ProTips

Category for various tips and tricks

0

WordPress Linux Web App Poor Performance

Posted on by Rhoderick Milne [MSFT]
Azure Create WordPress App Service

Having to host, upgrade and manage WordPress is not really my main job.  The various posts over the years will provide a small clue that other things take up most of my time and are my day job.  Life was certainly easier when TechNet was still around as a dedicated team ran the MSDN and TechNet blog platforms and provided all of the infrastructure support.  All I had to do was write the posts.

Alas… Read the rest “WordPress Linux Web App Poor Performance”

0

How to Use NsLookup To Check DKIM Record

Posted on by Rhoderick Milne [MSFT]
Check DMARC DNS Record Using NSLookUP

There are a multitude of online tools that help diagnose issues with various mail services, but understanding what these tools actually check is valuable.  One example is around manually checking published DomainKeys Identified Mail (DKIM) records.  DKIM is described in RFC 4871.  As an interesting piece of history DKIM went through a previous iteration "Domain-Based Email Authentication Using Pub… Read the rest “How to Use NsLookup To Check DKIM Record”

0

Joys of Server 2012 R2 TLS Defaults in June 2022

Posted on by Rhoderick Milne [MSFT]
Server 2012 R2 SSLLabs Report

Windows Server 2012 R2 was a great platform and was very widly adopted.  Unlike it’s less popular step-sister, Server 2012.  At least the R2 product had a start button, rather than the start pixel….

However, it really does show its age when viewed under a modern security lens.  Unsurprisingly, things have changed from a security perspective over the last decade. Not all of the Server 2012 R2 defaul… Read the rest “Joys of Server 2012 R2 TLS Defaults in June 2022”

0

Move FSMO Roles Using PowerShell

Posted on by Rhoderick Milne [MSFT]
PowerShell FSMO Role

Rather than kicking it old school and using the classic tools such as AD Users & Computers (dsa.msc) to move FSMO roles, PowerShell makes it nice and easy to get this done rapidly.

In this example we are moving the roles gracefully, but there is also the -Force option.

 

State Of The Nation

To start with, let's confirm where the FSMO roles currently reside:

Using PowerShell To Check FSMO Role Holders

Note that server DC-1.wingtiptoys.ca… Read the rest “Move FSMO Roles Using PowerShell”

1

How To Request Certificate Without Using IIS or Exchange–Updated 2022

Posted on by Rhoderick Milne [MSFT]

Back in the year 2014 the post How To Request Certificate Without Using IIS or Exchange was released to help create TLS certificates. One of the main use cases was Active Directory Federation Services (AD FS) as in 2014 it was pretty much a requirement for enterprise migration to Office 365.  Password Hash Sync (PHS) and Pass Through Authentication (PTA) were still a twinkle in a developer’s eye….

I… Read the rest “How To Request Certificate Without Using IIS or Exchange–Updated 2022”

0

Remote Desktop Connection Manager Download (RDCMan) 2.90

Posted on by Rhoderick Milne [MSFT]
RDCMan 2.90

Welcome to 2022 and a new release of Remote Desktop Connection Manager (RDCMan) version 2.90!

The Sysinternals blog lists the following changes to RDCMan which are well worth reviewing from a security standpoint.

Receives support for Restricted Admin (/restrictedAdmin from mstsc) and Remote Credential Guard (/remoteGuard from mstsc) and bug fixes.

RDCMan Version 2.90

Below you can see the Security Settings tab with these… Read the rest “Remote Desktop Connection Manager Download (RDCMan) 2.90”

0

Change Certificate Friendly Name To Unique Value

Posted on by Rhoderick Milne [MSFT]

Imagine that you have two certificates installed, but for whatever reason the same friendly name was used for both of them.  You can certainly identity each of them by comparing the valid from/valid to dates or the thumbprint.  That adds just a little extra overhead that you may not want to deal with.

As an alternative, you can modify the friendly name  to a more suitable value.  This allows you to… Read the rest “Change Certificate Friendly Name To Unique Value”

1

IIS SMTP Virtual Server Component No Longer Supported

Posted on by Rhoderick Milne [MSFT]
IIS SMTP Component Not Supported

Please consider this a quick PSA (Public Service Announcement) as it is still common that I run into environments with the IIS SMTP service still running and processing mail.

While the component has had a long and interesting life, it is now unsupported as it is tied to the support lifecycle of Windows Server 2003.

For more details and information please see:

How to: Install and Configure SMTP VirtuaRead the rest “IIS SMTP Virtual Server Component No Longer Supported”

0

Updating to RDCMan 2.8

Posted on by Rhoderick Milne [MSFT]
RDCMan 2.7 Version

Now that we have a new version of Remote Desktop Connection Manager (RDCMan), I wanted to list out some of my initial thoughts and upgrade experience as I did encounter  a couple of minor bumps.  Please add a comment if you are running into issues as well please.

Like many other administrators, I heavily used RDCMan 2.2 and 2.7 over the last 11 years.  This was my primary tool for managing a wide r… Read the rest “Updating to RDCMan 2.8”

1

Remote Desktop Connection Manager Download (RDCMan) 2.81

Posted on by Rhoderick Milne [MSFT]

Finally we have good news for all fans of the Remote Desktop Connection Manager (RDCMan) tool!    It has risen from the ashes, and is now part of Sysinternals.

Over the years RDCMan built up a strong user base as it was a simple but powerful utility to manage connections to multiple machines.  Sure, if you have three or four servers to manage you can get by with saved .rdp files or use the Universa… Read the rest “Remote Desktop Connection Manager Download (RDCMan) 2.81”