vSphere ESXi 6.7 Unable to talk between subnets between hosts

Configuration was :

ESXi 6.7 – vSphere handling all the port groups tagged with VLANs

Firewall – CISCO ASA

 

Problem : New ESXi 6.7 hosts. A virtual machine if on the same host and vSwitch could communicate no problem. However if a virtual machince was communincating with another virtual machine on another host on a different, subnet they were unable to communicate between subnets and hosts. Both virtual machines could ping their local gateways. Firewall, CISCO ASA was just dropping all packets and showing the following error

Error on the Firewall when capturing ping traffic “No source port  on ping “Error (Type 8, Code 0), Denied ICMP type=8, code=0”

 

Solution

Sometimes its the simple tick box on the Firewall / ASA config

“Enable traffic between two or more interfaces which are configured with the same security levels”

All traffic started communicating and the virtual machines could talk between the subnets as per the rules on the Firewall.

Task : Output A List Of Home Drive Paths Configured In Active Directory

#DSQuery

dsquery user -name “*” -limit 0 | dsget user -samid -hmdir -hmdrv -profile >c:\temp\usersV2.txt

 

#PowerShell # More flexibility # Includes the state of the computer account (Enable or Disabled)

Get-ADUser -Filter * -Property Name,CanonicalName,CN,DisplayName,DistinguishedName,HomeDirectory, HomeDrive,SamAccountName,UserPrincipalName | export-csv -path (Join-Path $pwd HomeDrive.csv) -encoding ascii -NoTypeInformation

How To Access A SQL Server 2008 Databases WITHOUT SA (SysAdmin) Credentials

Challenge : How to make a backup of a SQL 2008 database without knowing any working credentials.

Log on to the Windows 2008 R2 server running SQL Server 2008 as a domain admin.

Launch SSMS (SQL Server Management Studio)

Issue the windows credentials have no permissions and there were no obvious groups in AD (Active Directory) which would have access.

So…back to basics…..

PS tools to the rescue

….………………………………………………………………..

Download PS Tools https://docs.microsoft.com/en-us/sysinternals/

Store in c:\temp\

The tool to use is PSexec

Launch command prompt

Browse to c:\temp

Type : psexec -i -s SSMS.exe

This will launch SSMS (SQL Server Management Studio) as system. By luck would have it, window auth under “system” has full SA rights in SQL 2008.

I can then connect to all databases and compete the backups. I can then also check the security permissions for users

List all users in the domain and email addresses

 import-module activedirectory

#List all users in the domain

# Display Name and Email Address

get-aduser -Filter *  -SearchBase “dc=Test,dc=com” -Properties Displayname,emailaddress | select displayname ,emailaddress | Export-Csv C:\temp\users_and_email.csv   

 

Troubleshooting Windows Updates and WSUS

Troubleshooting Windows Updates #Windows 10 #Windows 2016

Windows Update Log

PowerShell command to check the Windows Update log

Get-WindowsUpdateLog

 

Check Registry Keys

Run command prompt as adminitrator and paste these query registry keys in to see what your client has set for Windows Updates.

reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /s

reg query HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Update

reg query HKLM\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings

 

Check CBS Log

Find the Component-Based Servicing log here.

C:\Windows\Logs\CBS

PowerShell Script to find all AD users who have the “cannot change password” box checked in a specific OU

# script to find all AD users who have the “cannot change password” box checked in a specific OU

# Windows Server 2016

# Powershell

Get-ADUser -Filter * -Properties CannotChangePassword -SearchBase “OU=specificOU,DC=TEST,DC=com” | where { $_.CannotChangePassword -eq “true” } | Format-Table Name, DistinguishedName

 

Robocopy. Copy Move Files Older or Newer than X number of days

Script options

  • Move only files under 60days old
  • Move files older than 60days
  • Move files back
  • Move files older than 182 is number of days (6 months roughly)
  • Move only files under 60days old

Parameters

  • /MAXAGE:n :: MAXimum file AGE – exclude files older than n days/date.
  • /MINAGE:n :: MINimum file AGE – exclude files newer than n days/date.
  • /copyall /s  :: copys all sub folders and moves files to the folders
  • /mov Moves files, and deletes them from the source after they are copied.
  • /move Moves files and directories, and deletes them from the source after they are copied.  (note the MOVE option will fail if any files are open and locked)

Examples:
Move only files under 60days old
robocopy c:\temp c:\temparchive /mov /MAXAGE:60 /copyall /s >c:\temp\FileUnder60daysMoved.txt

Move only files under 60days old back 
robocopy c:\temparchive c:\temp /mov /MAXAGE:60 /copyall /s >c:\temp\FileUnder60daysMovedReturned.txt

Move files older than 60days
robocopy c:\temp c:\temparchive /mov /MINAGE:60 /copyall /s >c:\temp\FilesOver60daysMoved.txt

Move files older than 60days back
robocopy c:\temparchive c:\temp /mov /MINAGE:60 /copyall /s >c:\temp\FilesOver60daysMovedreturned.txt

182 number of days (6 months roughly)
robocopy c:\temp c:\temparchive /mov /MINAGE:182 /copyall /s >c:\temp\FilesOver182daysMoved.txt

Deletes the original directories after moving
robocopy c:\temp c:\temparchive /move /MINAGE:60 /copyall /s >c:\temp\FilesOver60daysMoved.txt

Microsoft examples in more detail
https://social.technet.microsoft.com/wiki/contents/articles/1073.robocopy-and-a-few-examples.aspx#Move_files_over_14_days_old