Print server role, installed on Windows Server, does not automatically logs, in event viewer, each printed document.
You need to proceed as below to keep track, in event viewer, about this information (Disable Log/Enable Log)
Windows 10 - How to increase Jump list number (pinned items)
More details at below blog article link:
Please review below article if you like to increase jump list show items:
Windows 10 - How to increase Jump list items number
Vmware - Installing Cisco ISE VM on ESX farm using OVF tool
Cisco ISE is an excellent product in conjuntion with cisco devices (such as Switches, core switches, WLC, AP and so on)
About VM installation we faced a situation where Cisco ISE 2.6 .OVA file was necessary to be imported in ESX 6.X (6.7 U3) Vmware farm.
We used OVF tool to do that, here there they are actions done about ISE 2.60 .OVA:
About VM installation we faced a situation where Cisco ISE 2.6 .OVA file was necessary to be imported in ESX 6.X (6.7 U3) Vmware farm.
We used OVF tool to do that, here there they are actions done about ISE 2.60 .OVA:
- Download Cisco ISE:
https://software.cisco.com/download/home/283801620/type/283802505/release/2.6.0 - Follow below Cisco articles:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/installation_guide/b_ise_InstallationGuide20/Installing_ISE_on_a_VMware_Virtual_Machine.html#task_326DAB6CBB544238B05768EAB3C18C6E
https://www.lookingpoint.com/blog/ise-getting-started - You must download and install OVF tools:
https://my.vmware.com/web/vmware/details?downloadGroup=OVFTOOL400&productId=353
https://code.vmware.com/web/tool/4.4.0/ovf - start --> command prompt with administrative rights.
C:\WINDOWS\system32>CD C:\Program Files\VMware\VMware OVF Tool
C:\Program Files\VMware\VMware OVF Tool\ovftool.exe --acceptAllEulas -ds= - To view .OVA content:
- C:\Program Files\VMware\VMware OVF Tool>ovftool.exe C:\=UTILITY\=NETWORK\ISE\ISE-2.6.0.156-virtual-SNS3615-SNS3655-600.ova
OVF version: 1.0
VirtualApp: falseName: ISE-2.6.0.156-virtual-SNS3615-SNS3655-600
Operating System: rhel7_64guest
Virtual Hardware:
Families: vmx-09
Number of CPUs: 16
Cores per socket: 4
Memory: 32.00 GB
Disks:
Index: 0
Instance ID: 9
Capacity: 600.00 GB
Disk Types: SCSI-VirtualSCSI
NICs:
Adapter Type: E1000
Connection: VM Network
Adapter Type: E1000
Connection: VM Network
Adapter Type: E1000
Connection: VM Network
Adapter Type: E1000
Connection: VM Network
Adapter Type: E1000
Connection: VM Network
Adapter Type: E1000
Connection: VM Network
Deployment Options:
Id: small
Label: Small
Description: Use this configuration for small deployments. This deployment
will need 16 vCPUs and 32768 Memory for the vApp.
Id: medium
Label: Medium
Description: Use this configuration for small deployments. This deployment
will need 24 vCPUs and 98304 Memory for the vApp. - C:\Program Files\VMware\VMware OVF Tool>ovftool.exe --acceptAllEulas -ds="datastore1" --net:"VM Network"="VM Network" C:\=UTILITY\=NETWORK\ISE\ISE-2.6.0.156-virtual-SNS3615-SNS3655-600.ova vi://ip_esx
- Opening OVA source: C:\=UTILITY\=NETWORK\ISE\ISE-2.6.0.156-virtual-SNS3615-SNS3655-600.ova
The manifest validates
Accept SSL fingerprint (xxxxxx) for host ip_esx as target type.
Fingerprint will be added to the known host file
Write 'yes' or 'no'
yes
Enter login information for target vi://ip_esx/
Username: root
Password: ********
Opening VI target: vi://root@ip_esx:443/
Warning:
- Line 109: Unable to parse 'enableMPTSupport' for attribute 'key' on element 'Config'.
Deploying to VI: vi://root@ip_esx:443/
Transfer Completed
Completed successfully - After this operation would be available on ESX Farm
Server - Domain Users can join computers to domain (up to 10) #It is a default domain policy
Few months I discovered that normal AD users are able to join computers to domain (up to 10) without particular grants or settings.
It was a very unexpected news for me.
Default limit to number of workstations a user can join to the domain
"By default, Windows 2000 allows authenticated users to join ten machine accounts to the domain.
This default was implemented to prevent misuse, but can be overridden by an administrator by making a change to an object in Active Directory.
Note that users in the Administrators or Domain Administrators groups, and those users who have delegated permissions on containers in Active Directory to create and delete computer accounts, are not restricted by this limitation."
Here it is AD attribute that define 10 maximum join numbers (you need to to use ADSIEdit.msc):
MS-DS-Machine-Account-Quota
It is highly recommended to disable this features due to obviously security reasons:
https://docs.microsoft.com/en-us/archive/blogs/dubaisec/who-can-add-workstation-to-the-domain
REMEDIATION:
Due to security reasons is preferable that Authenticated Users cannot join domain computers.
You must modify "Default Domain Policy" permitting domain joins to specifics user or group.
Rafal Sosnowski (Microsoft Dubai Security PFE Team's member) says:
During my numerous Security Audits and Assessments I deliver to customers, I usually discover too wide permissions and user rights configured in Active Directory. One of them is “Add Workstation to the Domain”
It is important to control who can add new machines to our AD environment. Although we can enforce various security settings via GPO on newly added machines, user could join machine which is not configured according to our security standards and at the same time having ownership of various objects in the system (local admin account, ACLs on file system etc.).
<==================>
Here it is full article:
Extra IT - Legnovivo #carpentry company
Oggi vorrei raccomandare questo sito web ed azienda di falegnameria
I loro prodotti di alta qualita' e la loro professionalita' sono due punti chiave di quest'azienda.
Ho gia' acquistato, nei precedenti anni, diversi prodotti con grande soddisfazione.
Mi sento di raccomandarli fortemente
<====================>
Today I would like to endorse below website and carpentry company:
High quality wood products and professionalism are their two company key points strength.
I already purchased, in previous years, several products with excellent satisfaction. I strongly suggest them:
201X - Print Server migration/fault/DR management
If you want manage Windows 200X/201X print server fault and relative DR (without having to reconfigure all clients) you have to proceed in this way:
- Create a properly DNS alias (on DC) pointing to old print server
for example: PrintersMilan - Configure a new print server. (201X)
- Export all printers on old print server.
2003 migration - How to migrate print server from 2003 server to 2008/2008 R2/2012 - Import previous printer queues on new Server:
2003 migration - How to migrate print server from 2003 server to 2008/2008 R2/2012 - To avoid below error trying to add new printers (using DNS Alias):
\\PrintersMilan\
- On old and new server you must add this register key:
reg add HKLM\SYSTEM\CurrentControlSet\Control\Print /v DnsOnWire /t REG_DWORD /d 1
- Restart Print spooler service:
- On your PC add new printers and check that is working properly (you still are pointing to old print server)
\\PrintersMilan\ - Change DNS Alias PrintersMilan (on your DC) to point new print server.
- If everything is working fine DR and print server fault management was succesfully done
[Original Article]
Tuning - Patch My PC
In previously years I used several tools to check no O.S. software updates.
Unfortunately FileHippo App Manager is no longer working fine as in the past.
So I found that Patch My Pc Updater is working excellently, user interface is not so easy but, after you configured properly it work very fine.
About Enterprise companies easily extend Microsoft Configuration Manager to deploy and patch an extensive list of third-party applications.
About SCCM here they are old blog articles
https://www.alessandromazzanti.com/search/label/SCCM%202012
Here it is lifewire article where are indicated similar software.
11 Best Free Software Updater Programs
https://www.lifewire.com/free-software-updater-programs-2625200
Unfortunately FileHippo App Manager is no longer working fine as in the past.
So I found that Patch My Pc Updater is working excellently, user interface is not so easy but, after you configured properly it work very fine.
About Enterprise companies easily extend Microsoft Configuration Manager to deploy and patch an extensive list of third-party applications.
About SCCM here they are old blog articles
https://www.alessandromazzanti.com/search/label/SCCM%202012
Here it is lifewire article where are indicated similar software.
11 Best Free Software Updater Programs
https://www.lifewire.com/free-software-updater-programs-2625200
Freeware - ebook Reader - Adobe Digital Editions
If you need to open ebook using computer, Apple and Android devices Adobe Digital Editions is freeware and it work fine.
Here it is relative link
Freeware - Micrsoft Visio Alternative for free
Microsoft Visio is an excellent tool but is quite expensive.
Indeed is free and can work both online and as local installed software.
I hope that this information could be useful for someone:
https://www.draw.io
Indeed is free and can work both online and as local installed software.
I hope that this information could be useful for someone:
https://www.draw.io
Firewall - Two factor authentication with Cisco ASA SSL VPN
Here they are documentation and video that explain if and how to configure duo security on Cisco ASA SSL VPN
https://duo.com/docs/ciscoasa-ldap?ikey=DI3IO17MU1Y291MVX0H7&host=api-744bdf25.duosecurity.com#first-steps
https://duo.com/docs/ciscoasa-ldap?ikey=DI3IO17MU1Y291MVX0H7&host=api-744bdf25.duosecurity.com#first-steps
Iscriviti a:
Post (Atom)