Forum Replies Created
May 11, 2018 at 2:43 pm in reply to: O365 Accepted Domain (Default) not showing in email alias #379176
All sorted – updated the Azure AD Connect and she’s back up and running.
Thanks I’m making progress – little and often. Ive applied a license to a user and have completed the MS Office 365 Hybrid Config wizard. When I look to start a migration batch and select a user there aren’t any in there.
Do I need to start the process from a CSV?
ThanksMarch 19, 2018 at 2:28 am in reply to: Couldnt remove product with code 4934d1ea-be46-48b1-8847-f1af20e892c1 error code 1603 #379174
Hi – managed to sort this problem by re-installing the Exchange 2010 RTM roll up 5March 15, 2018 at 6:17 am in reply to: Watchguard failover wan link -can ping etc but not browse #379173
Found the issue there were specific routing rules within a policy which specified to use WAN 1 rather than follow the failover policy. Yet to test but I’m certain its that.March 14, 2018 at 2:15 am in reply to: Watchguard failover wan link -can ping etc but not browse #379172
The problem with changing them to the ISP DNS servers is for the reasons above – if you failover to another ISP then you need to use their DNS servers and vice versaMarch 13, 2018 at 3:25 pm in reply to: Watchguard failover wan link -can ping etc but not browse #379171
Thanks guys the DNS on the watchguard is pointing to our internal DNS (192.168.0.251) with forwarders configured – the forwarders IP is 18.104.22.168 and 22.214.171.124 which is why its confusing.
I Googled the log failure message which seems to point to a failed config in the failover but there isn’t much to configure “all gateways in policy routing table are down drop this packet”.
I plan to plug a laptop into the FTTC connection tomorrow to test I can get out using the same interface config (user pass IP etc)March 7, 2018 at 7:26 am in reply to: Upgrading Exchange 2010 SP0 to SP3 – can I go direct? #379170
You leg’end – thanks that’s a job for the weekend :)
Still not quite there yet :)
I’m looking to sync the domain and mailboxes and then when I’m happy all is sync’d across I will point the MX records to O365 and away we go. Would this be classed as a cutover migration doing everything but point the mx records or is this a staged migration.
As said ideally I would like to run a continual sync until the point to which I’m happy and then save the actual mx change and client configure to a weekend.
Yeah I get the domain doesn’t really matter and the fact its held within the user AD account as the MX records point to a different server and so the mail will be delivered there – just strange why you would configure it this way.
There are 2 sites one was looking to migrate to another but the method to which it was approached I feel was incorrect.RicklesP;n515822 wrote:It’s not really recommended to do that, but here’s something I found thru :google::
Thanks how come its not recommended? As split DNS is quite common in networks. If we use the internal IP for the service then we’ll get certificate errors?
Sorry to continue this one – and I can start another post if required? I’m trying to access a service on the same laninside interface but using the external urlip. As I understand it this is called hairpinuturn nat, is that correct?
If so how do you go about configuring it using the ASDM? Or can it only be done using the CLI?
Sorry I should have been more cautious in my wording, I didn’t mean manage as in the management of the router. What I meant was given the ASA is a router and a firewall – am I correct in thinking there is no issue assigning one static external IP to the WANOutside interface and adding a static route for all LANinside traffic to that interfaceIP?
Yep worked a treat, added the additional WAN IP into the NAT table and all was fine. Can you tell me – do you need to assign 2 external IP’s to a single interface to manage the firewall and router respectively? Or is it like a conventional router which routes and acts like a firewall but you only need to add one IP (static route points to the outside interface IP)?
Thanks, so just to confirm you don’t add the additional IP’s to the interface (which is currently configured for 1 IP) once you add rules in NAT/PAT for the additional external IP and corresponding service the traffic will flow?December 19, 2017 at 3:20 am in reply to: unable to telnet port 389 on a newly installed windows 2012 server #379158
Netstat -a will tell you whats listening if its within the output you should be able to telnet if its not then you wont.
Hi guys, here’s a pic of what I mean – both http://www.domain.com AND domain.com pointing to exactly the same place wouldn’t you just need 1 set of mx records which manage the domain as a whole?
As I understand it the 2 are separate tasks and identified in their descriptions. Failover clustering is when you have shared storage for data and a cluster of hardware resources (RAM CPU etc) its a process of high availability. So say you have 10 servers with a 50/50 split of resource 5 servers on Host 1 and 5 servers on Host 2 and Host 1 fails the fail over cluster will make Host 2 manage ALL the servers as Host 1 has failed.
Load balancing is the first step of the mentioned above, splitting your requirement (1,10,100 servers) over an amount of physical hosts to balance the load.
I find no matter how much you try and influence a strict password policy user education beats it hands down. The more complex and harder to remember the more chance of the user writing it down on a post it note and hiding it behind the screen or under the keyboard – those seem to be the most common hiding places I’ve found (you do however get the odd person with a post it note on the laptop keyboard)
Yeah I did that to extract the WIM and deployed it to initiate my build, as far as the build goes Im happy with it just needs a little tweeking al la facebook and minecraft. I still think M$ need to rethink their strategy with regards to what they are trying to achieve. Keep consumer ideas away from businessenterprise products and people will be happy :)November 2, 2017 at 5:02 am in reply to: Allow user to log on to Windows 7 Pro (AD) with their G-Suite credentials? #379149
This method as I understand it is syncing ldap to google (the kind of opposite of what the OP has asked) but achieves exactly what your looking to do – single sign onone set or creds.
I’ve used it and it works well.
I’m only referring to the mention of the ADK version must match the Win10 version (in my link) not patronising on how to install it.
Why am I removing the inbuilt apps such as Candy Crush, Facebook Minecraft etc – I would be surprised if any business thought it to be a good practice to leave this rubbish on their builds. The problems arise when you start to remove the store which I don’t plan on doing, just disabling it within GPO.
Also we’re using professional rather than enterprise so my hands are tied (Professional contains an esd which has various builds of W10 in it Enterprise has a wim).
As said please don’t feel that I’m patronising you, my W10 frustrations seem to be quite common looking around the net :)
Also (not sure if this requires a separate post) how do you stop those bleeping apps from installing themselves. I removed them from the image AND I thought I removed them from any new user profiles being created but they keep coming back – candy crush, minecraft etc?