FREENAS non-domain bound, authentication on domain bound machine

If you run into an issue with a freenas server trying to do user authentication from a domain based machine, something to check is setting the following registry key to 3. HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel

SettingDescriptionRegistry security level
Send LM & NTLM responsesClient devices use LM and NTLM authentication, and they never use NTLMv2 session security. Domain controllers accept LM, NTLM, and NTLMv2 authentication.0
Send LM & NTLM – use NTLMv2 session security if negotiatedClient devices use LM and NTLM authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication.1
Send NTLM response onlyClient devices use NTLMv1 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication.2
Send NTLMv2 response onlyClient devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication.3
Send NTLMv2 response only. Refuse LMClient devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers refuse to accept LM authentication, and they will accept only NTLM and NTLMv2 authentication.4
Send NTLMv2 response only. Refuse LM & NTLMClient devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers refuse to accept LM and NTLM authentication, and they will accept only NTLMv2 authentication.5

 21 total views,  2 views today

Synology L2TP VPN not working

This is an issue that a friend ran into. It seem like it was hard to find the correction information so posting here just to get it out there more.

Synology Diskstation 6.2 L2TP VPN Server

Windows clients could not connection but Mac could.

The fix, shown here on Synology site its to create the registry DWORD

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent\AssumeUDPEncapsulationContextOnSendRule

Set the value to 2

Reboot and should work.

https://www.synology.com/en-us/knowledgebase/DSM/tutorial/Network/How_do_I_connect_to_Synology_VPN_Server_via_Windows_PC

 351 total views,  2 views today

Migrating Dormant Exchange accounts

Here is a simple script you get information for evaluating your exchange accounts.

This script will return a csv of all the emails, display names, and LastLogonTime on your databases.

Get-Mailbox -ResultSize Unlimited |
Select-Object DisplayName,
SamAccountName,
PrimarySmtpAddress,
@{label=”LastLogonTime”;expression={(Get-MailboxStatistics $_).LastLogonTime}},IssueWarningQuota, ProhibitSendQuota | Export-Csv “c:\filelocation.csv” -NoTypeInformation

 193 total views,  2 views today

Ready Set GO!

An unexpected upside of all the chaos right now is the fact that project migrations are happening way faster than originally planned.

Projects that were on hold till summer, are getting done in a week’s time.

An example, I just migrated a ton of users to Office 365, and OneDrive.

 336 total views,  2 views today

Working remote

So it seems that everyone is going remote with the US spread of COVID-19.

So I have been working to migrate users from on Prem to OneDrive.

The share point migration tool is definitely nice for this from a GUI perspective but I think the power shell side is a bit more robust.

It was super frustrated everyone I had one error the whole CSV would not run. Where as with power shell I can make it skip, alert and move on.

With respect to Education and remote classrooms, all the big companies are doing what they can to help out.

Check out this link for more info that might prove useful.

https://www.instructure.com/canvas/blog/canvas-partners-and-distance-learning

 328 total views,  2 views today

Get your ticket – Amateur Radio

So when people ask how they can get their ham license. I always recommend, two sites.

https://hamstudy.org

https://www.qrz.com

Both sites are great for studying and getting ready for the test.

The Johnson County Amateur Radio Club and Texas Adventist Emergency Services also do classes on a semi-regular basis.

http://w5jcr.com

http://www.k5aec.net

 284 total views,  2 views today