#WSUS - Connection Error. An error occurred trying to connect the WSUS server

Solution:

1. Close WSUS console. 

2. Go to c:\users\<currentlogonuser>\AppData\Roaming\Microsoft\MMC.

3. Delete MMC file

 

Verify the AD account's password

To confirm AD account's password.

Method

1. Run the PowerShell with command below:

Start-Process -FilePath cmd.exe /c -Credential (Get-Credential)

2. Enter AD account you wish to verify.

Example:

Users name: contoso\administrator

Passowrd: Abc123!!!

Caution: Account may locked if you enter wrong password. (settings depend on you password policy)

Cisco - Configure ACL (Extended)

Scenario

IP: Any VLAN20 (203.20.36.0/24) deny access VLAN10 (203.20.5.0), except host 203.20.5.200

Info

access-list extended name = FROM_VLAN20

VLAN ID = 20

Step

1. Create extended access-list. (I named it FROM_VLAN20)

Router1(config)#ip access-list extended FROM_VLAN20

2. Create 2 access lists under access-list extended VLAN20.

Router1(config-ext-nacl)#10 permit ip any host 203.20.5.200

Router1(config-ext-nacl)#100 deny ip any any

(*the red number is weight)

3. Specify access control for packets on interface VLAN 20.

Router1(config)#interface Vlan 20

Router1(config-if)#ip access-group FROM_VLAN20 in

4. To show inter VLAN's access group.

Router1#sh run

5. To show access list with weight.

Router1#sh acc

Microsoft SQL - Enable SQL Audit Log (in Windows security log)

Prerequisite

1. Enable Audit Object Access.

• Go to local computer policy (go to RUN, type gpedit.msc). If server manage by GPO, apply in GPO.
• Go to Computer Configuration >  Windows Settings > Seurity Settings > Local Policies > Audit Policy > Audit Object Access
• Enable the policy (check the Success or/and Failure)

2. Grant right to SQL service account.

• Go to local computer policy (go to RUN, type gpedit.msc). If server manage by GPO, apply in GPO.
• Go to Computer Configuration >  Windows Settings > Seurity Settings > Local Policies > User Right Assignment > Generate security audits
• Add SQL service account.

3. Change Registry value (optional)

• Go to Registry  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security\MSSQL$<InstanceName>$Audit\EventSourceFlags
• Change the value from 0 to 1.

Enable SQL Audit Log

1. Connect to SQL database with SQL Management tool.

2. Go to Security > Audits.

3. Right on Audit, select New Audit...

4. Configure audit settings. Select audit destination, Security log.

5. Right click on the newly created audit, select Enable audit.

File Server Resource Manager - Quota size not reset / update

Issue: Files deleted in quota folder but disk size not reduce.

Solution 1: Run command below in cmd:-

dirquota quota scan /path:<path>

Example 1 (for folder specified by path):

dirquota quota scan /path:D:\.

Example 1 (for all immediate subfolders of path):

dirquota quota scan /path:D:\*

Example 1 (for fall recursive subfolders of path):

dirquota quota scan /path:D:\...

* you can create a batch file and run in task scheduler

This App has been blocked by your system administrator

 

Solution:

1. Go to Regedit

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Value Name: ConsentPromptBehaviorUser

Value: 3

#WSUS - Remove WSUS completely / Reinstall WSUS with fresh data

1. Run the Powershell command below to uninstall the WSUS:-

Remove-WindowsFeature -Name UpdateServices,UpdateServices-DB,UpdateServices-RSAT,UpdateServices-API,UpdateServices-UI -IncludeManagementTools

2. Remove WSUS database.

For SQL: 

Delete the SUSDB.mdf and SUSDB_log.ldf in SQL database.

For WID (Windows Internal Database):

Delete SUSDB.mdf and SUSDB_log.ldf in C:\Windows\WID\Data.