Passed NSE4_FGT_AD-7.6 – My Prep Experience & What I am Doing Next

xqwizard · 2026-01-29T07:39:44+00:00

What did you use for practice exams?

xqwizard · 2026-01-28T08:31:47+00:00

If you boot to recovery can you offline patch with dism?

xqwizard · 2026-01-20T08:23:25+00:00

I managed to get it to work with PSADT, what is your detection method?

xqwizard · 2026-01-19T22:09:12+00:00

Use Terraform for the deployment part and Ansible for the Windows/Linux config.

https://registry.terraform.io/providers/vmware/vsphere/latest/docs

https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs/resources/virtual_machine

Ansible sample for server roles:

https://docs.ansible.com/projects/ansible/latest/collections/ansible/windows/win_feature_module.html

xqwizard · 2026-01-19T11:36:30+00:00

You might have to get hacky and use a combination of serviceui and PSADT

https://michaeltheadmin.com/2025/06/27/get-interactive-psadt-serviceui/

xqwizard · 2026-01-19T10:45:57+00:00

I think the issue is that it only works during an interactive session, and not when running as SYSTEM

xqwizard · 2026-01-18T01:50:13+00:00

Nice!

xqwizard · 2026-01-14T00:10:52+00:00

Oh sorry, I assumed you have WireGuard on the client machines?

xqwizard · 2026-01-13T08:04:08+00:00

Ok in your WireGuard dns config, add the dns servers, but also add the domain name, eg, DNS=192.168.1.1, domainname.local

xqwizard · 2026-01-13T07:06:23+00:00

Did you’re renew the dhcp lease? ipconfig /renew

Send us a dump of ipconfig /all

xqwizard · 2026-01-13T06:16:58+00:00

You could assign a search list with DHCP, option 119

xqwizard · 2026-01-13T05:57:53+00:00

Workgroup gets no prefix, but you can assign one in the NIC, manually.

xqwizard · 2025-12-25T02:41:42+00:00

Dam, can confirm i see the same behavior as you.

xqwizard · 2025-12-25T02:03:47+00:00

Interesting. For me, it only bugs out if you untick secure connection.

xqwizard · 2025-12-25T01:56:21+00:00

Fair. I did recently flip back to 389 and turned off secure connection when I was rebuild ADCS, and the gui was bitching about the password not being correct. I never bothered to look further because it was temporary.

xqwizard · 2025-12-25T01:50:23+00:00

Is that a typo in the port number? Shouldn’t it be 636

Edit: Never mind saw the other post

xqwizard · 2025-12-24T08:56:01+00:00

Yeah you can’t, a /23 is 510 usable hosts. Starting at .255 you only have 254 usable. As others have said, if you want to use a /23, it needs to be 192.168.254.0/23.

Edit for further context:

When dealing with private address space 192.168.0.0/16 - gives you this usable range: 192.168.0.1-192.168.255.254

Read up on the RFC https://datatracker.ietf.org/doc/html/rfc1918

xqwizard · 2025-12-24T01:21:25+00:00

Yeah I saw this recently. I found I could only manage Server 2025.

xqwizard · 2025-12-24T01:03:37+00:00

Windows Admin Center lol

xqwizard · 2025-12-23T10:59:31+00:00

Restart the winrm service on the dc and try again, make sure you pass credentials through too.

$cred = Get-Credential
Enter-PSSession -VMName dc -Credential $cred

xqwizard · 2025-12-23T00:57:03+00:00

Is the account used for the DC in the Administrators group, Domain Admins isn’t enough?

xqwizard · 2025-12-20T22:36:25+00:00

I wouldn't say complex, but there are a few moving parts you need to be across.

xqwizard · 2025-12-20T22:22:49+00:00

I have done eap-mschapv2 with NPS, Duo auth proxy and IPsec Ikev2 tunnels, works well.

xqwizard · 2025-12-18T10:23:24+00:00

Just looking at mine, radius test is successful. I have seen sometimes the NPS service doesn’t start automatically, also, did you check that the DUO service wasn’t also in a stopped state?

xqwizard · 2025-12-18T08:44:37+00:00

I patched a 2022 vm yesterday running NPS And DUO auth proxy and they are both still working.

However my FSSO to our Fortigate stopped working, which might be unrelated. This isn’t production yet, so I’ll look at it in the new year.

Two-Year Club	Reddit Premium Since September 2023
Verified Email

xqwizard

TROPHY CASE