@JaredBusch said in
I’m sorry but it’s not possible to back somebody through a router via RDP. you have to have RDP forwarded through the router to a device it actually is RDP server before somebody can be had to be RDP. So your entire premise for the statement is weird if not a flat out lie.
There was a port that was open and then fowarded through 3389 to the TS.
The only problem is this customer was hacked through Rdp a few months ago due to an open port on the router. This happened at 2 of their other sites, but caused a lot of headache for the entire company. This variant is called Darma. We closed all those ports on the rest of their routers.
https://www.bleepingcomputer.com/news/security/new-brrr-dharma-ransomware-variant-released/
Hey guys. So this customer is still having connection issues at this site with the new modem. Is there an alternate solution for these remote users to connect to the terminal server simultaneously outside the vpn? Connectwise? Nomachine remote s/w?
@dbeato said in Is Spectrum's modem really bridged?:
I have two customers in NC and SC and they have Spectrum with Static IPs and it is not fully bridged mode at all. We had so many problems with Sonicwalls and Edgerouters with their static IP and blocking of traffic.
One of my colleagues had spoken with Spectrum before me and told me what they said. I was like, no way. That doesn’t make sense. So I went ahead and called myself and got told the same thing. All they say is the problem is not on their end. Im like dude the traceroute is hopping through yalls modems private IP and these issues appeared after yall replaced their modem. I spent an hour debating with them on the phone and didn’t get anywhere. I’ll have to escalate this on Monday and will probably waste another hour on the phone.
That's the same kind of modem they have. Customer also has an internal Firewall with a static IP, which is in a meshed network topology. We started having issues with RPC on their local DC. Issue started happening after they got a new modem. Spectrum is saying issue is not on their end. we did all kinds of troubleshooting on the DC. We changed out the DC, and now a known good firewall. Still having same issues. I was told by Spectrum the customer can't get a Modem only device. The tech even got with his lead on this. I may need to escalate with Spectrum.
I've got a customer with Spectrum as their ISP. However, I noticed when doing a tracert the 2nd hop is Spectrum's modem private IP. I called Spectrum support and requested that they bridge the modem. I was told it was done. However, the 2nd hop is still the modems private ip. The customer has a modem/router combo modem. I called Spectrum yet again and was told it's in "bridge mode" and the way that I'm requesting it to be bridged is not supported since the customer has a static ip. I was even told they can't buy an alternate modem if they wanted to. Does this make any sense?
@scottalanmiller said in Anybody ever work at Microsoft? If so, how was it?:
It does require a bit more for starting entry point than say helpdesk.
What would that "bit more" be?
@scottalanmiller said in Anybody ever work at Microsoft? If so, how was it?:
System Admin is a specific field and normally you would go straight into it, it's not the kind of career that you take paths to get to, you just... start there if that's the goal.
True. I may be considering myself under qualified to apply for that particular position. I'm currently studying for MCSE 2016.
I've read that a lot of people like working for the company. There is definitely different groups with different specialized roles. I'm use to doing a variety of roles such has troubleshooting vpn, ADDS, backups, vsphere, etc. I also consider this may introduce a new opportunity in the Azure/cloud platforms after getting my foot in the door and could be a game changer in my career.
I may have an opportunity for a support engineer position at MS. My career goal is to eventually be a system admin. I'm currently doing junior system admin tasks in a break/fix type of environment and this position would be more experience with MS products in the ADDS/GPO/DNS/Etc role. I would appreciate some feedback.
@brrabill said in DC fsmo role issue:
@jaredbusch said
Restoring a DC is nothing in a SMB with only a single DC.
As has been discussed many times here on ML, it really is so easy, it's a wonder why it isn't done more. (AKA, the single DC route.)
Wouldn’t users in sites that don’t have a local DC experience performance issues?
@wrx7m said in DC fsmo role issue:
After seizing the roles on DC-B, you could then remove DC-A from AD, DNS, etc (if it is an older version, you would have to do metadata cleanup in ADSIedit). Afterward, you could add a new server, promote it to a DC and be back up and running.
The PDC was 2008r2. The new PDC is 2012 standard while other remaining DC is 2008. Does metadata cleanup apply to 2008?
@jaredbusch said in DC fsmo role issue:
But you just intentionally broke all the replication.
I honestly have no idea how to fix something this messed up.
Wasn't intentionally, but definitely a lesson learned.
Thanks everyone. I did put DC-A offline and seized the roles to 2012 DC (newer). Theres a total of 7 DC. I was able to get one of them to replicate, but it still thinks the “Deleted DC” is holding 4 of the 5 roles, but shows the 2012 DC holding the Domain Naming Role. However, the 2012 DC sees itself as the fsmo holder for all roles. I have not deleted the DC-A from ADSAS yet, only the computer object and dns records.
A customers FSMO role holder DC (DC-A) was infected with ransomware. However, the best back up they have is 1 month old from Windows Server Backup. The problem is that prior to infection there was some FSMO role organizing as DC-A was holding "most" of the FSMO roles, except the Schema and Infrastructure, which was held by DC-B. 3 Weeks ago those 2 roles were transferred from DC-B to DC-A, so all the FSMO roles could be held by 1 DC (DC-A). The problem is since DC-A has been restored back to the state it was a month ago, it now thinks DC-B is holding the Schema and Infrastructure role and DC-B thinks DC-A is holding those roles. How should I go about correcting this? Should I seize the roles from another DC? There's a total of 7 DC's, 1 in each of the 7 branch offices.
Issue: Unable to add printer from Print Server to RDS2. Error " Windows cannot connect to the printer. No printers were found".
Troubleshooting: Rebooted RDS2 and Print Server. Forced gpupdate on both servers since it's deployed via gpo and found gpo was recently updated successfully. Created test folder on Print Server and confirmed I'm able to access that share and modify. This is only happening on RDS2 that can't add printer from 1 Server (printer server). I've confirmed I can add a shared printer from another server so the problem is isolated between Print Server and RDS2. Keep in mind, I'm able to "see" the printers via unc path \printserver
@kelly said in Can I Restore files from c:\$recycle.bin\guid??:
You would probably have better success with a tool that can recover deleted files. I'm not sure what is the best these days. I used Recuva a few years ago and it did the trick, but it was finicky.
Yes. I ended up using EaseUS Data Recovery and it worked like a champ. Thanks for your feedback!
I've got someone who accidentally deleted some files a week prior and has already emptied recycle bin. However, when I view recycle bin via powershell c:"$"recycle.bin\guid I see .xlsx files there. Is there a way to restore those? I copied them over to another folder, but I'm unable to open with Excel.
@jaredbusch said in Remoteapp issue Windows 10 workspace.:
@fredtx did you reboot after clearing those keys? I’m not using workspaces anyplace at the moment to try and test this.
Yes I did. This may be from the aftermath from last Friday where I had to fix the RD Broker that wasn't allowing new remote apps on "any" workstation. Couldn't even access rd web from the broker itself. I had to give full access to IIS_URS and Network Service groups for both Tempasp.net files and c:\windows\temp folders. Restart IIS and that fixed the company wide issue. However, this 2 computers are giving me issues still.