Adding agentless Windows WMI monitoring to Nagios

There are a couple of well documented methods to monitor Windows machines from Nagios. The most popular of these seems to be NRPE. This method works very well, but the biggest downside for me was the need to install a client on every machine that needed to be monitored. WMI seemed to be the best … Continue reading Adding agentless Windows WMI monitoring to Nagios

Windows L2TP split tunnelling using CMAK

by Default, the in-built windows L2TP client will attempt to tunnel all internet traffic over an L2TP VPN connection. This can of course be disabled to achieve a low level of split tunnelling: Right click on the VPN adapter > properties > TCP/IP settings > Advanced. Clear the “use default gateway on remote network” It’s … Continue reading Windows L2TP split tunnelling using CMAK

PathPing : the forgotten latency tool

One of the biggest network troubleshooting questions has to be “why is my site loading so slow?” (and other related latency questions). A very useful and underutilised tool is built right into the windows OS. This tool is a relative of traceroute and uses ICMP to calculate the latency introduced at different hops along the … Continue reading PathPing : the forgotten latency tool

Configuring windows PCs to use IPSec

Using windows server 2008 and windows 7 / vista, it actually becomes quite easy to secure internal traffic using IPSec. This is quite a good security feature to implement, since it’s no longer the case that internal traffic can be sent in cleartext, considering most attacks happen on the inside due to disgruntled employees, browser … Continue reading Configuring windows PCs to use IPSec

Lessons learned in a MS Exchange 2007 installation

While installing Exchange server 2007 R3 in my domain I seem to have run across a number of problems leading to three lessons learned. 1.     Don’t bother trying to install MS exchange in a child domain of active directory deployment. I ran across the apparently common error that the Exchange server in the child domain … Continue reading Lessons learned in a MS Exchange 2007 installation

Troubleshooting windows access issues

Just now I needed to troubleshoot a very specific problem: Having just removed my domain controller from a domain, and subsequently re-adding it into a child domain, I was unable to install the certificate authority service successfully. During the install process, the installer would always fail at the stage where it generates the cryptographic keys. … Continue reading Troubleshooting windows access issues

LDAP : cannot see all users or groups

Working with both sonicwall and bluecoat products we frequently come across issues where the client complains that after successfully interfacing the product to a Microsoft AD server via LDAP, they cannot see / browse / choose all the users/ groups that they have configured. There may be a couple of reasons for this, namely: Permission … Continue reading LDAP : cannot see all users or groups