like purrmissins
anexitusually under shared folders
KaiForcei think it is simpler than that. gkwhc if you just do \\servername do you see the shares?
gkwhcKaiForce: no...which is wierd
CptLuxxits a $ share
KaiForcerestart workstation service
furmeladeheh
gkwhcanexit: computer management/sessions in server side?
anexitAlso verfiy that folder is under shares
gkwhcKaiForce: just did :)
anexitgkwhc under shared folders
KaiForceis it really a $ or was that comedy
anexitShares, sessions, openfiles
KaiForceeven if it is a $ he should get a blank window vs an error
anexitunless it's not discoverable
gkwhci tried turning network discovery on server ON, but it keeps on reverting to OFF
halakarug, time to renew the microsoft partner membership,
anexitWhat server is this 2008?
gkwhcanexit: server 2016 standard
anexitnot sure
anexitcould be anything really
anexitfirewall
anexitProcess of elmination at this point
gkwhcis there a way in the client side Event Viewer to see what config i changed to map the network drive previously?
anexitIf the error you get is access denied then that is specific to the server
gkwhcanexit: not access denied, but path not found
anexiteither way, computer management would show sessions attempting
anexitso that is a nice way to see incoming sessions
Passw0rd1sOv3rU5did you check gpo to see if network discovery is blocked?
gkwhcif i can see what config i changed in the Event Viewer that would be helpful i think
gkwhcto backtrack
gkwhcinstead of just shooting darts, because it worked on monday
CptLuxxjust start over
anexitif the sessions are connecting to that server then you know com is okay and it could be something as simple as the time wrong
CptLuxxreinstall everything
anexitcheck the adapter settings, maybe file and printer sharing is unchecked
Passw0rd1sOv3rU5what box are you acceissing it form?
gkwhcPassw0rd1sOv3rU5: a windows 10 box on the same network
Passw0rd1sOv3rU5cause server 2016 forces some of the new stuff with accessing network shares
Passw0rd1sOv3rU5yeah taht shouldnt be a problem
Passw0rd1sOv3rU5did you check its dns entry?
gkwhcif it worked on monday, something mustve changed
Passw0rd1sOv3rU5via nslookup
Passw0rd1sOv3rU5?
anexityeah he did
gkwhcpoints to the correct ip. idk what else about DNS to check
gkwhcappend suffix?! netbios? winserver?
anexittoss winserver out
Passw0rd1sOv3rU5netbios and lldp should be disabled anyway
Passw0rd1sOv3rU5can u moutn share via powershell?
CptLuxxanother captain
Passw0rd1sOv3rU5New-PSDrive –Name “K” –PSProvider FileSystem –Root “\\touchsmart\share” –Persist ?
CptBlkshp"Captain"
CptBlkshpACTION tips hat 
gkwhcPassw0rd1sOv3rU5: says the network resource type is not correct
anexitsnow storm
anexityay
CptLuxxofftopic yay
furmeladeban
furmelade... yay
anexitI was talking about.... well... gkwhc network share storm.
KaiForcegkwhc: please post the servername & sharename in this format: \\sharename\servername
KaiForcestrike that
KaiForcereverse it
BobFranklyso I'm trying the psexec -i -d -s c:\windows\regedit.exe to enable me to delete some stubborn reg keys, but regedit never opens. Anyone have any suggestions?
KaiForce\\servername\sharename
KaiForceBobFrankly: not sure what that does but are you in a admin cmd window?
BobFranklyKaiForce: yup
BobFranklyACTION is not well versed in psexec
gkwhc\\zeus\test
KaiForcei'm tapped sorry... I'd research but I'm post-morteming something dumb
BobFranklynp
furmeladewhy dont you use remote registry BobFrankly?
CptLuxxbecause he would need to start the service first
BobFranklyfurmelade: I'm on the machine I'm trying to alter
furmeladeoh
BobFranklythe only reason I'm using psexec in this fashion is that it's supposed to give me a higher level access to the registry, one in which I can boot this problem registry key
BobFranklyif anyone has another non-psexec approach to accomplishing that, I'm all ears :)
CptLuxxpsexec cmd
CptLuxxand then reg bla
furmeladetry without "-d" BobFrankly
anexit^
anexitand -s is a system account
BobFrankly--d no changed
BobFranklythats...minus the -d
furmeladeyou have a weird notation
BobFranklyI ment for there to be a space between the dashes :P
anexitand you're in admin ps/cmd?
BobFranklytried both
anexitand in the write directory
anexitC:\ needs full write
BobFranklypsexec writes out the header, but then nothing happens, nothing launches, and it doesn't accept any input
anexitif the folder is read only then it wont work
BobFranklypsexec does?
CptLuxxpsexec \\bla cmd
CptLuxxand use reg..
anexitthis windows 10?
BobFranklyserver 2008 r2
furmeladeAV may block it
BobFranklyAV currently not installed in this image
anexitstart -> run -> regedit
anexitdoes it load
BobFranklyyes
BobFranklystart / run / cmd / regedit <----also runs this way
anexitpsexec -i -d -s regedit
BobFranklyjust spits out the three line header and then does nothing
BobFrankly"PsExec v2.2 - Executre processes remotely..."
CptLuxxaccept the eula..
BobFranklyhaha, pretty sure I already did that, and it's not popping up
BobFranklyjust double-checked under all the windows and not seeing an EULA
CptLuxxthere is a switch to accept it
BobFranklyalso unblocked the files, just in case
BobFranklyah, I see that, I'll try
anexitpsexec -i -d -s \\localhost c:\windows\regedit.exe
MrPocketsMan
BobFranklyfail on both luxx and anexit's suggestions
BobFranklystubborn
MrPocketsI just straight up told this cat like "hey, hoenstly, your SQL fu is way superior to mine
MrPocketsima keep this short"
donofrioCptLuxx, uh notice that the help page for robocopy is in server - https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc733145(v=ws.11) - can I get help here now?
CptLuxx....
CptLuxxsrsly donofrio
CptLuxxyou are doing it on windows 7
CptLuxxeh win10
CptLuxxand wsl
donofriono w10
CptLuxx##windows !
BobFrankly^^
donofrioeven if linked to server??
BobFranklyACTION shakes head
CptLuxxare you kidding?
donofriocause no-one is helping out in that other channel
CptLuxxthe problem is on win10
CptLuxxwin10 is a client os
BobFranklytry #robocopy
donofrioI know that but the help link is to server2012 https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc733145(v=ws.11) - or did you folk not click on that link?
CptLuxxlast warning
donofriodude....smdh
BobFranklyif you can't get help in #robocopy, then ##windows will look alot better
donofrioBobFrankly, thank you and I'll try there but you'd think if you found a link with server in it - the server channel might help out if they had time.....but guess not.....(and I'm not going for 'looks' but to be able to get it working as I think it should (/mir is not mirroring?)
CptLuxxread the channel guidelines there is a reason for this
BobFranklychannel runs on the guidelines of the channel, not the individual.
gkwhcany ideas??
BobFranklygkwhc: we just had a long discussion about psexec failing, probably a good idea to reask
CptLuxxBobFrankly
CptLuxxhow about.. starting the remote registry service
CptLuxxand connecting remote with regedit?
BobFranklynot sure how that's any different from using regedit locally
CptLuxxhm
furmeladethat'll wont elevate the privileges
CptLuxxright
CptLuxxright right right..
furmeladecopy registry hive, shutdown server, edit the hive, move it back?
BobFranklythats.....a bit scary to try on this thing
furmelade"test in production"
furmeladethats usually my motto
CptLuxxhaha
BobFranklyto a degree, I have no choice on some things
BobFranklyhere, I do, and here, I'd be dealing with pitchforks and torches if the test failed
furmeladedo a backup! :P
CptLuxxcrazy talk
CptLuxxbackups..
furmeladeoh yeah i forgot, use RAID
BobFranklyno no... furmelade is correct
CptLuxxjust disconnect one drive from the raid 1 furmelade
BobFranklythat's why I've got a copy of the vhdx in the recycle bin
furmeladeif you backup with shift+del, its way faster!
BobFranklyI do that with ALL my emails
BobFranklySUPER fast backups!
CptLuxxhow about third party registry editors BobFrankly
rexwin_how to know what makes this sqlservr.exe run and it taking huge amount of memory to run and I dont run any DB?
weqrexwin_: there is still databases there even though you don't have a db that you created.
weqyou can tweak memory limitations though. But there are plenty of guides out there to size up memory correctly for sqlservers.
gkwhchey guys, so the default IIS setup has a default webpage and i cant view it from the internal network. are there security settings i need to hop through to let it serve it to the WwW
CptLuxxno
CptLuxxwell if you have nat then you need to forward the port..
gkwhcCptLuxx: windows firewall/NPS?
CptLuxxyour router...
CptLuxxor firewall
CptLuxxwhatever you have
gkwhcCptLuxx: im trying to see if isp isp blocked the ports i needed so im trying to deploy a website then move the ports
CptLuxxwha?
CptLuxxdude have you ever done this? that is a realy basic task
gkwhcno i havent done this
CptLuxxfordward port 80 to the server
CptLuxxdone
gkwhcdid that
CptLuxx##networking
gkwhcbut it says webpage says connection refused
furmeladefirewall
gkwhcalready disabled
CptLuxxahh why
CptLuxxjust open the port
CptLuxxdont disable it completly
gkwhcstill
CptLuxxforward port from your router/firewall to the server
CptLuxxshould work
CptLuxxtry some different port if you think its blocked from your isp
gkwhcCptLuxx: port 80 should be open..ISP says that port isnt blocked
electricmilkProbably didn't forward the port correctly
CptLuxxyep..
electricmilkor have a firewall enabled that you don't know about such as a zone based firewall on the router
gkwhchow hard is it to forward a port.
electricmilkNot very hard
CptLuxxsomething i only charge you 2 houres
gkwhcand no this router is basic, only has port forwarding feature and wifi
electricmilkBut on old Sonic Wall its easy to THINK you forwarded the port correctly
electricmilkcheck if the router has some lame firewall enabled...check NAT
CptLuxxrun a portscan
gkwhcCptLuxx: nmap says port 80 is CLOSED
electricmilkSome lame ISPs will block ports even if they claim they don't
CptLuxxhere we go
CptLuxxyou did something wrong on the router
electricmilkWell first off....can you access the service locally from another work station?
gkwhcCptLuxx: that could mean its blocked, or router, or server?
gkwhcelectricmilk: yes
CptLuxxrouter..
CptLuxxi guess
gkwhcits very clear that the port forward is set...
electricmilkIs there another router down the line?
gkwhcnope
electricmilkHome setup?
gkwhckinda
DArqueBishopWho's the ISP?
gkwhcMediaCom
electricmilkIs it "Business grade" internet?
gkwhcyes
electricmilkOkay so is your router separate from your modem?
gkwhcsame unit
electricmilkSo you only have ONE network box?
gkwhcyes
electricmilkAnd you said you disabled the firewall on the IIS server
gkwhcyes
electricmilkThen it has to be an issue with the router or the ISP blocking it...I vote router
CptLuxxi also vote router
electricmilkIf you are 100% you set the port forward correctly then try upgrading the firmware
electricmilkor restarting the router..maybe its a bug...I dunno
electricmilkPort forwarding can be tricky sometimes with some models...you think its set correctly but its not
CptLuxxhttp://www.strawpoll.me/15023558
electricmilkCOuld be as simple as a typo
CptLuxxlets make a vote
electricmilklol
electricmilkI'd try backing up config...upgrading firmware..cleaning config and reconfiguring. Check the manual for the model
electricmilk*clearing
donofriorexwin_, try #sqlserver
weqdonofrio: I suggest you refine your advice to something that is actually pertinent. Otherwise you don't need to comment.
donofrioweq, was just directing him to another channel that might better help him out (did't see any followup to his question, so I replyed - now that I can)
weqdirecting him to a channel that doesn't exist is really nice of you.
donofriooh mybad didn't check will next time
blkshpooopsy
furmeladegod damnit blkshp
furmelade:P
blkshpshh, the quiet button is right next to the clear button, if i havent clicked anyone, its everyone!
furmeladeinb4 ban-all button
weqlearn to script homeboi. :P
blkshpunfortunately this client is not easy to script, buttons however, much better :)
KaiForcemy bare metal restore issue: fixed by disabling IPV6 (not sure this was necessary) and setting burflags to D4 to force an authoritative restore
CptLuxxeh
CptLuxxyou just unbound ipv6 from the adapter
CptLuxxand dude.. migrate to dfsr
KaiForcenegative
CptLuxx3 hours ago i said i only had problem when i was on frs
CptLuxxand you are still on frs
KaiForcenegative on unbinding, I actually disabled ipv6
CptLuxxhttps://blogs.technet.microsoft.com/filecab/2014/06/25/streamlined-migration-of-frs-to-dfsr-sysvol/
CptLuxxthen enable it again its bad to have it disabled
BobFranklycptluxx: fixed the psexec thing
CptLuxxwhat was it?
CptLuxxnaphtali D4
BobFranklythere was a psexesvc service aimed at a non-existent file
CptLuxxhaha
BobFranklyhad to: sc delete psexesvc
KaiForcewhat am I gaining by migrating to dfsr
BobFranklythat got psexec to recreate it's service
CptLuxxfrs is deprecated
BobFranklyand alls well
KaiForcethat's it?
BobFranklyKaiForce: microsoft actually listening when you call for support
CptLuxxread the link
CptLuxxhttps://blogs.technet.microsoft.com/filecab/2014/06/25/the-end-is-nigh-for-frs/
CptLuxxWe have finally reached the phase where continuing to “support” FRS is impossible; it’s a bit of a stretch to even say we’re supporting it now, as you cannot get bug fixes for it.
CptLuxxfrs is just bad..
BobFrankly^^
BobFranklymigrating isn't all that hard either
CptLuxxyep
BobFranklyI did it last year
BobFranklylive
CptLuxxa single command if your ad is healthy
BobFranklyIF^
BobFranklyrun those checks first
CptLuxxno longer problems with burflags
KaiForcenot going to bother here, it is a single server in a small office, no policies or scripts even
CptLuxxstill
CptLuxxits a single command and you will avoid the problem you had in the future
KaiForcealthough I'm working on the dead server I can do anything to it
KaiForcehit me what is the command
CptLuxxrealy
CptLuxx[19:46:46] <CptLuxx> https://blogs.technet.microsoft.com/filecab/2014/06/25/streamlined-migration-of-frs-to-dfsr-sysvol/
KaiForceI don't have internet access
CptLuxxDfsrmig /setglobalstate 3
CptLuxxif your ad is healthy..
CptLuxxDfsrmig /getmigrationstate
KaiForcei can't decide whether quick, express, or hyper is faster.
furmeladesuper hyper
KaiForcemy AD was healthy until Windows Server Backup ate it (MIGHT NOT BE A FAIR COMMENT I WITHDRAW)
CptLuxxnope
CptLuxxyou had that problem because your are still on frs
CptLuxxand thats a common problem with that..
CptLuxxits just super old nobody from ms is even looking at the code for this
KaiForceWhen a backup is called "bare metal" and you restore to the same hardware and the server doesn't work the same, there is a problem beyond "you are using frs"
CptLuxxnope
CptLuxxwell yes the windows backup is also deprecated
KaiForceit is? I'm backing up vista-10 and 2008r2 - 2016 with it
CptLuxxhttps://support.microsoft.com/en-us/help/4034825/features-that-are-removed-or-deprecated-in-windows-10-fall-creators-up
CptLuxxWe recommend that users use full-disk backup solutions from other vendors.
KaiForceI wonder when they are going to pull that out
CptLuxxi hope fast
CptLuxxits a bad solution
KaiForceit works extremely well for some of my clients
gkwhcso ive configured for IIS to listen/bind on *:80 and *:8080 but from a computer out of the network, browsing to server.com:80 gives connection refused and 8080 gives connection timed out. what am i missing?!
KaiForcefirewall
KaiForceor you have the wrong gateway on the IIS machine
KaiForceor something else, depending on what you mean by out of the network
gkwhcKaiForce: not in LAN
gkwhcaccessing across the www
Harlockremote side firewall
KaiForce gkwhc - so from the internet? is your LAN using RFC1918 addresses? Did someone set up the translation on your internet facing firewall? assuming the IIS is sitting on the LAN and is not internet facing.
KaiForceimpossible to say but firewall on IIS box is most likely
gkwhcKaiForce: firewall disabled, NPS allowed all policies..still the same. port fowrading is also set up
gkwhcfor one try the 8080 connection went to refused instead. but upon second try it went to timed out
KaiForceif all that is true, check your gateway.
KaiForceon IIS machine
gkwhcactually firewall on lead 8080 to refused connection. firewall off lead 8080 to time out
electricmilkoh yea...I once was struggling with getting a port forwarded when in reality the server had the wrong default gateway set
CptLuxxclassic electricmilk
KaiForcesame URL internally / externally? I don't know IIS that well but if it is like apache it may respond differently based on the url used to access it
CptLuxxoh god
CptLuxxyou think he has a fqdn in the binding?
CptLuxxleave it blank
gkwhcits blank
electricmilkgkwhc, Do you have the correct default gateway set for the IIS server?
gkwhcyeah its the router 192.168.0.1
KaiForceeither your router is blocking it, or IIS is rejecting it, or we don't have the full picture.
CptLuxxwell the vote says router
CptLuxxhttp://www.strawpoll.me/15023558
KaiForceoh ISP yes very good
KaiForceif it had been a mail port I would have suggested that
electricmilkWe had a lame IP that blocked all ports
electricmilk*ISP
electricmilkYou had to put in a request to forward ports...our system admin put in a request to forward 65,636 TCP / UDP ports and was denied
electricmilklol
electricmilk*65,536
BobFranklywhat do you guys reccomend for pulling smart data from a disk drive?
CptLuxxcrystaldisk
CptLuxxschikuara edition
BobFranklyfree?
meyouelectricmilk, well there's your problem, there's only 65535 possible ports!
meyouor...is port 0 actually usable? :hmm:
CptLuxxhttps://crystalmark.info/en/software/crystaldiskinfo/ BobFrankly
CptLuxxShizuku Edition is the best
BobFranklyluxx: pm
KaiForceboot with "That Other OS" live CD, install smartmontools and run smartctl -a
CptLuxxfor smart data?
CptLuxxman thats a lot of work
KaiForceaside from creating a bootable something, it isn't
CptLuxxit is
CptLuxxyou need to reboot for this
CptLuxxcrystaldisk.. download.. unpack.. run
CptLuxxdone
KaiForcei could have it done in 3 minutes from this very time
electricmilkmeyou, Good point...hehe...but that wasn't why they denied the request
CptLuxxand no anime girl in smartmontools
CptLuxxso i stay with crystaldisk shikura edition
electricmilkI just ran smartctl...confirmed HD was bad
electricmilkreplaced HD and windows indeed installed
KaiForceyou have to use your other screen for anime
electricmilkNow I'm running a gazillion win 7 updates
CptLuxxtime for win10 and ##windows
KaiForcei also assumed the disk wasn't in his computer that he was using, because if I'm checking a disk with smart it has already been pulled.
KaiForceOk I migrated to DFSR on the dead DC and it was successful, but unsatisfying.
CptLuxxgood job
CptLuxxwe need to celebrate
CptLuxxnaphtali
meyouwhat's the latest in the kahlua saga
meyouor whatever that guy's name was
meyoupro tip: if you send automated e-mails with spoofed Do-Not-Reply from address, make sure to add some sort of recipient to exchange with that e-mail address, lest it gets assigned to some user mailbox somewhere and flips the from address on all your notifications
furmeladekuahara?
meyoupeople thought they were getting phished >_<
meyoufurmelade, dassit
furmeladei think his broken raid from a server sitting on cola crates
furmeladewith a wire running across the room for grounding it
meyouACTION reminisces about the client with a USB disk attached to their exchange server labeled "Exchange logs"
meyougood times
HermanDEMorning all... I'm running a few powershell scripts that are in a unattend answer file. The scripts are in Microsoft-Windows-Deployment RunSynchronousCommand.
Harlockmeyou because they are just activity logs
Harlockso external usb is just fine
HermanDEI can't seem to get DNS to work during the audit mode for the scripts.
meyouHarlock, they were transaction logs but that is what the person who did it thought iirc
HermanDESeems to work fine for win7, win8 and fails on 1703/1709 win10.
Harlockyes i'm pretending to voice the thought process of the person who did it
CptLuxxthats the most german name i have ever seen here..
meyoui suspected as much!
HermanDECptLuxx, It works...
naphtaliLuxxi
naphtaliWhat are we celebrating?
CptLuxxanother day with a D4 burflags
naphtaliDid you fix that guy with the SSTP problem yesterday?
CptLuxxnah
CptLuxxi was thinking you fix it
naphtaliI only know about PPTP
naphtaliAnd MS-CHAP
naphtaliI am considering upgrading to v2
CptLuxxoh nice
CptLuxxthe v2 makes everything better
naphtaliIf it had an "X" in it, the security would be military grade
CptLuxxthats why i have 2 x in my name
CptLuxxdouble military grade
|Atum|Ping - xpost frmo ##windows
|Atum|Good day everyone! Currently looking to track down the cause of intermittent explorer.exe hangs on (possibly) dozens or even hundreds of Windows 7 VDI. I strongly suspect the redirected folders on an Isilon NAS to be the culprit, but demonstrating this hunch to the storage team is proving to be a challenge. Any pointers so that i may narrow in to root cause for this? I am unable to reliably...
|Atum|...duplicate, so hanging out with process explorer isn't proving fruitful.
|Atum|All user-related folders are redirected to the NAS, including AppData (... and yes, I know, this is a clients decision I'm weaning them off of )
Stryykerchecked event viewer logs?
|Atum|Certainly, but I can't necessarily correlate the hangs directly to events. Periodically on some systems we DO see eventID 50/Delayed write failed
|Atum|But that doesn't account for all of the temporary hangs or failures
CptLuxxxperf
StryykerAlso see what you can see from the NAS. For example if network is loaded or disks are highly active then slowdowns are inevitable
CptLuxxis it a buffalo nas?
|Atum|Unfortunately, the NAS is another team who, sadly, would want to see evidence. Thus if there is something specific I can point to and say "please go forth and investigate" that is the win scenario for me. Only better possibility would be identifying and being able to resolve it myself ;)
|Atum|CptLuxx: some challenges to that are the lack of reproducibility and potential scale. Suppose it happens to 3% of the machines at random, I have no way of knowing where it might occur and widely deploying Xperf seems like a challenge in itself
CptLuxxright right
CptLuxxjust do it
|Atum|to say nothing of the challenge of profiling a large number of production machines in VDI - I imagine that would have a pretty big hit on scalability :(
meyoulocal flash in every node
meyouproblem solved!
|Atum|The vdi themselves are actually on extreme IO bricks ...with...the userdata on that isilon (garghbhahhbhhbh my head :p)
meyouoh wait, redirected profiles, disregard
|Atum|Suffice it to say, the Windows 10 VDI initiative should solve a great many of these , however that is being hampered by ongoing production daily issues, including this performance issue. Is there some minimally impactful event logging to enable in lieu of full xperf trace on 1000+ machines? :D
|Atum|Just some evidence to take to the storage team to cause them to look at their own stats (it may sound silly but its the old layer9 political problem)
CptLuxxtry a layer 9 reset we talked about thist today
meyoupick a smallish random sample and hope it overlaps with your issue? :o
CptLuxxits a punch in the face i heard
meyounot seeing any delayed write failure events or anything?
|Atum|there are in fact some delayed write fail events being logged.
meyoufwd that to storage team and make em fix it imo
meyouand/or network team
|Atum|Worth a shot if that should be enough for competent team to start digging. I'll work on a script to go grab the delayed write fails for the past 30 days
meyoutough to say if that's actually causing your issue though
meyoudo you have some alternate storage you could stick a subset of users' profiles on to see if you get the issue still maybe?
meyoualthough that is the sort of behavior that will hang explorer.exe ime
LewsThanThreeHey guys, we have a domain, and when I went to log into a computer, it showed <domain>\<a user I didn't recognise> at the password prompt. Get-ADUser -filter {SamAccountName -like "<user>"} results in nothing. No Audit failures in DC or workstation.
LewsThanThreeHow the heck did that username get set as default in the login screen for that workstation?
meyoumaybe they got deleted?
meyouis there a profile for that name you don't recognize in C:\Users?
meyoui don't think a failed attempt will stick on the login screen like that tho
LewsThanThreeAs I manage the user pool, that user never existed. the user was "LW\jdog" for reference, but no jdog folder in Users
meyoumaybe a failed attempt does stick then
LewsThanThreeANd there are a few workstations (2 that I know about) that exhibited this.
LewsThanThreeNo, I tried with another user, lets say LW\LewsThanTHree, and I couldn't replicate.
LewsThanThreePlus a failed attempt would cause an Audit Failure, correct?
meyouin theory
xnomaryou sure it's not just a local user account that was renamed?
LewsThanThreexnomar, there are no local users besides Administratro, plus the login screen said LW\jdog, not <workstation>\jdog
LewsThanThreeJust to be thurough, double checked users.
LewsThanThreelocal users.
|Atum|[13:54:51] meyou do you have some alternate storage you could stick a subset of users' profiles on to see if you get the issue still maybe? <-- This, of course, would require the storage team who is the crux of the problem to begin ;)
|Atum|That request to test and the accompanying justification could be a multi-month effort to test
LewsThanThreelol
|Atum|...Yep :-p
|Atum|Chicken meet egg :D