So here’s a question I want you to try answering off the top of your head – Which certificate is your domain controller using for Kerberos & LDAPS and what happens when there are multiple certificates in the crypto store?
The answer is actually pretty obvious if you already know the answer, however this was the question I faced recently, and ended up having to do a little bit of poking around to answer the question.
The scenario in question for me is having built a new multi-tier PKI in our environment I have reached the point of migrating services to it, including the auto-enrolling certificates templates used on Domain Controllers.
Dell EMC OpenManage Enterprise has now been available available as a Tech Release for a couple of months now, and I have recently had a opportunity to sit down and do some evaluation of the product at work.
The following thoughts and comments are made based on the version 1.0.0 (build 543) appliance.
OpenManage Enterprise (OMEnt) is described by Dell EMC as the next generation of their Open Manage Essentials (OMEss) platform. At face value it has some really good features going for it:
- System is now deployed from an appliance template (OVF, VHD etc). No more having to customise a host build for the application, and no more licensing considerations.
- The UI is now HTML5. I can’t begin to describe how happy I am to see the end of silverlight…
- Information and UI simplification.
I’m sure many of you realise that for systems with high value in terms of information held or impact to business due to outage or data breach, you would probably want to crank up the monitoring of such systems. Best practices say you should pretty much monitor all activity associated with local users and groups, but today I want to focus on interactive logins to servers.
This has mainly come about from my own need recently to provide the ability to notify on any interactive login to a particular server, be it using remote desktop or a console session.
My first thought was to create a SCOM Rule that would report on Security Log EventID 4624 and if the Logon Type was 3 (console logon) or 10 (RDP Logon), send an email. As it turned out, this was much harder than I expected, as I found that Logon Type was not getting consistently passed as a parameter, and doing a text search on the entire message is not good practice.
Quite out of the blue I had a parcel arrive on my doorstep while I was on leave. It was notable in that I had received all the parcels I thought I was expecting.
As it turns out the fine administration over at ITPA felt that I do quite a bit to help out this organisation and wanted to thank me with a signed copy of Tom Limoncelli’s tome of The Practice of System and Network Administration.
I feel suitably humble. It’s nice to be appreciated 🙂
Well all good things must come to an end and so it passes that this is the last day MS Ignite for another year . Definitely a more subdued feeling amongst the attendees (maybe due to a big night last night!) and many delegates are already flying home, not choosing to be here for the last day of events.
After the excitement of the previous evening, the day kicked of a little later than the norm for me with the Elastic
One of the things I wasn’t especially aware of was the X-Pack by Elastic and that there is a free, basic version available of that after a 30 day trial. Elastic Cloud may also be an option if we do not want to have to run the underlying infrastructure but just be a consumer of the platform. Shortly after that the session became more of a deep dive into Azure provisioning Elastic with the ARM config files, which was a bit out of my depth.
Waking up at 5am in the morning is a near impossible feat when at home, yet seems to be no problem here. Might have something to do with the sunrise 🙂
Early start today with the 8.15am session on containers with Ben Armstrong. Containers captured my attention when announced in Server 2016 as a great way to virtualise applications.