[Aside] SPNs
Trying to get people at work to clean up duplicate SPNs, and came across some links while reading about this topic. From the official MSDN article: A service principal name (SPN) is a unique...
View ArticleClik here to view.
Generating certificates with SAN in NetScaler (to make it work with Chrome...
I want to create a certificate for my NetScaler and get it working in Chrome. Creating a certificate is easy – there are Citrix docs etc for it – but Chrome keeps complaining about missing...
View ArticleADFS errors and WID
Spent a bit of time today tracking down an ADFS/ WID issue. Turned out to be a silly one in the end (silly on my part actually, should have spotted the cause right away!) but it was a good learning...
View ArticlePowerShell – Find all AD users with ACL inheritance disabled
Quick one-liner to find all AD user objects with ACL inheritance disabled: Get-ADUser -SearchBase "DC=myDomain,DC=com" -Filter * | ?{ (Get-Acl $_.DistinguishedName).AreAccessRulesProtected -eq "True" }...
View Article[Aside] NetScaler tracing, telnet, etc.
It is not possible to do a telnet from the NetScaler to any server to troubleshoot connectivity issues. The telnet may or may not succeed, but it doesn’t mean anything as the telnet is initiated from...
View Article[Aside] AD Sites, Subnets, Trusts, etc.
How Domain Controllers are Located Across Trusts – this is a delightful article. I don’t know why, but I simply loved the way the author presented the information. Very logically written. Wish I could...
View ArticleArticle 0
Watching “Cosmos: A Space Time Odyssey” nowadays. Also completed “The Leftovers” Season 1 yesterday. Great show, especially the last few episodes where there’s a lot of talk about purpose and such –...
View Article[Aside] Misc ADFS links
Claims-based Authentication, ADFS 3.0, and SharePoint 2013 – Beginners Guide – as it says, a good intro. Beginners Guide to Claims-based Authentication, AD FS 3.0, and SharePoint 2013 – Part II:...
View ArticleWindows CLI – find groups you are a member of
I knew of doing a gpresult /v and finding the group membership. An even better (and faster) way is whoami /groups. Other useful whoami switches.
View ArticleScript to run esxcli unmap on all datastores attached to an ESXi host
It’s a good idea to periodically run the UNMAP command on all your thin-provisioned LUNs. This allows the storage system to reclaim deleted blocks. (What is SCSI UNMAP?) The format of the command is:...
View Article[Aside] Various Citrix links
Busy with a lot of Citrix and NetScaler work recently. Want to put the various links I came across someplace. NetScaler Monitors going UP/DOWN (packet loss) – We had the exact issue in our...
View ArticleClik here to view.
Event ID 1046 – DHCP server says it is not authorized even though it is...
This problem ate my head for the past 2 days and wasted a lot of time. For such a simple issue it drove me quite mad. Built a bunch of DCs for our branch offices. One of them gave trouble with the DHCP...
View ArticleFind users connected to a NetScaler gateway
Wanted to find out if a certain end-user had connected to our NetScaler gateway. Couldn’t figure out how. (And initially I went the long route of looking at the /tmp/aaadebug.log file – not really...
View ArticleCertificate stuff (as a note to myself)
Helping out a bit with the CA at work, so just putting these down here so I don’t forget later. For managing user certificates: certmgr.msc. For managing computer certificates: certlm.msc. Using CA Web...
View ArticleNotes on ADFS
I have been trying to read on ADFS nowadays. It’s my new area of interest! :) Wrote a document at work sort of explaining it to others, so here’s bits and pieces from that. What does Active Directory...
View Article[Aside] Various SharePoint links
Been dabbling in a bit of SharePoint at work, here’s some links I came across and want to put here as a reference Future Rakhesh: https://sharepoint.stackexchange.com/a/141861 – Hiding a list column in...
View ArticleTwo nice quotes from “Wakefield”
Saw “Wakefield” (movie) just now. Loved it. Not at all what I had expected from the synopsis. That sounded like a creepy/ stalker sort of movie, but the actual movie was amazing. Two nice quotes from...
View ArticleDFSR misconception: the hub server does not mean it is the master
Came across this Microsoft blog post by chance. To quote: If the topology is set up for hub and spoke, and the spoke were to accidentally delete an item, this should not reflect back to the hub,...
View Article[Aside] Domain Controller locator
A while ago I was reading up on the Domain Controller process to confirm some stuff before changes I was making at work. Found a couple of good links, still got them open in my browser but before...
View ArticleTIL: Windows 10 goes back to adding a .v5 suffix to profiles
So, back in the Windows 7/ Server 2008 era if you had a roaming profile it was always suffixed with a .v2 extension. So if you username was “rakhesh” and your profile path in AD was...
View Article