All users configured on the ASA are assigned a privilege level. This privilege level is specified when configuring the username as follows:

hostname(config)# username name password password privilege priv_level

The privilege level can be any value from 0 (least permissive) to 15 (most permissive), with 2 being the default. Do note that if you want to grant the user access to privileged EXEC mode, you should use the range from 2 to 15. For the purpose of assigning read-only access to a user, we will use a privilege level of 5.

AAA refers to authentication, authorization and accounting. It allows us to authenticate who the user is, authorize what that user is allowed to do, and then keep an accounting record showing what that user has done. In order to create a read-only user account, we need to define which commands the user should be granted access to. This requires knowledge of who the user is, so we first need to ensure that user authentication is configured.

To enable AAA authentication, use the following command:

More »

Cisco Devices are not effected as they are running OpenSSL version 0.9.8 on the newest 9.01 IOS Software. Most Cisco Firewalls have Older IOS versions and therefore have older versions of OpenSSL.

The heartbleed bug was introduced in OpenSSL 1.0.1 and is present in
• 1.0.1
• 1.0.1a
• 1.0.1b
• 1.0.1c
• 1.0.1d
• 1.0.1e
• 1.0.1f
The bug is not present in 1.0.1g, nor is it present in the 1.0.0 branch nor the 0.9.8 branch of OpenSSL.


Microsoft Remote Desktop Services / RDS website Errors from a Windows 8 machine or a pc with Internet Explorer 10 or 11. You get the below Error

65436543653624231213

Browser Not Supported - This Web browser is not supported by RD Web Access. RD Web Access requires Internet Explorer 6.0 or later. You can download the latest version of Internet Explorer from the Windows Update Web site

This is caused by Microsoft not releasing an update to 2008 to allow it to be accessed in the later browsers. In order to get it to work we can implement a workaround that forces machines with newer browsers to access the site as IE9 compatability view.
More »

When creating a new Receive Connector on Exchange Server 2007 SP3 (Update Rollup 2) the creation failed with a non-retriabele error and a “the requested attribute does not exist” error:

Error:
Active Directory operation failed on GL-SRV.test.local. This error is not retriable. Additional information: The parameter is incorrect.
Active directory response: 00000057: LdapErr: DSID-0C090C26, comment: Error in attribute conversion operation, data 0, v1772

The requested attribute does not exist.

Exchange Management Shell command attempted:
new-ReceiveConnector -Name ‘mail.gltest.com’ -Usage ‘Internet’ -Bindings ’0.0.0.0:25′ -Fqdn ‘mail.gltest.com’ -Server ‘GL-SRV’

Elapsed Time: 00:00:00

According to this article on the Microsoft Exchange Team site more people are facing this issue (scroll through the comments). It looks like something specific to UR1 and UR2 for Exchange Server 2007 SP3:http://blogs.technet.com/b/exchange/archive/2010/09/09/3410985.aspx

Microsoft is aware of this issue and it is currently being investigated. It looks like the schema upgrade during SP3 is not performed properly sometimes, resulting in an incorrect schema for Service Pack 3. Unfortunately the setup application of SP3 continues, resulting in these kind of errors.

You can solve it by running the Exchange 2007 SP3 schema upgrade again:

Setup.com /PrepareSchema

After this creation of a new Receive Connector is successful.

office

 

Click Start, click Run, type “regedit” in the Open box, and then click OK.
In the left pane, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInstaller

On the Edit menu, click “Permissions”.
In the “Permissions for Installer” dialog box, consider the “Administrators” and the “Users” in the “Group or user names” list.
Make sure that the Full Control permission is set for the “Administrators” and the “Users” group.
If this permission is not set, click to select the Full Control check box under “Allow”.
Click “OK”.

A new server has been added to the forest as a new domain controller, on the new server after launching PowerShell command line, Use the Move-ADDirectoryServerOperationMasterRole command to transfer all the FSMO roles. Each role corresponding to a number :

 

Role Name Number
PDCEmulator 0
RIDMaster 1
InfrastructureMaster 2
SchemaMaster 3
DomainNamingMaster 4


Moving FSMO roles

Move-ADDirectoryServerOperationMasterRole -Identity “DC01″ -OperationMasterRole 0,1,2,3,4

 

image1

  1. Set valid password for vi-admin, for example F0t56otk!# should do
  2. Login to vMA shell as vi-admin
  3. Elevate session as root with “sudo –s”
  4. Run “pam-config –d –-cracklib” (note double dashes on front of cracklib)
  5. Exit root shell with “exit”
  6. Change vi-admin password with “passwd” to any password you’d like

Above pam-config command disables cracklib in vMA PAM (pluggable authentication module) configuration, cracklib is a PAM library which is used to enforce Linux, and it this case vMA account password strength.