Suppose you have a linux network setup with automounter maps that come from the network (via nis, sssd, LDAP etc.) and you want to block some of them acting on a particular system. In our case we have an automount map that acts on /opt and mounts various software packages from network shares. The problem with this is that you can’t then install your own stuff locally to /opt, which is what a lot of Debian/Ubuntu packages expect to be able to do.
Read more...
Situation – TrueNAS (or FreeNAS, or other Samba servers) serving a SMB share with NTLMv1 authentication disabled. A standalone Windows 10 system can connect to it, but a domain joined Win 10 system constantly claims wrong password.
The culprit here was a old group policy setting in the domain:
Network Security: LAN Manager authentication level
(found in Computer Configuration - Windows Settings - Security Settings - Local Policies - Security Options)
Read more...
These are some notes on setting up OpenProject on a backend server (let’s call it backsrv.example.com), and accessing it via a front-end system (frontsrv.example.com). Normally we’d do the SSL termination at the reverse proxy, and there is some documentation on this. In this case I wanted to do things ‘properly’, and protect the login credentials all the way. This means using an https connection between the reverse proxy and the back end server.
Read more...
From Windows 8 Microsoft snuck in a refinement to the format command. It is now possible to get it to do multi-pass random-number disk wipes. From the help (Win 10 20H2):
/P:count Zero every sector on the volume. After that, the volume
will be overwritten "count" times using a different
random number each time. If "count" is zero, no additional
overwrites are made after zeroing every sector. This switch
is ignored when /Q is specified.
So to do a single-pass random wipe:
Read more...
Had an issue where a Windows Server 2012 R2 system could not be accessed by RDP or remote management, as the network type had changed to Private (and thus the firewall wasn’t letting these connections through). File sharing was still working.
Found solution via SpiceWorks forum. Restart the Network Location Awareness service (needed to log on to system locally to do this). This triggered a redetection and the type went back to Domain. RDP etc. then worked again.