Microsoft let us get soft for a while with WMI filtering. WIndows 2008, 2008 R2, 2012, and 2012 R2 were all WHERE Version like “6.%” in WMI filtering. Our WMI filters kept plodding along without anyone having to care. Then Windows 2016 hit and we had to start updating our filters for a new WHERE Version like “10.%” so we could target these new systems and so our filters would continue to work. Well now we have Windows Server 2019 which is also 10.0 version string so we can’t easily do like we did in the 2008-2012 era of 10.1, 10.2, etc. Now we have to care about WHERE Version like = “10.0.XYZ”…
We were working on migrating our Domain Controllers from Windows 2008 R2 to Windows 2019 and I got to the point where I was running the PowerShell “Test-ADDSDomainControllerInstallation -DomainName MyDomain.Name” command to test migration requirements. The process was kicking out an error for part of it with a context of Test.VerifyDcPromoCore.DCPromo.General.103 so I started the hunt for what that meant. Well both the Bings and Googs came back with no results at all for the exact search value. Plenty of other items with different numbers at the end but not specifically 103.
Grumble fuss, why isn’t my loopback GPO applying the user settings to systems? The GPO is in the right area, the scope WMI Filtering is correct, the loopback setting is set and to the right value, but it’s still not taking… Continue reading “GPO Loopback not working? Check your GPO Status”
We’ve been running STIG configuration with Adobe Acrobat DC Classic & Continuous versions for a while with no issues until early 2019 when users started not being able to load PDFs from over the network anymore. Acrobat would say it was blocking loading PDFs from the internet and then give the address it was blocking of SMB://FileServerName.Domain.Org/Path/EvilPDF.pdf which is clearly not on the internet. Continue reading “STIG/CIS/Best Practices stops Acrobat loading PDFs from over the network”
Do you have Active Directory accounts and use a password reset management tool like Thycotic’s Password Reset and out of the blue some accounts just stop being able to be managed? We did and I stumbled across the solution while trying to resolve something else. Continue reading “Active Directory user accounts keep losing inheritable permissions?”