Network Monitor capture filter limitations

I recently had to deal with some network traffic issues, so naturally I turned to NetMon.
My problem was with some TCP packets not reaching their destination.
Since TCP has packet acknowledgements (meaning the receiving end says "packet received" or the packet is sent again), the issue was detectable as ...

more ...

Putting your Windows to sleep

Although there are many blog posts about configuring standby ("sleep") in Windows, each one with its own insomnia joke, I thought I'd share my methodology .

PowerCfg -energy:  The one tool to sort it all

I only learnt about this command near the end of my testing, but it still ...

more ...

Remotely changing DNS server list through registry

Recently I was called to help some some friends who had an unusual problem:
They demoted an old DC because they needed to raise the domain functional level, and after doing so many of their servers stopped working - they wouldn't allow remote logins, the Exchange services wouldn't start ...

more ...

Preventing Users from Adding Computers to a Domain

Some time ago, we've come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accounts, we saw that new computer accounts are still being added to the "Computers" container, and we had no idea which computer was behind ...

more ...

Investigating Repeatedly Locked Out Users

I often get asked by some other IT guy "why does user XXXXX keep on getting locked out?"

Let me clue you in on something - users (almost) always get locked out for the same reason: They try the wrong password too many times.The reasons for THAT, however, are quite ...

more ...

Group Policy Security Filtering and Loopback

I recently discovered that when applying a GP object using loopback and user security filtering (allowing only specific users to apply the GP), the computer still needs read access to the GP.

Otherwise, the GP will show up as not applied due to it being "inaccessible":

My guess is that ...

more ...

Testing actual SMB version

Ever since I got employed in my present company, I've been told that our NetApp Filer supports SMB2 when used as NAS.
I was always skeptic of that (due to high transfer times and being unable to cancel mid-file) but had no easy way of testing (I guess I ...

more ...

Finding WSUS Clients by SusClientId

Today someone showed me a strange problem - he had servers that recently installed new updates from his WSUS server, but he couldn't find them in the WSUS console by their name.
Obviously the servers have been renamed and didn't have time to report to the WSUS server, but ...

more ...

Reverse Lookup in SharePoint 2010

Every SharePoint noob knows that one can create list lookup relationships, like specifying that a book belongs in a specific bookshelf.
What I didn't know until today is SharePoint 2010 supports "reverse lookup" out of the box!

What's Lookup?

Consider this.You have 2 lists in your SharePoint ...

more ...

Remotely Viewing Machine Certificates With Minimal Permissions

We've started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our servers' personal certificate stores.
I quickly found a script to enumerate all certificates in a specific store on a remote computer:

function Get-Cert( $computer=$env:computername ...
more ...