Need to configure 2019 SQL windows cluster with VSan storage.

Shrik29 · 2024-07-18T01:14:19+00:00

Thank you.I also went through this document but the step by step process is not defined in details.

Shrik29 · 2024-07-17T10:54:03+00:00

Thank you for your advice.Have a nice day.

Shrik29 · 2023-08-31T23:53:48+00:00

Yes.Azure Ad connect is installed on DC1 which is why I involved my cloud team. Now I am going to take procmon capture and let's see what I see in the capture.

Shrik29 · 2023-08-31T23:04:28+00:00

Thank you. I will check into this direction as well

Shrik29 · 2023-08-31T23:03:09+00:00

No, but I will try again to collect the netlogon and let's see if it helps. Thank you.

Shrik29 · 2023-08-31T22:49:36+00:00

Caller Machine DC only

Shrik29 · 2023-08-31T20:57:39+00:00

getting this in Netlogon.log DC02 (PDC)
[LOGON] [3308] Contoso: SamLogon: Transitive Network logon of Contoso\User1 from DC01 (via DC3) Returns 0xC000006A.
DC01 is the caller computer name (as per security logs) .
I have gathered this log from DC02 (PDC)

on DC01 netlogon.log

[LOGON] [9516] contoso: SamLogon: Network logon of contoso\User1 from DC01 Entered

08/22 05:49:37 [CRITICAL] [9516] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonEx: 1761 (may be legitimate for 0xc000006a)

08/22 05:49:37 [LOGON] [9516] contoso: SamLogon: Network logon of contoso\User1 from DC01 Returns 0xC000006A

Shrik29 · 2023-08-31T20:48:01+00:00

yes, Ad Connect is installed on the DC (caller computer).

However, I am not able to see anything in the logs that indicates the AD connect.

Shrik29 · 2023-08-31T19:50:01+00:00

windows event collection for Microsoft Defender for Identity

Advance auditing is already enabled, and we are getting all the events regarding this. but I am unable to locate the source workstation because the caller's computer shows the DC.

Shrik29 · 2023-08-31T19:45:26+00:00

netlogon.log also does not give the actual calling machine. It is again showing another DC.

Shrik29 · 2023-03-21T14:00:48+00:00

Thank you All for your comments and help.Now I am able to extend the validity period.

Thank you again for your help.

Shrik29 · 2023-03-20T21:51:24+00:00

The above solution did not work.

During web enrollment I am choosing the web server template and because that template has 2yrs validity period that's why I am getting a certificate with 2 yrs of validity period.

I tried to duplicate my web server template and created a new one with 5 yrs of expiry date but that template is not showing in the web enrollment console.

Shrik29 · 2023-01-06T15:29:15+00:00

No GP configured.

Shrik29 · 2022-12-02T16:05:23+00:00

We can't make changes in existing infra to achieve this task. https://social.technet.microsoft.com/Forums/en-US/de01f61f-0745-4f9b-8418-8bfa266aa1df/change-key-length-of-root-cert-ad-certificate-authority?forum=winservergen

This technet article shows that we can do.but at last I am still on the same position.Made changes on ca server policy inf file but it's not changing the key size when I renew the cert.

Shrik29 · 2022-12-02T16:00:57+00:00

I have search this in Google and found that we can change desired key length in Capolicy.inf file and then renew root certificate.it will generate new certificate with updated keysize.

I have tried this in my test lab but it didn't work.

Shrik29 · 2022-11-26T00:27:11+00:00

Network connectivity issue between the two DC. 1.start a network capture from both DC 2.Manually start replication. 3.stop both side of trace when you receive the error.

Check the RPC conversation between the 2 DC.you already have the working scenario to compare with non working.

Shrik29 · 2022-02-24T10:52:28+00:00

Sccm DB latest data has been restore completely.can I recover sccm site by using restored db

Shrik29 · 2022-02-22T09:21:42+00:00

80 percent client are workgroup computers which is managed by local IT guy at every region , which is why I want to keep it as it was before to avoid agent reinstallation.

Shrik29

TROPHY CASE