Pred casom som nasiel super prednasku o AD, ktoru prezentoval sam Ondrej Sevecek.
Odporucam si ju pozriet, je to velmi zaujimave a velmi dobre prednesene. Bodaj by sme mali takych ludi viacej.
One of our customer just released the beauty and power of GPO. They started to use it more and more. Couple days ago they set brand new GPO with following settings:
Today I was needed to make batch script to ping some IP addresses for problem described in this article. My first script was as following:
@Echo Off
:Loop1
ping 1.1.1.1 -n 1 -w 30000 >NUL
ping 8.8.8.8 -n 1 | find /i “bytes=” || goto FailedPing
goto Loop1
:FailedPing
echo FAILED PRIMARY NET TO VIA 10.0.0.1 %time% >>ping_test.log
route delete 0.0.0.0 mask 0.0.0.0 10.0.0.1
route add 0.0.0.0 mask 0.0.0.0 10.0.0.2
goto Loop1
When I ran this script in cmd.exe or I scheduled it, it ate one CPU core. I didn’t know why it’s happening, because when I ran this commands in cmd.exe separatelly it workied fine. After couple minutes of debugging I found out that script is not waiting for “ping” commands to finish. It was weird. My colleague told me to use “sleep.exe” to make it wait for a little bit. But that was not a solution. I wanted to force it to wait for ping commands. I tried weird thing. Instead of “ping” I used whole path for ping.exe “%SystemRoot%\\System32\\ping.exe” and for command “route” I used “%SystemRoot%\\System32\\route.exe”. Now everything looks and works perfect.
I have no idea why this is happening, but it works and I need to remember it 🙂
At one of my customer I had following request. They have Exchange server inside their network. They have two Internet connections. All mail communication goes via primary Internet connection. Second Internet connection is used for Internet browsing.
Internal IP network is 10.0.0.0/24. First Internet connection is called primary and there is default gateway at 10.0.0.1/24. Second Internet connection is called backup Internet connection and it’s default dateway is 10.0.0.2/24. Exchange server has IP address 10.0.0.21/24 and it had default gateway 10.0.0.1/24. MX records are registered to public IP address of primary Internet connection. Problem is when primary line goes down. E-mail communication stops completely – e-mails don’t come and don’t leave company.
To solve this problem we need to make two changes:
Last week I was playing with application virtualization. I do have experiences with VMWare Thinapp applications. I already did couple of those virtualized applications. When I was forced to use App-V to create virtualized application I needed to make one application and I needed make this application to write registries into real registries and not to virtual ones. I thought it would be same as in VMWare Thinapp. That means I would expect to set some “isolation” mode on registry branch.
Problem is that you can define only two modes in App-V for registries:
In VMWare Thinapp there are isolation modes (for file system structures and also for registries) defined as following:
When I upgraded from ISA 2006 to TMG 2010 I found some special problem. There was HQ with TMG 2010 and one branch with ASA 5505. Between those two location there was Site to Site VPN tunnel created. Everything worked fine, beside one problem. Users in branch couldn’t access anything on TMG server. They couldn’t ping it or do anything with it. They couldn’t browse Internet, because TMG was also web proxy server for them.
I wanted to solve one issue. This issue is described in article http://support.microsoft.com/kb/2722729. But there are two problems:
I found that I’m not the only one with a same problem and here a question on Microsoft forum. Now we can wait for Microsoft engineers.
Customer wanted to upgrade his ISA 2006 server to “new” TMG 2010. I thought it would be nice and easy process. It could be if there were no problems which I didn’t expect to be a problem in “new” software. Old server was still functional and I wanted to prepare new server and migrate all settings and certificates.
Requirements
To install all requirements you can install required packages by yourself or you can use Run Preparation Tool from installation screen of TMG. Why didn’t they include it into installation package it self?
Messed up console
When I was done with installation I ran TMG console and I received following error:
Regarding to official blog article from Directory Service Team MaxTokenSize for Access Token tickets, which is four times more than before.
What a cool command in PowerShell 🙂 It doesn’t even ask if you are sure 😀 Boooooooooom….server rebooted.
Recent Comments