How to disable the weather column to resolve instance slowness? June 23, 2020, 1:49 p.m.

When an instance grows to be very large, and its folder structure has many levels, the generation of this weather column can cost a lot of system resources slowing down other processes. If an instance is impacted by the performance of the Weather Column, a solution is to remove the folder health metrics of all existing folders. The only caveat of such a change is that the weather column will always report Folders as Healthy.

sysadmin jenkins

Automatic Updates Aug. 29, 2019, 5:23 p.m.

The unattended-upgrades package can be used to automatically install updated packages, and can be configured to update all packages or just install security updates. To configure unattended-upgrades, edit /etc/apt/apt.conf.d/50unattended-upgrades. To enable automatic updates, edit /etc/apt/apt.conf.d/20auto-upgrades.

documentation sysadmin ubuntu

Logging Cheat-Sheets Aug. 29, 2019, 5:21 p.m.

In looking into compromised systems, often what is needed by incident responders and investigators is not enabled or configured when it comes to logging.  To help get system logs properly Enabled and Configured, below are some cheat sheets to help you do logging well and so the needed data we all need is there when we look.

documentation sysadmin tips

The AD Recycle Bin: Understanding, Implementing, Best Practices, and Troubleshooting Nov. 12, 2018, 11:06 a.m.

Starting in Windows Server 2008 R2, Active Directory now implements a true recycle bin. No longer will you need an authoritative restore to recover deleted users, groups, OU’s, or other objects. Instead, it is now possible to use PowerShell commands to bring back objects with all their attributes, backlinks, group memberships, and metadata.

active directory sysadmin

Cluster and Stale Computer Accounts Nov. 12, 2018, 8:38 a.m.

A Failover Cluster does not update the lastLogonTimeStamp the same way as a real computer. A cluster updates the lastLogonTimeStamp when it brings a clustered network name resource online. Once online, it caches the authentication token. Therefore, a clustered network named resource working in production for months will never update the lastLogonTimeStamp. This appears as a stale computer account to the AD administrator.

active directory sysadmin sql server

Connect to SQL Server When System Administrators Are Locked Out July 19, 2018, 2:15 p.m.

Start the instance of SQL Server in single-user mode by using either the -m or -f options. Any member of the computer's local Administrators group can then connect to the instance of SQL Server as a member of the sysadmin fixed server role.

security sysadmin sql server

A Tutorial Introduction to Kubernetes July 6, 2018, 8:57 a.m.

Kubernetes is the hottest kid on the block among container orchestration tools right now. In this tutorial, I want to document my journey of learning Kubernetes, clear up some points that tripped me as a beginner, and try to explain the most important concepts behind how it works.

tutorial devops reading sysadmin kubernetes

Lies My Parents Told Me (About Logs) Jan. 12, 2018, 4:20 p.m.

Eben’s guide to leveled logging:

ERROR: "your code is really broken"
WARNING: "your code is broken, but only in a subtle way that will bite you later"
INFO: "irrelevant trivia"
DEBUG: "information that would help you understand what's going on if you had enabled debug logging in production which you didn't"
devops sysadmin

Get Rid Of UAC Prompts With Microsoft's Application Compatibility Toolkit Sept. 5, 2017, 8:16 a.m.

There are quite a few ways to limit UAC prompts further in Windows. One of the easiest ways for instance is to change a program's properties to always run with administrative privileges. Another option, less commonly known, is to use the Microsoft Application Compatibility Toolkit to whitelist applications so that they do not display an UAC prompt when they are run.

windows sysadmin

Infrastructure Planning and Design Guides for Windows Server 2008 May 29, 2017, 10:18 a.m.

The Infrastructure Planning and Design Guide Series provides concise planning guidance for Microsoft infrastructure products, helping to streamline and clarify design processes for unique infrastructure technologies and scenarios.

tutorial windows sysadmin windows server 2008

Configuring your PDCE with Alternate Time Sources May 23, 2017, 4:21 p.m.

By making the primary NTP server flag 0x9, we made it Client 0x08 + SpecialInterval 0x01 and as for the second NTP time server. By making the secondary NTP peer flag 0xa, we made it 0x08 Client + 0x02 UseAsFallbackOnly. On initial sync during service startup the polling interval time is zero which will not match the special polling interval that our 0x01 flag requires. This being the case w32time will use the Fallback server as its primary choice until the special polling interval arrives then it will use the intended primary server.

windows sysadmin group policy

Security Bulletin Severity Rating System May 23, 2017, 12:13 p.m.

This system, which we revised in December 2011 based on customer feedback, is intended to help our customers decide which updates they should apply under their particular circumstances, and how rapidly they need to take action.

windows sysadmin security

RRDTool Tutorial May 22, 2017, 8:24 a.m.

RRDtool refers to Round Robin Database tool. Round robin is a technique that works with a fixed amount of data, and a pointer to the current element. Think of a circle with some dots plotted on the edge. These dots are the places where data can be stored. Draw an arrow from the center of the circle to one of the dots; this is the pointer. When the current data is read or written, the pointer moves to the next element. As we are on a circle there is neither a beginning nor an end, you can go on and on and on. After a while, all the available places will be used and the process automatically reuses old locations.

tutorial sysadmin networking rrdtool

RRDtool tutorial, graphs and examples May 21, 2017, 5:25 p.m.

RRDtool is a graphing utility made by Tobi Oetiker that takes data sets you collect and graphs them. RRDtool (acronym for round-robin database tool) correlates time-series data like network bandwidth, temperatures, CPU load or any other data type. Data is stored in a round-robin database (circular buffer) which allows the system storage footprint to remain constant over time. The database will always have the same amount of data points throughout its lifetime. When new data comes in the oldest data set is removed.

tutorial sysadmin rrdtool

Microsoft Explains Windows Server 2016 Patching May 10, 2017, 4:53 p.m.

For Windows Server 2016 installations, a security update arrives first, followed by a quality update a couple of weeks later. Cumulative updates with new security fixes arrive on the second Tuesday of each month ("patch Tuesday"). Cumulative updates with new quality fixes arrive on the fourth Tuesday of each month. Windows Server 2016 updates first arrive as "optional" updates, but they later become "recommended" updates after two weeks.

security sysadmin windows windows server 2016

SelfADSI : Active Directory Permissions : Security Descriptors May 8, 2017, 5:10 p.m.

Permissions in Active Directory are defined by so-called security descriptors, which are stored as properties directly in the AD objects.

active directory sysadmin

Disabling User Account Control (UAC) on Windows Server May 3, 2017, 8:15 a.m.

Under certain constrained circumstances, disabling User Account Control (UAC) on Windows Server can be an acceptable and recommended practice.

security sysadmin windows

Setting AD Group Managers with PowerShell May 2, 2017, 2:19 p.m.

From time to time you may want to delegate control of an AD security group to an unprivileged user. The group manager property is an LDAP property on the group object that contains the Distinguished Name of a given user account. The checkbox that allows the group manager to modify who is a member of this group is not an LDAP property with a boolean type, that would be too simple and not line up with the Microsoft security management methodology. It's implemented as an Access Control Entry (ACE) in the objects Discretionary Access Control Li (DACL). Think of it like the permissions when looking at the Security tab for a file. These can be manipulated programatically.

active directory windows sysadmin

How to use DNSLint to troubleshoot Active Directory replication issues March 30, 2017, 3:51 p.m.

DNSLint is a Microsoft Windows utility that can help you determine whether all DNS servers that are supposed to be authoritative for the root of an Active Directory forest actually have the necessary DNS records, and can resolve all of the necessary DNS records to successfully synchronise partition replicas among domain controllers in an Active Directory forest.

active directory windows sysadmin dns

DNSLint March 30, 2017, 3:28 p.m.

DNSLint is a Microsoft Windows utility that helps you to diagnose common DNS name resolution issues.

windows sysadmin dns