News

ADPREP Error – Promoting Windows Server 2016 in 2008 R2 Forest/domain

When promoting a Windows Server 2016 to DC, adprep fails with an error that an attribute or value already exists. I am unsure if I caused this by attemping to add mutiple DC’s at the same time (race condition).

Error: The DN is CN=Send-As,CN=Extended-Rights,CN=Configuration,DC=.

The error logs were located: C:\Windows\debug\adprep\logs\

Entry DN: CN=Send-As,CN=Extended-Rights,CN=Configuration,DC=<domain>
changetype: modify
Attribute 0) appliesTo:7b8b558a-93a5-4af7-adca-c017e67f1057

Add error on entry starting on line 1: Attribute Or Value Exists

The server side error is: 0x2083 The specified value already exists.

The ADPrep log will point you to a ldif.err log which details the objects which are causing conflict and preventing this update.

Using ADSIEdit remove the conflicting GUID’s located under the Configuration

1: CN=Send-As,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

2: CN=Receive-As,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

3: CN=Personal-Information,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

4: CN=Public-Information,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

5: CN=Validated-SPN,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

6: CN=Allowed-To-Authenticate,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

7: CN=MS-TS-GatewayAccess,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

Once removed rerun your domain controller promotion again

Installing Docker on Ubuntu 18.04

To start, make sure our system is up to date

Update your systems:
sudo apt-get update
sudo apt-get upgrade

Once the system is up to date, we install Docker followed by portainer which is a simple management solution for Docker. It consists of a web UI that allows you to easily manage your Docker containers, images, networks, etc.. For more info – https://portainer.readthedocs.io/en/stable/

sudo apt install docker.io
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl status docker

Once that is done, we are now ready to install the program portainer as our first docker container…. This will enable you to manage Docker

Create a disk for you portainer instance

sudo docker volume create portainer_data

sudo docker run -d \
–name=”portainer” \
–restart on-failure \
-p 9000:9000 \
-v /var/run/docker.sock:/var/run/docker.sock \
-v portainer_data:/data \
portainer/portainer

Now you should be able to connect to portainer…. To do this you navigate to http://IP.OF.HOST:9000

It will prompt you to create a username, once you do that, click on create user After that choose Local and then click on connect.

Done!

Tech Short: Configure IP address in RHEL

The following short should help someone who needs to configure an IP address or networking on a RHEL (Red Hat Enterprise Linux) server post install, or if they are looking to modify an existing host.

The ‘classic’ method of doing this would be to vi or nano to ‘/etc/sysconfig/network-scripts’ and edit the name of the interface.

Another method I find helpful for those who prefer a user interface to step them through the process is to use the tool ‘nmtui‘.

All you need to do is: enter the command ‘nmtui’ & press enter. This will open a new window with 3 options i.e. we can edit our network interface, activate a network interface or set a hostname for our system.

Look, Mom, No Malware! | DocuPhish

And, just like that, all your advanced threat protection, anti-virus, and anti-malware protection and the bad guys are still getting to you.

There is a new phishing scam going on these days that use legitimate resources to pull off classic social engineering maneuvers to capture your information.

Enter – DocuPhish – The bad guys are now using the Docusign infrastructure to launch attacks against unsuspecting victoms.

By clicking on the yellow “Review Document” button you land on a legit Docusign page, where are asked to fill out the form with information about yourself, your company. Filling out such a form would allow for the phisher to steal your or companies identity.

If you are gullible enough the damages could be extensive. Imagine if someone on your finance team was to fall for this attack…

More reason to be aware of such threats and take security awareness training. It’s recommended that you hire a profeshinal to come in to educate you and your staff, but there are many free resources online that offer the same if not better materials

Here is a YouTube search link to many videos discussing security

VMware Recertification Policy Update | February 5, 2019

VMware just announced Changes to VMware Recertification Policy – Removal of 2 Year Requirement

As of February 5, 2019, VMware Certification will no longer have a mandatory recertification requirement. Now, you have the choice of when to recertify, rather than be required to do so every two years.

Certifications will still retire, so recertification is important to:
• Validate your expertise in the latest VMware products
• Show relevancy in the market by holding up-to-date certifications
• Receive the full benefits of VMware certification

Details and FAQ’s located here

Video on this topic: https://www.youtube.com/watch?v=T1mTUXhqhSw

Here is a sample of some of the Q&A:

Q. What is changing about the VMware recertification policy?

A. VMware is removing the requirement to recertify their VCP certifications within a two year period. Industry research confirms the importance of keeping your skills and certifications current, but VMware will no longer mandate when to recertify. We will leave that decision up to each individual candidate.

Q. Why is VMware removing the two-year recertification requirement?

A. The most compelling reason is that we want VMware certifications to match the needs of each candidate. Many candidates recertify every two years and upgrade their environments to the latest versions. Others maintain older products and do not yet need experience with the new versions. While holding the most current certification is the best way to keep your skills relevant, the recertification policy will no longer mandate when an individual must update their certification(s). We want to allow each person the flexibility to do what best supports their individual and organizational needs.

Q. If my certification becomes active again, will I get access to its logo and certificate?

A. Yes. You will have access to use the certification logo and print the certificate.

Q. Are there changes to any other certifications other than the VMware Certified Professional (VCP)?

A. VCP certifications were the only VMware certifications that had a mandatory two-year recertification requirement. This change does not affect the other certification levels.

Q. Where can I learn more?

A. Visit www.vmware.com/certification to view your VMware Certification options.