SCCM ADR download – Security Rights

// // //

When you run download and distribute updates in the SCCM console manually it is using you credentials to download and copy the files to the Package Source, when you use an automatic rule the SCCM Site Server’s computer account is used.

Advertisements

Netscaler 10.5 How to create load-balanced LDAP

For Applications that rely on LDAP for authentication(NetScaler Gateway) it is very usefull to load balance it.

In this example i will create a LB LDAP server on port 389. Please follow the screenshots. Everything to configure is marked yellow.

Note: Load balance secure LDAP is also possible. At the end of this article i will give an idea how to configure this.

1. Create  LDAP authentication – Server

LDAP1

 

LDAP2

2. Create  LDAP authentication -Policy

LDAP3

 

LDAP4

3. Add your ldap servers(example is MS Active Directory LDAP server)

LDAP5

4. Create a LDAP monitor.

LDAP6

 

LDAP7

5. Fill in your LDAP parameters. This is used for connecting the LDAP server and to check if it up and running.

LDAP8

 

LDAP9

6. Add a service group. after that add members and monitor.

LDAP10

 

LDAP11

 

LDAP12

 

LDAP13

 

LDAP14

 

LDAP15

 

LDAP16

 

LDAP17

 

LDAP18

 

LDAP19

7. Create a Load Balanced Virtual Server.

LDAP20

 

LDAP21

8. Click continue. More options are available to configure now. Select ServiceGroup. Add the serviceGroup

 

 

LDAP23

 

LDAP24

9. You have a working Load Balanced LDAP server!

LDAP25

 

Bonus :O Bonus 🙂

For Active Directory password changes to work and for security you need Secure LDAP. information for configuring:

– SLDAP is port: 636

– Instead of TCP protocol select SSL-TCP

– You need a server certificate at the LB virtual server.

– make a custom LDAP monitor script. Follow this article

 

 

 

 

 

WSUS on S2012 installs with WID, even when it is de selected

With the GUI /Server Manager Roles and features: When you install WSUS on server 2012 and you want to make use of SQL for the Database and de-select WID it just installs the WID services!!

Check this article for de-install of WID

When you install it with the commandline syntax WID everything is fine.

Install-WindowsFeature -Name UpdateServices-Services,UpdateServices-DB –IncludeManagementTools

PS C:\Program Files\Update Services\Tools> .\wsusutil.exe postinstall SQL_INSTANCE_NAME=<servername\instancename> CONTENT_DIR=<path_to_content>

When WSUS doesnt work follow this article. Post install log gives the following error: 2014-08-19 16:24:36  CreateDefaultSubscription failed. Exception: System.Net.WebException: The request failed with HTTP status 503: Service Unavailable.

OR just follow this:

– Remove WSUS Administration in IIS.

– Start .\WsusUtil.exe postinstall.

 

All credits to Jorn. 🙂

Issue after upgrade to ESXI 5.1u2 Core Dump Location not found

One of the server that was upgraded to ESXI 5.1u2. no VMKernel Core Dump location warning in vCenter.

SSH to ESXI:

esxcli system coredump partition list

result: no configured dump partition found , skipping

Get partitions

partedUtil getptbl /dev/disks/mpx.vmhba32\:C0\:T0\:L0

Result: gpt
460 255 63 7403520
1 64 8191 C12A7328F81F11D2BA4B00A0C93EC93B systemPartition 128
5 8224 520191 EBD0A0A2B9E5443387C068B6B72699C7 linuxNative 0
6 520224 1032191 EBD0A0A2B9E5443387C068B6B72699C7 linuxNative 0
7 1032224 1257471 9D27538040AD11DBBF97000C2911D1B8 vmkDiagnostic 0
8 1257504 1843199 EBD0A0A2B9E5443387C068B6B72699C7 linuxNative 0

Repair:

esxcli system coredump partition set –partition=”mpx.vmhba33:C0:T0:L0:7″

esxcli system coredump partition set –enable=true

Reboot

esxcli system coredump partition list

Result:

Name Path Active Configured
———————- —————————————— —— —- ——
mpx.vmhba32:C0:T0:L0:7 /vmfs/devices/disks/mpx.vmhba32:C0:T0:L0:7 true true

PowerShell script for checking profile size of a user

Powershell:

 

#—- parameters

#the folder with all the home drives for the different users
$homefolderrootpath = “\\exampledomain.local\users\Home”
#Folderpath after username \\exampledomain.local\users\harry\<foldersname>
$PathAfterUsername = “pwrmenu”
#txt save location and file
$txtsavepath = “C:\temp\userpwrmenusize.txt”

#—- Script
Del $txtsavepath
# get homefolder names
$maps = Get-ChildItem $homefolderrootpath -name

Foreach ($map in $maps) {
#Set path that contains profile
$pathuserProfile = $homefolderrootpath+ “\” + $map + “\” + $PathAfterUsername
#Get size of folder incl subfolders
$colItems = (Get-ChildItem $pathuserProfile -recurse| Measure-Object -property length -sum)
#convertt to MB
$sizeplusname = “{0:N2}” -f ($colItems.sum / 1MB) + “,MB,” + $map
# Write to file
$sizeplusname | Out-File $txtsavepath -Append

}