Tuesday, February 28, 2006

Active Directory and Group Policy

Group Policy Tips:

1) The Microsoft Group Policy Management Console (GPMC) is the best method to manage group policy without purchasing additional tools.

Some 3rd party vendors had tools like this for Windows 2000, but finally Microsoft simplified management of group policy through native tools.

to read more and download look at:
Where can I download the GPMC console for Windows Server 2003/XP?

2) Specifying a Domain Controller for Editing Group Policy

This goes into detail the way the tool at times uses the DC which holds the PDC emulator role, espically when performing an edit on a GPO.

3) When creating a policy be sure to select templates and remove all unneeded templates.
Group Policy can process fast and you can have some levels, the real thing that takes time to process is the ADM files. Removing unneeded template will cut down the ADM files.

Friday, February 17, 2006

Virtual Envirohttp://www.blogger.com/img/gl.spell.gifments - VMware and Microsoft's

I often use Vmware Player and/or Microsoft's Virtual PC. A project for work now involves getting a PXE Network Boot Server Setup, to do so I wanted to see if either VMware of Microsoft virtual enviroments support PXE network boot.

Virtual PC virtualized Network Card
Intel 21140 also sometime labeled DEC

Vmware Player
Vmware ADM 79c970 PCNet32

Wednesday, February 08, 2006

Have a Linksys WRT54g?

I have a Linksys WRT54g and have been running DD-WRT for a few months. I am very happy with it. It allows me to ssh to the router and also use ssh tunnels.

Next steps for me are to setup mrtg and snmp for monitor stats + setup a method to send a WOL Magic packet to workstations inside.

DD-WRT Home Page


DD-WRT Forums

Some tips:
From Web Administration->Status->Lan->DHCP Clients Table
wl assoclist - shows all wireless client macs.
cat /proc/net/arp - shows all active clients in your network with IP and mac
dumpleases - gives you all DHCP-Client leases.

cat /proc/net/ip_conntrack - shows all incoming and outgoing connections

Tuesday, February 07, 2006

Working with SNMP

Net-SNMP - Unix and CGU/ Linux SNMP tools and Agent. Has Windows Agent to offer an option other then the MS version. The cygwin utilities work very well.

Windows GUI, lets you query adn browse mibs - a great Windows tool.

Here is a great site, they sell pro versions of SNMP
Search for and download Mibs

Graphically view and download mibs, this link is for the F5 BigIP

Usage notes, I found that Windows XP and cygwin Net-SNMP utilities share Windows enviroment variables which detail where mibs are stored. I found this when working with a specific SNMP tool and not seeing all mibs being processed, to get both tools to use the mibs I changed the Windows enviroment values.



Sunday, February 05, 2006

Ubuntu Breezy 5.10 with MS VPC

Works will, default install defaults to a 24 bit color depth which is an issue for VPC. To change ti you must reboot the guest, hit 'esc' at the grub menu (you do not have a lot of time so be ready.) select the recovery mode, at the console login then use vi to fix the defaultdepth line in /etc/X11/xorg.conf from 24 to 16.

Thursday, February 02, 2006

Working with Awk

Here are some links to info about Awk, as one of the pages states Perl can doo 100 times what awk can, however awk is on standard unix systems where perl may not be.

I used awk to make some custom adds to the SSL cert check script which I blogged about.

CLI Magic: Learn to talk awk

awk(1) - Linux man page

Awk Introduction - Explained by examples rather than by definitons

Getting started with awk

Where to look to understand DNS

A lot of MCSE types do not get DNS, if they do they only understand the basics and can not handle looking up a MX record with nslookup. Here is a link to some good articles about DNS.

DNS Subject Index at Setup32.com

List of my most used programs

Here are a list of programs that I install on most Windows systems I use:
vnccon / gencontrol ?


SSL Cert Checker

Found this cool tool with is a solution to a problem I have been searching for - checking SSL Certificates for expiration dates by passing the server and port.

This is great because I happen to manage several sites / services which use a combo of third party and self signed certificates. Also I can monitor when Active Directory Server certificates expire, they do renew automatically, however I believe a reboot is needed for the newly automatically requested certificate to be used? Not sure.