Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

H.. US Interface MTU: 1500 US tunnel MTU: 1428 AU Interface MTU: 1500 AU tunnel MTU: 1384 Definite mismatch on the tunnel MTUs. Let me see if I can correct that, and see what happens. Kurt On Mon, Jul 24, 2017 at 5:31 AM, Michael B. Smith wrote: > I’m certain

Re: [NTSysADM] How to handle patching a patch, using scheduled installations

On Mon, Jul 24, 2017 at 11:24 AM, Sean Chapman wrote: > It’s a little bit of an extra crappy situation since that June update is > an exclusive update. > > > > If there is a second round of updates, I just do them Monday morning or if > its not a critical update I have

Re: [NTSysADM] How to handle patching a patch, using scheduled installations

BatchPatch. It is a cheap third party tool. We use it to manage all our Windows patching. You can setup jobs that: Download, install, and reboot, check for new updates, download, install, and reboot, install a new version of AV software that you have packaged, update registry keys, check for

[NTSysADM] RE: Imaging an HP 800 SFF G3

I just fought with this for the better part of a week. Ours had M2 SSD drives, which I was never able to find drivers for. I ultimately found a thread on the HP Support forum that links to a download of a customized Win7 PRO installer that worked for me. Forum thread:

Re: [NTSysADM] How to handle patching a patch, using scheduled installations

On Mon, Jul 24, 2017 at 11:43 AM, Kennedy, Jim wrote: > Did it fail for sure, or is that one just showing up now. > Update history shows it failed yesterday. Did you also approve the Security Only? > Nope, I decline Security Only and decline Previews. >

RE: [NTSysADM] Account Lockout issue

Here are some resources: https://www.microsoft.com/en-us/download/details.aspx?id=18465 https://www.microsoft.com/en-us/download/details.aspx?id=15201 http://activedirectorypro.com/account-lockout-tool/ Regards, Michael B. @essentialexch From: listsad...@lists.myitforum.com

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

MTUs? As in TCP/IP Maximum Transmission Units? I will check that and post back, but why would a mismatch in MTU show up as this? Kurt On Mon, Jul 24, 2017 at 5:31 AM, Michael B. Smith wrote: > I’m certain you can google as well as I can – but after looking at 8-10 >

RE: [NTSysADM] RPC not available on remote machine while doing DFSR config

Yep, those MTUs. Because inconsistent RPC fragmentation can cause transactions to fail. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 10:44 AM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote

RE: [NTSysADM] How to handle patching a patch, using scheduled installations

Did it fail for sure, or is that one just showing up now. Did you also approve the Security Only? If that one installs first it won’t show the Quality until after reboot IIRC. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Michael Leone Sent:

[NTSysADM] How to handle patching a patch, using scheduled installations

I'd like some advice, please. So this past weekend, we applied our monthly updates, and for the first time, half of my servers applied them using a scheduled installation time from my WSUS v3 server. And yes, the patches were applied, the servers rebooted, no human intervention needed. Yay! BUT

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

Seems to be... [image: Inline image 1] Kurt On Mon, Jul 24, 2017 at 12:50 PM, Ed Ziots wrote: > Is tcp 135 open via fw rules on remote host? > > On Jul 24, 2017 12:21 PM, "Kurt Buff" wrote: > >> So, fixing the MTU mismatch seems not to have worked. I

RE: [NTSysADM] RPC not available on remote machine while doing DFSR config

Does rpcping agree? From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 4:04 PM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config Seems to be... [Inline image 1] Kurt On

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

So, fixing the MTU mismatch seems not to have worked. I left the physical interface MTUs on both sides at 1500, and set up the MTUs for the tunnel interfaces at 1385, and verified that ping -f -l succeeds at 1357 and fails at 1358 from both sides. I even took a single set of entries from my CSV

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

Is tcp 135 open via fw rules on remote host? On Jul 24, 2017 12:21 PM, "Kurt Buff" wrote: > So, fixing the MTU mismatch seems not to have worked. I left the physical > interface MTUs on both sides at 1500, and set up the MTUs for the tunnel > interfaces at 1385, and

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

I have not tried a PSSession. I don't think it's relevant in this situation, though I could be wrong, and if I am wrong, I'm not sure how I'd go about doing it in this case. Script has been run on my workstation in the US and on DCs in both offices (US and AU). Interesting note, in case it was

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

Can you open PSSISSION on either server? You run the commands manually for testing purposes Cesar A. On Jul 24, 2017 12:22 PM, "Kurt Buff" wrote: > So, fixing the MTU mismatch seems not to have worked. I left the physical > interface MTUs on both sides at 1500, and set up

RE: [NTSysADM] RPC not available on remote machine while doing DFSR config

We thinking same thing that network firewall rule set is blocking tcp and up 135 On Jul 24, 2017 1:20 PM, "Michael B. Smith" wrote: > Does rpcping agree? > > > > *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Kurt Buff >

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

I believe so: >From my workstation: # rpcping -s aufs01p Completed 1 calls in 609 ms 1 T/S or 609.000 ms/T Kurt On Mon, Jul 24, 2017 at 1:13 PM, Michael B. Smith wrote: > Does rpcping agree? > > > > *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists. >

RE: [NTSysADM] RPC not available on remote machine while doing DFSR config

And do you have errors in the DFS specific event logs? From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith Sent: Monday, July 24, 2017 6:22 PM To: ntsysadm@lists.myitforum.com Subject: RE: [NTSysADM] RPC not available on remote machine while

Re: [NTSysADM] Account Lockout issue

Disclaimer: I've never used the script before. Try this script to see if it can help you narrow down where the lockout is coming from. https://gallery.technet.microsoft.com/Determine-What-Device-is-325d9720 Detail info for the above:

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

Many, but I believe they're related to the unsuccessful setup and consequent teardown of the DFSR configuration that I've been fretting over. Errors spotted include 6804, 6020, 6006, 5012 and 4004. A couple of months ago, I deleted the old DFSR configurations between the file servers, and just

Re: [NTSysADM] Account Lockout issue

Disclaimer: I've never used the script before. Try this script to see if it can help you narrow down where the lockout is coming from. https://gallery.technet.microsoft.com/Determine-What-Device-is-325d9720 Detail info for the above:

RE: [NTSysADM] RPC not available on remote machine while doing DFSR config

609 ms? Wow. I suspect that is a hint. Let’s do a bit more: rpcping -s aufs01p –i 100 –v 3 and see what that tells us…. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 5:33 PM To: ntsysadm Subject:

Re: [NTSysADM] RPC not available on remote machine while doing DFSR config

Yep - going from Redmond to Brisbane is very slow at times, but usually only about ~200ms This looks better... rpcping -s aufs01p -i 100 -v 3 RPCPing v6.0. Copyright (C) Microsoft Corporation, 2002-2006 RPCPing set Activity ID: {77f395c1-3be7-49e2-934a-23d7c060f208}

Re: [NTSysADM] Account Lockout issue

Thanks for the links. There are two accounts that are locking out constantly. There is no machine name associated with the attempt. Both accounts are regular users so wouldn't have been used to run services. On Mon, Jul 24, 2017 at 10:51 AM, Michael B. Smith wrote: >

Re: [NTSysADM] Account Lockout issue

Here's a script I run when someone is getting locked out and doesn't know why: https://gist.github.com/NeighborGeek/6be6e04324a7a483a41802924742ad51 I generally set $pcname to just a single DC, then run the script on that DC. If you run it remotely or against multiple DC's it's much slower.

RE: [NTSysADM] RPC not available on remote machine while doing DFSR config

I’m certain you can google as well as I can – but after looking at 8-10 results… are you sure you have matching MTUs? From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 1:10 AM To: ntsysadm Subject: Re: [NTSysADM] RPC