Dewayne Burress

Ok, so I realize this post won't apply to most people, but I want to share this just in case it can save someone hours of digging for VPN PowerShell commands.   The other day I found myself with a strange request from a client, they wanted to push out a VPN connection profile from Intune, and enable it so that it always stays connected when the PC has an internet connection.  We the short version of the story is I have not done a full deployment of always on, the 2nd part of the story is they wanted to use the VPN connection as the primary network connection of the currently non-domain joined machines 200+.  To make a long story short I wasn't able to get the simple certificate services to enroll intune joined user certificates to connect to the internal PKI infrastructure as it failed to autoenroll with a very detailed error.  "NO DATA".  So welcome to plan B. B-Plan was a simple L2TP connection using the same RAS, NPS server.  One a profile was built and tested th

Do you ever wake up at night in a panic...wondering are all my GPO's syncd?  Me too!  So today I thought I would write a GPO script that would allow me to check the versions of all my GPO's! As you know the GPO version number is stored in a TXT based file in the root of each {<random string>} GIUD number folder and in the TXT file is a version number value. The script does the following: Gets all the domain controllers in your domain (Checks if they are online or not) Gets all of the {GUID's} in each servers sysvol (If the path exists) Reads the version number for each one (If the file exists) Reports if there are errors Checks to see if all the versions match Prints out a nice report of Server, GUID, Version Required Modules :  ActiveDirectory Required Permissions :  RunAs Administrator on a domain controller as a domain admin account. Results: Script: #Group Policy Version Checker $startpath = get-location | select path $startpath = $s

Multi-pathing in 2016 Server with HP6000 I came across a situation today where the software vendor recommend Server 2016 for one of their software upgrade projects.  As the SysAdmin I had to setup the storage fabric.  After getting the SAN zone configured on the Nexus 5K's and presented a test lun from the HP6000 array to the new 2016 server.  Once this was done, the server seen 8 drives of the same size.  OK, no biggie I just gotta grab the HPE MPIO DSM Manager software and away we will go.  However, I quickly discovered that there is no software developed for 2016, nor is 2016 on the compatibility list. So I was able to take my first adventure down the path of Windows 2016's native MPIO software.  I realize the mpclaim.exe software came out much earlier but this was the first time I've had to personally use it. So to get the system to multipath, I found that it was pretty simple with this tool. First see if the system detects that a multipath device can be found.

In the first blog post I made about this, I showed how to patch windows 3rd party software like, notpad++, windirstat and other software utilizing puppet and chocoloatey on windows.  However, the next part of the solution was to deploy windows patches as the name suggests.  This part of the equation was a bit more challenging, but well worth the effort. For help setting up puppet and chocolatey refer to the previous blog post .  When patching windows security patches, most of them are not on the chocolatey website ready to go, so I choose to build my own repository of patches using a internal NuGet server.  Getting NuGet up and running requires Visual Studio.  In my case I utilized the community edtion (Free).  During the install you have to pick which components you want to install.  See below: Once you get visual studio prepare, your ready to head over to the microsoft project site and build the package on your own IIS instance.  I wont go into much detail here, I didn'

I ran into an issue the yesterday.  In our environment there is NO budget for deploying an enterprise class monitoring solution.  In this case the team had chosen to deploy Nagios.  Nagios is a pretty robust tool, but limited in what you can do on the web interface.  In addtion we had 200+ VM's that had yet to be added.  There are some handy web UI tools to manage the configuration scripts, but who has time for that.  I whipped up this handy PowerCLI script to pull all the live VM data from VCenter and export that data into a .CFG file ready for Nagios Core to use.  Feel free to download and share. You can copy and paste this right into your powerCLI interface once you connect to your VI Server. #Export VM Info into Nagios Ready Configuration Files $VMInfo = Get-Cluster "BladeServers" | get-vm | Select Name, @{N="IP Address";E={@($_.guest.IPAddress[0])}},PowerState New-Item c:\temp\windowsVms.cfg -ItemType file foreach ($vm in $VMInfo){ $os = get-vm $vm

In this build I'm going to attempt to simplify the "How To" get puppet working with Windows via Chocolatey.  Sounds simple but it took me several days to get this working as I intended.  In addition I wanted to be able to manage puppet from a web UI.  After doing some research I chose to go with Foreman.   Server Side Build: Pick the right OS (for Forman!).   You can pick many OS version that support puppet, foreman however is a different story.   In this build I got to start over with the latest version of CentOS 7.  Install the OS and ensure that your DNS is setup correctly.  You need to be sure that the name of the server and the reverse name of the server match perfectly and it cannot be local host.  Foreman installer will fail if it is.  I named my server puppet.<mydomain> Open the ports that the software will need also: firewall-cmd --zone=public --add-port=443/tcp firewall-cmd --zone=public --add-port=8443/tcp firewall-cmd --zone=public