Changing the IP address and host name of a domain controller

Sometimes it may be necessary to subsequently change the IP and host name of a domain controller, for example if a new domain controller replaces an old one and is to be accessible under the same IP and name. Changing the IP address of a domain controller is normally possible without any problems, changing the host name of a domain controller ... Read more

Windows Server 2016: Reset administrator password (local and domain)

I admit it. In one of my test environments, I've now been caught out too. I've forgotten the password... But it's actually a good thing, because I can see if the good old workaround via "Utilman" still works. The good news: Yes, it still works! Here again the way how ... Read more

Windows Update hangs at 67 percent - changes are undone

Today, a Windows 2012 server was being a little bitchy to say the least when it came to installing updates. A Windows update had to be installed so that Windows Server 2012 can activate Windows Server 2016 with the KMS role. In order for Server 2012 KMS to activate Windows Server 2016, these two updates are required: Windows Server 2012: KB3058168 ... Read more

Tip: Replace certificate for RDP

Certificate warnings are annoying, regardless of the program. In this case, a remote desktop connection (RDP) warns of an invalid certificate. Everyone is probably familiar with this message: This is a "normal" Windows server, i.e. not a remote desktop host (terminal server), RDP is only activated here for administration purposes. In the standard configuration, Windows uses ... Read more

Group policy for deactivating SSL 3.0 and TLS 1.0 (ADM and ADMX)

Configuring SCHANNEL settings for SSL 3.0 and TLS 1.0, for example, is possible under Windows using the registry. For a larger number of servers or computers, however, group policies are more suitable for configuration, so I have created corresponding templates that make the settings in the registry. Foreword The group policies record changes to the registry ... Read more

Locky: Identify infected clients

In these two articles, I already presented a way to protect Windows file servers from Locky and other ransomware: https://www.frankysweb.de/windows-fileserver-vor-ransomware-crypto-locker-schuetzen/ https://www.frankysweb.de/windows-fileserver-vor-ransomware-schuetzen-update/ Tobbi has also implemented the idea for Netapp Filer: http://www.tobbis-blog.de/netapp-ontap-fileserver-gegen-ransomware-abschotten/ But there are still the clients, from which most of the danger emanates. The faster the computers are identified that are infected with ... Read more

Protect Windows file servers from ransomware (update)

Yesterday I already reported on how Windows file servers can be protected against ransomware such as Cryptolocker, Cryptwall or Locky using the "Resource Manager for File Servers". The following comment was made on the article: Hi Frank, great article! Is there a trick on how to intercept the user and possibly only allow the user access to ... Read more

Protect Windows FileServer from Ransomware / Crypto Locker

Ransomware such as Crypto Locker or Locky and other names are becoming more and more of a plague. Only in a few cases is it possible to restore the encrypted data. Without a backup, the damage can quickly become very extensive. Since the Trojans usually start encrypting data from a client and in doing so ... Read more

Add users to groups remotely

Today there is another useful PowerShell script that can be used to add remote users to local groups on servers or computers. The script expects a CSV file with computer names and then processes the list. The CSV file must be formatted as follows: An example is included in the archive. The first 5 lines ... Read more

Windows PKI: Configure mail notifications for the CA

The Windows CA is able to send mails to inform about processes. For example, when the service is stopped or started. However, it is not easy to configure manually. I have therefore slightly modified a script from the Technet so that it also works if the CA has not yet issued any certificates. Simply ... Read more