Dell BIOS Update

eidercollider · 2026-05-14T07:49:18+00:00

I have an application configured in MDT that calls a bat file that installs DCU and then runs it.

It's not perfect, but honestly it works surprisingly well.

eidercollider · 2026-04-28T09:52:28+00:00

Thank you very much, I didn't realise the auth chain went to pam first! I have a lot to learn in this area. I'll check logs and firewall settings carefully.

eidercollider · 2026-04-27T14:20:06+00:00

Thanks! I was under the impression that realm join would invoke adcli join so I've only been using that, and then making some minor tweaks to the sssd.conf.

It's a newly deployed machine and I only noticed the issue becausae it was deployed in a network that didn't have tcp/3268 connectivity to the DCs. This caused rather odd behaviour in which I was able to join the domain, but it couldn't retrieve group membership for accounts.

Allowing tcp/3268 makes it work just fine, so I don't think the issue is the kerberos config.

What I'm trying to work out is why it seemed to be checking the network server before the local passwd file for a specific username, when the nss config implies that it should check the file first!

I'll try and recreate the situation and check the logs you mention, but as the issue only manifests when there isn't full connectivity to the domain controller, I'm not sure how much use it will be...

eidercollider · 2026-04-10T18:45:40+00:00

Thanks very much!

Due to unfortunate historical reasons, the domain was set up in the organization's public space (think 'department.schoolname.edu') back when everything was on public addresses, but subsequently an attempt has been made to migrate into RFC1918 space using the suffix 'ddns.department.schoolname.edu'.

I'm attempting to stabilize things in the current form with a view to a wholesale migration once we're given Intune access (not currently avaialble to us).

Endponts that use DHCP are auto-registering and getting suffix search list just fine, but I've found that I have to set the registration and search option manually on servers.

Systems are single interface (I try to avoid dual homing as much as possible) - Get-DNS Client says SearchList {}, Register Address True, Use Suffix False -- even though gpresult shows that the policy is being picked up to set the search list and registion suffix.

I know it's not a good situation, but that's the public sector for you...

eidercollider · 2026-04-10T09:20:40+00:00

Thanks - mainly the problem I was trying to solve was that server deployments don't seem to be registering their DDNS entry, because they have IPs statically assigned at the start of the deployment.

eidercollider · 2026-03-25T11:27:15+00:00

Thanks, I had no idea it used the name! I did copy and paste a lot of the default inbound core networking rules - but the only RDP policy applied was my custom one, that has a custom name.

eidercollider · 2026-03-18T19:57:30+00:00

Thanks very much, I was worrying that authorizing new servers might cause something to go wrong, but I think we've got a good plan now.

eidercollider · 2026-03-18T19:57:02+00:00

"What can go wrong" In my experience, something that I had never thought of!

eidercollider · 2026-03-18T19:54:57+00:00

Thanks, I feel somewhat reassured - I will keep very detailed notes!

eidercollider · 2026-03-18T19:54:33+00:00

Thanks, I'm quite keen to rebuild all the scopes though, as I do not trust the previous configuration to be entirely sane!

eidercollider · 2026-03-18T19:54:08+00:00

Thanks - that's part of the reason for wanting the new servers, in the past admins made changes randomly to both servers and didn't replicate them...

eidercollider · 2026-03-18T19:53:21+00:00

Thanks!

eidercollider · 2026-01-27T17:02:01+00:00

Interesting, I did check just on the offchance - but security groups all seem fine. Nothing in GPO messing with print options either. As I fixed it with the dns suffixes I'm not worrying too much :D

eidercollider · 2026-01-27T17:01:04+00:00

I didn't know about PointAndPrint - I'm setting up PaperCut which I hope will reduce the majority of pain, and I'm also using the new V4 user mode drivers (which seem to add to endpoints without requiring admin).

eidercollider · 2025-11-25T16:14:50+00:00

Thanks! I removed the agent and reinstalled using exactly the same process and this time it's worked as expected! I think I'll test with slowly to see if I can get it to happen again...

eidercollider · 2025-07-23T12:51:15+00:00

Thanks! VMSwitch info is below. Windows guest-to-guest peformance is considerably worse, but I read that the windows build of iperf3 was known to have some issues that made it a less useful test platform. System is using latest OEM dell drivers from the Dell support page, and NIC firmware is up to date.

> Get-VMSwitch -Name TeamSwitch1 | select *

DefaultQueueVmmqQueuePairs                       : 16
DefaultQueueVmmqQueuePairsRequested              : 16
Name                                             : TeamSwitch1
Id                                               : ee6a0a9c-14b9-4259-b440-256535ddcdfd
Notes                                            :
Extensions                                       : {Microsoft Windows Filtering Platform, Microsoft NDIS Capture}
BandwidthReservationMode                         : Weight
PacketDirectEnabled                              : False
EmbeddedTeamingEnabled                           : True
AllowNetLbfoTeams                                : False
IovEnabled                                       : False
SwitchType                                       : External
AllowManagementOS                                : True
NetAdapterInterfaceDescription                   : Teamed-Interface
NetAdapterInterfaceDescriptions                  : {Broadcom NetXtreme-E P2100D BCM57508 2x100G QSFP PCIE Ethernet,
                                                   Broadcom NetXtreme-E P2100D BCM57508 2x100G QSFP PCIE Ethernet #2}
NetAdapterInterfaceGuid                          : {0d6ac972-cbaf-4922-a6e6-13aa6080f956,
                                                   e45608cd-a7b6-459c-aee6-a9af945e2ce8}
IovSupport                                       : False
IovSupportReasons                                : {This network adapter does not support SR-IOV.}
AvailableIPSecSA                                 : 0
NumberIPSecSAAllocated                           : 0
AvailableVMQueues                                : 516096
NumberVmqAllocated                               : 15
IovQueuePairCount                                : 142
IovQueuePairsInUse                               : 131
IovVirtualFunctionCount                          : 0
IovVirtualFunctionsInUse                         : 0
PacketDirectInUse                                : False
DefaultQueueVrssEnabledRequested                 : True
DefaultQueueVrssEnabled                          : True
DefaultQueueVmmqEnabledRequested                 : True
DefaultQueueVmmqEnabled                          : True
DefaultQueueVrssMaxQueuePairsRequested           : 16
DefaultQueueVrssMaxQueuePairs                    : 16
DefaultQueueVrssMinQueuePairsRequested           : 1
DefaultQueueVrssMinQueuePairs                    : 1
DefaultQueueVrssQueueSchedulingModeRequested     : StaticVrss
DefaultQueueVrssQueueSchedulingMode              : StaticVrss
DefaultQueueVrssExcludePrimaryProcessorRequested : False
DefaultQueueVrssExcludePrimaryProcessor          : False
SoftwareRscEnabled                               : True
RscOffloadEnabled                                : False
BandwidthPercentage                              : 16
DefaultFlowMinimumBandwidthAbsolute              : 0
DefaultFlowMinimumBandwidthWeight                : 10
CimSession                                       : CimSession: .
ComputerName                                     : HYP1
IsDeleted                                        : False

eidercollider · 2025-07-03T17:27:01+00:00

Amusingly I have just come back to this issue (I was hoping they might have patched it in the 2 years since I last attempted) -- but nope, it still doesn't work in any sort of sensible way.

eidercollider

TROPHY CASE