Wednesday 5 July 2017

Windows server 2008 R2 and OSCP

So I was working on cleaning up some CAs and subCAs recently and came across this interesting bit of info.
An Online Responder can be installed on any computer running Windows Server 2008 R2 Enterprise, Windows Server 2008 R2 Datacenter, Windows Server 2008 Enterprise, or Windows Server 2008 Datacenter
so whilst a CA won't stop you / warn you about enabling OSCP links in the AIA section, it will only work if the specified http:// link defined in the AIA section is hosted on a ENT or DC version of server 2008 R2, and if you enable OSCP via the link then various systems will take that as preferred then fail if the responder service is not running.

ref https://technet.microsoft.com/en-us/library/cc725937%28v=ws.11%29.aspx?f=255&MSPPError=-2147217396

Saturday 3 June 2017

UniFi / Ubiquiti Networks - How to set managment VLAN for switch

Ever wondered how to configure a UniFi switch to use a different VLAN (1 is the default) for its management interface ?

Well today I ran into that exact problem, the existent management VLAN was 16 so obviously having the switch's management interface on VLAN 1 was no good.

After a fair bit of searching google and the Ubiquiti Networks forums I was beginning to lose hope! , it seemed no one knew how to change it, there was even a feature request post asking for the very feature I was now in need of.

However I persevered and dug through both the CLI of the switch and the cloud key management controller interface until ....... I found the needed option, tucked away under the services heading of the configuration tab of the switch.

so here is an image of it 

I hope this helps some of you out in the future.

Wednesday 8 February 2017

Remote reboot over IPC

Rebooting remote systems can normally be done using ' shutdown /i ' however this runs in your locally logged in user context.

So what if you want to use a username and password that is not understood by your local system. I came across that issue today and the solution is quite simple ... but you have to know it can be done.

first establish a IPC connection to the target system

NET USE \\<TargetSystemIP/Name>\IPC$ <UserPassword> /USER:<Domain>\<UserName>

then issue the reboot command via that

shutdown /r /t 3 /c " <comment for reboot> " /m \\<TargetSystemIP/Name>

wait a moment and the target system will reboot