-
One of our FortiWeb clients is releasing a new app and they’ve requested us to block IPs not associated with Australia. There are a number of ways we can achieve this whether it’s via the FortiWeb, a FortiGate in front or other methods. In this instance, we’ll be using the FortiWeb IP Protection feature. This […]
-
So I’ve known about PingCastle and Purple Knight for a little while now and have used them for on-premises audits and Azure AD audits a while back. I recently stumbled on Maester which is a testing framework that can be used to automate testing for your Entra environment. I finally had some time to give […]
-
Quick one but I’ve spent a bit of time today cleaning up the backend and loaded a new theme. I’ve also started to clean-up older articles to make sure the fit with the new theme and block editor of WordPress (as I’ve continued to use the “classic” style for quite some time). More articles and […]
-
We have a customer who has a few back office staff in the Philippines and we need to get them around a Geo-Block for a particular website they need as part of their role. The customer has a split-tunnel SSL-VPN in the AWS Sydney Region, we can look to route the traffic via the SSL-VPN […]
-
Despite all the things people say about Connectwise, I still hold ScreenConnect or Connectwise Control close to my heart as one of the best support and remote access tools out there. It’s light, friendly and easy to use for support staff and end users and just gets the job done. I look after our own […]
-
An old draft I’ve had for a while, just posting for posterity and safe keeping. So I’ve done a few upgrades to my VM Host machine and decided to go up to Windows Server 2016, once installed and at the desktop, I found my onboard LAN port wasn’t coming up, so I downloaded the driver […]
-
Vendors tend to lock down the type of transceivers you can use on their SFP/SFP+ and QSFP ports. They do this for a number of reasons but mainly in the spirit of support and quality (which I can understand). there are a number of guidelines around agreed upon by networking vendors that fall under Multi-Source […]
-
I had a customer call up and explain their Power BI reports had stopped working, they’re not managed so after working a few things out we got to work and jumped into their Datawarehouse environment in AWS. After a quick look we could see that their RDS SQL Server instance had TLS turned on and […]
-
Time is more critical in Active Directory than many admins realise. Time inaccuracy can cause logs to mismatch or things like license failures for anything with DRM. Larger time differences can begin to cause authentication failures since Keberos relies on accurate time or affect replication health. By default, all AD member machines synchronise with any […]
-
Quick one – I’m doing some testing in my home lab environment with Windows 11 and this box doesn’t have a TPM (so it’s not enabled in Hyper-V). Booting up the Windows 11 iso and trying to install will tell you that it’s unsupported. To get around that, load the setup as normal and once […]
-
Quick one today where I was on a client server hosted in AWS that wasn’t activated. Trying to activate it via Settings App throws and error. Like most large scale cloud vendors (except Azure), AWS use KMS to activate their windows machines, however sometimes the servers need some help to reach the internal KMS servers […]
-
I was recently resurrecting an old demo environment in AWS which consisted of a few EC2 virtual machines, however upon trying to login, I quickly realised that the account password had expired and by default Windows Remote Desktop doesn’t have an ability to change passwords since you’re not presented with the logon screen. We didn’t […]
-
We recently had a customer take advantage of a free upgrade from FTTN (Fibre to the Node) to FTTP (Fibre to the Premise) for their NBN (National Broadband Network) service. However during cut-over the FortiGate wasn’t picking up connectivity on the WAN port, this had the on-site guy stumped for 10 minutes until we jumped […]
-
For my home network, I run Pi-Hole in docker containers in separate hosts. Whenever making a change such as creating a local DNS entry on one Pi-hole means logging into the other Pi-hole and making the same change, not ideal. So I’ve tried looking for a solution to this. I did give Gravity sync a […]
-
Sometimes after performing a Firmware upgrade on FortiGate HA pairs, I find that after sometime the cluster still stays out of sync and won’t synchronise. I usually find this is because the checksums of the config files on each or some members are different. To quickly check if this is the case, fire up the […]
A Windows System Admin's Blog
Covering Server Administration, Endpoint Management, Scripting and Network Management