Active Directory - FSMO Seizing, DRSM Password Reset and Dc health checks/best practices

As mentioned on old blog posts it is important to know which DCs (in your domain/Forest) are holding five Active directory roles using this command line.

netdom query fsmo

At the same time it is important to test your DCs health.

https://www.alessandromazzanti.com/2015/05/server-commands-to-verify-domain.html.

If you are facing unlike situation that DCs holding all 5 Ad roles (or few of them)  are no longer working you should start planning Seizing roles activity.

Here it is a Microsoft article that well apply to all Microsoft Server versions.

https://support.microsoft.com/en-sg/help/255504/using-ntdsutil-exe-to-transfer-or-seize-fsmo-roles-to-a-domain-control

Here they are other important suggests:

1. Microsoft best practices suggest to have at least a Physical Domain controller indeed to have all them virtualized:
2. I warmly suggest to check all your server and to have local Administrator password (and account enabled).
3. To check, on all your servers/Dcs to have indicated DNS1, DNS2 and DNS3 pointing to active DCs/DNS
4. Have 5 AD roles splitted between at least two domain controllers.
5. About Domain controllers have DRSM Administrator password, if not known proceed to have it resetted.

Firewall - How to backup configuration #PALO ALTO

Here it is official article that well explain on how to backup Palo Alto configuration.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POICCA4&lang=en_US%E2%80%A9

Below you can find relative explicative screenshot.

Firewall - What happens when licenses Expires #PALO ALTO

I am taking note about what happen when Palo Alto licenses expires.

These are weblinks that well explain all details:

https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/license-the-vm-series-firewall/what-happens-when-licenses-expire

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/subscriptions/what-happens-when-licenses-expire

Be Aware that if you get unexpected Firewall/VM reboot only 1200 internet sessions are supported. (and this is a big problem in case license renew process is not yet completed)

Indeed here are located Palo Articles that explains how to proceed with license renewal process

Action Required:

To complete the credit renewal process, you will need to follow the instruction in the following document https://docs.paloaltonetworks.com/vm-series/10-2/vm-series-deployment/license-the-vm-series-firewall/software-ngfw/renew-your-software-ngfw-credit-license

Tech Docs:

• VM-Series: https://docs.paloaltonetworks.com/vm-series/10-0/vm-series-deployment/license-the-vm-series-firewall.html
• CN-Series: https://docs.paloaltonetworks.com/cn-series/10-0/cn-series-deployment/secure-kubernetes-workloads-with-cn-series/register-the-cn-series-auth-code.html

OUTLOOK - HOW TO RESIZE .EDB FILE

 Here it is an interesting article that well explain on how to proceed resizing .EDB file.

https://woshub.com/windows-edb-file-too-big-how-to-reduce-size/

USB/LIVE CD - DLC BOOT and HD Cloning

I am taking note on blog this product that has several integrated features.

DLC Boot permit to create LIVE USB with several tools installed.

Be aware that some Antivirus Detection might occur so be aware, security side, to double check..

You can have a look to youtube video that explain on how to create USB Key and how to simulate its usage.

This are major features:

- Integrated Mini Windows 10 32Bit & 64Bit and similar to Mini Windows XP in Hiren's version BootCD

- Integrated Mini Windows 11 64Bit and similar to Mini Windows XP in Hiren's version BootCD

- Integrated Mini Windows XP extracted from Hiren's BootCD 15.2 and has been built and re-optimized.

Considering SSD/HD cloning necessity here they are steps necessary to reach this goal:

1. Create bootable USB previously indicated.
2. Extract HDD/SSD from old pc/laptop.
3. Connect HDD/SSD to your pc/laptop.
4. Boot from usb and launch Aomei Backupper
5. Select Clone.
6. Select correct Source.
7. Select correct Destination.
8. Check windows activities.

[original articles]

https://www.fcportables.com/dlc-boot/

Monitoring - LibreNMS

Today I would like to mention LibreNMS product

https://www.librenms.org/#features

It has several features like:

1. Automatic Network Discovery using CDP, FDP, LLDP, OSPF, BGP, SNMP and ARP.
2. Alerting Service lie email, irc etc. etc.
3. API access
4. SNMP walink putting devices under monitoring
5. Devices monitoring
6. Graphs and reporting
7. Android and iPhone app

Here they are some screenshots

https://www.librenms.org/#screenshots