2020-02-21

Azure - missing resource and resource group

Strange - I have some resource on my billing but I can't find resource or resource group/type on the portal. Case is registered in Microsoft - I'm curious how it is possible and what are the ways to find it (by PowerShell?) and manage.

2019-12-24

Windows 2012r2 windows update via wsus is not working

I had 4 servers - Windows 2012r2 not updated since 2017, but most of updates were from 2014. During many tries to update using company WSUS, with multiple removal of "SoftwareDistribution" folder, reset of wuau client (command line), using different tools but agents still were not reporting to WSUS server. On one of the servers after switch to Windows Update (from Internet) it was possible to start update this one, but it wasn't possible on other three of them.
I know that:
(this means nothing - like communication is stopped) IdleTmr WU operation (CLegacyEventUploader::HandleEvents, operation # 44976) stopped; does use network; is at background priority
(this means nothing - like I don't know if your network is metered) WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
(this is not working, other tools also) Reset Windows Update Agent
Different older (like this) and newer blogs
but finally I found: windows8.1-kb3138615-x64_981203a167dece3569cee8e87b03d180869bc1ea (or KB3138615) it helped me - after installation server connected to WSUS and finally I saw 165 updates to install

2019-11-20

defaultAccount - Windows 2016

The DefaultAccount, also known as the Default System Managed Account (DSMA), is a built-in account introduced in Windows 10 version 1607 and Windows Server 2016. The DSMA is a well-known user account type. It is a user neutral account that can be used to run processes that are either multi-user aware or user-agnostic. The DSMA is disabled by default on the desktop SKUs (full windows SKUs) and WS 2016 with the Desktop. (from Technet)
If the domain was created with domain controllers that run Windows Server 2016, the DefaultAccount will exist on all domain controllers in the domain. If the domain was created with domain controllers that run an earlier version of Windows Server, the DefaultAccount will be created after the PDC Emulator role is transferred to a domain controller that runs Windows Server 2016. The DefaultAccount will then be replicated to all other domain controllers in the domain.

2019-10-18

prevent domain controller dns registration srv records

Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
REG_MULTI_SZ value: DnsAvoidRegisterRecords

Enter: Ldap LdapAtSite Pdc Gc GcAtSite GcIpAddress DcByGuid Kdc KdcAtSite Dc DcAtSite Rfc1510Kdc Rfc1510KdcAtSite GenericGc GenericGcAtSite Rfc1510UdpKdc Rfc1510Kpwd Rfc1510UdpKpwd
Enter: Ldap LdapAtSite Pdc Gc GcAtSite GcIpAddress DcByGuid Kdc KdcAtSite Dc DcAtSite Rfc1510Kdc Rfc1510KdcAtSite GenericGc GenericGcAtSite Rfc1510UdpKdc Rfc1510Kpwd Rfc1510UdpKpwd
Domain Controllers
LdapIpAddress A
Ldap SRV _ldap._tcp.
DcByGuid SRV _ldap._tcp..domains._msdcs.
Kdc SRV _kerberos._tcp.dc._msdcs.
Dc SRV _ldap._tcp.dc._msdcs.
Rfc1510Kdc SRV _kerberos._tcp.
Rfc1510UdpKdc SRV _kerberos._udp.
Rfc1510Kpwd SRV _kpasswd._tcp.
Rfc1510UdpKpwd SRV _kpasswd._udp.

Global Catalog
Gc SRV _ldap._tcp.gc._msdcs.
GcIpAddress A gc._msdcs.
GenericGc SRV _gc._tcp.
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/76bc11f0-8bc2-4d6c-a643-328f479aae1b

2019-08-13

DSRM - Directory Services Restore Mode - Windows 2008 R2

1. Verify if have DSRM password. If not - can You change it?
2. (to change password run ntdsutil, set DSRM password, reset password on server null)
3. add dsrmode to start: bcdedit /set safeboot dsrepair
4. restart server (gui or shutdown -t 0 -r)
5. logon on account "administrator" with DSRM password
6. do the restore, with wbadmin is at follows:
- wbadmin get versions -backuptarget:d:
- wbadmin start systemstaterecovery -version:12/08/2019-16:05 -backuptarget:d:
7. remove dsrmode from start by bcdedit /deletevalue safeboot
8. restart server (should be the only option after restore)

2019-07-30

Service Principal Names - most common services

spn service or services comment
HOST
HTTP application or web service on IIS HTTP is for https also
https
MSOlapDisco.3 Browser service https://docs.microsoft.com/en-us/sql/analysis-services/instances/spn-registration-for-an-analysis-services-instance?view=sql-server-2017
MSOlapSvc.3 OLAP service https://docs.microsoft.com/en-us/sql/analysis-services/instances/spn-registration-for-an-analysis-services-instance?view=sql-server-2017
MSSQLSvc MSSQL Service - instance https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/register-a-service-principal-name-for-kerberos-connections?view=sql-server-2017,
RestrictedKrbHost
tapinego RRAS?
TERMsrv
WSMan

Setspn -s msolapsvc.3/
CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=x
Attrib: sPNMappings
host=alerter,appmgmt,csvc,clipsrv,browser,dhcp,dnscache,replicator,eventlog,eventsystem,policyagent,oakley,dmserver,dns,msvc,fax,msiserver,ias,messenger,netlogon,netman,netdde,netddedsm,nmagent,plugplay,protectedstorage,rasman,rpclocator,rpc,rpcss,remoteaccess,rsvp,samss,scardsvr,scesrv,seclogon,scm,dcom,cifs,spooler,snmp,schedule,tapisrv,trksvr,trkwks,ups,time,wins,www,http,w3svc,iisadmin

2019-07-23

Windows 10 can't access Windows 2008 share - SMB1 is missing?

Yes, in Windows 10 from 1709 is missing, but... I had Windows 2008 Server with SMB2 disabled. So:
HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters
Smb2, DWORD, 1 - enabled, 0 - disabled
Restart required.