In this week’s newsletter
Resources for implementing a PKI solution. What’s happening with the weather? Using SetupDiag to resolve Windows 10 upgrade errors. IoT has I’s everywhere. Mailbag. Plus lots more — read it all, read it here on WServerNews!
BTW have you checked out FitITproNews recently? Here are the topics our columnists (who are all fitness-oriented IT professionals) covered in our latest issue:
Recognizing and dealing with shoulder impingement before it sidelines you. Switching up the game to avoid burnout or work around an injury. Better shoe management for runners. DNA in play. Full body workouts. Your body and the stress response. Choosing your strength training program.
Be sure to check out FitITproNews today, and please subscribe to it if you haven’t done so already. And more importantly, start exercising and transform your body — and your life — and join our growing army of “recovering Fat IT pros” (LOL)
Anyways, enjoy this week’s issue of WServerNews and feel free to send us feedback on any of the topics we’ve covered — we love hearing from our readers!
Got questions? Ask our readers!
WServerNews goes out each week to more than 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? Ask Our Readers by emailing your problems and/or questions to us at [email protected]
Editor’s Corner
This week’s observations and ruminations from Mitch Tulloch our Senior Editor…
Resources for implementing a PKI solution
We’ve heard from a few enterprise colleagues recently that they’ve been struggling with setting up and managing a public key infrastructure (PKI) solution for their organization, so we thought we’d try and pull together some resources that might help them overcome their difficulties. If you’re involved in any way with PKI or you think you one day might be, you may want to SAVE THIS NEWSLETTER as a resource for implementing PKI. And if you have any additional PKI resources you’d like to recommend to our readers, email us at [email protected] and we’ll mention them in an upcoming issue of this newsletter.
Doing PKI on Windows Server 2012
We’ll start off with a series of old but still good articles by Derek Seaman which cover deploying PKI on Windows Server 2012:
Windows Server 2012 R2 Two-Tier PKI CA Pt. 1 (Derek Seaman’s IT Blog)
https://www.derekseaman.com/2014/01/windows-server-2012-r2-two-tier-pki-ca-pt-1.html
and Part 2 is here:
https://www.derekseaman.com/2014/01/windows-server-2012-r2-two-tier-pki-ca-pt-2.html
and here’s Part 3:
https://www.derekseaman.com/2014/01/windows-server-2012-r2-two-tier-pki-ca-pt-3.html
Derek also has some great posts on VMware virtualization and other stuff, so be sure to check out his blog:
There’s also a helpful PDF along similar lines that was put out some time back by the SANS Institute:
Implementing Public Key Infrastructure (PKI) Using Microsoft Windows Server 2012 Certificate Services (SANS)
And don’t forget to check out these two walkthroughs by Aaron Parker:
Deploying an Enterprise Root Certificate Authority (stealthpuppy)
https://stealthpuppy.com/deploy-enterprise-root-certificate-authority/
Deploying an Enterprise Subordinate Certificate Authority (stealthpuppy)
https://stealthpuppy.com/deploy-enterprise-subordinate-certificate-authority/
Aaron also has some nifty articles on FXLogic Containers and other stuff which you can check out on his website:
Doing PKI on Windows Server 2016
Next, if you’re using Windows Server 2016 you can check out these articles by Timothy Gruber:
Deploy a PKI on Windows Server 2016 (Part 1) (Timothy Gruber’s blog)
https://timothygruber.com/pki/deploy-a-pki-on-windows-server-2016-part-1/
Tim’s series has seven parts to it and the links are listed in the intro section of the above article.
Also worth reading through are three articles by Arthur Remy. The first one and links to the second and third articles can be found here:
Installing a Two Tier PKI Hierarchy in Windows Server 2016 – Part 1 (My IT World)
Some PKI tips and gotchas
Before you get started with setting up a PKI be sure to take note of the tips and gotchas in this article:
Certificates: The Do’s and Don’ts of PKI (IT Consultant Everyday Notes)
https://777notes.wordpress.com/2016/07/11/certificates-the-dos-and-donts-of-pki/
Also be sure to check out the following so you don’t find yourself in a situation you can’t get out of:
Impact on Certificate Authority if Domain Controller Role is Removed (TechNet Forums)
UPDATED: Active Directory Certificate Services: Don’t Overthink It (Redmond Magazine)
https://redmondmag.com/articles/2015/06/01/ad-certificate-services.aspx
Older stuff
The article below from the TechNet Wiki explains how to set up PKI on Windows Server 2008 R2 and even has links to some old stuff on PKI in Windows Server 2003. While the material is dated, it’s can still be a useful reference for basic concepts of PKI.
AD CS Step by Step Guide: Two Tier PKI Hierarchy Deployment (TechNet Wiki)
It’s kinda sad to see that these wonderful TechNet Wiki articles weren’t updated for Windows Server 2012 or 2016 or 2019 but were left to rot on Microsoft’s website.
Also check out this article:
AD CS Security Guidance (TechNet Wiki)
https://social.technet.microsoft.com/wiki/contents/articles/10942.ad-cs-security-guidance.aspx
That one at least says it also applies to Windows Server 2012.
Got any suggestions?
Kudos to the hard-working IT pros who authored the above articles for giving their time and energy to helping the IT pro community. If you have any other PKI articles or blog posts or videos you’d like to recommend, send the links to me at [email protected]
What’s happening with the weather?
And just as a humorous aside, it seems like something has gone wonky with the software used by The Weather Network for weather forecasting. Take a look at what they’re predicting is going to happen here in Winnipeg this coming Friday night March 20th:
A temperature of 82 below Celsius sounds pretty cold, even for Winnipeg! That’s a few degrees below the boiling point of Carbon Dioxide so we’ll probably be seeing dry ice coating the ground outside. Was their computer system hacked? Or did a bug creep into their program? I guess we’ll know soon enough, but meanwhile I better buy an extra toque and pair of mittens!!
Got more thoughts about anything in this newsletter?
Email us at [email protected]!
Tell all your friends about WServerNews!
Please let all your friends and colleagues in the IT profession know about our newsletter. Tell them our latest issues can be found at wservernews.com while older issues dating back to 1997 can be found in our archive. And let them know also that they can receive WServerNews each week in their inbox by subscribing to it here. Thank you!
Tip of the Week
>> Got any IT pro tips you’d like to share with other readers of our newsletter? Email us at [email protected]
Using SetupDiag to resolve Windows 10 upgrade errors
From the description on Microsoft Docs:
SetupDiag is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful.
Read more and download the tool here:
https://docs.microsoft.com/en-us/windows/deployment/upgrade/setupdiag
And you can find a list of Windows 10 upgrade error codes here:
https://docs.microsoft.com/en-us/windows/deployment/upgrade/upgrade-error-codes
Admin Toolbox
>> Got any admin tools or software you’d like to recommend to our readers? Email us at [email protected]
Are you looking for an alternative and low-maintenance option to archive your Office 365 emails? Then take a look at MailStore Server. It’s easy to set up and intuitive to use:
http://www.wservernews.com/go/3213p6tx/
This paper describes the main concepts behind Veeam Agent for Microsoft Windows and how agents can be managed centrally by integration into Veeam Backup & Replication™.
http://www.wservernews.com/go/c3z4ot63/
PolicyPak is a modern desktop management solution that empowers you to easily configure, deploy, and manage policies for on-premises, MDM, and cloud Windows environments:
myLG is an open source software utility which combines the functions of the different network probes in one network diagnostic tool:
The MAX-800 Series is an easy-to-use, portable test solution designed to meet the most stringent test requirements when installing, activating and troubleshooting Ethernet connections and transport links from 10M to 100G:
https://www.exfo.com/en/support/products/max-800-series/
Mailbag
In the last few newsletters we’ve included an Ask Our Readers item titled “Cheap remote access?” where some readers discussed the viability — and legality from a Microsoft licensing point of view — of using Terminal Service Plus (TSPlus) as a remote access solution for businesses. Reader Michael Hallsted sent us an email this week that forked the discussion by mentioning another popular remote access solution that he himself uses:
Hello Mitch, I don’t remember this being mentioned, but RealVNC is pretty darn easy to use and reasonably priced:
We only have it on one computer at the office. They have an enterprise version, but I don’t know how that works.
Do any readers out there use the enterprise version of RealVNC? Or can you recommend another alternative to using TSPlus as a remote access solution for businesses? Email us at [email protected]
Factoid – IoT has I’s everywhere
Last week’s factoid and question was this:
Fact: Blue Apron tries to disrupt the grocery business only to end up blue-screening.
Question: Has anything good EVER come out of the “disrupt” approach of dot-com entrepreneurship?
Reader Don Hill who works as a Consulting Engineer in Iowa responded to this one:
Has anything good EVER come out of the “disrupt” approach of dot-com entrepreneurship? Yes that would be Amazon disrupting the book stores like Barns and Nobel and Netflix disrupting the video stores like Blockbuster. What’s so good about them? Well Amazon gave us cheaper books and Netflix gave us “Binge Watching” (grin).
And two weeks ago we offered this factoid to our readers:
Fact: Not only has the trend over the last few years towards using lighter and thinner fonts made web pages harder to read, it’s also making books harder to read!
While my question was about why this trend was happening, reader Pat Gallagher, President of Data Logic Systems, responded obliquely with what we feel is a good tip that some of our readers may appreciate:
I use my phone to capture the labels on equipment (behind the rack, from the bottom, the inaccessible side, or wherever) and then I can expand it to read the information and even put it into one note for reference.
Now let’s move on to this week’s factoid:
Fact: There’s now an app you can use that lets you see IoT devices around you and what data they’re taking.
Source: https://www.cnet.com/news/this-app-lets-you-see-iot-devices-around-you-and-what-data-theyre-taking/
Question: Well, not quite, but it’s a pretty good idea. How many of our readers would use an app like this if it worked properly? And more generally, does your organization have any concerns about the security of IoT devices — both those your organization is using and those worn or otherwise brought in by customers, visitors and the like?
Email your answers to [email protected]
Subscribe to WServerNews!
Subscribe today to our WServerNews newsletter and join 200,000 other IT professionals around the world who receive our newsletter each week! Just go to this page and select WServerNews to receive our monthly newsletter in your inbox!
Conference calendar
NOTE: Because of the concerns surrounding the COVID-19 situation some of these conferences may be moved online or even cancelled. Please check the conference websites for the latest updates.
>> Got an IT conference or event happening that you’d like to promote in our newsletter? Email us at [email protected]
Microsoft Business Applications Summit
May 6-7, 2020 in Dallas, Texas
https://www.microsoft.com/en-us/BusinessApplicationsSummit
Microsoft Build
May 19-21, 2020 in Seattle, Washington
https://www.microsoft.com/en-us/build
Microsoft Inspire
July 20-24, 2020 in Las Vegas, Nevada
https://partner.microsoft.com/en-us/inspire
Microsoft Licensing Boot Camps
For dates and locations see https://www.directionsonmicrosoft.com/training
Cyber Security Summits
For dates and locations see https://cybersummitusa.com/summits/
Other conferences
SharePoint Fest – April 13-17 in Washington DC
https://www.sharepointfest.com/DC/
Future Tech Summit – May 15 in Santiago, Chile
https://www.collabsummit.eu/en/
PowerShell Conference Europe – June 2-5 in Hannover, Germany
European Collaboration Summit – June 8-10 in Wiesbaden, Germany
https://www.collabsummit.eu/en/
Evolve – June 8-10 in Las Vegas
https://evolvetechconference.com/
RSA Conference Asia Pacific & Japan – July 14-16 in Singapore
https://www.rsaconference.com/apj
VMworld – Aug 30 – Sept 3 in San Francisco
https://www.vmworld.com/en/us/index.html
Interop – Sept 21-24 in Austin, Texas
European SharePoint, Office 365 & Azure Conference (ESPC20) – Nov 9-12, 2020 in Amsterdam
https://www.sharepointeurope.com/
DevOpsCon – Nov 30 – Dec 3 in Munich, Germany
Podcast Corner
Office 365 Intelligent Substrate with Jeffrey Snover (RunAsRadio)
The State Of Optical Networking In 2020 (Heavy Networking)
https://packetpushers.net/series/weekly-show/
Coronavirus Disaster Recovery (The CTO Advisor)
https://www.thectoadvisor.com/podcast
Chris Kennedy on the latest MITRE ATT&CK developments (Risky Business)
https://risky.biz/netcasts/risky-business/
Azure Certification Updates! (Microsoft Cloud IT Pro Podcast)
https://www.msclouditpropodcast.com/
Troubleshooting Technology Tomorrow and Today (Windows Insider)
https://insider.windows.com/en-us/podcasts/
New on Techgenix.com
This week we focus on some recent TechGenix articles on PowerShell.
Bad logon attempts in Active Directory: Track them down with PowerShell
Identifying all bad logon attempts in Active Directory is often futile unless you use an automated approach. This PowerShell script is just what you need.
https://techgenix.com/identifying-bad-logon-attempts/
PowerShell switch command: Turn it on for endless possibilities
Powershell switch is a powerful option to execute many conditions in your code. Its many advanced uses and parameter choices give you a ton of flexibility.
https://techgenix.com/powershell-switch-command/
Cybersecurity: Checking full permissions on organizational units
Do wrong employees have full control permissions on organizational units? This PowerShell script checks if that is the case so you take appropriate action.
https://techgenix.com/full-permissions-on-organizational-units/
Virtual machine resource consumption: Let PowerShell do the math
Can you use PowerShell to determine the amount of resources used by a group of Hyper-V virtual machines? Yes — and here’s how to do it.
https://techgenix.com/virtual-machine-resource-consumption/
Checking domain controllers SSL status using PowerShell
This PowerShell script will collect SSL status on all domain controllers in an Active Directory forest and save the output to a CSV file.
https://techgenix.com/domain-controllers-ssl-status/
Fun videos from Flixxy
The Future of Shopping
Amazon Go is a new kind of store featuring the world’s most advanced shopping technology.
https://www.flixxy.com/the-future-of-shopping-no-lines-no-checkout-just-grab-and-go.htm
R2D2 and C-3PO Go Shopping For Gadgets
Star Wars stars R2D2 and C-3PO have landed on Earth to investigate the wonders of human technology
https://www.flixxy.com/r2d2-c3po-gadget-shopping.htm
Women Shopping Vs Men Shopping
A hilarious 10-second video explaining the differences in shopping habits between men and women
https://www.flixxy.com/women-shopping-vs-men-shopping.htm
Penguin Goes Shopping
Lala, the 10 year old King Penguin is so smart – he walks to the fish store with his little backpack to shop for fresh fish every day
https://www.flixxy.com/pet-penguin-goes-shopping.htm
More articles of interest
Best Practices for Hyper-V Template Creation
Admins can streamline template creation through Hyper-V SCVMM with a few best practices, such as evaluating whether a VM is the right fit for template creation.
Workspace Focus Splits Virtualization Market
The once-stable virtualization market is changing as some vendors begin to think more about workspaces. In this Q&A, IDC’s Shannon Kalvar talks about what it all means.
DevOps Roles in 2020 Zero in on Kubernetes, CI/CD and More
The rapid rate of change in IT coupled with the newness of many DevOps practices and technologies creates barriers for those who seek a career in DevOps. Core skills can open the door.
Are Containers on Windows the Right Choice for You?
Containers have grown in popularity, but there are some considerations to weigh before you decide to migrate Server 2008 workloads to this technology.
Send us your feedback!
Got feedback about anything in this issue of WServerNews? Email us at [email protected]